The Trump administration is ordering U.S. federal executive branch agencies to remove anti-virus software from Russian-owned Kaspersky Lab from their computers within 90 days. The Department of Homeland Security, in a statement issued Wednesday, says Kaspersky security products pose a risk to federal information systems because they provide broad access […]
World Cyber News
PSA: New Microsoft Word 0day used in the wild
Microsoft has just patched an important vulnerability in Microsoft Word during its latest patch Tuesday cycle. According to the security firm that found it [1], this new zero-day (CVE-2017-8759) was used in targeted attacks to install a piece of malware known as FinFisher. Microsoft Office has been in the line of fire throughout the […]
ANDROID USERS VULNERABLE TO ‘HIGH-SEVERITY’ OVERLAY ATTACKS
Security researchers warned of a high-severity Android flaw on Thursday that stems from what they call a “toast attack” overlay vulnerability. Researchers say criminals could use the Android’s toast notification, a feature that provides simple feedback about an operation in a small pop up, in an attack scenario to obtain […]
More than 700 million email addresses leaked in huge data breach
A spambot has leaked more than 700 million email addresses and passwords publicly in a huge data breach. The data dump occurred thanks to a misconfigured spambot, dubbed ‘Onliner’, and was discovered by a Paris-based security researcher known as Benkow. Troy Hunt, an Australian computer security expert, who runs the […]
Equifax confirms up to 400,000 UK consumers at risk after data breach
One week after publicly revealing that a data breach had exposed the personal information and social security numbers of up to 143 million American consumers, the credit reporting agency has revealed more details of just how many people are affected in the UK. Although Equifax’s UK systems are said not […]
Passwords to over a half million car tracking devices leaked online
We’ve seen a lot of data breaches this year: some big, some small, some that are dangerous, and some that are just embarrassing. But if we were to name one as the creepiest data breach of 2017, this leak of logins for car tracking devices might take the cake. The Kromtech Security […]
Researchers link CCLEANER hack to cyberespionage group
The recent attack that resulted in 2.2 million users installing infected versions of a popular Windows system optimization tool might have been the work of a sophisticated cyberespionage group with a history of software supply chain compromises. Researchers from two security companies have established links between the malicious code surreptitiously added […]
Iranian APT33 targets US firms with destructive malware.
The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea. The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill wiper malware—a […]
Kaspersky banni de l’administration américaine
La sanction est tombée et ce n’est pas vraiment une surprise après la publication en juillet dernier d’un rapport du sénat américain recommandant le bannissement des solutions de Kaspersky Lab de toutes les instances fédérales. To read the original article : http://www.lemondeinformatique.fr/actualites/lire-kaspersky-banni-de-l-administration-americaine-69381.html
Google va suspendre les certificats Symantec dans Chrome
Au cours des prochains mois, Google a annoncé suspendre les certificats de sécurité de Symantec émis avant le 1er juin 2016 dans son navigateur web Chrome. Une décision qui intervient après de longs mois de discorde entre les deux fournisseurs. To read the original article : http://www.lemondeinformatique.fr/actualites/lire-google-va-suspendre-les-certificats-symantec-dans-chrome-69395.html