What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-02-21 17:19:04 | Cisco Patches High Severity Flaws in HyperFlex, Prime Infrastructure (lien direct) | Cisco this week released patches for more than a dozen vulnerabilities across its product portfolio, including high severity flaws in HyperFlex, Prime Infrastructure, and Prime Collaboration Assurance. | |||
|
2019-02-21 16:53:05 | Adobe Releases Second Patch for Data Leakage Flaw in Reader (lien direct) | Adobe on Thursday released a second fix for the Reader vulnerability tracked as CVE 2019-7089 after the researcher who discovered the flaw managed to bypass the first patch. The security hole, identified by Alex Inführ from Cure53, allows a specially crafted PDF document to send SMB requests to the attacker's server when the file is opened. | Vulnerability | ||
|
2019-02-21 16:02:04 | Windows Servers Vulnerable to DoS Attacks, Microsoft Warns (lien direct) | Microsoft informed users on Wednesday that Windows servers running Internet Information Services (IIS) are vulnerable to denial-of-service (DoS) attacks that rely on malicious HTTP/2 requests. | |||
|
2019-02-21 15:18:03 | Roger Stone Allegedly Communicated With Mysterious Hacker Guccifer 2.0 (lien direct) | Latest Developments in Mueller and Russian Electoral Meddling | |||
|
2019-02-21 13:47:04 | WinRAR Vulnerability Exposes Millions of Users to Attacks (lien direct) | WinRAR, the popular data compression tool utilized by over 500 million users worldwide, is affected by a serious vulnerability that can allow arbitrary code execution through specially crafted ACE archives. | Tool Vulnerability | ||
|
2019-02-21 06:26:00 | Critical Drupal Vulnerability Allows Remote Code Execution (lien direct) | Security updates released on Wednesday for the Drupal content management system (CMS) patch a “highly critical” vulnerability that can be exploited for remote code execution. | Vulnerability | ||
|
2019-02-20 21:42:01 | Canada Helping Australia Determine \'Full Extent\' of Hack (lien direct) | Canada's electronic eavesdropping agency said Wednesday it is working with Canberra to try to determine the scale of computer hacking on Australia's parliament and political parties just months from an election. | Hack | ★★★★★ | |
|
2019-02-20 20:54:03 | WinPot ATM Malware Resembles a Slot Machine (lien direct) | A piece of malware targeting automated teller machines (ATMs) has an interface that looks like a slot machine, Kaspersky Lab reports. Dubbed WinPot, the malware was initially detected in March last year, targeting the ATMs of a popular vendor to make the devices automatically dispense all cash from their most valuable cassettes. | Malware | ||
|
2019-02-20 20:50:01 | Firms Moving Sensitive Data to Cloud, But Security Still a Problem: Oracle (lien direct) | Companies are increasingly moving sensitive data to the cloud, but cybersecurity, including the human factor and technology, is still a problem for many, according to a new report published on Wednesday by Oracle and KPMG. | |||
|
2019-02-20 19:25:01 | New GandCrab Ransomware Decryptor Released (lien direct) | The cat-and-mouse game between BitDefender and the GandCrab ransomware developers continues. On Tuesday (Feb. 19) BitDefender released a new version of its GandCrab decryptor able to decrypt versions of GandCrab 1, 4 and 5 up to the latest version 5.1. The decryptor is available from BitDefender and from the NoMoreRansom project. | Ransomware | ★★ | |
|
2019-02-20 19:05:03 | Blockchain Security Startup CipherTrace Emerges With $15M in Funding (lien direct) | Blockchain security company CipherTrace has fully emerged on Tuesday with $15 million in venture capital financing from Silicon Valley and New York venture capital firms. | ★★★ | ||
|
2019-02-20 18:29:01 | Online ATM-style Scam Puts Shoppers at Risk: Symantec (lien direct) | Online shoppers are at a growing risk from a scam which allows hackers to skim their payment details, cyber security firm Symantec warned on Wednesday. | ★★ | ||
|
2019-02-20 18:19:00 | As US Pushes to Ban Huawei, UK Considers Softer Approach (lien direct) | Britain can handle the security risks involved with using mobile networks made by China's Huawei, the cybersecurity chief said Wednesday, adding to a growing debate among countries on whether the company should be banned, as the U.S. wants. | ★★★★★ | ||
|
2019-02-20 15:05:01 | Armorblox Emerges From Stealth With Natural Language Understanding Platform (lien direct) | Armorblox emerged from stealth mode on Wednesday with a platform that uses natural language understanding (NLU) to detect cyber threats hidden in emails and documents. The company also announced a $16.5 million Series A funding round. | ★★★ | ||
|
2019-02-20 14:41:05 | Microsoft Says Russian Hackers Targeted Democratic Institutions in Europe (lien direct) | Microsoft says it has observed a group widely associated with the Russian government launching numerous cyberattacks on democratic institutions in Europe between September and December 2018. | ★★★★★ | ||
|
2019-02-20 14:31:05 | Cyber and Physical Convergence Opens Doors for Attackers: Report (lien direct) | 2018 saw the convergence of three separate threat trends -- two that have evolved over the last few years, and one that came to the fore during 2018. These are the merging of IoT botnets, destructive malware and cryptojacking. | Malware Threat | ★★★★★ | |
|
2019-02-20 13:59:02 | Got Critical Infrastructure? Then You Should Know How To Protect It (lien direct) | Both IT and OT Teams Should be Able to Quickly Access and Analyze all Data Relevant to Their Needs | ★★★★★ | ||
|
2019-02-20 13:36:04 | Rockwell Automation to Patch Publicly Disclosed Power Monitor Flaws (lien direct) | Rockwell Automation is working on patches for two vulnerabilities affecting its Allen-Bradley PowerMonitor 1000 products. Details of the flaws have been public since November 2018. | |||
|
2019-02-20 10:37:00 | Supply Chain Attacks Nearly Doubled in 2018: Symantec (lien direct) | The number of supply chain attacks observed last year was 78% higher compared to the previous year, a new Symantec report reveals. | |||
|
2019-02-20 02:55:03 | Potential Privacy Lapse Found in Americans\' 2010 Census Data (lien direct) | An internal team at the Census Bureau found that basic personal information collected from more than 100 million Americans during the 2010 head count could be reconstructed from obscured data, but with lots of mistakes, a top agency official disclosed Saturday. | |||
|
2019-02-19 20:07:05 | Breach at PoS Firm Hits Hundreds of U.S. Restaurants, Hotels (lien direct) | Point-of-sale (PoS) solutions provider North Country Business Products, whose products are used at over 6,500 locations across the United States, recently disclosed a data breach that resulted in the exposure of payment card data. | Data Breach | ||
|
2019-02-19 18:52:01 | 18,000 Android Apps Violate Google\'s Ad ID Policies: Analysis (lien direct) | Mobile privacy reasearch group AppCensus has discovered 18,000 Android applications that violate Google Play's advertising identifier (ad ID) policies and users' privacy. | ★★★ | ||
|
2019-02-19 18:52:00 | GitHub Increases Bug Bounty Program Rewards, Expands Scope (lien direct) | After paying out $250,000 in bug bounties in 2018, GitHub has decided to increase rewards and expand the scope of its bug bounty program. | |||
|
2019-02-19 18:25:04 | New Multi-Stage Malware Updated Daily (lien direct) | A recently detected multi-stage malware has been updated daily since the beginning of the year, Avast security researchers reveal. | Malware | ||
|
2019-02-19 18:00:02 | Palo Alto Networks to Acquire Security Automation Firm Demisto for $560 Million (lien direct) | Network security giant Palo Alto Networks (NYSE: PANW) said on Tuesday that it has agreed to acquire Demisto, a Security Orchestration, Automation and Response (SOAR) firm, in a deal valued at $560 million. The final price is subject to adjustment, and will be paid through a combination of cash and PANW stock. | |||
|
2019-02-19 16:16:04 | Micro Focus Acquires Cyber-Threat Protection Firm Interset (lien direct) | Software and information technology provider Micro Focus is expanding its cybersecurity portfolio with the acquisition of cyber-threat protection company Interset. | |||
|
2019-02-19 15:53:03 | North Korea\'s Lazarus Hackers Found Targeting Russian Entities (lien direct) | It has long been thought that Russia is a no-go area for North Korean hacking group Lazarus. Russia is one of North Korea's few friends, along with China. | APT 38 | ||
|
2019-02-19 15:28:05 | Russian State-Sponsored Hackers Are Fastest: CrowdStrike (lien direct) | It takes Russian state-sponsored hackers less than 20 minutes to start moving laterally within a targeted organization's network after the initial breach, according to CrowdStrike's 2019 Global Threat Report. | Threat | ||
|
2019-02-19 13:39:00 | Fintech Security Firm nsKnox Raises $15 Million (lien direct) | Fintech security firm nsKnox on Tuesday announced that it raised $15 million in a Series A funding round. The round was led by Microsoft's M12 venture fund and Viola Ventures, with participation from Discount Capital and previous seed investors. The company plans on using the money to expand its global customer base and improve its product. | |||
|
2019-02-19 06:27:05 | Offensive Security Releases Kali Linux 2019.1 (lien direct) | Offensive Security on Monday announced the immediate availability of Kali Linux 2019.1, the latest version of the Debian-based operating system designed specifically for penetration testing and forensics. | |||
|
2019-02-18 19:18:03 | \'Digital Gangsters\': UK Wants Tougher Rules for Facebook (lien direct) | British lawmakers issued a scathing report Monday that calls for tougher rules to keep Facebook and other tech firms from acting like "digital gangsters" and intentionally violating data privacy and competition laws. | |||
|
2019-02-18 18:24:02 | Privilege Escalation Vulnerability Found in LG Device Manager (lien direct) | A privilege escalation vulnerability that allows attackers to elevate permissions to SYSTEM has been found in the LG Device Manager application provided by the tech giant for its laptops. | Vulnerability | ||
|
2019-02-18 16:28:04 | British Intelligence Says Huawei Risk Manageable: FT (lien direct) | British intelligence has concluded that security risks posed by using equipment made by Chinese telecom giant Huawei can be managed, the Financial Times reported on Monday. The National Cyber Security Centre (NCSC) sees ways of limiting risks from using Huawei in future 5G networks, according to two unnamed sources cited by the FT. | |||
|
2019-02-18 13:28:04 | Wendy\'s Reaches $50 Million Settlement With Banks Over Data Breach (lien direct) | US fast food restaurant chain Wendy's announced recently that it has reached a settlement with the thousands of financial institutions impacted by the data breach suffered by the company in 2015 and 2016. | Data Breach | ||
|
2019-02-18 12:27:03 | Exploit Code Published for Recent Container Escape Vulnerability (lien direct) | Proof-of-concept (PoC) code is now publicly available for a recently disclosed container escape vulnerability impacting popular cloud platforms, including AWS, Google Cloud, and numerous Linux distributions. | Vulnerability | ||
|
2019-02-18 12:03:03 | Digital Transformation Presents Both Reward and Risk (lien direct) | Digital technologies have fundamentally changed the way organizations do business. Mobile access, advanced analytics and cloud have increased both operational agility and revenue growth through data availability, workforce enablement, and improved customer experiences. As a result, organizations are projected to spend $1.97 trillion on digital technologies and services by 2022, according to IDC. | |||
|
2019-02-18 10:35:00 | Storage Maker QNAP Warns of Malware Targeting Its NAS Devices (lien direct) | Network-attached Storage (NAS) device maker QNAP has published a security advisory to alert of malware targeting its NAS devices. | Malware | ||
|
2019-02-18 09:28:04 | Legislation Would Stiffen Penalties for Ransomware Attacks (lien direct) | Using ransomware to hold computers hostage would draw stiffer penalties under legislation - prompted in part by attacks on Maryland hospitals over the past few years - state lawmakers are considering. | Ransomware | ★★★★ | |
|
2019-02-18 06:27:01 | US Facebook Fine Over Privacy Could Be in Billions: Reports (lien direct) | A US investigation into privacy violations by Facebook could result in a record fine running to billions of dollars, media reports said Friday. | |||
|
2019-02-18 03:48:05 | Australia Says \'State Actor\' Hacked Parties, Parliament (lien direct) | Australia on Monday said a "sophisticated state actor" had hacked the country's main political parties and parliament, just weeks before a closely fought election. | |||
|
2019-02-15 16:30:05 | Cryptojacking Applications Land in Microsoft Store (lien direct) | Eight applications designed to mine for crypto-currency without users' knowledge made their way into the Microsoft Store, Symantec has discovered. | |||
|
2019-02-15 15:16:02 | US Says Ex-intel Official Defected to Iran, Revealed Secrets (lien direct) | A former U.S. Air Force counterintelligence specialist who defected to Iran despite warnings from the FBI has been charged with revealing classified information to the Tehran government, including the code name and secret mission of a Pentagon program, prosecutors said. | |||
|
2019-02-15 15:11:02 | DHS Cyber Leader Says 2020 Security Preparations Underway (lien direct) | The director of Homeland Security's cybersecurity agency says officials are working to secure the 2020 presidential election. Christopher Krebs says he's trying to shift focus from what happened in 2016 with Russian interference to what could happen next. He's trying to get election security officials to think ahead and prepare for possibilities. | |||
|
2019-02-15 14:54:05 | CSRF Vulnerability in Facebook Earns Researcher $25,000 (lien direct) | 
|
Vulnerability | ||
|
2019-02-15 08:41:04 | Mozilla, Others Want Big Retailers to Pledge Minimum IoT Security (lien direct) | Eleven organizations are asking major retailers in the United States to stop selling Internet-connected devices that don't meet minimum security and privacy requirements. | |||
|
2019-02-15 06:17:03 | Facebook Taps User Data to Defend Workers From Threats (lien direct) | Facebook gathers intelligence from its platform to identify people who threaten the firm or its workers, the social network said Thursday in response to media reports of the security tactic. | |||
|
2019-02-14 18:58:04 | Hackers Target WordPress Sites via WP Cost Estimation Plugin (lien direct) | Malicious actors have been hacking WordPress websites by exploiting vulnerabilities in a fairly popular plugin called WP Cost Estimation & Payment Forms Builder. | |||
|
2019-02-14 18:09:03 | New Variant of Shlayer macOS Malware Discovered (lien direct) | Carbon Black's security researchers recently discovered a new variant of the Shlayer malware that targets macOS versions ranging from 10.10.5 to 10.14.3. | Malware | ||
|
2019-02-14 17:15:05 | Germany to Let NATO Use its Cyber Skills (lien direct) | Germany is to join the ranks of NATO countries making its cyber warfare skills available to the alliance to help fight hacking and electronic warfare, officials said on Thursday. | |||
|
2019-02-14 16:09:02 | Google Paid Out $3.4 Million for Vulnerabilities Reported in 2018 (lien direct) | Google revealed recently that it paid out a total of $3.4 million for flaws reported in 2018 by researchers through its Vulnerability Reward Program (VRP). The $3.4 million was awarded for 1,319 reports submitted by 317 researchers from 78 countries. The largest single reward was $41,000 and $181,000 were donated to charity, the company said. | Vulnerability |
To see everything:
Our RSS (filtrered)
