What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-15 14:00:20 | Railway Cybersecurity Firm Cylus Raises $30 Million (lien direct) | Tel Aviv, Israel-based railway cybersecurity firm Cylus has raised $30 million in a Series B funding round led by U.S. firm Ibex Investors and joined by Vertex Growth Fund, Strides International Business, Magma Venture Partners, Vertex Ventures Israel, Zohar Zisapel, and Glenrock Israel. | |||
|
2021-12-15 12:58:51 | SAP Patches Log4Shell Vulnerability in 20 Applications (lien direct) | German software maker SAP is scrambling to patch the Log4Shell vulnerability in its applications and has rolled out fixes for tens of other severe flaws in its products. | Vulnerability | ||
|
2021-12-15 12:42:48 | Recent Ransomware Trends Reinforce the Need for Cyber Hygiene, Collaboration (lien direct) | It's no secret that ransomware has reached near-epic proportions. We are hearing about ransomware attacks left and right – and those are just the ones we hear about. For every attack that makes the headlines, there are many more that don't. | Ransomware | ||
|
2021-12-15 12:33:33 | Sysdig Raises $350 Million at $2.5 Billion Valuation (lien direct) | Container and cloud security company Sysdig on Wednesday announced raising $350 million in a Series G funding round, at a valuation of $2.5 billion. | |||
|
2021-12-15 11:49:57 | Log4Shell Tools and Resources for Defenders (lien direct) |
Type:
Story
Image:
Link:
Log4Shell Tools and Resources for Defenders - Continuously Updated
Log4Shell Tools and Resources for Defenders - Continuously Updated
|
|||
|
2021-12-15 11:47:36 | Problematic Log4j Functionality Disabled as More Security Issues Come to Light (lien direct) | Developers of the widely used Apache Log4j Java-based logging tool have disabled problematic functionality as more security issues have come to light. | Tool | ||
|
2021-12-15 09:40:31 | Web Browsing Security Firm Guardio Raises $47 Million (lien direct) | Web browsing protection tool Guardio on Tuesday announced that it came out of bootstrap mode with $47 million in funding. Guardio's first ever investment round was led by Tiger Global. Cerca Partners, Emerge, Samsung Next, Union, and Vintage also participated. | Tool | ||
|
2021-12-15 04:54:29 | HR Management Firm Kronos Needs Weeks to Recover From Ransomware Attack (lien direct) | HR management platform Ultimate Kronos Group (UKG) on Monday started notifying customers that it fell victim to a ransomware attack that took down multiple applications over the weekend. | Ransomware | ||
|
2021-12-15 03:11:17 | EXPLAINER: The Security Flaw That\'s Freaked Out the Internet (lien direct) | Security pros say it's one of the worst computer vulnerabilities they've ever seen. | |||
|
2021-12-15 02:13:24 | Chinese, Iranian State Hackers Exploiting Log4j Flaw: Mandiant (lien direct) | Chinese and Iranian state actors are exploiting the recently disclosed “Log4Shell” vulnerability that has sparked chaos across the tech world, cybersecurity firm Mandiant warned late Tuesday. | Vulnerability | ||
|
2021-12-14 21:30:34 | Dan Kaminsky Inducted into Internet Hall of Fame (lien direct) | Famed hacker Dan Kaminsky has been inducted in the Internet Society's Hall of Fame for his groundbreaking contributions to DNS (domain name system) security. | |||
|
2021-12-14 19:17:57 | Microsoft Patches 67 Security Flaws, Including Zero-Day Exploited by Emotet (lien direct) | Microsoft's security response engine revved into overdrive this month with the release of patches for 67 documented Windows software vulnerabilities, including a zero-day bug that's already been exploited by one of the most professional and long lasting cybercrime gangs. | |||
|
2021-12-14 18:32:27 | Adobe Joins Security Patch Tuesday Frenzy (lien direct) | Software maker Adobe has issued critical warnings for security vulnerabilities in multiple products running on Windows and macOS machines. | |||
|
2021-12-14 16:00:24 | Apple Patches Vulnerabilities That Earned Hackers $500,000 at Chinese Contest (lien direct) | The iOS and macOS security updates released on Monday by Apple patch vulnerabilities that earned researchers more than $500,000 at a Chinese hacking contest earlier this year. | |||
|
2021-12-14 14:11:35 | Log4Shell Tools and Resources for Defenders - Continuously Updated (lien direct) | 
The widely used Apache Log4j Java-based logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including to deliver various types of malware.
