What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-05-20 10:51:42 | Hackers Targeted SolarWinds Earlier Than Previously Known (lien direct) | The hackers who carried out the massive SolarWinds intrusion were in the software company's system as early as January 2019, months earlier than previously known, the company's top official said Wednesday. | |||
|
2021-05-20 09:26:57 | Scans for Vulnerable Exchange Servers Started 5 Minutes After Disclosure of Flaws (lien direct) | Adversaries are typically quick to take advantage of newly disclosed vulnerabilities, and they started scanning for vulnerable Microsoft Exchange Servers within five minutes after Microsoft's announcement, Palo Alto Networks reveals in a new report. | |||
|
2021-05-20 03:56:03 | Glass and Metal Packaging Giant Ardagh Group Discloses Cyberattack (lien direct) | Glass and metal packaging giant Ardagh Group this week disclosed a cyberattack that forced it to shut down certain systems and applications. The Luxembourg-based company, one of the largest producers of glass and metal packaging products, says it was able to safely continue operations at its facilities despite the incident. | |||
|
2021-05-19 17:48:10 | Colonial Pipeline CEO Explains $4.4M Ransomware Payment (lien direct) | Colonial Pipeline chief executive Joseph Blount has confirmed the company shelled out $4.4 million to purchase a decryption key to recover from the disruptive ransomware attack that caused gasoline shortages in parts of the U.S. | Ransomware | ||
|
2021-05-19 14:36:40 | Probe Into Florida Water Plant Hack Led to Discovery of Watering Hole Attack (lien direct) | An investigation conducted by industrial cybersecurity firm Dragos into the recent cyberattack on the water treatment plant in Oldsmar, Florida, led to the discovery of a watering hole attack that initially appeared to be aimed at water utilities. | Hack | ||
|
2021-05-19 13:29:42 | DarkSide: Newly Found Variant and Implications for the Ransomware Gang\'s Future (lien direct) | 
|
Ransomware | ||
|
2021-05-19 12:31:39 | Google Workspace Gets New Security Features (lien direct) | Google this week announced adding new security features to its Google Workspace collaboration and productivity solution, to provide administrators with more capabilities and controls for protecting users and organizations. | |||
|
2021-05-19 11:50:03 | Emerson Patches Several Vulnerabilities in X-STREAM Gas Analyzers (lien direct) | American industrial giant Emerson this week informed customers that it has released firmware updates for its Rosemount X-STREAM gas analyzers to address half a dozen vulnerabilities, including ones that have been rated high severity. | |||
|
2021-05-19 10:50:14 | Lawmakers Reintroduce \'Pipeline Security Act\' Following Colonial Hack (lien direct) | More than a dozen U.S. lawmakers led by Rep. Emanuel Cleaver (D-MO) have reintroduced the Pipeline Security Act, whose goal is to aid the DHS's efforts to protect pipeline infrastructure against cyberattacks, terrorist attacks and other threats. | Hack | ||
|
2021-05-19 10:36:45 | A Renewed Push to Improve the Nation\'s Cybersecurity (lien direct) | Biden's Executive Order to improve the nation's cybersecurity is a good first step, but it is unlikely to materially change the defensive posture of the nation | |||
|
2021-05-18 20:34:39 | Cloud-Native Authorization Provider Styra Raises $40 Million (lien direct) | Cloud-native authorization provider Styra on Tuesday announced that it closed a $40 million Series B funding round. To date, the company has raised more than $54 million. | |||
|
2021-05-18 20:24:37 | Researchers Find Exploitable Bugs in Mercedes-Benz Cars (lien direct) | Following an eight-month audit of the code in the latest infotainment system in Mercedes-Benz cars, security researchers with Tencent Security Keen Lab identified five vulnerabilities, four of which could be exploited for remote code execution. | |||
|
2021-05-18 19:23:09 | Splunk to Acquire Threat Intelligence Platform Provider TruSTAR (lien direct) | Machine data solutions firm Splunk (NASDAQ: SPLK) announced Tuesday that it has agreed to acquire TruSTAR, a San Francisco-based company that provides a threat intelligence platform designed to integrate various threat data sources and improve detection and response times. | Threat | ||
|
2021-05-18 15:09:50 | Apple Platform Security Guide Updated With Details on Authentication Features (lien direct) | 
Apple this week updated its Platform Security Guide to provide more details on a couple of recently announced authentication features.
|
|||
|
2021-05-18 14:01:39 | PoC Exploit Released for Wormable Windows Vulnerability (lien direct) | A researcher has released a proof-of-concept (PoC) exploit for a recently patched Windows vulnerability that could allow remote code execution and which has been described by Microsoft as wormable. | Vulnerability | ||
|
2021-05-18 13:34:03 | FBI: IC3 Received 6 Million Cybercrime Complaints Since Inception (lien direct) | The Federal Bureau of Investigation says its Internet Crime Complaint Center (IC3) received more than one million cybercrime complaints over the past 14 months. | |||
|
2021-05-18 12:27:46 | Argentina Orders Facebook to Suspend WhatsApp Data Sharing (lien direct) | Argentina has ordered Facebook to suspend its data use policy allowing it to collect information from users of its WhatsApp messaging app, the government announced on Monday. The suspension will last at least six months and aims to prevent "the abuse of a dominant position," said a resolution published in the official bulletin. | |||
|
2021-05-18 11:42:00 | European Union Extends Framework for Cyberattack Sanctions (lien direct) | The European Council this week announced its decision to extend for one year the framework for sanctions against cyberattacks that threaten the European Union and its member states. | |||
|
2021-05-18 11:20:11 | RSA Conference 2021 - Product Announcement Summary (Day 1) (lien direct) | 
The 2021 edition of the RSA Conference started on Monday, May 17, and this year the event is fully virtual.
|
|||
|
2021-05-18 08:31:08 | Microsoft Build Engine Abused for Fileless Malware Delivery (lien direct) | An ongoing campaign abuses the Microsoft Build Engine (MSBuild) platform for the fileless delivery of malware, security researchers with threat intelligence firm Anomali reveal. | Threat Malware | ||
|
2021-05-17 15:53:02 | Ireland\'s Health Service Executive Held to Ransom by Conti Gang (lien direct) | Ireland's Health Service Executive (HSE) was hit by a ransomware attack late last week, forcing the organization to shut down its IT system (reported as more than 80,000 computers) on Friday. Green Party Minister of State for Communications Ossian Smyth said the attack was “possibly the most significant cybercrime attack on the Irish State”. | Ransomware | ||
|
2021-05-17 15:40:29 | Despite Warnings, Cloud Misconfiguration Problem Remains Disturbing (lien direct) | 
|
|||
|
2021-05-17 15:05:36 | QNAP Investigating New Attacks Targeting NAS Devices (lien direct) | Network-attached storage (NAS) appliance manufacturer QNAP Systems says it is investigating reports of malicious attacks targeting NAS devices. | |||
|
2021-05-17 14:36:33 | AXA Confirms Ransomware Attack Impacted Operations in Asia (lien direct) | France-based insurance giant AXA has confirmed that some of its operations in Asia have been impacted by a ransomware attack. A cybercrime gang that uses a piece of ransomware named Avaddon appears to be behind the attack. | Ransomware | ||
|
2021-05-17 14:14:38 | Ireland Rejects Facebook Bid to Block Regulatory Data Probe (lien direct) | Ireland's High Court on Friday rejected Facebook's bid to block an investigation that could potentially stop data transfers from the European Union to the United States. | |||
|
2021-05-17 14:05:25 | CISA: Disconnect Internet for 3-5 Days to Evict SolarWinds Hackers From Network (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) has published guidance detailing the steps that organizations affected by the SolarWinds attack should take to ensure they evict the attackers from compromised environments. | |||
|
2021-05-17 11:26:17 | (Déjà vu) Cybersecurity M&A Roundup for May 10-16, 2021 (lien direct) | 
Nearly a dozen cybersecurity-related mergers and acquisitions were announced during the week of May 10, 2021.
|
|||
|
2021-05-17 11:01:31 | Adam Ely Joins Fidelity as New CISO (lien direct) | Cybersecurity industry veteran Adam Ely is the new Chief Information Security Officer (CISO) at Fidelity Investments. | |||
|
2021-05-17 10:25:14 | French Appeal Set for Convicted Russian Money Launderer (lien direct) | Russian Alexander Vinnik, jailed last year for money laundering, begins an appeal at a Paris court Tuesday, as prosecutors challenge his acquittal on charges that he masterminded massive ransomware attacks. | Ransomware | ||
|
2021-05-15 10:15:40 | Authomize Emerges From Stealth With Automated Authorization Management Platform (lien direct) | Israeli cybersecurity startup Authomize, which has developed an automated, cloud-based authorization governance and management Solution, emerged from stealth mode this week. | |||
|
2021-05-14 17:35:22 | DarkSide Ransomware Shutdown: An Exit Scam or Running for Hills? (lien direct) | The criminal gang behind the disruptive Colonial Pipeline ransomware hack says it is shutting down operations, but threat hunters believe the group will reemerge with a new name and new ransomware variants. | Threat Ransomware Hack | ||
|
2021-05-14 17:05:14 | Investors Pump $90 Million Into Pentesting Firm NetSPI (lien direct) | Private equity giant KKR leads investment to fuel growth of enterprise penetration testing firm NetSPI, a provider of enterprise penetration tools and services, has raised $90 million in growth funding led by private equity giant KKR, with participation from Ten Eleven Ventures. | Guideline | ||
|
2021-05-14 15:08:14 | Impacted Vendors Release Advisories for FragAttacks Vulnerabilities (lien direct) | 
|
|||
|
2021-05-14 13:51:27 | (Déjà vu) Application Security Startup ArmorCode Emerges From Stealth (lien direct) | Application security startup ArmorCode emerged from stealth mode on Thursday after raising $3 million in a seed funding round. | |||
|
2021-05-14 13:29:52 | Cisco Patches Code Execution Flaw in VPN Product 6 Months After Disclosure (lien direct) | Cisco this week announced the availability of patches for a high-severity vulnerability in AnyConnect Secure Mobility Client that could be exploited for code execution. | Vulnerability | ||
|
2021-05-14 13:24:37 | DarkSide Ransomware Hits Toshiba Tec Group (lien direct) | The DarkSide ransomware threat that triggered the shut down of the Colonial pipeline is growing. It was reported yesterday that German Chemical distribution giant Brenntag paid a $4.4 million ransom to DarkSide operators. Today Toshiba Tec Corp announced a 'cyberattack on European subsidiaries of the Toshiba Tec Group'. | Ransomware | ||
|
2021-05-14 12:53:30 | Insurer CNA Fully Restores Systems Following Ransomware Attack (lien direct) | Commercial insurer CNA this week announced that it has fully restored its systems following a ransomware attack two months ago. | Ransomware | ||
|
2021-05-14 12:45:48 | Cisco to Acquire Vulnerability Management Firm Kenna Security (lien direct) | Networking giant Cisco said Friday that it has agreed to acquire Kenna Security, a privately held cybersecurity company focused on vulnerability management technology. | Vulnerability | ||
|
2021-05-13 19:20:45 | Researchers Abuse Apple\'s Find My Network for Data Upload (lien direct) | Security researchers have discovered a way to leverage Apple's Find My's Offline Finding network to upload data from devices, even those that do not have a Wi-Fi or mobile network connection. | |||
|
2021-05-13 18:59:02 | Rapid7 Source Code Exposed in Codecov Supply Chain Attack (lien direct) | Rapid7 says unauthorized third-party accessed source code, customer data during Codecov supply chain breach | |||
|
2021-05-13 17:30:28 | Vendor Survey vs Reality on SASE Implementation (lien direct) | Gartner believes it will be four years before the market achieves two-thirds of the position a WSJ Intelligence and Forcepoint survey says is already achieved | |||
|
2021-05-13 17:20:12 | Biden to Bring Up Russian Hackers Issue With Putin (lien direct) | President Joe Biden said Thursday that Vladimir Putin was not connected to a Russia-based criminal cyber attack on a huge US fuel pipeline but that he will raise the issue at an expected summit. | |||
|
2021-05-13 14:57:32 | Citrix Patches Vulnerability in Workspace App for Windows (lien direct) | Citrix this week announced that it has patched a local privilege escalation vulnerability in the Citrix Workspace app for Windows. | Vulnerability | ★★★ | |
|
2021-05-13 14:55:06 | Verizon DBIR 2021: Ransomware, Web App and Phishing Attacks Dominate (lien direct) | Data breaches from 2020 show that not much has changed over the last year: businesses continue to struggle with the basics of securing web apps, cloud deployments and educating employees | ★★★ | ||
|
2021-05-13 13:24:20 | Microsoft Warns of Attacks on Aerospace, Travel Sectors (lien direct) | Organizations in the aerospace and travel sectors have been targeted in the past months in a campaign aimed at infecting victims with remote access Trojans (RAT) and other types of malware, Microsoft warns. | |||
|
2021-05-13 13:17:00 | Query.AI Launches With Security Investigations Platform, $4.6 Million Seed Funding (lien direct) | Query.AI officially launched on Thursday with a security investigations platform and $4.6 million in seed funding. The funding came from ClearSky Security, DNX Ventures, and South Dakota Equity Partners, and Query.AI says it will be used to accelerate adoption of its product. | |||
|
2021-05-13 13:13:27 | Security Automation: Data is More Important Than Process (lien direct) | Automation can't be just about running the process, but must include three important stages | |||
|
2021-05-13 12:45:50 | UK Foreign Secretary Calls for Cooperation on Cybersecurity (lien direct) | U.K. Foreign Secretary Dominic Raab on Wednesday urged global cooperation to combat cyberattacks by “hostile state actors” and criminal gangs. Raab also pledged 22 million pounds ($31 million) in support to “vulnerable” countries in Africa and the Indo-Pacific to improve their digital defense capacity. | |||
|
2021-05-13 11:03:58 | Green Energy Company Volue Hit by Ransomware (lien direct) | Norway-based green energy solutions provider Volue has been working on restoring systems after being targeted in a ransomware attack. | Ransomware | ||
|
2021-05-13 00:20:13 | Tech Audit of Colonial Pipeline Found \'Glaring\' Problems (lien direct) | An outside audit three years ago of the major East Coast pipeline company hit by a cyberattack found “atrocious” information management practices and “a patchwork of poorly connected and secured systems,” its author told The Associated Press. | ★★ |
To see everything:
Our RSS (filtrered)
