What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-12-17 18:44:00 | Shamoon 3 Attacks Targeted Several Sectors (lien direct) | New details have emerged about the recent Shamoon 3 attacks, including information on several malware samples, targets in additional sectors, and some links to threat groups believed to be operating out of Iran. | Malware Threat | ||
|
2018-12-17 17:40:03 | Technical Data on U.S. Missile Defense System Lacks Adequate Protections, DoD Says (lien direct) | Technical Information of U.S. Ballistic Missile Defense System is Improperly Protected, Audit Finds Security controls and processes necessary to protect ballistic missile defense system (BMDS) technical information and the United States Department of Defense (DoD) facilities haven't been properly implemented, a newly published audit report reveals. | |||
|
2018-12-17 15:57:01 | Bug Gives Twitter Apps More Permissions Than Shown (lien direct) | Twitter recently addressed a security vulnerability that resulted in certain applications not correctly showing all of the permissions they had. | Vulnerability | ||
|
2018-12-17 14:26:04 | (Déjà vu) Avanan Raises $25 Million in Series B Funding (lien direct) | Cloud security firm Avanan announced on Monday that it has raised $25 million in a Series B funding round, which brings the total raised by the company to date to over $41 million. | ★★★★ | ||
|
2018-12-17 06:34:00 | Code Execution Flaw in SQLite Affects Chrome, Other Software (lien direct) | Many applications using the popular SQLite database management system could be exposed to attacks due to a potentially serious vulnerability that can lead to remote code execution, information disclosure, and denial-of-service (DoS) attacks. | Vulnerability Guideline | ||
|
2018-12-17 05:05:03 | \'No Evidence\' of Huawei Spying, Says German IT Watchdog (lien direct) | Germany's IT watchdog has expressed scepticism about calls for a boycott of Chinese telecoms giant Huawei, saying it has seen no evidence the firm could use its equipment to spy for Beijing, news weekly Spiegel reported Friday. | |||
|
2018-12-14 17:10:00 | (Déjà vu) Photos of 6.8 Million Facebook Users Exposed by API Bug (lien direct) | 
|
|||
|
2018-12-14 16:28:04 | Identity Intelligence Firm 4iQ Lands $18 Million in Series B Funding (lien direct) | Los Altos, California-based startup 4iQ, which describes its self as the "identity intelligence company", this week announced that it has secured $18 million in Series B funding, bringing the total raised by the company to date to $32 million. | |||
|
2018-12-14 16:27:00 | Siemens Patches Several Critical Flaws in SINUMERIK Controllers (lien direct) | Siemens informed customers this week that its SINUMERIK controllers are affected by denial-of-service (DoS), privilege escalation and code execution vulnerabilities, including several flaws that have been classified as “critical.” | |||
|
2018-12-14 14:19:01 | (Déjà vu) Facebook Paid Out $1.1 Million in Bug Bounties in 2018 (lien direct) |
|
|||
|
2018-12-14 13:09:04 | Authorities: Wave of Hoax Bomb Threats Made Across US (lien direct) | A wave of bomb threats emailed Thursday to hundreds of schools, businesses and government buildings across the U.S. triggered searches, evacuations and fear - but there were no signs of explosives, and authorities said the scare appeared to be a crude extortion attempt. | |||
|
2018-12-14 09:17:04 | Shamoon 3 Targets Energy Sector in Middle East (lien direct) | Italian oil and gas services company Saipem has confirmed that its systems were hit recently by a new variant of the notorious Shamoon malware. Shamoon may have also been used in attacks aimed at other energy sector organizations operating in the Middle East. | |||
|
2018-12-14 07:13:04 | Google Unveils New Encryption Features for Android Developers (lien direct) | Security-minded Android application developers can better secure user data, thanks to new cryptographic features in Android 9.0, Google says. | |||
|
2018-12-14 05:47:05 | AP Exclusive: Iran Hackers Hunt Nuke Workers, US Officials (lien direct) | LONDON - As U.S. President Donald Trump re-imposed harsh economic sanctions on Iran last month, hackers scrambled to break into personal emails of American officials tasked with enforcing them, The Associated Press has found - another sign of how deeply cyberespionage is embedded into the fabric of U.S.-Iranian relations. | |||
|
2018-12-13 18:36:04 | Arctic Wolf Acquires Risk Assessment Firm RootSecure (lien direct) | Security operations center (SOC)-as-a-service provider Arctic Wolf Networks this week announced plans to add risk-based vulnerability assessment capabilities to its portfolio, with the acquisition of RootSecure Corp. | Vulnerability | ★★ | |
|
2018-12-13 17:00:02 | Kubernetes Security Firm Tigera Raises $30 Million (lien direct) | Tigera, a San Francisco-based company that provides security and compliance solutions for Kubernetes platforms, announced on Wednesday that it raised $30 million in a Series B funding round. | Uber | ★★★★ | |
|
2018-12-13 16:43:05 | Russia-Linked Phishing Attacks Hit Government Agencies on Four Continents (lien direct) | A recent campaign attributed to the Russian cyber-espionage group Sofacy hit government agencies in four continents in an attempt to infect them with malware, Palo Alto Networks security researchers say. | ★★★ | ||
|
2018-12-13 16:23:04 | "Operation Sharpshooter" Hits Global Defense, Critical Infrastructure Firms (lien direct) | Global Cyberattack Campaign Hits 87 Organizations Using "Rising Sun" Malware | ★★ | ||
|
2018-12-13 15:11:02 | Several Vulnerabilities Patched With Release of WordPress 5.0.1 (lien direct) | WordPress developers announced on Thursday the availability of version 5.0.1 of the content management system (CMS), which addresses several types of vulnerabilities. | ★★ | ||
|
2018-12-13 13:58:01 | GitLab Launches Public Bug Bounty Program (lien direct) | Open source Git repository management system GitLab this week announced the launch of a public bug bounty program with rewards of up to $12,000 for critical vulnerabilities found in its products and services. | |||
|
2018-12-13 11:46:03 | What You Need to Know About PCI DSS Compliance this Holiday Season (lien direct) | Protecting Santa's Workshop...and Payment Card Data | |||
|
2018-12-13 11:36:04 | France\'s Travel Alert Registry Hacked (lien direct) | The French foreign ministry said Thursday its travel alert registry website had been pirated and citizens' personal data "could be misused". In a statement the ministry did not say how many people were affected by the breach of the Ariane system, which lets people register for security alerts when travelling abroad. | |||
|
2018-12-13 11:31:04 | How Well Are You Protecting Your Brand from Digital Risk? (lien direct) | Without an online presence an organization doesn't exist, and having a website is just the baseline. Today, an organization's Internet presence has expanded to include other digital channels. Companies of all sizes are actively using social media to engage with customers and build loyalty for their brand. | |||
|
2018-12-13 06:58:00 | Rhode Island Sues Alphabet Over Google+ Security Incidents (lien direct) | A government organization in Rhode Island announced on Wednesday that it has filed a lawsuit against Google's parent company, Alphabet Inc., over the recent security incidents involving the Google+ social network. | |||
|
2018-12-13 05:09:05 | 40,000 Government User Credentials Found on Dark Web (lien direct) | Researchers from Group-IB have discovered more than 40,000 user accounts on the Dark Web that appear to be compromised credentials for online government websites in 30 countries. | |||
|
2018-12-13 02:36:00 | U.S. Believes Chinese Intelligence Behind Marriott Hack (lien direct) | The United States said Wednesday that China was behind the massive hack of data from hotel giant Marriott, part of an ongoing global campaign of cyber-theft run by Beijing. | Hack | ||
|
2018-12-12 16:20:02 | New Variant of Shamoon Malware Uploaded to VirusTotal (lien direct) | A new variant of the destructive Shamoon malware was uploaded to VirusTotal this week, but security researchers haven't linked it to a specific attack yet. | Malware | ||
|
2018-12-12 15:58:01 | U.S. House Report Blasts Equifax Over Poor Security Leading to Massive 2017 Breach (lien direct) | Equifax Could Have Prevented Massive Data Breach, Report From U.S. House Says | Equifax | ||
|
2018-12-12 14:35:01 | Super Micro: No Malicious Hardware Found on Motherboards (lien direct) | California-based Super Micro told customers on Tuesday that it has conducted a thorough investigation in response to a Bloomberg article claiming that Chinese spy chips had been planted on its servers, but found no evidence of malicious hardware. | |||
|
2018-12-12 14:28:05 | Personal Details of 120 Million Brazilians Exposed (lien direct) | Misconfigured databases with poor or absent access controls on both cloud and in-house servers is a known and common problem. Where these databases are exposed to the internet, anybody -- with or without cyber expertise -- can access the database and its content. While there is no 'hack' involved, such instances should still be called a breach since there is often no way of knowing whether the data contained has been accessed by malicious actors. | |||
|
2018-12-12 12:44:00 | SAP Patches Critical Vulnerability in Hybris Commerce (lien direct) | SAP this week released its December 2018 set of security updates to address a dozen vulnerabilities in its products, including a Critical flaw in Hybris Commerce. | Vulnerability | ||
|
2018-12-12 10:46:03 | A New Year\'s Resolution: Security is Broken…Let\'s Fix It (lien direct) | As we near the end of 2018, another wave of massive cyber-attacks has exposed personally identifiable information belonging to hundreds of millions of people and will cost the impacted businesses untold amounts of dollars in lost revenue, settlements, and fines. | |||
|
2018-12-12 08:53:02 | Claroty Adds New Capabilities to Industrial Security Platform (lien direct) | Industrial cybersecurity firm Claroty on Tuesday announced significant enhancements to its threat detection product, along with technology integrations with several cybersecurity, network infrastructure and industrial automation providers. | Threat | ||
|
2018-12-07 16:52:04 | 168 Arrested in Money Mule Crackdown (lien direct) | Europol this week announced that 168 people were arrested in a massive operation that resulted in the identification of 1,504 money mules. | |||
|
2018-12-07 16:32:03 | Under Fire Huawei Agrees to UK Security Demands: Report (lien direct) | Embattled Chinese telecoms giant Huawei has agreed to British intelligence demands over its equipment and software as it seeks to be part of the country's 5G network plans, the FT reported Friday. | |||
|
2018-12-07 16:25:01 | California Man Gets 26-Month Prison Sentence for DDoS Attacks (lien direct) | The U.S. Department of Justice announced this week that a 44-year-old man from California has been sentenced to 26 months in prison for launching distributed denial-of-service (DDoS) attacks on two popular astronomy websites. | |||
|
2018-12-07 15:06:04 | EU Should Worry About Huawei, Other Chinese Firms: Official (lien direct) | The European Union and its citizens should be "worried" about telecoms giant Huawei and other Chinese firms that cooperate with Beijing's intelligence services, a senior EU official warned Friday. | |||
|
2018-12-07 14:58:02 | DeepPhish Project Shows Malicious AI is Not as Dangerous as Feared (lien direct) | Artificial intelligence (AI) is increasingly becoming a de facto necessity for cybersecurity. The asymmetric nature of cyberattacks simply overwhelms traditional manual analyst defenses, and organizations must increasingly use AI and machine learning (ML)-enhanced technologies to detect known attacks and predict (determine the probability) of new and unknown attacks at machine speed. | |||
|
2018-12-07 14:54:03 | Vulnerability Exposes Rockwell Controllers to DoS Attacks (lien direct) | Some of Rockwell Automation's MicroLogix controllers and ControlLogix communications modules are affected by a potentially serious vulnerability that can be exploited for denial-of-service (DoS) attacks. | Vulnerability | ||
|
2018-12-07 14:40:04 | Preparing for Tomorrow\'s Threats Today (lien direct) | Disrupting the Criminal Economic Model Can be Achieved by Tightly Integrating Security Systems into a Cohesive Framework | |||
|
2018-12-07 12:04:04 | North Korea-linked Hackers Target Academic Institutions (lien direct) | A threat group possibly originating from North Korea has been targeting academic institutions since at least May of this year, NetScout's security researchers reveal. | Threat | ||
|
2018-12-07 08:55:03 | New Lawsuit Claims Marriott Still Exposes Customer Information (lien direct) | A new class action filed against Marriott following the massive data breach alleges that the hotel giant's systems are affected by a serious vulnerability that still exposes customer information. | Vulnerability | ||
|
2018-12-06 18:58:02 | Arrest of Tech Exec Signals Tougher US Stand on China Tech Firms (lien direct) | The arrest of a top executive of tech giant Huawei at the request of US authorities signals a toughening stand in Washington on dealing with Chinese tech firms amid longstanding concerns over cyberespionage. | |||
|
2018-12-06 17:48:04 | How to Reduce False Positives and Move Faster on What Matters (lien direct) | A quick Google search reveals instances of false positives happening every day. A signal from NASA's Opportunity rover that remained unresponsive for months after experiencing a dust storm on Mars, turned out to be a “ghost signal.” Blue cotton candy that initially tested positive as methamphetamine turned out to be, well, blue cotton candy. Numerous articles on false positive medical test results that subject individuals to unnecessary follow-up, treatments, cost and worry. | |||
|
2018-12-06 16:32:00 | Google ASPIRE to Boost Android Security and Privacy (lien direct) | Google is stepping up its effort to improve the security and privacy of Android with a new initiative called ASPIRE (Android Security and PrIvacy REsearch). | ★★★ | ||
|
2018-12-06 15:08:04 | (Déjà vu) Google Patches More Than 50 Android Vulnerabilities in December (lien direct) | Google this week released a set of security patches for Android, to address over 50 vulnerabilities in the mobile operating system. | ★★★ | ||
|
2018-12-06 15:02:03 | (Déjà vu) Apple Patches Tens of Flaws in iOS, macOS, Safari (lien direct) | Apple this week released several security updates to address tens of vulnerabilities impacting the iOS and macOS platforms, the Safari browser, and various Windows applications. | |||
|
2018-12-06 14:55:03 | Data is Currency. Treat it That Way to Strengthen Privacy (lien direct) | It has been six months since General Data Protection Regulation (GDPR) went into effect and interest in data privacy has never been higher. The trend will continue, and organizations must realize that the lens through which they view data privacy has a major impact on their business. | |||
|
2018-12-06 14:43:04 | Australia Passes Cyber Snooping Laws With Global Implications (lien direct) | Australia Thursday passed controversial laws allowing spies and police to snoop on the encrypted communications of suspected terrorists and criminals, as experts warned the "unprecedented powers" had far-reaching implications for global cybersecurity. | |||
|
2018-12-06 14:20:00 | Siemens Wants to Release Security Advisories on Patch Tuesday (lien direct) | Siemens wants to release security advisories on the second Tuesday of every month, similar to Microsoft, Adobe and SAP. |
To see everything:
