What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Kaspersky.png 2019-05-21 15:15:00 HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak (lien direct)

HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.

Kaspersky.png 2019-05-21 14:22:03 Millions of Golfers Land in Privacy Hazard After Cloud Misconfig (lien direct)

A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see.

Kaspersky.png 2019-05-20 20:08:03 Sharing Threat Intelligence: Time for an Overhaul (lien direct)

All too often, information-sharing is limited to vertical market silos; to build better defenses, it\'s time to take a broader view beyond the ISAC.

Kaspersky.png 2019-05-20 18:44:05 Windows 10 Update Bricks PCs, Microsoft Offers Workarounds (lien direct)

A glitch in Microsoft\'s Windows 10 update is causing systems to freeze after users tried to use the System Reboot function. Luckily, workarounds exist.

Kaspersky.png 2019-05-20 15:55:03 Salesforce Woes Linger as Admins Clean Up After Service Outage (lien direct)

An accidental permissions snafu caused a massive outage for all Salesforce customers that continues to affect some businesses.

Kaspersky.png 2019-05-20 15:14:05 Behind the Naming of ZombieLoad and Other Intel Spectre-Like Flaws (lien direct)

A lot of thought and meaning goes into the naming of infamous CPU side channel flaws, like ZombieLoad, Spectre and Meltdown.

Kaspersky.png 2019-05-20 14:22:00 Slack Bug Allows Remote File Hijacking, Malware Injection (lien direct)

An attacker can supply a malicious hyperlink in order to secretly alter the download path for files shared in a Slack channel.

Kaspersky.png 2019-05-20 13:42:05 ZombieLoad: How Intel\'s Latest Side Channel Bug Was Discovered and Disclosed (lien direct)

Daniel Gruss, the researcher behind Spectre, Meltdown - and most recently, ZombieLoad - Intel CPU side channel attacks, gives an inside look into how he discovered the flaws.

Kaspersky.png 2019-05-17 19:28:04 WordPress WP Live Chat Support Plugin Fixes XSS Flaw (lien direct)

A cross-site scripting flaw in a popular WordPress plugin enables an unauthenticated attacker to insert JavaScript payloads into impacted websites.

Kaspersky.png 2019-05-17 17:06:00 Ransomware \'Remediation\' Firm Exposed: Researchers Weigh in on Paying (lien direct)

The decision to pay a ransom in the case of a ransomware attack can be a complex one for businesses.

Kaspersky.png 2019-05-17 15:44:03 How Decoding Network Traffic Can Save Your Data Bacon (lien direct)

The importance of reading the network tealeaves of a company\'s network traffic to head off an attack.

Kaspersky.png 2019-05-17 11:37:04 News Wrap: WhatsApp, Microsoft, Intel and Cisco Flaws (lien direct)

From a zero day flaw in WhatsApp, to Patch Tuesday fixes, Threatpost breaks down the top vulnerabilities of this week.

Kaspersky.png 2019-05-16 18:36:03 Mobile Risks Boom in a Post-Perimeter World (lien direct)

The bloom is on mobile, whether it be the enterprise, employees or the cybercriminals plotting new ways to slip past a corporate defenses in a post-parameter world.

Kaspersky.png 2019-05-16 18:01:05 Forbes Becomes Latest Victim of Magecart Payment Card Skimmer (lien direct)

The web skimming script was recently found stealing payment data on the websites of Forbes Magazine as well as seven others.

Kaspersky.png 2019-05-16 13:53:03 Cisco Service Provider, WebEx Bugs Offer Up Remote Code Execution (lien direct)

The vendor also issued a patch schedule for the still-unpatched bug in its Secure Boot trusted hardware environment, which affects most of its enterprise and SMB portfolio, amounting to millions of vulnerable devices.

Kaspersky.png 2019-05-16 13:05:00 Cybercrime Gang Behind GozNym Banking Malware Dismantled (lien direct)

Europol said it has dismantled the cybercrime network behind the GozNym malware, which siphoned more than $100 million from businesses.

Kaspersky.png 2019-05-15 20:01:03 Google Titan Security Key Recalled After Bluetooth Pairing Bug (lien direct)

Google is offering free replacements for its Titan Security Key after discovering a misconfiguration in its pairing protocols.

Kaspersky.png 2019-05-15 16:48:01 Intel ZombieLoad Side-Channel Attack: 10 Takeaways (lien direct)

Here are 10 top takeaways from Intel\'s most recent class of Spectre-like speculative execution vulnerabilities, disclosed this week.

Kaspersky.png 2019-05-15 14:50:00 Billions of Malicious Bots Take to Cipher-Stunting to Hide (lien direct)

Attackers have been tampering with TLS signatures at a scale never before seen using a technique called cipher-stunting.

Kaspersky.png 2019-05-14 20:49:04 (Déjà vu) Microsoft Patches Zero-Day Bug Under Active Attack (lien direct)

Microsoft Patch Tuesday security bulletin tackles 22 critical vulnerabilities.

Kaspersky.png 2019-05-14 20:31:03 Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More (lien direct)

A massive update addresses the breadth of the computing giant\'s product portfolio.

Kaspersky.png 2019-05-14 18:01:04 Intel CPUs Impacted By New Class of Spectre-Like Attacks (lien direct)

Intel has disclosed a new class of speculative execution side channel attacks.

Kaspersky.png 2019-05-14 16:18:03 Adobe Addresses Critical Adobe Flash Player, Acrobat Reader Flaws (lien direct)

Adobe has issued patches for 87 vulnerabilities on Patch Tuesday - the bulk of which exist in Adobe\'s Acrobat and Reader product.

Kaspersky.png 2019-05-14 15:21:01 Linux Kernel Flaw Allows Remote Code-Execution (lien direct)

The bug is remotely exploitable without authentication or user interaction.

Kaspersky.png 2019-05-14 12:58:02 (Déjà vu) WhatsApp Zero-Day Exploited in Targeted Spyware Attacks (lien direct)

WhatsApp has patched a vulnerability that allowed attackers to install spyware on victims\' phones.

Kaspersky.png 2019-05-14 12:00:05 Cynet: An Autonomous Security Platform for Any Size Organization (lien direct)

Cynet  protects the entire internal environment – including hosts, files, users and the network.

Kaspersky.png 2019-05-13 22:17:05 Pair of Cisco Bugs, One Unpatched, Affect Millions of Devices (lien direct)

The two high-severity bugs impact a wide array of enterprise, military and government networks.

Kaspersky.png 2019-05-13 21:02:01 Twitter Leaks Apple iOS Users\' Location Data to Ad Partner (lien direct)

A Twitter glitch "inadvertently" leaked iOS users\' location data to an unnamed partner.

Kaspersky.png 2019-05-13 16:46:00 ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks (lien direct)

In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT.

Kaspersky.png 2019-05-13 16:38:03 ThreatList: Top 5 Most Dangerous Attachment Types (lien direct)

From ZIP attachments spreading Gandcrab, to DOC files distributing Trickbot, researchers tracked five widescale spam campaigns in 2019 that have made use of malicious attachments.

Kaspersky.png 2019-05-10 21:29:02 FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug (lien direct)

Using a bug patched in March, the attacks are starting to ramp up worldwide.

Kaspersky.png 2019-05-10 18:48:00 News Wrap: Facebook Regulation, Verizon DBIR, Hidden Airbnb Cameras (lien direct)

From a creepy Airbnb incident to Verizon\'s Data Breach Investigations Report, Threatpost editors break down the top privacy and security stories for the week ended May 10.

Data Breach
Kaspersky.png 2019-05-10 16:53:03 The WannaCry Security Legacy and What\'s to Come (lien direct)

The WannaCry attack proved pivotal, changing the way organizations go about securing their environments.

Kaspersky.png 2019-05-10 15:43:05 Nvidia Warns Windows Gamers on GPU Driver Flaws (lien direct)

Nvidia has patched three vulnerabilities in its Windows GPU display driver that could enable information disclosure, denial of service and privilege escalation.

Kaspersky.png 2019-05-10 12:45:00 ThreatList: Nigerian Cybercrime Surged 54 Percent in 2018 (lien direct)

Nigerian scam groups launched even more attacks in 2018 - and used more complex types of malware to reach more victims.

Kaspersky.png 2019-05-09 21:08:04 \'Unhackable\' Biometric USB Offers Up Passwords in Plain Text (lien direct)

A simple Wireshark analysis was enough to subvert the gadget, which uses iris identification to protect the drive.

Kaspersky.png 2019-05-09 21:07:00 Chinese Hackers Behind 2015 Anthem Data Breach Indicted (lien direct)

Two have been indicted in the 2015 massive data breach of health insurer Anthem, which compromised the data of at least 78 million customers.

Data Breach
Kaspersky.png 2019-05-09 19:08:04 Hackers Take Over IoT Devices to \'Click\' on Ads (lien direct)

A video interview and Q&A with IoT specialist Dan Demeter of Kaspersky Lab.

Kaspersky.png 2019-05-09 17:06:01 Alpine Linux Docker Images Shipped for 3 Years with Root Accounts Unlocked (lien direct)

Alpine Linux Docker images available via the Docker Hub contained a critical flaw allowing attackers to authenticate on systems using the root user and no password.

Kaspersky.png 2019-05-09 16:00:02 Serious Phar Flaw Allows Arbitrary Code Execution on Drupal (lien direct)

Drupal, Typo3 and Joomla are all impacted by the bug.

Kaspersky.png 2019-05-09 14:49:00 Researchers in the Dark on Powerful LightNeuron Malware for Years (lien direct)

LightNeuron is the first to target Microsoft Exchange transport agents -- and is used as a hub for major Turla APT espionage efforts.

Kaspersky.png 2019-05-08 20:18:04 Airbnb Superhost Secretly Recorded Guests with Hidden Bedroom Camera (lien direct)

The incident is only the latest in a string of disturbing horror stories of guests finding live, recording cameras hidden in their Airbnb flats.

Kaspersky.png 2019-05-08 17:35:02 Google Patches Critical Remote Code-Execution Flaws in Android (lien direct)

The Android security update patches 15 bugs, four rated critical, 10 rated high and one ranked moderate in severity.

Kaspersky.png 2019-05-08 17:14:05 Lax Telco Security Allows Mobile Phone Hijacking and Redirects (lien direct)

A Q&A with Kaspersky Lab researcher David Jacoby examines a gaping hole in the telco customer-service process that allows adversaries to commandeer phone calls.

Kaspersky.png 2019-05-08 16:03:05 Google Touts Android Q\'s New Security Update Process and Better Privacy Controls for Apps (lien direct)

At Google I/O, the tech giant announced it is beefing up security in phones with its latest Android Q operating system by offering direct updates and privacy controls.

Kaspersky.png 2019-05-08 16:01:04 Verizon Data Breach Report: Espionage, C-Suite and Cloud Attacks on the Rise (lien direct)

Cloud misconfigurations, business email compromise (BEC) and intellectual property theft are all up in the Verizon DBIR 2019 from last year.

Data Breach
Kaspersky.png 2019-05-08 12:30:03 Top 5 Configuration Mistakes That Create Field Days for Hackers (lien direct)

Having appropriate security configurations requires your applications, servers and databases to be hardened in accordance with best practices.

Kaspersky.png 2019-05-08 12:01:03 Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats (lien direct)

Cynet Free IR empowers its users with a solution that is accessible and easy to use, bringing crucial incident response services in-house, while saving them valuable time and resources.

Kaspersky.png 2019-05-07 20:38:03 Critical Flaw in Cisco Elastic Services Controller Allows Full System Takeover (lien direct)

Cisco has patched a critical flaw in its virtualized function automation tool, Cisco Elastic Services Controller.

Kaspersky.png 2019-05-07 17:52:02 Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak (lien direct)

Forensic analysis shows a Chinese APT using Equation Group hacking tools at least a year before Shadow Brokers dumped its cache in April 2017.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-09-22 08:07:45
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter