What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-06-27 11:35:03 | Chrome OS 75 Adds More Mitigations for Intel MDS Flaws (lien direct) | Chrome OS version 75, which Google released on Wednesday in the stable channel, adds more mitigations for recently disclosed Microarchitectural Data Sampling (MDS) vulnerabilities affecting most Intel processors made in the last decade. | |||
|
2019-06-27 05:29:03 | Critical Flaws Found in Cisco Data Center Network Manager (lien direct) | Cisco on Wednesday informed customers that its Data Center Network Manager (DCNM) product is affected by several vulnerabilities, including ones described as “critical” and “high severity.” | |||
|
2019-06-27 04:29:02 | French Consumer Group Launches Class Action Against Google (lien direct) | A French consumer rights group said Wednesday that it has launched a class action lawsuit against US tech giant Google for violating the EU's strict data privacy laws. | |||
|
2019-06-23 01:21:01 | Report: Jet Propulsion Laboratory Hacked for 10 Months (lien direct) | A report says hackers stole data from NASA's Jet Propulsion Laboratory in Southern California for nearly a year without being detected. | |||
|
2019-06-23 01:13:03 | U.S. Launched Cyber Attacks on Iran After Drone Shootdown: Reports (lien direct) | 
The United States launched cyber attacks against Iranian missile control systems and a spy network this week after Tehran downed an American surveillance drone, US media reported on Saturday.
|
|||
|
2019-06-21 18:07:00 | New Botnet Exploits Android Debug Bridge and SSH (lien direct) | A newly discovered crypto-currency mining botnet can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH), Trend Micro reports. | |||
|
2019-06-21 17:21:04 | Data on Patients Taking Vascepa Prescription Medication Exposed (lien direct) | 78,000 Patient Healthcare Records Exposed in Unsecured MongoDB Database | |||
|
2019-06-21 14:46:02 | macOS Crypto-Miner Emulates Linux (lien direct) | New crypto-currency mining malware is targeting systems running macOS, and works by emulating Linux, Malwarebytes security researchers have discovered. | Malware | ||
|
2019-06-21 13:58:04 | Millions of Devices Exposed to Attacks Due to Flaw in PC-Doctor Software (lien direct) | More than 100 million computers from Dell and other vendors may have been exposed to hacker attacks due to a serious vulnerability in software made by hardware diagnostic tools provider PC-Doctor. | Vulnerability | ||
|
2019-06-21 11:54:04 | Massive Data Breach at Canada Credit Union Giant Desjardins (lien direct) | Canada's Desjardins credit union announced Thursday that the personal banking information of 2.9 million customers had been stolen by an employee and distributed to outside parties. | Data Breach | ||
|
2019-06-21 11:04:03 | UK Regulator Calls Out Compliance Failures in Targeted Advertising Industry (lien direct) | The UK regulator for data protection and privacy (the Information Commissioner's Office -- ICO) has published a report on its ongoing investigation into the adtech and real-time bidding (RTB) industries. This is a work in progress, but it is clear that the ICO is not confident that the collection of personal data and subsequent processing of that data by RTB conforms with current legislation. | |||
|
2019-06-21 10:55:01 | Phishing Campaign Impersonates DHS Alerts (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert on a phishing campaign using attachments that impersonate the Department of Homeland Security (DHS). In an effort to make their attack successful, the phishers spoofed the sender email address to appear as a National Cyber Awareness System (NCAS) alert. | |||
|
2019-06-21 10:33:01 | Cloud Data Protection Firm Druva Raises $130 Million (lien direct) | Cloud data protection and management provider Druva on Thursday announced $130 million in new funding, which brings the total raised by the company to date to $328 million. | |||
|
2019-06-21 07:56:03 | Mozilla Patches Second Firefox Zero-Day Used in Cryptocurrency Attacks (lien direct) | Mozilla on Thursday patched a second zero-day vulnerability in Firefox that has been exploited by malicious actors to deliver Mac malware to cryptocurrency exchanges. | Malware Vulnerability | ||
|
2019-06-20 21:20:04 | Google Open-Sources Cryptographic Protocol (lien direct) | Google this week rolled out a new type of multi-party computation (MPC) to help organizations better collaborate with confidential data sets. | |||
|
2019-06-20 18:11:01 | Russia-Linked Hackers Hijack Infrastructure of Iranian Threat Group (lien direct) | Russia-Linked Hackers Use New Toolset and Likely Took Over Servers Operated by Iran-Linked "OilRig" Threat Group | Threat | APT 34 | |
|
2019-06-20 15:36:04 | Firefox Zero-Day Exploited to Deliver Malware to Cryptocurrency Exchanges (lien direct) | The recently patched Firefox vulnerability tracked as CVE-2019-11707 has been exploited to deliver Mac (and possibly Windows) malware to the employees of cryptocurrency exchanges. | Malware | ||
|
2019-06-20 14:06:05 | Indegy Launches Industrial Cybersecurity-as-a-Service Offering (lien direct) | Indegy on Thursday announced the general availability of CIRRUS, a new industrial cybersecurity-as-a-service (ICSaaS) offering. CIRRUS is designed to help organizations of all sizes monitor and protect their operational technology (OT) environments using cloud technologies and real-time threat intelligence sharing. | Threat | ||
|
2019-06-20 13:38:05 | Why Diversity of Thought in the Workplace Matters (lien direct) | Organizations Need Strong Leadership Backing in Order Train Managers on More Inclusive Management Styles | Guideline | ||
|
2019-06-20 13:19:04 | Critical Vulnerabilities Patched in Cisco SD-WAN, DNA Center Products (lien direct) | Cisco on Wednesday released patches for several critical and high-severity vulnerabilities affecting its SD-WAN, DNA Center, TelePresence, StarOS, RV router, Prime Service Catalog, and Meeting Server products. | |||
|
2019-06-20 11:00:04 | MongoDB Introduces Client-Side Field Level Encryption to Aid Compliance (lien direct) | MongoDB Inc, developer of the NoSQL MongoDB document-based database management product, has announced the latest version, 4.2. The primary new features are distributed transactions, an updated Kubernetes Operator, and client-side field level encryption. | Uber | ||
|
2019-06-20 07:39:01 | Senator Asks NIST to Propose Secure Data Sharing Methods (lien direct) | Senator Ron Wyden has asked the U.S. National Institute of Standards and Technology (NIST) to create and publish a guide for securely sharing sensitive data over the internet. | |||
|
2019-06-20 05:13:05 | Florida City Pays $600,000 Ransom to Save Computer Records (lien direct) | A Florida city agreed to pay $600,000 in ransom to hackers who took over its computer system, the latest in thousands of attacks worldwide aimed at extorting money from governments and businesses. | |||
|
2019-06-19 21:06:03 | Are Artificial Intelligence and Machine Learning Just a Temporary Advantage to Defenders? (lien direct) | Attackers Explore How to Defeat Machine Learning (ML)-Based Defenses and Use ML in Their Own Attacks | |||
|
2019-06-19 18:00:01 | Security Doesn\'t Have to be a Losing Battle (lien direct) | Hello world. While I have blogged pretty frequently in the past, this is my first official column for any sort of major publication, and I am so grateful for the opportunity from SecurityWeek. | |||
|
2019-06-19 17:26:03 | Cyberespionage Campaign Targets Android Users in Middle East (lien direct) | A recently uncovered cyberespionage campaign is targeting the users of Android devices in Middle Eastern countries, Trend Micro's security researchers reveal. | |||
|
2019-06-19 13:59:04 | (Déjà vu) Cloud Security Firm Valtix Emerges From Stealth With $14 Million in Funding (lien direct) | Santa Clara, California-based Valtix emerged from stealth mode on Wednesday with a cloud-native network security platform and $14 million in initial funding. | |||
|
2019-06-19 13:18:04 | Google Boosts Chrome Protection Against Deceptive Sites (lien direct) | Google is making web browsing with Chrome safer with a new option for reporting suspicious websites and a new warning mechanism for sites that use deceptive URLs. | |||
|
2019-06-19 12:55:04 | 645,000 Clients Affected in Oregon Department of Human Services Data Breach (lien direct) | Oregon Department of Human Services officials say they are notifying about 645,000 clients whose personal information is at risk from a January data breach. | Data Breach | ||
|
2019-06-19 12:40:00 | Facebook\'s Currency Libra Faces Financial, Privacy Pushback (lien direct) | Facebook is getting a taste of the regulatory pushback it will face as it creates a new digital currency with corporate partners. | |||
|
2019-06-19 11:55:01 | Accenture Acquires Research and Consulting Firm Deja vu Security (lien direct) | Professional services company Accenture this week announced the acquisition of Deja vu Security, a provider of security research and consulting to premier technology firms. | |||
|
2019-06-19 11:33:04 | AMCA Files for Bankruptcy Following Data Breach (lien direct) | Retrieval-Masters Creditors Bureau, the company that operates healthcare billing services provider American Medical Collection Agency (AMCA), has filed for Chapter 11 bankruptcy due to a recent data breach affecting millions of individuals. | Data Breach | ||
|
2019-06-19 08:54:04 | Oracle Patches Another Remote Code Execution Flaw in WebLogic (lien direct) | Oracle on Tuesday announced that it has released emergency patches for a critical remote code execution vulnerability affecting WebLogic Server, a Java EE application server that is part of the company's Fusion Middleware offering. | Vulnerability | ||
|
2019-06-19 05:54:01 | Firefox Zero-Day Vulnerability Exploited in Targeted Attacks (lien direct) | Updates released by Mozilla for its Firefox web browser on Tuesday patch a critical vulnerability that has been actively exploited in attacks. | Vulnerability | ||
|
2019-06-19 04:56:05 | Cloudflare Joins the League of Entropy (lien direct) | Internet security firm Cloudflare this week revealed its participation in “League of Entropy,” a worldwide effort of individuals and academic institutions to bring users a quorum of decentralized randomness beacons. | |||
|
2019-06-19 01:03:02 | Security Ratings Firm SecurityScorecard Raises $50 Million (lien direct) | SecurityScorecard, a provider of security ratings, said it has completed a $50 million Series D financing round led by Riverwood Capital, bringing the company's total funding to $110 million. | |||
|
2019-06-18 20:46:03 | France Seeks Hacker for Trial Over Death Following Prank (lien direct) | French prosecutors on Tuesday ordered infamous French-Israeli hacker Ulcan to stand trial over a telephone prank targeting the father of a French journalist who died soon after of a heart attack. | ★★★★ | ||
|
2019-06-18 20:36:02 | New Variant of the Houdini Worm Emerges (lien direct) | A new variant of the well-known Houdini Worm has been spotted in phishing attacks earlier this month, Cofense's security researchers report. | |||
|
2019-06-18 16:14:03 | London Gallery Chief Quits After Israel Spyware Report (lien direct) | The head of London's Serpentine Galleries, Yana Peel, resigned on Tuesday following a newspaper report about her links to a controversial Israeli spyware firm. The board of trustees of the contemporary art galleries announced "with a mix of gratitude and regret" that it has accepted Peel's resignation, adding that she would be "sorely missed". | |||
|
2019-06-18 15:54:01 | Free Cloudflare Tool Helps CAs Securely Issue Certificates (lien direct) | Internet performance and security firm Cloudflare on Tuesday announced the availability of a free API designed to help certificate authorities (CAs) securly issue certificates by ensuring that malicious actors cannot complete the domain control validation process via BGP hijacking and DNS spoofing attacks. | Tool | ||
|
2019-06-18 15:19:01 | Modular Backdoor Can Spread Over Local Network (lien direct) | A recently discovered backdoor can spread itself over a local network, in addition to allowing attackers to install additional malware onto compromised machines. | Malware | ||
|
2019-06-18 14:23:05 | Critical Flaw Exposes TP-Link Wi-Fi Extenders to Remote Attacks (lien direct) | A critical remote code execution vulnerability discovered by an IBM X-Force researcher allows an unauthenticated attacker to take complete control of some TP-Link Wi-Fi extenders. Firmware updates that should patch the flaw have been made available by the vendor. | Vulnerability | ||
|
2019-06-17 20:14:00 | Mirai Offspring "Echobot" Uses 26 Different Exploits (lien direct) | A recently discovered variant of the Mirai Internet of Things (IoT) malware uses a total of 26 different exploits for the infection phase, Akamai reports. | Malware | ||
|
2019-06-17 19:58:03 | Android Apps Target Bitcoin, By-Passing 2FA (lien direct) | Last week researchers reported on apps abusing the Android push notifications feature to deliver spam. Now other researchers have described apps using a similar but more advanced approach to by-pass two-factor authentication. | |||
|
2019-06-17 18:24:00 | Researcher Scrapes and Posts 7 Million Venmo Transactions (lien direct) | Venmo is a peer-to-peer mobile app designed to make it easy to send and receive payments from friends. It is owned by PayPal -- and it is no stranger to security issues. | |||
|
2019-06-17 18:07:04 | DHS Issues Alert for Windows \'BlueKeep\' Vulnerability (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) on Monday issued an alert for the Windows vulnerability tracked as BlueKeep and CVE-2019-0708. | Vulnerability | ||
|
2019-06-17 17:32:05 | (Déjà vu) Decryptor Released for Latest GandCrab Ransomware Variants (lien direct) | A free decryption tool is now available for the victims of the latest variants of the GandCrab ransomware. | Ransomware Tool | ||
|
2019-06-17 17:25:03 | Push Technology Used in Mobile Attacks (lien direct) | Researchers have detected an Android trojan that abuses the web push technology. In its benign use, web push is used by legitimate websites -- such as news sites -- to send out new event notifications. The less benign use is to employ the technology to send out what amounts to phishing notifications. | |||
|
2019-06-17 14:19:00 | Federal Agencies Still Using Knowledge-Based Identity Verification (lien direct) | Some U.S. government agencies still rely on knowledge-based identity verification despite the fact that this system has been easy to beat following the massive data breaches suffered by the Office of Personnel Management (OPM) and Equifax | Equifax | ||
|
2019-06-17 13:05:02 | Investigation and Response is a Team Sport (lien direct) | I've talked before about how we have the tools and technologies to make the intelligent SOC a reality. It's a welcomed development given the global cybersecurity skills shortage of three million and growing. |
To see everything:
Our RSS (filtrered)
