What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
SecurityWeek.png 2019-03-24 14:37:05 Watchdog: FEMA Wrongly Released Personal Data of Victims (lien direct)

The Federal Emergency Management Agency wrongly released to a contractor the personal information of 2.3 million survivors of devastating 2017 hurricanes and wildfires, potentially exposing the victims to identity fraud and theft, a government watchdog reported Friday.

read more

SecurityWeek.png 2019-03-23 17:39:00 Cisco Patches High Severity Vulnerabilities in IP Phones (lien direct)

Cisco this week released security patches to address high severity vulnerabilities in its IP Phone 8800 Series and IP Phone 7800 Series. 

A total of five vulnerabilities were addressed, all impacting the web-based management interface of Session Initiation Protocol (SIP) Software of IP Phone 8800 Series. 

read more

SecurityWeek.png 2019-03-23 06:02:01 Pwn2Own 2019: Researchers Win Tesla After Hacking Its Browser (lien direct)

Researchers win Tesla Model 3 at Pwn2Own

read more

SecurityWeek.png 2019-03-22 17:12:02 UK Police Federation Hit by Ransomware (lien direct)

The UK Police Federation of England & Wales (PFEW) website was subject to a malware attack that it discovered on March 9, 2019. It appears that this was a ransomware attack; but the strain has not been announced.

read more

SecurityWeek.png 2019-03-22 17:08:03 Russian Hackers Target European Governments Ahead of Elections: FireEye (lien direct)

Hackers believed to be sponsored by the Russian government are targeting European governments for cyber-espionage purposes ahead of the upcoming European elections, FireEye reports. 

read more

SecurityWeek.png 2019-03-22 16:37:05 Industry Reactions to Norsk Hydro Breach: Feedback Friday (lien direct)

Norwegian aluminum giant Norsk Hydro has been hit by a serious ransomware attack that caused disruptions at some of its plants and forced the company to turn to manual processes to fulfill customer orders.

read more

SecurityWeek.png 2019-03-22 15:43:03 Microsoft Launches Defender ATP Endpoint Security for macOS (lien direct)

Microsoft Brings Defender Advanced Threat Protection to macOS

read more

SecurityWeek.png 2019-03-22 14:58:04 D.C. Attorney General Introduces New Data Security Bill (lien direct)

Karl A. Racine, the attorney general for the District of Columbia, on Thursday announced the introduction of a new bill that aims to expand data breach notification requirements and improve the way personal information is protected by organizations.

read more

SecurityWeek.png 2019-03-22 11:00:03 Observations From RSA Conference 2019 (lien direct)

The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it\'s also a great opportunity for people like me to get insight into trends in the industry.

read more

SecurityWeek.png 2019-03-22 06:30:00 Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019 (lien direct)

White hat hackers earned a total of $270,000 on the second day of the Pwn2Own hacking competition for demonstrating exploits against the Mozilla Firefox and Microsoft Edge web browsers.

read more

SecurityWeek.png 2019-03-21 19:33:02 Threat Hunting Tips to Improve Security Operations (lien direct)

From Ferdinand Magellan to Lewis and Clark to Neil Armstrong – humans have an innate desire to understand the unknown. In security operations, we see this phenomenon every day in several forms, one of which is threat hunting. Threat hunting is not triggered by an event, but by the unknown. It is the practice of proactively and iteratively searching for abnormal indications within networks and systems.

read more

SecurityWeek.png 2019-03-21 17:48:00 Global Security Spend Set to Grow to $133.8 Billion by 2022: IDC (lien direct)

Global spending on security-related hardware software and services will grow at a compound annual growth rate (CAGR) of 9.2% between 2018 and 2022, to a total of $133.8 billion in 2022. The figures come from the latest Worldwide Semiannual Security Spending Guide compiled by IDC.

read more

SecurityWeek.png 2019-03-21 16:53:03 Facebook Stored Passwords of Hundreds of Millions Users in Plain Text (lien direct)

Facebook today admitted to have stored the passwords of hundreds of millions of its users in plain text, including the passwords of Facebook Lite, Facebook, and Instagram users. 

read more

SecurityWeek.png 2019-03-21 16:38:01 How Three of 2018\'s Critical Threats Used Email to Execute Attacks (lien direct)

History Tends to Repeat Itself - Attackers Repurpose Tried and Tested Methods to Launch Attacks

read more

SecurityWeek.png 2019-03-21 16:27:01 Multiple Vulnerabilities Patched in PuTTY and LibSSH2 (lien direct)

PuTTY, an SSH and Telnet client program, and LibSSH2, a client-side C library for the SSH2 protocol, have both received updates fixing multiple vulnerabilities. Eight vulnerabilities have been fixed in version 0.71 of PuTTY, and nine vulnerabilities fixed in version 1.8.1 of LibSSH2.

read more

SecurityWeek.png 2019-03-21 16:18:03 Facebook Pays Big Bounty for DoS Flaw in Fizz TLS Library (lien direct)

While Facebook\'s bug bounty program does not typically cover denial-of-service (DoS) vulnerabilities, the social media giant has decided to award a significant bounty for a serious flaw affecting Fizz, its open source TLS library.

read more

SecurityWeek.png 2019-03-21 16:16:01 FIN7 Hackers Use New Malware in Recent Attacks (lien direct)

The financially-motivated hacking group FIN7 has used new malware samples in a recent attack campaign, Flashpoint security researchers warn. 

read more

SecurityWeek.png 2019-03-21 15:26:01 Finland to Investigate Suspected Nokia Chinese Data Breach (lien direct)

Finnish authorities will launch an investigation into claims that Nokia phones have been transmitting users\' personal data to China, the country\'s data protection ombudsman announced on Thursday.

read more

SecurityWeek.png 2019-03-21 15:15:02 Securing Industrial IoT in the Modern World (lien direct)

Manufacturing arguably offers the largest attack surface of almost any industry with regards to cybersecurity threats, and has long been a prime target for \'everyday\' attacks like phishing, ransomware, data-theft – you name it, they\'ve seen it. But these \'everyday\' attacks and the associated losses are only the tip of the iceberg when it comes to what could potentially happen in the future.

read more

SecurityWeek.png 2019-03-21 14:35:00 Many Vulnerabilities Found in Oracle\'s Java Card Technology (lien direct)

Poland-based cybersecurity research firm Security Explorations claims to have identified nearly 20 vulnerabilities in Oracle\'s Java Card, including flaws that could be exploited to compromise the security of chips using this technology.

read more

SecurityWeek.png 2019-03-21 12:58:02 Schneider Electric Working on Patch for Flaw in Triconex TriStation Emulator (lien direct)

A serious denial-of-service (DoS) vulnerability has been found in Schneider Electric\'s Triconex TriStation Emulator software. The vendor has yet to release a patch, but assured customers that the flaw does not pose a risk to operating safety controllers.

read more

SecurityWeek.png 2019-03-21 09:48:01 The \'Katz\' Out of the Bag: Catching Mimikatz With Anomaly Detection (lien direct)

Mimikatz Has Become a Lethal Weapon for Attackers Seeking to Move Laterally Inside Corporate and Government Networks

read more

SecurityWeek.png 2019-03-21 06:57:03 Apple, Oracle, VMware Software Hacked at Pwn2Own 2019 (lien direct)

Apple\'s Safari web browser and the Oracle VirtualBox and VMware Workstation virtualization products were hacked on the first day of the Pwn2Own 2019 hacking competition, earning researchers a total of $240,000 in cash.

read more

SecurityWeek.png 2019-03-20 20:38:03 Researchers Use UPnP Protocol to Unmask IPv6 Address (lien direct)

Cisco Talos security researchers were able to leverage properties of the Universal Plug and Play (UPnP) protocol to unmask the IPv6 address of specific IPv4 hosts.

read more

SecurityWeek.png 2019-03-20 20:12:05 Windows Hello Support Added to Firefox 66 (lien direct)

Mozilla this week released Firefox 66 with support for Windows Hello for Web Authentication on Windows 10, as well as with patches for 21 vulnerabilities. 

The newly added support for Windows Hello should provide users with a passwordless experience on the web, but also with increased security, Mozilla says. 

read more

SecurityWeek.png 2019-03-20 20:03:00 Multiple Vulnerabilities Fixed in CUJO Smart Firewall (lien direct)

Vulnerabilities recently addressed by CUJO AI in the CUJO Smart Firewall could be exploited to take over the device, Cisco Talos security researchers reveal. 

read more

SecurityWeek.png 2019-03-20 19:48:02 Authentication Bypass Vulnerability Found in SoftNAS Cloud (lien direct)

A security firm\'s Vulnerability Research Team (VRT) found and reported a vulnerability in SoftNAS Cloud data storage. SoftNAS fixed the vulnerability last week, and details of the vulnerability are now being made public.

read more

SecurityWeek.png 2019-03-20 19:23:02 Vulnerability in NSA\'s Reverse Engineering Tool Allows Remote Code Execution (lien direct)

A vulnerability in Ghidra, the generic disassembler and decompiler released by the National Security Agency (NSA) in early March, could be exploited to execute code remotely, researchers say. 

read more

SecurityWeek.png 2019-03-20 18:01:01 Man Pleads Guilty Over $100M BEC Scheme Targeting Google, Facebook (lien direct)

A 50-year-old Lithuanian citizen has pleaded guilty over his role in a business email compromise (BEC) scheme in which Google and Facebook employees were tricked into wiring a total of more than $100 million to bank accounts he controlled.

read more

SecurityWeek.png 2019-03-20 16:34:02 Google Photos Flaw Allowed Hackers to Track Users (lien direct)

Google recently patched a vulnerability in its Photos service that could have been exploited via browser-based timing attacks to track users, Imperva revealed on Wednesday.

read more

SecurityWeek.png 2019-03-20 16:20:02 European Government Websites Are Delivering Tracking Cookies to Visitors (lien direct)

Governments within the European Union appear to be flouting their own GDPR laws. Many official government websites are harboring and delivering tracking cookies from the ad tech industry even though they don\'t rely on any advertising income. Eighty-nine percent of 184,683 pages delivered tracking cookies. Twenty-five of the 28 member states have websites with tracking cookies -- only the Spanish, German and Dutch sites had no trackers.

read more

SecurityWeek.png 2019-03-20 15:56:01 Norsk Hydro Restoring Systems, But Not Paying Ransom (lien direct)

Norwegian metals and energy giant Norsk Hydro is working on restoring systems after being hit by ransomware, but the company says it does not plan on paying the hackers.

read more

SecurityWeek.png 2019-03-20 14:26:05 Webinar Today: Managing Cyber Threats in the Era of Industry 4.0 (lien direct)

Presented by

read more

SecurityWeek.png 2019-03-20 13:06:01 EU Fines Google for Anti-trust Breach (lien direct)

The EU\'s powerful anti-trust regulator slapped tech giant Google with a new fine on Wednesday over unfair competition, in Europe\'s latest salvo against Silicon Valley.

read more

SecurityWeek.png 2019-03-20 07:04:01 Kaspersky Files Complaint Against Apple Over App Store Policy (lien direct)

Kaspersky Lab on Tuesday filed a complaint against Apple with the Russian Federal Antimonopoly Service after the tech giant introduced a new App Store policy requiring it to remove some important features from its Safe Kids app.

read more

SecurityWeek.png 2019-03-19 18:28:00 Industrial Cybersecurity Firm Nozomi Launches Research Department (lien direct)

Industrial cybersecurity solutions provider Nozomi Networks on Tuesday announced the formal launch of the company\'s research department, Nozomi Networks Labs.

read more

SecurityWeek.png 2019-03-19 18:21:01 Cloudflare Launches New HTTPS Interception Detection Tools (lien direct)

Security services provider Cloudflare on Monday announced the release of two new tools related to HTTPS interception detection. 

