What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-27 13:53:21 | 1Password Raises $100 Million at $2 Billion Valuation (lien direct) | Password management solutions provider 1Password today announced receiving a $100 million investment that increases its valuation to $2 billion. Previously, the company raised $200 million in a Series A funding round. | |||
|
2021-07-27 13:02:48 | Critical Vulnerability Found in Sunhillo Aerial Surveillance Product (lien direct) | An unauthenticated OS command injection vulnerability in the Sunhillo SureLine application could allow an attacker to execute arbitrary commands with root privileges, according to security researchers with the NCC Group. | Vulnerability | ||
|
2021-07-27 12:32:38 | Kaseya Denies Paying Cybercriminals Who Launched Ransomware Attack (lien direct) | IT management software firm Kaseya on Monday said it did not pay any money to cybercriminals, following speculation that it may have paid a ransom to obtain a decryptor that would allow customers hit by the recent ransomware attack to recover their files. | Ransomware | ||
|
2021-07-27 12:09:31 | Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S. (lien direct) | A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States. | Tool Vulnerability Threat | ||
|
2021-07-27 11:32:21 | S.Africa\'s Port Terminals Still Disrupted Days After Cyber-Attack (lien direct) | South Africa's state-owned logistics firm said Tuesday it was working to restore systems following a major cyber-attack last week that hit the country's key port terminals. The attack began on July 22 but continued, forcing Transnet to switch to manual systems, it said. | |||
|
2021-07-27 11:30:00 | Why Are Users Ignoring Multi-Factor Authentication? (lien direct) | 
|
|||
|
2021-07-27 10:29:15 | Creating an Effective Threat Hunting Program with Limited Resources (lien direct) | Developing various data sets for threat hunting engagements will further mature your program and help uncover the unknown | Threat | ||
|
2021-07-27 01:03:29 | Judge: Ex-CIA Worker Can Represent Himself in Espionage Case (lien direct) | A former CIA software engineer can represent himself at his upcoming retrial on espionage charges, a judge said Monday. | |||
|
2021-07-26 19:36:42 | Apple Patches \'Actively Exploited\' Mac, iOS Security Flaw (lien direct) | Apple on Monday released a major security update with fixes for a security defect the company says “may have been actively exploited” to plant malware on macOS and iOS devices. | Malware | ||
|
2021-07-26 16:19:56 | Firefox 90 Drops Support for FTP Protocol (lien direct) | Mozilla has completely removed support for the File Transfer Protocol (FTP) from the latest release of its flagship Firefox web browser. | |||
|
2021-07-26 14:50:28 | No More Ransom: We Prevented Ransomware Operators From Earning $1 Billion (lien direct) | No More Ransom is celebrating its 5th anniversary and the project says it has helped more than 6 million ransomware victims recover their files and prevented cybercriminals from earning roughly $1 billion. | Ransomware | ||
|
2021-07-26 14:00:16 | Amnesty Urges Moratorium on Surveillance Technology in Pegasus Scandal (lien direct) | Allegations that governments used phone malware supplied by an Israeli firm to spy on journalists, activists and heads of state have "exposed a global human rights crisis," Amnesty International said, asking for a moratorium on the sale and use of surveillance technology. | Malware | ||
|
2021-07-26 13:36:36 | What We Learn from MITRE\'s Most Dangerous Software Weaknesses List (lien direct) | A look into MITRE's 2021 CWE Top 25 Most Dangerous Software Weaknesses | |||
|
2021-07-26 12:26:33 | Leading Threat to Industrial Security is Not What You Think (lien direct) | As attackers become more sophisticated, so do their attacks. This in turn exposes threat vectors that once were thought to be well protected, or at least not interesting enough to attack. Nowhere is this truer than in industrial control systems (ICS) environments. | Threat | ||
|
2021-07-26 12:23:41 | GitLab Releases Open Source Tool for Hunting Malicious Code in Dependencies (lien direct) | GitLab last week announced the release of a new open source tool designed to help software developers identify malicious code in their projects' dependencies. | Tool | ||
|
2021-07-26 11:14:05 | Enterprises Warned of New PetitPotam Attack Exposing Windows Domains (lien direct) | Enterprises have been warned of a new attack method that can be used by malicious actors to take complete control of a Windows domain. | |||
|
2021-07-23 16:00:21 | Threat Actors Target Kubernetes Clusters via Argo Workflows (lien direct) | Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer. | Uber | ||
|
2021-07-23 15:03:10 | House Passes Several Critical Infrastructure Cybersecurity Bills (lien direct) | The U.S. House of Representatives this week passed several cybersecurity bills, including ones related to critical infrastructure, industrial control systems (ICS), and grants for state and local governments. | |||
|
2021-07-23 14:03:56 | TikTok fined €750,000 for Violating Children\'s Privacy (lien direct) | The Dutch Data Protection Authority (Autoriteit Persoonsgegevens – AP) announced Thursday that it has imposed a fine of €750,000 on TikTok “for violating the privacy of young children”. More specifically, TikTok failed to provide a privacy statement in the Dutch language, making it difficult for young children to understand what would happen to their data. | |||
|
2021-07-23 14:00:17 | Dutch Police Arrest Alleged Member of \'Fraud Family\' Cybercrime Gang (lien direct) | Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named “Fraud Family.” | |||
|
2021-07-23 13:02:21 | Cyber Risk Management Firm Safe Security Raises $33 Million (lien direct) | Cyber risk measurement and mitigation platform provider Safe Security this week announced that it has received a $33 million strategic investment led by BT Group. The funds, Safe Security says, will be used to double the size of its engineering team, as well as to increase the company's spending on research and development. | |||
|
2021-07-23 11:51:07 | Industrial Cybersecurity Firm SynSaber Launches With $2.5M in Seed Funding (lien direct) | SynSaber, a new industrial cybersecurity company, announced its launch this week with $2.5 million in seed funding from SYN Ventures, Rally Ventures and Cyber Mentor Fund. | |||
|
2021-07-23 11:02:17 | Estonian Botnet Operator Pleads Guilty in U.S. Court (lien direct) | An Estonian national has pleaded guilty in a United States court to two counts of computer fraud and abuse over his role in creating and operating a proxy botnet. | Guideline | ||
|
2021-07-23 08:49:16 | Kaseya Obtains Universal Decryptor for Ransomware Attack Victims (lien direct) | IT management software maker Kaseya on Thursday said it obtained a universal decryptor that should allow victims of the recent ransomware attack to recover their files. | Ransomware | ||
|
2021-07-22 19:36:35 | Akamai Software Update Triggers Internet Outages (lien direct) | Websites were briefly knocked offline Thursday after a software update triggered a glitch at network specialty firm Akamai. Reports of internet outages from locations around the world spiked at website Downdetector, with US-based Akamai saying some websites were offline for as long as an hour. | |||
|
2021-07-22 18:49:31 | Bug Bounty and VDP Platform YesWeHack Raises $18.8 Million (lien direct) | European bug bounty and vulnerability disclosure policy platform YesWeHack this week announced the closing of a €16 million ($18.8 million) round of venture capital financing. | Vulnerability | ||
|
2021-07-22 15:03:10 | Atlassian Patches Critical Vulnerability in Jira Data Center Products (lien direct) | Software development and collaboration solutions provider Atlassian on Wednesday informed customers that it has patched a critical code execution vulnerability affecting some of its Jira products. | Vulnerability | ||
|
2021-07-22 14:15:29 | Google Cloud Unveils New SOC, IDS Solutions (lien direct) | Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers (SOCs) and Cloud Intrusion Detection System (IDS) for network-based threat detection. | Threat | ||
|
2021-07-22 12:54:44 | China-Linked APT31 Abuses Hacked Routers in Attacks, France Warns (lien direct) | The French National Agency for the Security of Information Systems (ANSSI) on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks. | Threat | APT 31 | |
|
2021-07-22 11:52:38 | CISA Details Malware Used in Attacks Targeting Pulse Secure Devices (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released analysis reports for 13 malware samples discovered on Pulse Secure devices that were compromised in recent attacks. | Malware | ||
|
2021-07-22 11:30:00 | Is Your SecOps Solution Keeping Up? (lien direct) | The goal of any SecOps system is to collect, correlate, and assess data gathered from every corner of the network to detect and investigate anomalous behavior and then respond promptly to thwart an attack before its damage is done. And when networks were primarily contained within a clearly defined and static perimeter, this was not just an aspirational goal. It was well within the ability of virtually any SecOps team. | |||
|
2021-07-22 11:23:21 | Dell Patches Critical Vulnerabilities in OpenManage Enterprise (lien direct) | Patches released this week by Dell for its OpenManage Enterprise product address multiple critical-severity vulnerabilities. A systems management and monitoring application, Dell OpenManage Enterprise provides administrators with a comprehensive view of Dell EMC servers, network switches, and storage in their environment. | ★★★★★ | ||
|
2021-07-22 11:01:02 | UK Man Arrested in Spain, Charged in US With Twitter Hack (lien direct) | A British man has been charged in the United States in connection with a Twitter hack last summer that compromised the accounts of prominent politicians, celebrities and technology moguls, the Justice Department said Wednesday. | Hack | ★★★ | |
|
2021-07-22 02:00:06 | Biden to Meet Next Month With Private Sector on Cyber Issues (lien direct) | President Joe Biden and members of his national security team plan to meet next month with business executives about cybersecurity, an official said Wednesday. | |||
|
2021-07-21 19:55:00 | Google Cloud Introduces New Zero Trust Offerings for Government (lien direct) | Google Cloud this week announced a new set of services aimed at help federal, state, and local government organizations in the United States to implement Zero Trust architecture. | |||
|
2021-07-21 19:43:20 | Saudi Aramco Facing $50M Cyber Extortion Over Leaked Data (lien direct) | Saudi Arabia's state oil giant acknowledged Wednesday that leaked data from the company - files now apparently being used in a cyber-extortion attempt involving a $50 million ransom demand - likely came from one of its contractors. | |||
|
2021-07-21 17:31:25 | Ransomware Attack on UK Rail System - Spray and Pray or Targeted? (lien direct) | Northern Rail, one of the UK's local railway systems covering the north of England, had its new self-service ticketing machines taken off-line following a ransomware attack last week. | Ransomware | ||
|
2021-07-21 17:01:51 | Microsoft Acquires Cloud Security Start-up CloudKnox (lien direct) | After years of mostly sitting on the sidelines, Microsoft is starting to be aggressive with cybersecurity acquisitions. The world's largest software company said Wednesday it would acquire CloudKnox, a Silicon Valley startup that sells tools to help companies manage and secure access to cloud accounts and data. | |||
|
2021-07-21 15:53:54 | DNSFilter Raises $30 Million in Series A Funding (lien direct) | Cybersecurity firm raises $30 Million to support growth of its AI-based DNS threat protection system | Threat | ||
|
2021-07-21 15:13:24 | Industrial Firms Warned of Risk Posed by Cloud-Based ICS Management Systems (lien direct) | Researchers at industrial cybersecurity firm Claroty have identified a series of vulnerabilities that have enabled them to demonstrate how malicious actors could abuse cloud-based management platforms when targeting industrial organizations. | |||
|
2021-07-21 13:33:18 | Oracle Releases July 2021 CPU With 342 Security Patches (lien direct) | Oracle on Tuesday announced the availability of a total of 342 new security patches as part of its July 2021 Critical Patch Update (CPU). More than half of the addressed vulnerabilities could be exploited remotely without authentication. | |||
|
2021-07-21 13:16:12 | Chrome 92 Brings Several Privacy, Security Improvements (lien direct) | Google on Tuesday announced the release of Chrome 92 in the stable channel, with 35 security patches and with various other security improvements, such as better site isolation and phishing protection. | |||
|
2021-07-21 12:17:17 | Macron Among 14 Heads of States on Potential Spyware List (lien direct) | French President Emmanuel Macron leads a list of 14 current or former heads of state who may have been targeted for hacking by clients of the notorious Israeli spyware firm NSO Group, Amnesty International said Tuesday. | Guideline | ||
|
2021-07-21 11:45:19 | Millions of Devices Affected by Vulnerability in HP, Samsung, Xerox Printer Drivers (lien direct) | A printer driver shipped to millions of computers since 2005 is affected by a vulnerability that can be exploited for privilege escalation, according to endpoint security company SentinelOne. | Vulnerability | ||
|
2021-07-21 11:27:10 | Zero Trust, We Must (lien direct) | Daily headlines about cyber-attacks and data breaches (e.g., City of Tulsa, Guess, Morgan Stanley, Rural Al | |||
|
2021-07-21 10:03:49 | Adobe Patches 21 Vulnerabilities Across Seven Products (lien direct) | Security updates released by Adobe on Tuesday for seven of its products patch a total of 21 vulnerabilities, including 15 flaws that have been assigned a critical severity rating. | |||
|
2021-07-21 08:47:25 | Fortinet Patches Remote Code Execution Vulnerability in FortiManager, FortiAnalyzer (lien direct) | Fortinet on Monday announced the availability of patches for a vulnerability in both FortiManager and FortiAnalyzer that could allow an attacker to execute code with root privileges. | Vulnerability | ||
|
2021-07-21 04:07:04 | Google Enhances Protections in Cloud Armor Web Security Service (lien direct) | Google announced recently that it has expanded the capabilities of Cloud Armor, a service that provides distributed denial of service (DDoS) protections and a web application firewall (WAF) to keep customers safe from web attacks. | |||
|
2021-07-20 21:01:10 | Russian Hacker Levashov Sentenced to Time Already Served (lien direct) | A Russian hacker known internationally as the “bot master” was sentenced Tuesday to the 33 months he has already served in custody on federal charges he operated a network of devices used to steal computer credentials, distribute spam and install malicious software. | Spam | ★★ | |
|
2021-07-20 19:51:00 | New Cybersecurity Order Issued for US Pipeline Operators (lien direct) | The Department of Homeland Security on Tuesday announced new requirements for U.S. pipeline operators to bolster cybersecurity following a May ransomware attack that disrupted gas delivery across the East Coast. | Ransomware |
To see everything:
Our RSS (filtrered)
