What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
TechRepublic.png 2019-09-18 14:21:19 How to use Docker Compose files without the docker-compose command (lien direct)

Find out how you can use docker-compose.yml files without the docker-compose command.

SecurityWeek.png 2019-09-18 13:58:58 U.S. Could Launch Cyberattack on Iran in Response to Saudi Oil Attack (lien direct)

US could launch more cyberattacks on Iran

read more

TechRepublic.png 2019-09-18 13:56:58 How to disable notifications on the macOS lock screen (lien direct)

Find out how to prevent macOS from inadvertently giving away some precious personal or company secrets from the lock screen.

TechRepublic.png 2019-09-18 13:50:34 Digital dexterity: What it is, why your organization needs it, and how CIOs can lead the charge (lien direct)

A report from Gartner says digital dexterity is fundamental to modern businesses, and it\'s the job of CIOs to implement it. Here\'s how to get started.

SecurityWeek.png 2019-09-18 13:44:51 Top 10 Tactical Recommendations for SMB Cybersecurity (lien direct)

In my previous column I introduced the concept of “Think 360, Demand 360” as it applies to data protection, privacy, and cyber security.

read more

TechRepublic.png 2019-09-18 13:43:16 PwC: Boosting digital resilience is the new best defense against cyber attacks (lien direct)

Now that you\'ve completed your digital transformation, you need to build a system to protect this new way of doing business.

securityintelligence.png 2019-09-18 13:30:30 How Data Loss Prevention (DLP) Can Help Solve the Insider Threat Problem (lien direct)

Reading Time: 3 minutes A data loss prevention (DLP) solution that delivers comprehensive visibility, historical context and file recovery can help organizations meet the challenges posed by insider threats.

The post How Data Loss Prevention (DLP) Can Help Solve the Insider Threat Problem appeared first on Security Intelligence.

bleepingcomputer.png 2019-09-18 13:27:26 Windows Defender Antivirus Scans Broken After New Update (lien direct)

Microsoft has released a new update for Windows Defender that has broken both the Quick and Full antivirus scans. When users use these scan options, Windows Defender will only scan approximately 40 files. [...]

The_State_of_Security.png 2019-09-18 13:23:04 CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency (lien direct)

Mac users can\'t ignore the need to protect their computers from malware with up-to-date anti-virus software and other security tools.

The post CookieMiner malware targets Macs, steals passwords and SMS messages, mines for cryptocurrency appeared first on The State of Security.

TechRepublic.png 2019-09-18 13:21:19 You\'ve got mail? Adobe survey shows that email won\'t be going away any time soon (lien direct)

Email and millennials\' keen sense of how to achieve a work-life balance were two key findings of a new study.

SecurityAffairs.png 2019-09-18 13:06:33 Memory corruption flaw in AMD Radeon driver allows VM escape (lien direct)

Experts at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that could lead to VM escape. Researchers at Cisco Talos group discovered a vulnerability in the AMD ATI Radeon ATIDXX64.DLL driver that be exploited by an attacker to escale the VM and execute code on the host. This flaw affects […]

The post Memory corruption flaw in AMD Radeon driver allows VM escape appeared first on Security Affairs.

TechRepublic.png 2019-09-18 13:00:10 Salesforce CRM software rolls out faster search tool (lien direct)

Natural language queries and an actionable search bar are two key features in new Einstein Search feature.

TechRepublic.png 2019-09-18 13:00:10 Exposed RDP servers see 150K brute-force attempts per week: Here\'s how to protect them (lien direct)

BlueKeep and DejaBlue renewed interest in brute-force scanning for vulnerable systems, which negatively impacts Windows Server performance. Cameyo offers solutions to protect your Virtual Desktop server.

TechRepublic.png 2019-09-18 13:00:08 Aliro aims to make quantum computers usable by traditional programmers (lien direct)

Different quantum designs are suited to different workloads. Aliro hopes to provide a common platform to minimize differences and make it easier for businesses to adopt quantum.

AlienVault.png 2019-09-18 13:00:00 Does your government take cybersecurity seriously enough? (lien direct)

picture of a government building

Photo by Katie Moum on Unsplash

Cybercrime is global, but the response isn’t. Governments in the west are slowly waking up to the importance of cybersecurity, and are (equally slowly) helping businesses to safeguard data and home users to protect their homes from cyberattack.

Look outside Europe and the US, though, and the picture is radically different. African countries, in particular, are underprepared for the impact of cyberattacks, and lack the governmental expertise to deal with them.

This is an issue for citizens of these countries, but also for us in the west. Poorly prepared countries act as safe havens for cybercriminals, and hackers (some of them state-sponsored) can use these countries to stage cyberattacks that directly impact users in the west.

Cybercrime: a global view

Though you wouldn’t know it from the press coverage, large cyberattacks don’t just affect the west.

Africa, for instance, actually has a huge problem with cybercrime. Recent reports from Botswana, Zimbabwe and Mozambique show that companies are increasingly falling victim to cybercrime. The global WannaCry malware attack of May 2017 hit South Africa hard, and companies in that country typically lose R36 million when they fall victim to an attack.

This situation is mirrored across the global south. It is made worse by the fact that developing nations do not have governmental policies for dealing with cyberattacks. This makes companies and home users in these countries particularly vulnerable. It also means that hackers can route their activities through these countries, which have neither the technical nor the legal expertise to catch them, let alone punish them.

Though government policies on cybercrime vary widely across the globe, many of the largest attacks of recent years rely for their success on their global reach. The Mirai Botnet, for instance, managed to infect IoT devices across a huge range of territories and countries, and this global base made it incredibly difficult to stop. Attacks like this have made the IoT one of the largest concerns among security professionals today.

Given this context, it is time for governments – in all countries and at all levels – to do more when it comes to managing cyber risk.

Managing risk

The approach that governments take to dealing with cyber risk is a critical factor in the success of these programs. Too often, governments take a ‘hands off’ approach, issuing advice to citizens and businesses about how to avoid falling victim to an attack, and then expecting them to protect themselves.

This approach i

WiredThreatLevel.png 2019-09-18 13:00:00 Clever New DDoS Attack Gets a Lot of Bang for a Hacker\'s Buck (lien direct)

By exploiting the WS-Discovery protocol, a new breed of DDoS attack can get a huge rate of return.

WiredThreatLevel.png 2019-09-18 13:00:00 Sonos Move Review: The King of Wi-Fi Speakers Adds Bluetooth (lien direct)

Our time with the first Sonos speaker that has a battery and Bluetooth. Is Sonos ready for portability?

SecurityWeek.png 2019-09-18 12:14:40 Facebook Takes Down Misleading Campaigns From Iraq, Ukraine (lien direct)

Facebook this week announced that it removed multiple pages, groups, and accounts engaged in misleading behavior on the social platform.

read more

Blog.png 2019-09-18 12:00:29 Spotlight Podcast: Security Automation is (and isn\'t) the Future of Infosec (lien direct)

n this Spotlight Podcast, we speak with David Brumley, the Chief Executive Officer at the security firm ForAllSecure and an expert on the use of machine learning and automation to cyber security problems. We talk about the growing demand for security automation tools and how the chronic cyber security talent shortage in North America and elsewhere...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/606908336/0/thesecurityledger -->»

TechRepublic.png 2019-09-18 12:00:11 First 53-qubit IBM Q system to roll out at NY Quantum Computation Center (lien direct)

IBM\'s new Quantum Computation Center in Armonk, NY will be home to 14 quantum computers, with cloud-delivered access to enterprises and academia.

WiredThreatLevel.png 2019-09-18 12:00:00 Does the FDA Even Regulate E-Cigs? Actually Kinda Not (lien direct)

That\'s why all those weird, possibly toxic flavorings are allowed-and the lax regulatory environment goes back a century.

WiredThreatLevel.png 2019-09-18 12:00:00 The Facebook Portal Smart Speaker Is Back, Now With More AI (lien direct)

New models of Facebook\'s smart speaker plus camera start at $129, and offer improved tech to track body movements during calls.

DarkReading.png 2019-09-18 11:55:00 One Arrested in Ecuador\'s Mega Data Leak (lien direct)

Officials arrest a leader of consulting firm Novaestrat, which owned an unprotected server that exposed 20.8 million personal records.

Trend.png 2019-09-18 11:52:41 Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites (lien direct)

We discovered a series of incidents where the credit card skimming attack Magecart was used to hit the booking websites of chain-brand hotels - the second time we\'ve seen a Magecart threat actor directly hit ecommerce service providers instead of going for individual stores or third-party supply chains.

The post Magecart Skimming Attack Targets Mobile Users of Hotel Chain Booking Websites appeared first on .

SecurityWeek.png 2019-09-18 11:44:09 Code Execution Vulnerabilities Found in Aspose PDF Processing Product (lien direct)

Several critical remote code execution vulnerabilities have been found by Cisco Talos researchers in a PDF file processing product from Aspose.

read more

grahamcluley.png 2019-09-18 11:13:39 How to get away with hacking a US satellite (lien direct)

The US Air Force wants to know if you can hijack control of an orbiting satellite and turn its camera from staring at Earth to point at the moon instead.

Read more in my article on the Hot for Security blog.

The_State_of_Security.png 2019-09-18 11:08:42 TFlower Ransomware Targeting Businesses via Exposed RDS (lien direct)

A new crypto-ransomware threat called “TFlower” is targeting corporate environments via exposed Remote Desktop Services (RDS). First discovered in August, the ransomware makes its way onto a corporate network after attackers hack into a machine’s exposed Remote Desktop Services. This attack vector enables bad actors to infect the local machine with TFlower. At that point, […]… Read More

The post TFlower Ransomware Targeting Businesses via Exposed RDS appeared first on The State of Security.

Pirate.png 2019-09-18 11:08:34 Lutter efficacement contre les ransomwares (lien direct)
Comprendre les ransomwares et comment les combattre avec succès - Les ransomwares, ou rançonlogiciels, en interdisant l\'accès à des données sensibles, ont inventé un nouveau type de cyber attaque : le chantage numérique. Ils affectent aujourd\'hui des victimes dans le monde entier, dans toutes les langues.
ZDNet.png 2019-09-18 11:05:14 These software vulnerabilities top MITRE\'s most dangerous list (lien direct)

The Top 25 list gives developers indicators of what cybersecurity threats they should be most aware of.

securityintelligence.png 2019-09-18 11:00:25 The Future of Cybercrime: Where Are We Headed? (lien direct)

Reading Time: 3 minutes By 2024, the collective cost of data breaches will reach $5 trillion, according to a study by Juniper Research. This is just one indication of how the future of cybercrime will impact us.

The post The Future of Cybercrime: Where Are We Headed? appeared first on Security Intelligence.

WiredThreatLevel.png 2019-09-18 11:00:00 Richard Stallman and the Fall of the Clueless Nerd (lien direct)

The controversial pioneer of free software resigned from MIT over his remarks on Jeffrey Epstein and Marvin Minsky. Stallman won\'t be the last.

bleepingcomputer.png 2019-09-18 10:47:41 Microsoft Phishing Page Sends Stolen Logins Using JavaScript (lien direct)

A new landing page for a Microsoft account phishing scam has been discovered that utilizes the SmtpJS service to send stolen credentials via email to the attacker. [...]

DarkReading.png 2019-09-18 10:45:00 A Virus Walks Into a Bar ... (lien direct)

Laughter is, well, contagious. Jokes begin in earnest at the one-minute mark.

no_ico.png 2019-09-18 10:21:22 LastPass And Malicious Websites Extract Your Last Used Password (lien direct)

LastPass has patched a bug that would have allowed a malicious website to extract a previous password entered by the service\'s browser extension. It was reported that that the bug was discovered by Tavis Ormandy, a researcher in Google\'s Project Zero team, and was disclosed in a bug report dated August 29th.

The ISBuzz Post: This Post LastPass And Malicious Websites Extract Your Last Used Password appeared first on Information Security Buzz.

bleepingcomputer.png 2019-09-18 10:06:47 Amadey Botnet Targets U.S. Taxpayers with Tax Refund Notice (lien direct)

A phishing campaign has been spotted recently delivering Amadey botnet malware to taxpayers in the U.S. through fake income tax refund emails. [...]

WiredThreatLevel.png 2019-09-18 10:00:00 Apple Watch Series 5 Review: Always on Time (lien direct)

The biggest update is a most welcome one: A redesigned display that always shows the time of day.

WiredThreatLevel.png 2019-09-18 10:00:00 Don\'t Storm Area 51, Begs the Webmaster of the UFO Kingdom (lien direct)

Joerg Arnu loves the secretive military base, documents it on an exhaustive fan site, and wants people to visit-just not all at once.

Pirate.png 2019-09-18 09:30:01 Alerte botnet : Emotet refait surface en Europe (lien direct)
Après 3 mois et demi d\'absence, le botnet Emotet fait son retour dans le paysage de la menace.
zataz.png 2019-09-18 09:15:50 Administration : Des milliers de documents de mexicains sur le web (lien direct)

Le stockage dans le cloud est un élément de cybersécurité que trop peu d’entreprise prend au sérieux, pensant que le stockeur se charge de fermer les portes. Si Amazon, Google, Oceanet Technology … proposent des services et des murs blindés, vous restez responsable des clés qui ouvrent le coff...

Cet article Administration : Des milliers de documents de mexicains sur le web est apparu en premier sur ZATAZ.

bleepingcomputer.png 2019-09-18 09:04:53 Smominru Mining Botnet In Cyber Turf War With Rival Malware (lien direct)

The Smominru mining botnet continues to wreck havoc on corporate machines by not only installing cryptominers, but also stealing credentials, installing backdoors, and making system configuration modifications that could affect the proper operation of an infected machine. [...]

ZDNet.png 2019-09-18 08:45:20 New ransomware strain uses \'overkill\' encryption to lock down your PC (lien direct)

The new Nemty malware may have ties to GandCrab and Sodinokibi.

zataz.png 2019-09-18 08:29:08 Hameçonnage aux couleurs de Veolia et de la LCL (lien direct)

Le phishing, l\'hameçonnages n’a jamais été aussi présent. Dernier cas en date marquant, l’usurpation d’une facture d’eau VEOLIA pour intercepter les données des clients de la banque LCL. Facture d’eau VEOLIA ? Gare à la noyade 2.0. Comme je vous l’explique dans ma...

Cet article Hameçonnage aux couleurs de Veolia et de la LCL est apparu en premier sur ZATAZ.

Pirate.png 2019-09-18 08:05:55 SKIDMAP : nouveau logiciel malveillant Linux (lien direct)
Les chercheurs en cybersécurité ont récemment identifié un nouveau logiciel malveillant Linux. Connu sous le nom de Skidmap, il exploite non seulement de manière illicite la crypto-monnaie, mais en plus fournit aux attaquants un accès universel à un système infecté via un "mot de passe principal secret".
The_Hackers_News.png 2019-09-18 07:11:00 IT Firm Manager Arrested in the Biggest Data Breach Case of Ecuador\'s History (lien direct)

Ecuador officials have arrested the general manager of IT consulting firm Novaestrat after the personal details of almost the entire population of the Republic of Ecuador left exposed online in what seems to be the most significant data breach in the country\'s history. Personal records of more than 20 million adults and children, both dead and alive, were found publicly exposed on an unsecured

Data Breach
Korben.png 2019-09-18 07:00:44 Jouez gratuitement à Diablo depuis votre navigateur (lien direct)

Il y a environ 2 mois, je vous avais parlé du célèbre jeu Diablo qui venait d’être entièrement reversé et était du coup dispo sur Nintendo Switch et les configurations modernes (Windows, Linux et Mac OS). Et il n’aura pas fallu attendre (trop) longtemps pour voir apparaître une version jouable … Suite

Korben.png 2019-09-18 07:00:03 Tiler – Pour générer des images mosaïques avec n\'importe quelle forme (lien direct)

Vous voyez, ces outils en ligne qui permettent de pixeliser des images pour en faire de jolies mosaïques ? Et bien aujourd’hui je vous propose de faire pareil avec un outil que vous maitriserez. Cet outil c’est Tiler. Fonctionnant en ligne de commande, Tiler est capable de composer une image … Suite

SecurityAffairs.png 2019-09-18 06:23:39 Skidmap Linux miner leverages kernel-mode rootkits to evade detection (lien direct)

Trend Micro researchers spotted a piece of Linux cryptocurrency miner, dubbed Skidmap that leverages kernel-mode rootkits to evade the detection. Skidmap is a new piece of crypto-miner detected by Trend Micro that target Linux machines, it uses kernel-mode rootkits to evade the detection. This malware outstands similar miners because of the way it loads malicious […]

The post Skidmap Linux miner leverages kernel-mode rootkits to evade detection appeared first on Security Affairs.

The_Hackers_News.png 2019-09-18 06:05:13 Smominru Botnet Indiscriminately Hacked Over 90,000 Computers Just Last Month (lien direct)

Insecure Internet-connected devices have aided different types of cybercrime for years, most common being DDoS and spam campaigns. But cybercriminals have now shifted toward a profitable scheme where botnets do not just launch DDoS or spam-they mine cryptocurrencies as well. Smominru, an infamous cryptocurrency-mining and credential-stealing botnet, has become one of the rapidly spreading

CSO.png 2019-09-18 06:00:00 Secrets of latest Smominru botnet variant revealed in new attack (lien direct)

The latest iteration of Smominru, a cryptomining botnet with worming capabilities, has compromised over 4,900 enterprise networks worldwide in August. The majority of the affected machines were small servers and were running Windows Server 2008 or Windows 7.

Smominru is a botnet that dates back to 2017 and its variants have also been known under other names, including Hexmen and Mykings. It is known for the large number of payloads that it delivers, including credential theft scripts, backdoors, Trojans and a cryptocurrency miner.

To read this article in full, please click here

bleepingcomputer.png 2019-09-18 06:00:00 New TortoiseShell Group Hacks 11 IT Providers to Reach Their Customers (lien direct)

A newly discovered threat group that security researchers call TortoiseShell is compromising IT providers in what seems to be supply-chain attacks intended to reach the network of specific customers. [...]

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-09-22 08:07:45
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter