What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
SecurityAffairs.png 2019-03-22 14:58:02 Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series (lien direct)

Cisco released security updates to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco released security patches to address vulnerabilities in its IP Phone 7800 and 8800 series that could be exploited by remote, unauthenticated attackers. Cisco IP Phone 8800 series are business desk phones […]

The post Cisco addresses High-Severity flaws in IP Phone 8800 and 7800 series appeared first on Security Affairs.

TechRepublic.png 2019-03-22 14:55:00 Survey: How is your company using serverless computing services? (lien direct)

Take this quick, multiple choice survey and tell us how serverless computing impacts your company.

bleepingcomputer.png 2019-03-22 14:41:04 Microsoft is Adding a Graphing Mode to the Windows 10 Calculator (lien direct)

In a new feature tracking post for the Microsoft\'s Calculator GitHub project, Microsoft has stated that they plan on adding a graphing mode to the Windows 10 calculator. [...]

no_ico.png 2019-03-22 14:30:03 Security Of Enterprise Wireless Networks (lien direct)

Providing enterprise network security is becoming an increasingly complex undertaking, as the number of threats emanating from the Internet continues to grow. Hackers continue to find new ways to attack systems and steal data. Dealing with these threats is highly complex. While numerous reviews like this may indicate that virtual private networks can protect you …

The ISBuzz Post: This Post Security Of Enterprise Wireless Networks appeared first on Information Security Buzz.

securityintelligence.png 2019-03-22 14:25:03 Vulnerability Assessments Versus Penetration Tests: A Common Misconception (lien direct)

>Vendors, cybersecurity professionals and marketing teams often use the terms "penetration testing" and "vulnerability assessment" interchangeably, mixing two completely different security engagements.

The post Vulnerability Assessments Versus Penetration Tests: A Common Misconception appeared first on Security Intelligence.

Logo_logpoint.jpg 2019-03-22 14:21:02 LockerGoga Ransomware (lien direct)

By Roshan Pokhrel, Associate Engineering Manager, LogPoint After rearing its ugly head in early 2019 by attacking French consulting firm Altran Technologies, LockerGoga ransomware strikes again! This time the unfortunate victim is Norsk Hydro, Scandinavia\'s largest and internationally renowned producer of aluminium.Eivind Kallevik, CFO of Norsk Hydro, stated that internal IT detected the attack had [...]

The post LockerGoga Ransomware appeared first on LogPoint.

bleepingcomputer.png 2019-03-22 14:12:00 Zero-Day WordPress Plugin Vulnerability Used to Add Malicious Redirects (lien direct)

WordPress websites using unpatched Social Warfare installations (v3.5.1 and v3.5.2) are exposed to attacks abusing a zero-day stored Cross-Site Scripting (XSS) vulnerability fixed in the 3.5.3 version of the plugin. [...]

TechRepublic.png 2019-03-22 14:01:00 Why millennials are the hardest employees to retain (lien direct)

Social engagement is crucial to retaining millennial employees, according to a Speakap report.

TechRepublic.png 2019-03-22 13:06:00 Windows 10 DHCP vulnerability allows for remote code execution (lien direct)

The vulnerability in Windows 10 and Windows Server 2019 gives attackers an entry point for further exploitation when combined with other vulnerabilities.

securityintelligence.png 2019-03-22 13:00:03 Taming Global Cybersecurity Risks Requires a Concerted Cyber Resilience Effort (lien direct)

>With the realization that "we\'re all in this together," boards want to learn how their organizations are collaborating with the rest of the ecosystem in planning and testing cyber resilience.

The post Taming Global Cybersecurity Risks Requires a Concerted Cyber Resilience Effort appeared first on Security Intelligence.

AlienVault.png 2019-03-22 13:00:00 Things I hearted this week, 22 March 2019 (lien direct)

RSA has come and gone, and things are settling down into a normal routine. I did write a post-RSA blog which covered the highlights and trends I observed.

Because of RSA and the subsequent week of getting through the backlog of emails and work, the news list has piled up with over 141 separate news items lined up in my list. But don’t worry, I’ll only share the ones I truly hearted.

Device and account security checklist

Bob Lord has put together a great resource to help people and companies better secure themselves and their organisations. Even if you’re a security expert, it’s worth checking out and sharing the checklist with friends and family.

The Citrix data breach

On March 6, 2019, the FBI contacted Citrix with the news that international cyber criminals had likely gained access to the internal Citrix network. The firm says in a statement that it has taken action to contain this incident. “We commenced a forensic investigation; engaged a leading cyber security firm to assist; took actions to secure our internal network; and continue to cooperate with the FBI,” says Stan Black, Citrix CISO.

Related

New phishing campaigns target real estate agents

Actors have been launching phishing campaigns that abuse several brands of well-known real estate franchises with the intent of capturing targeted real estate agents' email credentials. While this type of targeting in the real estate sector is not new, this post highlights the in-depth tactics, techniques, and procedures (TTPs) used. The TTPs and imagery used in the PDF are used to lure people in. Credential harvesting websites can be used for situational awareness to defend against these attacks.

Pros-for-hire no better at writing secure code than compsci beginners

Freelance developers hired to implement password-based security systems do so about as effectively as computer science students, which is to say not very well at all.

Boffins at the University of Bonn in Germany set out to expand on research in 2017 and 2018 that found computer science students asked to implement a user registration system didn't do so securely unless asked, and even then didn't always get it right.

WiredThreatLevel.png 2019-03-22 13:00:00 You Can Play With Escape Velocity-Without Leaving the Planet (lien direct)

Gravity is a real pain for aspiring space travelers. These equations explain how to defy it.

WiredThreatLevel.png 2019-03-22 13:00:00 \'Return of the Obra Dinn\' Is the Best Indie Game Around (lien direct)

The title won big at this week\'s Independent Gaming Festival.

no_ico.png 2019-03-22 12:55:00 Experts Comments: Facebook Employees Has Access To Hundreds Of Millions Of User Passwords In Plain Text For Years (lien direct)

The passwords of millions of Facebook users were accessible by up to 20,000 employees of the social network, it has been reported.  Security researcher Brian Krebs broke the news about data protection failures, which saw up to 600 million passwords stored in plain text.  #facebook messed it again? Yes. Plaintext passwords stored for years on their …

The ISBuzz Post: This Post Experts Comments: Facebook Employees Has Access To Hundreds Of Millions Of User Passwords In Plain Text For Years appeared first on Information Security Buzz.

ESET.png 2019-03-22 12:55:00 Facebook exposed millions of user passwords to employees (lien direct)

>The social network says that the passwords were never exposed externally and that it found no abuse of the glitch

The post Facebook exposed millions of user passwords to employees appeared first on WeLiveSecurity

TechRepublic.png 2019-03-22 12:53:04 Time to try the Julia programming language? Python challenger\'s new debugger fixes major complaint (lien direct)

Shortcomings in the data science-focused language are being addressed with the release of a "fully-featured debugger".

TechRepublic.png 2019-03-22 12:47:04 Data protection: Top 3 business challenges (lien direct)

More than a quarter of businesses experienced irreparable data loss in the past year, according to a Dell EMC survey.

ZDNet.png 2019-03-22 12:28:03 Facebook allegedly knew of Cambridge Analytica activity months prior to public reports (lien direct)

Court filings indicate that Facebook may have been well aware of what was going on before the scandal erupted.

WiredThreatLevel.png 2019-03-22 12:00:00 Those Midwestern Floods Are Expected to Get Much, Much Worse (lien direct)

The intense snow and rainfall and of the last several weeks have saturated the ground and rivers, leaving little room for yet more upcoming rain.

WiredThreatLevel.png 2019-03-22 12:00:00 Utah Just Became a Leader in Digital Privacy (lien direct)

Opinion: Utah legislators recently voted to pass landmark legislation in support of a new privacy law. Statehouses across the country should take notes.

WiredThreatLevel.png 2019-03-22 12:00:00 Review: \'Us\' Is About Ascending From Your Own Personal Hell (lien direct)

The wonder of Jordan Peele\'s latest movie lives in its layers.

bleepingcomputer.png 2019-03-22 11:29:04 Mozilla Firefox and Microsoft Edge Hacked on Second Day of Pwn2Own (lien direct)

During the second day of Pwn2Own Vancouver 2019, competitors successfully pwned the Mozilla Firefox and Microsoft Edge web browsers, as well as VMware\'s Workstation client, earning a total of $270,000 in cash awards. [...]

The_State_of_Security.png 2019-03-22 11:20:05 NC County Government Suffers Third Ransomware Infection in 6 Years (lien direct)

A county government in North Carolina has suffered a ransomware infection for the third time in the past six years. According to a statement published on its website, the Orange County government observed on 18 March that a virus had infected its network. It responded by shutting down all servers, which rendered public computers at […]… Read More

The post NC County Government Suffers Third Ransomware Infection in 6 Years appeared first on The State of Security.

SecurityWeek.png 2019-03-22 11:00:03 Observations From RSA Conference 2019 (lien direct)

The RSA Conference is one of the premier events in the cybersecurity world. At times, it can be an overwhelming experience for vendors and attendees alike because of its massive scale and fast pace; however, it\'s also a great opportunity for people like me to get insight into trends in the industry.

read more

WiredThreatLevel.png 2019-03-22 11:00:00 What to Expect From Monday\'s Big Apple Event (lien direct)

It\'s all about the services.

WiredThreatLevel.png 2019-03-22 11:00:00 Costa Rica\'s Zero-Carbon Plan Could Be a Model for the World (lien direct)

President Carlos Alvarado Quesada explains Costa Rica\'s plan to ditch fossil fuels and how it could inspire others to do the same.

WiredThreatLevel.png 2019-03-22 11:00:00 The Very Mathematical History of a Perfect Color Combination (lien direct)

Solarized creator Ethan Schoonover sought colors that would look good together, have the same apparent brightness, and work on light and dark backgrounds.

ZDNet.png 2019-03-22 10:42:03 Critical flaw revealed in Facebook Fizz TLS project (lien direct)

The DoS vulnerability is trivially easy to trigger.

globalsecuritymag.png 2019-03-22 10:10:02 AllClear ID to take the stage at KNOW 2019 (lien direct)

AllClear ID will be sharing its unique perspective and expertise on breach response strategy and the role of digital identity at KNOW 2019 in Las Vegas. On Monday 25th March, Thomas Bostrøm Jørgensen, General Manager, EMEA will take the stage in the \'Security Strategy and Breach Response\' session. This session will discuss lessons learned from data breaches, best practice to avoid incidents, and how to work across organisations to improve security and trust. In the panel, AllClear ID will be (...) - Business

WiredThreatLevel.png 2019-03-22 10:00:00 The Top 3 Video Doorbells for Capturing Who\'s There (lien direct)

The latest models don\'t just connect your door to you phone. Control these with your voice, and let them govern the gadgets in your smart home.

WiredThreatLevel.png 2019-03-22 10:00:00 Smart Devices for Teaching an Old House New Tricks (lien direct)

Add convenience and energy-saving perspective to your home with these intelligent gadgets.

WiredThreatLevel.png 2019-03-22 10:00:00 Having Sleep Troubles? There\'s a Gadget for That (lien direct)

From smart mattresses to aural headbands, devices claiming to deliver a more satisfying slumber keep materializing. Do we really need so much help?

WiredThreatLevel.png 2019-03-22 10:00:00 Withings Move ECG Watch Is Good for Your Ticker (lien direct)

It may look like a stylish, minimalist timepiece but it tracks you steps and can detect if your heart skips a beat.

bleepingcomputer.png 2019-03-22 09:53:05 2 Million Emails of 350K+ Clients Possibly Exposed in Oregon DHS Data Breach (lien direct)

The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack. [...]

SecurityAffairs.png 2019-03-22 09:46:05 Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks (lien direct)

On the second day of the Pwn2Own 2019 hacking competition, white hat hackers earned a total of $270,000 for exploits against the Mozilla Firefox and Microsoft Edge web browsers. Day 2 at Pwn2Own 2019 hacking competition – White hat hackers earned $270,000 for exploits against the Mozilla Firefox and Microsoft Edge browsers. The security duo […]

The post Pwn2Own 2019 Day 2 – Hackers earned $270,000 for Firefox, Edge hacks appeared first on Security Affairs.

SecurityAffairs.png 2019-03-22 08:34:05 FIN7 is back with a previously unseen SQLRat malware (lien direct)

The financially-motivated hacking group FIN7 is back and used a new piece of malware in a recent hacking campaign. Security experts at Flashpoint revealed that the financially-motivated cybercrime group FIN7 (aka Anunak and Carbanak) used new malware in a recent hacking campaign. The group that has been active since late 2015 targeted businesses worldwide to […]

The post FIN7 is back with a previously unseen SQLRat malware appeared first on Security Affairs.

Logo_logpoint.jpg 2019-03-22 08:21:01 Introduction to LogPoint SIEM and UEBA (lien direct)

The "Introduction to LogPoint SIEM and UEBA" webinar hosted by LogPoint Senior Sales Engineer Tim Strack is now available on demand. Fill out the form to access the webinar and experience: How LogPoint\'s SIEM solution is tailored to solve the specific security management challenges of any organization, whether the goal is compliance, security monitoring, operational [...]

The post Introduction to LogPoint SIEM and UEBA appeared first on LogPoint.

Korben.png 2019-03-22 08:00:00 Tsunami financier, désastre humanitaire ? (lien direct)

Les copains de Thinkerview ont interviewé Gaël Giraud, chef économiste de l’Agence Française de Développement au sujet de la crise financière qui se profile à l’horizon. Ce monsieur semble bien connaitre son sujet et nous explique grosso modo que tout ce qui se passe en ce moment n’est que symptômes … Suite

Blog.png 2019-03-22 07:11:03 BEST PRACTICES: How to protect yourself from the enduring scourge of malvertising (lien direct)

Malvertising is rearing its ugly head – yet again. Malicious online ads have surged and retreated in cycles since the earliest days of the Internet. Remember when infectious banner ads and viral toolbars cluttered early browsers? Related: Web application exposures redouble Historically, with each iteration of malicious ads, the online advertising industry, led by Google, […]

SecurityWeek.png 2019-03-22 06:30:00 Researchers Earn $270,000 for Firefox, Edge Hacks at Pwn2Own 2019 (lien direct)

White hat hackers earned a total of $270,000 on the second day of the Pwn2Own hacking competition for demonstrating exploits against the Mozilla Firefox and Microsoft Edge web browsers.

read more

ZDNet.png 2019-03-22 05:30:00 Microsoft tech support scammer pleads guilty to defrauding victims of $3 million (lien direct)

Suspect admits role in criminal operation within a week after being arrested.

CSO.png 2019-03-22 05:27:00 IDG Contributor Network: Facebook stashing plain text passwords is a wake-up call to improve GRC (lien direct)

As details emerged of how Facebook captured hundreds of millions of plain text passwords and stored them on internal company servers, my entire IT career flashed before my eyes. While it is criminal that there is apparently no adult supervision or oversight on what developers at Facebook can do with a user\'s credentials when logging into their apps, they are certainly not alone in their handling of plain text passwords.

During my time as CEO at VeriClouds (a provider of identity threat intelligence that uses analytics on top a data lake of more than 10 billion compromised credentials) I was in a meeting with an executive of Twitter when he admitted to using a competitor\'s service whereby his team received “dumps” of compromised credentials – yes ladies and gentlemen, in plain text. I can understand that being a normal and accepted practice a decade ago before the President of the United States started using his service. I am bewildered as to why any security officer worth his title would allow a practice to occur, let alone continue at a massive social media site such as Twitter.

To read this article in full, please click here

The_Hackers_News.png 2019-03-22 04:57:03 Get 4 Essential CyberSecurity Software For Less Than $10 Per Month (lien direct)

Major data breaches and cyber attacks are occurring at an alarming rate, and if you are still not using a VPN and password manager app, you are seriously out of excuses. Not just VPN software and a password manager, cybersecurity experts also recommend using antivirus and backup solutions to protect your computers and precious data stored on them. Unfortunately, to cover these bases, one

The_Hackers_News.png 2019-03-22 04:54:04 Medtronic\'s Implantable Defibrillators Vulnerable to Life-Threatening Hacks (lien direct)

The U.S. Department of Homeland Security Thursday issued an advisory warning people of severe vulnerabilities in over a dozen heart defibrillators that could allow attackers to fully hijack them remotely, potentially putting lives of millions of patients at risk. Cardioverter Defibrillator is a small surgically implanted device (in patients\' chests) that gives a patient\'s heart an electric

CSO.png 2019-03-22 03:00:00 Magecart payment card skimmer gang returns stronger than ever (lien direct)

Hackers are using increasingly sophisticated techniques to hide malicious code on e-commerce websites with the goal of stealing payment card details. Known as web skimmers, these malicious scripts have led to major breaches at online retailers over the past year and will very likely continue to cause problems for some time to come.

The_Hackers_News.png 2019-03-22 00:55:05 Microsoft Announces Windows Defender ATP Antivirus for Mac (lien direct)

Brace yourself guys. Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Sounds crazy, right? But it\'s true. Microsoft Thursday announced that the company is bringing its anti-malware software to Apple\'s macOS operating system as well-and to more platforms soon, like Linux. As a result, the technology giant renamed its Windows Defender Advanced

WiredThreatLevel.png 2019-03-22 00:19:05 Your Facebook Password Isn\'t Safe. Neither Is Your Android Phone (lien direct)

Catch up on the most important tech news today in two minutes or less.

ZDNet.png 2019-03-21 23:21:00 Over 100,000 GitHub repos have leaked API or cryptographic keys (lien direct)

Thousands of new API or cryptographic keys leak via GitHub projects every day.

WiredThreatLevel.png 2019-03-21 23:06:03 Tesla Sues Zoox Over Manufacturing and Logistics Secrets (lien direct)

The electric car company says four former employees took proprietary information to their new jobs at Zoox. Oh, and Tesla sued an employee of another rival, too.

WiredThreatLevel.png 2019-03-21 22:50:04 TypeScript\'s Quiet, Steady Rise Among Programming Languages (lien direct)

TypeScript, Microsoft\'s JavaScript Alternative, Continues to Rise in Popularity

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-03-26 04:01:32
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter