www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2019-04-18T21:15:49+02:00 www.secnews.physaphae.fr Wired Threat Level - Security News Gadget Lab Podcast: What Happens to Uber After Its IPO? 2019-04-12T20:49:02+02:00 https://www.wired.com/story/gadget-lab-podcast-402 www.secnews.physaphae.fr/article.php?IdArticle=1093893 False None None None TechRepublic - Security News US 5 best password managers for Android 2019-04-12T19:53:02+02:00 https://www.techrepublic.com/article/5-best-password-managers-for-android/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093778 False None None None Security Affairs - Blog Secu Siemens addressed several DoS flaws in many products Siemens Patch Tuesday updates for April 2019 address several serious vulnerabilities, including some DoS flaws in many industrial products. Siemens has released Patch Tuesday updates that address several serious flaws including some DoS vulnerabilities. Siemens published six new advisories that cover a total of 11 vulnerabilities. One of the issues addressed by Siemens is a […]

The post Siemens addressed several DoS flaws in many products appeared first on Security Affairs.

]]
2019-04-12T19:43:00+02:00 https://securityaffairs.co/wordpress/83724/security/siemens-dos-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=1093793 False None None None
TechRepublic - Security News US Why Mac users need the PCalc app 2019-04-12T18:40:04+02:00 https://www.techrepublic.com/article/why-mac-users-need-the-pcalc-app/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093704 False None None None TechRepublic - Security News US How to create a custom search engine in Vivaldi 2019-04-12T18:01:03+02:00 https://www.techrepublic.com/article/how-to-create-a-custom-search-engine-in-vivaldi/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093705 False None None None Malwarebytes Labs - MalwarebytesLabs Fake Instagram assistance apps found on Google Play are stealing passwords We all want those Instagram likes and followers. But what if the app that\'s supposed to be assisting you is also stealing your username and password? As a matter of fact, that\'s exactly what we found in three fake Instagram assistance apps found on Google Play.

Categories:

Cybercrime Mobile

Tags:

(Read more...)

The post Fake Instagram assistance apps found on Google Play are stealing passwords appeared first on Malwarebytes Labs.

]]
2019-04-12T17:40:05+02:00 https://blog.malwarebytes.com/cybercrime/2019/04/instagram-password-stealing-apps-found-on-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=1093644 False None None None
TechRepublic - Security News US ​How STEM may help you win next year\'s March Madness office pool 2019-04-12T17:34:03+02:00 https://www.techrepublic.com/article/how-stem-may-help-you-win-next-years-march-madness-office-pool/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093584 False None None None Wired Threat Level - Security News \'Star Wars: The Rise of Skywalker\': Watch the Trailer Here 2019-04-12T17:30:01+02:00 https://www.wired.com/story/star-wars-rise-of-skywalker-trailer www.secnews.physaphae.fr/article.php?IdArticle=1093665 False None None None TechRepublic - Security News US Testing Verizon\'s new 5G network in Chicago 2019-04-12T17:22:04+02:00 https://www.techrepublic.com/article/testing-verizons-new-5g-network-in-chicago/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093585 False None None None Wired Threat Level - Security News The Julian Assange I Met in 2010 Doesn\'t Exist Anymore 2019-04-12T16:59:04+02:00 https://www.wired.com/story/the-julian-assange-i-met-in-2010-doesnt-exist-anymore www.secnews.physaphae.fr/article.php?IdArticle=1093666 False None None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe Romanian Duo Convicted of Malware Scheme Infecting 400,000 Computers 2019-04-12T16:56:02+02:00 https://threatpost.com/romanian-duo-convicted-of-malware-scheme-infecting-400000-computers/143745/ www.secnews.physaphae.fr/article.php?IdArticle=1093534 False None None None Bleeping Computer - Magazine Américain Windows is Slower After April 2019 Updates According to Users 2019-04-12T16:40:04+02:00 https://www.bleepingcomputer.com/news/microsoft/windows-is-slower-after-april-2019-updates-according-to-users/ www.secnews.physaphae.fr/article.php?IdArticle=1093851 False None None None TechRepublic - Security News US BlackMagic Design updates Davinci Resolve video editing software 2019-04-12T16:05:05+02:00 https://www.techrepublic.com/article/blackmagic-design-updates-davinci-resolve-video-editing-software/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093517 False None None None Wired Threat Level - Security News How to Watch the Star Wars Celebration Livestream 2019-04-12T15:54:05+02:00 https://www.wired.com/story/how-to-watch-star-wars-celebration www.secnews.physaphae.fr/article.php?IdArticle=1093461 False None None None The Last Watchdog - Blog Sécurité de Byron V Acohido Q&A: How cutting out buzzwords could actually ease implementation of powerful security tools 2019-04-12T15:46:03+02:00 https://www.lastwatchdog.com/qa-how-cutting-out-buzzwords-could-actually-ease-implementation-of-powerful-security-tools/ www.secnews.physaphae.fr/article.php?IdArticle=1093427 False None None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe North Korea\'s Hidden Cobra Strikes U.S. Targets with HOPLIGHT 2019-04-12T14:58:05+02:00 https://threatpost.com/north-koreas-hidden-cobra-strikes-u-s-targets-with-hoplight/143740/ www.secnews.physaphae.fr/article.php?IdArticle=1093322 False None None None Wired Threat Level - Security News Here\'s How Disney+ Will Take Over the World 2019-04-12T14:46:05+02:00 https://www.wired.com/story/disney-plus-domination www.secnews.physaphae.fr/article.php?IdArticle=1093393 False None None None TechRepublic - Security News US 4 customer experience improvements business owners want from their bank 2019-04-12T14:43:03+02:00 https://www.techrepublic.com/article/4-customer-experience-improvements-business-owners-want-from-their-bank/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093307 False None None None Hacking Articles - Blog de Raj Chandel Command and Control with DropboxC2 In this article, we will learn how to use DropboxC2 tool. It is also known as DBC2. Table of Content: Introduction Installation Getting Dropbox API Exploiting Target Sniffing Clipboard Capturing Screenshot Command Execution File Download Introduction                               DBC2 is primarily a tool... Continue reading

The post Command and Control with DropboxC2 appeared first on Hacking Articles.

]]
2019-04-12T14:26:01+02:00 https://www.hackingarticles.in/command-and-control-with-dropboxc2/ www.secnews.physaphae.fr/article.php?IdArticle=1093269 False None None None
UnderNews - Site de news "pirate" francais Ce que Jeff Bezos peut nous apprendre sur la Sécurité des données Plus tôt cette année, Jeff Bezos, le PDG d\'Amazon, a mobilisé l\'attention des médias lorsque certains de ses messages personnels ont été dévoilés publiquement. Certains ont suggéré que la fuite provenait d\'un de ces proches, et d\'autres ont affirmé que la manœuvre avait des motivations politiques et qu\'il s\'agissait d\'une sorte de vengeance personnelle. Bien que l\'attention des médias se soit concentrée sur pourquoi Jeff Bezos a été ciblé et par qui, ce qui devrait plutôt nous préoccuper à la fois à titre personnel et en tant que professionnels de la sécurité des données, nous inquiéter le plus, est comment sécuriser nos données en toute confiance.  ]] 2019-04-12T14:23:04+02:00 https://www.undernews.fr/reseau-securite/ce-que-jeff-bezos-peut-nous-apprendre-sur-la-securite-des-donnees.html www.secnews.physaphae.fr/article.php?IdArticle=1093334 False None None None Security Affairs - Blog Secu APT28 and Upcoming Elections: evidence of possible interference In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild, is it related to APT28 and upcoming elections? Introduction In mid-March, a suspicious Office document referencing the Ukraine elections appeared in the wild. This file was uncommon, it seemed carefully prepared and was speaking about who is leading in the elections […]

The post APT28 and Upcoming Elections: evidence of possible interference appeared first on Security Affairs.

]]
2019-04-12T14:14:05+02:00 https://securityaffairs.co/wordpress/83729/apt/apt28-upcoming-elections-interference.html www.secnews.physaphae.fr/article.php?IdArticle=1093282 False None None None
Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe WordPress Yellow Pencil Plugin Flaws Actively Exploited 2019-04-12T14:13:00+02:00 https://threatpost.com/wordpress-yellow-pencil-plugin-exploited/143729/ www.secnews.physaphae.fr/article.php?IdArticle=1093323 False None None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe ThreatList: Tax Scammers Launch a Raft of Fake Mobile Apps 2019-04-12T14:08:04+02:00 https://threatpost.com/threatlist-tax-scammers-launch-a-raft-of-fake-mobile-apps/143728/ www.secnews.physaphae.fr/article.php?IdArticle=1093324 False None None None Bleeping Computer - Magazine Américain Bill Introduced to Protect the Privacy Rights of Americans 2019-04-12T14:07:04+02:00 https://www.bleepingcomputer.com/news/security/bill-introduced-to-protect-the-privacy-rights-of-americans/ www.secnews.physaphae.fr/article.php?IdArticle=1093735 False None None None TechRepublic - Security News US Top 5 emerging risks businesses face 2019-04-12T14:00:01+02:00 https://www.techrepublic.com/article/top-5-emerging-risks-businesses-face/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093209 False None None None TechRepublic - Security News US How technology is changing the financial client/advisor relationship 2019-04-12T13:48:00+02:00 https://www.techrepublic.com/article/how-technology-is-changing-the-financial-clientadvisor-relationship/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093210 False None None None TechRepublic - Security News US Vulnerabilities discovered in industrial equipment increased 30% in 2018 2019-04-12T13:44:05+02:00 https://www.techrepublic.com/article/vulnerabilities-discovered-in-industrial-equipment-increased-30-in-2018/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1093211 False None None None Graham Cluley - Blog Security Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud Bayrob malware gang convicted of infecting over 400,000 computers worldwide, stealing millions through online auction fraud

A US court has convicted two Romanian hackers belonging to the Bayrob malware gang after they infected over 400,000 computers around the world, and stole millions of dollars.

Read more in my article on the Hot for Security blog.

]]
2019-04-12T13:39:01+02:00 https://hotforsecurity.bitdefender.com/blog/bayrob-malware-gang-convicted-of-infecting-over-400000-computers-worldwide-stealing-millions-through-online-auction-fraud-21066.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=1093225 False None None None
Bleeping Computer - Magazine Américain Malware Creates Cryptominer Botnet Using EternalBlue and Mimikatz 2019-04-12T13:10:04+02:00 https://www.bleepingcomputer.com/news/security/malware-creates-cryptominer-botnet-using-eternalblue-and-mimikatz/ www.secnews.physaphae.fr/article.php?IdArticle=1093629 False None None None We Live Security - Editeur Logiciel Antivirus ESET Hackers crack university defenses in just two hours More than 50 universities in the United Kingdom had their cyber-defenses tested by ethical hackers, and the \'grades\' aren\'t pretty

The post Hackers crack university defenses in just two hours appeared first on WeLiveSecurity

]]
2019-04-12T13:04:04+02:00 https://www.welivesecurity.com/2019/04/12/hackers-crack-university-cyberdefenses/ www.secnews.physaphae.fr/article.php?IdArticle=1093260 False None None None
Wired Threat Level - Security News \'Fortnite\' Now Has Reboot Vans to Respawn Your Dead Teammates 2019-04-12T13:00:00+02:00 https://www.wired.com/story/fortnite-reboot-vans www.secnews.physaphae.fr/article.php?IdArticle=1093142 False None None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Things I hearted this week 12th April 2019 Hello again to another weekly security roundup. This week, I have a slightly different spin on the roundup in that the net has been slightly widened to include broader technology topics from more than just this last week. However, all of the articles were written by ladies. With that, let’s dive straight in.

A beginner's guide to test automation

If you’re new to automated testing, you’re probably starting off with a lot of questions: How do I know which tests to automate? Why is automated testing useful for me and my team? How do I choose a tool or framework? The options for automated testing are wide open, and you may feel overwhelmed.

If so, this is a great article on how to get started.

All roads lead to exploratory testing

When I’m faced with something to test – be it a feature in a software application or a collection of features in a release, my general preference is weighted strongly towards exploratory testing. When someone who doesn’t know a great deal about testing wants me or my team to do testing for them, I would love to educate them on why exploratory testing could be a strong part of the test strategy.

While on the topic of testing

Single-page, server-side, static… say what?

An emoji-filled learning journey about the trade-offs of different website architectures, complete with gifs, diagrams, and demo apps.

If you’ve been hanging around the internet, trying to build websites and apps, you may have heard some words in conversation like static site or server-side rendered (SSR) or single-page app (SPA).

But what do all of these words mean? How does each type of application architecture differ? What are the tradeoffs of each approach and which one should you use when building your website?

If, like me you enjoyed this post by Marie, check out some of her other posts which are great. Quick plug to Protocol-andia: Welcome to the Networking Neighborhood. A whimsical introduction to how computers talk to each other, and what exactly your requests are up to.

Strengthen your security posture: start with a cybersecurity framework

The 2017 Equifax data breach is expected to break all previous records for data breach costs, with Larry Ponemon, chairman of the Ponemon Institute, estimating the final cost to be more than $600 million.

Even non-enterprise-level organizations suffer severe consequences for data breaches. According to the National Cyber Security Alliance, mid-market companies pay more than $1 million in post-attack mitigation, and the average cost of a data breach to an SMB is $117,000 per incident. While estimates vary, approximately 60% of businesses who suffer a breach are forced to shut down business within 6 months.

It is mor]] 2019-04-12T13:00:00+02:00 https://feeds.feedblitz.com/~/600760182/0/alienvault-blogs~Things-I-hearted-this-week-th-April www.secnews.physaphae.fr/article.php?IdArticle=1093204 False None None None Security Intelligence - Site de news Américain What Is the Role of SIEM in the Fusion Center Era? A fusion center uses a wider set of data sources, collects data from both inside and outside the organization, and delivers it to the right people to help them respond and recover more efficiently.

The post What Is the Role of SIEM in the Fusion Center Era? appeared first on Security Intelligence.

]] 2019-04-12T12:45:01+02:00 https://securityintelligence.com/what-is-the-role-of-siem-in-the-fusion-center-era/ www.secnews.physaphae.fr/article.php?IdArticle=1093187 False None None None TechRepublic - Security News US How IBM\'s expanding blockchain-based grocery store network will improve food safety 2019-04-12T12:44:01+02:00 https://www.techrepublic.com/article/how-ibms-expanding-blockchain-based-grocery-store-network-will-improve-food-safety/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092967 False None None None UnderNews - Site de news "pirate" francais Plusieurs médias français visés par une attaque de spear-phishing Le site d\'alertes Zataz a découvert et analysé une attaque de phishing très ciblé visant plusieurs médias français. Sébastien Gest, Tech Evangéliste de Vade Secure (Spécialiste français de la protection des boites e-mails contre les attaques de phishing, spear phishing, malwares, zero-day, protégeant 550 millions d\'emails dans 86 pays) réagit et invite les journalistes à utiliser le service d\'analyse des attaques de phishing en temps-réel (par marque).]] 2019-04-12T12:43:01+02:00 https://www.undernews.fr/reseau-securite/phishing-hoax/plusieurs-medias-francais-vises-par-une-attaque-de-spear-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=1093021 False None None None UnderNews - Site de news "pirate" francais Cybersécurité : les DPO au service de la protection des données N\'est-il pas temps de réaliser que les informaticiens et experts en cybersécurité pourraient être parfaitement adaptés au poste de DPO ?]] 2019-04-12T12:40:00+02:00 https://www.undernews.fr/reseau-securite/cybersecurite-les-dpo-au-service-de-la-protection-des-donnees.html www.secnews.physaphae.fr/article.php?IdArticle=1093022 False None None None UnderNews - Site de news "pirate" francais 3 risques de sécurité IT à gérer pour protéger les ressources des télétravailleurs sans impacter leur productivité teletravailUn marché de l\'emploi tendu, la globalisation de la technologie… de nombreux facteurs continuent d\'alimenter cette tendance qui veut que les effectifs soient plus mobiles, qu\'ils apprécient de travailler de chez eux et soient en demande de nouvelles solutions de cybersécurité. Selon le Gartner, " d\'ici à 2020, les entreprises qui adopteront la culture du \'libre choix des conditions de travail\' augmenteront leur taux de rétention des salariés de plus de 10%. "]] 2019-04-12T12:38:00+02:00 https://www.undernews.fr/reseau-securite/3-risques-de-securite-it-a-gerer-pour-proteger-les-ressources-des-teletravailleurs-sans-impacter-leur-productivite.html www.secnews.physaphae.fr/article.php?IdArticle=1093023 False None None None TechRepublic - Security News US The worst programming languages to learn in 2019 2019-04-12T12:23:00+02:00 https://www.techrepublic.com/article/the-worst-programming-languages-to-learn-in-2019/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092968 False None None None Security Intelligence - Site de news Américain What Happens When Malware Sneaks Into Reputable Hardware, Applications and App Stores? To avoid malware, always get hardware and software from authorized and reputable sources and vendors, right? But what happens when those same sources actually contain or deliver malicious payloads?

The post What Happens When Malware Sneaks Into Reputable Hardware, Applications and App Stores? appeared first on Security Intelligence.

]]
2019-04-12T12:00:02+02:00 https://securityintelligence.com/what-happens-when-malware-sneaks-into-reputable-hardware-applications-and-app-stores/ www.secnews.physaphae.fr/article.php?IdArticle=1093188 False None None None
Wired Threat Level - Security News Sony Xperia 10, Xperia 10 Plus Review: Cheap and Cinema-Wide 2019-04-12T12:00:00+02:00 https://www.wired.com/review/sony-xperia-10-and-xperia-10-plus www.secnews.physaphae.fr/article.php?IdArticle=1093143 False None None None Security Affairs - Blog Secu Emsisoft released a free decryptor for CryptoPokemon ransomware Good news for the victims of the CryptoPokemon ransomware, security experts at Emsisoft just released a free decrypter tool. Victims of the CryptoPokemon ransomware have a good reason to smile, security experts at Emsisoft have released a free decrypter tool. The ransomware was first discovered by experts at IntezerLabs, the CryptoPokemon ransomware is a new […]

The post Emsisoft released a free decryptor for CryptoPokemon ransomware appeared first on Security Affairs.

]]
2019-04-12T11:59:04+02:00 https://securityaffairs.co/wordpress/83715/malware/cryptopokemon-ransomare-decryptor.html www.secnews.physaphae.fr/article.php?IdArticle=1092957 False None None None
Graham Cluley - Blog Security Hear me speak about how to make a billion dollars through cybercrime Hear me speak about how to make a billion dollars through cybercrime

How did a cybercrime gang steal a billion dollars from banks and financial instituions.

Come to the talk I\'m giving in London, and find out.

]]
2019-04-12T11:55:05+02:00 https://www.grahamcluley.com/hear-me-speak-about-how-to-make-a-billion-dollars-through-cybercrime/ www.secnews.physaphae.fr/article.php?IdArticle=1093054 False None None None
ZD Net - Magazine Info US probe prompts Russia-linked Pamplona to sell stake in cybersecurity firm Cofense 2019-04-12T11:32:00+02:00 https://www.zdnet.com/article/us-probe-prompts-russia-linked-pamplona-to-give-up-stake-in-cybersecurity-firm-cofense/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093067 False None None None ZD Net - Magazine Info NoScript extension officially released for Google Chrome 2019-04-12T11:09:03+02:00 https://www.zdnet.com/article/noscript-extension-officially-released-for-google-chrome/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093068 False None None None Wired Threat Level - Security News Researchers Want to Link Your Genes and Income-Should They? 2019-04-12T11:00:00+02:00 https://www.wired.com/story/researchers-want-to-link-your-genes-and-incomeshould-they www.secnews.physaphae.fr/article.php?IdArticle=1093144 False None None None Wired Threat Level - Security News \'Game of Thrones\': What We Want-and Need-from Season 8 2019-04-12T11:00:00+02:00 https://www.wired.com/story/game-of-thrones-season-8-predictions www.secnews.physaphae.fr/article.php?IdArticle=1093146 False None None None Wired Threat Level - Security News When Black Horror Consumes Us 2019-04-12T11:00:00+02:00 https://www.wired.com/story/when-black-horror-consumes-us www.secnews.physaphae.fr/article.php?IdArticle=1093145 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russia Fines Facebook $47 Over Citizens\' Data Privacy Dispute In December last year, Russian Internet watchdog Roskomnadzor sent notifications to Twitter and Facebook asking them to provide information about the location of servers that]] 2019-04-12T10:54:02+02:00 https://thehackernews.com/2019/04/russia-data-localization.html www.secnews.physaphae.fr/article.php?IdArticle=1093602 False None None None Bleeping Computer - Magazine Américain Thousands of WordPress Sites Exposed by Yellow Pencil Plugin Flaw 2019-04-12T10:46:00+02:00 https://www.bleepingcomputer.com/news/security/thousands-of-wordpress-sites-exposed-by-yellow-pencil-plugin-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=1093353 False None None None Dark Reading - Informationweek Branch Cloudy with a Chance of Security Breach 2019-04-12T10:30:00+02:00 https://www.darkreading.com/cloud/cloudy-with-a-chance-of-security-breach-/a/d-id/1334354?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1093365 False None None None Security Affairs - Blog Secu VPN apps insecurely store session cookies in memory and log files At least four VPN apps sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC). Virtual private networks (VPNs) are affordable, easy to use, and a vital component in your system. Along with many security features, it ensure the user’s privacy and security. People use VPNs […]

The post VPN apps insecurely store session cookies in memory and log files appeared first on Security Affairs.

]]
2019-04-12T10:17:00+02:00 https://securityaffairs.co/wordpress/83711/digital-id/vpn-security-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=1092958 False None None None
Security Affairs - Blog Secu Zero-day in popular Yuzo Related Posts WordPress Plugin exploited in the wild According to experts a vulnerability in the popular WordPress plugin Yuzo Related Posts is exploited by attackers to redirect users to malicious sites. The XSS flaw allows attackers to inject a JavaScript into the sites that redirect visitors to websites displaying scams, including tech support scams, and sites promoting unwanted software. The Yuzo Related Posts […]

The post Zero-day in popular Yuzo Related Posts WordPress Plugin exploited in the wild appeared first on Security Affairs.

]]
2019-04-12T09:35:02+02:00 https://securityaffairs.co/wordpress/83704/breaking-news/yuzo-related-posts-0day.html www.secnews.physaphae.fr/article.php?IdArticle=1092959 False None None None
UnderNews - Site de news "pirate" francais De la fiction à la réalité, les stalkers se trouvent aussi sur Internet Un récente étude Ifop montre que plus de la moitié des Français (59 %) ont des comportements en ligne dangereux. Mots de passe identiques, utilisation de réseaux Wi-Fi publics, et connexions sur des appareils partagés, sont autant de risques pris quotidiennement, notamment par les plus jeunes.]] 2019-04-12T09:14:05+02:00 https://www.undernews.fr/reseau-securite/de-la-fiction-a-la-realite-les-stalkers-se-trouvent-aussi-sur-internet.html www.secnews.physaphae.fr/article.php?IdArticle=1093024 False None None None ZD Net - Magazine Info Internet Explorer zero-day lets hackers steal files from Windows PCs 2019-04-12T08:48:05+02:00 https://www.zdnet.com/article/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093069 False None None None ZD Net - Magazine Info Matrix.org hack forces servers offline, encrypted chat history lost 2019-04-12T08:44:00+02:00 https://www.zdnet.com/article/matrix-hack-forces-servers-offline-user-credentials-leaked/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093070 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Encrypted Messaging Project "Matrix" Suffers Extensive Cyber Attack ]] 2019-04-12T07:11:03+02:00 https://thehackernews.com/2019/04/encrypted-messenger-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=1093293 False None None None Security Affairs - Blog Secu VSDC video editing software website hacked again Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with malware. Users that have downloaded the VSDC multimedia editing software between 2019-02-21 and 2019-03-23, may have been infected with a banking trojan and an information stealer. VSDC is a popular, free video editing and converting app and […]

The post VSDC video editing software website hacked again appeared first on Security Affairs.

]]
2019-04-12T06:02:00+02:00 https://securityaffairs.co/wordpress/83692/hacking/vsdc-site-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=1092960 False None None None
Bleeping Computer - Magazine Américain Sextortion Scammers Change Tactics to Bypass Spam Protection 2019-04-12T03:21:00+02:00 https://www.bleepingcomputer.com/news/security/sextortion-scammers-change-tactics-to-bypass-spam-protection/ www.secnews.physaphae.fr/article.php?IdArticle=1093090 False None None None TechRepublic - Security News US How Victoria Police handled the Bourke Street incident on social media 2019-04-12T03:15:00+02:00 https://www.techrepublic.com/article/how-victoria-police-handled-the-bourke-street-incident-on-social-media/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092969 False None None None CSO - CSO Daily Dashboard What is Emotet? And how to guard against this persistent Trojan malware

Emotet is a banking Trojan that started out stealing information from individuals, like credit card details. It has been lurking around since 2014 and has evolved tremendously over the years, becoming major threat that infiltrates corporate networks and spreads other strains of malware.

The U.S. Department of Homeland Security published an alert on Emotet in July 2018, describing it as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans,” and warning that it\'s very difficult to combat, capable of evading typical signature-based detection, and determined to spread itself. The alert explains that “Emotet infections have cost SLTT (state, local, tribal, and territorial) governments up to $1 million per incident to remediate.”

To read this article in full, please click here

]]
2019-04-12T03:00:00+02:00 https://www.csoonline.com/article/3387146/what-is-emotet-and-how-to-guard-against-this-persistent-trojan-malware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1092944 False None None None
Wired Threat Level - Security News Ahead of IPO, Uber\'s Losing Less-but Growing Less, Too 2019-04-12T00:54:03+02:00 https://www.wired.com/story/ubers-losing-less-moneybut-growing-less-too www.secnews.physaphae.fr/article.php?IdArticle=1093147 False None None None Wired Threat Level - Security News SpaceX Lands All 3 Boosters of Its Falcon Heavy Rocket 2019-04-12T00:32:04+02:00 https://www.wired.com/story/spacex-lands-all-3-boosters-of-the-worlds-most-powerful-rocket www.secnews.physaphae.fr/article.php?IdArticle=1093148 False None None None Wired Threat Level - Security News Trump\'s Homeland Security Purge Worries Cybersecurity Experts 2019-04-12T00:21:05+02:00 https://www.wired.com/story/trump-homeland-security-purge-worries-cybersecurity-experts www.secnews.physaphae.fr/article.php?IdArticle=1093149 False None None None Wired Threat Level - Security News Julian Assange Arrested, Mastering *Jeopardy!*, and More News 2019-04-12T00:10:03+02:00 https://www.wired.com/story/tech-in-two-assange-arrested-jeopardy-record-boston-marathon www.secnews.physaphae.fr/article.php?IdArticle=1093150 False None None None ZD Net - Magazine Info Microsoft publishes SECCON framework for securing Windows 10 2019-04-11T23:38:05+02:00 https://www.zdnet.com/article/microsoft-publishes-seccon-framework-for-securing-windows-10/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093071 False None None None Wired Threat Level - Security News How To Make Your Amazon Echo and Google Home as Private as Possible 2019-04-11T22:27:03+02:00 https://www.wired.com/story/alexa-google-assistant-echo-smart-speaker-privacy-controls www.secnews.physaphae.fr/article.php?IdArticle=1093151 False None None None ZD Net - Magazine Info Some enterprise VPN apps store authentication/session cookies insecurely 2019-04-11T21:18:05+02:00 https://www.zdnet.com/article/some-enterprise-vpn-apps-store-authentication-session-cookies-insecurely/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093072 False None None None Wired Threat Level - Security News Amazon Employees Try a New Form of Activism, as Shareholders 2019-04-11T20:53:02+02:00 https://www.wired.com/story/amazon-employees-try-new-activism-shareholders www.secnews.physaphae.fr/article.php?IdArticle=1093152 False None None None Errata Security - Errata Security Assange indicted for breaking a password

According to the US DoJ\'s press release:
Julian P. Assange, 47, the founder of WikiLeaks, was arrested today in the United Kingdom pursuant to the U.S./UK Extradition Treaty, in connection with a federal charge of conspiracy to commit computer intrusion for agreeing to break a password to a classified U.S. government computer.
The full indictment is here.

It seems the indictment is based on already public information that came out during Manning\'s trial, namely this log of chats between Assange and Manning, specifically this section where Assange appears to agree to break a password:


What this says is that Manning hacked a DoD computer and found the hash "80c11049faebf441d524fb3c4cd5351c" and asked Assange to crack it. Assange appears to agree.

So what is a "hash", what can Assange do with it, and how did Manning grab it?

Computers store passwords in an encrypted (sic) form called a "one way hash". Since it\'s "one way", it can never be decrypted. However, each time you log into a computer, it again performs the one way hash on what you typed in, and compares it with the stored version to see if they match. Thus, a computer can verify you\'ve entered the right password, without knowing the password itself, or storing it in a form hackers can easily grab. Hackers can only steal the encrypted form, the hash.

When they get the hash, while it can\'t be decrypted, hackers can keep guessing passwords, performing the one way algorithm on them, and see if they match. With an average desktop computer, they can test a billion guesses per second. This may seem like a lot, but if you\'ve chosen a sufficiently long and complex password (more than 12 characters with letters, numbers, and punctuation), then hackers can\'t guess them.

It\'s unclear what format this password is in, whether "NT" or "NTLM". Using my notebook computer, I could attempt to crack the NT format using the hashcat password crack with the following command:

hashcat -m 3000 -a 3 80c11049faebf441d524fb3c4cd5351c ?a?a?a?a?a?a?a

As this image shows, it\'ll take about 22 hours on my laptop to crack this. However, this doesn\'t succeed, so it seems that this isn\'t in the NT format. Unlike other password formats, the "NT" format can only be 7 characters in length, so we can completely crack it.

Wired Threat Level - Security News A \'Herculean\' Study of Scott and Mark Kelly Asks: Are Humans Fit for Space? 2019-04-11T20:11:05+02:00 https://www.wired.com/story/are-humans-fit-for-space-a-herculean-study-says-maybe-not www.secnews.physaphae.fr/article.php?IdArticle=1093153 False None None None Security Affairs - Blog Secu FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT According to a joint report published by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North Korea-linked Lazarus APT group is using a new Trojan in attacks. According to a joint report issued by the United States Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI), North […]

The post FBI/DHS MAR report details HOPLIGHT Trojan used by Hidden Cobra APT appeared first on Security Affairs.

]] 2019-04-11T19:58:01+02:00 https://securityaffairs.co/wordpress/83686/apt/hoplight-trojan-hidden-cobra.html www.secnews.physaphae.fr/article.php?IdArticle=1092961 False None None None Bleeping Computer - Magazine Américain Hacked Uniden Commercial Site Serves Emotet Trojan 2019-04-11T19:45:02+02:00 https://www.bleepingcomputer.com/news/security/hacked-uniden-commercial-site-serves-emotet-trojan/ www.secnews.physaphae.fr/article.php?IdArticle=1093091 False None None None Dark Reading - Informationweek Branch New \'HOPLIGHT\' Malware Appears in Latest North Korean Attacks, Say DHS, FBI 2019-04-11T19:45:00+02:00 https://www.darkreading.com/threat-intelligence/new-hoplight-malware-appears-in-latest-north-korean-attacks-say-dhs-fbi/d/d-id/1334406?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1093101 False None None None ZD Net - Magazine Info Online security 101: How to protect your privacy from hackers, spies, and the government 2019-04-11T19:10:00+02:00 https://www.zdnet.com/article/online-security-101-how-to-protect-your-privacy-from-hackers-spies-and-the-government/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093073 False None None None The Last Watchdog - Blog Sécurité de Byron V Acohido NEW TECH: Critical Start delivers managed security services with \'radical transparency\' 2019-04-11T18:56:05+02:00 https://www.lastwatchdog.com/new-tech-critical-start-delivers-managed-security-services-with-radical-transparency/ www.secnews.physaphae.fr/article.php?IdArticle=1092936 False None None None Checkpoint - Fabricant Materiel Securite Check Point Partners with Google\'s Cloud Identity to Improve Zero Trust Cloud Access With enterprises migrating to the cloud, the traditional network perimeter concept is fading. A new approach is needed to ensure more secure access to cloud resources.   by Ran Schwartz, Product Manager, Threat Prevention, published April 11th, 2019   The way we do business has undergone a seismic transformation thanks to the cloud. Few other…

The post Check Point Partners with Google\'s Cloud Identity to Improve Zero Trust Cloud Access appeared first on Check Point Software Blog.

]]
2019-04-11T18:56:02+02:00 http://blog.checkpoint.com/2019/04/11/check-point-partners-with-googles-cloud-identity-to-improve-zero-trust-cloud-access/ www.secnews.physaphae.fr/article.php?IdArticle=1093001 False None None None
TechRepublic - Security News US Wi-Fi 6 (802.11ax): A cheat sheet 2019-04-11T18:41:00+02:00 https://www.techrepublic.com/article/wi-fi-6-802-11ax-a-cheat-sheet/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092970 False None None None InformationSecurityBuzzNews - Site de News Securite Hacker Breached Minnesota State Agency E-mail, Placing Data Of 11,000 At Risk This was reported by local Minneapolis news yesterday afternoon:    A data breach last year at the Minnesota agency that oversees the state’s health and welfare programs may have exposed the personal information of approximately 11,000 individuals. The state Department of Human Services (DHS) notified lawmakers Tuesday that an employee’s e-mail account was compromised as a result …

The ISBuzz Post: This Post Hacker Breached Minnesota State Agency E-mail, Placing Data Of 11,000 At Risk appeared first on Information Security Buzz.

]]
2019-04-11T18:30:05+02:00 https://www.informationsecuritybuzz.com/expert-comments/hacker-breached-minnesota-state-agency-e-mail-placing-data-of-11000-at-risk/ www.secnews.physaphae.fr/article.php?IdArticle=1093132 False None None None
Wired Threat Level - Security News Lasers Highlight Ketamine\'s Depression-Fighting Secrets 2019-04-11T18:00:00+02:00 https://www.wired.com/story/lasers-highlight-ketamines-depression-fighting-secrets www.secnews.physaphae.fr/article.php?IdArticle=1093155 False None None None Dark Reading - Informationweek Branch Tax Hacks: How Seasonal Scams Cause Yearlong Problems 2019-04-11T17:45:00+02:00 https://www.darkreading.com/vulnerabilities---threats/tax-hacks-how-seasonal-scams-cause-yearlong-problems/d/d-id/1334408?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1093102 False None None None TechRepublic - Security News US How to block SSH attacks on Linux with denyhosts 2019-04-11T17:32:04+02:00 https://www.techrepublic.com/article/how-to-block-ssh-attacks-on-linux-with-denyhosts/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092971 False None None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe WordPress Urges Users to Uninstall Yuzo Plugin After Flaw Exploited 2019-04-11T17:19:04+02:00 https://threatpost.com/wordpress-urges-users-to-uninstall-yuzo-plugin-after-flaw-exploited/143710/ www.secnews.physaphae.fr/article.php?IdArticle=1093011 False None None None ZD Net - Magazine Info Emotet hijacks email conversation threads to insert links to malware 2019-04-11T17:16:00+02:00 https://www.zdnet.com/article/emotet-hijacks-email-conversation-threads-to-insert-links-to-malware/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1093074 False None None None The Security Ledger - Blog Sécurité Spotlight Podcast: Fixing Supply Chain Hacks with Strong Device Identities Supply chain hacks like ME Docs and ASUS aren\'t inevitable. In this Spotlight Podcast, sponsored by Trusted Computing Group, I speak with Dennis Mattoon, a Principal Researcher at Microsoft Research and the Chairman of the Trusted Computing Group\'s DICE Architectures Working Group* about how strong device identities for IoT endpoints can stop...

Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/600730472/0/thesecurityledger -->»

]]
2019-04-11T17:10:02+02:00 https://feeds.feedblitz.com/~/600730472/0/thesecurityledger~Spotlight-Podcast-Fixing-Supply-Chain-Hacks-with-Strong-Device-Identities/ www.secnews.physaphae.fr/article.php?IdArticle=1093115 False None None None
Malwarebytes Labs - MalwarebytesLabs What is personal information? In legal terms, it depends What exactly is the "personal information" that companies need to legally protect? Learn which data points organizations need to secure, from Social Security numbers to olfactory, smell-based data (!), to comply with the law.

Categories:

Privacy Security world

Tags:

(Read more...)

The post What is personal information? In legal terms, it depends appeared first on Malwarebytes Labs.

]]
2019-04-11T17:03:00+02:00 https://blog.malwarebytes.com/security-world/2019/04/what-is-personal-information-in-legal-terms-it-depends/ www.secnews.physaphae.fr/article.php?IdArticle=1093181 False None None None
InformationSecurityBuzzNews - Site de News Securite DHS And FBI Issue Advisory On North Korean HOPLIGHT Malware It has been reported that the U.S. Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued a joint malware analysis report (MAR) on a new Trojan dubbed HOPLIGHT, used by the North-Korean APT group Lazarus. According to the MAR AR19-100A advisory published on the US-CERT website, the new Trojan was detected while tracking …

The ISBuzz Post: This Post DHS And FBI Issue Advisory On North Korean HOPLIGHT Malware appeared first on Information Security Buzz.

]]
2019-04-11T17:00:04+02:00 https://www.informationsecuritybuzz.com/expert-comments/dhs-and-fbi-issue-advisory-on-north-korean-hoplight-malware/ www.secnews.physaphae.fr/article.php?IdArticle=1093133 False None None None
TechRepublic - Security News US Will automated databases kill the DBA position? 2019-04-11T16:49:05+02:00 https://www.techrepublic.com/article/will-automated-databases-kill-the-dba-position/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092972 False None None None SecureMac - Security focused on MAC Checklist 133: Hello, Turkmenistan! On this week\'s Checklist by SecureMac: More enterprise certificate abuse, Threats to put CEOs in the poker and A layer of certification for Mac apps.

The post Checklist 133: Hello, Turkmenistan! appeared first on SecureMac.

]]
2019-04-11T16:40:03+02:00 https://www.securemac.com/news/checklist-133-hello-turkmenistan www.secnews.physaphae.fr/article.php?IdArticle=1093040 False None None None
Bleeping Computer - Magazine Américain Mozilla Firefox For ARM64 Beta Now Available 2019-04-11T16:30:05+02:00 https://www.bleepingcomputer.com/news/software/mozilla-firefox-for-arm64-beta-now-available/ www.secnews.physaphae.fr/article.php?IdArticle=1093092 False None None None InformationSecurityBuzzNews - Site de News Securite Home Office Breach #2 The Home Office has apologised for another data breach caused by an “administrative error” – accidentally sending an email that contained personal data of EU citizens seeking settled status in the UK. It’s reported that the sender failed to use the “blind CC” box on the email.    This is the second breach reported by the Home Office this …

The ISBuzz Post: This Post Home Office Breach #2 appeared first on Information Security Buzz.

]]
2019-04-11T16:15:05+02:00 https://www.informationsecuritybuzz.com/expert-comments/home-office-breach-2/ www.secnews.physaphae.fr/article.php?IdArticle=1093134 False None None None
Krebs on Security - Chercheur Américain Android 7.0+ Phones Can Now Double as Google Security Keys 2019-04-11T16:14:05+02:00 https://krebsonsecurity.com/2019/04/android-7-0-phones-can-now-double-as-google-security-keys/ www.secnews.physaphae.fr/article.php?IdArticle=1093122 False None None None Wired Threat Level - Security News Breaking Down the Julian Assange Hacking Case 2019-04-11T16:11:03+02:00 https://www.wired.com/story/julian-assange-arrest-indictment-hacking-cfaa www.secnews.physaphae.fr/article.php?IdArticle=1093156 False None None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe SAS 2019: Fake News Peddlers Adopt Clever New Trick to Fool Facebook, Twitter 2019-04-11T16:05:04+02:00 https://threatpost.com/sas-2019-fake-news-peddlers-adopt-clever-new-trick-to-fool-facebook-twitter/143701/ www.secnews.physaphae.fr/article.php?IdArticle=1093012 False None None None Security Affairs - Blog Secu WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy WikiLeaks founder Julian Assange has been arrested at the Ecuadorian Embassy in London. after Ecuador withdrew asylum after seven years. Seven years ago, WikiLeaks founder Julian Assange took refuge in the embassy to avoid extradition to Sweden over a sexual assault case. In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to […]

The post WikiLeaks Founder Julian Assange arrested and charged in US with computer hacking conspiracy appeared first on Security Affairs.

]]
2019-04-11T16:04:00+02:00 https://securityaffairs.co/wordpress/83671/hacktivism/julian-assange-arrested.html www.secnews.physaphae.fr/article.php?IdArticle=1092962 False None None None
Wired Threat Level - Security News \'Hellboy\' Could Get \'Shazam!\'-ed at the Box Office 2019-04-11T16:00:05+02:00 https://www.wired.com/story/hellboy-shazam-box-office www.secnews.physaphae.fr/article.php?IdArticle=1093157 False None None None TechRepublic - Security News US How the merger of two data giants will benefit the social sector 2019-04-11T15:56:01+02:00 https://www.techrepublic.com/article/how-the-merger-of-two-data-giants-will-benefit-the-social-sector/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092973 False None None None TechRepublic - Security News US 8 things that should be on every CIO\'s to-do list 2019-04-11T15:50:00+02:00 https://www.techrepublic.com/article/8-things-that-should-be-on-every-cios-to-do-list/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092974 False None None None TechRepublic - Security News US 5 myths about prescriptive analytics 2019-04-11T15:50:00+02:00 https://www.techrepublic.com/article/5-myths-about-prescriptive-analytics/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092975 False None None None InformationSecurityBuzzNews - Site de News Securite House Endorsement Of Net Neutrality Only Symbolic Legislation to restore the Federal Communications Commission’s net neutrality rules passed a big hurdle Wednesday as the House of Representatives approved the bill in a 232 to 190 vote. No Democrats voted against the bill. Representative Bill Posey of Florida was the only Republican to vote in favor of it.  However, it\'s far from becoming law, and faces long odds. If …

The ISBuzz Post: This Post House Endorsement Of Net Neutrality Only Symbolic appeared first on Information Security Buzz.

]]
2019-04-11T15:30:00+02:00 https://www.informationsecuritybuzz.com/expert-comments/house-endorsement-of-net-neutrality-only-symbolic/ www.secnews.physaphae.fr/article.php?IdArticle=1093135 False None None None
TechRepublic - Security News US Japanese mobile operators will spend $14.4 billion on 5G networks by 2024 2019-04-11T15:26:02+02:00 https://www.techrepublic.com/article/japanese-mobile-operators-will-spend-14-4-billion-on-5g-networks-by-2024/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1092976 False None None None