This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T02:10:54+00:00 www.secnews.physaphae.fr Network World - Magazine Info ImageTragick is the name given by the security community to a critical vulnerability that was found in the ImageMagick image processing tool back in May.ImageMagick is a command-line tool that can resize, convert and optimize images in many formats. Web server libraries like PHP's imagick, Ruby's rmagick and paperclip, and Node.js's imagemagick, used by millions of websites, are based on it.To read this article in full or to leave a comment, please click here]]> 2017-01-18T12:06:27+00:00 http://www.networkworld.com/article/3158911/security/failure-to-patch-known-imagemagick-flaw-for-months-costs-facebook-40k.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294593 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-18T11:22:21+00:00 http://www.networkworld.com/article/3158837/robots/modern-warfare-death-dealing-drones-and-illegal-parking.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294606 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-18T11:06:00+00:00 http://www.networkworld.com/article/3159106/security/3-tips-to-improve-threat-detection-and-incident-response.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294607 False None None None Network World - Magazine Info survey released this morning.For example, having a tech investment that leads to a security breach was considered a fireable offense by 39 percent of organizations, according to Osterman Research, which conducted the survey.A data breach that becomes public was a fireable offense for 38 percent of companies.Other fireable offenses included failing to modernize a security program, data breaches with unknown causes, data breaches that do not become public, and the failure of a security product or program investment.To read this article in full or to leave a comment, please click here]]> 2017-01-18T10:17:00+00:00 http://www.networkworld.com/article/3158907/security/how-to-get-fired-in-2017-have-a-security-breach.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294608 False Guideline None None Network World - Magazine Info Facebook page late Tuesday. Zakharova's post came in response to a column by Michael Morell, the former deputy director of the U.S. CIA, who said Russia can return Snowden to the U.S. as a "perfect inauguration gift" to President-elect Donald Trump.To read this article in full or to leave a comment, please click here]]> 2017-01-18T10:00:42+00:00 http://www.networkworld.com/article/3158894/security/snowden-allowed-to-stay-in-russia-longer.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294609 False None None None Network World - Magazine Info Cancer Services of East Central Indiana-Little Red Door, an independent, non-profit agency based in Muncie, Indiana, became a victim of a ransomware attack a week ago. This is an organization whose goals include helping to “reduce the financial and emotional burdens of those dealing with a cancer diagnosis.”The attackers did not leave the traditional ransom demand note, oh no, but chose to personally reach out to the agency's executive director, president and vice president to make the extortion demands clear. This makes it seem more like a targeted attack and less of one that was a result of opportunity. It was also at least the second time that week that attackers attempted to ransom sensitive patient information.To read this article in full or to leave a comment, please click here]]> 2017-01-18T09:06:00+00:00 http://www.networkworld.com/article/3158832/security/cyber-scum-suckers-hit-cancer-agency-with-ransomware-threaten-to-contact-families.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294610 False None None None Network World - Magazine Info will unravel next month that aims to simulate the spread and evolution of online information.+More on Network World: DARPA: Show us how to weaponize benign technologies+To read this article in full or to leave a comment, please click here]]> 2017-01-18T08:35:00+00:00 http://www.networkworld.com/article/3158707/security/darpa-wants-to-simulate-how-social-media-spreads-info-like-wildfire.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294611 False None None None Network World - Magazine Info cripple industrial output. Today, attacks against Internet of Things (IoT) infrastructure causes even broader disruptions-without bombs.The danger is real. The U.S. Department of Homeland Security (DHS) recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.” The report explains why security has to be a combined effort.To read this article in full or to leave a comment, please click here]]> 2017-01-18T08:19:00+00:00 http://www.networkworld.com/article/3157907/security/iot-security-principles-from-homeland-security.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294612 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-18T08:04:32+00:00 http://www.networkworld.com/article/3159108/security/oracle-patches-raft-of-vulnerabilities-in-business-applications.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294613 False None None None Network World - Magazine Info Image by Les ChatfieldWhat is risk management? Any time you have something of value (like a corporate network, a website, or a mobile application), there will be risk to manage in order to protect it. As organizations innovate and change the way they use technology, the risks change too. Traditional approaches and controls are no longer good enough. Caroline Wong, vice president of security strategy at Cobalt, provides a fewtips for managing risk in today's modern business environment.To read this article in full or to leave a comment, please click here]]> 2017-01-18T05:43:00+00:00 http://www.networkworld.com/article/3158848/security/tips-on-where-to-start-in-managing-risk.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294303 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-18T05:42:00+00:00 http://www.networkworld.com/article/3158847/lan-wan/howand-whyyou-should-use-a-vpn-any-time-you-hop-on-the-internet.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294304 False None None None Network World - Magazine Info eliminate passwords has been ongoing, and growing, for close to a decade. There are even some declarations that this might be the year, or at least ought to be the year, that it happens.Don't hold your breath. Brett McDowell, executive director of the FIDO (Fast IDentity Online) Alliance, is as passionate an advocate of eliminating passwords as anyone. He says that day is coming, given the creation of a, “new generation of authentication technology” largely based on biometrics, and a “massive collaboration among hundreds of companies” to define standards for that technology.To read this article in full or to leave a comment, please click here]]> 2017-01-18T05:35:00+00:00 http://www.networkworld.com/article/3158906/security/passwords-a-long-goodbye.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=294305 False None None None Network World - Magazine Info was commuted by U.S. President Barack Obama raising questions whether Assange would keep his part of a deal he proposed online, and agree to extradition to the U.S.To read this article in full or to leave a comment, please click here]]> 2017-01-17T20:25:30+00:00 http://www.networkworld.com/article/3158887/internet/wikileaks-assange-confident-of-winning-any-fair-trial-in-the-us.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293860 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T16:11:51+00:00 http://www.networkworld.com/article/3158789/security/can-a-ddos-attack-on-whitehousegov-be-a-valid-protest.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293861 False None None None Network World - Magazine Info condemnation from U.S. officials.   To read this article in full or to leave a comment, please click here]]> 2017-01-17T15:46:18+00:00 http://www.networkworld.com/article/3158668/government/obama-commutes-sentence-for-manning-a-wikileaks-source.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293862 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T13:38:00+00:00 http://www.networkworld.com/article/3158450/mobile-wireless/7-really-cool-network-and-it-research-projects.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293863 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T11:58:00+00:00 http://www.networkworld.com/article/3158565/security/think-employers-must-protect-workers-personal-info-think-again.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293876 False None None None Network World - Magazine Info A new study performed by cybersecurity firm Fallible on 16,000 Android applications revealed that about 2,500 had some type of secret credential hard-coded into them. The apps were scanned with an online tool released by the company in November.Hard-coding access keys for third-party services into apps can be justified when the access they provide is limited in scope. However, in some cases, developers include keys that unlock access to sensitive data or systems that can be abused.To read this article in full or to leave a comment, please click here]]> 2017-01-17T10:10:44+00:00 http://www.networkworld.com/article/3158223/security/sensitive-access-tokens-and-keys-found-in-hundreds-of-android-apps.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293877 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T09:31:10+00:00 http://www.networkworld.com/article/3157763/security/terrorists-are-winning-the-digital-arms-race-experts-say.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293878 False None None None Network World - Magazine Info worst passwords, but this list of passwords comes from Keeper Security. The company analyzed over 10 million passwords available on the public web before publishing a list of 25 most common passwords of 2016.Keeper pointed a finger of blame at websites for not enforcing password best practices. Even if a site won't help you determine if a password is decent, then people could use common sense. It's disheartening to know that 17 percent of people still try to safeguard their accounts with “123456.” And “password” is, of course, still on the list, as well as keyboard patterns such as “qwerty” and “123456789”.To read this article in full or to leave a comment, please click here]]> 2017-01-17T07:49:00+00:00 http://www.networkworld.com/article/3158213/security/25-most-common-passwords-in-2016-and-how-quickly-they-can-be-cracked.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293879 False None None None Network World - Magazine Info Image by ThinkstockWhile organizations always want to find threats as quickly as possible, that ideal is far from being met. On average, dwell times last months and give cyber criminals all the time they need to peruse a network and extract valuable information that can impact a company, its customers and its employees.To read this article in full or to leave a comment, please click here]]> 2017-01-17T07:14:00+00:00 http://www.networkworld.com/article/3157761/security/when-real-time-threat-detection-is-essential.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293880 False None None None Network World - Magazine Info paying the ransom can't save you if you're running Linux.)To read this article in full or to leave a comment, please click here]]> 2017-01-17T07:05:00+00:00 http://www.networkworld.com/article/3158433/linux/why-malware-should-be-a-concern-for-all-linux-users-and-what-to-do-about-it.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293881 False None None None Network World - Magazine Info Computerworld's Facebook page.]"I agree 110% that we need to strengthen the workforce" of cybersecurity professionals, McCaul said during a meeting with reporters at the National Press Club.To read this article in full or to leave a comment, please click here]]> 2017-01-17T07:03:00+00:00 http://www.networkworld.com/article/3158472/security/the-war-for-cybersecurity-talent-hits-the-hill.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293882 False Guideline None None Network World - Magazine Info Anomali. These forums offer items ranging from physical world items like drugs and weapons to digital world items such as spam/phishing delivery, exploit kit services, "Crypters", "Binders", custom malware development, zero-day exploits, and bulletproof hosting.To read this article in full or to leave a comment, please click here]]> 2017-01-17T07:02:00+00:00 http://www.networkworld.com/article/3157701/security/the-unseemly-world-of-darkweb-marketplaces.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293883 True None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T06:54:00+00:00 http://www.networkworld.com/article/3158471/security/how-to-handle-security-vulnerability-reports.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293884 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T06:52:00+00:00 http://www.networkworld.com/article/3158470/security/tackling-cybersecurity-threat-information-sharing-challenges.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293885 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-17T06:07:00+00:00 http://www.networkworld.com/article/3157762/security/endpoint-security-in-2017.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293886 False None None None Network World - Magazine Info Dome9 Security, a cloud infrastructure security and compliance vendor, announced today that it is offering native support for the Microsoft Azure cloud platform.This is interesting because until now, Dome9 had strongly pushed an Amazon Web Services (AWS) story. The reasons for that are clear: AWS is the 1,000-pound elephant when it comes to cloud infrastructure, greatly eclipsing all other vendors in terms of market share. But reliance on a single vendor is risky, and the number of third-party vendors at AWS' recent re:Invent conference that looked uncomfortable at AWS announcements shows the folly of being completely tied to one platform.To read this article in full or to leave a comment, please click here]]> 2017-01-17T05:00:00+00:00 http://www.networkworld.com/article/3156929/security/dome9-offers-multi-cloud-security-adds-native-support-for-azure.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293475 False None None None Network World - Magazine Info Gartner. If we pair all this new Internet of Things (IoT) data with artificial intelligence (AI) and machine learning, there's scope to turn the tide in the fight against cybercriminals.To read this article in full or to leave a comment, please click here]]> 2017-01-17T04:00:00+00:00 http://www.networkworld.com/article/3157310/security/fighting-cybercrime-using-iot-and-ai-based-automation.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293476 False None None None Network World - Magazine Info sharing some account information of users with Facebook and its companies, including the mobile phone numbers they verified when they registered with WhatsApp. The sharing of information will enable users to see better friend suggestions and more relevant ads on Facebook, it added.To read this article in full or to leave a comment, please click here]]> 2017-01-16T23:53:20+00:00 http://www.networkworld.com/article/3158198/internet/indian-privacy-case-against-whatsapp-gains-momentum.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=293323 False None None None Network World - Magazine Info billions of downloads to Android smartphones. Chinese internet companies such as Baidu, Tencent and a host of smaller, shadier local app stores have been feeding the demand, at a time when Google has largely pulled out of the market.To read this article in full or to leave a comment, please click here]]> 2017-01-16T14:05:00+00:00 http://www.networkworld.com/article/3158110/security/china-tightens-control-over-app-stores.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=292492 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-16T09:52:00+00:00 http://www.networkworld.com/article/3158185/security/critical-flaw-lets-hackers-take-control-of-samsung-smartcam-cameras.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=292493 False None None None Network World - Magazine Info U.S. Customs and Border Protection (CBP) agency has revoked its November 2016 finding that Arista's redesigned products don't infringe a key Cisco patent -- as a result Cisco called on Arista to stop importing those products and recall others sold with redesigned software. The finding is the latest round in a high-stakes battle between Cisco and Arista over patents and copyrights that has been going on since 2014. In the summer of 2016 the US Trade Representative began an import ban as well as a cease and desist order covering Arista products imposed by the International Trade Commission in June where it ruled that Arista had infringed on a number of Cisco's technology patents.To read this article in full or to leave a comment, please click here]]> 2017-01-16T07:48:00+00:00 http://www.networkworld.com/article/3158107/lan-wan/cisco-calls-on-arista-to-stop-selling-products-in-us-after-agency-reverses-patent-finding.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=292494 False None None None Network World - Magazine Info Image by GSXOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Bill of ITImage by apptioTo read this article in full or to leave a comment, please click here]]> 2017-01-16T03:14:00+00:00 http://www.networkworld.com/article/3157419/mobile-wireless/new-products-of-the-week-1-16-17.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=292226 True None None None Network World - Magazine Info Slashdot in hopes of receiving legal advice after the point of sale system the MMJ used was hacked.Denver-based MJ Freeway, a medical marijuana “seed-to-sale” tracking software company experienced a “service interruption” – that turned out to be a hack – a week ago on January 8. The hack of the point-of-sale system left more than 1,000 retail cannabis clients in 23 states unable to track sales and inventories. Without a way to keep records in order to comply with state regulations, some dispensaries shut down, while others reverted to tracking sales via pen and paper.To read this article in full or to leave a comment, please click here]]> 2017-01-15T10:02:00+00:00 http://www.networkworld.com/article/3157747/security/pot-dispensary-it-director-asks-for-help-after-tracking-system-software-was-hacked.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291769 False None None None Network World - Magazine Info Democratic National Committee breach proved. Encrypting data is the best defense.Strong encryption of complex data structures requires a Key Management System (KMS). But implementing a KMS can be challenging, especially for enterprises below the security poverty line that don't have the budget to hire a multidisciplinary security team. Google may have a solution with its Cloud Key Management Service (CKMS) now in beta in select countries.  To read this article in full or to leave a comment, please click here]]> 2017-01-13T13:48:00+00:00 http://www.networkworld.com/article/3157830/security/google-cloud-key-management-service-could-help-more-enterprises-encrypt-data.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291770 False None None None Network World - Magazine Info McKinsey estimates that cyber attacks will cost the global economy $3 trillion in lost productivity and growth by 2020, while theft, sabotage and other damage inflicted by trusted insider personnel continue to cost organizations in lost revenues, revealed secrets and damaged reputations.To read this article in full or to leave a comment, please click here]]> 2017-01-13T08:06:00+00:00 http://www.networkworld.com/article/3157444/security/3-security-analytics-approaches-that-dont-work-but-could-part-1.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291771 False None None None Network World - Magazine Info fight with the FBI over unlocking the San Bernardino shooter's iPhone, WhatsApp took a huge step toward protecting its users' privacy by moving to encrypt all messages and calls being sent between its apps.But a new report suggests it might not be as secure as users think. According to The Guardian, a serious vulnerability in WhatApp's encryption could allow Facebook to intercept and read messages unbeknownst to the recipient, and only aware of by the sender if they have previously opted in to receive encryption warnings. The security flaw, which was discovered by Tobias Boelter, a cryptography and security researcher at the University of California, Berkeley, can “effectively grant access (to users' messages)” by changing the security keys and resending messages.To read this article in full or to leave a comment, please click here]]> 2017-01-13T08:05:00+00:00 http://www.networkworld.com/article/3157771/security/whatsapp-vulnerability-could-expose-messages-to-prying-eyes-report-claims.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291772 False None None None Network World - Magazine Info here to subscribe.  In February 2016, quick service restaurant The Wendy's Company reported unusual payment card activity affecting some of its franchise restaurants. The breach was confirmed in May when the company revealed it had found evidence of malware on the affected stores' point-of-sale systems. Additional malicious activity was later reported in June.In a statement from the CEO, the company says it believes the cyberattacks resulted from service providers' remote access credentials being compromised, allowing access – and the ability to deploy malware – to some franchisees' point-of-sale systems.To read this article in full or to leave a comment, please click here]]> 2017-01-13T08:01:00+00:00 http://www.networkworld.com/article/3157692/security/small-businesses-are-prime-targets-for-cyber-attacks-siem-as-a-service-can-help.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291785 False None None None Network World - Magazine Info appeared on the official support forums on Thursday from a user who was running a test deployment accessible from the internet.To read this article in full or to leave a comment, please click here]]> 2017-01-13T07:25:26+00:00 http://www.networkworld.com/article/3157414/security/after-mongodb-ransomware-groups-hit-exposed-elasticsearch-clusters.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291786 False None None None Network World - Magazine Info dumped hacking tools for routers and firewall products that they claimed came from the Equation Group, a top cyberespionage team that some suspect works for the NSA.To read this article in full or to leave a comment, please click here]]> 2017-01-12T20:17:07+00:00 http://www.networkworld.com/article/3157362/security/suspected-nsa-tool-hackers-dump-more-cyberweapons-in-farewell.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291025 False None None None Network World - Magazine Info blog post. “I have totally no relation to the Russian government.”Make of that what you will.According to U.S. intelligence agencies, Guccifer 2.0 is actually a front for Kremlin-backed cyberspies.“It's obvious that the intelligence agencies are deliberately falsifying evidence,” said a message on the Guccifer 2.0 blog.To read this article in full or to leave a comment, please click here]]> 2017-01-12T17:34:42+00:00 http://www.networkworld.com/article/3157525/security/guccifer-20-alleged-russian-cyberspy-returns-to-deride-us.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291026 False None None None Network World - Magazine Info biggest, and highest-profile, hacking of institutional and corporate accounts ever reported in Italy.The siblings have been planting the Pyramid Eye remote access Trojan on computers using a spear-phishing technique over the course of years, according to the arrest order.They attacked no fewer than 18,000 high-profile targets including former Prime Ministers Matteo Renzi and Mario Monti, President of European Central Bank Mario Draghi, as well as employees and heads of various ministries including Internal Affairs, Treasury, Finance, and Education.To read this article in full or to leave a comment, please click here]]> 2017-01-12T14:36:56+00:00 http://www.networkworld.com/article/3157220/security/siblings-arrested-in-italys-worst-cyberespionage-operation-ever.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291027 False None None None Network World - Magazine Info 2017-01-12T12:59:00+00:00 http://www.networkworld.com/video/73216/security-sessions-will-security-budgets-go-up-in-2017#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291040 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-12T12:41:00+00:00 http://www.networkworld.com/article/3157215/security/thoughts-on-incident-response-automation-and-orchestration.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291028 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-12T10:36:22+00:00 http://www.networkworld.com/article/3157094/security/godaddy-revokes-nearly-9-000-ssl-certificates-issued-without-proper-validation.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291042 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-12T10:23:00+00:00 http://www.networkworld.com/article/3157082/malware-cybercrime/trump-s-dhs-pick-urges-more-coordination-on-cyberthreats.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291043 False None None None Network World - Magazine Info called on Congress to reverse its mid-2015 decision to rein in the phone metadata collection program run by the National Security Agency, a sister agency to the CIA that focuses on signals intelligence.To read this article in full or to leave a comment, please click here]]> 2017-01-12T10:21:00+00:00 http://www.networkworld.com/article/3156979/security/trumps-cia-nominee-grilled-on-his-advocacy-of-surveillance-database.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291044 False None None None Network World - Magazine Info Fox and Friends.To read this article in full or to leave a comment, please click here]]> 2017-01-12T08:46:00+00:00 http://www.networkworld.com/article/3157368/security/rudy-giuliani-to-coordinate-regular-cybersecurity-meetings-between-trump-tech-leaders.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291045 False Guideline None None Network World - Magazine Info a California child pornography case involving Best Buy's Geek Squad.In that case, Geeks working on a customer laptop found a pornographic picture and turned it over to the FBI, which paid them $500 and prosecuted the owner of the machine.Now the Geeks in question are in hot water because the arrangement with the FBI violates the corporate policies of Best Buy, which runs Geek Squad.To read this article in full or to leave a comment, please click here]]> 2017-01-12T08:35:00+00:00 http://www.networkworld.com/article/3157367/security/lessons-for-corporate-it-from-geek-squad-legal-case.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291046 False None None None Network World - Magazine Info read recent reviews) from over 140 reviewers.  See it now on Amazon.To read this article in full or to leave a comment, please click here]]> 2017-01-12T07:33:00+00:00 http://www.networkworld.com/article/3157079/input-keyboards/43-off-microsoft-wireless-desktop-900-keyboard-and-mouse-bundle-deal-alert.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291047 False None None None Network World - Magazine Info Nyotron today launched its cybersecurity product in the U.S. Nothing too exciting about that, but the history of the company's founder might pique your interest.Nir Gaist is the sort of over-achiever that one either worries hugely about or admires greatly (or probably both in equal measure). Nyotron's CEO and founder, Gaist started programing at the age of six. (Which leads me to ask, what took him so long?) In 2008, he and his brother Ofer Gaist, now COO, started Nyotron as a penetration testing company. Before founding the company, and as a departure from his buddies who were probably playing Candy Crush or something, Nir hacked an Israeli service provider, which was so impressed with his skills it ended up hiring him. From there, he went on to test telephone systems, online banking protocols, ATMs and more for the largest banks in Israel. To read this article in full or to leave a comment, please click here]]> 2017-01-12T06:00:00+00:00 http://www.networkworld.com/article/3155381/security/nyotron-launches-to-secure-the-world-simple-eh.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=291048 False Guideline None None Network World - Magazine Info Radware's recently released Global Application & Security survey, the bank detected and mitigated the teaser flood attack before officials discovered the email, which had been sent to an unattended mailbox while the company was closed. With a hybrid DDoS mitigation solution in place, the flood attack had no impact and was immediately diverted to a scrubbing center for cleanup.To read this article in full or to leave a comment, please click here]]> 2017-01-12T05:50:00+00:00 http://www.networkworld.com/article/3157093/security/south-african-bank-tells-its-tale-of-battling-ransom-attacks.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290645 False None None None Network World - Magazine Info Image by ThinkstockA recent IBM study found that the average cost of a data breach has hit $4 million-up from $3.8 million in 2015. There are countless factors that could affect the cost of a data breach in your organization, and it's virtually impossible to predict the exact cost. You might be able to estimate a range with the help of a data breach calculator, but no single tool is perfect.To read this article in full or to leave a comment, please click here]]> 2017-01-12T05:46:00+00:00 http://www.networkworld.com/article/3157000/security/how-much-is-a-data-breach-going-to-cost-you.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290646 False None None None Network World - Magazine Info press conference.Trump made the statement as he said Russia, China and other parties continue to launch cyber attacks against the U.S. In recent weeks, he's also been confronting claims that the Kremlin used hacks and online propaganda in a covert campaign to tilt the election in his favor.To read this article in full or to leave a comment, please click here]]> 2017-01-11T18:00:34+00:00 http://www.networkworld.com/article/3157070/security/trumps-push-for-cyber-defense-is-sorely-needed-experts-say.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290125 False None None None Network World - Magazine Info the 35-page document is substantiated, it is detailed, and at least some of it is considered credible enough by U.S. intelligence agencies for them to have briefed Trump and President Barack Obama on it.According to the documents prepared by a former British spy, a “cyber operative” for the Russian Federal Security Service (FSB) told him that Telegram no longer posed an issue for the government. “His/her understanding was that the FSB now successfully had cracked this communication software and therefore it was no longer secure to use,” the document says.To read this article in full or to leave a comment, please click here]]> 2017-01-11T14:52:00+00:00 http://www.networkworld.com/article/3157026/security/trump-docs-claim-russia-has-cracked-telegram-messaging-service.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290126 False None None None Network World - Magazine Info F5 Networks.Applications are becoming core to the digital economy, and organizations are increasingly turning to application services to keep them humming. In its third annual State of Application Delivery report, F5 Networks found that the average number of app services used by organizations increased from 11 in 2016 to 14 today. Sangeeta Anand, senior vice president of product management and marketing at F5 Networks, adds that the average organization plans to deploy 17 app services in the next 12 months.To read this article in full or to leave a comment, please click here]]> 2017-01-11T13:19:00+00:00 http://www.networkworld.com/article/3156785/security/security-tops-app-services-priority-list.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290127 False None None None Network World - Magazine Info Ed Schipul U.S. Rep. Michael McCaul (R-Texas)To read this article in full or to leave a comment, please click here]]> 2017-01-11T13:18:00+00:00 http://www.networkworld.com/article/3156543/security/dhs-should-have-a-cybersecurity-unit-says-panel-chairman.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290128 False None None None Network World - Magazine Info a post to Reddit piqued my interest this afternoon because it was in that site's section devoted to system administration and those people know a bug when they encounter one.The Redditor elaborates: “I found a bug in my ASA today. Eth 0/2 was totally unusable and seemed 'blocked.' These Cisco bugs are really getting out of hand. I'm just glad I didn't open this port up to the web.”Scare quotes around blocked? Gratuitous mention of the web. I smelled a ruse before even opening the first of three pictures.No. 1, labeled “checking layer 1:”To read this article in full or to leave a comment, please click here]]> 2017-01-11T11:18:00+00:00 http://www.networkworld.com/article/3156807/data-center/found-a-nasty-bug-in-my-cisco-asa-this-morning.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290141 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-11T10:14:15+00:00 http://www.networkworld.com/article/3156603/security/professionally-designed-ransomware-spora-might-be-the-next-big-thing.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290142 False None None None Network World - Magazine Info Build 15002 was recently uncovered by Windows Central that appears to be a complementary feature to Windows Hello, the biometric login system that automatically unlocks your PC when you sit in front of it.Dubbed Dynamic Lock, this newly discovered feature is designed to automatically lock down your computer when Windows detects that you're away. It's not clear if the feature is working yet and Microsoft has yet to discuss it publicly. For that reason it's unknown what Dynamic Lock actually does. Though Windows Central says Microsoft's internal name for the feature is “Windows Goodbye,” which indeed suggests a close relationship with Windows Hello.To read this article in full or to leave a comment, please click here]]> 2017-01-11T10:12:00+00:00 http://www.networkworld.com/article/3156849/windows/your-windows-10-pc-may-soon-lock-itself-when-you-walk-away.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290143 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-11T09:36:42+00:00 http://www.networkworld.com/article/3156766/security/trump-it-was-probably-russia-that-hacked-the-dnc-clinton-campaign.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290144 False None None None Network World - Magazine Info The CSO password management survival guide + You're not alone. Security fatigue is a bug the majority of us have. A NIST study recently reported that most people don't do the right thing when it comes to cybersecurity because they are too lazy, too hurried, or not convinced that they are a target for cybercrime.To read this article in full or to leave a comment, please click here]]> 2017-01-11T08:59:00+00:00 http://www.networkworld.com/article/3155939/security/security-fatigueor-how-i-learned-to-overcome-laziness-and-use-a-password-manager.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290145 False None None None Network World - Magazine Info announced a successful test of 103 Perdix drones. Granted, the drones are not a beautiful product of nature like starlings, but the swarm does act like a “collective organism” that shares a single brain for decision making.To read this article in full or to leave a comment, please click here]]> 2017-01-11T07:40:00+00:00 http://www.networkworld.com/article/3156594/security/pentagon-tested-worlds-largest-swarm-of-autonomous-micro-drones.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290146 False None None None Network World - Magazine Info "Why you shouldn't trust Geek Squad ever again," which in turn was inspired by an Orange County Weekly article that claimed the FBI was paying Geek Squad staffers a $500 reward for any incriminating evidence they find in a device brought in for repair.To read this article in full or to leave a comment, please click here]]> 2017-01-11T07:28:00+00:00 http://www.networkworld.com/article/3156765/security/best-buy-responds-to-geek-squad-snooping-case.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290147 False None None None Network World - Magazine Info We've cobbled together a slew of things for the geeky among you to do on Jan. 13 -- Friday the 13th that isth. And we suggest you do it up because you won't get another chance until Oct. 13, 2017.Don't miss the day!Mobile apps exist solely for the purpose of reminding you when Friday the 13th is coming up. Pocketkai's free iOS app will remind you of the one to three Friday the 13ths coming up each year for the next 50 years. The Bogeyman's Android app will do likewise, for the next 10 Friday the 13ths.To read this article in full or to leave a comment, please click here]]> 2017-01-11T07:23:00+00:00 http://www.networkworld.com/article/2883154/software/geeky-ways-to-celebrate-friday-the-13th.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290148 False None None None Network World - Magazine Info The weirdest, wackiest and coolest sci/tech stories of 2016+ The agency's Secure Handhelds on Assured Resilient networks at the tactical Edge (SHARE) program will “secure tactical mobile handheld devices to support distributed multilevel information sharing without the need for reaching back to large-scale fixed infrastructure, create new networks based on resilient and secure architectures that work in challenging environments, and develop software that rapidly configures security across the network,” DARPA says.To read this article in full or to leave a comment, please click here]]> 2017-01-11T07:10:00+00:00 http://www.networkworld.com/article/3156746/security/darpa-developing-secure-data-sharing-wireless-technology.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290149 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-11T06:41:00+00:00 http://www.networkworld.com/article/3156660/security/how-white-hat-hackers-do-bad-things-for-good-reasons.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290150 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-11T06:38:00+00:00 http://www.networkworld.com/article/3156659/security/ibm-watson-fda-to-explore-blockchain-for-secure-patient-data-exchange.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290151 False None None None Network World - Magazine Info Rakesh Loonkar Rakesh LoonkarTo read this article in full or to leave a comment, please click here]]> 2017-01-11T06:30:00+00:00 http://www.networkworld.com/article/3156764/security/as-authentication-options-blossom-startup-tries-to-simplify-deployment-maintain-flexibility.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290152 False None None None Network World - Magazine Info drain virtually all publicly exposed MongoDB servers of their data, and now a second tier of opportunistic thieves is trying to walk off with the ransom.When attackers initially deleted the data, sometimes terabytes at a time, they left ransom notes demanding payments in bitcoin.+ ALSO ON NETWORK WORLD Be careful not to fall for these ransomware situations +To read this article in full or to leave a comment, please click here]]> 2017-01-11T06:07:00+00:00 http://www.networkworld.com/article/3156630/security/no-honor-among-thieves-crooks-seeking-ransom-for-mongodb-data-someone-else-stole.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=290153 False None None None Network World - Magazine Info published by BuzzFeed, quotes an unnamed "Source E," described as an ethnic Russian and close associate of Trump, as acknowledging that the Russian regime had been behind the leak of e-mail messages originating from the Democratic National Committee (DNC) to the WikiLeaks whistleblowing site. The Trump team in return agreed to "sideline Russian intervention in Ukraine as a campaign issue,” and raise certain issues that would deflect attention from Ukraine.To read this article in full or to leave a comment, please click here]]> 2017-01-10T23:55:05+00:00 http://www.networkworld.com/article/3156649/security/trump-allegedly-backed-compromise-of-dnc-emails-say-leaked-docs.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289653 False None None None Network World - Magazine Info to CNN, the allegation was presented to Trump last week in a meeting with U.S. intelligence chiefs to discuss claims of Russia's role in sponsoring hacks that influenced last year's election. Trump had questioned Russia's role in the hacking of the Democratic National Committee before the meeting, but afterwards changed his tune and conceded Russia could have played a role.To read this article in full or to leave a comment, please click here]]> 2017-01-10T16:36:00+00:00 http://www.networkworld.com/article/3156549/security/us-intel-report-russia-allegedly-obtained-compromising-info-on-trump.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289256 False None None None Network World - Magazine Info fixes 13 vulnerabilities, 12 that can lead to remote code execution and one that allows attackers to bypass a security restriction and disclose information. Adobe is not aware of any exploit for these flaws existing in the wild.Users are advised to upgrade to Flash Player version 24.0.0.194 on Windows, Mac and Linux. The Flash Player plug-in bundled with Google Chrome, Microsoft Edge and Internet Explorer will be automatically upgraded through those browsers' respective update mechanisms.To read this article in full or to leave a comment, please click here]]> 2017-01-10T14:22:52+00:00 http://www.networkworld.com/article/3156584/security/adobe-patches-critical-flaws-in-flash-player-reader-and-acrobat.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289257 False Guideline None None Network World - Magazine Info ordering a covert campaign that helped boost incoming President Donald Trump's election chances.To read this article in full or to leave a comment, please click here]]> 2017-01-10T13:36:00+00:00 http://www.networkworld.com/article/3156505/security/us-intel-russia-hacked-republican-groups-during-election.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289258 False None None None Network World - Magazine Info the one for Microsoft Office and Office Services and Web Apps. It covers a memory corruption vulnerability that can be exploited by tricking users to open specially crafted files and can lead to remote code execution.To read this article in full or to leave a comment, please click here]]> 2017-01-10T12:53:10+00:00 http://www.networkworld.com/article/3156035/security/microsoft-releases-one-of-its-smallest-monthly-security-patch-bundles.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289259 False Guideline None None Network World - Magazine Info security bulletins, half are of which are rated as critical for remote code execution flaws. In reality, only three of those are for Windows systems!This is the lightest load I can recall Microsoft handing us. It almost feels like this surely can't be right, but hey – you didn't want to work hard today anyhow, did you?CriticalMS17-002 resolves a remote code execution flaw in Microsoft Office. Microsoft Word 2016 32-bit and 64-bit editions and Microsoft SharePoint Enterprise Server 2016 are listed as the only affected software versions. The RCE bug is a result of Office software failing to properly handle objects in memory. If an attacker successfully exploited the flaw, and the user had admin rights, the attacker could take control of the box.To read this article in full or to leave a comment, please click here]]> 2017-01-10T10:54:00+00:00 http://www.networkworld.com/article/3155922/security/microsoft-releases-only-4-security-bulletins-2-critical-on-first-2017-patch-tuesday.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289272 False None None None Network World - Magazine Info family of destructive programs known as disk wipers. Similar tools were used in 2014 against Sony Pictures Entertainment in the U.S. and in 2013 against several banks and broadcasting organizations in South Korea.Shamoon was first observed during the 2012 cyberattack against Saudi Aramco. It spreads to other computers on a local network by using stolen credentials and activates its disk-wiping functionality on a preconfigured date.To read this article in full or to leave a comment, please click here]]> 2017-01-10T09:22:14+00:00 http://www.networkworld.com/article/3156175/security/disk-wiping-malware-shamoon-targets-virtual-desktop-infrastructure.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289273 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-10T07:57:00+00:00 http://www.networkworld.com/article/3156306/security/fortinet-embraces-cisco-hpe-nokia.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289274 False None None None Network World - Magazine Info filing Monday that it will shed almost everything that makes it Yahoo, including its name, when its deal with Verizon closes.  If you're a Yahoo shareholder, you might notice the difference, but for Yahoo users, the consequences of Monday's filing are minimal.  Yahoo the company has two major assets: a worldwide network of internet portals, and a 15 percent stake in Chinese internet giant Alibaba worth many times that. When a plan to sell off the Alibaba stake ran into tax complications, the company pivoted, instead striking a deal to sell its portals, its brand -- almost everything but the Alibaba stake, in fact -- to Verizon.To read this article in full or to leave a comment, please click here]]> 2017-01-10T07:27:00+00:00 http://www.networkworld.com/article/3156287/internet/mayer-not-so-much-leaving-yahoo-as-taking-it-with-her.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289275 False None Yahoo None Network World - Magazine Info The Orange County Weekly reports that the company's repair technicians routinely search devices brought in for repair for files that could earn them $500 reward as FBI informants. To read this article in full or to leave a comment, please click here]]> 2017-01-10T07:08:00+00:00 http://www.networkworld.com/article/3156029/computers/why-you-shouldnt-trust-geek-squad-ever-again.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=289276 False None None None Network World - Magazine Info intelligence report tracing Russia's cyber-meddling with the 2016 presidential election is a timely reminder of the cybersecurity risks that the government and private companies face, said Tom Ridge, the nation's first secretary of Homeland Security."President-elect Trump is entering into a world fraught with hazards as never before," Ridge said in a telephone interview on Monday. "Russia is a reminder that cyberattacks are a permanent risk to individuals and countries and companies, and you must do all you can to understand the risk. It's a reminder of how serious and permanent the risk is. The risk continues to get deeper."To read this article in full or to leave a comment, please click here]]> 2017-01-10T05:53:00+00:00 http://www.networkworld.com/article/3156189/security/former-dhs-head-urges-trump-to-see-economic-dangers-from-cyberattacks.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288915 False None None None Network World - Magazine Info Investments in artificial intelligence (A.I.) and robotics will surge, displacing workers. And a more connected world will increase -- not reduce -- differences, increasing nationalism and populism, according to a new government intelligence assessment prepared just in time for President-elect Donald Trump's administration.The "Global Trends" report, unveiled Monday, is produced every four years by the National Intelligence Council. It is released just before the inauguration of a new or returning president. The council is tasked with helping to shape U.S. strategic thinking.To read this article in full or to leave a comment, please click here]]> 2017-01-10T05:51:00+00:00 http://www.networkworld.com/article/3156139/techology-business/how-us-intelligence-agencies-envision-the-world-in-2035.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288916 False None None None Network World - Magazine Info allegedly tried to breach the digital defenses of human-rights activist Ahmed Mansoor on three occasions, for example), there are reasonable measures you can take to live a normal life and continue to have private thoughts and private conversations.Note that I'm not singling out any government or administration. Politics aside, we should all think like dissidents, because the tide ebbs and flows from freedom to dictatorship and from left to right all around the world. The common thread is taking smart measures.To read this article in full or to leave a comment, please click here]]> 2017-01-10T05:49:00+00:00 http://www.networkworld.com/article/3156137/security/protecting-your-data-protecting-yourself-a-first-installment.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288917 False None None None Network World - Magazine Info aims to fix a loophole in the Electronic Communications Privacy Act that allowed the government to search without warrant email and other electronic communications older than 180 days, stored on servers of third-party service providers such as Google and Yahoo.“Thanks to the wording in a more than 30-year-old law, the papers in your desk are better protected than the emails in your inbox,” digital rights organization, Electronic Frontier Foundation said in a blog post Monday.To read this article in full or to leave a comment, please click here]]> 2017-01-09T21:55:08+00:00 http://www.networkworld.com/article/3156131/security/privacy-legislation-reintroduced-for-mail-older-than-180-days.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288265 False None Yahoo None Network World - Magazine Info revealed it had found flaws in pacemakers and other healthcare products from St. Jude Medical, potentially putting patients at risk.However, the controversy came over how MedSec sought to cash in on those bugs: it did so, by partnering with an investment firm to bet against St. Jude's stock. Since then, the two parties have been locked in a legal battle over the suspected vulnerabilities. But on Monday, MedSec claimed some vindication.To read this article in full or to leave a comment, please click here]]> 2017-01-09T18:35:54+00:00 http://www.networkworld.com/article/3155986/security/stock-tanking-in-st-jude-medical-security-disclosure-might-have-legs.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288266 False None None None Network World - Magazine Info Commission on Enhancing National Cybersecurity, included former NSA director Keith Alexander, former IBM CEO Sam Palmisano, etc.To read this article in full or to leave a comment, please click here]]> 2017-01-09T11:34:00+00:00 http://www.networkworld.com/article/3155573/security/cybersecurity-pros-to-trump-critical-infrastructure-is-very-vulnerable-to-a-cyber-attack.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288267 False None None None Network World - Magazine Info according to the Russian news agency TASS. The U.S. intel report, published on Friday, accused Russian President Vladimir Putin of personally ordering a secret campaign meant to influence last year's presidential election.To read this article in full or to leave a comment, please click here]]> 2017-01-09T10:01:00+00:00 http://www.networkworld.com/article/3155423/security/russia-us-fueling-witch-hunt-with-election-hacking-claims.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288268 False None None None Network World - Magazine Info here and here say the Turkish Energy Ministry blames storms and sabotage of underground power lines for outages around the country. It also says coordinated cyberattacks originating in the United States have been thwarted but also been keeping security teams busy. It doesn't like the outages directly to the cyberattacks, the sources say.To read this article in full or to leave a comment, please click here]]> 2017-01-09T08:53:00+00:00 http://www.networkworld.com/article/3155536/security/turks-point-to-u-s-as-source-of-cyberattacks-but-don-t-level-blame.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288281 False None None None Network World - Magazine Info Truffle Hog tool was created by U.S.-based researcher Dylan Ayrey and is written in Python. It searches for hard-coded access keys by scanning deep inside git code repositories for strings that are 20 or more characters and which have a high entropy. A high Shannon entropy, named after American mathematician Claude E. Shannon, would suggest a level of randomness that makes it a candidate for a cryptographic secret, like an access token.Hard-coding access tokens for various services in software projects is considered a security risk because those tokens can be extracted without much effort by hackers. Unfortunately this practice is very common.To read this article in full or to leave a comment, please click here]]> 2017-01-09T07:17:20+00:00 http://www.networkworld.com/article/3155711/security/this-tool-can-help-weed-out-hard-coded-keys-from-software-projects.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288282 False None None None Network World - Magazine Info Niall Merrigan It started last week when security researcher Victor Gevers discovered that about 200 MongoDB databases had been erased and held for ransom. By Tuesday, 2,000 databases were effected; the number climbed to 10,500 by Friday and kept climbing. Then the ransomed databases jumped from 12,000 to 27,000, according to security researcher Niall Merrigan.To read this article in full or to leave a comment, please click here]]> 2017-01-09T06:56:00+00:00 http://www.networkworld.com/article/3155474/security/huge-spike-in-ransomed-mongodb-installs-doubled-to-over-27000-in-a-day.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288283 False None None None Network World - Magazine Info Palerra, shows a few related issues worrying chief information security officers (CISO) when it comes to securing the cloud:To read this article in full or to leave a comment, please click here]]> 2017-01-09T05:15:00+00:00 http://www.networkworld.com/article/3155416/network-security/what-to-do-when-your-network-is-wide-open.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288028 False None None None Network World - Magazine Info 2017-01-09T05:00:00+00:00 http://www.networkworld.com/video/72555/what-a-locky-ransomware-attack-looks-like#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288042 False None None None Network World - Magazine Info 2017-01-09T05:00:00+00:00 http://www.networkworld.com/video/72556/how-to-recover-your-system-from-a-ransomware-attack#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288041 False None None None Network World - Magazine Info Image by invrisionOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Comodo Internet Security 10Image by ComodoTo read this article in full or to leave a comment, please click here]]> 2017-01-09T03:28:00+00:00 http://www.networkworld.com/article/3155242/software/new-products-of-the-week-1-9-17.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=288029 True None None None Network World - Magazine Info ZOE; the latter smart home assistant was developed by Protonet with privacy in mind – nothing goes to the cloud so it couldn't be turned into a surveillance device.To read this article in full or to leave a comment, please click here]]> 2017-01-08T09:13:00+00:00 http://www.networkworld.com/article/3155396/security/tv-news-anchor-triggers-alexa-to-attempt-ordering-dollhouses.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=287130 False None None None Network World - Magazine Info complaint against Taiwanese manufacturer D-Link Systems that charged the company's internet routers and web cameras can easily be hacked, putting consumers at risk.But the FTC's complaint doesn't cite evidence that the products have been breached, only the potential for harm to consumers.That's among the reasons D-Link is contesting the complaint. “Notably, the complaint does not allege any breach of a D-Link Systems device,” it said in a statement. To read this article in full or to leave a comment, please click here]]> 2017-01-06T17:41:00+00:00 http://www.networkworld.com/article/3155297/security/the-ftcs-iot-security-case-against-d-link-will-test-its-power.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=287131 False None None None Network World - Magazine Info report – or at least the declassified version – offered no new evidence or sources to prove the Kremlin's role in sponsoring the effort, which included hacks and online propaganda.The U.S. government published the 25-page document on Friday amid skepticism from incoming President-elect Trump over whether Russia was really involved.Outgoing President Barack Obama has nevertheless ordered sanctions against Russia and threatened covert action in retaliation for the cyber-meddling.To read this article in full or to leave a comment, please click here]]> 2017-01-06T15:47:02+00:00 http://www.networkworld.com/article/3155429/election-hacking/us-putin-ordered-cyber-meddling-to-favor-trump.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=287132 False None None None Network World - Magazine Info To read this article in full or to leave a comment, please click here]]> 2017-01-06T12:54:06+00:00 http://www.networkworld.com/article/3155282/security/trump-mum-on-russia-blame-after-us-intelligence-briefing.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=287133 False Guideline None None Network World - Magazine Info the latest estimate puts their number at more than 99,000.On Monday, security researcher Victor Gevers from the GDI Foundation reported that he found almost 200 instances of publicly exposed MongoDB databases that had been wiped and held to ransom by an attacker or a group of attackers named Harak1r1.To read this article in full or to leave a comment, please click here]]> 2017-01-06T09:35:43+00:00 http://www.networkworld.com/article/3155255/security/more-than-10000-exposed-mongodb-databases-deleted-by-ransomware-groups.html#tk.rss_security www.secnews.physaphae.fr/article.php?IdArticle=287146 False None None None