What's new arround internet

Src Date (GMT) Titre Description Tags Stories Notes
WiredThreatLevel.png 2019-05-21 23:31:01 Apple\'s MacBook Update, a Self-Driving Mail Truck, and More News (lien direct)

Catch up on the most important news from today in two minutes or less.

no_ico.png 2019-05-21 23:30:02 Adware Behaving Like Malware (lien direct)

Two Canadian Researchers from Concordia University in Montreal report that adware behaves like malware and should be classified as such. In a research paper*, the two reviewed Wajam, a software that injects ads into browser traffic and found that it uses techniques employed by malware for browser process injection attacks.    Expert Comments:   Mike Bittner, Associate Director …

The ISBuzz Post: This Post Adware Behaving Like Malware appeared first on Information Security Buzz.

BBC.png 2019-05-21 23:17:02 TalkTalk data breach customer details found online (lien direct)

Personal details for 4,545 TalkTalk customers stolen during a 2015 data breach are accessible online.

no_ico.png 2019-05-21 23:14:04 Cloud Security Alliance Study Identifies New And Unique Security Challenges In Native Cloud, Hybrid And Multi-cloud Environments (lien direct)

Holistic cloud visibility and control over increasingly complex environments are essential for successful deployments in various cloud scenarios    The Cloud Security Alliance (CSA), the world\'s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, and AlgoSec, the leading provider of business-driven network and cloud security management …

The ISBuzz Post: This Post Cloud Security Alliance Study Identifies New And Unique Security Challenges In Native Cloud, Hybrid And Multi-cloud Environments appeared first on Information Security Buzz.

WiredThreatLevel.png 2019-05-21 22:31:00 How Huawei Might Handle the Latest US Sanctions (lien direct)

The Trump administration barred US companies from doing business with Huawei, forcing the Chinese firm to find new chips and software for its products.

TechRepublic.png 2019-05-21 22:15:05 How to install Microsoft Visual Studio Code (VS Code) on Ubuntu (lien direct)

Microsoft\'s Visual Studio Code editor will now run on any Linux distribution that supports Snap. Follow these steps to install VS Code on Ubuntu.

no_ico.png 2019-05-21 21:30:03 Another WannaCry May Be Coming – Are You Ready? (lien direct)

The vulnerability is severe enough that Microsoft took a pretty unusual step in releasing updates for Windows XP and Server 2003 in addition to currently supported versions of Windows that are affected.    Unlike WannaCry, this threat is seen as extremely easy to exploit. It took a leaked NSA tool to exploit the WannaCry vulnerability, whereas the fear …

The ISBuzz Post: This Post Another WannaCry May Be Coming – Are You Ready? appeared first on Information Security Buzz.

bleepingcomputer.png 2019-05-21 21:29:03 New Zero-Day Exploit for Bug in Windows 10 Task Scheduler (lien direct)

Security researcher SandboxEscaper quietly dropped a new zero-day exploit for Windows operating system, a week after Microsoft\'s monthly cycle of security updates. [...]

ZDNet.png 2019-05-21 21:17:00 Google says it stored some G Suite passwords in unhashed form for 14 years (lien direct)

G Suite passwords were encrypted when stored on disk, so, at least, they weren\'t stored in plaintext.

WiredThreatLevel.png 2019-05-21 21:14:03 Google Has Stored Some Passwords in Plaintext Since 2005 (lien direct)

On the heels of embarrassing disclosures from Facebook and Twitter, Google reveals its own password bugs-one of which lasted 14 years.

SecurityAffairs.png 2019-05-21 21:10:02 Emsisoft released a free Decrypter for JSWorm 2.0 (lien direct)

Good news for the victims of the JSWorm 2.0 ransomware, thanks to experts at Emsisoft they can decrypt their file for free. Experts at Emsisoft malware research team released a decrypter for a recently discovered ransomware tracked as JSWorm 2.0. JSWorm 2.0 is written in C++ and implements Blowfish encryption. The first version of the […]

The post Emsisoft released a free Decrypter for JSWorm 2.0 appeared first on Security Affairs.

mcafee.png 2019-05-21 21:09:03 RDP Stands for “Really DO Patch!” – Understanding the Wormable RDP Vulnerability CVE-2019-0708 (lien direct)

During Microsoft\'s May Patch Tuesday cycle, a security advisory was released for a vulnerability in the Remote Desktop Protocol (RDP). What was unique in this particular patch cycle was that Microsoft produced a fix for Windows XP and several other operating systems, which have not been supported for security updates in years. So why the […]

The post RDP Stands for “Really DO Patch!” – Understanding the Wormable RDP Vulnerability CVE-2019-0708 appeared first on McAfee Blogs.

WiredThreatLevel.png 2019-05-21 21:02:00 Why a T-Mobile/Sprint Merger Would Be Bad for the Public (lien direct)

Opinion: FCC chair Ajit Pai says the deal is in the public interest. Except it would raise prices, reduce competition and innovation, and harm low-income Americans.

ArsTechnica.png 2019-05-21 20:50:02 Windows 10 May 2019 Update now rolling out to everyone… slowly (lien direct)

Unless you explicitly want it installed, you probably won\'t get this update.

no_ico.png 2019-05-21 20:30:01 Car Manufacturers Be Aware – Bluetooth Module Could Lead To Vehicle Shut Down By Hackers (lien direct)

According to new research uncovered by security specialists, Pen Test Partners, who were investigating the systems within Tesla vehicles, found that if hackers could attach an ELM327 Bluetooth module to the interface, they would have the ability to analyse the traffic and read CAN messages. If left in, a hacker could also potentially shut the car down.  Experts Comments:  Martin Jartelius, …

The ISBuzz Post: This Post Car Manufacturers Be Aware – Bluetooth Module Could Lead To Vehicle Shut Down By Hackers appeared first on Information Security Buzz.

ZDNet.png 2019-05-21 20:24:00 Fending off Zombieload attacks will crush your performance (lien direct)

To fully protect yourself from potential Zombieload attacks, vendors and early benchmarks show you\'ll face performance losses of up to 40%.

WiredThreatLevel.png 2019-05-21 20:08:05 As Social VR Grows, Users Are the Ones Building Its Worlds (lien direct)

Three years in, Rec Room has become a robust hub of user-generated content.

SecurityAffairs.png 2019-05-21 19:39:00 Group-IB blocked more than 180,000 links to pirated copies of Game of Thrones (lien direct)

Since April 2019, Group-IB has successfully blocked more than 43,000 links to pirated copies of the Game of Thrones Season 8 on pirate websites, forums, and social media As the Game of Thrones saga came to a close (no spoilers here), Group-IB has summed up the results of its anti-piracy campaign during Season 8 of […]

The post Group-IB blocked more than 180,000 links to pirated copies of Game of Thrones appeared first on Security Affairs.

bleepingcomputer.png 2019-05-21 19:06:00 Google Stored Unhashed G Suite Passwords for Over a Decade (lien direct)

Google missed a spot when securing passwords for some of its business customers, accidentally storing them in plain text for 14 years. [...]

no_ico.png 2019-05-21 18:38:05 Google Restricts Huawei\'s Access To Android Operating System (lien direct)

It has been reported that Google has suspended Huawei\'s access to updates of its Android operating system and chipmakers have reportedly cut off supplies to the Chinese telecoms company, complying with orders from the US government as it seeks to blacklist Huawei around the world. According to the story, Chipmakers such as Intel, Qualcomm, Xilinx, …

The ISBuzz Post: This Post Google Restricts Huawei’s Access To Android Operating System appeared first on Information Security Buzz.

no_ico.png 2019-05-21 18:35:05 Instagram – Unsecured Database Exposed (lien direct)

A massive database containing contact information of millions of Instagram influencers, celebrities and brand accounts has been found online. The database, hosted by Amazon Web Services, was left exposed and without a password allowing anyone to look inside. At the time of writing, the database had over 49 million records - but was growing by the hour. …

The ISBuzz Post: This Post Instagram – Unsecured Database Exposed appeared first on Information Security Buzz.

ZDNet.png 2019-05-21 18:21:05 First official version of Tor Browser for Android released on the Play Store (lien direct)

After eight months of alpha testing, Tor Browser for Android is now ready for rollout.

TechRepublic.png 2019-05-21 18:13:00 Capital One\'s Critical Stack platform aims to secure cloud migration and deployment (lien direct)

Capital One released Critical Stack, a Kubernetes container orchestration platform in an effort to cultivate a developer ecosystem.

bleepingcomputer.png 2019-05-21 17:41:04 Tor Browser 8.5 for Android Released On The Google Play Store (lien direct)

The stable version of Tor Browser for Android 8.5 has been released today on Google\'s Play Store, with built-in anti-tracking, fingerprinting blocking, and multi-layered encryption capabilities for censorship-circumvention. [...]

ZDNet.png 2019-05-21 17:34:00 Ohio school sends students home because of Trickbot malware infection (lien direct)

TrickBot infections impacted, PC fleet, phone and HVAC systems.

WiredThreatLevel.png 2019-05-21 17:13:04 Apple MacBook Pro 2019: Keyboard Fix, Price, Specs (lien direct)

Apple\'s flagship laptop line gets a speed bump.

bleepingcomputer.png 2019-05-21 17:01:01 JSWorm 2.0 Ransomware Decryptor Gets Your Files Back For Free (lien direct)

A decryptor for the JSWorm 2.0 Ransomware has been released by Emsisoft this week that allows victims to decrypt their files for free. If you become infected with JSWorm 2.0, do not pay the ransom and instead follow the instructions below. [...]

WiredThreatLevel.png 2019-05-21 16:36:04 What Tech Companies Pay Employees in 2019 (lien direct)

Marvel at the median income at Google and Facebook, but remember: Reducing the pay of tens of thousands of people to a single number has its shortcomings.

no_ico.png 2019-05-21 15:45:02 Blockchain Systems: Known Attack Vectors And Countermeasures (lien direct)

There is no bulletproof digital network, and blockchain doesn\'t stand out from the rest in this regard. However, the attacks targeting distributed ledgers differ from the ones used to compromise conventional computer networks. These exploitation scenarios rely on tampering with the process of achieving consensus to alter the data added to the ledger. 51% attack …

The ISBuzz Post: This Post Blockchain Systems: Known Attack Vectors And Countermeasures appeared first on Information Security Buzz.

bleepingcomputer.png 2019-05-21 15:44:04 Hackers Steal Payment Card Data Using Rogue Iframe Phishing (lien direct)

Cybercriminals have upgraded their credit card skimming scripts to use an iframe-based phishing system designed to phish for credit/debit card info from Magento-powered store customers on checkout. [...]

MalwarebytesLabs.png 2019-05-21 15:38:04 Skimmer acts as payment service provider via rogue iframe (lien direct) Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something\'s not right when they are redirected to the real (and external) payment form.

Categories:

Cybercrime Malware

Tags:

(Read more...)

The post Skimmer acts as payment service provider via rogue iframe appeared first on Malwarebytes Labs.

bleepingcomputer.png 2019-05-21 15:34:00 New Cumulative Updates for Windows 10 1809 and 1803 Released (lien direct)

Microsoft is rolling out new cumulative updates for Windows 10 October 2018 Update and April 2018 Update as it prepares to push May 2019 Update to more users. The focus of the latest cumulative update is on adding an option that would allow users to download and install the May 2019 Update. [...]

ESET.png 2019-05-21 15:33:03 Cybersecurity training and awareness: helpful resources for educators (lien direct)

Free resources for cybersecurity awareness and training are out there – links to many of them are provided here

no_ico.png 2019-05-21 15:30:00 Not Another GDPR Comment (lien direct)

Experts Comments:   Joseph Carson, Chief Security Scientist & Advisory CISO at Thycotic: The EU GDPR has been positive for the Information Security industry as it has forced many companies to re-evaluate their cybersecurity posture and better understand the type of personal information they have been collecting on EU citizens.    It means that companies who are regulated …

The ISBuzz Post: This Post Not Another GDPR Comment appeared first on Information Security Buzz.

TechRepublic.png 2019-05-21 15:30:00 How to improve cloud provider security: 4 tips (lien direct)

Many IT pros remain concerned with the risk of data loss and leakage in the cloud, according to a new survey from AlgoSec.

TechRepublic.png 2019-05-21 15:21:05 Your data, stolen twice: Pirated phishing kit contains hidden backdoor (lien direct)

A commercial phishing platform that targets Apple users has proven popular enough for other criminals to pirate, though the pirated version transmits harvested data through a hidden back channel.

TechRepublic.png 2019-05-21 15:18:05 Can automation reduce employee stress? (lien direct)

Nearly two-thirds of employees said technology has helped reduce stress in their jobs, according to a Verint report.

Kaspersky.png 2019-05-21 15:15:00 HCL Exposes Customer, Personnel Info in Wide-Ranging Data Leak (lien direct)

HCL domain pages exposed sensitive data - including passwords and project analysis reports - for thousands of employees and customers.

bleepingcomputer.png 2019-05-21 14:56:05 Cracked Phishing Kit 16Shop Lets One Thief Steal From Another (lien direct)

The cracked version of an advanced phishing kit targeting Apple users comes with a backdoor that allows its author to pilfer all the data from penny-pinching attackers. [...]

InfosecIsland.png 2019-05-21 14:48:00 BlackWater Campaign Linked to MuddyWater Cyberspies (lien direct)

A recently discovered campaign shows that the cyber-espionage group MuddyWater has updated tactics, techniques and procedures (TTPs) to evade detection, Talos\' security researchers report.

SecurityAffairs.png 2019-05-21 14:46:01 After latest Microsoft Windows updates some PCs running Sophos AV not boot (lien direct)

Sophos is warning users of potential problems with the recent Microsoft’s Patch Tuesday updates and is saying to roll back it if they want the PC to boot. The security firm has informed its customers of potential problems with the latest Microsoft’s Patch Tuesday updates and is asking them to uninstall the patch if they […]

The post After latest Microsoft Windows updates some PCs running Sophos AV not boot appeared first on Security Affairs.

itsecurityguru.png 2019-05-21 14:40:05 Gigamon Launches New Tool To Shine Light On Digital Apps Within the Enterprise. (lien direct)

Gigamon Application Intelligence provides visibility into complex digital apps, helping companies with their digital transformation A failure to transform digitally, and keep pace with the likes of Airbnb and Uber, has been cited as the main reason over half of the Fortune 500 companies have disappeared since 2000. But to successfully execute a digital transformation, […]

The post Gigamon Launches New Tool To Shine Light On Digital Apps Within the Enterprise. appeared first on IT Security Guru.

Kaspersky.png 2019-05-21 14:22:03 Millions of Golfers Land in Privacy Hazard After Cloud Misconfig (lien direct)

A database with millions of data points on games played plus sensitive information was left right in the middle of the internet fairway for all to see.

grahamcluley.png 2019-05-21 14:16:01 Mining cryptocurrency at work lands Australian civil servant in court (lien direct)

A 33-year-old man from Sydney, New South Wales, could be sentenced to up to 10 years in jail after allegedly hijacking computers at his workplace to mine cryptocurrency.

Read more in my article on the Hot for Security blog.

TechRepublic.png 2019-05-21 14:14:01 Massive DDoS attacks lasting more than an hour increased 487% in 2019 (lien direct)

After decreasing in 2018, the number of DDoS attacks jumped up in Q1 2019, according to Kaspersky Lab. Here\'s how to stay safe.

itsecurityguru.png 2019-05-21 14:03:05 A DDoS Storm Has Come: Number Of Attacks Grows After Long Period Of Decline. (lien direct)

In the first quarter of 2019, the number of DDoS attacks increased by 84%, compared with Q4 2018. In particular, there has been outstanding growth in the amount of attacks that lasted more than an hour, along with the average duration of such attacks. Figures from Kaspersky Lab\'s DDoS Q1 2019 report show that there […]

The post A DDoS Storm Has Come: Number Of Attacks Grows After Long Period Of Decline. appeared first on IT Security Guru.

WiredThreatLevel.png 2019-05-21 14:00:00 A Stunning Quest to Photograph Australia\'s 10 Deserts (lien direct)

Six down. Four to go.

WiredThreatLevel.png 2019-05-21 14:00:00 The Basic Physics of the Kilogram\'s Fancy New Definition (lien direct)

The kilogram is now based on energy changes in the quantum world rather than a physical object. Here\'s how that works.

Pirate.png 2019-05-21 13:59:01 Deux ans après Wannacry, les rançongiciels ciblent en priorité vos sauvegardes (lien direct)
Le rançongiciel est devenu en quelques années l\'un des acteurs principaux dans le paysage des cyberattaques. En 2017, les attaques rançongiciel ont même pris des proportions jamais vues jusqu\'alors.
TechRepublic.png 2019-05-21 13:57:01 How to stay cybersecure while traveling for business: 6 tips (lien direct)

More than 70% of business travelers have been at risk for cyberattacks, according to an IBM Security report.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21

Information mise à jours le: 2019-05-27 08:01:36
Voir la liste des sources.

Mon email:

Vous souhaitez ne rien manquer: Notre RSS (filtré) Twitter