ICT Security-Sécurité PC et Internet
87.2K views | +1 today
Follow
ICT Security-Sécurité PC et Internet
Education Technology
ICT Security + Privacy + Piracy + Data Protection - Censorship - Des cours et infos gratuites sur la"Sécurité PC et Internet" pour usage non-commercial... (FR, EN+DE)...
Curated by Gust MEES
Your new post is loading...
Your new post is loading...
Scooped by Gust MEES
December 21, 2016 8:09 AM
Scoop.it!

Correction express pour faille critique dans Ubuntu | #Linux #Update asap!!

Correction express pour faille critique dans Ubuntu | #Linux #Update asap!! | ICT Security-Sécurité PC et Internet | Scoop.it
From www.silicon.fr - December 21, 2016 3:54 AM
Le système de rapport de bugs d’Ubuntu était touché par des failles. Des vulnérabilités promptement corrigées par les développeurs.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

 

Gust MEES's insight:
Le système de rapport de bugs d’Ubuntu était touché par des failles. Des vulnérabilités promptement corrigées par les développeurs.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
December 9, 2016 5:10 PM
Scoop.it!

Three serious Linux kernel security holes patched | #Update asap!!! | #CyberSecurity

Three serious Linux kernel security holes patched | #Update asap!!! | #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - December 9, 2016 4:48 PM
The good news is developers are looking very closely at Linux's core code for possible security holes. The bad news is they're finding them.

At least the best news is that they're fixing them as soon as they're uncovered.

The latest three kernel vulnerabilities are designated CVE-2016-8655, CVE-2016-6480, and CVE-2016-6828. Of these, CVE-2016-8655 is the worst of the bunch. It enables local users, which can include remote users with virtual and cloud-based Linux instances, to crash the system or run arbitrary code as root.

MORE SECURITY NEWS

US government seeks more data on Apple customers
Electronics-sniffing dogs: How K9s became a secret weapon for solving high-tech crimes
This 'highly personalized' malware campaign targets retailers with phony customer queries
How the Cyber Kangaroo can help defend the Internet of Things
In short, it's nasty.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

 

Gust MEES's insight:
The good news is developers are looking very closely at Linux's core code for possible security holes. The bad news is they're finding them.

At least the best news is that they're fixing them as soon as they're uncovered.

The latest three kernel vulnerabilities are designated CVE-2016-8655, CVE-2016-6480, and CVE-2016-6828. Of these, CVE-2016-8655 is the worst of the bunch. It enables local users, which can include remote users with virtual and cloud-based Linux instances, to crash the system or run arbitrary code as root.

MORE SECURITY NEWS

US government seeks more data on Apple customers
Electronics-sniffing dogs: How K9s became a secret weapon for solving high-tech crimes
This 'highly personalized' malware campaign targets retailers with phony customer queries
How the Cyber Kangaroo can help defend the Internet of Things
In short, it's nasty.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 31, 2016 12:14 PM
Scoop.it!

BSI-Empfehlung: iCloud und iTunes für Windows aktualisieren | #Update asap!! #Updates

BSI-Empfehlung: iCloud und iTunes für Windows aktualisieren | #Update asap!! #Updates | ICT Security-Sécurité PC et Internet | Scoop.it
From www.pcwelt.de - October 31, 2016 12:10 PM
macOS Sierra sowie dazugehörende Software wurde im Vorfeld der Keynote aktualisiert, nun folgen Sicherheitsupdates für Windows.

 

Gust MEES's insight:

macOS Sierra sowie dazugehörende Software wurde im Vorfeld der Keynote aktualisiert, nun folgen Sicherheitsupdates für Windows.

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
April 6, 2016 7:01 PM
Scoop.it!

Ubuntu Patches Kernel Vulnerabilities | #Linux #CyberSecurity

Ubuntu Patches Kernel Vulnerabilities | #Linux #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From threatpost.com - April 6, 2016 3:49 PM
Several vulnerabilities in Ubuntu’s implementation of the Linux kernel, including a use-after-free vulnerability and a timing side-channel vulnerability, were patched today.

An advisory issued by Ubuntu Wednesday morning urges users to patch if they’re running 14.04 LTS or any derivative builds.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

 

Gust MEES's insight:
Several vulnerabilities in Ubuntu’s implementation of the Linux kernel, including a use-after-free vulnerability and a timing side-channel vulnerability, were patched today.

An advisory issued by Ubuntu Wednesday morning urges users to patch if they’re running 14.04 LTS or any derivative builds.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 19, 2016 9:10 AM
Scoop.it!

Years-old critical GNU C Library vulnerability patched by open source providers | Linux | CyberSecurity

Years-old critical GNU C Library vulnerability patched by open source providers | Linux | CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.grahamcluley.com - February 18, 2016 7:39 PM
Ubuntu, Red Hat, and a number of other leading open source solutions providers have patched a critical vulnerability in the GNU C Library that has been around for years.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


Gust MEES's insight:
Ubuntu, Red Hat, and a number of other leading open source solutions providers have patched a critical vulnerability in the GNU C Library that has been around for years.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 17, 2016 12:58 PM
Scoop.it!

Patch Linux now, Google, Red Hat warn, over critical glibc bug | CyberSecurity | Updates

Patch Linux now, Google, Red Hat warn, over critical glibc bug | CyberSecurity | Updates | ICT Security-Sécurité PC et Internet | Scoop.it
From www.zdnet.com - February 17, 2016 12:56 PM
Google has disclosed details of an open-source bug in the GNU C Library affecting a large number of Linux distributions, software and devices.




Learn more:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


Gust MEES's insight:
Google has disclosed details of an open-source bug in the GNU C Library affecting a large number of Linux distributions, software and devices.


Learn more:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
December 14, 2016 11:42 AM
Scoop.it!

ALERT!!! | Millions of websites at risk, as Joomla high level security flaw... | #Update asap!!! #CyberSecurity

ALERT!!! | Millions of websites at risk, as Joomla high level security flaw... | #Update asap!!! #CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From hotforsecurity.bitdefender.com - December 14, 2016 10:22 AM

If you're running a website of any size there is a good chance that you are using a content management system (CMS). 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Joomla

 

Gust MEES's insight:

If you're running a website of any size there is a good chance that you are using a content management system (CMS). 

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=Joomla

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
November 30, 2016 8:55 PM
Scoop.it!

ALERT! Mozilla and Tor release urgent update for Firefox 0-day under active attack | #CyberSecurity #Anonymity

ALERT! Mozilla and Tor release urgent update for Firefox 0-day under active attack | #CyberSecurity #Anonymity | ICT Security-Sécurité PC et Internet | Scoop.it
From arstechnica.com - November 30, 2016 4:20 PM
Developers with both Mozilla and Tor have published browser updates that patch a critical Firefox vulnerability being actively exploited to deanonymize people using the privacy service.

FURTHER READING
Firefox 0-day in the wild is being used to attack Tor users
"The security flaw responsible for this urgent release is already actively exploited on Windows systems," a Tor official wrote in an advisory published Wednesday afternoon. "Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well. Thus we strongly recommend that all users apply the update to their Tor Browser immediately."

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=TOR

 

Gust MEES's insight:
Developers with both Mozilla and Tor have published browser updates that patch a critical Firefox vulnerability being actively exploited to deanonymize people using the privacy service.

FURTHER READING
Firefox 0-day in the wild is being used to attack Tor users
"The security flaw responsible for this urgent release is already actively exploited on Windows systems," a Tor official wrote in an advisory published Wednesday afternoon. "Even though there is currently, to the best of our knowledge, no similar exploit for OS X or Linux users available, the underlying bug affects those platforms as well. Thus we strongly recommend that all users apply the update to their Tor Browser immediately."

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet/?tag=TOR

 

 

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
October 11, 2016 8:16 PM
Scoop.it!

Microsoft: No More Pick-and-Choose Patching | #CyberSecurity #Updates #Responsibility #eSkills #ICT

Microsoft: No More Pick-and-Choose Patching | #CyberSecurity #Updates #Responsibility #eSkills #ICT | ICT Security-Sécurité PC et Internet | Scoop.it
From krebsonsecurity.com - October 11, 2016 8:16 PM
Adobe and Microsoft today each issued updates to fix critical security flaws in their products. Adobe’s got fixes for Acrobat and Flash Player ready. Microsoft’s patch bundle for October includes fixes for at least five separate “zero-day” vulnerabilities — dangerous flaws that attackers were already exploiting prior to today’s patch release. Also notable this month is that Microsoft is changing how it deploys security updates, removing the ability for Windows users to pick and choose which individual patches to install.

Zero-day vulnerabilities describe flaws that even the makers of the targeted software don’t know about before they start seeing the flaws exploited in the wild, meaning the vendor has “zero days” to fix the bugs.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet

 

Gust MEES's insight:
Adobe and Microsoft today each issued updates to fix critical security flaws in their products. Adobe’s got fixes for Acrobat and Flash Player ready. Microsoft’s patch bundle for October includes fixes for at least five separate “zero-day” vulnerabilities — dangerous flaws that attackers were already exploiting prior to today’s patch release. Also notable this month is that Microsoft is changing how it deploys security updates, removing the ability for Windows users to pick and choose which individual patches to install.

Zero-day vulnerabilities describe flaws that even the makers of the targeted software don’t know about before they start seeing the flaws exploited in the wild, meaning the vendor has “zero days” to fix the bugs.

 

Learn more / En savoir plus / Mehr erfahren:

 

http://www.scoop.it/t/securite-pc-et-internet

 

 

more...
Scooped by Gust MEES
February 19, 2016 11:34 AM
Scoop.it!

Krypto-Trojaner Locky: Was tun gegen den Windows-Schädling | Ransomware | CyberSecurity

Krypto-Trojaner Locky: Was tun gegen den Windows-Schädling | Ransomware | CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.heise.de - February 19, 2016 11:16 AM
Gegen den Verschlüsselungs-Trojaner Locky ist noch kein Kraut gewachsen. Umso wichtiger ist eine hinreichende Vorsorge, damit bei einer Infektion keine Dateien unrettbar verloren gehen. Deswegen sollten Computernutzer einiges beachten.


Vorsorge gegen Krypto-Trojaner Locky
  • Legen Sie regelmäßig Backups Ihrer wichtigen Dateien an. Der Backup-Datenträger darf nicht dauerhaft mit dem Rechner verbunden sein, da er sonst ebenfalls verschlüsselt wird. 
  • Halten Sie Ihre System (insbesondere Betriebssystem, Office, Browser und Plug-ins) auf dem aktuellen und somit sichersten Stand. 
  • Stellen Sie sicher, dass Ihr System von einem Virenscanner geschützt wird, der auf aktuelle Signaturen zurückgreift. Ab Windows 8 ist das Schutzprogramm Defender vorinstalliert. 
  • Konfigurieren Sie Microsoft Office so, dass Makro-Code gar nicht oder erst nach einer Rückfrage ausgeführt wird (siehe Bilderstrecke).
  • Lassen Sie Makro-Code nur bei Dokumenten aus vertrauenswürdigen Quellen zu – und auch nur dann, wenn es unbedingt notwendig ist. 
  • Öffnen Sie keine Dateianhänge von Mails, an deren Vertrauenswürdigkeit auch nur der geringste Zweifel besteht. Nehmen Sie sich insbesondere vor Rechnungs-Mails in Acht, die Sie nicht zuordnen können. 
  • Starten Sie keine ausführbaren Dateien, an deren Vertrauenswürdigkeit Sie zweifeln.



Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=LOCKY


http://www.scoop.it/t/securite-pc-et-internet/?tag=RANSOMWARE


Gust MEES's insight:
Gegen den Verschlüsselungs-Trojaner Locky ist noch kein Kraut gewachsen. Umso wichtiger ist eine hinreichende Vorsorge, damit bei einer Infektion keine Dateien unrettbar verloren gehen. Deswegen sollten Computernutzer einiges beachten.Vorsorge gegen Krypto-Trojaner Locky
  • Legen Sie regelmäßig Backups Ihrer wichtigen Dateien an. Der Backup-Datenträger darf nicht dauerhaft mit dem Rechner verbunden sein, da er sonst ebenfalls verschlüsselt wird. 
  • Halten Sie Ihre System (insbesondere Betriebssystem, Office, Browser und Plug-ins) auf dem aktuellen und somit sichersten Stand. 
  • Stellen Sie sicher, dass Ihr System von einem Virenscanner geschützt wird, der auf aktuelle Signaturen zurückgreift. Ab Windows 8 ist das Schutzprogramm Defender vorinstalliert. 
  • Konfigurieren Sie Microsoft Office so, dass Makro-Code gar nicht oder erst nach einer Rückfrage ausgeführt wird (siehe Bilderstrecke).
  • Lassen Sie Makro-Code nur bei Dokumenten aus vertrauenswürdigen Quellen zu – und auch nur dann, wenn es unbedingt notwendig ist. 
  • Öffnen Sie keine Dateianhänge von Mails, an deren Vertrauenswürdigkeit auch nur der geringste Zweifel besteht. Nehmen Sie sich insbesondere vor Rechnungs-Mails in Acht, die Sie nicht zuordnen können. 
  • Starten Sie keine ausführbaren Dateien, an deren Vertrauenswürdigkeit Sie zweifeln.



Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=LOCKY


http://www.scoop.it/t/securite-pc-et-internet/?tag=RANSOMWARE

more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 18, 2016 5:03 PM
Scoop.it!

Linux distros aren't updating WebKit, making web browsers and email clients vulnerable | CyberSecurity

Linux distros aren't updating WebKit, making web browsers and email clients vulnerable | CyberSecurity | ICT Security-Sécurité PC et Internet | Scoop.it
From www.pcworld.com - February 17, 2016 7:00 PM
The WebKit rendering engine used in many Linux applications is a complete security mess. That’s the takeaway from a blog post by Michael Catanzaro, who works on GNOME’s WebKitGTK+ project. He’s sounding the alarm about a problem the open-source community needs to fix.

The problem with WebKit
Most web browsers issue regular security updates to their users. But, if you’re using a WebKit-based browser, or email client, or any other application that uses that rendering engine, on Linux, you almost certainly aren’t getting security updates.

WebKit is a large open-source project. Apple uses WebKit for Safari on Mac and iOS, and those versions of WebKit receive regular security updates. But the WebKit port used for Linux does not.

The common port used by Linux distros is WebKitGTK+, which is associated with GNOME software and other applications that use the GTK+ toolkit. This includes Epiphany, GNOME’s flagship web browser, often called simply “Web” or “GNOME Web.” It also includes a variety of other applications, such as the Evolution email client, Midori web browser, GIMP image-editing program, Banshee and Rhythmbox media players, and many other programs.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


Gust MEES's insight:
The WebKit rendering engine used in many Linux applications is a complete security mess. That’s the takeaway from a blog post by Michael Catanzaro, who works on GNOME’s WebKitGTK+ project. He’s sounding the alarm about a problem the open-source community needs to fix.

The problem with WebKit
Most web browsers issue regular security updates to their users. But, if you’re using a WebKit-based browser, or email client, or any other application that uses that rendering engine, on Linux, you almost certainly aren’t getting security updates.

WebKit is a large open-source project. Apple uses WebKit for Safari on Mac and iOS, and those versions of WebKit receive regular security updates. But the WebKit port used for Linux does not.

The common port used by Linux distros is WebKitGTK+, which is associated with GNOME software and other applications that use the GTK+ toolkit. This includes Epiphany, GNOME’s flagship web browser, often called simply “Web” or “GNOME Web.” It also includes a variety of other applications, such as the Evolution email client, Midori web browser, GIMP image-editing program, Banshee and Rhythmbox media players, and many other programs.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


more...
No comment yet.
Sign up to comment
Scooped by Gust MEES
February 16, 2016 2:57 PM
Scoop.it!

ALERT!!! Glibc: Sicherheitslücke gefährdet fast alle Linux-Systeme - #Update asap!!!

ALERT!!! Glibc: Sicherheitslücke gefährdet fast alle Linux-Systeme - #Update asap!!! | ICT Security-Sécurité PC et Internet | Scoop.it
From www.golem.de - February 16, 2016 2:47 PM
Sicherheitslücke gefährdet fast alle Linux-Systeme
Eine schwerwiegende Sicherheitslücke klafft in der Glibc-Bibliothek, die in fast allen Linux-Systemen genutzt wird: Eine DNS-Funktion erlaubt die Ausführung von bösartigem Code. Nutzer sollten schnellstmöglich Updates installieren.
Diese Sicherheitslücke hat es in sich: Mittels gezielter DNS-Antworten lässt sich unter Umständen die Namensauflösungsfunktion der Glibc-Bibliothek dazu bringen, fremden Code auszuführen. Die Glibc ist die Standard-C-Bibliothek, die üblicherweise auf Linux-Systemen zum Einsatz kommt.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux



Gust MEES's insight:
Sicherheitslücke gefährdet fast alle Linux-Systeme
Eine schwerwiegende Sicherheitslücke klafft in der Glibc-Bibliothek, die in fast allen Linux-Systemen genutzt wird: Eine DNS-Funktion erlaubt die Ausführung von bösartigem Code. Nutzer sollten schnellstmöglich Updates installieren.
Diese Sicherheitslücke hat es in sich: Mittels gezielter DNS-Antworten lässt sich unter Umständen die Namensauflösungsfunktion der Glibc-Bibliothek dazu bringen, fremden Code auszuführen. Die Glibc ist die Standard-C-Bibliothek, die üblicherweise auf Linux-Systemen zum Einsatz kommt.


Learn more / En savoir plus / Mehr erfahren:


http://www.scoop.it/t/securite-pc-et-internet/?tag=Linux


more...
No comment yet.
Sign up to comment
About Follow us Resources Terms Mobile Features
Facebook
X
LinkedIn