Catégorie : #SECURITE

Cyberthreats are now a real and present danger and if we don’t bother to find out about them we may be unable to defend ourselves. Source : https://www.youtube.com/watch?v=FszXQJ_MI0E Date : September 17, 2019 at 02:29PM Tag(s) : Acteurs Share this… Email Facebook Twitter Linkedin Whatsapp Print

The Cyber Threat Intelligence centre tries to answer four key questions: Who’s attacking who? When? How do they operate and which tactics and techniques do they use? And why? Source : https://www.youtube.com/watch?v=6CV3CyvVLRI Date : September 17, 2019 at 02:29PM Tag(s) : Acteurs Share this… Email Facebook Twitter Linkedin Whatsapp Print

VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/17/vmware-releases-security-updates-multiple-products Date : September 17, 2019 at 05:15PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print

MITRE has released the 2019 Common Weakness Enumeration (CWE) Top 25 Most Dangerous Software Errors list. The Top 25 is a compilation of the most frequent and critical errors that can lead to serious vulnerabilities in software. An attacker can often exploit these vulnerabilities to take control of an affected…

After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control (C2) server activity. But this morning, the Trojan…

Last week  on the Labs blog, we looked at free VPN offerings, how malware can hinder vital emergency services, and explored how the Heartbleed vulnerability is still causing problems. We also talked about a large FTC settlement involving Google, and how to keep an eye out for leaky AWS buckets….

How do you keep your startup secure? That’s the big question we explored at TC Sessions: Enterprise earlier this month. No matter the size, every startup is an enterprise. Every startup will grow in size as it builds out. But as a company expands, that rapid growth can lead to…

The person who leaked the data claims it notified Lumin PDF earlier this year but got no reply. Source : https://www.zdnet.com/article/data-of-24-3-million-lumin-pdf-users-shared-on-hacking-forum/#ftag=RSSbaffb68 Date : September 16, 2019 at 10:24PM Tag(s) : Médias internationaux Share this… Email Facebook Twitter Linkedin Whatsapp Print

QUITO, Ecuador (AP) – Millions of Ecuadorians are at risk of identity theft because a security breach exposed a trove of data including names, phone numbers and birth dates, a cyber security firm said Monday. Source : https://www.washingtontimes.com/news/2019/sep/16/security-firm-data-breach-exposes-millions-of-ecua/?utm_source=RSS_Feed&utm_medium=RSS Date : September 17, 2019 at 12:50AM Tag(s) : Médias internationaux Share…

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available Source : https://www.us-cert.gov/ncas/bulletins/sb19-259 Date : September…

As they deal with their oversight duties, board members need to ask a related question: Are they themselves sufficiently in the know? Source : https://www.symantec.com/blogs/feature-stories/3-questions-boards-want-answered-about-cyber-security Date : September 16, 2019 at 06:40PM Tag(s) : #SECURITE FRA Share this… Email Facebook Twitter Linkedin Whatsapp Print

De multiples vulnérabilités ont été découvertes dans Moodle. Certaines d’entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l’éditeur, un contournement de la politique de sécurité et une atteinte à la confidentialité des données. Source : https://www.cert.ssi.gouv.fr/avis/CERTFR-2019-AVI-445/ Date : September 16, 2019 at 03:42PM…

La version 2 de la Directive sur les services de paiement (PSD2) de l’UE est entrée en vigueur ce week-end. Elle doit permettre de faciliter (…) Source : https://www.lemondeinformatique.fr/actualites/lire-l-authentification-a-double-facteur-generalisee-pour-les-paiements-en-ligne-76461.html Date : September 16, 2019 at 06:50PM Tag(s) : Médias Share this… Email Facebook Twitter Linkedin Whatsapp Print

Les données sont-elles mieux protégées dans le cloud ou vaut-il mieux les laisser sur site ? Le cloud hybride permet de résoudre cette question. Voici comment. Source : https://www.zdnet.fr/actualites/le-cloud-hybride-une-approche-interessante-pour-la-securite-des-donnees-et-de-la-continuite-d-activite-39890677.htm#xtor=RSS-1 Date : September 16, 2019 at 03:35PM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin Whatsapp Print

La cyberguerre menée par un État contre un autre est devenue un danger très concret. Une question se pose alors : que peuvent faire les gouvernements pour protéger leurs citoyens et leurs infrastructures ? Source : https://www.silicon.fr/avis-expert/cyberguerre-stopper-les-attaques-contre-les-actifs-critiques-et-les-citoyens Date : September 16, 2019 at 04:42PM Tag(s) : Médias spécialisés Share this… Email Facebook…

When the captain of a Navy ship receives a “Flash command,” he or she has three minutes to deliver a response: “Received, Understood, Actioned.” The commander has to be sure that the correct captain has received the message, Source : https://www.forcepoint.com/blog/insights/thats-classified-why-deep-understanding-military-data-protection-delivers-dlp Date : September 16, 2019 at 02:39PM Tag(s) :…

Emotet botnet resumes malspam operations after going silent for nearly four months. Source : https://www.zdnet.com/article/emotet-todays-most-dangerous-botnet-comes-back-to-life/#ftag=RSSbaffb68 Date : September 16, 2019 at 02:06PM Tag(s) : Médias internationaux Share this… Email Facebook Twitter Linkedin Whatsapp Print

Theresa Payton argues companies are manipulating victims to avoid paying higher bills Source : https://www.itpro.co.uk/ransomware/34396/ex-white-house-cio-attacks-insurance-firms-for-fuelling-ransomware-industry Date : September 16, 2019 at 11:19AM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin Whatsapp Print

Les rançongiciels sont déjà un énorme problème. Et ce qui se profile à l’horizon est encore plus inquiétant. Voici quelques conseils pour que les professionnels ne se fassent pas piéger. Source : https://www.zdnet.fr/actualites/ransomware-pourquoi-la-situation-va-empirer-39890641.htm#xtor=RSS-1 Date : September 16, 2019 at 11:29AM Tag(s) : Médias spécialisés Share this… Email Facebook Twitter Linkedin…

Un attaquant a réussi à s’emparer de 30 000 EOS en exploitant une faille de EOSPlay, une dApp de jeu de hasard. Qui veut jouer ? 110 000 € de pactole EOS se retrouve à nouveau dans la tourmente après qu’un attaquant ait réussi à s’emparer de 30 000 EOS – 110 000 € au…