What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-12 11:48:33 | The Curious Case of the $600 Million Crypto Heist (lien direct) | Cryptocurrency investors have been transfixed over the past few days by the antics of a mysterious hacker who stole more than $600 million -- before giving some of it back. But is the thief a good samaritan who stole the money to expose a dangerous security flaw, or did they simply realize they were about to be caught? | |||
|
2021-08-12 11:29:47 | Cloud Considerations Learned from the Pandemic (lien direct) | Over the last 18 months, there have been massive scale changes in how everyone works, learns and socializes online primarily due to the pandemic. We all had to stay home; a switch flipped and being online was more critical than ever before. | |||
|
2021-08-12 10:32:17 | Ransomware Gang Leaks Files Allegedly Stolen From Accenture (lien direct) | Consulting giant Accenture on Wednesday confirmed being targeted by hackers. The confirmation came just hours before a ransomware gang started leaking files allegedly stolen from the company. | Ransomware | ||
|
2021-08-11 18:32:42 | Mandiant Snaps Up Attack Surface Management Startup Intrigue (lien direct) | FireEye's Mandiant unit announced on Tuesday that it has acquired Intrigue, a provider of attack surface management technology for enterprises. | |||
|
2021-08-11 18:07:16 | Hackers Return Portion of Record Crypto Heist Haul (lien direct) | A firm specializing in transferring cryptocurrency said that hackers have sent back a portion of the digital loot from a record haul. | |||
|
2021-08-11 17:29:41 | Politics and Security Don\'t Mix (lien direct) | There are plenty of issues and challenges every security team already faces. There's no need to add politics to them. | |||
|
2021-08-11 14:39:56 | Decryption Key for Ransomware Delivered via Kaseya Attack Made Public (lien direct) | A key that can be used to decrypt files encrypted by the REvil ransomware delivered as part of the Kaseya attack has been made public. | Ransomware | ★★★★ | |
|
2021-08-11 12:31:23 | OwnBackup Raises $240 Million at $3.35 Billion Valuation (lien direct) | New Jersey-based data protection solutions provider OwnBackup on Tuesday announced raising $240 million in a Series E funding round at a valuation of $3.35 billion. | |||
|
2021-08-11 11:26:03 | Intel Patches High-Severity Flaws in NUC 9 Extreme Laptops, Ethernet Linux Drivers (lien direct) | Intel on Tuesday released six new security advisories to inform customers about the availability of firmware and software updates that address a total of 15 vulnerabilities across several products. | |||
|
2021-08-11 10:21:43 | Nine Critical and High-Severity Vulnerabilities Patched in SAP Products (lien direct) | German enterprise software giant SAP has released 19 new and updated security notes, including for nine new vulnerabilities that have been rated critical or high severity. | |||
|
2021-08-11 10:17:09 | A Closer Look at Intel\'s Hardware-Enabled Threat Detection Push (lien direct) | 
|
Threat | ||
|
2021-08-11 01:57:05 | Consumer Antivirus Firms NortonLifeLock and Avast to Merge in $8.6 Billion Deal (lien direct) | Consumer cybersecurity firms NortonLifeLock (NASDAQ: NLOK) and Prague-based Avast announced on Tuesday that the two firms have agreed to merge in a deal valued between roughly $8.1-$8.6 billion. | |||
|
2021-08-11 00:32:05 | Record Cryptocurrency Heist Valued at $600 Million (lien direct) | A firm specializing in transferring cryptocurrency said Tuesday that hackers cracked its security, making off with a record-setting haul potentially worth $600 million. Poly Network put out a plea for the stolen Ethereum, BinanceChain and OxPolygon tokens to be shunned by traders running "wallets" for storing cryptocurrency. | |||
|
2021-08-10 18:35:36 | Adobe Warns of Critical Flaws in Magento, Connect (lien direct) | Software maker Adobe has shipped security patches for flaws in its Adobe Magento and Connect product lines, warning that exploitation could lead to remote code execution attacks. | Guideline | ||
|
2021-08-10 18:16:39 | Microsoft Patch Tuesday: Windows Flaw Under Active Attack (lien direct) | The zero-day attacks against Microsoft's software products continue to pile up with a new warning from Redmond about a zero-day attack hitting a security defect in the Windows Update Medic Service. | |||
|
2021-08-10 16:59:17 | NGO Files Hundreds of Complaints Over \'Cookie Banner Terror\' (lien direct) | Online privacy campaigners on Tuesday said they had filed hundreds of complaints against websites and platforms in Europe over violations of rules on cookies, the files that track user activity. | |||
|
2021-08-10 14:49:02 | Firefox 91 Brings New Privacy, Security Improvements (lien direct) | Mozilla on Tuesday released Firefox 91, a version of the web browser that brings enhanced cookie clearing, HTTPS by default in private browsing mode, and patches for several high-severity vulnerabilities. | |||
|
2021-08-10 13:33:44 | Companies Still Exposing Sensitive Data via Known Salesforce Misconfiguration (lien direct) | Organizations have been warned that a misconfiguration in Salesforce Communities can lead to the exposure of sensitive information. | Guideline | ||
|
2021-08-10 11:43:05 | Google Discontinuing Bluetooth Titan Security Key (lien direct) | 
Google on Monday announced that it's discontinuing the Bluetooth version of the Titan Security Key and it will only offer devices that have near-field communication (NFC) functionality.
|
|||
|
2021-08-10 11:00:45 | How to Train Your SOC Staff: What Works and What Doesn\'t (lien direct) | We're all familiar with the shortage of talent to staff security operations centers (SOCs), the challenge of hiring qualified cyber security professionals, and that burnout and overwork makes it impossible to keep good staff. So why not make an effort to hang on to your security analysts and make sure they stay up to the challenge? | |||
|
2021-08-10 10:21:04 | At Least 30,000 Internet-Exposed Exchange Servers Vulnerable to ProxyShell Attacks (lien direct) | Tens of thousands of internet-exposed Microsoft Exchange servers appear to be affected by the ProxyShell vulnerabilities, and they could get compromised at any moment considering that threat actors are already scanning the web for vulnerable devices. | Threat | ||
|
2021-08-09 16:22:56 | A Deeper Dive Into Zero-Trust and Biden\'s Cybersecurity Executive Order (lien direct) | On May 12, 2021, President Biden signed an Executive Order (EO) on Improving the Nation's Cybersecurity. It is a detailed overview of the Federal government's plan to better secure America – and it calls out zero-trust as a major pillar of that process. The Executive Order | |||
|
2021-08-09 14:33:28 | (Déjà vu) OT Security Firm SIGA Raises $8.1 Million in Series B Funding Round (lien direct) | SIGA OT Solutions, an Israel-based company that specializes in operational technology (OT) cybersecurity solutions, on Monday announced raising $8.1 million in a Series B funding round. | |||
|
2021-08-09 13:09:44 | Vulnerability Affecting Routers From Many Vendors Exploited Days After Disclosure (lien direct) | Cybercriminals quickly started exploiting a vulnerability that affects routers and modems from many vendors that use the same underlying firmware. On August 3, cybersecurity firm Tenable published a blog post describing a vulnerability affecting routers that use firmware from Arcadyan, a Taiwan-based provider of networking solutions. | Vulnerability | ||
|
2021-08-09 12:35:59 | Joplin: City Computer Shutdown Was Ransomware Attack (lien direct) | The insurer for Joplin paid $320,00 to an unknown person after a ransomware attack shut down the city's government's computer system last month, Joplin City Manager Nick Edwards said Thursday. | Ransomware | ||
|
2021-08-09 11:47:35 | (Déjà vu) Cybersecurity M&A Roundup for August 1-8, 2021 (lien direct) | 
Nearly a dozen cybersecurity acquisitions were announced in the first week of August 2021.
|
|||
|
2021-08-09 10:56:43 | Internet Scanned for Microsoft Exchange Servers Vulnerable to ProxyShell Attacks (lien direct) | Organizations have been warned that hackers have started scanning the internet for Microsoft Exchange servers affected by a series of vulnerabilities that were disclosed by researchers last week. | |||
|
2021-08-09 09:55:32 | Apple Revives Encryption Debate With Move on Child Exploitation (lien direct) | Apple's announcement that it would scan encrypted messages for evidence of child sexual abuse has revived debate on online encryption and privacy, raising fears the same technology could be used for government surveillance. | |||
|
2021-08-06 17:44:51 | Threat Detection Provider ReversingLabs Raises $56 Million (lien direct) | Threat detection startup ReversingLabs has raised $56 million in a Series B funding round. To date, the company has raised $81 million. The new funding round was led by private equity firm Crosspoint Capital Partners. Existing investor ForgePoint Capital also participated. | |||
|
2021-08-06 15:08:13 | New DNS Attack Enables \'Nation-State Level Spying\' via Domain Registration (lien direct) | A new domain name system (DNS) attack method that involves registering a domain with a specific name can be leveraged for what researchers described as “nation-state level spying.” | |||
|
2021-08-06 15:07:20 | VMware Patches Severe Vulnerability in Workspace ONE Access, Identity Manager (lien direct) | VMware on Thursday released security updates for multiple products to address a pair of security bugs, one serious enough to give attackers access to sensitive information. | Vulnerability | ||
|
2021-08-06 14:50:31 | Black Hat 2021: Microsoft Wins Worst of Pwnie Awards (lien direct) | Microsoft came up the big winner in this year's Pwnie Awards, but for all the wrong reasons. | |||
|
2021-08-06 13:52:31 | Critical Code Execution Vulnerability Patched in Pulse Connect Secure (lien direct) | IT management and security company Ivanti this week released patches for multiple vulnerabilities in its Pulse Connect Secure VPN appliances, including a critical issue that could be exploited to execute arbitrary code with root privileges. | Vulnerability | ||
|
2021-08-06 12:39:29 | Prometheus TDS – Underground Service Distributing Several Malware Families (lien direct) | Group-IB security researchers have shared a technical analysis of Prometheus TDS, an underground service that over the past several months has been used for the distribution of various malware families, such as Buer Loader, Campo Loader, | Malware | ||
|
2021-08-06 11:32:02 | Analysis of ICS Exploits Can Help Defenders Prioritize Vulnerability Remediation (lien direct) | Industrial cybersecurity firm Dragos has published an analysis of exploits targeting vulnerabilities in industrial control systems (ICS) and operational technology (OT) systems. The company says the findings can help defenders prioritize remediation and mitigation efforts. | Vulnerability | ||
|
2021-08-06 09:15:25 | \'Sophisticated Group\' Behind Alaska Cyberattack, Agency Says (lien direct) | A “highly sophisticated group” known for cyberattacks against governmental and other entities is believed to be behind the attack this spring that targeted the Alaska health department, a spokesperson for the department said. | |||
|
2021-08-05 22:30:30 | Black Hat 2021: New CISA Boss Unveils Anti-Ransomware Collab With Big Tech (lien direct) | Head of the U.S. government's cybersecurity agency Jen Easterly introduced herself to the hacking community Thursday with a pledge to pursue transparent data sharing with the private sector and a call for “an ambitious national effort” to solve the cybersecurity skills shortage. | |||
|
2021-08-05 19:07:54 | Tech Titans Join US Cyber Team to Fight Ransomware (lien direct) | US cybersecurity officials on Thursday said Amazon, Google and Microsoft have enlisted to help them fight ransomware and defend cloud computing systems from hackers. | Ransomware | ||
|
2021-08-05 17:57:20 | U.S. Infrastructure Bill Allocates $2 Billion to Cybersecurity (lien direct) | 
|
|||
|
2021-08-05 16:39:36 | Microsoft Launches JIT-Free \'Super Duper Secure Mode\' Edge Browser Experiment (lien direct) | Security engineers at Microsoft plan to rip out a key performance feature from the Edge browser in an experiment aimed at better measuring the tradeoffs between security, optimization and performance. | |||
|
2021-08-05 15:48:35 | Iran-Linked Hackers Expand Arsenal With New Android Backdoor (lien direct) | The Iran-linked hacking group named Charming Kitten has added a new Android backdoor to its arsenal and successfully compromised individuals associated with the Iranian reformist movement, according to security researchers with IBM's X-Force threat intelligence team. | Threat Conference | APT 35 APT 35 | |
|
2021-08-05 13:40:20 | Cisco Patches Critical Vulnerability in Small Business VPN Routers (lien direct) | Cisco on Wednesday announced the release of patches for a critical vulnerability in small business VPN routers that could allow unauthenticated attackers to execute arbitrary code on affected devices. | Vulnerability | ||
|
2021-08-05 13:24:37 | China-Linked Cyberespionage Operation Suggests Interest in SCADA Systems (lien direct) | A cyberespionage group that appears to be based in China has been seen targeting critical infrastructure organizations in Southeast Asia, and the attackers may be interested in industrial control systems (ICS). | |||
|
2021-08-05 12:30:00 | Security is a Big Data Problem, and It\'s Getting Bigger (lien direct) | Solving security's big data problem is about prioritized data flow, continuously processing data for analysis and translating and exporting it to create a single security infrastructure | |||
|
2021-08-05 10:59:01 | Researchers Analyze Chinese Malware Used Against Russian Government (lien direct) | At least two Chinese cyberespionage groups targeted Russian federal executive authorities in 2020, security researchers with threat hunting and intelligence firm Group-IB reveal. | Malware Threat | ||
|
2021-08-05 02:10:42 | Oregon Examines Spyware Investment Amid Controversy (lien direct) | The future ownership of an Israeli spyware company whose product has been used to hack into the cellphones of journalists, human rights workers and possibly even heads of state is up in the air. | Hack | ||
|
2021-08-04 20:12:34 | Black Hat Keynote: Mobile Platforms \'Actively Obstructing\' Zero-Day Malware Hunters (lien direct) | Prominent security practitioner Matt Tait kicked off the annual Black Hat security conference Wednesday with a call for platform vendors to make major technology changes to help cope with the surge in major software supply chain attacks. | Malware | ||
|
2021-08-04 17:01:30 | Senate Report: Federal Agencies Still Have Poor Cybersecurity Practices (lien direct) | A bipartisan report released this week by the United States Senate's Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years. | |||
|
2021-08-04 13:56:11 | New CISA and NSA Guidance Details Steps to Harden Kubernetes Systems (lien direct) | New guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) provides information on the steps that administrators can take to minimize risks associated with Kubernetes deployments. | Uber | ||
|
2021-08-04 13:31:53 | ICS Vendors Address Vulnerabilities Affecting Widely Used Licensing Product (lien direct) | Industrial control systems (ICS) vendors and other organizations have published advisories to address a couple of serious denial of service (DoS) vulnerabilities affecting a widely used licensing and DRM solution made by Germany-based Wibu-Systems. |
To see everything:
Our RSS (filtrered)
