What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-08 14:25:04 | Cost of Data Breach in UK Increases More Than 41% in Two Years (lien direct) | The UK government, in the form of the Department for Digital, Culture, Media and Sport (DCMS) has published its fourth annual breaches survey: the Cyber Security Breaches Survey 2019. It was carried out by Ipsos Mori in partnership with the Institute for Criminal Justice Studies at the university of Portsmouth. | Data Breach Studies | ||
|
2019-04-08 14:15:02 | NSA Releases Reverse Engineering Tool\'s Source Code (lien direct) | The National Security Agency (NSA) has made the source code for its "Ghidra" reverse engineering tool available for everyone. | Tool | ||
|
2019-04-08 13:47:05 | Chat Services: Be Diligent With This Must-Have Data Source for Intelligence Programs (lien direct) | Deep & Dark Web (DDW) forums and marketplaces have long served as hubs for illicit activity and, consequently, as invaluable data sources for defenders looking to combat such activity. However, threat actors continue to be drawn to the immediacy-and in many cases, the enhanced security and privacy-of encrypted chat services such as Telegram and Discord. | Threat | ||
|
2019-04-04 18:00:02 | NVIDIA Patches High Severity Flaws in Tegra Drivers (lien direct) | NVIDIA this week released security patches to address multiple vulnerabilities in the Tegra Linux Driver Package (L4T), including several flaws assessed with a “high” severity rating. The most important of the bugs is CVE‑2018‑6269, a vulnerability residing in the Tegra kernel driver (the issue features a CVSS score of 8.8). | Vulnerability | ||
|
2019-04-04 17:23:02 | New \'Xwo\' Malware Looks for Exposed Services, Default Passwords (lien direct) | A recently identified malware family is actively scanning the Internet for exposed web services and default passwords, AT&T Alien Labs reports. | Malware | ||
|
2019-04-04 16:56:01 | Hundreds Targeted in Recent Roaming Mantis Campaign (lien direct) | Hundreds of users have been targeted with malware over the past month as part of attacks that Kaspersky Lab has linked to last year's Roaming Mantis campaign. | Malware | ||
|
2019-04-04 16:37:05 | Cisco Patches Router Vulnerabilities Targeted in Attacks (lien direct) | Cisco on Thursday announced new patches it has released for the RV320 and RV325 routers to correctly address vulnerabilities that have been targeted in attacks for over two months. | |||
|
2019-04-04 15:53:04 | Addressing the Challenges of Moving Security to the Edge (lien direct) | For many organizations, the network perimeter has been replaced with a variety of new network edges. Many of these include unique challenges that can severely complicate an organization's ability to maintain a consistent and manageable security infrastructure. These security challenges are two-fold. | |||
|
2019-04-04 15:40:05 | Build Versus Buy: Threat Intelligence and Digital Risk (lien direct) | An increasing reliance on online digital technologies, driven in no small part by the many operational benefits they deliver, has prompted organizations to consider investing in capabilities that protect against the digital risks that can often characterize their adoption. Unfortunately, when it comes to digital risk there is no universal remedy for establishing maturity. | Threat | ||
|
2019-04-04 15:17:04 | TXOne Networks Unveils First Industrial Cybersecurity Product (lien direct) | TXOne Networks, a joint venture between cybersecurity firm Trend Micro and industrial networking solutions provider Moxa, this week unveiled its first product, an industrial intrusion prevention system (IPS). | |||
|
2019-04-04 12:43:02 | Microsoft Not Concerned About Disclosed Edge, IE Flaws (lien direct) | Microsoft does not seem too concerned about the risk posed by unpatched Internet Explorer and Edge vulnerabilities for which proof-of-concept (PoC) exploits were recently made public. | |||
|
2019-04-04 11:50:03 | Facebook Demanded User Email Passwords (lien direct) | Facebook has been found asking users for their email passwords. A screen form told users that their email address needed to be confirmed in order to update their contact information, and suggested that it could be done via gmx.net. All the user needed do was enter their email account password into the Facebook form. | |||
|
2019-04-04 11:43:00 | Bayer Confirms Cyber Attack But Says No Data Stolen (lien direct) | German chemicals giant Bayer confirmed Thursday reports it had suffered a hacking attack, but insisted that so far no data appeared to have been stolen. The Leverkusen-based group "detected indications of (hacker group) Winnti infections at the beginning of 2018," a spokesman told AFP, confirming reports by German public broadcasters BR and NDR. | |||
|
2019-04-04 06:09:01 | AWS S3 Buckets Exposed Millions of Facebook Records (lien direct) | Two companies exposed more than 540 million records containing information on Facebook users and their activities by leaving the data unprotected in Amazon Web Services (AWS) S3 buckets. | |||
|
2019-04-03 19:26:02 | XLoader Trojan Poses as Security App for Android (lien direct) | A new variant of the XLoader Trojan is targeting Android devices by posing as a security application, and also attempts to infect iPhones and iPads through a malicious iOS profile, Trend Micro reports. | |||
|
2019-04-03 19:02:00 | Canadian Authorities Raid RAT Developer (lien direct) | Canadian authorities last week raided a residence in connection with Orcus Technologies, the developer of Orcus RAT, a tool sold on underground markets for its remote access capabilities. | Tool | ||
|
2019-04-03 17:57:05 | Microsoft Paid $2,000,000 in Bounty Rewards in 2018 (lien direct) | Microsoft says it has awarded more than $2,000,000 in bug bounty rewards to security researchers who have reported vulnerabilities via the company's bounty program. | |||
|
2019-04-03 17:07:04 | Long Equipment Life Cycles Expose Manufacturing Industry to Attacks: Study (lien direct) | Long equipment life cycles and other factors expose manufacturing companies to a wide range of threats, according to a new report published on Wednesday by Trend Micro. | |||
|
2019-04-03 14:01:01 | Code Execution, DoS Flaws Patched in Advantech WebAccess (lien direct) | Several serious vulnerabilities have been patched by Taiwan-based industrial automation company Advantech in its WebAccess SCADA software. | |||
|
2019-04-03 13:33:01 | The Anatomy of a Hack: Perception vs. Reality (lien direct) | The number of data breaches has skyrocketed in recent years. Contrary to popular belief and Hollywood story lines, cyber-attacks are rarely carried out by legions of highly sophisticated coders gone rogue, deploying the most advanced techniques to penetrate organizations' perimeter defenses. | |||
|
2019-04-03 12:08:03 | Container Security Firm Aqua Raises $62 Million (lien direct) | Aqua Security, a company that specializes in protecting container-based applications, on Wednesday announced that it raised $62 million in a Series C funding round. | |||
|
2019-04-03 10:35:02 | We\'re at an Inflection Point for OT and IT Operations (lien direct) | 
|
|||
|
2019-04-03 05:18:04 | Georgia Tech Breach Hits Up to 1.3 Million People (lien direct) | The Georgia Institute of Technology (Georgia Tech) on Tuesday revealed that “an unknown outside entity” had gained unauthorized access to a database storing the details of 1.3 million individuals. | |||
|
2019-03-29 14:38:05 | Millions of Toyota Customers in Japan Hit by Data Breach (lien direct) | Personal information belonging to millions of Toyota customers in Japan may have been compromised as a result of a breach suffered by a Toyota Motor Corporation (TMC) sales subsidiary and its affiliates. | Data Breach | ||
|
2019-03-29 13:36:01 | Cisco Improperly Patched Exploited Router Vulnerabilities (lien direct) | Cisco this week revealed that patches released in January for vulnerabilities in Small Business RV320 and RV325 routers were incomplete. The flaws have been exploited in live attacks. | |||
|
2019-03-29 13:18:05 | Microsoft Launches Azure Security Center for IoT (lien direct) | Microsoft this week announced a new set of tools to help secure Internet of Things projects within corporate environments. The first of these is Azure Security Center for IoT, which should provide customers with the ability to easily implement security best practices and mitigate threats across IoT projects. | |||
|
2019-03-29 06:54:05 | VMware Patches Flaws Disclosed at Pwn2Own 2019 (lien direct) | Security updates released on Thursday by VMware for its vCloud Director, ESXi, Workstation and Fusion products patch several vulnerabilities, including ones disclosed recently at the Pwn2Own 2019 hacking competition. | |||
|
2019-03-29 05:55:05 | Ex-NSA Contractor Pleads Guilty in Theft of Secret Documents (lien direct) | A former National Security Agency contractor accused in a theft of classified documents from the agency's headquarters pleaded guilty Thursday to willful retention of national defense information. | Guideline | ||
|
2019-03-28 19:47:01 | Proxy Emerges From Stealth with $13.6 Million in Funding (lien direct) | Universal identity provider Proxy came out of stealth while announcing $13.6 million in Series A funding, which brings the company's total funding to $16.6 million to date. The company also introduced Proxy Signal, a smartphone-powered universal identity signal aimed at bringing frictionless access and personalized experiences for employees. | |||
|
2019-03-28 17:42:04 | Critical Flaw Allows Hackers to Take Control of PowerFlex AC Drives (lien direct) | Rockwell Automation's Allen Bradley PowerFlex 525 AC drives are affected by a critical denial-of-service (DoS) vulnerability that allows hackers to take control of devices. | Vulnerability | ||
|
2019-03-28 15:41:02 | New Shodan Service Keeps Track of Internet-Exposed Systems (lien direct) | 
The popular IoT search engine Shodan this week announced the launch of Monitor, a new service designed to help organizations keep track of systems connected to the Internet.
|
|||
|
2019-03-28 15:36:03 | Android Trojan Targets Banks, Crypto-Currencies, e-Commerce (lien direct) | A recently discovered Android Trojan is targeting the users of a broad range of services, including international banks, crypto-currency services, and e-commerce websites, Group-IB reports. | |||
|
2019-03-28 14:47:03 | Ex-NSA Contractor Expected to Plead Guilty in Document Theft (lien direct) | A former National Security Agency contractor accused in a massive theft of classified information is expected to plead guilty Thursday in what U.S. prosecutors had once portrayed as a “breathtaking” breach at the nation's biggest spy shop. | Guideline | ||
|
2019-03-28 14:34:02 | UK Identifies Fresh Huawei Risks to Telecom Networks (lien direct) | Britain has identified "significant" issues in Huawei's engineering processes that pose "new risks" for the nation's telecommunications, a government report found Thursday amid lingering global suspicion over the Chinese technology giant. | |||
|
2019-03-28 13:36:01 | WinRAR Vulnerability Exploited to Deliver New Malware (lien direct) | A recently patched vulnerability affecting the popular archiver utility WinRAR has been increasingly exploited by malicious actors, including to deliver new malware to targeted users. | Malware Vulnerability | ||
|
2019-03-28 06:57:04 | Microsoft Takes Control of 99 Domains Used by Iranian Cyberspies (lien direct) | Microsoft on Wednesday announced that it had taken control of 99 domains used by an Iran-linked cyberespionage group it tracks as Phosphorus. | Conference | APT 35 | |
|
2019-03-27 17:43:00 | (Déjà vu) NVIDIA Patches Serious Flaw in GeForce Experience Software (lien direct) | A security update released recently by NVIDIA for its GeForce Experience software patches a potentially serious vulnerability that could lead to arbitrary code execution, a denial-of-service (DoS) condition, or privilege escalation. | Vulnerability Guideline | ||
|
2019-03-27 15:55:03 | Nearly Half of ICS Devices Protected by Kaspersky Targeted in 2018 (lien direct) | Nearly half of the industrial control system (ICS) computers protected by Kaspersky Lab were targeted by malware and other threats in 2018, according to the company's latest industrial threat landscape report. | Malware Threat | ||
|
2019-03-27 15:00:02 | North Korea-Linked Hackers Target macOS Users (lien direct) | New Lazarus Operation Targets Windows, macOS Systems The North Korea-linked Lazarus group has been leveraging PowerShell to target both Windows and macOS machines as part of an attack campaign that has been ongoing since at least November 2018, Kaspersky Lab reports. | Medical | APT 38 | |
|
2019-03-27 14:30:04 | How Stumbling Onto Great Findings Can Improve Your Security Program (lien direct) | We all have our favorite places, whether they be restaurants, stores, parks, museums, or something else entirely. One question I sometimes ask myself is how I originally learned of a particular place. Sometimes, it is because a friend or colleague recommended it. Other times, I spent some time researching and came to the conclusion that a given place was worth a shot. And yet, in some cases, I simply stumbled onto a great place accidentally. | |||
|
2019-03-27 14:18:01 | Hackers Are Loving PowerShell, Study Finds (lien direct) | Threat Actors Prefer PowerShell over Other ATT&CK Techniques, Report Shows | |||
|
2019-03-27 14:00:02 | Iran-Linked Cyberspy Group APT33 Continues Attacks on Saudi Arabia, U.S. (lien direct) | An Iran-linked cyberespionage group tracked as Elfin and APT33 continues targeting organizations in Saudi Arabia and the United States, Symantec reported on Wednesday. | APT33 APT 33 | ||
|
2019-03-27 13:32:02 | ASUS Patches Hijacked System Update Utility (lien direct) | ASUS says it has released a fix for the Live Update utility that threat actors abused in Operation ShadowHammer supply chain attack to deliver malware to hundreds of users. | Malware Threat | ||
|
2019-03-27 06:14:03 | EU Presents Plan for Safe 5G Amid Huawei Suspicions (lien direct) | The European Commission on Tuesday presented its plan to ensure the secure introduction of 5G telecoms networks, with suspicions hanging over Chinese giant Huawei. | |||
|
2019-03-26 20:48:02 | AZORult Variant Can Establish RDP Connections (lien direct) | A recently observed C++ version of the AZORult data stealer includes the ability to establish a remote desktop connection compromised devices, Kaspersky Lab's security researchers have discovered. | |||
|
2019-03-26 19:30:00 | Norsk Hydro May Have Lost $40M in First Week After Cyberattack (lien direct) | Norwegian aluminum giant Norsk Hydro estimates that it may have lost more than $40 million in the first week following the ransomware attack that disrupted its operations. | |||
|
2019-03-26 16:11:03 | (Déjà vu) Apple Patches Vulnerabilities in iOS, macOS, Safari (lien direct) | Apple this week released new security updates for iOS, macOS, tvOS, Safari, and iCloud and iTunes for Windows, addressing tens of vulnerabilities in these products. | |||
|
2019-03-26 15:54:05 | The Consumerization of Industrial Cyber Security (lien direct) | Just as internet security was a relative unknown concern 20 years ago, public awareness of threats to the electric grid, water supplies, etc. is mounting | |||
|
2019-03-26 14:37:04 | Cyber Risk Assessment Firm Sayata Labs Emerges From Stealth (lien direct) | Sayata Labs, an Israel-based company that provides risk assessment solutions for the cyber insurance industry, on Tuesday announced that it emerged from stealth mode with $6.5 million in seed funding. | |||
|
2019-03-26 13:59:02 | Facebook Blocks More Accounts Over Influence Campaigns (lien direct) | Facebook said Tuesday it shut down more than 2,600 fake accounts linked to Iran, Russia, Macedonia and Kosovo and aiming to influence political sentiment in various parts of the world. |
To see everything:
Our RSS (filtrered)
