What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-03-14 11:01:01 | Australian man arrested after selling account details for Netflix, Hulu and Spotify. (lien direct) | A Sydney man has been arrested after allegedly selling hundreds of thousands of compromised account details for subscription streaming services, including for Netflix, Hulu and music streaming service Spotify – raking in about $212,000 ($300,000 AUD) in profit in the process. The Australian Federal Police (AFP) were tipped off to the 21-year-old malefactor's alleged activities […] | |||
|
2019-03-14 10:57:04 | Facebook says its outage was not caused by DDoS attack. (lien direct) | A slew of Facebook-owned sites are experiencing a worldwide outage, leaving thousands of users unable to connect to social media for several hours. Facebook, Messenger, and Instagram have all been having issues since around noon (ET), in some cases resulting in a 'total blackout.' The three apps crashed primarily in major urban areas across the United States and […] | |||
|
2019-03-13 12:06:01 | March edition of Microsoft Patch Tuesday lists fixes for 64 vulnerabilities. (lien direct) | The March edition of Patch Tuesday includes fixes for 64 CVE-listed vulnerabilities, while Adobe addressed a pair of bugs in Photoshop and Digital Editions. Even SAP has got in on the game. DHCP flaws headline Patch Tuesday priorities. Of the 64 bugs squashed in Redmond’s March update, researchers are pointing to five particular bugs as […] | |||
|
2019-03-13 12:05:00 | New variant of Ursnif banking Trojan discovered by Cybereason. (lien direct) | A new variant of an infamous banking Trojan malware with a history going back over ten years has emerged with new tactics to ensure it’s harder to detect. The malware aims to hunt out financial information, usernames, passwords and other sensitive data. The Ursnif banking Trojan is one of the most popular forms of information-stealing malwaretargeting […] | Malware | ||
|
2019-03-13 12:04:00 | Phishing scams impact students of Central Michigan University. (lien direct) | Many students of the Central Michigan University were hacked after they opened emails having the bright blue button which says “click here to read message”, and then inevitably clicks them. The emails look like being sent by somebody already known to the student, as the subject line was already exchanged previously with that person. “One […] | |||
|
2019-03-13 11:58:00 | Flaw found in Swiss electronic voting systems. (lien direct) | The Swiss Federal Chancellery (SFC) on Tuesday said security researchers have found an fascinating flaw in the Swiss Post’s e-voting system as part of an ongoing penetration test. Said flaw, if successfully exploited by miscreants, would prevent officials from detecting unauthorized changes to citizens’ electronically-cast votes. Swiss authorities released the source code of their computer-based voting system and began […] | |||
|
2019-03-13 11:52:04 | (Déjà vu) New strain of ransomware spreads using NSA\'s EternalBlue exploit. (lien direct) | A new Ransomware-as-a-Service called Yatron is being promoted on Twitter that plans on using the EternalBlue and DoublePulsar exploits to spread to other computer on a network. This ransomware will also attempt to delete encrypted files if a payment has not been made in 72 hours. BleepingComputer was first notified about the Yatron RaaS by a […] | Ransomware | ||
|
2019-03-12 11:49:04 | Over half a million people in Michigan affected by healthcare data breach. (lien direct) | The state now says more than 600,000 people might have been affected by a health care data breach. Michigan Attorney General Dana Nessel says the breach involving Wolverine Solutions Group impacted customers with several health systems. Those include Blue Cross Blue Shield of Michigan, McLaren Health Care and others. Wolverine Solutions Group says the ransomware got […] | Ransomware | ||
|
2019-03-12 11:47:02 | Ransomware on the rise, according to Forrester. (lien direct) | Ransomware may be poised to return as a top scourge for companies, as more and more of them pay up after an attack in an effort to minimize the cost of recovery. That's just one insight gleaned from an interview at RSA Conference 2019 last week with Josh Zelonis, senior analyst at Forrester Research. Threatpost […] | Ransomware | ||
|
2019-03-12 11:44:02 | President Trump proposing $9.6 billion in 2020 budget for cybersecurity. (lien direct) | President Donald Trump has revealed his proposed budget for the 2020 fiscal year, which “supports the creation” of Space Force (USSF) as the sixth branch of the armed forces. The White House also hopes to bolster cybersecurity and NASA exploration missions. The administration wants to increase Department of Defense spending by five percent to $718 billion. It’s earmarking more than $9.6 billion to […] | |||
|
2019-03-12 11:43:01 | (Déjà vu) Slack being used by cybercriminals to hide malware. (lien direct) | A group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack. While abusing legitimate services for malware command-and-control purposes is not a new development, this is the first time researchers have seen Slack, a popular enterprise collaboration tool, being used in this way. The backdoor was detected by […] | Malware | ||
|
2019-03-12 11:40:03 | Misconfigured Box accounts lead to sensitive data leak. (lien direct) | Security researchers have found dozens of companies inadvertently leaking sensitive corporate and customer data because staff are sharing public links to files in their Box enterprise storage accounts that can easily be discovered. The discoveries were made by Adversis, a cybersecurity firm, which found major tech companies and corporate giants had left data inadvertently exposed. Although data […] | |||
|
2019-03-11 14:54:03 | Things To Know Before Developing Intelligence Requirements. (lien direct) | Written by Mike Mimoso, Editorial Director, Flashpoint To state the obvious, proper intelligence requirements must be in place before data collection, analysis, and consumption of intel can happen. These requirements are critical because they enable an organisation to choose and prioritise its intelligence goals, determine what information it needs to collect and from what sources […] | |||
|
2019-03-11 14:48:05 | Security teams woefully understaffed. (lien direct) | As emerging technology and threat landscapes experience rapid transformation, the skillsets need to change as well. 80 percent of 336 IT security professionals Dimensional Research polled on behalf of Tripwire believe it's becoming more difficult to find skilled cybersecurity professionals, and nearly all respondents (93 percent) say the skills required to be a great security […] | Threat | ||
|
2019-03-11 14:47:02 | Zero-day discovered in Chrome and Windows 7. (lien direct) | Earlier this week Google released an update for the Chrome web browser that it urged users to ensure was implemented immediately. That was because the Threat Analysis Group at Google had uncovered a critical zero-day vulnerability that was already being exploited in the wild. Now a Google security engineer, Clement Lecigne, has warned that another zero-day vulnerability […] | Vulnerability Threat | ||
|
2019-03-11 14:46:05 | Phishing attacks attacking healthcare organisations. (lien direct) | Many healthcare organizations remain vulnerable to phishing attacks, a new study finds. When researchers sent simulated phishing emails, nearly one in seven of the messages were clicked by employees of healthcare systems, according to the report published in JAMA Network Open. “Cybersecurity is a really important issue for hospitals and healthcare organizations and it's only […] | |||
|
2019-03-11 14:46:01 | Software company disclose data breach. (lien direct) | American software company Citrix disclosed a security breach during which hackers accessed the company’s internal network. In a short statement posted on its blog, Citrix Chief Security Information Officer Stan Black said Citrix found out about the hack from the FBI earlier this week. “On March 6, 2019, the FBI contacted Citrix to advise they had reason […] | Hack | ||
|
2019-03-11 14:45:05 | Mass protest against cyber-security bill in Russia. (lien direct) | Thousands of people in Russia have protested against plans to introduce tighter restrictions on the internet. A mass rally in Moscow and similar demonstrations in two other cities were called after parliament backed the controversial bill last month. The government says the bill, which allows it to isolate Russia’s internet service from the rest of […] | |||
|
2019-03-11 12:20:02 | Zscaler Releases Semi-Annual Cloud Security Insights Report. (lien direct) | Zscaler, Inc., the leader in cloud security, announced today the release of its semi-annual 2019 Cloud Security Insights Threat Report – An Analysis of SSL/TLS-based Threats, which examines encrypted traffic across the Zscaler™ cloud from July through December 2018. The report, compiled by the ZscalerTM ThreatLabZ research team, delves into a variety of attacks executed […] | Threat Guideline | ||
|
2019-03-11 12:19:05 | Malware And Malicious Insiders Accounted For One-Third Of All Cybercrime Costs Last Year, According To Report From Accenture And Ponemon Institute. (lien direct) | The cost to companies from malware and “malicious insider”-related cyberattacks jumped 12 percent in 2018 and accounted for one-third of all cyberattack costs, according to new research published today by Accenture (NYSE: ACN) and the Ponemon Institute. Based on interviews with more than 2,600 security and information technology (IT) professionals at 355 organisations worldwide, Accenture's […] | Malware | ||
|
2019-03-08 15:31:00 | International Women\'s Day: Tales From The Cybersecurity Frontline. (lien direct) | A gender balanced working world is both a women's and business issue. This International Women's Day the #BalanceforBetter campaign should strike a chord with security professionals worldwide. It is currently estimated that women make up only a fifth of global IT security professionals, despite the well documented and growing cyber skills shortage, which is expected […] | ★★★★★ | ||
|
2019-03-08 15:29:02 | IoT devices using CoAP increasingly used in DDoS attacks. (lien direct) | IoT devices in synchronised attacks on targets represent a growing part of global Distributed Denial of Service (DDoS) weapon arsenals. There is a significant potential for attackers to use an IoT-related protocol, the Constrained Application Protocol (CoAP), deployed on IoT devices to marshal attacks. Source: Help Net Security | ★★ | ||
|
2019-03-08 14:55:02 | (Déjà vu) Russian doll malware targets Pirate Bay users. (lien direct) | Researchers at Kaspersky Lab have uncovered new malware spreading through Pirate Bay, the popular torrent tracker. The malware, which aims to infect users’ PCs with adware and tools for additional malware installation, has a multi-layered structure. Due to its hidden, seemingly endless stack of functionality, the threat has been named PirateMatryoshka, after the traditional Russian […] | Malware Threat | ||
|
2019-03-08 14:54:05 | CYBER ATTACK: 60% of Nigerian businesses attacked in 2018. (lien direct) | Cybercrime has become the worst threat to every company in the world. It is estimated that about 54 per cent of companies globally, experience at least one cyber attack every year. In Nigeria, it is even a menace that appears to have defied any solution. This is despite the array of solution providers in the […] | Threat | ||
|
2019-03-08 14:54:00 | Termite and EarthWorm testing tool weaponized to create multi-platform botnet. (lien direct) | Hackers are leveraging Termite and EarthWorm, packet relay tools written by an employee of Beijing-based security research firm 360Netlab, to create a botnet of Internet of Things (IoT) devices, according to a report by AT&T Cybersecurity (formerly AlienVault). Source: Tech Republic | Tool | ||
|
2019-03-08 14:53:02 | Details About Shadowy Hacking, Cyber Espionage Group Revealed. (lien direct) | Security researchers have been aware of the OceanLotus hacking and cyber espionage group since at least 2015, but new information about the scope of the group’s operations were revealed here at RSA. Researchers are now confident the group has been running a sophisticated fake news operation targeting activists in Vietnam. Source: PC Mag | APT 32 | ||
|
2019-03-08 14:52:03 | \'UK-based Facebook fake news network\' is BANNED: Site bosses axe nearly 150 \'connected\' accounts for using misinformation and hate speech to \'manipulate\' British political debate. (lien direct) | Facebook has taken down more than 130 British accounts, groups and pages that it claims were part of a UK-based ‘fake news’ network. The pages posed as both far-right and anti-fascist outlets in a co-ordinated attempt to ‘manipulate’ the political debate in Britain, said Facebook head of cybersecurity Nathaniel Gleicher. He said the 137 accounts, which had […] | |||
|
2019-03-08 14:51:03 | Hackers Find Critical Flaws In Smart Car Alarm Apps – What Drivers Need To Know. (lien direct) | Researchers at the penetration testing specialists invested nearly £4,000 ($5,000) in high-end smart car alarms systems in order to put them to the test. Ken Munro, the founder of Pen Test Partners, explains that an advert by one of the vendors concerned and stating the system was unhackable had piqued interest initially. That’s never a great claim […] | |||
|
2019-03-08 10:50:00 | Taking Action To Bring Balance On International Women\'s Day. (lien direct) | By Ilijana Vavan, Managing Director at Kaspersky Lab International Women's Day centres around the theme of #BalanceforBetter. I am thoroughly behind this message as I think it's particularly adept in my industry – cybersecurity. The question of gender imbalance in the industry has never been more important we see increasing calls from all over for […] | |||
|
2019-03-08 10:49:03 | Northrop Grumman Sponsors 2019 CyberCenturion Competition In London. (lien direct) | Northrop Grumman Corporation (NYSE: NOC) welcomes some of the UK's brightest 12-18 year olds to compete in the fifth National Finals of CyberCenturion, a nationwide cyber defence competition led by Northrop Grumman, in partnership with Cyber Security Challenge UK, and with support from the U.S. Air Force Association. More than 470 teams from across the […] | |||
|
2019-03-08 10:49:00 | (Déjà vu) Tripwire Survey: 80 Percent Of Security Professionals Say Skilled Workers Are More Difficult To Find. (lien direct) | Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organisations, today announced results of a survey conducted by Dimensional Research that examines how organisations are addressing the cybersecurity skills gap. The survey was administered to 336 IT security professionals in February. Eighty percent of survey respondents believe it’s becoming […] | Guideline | ||
|
2019-03-07 11:33:04 | (Déjà vu) #Opfail: Phisher Attaches Powershell Exec Instead of Malware. (lien direct) | The security community has seen its share of mistakes made by cybercriminals and quickly took advantage to stop the threat. But some of them have reached blooper level. A phishing email caught recently delivered the victim not some sort of a malicious payload, as one would expect, but the executable of the legitimate PowerShell command […] | |||
|
2019-03-07 11:32:04 | (Déjà vu) 12,449 Data Breaches Confirmed in 2018, a 424% Increase Over the Previous Year. (lien direct) | The number of confirmed data breaches during 2018 reached 12,449, a 424% increase when compared with 2017, 47% of all compromised identity records having been exposed in breaches experienced by organizations from the United States and China. 4IQ, the identity intelligence company which published this report on the breached data landscape and trends, also discovered that, while the number […] | |||
|
2019-03-07 11:31:03 | Facebook to refocus messaging around encryption and privacy. (lien direct) | Facebook chief executive Mark Zuckerberg said on Wednesday that the company will rebuild many of its services around encryption and privacy. The changes will take years, Zuckerberg said, with the ultimate end-goal being the creation of a privacy-focused social platform that blends the community of a public social network with the intimacy and security of […] | |||
|
2019-03-07 11:30:03 | 18 percent of Americans admit to having their identity stolen. (lien direct) | 1 ,000 Americans were asked some fundamental questions about their personal cybersecurity. The results are both riveting and depressing. 17.6 percent of these Americans admitted that their identities had, indeed, been stolen. Only 17.6 percent, I hear you sniff. It seems that every day there’s yet another security breach that releases millions of personal details […] | |||
|
2019-03-07 11:29:01 | Users of Cisco switches, security appliances need to get patching. (lien direct) | Administrators of Cisco switches, firewalls, and security appliances are advised to take a look at the latest collection of security advisories published by the company, as chances are good they will need to implement some updates. None of the fixed vulnerabilities are critical or exploited in the wild, but most are high-risk and should be plugged as […] | |||
|
2019-03-07 11:19:04 | Organizations still ignoring a large piece of their cybersecurity defense. (lien direct) | Organizations have long focused their cybersecurity positioning around prevention; however, with the sophistication and frequency of attacks increasing, more organizations are beginning to prioritize incident response teams, groups of specialists trained to address and defeat attacks that make it past existing protections. BAE Systems surveyed board level executives, IT decision makers, and information security professionals […] | |||
|
2019-03-07 11:18:04 | UK charity set up to counter Russian disinformation targeted in cyber attack. (lien direct) | A UK charity set up to counter Russian disinformation has been targeted in a cyberattack. The National Crime Agency said it is leading an investigation into the theft of data from the government-funded Institute for Statecraft. The charity, which received £2m this financial year, has removed all content from its website while the investigation is ongoing. Source: Independent | Guideline | ||
|
2019-03-07 11:17:04 | Health IT Roundup-120,000 Health Alliance Plan customers\' data at risk due to vendor data breach. (lien direct) | More than 120,000 Health Alliance Plan (HAP) clients’ personal and protected medical information may have been compromised in a security breach, the Detroit Free Press reported on Tuesday. Letters notifying customers of the breach were sent last week by Wolverine Solutions Group, a Detroit-based company HAP hired to manage its mailing services. The letters said the security problem occurred on or around Sept. 23, when […] | |||
|
2019-03-06 12:28:03 | Masergy Advocates For A Stronger Focus On Cybersecurity At The British Legal Technology Forum 2019. (lien direct) | Masergy, a leading provider of secure SD-WAN, cloud communications and managed security solutions, today announced that Craig D'Abreo, Masergy's VP of Security Operations will present at the British Legal Technology Forum on 12th March 2019 at 10 AM BST. Taking place at Old Billingsgate in Central London, The British Legal Technology Forum 2019 is Europe's […] | Guideline | ★★ | |
|
2019-03-06 12:17:02 | VMware Introduces Industry\'s First Service-Defined Firewall To Help Better Protect Apps And Data On-Premises And In the Cloud. (lien direct) | VMware, Inc. (NYSE: VMW), today launched the new VMware Service-defined Firewall, an innovative approach to internal firewalling that reduces the attack surface for on-premises and cloud environments with security that is an intrinsic part of the infrastructure. Through the proven capabilities of VMware NSX and VMware AppDefense, the VMware Service-defined Firewall combines unprecedented application visibility […] | ★★★ | ||
|
2019-03-06 12:17:00 | Gemalto Expands Cloud HSM On Demand Solutions. (lien direct) | Gemalto, the world leader in digital security, today announced the availability of three new cloud-based Hardware Security Module (HSM) services, HSM On Demand for CyberArk, HSM On Demand for Hyperledger and HSM On Demand for Oracle TDE. Each service is available through the SafeNet Data Protection on Demand platform, a marketplace of cloud-based HSM, encryption […] | Guideline | ★★ | |
|
2019-03-06 11:52:01 | CyberArk Launches Industry\'s First Privileged Access Security Solution For Continuous Discovery And Protection In The Cloud. (lien direct) | CyberArk (NASDAQ: CYBR), the global leader in privileged access security, today announced ground-breaking new capabilities to simplify the continuous discovery and protection of privileged accounts in cloud environments. The CyberArk Privileged Access Security Solution v10.8 is the first-of-its-kind to automate detection, alerting and response for unmanaged and potentially-risky Amazon Web Services (AWS) accounts. This version […] | Guideline | ||
|
2019-03-06 11:42:02 | Gigamon ATR Examines How Prolific Cyberthreats Traverse Networks And What You Can Do About It. (lien direct) | Gigamon Inc. (“Gigamon”), the essential element of security infrastructure, providing pervasive visibility to network traffic across physical, virtual, and cloud environments, announced the release of the latest research report from Gigamon Applied Threat Research (ATR), How the Most Prolific Malware Traversed Your Network Without Your Knowledge. Based on observed attack data over the second half […] | Malware Threat | ||
|
2019-03-06 10:59:03 | Saudi caller ID app leaves data of 5+ million users in unsecured MongoDB server. (lien direct) | Dalil, an Android app that provides caller ID services similar to Truecaller but for Saudi and other Arabian users, has been leaking user data for a week because of a MongoDB database that has been left accessible online without a password. Discovered by security researchers Ran Locar and Noam Rotem, the database contains what appears to be the […] | ★★★ | ||
|
2019-03-06 10:58:00 | (Déjà vu) Malicious Mobile Software Attacks Almost Doubled in 2018. (lien direct) | Mobile users have been targeted by almost twice as many attacks using malicious software during 2018, going up from 66.4 million in 2017 events detected during 2017 to 116.5 million until the end of last year according to a report by Kaspersky Lab. Despite this large increase in the number of malicious mobile software attacks, only 5,321,142 installation packages […] | |||
|
2019-03-06 10:56:05 | (Déjà vu) Jokeroo Ransomware-as-a-Service Offers Multiple Membership Packages. (lien direct) | A new Ransomware-as-a-Service called Jokeroo is being promoted on underground hacking sites and via Twitter that allows affiliates to allegedly gain access to a fully functional ransomware and payment server. A Ransomware-as-a-Service is when a developer creates a ransomware and a payment site and allows affiliates to sign up and distribute the ransomware. As part of […] | Ransomware | ||
|
2019-03-06 10:55:01 | Attack traffic increased by 32 percent in 2018. (lien direct) | Attack traffic observed by F-Secure's network of decoy honeypots in 2018 increased by 32 percent over the previous year and increased fourfold in the latter half of 2018 compared with the first half of the year, the Finnish cybersecurity company has shared. Source: Help Net Security | |||
|
2019-03-06 10:54:01 | Sale of SSL/TLS certificates on the dark web is rampant. (lien direct) | There is no dearth of compromised, fake and forged SSL/TLS certificates for sale on dark web markets, researchers have found. TLS certificates are sold individually and packaged with a wide range of crimeware. Together these services deliver machine-identities-as-a-service to cybercriminals who wish to spoof websites, eavesdrop on encrypted traffic, perform man-in-the-middle attacks and steal sensitive […] | |||
|
2019-03-06 10:52:03 | Notorious \'drone-modding\' gangsters giving away hacked apps that let drones fly over ANY airport. (lien direct) | HACKERS are offering software to drone owners who want to bypass “no fly zone” technology.Anyone can easily find these websites in just a few clicks on Google – and then crack their drones to remove vital safety features. Source: The Sun |
To see everything:
Our RSS (filtrered)
