What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-02-06 11:33:26 | NSA-Linked Hacking Tools Ported to Metasploit (lien direct) | Three hacking tools supposedly stolen from the National Security Agency-linked Equation Group and made public last year were recently ported to Rapid7's Metasploit Framework. | |||
|
2018-02-06 10:02:41 | Cisco Reissues Patches for Critical Firewall Flaw (lien direct) | Cisco has reissued patches for a critical vulnerability affecting some of the company's security appliances after identifying new attack vectors and additional affected features, and determining that the original fix had been incomplete. | |||
|
2018-02-06 06:12:05 | Grammarly Rushes to Patch Flaw Exposing User Data (lien direct) | Google Project Zero researcher Tavis Ormandy discovered a vulnerability in the online grammar checker Grammarly that could have been exploited by malicious websites to access user data. The app's developers quickly patched the flaw after learning of its existence. | |||
|
2018-02-05 22:21:29 | Crypto-mining Botnet Targets Android Devices (lien direct) | A new crypto-mining botnet has been growing and targeting Android devices with an open ADB port, Qihoo 360's NetLab researchers reveal. | |||
|
2018-02-05 15:59:48 | Gold Dragon Implant Linked to Pyeongchang Olympics Attacks (lien direct) | McAfee has discovered an implant that they believe was used as a second-state payload in the recent fileless attacks targeting organizations involved with the upcoming Olympics Games in Pyeongchang, South Korea. | |||
|
2018-02-05 15:34:58 | MacUpdate Distributes Mac Crypto-Mining Malware (lien direct) | Maliciously modified versions of popular applications distributed via the MacUpdate site were observed installing crypto-mining malware on Mac computers, Malwarebytes reports. | |||
|
2018-02-05 15:02:34 | Real-Time Intelligence: Security Silver Bullet or Too Good to Be True? (lien direct) | Many Real-time Threat Intelligence Offerings Aggregate Indicators of Compromise (IoCs) and Are Strictly Reactive | |||
|
2018-02-05 14:47:51 | Booz Allen Hamilton Awarded $621 Million DHS Cyber Contract (lien direct) | Technology consulting firm Booz Allen has been awarded a $621 million contract by the Department of Homeland Security (DHS) to support the government-wide Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) Program. | |||
|
2018-02-05 13:37:09 | Hackers Linked to Luminosity RAT Targeted by Law Enforcement (lien direct) | Europol's European Cybercrime Centre (EC3) and the UK's National Crime Agency (NCA) on Monday released the details of an international law enforcement operation targeting sellers and users of the Luminosity Trojan. | |||
|
2018-02-05 13:18:03 | UK Judges Block US Extradition of Alleged Hacker Lauri Love (lien direct) | British judges on Monday rejected a US request for the extradition of a man accused of hacking into thousands of US government computers in a ruling that could set a precedent for similar pending cases. | |||
|
2018-02-05 13:13:39 | Multiple Flaws Patched in WD MyCloud Device Firmware (lien direct) | Vulnerabilities that could allow unauthorized file deletion, unauthorized command execution and authentication bypass impacted WD (Western Digital) MyCloud devices, Trustwave reports. | |||
|
2018-02-05 09:36:00 | Alleged Kelihos Botnet Mastermind Extradited to U.S. (lien direct) | A 37-year-old Russian national accused of being the mastermind behind the notorious Kelihos botnet has been extradited from Spain to the United States. | |||
|
2018-02-05 05:30:41 | Flash Zero-Day Attacks Analyzed by FireEye, Cisco (lien direct) | FireEye and Cisco have analyzed the attacks involving a recently disclosed Flash Player zero-day vulnerability and linked them to a group known for targeting South Korean entities. | |||
|
2018-02-02 17:51:59 | Japan Raids Hacked Crypto Exchange, Bitcoin Plunges Further (lien direct) | Japanese authorities on Friday raided virtual currency exchange Coincheck, a week after the Tokyo-based firm lost $530 million in cryptocurrency to hackers. | |||
|
2018-02-02 16:57:03 | Kaspersky Patches Vulnerabilities in Secure Mail Gateway (lien direct) | Kaspersky Lab this week released an update for its Secure Mail Gateway to resolve a series of vulnerabilities that could lead to account takeover, code execution, and privilege escalation. | Guideline | ||
|
2018-02-02 16:41:56 | Does The U.S. Need a National Cybersecurity Safety Board? (lien direct) | It is time, suggest two academics from Indiana University-Bloomington, for Congress to establish a National Cybersecurity Safety Board (NCSB) as an analogue of the National Transportation Safety Board (NTSB), to improve the level of cybersecurity in the U.S. | |||
|
2018-02-02 13:12:03 | New Botnet Is Recruiting IoT Devices (lien direct) | A new botnet is recruiting Internet of Things (IoT) devices by exploiting two vulnerabilities already popular among IoT botnets, Radware has discovered. | |||
|
2018-02-02 11:42:47 | Web Server Used in 100 ICS Products Affected by Critical Flaw (lien direct) | A critical vulnerability that could allow a remote attacker to execute arbitrary code has been found in a component used by more than 100 industrial control systems (ICS) from tens of vendors. | |||
|
2018-02-02 11:32:32 | It\'s Time For Machine Learning to Prove Its Own Hype (lien direct) | 
Machine Learning is a Black Box that is Poorly Understood
|
|||
|
2018-02-02 10:56:26 | The Price of Cybercrime: 9 Years in One Case, 6 Months in Another (lien direct) | Travon Williams, 33, was sentenced by the District Court for the Eastern District of Virginia to 9 years in jail for his role in a credit card fraud and identity theft scheme. | |||
|
2018-02-02 10:39:21 | Crypto-Mining Botnet Ensnares 500,000 Windows Machines (lien direct) | Focused on mining Monero crypto-currency, a new botnet has managed to ensnare over half a million machines to date, Proofpoint reports. | |||
|
2018-02-02 05:43:31 | Increasing Number of Industrial Systems Accessible From Web: Study (lien direct) | The number of industrial control systems (ICS) accessible from the Internet has increased significantly in the past year, reaching more than 175,000 components, according to a new report from Positive Technologies. | |||
|
2018-02-02 04:21:45 | Kaspersky Launches New Security Product for Exchange Online (lien direct) | Kaspersky Lab has expanded its small and medium-sized business (SMB) offering with a new cloud-based product designed to provide an extra layer of security for the Exchange Online email service in Microsoft Office 365. | |||
|
2018-02-01 16:31:23 | South Korea Warns of Flash Zero-Day Exploited by North Korea (lien direct) | South Korea's Internet & Security Agency (KISA) has issued an alert for a zero-day vulnerability in Flash Player that has reportedly been exploited in attacks by North Korean hackers. | |||
|
2018-02-01 16:24:49 | Legacy Malware and Legacy Systems Are Not a Legacy Problem (lien direct) | Companies must be wary of chasing shiny new threats with shiny new defenses, while leaving legacy systems vulnerable to legacy malware. | |||
|
2018-02-01 16:00:30 | AutoSploit: Automated Hacking Tool Set to Wreak Havoc or a Tempest in a Teapot? (lien direct) | AutoSploit Automatically Finds Vulnerable Targets via Shodan and Uses Metasploit Exploits to Compromise Hosts | |||
|
2018-02-01 14:11:01 | WannaMine Malware Spreads via NSA-Linked Exploit (lien direct) | A piece of crypto-mining malware is using sophisticated tools for its operations, including a Windows exploit linked to the National Security Agency, security researchers warn. | |||
|
2018-02-01 14:00:19 | Google Adds Custom Roles Feature to Cloud IAM (lien direct) | The Identity & Access Management (IAM) service in the Google Cloud Platform (GCP) now includes a feature that allows users to assign custom roles for finer-grained security. | |||
|
2018-02-01 12:42:02 | Don\'t Fall Victim to IP Theft and Corporate Espionage (lien direct) | If the infamous bank robber, Willie Sutton, were alive today and honed his cyber skills, he might turn his attention to corporate espionage. Why? Because, as he once said about banks, “that's where the money is.†| |||
|
2018-02-01 08:59:40 | Siemens Patches Flaws in Plant Management Product (lien direct) | Siemens has informed customers that a component of its TeleControl Basic product is affected by several vulnerabilities that can be exploited by an attacker to escalate privileges, bypass authentication, and launch denial-of-service (DoS) attacks. | |||
|
2018-02-01 05:58:20 | Serious Flaws Affect Several ManageEngine Products (lien direct) | Researchers at Digital Defense have uncovered several potentially serious vulnerabilities in IT management products from ManageEngine, including ones that allow an attacker to take complete control of the affected application. The vendor has released patches to address the flaws. | |||
|
2018-01-31 19:55:12 | FBI Pushes for Small Business Information Sharing (lien direct) | Howard S. Marshall, Deputy Assistant Director of the Cyber Division of the FBI, spoke Tuesday before the House Small Business Committee on the subject of 'Small Business Information Sharing: Combating Foreign Cyber Threats.' The purpose was to outline the FBI's role in helping small businesses defend against cyber threats. | |||
|
2018-01-31 18:40:08 | Remotely Exploitable Vulnerability Could Impact 300,000 Oracle PoS Systems (lien direct) | A vulnerability Oracle addressed in the MICROS Point-of-Sale (PoS) terminals with the January 2018 Critical Patch Update could impact more than 300,000 payment systems worldwide. | |||
|
2018-01-31 16:52:18 | Malware Exploiting Spectre, Meltdown Flaws Emerges (lien direct) | Researchers have discovered more than 130 malware samples designed to exploit the recently disclosed Spectre and Meltdown CPU vulnerabilities. While a majority of the samples appear to be in the testing phase, we could soon start seeing attacks. | |||
|
2018-01-31 16:13:36 | (Déjà vu) 700,000 Bad Android Apps Removed From Google Play in 2017 (lien direct) | Google took down over 700,000 Android applications from the official software marketplace last year, 70% more than were removed from the store in 2016. | |||
|
2018-01-31 15:58:33 | WANTED: Actionable Information, Practical Advice (lien direct) | After High Profile Cyber Incidents, Actionable Information is Often Buried in an Avalanche of Hype, Buzz, and Misinformation | |||
|
2018-01-31 15:14:38 | New AMD Processors to Include Protections for Spectre-like Exploits (lien direct) | AMD's new Zen 2 and future processors will include protections against Spectre and other similar exploits, the tech giant revealed on Tuesday as it announced its earnings for 2017. | |||
|
2018-01-31 14:04:21 | Asus Router Flaws Disclosed by Several Researchers (lien direct) | Several security researchers and companies have recently disclosed the details of potentially serious vulnerabilities they discovered in the past months in various Asus routers. | |||
|
2018-01-31 09:31:27 | Mozilla Patches Critical Code Execution Flaw in Firefox (lien direct) | An update released this week by Mozilla for Firefox 58 patches a critical vulnerability that can be exploited by a remote attacker for arbitrary code execution. Mozilla developer Johann Hofmann discovered that arbitrary code execution is possible due to unsanitized output in the browser UI. | |||
|
2018-01-30 18:16:03 | Tenable, Cylance Disclose Revenue Metrics (lien direct) | Cybersecurity solutions providers Tenable and Cylance this week shared financial metrics for 2017, with both privately-held companies showing strong revenue growth. Cylance reported revenue of more than $100 million last year, which the company says represents a year-over-year growth of 177 percent. | |||
|
2018-01-30 17:32:01 | ATM Jackpotting Attacks Strike in U.S. (lien direct) | Hackers have been targeting automated teller machines (ATMs) in the United States to make them spill out cash using an attack technique known as “jackpotting.†| |||
|
2018-01-30 16:31:00 | Tech Support Scammers Fined in US, Jailed in UK (lien direct) | Ohio Attorney General Mike DeWine and the Federal Trade Commission (FTC) announced Monday that operators of a nationwide computer repair scam have been banned from the tech support business as part of settlements with the FTC and Ohio. | |||
|
2018-01-30 15:43:15 | Security Explorations Launches New Research Program (lien direct) | After 10 years of conducting complex research often without expecting any monetary rewards, Poland-based Security Explorations has now decided to launch a commercial offering that gives organizations the chance to gain exclusive or non-exclusive access to the company's most interesting and unique projects. | |||
|
2018-01-30 09:10:09 | Cisco Patches Critical Code Execution Flaw in Security Appliances (lien direct) | Cisco informed customers on Monday that updates released for its Adaptive Security Appliance (ASA) software patch a critical vulnerability that can be exploited to gain full control of devices or cause them to reload. | |||
|
2018-01-30 03:24:47 | RELX Group to Acquire Fraud Fighting Firm ThreatMetrix for $815 Million (lien direct) | RELX Group, a provider of b2b Information and analytics services, announced on Monday that it has agreed to acquire fraud detection firm ThreatMetrix for £580 million (approximately $815 million) in cash. | |||
|
2018-01-29 19:16:42 | U.S. Floats Idea Nationalizing High-Speed Networks, Drawing Rebukes (lien direct) | US officials have launched a debate on a proposal to nationalize the newest generation of high-speed wireless internet networks in the name of national security, provoking sharp criticism from across the political spectrum. | |||
|
2018-01-29 19:09:44 | Lenovo Addresses Hardcoded Password in Fingerprint Manager (lien direct) | Computer maker Lenovo has updated Fingerprint Manager Pro for Windows 7, 8, and 8.1 to address several insecure credential storage issues in the software, including the presence of a hardcoded password. | |||
|
2018-01-29 16:35:04 | Researchers Connect Lizard Squad to Mirai Botnet (lien direct) | Lizard Squad and Mirai, which are responsible for a series of notorious distributed denial of service (DDoS) attacks, are connected to one another, a recent ZingBox report reveals. | |||
|
2018-01-29 16:24:24 | Phishing Pages Hidden in "well-known" Directory (lien direct) | UK-based cybercrime disruption services provider Netcraft has spotted thousands of phishing pages placed by cybercriminals in special directories that are present on millions of websites. | |||
|
2018-01-29 15:57:05 | UK Warns Critical Industries to Boost Cyber Defense or Face Hefty Fines (lien direct) | The UK government has warned that Britain's most critical industries must boost their cybersecurity or face potentially hefty fines under the EU's Networks and Information Systems Directive (NISD). |
To see everything:
Our RSS (filtrered)
