What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-07 10:33:10 | The AP Interview: Justice Dept. Conducting Cyber Crackdown (lien direct) | The Justice Department is stepping up actions to combat ransomware and cybercrime through arrests and other actions, its No. 2 official told The Associated Press, as the Biden administration escalates its response to what it regards as an urgent economic and national security threat. | Ransomware | ||
|
2021-11-05 17:39:06 | Babuk Ransomware Seen Exploiting ProxyShell Vulnerabilities (lien direct) | A newly observed Babuk ransomware campaign is targeting ProxyShell vulnerabilities in Microsoft Exchange Server, according to security researchers at Cisco Talos. | Ransomware | ||
|
2021-11-05 17:24:49 | \'Critical Severity\' Warning: Malware Found in Widely Deployed npm Packages (lien direct) | Software supply chain security jitters escalated again Friday with new “critical severity” warnings about malware embedded in two npm package managers widely used by some of the biggest names in tech. | Malware | ||
|
2021-11-05 17:04:34 | Device Exploits Earn Hackers Over $1 Million at Pwn2Own Austin 2021 (lien direct) | The Zero Day Initiative's Pwn2Own Austin 2021 hacking contest has come to an end, with participants earning a total of more than $1 million for their router, printer, NAS device, smartphone, and smart speaker zero-day exploits. | |||
|
2021-11-05 15:45:09 | FBI: Scams Involving Cryptocurrency ATMs and QR Codes on the Rise (lien direct) | The Federal Bureau of Investigation (FBI) this week issued an alert on fraud schemes that direct victims to use cryptocurrency ATMs and Quick Response (QR) codes to make payment transactions. | |||
|
2021-11-05 14:58:45 | Researchers Release PoC Tool Targeting BrakTooth Bluetooth Vulnerabilities (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week warned on proof-of-concept (PoC) code for the BrakTooth Bluetooth vulnerabilities now being publicly available. | Tool | ★★★ | |
|
2021-11-05 13:48:21 | Hungarian Official: Government Bought, Used Pegasus Spyware (lien direct) | A senior official in Hungary's governing party acknowledged for the first time on Thursday that the government purchased a powerful spyware tool, which was allegedly used to target journalists, businesspeople and an opposition politician. | |||
|
2021-11-05 13:00:03 | (Déjà vu) Industry Reactions to New \'Trojan Source\' Attack: Feedback Friday (lien direct) | Researchers from the University of Cambridge have identified a new attack method that abuses Unicode to stealthily inject vulnerabilities into code. | |||
|
2021-11-04 23:17:12 | US Offers $10 Million Bounty in Hunt for DarkSide Ransomware Operators (lien direct) | US Goverment Offering $10 Million Reward for Data on DarkSide Ransomware Operators | Ransomware | ||
|
2021-11-04 19:03:09 | Cisco Plugs Critical Holes in Catalyst PON Enterprise Switches (lien direct) | Enterprise networking giant Cisco has released patches for multiple vulnerabilities across its product portfolio, including critical security defects in Catalyst Passive Optical Network (PON) Series Switches Optical Network Terminal (ONT) and Policy Suite. | |||
|
2021-11-04 16:42:31 | Linux Foundation Fixes \'Dangerous\' Code Execution Kernel Bug (lien direct) | Researchers are calling attention to a newly discovered security defect in a kernel module that ships with all major Linux distributions, warning that remote attackers can exploit the bug to take complete control of a vulnerable system. | |||
|
2021-11-04 15:41:23 | Mozilla Rolling Out \'Site Isolation\' With Release of Firefox 94 (lien direct) | Mozilla this week announced that Firefox 94 is bringing Site Isolation to all users, along with patches for over a dozen vulnerabilities, including seven that feature a high severity rating. | |||
|
2021-11-04 14:55:50 | Ukraine Names Russian FSB Officers Involved in Gamaredon Cyberattacks (lien direct) | Ukraine's security service, the SBU, on Thursday revealed the identities of five individuals allegedly involved in cyberattacks attributed to a Russia-linked threat group named Gamaredon. | Threat | ||
|
2021-11-04 14:40:52 | Engaging Customers on an Uncertain Journey (lien direct) | While every company has unique policies, politics, and market pressures, the technical challenges are often shared among many | |||
|
2021-11-04 12:41:54 | House Passes Two Bills to Improve Small Business Cybersecurity (lien direct) | The House of Representatives this week passed two bills whose goal is to boost small business cybersecurity in the United States. | |||
|
2021-11-04 12:06:51 | Compliance-as-a-Service Platform Laika Raises $35 Million (lien direct) | Compliance-as-a-Service platform Laika this week announced that it has raised $35 million in Series B funding, which brings the total raised by the company to $48 million. The new funding round was led by J.P. Morgan Growth Equity Partners. All previous investors participated as well, including Canapi, Dashfund, Bain Capital Ventures, Nyca, and ThirdPrime. | |||
|
2021-11-04 11:29:29 | Twitter Hacker Charged Over Theft of $784,000 in Cryptocurrency (lien direct) | A British national has been charged in the United States over his role in a scheme that involved the use of SIM swapping to steal roughly $784,000 worth of cryptocurrency. | |||
|
2021-11-04 01:09:53 | US Puts New Controls on Israeli Spyware Company NSO Group (lien direct) | The Biden administration announced Wednesday it is putting new export limits on Israel's NSO Group, the world's most infamous hacker-for-hire company, saying its tools have been used to “conduct transnational repression.” | |||
|
2021-11-03 16:14:38 | Application Security Startup Wabbi Raises Over $2 Million in Seed Funding (lien direct) | Female-founded application security startup Wabbi on Tuesday announced raising more than $2 million in an oversubscribed seed funding round. The funding round was led by Mendoza Ventures, with participation from Cisco Investments and several other companies and angel investors. Wabbi plans on using the money to scale its team. | |||
|
2021-11-03 14:49:54 | BlackMatter Ransomware Gang Announces Shutdown (lien direct) | The cybercriminals behind the BlackMatter Ransomware-as-a-Service (RaaS) operation this week announced plans to close shop. | Ransomware | ||
|
2021-11-03 14:09:46 | (Déjà vu) Microsoft Announces New Endpoint Security Solution for SMBs (lien direct) | Microsoft on Tuesday announced the upcoming availability of Microsoft Defender for Business, an enterprise-grade endpoint security solution catered for small and medium-sized businesses (SMBs). | |||
|
2021-11-03 13:30:04 | CISA Lists 300 Exploited Vulnerabilities That Organizations Need to Patch (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a list of roughly 300 vulnerabilities that are known to have been exploited, and it has issued a binding operational directive (BOD) instructing government organizations to patch these security flaws. | |||
|
2021-11-03 11:53:48 | Iran Says Fuel System Running Again After Cyber Attack (lien direct) | Iran's fuel distribution system resumed full operation on Tuesday, a week after it was paralysed by a cyber attack, the authorities said. | |||
|
2021-11-03 11:36:53 | Another Cybersecurity Awareness Month Has Passed and Little Has Changed (lien direct) | Last month we celebrated the 18th year of the Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month. Under the slogan “Do Your Part. | |||
|
2021-11-03 11:29:42 | Printers Hacked for First Time at Pwn2Own (lien direct) | The Zero Day Initiative's Pwn2Own Austin 2021 hacking competition kicked off on Tuesday and, for the first time in the event's history, participants earned rewards for hacking printers. | |||
|
2021-11-03 09:46:52 | Many GitLab Servers Affected by Actively Exploited Flaw Patched Six Months Ago (lien direct) | An actively exploited remote code execution vulnerability in GitLab continues to affect roughly 30,000 Internet-facing installations six months after patches were released, Rapid7 says. | Vulnerability | ||
|
2021-11-02 18:32:55 | FBI: Ransomware Attacks Exploit Financial Business Events (lien direct) | The Federal Bureau of Investigation (FBI) this week issued an industry-wide notification to raise awareness about ransomware operators leveraging information on mergers, acquisitions and stock valuations to launch extortion attacks on businesses. | Ransomware | ||
|
2021-11-02 18:23:36 | Hackers Release Israeli LGBTQ Dating Site Details (lien direct) | Israel's justice ministry said Tuesday Google had blocked sites of a hacking group that leaked user details of an Israeli LGBTQ dating site, an attack some security experts blamed on Iran. | |||
|
2021-11-02 17:51:17 | Facebook to Shut Down Face-Recognition System, Delete Data (lien direct) | Facebook said it will shut down its face-recognition system and delete the faceprints of more than 1 billion people. | |||
|
2021-11-02 17:03:52 | Signal Working on Improving Anti-Spam Capabilities (lien direct) | Privacy-focused communication platforms Signal is sharing information on the improvements it has made to its spam-prevention capabilities. The task of keeping spam out of user's inboxes, Signal says, is more difficult compared to other messaging services, because the company does not have access to the contents of messages, and has to fight spam without social graphs. | Spam | ||
|
2021-11-02 16:05:05 | IBM Security to Acquire ReaQta for xDR Push (lien direct) | IBM Security on Tuesday announced plans to acquire ReaQta, an early-stage European startup in the red-hot autonomous threat detection and response business. Financial terms of the transaction were not released. ReaQta, based in the Netherlands, raised an undisclosed Series A funding round earlier this year. | Threat | ||
|
2021-11-02 15:59:37 | FBI Publishes IOCs for Hello Kitty Ransomware (lien direct) | The Federal Bureau of Investigation (FBI) has published a flash alert to share details on the tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs) associated with the Hello Kitty ransomware, which is also known as FiveHands. | Ransomware | ||
|
2021-11-02 15:30:30 | Kaspersky Patches Vulnerability That Can Lead to Unbootable System (lien direct) | Microsoft Phishing Messages Come From Kaspersky Email Address Kaspersky published two advisories on Monday to warn customers about a vulnerability that can lead to unbootable systems and a phishing campaign involving messages sent from a Kaspersky email address. | Vulnerability Guideline | ||
|
2021-11-02 15:16:06 | Google Triples Bounty for Linux Kernel Exploitation (lien direct) | Google is sweetening the pot for bug bounty researchers finding and exploiting privilege escalation flaws in the Linux kernel. Over the next three months, Google plans to shell out US$31,337 for privilege escalation exploits using an already patched vulnerability, and $50,337 for a zero-day kernel flaw or a novel exploitation technique. | |||
|
2021-11-02 14:10:14 | DevSecOps Startup Oxeye Emerges From Stealth With $5.3 Million in Funding (lien direct) | DevSecOps startup Oxeye emerged from stealth mode on Tuesday with a cloud-native application security testing platform and $5.3 million in seed funding. Currently in Beta, the company's automated platform is designed to help developer, security and DevSecOps teams identify and address code vulnerabilities before they reach production. | |||
|
2021-11-02 13:29:52 | After Security Flaw Found, Missouri Hires Data Breach Group (lien direct) | Two weeks after a newspaper discovered a security flaw on a state website, Gov. Mike Parson's administration has hired a company that performs data breach and credit monitoring services. | Data Breach | ||
|
2021-11-02 13:12:48 | Encryption-as-a-Service Provider Vaultree Emerges From Stealth (lien direct) | Encryption-as-a-Service startup Vaultree today emerged from stealth mode and announced raising $3.3 million in a seed round led by Ten Eleven Ventures. Enterprise Ireland, HBAN, Unpopular Ventures, and former Cisco CSO John N. Stewart also contributed to the funding round. | |||
|
2021-11-02 12:51:34 | Security Pros Know What They Need to Do, But Constrained by Lack of Resources (lien direct) | A new survey report describes security teams as trapped by a lack of resources into continuing what they have been doing (which, from empirical evidence, clearly is not working) rather than migrating their efforts to what they believe they should be doing (risk analysis and threat modeling). | Threat | ||
|
2021-11-02 12:47:30 | Google Patches Android Zero-Day Exploited in Targeted Attacks (lien direct) | Google on Monday announced the availability of the November 2021 security updates for Android and warned that one of the patched vulnerabilities has been exploited in attacks. | |||
|
2021-11-02 12:07:04 | CrowdStrike to Buy Zero Trust Data Encryption Firm SecureCircle (lien direct) | Zero trust is a conceptual destination, not an application. As with all destinations, there are different routes to it, and even different descriptions of it. CrowdStrike (NASDAQ: CRWD) believes it will complete its own zero trust destination on the endpoint by acquiring and integrating SecureCircle's data encryption into its existing identity and access capabilities. | |||
|
2021-11-02 11:56:56 | Marshall University Launches New Cybersecurity Institute (lien direct) | Marshall University has launched its newly formed Institute for Cyber Security. Marshall President Jerome Gilbert said the institute is an academic and research cluster that will support cybersecurity-related programs across the campus. | |||
|
2021-11-02 11:22:35 | BlackMatter Ransomware Operators Develop Custom Data Exfiltration Tool (lien direct) | The cybercriminals operating the BlackMatter ransomware have started using a custom data exfiltration tool in their attacks, Symantec reports. | Ransomware Tool | ||
|
2021-11-02 02:25:21 | China Tightens Control Over Company Data With Transfer Rules (lien direct) | Companies in China would need government approval to transfer important data abroad under proposed rules announced Friday that would tighten Beijing's control over information and might disrupt operations for international corporations. | |||
|
2021-11-01 19:07:48 | Tens of Thousands Download "AbstractEmu" Android Rooting Malware (lien direct) | Malware hunters at Lookout Security have discovered a new Android rooting malware that managed to score tens of thousands of downloads through Google Play and third-party application stores. | Malware | ||
|
2021-11-01 18:38:28 | Signal Provides Only Two Timestamps as Response to Grand Jury Subpoena (lien direct) | Signal says it can provide only a couple of timestamps in response to a grand jury subpoena for user data that it recently received from the District Court for the Central District of California. | |||
|
2021-11-01 16:02:54 | Atlanta Man Charged for Role in BEC Fraud Scheme (lien direct) | An Atlanta resident was charged last week for his role in a business email compromise (BEC) scheme that resulted in losses of millions of dollars. | |||
|
2021-11-01 15:46:03 | \'Trojan Source\' Attack Abuses Unicode to Inject Vulnerabilities Into Code (lien direct) | Researchers from the University of Cambridge have identified a new attack method that abuses Unicode to stealthily inject vulnerabilities into code. Dubbed Trojan Source, the attack impacts many of the compilers, interpreters, code editors, and code repository frontend services used by software developers. | |||
|
2021-11-01 14:09:12 | Hackers Threaten to Out Israeli LGBTQ Dating Site Users (lien direct) | A hacking group calling itself Black Shadow threatened Sunday to reveal personal details of users of Israeli's leading LGBTQ dating site, in an attack some cyber experts linked to Iran. "If we have 1 Millions $ in our wallet in the next 48 hours, we will not leak this information and also we will not sell it to anybody," Black Shadow wrote on Telegram. | Guideline | ||
|
2021-11-01 13:35:28 | (Déjà vu) Cybersecurity M&A Roundup: 41 Deals Announced in October 2021 (lien direct) | 
The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with 41 deals announced in October 2021.
|
|||
|
2021-11-01 12:15:34 | Iran Suspects Israel and US Behind Fuel Cyber Attack (lien direct) | An Iranian general has said Israel and the United States were likely to have been behind a cyber attack that interrupted the distribution of fuel at service stations. |
To see everything:
Our RSS (filtrered)
