What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
Blog.png 2019-09-10 15:53:04 NEW TECH: Baffin Bay Networks takes a \'cloud-first\' approach to securing web applications (lien direct)

Hear about the smart toaster that got attacked three times within an hour after its IP address first appeared on the Internet? That experiment conducted by a reporter for The Atlantic crystalizes the seemingly intractable security challenge businesses face today. Related: How 5G will escalate DDoS attacks Caught in the pull of digital transformation, companies […]

TechRepublic.png 2019-09-10 15:53:00 Ford\'s City:One challenge wants solutions for boring but important mobility problems (lien direct)

Entrepreneurs and residents in four cities have the chance to test ideas to make public transportation safer and more convenient.

TechRepublic.png 2019-09-10 15:41:03 How to enable logging in Nextcloud 16 (lien direct)

If you need to troubleshoot Nextcloud, your first task should be to enable logging. Find out how.

TechRepublic.png 2019-09-10 15:37:03 Intel officially unveils Chaco Canyon, first fanless NUC in five years (lien direct)

The Intel NUC 8 Rugged-otherwise known as Chaco Canyon-is intended for IoT, edge analytics, and digital signage, among other use cases, and is available in kit or board-only configurations.

SecurityWeek.png 2019-09-10 15:35:04 Adobe Patches Two Code Execution Vulnerabilities in Flash Player (lien direct)

Adobe\'s September 2019 Patch Tuesday updates fix two code execution vulnerabilities in Flash Player and a DLL hijacking flaw in Application Manager.

read more

TechRepublic.png 2019-09-10 15:32:03 How to properly automount a drive in Ubuntu Linux (lien direct)

Need to create a proper fstab entry to automatically mount a drive in Linux? Find out how here.

Checkpoint.png 2019-09-10 15:30:01 Miercom Designates SandBlast Mobile Certified Secure in Mobile Threat Defense Industry Test (lien direct)

By Yael Macias, Threat Prevention Product Marketing We have some exciting news to share! SandBlast Mobile earned Miercom\'s Certified Secure award following its Mobile Threat Defense Industry Assessment, in which eight vendors\' solutions were tested and evaluated. SandBlast Mobile scored 99% security efficacy (vs. 63.8% average industry score) in this competitive test. “No matter how…

The post Miercom Designates SandBlast Mobile Certified Secure in Mobile Threat Defense Industry Test appeared first on Check Point Software.

Threat
TechRepublic.png 2019-09-10 15:24:03 How to add Kubernetes support to Docker desktop (lien direct)

Getting Kubernetes up and running on your Mac is incredibly simple, thanks to Docker Desktop.

TechRepublic.png 2019-09-10 15:14:01 How to write four million lines of Python: Lessons from Dropbox on using the programming language at scale (lien direct)

How type annotation and type checking helped Dropbox maintain a massive Python code base.

bleepingcomputer.png 2019-09-10 15:02:04 Microsoft Fixes Windows 10 High CPU Usage in Cortana (lien direct)

As part of today\'s Patch Tuesday, Microsoft has released the Windows 10 KB4515384 cumulative update that fixes a high CPU usage issue in Cortana\'s SearchUI.exe process. [...]

TechRepublic.png 2019-09-10 15:01:05 How AI determines if your company is a winner or a loser (lien direct)

Artificial intelligence can determine the success of an organization. Here\'s how advanced businesses are using this tech.

itsecurityguru.png 2019-09-10 14:58:00 (Déjà vu) Captcha Used to Bypass Automated Detection on Microsoft Phishing Pages. (lien direct)

A new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs). Businesses use SEGs to protect against a wide variety of email-based attacks. They scan all messages, in or out, for malicious content and protect at least against malware and […]

The post Captcha Used to Bypass Automated Detection on Microsoft Phishing Pages. appeared first on IT Security Guru.

Malware
itsecurityguru.png 2019-09-10 14:57:02 Bluekeep bug exploit published by Metasplot Project. (lien direct)

Coders late last week publicly released a working exploit for the dangerous Bluekeep bug that was found and patched earlier this year in Microsoft\'s Remote Desktop Protocol implementation. Designated as CVE-2019-0708, BlueKeep is a remote Windows kernel use-after-free vulnerability that could be used to create wormable attacks similar to the WannaCry ransomware incident of May 2017. Published on GitHub by […]

The post Bluekeep bug exploit published by Metasplot Project. appeared first on IT Security Guru.

Vulnerability
itsecurityguru.png 2019-09-10 14:56:01 1M IoT Radios open to Hijack by Telnet Backdoor. (lien direct)

Attackers can drop malware, add the device to a botnet or send their own audio streams to compromised devices. Imperial Dabman IoT radios have a weak password vulnerability that could allow a remote attacker to achieve root access to the gadgets\' embedded Linux BusyBox operating system, gaining control over the device. Adversaries can deliver malware, […]

The post 1M IoT Radios open to Hijack by Telnet Backdoor. appeared first on IT Security Guru.

Vulnerability
itsecurityguru.png 2019-09-10 14:55:02 DDoS attack knocks Wikipedia offline. (lien direct)

Wikipedia was hit late last week with a sustained DDoS attack knocking it offline in many parts of the world. Wikipedia\'s parent organization Wikimedia posted a statement on Sept. 7 saying it was under attack and working to return to normal operations, but posted on Twitter on Sept. 6 that it was suffering intermittent outages. The affected […]

The post DDoS attack knocks Wikipedia offline. appeared first on IT Security Guru.

itsecurityguru.png 2019-09-10 14:54:03 (Déjà vu) Windows users targeted with Ransomware and Trojans. (lien direct)

Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers. All four of these campaigns were discovered by exploit kit expert nao_sec and are being distributed through malvertising that redirect visitors to the exploit kits landing pages. These landing pages are typically hosted […]

The post Windows users targeted with Ransomware and Trojans. appeared first on IT Security Guru.

Ransomware
ZDNet.png 2019-09-10 14:39:00 51 tech CEOs send open letter to Congress asking for a federal data privacy law (lien direct)

CEOs who signed: Amazon, AT&T, Dell, IBM, SAP, Salesforce, Visa, Mastercard, and JP Morgan Chase.

bleepingcomputer.png 2019-09-10 14:30:00 LokiBot Info-Stealer Used in Spear Phishing Attack on US Company (lien direct)

Security researchers discovered a malspam campaign distributing LokiBot information stealer payloads using phishing messages targeting the employees of a large U.S. manufacturing company. [...]

no_ico.png 2019-09-10 14:27:02 Telnet Backdoor Vulnerabilities Impact Over A Million IoT Radio Devices (lien direct)

It has been reported that that critical vulnerabilities have been discovered in Telestar Digital GmbH Internet of Things (IoT) radio devices that permit attackers to remotely hijack systems. Today, Vulnerability-Lab researcher Benjamin Kunz disclosed the firm’s findings, of which two CVEs have been assigned, CVE-2019-13473 and CVE-2019-13474.

The ISBuzz Post: This Post Telnet Backdoor Vulnerabilities Impact Over A Million IoT Radio Devices appeared first on Information Security Buzz.

no_ico.png 2019-09-10 14:20:03 Newly Discovered Cyber-Espionage Malware Abuses Windows BITS Service (lien direct)

ZDNet reported earlier today that security researchers have found another instance of a malware strain abusing the Windows Background Intelligent Transfer Service (BITS). The malware appears to be the work of a state-sponsored cyber-espionage group that researchers have been tracking for years under the name of Stealth Falcon. The first and only report on this hacking group has …

The ISBuzz Post: This Post Newly Discovered Cyber-Espionage Malware Abuses Windows BITS Service appeared first on Information Security Buzz.

Malware
CSO.png 2019-09-10 14:15:00 New NetCAT CPU side-channel vulnerability exploitable over the network (lien direct)

Researchers have found yet another CPU feature that can be abused to leak potentially sensitive data, but this time with a twist: The attacker doesn\'t need to have local access on the targeted machine because the attack works over the network.

The culprit is Intel\'s Data Direct I/O (DDIO) technology, which gives peripheral devices such as network cards direct access to the processor\'s internal cache to achieve better performance, less power consumption, and higher data throughput. Before DDIO, these devices exchanged data with the CPU through RAM, whose latency can be a bottleneck.

