What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-03 13:30:04 | CISA Lists 300 Exploited Vulnerabilities That Organizations Need to Patch (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday released a list of roughly 300 vulnerabilities that are known to have been exploited, and it has issued a binding operational directive (BOD) instructing government organizations to patch these security flaws. | |||
|
2021-11-03 11:53:48 | Iran Says Fuel System Running Again After Cyber Attack (lien direct) | Iran's fuel distribution system resumed full operation on Tuesday, a week after it was paralysed by a cyber attack, the authorities said. | |||
|
2021-11-03 11:36:53 | Another Cybersecurity Awareness Month Has Passed and Little Has Changed (lien direct) | Last month we celebrated the 18th year of the Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month. Under the slogan “Do Your Part. | |||
|
2021-11-03 11:29:42 | Printers Hacked for First Time at Pwn2Own (lien direct) | The Zero Day Initiative's Pwn2Own Austin 2021 hacking competition kicked off on Tuesday and, for the first time in the event's history, participants earned rewards for hacking printers. | |||
|
2021-11-03 09:46:52 | Many GitLab Servers Affected by Actively Exploited Flaw Patched Six Months Ago (lien direct) | An actively exploited remote code execution vulnerability in GitLab continues to affect roughly 30,000 Internet-facing installations six months after patches were released, Rapid7 says. | Vulnerability | ||
|
2021-11-02 18:32:55 | FBI: Ransomware Attacks Exploit Financial Business Events (lien direct) | The Federal Bureau of Investigation (FBI) this week issued an industry-wide notification to raise awareness about ransomware operators leveraging information on mergers, acquisitions and stock valuations to launch extortion attacks on businesses. | Ransomware | ||
|
2021-11-02 18:23:36 | Hackers Release Israeli LGBTQ Dating Site Details (lien direct) | Israel's justice ministry said Tuesday Google had blocked sites of a hacking group that leaked user details of an Israeli LGBTQ dating site, an attack some security experts blamed on Iran. | |||
|
2021-11-02 17:51:17 | Facebook to Shut Down Face-Recognition System, Delete Data (lien direct) | Facebook said it will shut down its face-recognition system and delete the faceprints of more than 1 billion people. | |||
|
2021-11-02 17:03:52 | Signal Working on Improving Anti-Spam Capabilities (lien direct) | Privacy-focused communication platforms Signal is sharing information on the improvements it has made to its spam-prevention capabilities. The task of keeping spam out of user's inboxes, Signal says, is more difficult compared to other messaging services, because the company does not have access to the contents of messages, and has to fight spam without social graphs. | Spam | ||
|
2021-11-02 16:05:05 | IBM Security to Acquire ReaQta for xDR Push (lien direct) | IBM Security on Tuesday announced plans to acquire ReaQta, an early-stage European startup in the red-hot autonomous threat detection and response business. Financial terms of the transaction were not released. ReaQta, based in the Netherlands, raised an undisclosed Series A funding round earlier this year. | Threat | ||
|
2021-11-02 15:59:37 | FBI Publishes IOCs for Hello Kitty Ransomware (lien direct) | The Federal Bureau of Investigation (FBI) has published a flash alert to share details on the tactics, techniques and procedures (TTPs) and indicators of compromise (IOCs) associated with the Hello Kitty ransomware, which is also known as FiveHands. | Ransomware | ||
|
2021-11-02 15:30:30 | Kaspersky Patches Vulnerability That Can Lead to Unbootable System (lien direct) | Microsoft Phishing Messages Come From Kaspersky Email Address Kaspersky published two advisories on Monday to warn customers about a vulnerability that can lead to unbootable systems and a phishing campaign involving messages sent from a Kaspersky email address. | Vulnerability Guideline | ||
|
2021-11-02 15:16:06 | Google Triples Bounty for Linux Kernel Exploitation (lien direct) | Google is sweetening the pot for bug bounty researchers finding and exploiting privilege escalation flaws in the Linux kernel. Over the next three months, Google plans to shell out US$31,337 for privilege escalation exploits using an already patched vulnerability, and $50,337 for a zero-day kernel flaw or a novel exploitation technique. | |||
|
2021-11-02 14:10:14 | DevSecOps Startup Oxeye Emerges From Stealth With $5.3 Million in Funding (lien direct) | DevSecOps startup Oxeye emerged from stealth mode on Tuesday with a cloud-native application security testing platform and $5.3 million in seed funding. Currently in Beta, the company's automated platform is designed to help developer, security and DevSecOps teams identify and address code vulnerabilities before they reach production. | |||
|
2021-11-02 13:29:52 | After Security Flaw Found, Missouri Hires Data Breach Group (lien direct) | Two weeks after a newspaper discovered a security flaw on a state website, Gov. Mike Parson's administration has hired a company that performs data breach and credit monitoring services. | Data Breach | ||
|
2021-11-02 13:12:48 | Encryption-as-a-Service Provider Vaultree Emerges From Stealth (lien direct) | Encryption-as-a-Service startup Vaultree today emerged from stealth mode and announced raising $3.3 million in a seed round led by Ten Eleven Ventures. Enterprise Ireland, HBAN, Unpopular Ventures, and former Cisco CSO John N. Stewart also contributed to the funding round. | |||
|
2021-11-02 12:51:34 | Security Pros Know What They Need to Do, But Constrained by Lack of Resources (lien direct) | A new survey report describes security teams as trapped by a lack of resources into continuing what they have been doing (which, from empirical evidence, clearly is not working) rather than migrating their efforts to what they believe they should be doing (risk analysis and threat modeling). | Threat | ||
|
2021-11-02 12:47:30 | Google Patches Android Zero-Day Exploited in Targeted Attacks (lien direct) | Google on Monday announced the availability of the November 2021 security updates for Android and warned that one of the patched vulnerabilities has been exploited in attacks. | |||
|
2021-11-02 12:07:04 | CrowdStrike to Buy Zero Trust Data Encryption Firm SecureCircle (lien direct) | Zero trust is a conceptual destination, not an application. As with all destinations, there are different routes to it, and even different descriptions of it. CrowdStrike (NASDAQ: CRWD) believes it will complete its own zero trust destination on the endpoint by acquiring and integrating SecureCircle's data encryption into its existing identity and access capabilities. | |||
|
2021-11-02 11:56:56 | Marshall University Launches New Cybersecurity Institute (lien direct) | Marshall University has launched its newly formed Institute for Cyber Security. Marshall President Jerome Gilbert said the institute is an academic and research cluster that will support cybersecurity-related programs across the campus. | |||
|
2021-11-02 11:22:35 | BlackMatter Ransomware Operators Develop Custom Data Exfiltration Tool (lien direct) | The cybercriminals operating the BlackMatter ransomware have started using a custom data exfiltration tool in their attacks, Symantec reports. | Ransomware Tool | ||
|
2021-11-02 02:25:21 | China Tightens Control Over Company Data With Transfer Rules (lien direct) | Companies in China would need government approval to transfer important data abroad under proposed rules announced Friday that would tighten Beijing's control over information and might disrupt operations for international corporations. | |||
|
2021-11-01 19:07:48 | Tens of Thousands Download "AbstractEmu" Android Rooting Malware (lien direct) | Malware hunters at Lookout Security have discovered a new Android rooting malware that managed to score tens of thousands of downloads through Google Play and third-party application stores. | Malware | ||
|
2021-11-01 18:38:28 | Signal Provides Only Two Timestamps as Response to Grand Jury Subpoena (lien direct) | Signal says it can provide only a couple of timestamps in response to a grand jury subpoena for user data that it recently received from the District Court for the Central District of California. | |||
|
2021-11-01 16:02:54 | Atlanta Man Charged for Role in BEC Fraud Scheme (lien direct) | An Atlanta resident was charged last week for his role in a business email compromise (BEC) scheme that resulted in losses of millions of dollars. | |||
|
2021-11-01 15:46:03 | \'Trojan Source\' Attack Abuses Unicode to Inject Vulnerabilities Into Code (lien direct) | Researchers from the University of Cambridge have identified a new attack method that abuses Unicode to stealthily inject vulnerabilities into code. Dubbed Trojan Source, the attack impacts many of the compilers, interpreters, code editors, and code repository frontend services used by software developers. | |||
|
2021-11-01 14:09:12 | Hackers Threaten to Out Israeli LGBTQ Dating Site Users (lien direct) | A hacking group calling itself Black Shadow threatened Sunday to reveal personal details of users of Israeli's leading LGBTQ dating site, in an attack some cyber experts linked to Iran. "If we have 1 Millions $ in our wallet in the next 48 hours, we will not leak this information and also we will not sell it to anybody," Black Shadow wrote on Telegram. | Guideline | ||
|
2021-11-01 13:35:28 | (Déjà vu) Cybersecurity M&A Roundup: 41 Deals Announced in October 2021 (lien direct) | 
The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with 41 deals announced in October 2021.
|
|||
|
2021-11-01 12:15:34 | Iran Suspects Israel and US Behind Fuel Cyber Attack (lien direct) | An Iranian general has said Israel and the United States were likely to have been behind a cyber attack that interrupted the distribution of fuel at service stations. | |||
|
2021-11-01 11:09:11 | Google Introduces New Open-Source Data Privacy Protocol (lien direct) | Google last week took the wraps off Private Set Membership (PSM), a cryptographic protocol meant to ensure privacy during specific queries. | |||
|
2021-10-30 17:18:31 | Apparent Iran-Linked Hackers Breach Israeli Internet Firm (lien direct) | Hackers believed to be linked to Iran have breached an Israeli internet hosting company, taking down several of its sites, local media reported. | |||
|
2021-10-29 18:03:22 | MITRE, CISA Announce 2021 List of Most Common Hardware Weaknesses (lien direct) | MITRE and the DHS's Cybersecurity and Infrastructure Security Agency (CISA) have announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. | |||
|
2021-10-29 17:32:43 | NSA, CISA Release 5G Cloud Security Guidance (lien direct) | The NSA and the DHS's Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the first in a series of guidance documents for securing 5G cloud infrastructure. | |||
|
2021-10-29 15:07:56 | HelpSystems Expands Shopping Spree With Digital Guardian Acquisition (lien direct) | Minnesota-based IT management and software powerhouse HelpSystems expanded its year-long cybersecurity shopping spree with a new deal to acquire data loss prevention specialists Digital Guardian. Financial terms of the acquisition were not released. | |||
|
2021-10-29 15:03:12 | Massachusetts Health Network Hacked; Patient Info Exposed (lien direct) | A Worcester, Mass. health care network says someone hacked into its employee email system, potentially exposing the personal information of thousands of patients. | |||
|
2021-10-29 13:28:08 | Shrootless: macOS Vulnerability Found by Microsoft Allows Rootkit Installation (lien direct) | Microsoft on Thursday published information on a vulnerability in Apple's macOS platform that could allow an attacker to bypass System Integrity Protection (SIP) and modify operating system files. | Vulnerability | ||
|
2021-10-29 13:10:46 | Russian Man Extradited to U.S. for Role in TrickBot Malware Development (lien direct) | A Russian national has been extradited from South Korea to the United States to face charges for his alleged role in the cybercriminal organization behind the TrickBot malware. | Malware | ||
|
2021-10-29 11:58:17 | 12 People Arrested Over Ransomware Attacks on Critical Infrastructure (lien direct) | Europol and Norwegian Police on Friday announced the arrests of 12 individuals suspected of being involved in ransomware attacks launched against companies around the world, including critical infrastructure organizations. | Ransomware | ||
|
2021-10-29 11:23:32 | Ransomware Attack Hits PNG Finance Ministry (lien direct) | A cyberattack on Papua New Guinea's finance ministry briefly disrupted government payments and operations, officials said late Thursday. | |||
|
2021-10-29 10:27:07 | Chrome 95 Update Patches Exploited Zero-Days, Flaws Disclosed at Tianfu Cup (lien direct) | A Chrome 95 update released by Google on Thursday patches two actively exploited Chrome vulnerabilities, as well as flaws that were disclosed recently at a Chinese hacking contest. | |||
|
2021-10-29 10:08:17 | India\'s Top Court Orders Probe Into Pegasus Snooping (lien direct) | India's Supreme Court on Wednesday ordered an independent investigation into the alleged government use of Pegasus spyware on journalists, opposition politicians and activists with the chief justice calling the implications "Orwellian". | |||
|
2021-10-28 18:33:49 | FBI Publishes Indicators of Compromise for Ranzy Locker Ransomware (lien direct) | The Federal Bureau of Investigation (FBI) this week released a Flash report to publicly share indicators of compromise (IOCs) for the Ranzy Locker ransomware. | Ransomware | ||
|
2021-10-28 17:40:31 | Free Decryption Tools Available for Babuk, AtomSilo and LockFile Ransomware (lien direct) | Cybersecurity company Avast on Wednesday announced the availability of free decryption tools for three pieces of ransomware: Babuk, AtomSilo and LockFile. Users and organizations that had their files encrypted by these ransomware families can use the decryptors to recover their files. | Ransomware | ||
|
2021-10-28 15:52:44 | Critical GoCD Authentication Flaw Exposes Software Supply Chain (lien direct) | A highly-critical vulnerability in a popular open-source CI/CD solution can be exploited to hijack sensitive secrets for downstream supply chain attacks, according to a warning from SonarSource. | Vulnerability | ||
|
2021-10-28 14:53:44 | Scottish Cybersecurity Startup Unveils Versatile AI-Based Deception (lien direct) | 
|
|||
|
2021-10-28 14:04:36 | Vendor-Neutral Initiative Sets Bare-Minimum Baseline for Security (lien direct) | Google on Wednesday announced the Minimum Viable Secure Product (MVSP) initiative, partnering with some of tech's biggest names to create a vendor-neutral minimum baseline criteria for secure products. | |||
|
2021-10-28 14:00:47 | 3 Questions for MDRs Helping to Get Your Enterprise to XDR (lien direct) | An XDR implementation can quickly turn into a very large consulting project requiring significant time and budget | |||
|
2021-10-28 13:55:59 | Phishing Protection Provider SlashNext Raises $26 Million (lien direct) | Phishing protection provider SlashNext today announced that it has raised $26 million in venture capital funding, which brings the total raised by the company to $43 million. As part of this round, investments came from the ACTIVE Fund of the Ayala group, Telia Group, and Tom and Matt Gallo, as well as from early investors Alter Ventures, Norwest, and Wing. | |||
|
2021-10-28 12:25:51 | Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software (lien direct) | Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. | Threat | ||
|
2021-10-28 12:17:02 | US Dismisses Assange Suicide Risk in Extradition Appeal (lien direct) | The United States urged two senior British judges on Wednesday to clear the extradition of WikiLeaks founder Julian Assange and reject a lower court's ruling that he is a suicide risk. |
To see everything:
Our RSS (filtrered)
