What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-10-07 09:18:36 | Eavesdropping bug fixed by Signal (lien direct) | Signal fixed a bug that could have allowed attackers to eavesdrop on victims by placing and then immediately auto-answering a call, without the callee’s permission. The bug is reminiscent of Apple’s FaceTime bug discovered in January, which similarly allowed attackers to eavesdrop on other iPhone users by placing and auto-approving a FaceTime audio or video call. This […] | |||
|
2019-10-07 09:17:52 | (Déjà vu) Baltic energy grid to be secured with help from the US (lien direct) | The United States and Baltic states on Sunday agreed to beef up cooperation to protect the Baltic energy grid from cyber attacks as they disconnect from the Russian electricity grid. US Energy Secretary Rick Perry and his Lithuanian, Latvian and Estonian counterparts termed the agreement “a critical moment for the Baltic States in strengthening cybersecurity” […] | |||
|
2019-10-07 09:15:51 | DCH Health System pays ransom after attack (lien direct) | Alabama-based DCH Health System said it has paid off the hackers behind a ransomware attack that severely disrupted operations at three hospitals beginning on Tuesday morning, according to a Saturday report by Tuscaloosa News. The news closely follows an FBI warning that the number of sophisticated attacks on businesses and state and local governments is continuing to climb. […] | Ransomware | ||
|
2019-10-07 09:15:07 | Over 1,000 pro gamers\' data stolen via EA website (lien direct) | Gaming company Electronic Arts (EA) has plugged a website glitch that has accidentally leaked the personal details of approximately 1,600 users who signed up on one of its websites. The website was for EA’s FIFA 20 Global Series, a competitive tournament for the company’s recently launched FIFA 20 soccer-themed game. The company launched the website yesterday, […] | |||
|
2019-10-07 09:14:25 | Health services shut down by security incident (lien direct) | The information technology systems at a number of hospitals and health services in Gippsland and south-west Victoria have been impacted by a cyber security incident. The cyber incident, which was uncovered on Monday September 30, blocked access to several systems by the infiltration of ransomware, including financial management. Emergency surgery and emergency departments were not […] | |||
|
2019-10-04 15:04:26 | Tackling Cyber Risk: Tenable announces expansion of Lumin to all customers (lien direct) | In our contemporary cyber-centric society, the need for organisations to have insight into cyber exposure is essential. These indispensable insights help to guide strategic decision making, facilitate the deployment of technological and personnel resources and aid budgetary decisions, all the while increasing an organisation's cyber posture. Tenable has announced an extension of the Tenable platform […] | |||
|
2019-10-04 11:04:06 | Back to School with Stewart Harrison – Gibraltar Digital Skills Foundation (lien direct) | Winner of the ‘Best Educator’ award at the Security Serious Unsung Heroes Awards As Bayside Comprehensive School Head of Physics, I've been a teacher for eleven years and started training students as part of a programme in the school for CyberCenturion in 2014. It began with seven students from Bayside, and to date has had […] | |||
|
2019-10-04 10:48:45 | THE “CYBER” MINDSET – The importance of radiating positivity (lien direct) | By James Packer, CISSP, CCSP. Chapter President, (ISC)² London Chapter – and highly acclaimed in the Security Serious Unsung Heroes Awards ‘Security Leader’ category. Our industry is one that is, at times, inherently pessimistic in its nature, because it has to be. We are professionals who dedicate ourselves to protecting against the worst case scenario, […] | Guideline | ||
|
2019-10-04 10:38:32 | Security Serious Unsung Heroes Awards 2019 Winners Revealed (lien direct) | The fourth annual Security Serious Unsung Heroes Awards winners were revealed last night in a fun and inspiring celebration at St Bart's Brewery in London. The awards celebrate the people, not products, of the cyber security industry. From the best ethical hackers and cybersecurity's rising stars to the best security awareness campaign and the coveted Godparent of security, the categories recognised […] | |||
|
2019-10-04 10:27:37 | Ransomware attacks on the rise as FBI send out an alert (lien direct) | The FBI yesterday issued a new public service announcement regarding the ongoing ransomware epidemic, emphasizing that attacks are becoming more targeted since early 2018, with losses increasingly significantly in that time. The alert is intended to update and supplement a previous ransomware warning that the FBI issued back in September 2016, and specifically identifies state and local […] | Ransomware | ||
|
2019-10-04 10:27:00 | Google has launched password security checkup tool (lien direct) | Google has added a new feature to its password manager that will study a person's passwords and then inform them on its strength and whether it has been compromised. Password Checkup will not only check a user's personal choices, but also make personalized recommendations, wrote Andreas Tuerk, product manager for Password Manager. The three primary areas Checkup […] | Tool | ||
|
2019-10-04 10:26:33 | WhatsApp bug allowing access to user content (lien direct) | A “double-free” bug in WhatsApp lets attackers exploit it using a malicious GIF to access user content, according to a blog post by a self-described technologist and information security enthusiast that goes by the handle Awakened on GitHub. An attacker would need to send the GIF via a messaging platform to a victim's device where the vulnerability […] | Vulnerability | ||
|
2019-10-04 10:25:52 | (Déjà vu) Payment Card Theft via PoS Malware in Four U.S Food Chains (lien direct) | Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers’ payment card information. In the last two days, McAlister’s Deli, Moe's Southwest Grill, Schlotzsky's, and Hy-Vee disclosed publicly that their networks were infected with point-of-sale malware copying data from cards used in […] | Malware | ||
|
2019-10-04 10:25:17 | (Déjà vu) Data Leak Exposes Personal Tax Records of 20M Russians (lien direct) | An unprotected Elasticsearch cluster contained personally identifiable information on Russian citizens from 2009 to 2016. A database holding more than 20 million Russian tax records was found unprotected, leaving personal tax data accessible to anyone with a web browser, researchers reported this week. The AWS Elasticsearch cluster contained data on Russian citizens spanning 2009 to […] | |||
|
2019-10-03 13:54:30 | Cybersecurity Awareness Month – Travel Tips to Keep You Safe from Cybercrime, Fraud & Identity Theft (lien direct) | Thalia Landman, Gurucul You might be on your travels, but malicious hackers and cybercriminals are not. They're always looking to take advantage and often target travellers lacking in cyber-awareness. Through strategic hacking and careful planning, they can easily access a traveller's personal devices and steal sensitive information like credit card numbers and private data. So how […] | |||
|
2019-10-03 10:23:21 | UK local authorities fending off 800 cyber-attacks an hour (lien direct) | Councils report being hit by more than 263 million cyber-attacks in the first half of 2019, averaging 800 attacks per hour[i] Average successful cyber-attack on a council results in costs of £430,000 Just 13% of councils hold a standalone cyber insurance policy meaning that the vast majority of UK authorities are underprepared for the financial […] | |||
|
2019-10-03 09:05:20 | Sodinokibi Ransomware building an all-star team of affiliates (lien direct) | Stalkware is being installed on more and more victims’ devices, and the trend is only accelerating, according to a new report. When spouses, colleagues, domestic partners, and random strangers install software to spy on a victim, the “stalkerware” can be a disturbing tool of abuse. And it’s a tool that’s part of a problem that […] | Ransomware Tool | ★★★ | |
|
2019-10-03 09:05:00 | (Déjà vu) \'Password Checkup\' Google Tool announces when passwords are leaked (lien direct) | The feature will check the strength of saved passwords and alert users when they’re compromised in a breach. Google is building a “password checkup” tool into its account controls to improve password habits by telling people if their passwords are weak and when they have been compromised. This marks an expansion of Google’s Password Checkup […] | Tool | ||
|
2019-10-03 09:04:39 | Embedded devices are containing vulnerable IPnet software (lien direct) | FDA, DHS issue fresh warnings on easily exploitable URGENT/11 flaws in medical, SCADA systems, industrial controllers, and other devices. A substantially greater number of real-time operating systems (RTOSes) powering critical medical, industrial, and enterprise devices, are affected by a set of recently discovered security vulnerabilities than were originally reported. Armis, which earlier this year disclosed […] | |||
|
2019-10-03 09:04:22 | (Déjà vu) Bot Farm seized by Police who are potentially behind fatal scam messages (lien direct) | The cyber division of the Ukrainian police took to pieces an operation that made money by registering accounts used to send spam through various services, including email and social networks. The bot farm allowed its cybercriminal customers to buy large numbers of active accounts for multiple online services. These were then used to deliver unsolicited […] | Spam | ||
|
2019-10-03 09:04:05 | Tabloid sued by Meghan Markle and Prince Harry for breach of U.K. Data Protection Act of 2018 (lien direct) | Meghan Markle and Prince Harry, the Duke and Duchess of Sussex, are suing the Associated Papers, parent company of the Daily Mail, for breach of the U.K.'s Data Protection Act of 2018 after the Mail published a private letter Markle sent to her father. The act, the U.K.'s complement to GDPR, requires protections for personal data, requiring […] | |||
|
2019-10-02 10:46:07 | Help! Who do I escalate my cyber emergency to? (lien direct) | By Peter Groucutt, managing director ofDatabarracks The US senate has passed a new law which will demand the federal government increase its support for organisations hit by ransomware. The DHS Cyber Hunt and Incident Response Teams Act would require the Department of Homeland Security (DHS) to build dedicated teams tasked with providing advice to organisations on […] | |||
|
2019-10-02 10:37:57 | Which? investigation finds wireless security cameras are putting consumer privacy at risk – Expert Comments (lien direct) | Consumer group Which? has found that Amazon is promoting webcams, baby monitors and home surveillance cameras with gaping security flaws which could be used to spy on their customers. Researchers tested six wireless cameras that had received the coveted Amazon’s Choice label, driving them to the top of the company’s search results, but found serious loopholes including […] | |||
|
2019-10-02 09:47:16 | Counting the Cost of Silent Cyber (lien direct) | By Akber Datoo, Founder and Managing Director, D2 Legal Technology Damaged reputation. Financial loss. Punitive capital adequacy provision. Silent cyber is one of the biggest issues facing the insurance industry. Yet despite the Prudential Regulatory Authority's (PRA) demands for robust action plans, few firms have put in place the document digitisation required to truly understand the […] | |||
|
2019-10-02 09:41:16 | The average cost of enterprise data breaches has risen to $1.41 million (lien direct) | The average cost of enterprise data breaches has risen to $1.41 million in 2018, up from $1.23 million in 2017, according to new research from Kaspersky. It’s estimated that there have already been 4,000 data breaches in the first half of 2019, affecting four billion users’ data. But companies with internal cybersecurity (security operation center or SOC) experienced only […] | |||
|
2019-10-02 09:40:36 | Nearly all companies have suffered a data breach (lien direct) | In the last three years, almost two thirds (60 per cent) of businesses have experienced a data breach. This is according to a new global report from Bitdefender, which also adds that those that haven't been attacked yet – expect to experience such a scenario soon. As a matter of fact, more than a third of […] | Data Breach | ||
|
2019-10-02 09:39:01 | GhostCat malware hits publishing companies (lien direct) | A malicious campaign that waged 13 attacks against hundreds of well-known publishers has been identified and put down by The Media Trust. Rather appropriately for the Halloween season, the malware was given the name GhostCat-3PC by researchers in the Trust’s Digital Security & Operations (DSO) team. GhostCat-3PC ran behind an ad that used advanced, obfuscated code and […] | Malware | ||
|
2019-10-02 09:38:15 | (Déjà vu) US petroleum companies hit by new malware (lien direct) | Attackers are using an obfuscated version of Adwind Remote Access Trojan for stealing data, Netskope says. An unknown threat actor is targeting companies in the US petroleum industry with a sophisticated data-stealing remote access Trojan (RAT) that previously had been used in attacks against retail and hospitality organizations. Netskope says it observed a recent spike […] | Malware Threat | ||
|
2019-10-02 09:37:32 | Only critical patients to be seen at 3 hospitals, thanks to ransomware attack (lien direct) | Ten hospitals-three in Alabama and seven in Australia-have been hit with paralyzing ransomware attacks that are affecting their ability to take new patients, it was widely reported on Tuesday. All three hospitals that make up the DCH Health System in Alabama were closed to new patients on Tuesday as officials there coped with an attack […] | Ransomware | ||
|
2019-10-01 14:31:46 | One Identity Channel Records Exceptional Results (lien direct) | One Identity, a company that helps organisations achieve an identity-centric security strategy, today announced its One Identity Partner Circle programme and related channel strategy has recorded exceptional results, now linked to over 68 percent of company sales, globally. This milestone represents a 54-percent increase in year-over-year (YoY) North American partner sales and a more than […] | |||
|
2019-10-01 11:08:58 | IT Security mentoring (lien direct) | By Erhan T, finalist in the Security Serious Unsung Heroes Awards As an ambassador for the Cyber Security Challenge UK, I often volunteer my time to be present at career fairs to support and answer questions from the next generation of possible cyber security professionals. The first question I am often asked is “how do […] | |||
|
2019-10-01 10:33:56 | (Déjà vu) Over 170,000 Users Data up for grabs after Comodo Forums Breached (lien direct) | Account data belonging to more than half of all Comodo Forums users has been stolen and is now traded online. The breach was possible by exploiting a vulnerability in the software that powers the forum. Comodo today published a security notice informing users that an intruder may have gained access to the forums database. “Very recently […] | Vulnerability | ||
|
2019-10-01 10:33:41 | New Cybersecurity Development Labs launched by BlackBerry (lien direct) | Security software and services company BlackBerry Limited has announced the launch BlackBerry Advanced Technology Development Labs (BlackBerry Labs), a new business unit operating at the forefront of research and development in the cybersecurity space. The Labs will be led by CTO Charles Eagan and will include a team of over 120 software developers, architects, researchers, product leads […] | Guideline | ||
|
2019-10-01 10:33:16 | Billboards in Detroit hacked and play porn for 30 minutes (lien direct) | Motorists traveling through a Detroit suburb were stunned to see a pornographic video playing on an electronic billboard. Auburn Hills police say the video played on the billboard along Interstate 75 in Oakland County for about 30 minutes Saturday night before the images were removed. Many people called 911. Chuck McMahon says he saw the […] | |||
|
2019-10-01 10:32:54 | Checkm8 exploit can jailbreak millions of 1OS devices (lien direct) | n independent researcher who goes by the Twitter handle axi0mX has discovered and published an iOS jailbreak exploit that applies to hundreds of millions of devices and cannot be patched. Named checkm8, the exploit leverages a race condition vulnerability found in the bootrom, a read-only memory chip that contains the first code that initially loads whenever a user starts […] | Vulnerability | ||
|
2019-10-01 10:32:28 | (Déjà vu) Friends Players Compromised in Data Breach with 218M Words (lien direct) | The same attacker was reportedly behind the Collection #1 and Collection #2 data dumps earlier this year. A cybercriminal operating under the alias Gnosticplayers has broken into the Words with Friends database and gained access to 218 million player records, The Hacker News reports. The popular puzzle game is owned by Zynga, one of the […] | Data Breach | ||
|
2019-09-30 13:03:54 | Cyber security in NHS is about more than just prevention says experts (lien direct) | Recent research carried out by Imperial College London’s Institute of Global Health Innovation has highlighted the NHS’s ongoing vulnerability to cyber-attacks. The study called for urgent steps to be taken in order to defend threats which could risk the safety of patients in the UK. While the report, presented to the House of Lords, commended […] | Vulnerability | ||
|
2019-09-30 12:57:09 | Some Hackers just want to see the world burn (lien direct) | By Matthew Olney, content manager at XQ Cyber, and finalist in the Security Serious Unsung Heroes Awards With the new Joker movie hitting cinemas what better time to take a look at some of the most infamous incidents of hackers causing trouble just for the sake of it? Not all cyberattacks are financially motivated but […] | |||
|
2019-09-30 12:50:50 | Why companies must start rehearsing their responses now to give them the best possible chance of mitigating cyberattacks when – and not if – they happen (lien direct) | By David Cook, Senior Associate – Privacy and Cyber Security Compliance and Litigation at Eversheds Sutherland, and finalist in the Security Serious Unsung Heroes Awards. It seems like barely a week goes by without a high-profile data breach being reported on the front pages of our newspapers. Hacking and cyberattacks appear to be becoming more […] | Data Breach | ||
|
2019-09-30 12:37:19 | Ajax enhances online experience with Mitek (lien direct) | Mitek (NASDAQ: MITK, www.miteksystems.com) has today announced that Ajax Amsterdam, one of Europe’s premier football clubs, will be using Mitek’s Mobile Verify® with Face Comparison solution to improve online experience and bolster security for fans. Putting fan enjoyment and safety at the heart of everything they do, Ajax is committed to verifying the identities of ticket […] | |||
|
2019-09-30 12:24:14 | BlackBerry Launches BlackBerry Advanced Technology Development Labs to Fuel New Cutting-Edge Security Technologies (lien direct) | BlackBerry Limited (NYSE: BB; TSX: BB) today announced the creation of BlackBerry Advanced Technology Development Labs (BlackBerry Labs), a new business unit operating at the forefront of research and development in the cybersecurity space. Led by CTO Charles Eagan, BlackBerry Labs will include a team of over 120 software developers, architects, researchers, product leads and security experts, each working toward the common goal of identifying, […] | Guideline | ||
|
2019-09-30 09:25:45 | (Déjà vu) Cloudfare preventing exploit from working on vBulletin sites behind Cloudflare\'s service (lien direct) | This week a zero-day vBulletin remote code execution vulnerability and exploit was publicly disclosed and is being used by bad actors to attack vBulletin forums. Cloudflare has now created a special rule that will prevent this exploit from working on vBulletin sites behind Cloudflare’s service. Remote code execution vulnerabilities are the most critical as they allow […] | Vulnerability | ||
|
2019-09-30 09:24:37 | Legit tools Node.JS and WinDivert abused by fileless malware campaign (lien direct) | An attack campaign targeting primarily the U.S. and Europe is leveraging two legitimate tools, the Node.js framework and WinDivert, to install “fileless” malware that appears to either turn victims' systems into proxies or perpetrates click fraud. Researchers from both Microsoft Corporation and Cisco Talos yesterday filed separate reports warning of this campaign, which they have named Nodersok or Divergent, respectively. Microsoft, which […] | Malware | ||
|
2019-09-30 09:24:12 | Hackers broadcast porn in Asics shops to passersby for nine hours (lien direct) | Pornography played on giant television screens at an Asics sports store in New Zealand for hours over the weekend after hackers took over the shop's IT systems. The pornography was streamed onto screens facing Auckland's Queen Street, the country's busiest shopping thoroughfare, and wasn't stopped until employees arrived to open the store on Sunday morning. The […] | |||
|
2019-09-30 09:22:33 | (Déjà vu) Defence contractors hit by cyber-attacks in Europe and North America (lien direct) | Defence contractors Rheinmetall AG and Defence Construction Canada (DCC) were hit this month by cyber-attacks that impacted and disrupted their information technology systems. German Rheinmetall AG is one of the world’s top suppliers of military equipment and systems, with two operational components, namely Rheinmetall Defence and Rheinmetall Automotive. “The group’s 23,000-strong global workforce generated sales last year of $6.9 billion,” says a press release published […] | |||
|
2019-09-30 09:22:14 | Malware spread by scammers using fake Google Alerts (lien direct) | Cybercriminals have found a way to use Google Alerts to hook victims into scams or push malware. Bleeping Computer CEO Lawrence Abrams found that malicious actors are creating malicious sites into Google so they will be emailed to people who have alerts set for that particular subject matter. The malicious pages are created using popular keywords […] | Malware | ||
|
2019-09-27 14:56:58 | Authority, Openness and Approachability: Key Attributes to Building a Strong Cybersecurity Team (lien direct) | Dr Jessica Barker is Co-CEO Cygenta and her team is a finalist in the Security Serious Unsung Heroes Awards 2019 When my husband, FC, and I started Cygenta {link: https://www.cygenta.co.uk}, we had some decisions to make. Did we want a lifestyle business or one with commercial ambitions? Were we interested in VC funding that would […] | |||
|
2019-09-27 11:16:15 | Almost 5 million customers, delivery drivers and partners hit by DoorDash data breach – expert comments (lien direct) | Food delivery company, DoorDash, has confirmed it was hit by a data breach which exposed the data of close to 5 million customers, delivery people and partners. The breach took place in May of this year, and it’s unclear why it has taken DoorDash so long to reveal the details. According to a spokesperson for […] | Data Breach | ||
|
2019-09-27 10:54:38 | Community Underpins Our Cybersecurity (lien direct) | By Lyndsay Turley, International Communicator and Cybersecurity Advocate – and finalist in the Security Serious Unsung Heroes Awards. Survival in a domain that is poorly understood and moves at breakneck speed demands a capacity to learn as much as possible from others who share your challenges. People in cybersecurity, who perhaps understand this better than […] | |||
|
2019-09-27 09:54:27 | External keyboards being hacked on iOS13 (lien direct) | The iPhone maker released the latest version of its mobile operating system, iOS 13, last week and the company followed this up with the recent release of iOS 13.1 and iPadOS 13.1. However, Apple has warned users of an issue affecting third-party keyboard apps in a brief advisory, which reads: “Third-party keyboard extensions in iOS can be […] |
To see everything:
Our RSS (filtrered)
