RSS Trending Cyber News

  • 「野蛮さ」に見え隠れする「洗練」、ベネズエラ軍翻弄したサイバー「マチェーテ(山鉈)」とは
    2019 年 10 月、欧セキュリティ企業大手 ESET 本社があるスロバキアで「 ESET Global Press Event 」が開催された。このイベントは、よくある企業主催のプライベートイベントやカンファレンスとは異なり、派手な製品リリースやロードマップの発表はない。 初日のオープニングセッションやランチブレイク前などに、CTO や役員による企業紹介風セッションは形だけはあるものの、それ以外は同社アナリストによるマルウェアとサイバー攻撃の調査・研究レポート、同ホワイトペーパーをベースとした発表で構成される。R & D に強い同社らしい内容である。 ScanNetSecurity....
  • Vulnerabilidade na origem da fuga de dados da Equifax foi o principal ataque de rede no terceiro trimestre
    A WatchGuard Technologies , líder global em inteligência e segurança de rede, Wi-Fi seguro e autenticação multi-factor, anuncia a publicação do seu Relatório de Segurança na Internet para o terceiro trimestre de 2019 . Num período em que se registaram aumentos significativos nos ataques de malware e....
  • Optus makes 5G data call over 2300 MHz spectrum
    has established an end-to-end 5G data call over its 2300 MHz spectrum, in what the company is calling a world first. The Sydney-based call was completed with the help of technology partner , Optus said. Ericsson Optus currently owns spectrum in the 2300 and 3500 MHz bands, allowing it to work on a....
  • Government testing GIMs, its secure messaging app
    GIMS is being packaged for employees of Central and state government departments and organisations for intra and inter organisation communications. (Representational) THE GOVERNMENT is testing a prototype of an Indian equivalent of popular messaging platforms, such as WhatsApp and Telegram, for secure internal use.
  • How safe is business data stored in third-party supplier websites?
    For any modern business, the data that they hold is among their most valuable assets. Whether it is data about customers or about the business itself, data is now integral to corporate strategizing. Playing fast and loose with your data security can have If data about your business leaks into the....
  • Most reports sent to CSM related to cyber fraud - The Star Online
    PAGOH: Over 70% of the reports received by CyberSecurity Malaysia (CSM) are related to cyber fraud. Its chief executive officer Datuk Dr Amirudin Abdul Wahab (pic) said they received some 9,800 cases through its hotline up to last month. Amirudin said the figure was expected to rise further to over 10,000 cases by year end.
  • NSW agencies fall short on cybersecurity, audit finds - The Mandarin
    The New South Wales Public Sector’s cybersecurity resilience “needs urgent attention”, according to a recent audit report from the state audit office. Auditor-General Margaret Crawford’s latest audit into NSW central agencies found “more work needs to be done” to improve cybersecurity resilience, based on agency self-assessments.
  • New Orleans city computers offline after cyberattack
    New Orleans city employees were instructed to shut down their computers this weekend as a precaution after an apparent cyberattack. City officials have said there's no evidence that user passwords or data was lost in the attack. The NOLA.gov website was still down for "unplanned maintenance" Sunday,....
  • VISA warns of POS malware incidents at gas pumps across North America
    Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks. In two security alerts published in November and December, respectively, VISA said its....
  • Pallete refuerza la cúpula directiva de Telefónica Tech
    Se incorporan Antonio Marti, como director de operaciones, Hugo de los Santos ('cloud'), Gonzalo Martín-Villa (IoT y Big Data) y Pedro Pérez (seguridad). Telefónica acelera en la ejecución de los planes anunciados el pasado 27 de noviembre con el nombramiento de los principales cuadros directivos....

RSS Vulnerabilities

  • Vulnerabilidade na origem da fuga de dados da Equifax foi o principal ataque de rede no terceiro trimestre
    A WatchGuard Technologies , líder global em inteligência e segurança de rede, Wi-Fi seguro e autenticação multi-factor, anuncia a publicação do seu Relatório de Segurança na Internet para o terceiro trimestre de 2019 . Num período em que se registaram aumentos significativos nos ataques de malware e....
  • Debian LTS: DLA-2035-1: libpgf security update>
    An issue has been found in libpgf, a library to handle Progressive Graphics File (PGF). Package : libpgf Version : 6.14.12-3+deb8u1 CVE ID : CVE-2015-6673 An issue has been found in libpgf, a library to handle Progressive Graphics File (PGF). Due to lack of validation of ColorTableSize, a use-after-free issue might appear in Decoder.
  • Tableau Software Server 跨站脚本漏洞
    Tableau Software Server是美国塔谱软件(Tableau Software)公司的一套文件托管服务器。该产品主要用于管理、共享Tableau Desktop数据可视化软件创建的数据可视化、交互式仪表板、工作簿和报告等。 此条漏洞编号已分配,漏洞详情即将更新。 来源:community.tableau.com 链接:https://community.tableau.com/community/security-bulletins/blog/2019/11/19/important-adv-2019-047-open-redirect-on-embeddedauthredirect-page 来源:nvd.
  • From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example
    Sorin Mustaca's IT Security news and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches. From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example.
  • openSUSE: 2019:2687-1: important: java-1_8_0-openjdk>
    An update that fixes 17 vulnerabilities is now available. openSUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2687-1 Rating: important References: #1138529 #1152856 #1154212....
  • Office 365: A guide to the updates
    Version 1911 (Build 12228.20364) Release date: December 10, 2019. This update offers a few minor bug fixes and several security updates. It fixes the right-click menu for Excel’s Pivot Charts to enable the “Show Detail” option and also fixes an issue in Outlook that allowed web add-ins to access Digital Rights Managed messages.
  • Nginx Log Check - Nginx Log Security Analysis Script
    Nginx Log Security Analysis Script. Features Statistics Top 20 Address; SQL injection analysis; Scanner alert analysis; Exploit detection; Sensitive path access; File contains attack; Webshell; Find URLs with response length Top 20; Looking for rare script file access; Find script file for 302 redirect Usage.
  • INFOSEC Squeeze Vol. 4 - Retailers Are Easy Targets, Crime is Up 20% in the U.S., and Yet Another Reminder to UPDATE YOUR SCHWACK Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
    Welcome to the fourth edition of the Secjuice Squeeze, where we present a selection of last weeks interesting infosec articles curated for your reading enjoyment in case you missed them! This week's volume was created by , Mike Peterson, and Miguel Calles. Point-of-Sale Attacks Have Leveled Up.
  • Mageia 2019-0391: libgit2 security update>
    libgit2 has been updated to version 0.28.4 to fix several security issues: * A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. MGASA-2019-0391 - Updated libgit2 packages fix security vulnerabilities....
  • Mageia 2019-0390: libvirt security update>
    Updated libvirt packages fix security vulnerabilities: An information leak which allowed to retrieve the guest hostname under readonly mode (CVE-2019-3886). MGASA-2019-0390 - Updated libvirt packages fix security vulnerabilities Publication date: 15 Dec 2019 URL: https://advisories.mageia.org/MGASA-2019-0390.

RSS Threats and Incidents

  • Vulnerabilidade na origem da fuga de dados da Equifax foi o principal ataque de rede no terceiro trimestre
    A WatchGuard Technologies , líder global em inteligência e segurança de rede, Wi-Fi seguro e autenticação multi-factor, anuncia a publicação do seu Relatório de Segurança na Internet para o terceiro trimestre de 2019 . Num período em que se registaram aumentos significativos nos ataques de malware e....
  • Debian LTS: DLA-2035-1: libpgf security update>
    An issue has been found in libpgf, a library to handle Progressive Graphics File (PGF). Package : libpgf Version : 6.14.12-3+deb8u1 CVE ID : CVE-2015-6673 An issue has been found in libpgf, a library to handle Progressive Graphics File (PGF). Due to lack of validation of ColorTableSize, a use-after-free issue might appear in Decoder.
  • Tableau Software Server 跨站脚本漏洞
    Tableau Software Server是美国塔谱软件(Tableau Software)公司的一套文件托管服务器。该产品主要用于管理、共享Tableau Desktop数据可视化软件创建的数据可视化、交互式仪表板、工作簿和报告等。 此条漏洞编号已分配,漏洞详情即将更新。 来源:community.tableau.com 链接:https://community.tableau.com/community/security-bulletins/blog/2019/11/19/important-adv-2019-047-open-redirect-on-embeddedauthredirect-page 来源:nvd.
  • From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example
    Sorin Mustaca's IT Security news and articles about information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, breaches. From iPhone to NT AUTHORITY\SYSTEM – exploit ‘Printconfig’ dll with a real-world example.
  • openSUSE: 2019:2687-1: important: java-1_8_0-openjdk>
    An update that fixes 17 vulnerabilities is now available. openSUSE Security Update: Security update for java-1_8_0-openjdk ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:2687-1 Rating: important References: #1138529 #1152856 #1154212....
  • Office 365: A guide to the updates
    Version 1911 (Build 12228.20364) Release date: December 10, 2019. This update offers a few minor bug fixes and several security updates. It fixes the right-click menu for Excel’s Pivot Charts to enable the “Show Detail” option and also fixes an issue in Outlook that allowed web add-ins to access Digital Rights Managed messages.
  • Nginx Log Check - Nginx Log Security Analysis Script
    Nginx Log Security Analysis Script. Features Statistics Top 20 Address; SQL injection analysis; Scanner alert analysis; Exploit detection; Sensitive path access; File contains attack; Webshell; Find URLs with response length Top 20; Looking for rare script file access; Find script file for 302 redirect Usage.
  • INFOSEC Squeeze Vol. 4 - Retailers Are Easy Targets, Crime is Up 20% in the U.S., and Yet Another Reminder to UPDATE YOUR SCHWACK Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
    Welcome to the fourth edition of the Secjuice Squeeze, where we present a selection of last weeks interesting infosec articles curated for your reading enjoyment in case you missed them! This week's volume was created by , Mike Peterson, and Miguel Calles. Point-of-Sale Attacks Have Leveled Up.
  • Mageia 2019-0391: libgit2 security update>
    libgit2 has been updated to version 0.28.4 to fix several security issues: * A carefully constructed commit object with a very large number of parents may lead to potential out-of-bounds writes or potential denial of service. MGASA-2019-0391 - Updated libgit2 packages fix security vulnerabilities....
  • Mageia 2019-0390: libvirt security update>
    Updated libvirt packages fix security vulnerabilities: An information leak which allowed to retrieve the guest hostname under readonly mode (CVE-2019-3886). MGASA-2019-0390 - Updated libvirt packages fix security vulnerabilities Publication date: 15 Dec 2019 URL: https://advisories.mageia.org/MGASA-2019-0390.

RSS Cyber Crime

  • 「野蛮さ」に見え隠れする「洗練」、ベネズエラ軍翻弄したサイバー「マチェーテ(山鉈)」とは
    2019 年 10 月、欧セキュリティ企業大手 ESET 本社があるスロバキアで「 ESET Global Press Event 」が開催された。このイベントは、よくある企業主催のプライベートイベントやカンファレンスとは異なり、派手な製品リリースやロードマップの発表はない。 初日のオープニングセッションやランチブレイク前などに、CTO や役員による企業紹介風セッションは形だけはあるものの、それ以外は同社アナリストによるマルウェアとサイバー攻撃の調査・研究レポート、同ホワイトペーパーをベースとした発表で構成される。R & D に強い同社らしい内容である。 ScanNetSecurity....
  • Most reports sent to CSM related to cyber fraud - The Star Online
    PAGOH: Over 70% of the reports received by CyberSecurity Malaysia (CSM) are related to cyber fraud. Its chief executive officer Datuk Dr Amirudin Abdul Wahab (pic) said they received some 9,800 cases through its hotline up to last month. Amirudin said the figure was expected to rise further to over 10,000 cases by year end.
  • New Orleans city computers offline after cyberattack
    New Orleans city employees were instructed to shut down their computers this weekend as a precaution after an apparent cyberattack. City officials have said there's no evidence that user passwords or data was lost in the attack. The NOLA.gov website was still down for "unplanned maintenance" Sunday,....
  • VISA warns of POS malware incidents at gas pumps across North America
    Payments processor VISA says North American merchants who operate gas stations and gas pumps are facing a rash of attacks from cybercrime groups wanting to deploy point-of-sale (POS) malware on their networks. In two security alerts published in November and December, respectively, VISA said its....
  • Andaz Brand Debuts in Dubai With the Opening of Andaz Dubai The Palm
    CHICAGO--( (NYSE: H) announced today the official opening of Andaz Dubai The Palm . Joining Andaz hotels in top destinations around the world, such as Amsterdam, London, New York, Tokyo, Seoul and Shanghai, the latest addition marks the first Andaz-branded hotel in Dubai and the second in the United Arab Emirates, following the opening of […]
  • Baidam Solutions Joins CrowdStrike’s Elevate Partner Program
    Partnership delivers next-generation endpoint protection to Indigenous communities, supporting education in Information and Communications Technology (ICT) sector. (Nasdaq: CRWD), a leader in cloud-delivered endpoint protection, today announced Baidam Solutions has joined the CrowdStrike Elevate Partner Program.
  • Iran defuses another cyber attack
    Iran’s telecommunications minister says the country has defused a second cyber attack in less than a week. Iran’s telecommunications minister announced on Sunday that the country has defused a second cyber attack in less than a week, The Associated Press reports.
  • Russia targeted Turkey with offensive cyber operations - Nordic Research and Monitoring Network
    Abdullah Bozkurt. Turkey was concerned that offensive Russian cyber operations in Syria were targeting Turkish entities and interests and sounded alarm bells that infiltration and hacking attempts might be launched, a classified internal memo from 2016 has shown.
  • New Orleans Responds to Cyber Attack - Tom's Hardware
    Tom's Hardware is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. It turns out there's one good thing about hurricanes: they can help the cities they hit prepare for cyber attacks. Or at least that's what New Orleans officials said after....
  • #cyberfraud | #cybercriminals | NZ losing millions from cyber crimes
    Potentially the biggest tech issue New Zealanders will confront next year, will be the growing impact of fake news and an inability to discern real from fake, NZTech chief executive Graeme Muller says. With massive increases in scams and phishing, criminals are benefiting from Kiwis’ cyber ambivalence, stealing more than $3.
Cyber Security Month 2019 in the Netherlands In the Netherlands, October 2019 will be all...
Digitpol partners with lgk consultancy to assist Governments with International Police Cooperation Digitpol partners with lgk...
An international crime gang which used malware to steal $100m (£77m) from more than 40,000...
WhatsApp discovers major ‘targeted’ surveillance attack WhatsApp have today announced a vulnerability that could have...
Vehicle Crime Prevention & Intelligence Digitpol’s has developed a custom ANPR solution for vehicle crime...
Digitpol, A cybercrime investigation firm based in Hong Kong and Europe has warned business owners...