What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2016-08-30 15:56:50 | Fiat Chrysler locks down on DealerCONNECT security after car theft (lien direct) | FCA upgraded its DealerCONNECT terms of use to threaten civil or criminal action to anyone who provides unauthorized third parties access to software. |
|||
|
2016-08-29 20:55:31 | Cozy Bear suspected of hacking Russia-focused think tanks in D.C. (lien direct) | The same cybergang that launched attacks against the Pentagon, State Department and DNC is also believed to have targeted Russia-focused think tanks in the U.S. |
APT 29 | ||
|
2016-08-29 20:12:39 | Accellion Kiteworks contain XSS vulnerabilities (lien direct) | Accellion Kiteworks appliance versions prior to kw2016.03.00 contain multiple vulnerabilities which can allow an attacker to conduct cross-site scripting attacks or to view limited sets of files. |
|||
|
2016-08-29 19:05:31 | HostSailor threatens Krebs with lawsuit (lien direct) | Web hosting company HostSailor has threatened legal action against KrebsonSecurity for posting a story, based on a Trend Micro report, tying that web firm to a now defunct group known for nefarious web activities. |
|||
|
2016-08-29 18:37:40 | Pegasus creators claim malware only sold for lawful use (lien direct) | A NSO Group spokesman claims Pegasus malware was only sold to governments under signed agreements to be used in a lawful manner. |
|||
|
2016-08-29 17:30:00 | FBI-owned Megaupload web pages serving up porn, adult services (lien direct) | Several web pages associated with the former file-sharing site Megaupload - seized by the FBI over four years ago in an online piracy investigation - are now serving up pornographic content and junk ads. |
|||
|
2016-08-29 16:55:17 | GoDaddy customers target of phishing scam (lien direct) | In what seems like a real email message from GoDaddy, users are prompted to upgrade storage within 24 hours, otherwise their emails account will be suspended |
|||
|
2016-08-29 16:47:54 | NH man pleads guilty to sextortion, accessed victims\' social media accounts (lien direct) | Ryan Vallee, a 22-year-old New Hampshire man, pleaded guilty to hacking into social media and email accounts and engaging in sextortion of almost a dozen female victims. |
Guideline | ||
|
2016-08-29 16:30:00 | WoSign mistakenly assigns two user certificates (lien direct) | A Chinese certificate authority mistakenly handed out legitimate user certificates for Github and the University of Central Florida (UCF) to a couple of unauthorized users. |
|||
|
2016-08-29 15:38:01 | Opera resets all user passwords following incursion (lien direct) | Opera is alerting customers of its web browser that its sync system was breached. |
|||
|
2016-08-26 20:00:00 | MedSec goes its own way with medical device flaw (lien direct) | Eschewing the bug bounty route, a cybersecurity firm which detected a flaw in a medical device from St. Jude Medical, partnered with an investment firm to capitalize on its knowledge and short sell stock in the device manufacturer. |
|||
|
2016-08-26 19:30:00 | Ransomware locks experts in debate over ethics of paying (lien direct) | The explosive growth in ransomware has once again heated up the debate as to whether infected organizations have an ethical responsibility to refuse payment. But are some companies exacerbating the problem by paying up even when they have viable data backups? |
|||
|
2016-08-26 19:08:26 | Dreambot banking trojan adds Tor functionality (lien direct) | Proofpoint researchers spot new variants of the Ursnif trojan dubbed "Dreambot," some of which now include Tor communication capabilities and or P2P functionality. |
|||
|
2016-08-26 19:06:18 | Lieu asks FCC to expedite investigation of SS7 flaw after DCCC hack (lien direct) | Rep. Ted Lieu (D-Calif.) is calling on the Federal Communications Commission (FCC) to accelerate its investigation of the SS7 flaw. |
|||
|
2016-08-26 17:21:45 | Latest Locky version on the loose (lien direct) | A new version of Locky ransomware has been spotted sporting an improved delivery mechanism, better obfuscation which combined make it more difficult for anti-malware scanners to spot. |
|||
|
2016-08-26 17:10:24 | Cisco updates advisory: "We have started publishing fixes" for NSA-linked exploits (lien direct) | Cisco updated a security advisory for a remote code execution vulnerability affecting the SNMP application-layer protocol. |
|||
|
2016-08-26 16:11:17 | State wildlife agencies halt license sales after apparent vendor breach (lien direct) | The fish and wildlife agencies of Washington, Oregon and Idaho have temporarily suspended the sale of hunting and fishing licenses and tags after the vendor operating their online licensing system was apparently breached. |
|||
|
2016-08-26 15:57:32 | U.S. CIO promotes $3.1B government-wide IT update (lien direct) | U.S. CIO Troy Scott promoted a $3 billion proposal to modernize government technologywhile speaking at an annual summit. |
|||
|
2016-08-26 15:03:18 | Dropbox recommending some users update account credentials (lien direct) | Dropbox is recommending to some users update the log in credentials for their account because a group of member emails and passwords may have been compromised. |
|||
|
2016-08-26 13:00:00 | Sony enables two-factor authentication for PlayStation (lien direct) | In a tweet sent out at after midnight on Wednesday night, Sony announced it was enabling two-factor authentication for its PlayStation Network. |
|||
|
2016-08-26 12:00:00 | Attacks increase as a result of DDoS-for-hire services (lien direct) | DDoS attacks have increased in frequency, scale and complexity over the past year, driven by DDoS-for-hire services. |
|||
|
2016-08-26 11:30:00 | WhatsApp to share users\' phone numbers with Facebook (lien direct) | WhatsApp announced a revised privacy policy that will allow the messaging service to share user phone numbers with Facebook. |
|||
|
2016-08-26 11:30:00 | Three iOS zero-days combined into Pegasus malware (lien direct) | Citizen Lab and Lookout researchers detected an active spyware which exploited three iOS zero-day vulnerabilities. |
|||
|
2016-08-26 11:30:00 | Researchers find seven classes of vulnerabilities in iOS sandbox security feature (lien direct) | Researchers across three universities have discovered seven classes of vulnerabilities in the sandboxing feature of Apple's iOS operating system. |
|||
|
2016-08-25 19:30:00 | Advocacy groups urge FCC to address connected car technology threat (lien direct) | Several public interest groups reached out to the FCC calling for action concerning the implementation of DSRC technology. |
|||
|
2016-08-25 19:15:00 | Lost devices leading cause of data breaches, report (lien direct) | Phishing scams and ransomware attacks may be grabbing the headlines, but for the financial sector lost or stolen mobile devices were the leading cause of data breaches over the last decade. |
Guideline | ||
|
2016-08-25 19:00:00 | Baltimore PD overstepping its bounds with aerial surveillance: ACLU (lien direct) | Baltimore police have been running an aerial surveillance program capable of tracking people and cars since early 2016, which is being paid for not by the city, but an unnamed private citizen and all of this has been done without public input. |
|||
|
2016-08-25 16:33:30 | Data breach hits Whitehead Nursing Home in Northern Ireland (lien direct) | A laptop taken home by an employee of the Whitehead Nursing Home was stolen. |
|||
|
2016-08-25 16:20:22 | VMware fixes flaws in Identity Manager, vRealize Automation (lien direct) | VMware released security updates this week to address a local privilege escalation vulnerability in its VMware Identity Manager and vRealize Automation software, as well as a remote code execution vulnerability in the latter product. |
|||
|
2016-08-25 16:17:57 | Hackers exploit vBulletin flaw to access 27M accounts on 11 websites (lien direct) | Attackers used a flaw in the internet forum software vBulletin to breach 11 websites, exposing personal information of 27 million accounts. |
|||
|
2016-08-24 19:43:09 | Twitoor first Android malware known to leverage Twitter for command and control (lien direct) | Researchers have found the first known Android mobile malware to use a Twitter account, rather than a traditional command-and-control server, to control infected devices. |
|||
|
2016-08-24 18:00:00 | Juniper confirms leaked "NSA exploits" affect its firewalls, no patch released yet (lien direct) | Juniper confirms exploits leaked by the Shadow Brokers group appear to affect its firewalls, but has not yet patched the vulnerabilities. |
|||
|
2016-08-24 16:40:46 | Ransomware: The evolution of cybercrime, a roundtable (lien direct) | The threat from ransomware continues to grow and the situation will only get darker before mitigation efforts prove reliable and the miscreants move on to another attack vector, according to panel of cybersecurity experts gathered on Wednesday for the Dell Data Security Ransomware Roundtable in Manhattan. |
|||
|
2016-08-24 16:36:36 | Report: ATM hackers flee Thailand after stealing $350,000 from state-run bank (lien direct) | Five suspected cyberthieves have reportedly fled Thailand after allegedly stealing approximately $350,000 in cash from 21 malware-infected ATMs operated by the state-run Government Savings Bank (GSB). |
|||
|
2016-08-24 16:02:21 | NYU scientists develop tool to check for chip sabotage (lien direct) | NYU scientists designed a new form of application-specific integrated circuit (ASIC) designed to spot hidden vulnerabilities in microchips. |
|||
|
2016-08-24 15:30:41 | Ashley Madison taken to task over security issues in Aussie, Canadian report (lien direct) | A joint investigation by the Canadian and Australian governments looking at the hack of the adult dating site Ashley Madison found it lacked the safeguards needed to protect the personal information of its customers. |
|||
|
2016-08-24 15:30:00 | NATO to spend €70 million on \'cyber-refresh\' (lien direct) | The NATO Information Assurance and Cyber Defence Symposium (NIAS) in Mons is expected to outline the alliance's vision and plans to boost capabilities including cyber-security expenditure priorities. |
|||
|
2016-08-24 15:00:00 | Singapore to shut off internet access for government agencies (lien direct) | The government of Singapore is to shut off access to the internet of government agencies in an effort to preempt a cyber-attack or a data breach. |
|||
|
2016-08-24 14:44:00 | French submarine builder DCNS suffers data breach (lien direct) | 22,000 documents have leaked from French shipbuilder DCNS which is building submarines for the Indian navy. |
|||
|
2016-08-24 09:26:55 | 6 in 10 universities hit by ransomware, 2/3 hit multiple times (lien direct) | Freedom of Information requests filed by security company SentinelOne have shown that ransomware attacks appear to be rife within the UK higher education sector. |
|||
|
2016-08-23 21:45:00 | After NSA leaks, a renewed interest in vulnerability disclosure (lien direct) | Code leaked by the Shadow Brokers group has set off calls from security researchers and tech groups for a national conversation about vulnerability disclosure policy. |
|||
|
2016-08-23 21:30:50 | HHS\' Office for Civil Rights instructs its investigators not to overlook smaller breaches (lien direct) | In a revision of its policies, the U.S. Department of Health and Human Services' Office for Civil Rights has instructed its regional offices to place more of an emphasis on investigating smaller health-care data breaches that affect fewer than 500 individuals. |
|||
|
2016-08-23 21:20:28 | GTAGaming breach compromised nearly 200K users (lien direct) | GTAGaming, a fan forum for the popular game "Grad Theft Auto," was hacked, compromising the data on nearly 200,000 users. |
|||
|
2016-08-23 21:15:11 | USAA members hit with multiple phishing attacks (lien direct) | Multiple phishing campaigns that play off consumers' fear of having their financial information being hacked are hitting customers of United Services Automobile Association (USAA). |
|||
|
2016-08-23 21:00:00 | Saving money on security software by improving cyber posture, report (lien direct) | Spending big bucks is not always necessary for corporations to put a decent cybersecurity program in place. |
|||
|
2016-08-23 19:00:00 | Olympic drug testing agency cyber attacks linked to DNC and DCCC hackers (lien direct) | Researchers believe Fancy Bear hacked the Olympic drug-testing agency in retaliation for WADA's recommendation to ban all Russian athletes from the Olympics. |
APT 28 | ||
|
2016-08-23 18:32:45 | FBI investigating possible Russian hack of NY Times (lien direct) | The FBI is investigating the possible hack by Russian intelligence agencies of the New York Times and other news organizations. |
|||
|
2016-08-23 14:30:00 | Russia\'s Central Bank introduces new mandatory cyber-security regulations (lien direct) | Russian banks will be faced with a whole range of new regulations, and penalties for non-compliance, when it comes to cyber-security, according to the country's Central Bank |
|||
|
2016-08-23 14:30:00 | EU ministers rattle sabres at encrypted ISIS jihadi comms channels (lien direct) | France and Germany discuss 'tapping' encrypted end-to-end networks such as WhatsApp and Skype |
|||
|
2016-08-22 19:12:59 | SC Magazine\'s September 2016 product reviews (lien direct) | Well, we're well into summer and we've had a short break during our two-month combo edition for June and July so let's get back to it with one of our more active groups: data leak prevention (DLP) and endpoint security. |
To see everything:
Our RSS (filtrered)
