What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-09-24 18:32:14 | Adobe Patches Critical Command Injection, Path Traversal Flaws in ColdFusion (lien direct) | Updates released by Adobe on Tuesday for its ColdFusion web application development platform address three vulnerabilities, including two that have been classified “critical.” | |||
|
2019-09-24 15:42:37 | Russian Pleads Guilty to Hacking U.S. Financial Firms (lien direct) | A Russian man this week pleaded guilty in a Manhattan federal court to the hacking of various financial institutions in the United States, including JPMorgan Chase and Dow Jones. | Guideline | ||
|
2019-09-24 14:19:40 | Additional U.S. Utilities Targeted With LookBack Malware (lien direct) | Proofpoint security researchers have observed a new series of phishing attacks targeting entities in the United States utilities sector in an attempt to deliver the LookBack remote access Trojan (RAT). | Malware | ||
|
2019-09-24 13:20:33 | Source Code Security Firm Cycode Launches With $4.6 Million in Funding (lien direct) | Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding. | |||
|
2019-09-24 13:03:50 | Cyber Insurance Firm Cowbell Emerges From Stealth With $3.3 Million Seed Funding (lien direct) | Pleasanton, California-based cyber insurance firm Cowbell Cyber has emerged from stealth, announcing its Cowbell Factor product with $3.3 million seed funding from leading insurance, cybersecurity and artificial intelligence venture funds, including ManchesterStory Group, Holmes Murphy & Associates, Tri-Valley Ventures and the Global Insurance Accelerator. | Guideline | ||
|
2019-09-24 11:54:21 | Lion Air Data Leak Came From Contractor\'s Ex-Staff, Airline Says (lien direct) | A massive data breach at Indonesian airline Lion Air that affected millions of customers stolen was the fault of staff at a contractor, the airline's Malaysia subsidiary said Monday. | |||
|
2019-09-24 11:50:14 | Google Wins EU Fight Against Worldwide \'Right to be Forgotten\' (lien direct) | Google is not required to apply an EU "right to be forgotten" to its search engine domains outside Europe, the EU's top court ruled Tuesday in a landmark decision. | |||
|
2019-09-24 07:07:23 | Microsoft Patches Internet Explorer Vulnerability Exploited in Attacks (lien direct) | Microsoft on Monday released patches for two vulnerabilities, including an Internet Explorer zero-day and a denial-of-service (DoS) flaw affecting Microsoft Defender. | Vulnerability | ||
|
2019-09-23 18:32:55 | Critical Vulnerability Addressed in Jira Service Desk (lien direct) | Atlassian has released a security update for Jira Service Desk and Jira Service Desk Data Center to address a critical vulnerability resulting in information disclosure. | Vulnerability | ||
|
2019-09-23 18:19:46 | Microsoft to Provide Free Security Updates for Voting Systems Running Windows 7 (lien direct) | Microsoft will continue to provide some Windows 7 machines with security updates beyond the January 2020 end-of-support date, and voting systems are among them, the company has announced. | |||
|
2019-09-23 15:42:17 | 0patch Promises Support for Windows 7 Beyond January 2020 (lien direct) | Windows 7 and Windows Server 2008 will officially reach end-of-support on January 14, 2020, but they will continue to receive security patches past that date, unofficially. | ★★★★★ | ||
|
2019-09-23 15:28:11 | Being CISO Is No Longer a Dead-End Job (lien direct) | A decade ago, being named as CISO was considered the highest rung achievable from within the security function. This is changing, driven by increasing cyber awareness in the boardroom, the embedding of cyber risk in every part of the business through digitization and industry 4.0, and increasingly intrusive cyber regulations. | |||
|
2019-09-23 13:48:26 | Use Case-Centric Threat Intelligence Requires a Considered Approach (lien direct) | One of the most promising developments I've seen in threat intelligence over the last year or so is a greater emphasis on use cases. | Threat | ||
|
2019-09-23 12:57:41 | Wyoming Hospital\'s Services Disrupted by Ransomware (lien direct) | Gillette, Wyoming-based Campbell County Memorial Hospital continues to experience service disruptions after a ransomware attack hit Campbell County Health's computer systems on Friday. | Ransomware | ||
|
2019-09-23 12:32:31 | Flaw Gives Hackers Remote Access to Files Stored on D-Link DNS-320 Devices (lien direct) | D-Link DNS-320 ShareCenter network-attached storage (NAS) devices are affected by a critical vulnerability that can be exploited remotely to take complete control of a device and access the files stored on it. | Vulnerability | ||
|
2019-09-23 10:23:20 | Digital Threats Multiply Ahead of 2020 US Elections (lien direct) | It could be a manipulated video embarrassing a candidate. Or a computer voting system locked by ransomware. Or doubts about electronic voting machines with no paper backups. | |||
|
2019-09-23 08:58:00 | Google Awards $40,000 for Chrome Sandbox Escape Vulnerabilities (lien direct) | Google has paid out a total of $40,000 for a couple of vulnerabilities that can be exploited to escape Chrome's sandbox. | |||
|
2019-09-23 07:32:10 | Mac Malware Poses as Trading App (lien direct) | A Mac Trojan focused on stealing users' information was found masquerading as a legitimate trading application, Trend Micro's security researchers report. | Malware | ||
|
2019-09-23 07:04:27 | Alleged Hacker Faces 154 Charges in Football Leaks Case (lien direct) | Portuguese prosecutors are bringing 154 charges against an alleged local hacker they believe is linked to the publication of internal documents that embarrassed top European clubs and soccer officials in the Football Leaks case. | |||
|
2019-09-21 14:18:32 | Payouts From Insurance Policies May Fuel Ransomware Attacks (lien direct) | Experts Worry That Cyber Insurance Policies Designed to Limit Damage of Ransomware Attacks Might Actually be Encouraging Hackers | Ransomware | ||
|
2019-09-21 11:55:47 | Iran Denies Successful Cyber Attacks on Oil Sector (lien direct) | Iran denied on Saturday its oil infrastructure had been successfully attacked by a cyber operation, after reports of disruptions to the sector online. | |||
|
2019-09-20 19:13:43 | Facebook Suspends \'Tens of Thousands\' of Apps in Privacy Review (lien direct) | Facebook said Friday it suspended "tens of thousands" of apps on its platform as a result of its review on privacy practices launched following the scandal involving Cambridge Analytica. | |||
|
2019-09-20 18:34:54 | Eight U.S. Cities Impacted in New Series of Click2Gov Breaches (lien direct) | More than 20,000 records from eight cities across the United States have been compromised in a new wave of Click2Gov breaches, Gemini Advisory reports. Developed by Superion (now CentralSquare Technologies), Click2Gov provides cities with a self-service bill-pay portal for utilities, community development, and parking tickets. | |||
|
2019-09-20 15:43:55 | 200,000 Sign Petition Against Equifax Data Breach Settlement (lien direct) | 200,000 Sign Petition to "Force Equifax to Pay for Their Greed" | Data Breach | Equifax | |
|
2019-09-20 15:12:53 | Indonesia, Malaysia Probe Lion Air Customer Data Leak (lien direct) | Authorities are probing a customer data leak at Lion Air, Indonesia's communications ministry said Friday, in a breach that reportedly affected millions of the carrier's customers. Two of the airline's subsidiaries, Malaysia-based Malindo Air and Thai Lion Air, acknowledged passenger data may have been stolen from remote servers operated by Amazon. | |||
|
2019-09-20 15:05:42 | Twitter Closes Thousands of Fake News Accounts Worldwide (lien direct) | Twitter said Friday it has closed down thousands of accounts across the world for spreading fake news as well as pro-government propaganda, including in places like the United Arab Emirates, China and Spain. | |||
|
2019-09-20 14:56:50 | Vulnerability Patched in Forcepoint VPN Client for Windows (lien direct) | Researchers at breach and attack simulation firm SafeBreach discovered that the Forcepoint VPN Client for Windows is affected by a vulnerability that can be exploited to escalate privileges and for other purposes. | Vulnerability | ||
|
2019-09-20 13:22:16 | France Has \'Not Changed Mind\' on Rejecting Snowden Asylum (lien direct) | France has not changed its mind on rejecting any asylum request from US surveillance whistleblower Edward Snowden, its foreign minister said Thursday, after the former CIA employee said he would like sanctuary in the country. | |||
|
2019-09-20 13:16:16 | Two Indicted in $10 Million Tech Support Fraud Scheme (lien direct) | The United States Department of Justice this week announced the arrest of two individuals charged for participating in a long-term tech support fraud scheme. | |||
|
2019-09-20 12:35:43 | VMware Patches Six Vulnerabilities in Various Products (lien direct) | VMware this week patched code execution, command injection, information disclosure and denial-of-service (DoS) vulnerabilities in its ESXi, vCenter Server, Workstation, Fusion, VMRC and Horizon Client products. | |||
|
2019-09-20 07:24:34 | HP Acquires Endpoint Security Company Bromium (lien direct) | HP on Thursday announced the acquisition of California-based endpoint security solutions provider Bromium. Financial terms of the deal have not been disclosed. | |||
|
2019-09-20 04:38:45 | Key Senate Panel Approves $250 Million for Election Security (lien direct) | A key Senate panel on Thursday approved $250 million to help states beef up their election systems, freeing up the money after Senate Majority Leader Mitch McConnell came under criticism from Democrats for impeding separate election security legislation. | Guideline | ||
|
2019-09-19 19:49:54 | Don\'t Take the Bait: A Look at the Latest Phishing Trends (lien direct) | Since the start of September 2019 we've seen some major attacks, including a Facebook data leak which exposed more than 400 million telephone numbers and an Android software vulnerability which revealed devices were susceptible to SMS-based attacks that could change device settings remotely. | |||
|
2019-09-19 17:49:16 | Phishing Emails Deliver Amadey Malware to U.S. Taxpayers (lien direct) | A recently observed phishing campaign is targeting taxpayers in the United States in an attempt to infect their machines with a piece of malware named Amadey, Cofense security researchers have discovered. | Malware | ||
|
2019-09-19 17:33:35 | MITRE Publishes New List of Most Dangerous Software Weaknesses (lien direct) | The MITRE Corporation this week published an updated list of the most dangerous software weaknesses and vulnerabilities. Known as the Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors (CWE Top 25), the new list has been created based on real-world vulnerabilities found in the NVD (National Vulnerability Database). | Vulnerability | ||
|
2019-09-19 16:09:45 | Dataswift Raises $2 Million in Seed Funding to Revolutionize Personal Data Sharing (lien direct) | Dataswift, a Cambridge, UK-based company founded by Professor Irene Ng in 2015, has raised nearly $2 million (£1.6 million pounds) in seed funding from IQ Capital, with participation from Pacific & Orient Properties Ltd and Alphanumeric Corporation. Dataswift sells web services technology to apps and websites who want their users to have HAT personal data accounts. | |||
|
2019-09-19 14:50:48 | Kaspersky Unveils ICS Vulnerabilities Database (lien direct) | Kaspersky on Thursday announced the ICS Vulnerabilities Database, a new service designed to help industrial organizations keep track of relevant security flaws and protect their networks against potential threats. | |||
|
2019-09-19 13:53:22 | The Global Reach of GDPR (lien direct) | It isn't that no one saw it coming. After all, today's regimen of European Union General Data Protection Regulations had been crafted under public scrutiny since 2012 and in full force since May 2018. But its implementation left a degree of uncertainty, particularly among multinationals. | |||
|
2019-09-19 13:26:25 | Critical Vulnerability Exposes Harbor Registries to Attacks (lien direct) | Harbor registries with default settings are impacted by a vulnerability that allows any user to elevate privileges to administrator, Palo Alto Networks reports. | Vulnerability | ||
|
2019-09-19 12:37:50 | Magecart Hackers Target Mobile Users of Hotel Websites (lien direct) | A Magecart threat actor has compromised the websites of two hotel chains to inject scripts targeting Android and iOS users, Trend Micro's security researchers warn. | Threat | ||
|
2019-09-19 12:08:50 | Microsoft Rushes to Fix Bug That Broke Windows Defender Scans (lien direct) | Microsoft has rushed to fix a bug that prevented users from running a quick scan or a full system scan with Windows Defender. Many users reported this week that after they installed the latest update for Windows Defender the security application would only scan a small number of files - reports say between 4 and 64 files. | |||
|
2019-09-19 10:10:33 | Ping Identity IPO Shares Priced at $15 (lien direct) | Denver-based identity management solutions provider Ping Identity on Thursday announced that it's offering 12,500,000 shares of its common stock at $15 per share, which means the company hopes to raise at least $187 million in its initial public offering (IPO). | |||
|
2019-09-19 06:38:56 | Smominru Botnet Infects Thousands of Hosts Daily (lien direct) | The Smominru botnet continues to spread at a fast pace, infecting around 4,700 new hosts daily during the month of August, Guardicore Labs reports. | |||
|
2019-09-19 04:42:48 | Zuckerberg Sets Talks in Washington on \'Future Regulation\' (lien direct) | Facebook chief executive Mark Zuckerberg was expected in Washington Thursday for private talks with policymakers as the leading social network faces a myriad of regulatory and legal issues. Zuckerberg's visit comes five months after his stormy appearance before Congress, where he was grilled on Facebook's data protection and privacy missteps. | Guideline | ||
|
2019-09-18 18:51:08 | Acronis Worth Over $1 Billion After Raising $147 Million (lien direct) | Acronis on Wednesday announced that it raised $147 million. With this funding round, led by Goldman Sachs, Acronis becomes a unicorn company with a valuation exceeding $1 billion. | |||
|
2019-09-18 18:14:34 | GitHub Becomes CVE Numbering Authority, Acquires Semmle (lien direct) | Microsoft-owned GitHub announced on Wednesday that it has acquired code analysis platform provider Semmle and the company is now a Common Vulnerabilities and Exposures (CVE) Numbering Authority. | |||
|
2019-09-18 15:39:41 | 300 More Chinese Arrested in Philippines Crackdown (lien direct) | Philippines immigration agents, backed by troops, have arrested more than 300 Chinese for alleged cyber crimes, a week after a similar number were detained during a raid linked to investment fraud. The Bureau of Immigration late Tuesday said 324 Chinese nationals were arrested in Puerto Princesa City on Palawan island during Monday's operation. | |||
|
2019-09-18 15:30:10 | Emotet Returns, Spreads via Hijacked Email Conversations (lien direct) | Following a 4-month vacation, Emotet's operators are back at it, borrowing a recently introduced spear-phishing technique to deliver their malware: hijacking legitimate email conversations. | |||
|
2019-09-18 13:58:58 | U.S. Could Launch Cyberattack on Iran in Response to Saudi Oil Attack (lien direct) | 
|
|||
|
2019-09-18 13:44:51 | Top 10 Tactical Recommendations for SMB Cybersecurity (lien direct) | In my previous column I introduced the concept of “Think 360, Demand 360” as it applies to data protection, privacy, and cyber security. |
To see everything:
Our RSS (filtrered)
