What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-08-31 06:53:10 | Adobe patches critical vulnerability in ColdFusion application server (lien direct) | Adobe Systems released critical security patches for its ColdFusion application server, which has been a target for hackers in the past.The updates are available for ColdFusion versions 10 and 11 and address a critical security vulnerability that could lead to sensitive information disclosure when parsing specially crafted XML entities.Administrators are advised to upgrade their ColdFusion deployments to version 10 update 21 or version 11 update 10, depending on which branch they're using. The ColdFusion 2016 release is not affected, Adobe said in a security advisory.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-08-31 04:40:00 | Review: SentinelOne blocks and dissects threats (lien direct) | SentinelOne Endpoint Protection Platform (EPP) is an antimalware solution that protects against targeted attacks, malware, and zero-day threats through behavioral analysis and process whitelisting and blacklisting. The client agent, which analyzes the behavior of processes on Windows, OS X, Linux, and Android endpoints, can replace or run alongside other signature-based antimalware solutions. SentinelOne EPP stands out not only for its protection capabilities but also for its excellent forensics and threat analysis.SentinelOne evaluates process behavior based on "dynamic execution patterns." The agent scans endpoints, indexes application files and processes, and sends information about them to the cloud where they are assigned reputation scores. When scores surpass policy thresholds, processes can be killed, files quarantined, and endpoints rolled back to the last known-good state. Metadata about processes and files are pooled among SentinelOne's customers, building an anonymous threat intelligence network that benefits everyone.To read this article in full or to leave a comment, please click here | |||
|
2016-08-31 04:39:00 | Lessons from high-profile IT failures (lien direct) | It has not been a good few months for the health and consistency of airline information technology. Two huge outages within a couple of weeks of each other -- caused by simple component failures -- resulted in massive passenger disruptions and cost two U.S. airlines millions of dollars in lost revenue and customer compensation.These events, while of course most painful for those who experienced them, present quite a few opportunities for learning and improving our own processes, and that's what I'd like to explore in this piece.[ Further reading: Backup and recovery tools: Users identify the good, bad and ugly ] First, a little background. What ended up being a faulty router took down the entire Southwest Airlines operation for a day on July 21 and caused rippling effects for several days after the original outage. (A fact that might surprise you is that Southwest is by a wide margin the largest domestic carrier of passengers in the United States.) The Dallas Morning News reported the fallout.To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 23:45:45 | Dropbox changed passwords after 68M accounts were compromised (lien direct) | Dropbox's move last week to ask users who had signed up before mid-2012 to change their account passwords followed the discovery of a large dump of email addresses and passwords related to these accounts.The online storage company confirmed late Tuesday reports that 68 million user email addresses and hashed and salted passwords from an incident in 2012 had been compromised.Dropbox said that the password reset the company completed last week covered all of the affected users so that the Dropbox accounts are protected.Last week, the company asked users who signed up before mid-2012 to change their passwords if they haven't done so since then, describing it as a preventive measure and not because there was any indication that their accounts were improperly accessed.To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 15:30:58 | Okta\'s API access product targets the trend toward services (lien direct) | Okta has changed key parts of its product portfolio to attract new users to its corporate identity management and access control platforms. The startup is launching a new API access management product and revamping its provisioning service to make it easier to change employees' permissions within a company.The changes, announced at the company's Oktane conference in Las Vegas on Tuesday, were designed to give Okta more ammunition against a growing field of identity-management rivals, including Microsoft and OneLogin.Okta API Access Management builds on Okta's existing tools for developers who manage application logins. It lets administrators control how users of those apps access business systems that are surfaced through APIs.To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 12:50:00 | 5 commonly misunderstood compliance terms (lien direct) | Although vendor-written, this contributed piece does not advocate a position that is particular to the author's employer and has been edited and approved by Network World editors.In the world of compliance and governance, terms such as certified, compliant and validated have distinct meanings that are often mistakenly used interchangeably. It is key to understand the terms themselves and how they are used in the industry, so here's a handy guide.Before we dive into the specific types of credentials, it is important to understand that there are two fundamental processes that take place during an initial audit – attestation and assurance -- that determine the extent to which the audit criteria are fulfilled. Conducting these procedures helps businesses meet third-party risk and compliance requirements and provides information to customers and other stakeholders that validates the integrity of an organization's control environment. To put it in simple terms, think of it like a letter of recommendation or evidence showing that something is true:To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 12:16:25 | BitTorrent client is found distributing Mac-based malware (lien direct) | A popular BitTorrent client called Transmission has again been found distributing Mac-based malware, months after it was used to spread a strand of ransomware.Researchers at security firm ESET have been following a malware called OSX/Keydnap, which can steal passwords, and noticed that it was spreading through Transmission's official site.Somehow, a version of the BitTorrent client containing the malware had been recently made available on the site, ESET said in a blog post on Tuesday.Transmission has already removed the download, according to ESET. But users who downloaded the client between this past Sunday and Monday should check for signs that their Mac has been comprised.To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 11:31:51 | Okta partners with Google to secure cloud identities (lien direct) | Identity management vendor Okta and Google have announced a partnership aimed at getting enterprises to secure their users' identities in the cloud.As part of the deal, Google will use Okta as its preferred identity provider for Google Apps enterprise customers. Businesses that buy a ton of Apps for Work licenses will also be encouraged to use Okta's services to manage how their users connect to business apps. Okta's identity management product makes it possible for companies to create one central directory of employees, who can then use a single set of credentials to get into business software that they need to use. That includes Google Apps and a variety of other services like Salesforce, Yammer, and ServiceNow. To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 08:09:20 | Attackers deploy rogue proxies on computers to hijack HTTPS traffic (lien direct) | Security researchers have highlighted in recent months how the web proxy configuration in browsers and operating systems can be abused to steal sensitive user data. It seems that attackers are catching on.A new attack spotted and analyzed by malware researchers from Microsoft uses Word documents with malicious code that doesn't install traditional malware, but instead configures browsers to use a web proxy controlled by attackers.In addition to deploying rogue proxy settings, the attack also installs a self-signed root certificate on the system so that attackers can snoop on encrypted HTTPS traffic as it passes through their proxy servers.To read this article in full or to leave a comment, please click here | |||
|
2016-08-30 07:48:00 | Facebook axed human Trending News editors, algorithm immediately goes full-on FAIL (lien direct) |
Hopefully you were not curious about why McChicken was trending on Twitter. If you checked it out and saw the graphic video of a man engaging in a sexual act with the McDonald's sandwich, then you might have wished for a miracle cure to unsee it. @geraldtbh
But Twitter was not the only place McChicken was trending; it was also trending on Facebook because it was going viral.To read this article in full or to leave a comment, please click here |
|||
|
2016-08-30 05:48:42 | New ransomware threat deletes files from Linux web servers (lien direct) | A destructive ransomware program deletes files from web servers and asks administrators for money to return them, though it's not clear if attackers can actually deliver on this promise.Dubbed FairWare, the malicious program is not the first ransomware threat to target Linux-based web servers but is the first to delete files. Another program called Linux.Encoder first appeared in November and encrypted files, but did so poorly, allowing researchers to create recovery tools.After attackers hack a web server and deploy FairWare, the ransomware deletes the entire web folder and then asks for two bitcoins (around US$1,150) to restore them, Lawrence Abrams, the founder of tech support forum BleepingComputer.com, said in a blog post.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 22:19:49 | Privacy groups complain to FTC about WhatsApp policy changes (lien direct) | Privacy groups in the U.S. have complained to the Federal Trade Commission that changes last week in WhatsApp's terms and privacy policy breaks its previous promise that user data collected would not be used or disclosed for marketing purposes.The Electronic Privacy Information Center and the Center for Digital Democracy have described the changes as unfair and deceptive trade practice, subject to an investigation and injunction by the FTC, in their complaint Monday.WhatsApp said last week it will be sharing some account information of users with Facebook and its companies, including the mobile phone numbers they verified when they registered with WhatsApp. The sharing of information will enable users to see better friend suggestions and more relevant ads on Facebook, it added.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 17:00:09 | Hackers had a chance to hamper voting by deleting records (lien direct) | A U.S. cybersecurity monitor on Monday described another breach of a voter election system just after after a leaked FBI report revealed two similar attacks.In June, anonymous hackers stole administrative login credentials in an unnamed county that would have let them delete voter registration records and prevent citizens from casting ballots.The information comes from the Multi-State Information Sharing and Analysis Center (MS-ISAC), which monitors cyber attacks against state and local governments and shares information with the FBI. MS-ISAC is supported by the Department of Homeland Security.The attack in June targeted a county election official through a phishing email, according to Brian Calkin, vice president of operations for the Center of Internet Security, which runs MS-ISAC.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 14:05:00 | 45% off Dictionary Hidden Book Safe With Lock - Deal Alert (lien direct) | This very realistic looking book cleverly conceals a solid steel locking safe. Designed to look simply like a dictionary, the diversion safe is a good consideration for a college student or anyone looking for a creative way to hide electronics, money, documents and more. You could argue that this is safer than a real safe -- thieves just won't spend their limited time looking through your books. The dictionary safe averages 4 out of 5 stars from over 140 people (read reviews). It's typical list price of $32.99 has been reduced 45% to just $17.99.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 11:56:00 | Cybersecurity and VMworld (lien direct) | With memories of Black Hat still in my head, I'm back in Las Vegas for VMworld. I'm sure there will be plenty of generic VMware and partner announcements but I'm here to assess how VMware is addressing enterprise security requirements with its technologies and partner relationships. I will be focusing on a few key areas:1.     NSX penetration. Last year, VMware talked a lot about emerging demand for NSX but I've seen a lot of momentum over the past 12 months. From a security perspective, large organizations adopt NSX to do a better job of segmenting workloads and network traffic, as well as network security operations. I'm interested to see how VMware security use cases are maturing and how VMware customers are moving toward building additional security controls and monitoring on top of NSX capabilities.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 10:36:10 | FBI warns that hackers are targeting state election systems (lien direct) | The FBI has reportedly found evidence that foreign hackers breached two state election databases in recent weeks.An FBI alert warning election officials about the breach was leaked, and it was posted in a report by Yahoo News on Monday. Voter registration databases from both Illinois and Arizona were targeted in the hacks, according to the report.In the Illinois case, personal data on 200,000 voters was stolen. In July, an official with the state's board of elections warned on Facebook that the voting system had fallen to a cyberattack, forcing a shutdown.To read this article in full or to leave a comment, please click here | Yahoo | ||
|
2016-08-29 07:19:00 | St Jude calls easily hackable pacemaker claims \'false and misleading\' (lien direct) | After MedSec revealed remotely exploitable flaws in St. Jude pacemakers and defibrillators to financial research firm Muddy Waters, choosing to profit by how far St. Jude stock fell after the report (pdf) was made public instead of taking a “responsible disclosure†path, St. Jude struck back by basically calling Muddy Waters' claims a bunch of lies.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-08-29 07:18:00 | IDG Contributor Network: Digify for Gmail: Mission Impossible for your email attachments (lien direct) | File sharing and the control over the data within file sharing sits on a continuum. On one end are the consumer offerings that are incredibly easy to use and come with enough, but not too much, functionality. That is the world Box, Dropbox and Google started with. And while these vendors have been moving towards higher-level features, it's fair to say that their start was in the ease-of-use court. At the other end, we have the solutions that are enterprise-focused. These solutions tend towards big, heavy, monolithic structures and myriad levels of control. They're all about ticking the boxes for enterprise security departments, and while they're certainly robust, they're not exactly known for user-friendliness. Indeed, the so-called "Dropbox problem" where enterprises see high levels of nonmandated solution use, came about largely because enterprise solutions are often so awful to use.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 06:39:00 | (Déjà vu) How to stop social media from being the gateway for malware (lien direct) | Easy to access, widely used, and outside of enterprise control, social media sites are gold mines for malicious actors. People share a lot of seemingly innocuous information, which is exactly the kind of data that hackers love to collect and use in phishing or spear phishing campaigns. A recent NopSec 2016 State of Vulnerability Risk Management Report found that organizations use inadequate risk evaluation scoring systems. The report claimed that social media -- which often isn't included in any risk evaluation system -- is now a top platform for cybersecurity.So, what's the correlation between social media and the rise in malware?To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 06:33:14 | Sophisticated malware possibly tied to recent ATM heists in Thailand (lien direct) | Security researchers have found a sophisticated malware program that may have been used recently by a gang of hackers to steal more than US$350,000 from ATMs in Thailand.A sample of the new malware, dubbed Ripper, was uploaded to the VirusTotal database from an Internet Protocol address in Thailand last week, shortly before local media reported that hackers used malware to steal 12.29 million Baht from 21 ATMs in the country.The incident forced the state-owned Government Savings Bank to temporarily shut down all of its ATMs made by one vendor so they could be checked for malware, the Bangkok Post reported last week.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 06:00:00 | New products of the week 8.29.16 (lien direct) | New products of the week Our roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.ASG-Mobius 6.0 Key features: ASG-Mobius 6.0 is a purpose-built content management system with proven scalability supporting platform, device and data independence. New AWS support enables cloud based solutions, on premise or hybrid implementations. More info.To read this article in full or to leave a comment, please click here |
|||
|
2016-08-29 04:30:00 | IDG Contributor Network: IT security\'s reality distortion field (lien direct) | Despite increasing data breaches (a whopping 4.7 billion data records worldwide being lost or stolen since 2013) and mounting regulatory and customer pressures around data protection, IT decision makers worldwide continue to ignore reality and rely on the same breach prevention strategies when it comes to protecting customer data and information. Today's IT security professional clearly has a “reality distortion field†when it comes to the effectiveness of perimeter security. According to a recent survey of IT decision makers worldwide, one-third of organizations experienced a data breach in the past 12 months. Yet, while 86 percent of organizations have increased perimeter security spending, 69 percent are not confident their data would be secure if perimeter defenses were breached. This is up from 66 percent in 2015 and 59 percent in 2014. Furthermore, 66 percent believe unauthorized users can access their network, and nearly two in five (16 percent) said unauthorized users could access their entire network.To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 04:00:00 | IDG Contributor Network: On-screen security alerts don\'t work (lien direct) | Pop-up alerts on computer screens don't work because they arrive at the wrong times, scientists say.Despite the popular belief-cultivated perhaps mainly by bosses-that humans can multitask, many believe they can't. And that hypothesis may be proven, in part, by the discovery that on-screen alerts generally don't achieve action if one is busy doing something else. The result is an increase in security vulnerabilities.Computer users are engrossed in tasks when the randomly timed alerts arrive, and it makes them less likely to respond.+ Also on Network World:Â How to craft a security awareness program that works +To read this article in full or to leave a comment, please click here | |||
|
2016-08-29 03:00:00 | Top tools for preventing data leaks (lien direct) | Data loss prevention tools Image by ThinkstockWe tested data loss prevention (DLP) tools from Comodo, Digital Guardian and Forcepoint. These products are designed to stop protected data from being shared in multiple ways, everything from e-mail attachments to printing to even screen captures. Forcepoint Triton was the most mature, easiest to setup and had the most features. Digital Guardian DLP was able to eliminate almost all false positives and would be a good choice for organizations with huge amounts of intellectual property. Comodo DLP offered a lot of flexibility as well as extras like a VPN, firewall, patch and mobile device manager, making it a good choice for organizations getting up to speed with their overall cybersecurity defenses. Read the full review.To read this article in full or to leave a comment, please click here |
|||
|
2016-08-29 03:00:00 | Review: Top tools for preventing data leaks (lien direct) | Most security tools are focused on keeping external attackers at bay. But what about the sensitive data that lives inside your network? How do you make sure it doesn't get out, either intentionally or by accident?That's where Data Loss Prevention (DLP) comes into play. DLP tools are designed to block protected data from being shared in various ways, everything from e-mail attachments to printing to even screen captures. DLP can protect core network stores as well as connected endpoints which might have confidential information.We looked at DLP solutions from Comodo, Digital Guardian and Forcepoint. Symantec was invited to participate, but declined.To read this article in full or to leave a comment, please click here | |||
|
2016-08-28 07:52:00 | Opera warns 1.7 million Opera Sync users of breach, forces password reset (lien direct) | About 350 million people use the Opera browser. Of those, 1.7 million received an email from Opera, warning that attackers breached Opera's cloud Sync service server. Even if a person didn't check their email, they would have known something was up since Opera forced a password reset for Sync users.Opera announced the breach on Friday. The company said it detected and then “quickly blocked†an attack last week, but “some data, including some of our sync users' passwords and account information, such as login names, may have been compromised.â€To read this article in full or to leave a comment, please click here | |||
|
2016-08-26 16:33:10 | Medical device security ignites an ethics firestorm (lien direct) | One security research company is taking a controversial approach to disclosing vulnerabilities: It's publicizing the flaws as a way to tank a company's stock.The security firm, MedSec, made news on Thursday when it claimed that pacemakers and other health care products from St. Jude Medical contain vulnerabilities that expose them to hacks.However, MedSec is also cashing in on the disclosure by partnering with an investment firm that's betting against St. Jude Medical's stock.The whole affair is raising eyebrows around the security community. It may be the first time someone has tried to get compensated for discovering vulnerabilities by shorting a stock, said Casey Ellis, CEO of Bugcrowd, a bug bounty platform.To read this article in full or to leave a comment, please click here | |||
|
2016-08-26 11:31:47 | Got big data? Check out these 100 best practices for keeping it secure (lien direct) | Big data is best known for its volume, variety, and velocity -- collectively referred to as the "3 Vs" -- and all three of those traits make security an elusive goal. Targeting companies grappling with that challenge, the Cloud Security Alliance on Friday released a new report offering 100 best practices.As its name would suggest, the CSA focuses on promoting the use of security best practices within the cloud computing world; corporate members include VMware, Microsoft, AWS, and Red Hat. In an earlier report, the CSA broke down big data security risks into a set of the top 10 major challenges. Now, for each of those, it presents 10 best practices designed to help enterprises keep their information safe.To read this article in full or to leave a comment, please click here | |||
|
2016-08-26 09:51:00 | Distil Networks uses device fingerprints to detect malicious web bots (lien direct) | This column is available in a weekly newsletter called IT Best Practices. Â Click here to subscribe. Â Who's that coming to your website? Is it friend or foe? Is it a customer wanting to buy your products, or someone or something wanting to steal your web content? Is it a community member that wants to post a relevant comment, or a spammer intent on planting junk links and content in your open comments section? Is it a real person clicking on an ad, or a web bot driving up fraudulent clicks?Web applications are increasingly being subjected to automated threats such as click fraud, comment spam, content scraping, abusive account creation, and more. These and other illicit or unwanted activities are described in detail in the OWASP Automated Threat Handbook for Web Applications.To read this article in full or to leave a comment, please click here | |||
|
2016-08-26 09:25:00 | 5 security practices hackers say make their lives harder (lien direct) | Whether they identify as white hats, black hats or something in-between, a majority of hackers agree that no password is safe from them - or the government for that matter. Regardless of where they sit with respect to the law, hackers mostly agree that five key security measures can make it a lot harder to penetrate enterprise networks.At the Black Hat USA 2016 conference in Las Vegas earlier this month, Thycotic, a specialist in privileged account management (PAM) solutions, surveyed more than 250 attendees who self-identified as hackers (respondents remained anonymous). Eighty-four percent of respondents identified as white hat hackers - security researchers that help organizations uncover and remediate vulnerabilities. And 15 percent identified as black hat hackers, who penetrate networks with criminal intent.To read this article in full or to leave a comment, please click here | |||
|
2016-08-26 08:14:40 | Mozilla launches free website security scanning service (lien direct) | In order to help webmasters better protect their websites and users, Mozilla has built an online scanner that can check if web servers have the best security settings in place.Dubbed Observatory, the tool was initially built for in-house use by Mozilla security engineer April King, who was then encouraged to expand it and make it available to the whole world.She took inspiration from the SSL Server Test from Qualys' SSL Labs, a widely appreciated scanner that rates a website's SSL/TLS configuration and highlights potential weaknesses. Like Qualys' scanner, Observatory uses a scoring system from 0 to 100 -- with the possibility of extra bonus points -- which translates into grades from F to A+.To read this article in full or to leave a comment, please click here | APT 19 | ||
|
2016-08-26 05:21:00 | Real-life examples test whether you are prepared for a cyberattack (lien direct) | Are you ready?While 83 percent of respondents say cyberattacks are among the top three threats facing organizations, only 38 percent say they are prepared to experience one, according to ISACA's 2015 Global Cybersecurity Status Report.Incident response is still largely a human response. Multiply an outdated response plan by the many human errors that can innocently occur during response and you have a recipe for potentially cataclysmic results in the threat event aftermath.Use the following tabletop exercises based on today's most disconcerting threats to update your response plan for live action.To read this article in full or to leave a comment, please click here | |||
|
2016-08-26 05:18:00 | Privacy Shield data transfer agreement now shelters 200 companies (lien direct) | There are now 200 companies standing behind Privacy Shield, the framework agreement allowing businesses to process the personal information of European Union citizens on servers in the U.S.Companies must register with the International Trade Administration of the U.S. Department of Commerce to be covered. It's a self-certification process, so the ITA is only checking that the forms are filled in correctly, not that companies are necessarily complying with all 13,894 words of the rules. The Privacy Shield rules are needed to ensure that EU citizens' personal information is afforded the same legal protection in the U.S. as required under EU law.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 23:39:36 | Dropbox prompts certain users to change their passwords (lien direct) | Dropbox is asking users who signed up before mid-2012 to change their passwords if they haven't done so since then.The cloud storage service said it was asking users to change their passwords as a preventive measure, and not because there is any indication that their accounts were improperly accessed.Dropbox said it was taking the measure because its security teams learned about an old set of Dropbox user credentials, consisting of email addresses and hashed and salted passwords, which it believes were obtained in 2012 and could be linked to an incident the company reported around the time.In July 2012, Dropbox said its investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of of Dropbox accounts. It said it had contacted the users affected to help them protect their accounts.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 15:17:46 | U.S. convicts Russian hacker in credit card theft scheme (lien direct) | Jurors in a U.S. federal court have convicted a Russian hacker of stealing and selling more than 2 million credit card numbers.On Thursday, the jury in Seattle found Roman Valerevich Seleznev guilty of charges related to his hacking of point-of-sale systems.Seleznev was arrested in 2014 after U.S. authorities accused him of installing malicious software on point-of-sale systems in U.S. restaurants .From 2009 to 2013, Seleznev used this scheme to steal credit card data from businesses and send it back to his servers in Ukraine and McLean, Virginia. The stolen data was then sold on the black market, with Seleznev promising that buyers could make fraudulent purchases with them.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 12:55:41 | Apple patches iOS security flaws found in spyware targeting activist (lien direct) | To spy on a human rights activist, hackers allegedly connected to a Middle Eastern government used three previously unknown vulnerabilities in Apple's iOS.The claims -- from research at Toronto-based Citizen Lab and mobile security firm Lookout -- focus on spyware that targeted Ahmed Mansoor, an activist in the United Arab Emirates.Earlier this month, Mansoor received an SMS text message on his iPhone claiming to offer “new secrets†about tortured detainees in his country. However, inside the message was a link that, once clicked, can infect an iPhone with spyware, using three zero-day exploits of iOS, the research found.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 12:33:00 | Apple patches iOS against potent zero-day spyware attack (lien direct) | Apple is issuing patches for three iOS zero-day vulnerabilities known as Trident that have been exploited for years by an Israel-based spyware vendor against a human rights activist, an investigative journalist and others.The attack, called Pegasus, is flexible, letting attackers steal a broad range of data from iPhones and iPads, according to the firms that discovered it.“In this case, the software is highly configurable: depending on the country of use and feature sets purchased by the user, the spyware capabilities include accessing messages, calls, emails, logs, and more from apps including Gmail, Facebook, Skype, WhatsApp, Viber, FaceTime, Calendar, Line, Mail.Ru, WeChat, SS, Tango, and others,†according to a blog post by Lookout Security, which, along with Citizen Lab, unearthed the vulnerabilities and Pegasus.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 08:14:00 | (Déjà vu) So your company\'s been hacked: How to handle the aftermath (lien direct) |
After a company has been hacked and the hack has been discovered to be a harmful one, top executives and IT leaders normally huddle in a room to assess the loss.It's usually not a pretty scene.It's not as if heads are exploding. It is more like what some might call a tense "come to Jesus" moment."It's not good," said cyber security expert Tyler Cohen Wood. She's participated in post-hack forensics sessions at companies and has witnessed the faces of panicked executives firsthand. Inspired eLearning
Tyler Cohen Wood is cyber security advisor to elearning company Inspired eLearning, and was previously a Defense Intelligence Agency cyber deputy division chief.To read this article in full or to leave a comment, please click here |
Guideline | ||
|
2016-08-25 06:56:07 | Cisco starts patching firewall devices against NSA-linked exploit (lien direct) | Cisco Systems has started releasing security patches for a critical flaw in Adaptive Security Appliance (ASA) firewalls targeted by an exploit linked to the U.S. National Security Agency.The exploit, dubbed ExtraBacon, is one of the tools used by a group that the security industry calls the Equation, believed to be a cyberespionage team tied to the NSA.ExtraBacon was released earlier this month together with other exploits by one or more individuals who use the name Shadow Brokers. The files were provided as a sample of a larger Equation group toolset the Shadow Brokers outfit has put up for auction.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 06:44:00 | IDG Contributor Network: Hack the vote: How attackers could meddle in November\'s elections (lien direct) | Political action committees aren't the only entities attempting to influence the upcoming U.S. presidential election. Supposedly, Russia wants a say in who should lead the country. At least that's the opinion you could form after reading the many news stories that allege Russia is behind the recent hacks targeting the Democratic National Committee and the Democratic Congressional Campaign Committee.Attack attribution aside (I shared my thoughts on that topic in last month's blog), these data breaches raise the question of whether attackers could actually impact an election's outcome.To read this article in full or to leave a comment, please click here | Guideline | ||
|
2016-08-25 05:35:00 | New collision attacks against triple-DES, Blowfish break HTTPS sessions (lien direct) | There is now a practical, relatively fast attack on 64-bit block ciphers that lets attackers recover authentication cookies and other credentials from HTTPS-protected sessions, a pair of French researchers said. Legacy ciphers Triple-DES and Blowfish need to go the way of the broken RC4 cipher: Deprecated and disabled everywhere.Dubbed Sweet32, researchers were able to take authentication cookies from HTTPS-protected traffic using triple-DES (3DES) and Blowfish and recover login credentials to be able to access victim accounts, said the researchers, Karthikeyan Bhargavan and Gaëtan Leurent of INRIA in France. The attack highlights why it is necessary for sites to stop using legacy ciphers and upgrade to modern, more secure ciphers.To read this article in full or to leave a comment, please click here | |||
|
2016-08-25 05:33:00 | Experts challenge Skyhigh\'s patent for cloud-based encryption gateway (lien direct) | Skyhigh announced today that it has received a patent for its technology, which moves that encryption gateway into a hosted environment.Enterprises looking to protect sensitive data stored in cloud services can funnel user traffic through on-premises encryption gateways that allow them to keep control of their encryption keys. Moving the encryption process to Skyhigh's servers allows for easier access by remote employees, mobile users, business partners, or customers, said Rajiv Gupta, Skyhigh's CEO. He says the company offers these encryption gateways in various locations, allowing customers to comply with data residency and privacy laws.To read this article in full or to leave a comment, please click here | |||
|
2016-08-24 20:38:13 | Facebook, Google, Twitter lax on terrorists\' misuse of their sites, say UK MPs (lien direct) | A panel of U.K. lawmakers has described as “alarming†that social networking companies like Facebook, Twitter and Google's YouTube have teams of only a few hundred employees to monitor billions of accounts for extremist content.“These companies are hiding behind their supranational legal status to pass the parcel of responsibility and refusing to act responsibly in case they damage their brands,†said a report released early Thursday in the U.K. by the Home Affairs Committee appointed by the House of Commons.To read this article in full or to leave a comment, please click here | |||
|
2016-08-24 17:07:14 | Passwords stolen from Mail.Ru were old, the company says (lien direct) | The 25 million account passwords stolen from Mail.Ru in a recently discovered hack were old and invalid, the Russian internet company said Wednesday.“The security of our users wasn't compromised in any way,†a Mail.Ru spokeswoman said in an interview.The hack targeted forums for game projects that the company has acquired over the years. These include subdomains at cfire.mail.ru, parapa.mail.ru and tanks.mail.ru. Hackers stole passwords of users who participated in the forums.However, the company said the stolen passwords were legacy data. None of them were related to current email accounts or other Mail.Ru services.To read this article in full or to leave a comment, please click here | |||
|
2016-08-24 15:58:41 | This Android botnet relies on Twitter for its commands (lien direct) | Twitter users aren't the only ones checking the microblogging service for important updates. Android malware is starting to do so, too.One maker of Android malware is using Twitter to communicate with infected smartphones, according to security firm ESET.The company discovered the feature in a malicious app called Android/Twitoor. It runs as a backdoor virus that can secretly install other malware on a phone.Typically, the makers of Android malware control their infected smartphones from servers. Commands sent from those servers can create a botnet of compromised phones and tell the malware on all the phones what to do.The makers of Android/Twitoor decided to use Twitter instead of servers to communicate with the infected phones. The malware routinely checks certain Twitter accounts and reads the encrypted posts to get its operating commands.To read this article in full or to leave a comment, please click here | |||
|
2016-08-24 13:49:00 | Security Sessions: The pitfalls of security awareness training (lien direct) | In the latest episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild speaks with Bill Rosenthal, CEO of Logical Operations, about what's missing in many security awareness training programs that enterprises often deploy (if they're doing them at all). | |||
|
2016-08-24 13:01:00 | When your government hacks you (lien direct) | There was a time when Cisco routers were unstoppable, and their deviations into proprietary protocols and constructions were accepted because Cisco could do no wrong. They were the smartest kids in networking protocols.But there is a crack in their armor, a glitch in the Teflon. Cisco may not be the only networking infrastructure vendor to now face an attack ostensibly from their own government, just the largest.Just as the U.S. government has taken Huwaei to task for an accusation of hidden code benefiting the Chinese government, other governments across the planet now know that their Cisco infrastructure can be cracked open-and no, it's not easy, and requires an additional step of having hacked in from some place else.To read this article in full or to leave a comment, please click here | |||
|
2016-08-24 11:17:33 | Hackers tap vBulletin vulnerability to break into 27 million more accounts (lien direct) | A vulnerability in a widely-used internet forum software is becoming a go-to method for hackers to steal data.Hackers recently targeted 11 different sites, many of them from Russia, and stole information from more 27 million Internet accounts, according to LeakedSource, a repository for data breaches.  About 25 million accounts of those accounts were from cfire.mail.ru, parapa.mail.ru, and tanks.mail.ru, all of them Russian language games. Another 1 million were tied to gaming titles from Funcom, including The Secret World and Age of Conan. The stolen data includes email addresses and hashed passwords that can be easily cracked.To read this article in full or to leave a comment, please click here | ★★ | ||
|
2016-08-24 10:38:11 | Telegram\'s encryption stymies French police but pleases their bosses (lien direct) | French government officials have been revealed as fervent users of Telegram, a messaging app that is frustrating their interior minister with its end-to-end encryption.Telegram's fans include the current head of the French judicial police, Christian Sainte, and his predecessor, Frédéric Péchenard. The app's security has also won over a number of legislators, including the French finance minister, who encourages his team to use it, according to Wednesday's edition of French newspaper Le Canard Enchainé.Telegram claims over 100 million monthly users of its secure messaging app, but it was the action of just one of them -- Normandy church attacker Adel Kermiche -- that prompted French interior minister Bernard Cazeneuve to call on Tuesday for investigators to be allowed to eavesdrop on Telegram users' conversations.To read this article in full or to leave a comment, please click here | |||
|
2016-08-24 09:59:00 | French submarine builder\'s documents leak: A case of hacking for economic espionage? (lien direct) | DCNS, a French submarine builder, has allegedly been hacked – potentially for economic espionage reasons – and 22,400 pages of “secret†documents pertaining to its Scorpene-class submarine have been leaked.The Australian published redacted portions of the leaked documents, claiming to have seen thousands of pages outlining highly sensitive details about systems, sensors, specifications, tech manuals, stealth capabilities, antennae models, electromagnetic and infrared data, conditions under which the periscope can be used and more. The leaked documents reportedly detail “the entire secret combat capability of the six Scorpene-class submarines that French shipbuilder DCNS has designed for the Indian Navy.â€To read this article in full or to leave a comment, please click here |
To see everything:
Our RSS (filtrered)
