What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
no_ico.png 2019-09-11 14:10:03 3 Approaches School Districts Must Take To Protect Against Increasing Cyber Attacks (lien direct)

Look at recent data breaches and you\'ll see most attention points to commercial businesses, with Imperva being the most recent firm falling victim to an attack that exposed email addresses, scrambled passwords, API keys and SSL certificates. Data breaches and ransomware attacks continue to show no signs of slowing down. Companies across many industry verticals …

The ISBuzz Post: This Post 3 Approaches School Districts Must Take To Protect Against Increasing Cyber Attacks appeared first on Information Security Buzz.

Ransomware
TechRepublic.png 2019-09-11 14:08:01 Scrum meetings: The do\'s and don\'ts (lien direct)

Scrum meetings are fast-paced and cover a lot of time-sensitive tasks. Here is how to run productive scrum meetings.

zataz.png 2019-09-11 14:04:05 Mémoire : Un pirate arrêté après avoir appris par cœur plus de 1 000 numéros de CB (lien direct)

Le piratage informatique prend des centaines de formes. Un japonais vient de remettre au goût du jour le piratage de CB en utilisant… sa mémoire. Mémoire de Ninja ! Yusuke Taniguchi, un japonais de 34 ans, vient d’être appréhendé par la police nippone après avoir exploité plusieurs centa...

Cet article Mémoire : Un pirate arrêté après avoir appris par cÅ“ur plus de 1 000 numéros de CB est apparu en premier sur ZATAZ.

Blog.png 2019-09-11 13:59:04 NEW TECH: LogicHub introduces \'virtualized\' security analysts to help elevate SOAR (lien direct)

One of the promising cybersecurity trends that I\'ve been keeping an eye on is this: SOAR continues to steadily mature. Security orchestration, automation and response, or SOAR, is a fledgling security technology stack that first entered the cybersecurity lexicon about six years ago. Related: Here’s how Capital One lost 100 million customer records SOAR holds […]

no_ico.png 2019-09-11 13:58:00 Vancouver Coastal Health And Patients\' Data Vulnerability (lien direct)

A nonprofit privacy advocacy group called Open Privacy Research Society discovered that the sensitive medical information of patients being admitted to certain hospitals across the Greater Vancouver Area is being broadcast, unencrypted, by hospital paging systems, and that these broadcasts are easily interceptable. The society discovered the vulnerability and notified Vancouver Coastal Health (VCH) immediately …

The ISBuzz Post: This Post Vancouver Coastal Health And Patients’ Data Vulnerability appeared first on Information Security Buzz.

Vulnerability
TechRepublic.png 2019-09-11 13:51:04 What is fileless malware and how do you protect against it? (lien direct)

Scanning files you open and save isn\'t enough to catch malware these days. Here\'s how Microsoft Defender tools can help you catch attacks that are missed by traditional security software.

Malware
TechRepublic.png 2019-09-11 13:49:04 IT pros worry about humans but invest in data and cloud security (lien direct)

A survey of 1,000 IT pros reveals plans for 2020 security spending.

TechRepublic.png 2019-09-11 13:48:05 How AI and voice analytics can improve the call center experience (lien direct)

Learn how voice-based data analytics and AI can help enhance call center agents\' performance and improve call center customers\' experiences.

SecurityAffairs.png 2019-09-11 13:44:01 The Wolcott school district suffered a second ransomware attack in 4 months (lien direct)

Another ransomware attack hits a school district, the victim is an institute in Connecticut that was targeted twice in only four months. For the second time in just four months, another the Wolcott school district in Connecticut was a victim of a ransomware attack. Techers and students were not able to access the district\'s internal […]

The post The Wolcott school district suffered a second ransomware attack in 4 months appeared first on Security Affairs.

Ransomware
no_ico.png 2019-09-11 13:41:04 FBI Business Email Compromise Is A $26bn Scam According To The FBI (lien direct)

Security Experts Comments on the News: The FBI found yesterday afternoon that BEC/EAC scams cost organisations over $26 billion between June 2016 and July 2019. The threat continues to grow and evolve, targeting small, medium, and large business and personal transactions. Between May 2018 and July 2019, there was a 100 percent increase in identified …

The ISBuzz Post: This Post FBI Business Email Compromise Is A $26bn Scam According To The FBI appeared first on Information Security Buzz.

Threat
no_ico.png 2019-09-11 13:34:01 iPhone Launch News (lien direct)

Apple launched a new set of products yesterday at a highly anticipated event. However, it could lead to a spike in identity fraud as a result of the offers from telecoms providers to incentivise customers to purchase flagship handsets. Apple unveiled new details for its upcoming streaming product at its event Tuesday. Apple will make …

The ISBuzz Post: This Post iPhone Launch News appeared first on Information Security Buzz.

zataz.png 2019-09-11 13:29:01 L\'assureur Alliance alerte des clients d\'une exfiltration pirate de données (lien direct)

La société Alliance, un spécialiste de l’assurance, vient d’alerter une partie de ses clients à la suite d’une infiltration pirate. Pendant ce temps, en France, des escrocs téléphonent à leurs futures victimes pour parler placements immobiliers. ZATAZ vous explique. Plus de 3 000 c...

Cet article L’assureur Alliance alerte des clients d’une exfiltration pirate de données est apparu en premier sur ZATAZ.

TechRepublic.png 2019-09-11 13:16:02 (Déjà vu) How to become a CIO: A cheat sheet (lien direct)

If you want to pursue a path toward becoming a CIO, here\'s your guide to salaries, job markets, skills, and common interview questions.

no_ico.png 2019-09-11 13:14:00 Experts Comments On News: Microsoft\'s September 2019 Patch Tuesday Fixes 79 Vulnerabilities (lien direct)

With the release of the September 2019 security updates, Microsoft has released 2 advisories and updates for 79 vulnerabilities. Of these vulnerabilities, 17 are classified as Critical. according to reports.

The ISBuzz Post: This Post Experts Comments On News: Microsoft’s September 2019 Patch Tuesday Fixes 79 Vulnerabilities appeared first on Information Security Buzz.

grahamcluley.png 2019-09-11 13:10:02 Operation reWired: 281 suspected email scammers arrested around the world (lien direct)

Law enforcement agencies around the world have arrested a total of 281 people suspected of being behind a spate of Business Email Compromise (BEC) scams that have stolen millions of dollars from businesses and individuals.

no_ico.png 2019-09-11 13:03:00 Microsoft: Office 365 Automated Incident Response Feature (lien direct)

ZDNet has reported that Microsoft has made its Automated Incident Response in Office 365 Advanced Threat Protection (ATP) generally available to enterprise customers.The automation feature, announced in preview earlier this April, aims to help security analysts respond faster and more systematically to a barrage of security alerts. Microsoft is making two categories of automated incident response generally available. The …

The ISBuzz Post: This Post Microsoft: Office 365 Automated Incident Response Feature appeared first on Information Security Buzz.

Threat
SecurityAffairs.png 2019-09-11 13:01:03 Dissecting the 10k Lines of the new TrickBot Dropper (lien direct)

Malware researchers at Yoroi-Cybaze analyzed the TrickBot dropper, a threat that has infected victims since 2016. Introduction TrickBot it is one of the best known Banking Trojan which has been infecting victims since 2016, it is considered a cyber-crime tool. But nowadays defining it a “Banking Trojan” is quite reductive: during the last years its modularity brought […]

The post Dissecting the 10k Lines of the new TrickBot Dropper appeared first on Security Affairs.

Threat
Checkpoint.png 2019-09-11 13:00:05 BlueKeep exploit is weaponized: Check Point customers remain protected (lien direct)

The notorious BlueKeep vulnerability has been escalated from a theoretical, critical vulnerability, to an immediate, critical threat. First reported in May 2019, Bluekeep (CVE-2019-070) was reported as a critical security vulnerability by Microsoft. The vulnerability exists in the Remote Desktop Protocol (RDP) and allows for Remote Code Execution (RCE). Check Point, recognizing the criticality of…

The post BlueKeep exploit is weaponized: Check Point customers remain protected appeared first on Check Point Software.

Vulnerability
Checkpoint.png 2019-09-11 13:00:02 We hit snooze on Ransomware in 2017. Guess what? There\'s a 2019 wakeup call! (lien direct)

Two weeks ago a ransomware attack hit 22 Texas towns, authorities say. Computer systems in Texas were hacked, seized and held for ransom in a sophisticated, coordinated cyberattack that prompted a federal investigation, according to state officials. Detailed information about the attack has yet to be released, but we do know that the attackers used…

The post We hit snooze on Ransomware in 2017. Guess what? There\'s a 2019 wakeup call! appeared first on Check Point Software.

Ransomware
AlienVault.png 2019-09-11 13:00:00 Practicing safe charging   (lien direct)

This past June, I attended the 2019 Bitcoin Conference in San Francisco, CA. With the various discussions on Bitcoin, Cryptocurrency, and with the chance to hang out with my favorite Crypto personalities, it was easy to lose myself in all the festivities.

While taking a break, I found a seat and decided to charge my iPhone.  The station by where I was seated was a wooden cube with two standard wall sockets and two USB ports. Other users took the wall sockets, but I knew that I could charge my phone via USB.

But before I did, I remembered on the trip up to San Francisco, one of my travel companions who was with a startup known as CoinCards passed out what they called a "USB data blocker” usb adaptor."

So, what is a USB data blocker?

usb datablocker picture   usb data blocker closeup

Chargers for modern cellphones, in my case an iPhone Lightning Charger, serve dual purposes. 1. The charge your phone and 2. They allow for the transfer of data.

Why is this important to understand?

So, take the charging cube from the conference. Consider that a hacker placed the cube with a device, say a Raspberry Pi and the USB ports that were visible from the outside where the USB ports for the PI or USB hub connected to the Pi.

Once my phone was plugged in, it could potentially expose me to whatever malware was on the Raspberry Pi. A USB data blocker

 stops the data flow aspect of the charging cable and allows only the charging element.

Cybersecurity is no longer a corporate issue; we have all become our own cybersecurity firm and responsible for protecting our data.

Anti-virus and firewalls can only protect us so much; we have to do our due diligence when it comes to our safety online. Consider the computer housed behind a firewall. There can be some expectation of safety inside of the firewall, especially one that is monitored and updated.

But that firewall will not make a difference if someone brings in an infected USB device and then plugs that device into one of the company's computers. I know this from experience.

A client was confident that their firewall would protect them from cyber threats to the point where they refused to purchase anti-virus for their computers. One day, an employee brought in a USB flash drive that they had used at home and plugged it into their work computer. Turns out a file on their home computer was infected with malware and they brought it into the office. It put data on the server so that others could access it and the malware was able to spread, including to the server.

But how does this fit into our discussion on USB data blockers?  If you take the phone aspect out of it, smart devices are computers. Smart devices access the internet, upload, and download and generally utilize USB to charge or sync data.

While iPhones are less likely to be the victim of malware than Android or Windows phones. We would be foolish to assume that a potential hacker could not use the lightning charger to send malicious software to the iPhone.

Apple has recently offered a bounty to anyone who can hack the iPhone OS; which means this topic has made the rounds at Apple as well.

Cyber awareness, training, and education are more critical now than ever. We can no longer assume because we have a particular type of device that we are automatically safe from harm.

Safe is not the world we live in anymore.

 
Malware,Hack
WiredThreatLevel.png 2019-09-11 13:00:00 Margaret Atwood\'s \'The Testaments\' Is Done With Handmaids (lien direct)

\'The Handmaid\'s Tale\' sequel is upon us, but it might not be exactly what you\'re expecting.

SecurityWeek.png 2019-09-11 12:57:02 Siemens Issues Advisories for DejaBlue, SACK Panic Vulnerabilities (lien direct)

Siemens on Tuesday released several security advisories, including ones covering recently disclosed vulnerabilities tracked as DejaBlue, Urgent/11 and SACK Panic.

read more

TechRepublic.png 2019-09-11 12:34:02 This $60 Raspberry Pi 4 rival runs Android 9, plays 4K video, and has an AI accelerator (lien direct)

The $59.99 Khadas VIM3L is the latest board to challenge the Pi 4 in the low-cost, single-board computer market. Here are its pros and cons.

bleepingcomputer.png 2019-09-11 12:25:02 Google Chrome May Let Sites Block Your Screen from Powering Down (lien direct)

Google Chrome developers have added an intent to experiment with a feature that enables web applications to keep systems awake even in lack of mouse or keyboard activity. [...]

ZDNet.png 2019-09-11 12:14:05 Telegram fixes privacy-breaking bug that stopped recipient message and image deletion (lien direct)

Even after deletion, images would remain in storage on user devices.

WiredThreatLevel.png 2019-09-11 12:00:00 5 Great Ways to Trade In or Sell Your iPhone (lien direct)

So you\'re planning to buy a new iPhone. Don\'t forget to cash in on your old one through sites like Decluttr and Gazelle, or Apple\'s Trade-In program.

WiredThreatLevel.png 2019-09-11 12:00:00 Why Your Flight to San Francisco Was Three Hours Late (lien direct)

San Francisco International Airport is rebuilding one of its four runways, down to the gravel under the asphalt. Throw in some wind, and it\'s hard to keep planes on time.

Pirate.png 2019-09-11 11:31:05 VPN & vie privée en ligne : 20% des Français l\'ont adopté (lien direct)
Le VPN (pour virtual private network ou réseau privé virtuel) est un outil qui crée un tunnel virtuel entre des ordinateurs ou serveurs distants et isole les échanges entre ces appareils du reste du trafic. Pour un utilisateur, cela revient à édifier un pont de communication confidentiel et chiffré entre son appareil (PC, smartphone, etc.) et les serveurs sur lesquels sont stockées les informations auxquelles il souhaite accéder. Il peut ainsi naviguer sur le Web, consulter ses contenus ou échanger des données de manière anonyme.
itsecurityguru.png 2019-09-11 11:29:00 Gmail and Google Calendar fake event notifications could have scammed people. (lien direct)

Google has confirmed that a vulnerability could have left 1.5 billion Google Calendar and Gmail users exposed to a dangerous form of phishing attack. As Forbes reports, the problem was a result of the close linking between the two services, which allows calendar invitations to be sent by email – even by people you don’t know, and […]

The post Gmail and Google Calendar fake event notifications could have scammed people. appeared first on IT Security Guru.

Vulnerability
itsecurityguru.png 2019-09-11 11:28:00 New iOS 13 Privacy Feature Limits Users Location Tracking. (lien direct)

Apple will introduce other features that allow more secure use of iPhones in workplace settings as well. Apple’s soon-to-be-released iOS 13 includes multiple features designed to give iPhone users substantially better control over their privacy and security settings for both personal and business use. Apple today announced it will release iOS 13 on September 19, […]

The post New iOS 13 Privacy Feature Limits Users Location Tracking. appeared first on IT Security Guru.

itsecurityguru.png 2019-09-11 11:26:03 (Déjà vu) Website more vulnerable to attack with third-party features. (lien direct)

A new report points out the dangers to customer data of website reliance on multiple third parties. In an effort to make websites attractive and easy to use for their customers, companies have also made them attractive targets for criminals. That’s one of the broad conclusions in a new report that points out where the […]

The post Website more vulnerable to attack with third-party features. appeared first on IT Security Guru.

itsecurityguru.png 2019-09-11 11:25:05 Montegomery County School District Ransomware Attack. (lien direct)

A Montgomery County school district has become the latest apparent victim of a ransomware cyberattack that struck just after the start of the new school year. On Monday, Souderton Area School District Superintendent Dr. Frank Gallagher said that the district\'s computer network was hit by the malware attack on Sunday, Sept. 1. Students had returned […]

The post Montegomery County School District Ransomware Attack. appeared first on IT Security Guru.

Ransomware,Malware
itsecurityguru.png 2019-09-11 11:24:05 Scammers use Deepfakes when sending Phishing emails. (lien direct)

Ransomware? Easy cash for attackers. Phishing? Nothing but cash. Spam? All kinds of ways to monetize people clicking links. Data breaches? That stuff gets used for fraud and the rest gets sold off (to be used for more fraud). Nation state attacks? Sure there’s ideology, but when you consider that US sanctions no doubt played […]

The post Scammers use Deepfakes when sending Phishing emails. appeared first on IT Security Guru.

securityintelligence.png 2019-09-11 11:00:02 10 Reasons Cyber Range Simulation Is Vital to Incident Response (lien direct)

>Reading Time: 4 minutes Is your incident response plan resilient when you\'re under attack? Simulation in the cyber range can allow you to test how well you perform when it matters.

The post 10 Reasons Cyber Range Simulation Is Vital to Incident Response appeared first on Security Intelligence.

WiredThreatLevel.png 2019-09-11 11:00:00 The Best Place to Make Undersea Cables Might Be ... in Space (lien direct)

A startup plans to manufacture fiber optic cable on the International Space Station and then ship it back to customers on Earth. Easy!

WiredThreatLevel.png 2019-09-11 11:00:00 What Happened to Urban Dictionary? (lien direct)

The crowdsourced dictionary once felt like a pioneering tool of the early internet era. Now in its 20th year, it has become something much more inhospitable.

Tool
WiredThreatLevel.png 2019-09-11 11:00:00 Pagers, Pay Phones, and Dialup: How We Communicated on 9/11 (lien direct)

The world was a different place when the 9/11 attacks happened 18 years ago. Imagine how social media would fuel-and befoul-the reaction to a similar event today.

TechRepublic.png 2019-09-11 11:00:00 Just 12% of companies have fully transitioned to modern IT tools (lien direct)

In a poll from ScienceLogic and Forrester, 86% said they still use at least one legacy tool.

ZDNet.png 2019-09-11 10:28:01 Adobe Flash, Application Manager patch update squashes critical code execution bugs (lien direct)

Two bugs could lead to arbitrary code being let loose on infected systems.

bleepingcomputer.png 2019-09-11 10:15:03 Virtual Disk Attachments Can Bypass Gmail and Chrome Security (lien direct)

Virtual disk files are locked containers that shield the items inside from online or local security defenses. The trick can help adversaries deliver malware invisibly to a target\'s computer. [...]

Malware
The_Hackers_News.png 2019-09-11 10:03:18 (Déjà vu) The Hottest Malware Hits of the Summer (lien direct)

It\'s been a summer of ransomware hold-ups, supply chain attacks and fileless attacks flying under the radar of old-school security. With malware running amok while we were lying on the beach, here\'s a recap of the most burning strains and trends seen in the wild during the months of July and August 2019. Malware Evolution Trends The heat must have had an effect as this summer saw malware

Ransomware,Malware
Pirate.png 2019-09-11 10:01:05 Selon le FBI, les attaques BEC auraient coûté 26 milliards de dollars aux entreprises (lien direct)
Selon à l\'annonce du FBI, les attaques BEC auraient coûté 26 milliards de dollars aux entreprises entre juin 2016 et juillet 2019.
DarkReading.png 2019-09-11 10:00:00 Firmware: A New Attack Vector Requiring Industry Leadership (lien direct)

It\'s time for cybersecurity manufacturers and solution providers to step up and show leadership in addressing firmware security. Read why and how.

SecurityWeek.png 2019-09-11 09:51:05 NetCAT Attack: Hackers Can Remotely Steal Data From Servers With Intel CPUs (lien direct)

Researchers have discovered yet another side-channel attack method that can be exploited to steal potentially sensitive data from devices powered by Intel processors.

read more

InfosecIsland.png 2019-09-11 09:41:00 How Ethical Hackers Find Weaknesses and Secure Businesses (lien direct)

Approaching your currently implemented security as a target to beat or bypass is the strongest and fastest way to find any flaws that may already exist.

ZDNet.png 2019-09-11 09:37:00 Google to run DNS-over-HTTPS (DoH) experiment in Chrome (lien direct)

Starting with Chrome 78, the browser will automatically switch to DoH-compatible servers for certain DNS providers.

InfosecIsland.png 2019-09-11 09:33:00 New Passive RFID Tech Poses Threat to Enterprise IoT (lien direct)

The accelerating pace of RFID tech will make our lives more convenient. With greater convenience, however, comes a greater need for security solutions.

Threat
ESET.png 2019-09-11 09:30:01 Selfies for kids – A guide for parents (lien direct)

>Are you – and especially your children – aware of the risks that may come with sharing selfies?

The post Selfies for kids – A guide for parents appeared first on WeLiveSecurity

bleepingcomputer.png 2019-09-11 08:30:02 Microsoft to Improve Office 365 Phishing Email Notifications (lien direct)

Microsoft is currently working on enhancing the notification system for quarantined malware or phishing messages for admins in all Microsoft 365 environments, with the new feature to roll out to customers in early October. [...]

Malware
SecurityAffairs.png 2019-09-11 07:01:04 Some models of Comba and D-Link WiFi routers leak admin credentials (lien direct)

Security experts have discovered that some models of D-Link and Comba WiFi routers leak their administrative login credentials in plaintext. Security researchers from Trustwave’s SpiderLabs have discovered several credential leaking vulnerabilities in some models of D-Link and Comba Telecom. The researcher Simon Kenin from SpiderLabs discovered five credential leaking vulnerabilities, three of them affect some […]

The post Some models of Comba and D-Link WiFi routers leak admin credentials appeared first on Security Affairs.

7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27

Information mise à jours le: 2019-09-22 08:07:45
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter