Hack-tualité by G-echo - Securite - Mois 2019/03

Securite - Mois 2019/03

Wed, 20 Mar 2019 08:11:09 GMT
These are the top ten security vulnerabilities most exploited by hackers
Wed, 20 Mar 2019 08:11:09 GMT
Danny Palmer
But one simple thing could help stop the vast majority of these attacks, say researchers.<p>Special Feature<p>The smartest companies now approach …
Tue, 12 Mar 2019 13:37:05 GMT
Le DNS Tunneling : une menace à prendre au sérieux pour les PME
Tue, 12 Mar 2019 13:37:05 GMT
UnderNews
<b>Depuis quelques années, une série de piratages médiatisés et de rapports d’analystes témoignent de la multiplication exponentielle des attaques dites</b> …
Sun, 17 Mar 2019 16:48:11 GMT
Fujitsu wireless keyboard model vulnerable to keystroke injection attacks
Sun, 17 Mar 2019 16:48:11 GMT
Catalin Cimpanu
There are slim chances that Fujitsu will release a patch.<p>Fujitsu LX wireless keyboards are susceptible to keystroke injections, SySS GmbH, a German …
Fri, 15 Mar 2019 08:12:25 GMT
Two-thirds of all Android antivirus apps are frauds
Fri, 15 Mar 2019 08:12:25 GMT
Catalin Cimpanu
Only 23 Android antivirus apps had a 100 percent detection rate with no false positives.<p>An organization specialized in testing antivirus products …
Thu, 14 Mar 2019 18:26:47 GMT
Cyberharcèlement, cyberintimidation et boutiques pirates
Thu, 14 Mar 2019 18:26:47 GMT
Etes-vous certains que vos « sexfies » et autres vidéos intimes que vous avez sauvegardé dans un cloud, boite mail, pc et autre téléphone n’ont pas …
Tue, 05 Mar 2019 14:31:57 GMT
La fin programmée du "One Time Password" SMS
Tue, 05 Mar 2019 14:31:57 GMT
Cette semaine, Eric A. Caprioli et Pascal Agosti, avocats au sein du cabinet Caprioli & Associés, détaillent les tenants et aboutissants de l'OTP …
Fri, 15 Mar 2019 12:14:09 GMT
Un puissant malware circule sur Google Play
Fri, 15 Mar 2019 12:14:09 GMT
Emmanuel Ghesquier
Un malware d’un nouveau genre a été découvert sur plus de 200 applications de Google Play. Des dizaines de millions de téléphones seraient infectés. …
Tue, 05 Mar 2019 14:33:06 GMT
Phishing alert: One in 61 emails in your inbox now contains a malicious link
Tue, 05 Mar 2019 14:33:06 GMT
Danny Palmer
Be careful when you click. That email might not be as innocent as it looks.<p>The number of phishing attacks is on the rise, more than doubling in …
Mon, 11 Mar 2019 07:09:49 GMT
Alerte à la faille zero-day pour Windows 7 !
Mon, 11 Mar 2019 07:09:49 GMT
UnderNews
L’instant est grave pour tous les utilisateurs de Windows 7 ! En effet, les chercheurs en sécurité de Google ont découvert une vulnérabilité critique …
Wed, 06 Mar 2019 21:57:47 GMT
Cybersecurity should be a source of hope, not fear. Here are 5 reasons why
Wed, 06 Mar 2019 21:57:47 GMT
Adrien Ogée
This headline was in the news a few weeks ago: “Hackers are passing around a megaleak of 2.2 billion records".<p>Headlines like this are common in the …
Fri, 01 Mar 2019 17:12:02 GMT
19-year-old makes millions from ethical hacking
Fri, 01 Mar 2019 17:12:02 GMT
Charlie Osborne
The Argentine teenager has topped the charts when it comes to bug bounty hunting.<p>A 19-year-old has made over $1 million in his quest to find and …
Sun, 17 Mar 2019 08:32:55 GMT
"100 unique exploits and counting": Hackers begin exploiting WinRAR critical vulnerability
Sun, 17 Mar 2019 08:32:55 GMT
Eric Hamilton
<b>Why it matters:</b> If you have WinRAR installed, make sure you've updated to the most recent version that patches a critical security vulnerability. …
Mon, 18 Mar 2019 18:07:54 GMT
Des simulateurs Enigma, Typex et Bombe disponibles en libre accès
Mon, 18 Mar 2019 18:07:54 GMT
Le GCHC, Government communication Headquarters, a publié un tweet annonçant la mise en ligne des simulateurs :<p>We’ve brought technology from our past …
Thu, 14 Mar 2019 18:11:36 GMT
Ruiner la vie d'un internaute et acheter des attaques DDoS... bienvenue dans le black market
Thu, 14 Mar 2019 18:11:36 GMT
Si lancer des attaques de Dénis Distribués de Service est devenu un jeu d’enfant, acquérir des attaques de tailles XXL reste un commerce d’initié… …
Thu, 14 Mar 2019 07:18:13 GMT
6 things small businesses can do to improve cybersecurity
Thu, 14 Mar 2019 07:18:13 GMT
By JOYCE M. ROSENBERG, AP Business Writer
NEW YORK (AP) — Small businesses can be more vulnerable to cyberattacks than larger companies because they often don't have sophisticated and comprehensive systems to protect themselves from hackers, viruses, malware and what's called ransomware. And owners who are focused on customers and …
Wed, 06 Mar 2019 21:45:40 GMT
Firefox to add Tor Browser anti-fingerprinting technique called letterboxing
Wed, 06 Mar 2019 21:45:40 GMT
Catalin Cimpanu
Firefox gets another new feature from the Tor Uplift project started in 2016.<p>Mozilla is scheduled to add a new user anti-fingerprinting technique to …
Wed, 06 Mar 2019 13:09:17 GMT
Google reveals Chrome zero-day under active attacks
Wed, 06 Mar 2019 13:09:17 GMT
Catalin Cimpanu
Users are advised to update to Google Chrome version 72.0.3626.121.<p><b>UPDATE:</b> <i>There is an update to this story. Today, March 7, Google revealed that this</i> …
Thu, 07 Mar 2019 15:25:59 GMT
Pirate Bay malware buries nuisance program bundles in a single click
Thu, 07 Mar 2019 15:25:59 GMT
Charlie Osborne
PirateMatryoshka is described as a “Russian doll” for adware programs and tools.<p>The Pirate Bay (TPB) has become a hotspot for the download of a new …
Mon, 18 Mar 2019 17:20:30 GMT
Is it still a good idea to publish proof-of-concept code for zero-days?
Mon, 18 Mar 2019 17:20:30 GMT
Catalin Cimpanu
Time and time again, the publication of PoC code for zero-days and recently patched security bugs often helps hackers more than end-users.<p>More often …
Mon, 18 Mar 2019 11:59:58 GMT
These Are The Worst Cyber Attacks Ever
Mon, 18 Mar 2019 11:59:58 GMT
Bloomberg
StreetEasy<p>Technology<p>U.S.<p>February 16, 2019<p>1,000,000<p>Town of Salem/BlankMediaGames<p>Gaming<p>U.S.<p>December 28, 2018<p>7,633,234<p>Dubsmash<p>Technology<p>U.S.<p>December 2018<p>…
Tue, 05 Mar 2019 14:31:12 GMT
All Intel chips open to new Spoiler non-Spectre attack: Don't expect a quick fix
Tue, 05 Mar 2019 14:31:12 GMT
Liam Tung
Researchers say Intel won't be able to use a software mitigation to fully address the problem Spoiler exploits.<p>Researchers have discovered a new flaw …
Tue, 19 Mar 2019 13:00:51 GMT
Libssh Releases Update to Patch 9 New Security Vulnerabilities
Tue, 19 Mar 2019 13:00:51 GMT
Wang Wei
Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its software to patch a …
Fri, 08 Mar 2019 22:14:32 GMT
Citrix Learns About Internal Network Security Breach from FBI
Fri, 08 Mar 2019 22:14:32 GMT
Sergiu Gatlan
Citrix found out from the FBI on March 6, 2019, about a security breach into its internal network which led to the cybercriminals behind the attack …
Sun, 10 Mar 2019 11:33:57 GMT
Les Chroniques de la Cybersécurité – Bienvenue dans la première exposition consacrée aux cybermenaces
Sun, 10 Mar 2019 11:33:57 GMT
Bienvenue dans la première exposition<br>consacrée aux cybermenaces.<p>Découvrez au travers de cette exposition,<br>comment les attaques menées par les …
Fri, 15 Mar 2019 23:44:50 GMT
[THC19] Certificate Transparency & threats detection, 24 months later
Fri, 15 Mar 2019 23:44:50 GMT
Talk written by /me & Thomas Damonneville. Given by /me at Toulouse Hacking Convention (@ToulouseHacking), March, 8 2019. It is the last iteration of …
Fri, 01 Mar 2019 17:12:52 GMT
Retail industry endures new point-of-sale cybercrime spree
Fri, 01 Mar 2019 17:12:52 GMT
Charlie Osborne
The harvest of sensitive data is at hand, but it is not certain who is behind the campaign.<p>Researchers have uncovered an ongoing campaign against …
Tue, 12 Mar 2019 18:09:42 GMT
This banking malware just returned with new sneaky tricks to steal you data
Tue, 12 Mar 2019 18:09:42 GMT
Danny Palmer
The malware's code has been around for over 10 years, but attackers are still finding new ways to make it more dangerous.<p>A new variant of an infamous …
Tue, 19 Mar 2019 08:44:23 GMT
It’s Impossible to Prove Your Laptop Hasn’t Been Hacked. I Spent Two Years Finding Out.
Tue, 19 Mar 2019 08:44:23 GMT
Micah Lee
Digital security specialists like me get some version of this question all the time: “I think my laptop may have been infected with malware. Can you …
Mon, 04 Mar 2019 07:25:37 GMT
Hackers have started attacks on Cisco RV110, RV130, and RV215 routers
Mon, 04 Mar 2019 07:25:37 GMT
Catalin Cimpanu
Attacks started two days after Cisco released patch, one day after reserchers published demo exploit code.<p>Two days after Cisco patched a severe …
Mon, 18 Mar 2019 12:01:09 GMT
MySpace a « accidentellement » perdu 12 ans de musique (ou pourquoi il faut faire des sauvegardes)
Mon, 18 Mar 2019 12:01:09 GMT
Julien Cadot
MySpace a perdu des millions de morceaux de musique et nous rappelle qu'un service web n'est pas éternel.<p>Une information sur MySpace en 2019 est …
Mon, 04 Mar 2019 10:03:05 GMT
Threat actors using FrameworkPOS malware in POS attacks
Mon, 04 Mar 2019 10:03:05 GMT
Pierluigi Paganini
Security experts atMorphisecobserved a wave of attacks against point-of-sale (PoS) thin clients using card data scraping malware and the Cobalt …
Tue, 05 Mar 2019 07:49:22 GMT
Google's Project Zero Team Releases Details on 'High-Severity' macOS Bug
Tue, 05 Mar 2019 07:49:22 GMT
Tom McKay
Google’s bug-zapping Project Zero team has uncovered what it said was a “high-severity” flaw in the macOS kernel, Wired reported on Monday, and …
Tue, 12 Mar 2019 04:37:12 GMT
Cyber security: Why bosses are confident, and tech workers are scared
Tue, 12 Mar 2019 04:37:12 GMT
Steve Ranger
How well protected is your business, really? It depends who you ask.<p>Panic stations or nothing to worry about? When asking how well prepared …
Tue, 05 Mar 2019 12:08:41 GMT
A CEO Cheat Sheet For The Cybersecurity Big One
Tue, 05 Mar 2019 12:08:41 GMT
Bob Zukis
In Warren Buffett’s 2019 shareholder letter, he called out the “Big One” alongside natural disasters as the key risks to his insurance portfolio. The “Big One” he is referring to is a cyber attack he describes as “…having disastrous consequences beyond anything insurers now contemplate.”<p>Here’s a …
Sun, 17 Mar 2019 16:19:23 GMT
Attacks bypass MFA on Office 365 and G Suite accounts via IMAP Protocol
Sun, 17 Mar 2019 16:19:23 GMT
Pierluigi Paganini
Threat actors targeted Office 365 and G Suite cloud accounts using the IMAP protocol to bypass multi-factor authentication (MFA).<p>Over the past …
Tue, 19 Mar 2019 13:04:18 GMT
These are the 12 most common phishing email subject lines cyber criminals use to fool you
Tue, 19 Mar 2019 13:04:18 GMT
Danny Palmer
Analysis of over 360,000 phishing emails reveals some common themes in phoney emails sent to businesses. Don't get caught out by these ones.<p>The most …
Sat, 16 Mar 2019 03:04:26 GMT
4 Questions To Ask Immediately After A Data Breach
Sat, 16 Mar 2019 03:04:26 GMT
ExtraHop Contributor
With GDPR decreeing a 72-hour grace period before European organizations must disclose data breaches, other jurisdictions are strengthening their regulations as we speak. This means that no matter where your business is located, it’s time to make a plan that will enable you to investigate incidents …
Thu, 14 Mar 2019 07:17:10 GMT
New BitLocker attack puts laptops storing sensitive data at risk
Thu, 14 Mar 2019 07:17:10 GMT
Catalin Cimpanu
New Zealand security researcher details never-before-seen attack for recovering BitLocker keys.<p>A security researcher has come up with a new method of …
Thu, 07 Mar 2019 08:10:31 GMT
Google warns users to immediately update Chrome browser after critical bug discovered
Thu, 07 Mar 2019 08:10:31 GMT
By Margi Murphy
Google has warned owners of Windows computers to urgently update their Chrome internet browser after learning that hackers may have exploited a mystery bug that has existed since its launch.<p>Justin Schuh, Chrome’s security engineer chief warned users to update Chrome “like right this minute” on …
Mon, 04 Mar 2019 07:23:08 GMT
Researchers obtain a command server used by North Korean hacker group
Mon, 04 Mar 2019 07:23:08 GMT
Zack Whittaker
In a rare move, government officials have handed security researchers a seized server believed to be used by North Korean hackers to launch dozens of targeted attacks last year.<p>Known as Operation Sharpshooter, the server was used to deliver a malware campaign targeting governments, telecoms, and …
Mon, 04 Mar 2019 13:44:13 GMT
Flawed visitor check-in systems let anyone steal guest logs and sneak into buildings
Mon, 04 Mar 2019 13:44:13 GMT
Zack Whittaker
Security researchers at IBM have found, reported and disclosed 19 vulnerabilities in five popular visitor management systems, which they say can be used to steal data about visitors — or even sneak into sensitive and off-limit areas of office buildings.<p>You’ve probably seen one of these visitor …
Tue, 12 Mar 2019 04:23:41 GMT
WordPress shopping sites under attack
Tue, 12 Mar 2019 04:23:41 GMT
Catalin Cimpanu
Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites.<p>WordPress-based shopping sites are under attack …
Tue, 05 Mar 2019 21:31:41 GMT
Singapore now able to certify global cybersecurity standard
Tue, 05 Mar 2019 21:31:41 GMT
Eileen Yu
Now a Certificate Authorising Nation for the Common Criteria, Singapore is one of 18 countries that can assess and certify cybersecurity products …
Tue, 05 Mar 2019 07:47:10 GMT
Why 'ji32k7au4a83' Is a Remarkably Common Password
Tue, 05 Mar 2019 07:47:10 GMT
Rhett Jones
For too many people, moving the digits around in some variation of Patriots69Lover is their idea of a strong password. So you might expect something …
Wed, 06 Mar 2019 22:16:28 GMT
Introducing the RunSafe Pwn Index
Wed, 06 Mar 2019 22:16:28 GMT
Greg Otto
Written by <br>Mar 6, 2019 | CYBERSCOOP<p>So much of the dark web leaves enterprises, well, in the dark.<p>Unless a security team has someone infiltrating and …