What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-06-01 22:44:15 | Poisoned Installers Found in Solarwinds Hackers Toolkit (lien direct) | The ongoing multi-vendor investigations into the Solarwinds mega-hack took another twist this week with the discovery of new malware artifacts that could be used in future supply chain attacks. | Malware | ||
|
2021-06-01 20:03:39 | Report: Accellion Failed to Notify Customers of FTA Zero-Day (lien direct) | Accellion failed to notify customers of a zero-day vulnerability in its file transfer application (FTA) and related cyber-attacks targeting the security flaw, according to a new report from professional services firm KPMG. | Vulnerability | ||
|
2021-06-01 19:52:53 | Kaspersky: Exploits for MS Office Flaws Most Popular in Q1 2021 (lien direct) | Exploits for vulnerabilities in Microsoft's Office suite were the most popular among cyber-attackers during the first quarter of this year, according to a new Kaspersky report. | |||
|
2021-06-01 19:14:59 | Meat Producer Ransomware Attack Disrupts Global Production (lien direct) | A ransomware attack on the world's largest meat company is disrupting production around the world just weeks after a similar incident shut down a U.S. oil pipeline. | Ransomware | ||
|
2021-06-01 15:41:08 | Exabeam Lands $200M Investment, Replaces CEO (lien direct) | Exabeam, a late-stage startup in the data analytics and SIEM space, has landed a new $200 million funding round that values the company at $2.5 billion. | |||
|
2021-06-01 13:42:50 | No Time to Waste: Three Ways to Quickly Reduce Risk in Critical Infrastructure Environments (lien direct) | Earlier this month, the U.S. experienced it first major shutdown of critical infrastructure due to a cyberattack in the nation's history. When adversaries targeted Colonial Pipeline with a disruptive ransomware attack, critical infrastructure security immediately became a mainstream concern, because the attack is unprecedented in terms of its impact. | Ransomware | ||
|
2021-06-01 13:16:24 | [redacted] Emerges From Stealth to Help Companies Pursue, Disrupt Adversaries (lien direct) | [redacted] emerged from stealth mode on Tuesday with $35 million in Series B funding and a cyber defense and response solution that enables organizations to pursue and disrupt adversaries. | |||
|
2021-06-01 12:41:33 | Swedish Public Health Agency Says Disease Database Targeted in Cyberattacks (lien direct) | The Swedish Public Health Agency (Folkhälsomyndigheten) is currently investigating several attempts to hack into SmiNet, a database that stores reports of infectious diseases, including COVID-19 cases. | Hack | ||
|
2021-06-01 11:36:59 | (Déjà vu) Cybersecurity M&A Roundup: 36 Deals Announced in May 2021 (lien direct) | 
Tens of cybersecurity mergers and acquisitions were announced in May 2021, including by Imperva, Accenture, Cisco, HelpSystems, Splunk, Twilio, and Zscaler.
|
|||
|
2021-06-01 11:23:01 | Meat-packing Giant JBS USA Shuts Down Systems Following Cyberattack (lien direct) | JBS USA, the US subsidiary of the world's largest meat processing company, said Monday that some operations were shut down following a cyberattack that affected its North American and Australian IT network. | |||
|
2021-05-31 17:02:50 | Microsoft Creates Cybersecurity Council for the Public Sector in APAC (lien direct) | Looking to build stronger responses against cyberattacks in the Asia Pacific (APAC) region, Microsoft on Monday announced the creation of a cybersecurity council for the public sector in the region. | |||
|
2021-05-31 14:02:05 | Interpol Says 585 People Arrested in APAC Operation Against Cyber-Enabled Crime (lien direct) | Interpol revealed last week that specialized law enforcement officers in the Asia-Pacific (APAC) region intercepted more than $83 million in fraudulent money transfers as part of a six-month coordinated effort aimed at cyber-enabled financial crime. | |||
|
2021-05-31 13:18:56 | Kenyan Arrested in Qatar First Targeted by Phishing Attack (lien direct) | A Kenyan security guard now facing charges in Qatar after writing compelling, anonymous accounts of being a low-paid worker there found himself targeted by a phishing attack that could have revealed his location just before his arrest, analysts say. | |||
|
2021-05-31 13:04:35 | SonicWall Patches Command Injection Flaw in Firewall Management Application (lien direct) | SonicWall last week announced the availability of patches for a severe vulnerability in its Network Security Manager (NSM) product. | Vulnerability | ||
|
2021-05-31 12:35:09 | Cybercriminals Target Companies With New \'Epsilon Red\' Ransomware (lien direct) | A new piece of ransomware named Epsilon Red has been used to target at least one organization in the United States, and its operators have apparently already made a significant profit. | Ransomware | ||
|
2021-05-31 11:07:15 | CISA-FBI Alert: 350 Organizations Targeted in Attack Abusing Email Marketing Service (lien direct) | An alert released on Friday by the FBI and the DHS's Cybersecurity and Infrastructure Security Agency (CISA) revealed that the number of organizations targeted in a recent attack abusing a legitimate email marketing service was higher than initially reported. | |||
|
2021-05-31 10:18:26 | Activists Launch Action Against \'Cookie Banner Terror\' (lien direct) | A group of online privacy activists said Monday it is taking action against hundreds of websites over their use of pop-up banners asking users to consent to "cookies", the files that track users' activity. | |||
|
2021-05-30 14:19:20 | US Says Agencies Largely Fended Off Latest Russian Hack (lien direct) | The White House says it believes U.S. government agencies largely fended off the latest cyberespionage onslaught blamed on Russian intelligence operatives, saying the spear-phishing campaign should not further damage relations with Moscow ahead of next month's planned presidential summit. | Hack | ||
|
2021-05-28 19:25:58 | Nuclear Flash Cards: US Secrets Exposed on Learning Apps (lien direct) | US troops charged with guarding nuclear weapons in Europe used popular education websites to create flash cards, exposing their exact locations and top-secret security protocols, according to the investigative site Bellingcat Friday. | |||
|
2021-05-28 18:55:40 | Security Analytics Firm Uptycs Raises $50 Million (lien direct) | Cloud-native security analytics provider Uptycs has closed a $50 million Series C funding round, bringing the total raised by the company to date up to $93 million. The latest funding round was led by Norwest Venture Partners, with additional participation from Sapphire Ventures and ServiceNow Ventures. | |||
|
2021-05-28 15:08:02 | Newly Disclosed Vulnerability Allows Remote Hacking of Siemens PLCs (lien direct) | Researchers at industrial cybersecurity firm Claroty have identified a serious vulnerability that can be exploited by a remote and unauthenticated attacker to hack some of the programmable logic controllers (PLCs) made by Siemens. | Hack Vulnerability | ||
|
2021-05-28 14:37:28 | Resilience: RSA Conference 2021 (lien direct) | For many of us, RSA Conference 2020 in San Francisco was the last time we came together as a community, met with colleagues, and saw new technology offerings. It was one of the last global events held in person before the lockdown, and since that time, we've had to switch to digital methods for interaction and communication. | |||
|
2021-05-28 14:09:57 | Chinese Hackers Started Covering Tracks Days Before Public Exposure of Operations (lien direct) | One of the Chinese threat actors targeting Pulse Secure VPN appliances via a recently disclosed vulnerability has been attempting to cover its tracks by removing its webshells from victim networks, FireEye reports. | Vulnerability Threat | ||
|
2021-05-28 13:35:15 | Canada Post Says 950,000 Customers Hit by Breach at Supplier (lien direct) | Canada Post, the primary postal operator in Canada, has informed 44 of its large business customers that some information was compromised as a result of a malware attack at a supplier. | Malware | ||
|
2021-05-28 12:36:15 | FBI Shares IOCs for APT Attacks Exploiting Fortinet Vulnerabilities (lien direct) | The FBI on Thursday published indicators of compromise (IOCs) associated with the continuous exploitation of Fortinet FortiOS vulnerabilities in attacks targeting commercial, government, and technology services networks. | |||
|
2021-05-28 11:28:41 | SolarWinds Hackers Impersonate U.S. Government Agency in New Attacks (lien direct) | The Russia-linked threat group believed to be behind the SolarWinds attack has been observed launching a new campaign this week. | Threat | ||
|
2021-05-27 19:05:11 | What Cybersecurity Can Learn From Video Games (Part II) (lien direct) | By taking some lessons from outside our cybersecurity sandbox, we can address some of the significant challenges in cybersecurity | |||
|
2021-05-27 18:53:01 | U.S. Charges 22 in Stolen Payment Cards Crackdown (lien direct) | The U.S. Justice Department this week announced indictments against 22 individuals who allegedly purchased and used payment cards stolen from a national retail chain. | |||
|
2021-05-27 17:59:19 | Japanese Ministries Confirm Impact from Fujitsu Data Breach (lien direct) | Japan's Ministry of Foreign Affairs and Ministry of Land, Infrastructure, Transport and Tourism this week confirmed impact from a data breach at service provider Fujitsu Limited. | Data Breach | ||
|
2021-05-27 15:01:20 | DataDome Raises $35 Million for Its Anti-Bot Solution (lien direct) | DataDome, a company that provides a SaaS solution for protecting businesses against bad bots and fraud, this week announced that it raised $35 million in a Series B funding round. | |||
|
2021-05-27 14:24:34 | US Pipelines Ordered to Increase Cyber Defenses After Hack (lien direct) | U.S. pipeline operators will be required for the first time to conduct a cybersecurity assessment under a Biden administration directive in response to the ransomware hack that disrupted gas supplies in several states this month. | Ransomware Hack | ||
|
2021-05-27 14:09:48 | Vulnerabilities in Visual Studio Code Extensions Expose Developers to Attacks (lien direct) | Vulnerabilities in Visual Studio Code extensions could be exploited by malicious attackers to steal valuable information from developers and even compromise organizations, researchers with open-source software security firm Snyk say. | |||
|
2021-05-27 13:42:16 | Facebook Adapts Defenses as Deception Campaigns Go Stealth (lien direct) | Facebook said Wednesday that it has disrupted more than 150 deceptive influence schemes since 2017, with Russia the biggest single source, as culprits strive to stay "under the radar." | |||
|
2021-05-27 13:23:00 | Why Evaluating Cybersecurity Prior to Mergers and Acquisitions is Necessary (lien direct) | Timely response and proactive investigation can help lessen the potential negative impact poor cyber hygiene can have on a business acquisition | |||
|
2021-05-27 13:17:43 | NASA Identified Over 6,000 Cyber Incidents in Past 4 Years (lien direct) | The U.S. National Aeronautics and Space Administration (NASA) identified more than 6,000 cyber-related incidents in the last four years, according to a report published this month by NASA's Office of Inspector General. | |||
|
2021-05-27 11:45:14 | Email Protection Firm Material Security Raises $40 Million (lien direct) | Email protection company Material Security this week announced that it raised $40 million in Series B funding, which brings the capital raised by the firm to date to $62 million. Founded in 2017, the Redwood City, California-based company is focused on protecting email accounts both before and after compromise. | |||
|
2021-05-27 11:13:16 | Siemens Addresses Code Execution Vulnerabilities Found in Popular CAD Library (lien direct) | Siemens on Tuesday released an advisory to inform customers about several high-severity vulnerabilities affecting its Solid Edge product. The flaws are introduced by fourth-party software that is also used by many other organizations. | |||
|
2021-05-27 10:33:45 | EU Privacy Groups Set Sights on Facial Recognition Firm (lien direct) | Privacy organisations on Thursday complained to regulators in five European countries over the practices of Clearview AI, a company that has built a powerful facial recognition database using images "scraped" from the web. | |||
|
2021-05-27 08:32:48 | New Iranian Group \'Agrius\' Launches Destructive Cyberattacks on Israeli Targets (lien direct) | Over the past year, an Iran-linked threat actor named Agrius has been observed launching destructive attacks on Israeli targets, under the disguise of ransomware attacks, according to endpoint security company SentinelOne. | Ransomware Threat | ||
|
2021-05-27 03:48:25 | Code Execution Flaw in Checkbox Survey Exploited in the Wild (lien direct) | A Checkbox Survey vulnerability that could allow a remote attacker to execute arbitrary code without authentication is being exploited in the wild, the CERT Coordination Center (CERT/CC) at Carnegie Mellon University warns. | Vulnerability | ||
|
2021-05-26 19:29:45 | US Exchanges Offer a Rich Potential Target for Hackers (lien direct) | Cyberattacks have long been seen as a threat to financial markets, but worries are becoming even more acute following a US pipeline hack that set off a public panic and forced the company to pay a ransom. Financial exchanges that manage daily transactions of tens or hundreds of billions of dollars are an appealing target for hackers. | Hack Threat | ||
|
2021-05-26 15:13:27 | Virtual Event Keynote: John Lambert, Microsoft Threat Intelligence Center (lien direct) | 
John Lambert, GM at the Microsoft Threat Intelligence Center, will provide a keynote at SecurityWeek's Threat Intelligence Summit on May 26th at 12PM ET.
|
Threat | ||
|
2021-05-26 14:57:13 | Salt Security Raises $70 Million in Series C Funding (lien direct) | Palo Alto, California-based API protection company Salt Security today announced that it raised $70 million in Series C funding, which brings the total raised to date to $131 million. | |||
|
2021-05-26 14:29:30 | VMware Urges Customers to Immediately Patch Critical vSphere Vulnerability (lien direct) | VMware has urged customers to immediately patch a critical vulnerability affecting vCenter Server, the management interface for vSphere environments. The vulnerability, tracked as CVE-2021-21985, was reported to VMware by Ricter Z of 360 Noah Lab and it has been patched in versions 6.5, 6.7 and 7.0 of vCenter Server. | Vulnerability | ||
|
2021-05-26 14:26:46 | The VC View: Identity = Zero Trust for Everything (lien direct) | Identity very much seems to be an acquired taste… Most everyone's first experience with identity comes down to usernames and passwords. And that's enough for most users, “just let me get past this screen so I can do what I'm trying to do.” | |||
|
2021-05-26 12:57:57 | \'World\'s Leading Bank Robbers\': North Korea\'s Hacker Army (lien direct) | Nuclear-armed North Korea is advancing on the front lines of cyberwarfare, analysts say, stealing billions of dollars and presenting a clearer and more present danger than its banned weapons programmes. | |||
|
2021-05-26 12:13:56 | Half-Double: Google Researchers Find New Rowhammer Attack Technique (lien direct) | A team of researchers from Google has identified a new Rowhammer attack technique that works against recent generations of dynamic random-access memory (DRAM) chips. | |||
|
2021-05-26 11:24:56 | Google Patches 32 Vulnerabilities With Release of Chrome 91 (lien direct) | Google on Tuesday announced the release of Chrome 91 to the stable channel. The latest update patches a total of 32 vulnerabilities. Of the addressed issues, 21 vulnerabilities were discovered by external researchers, including 8 high-severity bugs, 8 medium-severity flaws, and 5 low-severity security holes. | |||
|
2021-05-26 10:31:30 | Rising Cyberattacks in West Highlight Vulnerabilities (lien direct) | A series of high-profile cyberattacks on targets in the West have highlighted the vulnerability of companies and institutions, making the issue a higher public priority but with no easy solution. | Vulnerability | ||
|
2021-05-26 00:49:35 | Belgium Interior Ministry Targeted in Cyber Attack (lien direct) | The Belgian interior ministry has found itself the target of "sophisticated" cyber espionage, a spokesman told RTBF public television on Tuesday. |
To see everything:
