What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-22 16:12:17 | Wind Turbine Giant Vestas Fending Off Cyberattack (lien direct) | Danish wind turbine giant Vestas Wind Systems has been hit by what appears to be a ransomware attack that took out parts of its internal IT infrastructure and caused unspecified data compromise. | Ransomware | ||
|
2021-11-22 15:55:47 | Researchers Hack Conti Ransomware Infrastructure (lien direct) | Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti Ransomware-as-a-Service (RaaS), which allowed them to gain insight into the inner workings of the ransomware. | Ransomware Hack Vulnerability | ||
|
2021-11-22 15:27:08 | Delivering on the Promise of 5G Requires New Security Standards (lien direct) | In order to deliver on the promise of 5G, we need new industry standards for security, testing, and training | |||
|
2021-11-22 14:31:41 | (Déjà vu) Cybersecurity M&A Roundup for Third Week of November 2021 (lien direct) | 
Seven cybersecurity-related acquisitions were announced in the third week of November 2021.
|
|||
|
2021-11-22 14:06:50 | CISO Conversations: Honda Aircraft, Bombardier CISOs Discuss Getting Started in Security (lien direct) | 
|
|||
|
2021-11-22 13:48:50 | Iran\'s Mahan Air Says Hit by Cyberattack (lien direct) | Iran's second-largest airline, Mahan Air, said it had been hit by a cyberattack Sunday, the latest of several targeting the company. "Mahan Air's computer system has suffered a new attack," the company said in a statement. | |||
|
2021-11-22 13:02:19 | Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (lien direct) | Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach. As part of the incident, which was identified on September 4, 2021, unknown threat actors accessed files that contained sensitive personal information related to patients. | Data Breach Threat | ||
|
2021-11-22 12:32:00 | Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications (lien direct) | More than 20 vulnerabilities have been identified by Cisco's Talos research and threat intelligence unit in a Lantronix Wi-Fi module designed for critical industrial and commercial applications. | Threat | ||
|
2021-11-22 11:29:33 | WhatsApp Pushes Privacy Update to Comply With Irish Ruling (lien direct) | WhatsApp is adding more details to its privacy policy and flagging that information for European users, after Irish regulators slapped the chat service with a record fine for breaching strict EU data privacy rules. | |||
|
2021-11-19 17:10:44 | New \'SharkBot\' Android Banking Malware Hitting U.S., UK and Italy Targets (lien direct) | A new Android banking trojan has been found, targeting international banks from the United Kingdom and Italy (including in the U.S.). and five different cryptocurrency services. Twenty-two instances have been discovered, but more are expected. | Malware | ||
|
2021-11-19 16:02:19 | Canadian Teen Arrested Over Theft of $36 Million in Cryptocurrency (lien direct) | A Canadian teen has been arrested for their alleged role in the theft of roughly $36.5 million (CAD$46 million) worth of cryptocurrency from a single victim in the United States, according to the Hamilton Police in Ontario, Canada. | |||
|
2021-11-19 15:39:56 | U.S Banks Required to Report Cyberattacks to Regulators Within 36 Hours (lien direct) | In less than half a year, banks in the United States will be required to notify federal regulators of serious cybersecurity incidents within 36 hours. | |||
|
2021-11-19 13:44:45 | California Pizza Kitchen Says Employee Data Stolen in Breach (lien direct) | American pizza chain California Pizza Kitchen (CPK) is notifying employees of a data breach that might have resulted in some of their personal information being accessed by hackers. | Data Breach | ||
|
2021-11-19 12:39:34 | SnapAttack Spins Out of Booz Allen Hamilton With $8 Million in Funding (lien direct) | Threat hunting and detection company SnapAttack this week announced closing an $8 million funding round, just as it spun out of Booz Allen Hamilton. The funding round was led by Volition Capital. Booz Allen Hamilton and Strategic Cyber Ventures (SCV) also invested in the new independent company. | |||
|
2021-11-19 12:02:40 | GBG to Acquire Acuant in $736 Million Deal (lien direct) | UK-based identity verification and fraud prevention solutions provider GBG on Thursday announced that it has agreed to acquire Acuant in a $736 million deal. | |||
|
2021-11-19 11:49:21 | SecurityWeek to Host Security Operations Summit as Virtual Event Dec. 8 (lien direct) | 
|
|||
|
2021-11-19 11:10:33 | North Korean Hacker Group Intensifies Espionage Campaigns (lien direct) | A North Korea-linked threat actor tracked as TA406 has intensified its attacks in 2021, particularly credential harvesting campaigns, Proofpoint reports. | Threat | ||
|
2021-11-18 20:37:12 | US Indicts Iranians for Election Meddling (lien direct) | The US Justice Department announced indictments Thursday of two Iranians who allegedly took part in an online "disinformation and threat" campaign to influence American voters in the 2020 presidential election. | |||
|
2021-11-18 18:54:25 | Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector (lien direct) | Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets. | Threat | ||
|
2021-11-18 16:23:14 | Acronyms Aside, the SOC of the Future Needs These 3 Capabilities (lien direct) | Every discipline has its acronyms, but I'd venture to say cybersecurity has more than its share. We use them to describe threat actors and how they operate, as well as different security teams, their certifications and the tools they use. There's nothing wrong with acronyms, but when they are used to describe emerging solutions, an interesting phenomenon occurs…that new acronym becomes the next silver bullet technology that will solve all our security problems. | Threat | ||
|
2021-11-18 15:42:53 | Cyber Defenders Should Prepare for Holiday Ransomware Attacks (lien direct) | High days and holidays are prime time for ransomware. This should come as no surprise to anyone – but many companies remain surprisingly unaware or at least unprepared. | Ransomware | ||
|
2021-11-18 14:41:26 | New ETW Attacks Can Allow Hackers to \'Blind\' Security Products (lien direct) | Researchers have described two new attack methods that can be used to “blind” cybersecurity products that rely on a logging mechanism named Event Tracing for Windows (ETW). | |||
|
2021-11-18 14:16:56 | MDR Company Expel Raises $140 Million at Unicorn Valuation (lien direct) | Managed detection and response (MDR) provider Expel on Thursday announced raising $140.3 million in a Series E funding round. Founded in 2016, the company has raised nearly $258 million in total and it's now valued at more than $1 billion, earning it “unicorn” status. | |||
|
2021-11-18 13:22:01 | Israel Defence Minister\'s Cleaner Charged With Spying for Iran (lien direct) | A man employed in the home of Israeli Defence Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hackers, who are purportedly linked to Iran. | |||
|
2021-11-18 12:29:41 | Cloud Security Firm Lacework Raises Record-Breaking $1.3 Billion (lien direct) | 
|
|||
|
2021-11-18 12:12:49 | Microsoft Informs Users of High-Severity Vulnerability in Azure AD (lien direct) | Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD). | Vulnerability | ||
|
2021-11-18 11:49:24 | FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability (lien direct) | The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021. | Vulnerability | ||
|
2021-11-18 11:33:10 | How to Improve Red Team Effectiveness using Obfuscation (lien direct) | Setting up an obfuscated network in the cloud gives a red team the flexibility to test security against different cloud vendors | |||
|
2021-11-18 10:41:26 | Solving the Right to be Forgotten Problem (lien direct) | The Right to be Forgotten (technically the right to erasure or for users to have personal data removed from service providers' records) creates a big problem for suppliers. This right is becoming standard across the new global wave of data protection and consumer privacy legislation that has followed GDPR. | |||
|
2021-11-17 20:31:13 | Cloud Data Protection Startup Laminar Closes $32M Funding Round (lien direct) | Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised $37 million in venture capital investments. The new investment round was led by Insight Partners. Meron Capital, SentinelOne, and TLV Partners also participated. | |||
|
2021-11-17 15:55:00 | U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws (lien direct) | Iranian Threat Actors Target U.S. Critical Infrastructure, Australian Organizations | Threat | ||
|
2021-11-17 14:43:31 | Netgear Patches Code Execution Vulnerability Affecting Many Products (lien direct) | A vulnerability in Netgear small office/home office (SOHO) devices can be exploited by an attacker on the local area network (LAN) to execute code remotely with root privileges, GRIMM security researchers warn. | Vulnerability | ||
|
2021-11-17 13:30:25 | Robinhood Says Thousands of Phone Numbers Also Stolen in Breach (lien direct) | 
Mobile stock trading platform Robinhood on Tuesday confirmed that phone numbers and other information have also been stolen in the recent data breach.
|
|||
|
2021-11-17 13:08:25 | Open XDR Company Stellar Cyber Raises $38 Million (lien direct) | Detection and response solutions provider Stellar Cyber on Tuesday announced that it has raised $38 million in Series B funding. To date, the company has raised over $68 million. | |||
|
2021-11-17 12:05:47 | CISA Releases Incident and Vulnerability Response Playbooks (lien direct) | In response to an executive order signed by President Biden in May, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two cybersecurity playbooks focusing on incident response and vulnerability response. | Vulnerability | ||
|
2021-11-17 11:14:12 | UK Orders National Security Review of NVIDIA Deal to Buy Arm (lien direct) | American technology company NVIDIA's planned $40 billion takeover of British chip designer Arm Ltd. faces months of delays after the U.K. government asked competition regulators Tuesday to investigate the national security implications of the deal. | |||
|
2021-11-16 20:44:51 | Chrome 96 Plugs High-Risk Browser Flaws (lien direct) | Google this week announced the availability of Chrome 96 in the stable channel with fixes for 25 security flaws, including 18 bugs reported by external security researchers. | |||
|
2021-11-16 20:33:56 | Mandiant Attributes Ghostwriter APT Attacks to Belarus (lien direct) | The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team. | Threat | ||
|
2021-11-16 20:07:55 | Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections (lien direct) | A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips. | Vulnerability | ||
|
2021-11-16 19:18:21 | Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive (lien direct) | Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan's then-government and security forces as the Taliban was moving in to take power. | |||
|
2021-11-16 18:41:48 | FBI Hacker Offers to Sell Data Allegedly Stolen in Robinhood Breach (lien direct) | The hacker who last week sent out thousands of fake emails from FBI systems is offering to sell data allegedly stolen in the recent breach at mobile stock trading platform Robinhood. | |||
|
2021-11-16 16:39:16 | GitHub Confirms Another Major NPM Security Defect (lien direct) | Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. | |||
|
2021-11-16 15:55:13 | Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy (lien direct) | External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. | Threat | ||
|
2021-11-16 13:02:33 | Intel CPU Vulnerability Can Expose Cryptographic Keys (lien direct) | One of the vulnerabilities patched recently by Intel in its processors could allow an attacker with physical access to the targeted system to obtain cryptographic keys, according to the cybersecurity firm whose researchers discovered the flaw. | Vulnerability | ||
|
2021-11-16 12:47:34 | Emotet Using TrickBot to Get Back in the Game (lien direct) | Roughly one million computers were freed of the Emotet malware in April this year, but the botnet might reappear, as the Trojan's developers have apparently started distributing it again. | Malware | ||
|
2021-11-15 20:56:35 | Microsoft Says HTML Smuggling Attacks On The Rise (lien direct) | Microsoft says it has observed an increase in the use of HTML smuggling in malicious attacks distributing remote access Trojans (RATs), banking malware, and other malicious payloads. | |||
|
2021-11-15 17:40:53 | Costco Hit by Card Skimming Attack Head of Holiday Season (lien direct) | Costco, one of the world's largest retailers, has warned customers that they may have had bank card details stolen, following reports that payment card skimming devices were discovered at Costco warehouses. | |||
|
2021-11-15 15:56:43 | (Déjà vu) Cybersecurity M&A Roundup for Second Week of November 2021 (lien direct) |
Eight cybersecurity-related acquisitions were announced in the second week of November 2021 (November 8-14).
|
|||
|
2021-11-15 15:06:56 | Diebold Nixdorf ATM Flaws Allowed Attackers to Modify Firmware, Steal Cash (lien direct) | Security researchers with Positive Technologies have published information on a couple of vulnerabilities in Diebold Nixdorf ATMs that could have allowed for an attacker to replace the firmware on the system and withdraw cash. | |||
|
2021-11-15 12:47:22 | IoT Protocol Used by NASA, Siemens and Volkswagen Can Be Exploited by Hackers (lien direct) | Researchers Warn DDS Protocol Can Be Abused for Lateral Movement and Malware C&C Researchers have shown that a widely used protocol named Data Distribution Service (DDS) is affected by vulnerabilities that could be exploited by threat actors for various purposes. | Malware Threat |
To see everything:
Our RSS (filtrered)
