Catégorie : #SECURITE
L’actualité de la sécurité informatique et de la cybersécurité, traitant de l’actualité francophone et anglophone de la sécurité informatique, du hacking et des programmes informatiques à visée malveillante.
Emotet is back: botnet springs back to life with new spam campaign
After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control (C2) server activity. But this morning, the Trojan…
A week in security (September 9 – 15)
Last week on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets….
What startup CSOs can learn from three enterprise security experts
How do you keep your startup secure? That’s the big question we explored at TC Sessions: Enterprise earlier this month. No matter the size, every startup is an enterprise. Every startup will grow in size as it builds out. But as a company expands, that rapid growth can lead to…
Data of 24.3 million Lumin PDF users shared on hacking forum
The person who leaked the data claims it notified Lumin PDF earlier this year but got no reply. Source : https://www.zdnet.com/article/data-of-24-3-million-lumin-pdf-users-shared-on-hacking-forum/#ftag=RSSbaffb68 Date : September 16, 2019 at 10:24PM Tag(s) : Médias internationaux Share this… Email Facebook Twitter Linkedin Whatsapp Print
Security firm: Data breach exposes millions of Ecuadorians
QUITO, Ecuador (AP) – Millions of Ecuadorians are at risk of identity theft because a security breach exposed a trove of data including names, phone numbers and birth dates, a cyber security firm said Monday. Source : https://www.washingtontimes.com/news/2019/sep/16/security-firm-data-breach-exposes-millions-of-ecua/?utm_source=RSS_Feed&utm_medium=RSS Date : September 17, 2019 at 12:50AM Tag(s) : Médias internationaux Share…
Vulnerability Summary for the Week of September 9, 2019
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available Source : https://www.us-cert.gov/ncas/bulletins/sb19-259 Date : September…
3 Questions Boards Want Answered About Cyber Security
As they deal with their oversight duties, board members need to ask a related question: Are they themselves sufficiently in the know? Source : https://www.symantec.com/blogs/feature-stories/3-questions-boards-want-answered-about-cyber-security Date : September 16, 2019 at 06:40PM Tag(s) : #SECURITE FRA Share this… Email Facebook Twitter Linkedin Whatsapp Print
CERTFR-2019-AVI-445 : Multiples vulnérabilités dans Moodle (16 septembre 2019)
De multiples vulnérabilités ont été découvertes dans Moodle. Certaines d’entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l’éditeur, un contournement de la politique de sécurité et une atteinte à la confidentialité des données. Source : https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-445/ Date : September 16, 2019 at 03:42PM…
L’authentification à double facteur généralisée pour les paiements en ligne
La version 2 de la Directive sur les services de paiement (PSD2) de l’UE est entrée en vigueur ce week-end. Elle doit permettre de faciliter (…) Source : https://www.lemondeinformatique.fr/actualites/lire-l-authentification-a-double-facteur-generalisee-pour-les-paiements-en-ligne-76461.html Date : September 16, 2019 at 06:50PM Tag(s) : Médias Share this… Email Facebook Twitter Linkedin Whatsapp Print
Le cloud hybride, une approche intéressante pour la sécurité des données et de la continuité d’activité
Les données sont-elles mieux protégées dans le cloud ou vaut-il mieux les laisser sur site ? Le cloud hybride permet de résoudre cette question. Voici comment. Source : https://www.zdnet.fr/actualites/le-cloud-hybride-une-approche-interessante-pour-la-securite-des-donnees-et-de-la-continuite-d-activite-39890677.htm#xtor=RSS-1 Date : September 16, 2019 at 03:35PM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin Whatsapp Print
Cyberguerre : stopper les attaques contre les actifs critiques et les citoyens
La cyberguerre menée par un État contre un autre est devenue un danger très concret. Une question se pose alors : que peuvent faire les gouvernements pour protéger leurs citoyens et leurs infrastructures ? Source : https://www.silicon.fr/avis-expert/cyberguerre-stopper-les-attaques-contre-les-actifs-critiques-et-les-citoyens Date : September 16, 2019 at 04:42PM Tag(s) : Médias spécialisés Share this… Email Facebook…
That’s Classified: Why a Deep Understanding of Military Data Protection Delivers DLP for Enterprises Today
When the captain of a Navy ship receives a “Flash command,” he or she has three minutes to deliver a response: “Received, Understood, Actioned.” The commander has to be sure that the correct captain has received the message, Source : https://www.forcepoint.com/blog/insights/thats-classified-why-deep-understanding-military-data-protection-delivers-dlp Date : September 16, 2019 at 02:39PM Tag(s) :…
Emotet, today’s most dangerous botnet, comes back to life
Emotet botnet resumes malspam operations after going silent for nearly four months. Source : https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/#ftag=RSSbaffb68 Date : September 16, 2019 at 02:06PM Tag(s) : Médias internationaux Share this… Email Facebook Twitter Linkedin Whatsapp Print
Ex White House CIO attacks insurance firms for ‘fuelling ransomware industry’
Theresa Payton argues companies are manipulating victims to avoid paying higher bills Source : https://www.itpro.co.uk/ransomware/34396/ex-white-house-cio-attacks-insurance-firms-for-fuelling-ransomware-industry Date : September 16, 2019 at 11:19AM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin Whatsapp Print
Ransomware : pourquoi la situation va empirer
Les rançongiciels sont déjà un énorme problème. Et ce qui se profile à l’horizon est encore plus inquiétant. Voici quelques conseils pour que les professionnels ne se fassent pas piéger. Source : https://www.zdnet.fr/actualites/ransomware-pourquoi-la-situation-va-empirer-39890641.htm#xtor=RSS-1 Date : September 16, 2019 at 11:29AM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin…
EOS : une faille permet à un hacker de voler 110 000€
Un attaquant a réussi à s’emparer de 30 000 EOS en exploitant une faille de EOSPlay, une dApp de jeu de hasard. Qui veut jouer ? 110 000 € de pactole EOS se retrouve à nouveau dans la tourmente après qu’un attaquant ait réussi à s’emparer de 30 000 EOS – 110 000 € au…
#privacy: UK university to lead doctoral training programmes in cyber-security
University of London’s Artificial Intelligence Research Centre (CitAI) and Institute for Cyber Security (ICS) will lead two new Doctoral Training Programs (DTPs), supported by the European digital innovation and entrepreneurial education organisation EIT Digital. Source : https://gdpr.report/news/2019/09/16/privacy-uk-university-to-lead-doctoral-training-programmes-in-cyber-security/ Date : September 16, 2019 at 09:06AM Tag(s) : #RGPD ENG Share this… Email Facebook Twitter Linkedin Whatsapp…
#privacy: New cyber-security enterprise drive comes to Singapore
Multinational cyber-security companies of all sizes which chose Singapore as their base will be able to harness the Republic’s technical expertise, workforce and networks, the city state’s Senior Minister, Teo Chee Hean has said. Source : https://gdpr.report/news/2019/09/16/privacy-new-cyber-security-enterprise-drive-comes-to-singapore/ Date : September 16, 2019 at 10:06AM Tag(s) : #RGPD ENG Share this……
Washington sanctionne des entités nord-coréennes accusées de cyberattaques
(AFP) – Washington a annoncé vendredi des sanctions financières contre trois entités nord-coréennes accusées de cyber-attaques qui ont atteint des infrastructures clés comme des hôpitaux britanniques en 2017 ou la Banque centrale du Bangladesh en 2016. Source : https://www.solutions-numeriques.com/washington-sanctionne-des-entites-nord-coreennes-accusees-de-cyberattaques/ Date : September 16, 2019 at 09:12AM Tag(s) : Médias spécialisés…
Opinion: Cyber attacks threaten security of 2020 election
Following the 2016 elections, investigators found evidence that Russian hackers successfully infiltrated the computerized voting systems of several states. Hackers also stole data from campaigns and weaponized social media polarizing the electorate against and for certain candidates. Source : https://www.siliconvalley.com/2019/09/15/opinion-cyber-attacks-threaten-security-of-2020-election/ Date : September 15, 2019 at 04:29PM Tag(s) : Fédération…