What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-05-14 13:17:01 | Compliance comes back into focus (lien direct) | Compliance is something organisations have been grappling with for some time. However, it has come into focus once again with the impending EU General Data Protection Regulation (GDPR). Time is running out. From May 25th, any business that falls foul of a data breach could face a potential fine of €20m, or 4% of annual ... | |||
|
2018-05-14 13:15:04 | Is the C-suite exempt from cyber-crime anxiety? (lien direct) | If recent cyber-attacks are anything to go by, cyber-criminals are capable of causing colossal damage to organisations of all sizes. With vital public services such as the NHS succumbing to attacks, it seems that nothing is off the table when it comes down to cyber-criminals deciding who to target. However, according to some reports, the ... | |||
|
2018-05-11 10:24:05 | 86% of the UK\'s most valuable brands fail to safeguard consumers online (lien direct) | Red Sift, a data-driven cybersecurity platform, has published new research into the UK’s top 50 most valuable brands' email domains, revealing that 86% of these brands do not have the appropriate measures in place to fully protect their customers from email fraud with the GDPR deadline looming. The snapshot study focused specifically on determining whether or ... | |||
|
2018-05-11 10:21:03 | Botnet Operators Cash in on Rewards Programme Credentials (lien direct) | By Kat Weinberger, Intelligence Analyst, Flashpoint Flashpoint analysts have been tracking several small specialty shops in the Russian-language underground advertising access to the login credentials of customer accounts for travel and hospitality rewards programmes. Since the observed vendors appear to offer a small number of accounts from a large number of institutions, Flashpoint analysts believe ... | |||
|
2018-05-11 10:10:03 | Can consumers bank on financial services being secure with GDPR? (lien direct) | By Ralf Sydekum, Technical Manager, F5 Networks The face of finance is changing. Many institutions are abandoning the high street and moving towards a faster, more responsive 24-hour on-line services to meet customer demand. Yet, as digital engagement increases, hacker groups are using sophisticated tools to infiltrate operations and attack critical applications to gain access ... | |||
|
2018-05-11 10:04:00 | Global Study by Netwrix Finds Rapid Cloud Adoption by Government Lacks Security (lien direct) | Netwrix Corporation, provider of a visibility platform for data security and risk mitigation in hybrid environments, today released the 2018 Netwrix Cloud Security: In-Depth Report for Government infographics. The infographics provide insight into the use of cloud technology by government departments and highlight their concerns and plans regarding data security in the cloud. The report ... | |||
|
2018-05-11 10:00:03 | Researchers Come Up With a Way to Launch Rowhammer Attacks via Network Packets (lien direct) | Five academics from the Vrije University in Amsterdam and one from the University of Cyprus have discovered a way for launching Rowhammer attacks via network packets and network cards. Their discovery makes Rowhammer attacks easier and much more convenient to launch, as an attacker only needs to bombard a victim’s network card with specially-crafted packets. ... | |||
|
2018-05-11 09:59:03 | Firefox 60\'s WebAuthn API: No Password Required (lien direct) | In the web browser war, Mozilla is positioning itself to dominate over the competition with its release of Firefox 60, which includes the option of a password-less signin. The latest version of the Firefox browser uses a Web Authentication API, WebAuthn for short, which enables authentication using public key cryptography, taking credentials management to a new ... | |||
|
2018-05-11 09:58:03 | Equifax now says some passport info was stolen in breach (lien direct) | Equifax acknowledged a relatively small number of passport images and information were stolen as part of last year's security breach, despite previously denying such a thing occurred. View full story ORIGINAL SOURCE: NY Post | Equifax | ||
|
2018-05-11 09:57:04 | Mobile Phishing Increasing at an Alarming Rate (lien direct) | Organizations are often so hyper focused on securing the network perimeter they overlook the fact that a lot of corporate data on mobile devices is making them the preferred target for phishing attacks. In fact, the rate at which people fall for phishing attacks has increased 85 per cent every year since 2011, according to ... | |||
