Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-10 11:00:51 |
Yahoo Releases Second Wave of Unsealed FISC Documents (lien direct) |
Yahoo releases a second wave of unsealed documents tied to its battle with the secret Foreign Intelligence Surveillance Court. |
|
Yahoo
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-09 18:34:46 |
Police Allege SWIFT Technicians Left Bangladesh Bank Vulnerable (lien direct) |
Police in Bangladesh this week alleged that technicians associated with the financial network SWIFT introduced vulnerabilities which made it easier for hackers to infiltrate the systems of Bangladesh Bank. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-09 16:21:18 |
Twitter Turns Off Fire Hose For Intelligence Community (lien direct) |
Twitter has asked its business partner Dataminr to no longer provide it services to the U.S. intelligence community. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-07 13:52:06 |
Old Exploits Die Hard, Says Microsoft Report (lien direct) |
Microsoft's twice-annual SIR bellwether security report highlights malware, fraudulent login attempts and the staying power of really old software bugs. |
|
|
★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-06 15:45:32 |
Threatpost News Wrap, May 6, 2016 (lien direct) |
Mike Mimoso, Chris Brook, and Tom Spring, discuss the week in news, including a first hand account of an online casino getting hit by ransomware, Brazil shutting down WhatsApp, and attackers mining an ADP portal for W-2s. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-06 13:00:47 |
New Security Flaw Found in Lenovo Solution Center Software (lien direct) |
Security researchers at Trustwave SpiderLabs have discovered a new vulnerability in Lenovo's much maligned Lenovo Solution Center software. The vulnerability allows attackers with local network access to a PC to execute arbitrary code. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-05 19:45:11 |
Criminals Peddling Affordable AlphaLocker Ransomware (lien direct) |
A relatively affordable and difficult to detect ransomware-as-a-service named AlphaLocker has begun making the rounds, researchers warn. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-05 15:22:59 |
Diary of a Ransomware Victim (lien direct) |
A major online casino ran headfirst into a ransomware infection, and learned some lessons the hard way about how simple mistakes that can lead to complicated problems. |
Guideline
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-05 12:00:19 |
Five-Year-Old Android Flaw Exposes SMS, Call History (lien direct) |
A five-year-old privilege escalation vulnerability in Android disclosed today affects hundreds of different device models going back to Jelly Bean 4.3. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-04 21:17:04 |
Cisco Patches Critical Telepresence Vulnerability (lien direct) |
Cisco alerted customers three vulnerabilities, one critical and two high, along with patches to fix them. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-04 19:02:23 |
Apple Updates Xcode’s Git Implementation (lien direct) |
Apple has updated its Xcode development environment, patching two vulnerabilities in its implementation of git. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-04 16:17:05 |
Public Exploits Available for ImageMagick Vulnerabilities (lien direct) |
Public exploits are available for critical ImageMagick vulnerabilities, increasing the risk to websites that use the open source image-processing software. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-04 16:15:18 |
10-Year-Old Instagram Bug Hunter Earns $10,000 (lien direct) |
Facebook says a 10-year-old is the youngest ever to earn a bug bounty for reporting Instagram API bug. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-03 20:55:29 |
Brazilian Judge Orders 72-Hour WhatsApp Suspension (lien direct) |
A judge in Brazil has again demanded that phone companies there block the popular messaging app WhatsApp from operating for 72 hours. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-03 18:01:03 |
Linux Foundation Badge Program to Boost Open Source Security (lien direct) |
A new CII Best Practices Badge program will help companies, interested in adopting open source technologies evaluate projects based on security, quality and stability. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-03 15:36:52 |
FreedomPop Account Hijacking Flaws Remain Unpatched (lien direct) |
A serious vulnerability in mobile provider FreedomPop has yet to be patched and can be leveraged with online banking flaws to put customer accounts at risk. |
|
|
★★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-03 12:14:59 |
Nano Server Added to Microsoft Bug Bounty Program (lien direct) |
Microsoft expands bug bounty program adding Windows Server 2016 Nano Server payouts between $500 and $15,000. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-02 21:14:14 |
FBI Reaffirms Stance Not to Pay Ransomware Attackers (lien direct) |
An FBI warning urges organizations to be vigilant about ransomware, and reaffirmed its position that companies should not pay ransoms to recover their files. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-05-02 18:00:59 |
Google Patches More Trouble in Mediaserver (lien direct) |
Google's monthly patch release has a new name, and a slew of old bugs in Mediaserver. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-30 11:25:42 |
Slack Plugs Token Security Hole (lien direct) |
Slack fixes a security loophole that opened hundreds of corporate Slack accounts to the public. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-29 15:50:03 |
Major Campaigns Spreading CryptXXX Ransomware Via Exploit Kits (lien direct) |
Attackers behind a campaign distributing Locky ransomware via the Nuclear Exploit Kit have switched to distributing CryptXXX using the feature-laden Angler Exploit Kit. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-28 20:12:37 |
Privacy Activists Cheer Passage of Email Privacy Act, Brace for Senate Battle (lien direct) |
In a vote of 419-0, the U.S. House of Representatives passed the Email Privacy Act on Wednesday that would require the government to obtain a warrant in order to access digital communications stored in the cloud. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-28 17:12:29 |
Scourge of Android Overlay Malware on Rise (lien direct) |
The black market for malicious Android software is heating up thanks to a rise in popularity of overlay malware. |
|
|
★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-28 14:44:58 |
Office 365 Vulnerability Exposed Any Federated Account (lien direct) |
Microsoft in January patched a severe Office 365 vulnerability that exposed accounts whose domains were configured as federated. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-27 16:49:26 |
Firefox 46 Patches Critical Memory Vulnerabilities (lien direct) |
Mozilla released Firefox 46, which includes patches for one critical and four high-severity vulnerabilities, all of which can lead to remote code execution. |
Guideline
|
|
★★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-27 14:28:22 |
Platinum APT Group Abuses Windows Hotpatching (lien direct) |
Microsoft disclosed details on the Platinum APT group and its arsenal of backdoors, keyloggers and its abuse of Windows hotpatching to load malicious code on compromised computers. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-26 18:16:04 |
Verizon DBIR Top Threats: Credential Theft, Phishing and PoS (lien direct) |
Most alarming is not what's new in Verizon's 2016 Data Breach Investigations Report, rather what's old and still causing chaos behind corporate firewalls. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-26 15:33:42 |
New Decryptor Unlocks CryptXXX Ransomware (lien direct) |
Researchers at Kaspersky Lab today published a decryptor that recovers files encrypted by the CryptXXX ransomware. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-25 18:35:49 |
Attackers Behind GozNym Trojan Set Sights on Europe (lien direct) |
The banking malware GozNym has spread into Europe and begun plaguing banking customers in Poland with redirection attacks, IBM said. |
|
|
★★
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-25 16:03:32 |
Bangladesh Bank Hackers Accessed SWIFT System to Steal, Cover Tracks (lien direct) |
Hackers behind the $81 million heist in February at Bangladesh Bank used a malware toolkit to access the financial institution's SWIFT payment system |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-22 17:55:50 |
Experts Weigh-In Over FBI $1.3 Million iPhone Zero-Day Payout (lien direct) |
Was the Federal Bureau of Investigation justified in paying over $1.3 million for a hacking tool that opened the iPhone 5c of San Bernardino terrorist? |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-22 14:21:53 |
Threatpost News Wrap, April 22, 2016 (lien direct) |
Mike Mimoso and Chris Brook discuss the news of the week, including BlackBerry CEO's stance on lawful access principles, the FBI/Apple hearing, Viber adding end-to-end crypto, Teslacrypt, and more. |
|
Tesla
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-22 00:38:21 |
Core Windows Utility Can Be Used to Bypass AppLocker (lien direct) |
A researcher has discovered that Windows' Regsvr32 can be used to download and run JavaScript and VBScript remotely from the Internet, bypassing AppLocker's whitelisting protections. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-21 19:31:27 |
PoS Attacks Net Crooks 20 Million Stolen Bank Cards (lien direct) |
A report released Thursday shines a bright light on point-of-sales system attack targeting hospitality and retail businesses that could of given earned cyber crooks a $400 million payday. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-21 16:22:25 |
Cisco Patches Denial-of-Service Flaws Across Three Products (lien direct) |
Cisco released software updates to address five separate denial of service vulnerabilities, all which the company considers either high or critical severity, across its product line this week. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-21 13:00:52 |
Misunderstanding Indicators of Compromise (lien direct) |
In this Threatpost op-ed, Dave Dittrich and Katherine Carpenter explain the dangers of conflating measurable events, or observables, with indicators of compromise, which require context and other constructs to provide true threat intelligence. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-20 21:17:16 |
Viber Heats Up Cypto Debate: Adds Encryption to 711 Million Users (lien direct) |
Messaging platform firm Viber is adding end-to-end encryption to 711 million of its users, becoming the latest tech firm to embrace encryption on a massive scale. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-20 17:26:03 |
Oracle Fixes 136 Vulnerabilities With April Critical Patch Update (lien direct) |
Oracle fixed 136 vulnerabilities across 46 different products this week as part of its regularly scheduled Critical Patch Update. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-20 12:00:35 |
Generic Ransomware Detection Comes to OS X (lien direct) |
Researcher Patrick Wardle has developed a utility called RansomWhere? that he released today that he says does generic ransomware detection on OS X. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-19 20:12:52 |
Apple and FBI Faceoff at House Encryption Hearing (lien direct) |
Apple and the FBI vow to work together to find compromise solution in encryption debate. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-19 16:32:37 |
Android Security Report: 29 Percent of Active Devices Not Up To Patch Levels (lien direct) |
Google released its annual Android Security Report, a state of the union on the Android ecosystem. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-19 13:30:34 |
Range of Mousejack Attack More Than Doubles (lien direct) |
Researchers at Bastille said they've more than doubled the range with which an attacker can exploit the Mousejack vulnerability. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-19 11:00:14 |
APT Targeting Tibetans Packs Four Vulnerabilities in One Compromise (lien direct) |
Tibetans along with journalists and human rights workers in Hong Kong and Taiwan have been targeted in campaigns using phishing emails laced with Microsoft RTF attachments that exploit four vulnerabilities. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-18 19:51:30 |
New MIT Scanner Finds Web App Flaws in a Minute (lien direct) |
A Berkeley postdoctoral researcher and former MIT student will soon unveil Space, a static-analysis web-application security tool that can find vulnerabilities in a minute. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-18 16:11:47 |
Google Aims For Transparency With New Chrome Web Store Policies (lien direct) |
Google put app developers on notice last week, urging them to comply with a new set of privacy policies designed to better promote transparency it plans on enforcing this summer. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-15 19:22:02 |
Microsoft Wins Widespread Support in Privacy Clash With Government (lien direct) |
Privacy advocates are cheering Microsoft's lawsuit against the US government over data requests. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-15 17:52:51 |
VMware Patches Critical Session-Handling Vulnerability (lien direct) |
VMware fixed a critical vulnerability in one of its products this week that could've led to a man in a middle attack if exploited by an attacker. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-15 15:31:03 |
Short URLs a Big Problem for Cloud Collaboration, Stored Data (lien direct) |
A newly published research paper exposes weaknesses in short URLs used by cloud-based services such as OneDrive that put supposedly private data at risk. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-15 15:08:12 |
Threatpost News Wrap, April 15, 2016 (lien direct) |
Mike Mimoso and Chris Brook recap the news of the week, including the Badlock bust, encryption legislation, and cryptoworm ransomware. Mike also discusses last week's Infiltrate Con. |
|
|
|
![Kaspersky.webp](./Ressources/img/Kaspersky.webp) |
2016-04-15 12:00:12 |
The Time Has Come to Hack the Planet (lien direct) |
In this Threatpost Op-Ed, Katie Moussouris explains the significance of the newly free availability of ISO Standard 29147 Vulnerability disclosure, and why it keeps an important dialogue open between hackers and industry. |
|
|
|