Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-03 14:23:32 |
Facebook, Twitter Take Down More State-Linked Accounts (lien direct) |
Facebook and Twitter this week announced they suspended thousands of accounts that were involved in disinformation campaigns aligned with the interests of several governments.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-03 12:20:07 |
17 Malware Frameworks Target Air-Gapped Systems for Espionage (lien direct) |
An analysis of 17 espionage frameworks designed to target air-gapped networks shows that all of them leverage USB drives and all target Windows exclusively, ESET reports.
|
Malware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-03 11:50:06 |
TSA Requires Rail and Airports to Strengthen Cybersecurity (lien direct) |
The Transportation Security Administration is issuing new directives and recommendations aimed at strengthening the cybersecurity defenses of U.S. rail and airport operators.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-03 11:11:06 |
Facebook Expands Advanced Security Program to More Countries (lien direct) |
Facebook on Thursday announced that it is on track to make its Facebook Protect security program available globally.
The program is meant to help individuals at risk of being targeted by threat actors, including government officials, human rights defenders, and journalists, to better secure their accounts and prevent potential compromise.
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 21:23:37 |
Security Analytics Startup Panther Labs Scores $120M Investment (lien direct) |
Panther Labs, an early stage startup that specializes in detection and response analytics, has raised a whopping $120 million in a new round of funding led by hedge fund Coatue Management.
Panther Labs said the Series B investment was raised at a $1.4 billion valuation, putting the company among a growing list of 'unicorn' cybersecurity startups.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 18:18:06 |
CISA Adds Zoho, Qualcomm, Mikrotik Flaws to \'Must-Patch\' List (lien direct) |
The U.S. government's cybersecurity agency has updated its catalog of “known exploited vulnerabilities” and set deadlines for federal agencies to apply fixes for security defects in software made by Qualcomm, Mikrotik, Zoho and the Apache Software Foundation.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 16:24:12 |
(Déjà vu) Webinar Today: CISO Fireside Chat With Steve Katz, World\'s First Known CISO (lien direct) |
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 14:20:22 |
Karamba Security Raises $10 Million to Protect Connected Devices (lien direct) |
Another $10 million has been raised by Karamba Security, an Israel-based company that provides products and services for securing industrial, automotive, enterprise and consumer IoT systems.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 14:07:02 |
Blockchain Security Provider CertiK Raises $80 Million (lien direct) |
Blockchain security provider CertiK on Wednesday announced that it has closed an $80 million Series B2 funding round, the third within four months.
The company has raised over $140 million to date, with the latest investment round, the largest so far, boosting CertiK's valuation close to the billion dollar mark.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 13:09:26 |
Critical Flaw in NSS Cryptographic Library Affects Several Popular Applications (lien direct) |
Mozilla on Wednesday announced the rollout of patches for a critical vulnerability in the NSS (Network Security Services) cross-platform cryptographic library.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 12:29:52 |
Russian Administrator of Bulletproof Hosting Sentenced to Prison in U.S. (lien direct) |
A Russian national who founded and led a bulletproof hosting organization was sentenced to 60 months in prison in the United States.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 11:57:05 |
Data Hacked for 400,000 Planned Parenthood LA Patients (lien direct) |
The Los Angeles branch of Planned Parenthood was hit by a data breach involving about 400,000 patients, but there is no indication that the information was used “for fraudulent purposes,” the group said.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-02 11:52:34 |
Former Employee Accused of Being Behind Ubiquiti Hack (lien direct) |
The hacker attack disclosed by Ubiquiti in January 2021 was actually conducted by a former employee, according to the Justice Department, which announced charges against the individual on Wednesday.
|
Hack
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 18:27:38 |
CyCognito Snags $100M Investment for Attack Surface Management (lien direct) |
The surge in venture capital bets on startups in the nascent attack surface management business continued apace Wednesday with Israeli risk management firm CyCognito announcing a new $100 million funding round.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 16:14:02 |
Prediction Season: What\'s in Store for Cybersecurity in 2022? (lien direct) |
The past year has been quite challenging and tiring for many IT and security professionals, as threat actors capitalized on the rapidly changing environment created by accelerated digitalization and cloud transformation in response to the COVID-19 pandemic.
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 15:51:08 |
Aqua Security Acquires Software Development Security Firm Argon (lien direct) |
Aqua Security, a cloud security company specializing in containers, on Wednesday announced the acquisition of software development security firm Argon. Both companies are based in Israel.
Aqua told SecurityWeek that the acquisition price is in the tens of millions of dollars.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 15:31:29 |
Critical Vulnerability Found in More Than 150 HP Printer Models (lien direct) |
Multiple Vulnerabilities Found in More Than 150 HP Printer Models; Critical Flaw Could Allow Attackers to Move Laterally
Vulnerabilities in more than 150 multi-function printers from HP demonstrate that any type of device that connects to a network can expand the perceived threat surface.
|
Vulnerability
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 15:14:17 |
VirusTotal Introduces \'Collections\' to Simplify IoC Sharing (lien direct) |
Chronicle-owned VirusTotal this week announced VirusTotal Collections, a new resource aimed at making it easier for security researchers to share Indicators of Compromise (IoCs).
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 14:12:10 |
(Déjà vu) Cybersecurity M&A Roundup: 40 Deals Announced in November 2021 (lien direct) |
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 13:17:49 |
Missouri Man Sentenced to Prison Over Role in SIM Swapping Scheme (lien direct) |
A Missouri man has been sentenced to 10 months in prison for his role in a SIM swapping scheme that resulted in the theft of millions of dollars.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 12:28:47 |
New Quantum Computing Giant Quantinuum to Launch Cybersecurity Product (lien direct) |
Honeywell Quantum Solutions and Cambridge Quantum on Tuesday announced that they have merged to create Quantinuum, which they have described as the “world's largest integrated quantum computing company.”
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 12:26:36 |
CISO Conversations: Steve Katz, the World\'s First CISO (lien direct) |
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 11:50:49 |
Yanluowang Ransomware Targeting U.S. Financial Corporations (lien direct) |
Security researchers with Symantec believe that the Yanluowang ransomware is operated by a threat actor that was previously affiliated to the FiveHands group.
|
Ransomware
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-12-01 11:30:59 |
\'WIRTE\' Attacks Targeting Middle Eastern Governments Linked to Hamas Cyberspies (lien direct) |
Over the past couple of years, a threat actor tracked as WIRTE has continued its assaults on entities in the Middle East using “living off the land” techniques, Kaspersky reports.
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 20:16:41 |
Privacy Startup Soveren Raises $6.5 Million Seed Round (lien direct) |
Privacy-focused techology startup Soveren on Tuesdfirsay announced it has closed a $6.5 million seed round led by firstminute capital. Northzone also invested in the startup, along with multiple private investors.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 20:04:10 |
Coinbase to Acquire Cryptography Firm Unbound Security (lien direct) |
Cryptocurrency trading powerhouse Coinbase on Tuesday announced plans to acquire Unbound Security, an Israeli startup that provides protection for cryptographic keys and credentials.
Financial terms of the planned acquisition were not released but reports out of Israel peg the price tag in the range of $150 million.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 16:51:25 |
(Déjà vu) 2.1 Million People Affected by Breach at DNA Testing Company (lien direct) |
Ohio-based DNA testing company DNA Diagnostics Center (DDC) this week disclosed a data breach affecting 2.1 million people.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 16:18:24 |
\'Sabbath\' Ransomware Operators Target Critical Infrastructure (lien direct) |
Since June 2021, a relatively new ransomware group called Sabbath has been targeting critical infrastructure in the United States and Canada, including education, health and natural resources.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 16:09:34 |
Hardware Security Firm Axiado Banks $25M Investment (lien direct) |
Axiado Corp, a hardware security firm based in San Jose, Calif., has banked $25 million in what is being described as an “oversubscribed” Series B funding round.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 14:55:59 |
Source Code Security Firm Cycode Raises $56 Million (lien direct) |
Cycode, a startup that specializes in source code security, on Tuesday announced raising $56 million in a Series B funding round.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 13:18:55 |
Wind Turbine Giant Vestas Confirms Ransomware Involved in Cyberattack (lien direct) |
Danish wind turbine giant Vestas Wind Systems on Monday confirmed that the recently disclosed cyberattack involved ransomware.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 12:24:19 |
North Korean Hackers Use New \'Chinotto\' Malware to Target Windows, Android Devices (lien direct) |
Kaspersky has analyzed a new espionage campaign conducted by the threat actor named ScarCruft, and the security firm's researchers have uncovered a previously unknown malware that has been used to target Windows and Android devices.
|
Malware
Threat
Cloud
|
APT 37
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-30 11:54:54 |
MI6 Spy Chief Says China, Russia, Iran Top UK Threat List (lien direct) |
UK spies seek help from tech firms against cyber threats
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 19:03:13 |
Project Zero Flags High-Risk Zoom Security Flaw (lien direct) |
Video conferencing software giant Zoom has shipped patches for a pair of security defects that expose Windows, macOS, Linux, iOS and Android users to malicious hacker attacks.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 17:00:49 |
Marine Services Provider Swire Pacific Offshore Discloses Data Breach (lien direct) |
Singapore-based marine services provider Swire Pacific Offshore (SPO) disclosed a cybersecurity incident that resulted in the loss of commercial and personal data.
In an announcement published over the U.S. Thanksgiving holiday weekend, the company revealed that a third-party was able to access some of its systems without authorization.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 15:36:37 |
Panasonic Investigating Data Breach (lien direct) |
Panasonic last week disclosed a network breach that resulted in a file server reportedly storing potentially sensitive information getting accessed.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 14:24:39 |
CISA Releases Guidance on Securing Enterprise Mobile Devices (lien direct) |
The United States Cybersecurity and Infrastructure Security Agency (CISA) last week published a Capacity Enhancement Guide (CEG) to help organizations secure mobile devices and their access to enterprise resources.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 14:08:23 |
Armis Raises $300 Million at $3.4 Billion Valuation (lien direct) |
Armis, a company that offers solutions designed to help enterprises discover and secure their devices, on Monday announced raising another $300 million.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 12:10:45 |
Recently Patched Apache HTTP Server Vulnerability Exploited in Attacks (lien direct) |
German Cybersecurity Agency and Cisco Warn of Attacks Targeting Apache HTTP Server Flaw
Organizations are being advised to ensure that their Apache HTTP servers are up to date, after it came to light that a recently patched vulnerability has been exploited in attacks.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-29 11:39:22 |
Ransomware Operators Threaten to Leak 1.5TB of Supernus Pharmaceuticals Data (lien direct) |
Biopharmaceutical company Supernus Pharmaceuticals last week confirmed it fell victim to a ransomware attack that resulted in a large amount of data being exfiltrated from its network.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 16:14:23 |
UK Cyber Firm Faces Investors Over Stock Turmoil (lien direct) |
British cyber security firm Darktrace came under investor scrutiny Wednesday over dramatic share price gyrations since its headline-grabbing London stock market float.
Darktrace, based in the English university city of Cambridge, held its annual general meeting amid growing unease over the stock.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 15:32:05 |
VMware Patches File Read, SSRF Vulnerabilities in vCenter Server (lien direct) |
VMware on Tuesday informed customers about the availability of patches for arbitrary file read and server-side request forgery (SSRF) vulnerabilities affecting its vCenter Server product.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 14:46:35 |
IoT Security Company Shield-IoT Raises $7.4 Million (lien direct) |
Internet of Things (IoT) and Industrial IoT security provider Shield-IoT this week announced that it has closed a $7.4 million Series A funding round, which brings the total raised by the company to $11 million.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 13:52:47 |
Two Nigerians Sentenced to Prison in U.S. for Role in BEC Scams (lien direct) |
Two Nigerian nationals have been sentenced to prison in the United States for their roles in Business Email Compromise (BEC) schemes, the U.S. Department of Justice announced.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 13:52:00 |
3 Key Questions for CISOs on the Wave of Historic Industrial Cybersecurity Legislation (lien direct) |
The last 18 months have been nothing short of historic for critical infrastructure companies. First, came a series of dramatic developments that highlighted the risks to industrial environments:
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 13:03:49 |
GoDaddy Says Several Brands Hit by Recent WordPress Hosting Breach (lien direct) |
Domain registrar and web hosting giant GoDaddy says the recently disclosed data breach impacts several of its brands, including 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 12:18:31 |
CISA, FBI Warn of Potential Critical Infrastructure Attacks on Holidays (lien direct) |
The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) this week reminded organizations of all types – with a focus on critical infrastructure – that cybercriminals tend to launch impactful cyberattacks during holidays and weekends.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 11:41:32 |
Researcher Awarded $10,000 for Google Cloud Platform Vulnerability (lien direct) |
Security researcher David Schütz says he received over $10,000 in bug bounty payouts from Google after reporting a Google Cloud project vulnerability and subsequent bypasses to rolled-out fixes.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 09:37:59 |
Industrial Cybersecurity Firm Applied Risk Acquired by DNV (lien direct) |
Norway-based assurance and risk management solutions provider DNV is acquiring industrial cybersecurity company Applied Risk in an effort to create an “industrial cybersecurity powerhouse.”
The companies will merge under the DNV brand. Financial terms of the deal have not been disclosed.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-11-24 05:10:39 |
Japan, Vietnam Look to Cyber Defense Against China (lien direct) |
Japan and Vietnam on Tuesday signed a cybersecurity agreement as the two Asian nations rapidly step up their military ties amid concerns over China's growing assertiveness.
|
|
|
|