read more

SecurityWeek.png 2019-03-19 17:53:01 Mobile App Security Firm Blue Cedar Raises $17 Million (lien direct)

Blue Cedar, a San Francisco-based company that specializes in securing mobile applications, on Tuesday announced that it raised $17 million in a Series B funding round.

read more

SecurityWeek.png 2019-03-19 16:26:00 Microsoft Dominates 2018\'s Most Exploited Vulnerabilities (lien direct)

Eight of the top ten most exploited vulnerabilities in 2018 affected Microsoft products. Only one -- but the second most exploited -- was an Adobe vulnerability. The last one, ranking at the ninth most exploited vulnerability of 2018, was an Android vulnerability.

read more

SecurityWeek.png 2019-03-19 16:11:00 Researcher Finds Novel Bug Class in Windows Kernel (lien direct)

A security researcher working with Google Project Zero has discovered a novel bug class that impacts Windows and some of its drivers. 

read more

SecurityWeek.png 2019-03-19 15:53:05 Aluminum Giant Norsk Hydro Hit by Ransomware (lien direct)

Norwegian metals and energy giant Norsk Hydro, one of the world\'s biggest aluminum producers, has been hit by a ransomware attack that has impacted operations, forcing the company to resort to manual processes.

read more

SecurityWeek.png 2019-03-19 12:22:04 Norway\'s Norsk Hydro Hit by \'Extensive\' Cyberattack (lien direct)

One of the world\'s biggest aluminium producers, Norway\'s Norsk Hydro, said Tuesday it had been hit by a cyber-attack of unknown origin.

"Hydro became victim of an extensive cyberattack in the early hours of Tuesday, impacting operations in several of the company\'s business areas," the energy group said in a statement.

read more

SecurityWeek.png 2019-03-19 10:40:03 From Traffic Cop to Fleet Manager, DLP Evolves Beyond the Perimeter (lien direct)

Perimeter-based DLP Enforcement Has Increasingly Taken a Backseat to Host-based Implementations

read more

SecurityWeek.png 2019-03-15 18:55:02 Google Took Down 2.3 Billion Bad Ads in 2018 (lien direct)

Google this week revealed that it took down 2.3 billion bad ads last year, including 58.8 million phishing ads.

The ads were taken down for violations of both new and existing policies, and the Internet company said it faced challenges in areas where online advertising was used to scam or defraud users offline.

read more

SecurityWeek.png 2019-03-15 18:42:04 E-Commerce Company Gearbest Leaked User Information (lien direct)

Chinese e-commerce company Gearbest has failed to properly secure some of its databases, thus leaking users\' personally identifiable information (PII), VPNMentor\'s researchers have discovered. Gearbest has downplayed the impact of the incident, which it has blamed on an error made by a member of its security team.

read more

SecurityWeek.png 2019-03-15 17:35:04 China Does Not Ask Firms to Spy on Others: Premier (lien direct)

China will "never" ask its firms to spy on other nations, Premier Li Keqiang said Friday, amid US warnings that Chinese telecommunications behemoth Huawei poses security risks.

read more

SecurityWeek.png 2019-03-15 15:50:03 Hackers Bypass MFA on Cloud Accounts via IMAP Protocol (lien direct)

Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor authentication (MFA), Proofpoint reports.

read more

SecurityWeek.png 2019-03-15 15:48:00 Uncovering the Data Security Triad (lien direct)

Data Must be Protected as it Exists at All Points in the Processing Lifecycle

read more

SecurityWeek.png 2019-03-15 15:18:04 Recently Patched WinRAR Flaw Exploited in APT Attacks (lien direct)

A recently patched WinRAR vulnerability has been exploited by several threat groups, including advanced persistent threat (APT) actors.

read more

SecurityWeek.png 2019-03-15 13:35:05 G Suite Admins Can Now Disable Phone 2-SV (lien direct)

Google is making G Suite accounts more secure by allowing administrators to remove phone-based 2-step verification (2-SV) from the available multi-factor verification options.

read more

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-03-26 04:01:32
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter