What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
ArsTechnica.png 2019-05-15 10:00:03 The radio-navigation planes use to land safely is insecure and can be hacked (lien direct)

Radios that sell for $600 can spoof signals planes use to find runways.

CSO.png 2019-05-15 09:46:00 Microsoft urges Windows customers to patch wormable RDP flaw (lien direct)

Microsoft has fixed a critical vulnerability in some versions of Windows that can be exploited to create a powerful worm. The company even took the unusual step of releasing patches for Windows XP and Windows Server 2003, which haven\'t been supported in years, because it believes the threat to be very high.

The vulnerability, tracked as CVE-2019-0708, is located in Remote Desktop Services, formerly known as Terminal Services. This component handles connections over the Remote Desktop Protocol (RDP), a widely used protocol for remotely managing Windows systems on corporate networks.

To read this article in full, please click here

ANSSI.png 2019-05-15 09:22:04 L\'ANSSI participera à la première édition de l\'événement Ready for IT (lien direct)

L\'Agence nationale de la sécurité des systèmes d\'information (ANSSI) participera à la première édition de Ready for IT, du 20 au 22 mai 2019 au Grimaldi Forum de Monaco. Nouvel évènement business, Ready for IT sera centré sur les enjeux de la transformation numérique des entreprises autour du cloud, de la cybersécurité et de la […]

ZDNet.png 2019-05-15 09:09:04 Adobe security update released for critical Flash, Acrobat, Reader bugs (lien direct)

The update aims to prevent code execution attacks and data leaks.

Pirate.png 2019-05-15 09:02:04 Bitdefender identifie une nouvelle vulnérabilité affectant les processeurs Intel ! #meltdown (lien direct)
La vulnérabilité prend le nom de YAM (Yet Another Meltdown) pour sa similarité avec la célèbre vulnérabilité Meltdown (et Spectre) identifiée en 2018.
DarkReading.png 2019-05-15 09:00:00 Brush Up on the Latest Security Techniques at Black Hat USA (lien direct)

Learn to set malware lures, pinpoint unintentional but identifying human behaviors, and detect industrial control system attacks via sensor noise.

WiredThreatLevel.png 2019-05-15 09:00:00 The Trump Admin Is Scrubbing Obamacare From Government Sites (lien direct)

A new report documents changes to government websites-some subtle, some sweeping-that researchers argue undermine the Affordable Care Act. 

grahamcluley.png 2019-05-15 08:57:05 Microsoft worm warning: Windows users urged to patch now (lien direct)

Microsoft is urging computer users to patch their systems now against a critical vulnerability that could be exploited by a fast-moving worm.

Read more in my article on the Hot for Security blog.

bleepingcomputer.png 2019-05-15 07:35:02 Hackers Inject Magecart Card Skimmer in Forbes\' Subscription Site (lien direct)

Forbes\' subscription website got injected by hackers with a Magecart card skimming script designed to exfiltrate customer payment data to a server controlled by the cybercriminals behind the attack. [...]

WiredThreatLevel.png 2019-05-15 06:55:01 Why a Golf Ball Compresses Like a Spring-Until It Shatters (lien direct)

An experiment with a paperclip reveals both its elastic and plastic properties, a distinction that\'s key to how any material compresses or deforms.

SecurityWeek.png 2019-05-15 06:40:05 Huawei Chairman Says Ready to Sign \'No-Spy\' Deal With UK (lien direct)

Chinese telecom giant Huawei is willing to sign a "no-spy" agreement with countries including Britain, the firm\'s chairman said on Tuesday, as the head of NATO said Britain must preserve secure mobile networks.

Liang Hua visited Britain as the government weighs the risks of allowing the Chinese company to help develop its 5G infrastructure.

read more

SecurityAffairs.png 2019-05-15 06:13:05 Adobe patches over 80 flaws in Flash, Acrobat Reader, and Media Encoder (lien direct)

Adobe Patch Tuesday updates for May 2019 address a critical flaw in Flash Player and more than 80 vulnerabilities in Acrobat products. Adobe Patch Tuesday updates for May 2019 address a total of 84 vulnerabilities in Acrobat and Acrobat Reader products for Windows and macOS. The tech company addressed many critical vulnerabilities in its products, […]

The post Adobe patches over 80 flaws in Flash, Acrobat Reader, and Media Encoder appeared first on Security Affairs.

SecurityWeek.png 2019-05-15 06:06:05 Microsoft Patches RDS Vulnerability Allowing WannaCry-Like Attacks (lien direct)

Microsoft\'s Patch Tuesday updates for May 2019 address nearly 80 vulnerabilities, including a zero-day and a flaw that can be exploited by malware to spread similar to the way the notorious WannaCry did back in 2017.

read more

bleepingcomputer.png 2019-05-15 04:01:00 Windows 10 Spectre 2 Mitigation Now Uses Retpoline By Default (lien direct)

If you currently have mitigations enabled for the Spectre Variant 2 (CVE-2017-5715) vulnerability, Microsoft has now enabled the Retpoline Spectre mitigation feature by default in Windows 10 version 1809 (October 2018 Update) for better performance. [...]

Blog.png 2019-05-15 02:31:05 Israeli Group Exploited WhatsApp to Spy on Users (lien direct)

An Israeli firm has exploited a flaw in the popular messaging mobile app WhatsApp to plant spyware on iPhones and Android. One phone call is all it takes for software developed by the Israeli firm NSO Group to install itself on a vulnerable iPhone or Android device, according to a published report in the FT Times. The publication broke the news,...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/601981834/0/thesecurityledger -->»

SecurityWeek.png 2019-05-15 01:38:02 San Francisco Bans Facial Recognition Use by Police (lien direct)

A ban on facial recognition for law enforcement in San Francisco highlights growing public concerns about technology which is seeing stunning growth for an array of applications while provoking worries over privacy.

read more

ZDNet.png 2019-05-15 00:49:00 How to test MDS (Zombieload) patch status on Windows systems (lien direct)

PowerShell script tells you if you\'re Windows OS is safe from MDS attacks.

TechRepublic.png 2019-05-15 00:42:04 No innovation in the cloud? Get real (lien direct)

Some criticize cloud vendors for focusing on operationalizing software rather than building it, but that criticism falls flat.

WiredThreatLevel.png 2019-05-15 00:00:00 NASA Needs $1.6 Billion More to Send a Human to the Moon (lien direct)

The space agency\'s new budget amendment has been called a "down payment" on what will be needed in future years to fund the program.

zataz.png 2019-05-14 23:30:02 Espionnage d\'un smartphone, difficile ? (lien direct)

Dans ma chronique cybersécurité diffusée 1 lundi sur 2 sur Weo TV, retour sur l’espionnage d’un smartphone. Est-ce un acte possible ? Les arnaques et un outil pour protéger simplement et efficacement vos ports USB d’une infiltration pirate. En bonus, l’espionnage du téléphone...

Cet article Espionnage d’un smartphone, difficile ? est apparu en premier sur ZATAZ.

SecurityAffairs.png 2019-05-14 23:29:05 Millions of computers powered by Intel chips are affected by MDS flaws (lien direct)

Millions of computers powered by Intel processors are affected by a new class of vulnerabilities (MDS) that can leak potentially sensitive data. Researchers from multiple universities and security firms discovered a new class of speculative execution side-channel vulnerabilities that could be exploited with new side-channel attack methods dubbed Fallout, RIDL (Rogue In-Flight Data Load), and ZombieLoad. “On May […]

The post Millions of computers powered by Intel chips are affected by MDS flaws appeared first on Security Affairs.

no_ico.png 2019-05-14 23:01:04 WhatsApp Vulnerability Exploited To Install Spyware (lien direct)

It has been reported that a “targeted” surveillance attack was discovered in WhatsApp, hackers were able to remotely install surveillance software on phones and other devices using a major vulnerability in WhatsApp. The attack targeted a \'select number\' of users and was orchestrated by \'an advanced cyber actor”.   Social Media Reaction: “WhatsApp encourages people to upgrade to the latest …

The ISBuzz Post: This Post WhatsApp Vulnerability Exploited To Install Spyware appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-05-14 22:41:05 WhatsApp Was Hacked, Your Computer Was Exposed, and More News (lien direct)

Catch up on the most important news today in 2 minutes or less.

WiredThreatLevel.png 2019-05-14 22:17:02 San Francisco Bans Agency Use of Facial Recognition Tech (lien direct)

Other cities, including Oakland, and Somerville, Massachusetts, are also considering bans on the technology as a threat to civil liberties.

zataz.png 2019-05-14 22:06:00 Piratage de feux tricolores à La Roche-sur-Yon (lien direct)

Depuis une semaine, un " pirate " s’amuse avec des feux tricolores et l’éclairage public de la ville de La Roche-sur-Yon. Le retour de la zappette à feu ? Pour les plus anciens lecteurs de ZATAZ, souvenez-vous de la zappette à feu tricolores. Un boitier que de jeunes pirates avaient mis ...

Cet article Piratage de feux tricolores à La Roche-sur-Yon est apparu en premier sur ZATAZ.

zataz.png 2019-05-14 21:39:02 Un ransomware bloque un important distributeur de carburant Français (lien direct)

Une nouvelle entreprise Française se retrouve prise en otage par un logiciel de rançonnage. Le ransomware réclame 500 000€ pour libérer les fichiers. Dans une semaine, le montant va doubler ! Il n’y a pas un jour ou une entreprise en France, et je ne vous parle même pas dans le monde, ne soit ...

Cet article Un ransomware bloque un important distributeur de carburant Français est apparu en premier sur ZATAZ.

zataz.png 2019-05-14 21:09:05 Diffusion porno après le piratage du Snapchat d\'ados (lien direct)

Diffusion porno et malveillance ! La technique n’est pas nouvelle chez les trolls. Elle amuse même certains adolescents et adultes inconscients des troubles pouvant impacter les jeunes gens visés. Un pirate diffuse une vidéo porno via un Snapchat de collégiens. L’établissement décide de ...

Cet article Diffusion porno après le piratage du Snapchat d’ados est apparu en premier sur ZATAZ.

ZDNet.png 2019-05-14 21:05:00 Patch status for the new MDS attacks against Intel CPUs (lien direct)

Where to get updates for Zombieland, RIDL, Fallout, and all the new Intel MDS vulnerabilities.

bleepingcomputer.png 2019-05-14 20:57:01 List of MDS Speculative Execution Vulnerability Advisories & Updates (lien direct)

Four new vulnerabilities have been discovered in Intel processors that can be exploited via speculative execution side-channel attacks called RIDL, Fallout, and ZombieLoad. These vulnerabilities allow attackers to steal passwords, cryptographic keys, or any other type of data to be loaded or stored in the memory of the CPU buffers. [...]

TechRepublic.png 2019-05-14 20:52:01 Top 5 barriers to innovation (lien direct)

Security concerns, limited time, and no budget are some factors that can stop companies from innovating. Tom Merritt examines the top five roadblocks to innovation and how to overcome them.

Kaspersky.png 2019-05-14 20:49:04 Microsoft Patches Zero-Day Bug Under Active Attack (lien direct)

Microsoft Patch Tuesday security bulletin tackles 22 critical vulnerabilities.

onapsis.png 2019-05-14 20:38:02 SAP Security Notes May \'19: Several Missing Authority Checks Patched (lien direct)

Our monthly report on how to improve your SAP security and take care of your most critical information by exploring the latest SAP Security Notes for May 2019.

SAP Security Notes, SAP, sap erp, information securitySAP Security NotesAgustín Dendarys
05/14/2019
SecurityWeek.png 2019-05-14 20:31:05 ZombieLoad: New Class of Vulnerabilities Leak Data From Intel Chips (lien direct)
Type: 
Story
Image: 

ZombieLoad: New Class of Vulnerabilities Leak Data From Intel Chips

Kaspersky.png 2019-05-14 20:31:03 Apple Patches Intel Side-Channel Bugs; Updates iOS, macOS and More (lien direct)

A massive update addresses the breadth of the computing giant\'s product portfolio.

SecurityWeek.png 2019-05-14 20:27:03 New Class of Vulnerabilities Leak Data From Intel Chips (lien direct)

Microarchitectural Data Sampling (MDS) Vulnerabilities Impacting Most Chips Over Past Decade

read more

Checkpoint.png 2019-05-14 20:16:00 Lessons Learned from the latest WhatsApp hack (lien direct)

by Brian Gleeson, Mobile Product Marketing Manager, published May 14th 2019   We were once again reminded that mobile devices, the one thing most of us never leave home without, are vulnerable to attacks. And once again, private individuals were attacked.   Several news organizations reported on Monday, May 13, that attackers exploited a vulnerability…

The post Lessons Learned from the latest WhatsApp hack appeared first on Check Point Software Blog.

WiredThreatLevel.png 2019-05-14 20:12:05 How VSCO Builds Film-Like Smartphone Photo Filters in Its Lab (lien direct)

Whether or not you\'ve heard of VSCO, your iPhone snapshots could benefit from their photography science.

TechRepublic.png 2019-05-14 20:05:05 PopClip is the Swiss Army knife macOS lacks (lien direct)

PopClip is a pop-up menu for macOS that enables myriad actions every time you highlight text, making commonly performed actions easier to access and execute. Here\'s how PopClip works.

no_ico.png 2019-05-14 19:43:05 Attackers Grabbing Payment Info From 4600 Sites (lien direct)

Hackers have injected malicious code into Alpaca forms and Picreel, an analytics service to steal payment information and passwords according to Security researcher Willhelm DeGroot.* DeGroot who discovered the attack believes more than 4,600 websites have been affected.  Supply chain attack of the week: @Picreel_ marketing software got hacked last night, their 1200+ customer sites are now leaking data to …

The ISBuzz Post: This Post Attackers Grabbing Payment Info From 4600 Sites appeared first on Information Security Buzz.

ZDNet.png 2019-05-14 19:21:02 Microsoft May 2019 Patch Tuesday arrives with fix for Windows zero-day, MDS attacks (lien direct)

Microsoft patches 79 security flaws in the May 2019 Patch Tuesday update train.

no_ico.png 2019-05-14 18:37:04 Cisco Router Bug Has Global Implications (lien direct)

WIRED reported yesterday that a security bug in a Cisco router has massive global implications. According to the article, to compromise the routers, researchers from the security firm Red Balloon exploited two vulnerabilities. The first is a bug in Cisco\'s IOS operating system-not to be confused with Apple’s iOS-which would allow a hacker to remotely obtain root access …

The ISBuzz Post: This Post Cisco Router Bug Has Global Implications appeared first on Information Security Buzz.

DarkReading.png 2019-05-14 18:20:00 Website Attack Attempts Rose by 69% in 2018 (lien direct)

Millions of websites have been compromised, but the most likely malware isn\'t cyptomining: it\'s quietly stealing files and redirecting traffic, a new Sitelock report shows.

ArsTechnica.png 2019-05-14 18:10:05 New speculative execution bug leaks data from Intel chips\' internal buffers (lien direct)

Intel-specific vulnerability was found by researchers both inside and outside the company.

Kaspersky.png 2019-05-14 18:01:04 Intel CPUs Impacted By New Class of Spectre-Like Attacks (lien direct)

Intel has disclosed a new class of speculative execution side channel attacks.

SecurityWeek.png 2019-05-14 17:54:05 Boost Mobile Detected Unauthorized Activity on Customer Accounts (lien direct)

California-based Boost Mobile, founded in 2000 as a joint venture with Nextel Communications and now a Sprint subsidiary, has warned an unspecified number of customers about unauthorized online account activity on March 14, 2019.

read more

zataz.png 2019-05-14 17:47:00 Fuite de données chez Burger King France. Et si le mal était bien plus grave ! (lien direct)

BFM est revenu, il y a quelques heures, sur une découverte de Bob Diachenko, un chercheur en cybersécurité avec qui ZATAZ a déjà collaboré plusieurs fois. Cette fois, Bob a mis la main sur une base de données de plus de 37 000 données appartenant à de jeunes Français, clients de Burger King France. ...

Cet article Fuite de données chez Burger King France. Et si le mal était bien plus grave ! est apparu en premier sur ZATAZ.

no_ico.png 2019-05-14 17:38:03 Unprotected Elasticsearch Server Leaves 85% Of All Panama Citizens Data Exposed (lien direct)

A security researcher has discovered an Elasticsearch server that was left connected to the internet without a password, or firewall protection and has leaked what appears to be personal records and patient information for roughly 85 percent of Panama’s citizens.   Experts Comments: Hugo van den Toorn, Manager Offensive Security at Outpost24: “At first glance, it seems an …

The ISBuzz Post: This Post Unprotected Elasticsearch Server Leaves 85% Of All Panama Citizens Data Exposed appeared first on Information Security Buzz.

DarkReading.png 2019-05-14 17:30:00 Uniqlo Parent Company Says Hack Compromised 461,091 (lien direct)

Fast Retailing Co. reports cyberattackers accessed accounts registered to its Japanese Uniqlo and GU brand websites.

TechRepublic.png 2019-05-14 17:25:02 The main components of SAP SuccessFactors (lien direct)

At the 2019 SAP SAPPHIRE NOW conference, Brigette McInnis-Day sat down with TechRepublic to discuss which organizations can benefit most from SAP SuccessFactors.

Chercheur.png 2019-05-14 17:11:03 Microsoft Patches \'Wormable\' Flaw in Windows XP, 7 and Windows 2003 (lien direct)

Microsoft today is taking the unusual step of releasing security updates for unsupported but still widely-used Windows operating systems like XP and Windows 2003, citing the discovery of a "wormable" flaw that the company says could be used to fuel a fast-moving malware threat like the WannaCry ransomware attacks of 2017. The vulnerability (CVE-2019-0709) resides in the "remote desktop services" component built into supported versions of Windows, including Windows 7, Windows Server 2008 R2, and Windows Server 2008. It also is present in computers powered by Windows XP and Windows 2003, operating systems for which Microsoft long ago stopped shipping security updates.

8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

Information mise à jours le: 2019-05-27 08:01:36
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter