What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-15 12:21:59 | Network Security Company Netography Raises $45 Million (lien direct) | Network detection and response (NDR) solutions provider Netography has raised $45 million in Series A funding, which brings the total raised by the company to $47.6 million. The new investment round was led by Bessemer Venture Partners and SYN Ventures. Existing investors Andreessen Horowitz, Harpoon Ventures, Mango Capital, and Wing Venture Capital also contributed. | |||
|
2021-11-15 12:02:14 | Four Things Your CISO Wants Your Board to Know (lien direct) | For years, it seems like we've been rationalizing why your company's Chief Information Security Officer (CISO) deserves a seat at the boardroom table. In many industries, we've come a long way since then. At more and more organizations, CISOs have stepped up and begun conferring regularly with the CFO, CTO, and CEO on security strategy, cyber risk, and how to approach digital transformation. | |||
|
2021-11-15 11:18:35 | Fake Emails Sent From FBI Address via Compromised Law Enforcement Portal (lien direct) | Thousands of fake emails coming from an FBI email address were sent out on Friday by someone who exploited a vulnerability in a law enforcement portal. The FBI has confirmed the breach, but said impact was limited. | Vulnerability | ||
|
2021-11-12 20:06:52 | Intel, AMD Patch High Severity Security Flaws (lien direct) | Chipmakers Intel and AMD this week released patches for multiple security vulnerabilities in a wide range of product lines, including fixes for a series of high-risk issues in software drivers. | |||
|
2021-11-12 17:55:01 | \'BotenaGo\' Malware Targets Routers, IoT Devices with Over 30 Exploits (lien direct) | A newly discovered Golang-based malware is using over 30 exploits in attacks, potentially putting millions of routers and Internet of Things (IoT) at risk of malware infection, according to a warning from AT&T Alien Labs. | Malware | ||
|
2021-11-12 17:36:21 | Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client (lien direct) | Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks. | |||
|
2021-11-12 16:03:40 | Researcher Shows Windows Flaw More Serious After Microsoft Releases Incomplete Patch (lien direct) | A researcher has discovered that a Windows vulnerability for which Microsoft released an incomplete patch in August is more serious than initially believed. | Vulnerability | ||
|
2021-11-12 15:33:09 | HPE Says Customer Data Compromised in Aruba Data Breach (lien direct) | Hewlett Packard Enterprise (HPE) has confirmed that a small amount of customer data was compromised in a data breach involving its subsidiary Aruba Networks. | Data Breach | ||
|
2021-11-12 14:21:04 | Google, Adobe Announce New Open Source Security Tools (lien direct) | Google and Adobe this week announced the availability of new open source security tools, for continuous fuzzing and detecting living-off-the-land attacks. Google releases ClusterFuzzLite | |||
|
2021-11-12 11:59:37 | macOS Zero-Day Exploited to Deliver Malware to Users in Hong Kong (lien direct) | Google on Thursday shared details about a recent attack that exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. | Malware Vulnerability | ||
|
2021-11-11 21:38:35 | Indonesia, UK Discuss Future Technology and Cybersecurity (lien direct) | British Foreign Secretary Liz Truss met with Indonesian officials on Thursday and discussed closer cooperation in future technologies, cybersecurity and economic relations as part of British efforts to deepen ties to Southeast Asia after leaving the European Union. | |||
|
2021-11-11 19:56:42 | Enlisting Employees to Fight Cyber Threats (lien direct) | With another Cybersecurity Awareness Month behind us, this is the perfect time to kick off or refresh a security awareness and training program for employees. The more that non-technical staff employees know about security issues, the better they can recognize, report, and even prevent threats. | |||
|
2021-11-11 18:10:56 | The Wild West of the Nascent Cyber Insurance Industry (lien direct) | 
|
|||
|
2021-11-11 12:59:42 | Nearly 100 TCP/IP Stack Vulnerabilities Found During 18-Month Research Project (lien direct) | An 18-month research project has resulted in the discovery of nearly 100 vulnerabilities across more than a dozen TCP/IP stacks. | |||
|
2021-11-11 12:06:40 | Contrast Security Raises $150 Million at \'Unicorn\' Valuation (lien direct) | Code security company Contrast Security this week announced that it has closed $150 million Series E funding round at a billion-dollar valuation, making the company the latest cybersecurity unicorn. | |||
|
2021-11-10 21:46:50 | Remote Code Execution Flaw in Palo Alto GlobalProtect VPN (lien direct) | 
|
|||
|
2021-11-10 20:11:40 | VMware Working on Patches for Serious vCenter Server Vulnerability (lien direct) | VMware announced on Wednesday that it's working on patches for a potentially serious privilege escalation vulnerability affecting vCenter Server. The vulnerability is tracked as CVE-2021-22048 and it has been assigned an “important” severity rating, which is equivalent to “high severity” based on its CVSS score of 7.1. | Vulnerability | ||
|
2021-11-10 19:03:59 | Critical Flaw in WordPress Plugin Leads to Database Wipe (lien direct) | A major security vulnerability in the WP Reset PRO WordPress plugin could be exploited by an authenticated user to wipe the entire database of a website, according to a warning from researchers at Packstack (formerly WebARX). | Vulnerability | ||
|
2021-11-10 16:17:33 | South Korean Users Targeted with Android Spyware \'PhoneSpy\' (lien direct) | More than 1,000 mobile phone users in South Korea have been targeted with a powerful piece of Android spyware as part of an ongoing campaign, according to a new report from Zimperium zLabs. Dubbed PhoneSpy, the malware was designed with extensive spyware capabilities inside, such including data theft, audio and video capture, and location monitoring. | Malware | ★★★ | |
|
2021-11-10 16:07:38 | RPC Firewall Dubbed \'Ransomware Kill Switch\' Released to Open Source (lien direct) | Today at Black Hat London, Zero Networks announced the release of its RPC firewall – also dubbed the 'ransomware kill switch' – into open source. The tool provides granular control over RPC, capable of blocking the use of lateral movement hacker tools and stopping almost all ransomware in its tracks. | Ransomware Tool | ||
|
2021-11-10 14:48:59 | Citrix Patches Critical Vulnerability in ADC, Gateway (lien direct) | Citrix this week released patches for a couple of vulnerabilities affecting Citrix ADC, Gateway, and SD-WAN, including a critical bug leading to denial of service (DoS). | Vulnerability Guideline | ||
|
2021-11-10 13:57:52 | ICS, OT Cybersecurity Incidents Cost Some U.S. Firms Over $100 Million: Survey (lien direct) | A report published on Wednesday by the Ponemon Institute and industrial cybersecurity firm Dragos shows that the average cost of a security incident impacting industrial control systems (ICS) or other operational technology (OT) systems is roughly $3 million, and some companies reported costs of over $100 million. | |||
|
2021-11-10 12:24:22 | Socure Raises $450 Million at $4.5 Billion Valuation (lien direct) | Digital identity verification provider Socure on Tuesday announced that it has closed a $450 million Series E funding round, at a $4.5 billion valuation. To date, the company raised close to $650 million. The new funding round was announced roughly half a year after Socure closed a $100 million Series D round, at a $1.3 billion valuation. | |||
|
2021-11-10 12:06:35 | The Rising Threat Stemming From Identity Sprawl (lien direct) | Identity sprawl in the age of remote working and business transformation is a threat to cybersecurity | Threat | ||
|
2021-11-10 11:10:48 | Taiwan Government Faces 5 Million Cyberattacks Daily: Official (lien direct) | Taiwan's government agencies face around five million cyberattacks and probes a day, an official said Wednesday, as a report warned of increasing Chinese cyber warfare targeting the self-ruled island. | ★★★★ | ||
|
2021-11-10 04:44:47 | 14 New Vulnerabilities Discovered in BusyBox (lien direct) | Researchers from software development company JFrog and industrial cybersecurity firm Claroty have identified a total of 14 new vulnerabilities in BusyBox, and on Tuesday they detailed some of their findings. | |||
|
2021-11-10 04:20:38 | SAP Patches Critical Vulnerability in ABAP Platform Kernel (lien direct) | SAP on Tuesday announced the release of five new and two updated security notes as part of its November 2021 Security Patch Day, including one note that deals with a critical vulnerability in ABAP Platform Kernel. | Vulnerability | ||
|
2021-11-09 19:23:04 | Zero-Days Under Attack: Microsoft Plugs Exchange Server, Excel Holes (lien direct) | Microsoft on Tuesday pushed out patches for at least 55 documented security vulnerabilities in a wide range of products and called urgent attention to a pair of flaws that have already been exploited in the wild. | |||
|
2021-11-09 18:43:53 | Russian Cybercrime Group Exploits SolarWinds Serv-U Vulnerability (lien direct) | The Russia-linked 'Evil Corp' cybercrime group has been exploiting a vulnerability in SolarWinds Serv-U for initial infection, cybersecurity and risk mitigation firm NCC Group reports. | Vulnerability | ||
|
2021-11-09 15:56:41 | Adobe Patches Critical RoboHelp Server Security Flaw (lien direct) | Software maker Adobe on Tuesday released patches to cover at least four documented security defects that expose users to malicious hacker attacks. The most serious of the flaw was addressed in RoboHelp Server and is rated “critical” because it exposes corporate environments to arbitrary code execution attacks. | |||
|
2021-11-09 14:57:21 | (Déjà vu) ICS Patch Tuesday: Siemens and Schneider Electric Address Over 50 Security Flaws (lien direct) | Industrial giants Siemens and Schneider Electric have released a total of 20 Patch Tuesday advisories to address more than 50 vulnerabilities affecting their products. Siemens | |||
|
2021-11-09 14:40:24 | Security is Everywhere. Can Your Services Keep Up? (lien direct) | Today's networks require flexible services designed to accompany efforts to protect any user accessing any service from any location on any device | |||
|
2021-11-09 14:18:14 | Many Healthcare, OT Systems Exposed to Attacks by NUCLEUS:13 Vulnerabilities (lien direct) | A series of 13 vulnerabilities identified in the Nucleus TCP/IP stack could be exploited to execute code remotely, cause a denial of service condition, or to obtain sensitive information, enterprise device security firm Forescout warns. | |||
|
2021-11-09 14:09:04 | Breach and Attack Simulation Firm SafeBreach Doubles Funding With $53.5M Series D Round (lien direct) | Sunnyvale, CA-based breach and attack simulation firm SafeBreach has raised $53.5 million in a Series D funding round led by Sonae IM and Israel Growth Partners (IGP). Sands Capital, Leumi Partners and existing investors participated, and the funding includes strategic investment from ServiceNow. | |||
|
2021-11-09 13:07:10 | Critical Flaw in Sitecore Experience Platform Exploited in Attacks (lien direct) | Adversaries have started targeting a critical remote code execution vulnerability in Sitecore Experience Platform (Sitecore XP), the Australian Cyber Security Center (ACSC) warns. | Vulnerability | ||
|
2021-11-09 12:16:29 | OpenText Acquires Email Security Firm Zix for $860 Million (lien direct) | Enterprise information management solutions provider OpenText on Monday announced the acquisition of email security company Zix for $860 million. | |||
|
2021-11-09 11:13:05 | Mexico Arrests Suspect in Pegasus Spyware Case (lien direct) | Mexican prosecutors said Monday that they had detained a man accused of spying on a journalist using the Pegasus software at the center of a global spyware scandal. | |||
|
2021-11-08 22:05:36 | Robinhood Hacked, Millions of Names, Emails Stolen (lien direct) | 
Hacker socially engineered customer support employee to obtain millions of names and emails, demanded extortion payment
|
|||
|
2021-11-08 19:47:28 | U.S. Charges Two Suspected Major Ransomware Operators (lien direct) | Two suspected criminal hackers have been charged in the United States in connection with a wave of ransomware attacks, including one that led to the temporary shutdown of the world's largest meat processor and another that snarled businesses around the globe on the Fourth of July weekend, U.S. | Ransomware | ||
|
2021-11-08 18:41:38 | US Treasury Sanctions Crypto Exchange in Anti-Ransomware Crackdown (lien direct) | The U.S. government's aggressive anti-ransomware crackdown is showing no signs of slowing down with the Treasury Department announcing sanctions against a cryptocurrency exchange and new multi-million-dollar rewards for information on the REvil ransomware group. | Ransomware | ||
|
2021-11-08 17:53:01 | Global Companies Compromised via ADSelfService Plus Exploitation (lien direct) | At least nine global organizations have been compromised in attacks targeting a recent vulnerability in ManageEngine ADSelfService Plus, according to a warning from researchers at Palo Alto Networks. | Vulnerability | ||
|
2021-11-08 17:27:54 | US Government Contractor EWA Discloses Data-Theft Breach (lien direct) | U.S. government defense contractor Electronic Warfare Associates (EWA) has started sending out notifications to warn of a data breach that resulted in the theft of Personally Identifiable Information (PII). In early August 2021, the company said a threat actor was able to compromise the EWA email system following a successful phishing attack. | Data Breach Threat | ||
|
2021-11-08 17:21:08 | Drata Scores $100M Investment for Security and Compliance Automation (lien direct) | Valuations for early-stage cybersecurity startups are continuing to soar with news this week that Drata banked $100 million in a funding deal that values the company north of $1 billion. | |||
|
2021-11-08 16:45:37 | Europol Announces Arrests of 7 People Linked to REvil, GandCrab Ransomware (lien direct) | Europol on Monday announced that law enforcement agencies in several countries have arrested a total of seven people allegedly linked to REvil and GandCrab ransomware operations. | Ransomware | ||
|
2021-11-08 15:41:02 | SCYTHE Banks $10M Investment for Adversary Simulation (lien direct) | SCYTHE, a software company building technology for adversary simulation, on Monday announced it had secured $10 million in venture capital funding to speed up expansion plans. | |||
|
2021-11-08 15:19:40 | McAfee to be Taken Private in $14 Billion Private Equity Deal (lien direct) | Cybersecurity firm McAfee Corp. (NASDAQ:MCFE) has agreed to be acquired by a group of private equity firms in a deal valued at more than $14 billion, the company announced Monday. | |||
|
2021-11-08 14:55:22 | (Déjà vu) Cybersecurity M&A Roundup for First Week of November 2021 (lien direct) | 
A dozen cybersecurity-related acquisitions were announced in the first week of November 2021.
|
|||
|
2021-11-08 12:44:32 | Six Arrested for Roles in Clop Ransomware Operation (lien direct) | Six individuals allegedly associated with the Clop ransomware operation were arrested in a global law enforcement operation, Interpol announced. Authorities in South Korea, Ukraine, and the United States, under Interpol's coordination, were involved in the 30-month investigation dubbed Operation Cyclone. | Ransomware | ||
|
2021-11-08 12:12:37 | Report: 6 Palestinian Rights Activists Hacked by NSO Spyware (lien direct) | Security researchers disclosed Monday that spyware from the notorious Israeli hacker-for-hire company NSO Group was detected on the cellphones of six Palestinian human rights activists, half affiliated with groups that Israel's defense minister controversially claimed were involved in terrorism. | |||
|
2021-11-08 12:03:25 | Experts Analyze Proposed Bill Allowing Private Entities to \'Hack Back\' (lien direct) | If the average American has the right to defend his home by striking back, why can he or she not defend networks in a similar fashion? |
To see everything:
Our RSS (filtrered)
