What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-04-16 04:36:05 | Severe Flaws Expose Moxa Industrial Routers to Attacks (lien direct) | Cisco's Talos intelligence and research group has reported identifying a total of 17 vulnerabilities in an industrial router from Moxa, including many high severity command injection and denial-of-service (DoS) flaws. | |||
|
2018-04-13 17:05:05 | Enterprise App Security Firm Onapsis Raises $31 Million (lien direct) | Application security firm Onapsis has raised $31 million through a Series C funding round led by new investor LLR Partners, the company announced Friday, bringing the total amount raised to $62 million. | |||
|
2018-04-13 16:52:00 | Google Turns TLS on By Default on Android P (lien direct) | Applications targeting the next version of Android (Android P) are required to use encrypted connections by default, Google said on Thursday. | |||
|
2018-04-13 16:33:04 | Researchers Sinkhole Deep-Rooted "EITest" Infection Chain (lien direct) | Proofpoint on Thursday said that it has managed to sinkhole what could be the oldest “infection chain” out there, which redirected users to exploit kits (EKs), social engineering schemes, and other malicious or fraudulent operations. | |||
|
2018-04-13 16:10:02 | Illumio, Qualys Partner on Vulnerability-based Micro-Segmentation (lien direct) | Vulnerability management has two major components: discovering vulnerabilities, and mitigating those vulnerabilities. The first component is pointless without the second component. So, for example, Equifax, WannaCry, NotPetya, and many other breaches -- if not most breaches -- are down to a failure to patch, which is really a failure in vulnerability management. | NotPetya Wannacry Equifax | ||
|
2018-04-13 15:52:05 | \'Spectrum\' Service Extends Cloudflare Protection Beyond Web Servers (lien direct) | Cloudflare on Thursday announced the availability of a new service that extends the company's protection capabilities to gaming, remote access, email, IoT and other types of systems. | |||
|
2018-04-13 14:01:01 | Hackers Start Exploiting Drupalgeddon2 Vulnerability (lien direct) | Attempts to exploit a recently patched vulnerability in the Drupal content management system (CMS) were spotted by researchers shortly after someone published a proof-of-concept (PoC) exploit. | |||
|
2018-04-13 13:47:04 | Why Mass Transit Could Be the Next Big Target for Cyber Attacks-and What to do About it (lien direct) | The constantly evolving tools and methods of cyber attackers has resulted in specific industries becoming the unfortunate subjects of sudden upswings in incident volume and severity. In recent years, for example, we've seen waves of ransomware attacks in healthcare and large-scale customer data breaches in technology. So, this trend begs the question, who's next? Which unlucky industry will be the latest target caught in the crosshairs of cyber attackers? | |||
|
2018-04-13 13:15:03 | Britain Says Russia Spied on Skripals Before Poisoning (lien direct) | Russian intelligence was spying on former double agent Sergei Skripal and his daughter Yulia for at least five years before they were poisoned in a nerve agent attack, Britain's National Security Adviser Mark Sedwill said in a letter to NATO on Friday. | |||
|
2018-04-13 13:09:00 | 25 Million U.S. Individuals Impacted by 2016 Uber Hack (lien direct) | The 2016 data breach that Uber made public in November 2017 impacted over 25 million riders and drivers in the United States, the Federal Trade Commission (FTC) reveals. | Uber | ||
|
2018-04-13 12:34:04 | Hackers Can Stealthily Exfiltrate Data via Power Lines (lien direct) | Researchers have created proof-of-concept (PoC) malware that can stealthily exfiltrate data from air-gapped computers using power lines. | |||
|
2018-04-13 10:23:00 | U.K. Launched Major Cyberattack on Islamic State: Spy Chief (lien direct) | The head of Britain's Government Communications Headquarters (GCHQ) revealed this week that the U.K. has launched a major cyberattack on the Islamic State (IS) group, significantly disrupting its operations. | |||
|
2018-04-12 17:54:04 | Multi-Purpose Proxy Botnet Ensnares 65,000 Routers (lien direct) | More than 65,000 routers exposed to the Internet via the Universal Plug and Play (UPnP) protocol are being abused by cybercriminals as part of a large, multi-purpose proxy botnet, Akamai has discovered. | |||
|
2018-04-12 17:22:01 | Key Points From Facebook-Zuckerberg Hearings (lien direct) | Facebook chief Mark Zuckerberg testified for nearly 10 hours over two days on Facebook's privacy and data protection issues before committees of the Senate and House on Tuesday and Wednesday. Here are key points: Protecting the platform | |||
|
2018-04-12 16:58:05 | \'Operation Parliament\' Imitates Another Actor to Stay Undetected (lien direct) | A series of geopolitically motivated attacks ongoing since early 2017 and targeting high profile organizations worldwide appear to be a symptom of escalating tensions in the Middle East region, Kaspersky Labs reveals. | |||
|
2018-04-12 16:05:01 | Mocana Launches Supply Chain Integrity Platform to Secure IoT, ICS Devices (lien direct) | Mocana TrustCenter Manages Security Across IoT and ICS Device Lifecycles | |||
|
2018-04-12 14:36:02 | LimeSurvey Flaws Expose Web Servers to Attacks (lien direct) | A couple of vulnerabilities affecting the popular online survey tool LimeSurvey can be exploited by remote attackers to execute malicious code and take control of web servers with little or no user interaction, researchers warn. | |||
|
2018-04-12 13:48:04 | Have We Reached Data Breach Fatigue? (lien direct) | With RSA Conference about to convene, it's a good time to think about the year (OK, this time it is 14 months) that has passed since the last RSA Conference and wonder if we have made any real, discernible progress. | |||
|
2018-04-12 13:10:00 | OPAQ Networks Raises $22.5 Million in Series B Funding (lien direct) | Northern Virginia-based network security cloud company OPAQ Networks on Wednesday announced that it has secured $22.5 million in a Series B funding round, bringing the total raised by the firm to date to $43.5 million. | |||
|
2018-04-12 12:04:02 | Palo Alto Networks Acquires Incident Response Firm Secdo (lien direct) | Palo Alto Networks this week announced that it has entered a definitive agreement to acquire Israel-based incident response firm Secdo. Financial terms of the deal have not been disclosed, but some reports say Palo Alto is prepared to pay $100 million. | |||
|
2018-04-12 11:17:01 | Czech Antivirus Targets London\'s Biggest Tech Float (lien direct) | Czech antivirus software maker Avast announced Thursday that it will float on the London stock market next month in the British capital's biggest ever technology IPO. | |||
|
2018-04-12 05:40:02 | Carbon Black Prepares for $100 Million IPO (lien direct) | Endpoint security solutions provider Carbon Black this week announced that it has filed an S-1 registration statement with the U.S. Securities and Exchange Commission (SEC) for a proposed initial public offering (IPO) of its common stock. | |||
|
2018-04-11 16:41:02 | Container Security Firm StackRox Raises $25 Million (lien direct) | Container security firm StackRox announced this week that it has secured $25 million in a Series B funding round, bringing the total raised to date by the company to more than $39 million. | |||
|
2018-04-11 16:00:05 | Mobile Phishing Attacks Up 85 Percent Annually (lien direct) | The rate at which users are receiving and clicking on phishing URLs on their mobile devices has increased at an average rate of 85% per year since 2011, mobile security firm Lookout reports. | |||
|
2018-04-11 15:53:05 | Considering The Complexities of Hack Back Laws (lien direct) | Are the 'Hack Back' Laws Being Proposed by Congress a Good Idea? | |||
|
2018-04-11 14:51:05 | Industrial Internet Consortium Develops New IoT Security Maturity Model (lien direct) | The Industrial Internet Consortium (IIC) has developed a new IoT Security Maturity Model (SMM), building on its own security framework and reference architecture. This week it has published the first of two papers: IoT Security Maturity Model: Description and Intended Use. | |||
|
2018-04-11 14:09:03 | New Authentication Standard Coming to Major Web Browsers (lien direct) | Web browsers from Google, Microsoft, and Mozilla will soon provide users with a new, password-less authentication standard built by the FIDO Alliance and the World Wide Web Consortium (W3C) and currently in the final approval stages. | ★★ | ||
|
2018-04-11 13:32:01 | SAP Patches Critical Flaws in Business Client (lien direct) | SAP this week released its April 2018 set of security patches, which include fixes for critical vulnerabilities in web browser controls delivered with SAP Business Client. | |||
|
2018-04-11 13:09:04 | Electrical Substations Exposed to Attacks by Flaws in Siemens Devices (lien direct) | Electrical substations and other power supply facilities are exposed to hacker attacks due to several potentially serious vulnerabilities discovered by researchers in some Siemens protection relays. | |||
|
2018-04-11 05:34:00 | AMD, Microsoft Release Spectre Patches (lien direct) | AMD and Microsoft on Tuesday released microcode and operating system updates that should protect users against Spectre attacks. | |||
|
2018-04-10 19:28:00 | (Déjà vu) Microsoft Patches Two Dozen Critical Flaws in Windows, Browsers (lien direct) | Microsoft's Patch Tuesday updates for April 2018 resolve a total of 66 vulnerabilities, including nearly two dozen critical issues affecting Windows and the company's web browsers. | |||
|
2018-04-10 18:39:01 | Adobe Patches Vulnerabilities in Six Products (lien direct) | Adobe has patched a total of 19 vulnerabilities across six of its products, including Flash Player, Experience Manager, InDesign CC, Digital Editions, ColdFusion and the PhoneGap Push plugin. | |||
|
2018-04-10 16:53:00 | What Social Media Platforms And Search Engines Know About You (lien direct) | The Facebook scandal involving the harvesting of data from tens of millions of users has raised a lot of questions about social media and search engines. As Facebook founder and CEO Mark Zuckerberg testifies before the US Congress this week on protecting user data, here is a primer on what they know about you: | |||
|
2018-04-10 15:53:03 | Facebook to Offer \'Bounty\' for Reporting Data Abuse (lien direct) | Facebook said Tuesday it would begin offering rewards to people who report misuse of private information from the social network, as part of an effort to step up data protection in the wake of a firestorm. | |||
|
2018-04-10 15:47:01 | Top Music Videos Including \'Despacito\' Defaced by Hackers (lien direct) | Some of the most popular music videos on YouTube including mega-hit "Despacito" momentarily disappeared Tuesday in an apparent hacking. Fans looking for videos by top artists including Drake, Katy Perry and Taylor Swift found the footage removed and replaced by messages that included "Free Palestine." | |||
|
2018-04-10 13:59:00 | Karamba Security Raises $10 Million for Inorganic Growth (lien direct) | Karamba Security, a firm that specializes in cybersecurity solutions for autonomous and connected cars, on Tuesday announced that it has raised another $10 million, bringing the total raised to date to $27 million. | |||
|
2018-04-10 12:27:03 | Critical Infrastructure Threat Is Much Worse Than We Thought (lien direct) | 
Adversaries Most Likely Want to Acquire a “Red Button” Capability That Can be Used to Shut Down the Power Grid
|
|||
|
2018-04-10 12:16:04 | SirenJack: Hackers Can Remotely Trigger Warning Sirens (lien direct) | 
|
|||
|
2018-04-10 07:39:01 | Business-Critical Systems Increasingly Hit by Ransomware: Verizon 2018 DBIR (lien direct) | Ransomware has become the most prevalent type of malware and it has increasingly targeted business-critical systems, according to Verizon's 2018 Data Breach Investigations Report (DBIR). | |||
|
2018-04-09 17:50:02 | DMARC Not Implemented on Most White House Email Domains: Analysis (lien direct) | Over 95% of the email domains managed by the Executive Office of the President (EOP) haven't implemented the Domain Message Authentication Reporting & Conformance (DMARC) protocol, the Global Cyber Alliance (GCA) has discovered. | |||
|
2018-04-09 16:37:02 | SecurityWeek\'s ICS Cyber Security Conference Returns to Singapore With Strong Lineup (lien direct) | 
|
|||
|
2018-04-09 15:27:00 | Malware Activity Slows, But Attacks More Sophisticated: Report (lien direct) | Malicious Cryptomining Spikes, While Virtually All Other Malware Declines | |||
|
2018-04-09 14:26:01 | Schneider Electric Patches 16 Flaws in Building Automation Software (lien direct) | Schneider Electric informed customers last week that the latest version of its U.motion Builder software patches a total of 16 vulnerabilities, including ones rated critical and high severity. | |||
|
2018-04-09 12:40:05 | Zuckerberg to Face Angry Lawmakers as Facebook Firestorm Rages (lien direct) | Mark Zuckerberg will appear before US lawmakers this week as a firestorm rocks Facebook over its data privacy scandal, with pressure mounting for new regulations on social media platforms. | |||
|
2018-04-09 12:35:00 | A Deep Dive Into Decision Advantage (lien direct) | 
|
|||
|
2018-04-09 12:18:02 | Vulnerabilities Found in Linux \'Beep\' Tool (lien direct) | Several vulnerabilities have been found in the Linux command line tool Beep, including a potentially serious issue introduced by a patch for a privilege escalation flaw. | |||
|
2018-04-09 05:36:05 | Cisco Switches in Iran, Russia Hacked in Apparent Pro-US Attack (lien direct) | A significant number of Cisco switches located in Iran and Russia have been hijacked in what appears to be a hacktivist campaign conducted in protest of election-related hacking. However, it's uncertain if the attacks involve a recently disclosed vulnerability or simply abuse a method that has been known for more than a year. | |||
|
2018-04-08 17:42:05 | NetSupport Manager RAT Spread via Fake Updates (lien direct) | A campaign that has been active for the past few months has been leveraging compromised websites to spread fake software updates that in some cases delivered the NetSupport Manager remote access tool (RAT), FireEye reports. | |||
|
2018-04-07 16:58:01 | New Agent Tesla Spyware Variant Discovered (lien direct) | A new variant of the Agent Tesla spyware has been spreading via malicious Microsoft Word documents, Fortinet reports. | Tesla | ||
|
2018-04-06 15:28:01 | Facebook\'s Sandberg Says Other Cases of Data Misuse Possible (lien direct) | Facebook was aware more than two years ago of Cambridge Analytica's harvesting of the personal profiles of up to 87 million users and cannot rule out other cases of abuse of user data, chief operating officer Sheryl Sandberg said. |
To see everything:
Our RSS (filtrered)
