What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2018-04-04 15:18:04 | Intel Halts Spectre Fixes On Older Chips, Citing Limited Ecosystem Support (lien direct) | Intel has halted patches for older chips addressing the Spectre vulnerability, according to a recent microcode update. | |||
|
2018-04-04 14:12:00 | Insecure SCADA Systems Blamed in Rash of Pipeline Data Network Attacks (lien direct) | After a cyberattack shut down numerous pipeline communication networks this week experts are stressing the importance of securing third-party systems in supervisory control and data acquisition (SCADA) environments. | |||
|
2018-04-03 16:01:03 | Google\'s April Android Security Bulletin Warns of 9 Critical Bugs (lien direct) | Google updates its Android OS to address its own OS and component partners Qualcomm and Broadcom. | |||
|
2018-04-03 15:21:03 | Panera Bread Slammed After Keeping Massive Data Leak Quiet For Eight Months (lien direct) | Panera is in hot water after sitting on a massive data leak for eight months on its website - and then trying to downplay the amount of customers impacted by the leak. | |||
|
2018-04-02 20:57:00 | U.S. DoD Hopes To Stamp Out Threats With Bug Bounty Program (lien direct) | The U.S. Department of Defense is the latest government entity to double down on vulnerabilities, on Monday announcing a new bug bounty program. | |||
|
2018-04-02 17:28:04 | Cloudflare Launches Publicly DNS-Over-HTTPS Service (lien direct) | Clouldflare launches DNS-over-HTTPS service called 1.1.1.1 that it says will be a “privacy-first” DNS service for consumers. | |||
|
2018-04-02 15:13:03 | Credit Card Data Swiped From 5M Saks, Lord & Taylor Customers (lien direct) | Hackers have stolen the credit card information of millions of shoppers who have frequented Saks Fifth Avenue and Lord & Taylor stores. | |||
|
2018-03-30 18:51:04 | Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack (lien direct) | Microsoft released an out-of-band security update that corrected a faulty patch that left Windows 7 and Windows Server 2008 open to attack. | |||
|
2018-03-30 15:58:03 | Under Armour Reports Massive Breach of 150 Million MyFitnessPal Accounts (lien direct) | Under Armour is getting kudos for disclosing breach within weeks, but concerns remain over an unknown portion of credentials reportedly stored using the weak SHA-1 hashing function. | |||
|
2018-03-29 19:58:02 | Drupal Issues Highly Critical Patch: Over 1M Sites Vulnerable (lien direct) | Drupal developers are urged to patch a bug that allows attackers to take over a site simply by visiting it. | |||
|
2018-03-28 21:35:00 | Cisco Patches Two Critical RCE Bugs in IOS XE Software (lien direct) | Cisco releases 22 patches as part of its semiannual Cisco IOS and IOS XE software security advisory. | |||
|
2018-03-28 16:25:02 | Bad Microsoft Meltdown Patch Made Some Windows Systems Less Secure (lien direct) | Researcher finds Microsoft's January Patch Tuesday release included a fix for the Intel Meltdown bug, however the update opened up a new vulnerability. | |||
|
2018-03-27 21:28:00 | Alleged Mastermind Behind Carbanak Crime Gang Arrested (lien direct) | The suspected leader behind the cyber crime group that targeted banks to rack up more than one billion Euros in damage over the past few years has been apprehended, according to the Spanish National Police. | Guideline | ||
|
2018-03-27 19:17:00 | Facebook Cracks Down On Data Misuse With Expanded Bug Bounty Program (lien direct) | Facebook announced that in the coming weeks it will expand its bug bounty program as the company cracks down on data misuse by app developers. | |||
|
2018-03-27 19:07:05 | GoScanSSH Malware Targets SSH Servers, But Avoids Military and .GOV Systems (lien direct) | Researchers identify a new malware family called GoScanSSH that avoids servers linked to government and military IP addresses. | |||
|
2018-03-26 21:09:05 | Sanny Malware Updates Delivery Method (lien direct) | Attackers, purportedly hailing from Korea, are stepping up their malware campaign with three new techniques ranging from abusing UAC and targeting Windows 10. | |||
|
2018-03-26 17:44:00 | Facebook Woes Continue as FTC Opens Data Privacy Probe (lien direct) | The Federal Trade Commission on Monday announced it is launching an investigation into Facebook's data privacy practices | |||
|
2018-03-26 15:54:05 | FBI: Iranian Firm Stole Data In Massive Spear Phishing Campaign (lien direct) | The Department of Justice has announced charges against nine Iranians, affiliated with the Mabna Institute, who are accused of stealing private data from U.S. universities, private companies, and U.S. government departments. | |||
|
2018-03-26 13:15:01 | Mozilla Tests DNS over HTTPS: Meets Some Privacy Pushback (lien direct) | Mozilla is testing a method of securing DNS traffic via HTTPS, but is faced with some privacy resistance. | |||
|
2018-03-23 20:54:05 | Senate Gives Nod To Controversial Cross-Border Data Access Bill (lien direct) | The senate on Thursday gave the thumbs up to a bill that is the subject of both support by tech companies and critique by privacy groups. | |||
|
2018-03-23 15:52:00 | A Closer Look at APT Group Sofacy\'s Latest Targets (lien direct) | Threatpost talks to Kaspersky Lab researcher Kurt Baumgartner who was instrumental in tracking the latest activities of the Russian-speaking Sofacy APT gang. | |||
|
2018-03-23 15:14:03 | Ransomware Attack Cripples Several Atlanta City Systems (lien direct) | The city of Atlanta is being extorted for $51,000 in a ransomware attack that occurred early Thursday that impacted several local government departments. | |||
|
2018-03-22 17:38:03 | Drupal Forewarns \'Highly Critical\' Bug to be Patched Next Week (lien direct) | Drupal is giving developers ample time to prepare for an update that patches a “highly critical” flaw because exploits might be developed within hours or days of disclosure. | |||
|
2018-03-22 15:42:00 | Apple To Fix Glitch Allowing Siri To Read Hidden Messages Out Loud (lien direct) | Apple has confirmed a privacy bug in it iPhone that allows the Siri voice assistant to read out messages from locked screens – even if the messages are hidden. | |||
|
2018-03-21 22:27:02 | Netflix Opens Public Bug Bounty Program with $15K Payout Cap (lien direct) | Netflix opens up bug bounty program to all white hat hackers and ups the ante for bugs to as much as $15,000. | |||
|
2018-03-21 20:36:02 | Zuckerberg Breaks Silence: \'We Made Mistakes\' Regarding Cambridge Analytica Debacle (lien direct) | Facebook CEO Mark Zuckerberg broke his silence on the Cambridge Analytica scandal that has unfolded this past week, acknowledging that “we made mistakes” and vowing to step up to the plate when it comes to data security. | |||
|
2018-03-21 19:56:02 | Facebook Fallout Continues as Politicians Call For Legal Action (lien direct) | Politians are calling for legal ramifications for Facebook on the heels of the data privacy scandal that rocked the social media giant this week. | |||
|
2018-03-21 16:47:02 | Orbitz Warns 880,000 Payment Cards Suspected Stolen (lien direct) | Orbitz said Tuesday a breach of both its consumer and partner platform may have led to the disclosure of 880,000 payment cards. | |||
|
2018-03-20 22:42:05 | Experts Call Facebook\'s Latest Controversy a Social Media \'Breach Of Trust\' (lien direct) | Security experts are calling for a higher prioritization of data security in the wake of Facebook's Cambridge Analytica scandal. | |||
|
2018-03-20 21:46:03 | AMD Acknowledges Vulnerabilities, Will Roll Out Patches In Coming Weeks (lien direct) | AMD on Tuesday acknowledged several vulnerabilities that had been reported in its Ryzen and EPYC chips, and said that it would roll out PSP firmware patches in the coming week. | |||
|
2018-03-20 14:45:01 | Programs Controlling ICS Robotics Are \'Wide Open\' to Vulnerabilities (lien direct) | Dewan Chowdhury, founder of MalCrawler, talks at SAS about the risks that companies face when securing their industrial control systems and robotics. | ★★ | ||
|
2018-03-19 22:16:01 | Researchers Show How Popular Text Editors Can Be Attacked Via Third-Party Plugins (lien direct) | Security risk in extensible text editors enable hackers to abuse plugins and escalate privileges. | |||
|
2018-03-19 17:53:04 | Facebook Data Privacy Policies Bashed By Critics After Cambridge Analytica Incident (lien direct) | Facebook is in hot water after acknowledging that a consulting group – that has worked on several high profile political campaigns, including that of President Donald Trump's – used the social media platform to harvest the data of 50 million users. | |||
|
2018-03-19 16:16:01 | A Mirai Botnet Postscript: Lessons Learned (lien direct) | Threatpost's Tom Spring sits down with Flashpoint and Akamai to discuss how the two companies worked together to address the 2016 Mirai DDoS attacks. | |||
|
2018-03-16 20:15:02 | New Microsoft Bug Bounty Program Looks To Squash The Next Spectre, Meltdown (lien direct) | Microsoft is looking to target new speculative execution side channel vulnerabilities - similar to Spectre and Meltdown - with a new bug bounty program. | |||
|
2018-03-16 15:26:05 | The \'Perfect Storm\' of Disinformation and Hacking (lien direct) | Matt Tait gives a list of examples throughout history where politically motivated groups have used disinformation and hacking as part of a campaign to shape public opinion. | ★★ | ||
|
2018-03-16 14:38:00 | Intel Details CPU \'Virtual Fences\' Fix As Safeguard Against Spectre, Meltdown Flaws (lien direct) | Intel is introducing hardware-based protections to its new chips to protect against the Spectre and Meltdown flaws that rocked the silicon industry when they were announced in early 2018. | |||
|
2018-03-15 21:47:04 | Walmart Jewelry Partner Exposes Personal Data Of 1.3M Customers (lien direct) | A Walmart jewelry partners' misconfigured AWS S3 bucket left personal details and contact information of 1.3 million customers in plain sight. | |||
|
2018-03-15 19:30:03 | Hyperbole Swirls Around AMD Processor Security Threat (lien direct) | Security community takes a critical look at CTS-Labs' disclosure of vulnerabilities in AMD vulnerabilities found in EPYC servers, Ryzen workstationsm and Ryzen mobile offerings. | |||
|
2018-03-15 16:37:01 | Iran-Linked Group \'TEMP.Zagros\' Updates Tactics, Techniques In Latest Campaign (lien direct) | An Iran-linked group is linked to a massive spear phishing campaign that sends malicious Word Docs to victims in Asia and the Middle East. | |||
|
2018-03-14 22:37:05 | New Web-Based Malware Distribution Channel \'BlackTDS\' Surfaces (lien direct) | Researchers highlight a privately held traffic distribution system tool for malware called BlackTDS that lowers the bar to entry for threat actors. | |||
|
2018-03-14 19:11:00 | New POS Malware PinkKite Takes Flight (lien direct) | Researchers shed light on a newly discovered family of point of sale malware that is extremely small in size and adept at siphoning credit card numbers from POS endpoints. | |||
|
2018-03-13 22:25:03 | Microsoft Patches 15 Critical Bugs in March Patch Tuesday Update (lien direct) | Products receiving the most patches included Microsoft browsers and browser-related technologies such as the company's JavaScript engine Chakra. | |||
|
2018-03-13 20:04:00 | AMD Investigating Reports of 13 Critical Vulnerabilities Found in Ryzen, EPYC Chips (lien direct) | Researchers on Tuesday disclosed over a dozen critical security vulnerabilities in several AMD chips, opening them up for attackers who want to steal sensitive data and install malware on AMD servers, workstations and laptops. | |||
|
2018-03-13 16:16:02 | China-Linked APT15 Used Myriad of New Tools To Hack UK Government Contractor (lien direct) | Cyber espionage group APT15 is back, this time stealing sensitive data from a UK government contractor. | APT 15 | ||
|
2018-03-12 17:23:00 | FireEye\'s Marina Krotofil On Triton and ICS Threats (lien direct) | At the Security Analyst Summit this year in Cancun, FireEye's Marina Krotofil talks about the Triton malware, first disclosed in December 2017, that targets industrial control systems. | Threat | ||
|
2018-03-12 16:49:05 | CCleaner Attackers Intended To Deploy Keylogger In Third Stage (lien direct) | As investigations continue about the backdoor that was planted in CCleaner, Avast said it has found that the actors behind the attack were planning to install a third round of malware on compromised computers. | CCleaner | ||
|
2018-03-10 15:30:01 | Cyber Espionage Campaign \'Slingshot\' Targets Victims Via Routers (lien direct) | Researchers have uncovered a new cyber-espionage threat that uses MikroTik routers as a springboard to launch attacks within a network. | |||
|
2018-03-09 17:11:05 | Sofacy APT Adopts New Tactics and Far East Targets (lien direct) | A new analysis of the Russian-speaking Sofacy APT gang shows a continual march toward Far East targets and overlapping of activities with other groups such as Lamberts, Turla and Danti. | ★★★★★ | ||
|
2018-03-09 16:31:02 | (Déjà vu) Security Camera Found Riddled With Bugs (lien direct) | Hanwha is patching 13 vulnerabilities in its SmartCam security camera that allows attackers to take control of the device, use it to gain further network access or just brick it. |
To see everything:
Our RSS (filtrered)