|
Tool Vulnerability | ||
|
2021-12-14 13:30:39 | Iranian APT Targets Middle East Telecoms Operators in Espionage Campaign (lien direct) | A cyberespionage campaign targeting telecoms operators, IT services organizations, and a utility company in the Middle East and other parts of Asia has been linked to the Iran-nexus advanced persistent threat (APT) actor tracked as MuddyWater, Symantec reports. | Threat | ||
|
2021-12-14 13:00:40 | Officials: Virginia IT Agency Hit With Ransomware Attack (lien direct) | The information technology agency that serves Virginia's legislature has been hit by a ransomware attack that has substantially affected its operations, state officials said Monday. | Ransomware | ||
|
2021-12-14 12:16:40 | Ransomware, Trojans, DDoS Malware and Crypto-Miners Delivered in Log4Shell Attacks (lien direct) |
Several types of malware are being delivered in attacks exploiting the recently disclosed Log4j vulnerability named Log4Shell and LogJam.
|
Malware Vulnerability | ||
|
2021-12-14 11:57:17 | Chrome 96 Update Patches Exploited Zero-Day Vulnerability (lien direct) | Google on Monday announced a Chrome 96 update that patches five vulnerabilities, including a zero-day that has been exploited in attacks. The most severe of these vulnerabilities can be exploited to execute arbitrary code in the context of the browser. | Vulnerability | ||
|
2021-12-14 11:20:49 | Connect: The Fourth Pillar of Industrial Cybersecurity (lien direct) | Recent attacks on U.S. critical infrastructure and actions by the U.S. government, including the July 28, 2021 National Security Memorandum, have added urgency to the need to modernize industrial control systems' cybersecurity capabilities. | |||
|
2021-12-14 11:07:53 | Cybersecurity is Under Assault, And It\'s Growing Worse (lien direct) | You don't have to look very far for evidence of just how widespread cybercrime has become. Unfortunately, many of us don't even have to look beyond our own inboxes. And sadly, the situation is getting worse. It is now bad enough that in April, the U.S. proposed a bipartisan lawmaker group form a “Civilian Cybersecurity Reserve,” to create a surge capacity of cyber expertise, patterned after the National Guard, that would respond to incidents affecting government networks. | |||
|
2021-12-14 09:34:08 | Industrial Organizations Targeted in Log4Shell Attacks (lien direct) | Industrial organizations are exposed to attacks leveraging a recently disclosed - and already exploited - vulnerability affecting the widely used Log4j logging utility. | Vulnerability | ||
|
2021-12-13 20:08:46 | Apple Patches 42 Security Flaws in Latest iOS Refresh (lien direct) | Apple has released a major point-update to its flagship iOS mobile operating system, beefing up app privacy protections and patching at least 42 security defects that expose users to malicious hacker attacks. | Patching | ||
|
2021-12-13 16:08:01 | Ransomware Affiliate Arrested in Romania (lien direct) | Europol and the Romanian National Police on Monday announced the arrest of an individual allegedly involved in a ransomware operation targeting multiple high-profile organizations. The suspect, a 41-year-old from Craiova, Romania, was arrested in the early hours of the morning at his house. | Ransomware | ||
|
2021-12-13 14:48:10 | Logistics Firm Hellmann Scrambling to Recover From Cyberattack (lien direct) | International logistics company Hellmann Worldwide Logistics is scrambling to restore operations after a cyberattack forced it to isolate its central data center from the rest of its environment. | |||
|
2021-12-13 13:45:28 | (Déjà vu) Cybersecurity M&A Roundup for December 1-12, 2021 (lien direct) | 
Eighteen cybersecurity-related acquisitions were announced December 1-12, 2021.
|
|||
|
2021-12-13 13:40:52 | Germany Jails Operators of \'Cyberbunker\' Darknet Hub (lien direct) | Eight people were handed jail sentences in Germany on Monday for operating a web-hosting service in a former NATO bunker that enabled illegal trade in drugs, stolen data and child pornography. | |||
|
2021-12-13 12:31:08 | CISA Expands \'Must-Patch\' List With Log4j, FortiOS, Other Vulnerabilities (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 13 new vulnerabilities to its list of security errors known to be exploited, including Apache Log4j and Fortinet FortiOS bugs that were disclosed last week. | |||
|
2021-12-13 11:31:45 | Companies Respond to Log4Shell Vulnerability as Attacks Rise (lien direct) | 
Government organizations and the private sector are responding to the disclosure of a critical vulnerability affecting the widely used Log4j logging utility, as exploitation attempts are on the rise.
|
Vulnerability | ★★ | |
|
2021-12-13 11:00:58 | Mirai-Based \'Manga\' Botnet Targets Recent TP-Link Vulnerability (lien direct) | A newly discovered variant of the Mirai-based Manga botnet is targeting a vulnerability in TP-Link routers that was addressed last month. | Vulnerability | ||
|
2021-12-13 09:38:50 | Indian PM\'s Twitter Hacked Again by Crypto Scammers (lien direct) | Indian Prime Minister Narendra Modi's Twitter account was hacked Sunday with a message declaring his country had adopted bitcoin as legal tender and was distributing the cryptocurrency to citizens. Modi is a prolific tweeter and is the world's most popular incumbent politician on the platform, with more than 73 million followers on his main account. | |||
|
2021-12-10 17:10:37 | Hackers Steal Research Data From Sweden\'s Volvo Cars (lien direct) | Swedish manufacturer Volvo Cars said Friday that hackers had stolen research and development data from its systems in a cyberattack. The company, owned by China's Geely, "has become aware that one of its file repositories has been illegally accessed by a third party," it said. | |||
|
2021-12-10 16:53:07 | Exploits Swirling for Major Security Defect in Apache Log4j (lien direct) | Enterprise security response teams are bracing for a hectic weekend as public exploits -- and in-the-wild attacks -- circulate for a gaping code execution hole in the widely used Apache Log4j utility. | |||
|
2021-12-10 15:08:05 | WD Updates SanDisk SecureAccess to Prevent Dictionary, Brute Force Attacks (lien direct) | Western Digital has updated its SanDisk SecureAccess product to address vulnerabilities that can be exploited to gain access to user data through brute force and dictionary attacks. | |||
|
2021-12-10 14:00:57 | Fujitsu Retires Tool Targeted by Threat Actors (lien direct) | Japanese tech giant Fujitsu has announced plans to retire the ProjectWEB project information sharing tool after it was targeted by threat actors earlier this year. Designed to aid collaboration between teams, ProjectWEB is a tool that organizations can employ to share project data both within and outside of their environments. | Tool Threat | ||
|
2021-12-10 13:02:41 | Afero Raises $50 Million for Its Secure IoT Platform (lien direct) | Afero, a Menlo Park, California-based company focused on securing IoT device communication, has closed a $50 million Series C funding round. To date, the company has raised $100 million in funding. The new investment came from Crosspoint Capital Partners. Home Depot also participated, but the terms of the transaction were not disclosed. | |||
|
2021-12-10 12:35:40 | Russian Who Helped Kelihos Malware Evade Detection Sentenced to 4 Years in Prison (lien direct) | A Russian national convicted earlier this year in the United States for his role in a cybercrime operation has been sentenced to four years in prison. | Malware | ||
|
2021-12-10 11:46:30 | UK Court Permits Assange Extradition to US on Spying Charges (lien direct) | A British appellate court opened the door Friday for Julian Assange to be extradited to the United States by overturning a lower court ruling that found the WikiLeaks founder's mental health was too fragile to withstand the American criminal justice system. | |||
|
2021-12-10 10:34:27 | Saudi Activist Sues 3 Former U.S. Officials Over Hacking (lien direct) | Loujain al-Hathloul, a prominent Saudi political activist who pushed to end a ban on women driving in her country, is suing three former U.S. intelligence and military officials she says helped hack her cellphone so a foreign government could spy on her before she was imprisoned and tortured. | Hack | ||
|
2021-12-10 10:08:35 | Work-from-Anywhere Requires "Work-from-Anywhere Security" (lien direct) | Security policies and solutions need to follow users and data from anywhere to anywhere | |||
|
2021-12-09 18:34:18 | Ex-Googlers Snag $5 Million for Software Supply Chain Security Tech (lien direct) | A group for ex-Google software engineers has raised $5 million in seed funding for Chainguard, an early-stage startup tackling vexing problems associated with software supply chain security. | |||
|
2021-12-09 17:42:30 | Email Security Company IronScales Raises $64 Million (lien direct) | IronScales, a company that leverages artificial intelligence in technology for email security, has closed a $64 million Series C funding round. The investment round was led by PSG with additional participation from existing investors Jump Capital and K1 Investment Management. | |||
|
2021-12-09 16:11:33 | Volume of Attacks on IoT/OT Devices Increasing: Microsoft Study (lien direct) | The volume of attacks on IoT and OT devices is increasing and in many cases these systems were specifically targeted by threat actors, according to a new study commissioned by Microsoft. | Threat | ||
|
2021-12-09 15:03:14 | Facebook, GDPR and Max Schrems - Under the Hood of GDPR Legal Processes (lien direct) | 
|
|||
|
2021-12-09 14:45:45 | Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird (lien direct) | Mozilla this week released security updates for the Firefox browser and Thunderbird mail client to address multiple vulnerabilities, including several bugs rated high severity. | |||
|
2021-12-09 13:50:40 | Ransomware Operators Leak Data Stolen From Wind Turbine Giant Vestas (lien direct) | Cybercriminals have made public the data stolen recently from Danish wind turbine giant Vestas Wind Systems, and the company confirmed the leak on Wednesday. | |||
|
2021-12-09 12:21:53 | \'Moobot\' Botnet Targets Hikvision Devices via Recent Vulnerability (lien direct) | A Mirai-based botnet dubbed 'Moobot' is attempting to exploit a recently addressed vulnerability that affects many Hikvision products, according to Fortinet's FortiGuard Labs. | Vulnerability | ||
|
2021-12-09 12:01:05 | Australian Electricity Provider \'CS Energy\' Hit by Ransomware (lien direct) | Australian electricity provider CS Energy has been hit by a ransomware attack, but the company says electricity generation has not been affected and it has denied claims that the attack was conducted by a state-sponsored threat group. The attack was discovered on November 27 and the company informed the public about the incident a few days later. | Ransomware Threat | ||
|
2021-12-09 12:00:47 | The First Building Block for the SOC of the Future is Data (lien direct) | Data is the lifeblood of security because it provides context from a wide range of internal and external sources | |||
|
2021-12-09 10:28:15 | SonicWall Customers Warned of High-Risk Flaws in Remote Access Appliances (lien direct) | SonicWall is urging organizations to address as soon as possible a series of recently patched vulnerabilities affecting its Secure Mobile Access (SMA) 100 series appliances. |
To see everything:
Our RSS (filtrered)
