What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-02-24 12:38:02 | Czech President Wants Hacker \'Extradited to Russia\' Not US (lien direct) | The Czech Republic's pro-Moscow president has repeatedly lobbied for a Russian hacker held in Prague and wanted by the US to be extradited to Russia, the justice minister was quoted as saying Saturday. | |||
|
2018-02-23 18:38:01 | Iranian Hackers Use New Trojan in Recent Attacks (lien direct) | The cyberespionage group known as OilRig and previously linked to Iran has been observed using a new Trojan in recent attacks, Palo Alto Networks reports. | APT 34 | ||
|
2018-02-23 15:47:02 | Dozen Flaws Found in Trend Micro Email Encryption Gateway (lien direct) | Researchers have discovered a dozen vulnerabilities in Trend Micro's Email Encryption Gateway, including several issues rated critical and high severity. A majority of the flaws have been patched by the vendor. | |||
|
2018-02-23 14:43:04 | Use of Fake Code Signing Certificates in Malware Surges (lien direct) | There has been surge in the use of counterfeit code signing certificates to evade security detection solutions, despite the high cost such certificates come with, a new Recorded Future report shows. | |||
|
2018-02-23 14:22:05 | Tech Giants Hit by Meltdown, Spectre Respond to Lawmakers (lien direct) | Intel, AMD, ARM, Apple, Amazon, Google and Microsoft have responded to lawmakers who raised questions last month about the disclosure of the CPU vulnerabilities known as Meltdown and Spectre. | |||
|
2018-02-23 14:19:01 | GitHub Enforces Stronger Encryption (lien direct) | GitHub this week permanently disabled a series of weak cryptographic standards across its software development platform in an attempt to better protect users. | |||
|
2018-02-23 12:30:05 | GitLab Patches Domain Hijacking Vulnerability (lien direct) | Open source Git repository management system GitLab has addressed a security hole that could have been exploited to hijack users' custom domains and point them to malicious content. GitLab Pages is a feature that allows users to create websites for their projects, groups or user accounts, and then connect them to custom domains and TLS certificates. | |||
|
2018-02-23 12:08:02 | Report Highlights Challenges of Incident Response (lien direct) | False Positives Lead to a Surprising Number of Incident Response Investigations | Guideline | ||
|
2018-02-23 11:20:04 | It Takes a Village: The Importance of Security Standards (lien direct) | The Greatest Challenge that DMARC Adoption Faces is That Many Do Not Know That it Exists | |||
|
2018-02-22 19:08:03 | Fraud Campaign Targets Accounts Payable Contacts at Fortune 500 Firms (lien direct) | A new business email compromise (BEC) campaign is targeting accounts payable personnel at Fortune 500 companies in an attempt to trick victims into initiating fraudulent wire transactions to attacker-controlled accounts, IBM warns. | |||
|
2018-02-22 18:18:01 | Mirai Variant Sets Up Proxy Servers on Compromised Devices (lien direct) | A newly observed variant of the infamous Mirai botnet is capable of setting up proxy servers on the infected Internet of Things (IoT) devices, Fortinet warns. | |||
|
2018-02-22 17:15:04 | WhatsApp Co-founder Invests $50 Million in Signal (lien direct) | Open Whisper Systems, the organization behind the privacy-focused messaging app Signal, announced on Wednesday the launch of the Signal Foundation, with an initial investment of $50 million from WhatsApp co-founder Brian Acton. | |||
|
2018-02-22 15:36:01 | Do Business Leaders Listen to Their Own Security Professionals? (lien direct) | Survey Shows a Disconnect Between Business Leaders and Security Professionals A new research report published this week claims, "A disconnect about cybersecurity is causing tension among leaders in the C-suite -- and may be leaving companies vulnerable to breaches as a result." | Guideline | ||
|
2018-02-22 15:29:00 | Cisco Patches Critical Flaws in UCDM, ESC Products (lien direct) | Updates released by Cisco for its Unified Communications Domain Manager (UCDM) and Elastic Services Controller (ESC) products patch critical vulnerabilities that can be exploited by remote attackers. | |||
|
2018-02-22 13:27:05 | Several Vulnerabilities Patched in Drupal (lien direct) | Updates released on Wednesday for Drupal 7 and 8 patch several vulnerabilities, including issues rated “critical.” No bug fixes are included in the latest releases. One of the critical security holes patched by Drupal 8.4.5 and 7.57 is related to incomplete cross-site scripting (XSS) prevention mechanisms. | |||
|
2018-02-22 11:54:01 | Structure of Cyber Risk Perception Survey Could Distort Findings (lien direct) | CISOs Barely Mentioned in Report on Global Cyber Risk Perception | |||
|
