What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2017-01-26 12:00:34 | Half of Ransomware Victims Pay Criminals\' Demands to Recover Data (lien direct) | A Ponemon Institute report on ransomware revealed 48 percent of businesses surveyed paid a ransom in exchange for getting their data back. | |||
|
2017-01-25 20:11:05 | Default Credentials Found in Schneider Electric Wonderware Historian (lien direct) | ICS-CERT warns of default credentials in Schneider Electric Wonderware Historian that can be abused to compromise Historian databases. | ★★ | ||
|
2017-01-25 19:30:37 | Firefox 51 Begins Warning Users of Insecure HTTP Connections (lien direct) | Firefox 51 includes warnings to users landing on HTTP websites, and patches for nearly a half-dozen critical security vulnerabilities. | ★★★★★ | ||
|
2017-01-25 12:00:51 | Charger Mobile Ransomware Removed from Google Play (lien direct) | Security researchers have identified a new and evasive mobile ransomware strain called Charger on the Google Play app store. | |||
|
2017-01-24 20:26:29 | SpyNote RAT Now Disguised As Netflix App (lien direct) | A new version of the SpyNote Trojan is designed to trick Android users into thinking it's a legitimate Netflix application. | ★★★★★ | ||
|
2017-01-24 17:07:35 | AG Nominee Backs Law Enforcement\'s Ability to \'Overcome\' Encryption (lien direct) | President Trump's attorney general pick Jeff Sessions says law enforcement should be able to “overcome†encryption in criminal investigations. | ★★★★ | ||
|
2017-01-24 16:40:11 | St. Louis Public Library Recovers from Ransomware Attack (lien direct) | Services are being restored to the St. Louis Public Library computer system after a ransomware attack impacted access to machines and data at all 17 branches. | |||
|
2017-01-24 13:32:51 | Cisco Patches Critical Flaw in WebEx Chrome Plugin (lien direct) | Cisco has fixed a vulnerability in its WebEx extension for Chrome that allowed for remote code execution on computers running the plugin. | |||
|
2017-01-24 12:00:42 | Apps Carrying HummingBad Variant Booted From Google Play (lien direct) | Google has removed 20 apps from Google Play that were spreading a variant of the HummingBad Android malware called Hummingwhale. | |||
|
2017-01-23 19:51:08 | Secure Email Service Lavabit Relaunches (lien direct) | Lavabit, the secure email provider that suspended operations back in 2013 after the US government asked for its users SSL keys, relaunched Friday under a new architecture. | |||
|
2017-01-23 18:31:06 | Heartbleed Persists on 200,000 Servers, Devices (lien direct) | Almost 200,000 servers are still vulnerable to Heartbleed, the OpenSSL vulnerability patched nearly three years ago. | ★★★★★ | ||
|
2017-01-23 16:00:24 | Sage and Satan Ransomware, Double Trouble (lien direct) | A spam campaign has started spreading Sage ransomware, while a ransomware service known as Satan allows users to customize distribution. | |||
|
2017-01-23 13:52:24 | Massive Twitter Botnet Dormant Since 2013 (lien direct) | Researchers from the University College London have found a Twitter botnet of 350,000 bots that has been dormant since shortly after the accounts were registered. | |||
|
2017-01-21 14:00:49 | Mozilla\'s First Internet Health Report Tackles Security, Privacy (lien direct) | Mozilla released its first Internet Health Report, examining the dangers of over-sharing eroding privacy, and the security of connected devices. | |||
|
2017-01-20 20:31:34 | Coalition of Cryptographers, Researchers Urge Guardian to Retract WhatsApp Story (lien direct) | A coalition of researchers and cryptographers are urging the Guardian to retract a story it published last week which suggested the encrypted messaging app WhatsApp contained a backdoor. | |||
|
2017-01-20 19:18:21 | Hadoop, CouchDB Next Targets in Wave of Database Attacks (lien direct) | Insecure Hadoop and CouchDB installations are the latest attack targets of cybercriminals who are hijacking and deleting stolen data. | |||
|
2017-01-20 18:00:06 | Hack the Army Bounty Pays Out $100,000; 118 Flaws Fixed (lien direct) | The U.S. Army released the results of its Hack the Army bug bounty, and said that close to $100,000 was paid out, and 118 unique and actionable vulnerabilities were reported. | |||
|
2017-01-20 16:50:04 | Threatpost News Wrap, January 20, 2017 (lien direct) | Mike Mimoso, Tom Spring, and Chris Brook discuss security-wise what they hope will and won't change under a Trump presidency, then discuss the news of the week, including SHA-1 deprecation, Carbanak's return, and the WhatsApp "backdoor" debacle. | |||
|
2017-01-19 20:35:52 | The Changing Face of Carbanak (lien direct) | Carbanak has moved away from its exclusive focus on financial services, branching out to attacks against hospitality and retail. | |||
|
2017-01-19 19:25:29 | ProtonMail Gets Own Tor-Accessible .Onion Hidden Service (lien direct) | Encrypted email service ProtonMail announced early Thursday that it had added its own Tor hidden service. | |||
|
2017-01-19 19:07:25 | Locky Limps Back into Action After Lull (lien direct) | Researchers say the Necurs spam botnet is limping back into action with two new campaigns that could be the telltale signs of a future full-scale attack. | |||
|
2017-01-19 15:46:08 | Facebook, Researcher at Odds Over Messenger Issue (lien direct) | Facebook dismisses a researcher who says multimedia content sent via Facebook Messenger can be intercepted by a third party under certain conditions. | |||
|
2017-01-19 15:00:17 | Android Scoring System Roots Out Malicious, Harmful Apps (lien direct) | Google this week explained how it weighs potentially harmful Android apps using the Verify Apps malware scanner and a scoring system it calls Dead or Insecure. | |||
|
2017-01-19 14:00:40 | Justine Bone on St. Jude Vulnerabilities and Medical Device Security (lien direct) | MedSec CEO Justine Bone talks to Mike Mimoso about the St. Jude Medical vulnerabilities, the considerations her company and Muddy Waters made in short selling St. Jude stock, and the current state of medical device security. Download:Â Justine_Bone_on_St._Jude_Vulnerabilities_and_Medical_Device_Security.mp3 Music by Chris Gonsalves | |||
|
2017-01-18 21:25:04 | Carbanak Using Google Services for Command and Control (lien direct) | Carbanak has surfaced again with new campaigns using Google hosted services such as Forms and Sheets as command and control channels. | |||
|
2017-01-18 19:26:35 | Docker Patches Container Escape Vulnerability (lien direct) | Docker has patched a privilege escalation vulnerability that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container. | Guideline | ||
|
2017-01-18 18:26:48 | Oracle Patches 270 Vulnerabilities in Year\'s First Critical Patch Update (lien direct) | Oracle patched 270 vulnerabilities, many remotely exploitable, across 45 different products as part of its quarterly Critical Patch Update (CPU) on Tuesday. | |||
|
2017-01-18 12:00:59 | Spora Ransomware Offers Victims Unique Payment Options (lien direct) | Researchers are keeping close tabs on a new ransomware strain called Spora that offers victims unique payment options. | ★★★★★ | ||
|
2017-01-17 21:54:41 | New RCE Flaws Found in Samsung Smartcam (lien direct) | Samsung Smartcam devices are vulnerable to remote takeover via a malicious firmware update, researchers with the former GTVHacker group said. | |||
|
2017-01-17 21:02:30 | Vulnerabilities Leave iTunes, App Store Open to Script Injection (lien direct) | Researchers say iTunes and Apple's App Store suffer from a persistent input validation and mail encoding web vulnerability. If exploited, it could allow an attacker to inject their own malicious script. | |||
|
2017-01-17 17:05:21 | Router Vulnerabilities Disclosed in July Remain Unpatched (lien direct) | Command injection vulnerabilities and accessible default admin credentials in home routers distributed by Thailand's largest broadband provider remain unpatched despite private disclosures to the vendors last July. | |||
|
2017-01-17 16:00:35 | SHA-1 End Times Have Arrived (lien direct) | Things are about to get a lot safer on the internet with SHA-2, but there is plenty of work still to be done when it comes to SHA-1 deprecation. | |||
|
2017-01-17 15:24:36 | Why WhatsApp\'s \'Backdoor\' Isn\'t a Backdoor (lien direct) | A chorus of security experts say allegations WhatsApp's end-to-end messaging platform has a backdoor are wrong and explain why reports making the claim are false. | |||
|
2017-01-17 14:00:11 | Andrew Macpherson on Intelligence Gathering with Maltego (lien direct) | Operations Manager at Paterva Andrew Macpherson outlines the details of the "Digital Intelligence Gathering using Maltego" course being offered at SAS 2017. | |||
|
2017-01-16 17:33:36 | White House Approves New Rules for Sharing of Raw Intelligence Data (lien direct) | New rules signed by the president last week change the way the NSA is able to share raw intelligence data with other intelligence community agencies. | |||
|
2017-01-13 19:31:45 | WhatsApp Says \'Backdoor\' Claim Bogus (lien direct) | Claims of a security hole in WhatsApp's messenger app were shot down by WhatsApp, which called the allegations false. | |||
|
2017-01-13 18:57:24 | Google\'s Key Transparency Simplifies Public Key Lookups (lien direct) | Google has taken a big step toward simplifying public key lookups at Internet scale with the release to open source on Thursday of Key Transparency. | |||
|
2017-01-13 15:00:17 | Threatpost News Wrap, January 13, 2017 (lien direct) | The news of the week is discussed, including the ShadowBrokers' farewell, GoDaddy's buggy domain validation issue, MongoDB ransoms, and the latest with St. Jude Medical. | |||
|
2017-01-12 19:00:03 | Marie Moe on Medical Device Security (lien direct) | Mike Mimoso talks to Marie Moe, a research scientist at SINTEF of Norway, about her personal and emotional connection to medical device security. | |||
|
2017-01-12 18:49:06 | ShadowBrokers Bid Farewell, Close Doors (lien direct) | The ShadowBrokers today ended their operations, saying they would no longer leak Equation Group exploits. | |||
|
2017-01-12 17:38:28 | WordPress 4.7.1 Fixes CSRF, XSS, PHPMailer Vulnerabilities (lien direct) | A new WordPress update, pushed this week, resolves eight security issues, including a handful of XSS and CSRF bugs. | |||
|
2017-01-11 21:40:31 | Buggy Domain Validation Forces GoDaddy to Revoke Certs (lien direct) | A bug in GoDaddy's domain validation process forced the registrar to revoke SSL certificates and reissue certs for more than 6,000 customers. | |||
|
2017-01-11 20:59:32 | Cloudflare Shares National Security Letter It Received in 2013 (lien direct) | Cloudflare on Tuesday was finally able to post a National Security Letter it received from the FBI back in 2013. | |||
|
2017-01-11 20:04:39 | ShadowBrokers Selling Windows Exploits, Attack Tools (lien direct) | The ShadowBrokers are selling a cache of Windows exploits and attack tools for 750 Bitcoin. | |||
|
2017-01-11 18:01:57 | Second Try at Windows LSASS Patch Addresses Vulnerability (lien direct) | Microsoft on Tuesday patched a vulnerability in LSASS, the second attempt it has taken at fixing a remote denial-of-service issue in the critical Windows process. | |||
|
2017-01-11 17:48:07 | Spammers Revive Hancitor Downloader Campaigns (lien direct) | A recent lull in the distribution of spam linking to the malicious downloader Hancitor has been snapped as researchers warn of new campaigns. | |||
|
2017-01-10 20:52:02 | Microsoft Issues Record Low Number of Patch Tuesday Bulletins (lien direct) | Microsoft patched vulnerabilities that were tied to a variety of its products including Office 2016, its Edge browser and its Local Security Authority Subsystem Service (LSASS). | ★★ | ||
|
2017-01-10 18:27:10 | Netflix Phishing Campaign Targeted User Information, Credit Card Data (lien direct) | Researchers recently identified a phishing campaign set up to lure unsuspecting Netflix users into giving up their credentials and credit card data. | ★★★ | ||
|
2017-01-10 17:47:42 | Adobe Patches Code Execution Flaws in Flash, Reader, Acrobat (lien direct) | Adobe's first scheduled patch release of 2017 includes updates for Flash Player, Reader and Acrobat. | ★★★★ | ||
|
2017-01-10 17:36:32 | Lawmakers Reintroduce Popular Email Privacy Act (lien direct) | A bipartisan group of lawmakers have reintroduced the Email Privacy Act, a bill that would curb law enforcement's warrantless searches of email stored on third-party servers for over 180 days. | ★★ |
To see everything:
Our RSS (filtrered)