|
2018-05-11 09:56:05 | What are cyber security professionals worth? (lien direct) | Exabeam has published its 2018 Cyber Security Professionals Salary and Job Report (registration required). While the survey pool was low at just 481 respondents, the results are interesting none the less. View full story ORIGINAL SOURCE: Enterprise Times | |||
|
2018-05-11 09:56:00 | Two-factor authentication hackable (lien direct) | Two-factor authentication may not be the panacea of securing access to online accounts that many believe it is as KnowBe4’s Kevin Mitnick shows how easily this defensive measure can be spoofed. View full story ORIGINAL SOURCE: SC Magazine | |||
|
2018-05-11 09:54:02 | Nest warns user of password breach – but not from its own systems (lien direct) | Nest, the Google-owned manufacturer of home automation devices best known for its smart thermostat, has warned a customer of a password breach, urging him to change it and deploy two-factor authentication (2FA). View full story ORIGINAL SOURCE: Computing | |||
|
2018-05-10 10:17:02 | 16,500 Student Loan Borrowers\' Information Exposed in Data Leak (lien direct) | Data sent to a third-party vendor that was not authorized to receive it led to a data breach involving 16,500 people associated with student loans. The affected company is Access Group Education Lending, and the company became aware of the situation on March 23. What Kind of Information Was Leaked? The public doesn't know the ... | |||
|
2018-05-10 10:13:04 | Kaspersky Lab discover critical vulnerabilities in a popular industrial protocol, affecting products from multiple vendors (lien direct) | Kaspersky Lab ICS CERT has analyzed the OPC UA (Object Linking and Embedding for Process Control Unified Automation) protocol, which is designed for secure data transfer between servers and clients in industrial systems, including critical infrastructure. Analysis discovered 17 zero-day vulnerabilities in the protocol's implementation, leading to denial-of-service threat attacks, as well as remote code ... | Guideline | ||
|
2018-05-10 10:11:03 | Catching the Blind Spots of Vendor Risk Management (lien direct) | Written by Tom Turner, CEO and President, BitSight In my experience there are a number of common blind spots associated with vendor risk management (VRM), or 'third party risk management' as it is sometimes called. In this article I will share with the readers what I see as six top misconceptions surrounding VRM and suggest ... | |||
|
2018-05-10 10:09:02 | Half of UK Organisations Have Fallen Prey to Ransomware Attacks (lien direct) | A year after the WannaCry ransomware attack impacted an estimated 200,000 victims and 200,000 computers, new research from Webroot, the Smarter Cybersecurity® company has revealed that organisations across the UK are still struggling to deal with ransomware. Webroot surveyed over 400 IT decision makers at UK businesses and found that 45 per cent of those ... | Wannacry | ||
|
2018-05-10 10:07:04 | How Iran\'s Russia-Inspired Hackers Could Retaliate To Trump\'s Nuclear Deal Retreat (lien direct) | Iran has increasingly moved into the clandestine side of the online world to infiltrate enemies and counter threats. With President Trump’s decision to remove the U.S. from the nuclear deal with Iran, many now fear the nation’s hackers, inspired by Russia’s successes in online sabotage, will lead the charge in response to American antagonism. View ... | Guideline | ||
|
2018-05-10 10:07:00 | CNI providers face hefty fines for cyber security failings (lien direct) | New UK laws implementing the EU directive on the security of network and information systems (NIS) goes into effect on 10 May 2018. All organisations classified by the NIS Competent Authorities to be “operators of essential services” will be affected by new laws. The new rules are aimed at ensuring the UK's most critical industries ... | |||
|
2018-05-10 10:05:05 | (Déjà vu) 182% Increase in ID Records on Darknet With Kids\' Personal Info Being Exploited (lien direct) | 4iQ is a identity threat intelligence company that monitors the internet for identity records exposed in data breaches and accidental leaks. The latest 4iQ identity breach report indicates that between 2016 and 2017 there was a 182 percent increase in raw identity records discovered by its team. View full story ORIGINAL SOURCE: Bleeping Computer | |||
|
2018-05-10 10:05:00 | Losses, Not Breaches, Drive AppSec Investment (lien direct) | Many organizations, including the likes of Panera, UnderArmour, Delta and Sears, have suffered the consequences of a “golden child” app that runs wild. They all have experienced high-value web-app attacks. A new study released by Arxan, 2018 Global Study on Application Security, takes a look at the impact apps running in unsecured environments pose to businesses and the specific tools and ... | |||
|
2018-05-10 09:29:03 | New Facebook Messenger bug that steals your passwords on the loose – here\'s how you can protect your account from it (lien direct) | A new “nasty” Facebook Messenger malware has been uncovered that can install without you knowing and steal your passwords. Called FacexWorm, the malware was spotted by consumer tech radio host Kim Komando and is apparently being used by cyber criminals to communicate their latest phishing scheme to innocent users. View full story ORIGINAL SOURCE: The Sun | |||
|
2018-05-10 09:28:04 | Most financial firms still unprepared for GDPR (lien direct) | With only a few weeks until implementation, more than 50% of investment firms globally are unlikely to be ready for the General Data Protection Regulation (GDPR) on 25 May 2018. This is according to a global industry survey of over 250 financial firms carried out by Cordium and AmberGate. View full story ORIGINAL SOURCE: Help ... | |||
|
2018-05-10 09:27:00 | Possible data breach may affect 30,000 Goodyear utility customers (lien direct) | A possible data breach has left some 30,000 Goodyear utility customers vulnerable. The City says it learned Monday about an apparent issue with its bill pay systems when a customer informed city officials of fraudulent activity on their bank account. “We took immediate action and shut down the online payment system,” says Sherine Zaya, a spokeswoman for ... | |||
|
2018-05-10 09:25:03 | Severe keyboard flaws in LG Smartphones allow remote code execution (lien direct) | LG has patched two severe vulnerabilities that reside in the default keyboard on all mainstream LG smartphones, including its flagship handsets; the flaws could be used to remotely execute code with elevated privileges. LG's update also includes a fix for a critical Android issue, from Google. View full story ORIGINAL SOURCE: Threatpost | |||
|
2018-05-09 14:41:00 | How can machine learning complement your existing security solutions? (lien direct) | By Liviu Arsene, Senior e–Threat Analyst at Bitdefender Despite the prevalence of the technologies, a degree of confusion remains around the difference between machine learning (ML) and artificial intelligence (AI). The distinction lies in the fact that machine learning is the practical implementation of artificial intelligence – the use of algorithms to analyse volumes of ... | |||
|
2018-05-09 14:36:02 | Retailers could increase annual revenue by as much as 5% by investing in cybersecurity measures that shoppers trust (lien direct) | A new report by Capgemini's Digital Transformation Institute has revealed that cybersecurity is a new source of competitive advantage for retailers. It calls for more organizations to align cybersecurity policies with customer expectations in order to take advantage of this opportunity. The report, Cybersecurity: The New Source of Competitive Advantage for Retailers demonstrates that consumers ... | |||
|
2018-05-09 14:29:04 | Appsec investments driven by losses, not prevention (lien direct) | Arxan Technologies, the trusted provider of application protection solutions, announced today the results of the 2018 Global Study on Application Security, conducted by the Ponemon Institute. The study surveyed nearly 1,400 IT and IT security practitioners in the United States, European Union and Asia-Pacific to understand the risk applications pose to businesses when running in unsecured ... | |||
|
2018-05-09 14:27:01 | Touch Biometrix to make passwords obsolete (lien direct) | Disruptive fingerprint technology company Touch Biometrix has secured funding to progress its plans to eradicate the need for computer and mobile phone passwords. The initial £150,000 seed investment from Deepbridge Capital will enable the business to develop new fingerprint sensors which will revolutionise a range of consumer electronics and enhance security for users. Touch Biometrix ... | |||
|
2018-05-09 14:25:01 | Only 9% of millennials are interested in a cybersecurity career (lien direct) | With a cybersecurity talent shortage projected to hit 1.8 million unfilled roles by 2020, the industry must start attracting younger workers to fill jobs and protect businesses. However, the field faces a problem: Only 9% of millennials said they are interested in pursuing a cybersecurity career at some point in their lives, according to a Tuesday ... | |||
|
2018-05-09 14:23:02 | Malaysia election: Politicians claim phones hacked; probe shows spam calls from unknown bot attacks (lien direct) | Malaysian politicians on Wednesday (May 9) say their mobile phones have been hacked and are being spammed by calls allegedly originating from the United States. “BN leaders’ handphones have been under technical attack since morning,” said Barisan Nasional (BN) Strategic Communications director Datuk Seri Rahman Dahlan. “Calls from overseas keep coming in every few seconds! To ... | Guideline | ||
|
2018-05-09 14:21:04 | \'I\'m hacked\' message left on dozens of defaced Canon IoT security cameras in Japan (lien direct) | “I'm Hacked. bye2” – That's the message left behind on most of the hacked Canon security cameras in Japan. Over 60 cameras were hijacked and defaced on Sunday, but dozens more had been hacked over the last several weeks. Some victims reportedly are locked out of their cameras; they can't control them and they can't correct the defacement. ... | |||
|
2018-05-09 14:20:02 | Every major OS maker misread Intel\'s docs. Now their kernels can be hijacked or crashed (lien direct) | Linux, Windows, macOS, FreeBSD, and some implementations of Xen have a design flaw that could allow attackers to, at best, crash Intel and AMD-powered computers. At worst, miscreants can, potentially, “gain access to sensitive memory information or control low-level operating system functions,” which is a fancy way of saying peek at kernel memory, or hijack ... | |||
|
2018-05-09 14:18:00 | Backdoored Python Library Caught Stealing SSH Credentials (lien direct) | Barely a week has passed from the last attempt to hide a backdoor in a code library, and we have a new case today. This time around, the backdoor was found in a Python module, and not an npm (JavaScript) package. The module’s name is SSH Decorator (ssh-decorate), developed by Israeli developer Uri Goren, a ... | |||
|
2018-05-09 14:16:01 | Mirai botnet cost you $13.50 per infected thing, say boffins (lien direct) | Berkeley boffins reckon the Dyn-based Internet of Things attack that took down Brian Krebs’ Website in 2016 cost device owners over $US320,000. Since the 2016 hit on KrebsOnSecurity involved devices in their tens of thousands, the costs to individuals (in power consumption and bandwidth charges) only ends up a handful of dollars per hacked device.The entire thing-owner ... | |||
|
2018-05-04 13:45:03 | Bank of England and Cyber Security Challenge UK Partner to Find the Next Generation of Cyber Security Experts (lien direct) | There is an urgent need to find the people that will protect and safeguard businesses, people and their data. In response, a number of banks and financial institutions are investing in their cyber security, particularly personnel. Today, Cyber Security Challenge UK, a non-profit organisation dedicated to inspiring and enabling people to seek careers in the ... | |||
|
2018-05-04 13:41:04 | Could video sharing be the solution to Windows 10\'s security woes? (lien direct) | By Trevor Dolan, Segment Director at Kollective It's a great time to work in IT. In 2018, the role of IT is now seen as a key business function rather than a cost cutting one. IT is helping businesses progress in the current digital climate, managing processes so employees can be more productive, and helping ... | |||
|
2018-05-04 13:39:04 | GDPR Downfall: 45% of employees have accidentally shared key information in emails to unintended recipients (lien direct) | New research by data security company, Clearswift, has shown that 45% of employees have mistakenly shared emails containing key data with unintended recipients, including personal information (15%), bank details (9%), attachments (13%) and other confidential text (8%). The research, which surveyed 600 senior business decision makers and 1,200 employees across the UK, US, Germany and ... | |||
|
2018-05-04 13:38:04 | Tennessee Officials Are Trying To Get To The Bottom Of An Election Night Cyberattack (lien direct) | Officials in Knox County, Tennessee, are trying to gather more information about a cyberattack that crashed a government website that displayed election results to the public during its primary election for local offices on Tuesday. View full story ORIGINAL SOURCE: Huffington Post | |||
|
2018-05-04 13:37:05 | DDoS attacks fall by 60 per cent one week after WebStresser close down (lien direct) | German DDoS mitigation service Link11 claims that the number of attacks has fallen by almost two-thirds since the WebStresser ‘service’ was taken offline in coordinated raids last week. That’s according to figures released by the company to Bleeping Computer, which suggest that DDoS attacks have fallen by 60 per cent in just one week after the ... | |||
|
2018-05-04 13:37:01 | Google, Microsoft Urge Georgia Gov Governor to Veto Cybercrime Bill (lien direct) | Tech giants Google and Microsoft have joined a chorus or cybersecurity experts urging Georgia Gov. Nathan Deal to veto a bill that makes unauthorized computer access a crime punishable by up to a year in prison. The 11/2-page proposal, passed in March in the final chaotic hours of Georgia's legislative session, would make it illegal to intentionally ... | |||
|
2018-05-04 13:36:00 | Campbell helps businesses defend against cybercrime (lien direct) | Former England international footballer Sol Campbell has hosted a defensive masterclass for small businesses to help them protect themselves against cybercrime. Research by Barclays has found, on average, London businesses have lost over £50,000 each as a result of cybercrime. It also found more than half of London businesses have been targeted by a scam ... | |||
|
2018-05-04 13:35:02 | Healthcare sector suffered more than half of all cyber-attacks in 2017 (lien direct) | In the past couple of years, while we have seen a rise in businesses adopting new cyber-security policies, such measures have not been able to curb the rise of malicious malware and cyber-weapons used against healthcare. View full story ORIGINAL SOURCE: SC Magazine | |||
|
2018-05-04 13:34:02 | Fresh fright of data-spilling Spectre CPU design flaws haunt Intel (lien direct) | Researchers have unearthed a fresh new set of ways attackers could potentially exploit data-leaking Spectre CPU vulnerabilities in Intel chips. German publication Heise reported that eggheads are preparing to disclose at least eight new CVE-listed vulnerability reports describing side-channel attack flaws in Chipzilla’s processors. View full story ORIGINAL SOURCE: The Register | |||
|
2018-05-04 13:33:02 | (Déjà vu) Twitter urges all users to change passwords after glitch (lien direct) | Twitter Inc urged its more than 330 million users to change their passwords after a glitch caused some to be stored in readable text on its internal computer system rather than disguised by a process known as “hashing”. View full story ORIGINAL SOURCE: Reuters | |||
|
2018-05-03 14:00:04 | Russian government strengthening national cyber-security prior to World Cup (lien direct) | The Russian government, together with the national special services, is continuing strengthening the country’s cyber-security prior to the World Cup football tournament being held in the country this summer. View Full Story ORIGINAL SOURCE: SC Magazine UK | |||
|
2018-05-03 13:59:03 | ECB designs cyber attack simulation for financial firms (lien direct) | The European Central Bank has designed a new test simulating cyber attacks on banks, stock exchanges and other firms that are critical for the functioning of the financial system, it said on Wednesday. View Full Story ORIGINAL SOURCE: Reuters | |||
|
2018-05-03 13:58:00 | Malware targets Drupal to mine for cryptocurrency (lien direct) | The latest version of the Kitty malware family is targeting Drupal websites in an effort to mine cryptocurrency. According to researchers from Imperva’s Incapsula, Kitty is the latest malware to attack the Drupal content management system (CMS) for the purpose of cryptojacking. View Full Story ORIGINAL SOURCE: ZDNet | |||
|
2018-05-03 13:56:02 | Fancy that, Fancy Bear: LoJack anti-laptop theft tool caught phoning home to the Kremlin (lien direct) | LoJack for Laptops, a software tool designed to rat on computer thieves, appears to be serving a double purpose – by seemingly working with a Russian state-sponsored hacking team. The application allows administrators to remotely lock and locate, and remove files from, stolen personal computers. It’s primarily aimed at corporate IT types who want to ... | APT 28 | ||
|
2018-05-03 12:29:03 | Authentication is imperfect, but passwords are not going away (lien direct) | As a hacker, I found vulnerabilities like easy-to-guess passwords made my work much easier. If that attack vector didn’t pan out, I could usually get around the authentication flow, or gain basic privileges and escalate them for admin access. We must accept that these vulnerabilities – imperfect authentication and passwords – are not going away ... |
To see everything:
Our RSS (filtrered)