2018-02-22 11:15:04 | Singapore Invites Cyberattacks to Strengthen Defenses (lien direct) | Hundreds of hackers have targeted Singapore's defence ministry –- but the attacks were at the government's invitation in an unusual attempt to strengthen cybersecurity. | |||
|
2018-02-22 11:05:05 | Cryptocurrency Fraud: In the Midst of a Gold Rush, Beware of Scammers (lien direct) | Bitcoin is the pioneer and obvious leader in the cryptocurrency market. But in 2017 alternative coins, or “altcoins,” began to transform the market. Nearly 1,500 cryptocurrencies are currently in circulation, and new altcoins emerge every week with Monero, Zcash and Ethereum among the top challengers to Bitcoin. | Guideline | ||
|
2018-02-22 09:39:00 | SEC Tells Execs Not to Trade While Investigating Security Incidents (lien direct) | The U.S. Securities and Exchange Commission (SEC) on Wednesday announced updated guidance on how public companies should handle the investigation and disclosure of data breaches and other cybersecurity incidents. | |||
|
2018-02-21 18:38:01 | Global Cybercrime Costs $600 Billion Annually: Study (lien direct) | The annual cost of cybercrime has hit $600 billion worldwide, fueled by growing sophistication of hackers and proliferation of criminal marketplaces and cryptocurrencies, researchers said Wednesday. | |||
|
2018-02-21 17:26:04 | Automated Compliance Testing Tool Accelerates DevSecOps (lien direct) | Chef Software's InSpec 2.0 Compliance Automation Tool Helps Organizations Maintain an Up-to-Date View of Compliance Status | |||
|
2018-02-21 17:05:04 | The Rise of ICS Malware: How Industrial Security Threats Are Becoming More Surgical (lien direct) | Last December, a malware variant specifically designed to attack industrial safety systems was discovered. | |||
|
2018-02-21 15:59:04 | Palo Alto Networks Releases New Rugged Firewall (lien direct) | Palo Alto Networks on Tuesday announced that it has updated its PAN-OS operating system and released a new next-generation firewall designed for use in industrial and other harsh environments. | |||
|
2018-02-21 15:28:04 | Top Experts Warn Against \'Malicious Use\' of AI (lien direct) | 
Artificial intelligence could be deployed by dictators, criminals and terrorists to manipulate elections and use drones in terrorist attacks, more than two dozen experts said Wednesday as they sounded the alarm over misuse of the technology.
|
|||
|
2018-02-21 15:20:05 | North Korea Cyber Threat \'More Aggressive Than China\': US Firm (lien direct) | North Korean hackers are becoming more aggressive than their Chinese counterparts, a leading US cybersecurity firm warned Tuesday, as it identified a Pyongyang-linked group as an "advanced persistent threat". | Guideline Cloud | APT 37 | |
|
2018-02-21 14:34:02 | Intel Releases Spectre Patches for More CPUs (lien direct) | Intel has released firmware updates that fix the Spectre vulnerability for many of its processors and patches for dozens more are nearly ready for use in production environments. | ★★★★ | ||
|
2018-02-21 13:05:00 | Malicious RTF Persistently Asks Users to Enable Macros (lien direct) | A malicious RTF (Rich Text Format) document has been persistently displaying an alert to ask users to enable macros, Zscaler security researchers have discovered. | |||
|
2018-02-21 12:41:04 | Hacker Detection Firm Vectra Networks Raises $36 Million (lien direct) | Vectra Networks, a cybersecurity firm that helps customers detect “in-progress” cyberattacks, today announced that it has closed a $36 million Series D funding round, bringing the total amount raised to date by the company to $123 million. | |||
|
2018-02-21 12:23:05 | Google Researcher Finds Critical Flaws in uTorrent Apps (lien direct) | Google researcher Tavis Ormandy discovered several critical vulnerabilities in the classic and web-based versions of BitTorrent's uTorrent application. Patches have been released, but it appears that not all flaws have been fixed properly. | |||
|
2018-02-21 06:22:04 | U.S. Justice Department Launches Cybersecurity Task Force (lien direct) | U.S. Attorney General Jeff Sessions announced on Tuesday the launch of a new cybersecurity task force whose role is to help the Department of Justice find ways to combat cyber threats and become more efficient in this area. | |||
|
2018-02-20 18:41:02 | Russian Cyberspies Shift Focus From NATO Countries to Asia (lien direct) | The Russia-linked cyber espionage group known as Sofacy, APT28, Fancy Bear, Pawn Storm, Sednit and Strontium has shifted its focus from NATO member countries and Ukraine to Central Asia and even further east, Kaspersky Lab reported on Tuesday. | APT 28 | ||
|
2018-02-20 18:18:02 | NIST Proposes Metadata Schema for Evaluating Federated Attributes (lien direct) | NIST's Attribute Metadata Schema Could Help Privacy Compliance in Multi-Domain Transactions | |||
|
2018-02-20 15:28:02 | Google to Acquire IoT Management Platform Xively (lien direct) | Google is stepping up its Internet of Things (IoT) game as it has entered into an agreement to acquire Xively, a division of LogMeIn, Inc. | |||
|
2018-02-20 15:14:04 | North Korean Hacking Group APT37 Expands Targets (lien direct) | A lesser known hacker group believed to be working on behalf of the North Korean government has been expanding the scope and sophistication of its campaigns, according to a report published on Tuesday by FireEye. | APT 37 | ||
|
2018-02-20 14:20:03 | 3 Million New Android Malware Samples Discovered in 2017 (lien direct) | More than 3 million new malware samples targeting the Android operating system were discovered in 2017, marking a slight decrease from the previous year, G Data reports. | |||
|
2018-02-20 10:05:01 | Apple Fixes Indian Character Crash Bug in iOS, macOS (lien direct) | Updates released by Apple on Monday for iOS, macOS, tvOS and watchOS patch a flaw that causes applications to crash when rendering specific strings of Indian characters. | |||
|
2018-02-19 19:48:05 | Several Vulnerabilities Patched in RubyGems (lien direct) | An update released last week for RubyGems includes several security improvements and patches for various types of vulnerabilities. | |||
|
2018-02-19 18:27:00 | Macro-Based Multi-Stage Attack Delivers Password Stealer (lien direct) | A malicious attack uses a multi-stage infection to deploy malware that is capable of stealing passwords from various applications on a victim's computer, Trustwave reports. | |||
|
2018-02-19 17:56:05 | NIST Working on Global IoT Cybersecurity Standards (lien direct) | NIST is Working Towards International Cybersecurity Standards for the Internet of Things With Draft Interagency Report (NISTIR) 8200 | |||
|
2018-02-19 15:26:01 | Record-Breaking Number of Vulnerabilities Disclosed in 2017: Report (lien direct) | A record-breaking number of vulnerabilities were disclosed in 2017, with a total of 20,832 such security flaws, a new report from Risk Based Security shows. | |||
|
2018-02-19 14:52:04 | Millions Stolen From Russian, Indian Banks in SWIFT Attacks (lien direct) | Malicious hackers attempted to steal millions of dollars from banks in Russia and India by abusing the SWIFT global banking network. A report published last week by Russia's central bank on the types of attacks that hit financial institutions in 2017 revealed that an unnamed bank was the victim of a successful SWIFT-based attack. | |||
|
2018-02-19 09:00:05 | Over 30 Lawsuits Filed Against Intel for CPU Flaws (lien direct) | More than 30 lawsuits have been filed by Intel customers and shareholders against the chip giant following the disclosure of the Meltdown and Spectre attack methods. | |||
|
2018-02-19 05:54:05 | Google Discloses Unpatched Edge Vulnerability (lien direct) | Google Project Zero has made public the details of an unpatched vulnerability affecting the Edge web browser after Microsoft failed to release a patch within a 90-day deadline. | ★★★ | ||
|
2018-02-19 03:16:00 | Cybersecurity Plagued by Insufficient Data: White House (lien direct) | Cyberattacks Are Costly, and Things Could Get Worse: US Report Cyberattacks cost the United States between $57 billion and $109 billion in 2016, a White House report said Friday, warning of a "spillover" effect for the broader economy if the situation worsens. | |||
|
2018-02-16 20:00:02 | (Déjà vu) Oracle to Acquire Cloud Security Firm Zenedge (lien direct) | Oracle said Thursday that it has agreed to acquire cloud security firm Zenedge for an undisclosed sum. | |||
|
2018-02-16 18:14:01 | Global Powers Must Address \'Episodes of Cyberwar\': UN Chief (lien direct) | World leaders must lay the groundwork on how countries respond to cyberattacks that have proven to be a daunting threat, whether by state actors or criminal enterprises, UN secretary general Antonio Guterres said Friday. | Guideline | ||
|
2018-02-16 16:12:01 | Oracle WebLogic Server Flaw Exploited to Deliver Crypto-Miners (lien direct) | Threat actors are exploiting a recently patched vulnerability in Oracle WebLogic Server to infect systems with crypto-currency mining malware, FireEye reports. | |||
|
2018-02-16 15:41:05 | U.S. Government Contractors Score Poorly on Cyber Risk Tests (lien direct) | Report Analyzes Cyber Risk of Federal Supply Chain | |||
|
2018-02-16 15:38:05 | U.S. Energy Department Announces Office for Cyber, Energy Security (lien direct) | The U.S. Department of Energy announced this week that it's creating a new Office of Cybersecurity, Energy Security, and Emergency Response (CESER). | |||
|
2018-02-16 09:14:00 | BGP Flaws Patched in Quagga Routing Software (lien direct) | Several vulnerabilities that could lead to denial-of-service (DoS), information disclosure, and remote code execution have been patched this week in the Quagga routing software suite. | Guideline |
To see everything:
Our RSS (filtrered)