To read this article in full, please click here

Vulnerability
TechRepublic.png 2019-09-10 14:15:00 Dell EMC PowerMax adds NVMe over fabric, doubles down on dual port Intel Optane drives (lien direct)

Dell\'s use of Optane SSDs in their high-end PowerMax line could be the start of wider industry enthusiasm, as Intel is packaging Optane in more flexible ways for the enterprise.

no_ico.png 2019-09-10 14:14:03 CirclCI Data Breach Exposed Customer GitHub And Bitbucket Logins (lien direct)

According to this link, https://www.scmagazineuk.com/circlci-data-breach-exposed-customer-github-bitbucket-logins/article/1595997, CircleCI has informed its clients that a third-party analytics vendor suffered an incident exposing login information for their GitHub and Bitbucket accounts. The information compromised included usernames and email addresses associated with GitHub and Bitbucket and IP addresses and user agent strings Additionally, organisation name, repository URLs and names, branch names, …

The ISBuzz Post: This Post CirclCI Data Breach Exposed Customer GitHub And Bitbucket Logins appeared first on Information Security Buzz.

Data Breach
Pirate.png 2019-09-10 14:12:03 Prix d\'une traduction assermentée en ligne (lien direct)
Lorsque vous voulez traduire un texte, ne vous dites jamais que tous les documents valent le même coût. En effet, le prix est en rapport avec la complexité du travail que demande le fichier à traduire. C\'est dans ce cadre qu\'une traduction assermentée en ligne, sera par exemple beaucoup plus exigeante en termes de coût […]
no_ico.png 2019-09-10 14:07:00 DateID To Build Trust And Transparency Online With Dating Verification Platform That Utilises Yoti\'s Secure Digital Identities (lien direct)

50% of people do not trust the details on dating profiles are true1 Yoti and DateID are working together to create a safer community of online daters London, UK, September 2019 – Yoti, the digital identity app with 5 million downloads, has partnered with DateID, a new US based dating verification platform – to help …

The ISBuzz Post: This Post DateID To Build Trust And Transparency Online With Dating Verification Platform That Utilises Yoti\'s Secure Digital Identities appeared first on Information Security Buzz.

bleepingcomputer.png 2019-09-10 14:01:04 (Déjà vu) Windows 10 KB4515384 and KB4512578 Released With Fixes (lien direct)

Microsoft is rolling out a new cumulative update to devices with Windows 10 May 2019 Update (version 1903), Windows 10 October 2018 Update (version 1809), and other supported versions with multiple fixes and improvements. [...]

WiredThreatLevel.png 2019-09-10 14:00:00 Do Our Faces Deserve the Same Protection as Our Phones? (lien direct)

Facial recognition technology raises a vital question: What role do we want this form of artificial intelligence to play in our society?

TechRepublic.png 2019-09-10 13:59:03 How to best handle legacy models during a digital transformation (lien direct)

Legacy models are one of the biggest obstacles in achieving digital transformation. Here\'s how to maneuver the task, from the CIO of Deloitte.

no_ico.png 2019-09-10 13:55:04 Avast Finds Flashlight Apps On Google Play Requesting Up To 77 Permissions (lien direct)

Avast researchers found flashlight apps request 25 permissions on average Avast LSE: AVST, a global leader in digital security products, has found that Android flashlight applications request an average of 25 permissions. Using apklab.io, Avast\'s mobile threat intelligence platform, Avast analysed the permissions requested by 937 flashlight apps that either once made it onto the Google Play …

The ISBuzz Post: This Post Avast Finds Flashlight Apps On Google Play Requesting Up To 77 Permissions appeared first on Information Security Buzz.

Threat
TechRepublic.png 2019-09-10 13:50:00 Experts predict hotel rooms will be tech dominated by 2034 (lien direct)

Guestline spoke to several hotel owners and tech experts to pick their brain about what the future may hold for hotels.

bleepingcomputer.png 2019-09-10 13:49:05 (Déjà vu) Microsoft\'s September 2019 Patch Tuesday Fixes 79 Vulnerabilities (lien direct)

Today is Microsoft\'s September 2019 Patch Tuesday, which means your Windows administrators are going to be up to their elbows in problems. So be nice to them! [...]

bleepingcomputer.png 2019-09-10 13:42:05 (Déjà vu) Microsoft Releases the September 2019 Security Updates for Office (lien direct)

Microsoft released the September 2019 Microsoft Office security updates, bundling a total of 19 security updates and five cumulative updates across seven different products, five of them patching remote code execution flaws. [...]

Patching
TechRepublic.png 2019-09-10 13:36:00 Does Apple need to choose between consumer and B2B in health? (lien direct)

Helping individuals develop healthier habits may be easier than making the healthcare industry user friendly. Apple may have to choose between the two.

TechRepublic.png 2019-09-10 13:34:04 Fuze announces Slack integration for the enterprise (lien direct)

The integration allows for seamless switching between the two apps, streamlining business communications.

no_ico.png 2019-09-10 13:32:04 (Déjà vu) Microsoft Phishing Page Bypasses Automated Detection Using Captcha (lien direct)

According to this link, https://www.bleepingcomputer.com/news/security/microsoft-phishing-page-uses-captcha-to-bypass-automated-detection/, a new phishing campaign has been observed in the wild using captcha boxes to hide a fake Microsoft account login page from secure email gateways (SEGs). The attackers were after credentials for Microsoft accounts and created a page that mimics the original for selecting an account and logging in This is …

The ISBuzz Post: This Post Microsoft Phishing Page Bypasses Automated Detection Using Captcha appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-09-10 13:31:03 McDonald\'s Acquires Apprente to Double Down on Tech (lien direct)

The Golden Arches will acquire Apprente, a "sound-to-meaning" voice assistant, to speed up its drive-thru.

Blog.png 2019-09-10 13:27:04 Third Party Cyber Risk is growing. Most Companies aren\'t prepared. (lien direct)

Third party cyber risk is a growing concern for organizations, as breaches and hacks tied to third party providers and applications multiply. How do you know if your third party cyber risk management program is up to the task? Our new e-book, sponsored by CyberGRX, will help you figure it out! -->

SecurityWeek.png 2019-09-10 13:17:02 Vulnerabilities Exposed 2 Million Verizon Customer Contracts (lien direct)

Vulnerabilities discovered by a security researcher in Verizon Wireless systems could have been exploited by hackers to gain access to 2 million customer contracts.

read more

SecurityWeek.png 2019-09-10 13:07:04 Stop Using CVSS to Score Risk (lien direct)

The mechanics of prioritizing one vulnerability\'s business risk over another has always been fraught with concern. What began as securing business applications and infrastructure from full-disclosure bugs a couple of decades ago, has grown to encompass vaguely referenced flaws in insulin-pumps and fly-by-wire aircraft with lives potentially hanging in the balance.

read more

SecurityWeek.png 2019-09-10 13:00:00 Cyber Fusion Center-in-a-Box Firm Cyware Raises $3 Million in Seed Funding (lien direct)

Threat intelligence sharing and cyber fusion firm Cyware has raised $3 million in seed funding led by Emerald Development Managers. The money will be used to develop the firm\'s national and international presence, and enhance existing products.

read more

AlienVault.png 2019-09-10 13:00:00 Should small business owners concern themselves with business espionage? (lien direct)

As technological developments have helped turn the world into a global village, they have also made it easier to steal, extract, and communicate confidential information – leading to an increased frequency of corporate espionage.

Take Apple for example; despite deploying leading security measures and monitoring activities, the tech giant has had two espionage attempts in one year, foiled just as the convicts were departing the country.

In fact, a 2014 report estimated the global cost of industrial espionage to be $445 billion. Considering how the economy has shaped up since then, the figure may well be over the $1 trillion mark.

Should small businesses be concerned?

It’s not only the Silicon Valley giants who have to face espionage. Rather, smaller businesses have more to lose. With 31% of all cyber-espionage attacks aimed at small businesses, the loss of important information can leave them facing bankruptcy.

hacker-type person, possible insider threat

Source: https://www.freepik.com/free-photo/hacker-with-laptop_3361105.htm

Indeed, according to the U.S National Cyber Security Alliance, 60% of Small Medium Enterprises (SMEs) shut down within six months after a cyber-attack. What’s more, it costs approximately $690,000 and $1million for such businesses to clean up after an attack.

As Jody Westby, CEO of Global Cyber Risk says, “it is the data that makes a business attractive, not the size – especially if it is delicious data, such as lots of customer contact info, credit card data, health data, or valuable intellectual property.”

Why Are Small Businesses Targeted?

Smaller businesses are easy targets of corporate espionage, as they tend to have weaker security compared to large corporations.

The Internet Security Threat Report shows, for instance, that while 58% of small businesses show awareness and concern about a possible attack, 51% of them still have no budget allocated to prevent it.

It seems, also, that the problem is getting worse, as outlined by cyber-security experts in PwC’s Global State of Information Security Survey: small organizations, with annual revenue of under $100 million, have reduced their security budget by 20%, even as large organizations are spending 5% more on security.

Indeed, as large organizations are getting better at defending themselves against different types of espionage, criminals are “moving down the business food chain.” For example, cyber-attacks to steal information from small businesses have increased by 64% in a span of four years, as large businesses have adopted more robust security protocols.

As a result, all kinds of small

WiredThreatLevel.png 2019-09-10 13:00:00 If Computers Are So Smart, How Come They Can\'t Read? (lien direct)

Deep learning excels at learning statistical correlations, but lacks robust ways of understanding how the meanings of sentences relate to their parts.

Pirate.png 2019-09-10 12:24:01 Près d\'1 Français sur 5 pense pouvoir perdre son travail à cause de ses réseaux sociaux (lien direct)
Alors que les jeunes Français se préparent pour la rentrée universitaire, et ses traditionnels week-end d\'intégration, McAfee société de cybersécurité experte depuis plus de 30 ans, recommande aux étudiants et aux diplômés de s\'assurer dès à présent que leur empreinte sur les réseaux sociaux ne finisse pas par avoir de graves conséquences sur leur vie professionnelle.
ZDNet.png 2019-09-10 12:12:04 Kaspersky launches anti-cheat solution for pro e-sports tournaments (lien direct)

Because gaming cheats are not all that different from malware, Kaspersky launches e-sports anti-cheat solution.

WiredThreatLevel.png 2019-09-10 12:00:00 Sean Carroll Thinks We All Exist on Multiple Worlds (lien direct)

In his book *Something Deeply Hidden*, the physicist explores the idea of Many Worlds, which holds that the universe continually splits into new branches.

WiredThreatLevel.png 2019-09-10 12:00:00 Fighting Instagram\'s $1.3 Billion Problem-Fake Followers (lien direct)

As influencers strive for ever-higher engagement numbers, the battle between fake followers and fake-follower-detection tools is turning into an arms race.

01net.png 2019-09-10 11:57:05 Vos photos Instagram et Facebook ne sont pas aussi privées que vous l\'imaginez (lien direct)

Les photos et les vidéos publiées au travers de ces réseaux sociaux sont accessibles au travers d\'adresses publiques que l\'on peut partager avec n\'importe qui.

The_Hackers_News.png 2019-09-10 11:36:01 (Déjà vu) Latest Microsoft Updates Patch 4 Critical Flaws In Windows RDP Client (lien direct)

Get your update caps on. Microsoft today released its monthly Patch Tuesday update for September 2019, patching a total of 79 security vulnerabilities in its software, of which 17 are rated critical, 61 as important, and one moderate in severity. Two of the security vulnerabilities patched by the tech giant this month are listed as "publicly known" at the time of release, one of which is an

Patching
ZDNet.png 2019-09-10 11:30:00 PsiXBot malware upgraded with Google DNS over HTTPS, sexploitation kit (lien direct)

The malware has been shaken up with new infrastructure and attack methods.

Malware
securityintelligence.png 2019-09-10 11:20:02 10 Surprisingly Bright Spots on the Darknet (lien direct)

>Reading Time: 4 minutes The darknet isn\'t all creepy, illegal content. In between criminal marketplaces and hacker forums, there\'s a few hidden websites that exist for legitimate purposes.

The post 10 Surprisingly Bright Spots on the Darknet appeared first on Security Intelligence.

9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29

Information mise à jours le: 2019-09-22 08:07:45
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter