What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-06 12:53:02 | UK Spy Agency Joins NSA in Sharing Zero-Day Disclosure Process (lien direct) | GCHQ Joins the NSA in Publishing its Vulnerabilities Equities Process | |||
|
2018-12-06 08:32:03 | Zuckerberg Defends Facebook in New Data Breach Controversy (lien direct) | Facebook chief Mark Zuckerberg pushed back Wednesday against emails showing the social media giant offering Netflix and other popular apps preferential access to people's data even after it had tightened its privacy rules. | Data Breach | ||
|
2018-12-06 08:24:01 | (Déjà vu) Attorneys General File First Multistate HIPAA-Related Data Breach Lawsuit (lien direct) | Attorneys General from 12 U.S. states this week filed a lawsuit against a healthcare tech solutions provider over a data breach suffered by the company in 2015. | Data Breach | ||
|
2018-12-06 08:24:01 | (Déjà vu) Attorneys General File First Multistate HIPPA-Related Data Breach Lawsuit (lien direct) | Attorneys General from 12 U.S. states this week filed a lawsuit against a healthcare tech solutions provider over a data breach suffered by the company in 2015. | Data Breach | ||
|
2018-12-05 20:54:04 | 2 Iranian Men Face New Charges Over Atlanta Cyberattack (lien direct) | ATLANTA (AP) - Two Iranian men already indicted in New Jersey in connection with a broad cybercrime and extortion scheme targeting government agencies, cities and businesses now face new federal charges in Georgia related to a ransomware attack that | Ransomware | ||
|
2018-12-05 20:53:02 | Ukraine Accuses Russia of Cyberattack on Judiciary Systems (lien direct) | Ukraine has once again accused Russian intelligence services of launching cyberattacks against one of its government organizations. | |||
|
2018-12-05 17:38:01 | Facebook Emails Show How it Sought to Leverage User Data (lien direct) | LONDON (AP) - A U.K. Parliament committee accused Facebook on Wednesday of cutting special deals with some advertisers to give them more access to data as it released 250 pages worth of documents on the tech giant's internal discussions about the value of users' personal information. | ★★★★★ | ||
|
2018-12-05 17:11:02 | Russian Hospital Targeted With Flash Zero-Day After Kerch Incident (lien direct) | Security updates released by Adobe on Wednesday for Flash Player patch two vulnerabilities, including a critical flaw exploited by a sophisticated threat actor in attacks aimed at a healthcare organization associated with the Russian presidential administration. The attack may be related to the recent Kerch Strait incident involving Russia and Ukraine. | Threat | ||
|
2018-12-05 16:22:04 | Is Malware Heading Towards a WarGames-style AI vs AI Scenario? (lien direct) | Adam Kujawa, Director of Malwarebytes Labs, has been contemplating the evolution of malware attack and defense, attempting to work out strategies to stay ahead of cybercriminals in what has always been a technological game of leapfrog. | Malware | ||
|
2018-12-05 15:45:05 | DHS Says SamSam Ransomware is Targeting Critical Infrastructure Entities (lien direct) | The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) this week issued an alert on activity related to SamSam, one of the most prevalent ransomware families at the moment. | Ransomware | ||
|
2018-12-05 14:24:04 | Symantec Unveils USB Scanning Station for ICS, IoT Environments (lien direct) | Symantec on Wednesday unveiled a new product designed to protect critical infrastructure organizations, including industrial and Internet of Things (IoT) environments, against USB-borne threats. | |||
|
2018-12-05 07:18:05 | House GOP Campaign Arm Targeted by \'Unknown Entity\' in 2018 (lien direct) | Thousands of emails were stolen from aides to the National Republican Congressional Committee during the 2018 midterm campaign, a major breach exposing vulnerabilities that have kept cybersecurity experts on edge since the 2016 presidential race. | |||
|
2018-12-04 19:28:02 | Malware Dropper Supports a Dozen Decoy Document Formats (lien direct) | A recently discovered malware dropper has the ability to use nearly a dozen decoy document file formats to drop various payloads, Palo Alto Networks security researchers warn. | Malware | ||
|
2018-12-04 17:34:02 | No Smoking Gun Tying Russia to Spear-Phishing Attack, Microsoft Says (lien direct) | Not Enough Evidence That Russians Are Behind Recent Spear-Phishing Attack, Microsoft Says | |||
|
2018-12-04 16:39:04 | M2M Protocols Expose Industrial Systems to Attacks (lien direct) | Some machine-to-machine (M2M) protocols can be abused by malicious actors in attacks aimed at Internet of Things (IoT) and industrial Internet of Things (IIoT) systems, according to research conducted by Trend Micro and the Polytechnic University of Milan. | |||
|
2018-12-04 15:19:05 | Fake iOS Fitness Apps Steal Money (lien direct) | A series of iOS applications posing as fitness-tracking tools have been stealing users' money by abusing the Touch ID feature, ESET has discovered. | |||
|
2018-12-04 14:25:04 | Firmware Security Firm Eclypsium Raises $8.75 Million (lien direct) | Eclypsium, a Portland, OR-based company that specializes in firmware security, on Tuesday announced that it raised $8.75 million in an oversubscribed Series A funding round. | |||
|
2018-12-04 12:40:03 | Australia Set to Pass Sweeping Cyber Laws Despite Tech Giant Fears (lien direct) | Australia's two main parties struck a deal Tuesday to pass sweeping cyber laws requiring tech giants to help government agencies get around encrypted communications used by suspected criminals and terrorists. | |||
|
2018-12-04 12:23:04 | Cybersecurity Storms: Visibility is Key to Cyber Protections (lien direct) | Security Teams Need to Maintain Packet-level Visibility Into All Traffic Flowing Across Their Networks | |||
|
2018-12-04 09:03:03 | Critical Privilege Escalation Flaw Patched in Kubernetes (lien direct) | A critical privilege escalation vulnerability has been found in Kubernetes, the popular open-source container orchestration system that allows users to automate deployment, scaling and management of containerized applications. | Vulnerability | Uber | |
|
2018-12-04 06:00:04 | Quora Data Breach Hits 100 Million Users (lien direct) | The popular question-and-answer website Quora informed users on Monday that their information may have been stolen after someone gained unauthorized access to its systems. | Data Breach | ||
|
2018-12-04 04:08:04 | Israeli Firm Rejects Alleged Connection to Khashoggi Killing (lien direct) | An Israeli company known for its sophisticated phone surveillance technology on Monday rejected accusations that its snooping software helped lead to the killing of Saudi journalist Jamal Khashoggi. | Guideline | ||
|
2018-12-04 03:25:04 | Phishing Campaign Delivers FlawedAmmyy, RMS RATs (lien direct) | A new campaign delivering various remote access Trojans (RATs) is likely the work of a known Dridex/Locky operator, Morphisec security researchers warn. | ★★★ | ||
|
2018-12-03 19:15:00 | Flaws in Siglent Oscilloscope Allow Hackers to Tamper With Measurements (lien direct) | Researchers discovered that an oscilloscope from Siglent Technologies is affected by several potentially serious vulnerabilities that could allow hackers to tamper with measurements. | |||
|
2018-12-03 18:56:04 | XS-Search Flaw Found in Google\'s Issue Tracker (lien direct) | A security flaw recently discovered in Google's Monorail open-source issue tracker could be exploited to perform a Cross-Site Search (XS-Search) attack, a security researcher says. | |||
|
2018-12-03 17:50:04 | Collaboration and Information Sharing Should Also Happen Internally (lien direct) | We often discuss the importance of external collaboration and information sharing in security. Frequently overlooked, however, is the importance of also collaborating and sharing information internally among the various teams and functions comprising our organizations. | |||
|
2018-12-03 17:31:02 | Knowing Value of Data Assets is Crucial to Cybersecurity Risk Management (lien direct) | Knowing the True Value of Data Assets Will Improve Cyber Security and Promote Meaningful Cyber Insurance Understanding the value of corporate assets is fundamental to cybersecurity risk management. Only when the true value is known can the correct level of security be applied. | |||
|
2018-12-03 15:51:04 | Schumer Says Marriott Should Pay to Replace Hacked Passports (lien direct) | Sen. Charles Schumer says Marriott hotel officials should pay for new passports for customers whose passport numbers were hacked as part of a massive data breach. | |||
|
2018-12-03 14:43:05 | Lenovo Pays $7.3 Million to Settle Superfish Adware Lawsuit (lien direct) | Lenovo has agreed to pay $7.3 million to settle a consumer class action lawsuit related to the Superfish adware scandal from 2015. | |||
|
2018-12-03 13:37:03 | Espionage, ID Theft? Myriad Risks From Stolen Marriott Data (lien direct) | The data stolen from the Marriott hotel empire in a massive breach is so rich and specific it could be used for espionage, identity theft, reputational attacks and even home burglaries, security experts say. | |||
|
2018-12-03 13:34:00 | Lawsuits Filed Against Marriott Over Massive Data Breach (lien direct) | Several lawsuits have been filed against Marriott International shortly after the hotel giant disclosed a data breach impacting as many as 500 million customers. | Data Breach | ||
|
2018-12-03 09:59:05 | Russian Hackers Use BREXIT Lures in Recent Attacks (lien direct) | Infamous Russia-linked cyber-espionage group Sofacy used BREXIT-themed lure documents in attacks on the same day the United Kingdom Prime Minister Theresa May announced the initial BREXIT draft agreement with the European Union (EU). | |||
|
2018-12-03 06:57:03 | Kaspersky\'s U.S. Government Ban Upheld by Appeals Court (lien direct) | The U.S. government's ban on software made by Russia-based cybersecurity firm Kaspersky Lab remains in place, a federal appeals court in Washington, DC, ruled on Friday. The court said Kaspersky had failed to demonstrate that the ban was an unconstitutional legislative punishment. | |||
|
2018-12-03 05:55:04 | NATO Exercises Cyber Defences as Threat Grows (lien direct) | In a nondescript brick building on the snowy edge of Estonia's second city Tartu, soldiers in camouflage tap silently at computers. They are troops manning the 21st century's front line. | Threat | ||
|
2018-12-03 05:47:00 | Elasticsearch Instances Expose Data of 82 Million U.S. Users (lien direct) | Personal information of over 82 million users in the United States was exposed via a set of open Elasticsearch instances, Hacken security researchers warn. | |||
|
2018-11-30 21:28:01 | Mozilla Testing DNS-over-HTTPS in Firefox (lien direct) | Mozilla is moving forward with yet another project designed to provide users with increased security: it is now testing DNS-over-HTTPS (DoH) in Firefox stable. | |||
|
2018-11-30 20:15:01 | Hackers Using NSA Hacking Tools to Build Botnet (lien direct) | A Quarter Million Devices Vulnerable to UPnProxy Botnet More than 270,000 Internet-connected devices run vulnerable implementations of UPnP and are susceptible to becoming part of a multi-purpose botnet, Akamai says. | |||
|
2018-11-30 15:48:02 | MITRE Uses ATT&CK Framework to Evaluate Enterprise Security Products (lien direct) | MITRE Corporation's ATT&CK framework has been used to evaluate enterprise security products from several vendors to determine how efficient they are in detecting and responding to attacks launched by sophisticated threat groups. | Threat | ||
|
2018-11-30 15:31:03 | New PowerShell Backdoor Resembles "MuddyWater" Malware (lien direct) | A recently discovered PowerShell-based backdoor is strikingly similar to malware employed by the MuddyWater threat actor, Trend Micro reports. | Malware Threat | ||
|
2018-11-30 14:49:02 | Business Outcomes for Automated Phishing Response (lien direct) | Security Automation Can be a Game Changer for Any SOC or CSIRT, Including Yours | |||
|
2018-11-30 12:50:00 | Marriott Hit by Massive Data Breach: 500 Million Starwood Customers Impacted (lien direct) | Marriott International said early Friday that data on roughly 500 million customers staying at Starwood hotel properties had been compromised in a breach that gave unknown attackers access to the Starwood network since 2014. | |||
|
2018-11-30 06:07:03 | Facebook Mulled Charging for Access to User Data (lien direct) | Facebook on Wednesday said it considered charging application makers to access data at the social network. Such a move would have been a major shift away from the policy of not selling Facebook members' information, which the social network has stressed in the face of criticism alleging it is more interested in making money than protecting privacy. | |||
|
2018-11-29 22:04:03 | Google Makes Secure LDAP Generally Available (lien direct) | Google this week announced the general availability of secure LDAP, after introducing the capability in October at Next '18 London. Allowing customers to manage access to traditional LDAP-based apps and IT infrastructure, it can be used with either G Suite or Cloud Identity, Google's managed identity and access management (IAM) platform. | |||
|
2018-11-29 18:41:02 | Zoom Conferencing App Exposes Enterprises to Attacks (lien direct) | A potentially serious vulnerability discovered by researchers in the Zoom video conferencing application can allow external attackers or malicious insiders to hijack screen controls, spoof chat messages, and remove attendees from a session. | Vulnerability | ||
|
2018-11-29 18:06:02 | Brazilian Financial Malware Spreads Beyond National Boundaries (lien direct) | Brazilian Actors Expand Financial Malware Campaigns to Attack Spanish-Speaking Countries A detailed analysis from security researchers shows how Brazilian financial malware is spreading beyond national boundaries to attack banks in Spanish-speaking countries through South and Latin America, and Portugal and Spain in Europe. | Malware | ★★ | |
|
2018-11-29 17:52:05 | Colorado Agency Targeted in Nationwide Ransomware Scheme (lien direct) | No money was paid and no information was lost during a ransomware cyberattack that exploited a cloud-based vulnerability in the Colorado Department of Transportation's computer network last spring, officials said Wednesday. | Ransomware Vulnerability | ★★★★ | |
|
2018-11-29 17:08:02 | Cisco Patches SQL Injection Flaw in Prime License Manager (lien direct) | Cisco has fixed a vulnerability in the web framework code of Cisco Prime License Manager that could allow an attacker to execute arbitrary SQL queries. | Vulnerability | ||
|
2018-11-29 15:52:04 | Researchers Introduce Smart Greybox Fuzzing (lien direct) | A team of researchers has introduced the concept of smart greybox fuzzing, which they claim is much more efficient in finding vulnerabilities in libraries that parse complex files compared to existing fuzzers. | |||
|
2018-11-29 15:47:01 | Indian Police Break Up International Computer Virus Scam (lien direct) | NEW DELHI (AP) - Indian police said Thursday they have arrested nearly two dozen people on suspicion of defrauding people around the world by sending fake pop-up messages warning them that their computers were infected with a virus and offering to fix the problem at a price. | |||
|
2018-11-29 07:11:00 | AWS Security Hub Aggregates Alerts From Third-Party Tools (lien direct) | Amazon Web Services on Wednesday announced the launch of AWS Security Hub, a service designed to aggregate and prioritize alerts from AWS and third-party security tools. |
To see everything:
Our RSS (filtrered)
