What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-12 13:20:11 | Iran Blames Israel for Sabotage at Natanz Nuclear Site (lien direct) | Iran blamed Israel on Monday for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges, an assault that imperils ongoing talks over Tehran's tattered nuclear deal and brings a shadow war between the two countries into the light. | |||
|
2021-04-12 12:58:08 | Cybersecurity M&A Roundup for April 1-11, 2021 (lien direct) | 
Eleven cybersecurity-related acquisitions and mergers were announced in the first part of April 2021.
|
|||
|
2021-04-12 11:35:59 | Fed Chair Says Cyberattacks Main Risk to US Economy (lien direct) | Federal Reserve chairman Jerome Powell said he was more worried about the risk of a large-scale cyberattack than another financial crisis like that of 2008. The risks of a 2008-like crisis with a need for government bailouts of banks were "very, very low," the head of the US central bank said during an interview aired Sunday on CBS's "60 minutes." | |||
|
2021-04-12 11:03:24 | Zerodium Offering $300,000 for WordPress Exploits (lien direct) | Exploit acquisition company Zerodium announced last week that it's temporarily offering $300,000 for high-impact WordPress exploits. | |||
|
2021-04-11 19:07:27 | Iran Calls Natanz Atomic Site Blackout \'Nuclear Terrorism\' (lien direct) | Iran on Sunday described a blackout at its underground Natanz atomic facility an act of “nuclear terrorism,” raising regional tensions as world powers and Tehran continue to negotiate over its tattered nuclear deal. | |||
|
2021-04-09 18:16:50 | Microsoft Open-Sources \'CyberBattleSim\' Enterprise Environment Simulator (lien direct) | Microsoft this week announced the open source availability of Python code for “CyberBattleSim,” a research toolkit that supports simulating complex computer systems. | |||
|
2021-04-09 16:55:31 | CISA Releases Tool to Detect Microsoft 365 Compromise (lien direct) | The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential compromise within Microsoft Azure and Microsoft 365 environments. | Tool | ||
|
2021-04-09 12:15:04 | Security Automation Firm Tines Raises $26 Million at $300 Million Valuation (lien direct) | Tines, an Ireland-based company that provides no-code automation solutions for security and operations teams, on Thursday announced that it has raised $26 million in a Series B funding round, at a valuation of $300 million. | |||
|
2021-04-09 11:58:30 | LG Promises Three Years of OS Updates for Premium Android Smartphones (lien direct) | South Korean tech giant LG this week announced that it will continue to provide operating system updates to users of its premium Android smartphones, for up to three years. | |||
|
2021-04-09 11:07:21 | Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits (lien direct) | The Pwn2Own 2021 hacking competition has come to an end, with participants earning more than $1.2 million - more than ever paid out at the event - for exploits in the browser, virtualization, server, local privilege escalation, and enterprise communications categories. | |||
|
2021-04-09 08:46:29 | Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration (lien direct) | Threat actors are increasingly abusing collaboration platforms for nefarious purposes, including malware delivery and data exfiltration, security researchers with Cisco's Talos division report. | Malware | ||
|
2021-04-08 18:54:58 | Cisco Patches Critical Flaw in SD-WAN vManage (lien direct) | Cisco this week announced patches for tens of vulnerabilities across its product portfolio, including a critical severity issue impacting the SD-WAN vManage software. | |||
|
2021-04-08 18:35:33 | Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late? (lien direct) | NEWS ANALYSIS: Google's decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development. | |||
|
2021-04-08 15:06:39 | Library Dependencies and the Open Source Supply Chain Nightmare (lien direct) | 
It's a bigger problem than is immediately apparent, and has the potential for hacks as big as Equifax and as widespread as SolarWinds.
|
Equifax Equifax | ||
|
2021-04-08 14:19:27 | Belden Says Health-Related Information Exposed in Data Breach (lien direct) | Specialty networking solutions provider Belden on Wednesday shared an update on the data breach disclosed in November 2020, and said health-related information was also exposed. | Data Breach | ||
|
2021-04-08 13:47:10 | Cring Ransomware Targets Industrial Organizations (lien direct) | Cring ransomware operators are exploiting an old path traversal vulnerability in the FortiOS SSL VPN web portal to gain access to enterprise networks, Kaspersky warns. | Ransomware Vulnerability | ||
|
2021-04-08 12:09:02 | PHP Developers Share Update on Recent Breach (lien direct) | The developers of the PHP scripting language have shared an update on the recently disclosed breach in which attackers planted malicious code. | |||
|
2021-04-08 11:13:54 | $200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own (lien direct) | Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user interaction. | |||
|
2021-04-08 10:50:21 | Vulnerability in \'Domain Time II\' Could Lead to Server, Network Compromise (lien direct) | A vulnerability residing in the “Domain Time II” network time solution can be exploited in Man-on-the-Side (MotS) attacks, cyber-security firm GRIMM warned on Tuesday. | Vulnerability | ||
|
2021-04-07 16:35:09 | Open Source Security Management Firm WhiteSource Raises $75 Million (lien direct) | Open source security management company WhiteSource on Wednesday announced that it has raised $75 million in a Series D funding round. | ★★★★ | ||
|
2021-04-07 16:27:46 | Report: Supplier Impersonation Attacks a Major Risk (lien direct) | Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks, according to a new report from enterprise security company Proofpoint. | ★★★ | ||
|
2021-04-07 15:10:01 | Fake Netflix App Luring Android Users to Malware (lien direct) | Researchers Flag 'FlixOnline' as a Malicious Android Play Store App That Combines Social Engineering With WhatsApp Auto-Replies to Propagate | Malware | ||
|
2021-04-07 14:43:05 | What Cybersecurity Policy Changes Should We Expect from the Biden Administration? (lien direct) | As the U.S. transitions to a new presidential administration, which can be expected to differ largely from the last, it is hard not to speculate how President Biden's Administration will reduce the risk of a major cyberattack against the U.S. or her interests. | ★★ | ||
|
2021-04-07 14:00:04 | Facebook Removes 14 Networks Fueling Deceptive Campaigns (lien direct) | Facebook this week announced that in March it removed a total of 14 networks of accounts from its online services, for spreading deceptive content meant to manipulate public opinion. | ★★★★★ | ||
|
2021-04-07 13:26:30 | Details Disclosed for GitHub Pages Flaws That Earned Researchers $35,000 (lien direct) | A researcher has disclosed the details of a series of vulnerabilities that could have been exploited by an attacker to access an organization's private pages on GitHub. | |||
|
2021-04-07 11:33:06 | Google Patches Critical Code Execution Vulnerability in Android (lien direct) | The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component. | Vulnerability | ||
|
2021-04-07 10:48:21 | White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021 (lien direct) | On the first day of the Pwn2Own 2021 hacking competition, participants earned more than half a million dollars, including $440,000 for demonstrating exploits against Microsoft products. | |||
|
2021-04-07 02:15:44 | Facebook Says Hackers \'Scraped\' Data of 533 Million Users in 2019 Leak (lien direct) | Facebook said Tuesday that hackers "scraped" personal data of some half-billion users back in 2019 by taking advantage of a feature designed to help people easily find friends using contact lists. | |||
|
2021-04-07 01:34:53 | Senators Press for More on SolarWinds Hack After AP Report (lien direct) | Key lawmakers said Tuesday they're concerned they've been kept in the dark about what suspected Russian hackers stole from the federal government and they pressed Biden administration officials for more details about the scope of what's known as the SolarWinds hack. | Hack | ||
|
2021-04-06 20:14:53 | Threat Actors Quick to Target (Patched) SAP Vulnerabilities (lien direct) | Threat actors are constantly targeting new vulnerabilities in SAP applications within days after the availability of security patches, according to a joint report issued by SAP and Onapsis. | |||
|
2021-04-06 15:04:52 | ThreatQuotient Adds $22.5 Million in Funding (lien direct) | ThreatQuotient, a threat intelligence and security operations platform provider, has closed $22.5 million in new financing through a combination of equity and debt financing. | Threat | ||
|
2021-04-06 14:33:29 | APT Group Using Voice Changing Software in Spear-Phishing Campaign (lien direct) | A sub-group of the 'Molerats' threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security. | |||
|
2021-04-06 14:23:10 | US DoD Launches Vuln Disclosure Program for Contractor Networks (lien direct) | The United States Department of Defense (DoD) this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base (DIB) contractor networks. | Vulnerability | ||
|
2021-04-06 14:14:15 | The Rise of Industrial IoT and How to Mitigate Risk (lien direct) | With the acceleration of digital transformation and convergence of IT and operational technology (OT) networks, Internet of Things (IoT) and Industrial IoT (IIoT) devices are becoming essential tools for companies in sectors including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage. | |||
|
2021-04-06 11:39:09 | All Eyes on PCAP: The Gold Standard of Traffic Analysis (lien direct) | PCAP Enables Defenders to See and Capture Exactly What Has Happened Across a Network, But Comes With Challenges | |||
|
2021-04-05 22:01:56 | China-Linked \'Cycldek\' Hackers Target Vietnamese Government, Military (lien direct) | China-linked cyber-espionage group Cycldek is showing increasing sophistication in a series of recent attacks targeting government and military entities in Vietnam, according to a report from anti-malware vendor Kaspersky. | |||
|
2021-04-05 15:59:15 | CISA, FBI Warn of Attacks Targeting Fortinet FortiOS (lien direct) | The U.S. government is warning that Advanced Persistent Threat (APT) actors are exploiting vulnerabilities in Fortinet FortiOS in ongoing attacks targeting commercial, government, and technology services networks. | Threat | ||
|
2021-04-05 15:51:20 | VMware Patches Critical Flaw in Carbon Black Cloud Workload (lien direct) | A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. | Vulnerability | ||
|
2021-04-05 15:44:34 | University of California Victim of Nationwide Hack Attack (lien direct) | The University of California is warning its students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide. | Ransomware Hack | ||
|
2021-04-03 10:51:30 | US lawmakers Press Online Ad Auctioneers Over User Data (lien direct) | A bipartisan group of US senators on Friday sent letters to major digital ad exchanges, including Google and Twitter, asking whether user data was sold to foreign entities who could use it for blackmail or other malicious ends. | |||
|
2021-04-02 15:45:24 | SecureDrop Workstation Gets Post-Audit Security Refresh (lien direct) | The open-source SecureDrop Workstation has undergone a security makeover after a third-party security audit flagged multiple problems, including a high-risk bug that could allow an attacker to plant files on target machines. | |||
|
2021-04-02 12:42:32 | Financial Sector Remains Most Targeted by Threat Actors: IBM (lien direct) | Organizations in the financial and insurance sectors were the most targeted by threat actors in 2020, continuing a trend that was first observed roughly five years ago, IBM Security reports. | Threat | ||
|
2021-04-02 12:22:59 | Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms (lien direct) | Industrial automation giant Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product. | |||
|
2021-04-02 01:45:26 | US Looks to Keep Critical Sectors Safe From Cyberattacks (lien direct) | A top Biden administration official says the government is undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks. | |||
|
2021-04-02 01:32:31 | Large Florida School District Hit by Ransomware Attack (lien direct) | The computer system of one of the nation's largest school districts was hacked by a criminal gang that encrypted district data and demanded $40 million in ransom or it would erase the files and post students' and employees' personal information online. | Ransomware | ||
|
2021-04-01 19:46:47 | DHS Gives Federal Agencies 5 Days to Identify Vulnerable MS Exchange Servers (lien direct) | The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify | |||
|
2021-04-01 19:38:58 | Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices (lien direct) | A pair of unpatched vulnerabilities in QNAP small office/home office (SOHO) network attached storage (NAS) devices could allow attackers to execute code remotely, according to a warning from security researchers at SAM Seamless Network. | |||
|
2021-04-01 19:29:15 | Kansas Man Charged with Tampering with Public Water System (lien direct) | The United States Department of Justice this week announced official charges against a Kansas man, for accessing and tampering with a public water system. | |||
|
2021-04-01 18:35:10 | After Hack, Officials Draw Attention to Supply Chain Threats (lien direct) | The U.S. government is working to draw attention to supply chain vulnerabilities, an issue that received particular attention late last year after suspected Russian hackers gained access to federal agencies and private corporations by sneaking malicious code into widely used software. | |||
|
2021-04-01 17:58:06 | Molson Coors Cyberattack, Storms Could Cost Company $140 Million (lien direct) | Cyber Incident and Texas Storms Will Delay Between 1.8 and 2.0 Million Hectoliters of Beer Production and Shipments |
To see everything:
Our RSS (filtrered)
