What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-28 21:57:06 | Mandiant attrape un autre groupe de pirates gouvernementaux nord-coréens [Mandiant Catches Another North Korean Gov Hacker Group] (lien direct) | > Mandiant Flags APT43 comme un «cyber opérateur modérément sophistiqué qui soutient les intérêts du régime nord-coréen». "
>Mandiant flags APT43 as a “moderately-sophisticated cyber operator that supports the interests of the North Korean regime." |
APT 43 | ★★ | |
|
2023-03-28 18:34:14 | Vidéo: Comment construire la résilience contre les cyber-menaces émergentes [Video: How to Build Resilience Against Emerging Cyber Threats] (lien direct) | > Profitez de cette session pendant que nous parcourons trois cas d'utilisation récents où une nouvelle menace a pris des organisations hors garde.
>Enjoy this session as we walk through three recent use cases where a new threat caught organizations off-guard. |
Threat | ★★ | |
|
2023-03-28 12:59:20 | La violation des données de ChatGpt confirmée comme la société de sécurité met en garde contre l'exploitation des composants vulnérables [ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation] (lien direct) | > OpenAI a confirmé une violation de données de ChatGPT le même jour qu'une entreprise de sécurité a déclaré avoir vu l'utilisation d'un composant affecté par une vulnérabilité activement exploitée.
>OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an actively exploited vulnerability. |
Data Breach | ChatGPT ChatGPT | ★★★ |
|
2023-03-28 10:45:45 | 14 millions d'enregistrements volés en violation de données à la latitude financière des services [14 Million Records Stolen in Data Breach at Latitude Financial Services] (lien direct) | > Le fournisseur de services financiers australiens Latitude indique qu'environ 14 millions de dossiers utilisateurs ont été volés dans une cyberattaque récente.
>Australian financial services provider Latitude says roughly 14 million user records were stolen in a recent cyberattack. |
Data Breach | ★★ | |
|
2023-03-27 19:02:44 | Nous pour adopter de nouvelles restrictions sur l'utilisation de logiciels espions commerciaux [US to Adopt New Restrictions on Using Commercial Spyware] (lien direct) | > L'ordre exécutif exigera le chef de toute agence américaine utilisant des programmes de logiciels espioniques commerciaux pour certifier que le programme ne pose pas de contre-espionnage significatif ou autre risque de sécurité.
>Executive order will require the head of any U.S. agency using commercial spyware programs to certify that the program doesn\'t pose a significant counterintelligence or other security risk. |
★★ | ||
|
2023-03-27 16:30:31 | Goanywhere Attack Zero-Day frappe les orgs majeurs [GoAnywhere Zero-Day Attack Hits Major Orgs] (lien direct) | > Plusieurs grandes organisations confirment l'impact des derniers exploits zéro-jours qui frappent le logiciel Goanywhere de Fortra \\.
>Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra\'s GoAnywhere software. |
★★ | ||
|
2023-03-23 16:01:00 | Intel possède une réduction de surface d'attaque avec une nouvelle plate-forme VPRO de base de 13e génération [Intel Boasts Attack Surface Reduction With New 13th Gen Core vPro Platform] (lien direct) | > Intel partage des informations sur les améliorations de sécurité apportées par sa nouvelle plateforme VPRO propulsée par les processeurs de base de 13e génération.
>Intel shares information on the security improvements brought by its new vPro platform powered by 13th Gen Core processors. |
General Information | ★★ | |
|
2023-03-23 12:02:12 | \\ 'Nexus \\' Android Trojan cible 450 applications financières [\\'Nexus\\' Android Trojan Targets 450 Financial Applications] (lien direct) | Promu comme un maas, le Trojan Android Nexus cible 450 applications financières pour la prise de contrôle du compte.
Promoted as a MaaS, the Nexus Android trojan targets 450 financial applications for account takeover. |
Mobile | ★★ | |
|
2023-03-23 09:24:48 | Dole dit que les informations des employés sont compromises dans l'attaque des ransomwares [Dole Says Employee Information Compromised in Ransomware Attack] (lien direct) | > Dole a admis dans un dossier de la SEC que son enquête sur la récente attaque de ransomware a révélé que les pirates avaient accédé aux informations des employés.
>Dole has admitted in an SEC filing that its investigation into the recent ransomware attack found that the hackers had accessed employee information. |
Ransomware General Information | ★★★ | |
|
2023-03-22 13:00:00 | Tendances des logiciels malveillants: ce qui est l'ancien est encore nouveau [Malware Trends: What\\'s Old is Still New] (lien direct) | > Beaucoup des cybercriminels les plus réussis sont astucieux;Ils veulent un bon retour sur investissement, mais ils ne veulent pas avoir à réinventer la roue pour l'obtenir.
>Many of the most successful cybercriminals are shrewd; they want good ROI, but they don\'t want to have to reinvent the wheel to get it. |
Malware General Information | ★★ | |
|
2023-03-22 11:25:44 | L'Espagne a besoin de plus de transparence sur Pegasus: les législateurs de l'UE [Spain Needs More Transparency Over Pegasus: EU Lawmakers] (lien direct) | > L'Espagne a besoin de plus de transparence sur le scandale de piratage des logiciels espions de Pegasus, a déclaré un comité du Parlement européen.
>Spain needs more transparency over the Pegasus spyware hacking scandal, a European Parliament committee said. |
★★ | ||
|
2023-03-22 01:06:10 | Google suspend l'application d'achat chinois au milieu des problèmes de sécurité [Google Suspends Chinese Shopping App Amid Security Concerns] (lien direct) | > Google a suspendu l'application de shopping chinoise Pinduoduo sur son App Store après la découverte des logiciels malveillants dans les versions de l'application à partir d'autres sources.
>Google has suspended the Chinese shopping app Pinduoduo on its app store after malware was discovered in versions of the app from other sources. |
Malware | ★★★ | |
|
2023-03-21 15:41:35 | Zoom a versé 3,9 millions de dollars en primes de bug en 2022 [Zoom Paid Out $3.9 Million in Bug Bounties in 2022] (lien direct) | > Zoom dit qu'il a versé 3,9 millions de dollars en récompenses de primes de bogues en 2022, avec un total de plus de 7 millions de dollars attribués aux chercheurs depuis 2019.
>Zoom says it paid out $3.9 million in bug bounty rewards in 2022, with a total of over $7 million awarded to researchers since 2019. |
★★ | ||
|
2023-03-21 10:52:34 | Packages NuGet malveillants utilisés pour cibler les développeurs .NET [Malicious NuGet Packages Used to Target .NET Developers] (lien direct) | > Les développeurs de logiciels ont été ciblés dans une nouvelle attaque via des packages malveillants dans le référentiel NuGet.
>Software developers have been targeted in a new attack via malicious packages in the NuGet repository. |
★★ | ||
|
2023-03-21 01:50:05 | Ferrari Says Ransomware Attack Exposed Customer Data (lien direct) | > Ferrari a déclaré qu'une attaque de ransomware était responsable d'une violation de données qui a exposé les détails du client, mais n'a pas eu d'impact sur les opérations de l'entreprise.
>Ferrari said that a ransomware attack was responsible for a data breach that exposed customer details, but did not impact company operations. |
Ransomware Data Breach | ★★ | |
|
2023-03-20 14:35:48 | Millions Stolen in Hack at Cryptocurrency ATM Manufacturer General Bytes (lien direct) | >Cryptocurrency ATM maker General Bytes discloses a security incident resulting in the theft of millions of dollars' worth of crypto-coins. | Hack | ★★ | |
|
2023-03-20 11:53:33 | Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm (lien direct) | >Hitachi Energy has blamed a data breach affecting employees on the recent exploitation of a zero-day vulnerability in Fortra's GoAnywhere solution. | Ransomware Data Breach Vulnerability | ★★ | |
|
2023-03-20 10:42:12 | NBA Notifying Individuals of Data Breach at Mailing Services Provider (lien direct) | >NBA is notifying individuals that their information was stolen in a data breach at a third-party mailing services provider. | Data Breach | ★★ | |
|
2023-03-20 10:28:01 | (Déjà vu) Adobe Acrobat Sign Abused to Distribute Malware (lien direct) | >Cybercriminals are abusing the Adobe Acrobat Sign service in a campaign distributing the RedLine information stealer malware. | Malware | ★★ | |
|
2023-03-17 15:05:58 | Latitude Financial Services Data Breach Impacts 300,000 Customers (lien direct) | Latitude Financial Services says the personal information of 300,000 customers was stolen in a cyberattack. | Data Breach | ★★ | |
|
2023-03-16 16:08:10 | Meta Develops New Kill Chain Thesis (lien direct) | >Meta has developed a ten-phase cyber kill chain model that it believes will be more inclusive and more effective than the existing range of models. | ★ | ||
|
2023-03-16 13:46:09 | Webinar Today: How to Build Resilience Against Emerging Cyber Threats (lien direct) | >Join us for this webinar as we walk through three recent use cases where a new threat caught organizations off-guard. | Threat | ★★ | |
|
2023-03-16 12:53:04 | Make Your Picks: Cyber Madness Bracket Challenge Starts Today (lien direct) | >SecurityWeek's Cyber Madness Bracket Challenge is a contest designed to bring the community together in a fun, competitive way through one of America's top sporting events. | ★★ | ||
|
2023-03-16 12:31:59 | Data Breach at Independent Living Systems Impacts 4 Million Individuals (lien direct) | >Health services company Independent Living Systems has disclosed a data breach that impacts more than 4 million individuals. | Data Breach | ★★ | |
|
2023-03-15 10:59:00 | Hawaii Health Department Says Death Records Compromised in Recent Data Breach (lien direct) | The Hawaii DOH says roughly 3,400 death records were accessed via the compromised account of a former employee. | Data Breach | ★★ | |
|
2023-03-15 09:41:52 | Data Security Firm Rubrik Targeted With GoAnywhere Zero-Day Exploit (lien direct) | >Cybersecurity firm Rubrik has confirmed being hit by the GoAnywhere zero-day exploit after the Cl0p ransomware group named the company on its leak website. | Ransomware | ★★ | |
|
2023-03-14 12:23:00 | Ring Denies Falling Victim to Ransomware Attack (lien direct) | >Ring says it has no indications it has fallen victim to a ransomware attack after cybergang threatens to publish supposedly stolen data. | Ransomware | ★★★ | |
|
2023-03-14 11:24:28 | Fortinet Finds Zero-Day Exploit in Government Attacks After Devices Detect Integrity Breach (lien direct) | Fortinet says recently patched FortiOS vulnerability was exploited in sophisticated attacks targeting government entities. | Vulnerability | ★★★ | |
|
2023-03-13 14:32:01 | CISA Warns of Plex Vulnerability Linked to LastPass Hack (lien direct) | >CISA has added vulnerabilities in Plex Media Server and VMware NSX-V to its Known Exploited Vulnerabilities catalog. | Hack Vulnerability | LastPass LastPass | ★★★ |
|
2023-03-13 14:15:11 | Euler Loses Nearly $200 Million to Flash Loan Attack (lien direct) | >London, UK based De-Fi platform company Euler has lost a reported $196 million to a flash loan attack. | ★★ | ||
|
2023-03-13 11:16:54 | Zoll Medical Data Breach Impacts 1 Million Individuals (lien direct) | >Zoll Medical is notifying one million individuals that their personal information was compromised in a data breach earlier this year. | Data Breach Medical | ★★ | |
|
2023-03-10 17:02:50 | Blackbaud Fined $3M For \'Misleading Disclosures\' About 2020 Ransomware Attack (lien direct) | >Blackbaud has been slapped with a $3 million civil penalty by the SEC for "making misleading disclosures" about a 2020 ransomware attack that impacted more than 13,000 customers. | Ransomware Guideline | ★★ | |
|
2023-03-10 16:12:15 | Cyber Madness Bracket Challenge – Register to Play (lien direct) | >SecurityWeek's Cyber Madness Bracket Challenge is a contest designed to bring the community together in a fun, competitive way through one of America's top sporting events. | ★★ | ||
|
2023-03-10 13:39:39 | Millions of AT&T Customers Notified of Data Breach at Third-Party Vendor (lien direct) | AT&T is notifying millions of wireless customers that their CPNI was compromised in a data breach at a third-party vendor. | Data Breach | ★★ | |
|
2023-03-10 09:30:00 | Acronis Clarifies Hack Impact Following Data Leak (lien direct) | >Acronis said a single customer's account was compromised after a hacker leaked gigabytes of information on a cybercrime forum. | Hack | ★★ | |
|
2023-03-09 17:59:30 | Custom Chinese Malware Found on SonicWall Appliance (lien direct) | >Malware deployed by Chinese hackers on a SonicWall SMA appliance includes credential theft, shell access, and persistence functionality. | Malware | ★★ | |
|
2023-03-09 14:45:12 | Vulnerability Exposes Cisco Enterprise Routers to Disruptive Attacks (lien direct) | >Cisco has released patches for a high-severity DoS vulnerability in IOS XR software for several enterprise-grade routers. | Vulnerability | ★★★ | |
|
2023-03-09 10:39:57 | Congress Members Warned of Significant Health Data Breach (lien direct) | >House and Senate members informed that hackers may have gained access to their sensitive personal data in DC Health Link breach. | Data Breach | ★★ | |
|
2023-03-08 13:47:29 | \'Sys01 Stealer\' Malware Targeting Government Employees (lien direct) | The Sys01 Stealer has been observed targeting the Facebook accounts of critical government infrastructure employees. | Malware | ★★ | |
|
2023-03-07 13:54:07 | Acer Confirms Breach After Hacker Offers to Sell Stolen Data (lien direct) | >Acer said one of its document servers was hacked after a hacker claimed to have stolen 160 Gb of data from the company. | ★★★ | ||
|
2023-03-07 12:00:00 | Talking Cyberinsurance With Munich Re (lien direct) | >SecurityWeek spoke to Chris Storer, head of the cyber center of excellence at reinsurance giant Munich Re, for the cyber insurers' view of cyberinsurance. | ★★ | ||
|
2023-03-07 11:53:23 | Exploitation of Bitrix CMS Vulnerability Drives ICS Attack Surge in Russia (lien direct) | >Kaspersky has seen a surge in attacks on ICS computers in Russia and blames it on the exploitation of a Bitrix CMS vulnerability tracked as CVE-2022-27228. | Vulnerability | ★★ | |
|
2023-03-07 10:23:42 | Android\'s March 2023 Updates Patch Over 50 Vulnerabilities (lien direct) | Google has released patches for more than 50 vulnerabilities as part of the March 2023 security updates for the Android platform. | ★★ | ||
|
2023-03-06 18:59:21 | Cyberattack Hits Major Hospital in Spanish City of Barcelona (lien direct) | >A ransomware attack on one of Barcelona' s main hospitals has crippled the center's computer system and forced the cancellation of non-urgent operations and patient checkups. | Ransomware | ★★ | |
|
2023-03-06 14:36:51 | New ATM Malware \'FiXS\' Emerges (lien direct) | Metabase Q documents FiXS, a new malware family targeting ATMs in Latin America. | Malware | ★★★ | |
|
2023-03-06 12:47:25 | Ransomware Operators Leak Data Allegedly Stolen From City of Oakland (lien direct) | Play ransomware operators have leaked data allegedly stolen from the City of Oakland last month. | Ransomware | ★★ | |
|
2023-03-04 12:09:21 | EPA Mandates States Report on Cyber Threats to Water Systems (lien direct) | >The Biden administration said it would require states to report on cybersecurity threats in their audits of public water systems, a day after it released a broader plan to protect critical infrastructure against cyberattacks. | ★★★ | ||
|
2023-03-03 14:16:10 | Thousands of Websites Hijacked Using Compromised FTP Credentials (lien direct) | >Cybersecurity startup Wiz warns of a widespread redirection campaign in which thousands of websites have been compromised using legitimate FTP credentials. | ★★★ | ||
|
2023-03-03 11:35:32 | White House Cybersecurity Strategy Stresses Software Safety (lien direct) | >Some say the White House cybersecurity strategy is largely aspirational. Its boldest initiatives - including stricter rules on breach reporting and software liability - are apt to meet resistance from business and Republicans in Congress. | ★★ | ||
|
2023-03-03 11:00:00 | Over 71k Impacted by Credential Stuffing Attacks on Chick-fil-A Accounts (lien direct) | >Chick-fil-A is informing users that their accounts have been compromised in a two-month-long credential stuffing campaign. | ★★ |
To see everything:
Our RSS (filtrered)
