What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
InfosecIsland.png 2019-03-21 04:50:05 Internet-Exposed IBM BigFix Relays May Lead to Full Remote Compromise (lien direct)

Internet-facing relays in IBM BigFix deployments could lead to information disclosure and potential full remote compromise if not properly configured, Atredis Partners security researchers have discovered.

TechRepublic.png 2019-03-21 04:47:01 How to recruit and retain developers (lien direct)

Developers are a smart, picky bunch. If you\'re hoping to attract and retain top engineering talent, here are key tips.

WiredThreatLevel.png 2019-03-20 23:58:01 A Cab\'s-Eye View of How Peloton\'s Trucks \'Talk\' to Each Other (lien direct)

It\'s a technology called platooning, and it could be safer and more efficient than regular truck-driving, but easier to implement than full-on robo trucks.

mcafee.png 2019-03-20 22:36:01 Analysis of a Chrome Zero Day: CVE-2019-5786 (lien direct)

1. Introduction On March 1st, Google published an advisory [1] for a use-after-free in the Chrome implementation of the FileReader API (CVE 2019-5786). Clement Lecigne from Google Threat Analysis Group reported the bug as being exploited in the wild and targeting Windows 7, 32-bit platforms. The exploit leads to code execution in the Renderer process, […]

The post Analysis of a Chrome Zero Day: CVE-2019-5786 appeared first on McAfee Blogs.

no_ico.png 2019-03-20 21:42:04 Cyber Security As A Service (lien direct)

Cyber security becomes more complex, more expensive and more frustrating year on year. The threat landscape is changing too fast. The data management and privacy compliance demands are onerous and expensive. The business risks are too high. Companies can simply no longer place the burden of cyber security and cyber resilience on an IT Manager; …

The ISBuzz Post: This Post Cyber Security As A Service appeared first on Information Security Buzz.

Kaspersky.png 2019-03-20 21:20:00 Mac-Focused Malvertising Campaign Abuses Google Firebase DBs (lien direct)

Researchers said 1 million user sessions could have been exposed to the campaign, which downloads the Shlayer trojan.

ZDNet.png 2019-03-20 20:54:00 Lithuanian man pleads guilty to scamming Google and Facebook out of $123 million (lien direct)

Man posed as hardware vendor to trick Google and Facebook into sending payments to his bank accounts.

SecurityWeek.png 2019-03-20 20:38:03 Researchers Use UPnP Protocol to Unmask IPv6 Address (lien direct)

Cisco Talos security researchers were able to leverage properties of the Universal Plug and Play (UPnP) protocol to unmask the IPv6 address of specific IPv4 hosts.

read more

Kaspersky.png 2019-03-20 20:36:05 Post-Perimeter Security: Addressing Evolving Mobile Enterprise Threats (lien direct)

Experts from Gartner, Lookout and Google talk enterprise mobile security in this webinar replay.

TechRepublic.png 2019-03-20 20:20:05 How to access your Android phone\'s texts and photos in Windows 10 (lien direct)

You can view photos and text messages from your Android device directly in Windows 10. Follow these step-by-step instructions on how to use the Your Phone Companion app.

WiredThreatLevel.png 2019-03-20 20:18:01 An Android Vulnerability Went Unfixed For Over Five Years (lien direct)

Older Android devices-of which there are over 100 million still in use-will remain exposed.

SecurityWeek.png 2019-03-20 20:12:05 Windows Hello Support Added to Firefox 66 (lien direct)

Mozilla this week released Firefox 66 with support for Windows Hello for Web Authentication on Windows 10, as well as with patches for 21 vulnerabilities. 

The newly added support for Windows Hello should provide users with a passwordless experience on the web, but also with increased security, Mozilla says. 

read more

SecurityWeek.png 2019-03-20 20:03:00 Multiple Vulnerabilities Fixed in CUJO Smart Firewall (lien direct)

Vulnerabilities recently addressed by CUJO AI in the CUJO Smart Firewall could be exploited to take over the device, Cisco Talos security researchers reveal. 

read more

WiredThreatLevel.png 2019-03-20 19:50:00 The EU Hits Google With a Third Billion-Dollar Fine. So What? (lien direct)

The latest penalty---stemming from how Google previously displayed search results on other websites---probably won\'t act as a deterrent, and critics want more.

SecurityWeek.png 2019-03-20 19:48:02 Authentication Bypass Vulnerability Found in SoftNAS Cloud (lien direct)

A security firm\'s Vulnerability Research Team (VRT) found and reported a vulnerability in SoftNAS Cloud data storage. SoftNAS fixed the vulnerability last week, and details of the vulnerability are now being made public.

read more

SecurityWeek.png 2019-03-20 19:23:02 Vulnerability in NSA\'s Reverse Engineering Tool Allows Remote Code Execution (lien direct)

A vulnerability in Ghidra, the generic disassembler and decompiler released by the National Security Agency (NSA) in early March, could be exploited to execute code remotely, researchers say. 

read more

ZDNet.png 2019-03-20 19:22:02 AT&T, Comcast successfully test SHAKEN/STIR protocol for fighting robocalls (lien direct)

AT&T and Comcast successfully test first SHAKEN/STIR-authenticated call between two different networks.

bleepingcomputer.png 2019-03-20 19:18:01 Instagram Testing Anti-Squatting Feature that Locks Old Usernames (lien direct)

Instagram is currently testing a new feature designed to automatically lock usernames for 14 days after the owners switch to a new handle, as discovered by mobile researcher Jane Manchun Wong in an Alpha version of the platform\'s Android app. [...]

Kaspersky.png 2019-03-20 19:03:03 Years-Long Phishing Campaign Targets Saudi Gov Agencies (lien direct)

The campaign, codenamed “Bad Tidings,” has sought out victims\' credentials with clever fake landing pages pretending to be the Saudi Arabian Ministry of Interior\'s e-Service portal.

WiredThreatLevel.png 2019-03-20 18:53:00 Fei-Fei Li Wants AI to Care More About Humans (lien direct)

Stanford professor and former Google employee Fei-Fei Li is the force behind the new Institute for Human-Centered Artificial Intelligence.

no_ico.png 2019-03-20 18:37:03 New Mirai Botnet Is Coming For Your Connected Screens (lien direct)

A strain of the botnet malware Mirai has emerged focused on a wider set of embedded internet-connected devices. Researchers at Palo Alto this week stated that a variant of the notorious Internet-of-Things infector is now looking to hijack TVs and projectors designed to display information and adverts, as well as the usual broadband routers, network-attached storage boxes, and IP-enabled …

The ISBuzz Post: This Post New Mirai Botnet Is Coming For Your Connected Screens appeared first on Information Security Buzz.

TechRepublic.png 2019-03-20 18:34:00 The Apple Developer Program: What professionals need to know (lien direct)

If you want to develop software for macOS, iOS, tvOS, or watchOS, read this overview about Apple\'s Developer Program.

SecurityAffairs.png 2019-03-20 18:23:02 MyPillow and Amerisleep are the latest victims of Magecart gangs (lien direct)

Security experts at riskIQ revealed today that another two organizations were victims of Magecart crime gang, the bedding retailers MyPillow and Amerisleep. Security experts at RiskIQ announced that the two bedding retailers MyPillow and Amerisleep were victims of the Magecart cybercrime gang. The Magecart umbrella includes at least 11 different hacking crews that has been active at least since […]

The post MyPillow and Amerisleep are the latest victims of Magecart gangs appeared first on Security Affairs.

bleepingcomputer.png 2019-03-20 18:02:00 Putty 0.71 Fixes Weakness That Allows Fake Login Prompts (lien direct)

The latest version of PuTTY SSH and Telnet client adds protection against spoofing the terminal authentication prompt to steal login info. Recently released, the update comes after a 20-month hiatus and fixes a total of eight security issues. [...]

SecurityWeek.png 2019-03-20 18:01:01 Man Pleads Guilty Over $100M BEC Scheme Targeting Google, Facebook (lien direct)

A 50-year-old Lithuanian citizen has pleaded guilty over his role in a business email compromise (BEC) scheme in which Google and Facebook employees were tricked into wiring a total of more than $100 million to bank accounts he controlled.

read more

TechWorm.png 2019-03-20 17:37:00 Call of Duty: Mobile, the free-to-play game, is coming to Android and iOS soon (lien direct)

Call of Duty Mobile trailer teases Blackout and Zombies Activision, the publisher behind the Call of Duty (COD) series – the popular first-person shooter video game franchise – is now bringing out a new free-to-play game for Android and iOS platforms. The announcement about the new game was made during the Unity Keynote at the […]

The post Call of Duty: Mobile, the free-to-play game, is coming to Android and iOS soon appeared first on TechWorm.

Kaspersky.png 2019-03-20 17:00:04 Fin7 Ramps Up Campaigns With Two Fresh Malware Samples (lien direct)

Despite the 2018 crackdown on Fin7, the cybercrime group has been ramping up its efforts with two new malware samples and an attack panel.

ZDNet.png 2019-03-20 17:00:00 Global threat group Fin7 returns with new SQLRat malware (lien direct)

Previously unseen malware and a new admin panel have been tied to the notorious group.

SecurityWeek.png 2019-03-20 16:34:02 Google Photos Flaw Allowed Hackers to Track Users (lien direct)

Google recently patched a vulnerability in its Photos service that could have been exploited via browser-based timing attacks to track users, Imperva revealed on Wednesday.

read more

bleepingcomputer.png 2019-03-20 16:31:01 Lithuanian Pleads Guilty to Stealing $100 Million From Google, Facebook (lien direct)

A Lithuanian man pleaded guilty to wire fraud, aggravated identity theft, and three counts of money laundering, and faces a maximum of 30 years in jail after tricking Google and Facebook employees into wiring over $100 million into bank accounts he controlled. [...]

SecurityWeek.png 2019-03-20 16:20:02 European Government Websites Are Delivering Tracking Cookies to Visitors (lien direct)

Governments within the European Union appear to be flouting their own GDPR laws. Many official government websites are harboring and delivering tracking cookies from the ad tech industry even though they don\'t rely on any advertising income. Eighty-nine percent of 184,683 pages delivered tracking cookies. Twenty-five of the 28 member states have websites with tracking cookies -- only the Spanish, German and Dutch sites had no trackers.

read more

TechRepublic.png 2019-03-20 16:06:04 4 reasons to offer interns full-time jobs, and 3 ways to make sure they want to accept (lien direct)

Extending a job offer to an intern can have a lot of benefits for your organization. If you want to retain new talent, there are several steps you should take now.

ZDNet.png 2019-03-20 16:01:04 Google bans VPN ads in China (lien direct)

Google cites "local legal restrictions" as the cause for its Chinese VPN ads ban.

SecurityWeek.png 2019-03-20 15:56:01 Norsk Hydro Restoring Systems, But Not Paying Ransom (lien direct)

Norwegian metals and energy giant Norsk Hydro is working on restoring systems after being hit by ransomware, but the company says it does not plan on paying the hackers.

read more

bleepingcomputer.png 2019-03-20 15:48:05 KB4493132 Update Notifies Windows 7 Users of End of Support Date (lien direct)

A new Windows 7 update called KB4493132 has been released and is used to display notifications that remind users that Windows 7 will reach its end of life starting on January 14th, 2020. These notifications contain a link that goes to a Microsoft page suggesting that users upgrade to Windows 10. [...]

TechRepublic.png 2019-03-20 15:35:05 Microsoft reanimates corpse of maligned Office Assistant "Clippy" to help Teams compete with Slack (lien direct)

The paperclip that everybody loves to hate is back as a sticker for Microsoft Teams, Redmond\'s answer to other collaboration giants.

globalsecuritymag.png 2019-03-20 15:34:05 Norks Hydro : commentaire de Kaspersky Lab (lien direct)

L\'un des plus grands producteurs d\'aluminium en Europe, le norvégien Norsk Hydro, a subi ce dimanche une cyberattaque de grande ampleur, probablement l\'Å“uvre du ransomware LockerGoga, déjà derrière l\'attaque d\'Altran de janvier dernier. De nombreuses usines sont passées en mode manuel tandis que le site et les applications internes de l\'entreprise sont tombés. " Le malware LockerGoga qui aurait prétendument chiffré les fichiers de Norsk Hydro est une famille relativement nouvelle de ransomware par cheval (...) - Malwares

WiredThreatLevel.png 2019-03-20 15:23:05 Apple AirPods 2019: Price, Specs, Release Date (lien direct)

The new AirPods have better battery life, come with a wireless charging option, and ship next week for $159.

no_ico.png 2019-03-20 15:17:04 UK Unprepared For Cyber Attacks Against CNI (lien direct)

It has been reported that according to the National Audit Office (NAO), the UK government has “failings” in the way it is planning to protect the UK’s critical infrastructure from cyber-attacks.The warning came in a National Audit Office (NAO) assessment of the UK’s national cyber-defence plan. The government is increasingly worried that these essential sectors will be targeted by foreign …

The ISBuzz Post: This Post UK Unprepared For Cyber Attacks Against CNI appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-03-20 15:12:05 The Youth Climate Strike as Seen by Teen Photographers (lien direct)

Two young photographers covered last week\'s global climate protests for WIRED: "There was this pride that we can do this by ourselves if we have to."

Kaspersky.png 2019-03-20 15:05:01 Uber Deployed \'Surfcam Spyware\' in Australia to Crush the Competition – Report (lien direct)

Until a report this week, Uber\'s Surfcam\'s use was thought to be limited to incidents uncovered in Singapore in 2017. For its part, Uber denies that it\'s a "spyware."

no_ico.png 2019-03-20 15:04:00 Payment Service Directive (PSD2) And Security (lien direct)

The Payment Services Directive (PSD2) will go into effect with some new rules in September of 2019 and could have some unexpected consequences according to a report from iovation and Aite Group. The report says the new, stricter requirements for fraud prevention, could push more fraud towards the US.  Ryan Wilk, VP of Customer Success at NuData …

The ISBuzz Post: This Post Payment Service Directive (PSD2) And Security appeared first on Information Security Buzz.

ESET.png 2019-03-20 15:00:03 Google hit with €1.49 billion antitrust fine by EU (lien direct)

>The third penalty that Europe has levied on the tech giant in less than two years brings the total to €8.25 billion

The post Google hit with €1.49 billion antitrust fine by EU appeared first on WeLiveSecurity

WiredThreatLevel.png 2019-03-20 15:00:00 Oculus Rift S VR Headset: Price, Specs, Release Date (lien direct)

The new $399 headset from the Facebook-owned company features some key improvements. But you still have to plug it into a computer.

MalwarebytesLabs.png 2019-03-20 15:00:00 Facebook\'s history betrays its privacy pivot (lien direct)
Facebook\'s self-proclaimed pivot to privacy faces a fierce opponent-Facebook\'s own history.

Categories:

Tags:

SecurityAffairs.png 2019-03-20 14:51:00 Putty users have to download a new release that fixes 8 flaws (lien direct)

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws The popular SSH client program PuTTY has released an important software update to address eight high-severity security vulnerabilities. PuTTY is one of the most popular open-source software that allows users to access computers over SSH, Telnet, and Rlogin network protocols. The popular SSH client program […]

The post Putty users have to download a new release that fixes 8 flaws appeared first on Security Affairs.

SecurityWeek.png 2019-03-20 14:26:05 Webinar Today: Managing Cyber Threats in the Era of Industry 4.0 (lien direct)

Presented by

read more

bleepingcomputer.png 2019-03-20 14:25:03 Windows 10 Insider Preview Build 18362 (19H1) Fixes Autoupdate of Apps (lien direct)

Microsoft has released Windows 10 Insider Preview Build 18362 (19H1) to Insiders in the Fast ring. This was released to offer a quick fix for a bug that was preventing the Microsoft Store from automatically updating installed apps. [...]

no_ico.png 2019-03-20 14:00:05 Top London Attractions Suffered Over 100 Million Attacks (lien direct)

Following the news that London\'s top tourist attractions, such as Kew Gardens and the Natural History Museum, have been hit by over 100 million cyber attacks in the past few years, please see a comment below from Jake Moore, cyber security specialist at ESET. Jake Moore, Cyber Security Specialist at ESET: “Hackers may assume that popular tourist attractions …

The ISBuzz Post: This Post Top London Attractions Suffered Over 100 Million Attacks appeared first on Information Security Buzz.

TechRepublic.png 2019-03-20 14:00:02 Vulnerability in SoftNAS Cloud allows attackers to bypass authentication (lien direct)

The vulnerability allows attackers to run arbitrary commands as root, which clearly undermines the security of the SoftNAS Cloud platform and data stored on it.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-03-26 04:01:32
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter