Cyber Security News

Le smartphone, indispensable dans l'enseignement intelligent

Cyber Security News - Mon, 08/06/2018 - 07:04
Pas de smartphone à l'école pour les élèves de moins de 15 ans. Voilà ce que vient de décider le gouvernement français. Il est surprenant que cet outil, si caractéristique de notre société actuelle, soit rejeté de l'enseignement français. Si nous voulons vraiment préparer nos enfants à demain, il....
Categories: Cyber Security News

CAN ANYTHING STOP CYBER ATTACKS? / [email protected]

Cyber Security News - Mon, 08/06/2018 - 07:02
The recent indictment of 12 Russian intelligence officers by the Justice Department for interfering in the 2016 U.S. presidential election underscores the severity and immense reach of cyber attacks, like no other in history. To influence the election’s outcome, authorities said these agents hacked....
Categories: Cyber Security News

Campaigns on their own as cyber threats roil midterms - TheSpec.com

Cyber Security News - Mon, 08/06/2018 - 06:54
The DNC now has a staff of 40 on its technical team, led by Krikorian and other Silicon Valley veterans hired in the months after Russians hacked the party's email system and released a trove of damaging messages in the months before President Donald Trump's 2016 victory. Top U.S.
Categories: Cyber Security News

Cyber security to be under the spotlight at AAD 2018 - defenceWeb

Cyber Security News - Mon, 08/06/2018 - 06:54
One of the new features at the Africa Aerospace and Defence (AAD) exhibition to be held at Air Force Base Waterkloof in September will be seminars, and one of the topics under the microscope will be cyber intelligence and warfare. The AAD organisers said the cyber security symposium is aimed at....
Categories: Cyber Security News

IT threat evolution Q2 2018

Cyber Security News - Mon, 08/06/2018 - 06:50
News and articles about cyber security, information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, trojans. Olympic Destroyer worm, Roaming Mantis mobile banker, Operation Parliament cyber-espionage campaign, SynAck ransomware and....
Categories: Cyber Security News

Monday review – the hot 23 stories of the week

Cyber Security News - Mon, 08/06/2018 - 06:50
News and articles about cyber security, information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, trojans. From the routers turning into zombie cryptojackers and the prisoners exploiting a vulnerability to steal $225K to SamSam, the....
Categories: Cyber Security News

Privacy International Takes Police Phone ‘Hacking’ Case to IPC

Cyber Security News - Mon, 08/06/2018 - 06:50
News and articles about cyber security, information security, vulnerabilities, exploits, patches, releases, software, features, hacks, laws, spam, viruses, malware, trojans. Privacy International Takes Police Phone ‘Hacking’ Case to IPC.
Categories: Cyber Security News

Building Customer Trust in the Age of Digital Services

Cyber Security News - Mon, 08/06/2018 - 06:50
The amount of security breaches experienced by organizations continues to increase, putting customer trust at stake. This means that the level of trust consumers put on companies to protect their personal data is more important than ever. However, there is a clear divide between how companies view....
Categories: Cyber Security News

Nixu signed 15 MEUR cybersecurity framework agreement Nixu Corporation

Cyber Security News - Mon, 08/06/2018 - 06:49
. August 2018 by Marc Jacob European cybersecurity company Nixu announced that it has concluded a wide-ranging framework agreement with its long-term client to operate as its cybersecurity integrator. The services provided through the contract cover a wide selection of Nixu’s and its partners’ holistic cybersecurity services.
Categories: Cyber Security News

Hot New IoT Devices – a Prime Target for DDoS Cyber Attacks

Cyber Security News - Mon, 08/06/2018 - 06:49
Hackers are Watching. Tech-hungry consumers keep their eyes peeled for major device announcements. Also watching are distributed denial of service (DDoS) attackers who have made the Internet of Things (IoT) their weapon of choice. These nefarious actors exploit millions of vulnerable IoT devices to....
Categories: Cyber Security News

How to use JWT tokens in ASP.Net Core 2

Cyber Security News - Mon, 08/06/2018 - 06:46
Take advantage of JSON Web Tokens to implement a loosely coupled security model in your ASP.Net Core applications Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. ASP.Net Core is an open source, cross-platform, lean,....
Categories: Cyber Security News

[webapps] LAMS < 3.1 - Cross-Site Scripting

Cyber Security News - Mon, 08/06/2018 - 06:44
# Exploit Title: LAMS < 3.1 - Cross-Site Scripting # Date: 2018-08-05 # Exploit Author: Nikola Kojic # Website: https://ras-it.rs/ # Vendor Homepage: https://www.lamsfoundation.org/ # Software Link: https://www.lamsfoundation.org/downloads_home.htm # Category: Web Application # Platform: Java # Version: <= 3.
Categories: Cyber Security News

[webapps] onArcade 2.4.2 - Cross-Site Request Forgery (Add Admin)

Cyber Security News - Mon, 08/06/2018 - 06:44
# Exploit Title: Cross-Site Request Forgery (Add Admin) # Google Dork: Powered by onArcade v2.4.2 # Date: 2018/August/4 # Author: r3m0t3nu11[Zero-way] # Software Link: ["http://www.onarcade.com"] # Version: ["Uptodate"] the appilication is vulnerable to CSRF attack (No CSRF token in place) meaning....
Categories: Cyber Security News

Democrats' CSO: Don't Use ZTE, Huawei Mobile Devices

Cyber Security News - Mon, 08/06/2018 - 06:42
ZTE agreed to pay $1.4 billion in fines and jettisoned its board of directors in June after the U.S. sanctioned the company for violating trade sanctions against Iran and North Korea. The chief security officer for the Democratic National Committee is advising officials to not use mobile devices made by Chinese manufacturers ZTE and Huawei.
Categories: Cyber Security News

Fortnite APK Download for Android Won't Be Available on Google Play Store

Cyber Security News - Mon, 08/06/2018 - 06:38
There's both good news and bad news for Fortnite game lovers. Fortnite, one of the most popular games in the world right now, is coming to Android devices very soon, but players would not be able to download Fortnite APK from the Google Play Store. Instead, Epic Games software development company....
Categories: Cyber Security News

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid Against …

Security Affairs - Mon, 08/06/2018 - 06:37
DoE announced the Liberty Eclipse exercise to test the electrical grid ‘s ability to recover from a blackout caused by cyberattacks.

This is the first time the Department of Energy will test the electrical grid’s ability to recover from a blackout caused by cyberattacks.

We have discussed many times the effects of a cyber attack against an electrical grid, the most scaring scenario sees wide power outage bringing population in the dark.

Is this a feasible scenario for the US critical infrastructure?

The Department of Energy wants to test the resilience of an electrical grid to a cyber attack, so it’s going to launch the first hands-on exercise to test the ability of the operators of such infrastructure in recovering from a blackout caused by a cyber attack.

According to the E&E News website, the Department of Energy plans to conduct a weeklong experiment, dubbed ‘Liberty Eclipse,’ that will take place starting Nov. 1 on a restricted area off the cost of New York called Plum Island.

“The Department of Energy is planning an unprecedented, “hands-on” test of the grid’s ability to bounce back from a blackout caused by hackers, E&E News has learned.” reported the E&E News website.

“The “Liberty Eclipse” exercise will simulate the painstaking process of re-energizing the power grid while squaring off against a simultaneous cyberattack on electric, oil and natural gas infrastructure. The weeklong stress test is scheduled to take place this November on Plum Island, a restricted site off the coast of New York that houses a Department of Homeland Security animal disease center.”

This is the first time that the Department of Energy is planning such kind of “hands-on” test of the grid’s ability to restore operations from a blackout caused by a cyber attack. The “Liberty Eclipse” exercise aims at evaluating the response of the infrastructure to coordinated attacks against an electric, oil and natural gas infrastructure. The DOE wants to prepare the infrastructure of the country for threats.

“It’s in our national security interest to continue to protect these sources of energy and to deliver them around the world,” Energy Secretary Rick Perry said at a cybersecurity conference in New York last week.

“Taking care of that infrastructure, from the standpoint of protecting it from cyberattacks — I don’t think it’s ever been more important than it is today.”

The goal of the Liberty Eclipse exercise is to prepare the response to a major incident caused by cyber attacks, that could be frequent events in a short future. Utilities that have to restore electricity following massive blackouts first need to provide initial jump of electricity before they can start generating it.

This operation is done by the operators by using diesel generators and other blackstart sources to choreograph “cranking paths” for restoring the functions of the electrical grid.

“Utilities can’t just flip a few switches to bring the lights on following a major shutdown. In fact, power plants typically need an initial jump of electricity before they can start generating it.” continues the E&E News website. Power companies rely on diesel generators and other blackstart sources to choreograph “cranking paths” for bringing the grid on its feet. Once enough pockets of electricity have been brought online, operators can sync up the islands with the wider grid.”

The entire process is time-consuming and can take many hours to be completed, even under the most favorable circumstances.

The DOE aims at speed up the restoration of the electrical grid by incorporating simulated cranking paths, provided by the Defense Advanced Research Projects Agency, that were designed for this reason.

“Together, [participants] will work to energize a blackstart cranking path by detecting the attack, cleaning malicious influence, and restoring crank path digital systems to operation,” the DOE states in a planning memo from last month.

This is the first exercise that is going to test the “blackstart” cranking paths that were excluded from previous simulations.

window._mNHandle = window._mNHandle || {}; window._mNHandle.queue = window._mNHandle.queue || []; medianet_versionId = "3121199"; try { window._mNHandle.queue.push(function () { window._mNDetails.loadTag("762221962", "300x250", "762221962"); }); } catch (error) {}

Pierluigi Paganini

(Security Affairs – Electrical Grid, hacking)

The post Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid Against … appeared first on Security Affairs.

Categories: Cyber Security News

Malwarebytes釋出可偵測惡意程式與詐騙客服的瀏覽器擴充程式

Cyber Security News - Mon, 08/06/2018 - 06:34
防毒軟體業者 Malwarebytes於本周發表了支援Chrome與Firefox的擴充程式版本 ,可在使用者瀏覽網路時,協助封鎖惡意網站、過濾垃圾內容,還能偵測詐騙的技術支援服務。 2006年發表的Malwarebytes原本就開發了支援Windows、macOS、Android與iOS的防毒軟體,它有可偵測與移除惡意程式的免費版,也提供可定期掃描、即時保護與隨身碟掃描的進階付費版,支援瀏覽器的擴充程式版則可免費安裝,惟目前仍為測試(Beta)版。 Malwarebytes擴充程式版可封鎖瀏覽器劫持或上鎖行為,這些通常是駭客用來執行詐騙客服的技術,以用來推銷偽造且昂貴的技術支援服務;它也能用來....
Categories: Cyber Security News

Do you have a data breach response plan?

Cyber Security News - Mon, 08/06/2018 - 06:32
The EU GDPR (General Data Protection Regulation) requires organisations to respond to serious data breaches within 72 hours of detection. This places a significant burden on organisations: taking the appropriate measures to comply with the law while simultaneously dealing with the collateral impact....
Categories: Cyber Security News

An introduction to Kit Hunter, a phishing kit detector | Salted Hash Ep 40

Cyber Security News - Mon, 08/06/2018 - 06:31
. CSO Online Aug 6, 2018. Kit Hunter, a basic Python script written by host Steve Ragan, searches on common tag elements to find hidden phishing kits on a web server.
Categories: Cyber Security News

IT threat evolution Q2 2018. Statistics

Cyber Security News - Mon, 08/06/2018 - 06:31
Q2 figures. According to KSN: Kaspersky Lab solutions blocked 962,947,023 attacks launched from online resources located in 187 countries across the globe. 351,913,075 unique URLs were recognized as malicious by Web Anti-Virus components. Attempted infections by malware designed to steal money via....
Categories: Cyber Security News

Pages