What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
bleepingcomputer.png 2019-05-25 04:30:05 macOS Unpatched for Executing Untrusted Code off the Network (lien direct)

Proof-of-concept code has been released for an unpatched vulnerability in macOS 10.14.5 (Mojave) that allows a hacker to execute arbitrary code without user interaction. [...]

Blog.png 2019-05-25 02:54:00 digitalworld.local-BRAVERY: Vulnhub Walkthrough (lien direct)

Today we will be solving a boot2root lab from Vulnhub called SILKY-1. This lab, like many others, is a good way to keep your penetration testing skills sharp while getting some variety. Download it from here: https://www.vulnhub.com/entry/digitalworldlocal-bravery,281/ Penetration Methodologies Scanning Netdiscover Nmap Enumeration Mount NFS share directory SMB shared file enumeration Exploiting Abusing CMS via... Continue reading

The post digitalworld.local-BRAVERY: Vulnhub Walkthrough appeared first on Hacking Articles.

WiredThreatLevel.png 2019-05-24 23:09:00 Mysterious Midwest Tornadoes, Airbnb\'s NYC Truce, and More News (lien direct)

Catch up on the most important news from today in two minutes or less.

TechRepublic.png 2019-05-24 22:52:04 How to use the Apple Support app to resolve technical problems (lien direct)

If there\'s a tech issue or glitch with your Apple product, you can use the Apple Support app to find troubleshooting tips and chat with a representative.

WiredThreatLevel.png 2019-05-24 22:49:03 885 Million First American Financial Records Exposed Online (lien direct)

Real estate giant First American left Social Security numbers, tax documents, and more publicly available.

ZDNet.png 2019-05-24 22:48:00 Hackers are scanning for MySQL servers to deploy GandCrab ransomware (lien direct)

Serendipitous discovery unearths new threat for MySQL server owners.

TechRepublic.png 2019-05-24 22:27:00 GitHub Sponsors wants to see open source developers get paid, but there\'s a better way (lien direct)

GitHub Sponsors extends GitHub\'s role as the center of open source development, but it falls short of ensuring developers get paid for their work.

no_ico.png 2019-05-24 21:11:05 Comments On 300% Increase In Mobile Fraud (lien direct)

A new RSA report reveals that fraud attacks from mobile apps increased 300% in just the first quarter of this year.   Expert comments:   Don Duncan, Security Engineer at NuData Security:  “Retail mobile eCommerce sales in the U.S. is expected to reach $338 billion by 2020 according to Statistica. Combine smaller screens with more people hurrying to shop …

The ISBuzz Post: This Post Comments On 300% Increase In Mobile Fraud appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-05-24 21:10:05 Gadget Lab Podcast: Samsung\'s Innovation Dilemma (lien direct)

David Eun, president of Samsung\'s innovation arm NEXT, says younger consumers are shifting towards experiences, not things. What does that mean for a company that makes devices?

Chercheur.png 2019-05-24 20:47:01 First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records (lien direct)

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records -- including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images -- were available without authentication to anyone with a Web browser.

no_ico.png 2019-05-24 20:30:01 Another Zero-day Vulnerability In Microsoft\'s Latest Operating Systems (lien direct)

Following the news that another zero-day vulnerability was discovered in Microsoft’s latest operating systems, security experts commented below. Rahim Jina, COO and Co-founder at Edgescan: “Most of the zero-days reported are local privilege escalation vulnerabilities, meaning that they can only be used when someone already has a certain level of access to the target host. Generally these would be considered …

The ISBuzz Post: This Post Another Zero-day Vulnerability In Microsoft’s Latest Operating Systems appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-05-24 20:30:00 Apple\'s MacBook Pro Keyboard Fix Comes Down to Tiny Tweaks (lien direct)

There are at least two material differences in the 2019 MacBook Pro keyboard, intended to fix its sticky keys.

SecurityAffairs.png 2019-05-24 20:01:04 How Hackers Access Direct Deposit Paycheck - And What to Do About It (lien direct)

Getting your paycheck deposited directly into your bank account seems like a handy solution but in some cases. hackers can access them. Getting your paycheck deposited directly into your bank account seems like a handy solution because you don’t have to pick up the check from your workplace and take it to the bank to […]

The post How Hackers Access Direct Deposit Paycheck - And What to Do About It appeared first on Security Affairs.

WiredThreatLevel.png 2019-05-24 19:48:04 Netflix\'s Anything-Goes Philosophy Gets to Parody Rap with Lonely Island\'s \'Unauthorized Bash Brothers Experience\' (lien direct)

A surprise "visual poem" from Lonely Island embraces late-\'80s sports and rap nostalgia-and tightens Netflix\'s grip on comedy gambles.

WiredThreatLevel.png 2019-05-24 19:48:03 Game of Thrones: A Battle of Reality Versus Fantasy (lien direct)

And reality won.

no_ico.png 2019-05-24 19:30:00 Cybersecurity Is A Market For Lemons (lien direct)

I recently attended CYBERUK which is the UK government’s flagship cybersecurity event hosted by the National Cyber Security Centre (NCSC). The event features world-class speakers, and opportunities for interaction between the public and private sectors. It was a fascinating couple of days, partly as Becrypt is working with government on projects featured at the event, but it was also …

The ISBuzz Post: This Post Cybersecurity Is A Market For Lemons appeared first on Information Security Buzz.

no_ico.png 2019-05-24 19:30:00 Commuters Of London Will Have Their Mobile Wi-Fi Data Collected From July (lien direct)

The BBC is reporting that tube commuters in London will have their mobile Wi-Fi data collected from July as a part of a scheme to improve journeys.   Paul Norris, Senior Systems Engineer, EMEA at Tripwire: “It is important that these mass-collections of data are monitored and regulated. There is nothing inherently risky in collecting information that …

The ISBuzz Post: This Post Commuters Of London Will Have Their Mobile Wi-Fi Data Collected From July appeared first on Information Security Buzz.

ZDNet.png 2019-05-24 19:22:05 Australian tech unicorn Canva suffers security breach (lien direct)

Hacker claims to have stolen the data of 139 million Canva users.

WiredThreatLevel.png 2019-05-24 18:45:00 Climate Change Is Bringing Epic Flooding to the Midwest (lien direct)

We often focus on coastal cities when we talk about rising waters, but massive rainfall in the middle of the US has put millions at risk, harming the nation\'s ability to produce food.

MalwarebytesLabs.png 2019-05-24 18:05:02 Medical industry struggles with PACS data leaks (lien direct) PACS servers are often used to store and transmit patient data. But how is their security implemented? We take a look at case of how poor setup can easily lead to data leaks.

Categories:

Threat analysis

Tags:

(Read more...)

The post Medical industry struggles with PACS data leaks appeared first on Malwarebytes Labs.

bleepingcomputer.png 2019-05-24 17:22:04 Firefox 67 Switching to Empty Profiles Causing Data Loss Fears (lien direct)

Mozilla Firefox users are reporting that when they upgrade to the latest Firefox 67, they are finding that their addons are missing, their customizations are gone, and their history is gone. This is being caused by the browser creating new profiles for Firefox 67 and using that instead of the original one. [...]

SecurityWeek.png 2019-05-24 17:12:00 GitHub Adds New Tools to Help Developers Secure Code (lien direct)

Microsoft-owned GitHub on Thursday announced the introduction of several new security tools and features designed to help developers secure their code.

read more

F-Secure.png 2019-05-24 17:10:00 Live Coverage Of A Disinformation Operation Against The 2019 EU Parliamentary Elections (lien direct)

I recently worked with investigative journalists from Yle, attempting to uncover disinformation on social media around the May 2019 European elections. This work was also part of F-Secure’s participation in the SHERPA project, which involves developing an understanding of adversarial attacks against machine learning systems – in this case, recommendation systems on social networks. My […]

no_ico.png 2019-05-24 16:25:02 TalkTalk Data Breach Customer Details Found Online (lien direct)

It has been reported that TalkTalk failed to inform some 4500 people that their data was compromised in the 2015 breach. Viewers contacted BBC Watchdog Live about concerns that their details had been breached by TalkTalk. But the company had told them that their details were not compromised. The BBC consumer show investigated and found the personal details of approximately 4,500 …

The ISBuzz Post: This Post TalkTalk Data Breach Customer Details Found Online appeared first on Information Security Buzz.

SecurityWeek.png 2019-05-24 16:19:02 Microsoft Defender ATP for Mac Now in Public Preview (lien direct)

Microsoft\'s unified endpoint security solution is now publicly available for Mac users, following two months of limited preview. 

read more

WiredThreatLevel.png 2019-05-24 14:48:00 Midwest Tornadoes: Why It\'s So Hard to Predict Where a Twister Will Strike (lien direct)

A series of tornadoes has brought devastation to the Midwest. Ideally, we could forecast such twisters, but the phenomenon is confounding.

bleepingcomputer.png 2019-05-24 14:40:00 Windows 10 1903 Insiders Test Fix For USB Drives Blocking Upgrades (lien direct)

Microsoft has released the Windows 10 version 1903 KB4497935 cumulative update to Insiders in the Slow and Release rings for testing before being pushed out to everyone. [...]

SecurityWeek.png 2019-05-24 14:24:02 One Year on, EU\'s GDPR Sets Global Standard for Data Protection (lien direct)

The EU\'s strict data laws have set the global benchmark for protecting personal information online since coming into force a year ago, but some worry that many users have barely noticed the change.

read more

Pirate.png 2019-05-24 14:19:01 Cybersécurité : communiquons sur un métier d\'avenir (lien direct)
Le secteur de la cybersécurité se révèle aujourd\'hui porteur d\'un fort paradoxe : bien repéré par l\'opinion publique, il peine à trouver des professionnels aguerris. Le sujet fait pourtant la une de nos journaux : en 2018, selon une étude de F-Secure, les cyberattaques ont augmenté de 32%, et la délinquance cybernétique a coûté quelque 600 milliards de dollars, contre 445 il y a seulement 4 ans (source Allianz).
grahamcluley.png 2019-05-24 14:17:01 London Underground passengers told to turn off their Wi-Fi if they don\'t want to be tracked (lien direct)

From 8 July 2019, travellers on London’s underground tube network may wish to turn off their Wi-Fi first… if they don’t like the idea of being tracked.

SecurityAffairs.png 2019-05-24 14:11:02 US DoJ\'s superseding indictment charges Assange with violating Espionage Act (lien direct)

The United States Department of Justice charges WikiLeaks founder Julian Assange with 18 counts on the alleged violation of the Espionage Act. A federal grand jury returned an 18-count superseding indictment that charges WikiLeaks founder Julian Assange with counts related to illegally obtaining and disclosing classified information. British authorities arrested Assange on April 11 at the […]

The post US DoJ’s superseding indictment charges Assange with violating Espionage Act appeared first on Security Affairs.

TechRepublic.png 2019-05-24 14:05:03 96% of organizations run into problems with AI and machine learning projects (lien direct)

Companies face issues with training data quality and labeling when launching AI and machine learning initiatives, according to a Dimensional Research report.

SecurityWeek.png 2019-05-24 14:03:00 New York Department of Financial Services Launches Cybersecurity Unit (lien direct)

The New York State Department of Financial Services (DFS) this week announced that it has launched a new cybersecurity division whose role is to protect consumers and financial services organizations from cyber threats.

read more

Pirate.png 2019-05-24 14:01:04 Qui sont les collaborateurs ciblés par les cybercriminels dans les entreprises ? (lien direct)
Les principales victimes des cyberattaques sont les utilisateurs finaux. Les cybercriminels utilisent des techniques d\'ingénierie sociale de plus en plus affinées pour amener les internautes à cliquer sur leurs liens corrompus. La question principale est : votre entreprise contribue-t-elle au problème ?
WiredThreatLevel.png 2019-05-24 14:00:00 WIRED\'s 14 Must-Read Books of Summer (lien direct)

It\'s time to charge up the Kindle.

WiredThreatLevel.png 2019-05-24 14:00:00 The Tricky Physics of How the Avengers Manage to Fly (lien direct)

To understand how Star-Lord flies, you have to consider both the forces acting on him (hello, jet boots) and the torque.

TechRepublic.png 2019-05-24 13:58:04 Oh Canada: Why half of phishing attacks target the Great White North (lien direct)

Though phishing volume remained relatively stable, attacks against Canadian users dominate, according to an RSA report.

TechRepublic.png 2019-05-24 13:57:01 Why remote work and flexible schedules are the new normal for global business (lien direct)

Nearly half of US employers offer remote work and flexible scheduling options, according to a Condeco Software report.

SecurityWeek.png 2019-05-24 13:49:01 Microsoft Brings Hardware-Based Isolation to Chrome, Firefox (lien direct)

Microsoft this week made the Windows Defender Application Guard extensions generally available, which now provides hardware-based isolation to all Chrome and Firefox users on Windows 10.

read more

grahamcluley.png 2019-05-24 13:42:00 Snapchat workers snooped on users with internal tool (lien direct)

Snapchat’s 186 million users may be in for a rude awakening today after revelation that multiple employees of the social media giant were able to abuse their power and snoop on members.

Read more in my article on the Hot for Security blog.

bleepingcomputer.png 2019-05-24 13:18:04 BlueKeep RCE Flaw Gets Micropatch for Always-On Servers (lien direct)

The 0patch platform issued a fix for the Remote Desktop Services RCE vulnerability known as BlueKeep, in the form of a 22 instructions micropatch which can be used to protect always-on servers against exploitation attempts. [...]

SecurityWeek.png 2019-05-24 13:07:05 The Intelligent SOC Can be a Reality Today (lien direct)

External factors, including security tools shifting to the cloud, the rise of Endpoint Detection and Response (EDR) solutions, and the cybersecurity talent shortage, are presenting challenges for security operations centers (SOCs). There is a lot of talk right now about the need for SOCs to become more efficient and effective to address not only these factors but to also become more \'intelligent.\' However, this notion of an intelligent SOC is not new.

read more

WiredThreatLevel.png 2019-05-24 13:00:00 The Playdate Is a Boutique Gaming Handheld With a Crank (lien direct)

No, the crank doesn\'t power it. Yeah, we\'re a little disappointed, too.

WiredThreatLevel.png 2019-05-24 13:00:00 How to Solve a Rubik\'s Cube in 5 Seconds-or Less (lien direct)

The world record for unscrambling a Rubik\'s cube keeps dropping, as fleet-fingered speedcubers hone their pattern recognition and "lookahead" skills.

TechRepublic.png 2019-05-24 12:45:05 Infographic: 11 things managers should never say to employees (lien direct)

Managers sometimes make errors in communication and feedback without realizing it. Here\'s how to avoid mistakes and become a better coach.

TechRepublic.png 2019-05-24 12:31:02 67% of Gen Zers stay at organizations that offer choices in work devices (lien direct)

The majority of students (78%) in higher education want employers to offer choices in work computers, according to a Jamf report.

TechRepublic.png 2019-05-24 12:22:01 Nessus expands vulnerability scanner offerings to 16 IPs in commercial environments (lien direct)

Tenable introduced the free Nessus Essentials product, and also discussed the wisdom of building apps in Electron, along with fixes for Spectre and Meltdown.

ANSSI.png 2019-05-24 12:13:05 2ème édition du colloque SecNumeco à Nice le 6 juin : cybersécurité au cœur de la stratégie des entreprises : risques & solutions (lien direct)

Formidable levier de rayonnement et de croissance, la transformation numérique ouvre de nouvelles opportunités pour l\'ensemble des acteurs de la société et, plus particulièrement, pour le secteur économique. Cependant des menaces extrêmement variées et des risques majeurs pèsent sur les organisations de toutes tailles : captation illégale d\'innovations, entrave à l\'activité économique, fermeture d\'entreprises, perte […]

bleepingcomputer.png 2019-05-24 12:09:01 German Minister Wants Secure Messengers To Decrypt Chats (lien direct)

Germany\'s Interior Minister Horst Seehofer purportedly wants to force messaging providers such as WhatsApp, Telegram, and Threema to provide plain text chats to law enforcement agencies on a court order as reported by Der Spiegel and from a number of other German news outlets. [...]

WiredThreatLevel.png 2019-05-24 12:00:00 Grilling Over Gas Is Objectively, Scientifically Better Than Grilling Over Charcoal (lien direct)

A gas grill rules. But the real debate should be whether charcoal is necessary at all...

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-05-27 08:01:36
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter