What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Kaspersky.png 2019-03-25 20:52:05 ThreatList: Remote Workers Threaten 1 in 3 Organizations (lien direct)

More than one-third of surveyed organizations (36 percent) said have experienced a security incident because of a remote worker\'s actions.

Kaspersky.png 2019-03-25 18:10:02 Malware Payloads Hide in Images: Steganography Gets a Reboot (lien direct)

Low-key but effective, steganography is an old-school trick of hiding code within a normal-looking image, where many cybersecurity pros may not think to look.

Kaspersky.png 2019-03-25 17:30:05 Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks (lien direct)

Attackers can remotely compromise multiple network devices (IP PBX, conferencing gear and IP phones), installing malware and eavesdropping via video and audio functions.

Kaspersky.png 2019-03-25 16:40:02 Some ASUS Updates Drop Backdoors on PCs in \'Operation ShadowHammer\' (lien direct)

The attack appears to be associated with a China-backed APT actor.

Kaspersky.png 2019-03-25 14:00:01 FEMA Exposes PII for Millions of Hurricane, Wildfire Survivors (lien direct)

The contractor with whom it shared the data has a vulnerable, unpatched network.

Kaspersky.png 2019-03-22 21:11:03 Spycams Secretly Live-Streamed 1,600 Motel Guests (lien direct)

Four have been arrested in the case.

Kaspersky.png 2019-03-22 20:28:04 Firefox and Edge Fall to Hackers on Day Two of Pwn2Own (lien direct)

Browsers Firefox and Edge take a beating on day two of the Pwn2Own competition.

Kaspersky.png 2019-03-22 20:22:02 Google Play Touts Certs in Quest For Enterprise Security (lien direct)

Google has snagged three security and privacy certifications for Google Play as it tries to appeal to enterprises despite numerous malicious apps and security issues.

Kaspersky.png 2019-03-22 20:22:01 Critical DoS Bug Bubbles Up in Facebook Fizz TLS 1.3 Project (lien direct)

Users of the open-source project should upgrade immediately.

Kaspersky.png 2019-03-22 18:33:00 Analysis: Drone Tech Creates New Type of Blended Threat (lien direct)

Hacked drones are breaching physical and cyberdefenses to cause disruption and steal data, experts warn.

Kaspersky.png 2019-03-22 15:07:03 Medtronic Defibrillators Have Critical Flaws, Warns DHS (lien direct)

The unpatched vulnerabilities exist in 20 products made by the popular Medtronics medical device manufacturer, including defibrillators and home patient monitoring systems.

Kaspersky.png 2019-03-21 20:47:04 WordPress Plugin Removed After Zero Day Discovered (lien direct)

The plugin, Social Warfare, is no longer listed after a cross site scripting flaw was found being exploited in the wild.

Kaspersky.png 2019-03-21 17:51:05 Hackers Take Down Safari, VMware and Oracle at Pwn2Own (lien direct)

On the first day of Pwn2Own 2019 hackers poked holes in Apple Safari, VMware Workstation and Oracle VirtualBox.

Kaspersky.png 2019-03-21 16:14:03 Facebook Stored Passwords in Plain Text For Years (lien direct)

The social media giant said that it is notifying users whose passwords it stored in plain text, which made them accessible for Facebook employees to view.

Kaspersky.png 2019-03-21 15:19:02 MyPillow and Amerisleep Targeted in Magecart Group Attacks (lien direct)

In both breaches of MyPillow and Amerisleep, the customers whose payment information was potentially stolen were not informed.

Kaspersky.png 2019-03-21 12:31:02 Cisco Patches High-Severity Flaws in IP Phones (lien direct)

The most serious vulnerabilities in Cisco\'s 8800 Series IP Phones could allow unauthenticated, remote attackers to conduct a cross-site request forgery attack or write arbitrary files to the filesystem.

Kaspersky.png 2019-03-20 21:20:00 Mac-Focused Malvertising Campaign Abuses Google Firebase DBs (lien direct)

Researchers said 1 million user sessions could have been exposed to the campaign, which downloads the Shlayer trojan.

Kaspersky.png 2019-03-20 20:36:05 Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats (lien direct)

Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.

Kaspersky.png 2019-03-20 19:03:03 Years-Long Phishing Campaign Targets Saudi Gov Agencies (lien direct)

The campaign, codenamed “Bad Tidings,” has sought out victims\' credentials with clever fake landing pages pretending to be the Saudi Arabian Ministry of Interior\'s e-Service portal.

Kaspersky.png 2019-03-20 17:00:04 Fin7 Ramps Up Campaigns With Two Fresh Malware Samples (lien direct)

Despite the 2018 crackdown on Fin7, the cybercrime group has been ramping up its efforts with two new malware samples and an attack panel.

Kaspersky.png 2019-03-20 15:05:01 Uber Deployed \'Surfcam Spyware\' in Australia to Crush the Competition – Report (lien direct)

Until a report this week, Uber\'s Surfcam\'s use was thought to be limited to incidents uncovered in Singapore in 2017. For its part, Uber denies that it\'s a "spyware."

Kaspersky.png 2019-03-19 21:07:05 Cardinal RAT Resurrected to Target FinTech Firms (lien direct)

A long-quiet malware family has been spotted targeting financial technology firms, armed with new obfuscation techniques to avoid detection.

Kaspersky.png 2019-03-19 20:43:00 Host of Flaws Found in CUJO Smart Firewall (lien direct)

Some of the flaws would allow remote code-execution.

Kaspersky.png 2019-03-19 19:40:03 Podcast: The High-Risk Threats Behind the Norsk Hydro Cyberattack (lien direct)

Threatpost talks to Phil Neray with CyberX about Tuesday\'s ransomware attack on aluminum producer Norsk Hydro, and how it compares to past manufacturing attacks like Triton, WannaCry and more.

Kaspersky.png 2019-03-19 18:31:03 Old Tech Spills Digital Dirt on Past Owners (lien direct)

Researcher buys old computers, flash drives, phones and hard drives and finds only two properly wiped devices out of 85 examined.

Kaspersky.png 2019-03-19 15:26:04 Researcher Says NSA\'s Ghidra Tool Can Be Used for RCE (lien direct)

Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users.

Kaspersky.png 2019-03-19 14:53:02 Norsk Hydro Calls Ransomware Attack \'Severe\' (lien direct)

When asked if the company plans to pay the ransom, its CFO said its main strategy is to use the backup data stored in the system.

Kaspersky.png 2019-03-19 12:00:00 ThreatList: DDoS Attack Sizes Drop 85 Percent Post FBI Crackdown (lien direct)

The FBI\'s crackdown on 15 DDoS-for-hire sites appears to have had an impact on DDoS attacks, the average size for which dropped 85 percent in the fourth quarter of 2018, a new report found.

Kaspersky.png 2019-03-15 18:30:00 Lenovo Patches High-Severity Arbitrary Code Execution Flaws (lien direct)

Lenovo has issued patches for several serious vulnerabilities in its products stemming from Intel technology fixes.

Kaspersky.png 2019-03-15 14:46:05 Unpatched Fujitsu Wireless Keyboard Bug Allows Keystroke Injection (lien direct)

An unpatched high-severity vulnerability allows keystroke injections in Fujitsu wireless keyboards.

Kaspersky.png 2019-03-14 20:19:01 Threatlist: IMAP-Based Attacks Compromising Accounts at \'Unprecedented Scale\' (lien direct)

Attackers are increasingly targeting insecure legacy protocols, like IMAP, to avoid running into multi-factor authentication in password-spraying campaigns.

Kaspersky.png 2019-03-14 19:43:05 Zero-Days in Counter-Strike Client Used to Build Major Botnet (lien direct)

A full 39 percent of Counter-Strike 1.6 game servers on Steam were found to be malicious.

Kaspersky.png 2019-03-14 15:56:00 Cisco Patches Critical \'Default Password\' Bug (lien direct)

Vulnerability allows adversaries to access monitoring system used for gathering info on operating systems and hardware.

Kaspersky.png 2019-03-14 15:33:03 GlitchPOS Malware Appears to Steal Credit-Card Numbers (lien direct)

A new malware targeting point of sale systems, GlitchPOS, has been spotted on a crimeware forum.

Kaspersky.png 2019-03-14 12:27:00 Insider Threats Get Mean, Nasty and Very Personal (lien direct)

Increasingly, attackers are targeting the most vulnerable people inside companies and exploiting their weaknesses.

Kaspersky.png 2019-03-13 19:44:05 Purveyor of Cracked Netflix, Hulu, Spotify Accounts Arrested (lien direct)

A Sydney man is accused of selling nearly 1 million compromised accounts, for a significant profit.

Kaspersky.png 2019-03-13 18:29:03 Intel Windows 10 Graphics Drivers Riddled With Flaws (lien direct)

Intel has patched several high-severity vulnerabilities in its graphics drivers for Windows 10, which could lead to code execution.

Kaspersky.png 2019-03-13 15:58:01 MAGA \'Safe Space\' App Developer Threatens Security Researcher (lien direct)

The mobile app, dubbed a "Yelp for Conservatives," was found with an open API leaking reams of user data.

Kaspersky.png 2019-03-13 15:23:05 Three Ways DNS is Weaponized and How to Mitigate the Risk (lien direct)

Why are hackers using the DNS infrastructure against us? The answer is more complex than you might think.

Kaspersky.png 2019-03-13 14:15:01 Threat Groups SandCat, FruityArmor Exploiting Microsoft Win32k Flaw (lien direct)

Newly patched CVE-2019-0797 is being actively exploited by two APTs, FruityArmor and SandCat.

Kaspersky.png 2019-03-12 21:05:05 Federal Focus on Cyber Plays Out in President\'s Budget, IoT Legislation (lien direct)

Money earmarked for the Defense Department and DHS, and bipartisan bills to address the security of federal IoT devices, showcase growing federal cyber-efforts.

Kaspersky.png 2019-03-12 20:52:03 Microsoft Patches Two Win32k Bugs Under Active Attack (lien direct)

Microsoft\'s March Patch Tuesday updates include 64 fixes, 17 of which are rated critical.

Kaspersky.png 2019-03-12 19:48:02 ThreatList: Phishing Attacks Doubled in 2018 (lien direct)

Scammers used both older, tested-and-true phishing tactics in 2018 - but also newer tricks, such as fresh distribution methods, according to a new report.

Kaspersky.png 2019-03-12 15:09:01 Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes (lien direct)

Microsoft won\'t be patching the bug, but a proof of concept shows the potential for successful malware implantation.

Kaspersky.png 2019-03-12 14:53:01 Adobe Patches Critical Photoshop, Digital Edition Flaws (lien direct)

Adobe fixed two arbitrary code execution flaws in its Photoshop and Digital Edition products.

Kaspersky.png 2019-03-11 19:31:04 Researcher Claims Iranian APT Behind 6TB Data Heist at Citrix (lien direct)

IRIDIUM is an APT that uses proprietary techniques to bypass two-factor authentication for critical applications, according to security firm Resecurity.

Kaspersky.png 2019-03-11 19:14:02 Google Patches Critical Bluetooth RCE Bug (lien direct)

In all, Google reported 45 bugs in its March update with 11 ranked critical and 33 rated high.

Kaspersky.png 2019-03-11 17:44:02 Forrester: Ransomware Set to Resurge As Firms Pay Off Attacks (lien direct)

In this video, Josh Zelonis, senior analyst at Forrester Research, discusses the next great security threats to enterprises.

Kaspersky.png 2019-03-11 14:51:01 Facebook Alleges Two Ukrainians Scraped Data From 63K Profiles (lien direct)

Facebook is suing two Ukrainian men who were able to scrape data from 63,000 users\' profiles by enticing users to download a malicious browser extension.

Kaspersky.png 2019-03-09 13:00:05 RSA Conference 2019: The Expanding Automation Platform Attack Surface (lien direct)

Hacking into smart homes is becoming increasingly easy and a great way to steal victims\' personal information, Trend Micro said at RSA 2019.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-03-26 04:01:32
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter