What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-01-28 22:21:56 | Passwords in a file (lien direct) | My dad is on some sort of committee for his local home owners association. He asked about saving all the passwords in a file stored on Microsoft's cloud OneDrive, along with policy/procedures for the association. I assumed he called because I'm an internationally recognized cyberexpert. Or maybe he just wanted to chat with me*. Anyway, I thought I'd write up a response.The most important rule of cybersecurity is that it depends upon the risks/costs. That means if what you want to do is write down the procedures for operating a garden pump, including the passwords, then that's fine. This is because there's not much danger of hackers exploiting this. On the other hand, if the question is passwords for the association's bank account, then DON'T DO THIS. Such passwords should never be online. Instead, write them down and store the pieces of paper in a secure place.OneDrive is secure, as much as anything is. The problem is that people aren't secure. There's probably one member of the home owner's association who is constantly infecting themselves with viruses or falling victim to scams. This is the person who you are giving OneDrive access to. This is fine for the meaningless passwords, but very much not fine for bank accounts.OneDrive also has some useful backup features. Thus, when one of your members infects themselves with ransomware, which will encrypt all the OneDrive's contents, you can retrieve the old versions of the documents. I highly recommend groups like the home owner's association use OneDrive. I use it as part of my Office 365 subscription for $99/year.Just don't do this for banking passwords. In fact, not only should you not store such a password online, you should strongly consider getting "two factor authentication" setup for the account. This is a system where you need an additional hardware device/token in addition to a password (in some cases, your phone can be used as the additional device). This may not work if multiple people need to access a common account, but then, you should have multiple passwords, for each individual, in such cases. Your bank should have descriptions of how to set this up. If your bank doesn't offer two factor authentication for its websites, then you really need to switch banks.For individuals, write your passwords down on paper. For elderly parents, write down a copy and give it to your kids. It should go without saying: store that paper in a safe place, ideally a safe, not a post-it note glued to your monitor. Again, this is for your important passwords, like for bank accounts and e-mail. For your Spotify or Pandora accounts (music services), then security really doesn't matter.Lastly, the way hackers most often break into things like bank accounts is because people use the same password everywhere. When one site gets hacked, those passwords are then used to hack accounts on other websites. Thus, for important accounts, don't reuse passwords, make them unique for just that account. Since you can't remember unique passwords for every account, write them down.You can check if your password has been hacked this way by checking http://haveibeenpwned.com and entering your email address. Entering my dad's email address, I find that his accounts at Adobe, LinkedIn, and Disqus has been discovered by hackers (due to hacks of those websites) and published. I sure hope whatever these passwords were that they are not the same or similar to his passwords for GMail or his bank account. * the lame joke at the top was my dad's, so don't blame me :-) |
Hack | ||
 |
2019-01-28 19:15:03 | Japan Will Hack Its Citizens\' IoT Devices To \'Make Them Secure\' (lien direct) | It has been reported that the Japanese government has passed a new law amendment that will allow officials to hack into citizen's Internet of Things devices to compile a list of devices that are prone to hacking. Japanese government plans to hack into citizens' #IoT devicesThe Japanese government approved a law amendment on Friday that will allow government … The ISBuzz Post: This Post Japan Will Hack Its Citizens' IoT Devices To 'Make Them Secure' | Hack | ||
 |
2019-01-28 18:24:00 | The Japanese government plans to hack into unsecured IoT devices. Will it work? (lien direct) | Ahead of the 2020 Tokyo Olympic Games, the Japanese government is planning to access unsecured Internet of Things devices to identify users and request they change their passwords. | Hack | ||
 |
2019-01-28 12:53:04 | TalkTalk hacker Daniel Kelley\'s blackmail charge dropped (lien direct) | Daniel Kelley has already admitted involvement in the major hack attack on the telecoms firm in 2015. | Hack | ||
 |
2019-01-27 14:39:00 | Japanese government plans to hack into citizens\' IoT devices (lien direct) | Japanese government wants to secure IoT devices before Tokyo 2020 Olympics and avoid Olympic Destroyer and VPNFilter-like attacks. | Hack | VPNFilter | |
 |
2019-01-24 14:00:00 | The Changing Face Of Cybersecurity In The 21st Century (lien direct) |
67% of small and micro businesses have experienced a cyber attack, while 58% have experienced a data breach within the last 12 months, according to a study conducted by the Ponemon Institute. Cybersecurity has become one of the major questions that plague the 21st century, with numerous businesses reporting significant losses resulting from loss of private customer data, denial of service (DoS) attacks that cripple operations and internal employee threats that pose a growing data security challenge for both small and large companies. When you consider the effects of the cyber attack in Alaska and the astounding number of businesses it crippled, it's clear that businesses owners need to understand the threats they face today.
The Question of Cybersecurity
A few decades ago, the thought of cyber warfare would have seemed far-fetched to say the least. But today, it has become as likely as it is terrifying, especially when you consider how many of our gadgets are connected to the internet - mobile phones, smart TVs, PCs, and IoT devices. The technical advancements in data-hacking have led to the parallel development of data-protection. While downloading an antivirus software may previously have been sufficient protection, this is now only a preliminary measure, and must be coupled with stronger controls like 2-factor authentication, access control, and raising threat awareness. The cyber-security industry grows steadily each day, and it is now possible to find adequate protection for all your gadgets: from your phone to your tablet and yes, even your new television set.
Artificial Intelligence Shaping Cybersecurity
If you have a basic interest in the tech world, you will have undoubtedly come across Sophia. Sophia is a humanoid robot and may be termed by many as the perfect illustration of how far AI has come. It is for this reason that AI is leading the cybersecurity field. This is through the application of the concept of synthesizing data. Basically, what this means is that two independent chunks of information can be combined to arrive at a single conclusion. In layman's terms, AI is expected to improve cybersecurity by speeding up incident response when malicious activity is detected, thwarting ransomware and automating practices. This way, companies will be able to remain a step ahead of potential cyber threats.
The Future of Cybersecurity Innovation
Conventionally, data transfer has been achieved through electrical signals. However, this may change if we enter the era of data exchange through light signals. This works through the use of photons as carriers of quantum information in cyberspace. Photons are light particles which are generated simultaneously in pairs. With timing controls, this would mean that data transfer would only be possible if twin-photon particles existed for the sender and recipient. Ultimately, the only way to hack the data would be to upend the laws of physics. More innovations like deep learning, cloud technology, and hardware will revolutionalize the future of cybersecurity, making it easier for companies to prevent cyber attacks.
The field of cybersecurity is shifting and improving daily to match the changing needs of today’s cyberspace. It is essential that everyone, including businesses, become familiar with the means with which to protect their data. Understanding the changing face of cybersecurity is a key step to achieving that goal.
|
Ransomware Data Breach Hack Threat Guideline | ||
 |
2019-01-23 12:00:05 | Former employee blamed for hack of WordPress plugin maker (lien direct) | >The plugin's users are recommended to change their passwords on WPML's website following havoc reportedly wrought by a disgruntled ex-employee | Hack | ||
|
2019-01-23 01:38:05 | Mystery still surrounds hack of PHP PEAR website (lien direct) | Three days later, still no new details about how the official PHP website hosted a backdoored version of the PEAR package manager for the past six months. | Hack | ||
 |
2019-01-22 21:00:02 | Critical flaw in Linux APT package manager could allow remote hack (lien direct) | Expert discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The independent security consultant Max Justicz has discovered a remote code execution vulnerability in the APT package manager used by several Linux distributions, including Debian and Ubuntu. The flaw, tracked as CVE-2019-3462, affects package manager version 0.8.15 and later, […] | Hack Vulnerability | ||
 |
2019-01-22 18:45:00 | How Web Apps Can Turn Browser Extensions Into Backdoors (lien direct) | Researchers show how rogue web applications can be used to attack vulnerable browser extensions in a hack that gives adversaries access to private user data. | Hack | ||
 |
2019-01-22 18:10:00 | Hack of Plug-in Website Ruffles WordPress Community (lien direct) | An intruder thought to be a former employee used a backdoor into the WPML website to skim email addresses and send a mass email blast. | Hack | ||
 |
2019-01-22 08:50:02 | Critical RCE Flaw in Linux APT Allows Remote Attackers to Hack Systems (lien direct) | Just in time…
Cybersecurity experts this week fighting over Twitter in favor of not using HTTPS and suggesting software developers to only rely on signature-based package verification just because APT on Linux also does the same.
Just today, a security researcher revealed details of a critical remote code execution flaw in Linux APT, exploitation of which could have been mitigated if the
|
Hack | ||
|
2019-01-22 01:09:04 | ATLAS game taken offline twice after users hack admin account, find server exploit (lien direct) | PewDiePie fans also strike again! Flood server with "Subscribe to PewDiePie" spam. | Hack | ||
 |
2019-01-21 18:13:05 | (Déjà vu) Hack the Box: SecNotes Walkthrough (lien direct) | Today we are going to solve another CTF challenge “Mischief”. Mischief is a retired vulnerable lab presented by Hack the Box for helping pentester's to perform online penetration testing according to their experience; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Easy Task: To find user.txt and root.txt file... Continue reading → | Hack | ||
 |
2019-01-21 15:50:02 | Angry ex-employee blamed for hack of WordPress plugin developer, and email to customers warning of security hole (lien direct) |  Users of the popular WordPress translation plugin WPML (also known as WordPress MultiLingual) received an email from a hacker claiming to expose serious security vulnerabilities in the software that allegedly put the customers' own websites at risk.
Read more in my article on the Hot for Security blog.
|
Hack | ||
|
2019-01-21 07:04:05 | Unpatched Cisco critical flaw CVE-2018-15439 exposes small Business Networks to hack (lien direct) | Unpatched critical flaw CVE-2018-15439 could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch software is affected by a critical and unpatched vulnerability (CVE-2018-15439) that could be exploited by a remote, unauthenticated attacker to gain full control over the device. Cisco Small Business Switch SOHO devices allow […] | Hack Vulnerability | ||
|
2019-01-19 00:27:03 | DNC says Russia tried to hack its servers again in November 2018 (lien direct) | Democrats say the spear-phishing attack, which was attributed to Russian group Cozy Bear, was unsuccessful. | Hack | APT 29 | |
|
2019-01-18 19:42:04 | GUEST ESSAY: Why the hack of South Korea\'s weapons, munitions systems was so predictable (lien direct) | The disclosure that malicious intruders hacked the computer systems of the South Korean government agency that oversees weapons and munitions acquisitions for the country’s military forces is not much of a surprise. The breach of some 30 computers of South Korea’s Defense Acquisition Program Administration (DAPA), which is part of the Ministry of National Defense, […] | Hack | ||
|
2019-01-17 17:34:04 | Long-Term Hacking Campaigns Against U.S Electric Grid (lien direct) | A recent deep dive by The Wall Street Journal reconstructs the worst hack into the US power systems, revealing attacks on hundreds of small contractors. Rather than strike the utilities head on, the hackers went after hundreds of contractors and sub-contractors and worked their way up the supply chain. Industry experts have said that Russian government hackers … The ISBuzz Post: This Post Long-Term Hacking Campaigns Against U.S Electric Grid | Hack | ||
|
2019-01-16 21:00:00 | Malware Built to Hack Building Automation Systems (lien direct) | Researchers dig into vulnerabilities in popular building automation systems, devices. | Malware Hack | ||
|
2019-01-16 16:47:02 | U.S. Issues Multiple Charges For 2016 SEC Hack (lien direct) | The two were able to hack into the SEC's computer systems due to phishing attacks that stole credentials and spread malware. | Hack | ||
 |
2019-01-16 12:15:04 | Two Ukrainians Charged with Plot to Hack into SEC and Commit Fraud (lien direct) | The U.S. Department of Justice (DOJ) has charged two Ukrainians with participating in a plot to hack into computers systems at the U.S. Securities and Exchange Commission (SEC) and use the information they stole to commit fraud. On 15 January, the U.S. Attorney’s Office for the District of New Jersey announced a 16-count indictment charging […]… Read More | Hack | ||
|
2019-01-15 20:54:04 | US charges Ukrainian for SEC 2016 hack, others for insider trading (lien direct) | Hacker also participated in the notorious hack of three newswire services in 2014. | Hack | ||
|
2019-01-15 15:27:00 | A flaw in vCard processing could allow hackers to compromise a Win PC (lien direct) | A security expert discovered a zero-day flaw in the processing of VCard files that could be exploited by a remote attacker to compromise a Windows PC The security expert John Page (@hyp3rlinx), discovered a zero-day vulnerability in the processing of VCard files that could be exploited by a remote attacker, under certain conditions, to hack Windows […] | Hack Vulnerability | ||
|
2019-01-15 14:10:02 | Huge prizes up for grabs for anyone who can hack a Tesla (lien direct) |  This year, for the first time ever, a popular car will be amongst the products hackers will be trying to exploit at the Pwn2Own contest.
Read more in my article on the Hot for Security blog.
|
Hack | Tesla | |
|
2019-01-15 12:45:00 | SEC Issues Charges in \'Edgar\' Database Hack (lien direct) | One defendant is still facing charges issued in 2015 for a $30 million hacking and securities fraud scheme. | Hack | ||
|
2019-01-14 22:51:04 | A security conference will let you hack a Tesla car and earn cash prizes (lien direct) | Pwn2Own CanSecWest organizers will have a car on-site and let security researchers try their luck. | Hack | Tesla | |
|
2019-01-14 18:10:01 | Hack Allows Escape of Play-with-Docker Containers (lien direct) | Researchers created a proof-of-concept escape of Docker test environment. | Hack | ||
 |
2019-01-12 17:40:02 | Ring Security Cam Snooping, Location Tracking, and More Security News This Week (lien direct) | A German hack confession, unencrypted government sites, and more security news this week. | Hack | ||
|
2019-01-11 16:00:04 | Orphaned Accounts: Did The Quora Hack Reveal Hidden Dangers? (lien direct) | From watching funny cat videos to checking the latest news, we are all familiar with the exchange of personal data (email address information, and the like) for services. But, could we be becoming dangerously complacent? Studies reveal that 57 per cent of British consumers are concerned about how much personal data they have previously shared … The ISBuzz Post: This Post Orphaned Accounts: Did The Quora Hack Reveal Hidden Dangers? | Hack Studies | ||
|
2019-01-11 14:35:00 | SCOTUS Says Suit Over Fiat-Chrysler Hack Can Move Forward (lien direct) | A class-action suit over a 2015 attack demonstration against a Jeep Cherokee can move forward, US Supreme Court rules. | Hack | ||
 |
2019-01-10 03:00:00 | 2 critical ways regulations and frameworks weaken cybersecurity (lien direct) | I'm a big believer in regulations and frameworks. Early on I wasn't. When you're young, just starting to cybersleuth, you feel like you can take on the world. You can hack anything. You can prevent anyone from hacking you. Policies and frameworks were for the losers who couldn't secure their way out of a paper bag. | Hack | ||
|
2019-01-08 15:20:00 | 20-Year Old Student Admits to Massive Data Leak in Germany (lien direct) | Hack was not politically motivated; no sign of third-party involvement, authorities say. | Hack | ||
|
2019-01-08 09:38:00 | (Déjà vu) Hack the Box: Fighter Walkthrough (lien direct) | Today we are going to solve another CTF challenge “Fighter”. It is a retired vulnerable lab presented by Hack the Box for helping pentester's to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Intermediate Task: To find user.txt and... Continue reading → | Hack | ||
|
2019-01-08 06:14:03 | Tens of thousands of hot tubs are exposed to hack (lien direct) | Experts from security firm Pen Test Partners reported that tens of thousands of hot tubs are currently vulnerable to cyber attacks. Security experts at Pen Test Partners have discovered thousands of connected hot tubs vulnerable to remote cyber attacks. The hot tubs could be remotely controlled by an app, dubbed Balboa Water App, that lack […] | Hack | ||
|
2019-01-07 17:47:00 | More Questions as Expert Recreates Chinese Super Micro Hardware Hack (lien direct) | Though the companies named in a blockbuster Bloomberg story have denied that China hacked into Supermicro hardware that shipped to Amazon, Apple and nearly 30 other firms, a recent demonstration at hacking conference in Germany proves the plausibility of the alleged hack. The post More Questions as Expert Recreates Chinese Super Micro Hardware...Read the whole entry... _!fbztxtlnk!_ https://feeds.feedblitz.com/~/590964640/0/thesecurityledger -->» | Hack | ||
|
2019-01-06 14:33:02 | (Déjà vu) Hack the Box: Mischief Walkthrough (lien direct) | Today we are going to solve another CTF challenge “Mischief”. Mischief is a retired vulnerable lab presented by Hack the Box for helping pentester's to perform online penetration testing according to their experience; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Easy Task: To find user.txt and root.txt file... Continue reading → | Hack | ||
|
2019-01-05 14:00:00 | The \'Twinning\' Fad, the Weather Channel, and More Security News (lien direct) | A rogue PewDiePie fan, Marriott hack details, and more of the week's top security news. | Hack | ||
|
2019-01-04 18:01:03 | Marriott says less than 383 million guests impacted by breach, not 500 million (lien direct) | Marriott issues new hack numbers, downgrading original 500 million estimate. | Hack | ||
|
2019-01-04 16:04:02 | Town of Salem hack exposes details of 7.6 million gamers (lien direct) |  Just before Christmas, hackers managed to break into a database belonging to a popular online game and steal the details of over seven million players.
Read more in my article on the Hot for Security blog.
|
Hack | ||
|
2019-01-04 11:43:03 | German politicians suffer massive hack of personal details and private communications (lien direct) |  The private communications, emails, contact details, mobile phone numbers, memos, and financial information of hundreds of politicians have been published online.
|
Hack | ||
|
2019-01-04 09:45:04 | German politicians targeted in \'mass hack attack\' (lien direct) | Hundreds of MPs including Chancellor Angela Merkel are reportedly targeted in a "serious attack". | Hack | ||
|
2019-01-04 05:52:01 | Hackers Leak Personal Data from Hundreds of German Politicians On Twitter (lien direct) | Germany has been hit with the biggest hack in its history.
A group of unknown hackers has leaked highly-sensitive personal data from more than 100 German politicians, including German Chancellor Angela Merkel, Brandenburg's prime minister Dietmar Woidke, along with some German artists, journalists, and YouTube celebrities.
The leaked data that was published on a Twitter account (@_0rbit) and
|
Hack | ||
|
2019-01-03 21:37:01 | Security researcher cracks Google\'s Widevine DRM (L3 only) (lien direct) | Widevine hack is clever, but it won't spur any waves of Netflix piracy any time soon. | Hack | ||
|
2019-01-03 10:40:00 | Artificial Fingerprints (lien direct) | Artificial fingerprints have been created by researchers atNew York University and the Michigan State University that have the potential to unlock devices. Those images could be used to hack into about a third of smartphones. Expert Comments below: Ryan Wilk, VP of Customer Success at NuData Security: “At the end of the day, this will … The ISBuzz Post: This Post Artificial Fingerprints | Hack | ||
|
2019-01-02 15:49:00 | Data on 997 North Korean Defectors Targeted in Hack (lien direct) | Nearly 1,000 North Koreans who defected to South Korea had personal data compromised by an unknown attacker. | Hack | ||
|
2019-01-02 10:30:00 | 25 Years Later: Looking Back at the First Great (Cyber) Bank Heist (lien direct) | The Citibank hack in 1994 marked a turning point for banking -- and cybercrime -- as we know it. What can we learn from looking back at the past 25 years? | Hack | ||
|
2019-01-01 14:21:01 | Experts show that is easy to hack Hardware-based Cryptocurrency Wallets (lien direct) | A team of researchers demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. During the 35c3 conference held in Leipzig, Germany, the researchers Dmitry Nedospasov, Thomas Roth, ad Josh Datko demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. The group of researchers presented called “wattet.fail” firmware, […] | Hack | ||
|
2018-12-28 15:24:04 | Hijacking Online Accounts Via Hacked Voicemail Systems (lien direct) | Proof-of-concept hack of a voicemail systems shows how it can lead to account takeovers multiple online services. | Hack Guideline | ||
|
2018-12-28 13:31:03 | (Déjà vu) Hack the Box: Nightmare Walkthrough (lien direct) | Today we are going to solve another CTF challenge “Nightmare”. It is a retired vulnerable lab presented by Hack the Box for helping pentester's to perform online penetration testing according to your experience level; they have a collection of vulnerable labs as challenges, from beginners to Expert level. Level: Intermediate Task: To find user.txt and... Continue reading → | Hack |
To see everything:
Our RSS (filtrered)
