Nouvelles

Actualites provenant du site Vumetric

The latests cybersecurity news

2018-01-16 - Jim Risen Writes about Reporting Government Secrets

Jim Risen writes a long and interesting article about his battles with the US government and the New York Times to report government secrets....[...]

2018-01-16 - eBook: 5 emerging rails cybersecurity standards

With massive capital investments in rail infrastructure and technology, many countries understand that it’s time cybersecurity standards prescribe technology that prevents cyberattacks from entering critical signaling and control networks. Unidirectional Gateway technology has featured throughout these standards as best practice for protecting control networks. Download Waterfall’s eBook detailing global rail standards’ view on industrial control systems cybersecurity and Unidirectional Gateway technology.[...]

2018-01-16 - As the cloud’s popularity grows, so does the risk to sensitive data

While the vast majority of global companies (95%) have adopted cloud services, there is a wide gap in the level of security precautions applied by companies in different markets. Organizations admitted that on average, only two-fifths (40%) of the data stored in the cloud is secured with encryption and key management solutions. Who is responsible for protecting sensitive data stored in the cloud? The findings – part of the Ponemon Institute “2018 Global Cloud Data ...[...]

2018-01-16 - NotPetya: From Russian Intelligence, With Love

CIA Reportedly Believes Russian Military Launched Wiper Disguised as RansomwareThe CIA has attributed last year's outbreak of NotPetya wiper malware to Russia's GRU military intelligence unit, The Washington Post reports. Other intelligence agencies and information security experts have reached similar conclusions, warning that Russia's hybrid warfare campaigns are intensifying.[...]

2018-01-16 - Flaws Allowed Facebook Account Hacking via Oculus App

Facebook recently patched a couple of vulnerabilities that could have been exploited by malicious hackers to hijack accounts by abusing integration with the Oculus virtual reality headset.[...]

2018-01-16 - Internet of Things security issues bleed into 2018

In 2017 Internet of Things (IoT) devices rose to prominence as attackers have continued to target and use them to support various cyberattacks. IoT devices are almost the perfect target for cyberthieves. They sit on internal networks, have their own IP address, and allow communication with other internet connected devices and systems. Their ubiquity and large numbers make them highly attractive targets. Yet, despite their growing numbers, IoT devices are relatively unprotected and make easy ...[...]

2018-01-16 - Phishers target Netflix users, ask for info and photo of their ID

Should you send Netflix a selfie in which you hold your ID card to get your account reinstated? The answer is an emphatic no, but each one of us knows at least one person who would find the request unremarkable and proceed to do it. The campaign The request is the last of several steps of the most recent Netflix-themed phishing campaign, which starts with an email purportedly coming from the streaming company and warning ...[...]

2018-01-16 - The rise of ransom hacks, and the potential impact on your business

The percentage of companies reporting financially motivated cyber attacks has doubled over the past two years, with 50% of companies experiencing a cyber attack motivated by ransom in the past year, according to Radware. As the value of bitcoin and other cryptocurrencies has appreciated, ransom attacks provide an opportunity for hackers to cash out for lucrative gains months later. Ransom attacks “The rapid adoption of cryptocurrencies and their subsequent rise in price has presented hackers ...[...]

2018-01-16 - Canadian Man Charged Over Leak of Three Billion Hacked Accounts

An Ontario man made his first court appearance Monday to answer charges of running a website that collected personal and password data from some three billion accounts, and sold them for profit.[...]

2018-01-16 - Flaw in Popular Transmission BitTorrent Client Lets Hackers Control Your PC Remotely

A critical vulnerability has been discovered in the widely used Transmission BitTorrent app that could allow hackers to remotely execute malicious code on BitTorrent users' computers and take control of them. The vulnerability has been uncovered by Google's Project Zero vulnerability reporting team, and one of its researchers Tavis Ormandy has also posted a proof-of-concept attack—just 40[...]

2018-01-16 - Shared Accounts Increasingly Problematic for Critical Infrastructure: ICS-CERT

Assessments conducted last year by the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) showed that boundary protection remains the biggest problem in critical infrastructure organizations, but identification and authentication issues have become increasingly common.[...]

2018-01-16 - LeakedSource Operator Busted by Canadian Police

Canadian Charged With Selling Access to Stolen Logins, Earning $247,000Canadian police have charged a 27-year-old man with running LeakedSource, which sold access to 3.1 billion stolen login credentials. Jordan Evan Bloom is accused of making $247,000 by administering the site, which offered a subscription service.[...]

2018-01-16 - Is Healthcare Ready to Comply With GDPR?

This edition of the ISMG Security Report takes a look at how ready healthcare organizations are for GDPR compliance. Also featured: comments from Alberto Yepez of Trident Capital on the 2018 outlook for information security companies and a summary of the latest financial fraud trends.[...]

2018-01-16 - LeakedSource Founder Arrested for Selling 3 Billion Stolen Credentials

Canadian authorities have arrested and charged an Ontario man for operating a website that collected 'stolen' personal identity records and credentials from some three billion online accounts and sold them for profit. According to the Royal Canadian Mounted Police (RCMP), the 27-year-old Jordan Evan Bloom of Thornhill is the person behind the notorious LeakedSource.com—a major repository that[...]

2018-01-16 - DoS attacks against hard disk drives using acoustic signals

A group of Princeton and Purdue researchers has shown that it’s possible to mount a denial-of-service (DoS) attack against hard disk drives via acoustic signals. Threat severity Hard disk drives (HDDs) have become the most commonly-used type of non-volatile storage due to their increased reliability, fault tolerance, storage capacity, and so on. “These technological advances in HDDs, along with the ever-increasing need for storing the huge amount of data, made them one of the core ...[...]

2018-01-15 - Apple updates iOS security guide

Apple has published an updated version of its iOS security guide, in which it details features introduced in iOS 11.2 (released on December 4, 2017) and iOS 11.1 (October 31, 2017). The company first released the first version of the document in June 2012, and has been updating it periodically ever since. New information in the iOS security guide This latest iteration contains more and updated details about Apple Pay Cash, security certifications and programs, ...[...]

2018-01-15 - Spectre and Meltdown patches causing trouble as realistic attacks get closer

Driver incompatibilities and microcode problems are both being reported.[...]

2018-01-15 - Apple updates iOS security guide

Apple has published an updated version of its iOS security guide, in which it details features introduced in iOS 11.2 (released on December 4, 2017) and iOS 11.1 (October 31, 2017). The company first released the first version of the document in June 2012, and has been updating it periodically ever since. New information in the iOS security guide This latest iteration contains more and updated details about Apple Pay Cash, security certifications and programs, ...[...]

2018-01-15 - Spectre and Meltdown patches causing trouble as realistic attacks get closer

Driver incompatibilities and microcode problems are both being reported.[...]

2018-01-15 - Half Million Impacted by Four Malicious Chrome Extensions

Four malicious Chrome extensions managed to infect over half a million users worldwide, including employees of major organizations, ICEBRG reports.[...]

-

[...]

2018-01-15 - Apple updates iOS security guide

Apple has published an updated version of its iOS security guide, in which it details features introduced in iOS 11.2 (released on December 4, 2017) and iOS 11.1 (October 31, 2017). The company first released the first version of the document in June 2012, and has been updating it periodically ever since. New information in the iOS security guide This latest iteration contains more and updated details about Apple Pay Cash, security certifications and programs, ...[...]

2018-01-15 - OnePlus Site’s Payment System Reportedly Hacked to Steal Credit Card Details

This year's first bad news for OnePlus users—a large number of OnePlus customers are reporting of fraudulent credit card transactions after buying products from the Chinese smartphone manufacturer's official online store. The claim initially surfaced on the OnePlus support forum over the weekend from a customer who said that two of his credit cards used on the company's official website was[...]

2018-01-15 - Spectre and Meltdown patches causing trouble as realistic attacks get closer

Driver incompatibilities and microcode problems are both being reported.[...]

2018-01-15 - Half Million Impacted by Four Malicious Chrome Extensions

Four malicious Chrome extensions managed to infect over half a million users worldwide, including employees of major organizations, ICEBRG reports.[...]

-

[...]

2018-01-15 - Apple updates iOS security guide

Apple has published an updated version of its iOS security guide, in which it details features introduced in iOS 11.2 (released on December 4, 2017) and iOS 11.1 (October 31, 2017). The company first released the first version of the document in June 2012, and has been updating it periodically ever since. New information in the iOS security guide This latest iteration contains more and updated details about Apple Pay Cash, security certifications and programs, ...[...]

2018-01-15 - Spectre and Meltdown patches causing trouble as realistic attacks get closer

Driver incompatibilities and microcode problems are both being reported.[...]

Lien vers la totalité des actualités VUMETRIC