Catégorie : #SECURITE ENG
L’actualité anglophone de la sécurité informatique et de la cybersécurité, traitant de l’actualité de la sécurité informatique, du hacking et des programmes informatiques à visée malveillante.
What Is the ISA/IEC 62443 Framework?
Cybersecurity threats to manufacturing and process plants are coming from a wide range of attack vectors including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors and new smart devices. Many emerging Internet of Things (IoT) and communications technologies offer greater…
Ransomware attack hits school district twice in 4 months
WOLCOTT, Conn. (AP) – A Connecticut school district’s teachers are working without computer access less than a week after a second malware attack targeted the district’s servers. Source : https://www.washingtontimes.com/news/2019/sep/10/ransomware-attack-hits-school-district-twice-in-4-/?utm_source=RSS_Feed&utm_medium=RSS Date : September 11, 2019 at 12:39AM Tag(s) : Médias internationaux Share this… Email Facebook Twitter Linkedin Whatsapp Print
Adobe Releases Security Updates
Adobe has released security updates to address vulnerabilities affecting Flash Player and Application Manager. An attacker could exploit these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/adobe-releases-security-updates Date : September 10, 2019 at 07:31PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Microsoft Releases September 2019 Security Updates
Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/microsoft-releases-september-2019-security-updates Date : September 10, 2019 at 07:51PM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
MS-ISAC Releases Security Event Primer on Malware
The Multi-State Information Sharing & Analysis Center (MS-ISAC) has released a Security Event Primer on Malware. The white paper outlines general malware operations and includes common malware event types and best practice recommendations. An attacker can use malware to gain access to a network, obtain sensitive data, and damage systems….
Google Releases Security Updates for Chrome
Google has released Chrome version 77.0.3865.75 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that an attacker could exploit to take control of an affected system. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/google-releases-security-updates-chrome Date : September 11, 2019 at 01:44AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Intel Releases Security Updates
Intel has released security updates to address vulnerabilities in multiple products. An attacker could exploit one of these vulnerabilities to gain an escalation of privileges on a previously infected machine. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/10/intel-releases-security-updates Date : September 11, 2019 at 02:55AM Tag(s) : US GOV Share this… Email Facebook Twitter Linkedin Whatsapp…
Study Design: Developing a Citizen Science Project that Delivers Results
Prior to developing a community-based data collection program, it is essential to think through the scientific process and the steps necessary to create a program where the data collected match your monitoring objectives and data use goals. Source : https://digital.gov/event/2019/10/16/study-design-developing-a-citizen-science-project-that-delivers-results/ Date : September 10, 2019 at 07:04PM Tag(s) : US…
Weekly Threat Report 6th September 2019
The NCSC’s weekly threat report is drawn from recent open source reporting. Source : https://www.ncsc.gov.uk/report/weekly-threat-report-6th-september-2019 Date : September 6, 2019 at 04:20PM Tag(s) : UK GOV Share this… Email Facebook Twitter Linkedin Whatsapp Print
Integrating Security to DevOps: Fundamental Principles Are Crucial!
Changing consumer demands posed a serious challenge to the IT industry; it pushed firms to brainstorm about quick product delivery. This demand eventually gave rise to the demand for collaboration between Development (Dev) and Operations (Ops) teams, welcoming the DevOps trend. As a result, everything started progressing well with increased…
Secret Service Investigates Breach at U.S. Govt IT Contractor
The U.S. Secret Service is investigating a breach at a Virginia-based government technology contractor that saw access to several of its systems put up for sale in the cybercrime underground, KrebsOnSecurity has learned. Source : https://krebsonsecurity.com/2019/09/secret-service-investigates-breach-at-u-s-govt-it-contractor/ Date : September 9, 2019 at 07:10PM Tag(s) : Sécurité Share this… Email Facebook…
‘Satori’ IoT Botnet Operator Pleads Guilty
A 21-year-old man from Vancouver, Wash. has pleaded guilty to federal hacking charges tied to his role in operating the “Satori” botnet, a crime machine powered by hacked Internet of Things (IoT) devices that was built to conduct massive denial-of-service attacks targeting Internet service providers, online gaming platforms and Web…
IoT vendors ignore basic security best practices, CITL research finds
New measurements by the CITL mass fuzzing project show just how bad things really are–and how IoT device makers could radically increase binary security … Source : https://www.csoonline.com/article/3436877/iot-vendors-ignore-basic-security-best-practices-citl-research-finds.html Date : September 10, 2019 at 12:06PM Tag(s) : #IOT ENG,#IOT,Sécurité Share this… Email Facebook Twitter Linkedin Whatsapp Print
Bitdefender to shine spotlight on IoT security at GITEX 2019
Bitdefender, an innovative cybersecurity solutions provider protecting 500 million machines worldwide, has announced its participation in the 39th edition of … Source : https://www.intelligentcio.com/me/2019/09/10/bitdefender-to-shine-spotlight-on-iot-security-at-gitex-2019/ Date : September 10, 2019 at 11:05AM Tag(s) : #IOT ENG,#IOT,Sécurité Share this… Email Facebook Twitter Linkedin Whatsapp Print
#privacy: US power grid hit by cyber-security due to lax protection measures
Earlier this year, news broke of a security breach at a North American power grid body, with commentators suggesting that the incident was not as serious as first thought. Source : https://gdpr.report/news/2019/09/10/privacy-us-power-grid-hit-by-cyber-security-due-to-lax-protection-measures/ Date : September 10, 2019 at 09:04AM Tag(s) : #RGPD,Sécurité Share this… Email Facebook Twitter Linkedin Whatsapp Print
Ransomware locks Rockford Public Schools’ phones, internet
ROCKFORD, Ill. (AP) – Public schools in Rockford, Illinois are operating without internet, telephone or computer systems that track student attendance because of a ransomware attack. The Register Star reports Rockford Public Schools first experienced trouble with its phone and internet services on Friday. Classes for roughly 28,000 students ……
North Korean Malicious Cyber Activity
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified two malware variants—referred to as ELECTRICFISH and BADCALL—used by the North Korean government. The U.S. Government refers to malicious cyber activity by the North Korean government as HIDDEN COBRA. Source : https://www.us-cert.gov/ncas/current-activity/2019/09/09/north-korean-malicious-cyber-activity Date :…
AR19-252A: MAR-10135536-10 – North Korean Trojan: BADCALL
This Malware Analysis Report (MAR) is the result of analytic efforts between the Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), and the Department of Defense (DoD). Working with U.S. Government partners, DHS, FBI, and DoD identified Trojan malware variants used by the North Korean government –…
AR19-252B: MAR-10135536-21 – North Korean Proxy Malware: ELECTRICFISH
This report is provided « as is » for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in this bulletin or otherwise. Source : https://www.us-cert.gov/ncas/analysis-reports/ar19-252b Date :…
An inside job: The human factor of cybersecurity
Deploying the latest cybersecurity systems across your business is essential – but your staff could be the weakest link in your security? Source : https://www.itpro.co.uk/data-breaches/34355/an-inside-job-the-human-factor-of-cybersecurity Date : September 9, 2019 at 01:14PM Tag(s) : Médias spécialisés,Sécurité Share this… Email Facebook Twitter Linkedin Whatsapp Print