What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-04 19:35:24 | Anti-Bot Fraud Detection Firm HUMAN Snags $100M Investment (lien direct) | Enterprise anti-bot and fraud detection startup HUMAN Security has closed a new $100 million funding round and announced plans to expand into new product categories. | |||
|
2022-01-04 16:40:52 | Google Acquires Siemplify in Ambitious Cybersecurity Push (lien direct) | Google has expanded its push into the lucrative cybersecurity business with a new deal to acquire Siemplify, a late-state Israeli startup selling SOAR (security orchestration, automation and response) technology. Financial terms of the transaction were not released but reports out of Israel peg the price tag in the range of $500 million. | ★★★ | ||
|
2022-01-04 15:43:23 | Saltzer Health Informs Patients of Personal Information Exposure (lien direct) | Intermountain Healthcare-owned Saltzer Health is informing patients that their personal information might have been compromised after an unauthorized party gained access to an employee email account. | |||
|
2022-01-04 14:53:54 | Cyber Insurance Firm Corvus Expands With Acquisition of UK-Based Tarian (lien direct) | Boston-based cyber insurance company Corvus on Tuesday announced the acquisition of UK-based cyber underwriting platform Tarian Underwriting Limited from Beat Capital Partners. Following the acquisition, Tarian will become Corvus Underwriting Limited. Corvus claims it is the first insurtech company to acquire a London underwriting platform. | |||
|
2022-01-04 13:24:27 | Unpatched HomeKit Vulnerability Exposes iPhones, iPads to DoS Attacks (lien direct) | A researcher claims Apple has failed to patch a potentially serious vulnerability that can be exploited to launch denial-of-service (DoS) attacks against iPhones and iPads. | Vulnerability | ||
|
2022-01-04 12:19:12 | Predictions: SecurityWeek\'s 2022 Cybersecurity Outlook (lien direct) | 
|
★★★★★ | ||
|
2022-01-04 11:31:08 | Skimmer Injected Into 100 Real Estate Websites via Cloud Video Platform (lien direct) | More than 100 real estate websites belonging to the same parent company were injected with web skimmer code via an unnamed cloud video platform. Increasingly popular, skimmer attacks involve the use of malicious JavaScript code to steal data provided by users on the targeted website. | |||
|
2022-01-04 03:51:52 | Broward Health Hit With Data Breach on Patients, Staff (lien direct) | The Broward Health hospital system on Saturday said it suffered a data breach in October where a hacker accessed personal and medical information of patients and staff. | Data Breach | ||
|
2022-01-03 18:13:01 | Hospitality Chain Says Employee Data Stolen in Ransomware Attack (lien direct) | Hospitality chain McMenamins has confirmed that employee information dating back to January 1998 was compromised in a recent data extortion ransomware attack. | Ransomware | ||
|
2022-01-03 18:06:17 | CrowdStrike Beefs Up Exploit Detection With Intel CPU Telemetry (lien direct) | Anti-malware giant CrowdStrike says it is using telemetry from Intel processors to help detect and thwart sophisticated software exploits that bypass traditional OS-based defenses. | |||
|
2022-01-03 16:37:35 | IoT\'s Importance is Growing Rapidly, But Its Security Is Still Weak (lien direct) | The explosive growth of IoT devices opens an extensive attack surface that needs to be addressed | |||
|
2022-01-03 15:24:07 | Shopping Platform PulseTV Discloses Potential Breach Impacting 200,000 People (lien direct) | PulseTV has started notifying roughly 200,000 users that their personal information and credit card data might have been compromised as a result of a cybersecurity breach. | |||
|
2022-01-03 14:55:24 | Sophisticated iLOBleed Rootkit Targets HP Servers (lien direct) | An Iranian cybersecurity firm claims to have discovered a sophisticated rootkit that is designed to target HP servers. | |||
|
2022-01-03 14:26:16 | Quantum Computing Is for Tomorrow, But Quantum-Related Risk Is Here Today (lien direct) | 
|
Threat | ||
|
2022-01-03 13:45:00 | Multiple Vulnerabilities Impact Netgear Nighthawk R6700 Routers (lien direct) | Netgear Nighthawk R6700v3 routers running the latest firmware are affected by multiple vulnerabilities. Details of the flaws were disclosed last week by Tenable after the vendor failed to release patches. | |||
|
2022-01-03 12:42:56 | Israeli Media Outlets Hacked on Soleimani Killing Anniversary (lien direct) | Two major Israeli media outlets were hacked early Monday with a threatening message that appeared linked to the killing of a top Iranian general two years ago. | |||
|
2022-01-03 12:16:05 | ACLU Demands Answers About Transit Agency Data Breach (lien direct) | The American Civil Liberties Union of Rhode Island is demanding more answers about a data breach at the state's public bus service, including why the personal information of state employees who don't even work for the agency was compromised. | Data Breach | ||
|
2022-01-03 11:01:52 | (Déjà vu) Cybersecurity M&A Roundup: 35 Deals Announced in December 2021 (lien direct) | 
|
|||
|
2021-12-31 12:38:28 | A New Year Will Bring New Targets: What to Look for in 2022 (lien direct) | There's no way to put it nicely: cybercrime just continues to get worse as we become increasingly connected. 2020 was a banner year for ransomware – and by all accounts, it's almost certain that 2021 will top it. And as we move into 2022, not only do defenders need to put more scrutiny on the attack vectors they're already focused on, but now they will need to expand that view to new targets. | Ransomware | ||
|
2021-12-30 14:27:22 | What to Expect in 2022: Microservices Will Bring Macro Threats (lien direct) | If not addressed in design and deployment, the risks with microservices can multiply since any application could be composed of hundreds of microservices | |||
|
2021-12-29 17:44:14 | LastPass Automated Warnings Linked to \'Credential Stuffing\' Attack (lien direct) | Users of the popular LastPass password manager are being targeted in so-called “credential stuffing” attacks that use email addresses and passwords obtained from third-party breaches. | LastPass | ★★★ | |
|
2021-12-29 17:21:27 | Chinese Spies Exploit Log4Shell to Hack Major Academic Institution (lien direct) | China-linked cyberespionage group Aquatic Panda was recently observed exploiting the Log4Shell vulnerability to compromise a large academic institution, CrowdStrike's Falcon OverWatch team reports. | Hack Vulnerability | ||
|
2021-12-29 15:27:57 | The Right to Work and Non-Competes in the Security Industry (lien direct) | Those who actively threaten or work against the right to work act against the interests of the security community as a whole | |||
|
2021-12-29 15:22:46 | Storage Devices of Major Vendors Impacted by Encryption Software Flaws (lien direct) | Storage devices from several major vendors are affected by vulnerabilities discovered by a researcher in third-party encryption software they all use. | |||
|
2021-12-29 12:35:10 | Another Remote Code Execution Vulnerability Patched in Log4j (lien direct) | The developers of Log4j have patched another remote code execution vulnerability affecting the widely used logging utility. | Vulnerability | ||
|
2021-12-29 11:38:59 | Norwegian Media Firm Amedia Suffers Disruption Due to Cyberattack (lien direct) | Norwegian media company Amedia on Tuesday announced that it fell victim to a cyberattack that forced it to shut down multiple systems. The second largest media company in Norway, Amedia owns 50 local and regional online and printed newspapers, as well as the Avisenes Nyhetsbyrå news agency. | |||
|
2021-12-29 11:13:27 | Poland\'s Tusk Calls Spyware Use \'Crisis for Democracy\' (lien direct) | Polish opposition leader Donald Tusk on Tuesday said reports the government spied on its opponents represented the country's biggest "crisis for democracy" since the end of communism. | Guideline | ||
|
2021-12-28 19:23:29 | Researchers Dive Into Equation Group Tool \'DoubleFeature\' (lien direct) | Security researchers at Check Point are publicly documenting the Equation Group APT's DoubleFeature, a component of DanderSpritz post-exploitation framework. | Tool | ||
|
2021-12-28 16:20:13 | The Human Connection: A Mindset for the Coming Year (lien direct) | I've written about people and the contributions they make on protecting our email and IT systems, but I'd like to shift focus this last article for 2021 towards a deeper but related topic: human connections. | |||
|
2021-12-28 14:24:16 | Threat Actors Abuse MSBuild for Cobalt Strike Beacon Execution (lien direct) | Recently observed malicious campaigns have abused Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised machines. | |||
|
2021-12-28 13:26:44 | State Workers to Be Paid on Time Despite Ransomware Attack (lien direct) | State workers in West Virginia will be paid on time this week despite a ransomware attack that affected a software provider that helps manage the state's payroll system. | Ransomware | ||
|
2021-12-28 11:51:50 | Shutterfly Says Ransomware Attack Impacted Manufacturing (lien direct) | Shutterfly, an online platform for photography and personalized products, has confirmed that some of its services have been affected by a ransomware attack. | Ransomware | ||
|
2021-12-27 17:14:25 | DuckDuckGo Signals Entry into Desktop Browser Market (lien direct) | Gabriel Weinberg's DuckDuckGo is taking aim at the desktop browser market, betting that default privacy-centric settings will provide safer alternatives to Google's Chrome and Microsoft's Chromium-based Edge browsers. | |||
|
2021-12-27 15:04:25 | High-Risk Flaw Haunts Apache Server (lien direct) | The Apache Software Foundation has released a new version of its flagship web server to patch a pair of security defects, one series enough to lead to remote code execution attacks. | Guideline | ||
|
2021-12-27 14:37:09 | IT Services Firm Inetum Discloses Ransomware Attack (lien direct) | French IT services company Inetum Group revealed just before Christmas that it had fallen victim to a ransomware attack, but claimed that impact on its operations was limited. | Ransomware | ||
|
2021-12-27 13:43:31 | Jackson Public Schools Ups Cybersecurity After Hacker Attack (lien direct) | The public school district in Mississippi's capital city is implementing new cybersecurity measures after hackers attacked its server last year. Jackson Public Schools officials say attackers sought to encrypt files and have the district pay a ransom to return the files, WJTV reports. | |||
|
2021-12-27 12:34:05 | Organizations Targeted With Babuk-Based Rook Ransomware (lien direct) | A piece of ransomware that emerged in late November has already made three victims, with the first of them hit less than a week after the malware was initially spotted. | Ransomware Malware | ||
|
2021-12-27 11:33:20 | New Flaws Expose EVlink Electric Vehicle Charging Stations to Remote Hacking (lien direct) | Schneider Electric has patched several new vulnerabilities that expose its EVlink electric vehicle charging stations to remote hacker attacks. | ★★ | ||
|
2021-12-27 09:50:13 | Albanian Prime Minister Apologizes Over Database Leak (lien direct) | Albania's prime minister on Thursday apologized for a big leak of personal records from a government database of state and private employees, which he said seems more like an inside job than a cyber attack. | |||
|
2021-12-23 13:44:28 | NVIDIA, HPE Products Affected by Log4j Vulnerabilities (lien direct) | NVIDIA and Hewlett Packard Enterprise (HPE) have confirmed that some of their products are affected by the recently disclosed vulnerabilities in the Apache Log4j logging utility. | |||
|
2021-12-23 13:16:57 | Several Critical Vulnerabilities Found in myPRO HMI/SCADA Product (lien direct) | A researcher has found a dozen vulnerabilities in the myPRO product of Czech industrial automation company mySCADA, including several flaws that have been assigned a critical severity rating. | |||
|
2021-12-23 12:22:23 | Microsoft Office Patch Bypassed for Malware Distribution in Apparent \'Dry Run\' (lien direct) | Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability and leveraged it to briefly distribute Formbook malware, Sophos reports. | Malware Vulnerability | ||
|
2021-12-23 11:50:05 | Five Eyes Nations Issue Joint Guidance on Log4j Vulnerabilities (lien direct) | Government agencies in the United States, Canada, the United Kingdom, Australia and New Zealand on Wednesday announced the release of a joint cybersecurity advisory to provide guidance on addressing the recently disclosed vulnerabilities affecting the widely used Log4j logging utility. | |||
|
2021-12-23 11:16:52 | 400,000 Individuals Affected by Email Breach at West Virginia Healthcare Company (lien direct) | Monongalia Health System (Mon Health) this week disclosed a business email compromise (BEC) incident that was the result of unauthorized access to its email system. | |||
|
2021-12-22 22:53:41 | Research: Simulated Phishing Tests Make Organizations Less Secure (lien direct) | A large-scale, long-term phishing experiment conducted in a 56,000-employee organization has come to a startling conclusion: Those simulated phishing tests commonly seen in corporate user-education campaigns are actually making things much worse. | ★★★ | ||
|
2021-12-22 18:53:34 | Microsoft Confirms \'NotLegit\' Azure Flaw Exposed Source Code Repositories (lien direct) | Microsoft has quietly started notifying some Azure customers that a serious security vulnerability in the Azure App Service has caused the exposure of hundreds of source code repositories. | Vulnerability | ||
|
2021-12-22 16:38:54 | Ubisoft Confirms Unauthorized Access to \'Just Dance\' User Data (lien direct) | French video game company Ubisoft this week confirmed that 'Just Dance' user data was compromised in a recent cybersecurity incident. The data breach was the result of a misconfiguration that has since been corrected, but not before player data was accessed and potentially copied by a third party. | Data Breach | ||
|
2021-12-22 15:53:07 | CISA Says No Federal Agencies Compromised in Log4Shell Attacks to Date (lien direct) | 
|
|||
|
2021-12-22 15:27:14 | Virginia Still Working to Fix Issues After Ransomware Attack (lien direct) | The information technology agency that serves Virginia's legislature is still working to fix problems caused by a ransomware attack earlier this month, a state official said Tuesday. | Ransomware | ||
|
2021-12-22 14:07:56 | Targeted Links Used to Steal Tens of Millions in Global Scam Campaign (lien direct) | By impersonating 121 brands, scammers managed to defraud users in over 90 countries of an estimated $80 million per month, Singapore-based threat hunting and intelligence firm Group-IB reveals. | Threat |
To see everything:
Our RSS (filtrered)
