What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
ZDNet.png 2019-01-10 11:38:02 OXO International discloses data breach, customer data over two years impacted (lien direct)

A Magecart attack is suspected.

bleepingcomputer.png 2019-01-10 11:31:03 Firefox 65 to Show Certificates Used in Man-in-the-Middle SSL Attacks (lien direct)

In Firefox 61, Mozilla added a new error message called "MOZILLA_PKIX_ERROR_MITM_DETECTED" that warns a user that a program is attempting to perform a man-in-the-middle SSL attack. In Firefox 65, Mozilla has revised the accompanying info to explain that software, such as an antivirus program, could be the cause of this error. [...]

TechRepublic.png 2019-01-10 10:56:05 The best programming languages to learn in 2019: Top coding skills that pay you the most (lien direct)

These are the languages that are in the highest demand and offer the highest salaries.

Pirate.png 2019-01-10 10:48:01 L\'investissement proactif dans la cybersécurité, une nécessité sous-estimée (lien direct)
Depuis plusieurs années, les conséquences des cyberattaques dont ont été victimes des entreprises de toutes tailles et tous secteurs d\'activités, dans de nombreux pays, ont été mis en lumière.
globalsecuritymag.png 2019-01-10 10:32:04 Qualys revèle de nouvelles vulnérabilités exploitables (lien direct)

Le Lab de Qualys vient de révéler des vulnérabilités exploitables localement dans systemd-journald, un composant central présent dans toutes les distributions Linux. Qualys mentionne ces vulnérabilité sous le terme "System Down" (en référence au groupe de Rock, System of a Down). L\'avis de sécurité complet est ici : https://www.qualys.com/2019/01/09/s... CVE-2018-16864 and CVE-2018-16865, two memory corruptions (attacker-controlled alloca()s) CVE-2018-16866, an information leak (an out-of-bounds (...) - Vulnérabilités

Pirate.png 2019-01-10 10:11:01 ServHelper et FlawedGrace : 2 nouveaux malwares introduits par TA505 (lien direct)
Les chercheurs de Proofpoint annoncent la découverte d\'emails de deux nouveaux malwares non documentés nommés : ServHelper et FlawedGrace dans plusieurs nouvelles campagnes d\'emails malveillants.
TechRepublic.png 2019-01-10 10:10:05 Windows 10 19H1: The story so far (lien direct)

The 1903 release of Windows 10 is shaping up to be a worthwhile but not particularly disruptive update. However, we may see changes and improvements in preview builds before the feature list is finalised.

ESET.png 2019-01-10 10:02:04 CES IoT security – do you know who your home is talking to? (lien direct)

There\'s a digital treasure trove to be had in your home so you should take steps to protect it

no_ico.png 2019-01-10 10:00:04 UK Contactless Card Fraud Doubles – Is Biometrics The Answer? (lien direct)

Following the news today that UK contactless card fraud has doubled, I wanted to get in touch to offer comment from David Orme, Senior Vice President of IDEX Biometrics, which explores the role of biometrics in protecting consumers against rising levels of contactless card fraud. In the comments below, Orme discusses the future of biometric authentication, including …

The ISBuzz Post: This Post UK Contactless Card Fraud Doubles – Is Biometrics The Answer? appeared first on Information Security Buzz.

SecurityAffairs.png 2019-01-10 09:29:04 Ironic turn … Kaspersky Labs helped NSA to catch alleged data thief (lien direct)

Kaspersky was a long accused to support Russian intelligence, in an ironic turn, source now revealed it helped to catch alleged NSA data thief Kaspersky was a long accused to support Russian intelligence in cyber espionage activities and for this reason, its products have been banned by the US Government and EU Parliament. The company […]

The post Ironic turn … Kaspersky Labs helped NSA to catch alleged data thief appeared first on Security Affairs.

no_ico.png 2019-01-10 09:15:01 New Data On Cybersecurity In The Manufacturing Industry Shows Small Manufacturers Play Critical Role In Securing The Supply Chain (lien direct)

ISACA and DMDII study also identifies need for major improvements to security awareness programs at manufacturing organizations SCHAUMBURG, Ill.–(BUSINESS WIRE)–Though the manufacturing sector does not attract the sheer volume of total cyberattacks as other areas of the economy, research has shown that coordinated cyber espionage targets manufacturing more than any other sector.1 For this reason, ISACA …

The ISBuzz Post: This Post New Data On Cybersecurity In The Manufacturing Industry Shows Small Manufacturers Play Critical Role In Securing The Supply Chain appeared first on Information Security Buzz.

bleepingcomputer.png 2019-01-10 09:00:00 Unprotected MongoDB Exposes Over 200 Millions Resumes (lien direct)

A huge MongoDB database containing over 200 million records with resumes from job seekers in China stayed accessible without authentication for at least one week to anyone able to locate it. The size of the cache weighed 854GB. [...]

globalsecuritymag.png 2019-01-10 08:22:00 ServHelper et FlawedGrace : 2 nouveaux malwares introduits par TA505 (Proofpoint) (lien direct)

Les chercheurs de Proofpoint annoncent la découverte d\'emails de deux nouveaux malwares non documentés nommés : ServHelper et FlawedGrace dans plusieurs nouvelles campagnes d\'emails malveillants. Utilisés par TA505, ServHelper est un malware précédemment non documenté, distribué en deux variantes : l\'une axée sur les fonctions de bureau à distance et l\'autre qui fonctionne principalement comme un " downloaders ". Quant à FlawedGrace, c\'est un RAT également non documenté auparavant, qui est apparu dans un (...) - Malwares

The_Hackers_News.png 2019-01-10 07:31:02 Over 202 Million Chinese Job Seekers\' Details Exposed On the Internet (lien direct)

Cybersecurity researcher has discovered online a massive database containing records of more than 202 million Chinese citizens that remained accessible to anyone on the Internet without authentication until last week. The unprotected 854.8 gigabytes of the database was stored in an instance of MongoDB, a NoSQL high performance and cross-platform document-oriented database, hosted by an

no_ico.png 2019-01-10 07:26:00 Email Error Like Handing Over Your Keys (lien direct)

In light of a new statement issued today by Professor Alan Woodward (University of Surrey), warning that errors made when signing up to online services can often result in people handing over the keys to their digital lives and becoming the victims of fraud, I wondered if you would be interested in this comment below from Brett Beranek, Director …

The ISBuzz Post: This Post Email Error Like Handing Over Your Keys appeared first on Information Security Buzz.

no_ico.png 2019-01-10 05:15:00 New Side-Channel Attack Is Hardware Agnostic, Targets Windows & Linux, Enables Remote Exfiltration (lien direct)

Recent findings on Page Cache Attacks by a research team of experts from Graz University of Technology, Boston University, NetApp, CrowdStrike, and Intel detail a first-of-its-type, hardware-agnostic (unlike Spectre & Meltdown) side-channel attack that can remotely target operating systems such as Windows and Linux and effectively exfiltrate data, bypassing security precautions. An expert with Juniper Threat Labs offers perspective.  Mounir Hahad, Head at Juniper Threat …

The ISBuzz Post: This Post New Side-Channel Attack Is Hardware Agnostic, Targets Windows & Linux, Enables Remote Exfiltration appeared first on Information Security Buzz.

no_ico.png 2019-01-10 05:13:04 Young Man Admits To German Politician Data Breach (lien direct)

A young man has confessed to being responsible for the data breach that affected hundreds of German politicians, which he reportedly did out of annoyance at statements made by the public figures whose data he exposed. In light of this news, please see the comment below from Jake Moore, cyber security expert at ESET UK. …

The ISBuzz Post: This Post Young Man Admits To German Politician Data Breach appeared first on Information Security Buzz.

no_ico.png 2019-01-10 04:30:01 BlackBerry Announcement About IoT Security (lien direct)

In response to BlackBerry announcing that 80% of consumers did not have faith in their devices to secure their data effectively please find below a comment from Simon Whitburn, SVP cybersecurity services at Nominet. Simon Whitburn, SVP Cybersecurity Services at Nominet: “The rapid proliferation of the Internet of Things creates a headache for security departments …

The ISBuzz Post: This Post BlackBerry Announcement About IoT Security appeared first on Information Security Buzz.

bleepingcomputer.png 2019-01-10 04:26:00 TA505 Group Adopts New ServHelper Backdoor and FlawedGrace RAT (lien direct)

Malware researchers discovered two new malware families distributed through phishing campaigns last year carried out by the TA505 cybercriminal group: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT). [...]

bleepingcomputer.png 2019-01-10 04:26:00 New ServHelper Backdoor and FlawedGrace RAT Pushed by Necurs Botnet (lien direct)

Malware researchers discovered two new malware families distributed through phishing campaigns last year from the Necurs botnet: ServHelper backdoor with two variants and FlawedGrace remote access trojan (RAT). [...]

The_Hackers_News.png 2019-01-10 04:18:02 New Systemd Privilege Escalation Flaws Affect Most Linux Distributions (lien direct)

Security researchers have discovered three vulnerabilities in Systemd, a popular init system and service manager for most Linux operating systems, that could allow unprivileged local attackers or malicious programs to gain root access on the targeted systems. The vulnerabilities, assigned as CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866, actually resides in the "systemd-journald" service

The_Hackers_News.png 2019-01-10 03:00:05 Hackers Using Zero-Width Spaces to Bypass MS Office 365 Protection (lien direct)

Security researchers have been warning about a simple technique that cybercriminals and email scammers are already being using in the wild to bypass security features of Microsoft Office 365, including Safe Links, which are originally designed to protect users from malware and phishing attacks. Safe Links has been included by Microsoft in Office 365 as part of its ATP (Advanced Threat

bleepingcomputer.png 2019-01-10 03:00:00 Microsoft Patches Remote Code Execution Vulnerability in Exchange Server (lien direct)

The security update applies to Microsoft Exchange Server 2019, 2016, and 2013 [...]

CSO.png 2019-01-10 03:00:00 2 critical ways regulations and frameworks weaken cybersecurity (lien direct)

I\'m a big believer in regulations and frameworks. Early on I wasn\'t. When you\'re young, just starting to cybersleuth, you feel like you can take on the world. You can hack anything. You can prevent anyone from hacking you. Policies and frameworks were for the losers who couldn\'t secure their way out of a paper bag.

To read this article in full, please click here

WiredThreatLevel.png 2019-01-10 00:43:05 Carriers Swore They\'d Stop Selling Location Data. Will They Ever? (lien direct)

Months after Sprint, AT&T, T-Mobile, and Verizon promised to stop selling user location data, the practice continues.

The_Hackers_News.png 2019-01-10 00:39:04 Google DNS Service (8.8.8.8) Now Supports DNS-over-TLS Security (lien direct)

Almost every activity on the Internet starts with a DNS query, a key function of the Internet that works as an Internet\'s directory where your device looks up for the server IP addresses after you enter a human-readable web address (e.g., thehackernews.com). Since DNS queries are sent in clear text over UDP or TCP without encryption, the information can reveal not only what websites an

DarkReading.png 2019-01-10 00:00:00 How Enterprises Are Attacking the Cybersecurity Problem (lien direct)

Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.

The_Hackers_News.png 2019-01-09 23:04:04 Turns Out Kaspersky Labs Helped FBI Catch Alleged NSA Leaker (lien direct)

Remember "The Shadow Brokers" and the arrest of a former NSA contractor accused of stealing 50 Terabytes of top secret documents from the intelligence agency? It turns out that, Kaspersky Lab, which has been banned in US government computers over spying fears, was the one who tipped off the U.S. government and helped the FBI catch NSA contractor Harold T. Martin III, unnamed sources familiar

WiredThreatLevel.png 2019-01-09 22:36:00 Trump\'s Immigration Speech Won\'t Change Minds, Science Says (lien direct)

Research shows that direct appeals from the president don\'t sway people, and neither do fact-checks from the media. But they do keep us talking.

Kaspersky.png 2019-01-09 22:33:04 Critical Flaw in Cisco\'s Email Security Appliance Enables \'Permanent DoS\' (lien direct)

A remote attacker could exploit the vulnerability simply by sending an email.

ZDNet.png 2019-01-09 22:14:00 Google Chrome\'s built-in ad blocker to roll out worldwide on July 9 (lien direct)

Chrome\'s built-in ad blocker was initially rolled out on February 15, 2018, only for US, Canadian, and European users.

SecurityAffairs.png 2019-01-09 22:06:01 First Google security patches for Android in 2019 fix a critical flaw (lien direct)

Google released its security patches for Android in 2019 that addressed tens of vulnerabilities in the popular mobile OS. Google released the first batch of security patches for Android in 2019 that addressed tens of flaws, the most severe of them is the CVE-2018-9583 issue. The CVE-2018-9583 flaw is a critical remote code execution vulnerability affecting […]

The post First Google security patches for Android in 2019 fix a critical flaw appeared first on Security Affairs.

Kaspersky.png 2019-01-09 21:16:05 ICEPick-3PC: A Sophisticated Adware That Collects Data En Masse (lien direct)

Researchers think an organized crime gang is running the massive campaigns, prepping for large-scale follow-on attacks on Android users.

Kaspersky.png 2019-01-09 20:59:02 Google Play Boots 85 Malicious Adware Apps (lien direct)

Once downloaded, the fake apps hide themselves on the victim\'s device and continue to show a full-screen ad every 15 minutes.

bleepingcomputer.png 2019-01-09 20:21:04 Reddit Users Locked Out of Their Accounts for Unusual Activity (lien direct)

Accounts of some Reddit users have been locked down due to irregular behavior that could suggest unauthorized access. The Reddit security team plans on allowing a password reset on affected accounts in a few hours\' time. [...]

ZDNet.png 2019-01-09 20:19:00 Google search results listings can be manipulated for propaganda (lien direct)

Dutch researcher argues that Google should remove support for knowledge panels.

TechRepublic.png 2019-01-09 20:13:02 Last Apple Store north of Tokyo closes as Apple faces shrinking sales forecasts (lien direct)

In Japan, Apple continues closing stores outside the capital immediately after lowering its revenue guidance for Q1 2019.

WiredThreatLevel.png 2019-01-09 20:00:00 A Growing Frontier for Terrorist Groups: Unsuspecting Chat Apps (lien direct)

Opinion: As Twitter, Facebook, and YouTube crack down on extremist propaganda, ISIS recruiters are exploiting lesser-known messenger apps.

TechRepublic.png 2019-01-09 19:55:01 Alternatives when migrating from macOS Server (lien direct)

With macOS Server deprecating most of its services, businesses can rely on open and closed source alternatives for business continuity.

WiredThreatLevel.png 2019-01-09 19:42:04 Best Winter TV Shows, From \'Black Monday\' to \'Russian Doll\' (lien direct)

Just because it\'s winter doesn\'t mean there\'s not plenty of new stuff on the way. Gather \'round the glowing magic box.

TechRepublic.png 2019-01-09 19:35:00 CES 2019: AMD releasing 7nm Ryzen 3 in 2019, while Intel struggles to ship 10nm CPUs (lien direct)

Benchmarks performed live at CES show that AMD\'s Ryzen 3 hardware can compete with the Intel Core i9-9900K, while using 30% less power.

TechRepublic.png 2019-01-09 18:53:01 7 ways Spirit Airlines improved its disaster recovery plan (lien direct)

Natural disasters don\'t dampen the spirit of this Florida-based airline as it enhances its disaster recovery response.

TechWorm.png 2019-01-09 18:51:01 Beware! WhatsApp Gold feature is just a hoax (lien direct)

Don\'t download WhatsApp Gold, as it\'s a scam; here\'s what you need to do Look who\'s back – the WhatsApp Gold feature – that had become viral in 2016. This feature tricked users into downloading \'WhatsApp Gold\', an apparently \'exclusive\' version of the app, on their smartphones which was actually a malware through a given […]

The post Beware! WhatsApp Gold feature is just a hoax appeared first on TechWorm.

Kaspersky.png 2019-01-09 18:27:05 ThreatList: WordPress Vulnerabilities Tripled in 2018 (lien direct)

Despite fewer plugins being added to Wordpress last year, the CMS saw an astounding tripling of vulnerabilities in its platform in 2018.

Kaspersky.png 2019-01-09 18:17:00 Biometrics in 2019: Increased Security or New Attack Vector? (lien direct)

Should we pump the brakes on the roll out of biometric security to first consider whether we are creating new vulnerabilities?

TechRepublic.png 2019-01-09 18:00:01 Baidu\'s open-source edge computing platform will add more AI capabilities to self-driving cars (lien direct)

The Chinese search giant is offering edge computing solutions to augment their cloud computing offerings.

bleepingcomputer.png 2019-01-09 17:58:00 Google Chrome Ad Blocker Expands Worldwide Starting July 9th (lien direct)

With the release of Chrome 71 last December, Google started to filter ads in North America and Europe on sites that repeatedly displayed abusive advertisements.  Today, Google has announced that they will be expanding their ad filter to the rest of the world starting on July 9th 2019. [...]

Kaspersky.png 2019-01-09 17:35:05 The Promise and Peril of 5G (lien direct)

As the hype at CES demonstrates, 5G is the newest and shiniest tech bauble out there: but security concerns loom.

bleepingcomputer.png 2019-01-09 17:13:03 Google Adds DNS-over-TLS Support to Its Public DNS Service (lien direct)

Google\'s Public DNS service now comes with support for the DNS-over-TLS security protocol which wraps DNS queries and answers using the Transport Layer Security protocol [...]

WiredThreatLevel.png 2019-01-09 17:02:02 Paul Manafort Is Bad at Basic Tech, From Passwords to PDFs (lien direct)

The former Trump campaign chair keeps getting in trouble thanks at least in part to subpar digital security.

5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

Information mise à jours le: 2019-01-19 06:03:28
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter