What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
no_ico.png 2019-05-13 20:30:01 AT&T Alien Labs Researcher Finds Sharepoint Vulnerability Exploited In The Wild (lien direct)

AT&T Alien Labs researcher Chris Doman has seen a number of reports of active exploitation of a vulnerability in Microsoft Sharepoint (CVE-2019-0604).  One report by the Saudi Cyber Security Centre appears to be primarily targeted at organisations within the kingdom.  An earlier report by the Canadian Cyber Security Centre identified similar deployment of the tiny China Chopper web-shell to gain an initial foothold.  SharePoint CVE-2019-0604 …

The ISBuzz Post: This Post AT&T Alien Labs Researcher Finds Sharepoint Vulnerability Exploited In The Wild appeared first on Information Security Buzz.

bleepingcomputer.png 2019-05-13 20:15:00 Adobe Says Upgrade Creative Cloud Apps or Risk 3rd Party Claims (lien direct)

On May 8th, 2019, Creative Cloud users have started receiving emails from Adobe stating that older versions of the products they are using have been discontinued and that users are no longer licensed to use them. For many of these developers, this not a reasonable request as they need to utilize older versions for certain projects. [...]

SecurityAffairs.png 2019-05-13 19:57:04 CVE-2019-11815 Remote Code Execution affects Linux Kernel prior to 5.0.8 (lien direct)

Security experts have found a race condition vulnerability (CVE-2019-11815) in Linux Kernel Prior to 5.0.8 that expose systems to remote code execution. Linux systems based on kernel versions prior to 5.0.8 are affected by a race condition vulnerability leading to a use after free that could be exploited by hackers to get remote code execution. […]

The post CVE-2019-11815 Remote Code Execution affects Linux Kernel prior to 5.0.8 appeared first on Security Affairs.

ZDNet.png 2019-05-13 19:47:00 Twitter bug shared location data for some iOS users (lien direct)

Twitter said "a trusted partner" received some iOS users\' geo-location data.

no_ico.png 2019-05-13 19:30:01 Apps On Android Phones Present Threats To Security And Privacy (lien direct)

Its been reported that the apps bundled with many Android phones are presenting threats to security and privacy greater than most users think. This according to a paper (PDF) from university researchers in the US and Spain who studied the pre-installed software that 214 different vendors included in their Android devices. They found that everyone from the hardware builders to mobile …

The ISBuzz Post: This Post Apps On Android Phones Present Threats To Security And Privacy appeared first on Information Security Buzz.

bleepingcomputer.png 2019-05-13 19:25:02 Fxmsp Chat Logs Reveal the Hacked Antivirus Vendors, AVs Respond (lien direct)

A report last week about Fxmsp hacker group claiming access to the networks and source code of three antivirus companies with offices in the U.S. generated from alleged victims statements that are disputed by the firm that sounded the alarm. [...]

no_ico.png 2019-05-13 19:15:02 Survey Says: Microsoft Migration Isn\'t As Easy As It Sounds (lien direct)

A recent survey-report commissioned by 1E, Getting Your House in Order, was completed by 600 senior IT decision makers in the US and UK, split evenly between IT Operations and IT Security specialists. The intent was to see if, in the wake of so many devastating cyber-attacks in the last few years, lessons had been …

The ISBuzz Post: This Post Survey Says: Microsoft Migration Isn\'t As Easy As It Sounds appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-05-13 19:00:00 This Spider Uses a Silk Slingshot to Hurl Itself at Prey (lien direct)

At first glance, the triangle-weaver spider builds a web like any other spider. But once an insect hits that web, something damn near logic-defying happens.

TechRepublic.png 2019-05-13 18:53:00 5 best open source Linux server distributions (lien direct)

Looking for a Linux server distribution? Try one of these five.

no_ico.png 2019-05-13 18:50:03 US Government Unveils New North Korean Hacking Tool (lien direct)

It has been reported that yesterday the Department of Homeland Security and the FBI publicly identified a new North Korean malware capable of funnelling information from a victim’s computer network. Dubbed ElectricFish by government officials, the malware is the latest tool in North Korea’s hacking program, referred to as Hidden Cobra. The U.S. Cyber Emergency Response Team published a report warning the public …

The ISBuzz Post: This Post US Government Unveils New North Korean Hacking Tool appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-05-13 18:24:00 A Cisco Router Bug Has Massive Global Implications (lien direct)

Researchers have discovered a way to break one of Cisco\'s most critical security features, which puts countless networks at potential risk.

SecurityWeek.png 2019-05-13 18:04:05 US, EU Spar Over Sharing Electronic Evidence in Investigations (lien direct)

In August 2016, the lifeless bodies of a young French man and woman were discovered on a beach in Madagascar, with murder suspected.

The secret to the case could be in the last messages they sent, but those are stored in the databanks of US tech giants who don\'t have to turn over the information to French investigators.

read more

ZDNet.png 2019-05-13 17:54:01 North Korean cyberspies deploy new malware that harvests Bluetooth data (lien direct)

StarCruft hackers deploy Bluetooth-harvesting malware in recent campaign.

TechRepublic.png 2019-05-13 17:48:00 6 reasons why your IT project will fail (lien direct)

​Here are six of the most common project implementation problems--and how you can avoid them.

SecurityWeek.png 2019-05-13 17:47:01 Nine Charged in SIM Hijacking Scheme (lien direct)

The United States has indicted nine individuals with online identity theft and related charges, the U.S. Department of Justice announced. 

read more

SecurityWeek.png 2019-05-13 17:32:04 GAO Makes Recommendations to Improve Security of Taxpayer Data (lien direct)

The GAO Makes Recommendations to Improve Security of Taxpayer Information

read more

DarkReading.png 2019-05-13 17:25:00 LockerGoga, MegaCortex Ransomware Share Unlikely Traits (lien direct)

New form of ransomware MegaCortex shares commonalities with LockerGoga, enterprise malware recently seen in major cyberattacks.

SecurityWeek.png 2019-05-13 17:18:04 New Bill Proposes Cybersecurity Training for U.S. House Members (lien direct)

A bill introduced last week requires all members, officers and employees of the U.S. House of Representatives to undergo annual cybersecurity training.

read more

WiredThreatLevel.png 2019-05-13 17:11:00 \'Game of Thrones\' Recap, Season 8 Episode 5: How to Ruin Every Beloved Character (lien direct)

Perhaps the only insight into this careless and nihilistic episode comes from Jamie: It doesn\'t matter.

TechRepublic.png 2019-05-13 17:05:03 How to add a legal message to the Windows 10 login (lien direct)

Creating a legal message in Windows 10 Home requires an edit of the Registry file.

WiredThreatLevel.png 2019-05-13 17:04:05 Supreme Court Deals Blow to Apple in Antitrust Case (lien direct)

In Apple v. Pepper, the Supreme Court ruled in a 5–4 decision that Apple\'s App Store customers have standing to sue the company for antitrust violations.

no_ico.png 2019-05-13 17:03:05 Promoting Threat Modeling Work (lien direct)

Quick: are all the flowers the same species? People regularly ask me to promote their threat modeling work, and I’m often happy to do so, even when I have questions about it. There are a few things I look at before I do, and I want to share some of those because I want to…

Continue reading

TechRepublic.png 2019-05-13 16:57:00 How to create a ZFS storage pool on Ubuntu Server 18.04 (lien direct)

If you need to expand your cloud solution storage options, a ZFS storage pool might be ideal.

SecurityWeek.png 2019-05-13 16:53:00 Website Infections Holding Steady at 1%, But Attacks Becoming Stealthier: Report (lien direct)

Only 15% of Malware-Infected Websites Are Blacklisted, Report Finds

read more

Kaspersky.png 2019-05-13 16:46:00 ScarCruft APT Adds Bluetooth Harvester to its Malware Bag of Tricks (lien direct)

In its latest observed campaign, there were also overlaps in victimology with the DarkHotel APT.

TechRepublic.png 2019-05-13 16:38:05 Pixel 3a and 3a XL: Do the missing features justify the savings? (lien direct)

The newly-announced midrange Pixel 3a and Pixel 3a XL cut a few corners to reach an attractive price tag. TechRepublic explores how this affects business users.

Kaspersky.png 2019-05-13 16:38:03 ThreatList: Top 5 Most Dangerous Attachment Types (lien direct)

From ZIP attachments spreading Gandcrab, to DOC files distributing Trickbot, researchers tracked five widescale spam campaigns in 2019 that have made use of malicious attachments.

SecurityWeek.png 2019-05-13 16:26:00 Leak Reveals Activity of Iranian Hacking Group (lien direct)

Documents associated with the activity of Iranian APT group “Rana” have leaked online recently, exposing the group\'s targeting of individuals, as well as information on what appears to be some of the group\'s members.

read more

Blog.png 2019-05-13 16:16:04 Get Meterpreter Session Alert over slack (lien direct)

You’re going to learn ShellHerder in this post. It is a technique used to monitor all the sessions of Metasploit/Meterpreter. The basic idea to create it, that new incoming sessions could be easily monitored when Intruder cannot access the listener. This approach is quite helpful when a Pen-tester wants to get an alert for live... Continue reading

The post Get Meterpreter Session Alert over slack appeared first on Hacking Articles.

SecurityWeek.png 2019-05-13 16:14:05 An Ode to CISOs: How Real-World Risks Became Cyber Threats (lien direct)

From Vancouver to Volkswagen to Vanderbilt, the most significant threats facing organizations across every sector are now virtual. That\'s according to the World Economic Forum\'s 2019 Global Risks Report, which named cyber-attack the greatest non-environmental danger to mankind, ahead of even war and terrorism.

read more

DarkReading.png 2019-05-13 16:00:00 Attacks on JavaScript Services Leak Info From Websites (lien direct)

Three marketing tools, including the Best Of The Web security logomark, were compromised in supply chain attacks, allegedly leaving website customers leaking their users\' sensitive information.

MalwarebytesLabs.png 2019-05-13 15:55:04 A week in security (May 6 – 12) (lien direct) A roundup of security news from May 6–12, including breaches, privacy, financials, takedowns, and new ransomware tactics.


Security world Week in security


(Read more...)

The post A week in security (May 6 – 12) appeared first on Malwarebytes Labs.

TechRepublic.png 2019-05-13 15:50:00 Wacom continues entry-level product push with Intuos Pro Small (lien direct)

Wacom launches another tablet to not only work with seasoned professionals, but also lure beginners into the product line.

TechRepublic.png 2019-05-13 15:48:03 How to use SFTP with a chroot jail (lien direct)

Lock down all SFTP users on your data center Linux servers with a chroot jail.

SecurityWeek.png 2019-05-13 15:40:01 Sectigo Acquires IoT Security Firm Icon Labs (lien direct)

Certificate Authority (CA) Sectigo, formerly Comodo CA, has acquired Icon Labs, a provider of cross-platform security solutions for embedded OEMs and Internet of Things (IoT) device manufacturers.

read more

itsecurityguru.png 2019-05-13 15:34:03 Payment details and passwords collected from 4,600 sites. (lien direct)

Hackers have breached analytics service Picreel and open-source project Alpaca Forms and have modified JavaScript files on the infrastructure of these two companies to embed malicious code on over 4,600 websites, security researchers have told ZDNet. Source: ZDNet

The post Payment details and passwords collected from 4,600 sites. appeared first on IT Security Guru.

SecurityWeek.png 2019-05-13 15:29:00 North Korea-Linked \'ScarCruft\' Adds Bluetooth Harvester to Toolkit (lien direct)

A North Korea-linked threat group tracked as ScarCruft, APT37 and Group123 continues to evolve and expand its toolkit, Kaspersky Lab reported on Monday.

read more

TechRepublic.png 2019-05-13 15:26:03 Gen Z claims workers are more productive in noisy open offices (lien direct)

Older generations work better in different office environments than their younger counterparts, according to a Future Workplace report.

bleepingcomputer.png 2019-05-13 15:20:02 Linksys Smart Wi-Fi Routers Leak Info of Connected Devices (lien direct)

More than 25,000 Linksys Smart Wi-Fi routers are currently impacted by an information disclosure vulnerability which allows remote and unauthenticated access to a vast array of sensitive device information. [...]

TechRepublic.png 2019-05-13 15:20:00 Google shows off what\'s possible using the JavaScript programming language for machine learning (lien direct)

From head-controlled Pacman to browser-based upload filters -- here\'s what\'s possible using TensorFlow.js.

securityintelligence.png 2019-05-13 15:15:02 Meanwhile at the Plant…The Realities of Operational Security in the Age of Connected Machines (lien direct)

>As OT environments, especially with legacy systems in place, become increasingly connected, they may inherit OT security risks that were previously the domain of the IT environment.

The post Meanwhile at the Plant…The Realities of Operational Security in the Age of Connected Machines appeared first on Security Intelligence.

BBC.png 2019-05-13 15:08:04 Android pioneer HTC stages retreat from China (lien direct)

The phone-maker is closing its online stores on Alibaba and JD.com\'s platforms in the country.

TechRepublic.png 2019-05-13 15:01:02 7 companies hiring remote freelance developers, engineers, and data scientists right now (lien direct)

IT is one of the top industries hiring remote freelance workers, according to data from FlexJobs.

WiredThreatLevel.png 2019-05-13 15:00:05 New Jean-Luc Picard \'Star Trek\' Series Is Coming to Amazon. Sorta (lien direct)

It\'ll premiere on CBS All Access in the US, then go to Prime Video internationally.

TechRepublic.png 2019-05-13 14:55:02 Windows 10 has 825M users, but over 700M still haven\'t moved over (lien direct)

Microsoft is still short of the lofty goal of "one billion devices," but the clock is ticking for holdouts running Windows 7.

ZDNet.png 2019-05-13 14:36:01 Unsecured server exposes data for 85 percent of all Panama citizens (lien direct)

Server contained patient data, but no medical records were exposed --only personally identifiable information (PII).

grahamcluley.png 2019-05-13 14:27:04 Zara Larsson wants your password so she can watch Game of Thrones (lien direct)

When a celebrity asks if you can share your password…

ESET.png 2019-05-13 14:25:03 Verizon\'s data breach report: What the numbers say (lien direct)

What are some of the most interesting takeaways from Verizon\'s latest annual security report?

The post Verizon’s data breach report: What the numbers say appeared first on WeLiveSecurity

DarkReading.png 2019-05-13 14:15:00 Poorly Configured Server Exposes Most Panama Citizens\' Data (lien direct)

Compromised information includes full names, birth dates, national ID numbers, medical insurance numbers, and other personal data.

TechRepublic.png 2019-05-13 14:08:00 Top 5 challenges keeping IT pros up at night (lien direct)

IT professionals face a slew of concerns in today\'s connected ecosystem, according to an Insight Enterprises report.

11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Information mise à jours le: 2019-05-27 08:01:36
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter