What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Chercheur.png 2019-01-10 16:27:05 Secret Service: Theft Rings Turn to Fuze Cards (lien direct)

Street thieves who specialize in cashing out stolen credit and debit cards increasingly are hedging their chances of getting caught carrying multiple counterfeit cards by relying on Fuze Cards, a smartcard technology that allows users to store dozens of cards on a single device, the U.S. Secret Service warns.

TechRepublic.png 2019-01-10 16:25:00 CES 2019: Turn practically anything into a connected product with the Node-ify Axon (lien direct)

The Node-ify Axon is a universal sensor that allows users to make everyday products in their home smarter. Axon connects via Bluetooth low energy to a mobile app on the user\'s smartphone.

Blog.png 2019-01-10 16:12:03 SMB Penetration Testing (Port 445) (lien direct)

In this article, we will learn how to gain control over our victim\'s PC through SMB Port. There are various ways to do it and let take time and learn all those, because different circumstances call for different measure. Table of Content Introduction to SMB Protocol Working of SMB Versions of Windows SMB SMB Protocol... Continue reading

The post SMB Penetration Testing (Port 445) appeared first on Hacking Articles.

TechRepublic.png 2019-01-10 16:12:01 How to set up Icinga2 agent monitoring (lien direct)

With a bit of work, Icinga2 can monitor a data center node\'s internal health parameters via a secured channel master/client set up.

Kaspersky.png 2019-01-10 16:05:05 \'Unprecedented\' DNS Hijacking Attacks Linked to Iran (lien direct)

The attacks, targeting several countries to redirect traffic and harvest credentials, have been linked to Iran.

itsecurityguru.png 2019-01-10 16:01:03 CySure Partners With Frost Solutions To Deliver Cyber Security Services In South Africa. (lien direct)

Cyber security specialist CySure Ltd has appointed Frost Solutions as a specialist value added reseller partner in South Africa. Frost Solutions specializes in delivering IT services to the small and medium size enterprises (SMEs) market and has added CySure\'s information security management system, VOSO to its product and service portfolio. Richard Frost, CEO and Founder […]

The post CySure Partners With Frost Solutions To Deliver Cyber Security Services In South Africa. appeared first on IT Security Guru.

SecurityWeek.png 2019-01-10 16:01:02 5 Forecasts to Inform Digital Risk Protection in 2019 (lien direct)

Last year was bookended by two major corporate data breaches – Under Armour in February and Marriott in December – with incidents too numerous to count in between.

read more

itsecurityguru.png 2019-01-10 15:49:05 €1bn In Cyber Security Research Funding Evaluated, Revealing Academic Trends And Threats For 2019 And Beyond. (lien direct)

Crossword Cybersecurity plc (AIM:CCS), the cyber security technology commercialisation company, has today released insights from its global review of academic cyber security research. The new database looked at nearly 1,200 current and past research projects from academic institutions in the United Kingdom, United States, Europe, Australia, and Africa. It reaffirmed the value of the cyber […]

The post €1bn In Cyber Security Research Funding Evaluated, Revealing Academic Trends And Threats For 2019 And Beyond. appeared first on IT Security Guru.

TechRepublic.png 2019-01-10 15:46:01 CES 2019: How smartwatches can boost productivity for business users (lien direct)

Smartwatches, such as the new Kate Spade device that launched at CES 2019, offer features that help business users.

TechRepublic.png 2019-01-10 15:45:02 Microsoft\'s killer Windows 7 patch: Breaks networking, bricks legit \'Not genuine\' PCs (lien direct)

Windows sysadmins wake up on Wednesday with an almighty Patch Tuesday headache.

Kaspersky.png 2019-01-10 15:45:02 Google Search Results Spoofed to Create Fake News (lien direct)

The technique can be used to spread disinformation while leveraging the trust people have in Google\'s search results.

DarkReading.png 2019-01-10 15:45:00 Reddit Alerts Users to Possible Account Breaches (lien direct)

User lockouts, combined with requirements for new passwords, indicate an attack on accounts at the popular social media platform.

SecurityWeek.png 2019-01-10 15:39:05 Facebook and Google Launch Asia-Pacific Bug Hunting Conference (lien direct)

Facebook and Google have partnered to launch a new conference for the researchers interested on discovering and reporting vulnerabilities.

read more

bleepingcomputer.png 2019-01-10 15:34:02 Microsoft 365 Business Gets Self Service Password Reset Writeback (lien direct)

Microsoft 365 Business users can now change their passwords in the cloud using the SSPR feature and have it written back to on-premises directories in real time [...]

SecurityWeek.png 2019-01-10 15:33:03 Hyatt Hotels Launches Public Bug Bounty Program (lien direct)

Hyatt Hotels Corporation on Wednesday announced the launch of a public bug bounty program that covers its websites and mobile applications.

read more

SecurityWeek.png 2019-01-10 15:33:03 Google Secures Public DNS Queries With DNS-over-TLS (lien direct)

Google this week announced that users can now secure queries between their devices and the Google Public DNS with DNS-over-TLS, which improves their privacy and integrity. 

read more

TechRepublic.png 2019-01-10 15:32:00 Lexar returns to flash storage market with 1TB SDXC card for photographers (lien direct)

Under new ownership, Lexar introduces the first 1TB SDXC card, nearly 15 years after the company introduced a 1 GB SD card.

no_ico.png 2019-01-10 15:27:01 Singapore Airlines Customers Have Passport Details Exposed (lien direct)

In response to the news today that Singapore Airlines has suffered a software glitch that exposed customer data, please see below for comment from Kaspersky Lab. “While the sum of customers affected by Singapore Airline\'s data breach is not large, the fact that sensitive details such as passports and email addresses were accessed is particularly worrying. Customers whoentrusttheir …

The ISBuzz Post: This Post Singapore Airlines Customers Have Passport Details Exposed appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-01-10 15:00:00 CES 2019 Liveblog Day 4: Thursday\'s News and Photos, Live From Las Vegas (lien direct)

This year\'s CES, one of the biggest consumer tech showcases in the world, continues Thursday. Join us for live updates from the show in Las Vegas, Nevada.

TechRepublic.png 2019-01-10 14:59:01 38% of tech workers hurt by suspension of H-1B visa premium processing (lien direct)

eBay, PayPal, and Amazon had the most tech workers negatively affected by the suspension, according to a Blind report.

ZDNet.png 2019-01-10 14:50:00 CVs containing sensitive info of over 202 million Chinese users left exposed online (lien direct)

Data appears to have originated from a data scraping app that collected resumes from Chinese job portals.

SecurityAffairs.png 2019-01-10 14:48:04 Alleged Iran-linked APT groups behind global DNS Hijacking campaign (lien direct)

Security expert uncovered a DNS hijacking campaign targeting organizations in various industries worldwide and suspects Iranian APT groups. Security experts at FireEye uncovered a DNS hijacking campaign that is targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe. According […]

The post Alleged Iran-linked APT groups behind global DNS Hijacking campaign appeared first on Security Affairs.

securityintelligence.png 2019-01-10 14:30:02 How the Financial Services Industry Is Preparing to Avoid and Respond to Systemic Cyberattacks (lien direct)

>Financial services industry leaders visited the IBM X-Force Command Cyber Range for a war game exercise designed to battle-test their response to a systemic cyberattack.

The post How the Financial Services Industry Is Preparing to Avoid and Respond to Systemic Cyberattacks appeared first on Security Intelligence.

bleepingcomputer.png 2019-01-10 14:30:00 U.S. Government Shutdown Leaves Its Sites with Expired TLS Certificates (lien direct)

The websites of the U.S. Department of Justice, NASA, and the Court of Appeals are some of the ones hit by the government\'s failure to extend around 80 TLS certificates used on .gov domains [...]

bleepingcomputer.png 2019-01-10 14:30:00 U.S. Government Shutdown Leaves Its Sites Insecure, TLS Certs Expired (lien direct)

The websites of the U.S. Department of Justice, NASA, and the Court of Appeals are some of the ones hit by the government\'s failure to extend around 80 TLS certificates used on .gov domains [...]

grahamcluley.png 2019-01-10 14:27:01 Reddit users locked out of accounts after \'security concern\' (lien direct)
Reddit users locked out of accounts after 'security concern'

A large number of Reddit users are being told that they will have to reset their passwords in order to regain access to their accounts following what the site is calling a “security concern.”

The lockout has occurred as Reddit\'s security team investigates what appears to have been an attempt to log into many users\' accounts through a credential-stuffing attack.

Read more in my article on the Tripwire State of Security blog.

TechRepublic.png 2019-01-10 14:00:01 Why data scientist is the most promising job of 2019 (lien direct)

Data scientists saw a 56% increase in job openings in the US over the past year, according to LinkedIn.

WiredThreatLevel.png 2019-01-10 14:00:00 Beta\'s Ava Is the Edward Scissorhands of Flying Cars (lien direct)

The eVTOL aircraft may look strange, but it\'s a clever machine built for the coming age of air taxis.

WiredThreatLevel.png 2019-01-10 14:00:00 A Magic Wand? Nope, Just Good Ol\' Fashioned Physics (lien direct)

What looks like magic is actually the electrostatic force in action, suspending objects in air by manipulating their electrons.

AlienVault.png 2019-01-10 14:00:00 Top 12 Blogs of 2018 (lien direct)

Time to look back on the top AlienVault blogs of 2018! Here we go:

A North Korean Monero Cryptocurrency Miner by Chris Doman

Crypto-currencies could provide a financial lifeline to a country hit hard by sanctions. Therefore it’s not surprising that universities in North Korea have shown a clear interest in cryptocurrencies. Recently the Pyongyang University of Science and Technology invited foreign experts to lecture on crypto-currencies. The Installer we’ve analysed above may be the most recent product of their endeavours.

 VLAN Hopping and Mitigation by Pam

This type of exploit allows an attacker to bypass any layer 2 restrictions built to divide hosts. With proper switch port configuration, an attacker would have to go through a router and any other layer 3 devices to access their target. However, many networks either have poor VLAN implementation or have misconfigurations which will allow for attackers to perform said exploit. In this article, I will go through the two primary methods of VLAN hopping, known as 'switched spoofing', and 'double tagging'. I will then discuss mitigation techniques.

DNS Poisoning and How To Prevent It by Jeff Thompson 

The first thing to understand about DNS 'poisoning' is that the purveyors of the Internet were very much aware of the problem. Essentially, DNS requests are "cached", or stored, into a database which can be queried in almost real-time to point names like 'hotmail.com' or 'google.com' to their appropriate IP addresses. Can you imagine having to remember a string of numbers instead of a fancy name to get to your desired WWW (or GOPHER - if that's your thing) resources? 321.652.77.133 or 266.844.11.66 or even 867.53.0.9 would be very hard to remember. [Note: I have obfuscated REAL IP addresses with very fake ones here. Always trying to stay one step ahead of the AI Armageddon. Real IP addresses end with the numerical value of '255' within each octet.]

 4 SIEM Use Cases That Will Dramatically Improve Your Enterprise Security by Stephen Roe

Companies both large and small must plan to protect their data. Failing to do so puts you at risk for financial trouble, legal liability, and loss of goodwill.

Make sure to deploy SIEMs to prevent such misfortunes befalling your business. If you know how to put them to use, SIEMs provide value out of the box. Here’s a quick recap on how SIEMs can benefit you with a few clicks.

  • Prevent SQL injection attacks by keeping an eye on the health of your systems. This will keep you ready if and when attacks do happen.
  • For handling watering hole intruders, SIEMs make it easy to monitor suspicious communication hinting at an attack in progress.
  • If you’re worried about malware infection, commun
ESET.png 2019-01-10 13:51:04 Face unlock on many Android smartphones falls for a photo (lien direct)

>No 3D-printed heads or realistic masks were needed to trick even a handful of high-end handset models into unlocking their screens

The post Face unlock on many Android smartphones falls for a photo appeared first on WeLiveSecurity

SecurityWeek.png 2019-01-10 13:51:03 Cisco Patches Serious DoS Flaws in Email Security Appliance (lien direct)

Cisco this week patched two serious denial-of-service (DoS) vulnerabilities that can be exploited remotely without authentication in its Email Security Appliance (ESA) products.

read more

ZDNet.png 2019-01-10 13:51:00 Neiman Marcus agrees to $1.5 million data breach settlement (lien direct)

Neiman Marcus credit cards were accessed fraudulently, exposing customer information.

bleepingcomputer.png 2019-01-10 13:47:01 Windows KB4480960 & KB4480970 Updates Causing Network and License Problems (lien direct)

On January 8th, Microsoft released the KB4480960 and KB4480970 updates for Windows 7 SP1 and Windows Server 2008 R2 SP1, which have been causing networking and licensing havok for users and organizations that have installed them. [...]

SecurityWeek.png 2019-01-10 13:20:03 Reddit Locks Down Accounts Due to \'Security Concern\' (lien direct)

Reddit this week decided to lock down some user accounts after detecting unusual activity on those accounts. 

read more

no_ico.png 2019-01-10 13:00:01 GitHub DDoS Attack (lien direct)

Following the news that a hacker that goes by the name of Hax Stroke has claimed to have launched a DDoS attack on GitHub last Wednesday after the company\'s website experienced an outage, please see below comments from Sean Newman, director of product management at Corero Network Security. Sean Newman, Director of Product Management at Corero …

The ISBuzz Post: This Post GitHub DDoS Attack appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-01-10 13:00:00 Chicago\'s New 311 System Is a Huge Win for Public Works (lien direct)

When cities hand off infrastructure projects to private companies, they often end up screwed. Now, they\'re learning.

SecurityWeek.png 2019-01-10 12:53:00 Netanyahu Says Israel Ready to Thwart Election Cyber Meddling (lien direct)

Israeli Prime Minister Benjamin Netanyahu said Wednesday that his country led the world in cyber defence, after a report that an unnamed nation planned to meddle in its upcoming general election.

"Israel is prepared to thwart a cyber intervention, we\'re prepared for any scenario and there\'s no country more prepared than we are," he told reporters.

read more

ZDNet.png 2019-01-10 12:40:02 Hyatt Hotels launches bug bounty program (lien direct)

The company has turned to external help to prevent data breaches from ever affecting its properties again.

bleepingcomputer.png 2019-01-10 12:40:00 Criminals Grabbed at Least 4.3 Percent of All Monero Coins on the Market (lien direct)

Crooks earned roughly 57 million USD in a 4 year. period s by taking advantage of other people\'s hardware to mine for Monero and by using large botnets as a tool towards quick illegal monetary gains of more than $1 million per month [...]

bleepingcomputer.png 2019-01-10 12:40:00 Criminals Grabbed at Least 4,3 Percent of All Monero Coins on the Market (lien direct)

Crooks earned roughly 57 million USD in a 4 year. period s by taking advantage of other people\'s hardware to mine for Monero and by using large botnets as a tool towards quick illegal monetary gains of more than $1 million per month [...]

grahamcluley.png 2019-01-10 12:35:02 Smashing Security #110: What? You can get paid to leave Facebook? (lien direct)
Smashing Security #110: What? You can get paid to leave Facebook?

Twitter and the not-so-ethical hacking of celebrity accounts, study discovers how you can pay someone to quit Facebook for a year, and the millions of dollars you can make from uncovering software vulnerabilities.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Maria Varmazis.

The_State_of_Security.png 2019-01-10 12:22:01 Neiman Marcus to Pay $1.5 Million under Data Breach Settlement (lien direct)

Neiman Marcus Group, Inc. has agreed to pay $1.5 million as part of a settlement for an earlier data breach that exposed customers’ information. Ken Paxton, Attorney General of Texas, announced on 8 January that he and his fellow Attorneys General from 42 other states will enter into the $1.5 million settlement with Neiman Marcus. […]… Read More

The post Neiman Marcus to Pay $1.5 Million under Data Breach Settlement appeared first on The State of Security.

bleepingcomputer.png 2019-01-10 12:08:02 Linux systemd Affected by Memory Corruption Vulnerabilities, No Patches Yet (lien direct)

 Security researchers have disclosed three vulnerabilities that affect a system service part of \'systemd,\' a core component in Linux that manages system processes after the boot process. [...]

WiredThreatLevel.png 2019-01-10 12:00:00 The Best of CES 2019: Laptops, Smart Home, Parenting, TVs (lien direct)

WIRED\'s picks for the stand-out products from this year\'s CES consumer electronics fest.

WiredThreatLevel.png 2019-01-10 12:00:00 Nevada City, California\'s \'Goat Fund Me\' to Prevent Fires (lien direct)

Spooked by massive wildfires, a California city launches a crowdfunding campaign to hire goats to clear brush at the edges of town.

WiredThreatLevel.png 2019-01-10 12:00:00 YouTube Boomers Show #VanLife Isn\'t Just for Millennials (lien direct)

Bob Wells, a 63-year-old YouTube personality, has been living the #vanlife since 1995. He\'s managed to make a living-and inspire a generation.

WiredThreatLevel.png 2019-01-10 12:00:00 It\'s Easier Than Ever to Log Your Kid\'s Data-But Should You? (lien direct)

Meet the quantified kid: More gadgets let you track data from before birth and into their teens. But you it probably won\'t make you a better parent.

SecurityAffairs.png 2019-01-10 11:51:02 Three security bugs found in the popular Linux suite systemd (lien direct)

Experts disclosed three flaws in the systemd, a software suite that provides fundamental building blocks for Linux operating systems. Security firm Qualys has disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd, a software suite that provides fundamental building blocks for a Linux operating system used in most major Linux distributions. […]

The post Three security bugs found in the popular Linux suite systemd appeared first on Security Affairs.

ZDNet.png 2019-01-10 11:46:00 Iranian hackers suspected in worldwide DNS hijacking campaign (lien direct)

Mysterious group hijacks DNS records to reshape and hijack a company\'s internal traffic to steal login credentials.

4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

Information mise à jours le: 2019-01-19 06:03:28
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter