What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-31 11:52:52 | CISA\'s \'Must Patch\' List Puts Spotlight on Vulnerability Management Processes (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency's catalog of known exploited vulnerabilities can be useful not only for helping organizations patch high-risk vulnerabilities in their systems, but also to help them build or improve vulnerability management processes. | Vulnerability | ||
|
2022-01-31 05:50:47 | Israeli Lawyer, Hungarian Rights Group Target Pegasus Spyware (lien direct) | An Israeli lawyer said Saturday he was working with a rights group in Hungary to pursue authorities and Israeli firm NSO Group on behalf of Hungarian journalists allegedly targeted with Pegasus spyware. | |||
|
2022-01-30 11:54:07 | Finnish Diplomats Targeted by Pegasus Spyware: Ministry (lien direct) | Mobile phones belonging to Finnish diplomats were spied on using the cyber espionage software Pegasus, the country's foreign ministry said on Friday. | |||
|
2022-01-28 16:15:38 | Network Security Firm Portnox Raises $22 Million in Series A Funding (lien direct) | Cloud-native network and endpoint security solutions provider Portnox on Thursday announced raising $22 million in a Series A funding round. | |||
|
2022-01-28 13:59:59 | Zerodium Offering $400,000 for Microsoft Outlook Zero-Day Exploits (lien direct) | The exploit acquisition firm Zerodium this week showed increased interest in buying zero-day exploits targeting the popular email clients Microsoft Outlook and Mozilla Thunderbird. | |||
|
2022-01-28 12:52:26 | In the Hacker\'s Crosshairs: K-12 Schools (lien direct) | In education, cybersecurity is rarely top-of-mind - until a major incident occurs. Yet, according to the Federal Bureau of Investigation (FBI), schools are top targets for cybercriminals, resulting in ransomware attacks, data theft, and the disruption of online learning. | Ransomware | ★★★★★ | |
|
2022-01-28 12:07:58 | HackerOne Bags $49 Million in Series E Funding (lien direct) | Hacker-powered bug bounty platform HackerOne on Thursday announced that it has received $49 million in Series E investment, which brings the total raised by the company to $160 million. The funding round was led by GP Bullhound and received participation from Benchmark, Dragoneer Investment Group, NEA, and Valor Equity Partners. | |||
|
2022-01-28 11:58:35 | FBI Warns of Hacker Attacks Conducted by Iranian Cyber Firm (lien direct) | The FBI this week issued a private industry notification to warn organizations about the malicious activities conducted by an Iranian cyber company named Emennet Pasargad. The agency has described their tactics, techniques and procedures (TTPs) and it has shared several recommendations for preventing and detecting attacks. | |||
|
2022-01-28 11:41:48 | Xerox Quietly Patched Device-Bricking Flaw Affecting Some Printers (lien direct) | Xerox patched a device-bricking vulnerability in certain printer models more than a year and a half ago, but said nothing until this week, when information on the bug became public. | Vulnerability | ||
|
2022-01-28 11:07:39 | Web-Tracking \'Cookies\' Meant to Protect Privacy: Inventor (lien direct) | The data-tracking "cookies" at the heart of concerns over online privacy were meant to shield people, rather than serve as cyber snoops, their inventor told AFP. California-based engineer and entrepreneur Lou Montulli said the original "cookie" he created decades ago was intended to make life online easier by letting websites remember visitors. | |||
|
2022-01-28 09:40:15 | Identity Verification Firm Veriff Raises $100 Million (lien direct) | Veriff, a provider of automated identity verification technology, announced this week that it has raised $100 million in a Series C funding round, bringing the total amount raised by the company to $200 million. | |||
|
2022-01-28 09:32:27 | Over 100 Million Android Users Installed \'Dark Herring\' Scamware (lien direct) | More than 105 million Android users downloaded and installed scamware from Google Play and third-party app stores, according to mobile security firm Zimperium. | |||
|
2022-01-27 21:09:04 | Outlook Security Feature Bypass Allowed Sending Malicious Links (lien direct) | A Trustwave researcher has discovered a new technique to completely bypass a security feature of Microsoft Outlook and deliver a malicious link to the recipient. The new technique, Trustwave SpiderLabs lead threat architect Reegun Richard Jayapaul explains, is a variation of a vulnerability that was initially addressed in February 2020. | Vulnerability Threat Guideline | ||
|
2022-01-27 19:16:51 | Attack Surface Management Play Censys Scores $35M Investment (lien direct) | The jostling for space in the attack surface management space intensified this week with Michigan startup Censys banking a new $35 million funding round to fuel growth and expansion. | |||
|
2022-01-27 16:12:35 | French Ministry of Justice Targeted in Ransomware Attack (lien direct) | Cybercriminals claim to have breached systems belonging to France's Ministry of Justice and they are threatening to make public the files stolen from the government organization. | Ransomware | ||
|
2022-01-27 15:00:03 | Microsoft Saw Record-Breaking DDoS Attacks Exceeding 3 Tbps (lien direct) | Microsoft this week reported mitigating several massive distributed denial-of-service (DDoS) attacks aimed at its customers last year. | |||
|
2022-01-27 14:53:59 | US Says National Water Supply \'Absolutely\' Vulnerable to Hackers (lien direct) | 
|
|||
|
2022-01-27 13:17:18 | REvil Ransomware Operations Apparently Unaffected by Recent Arrests (lien direct) | The REvil (Sodinokibi) ransomware cooperative's activity has not slowed down following Russia's recent move to arrest several alleged members of the group, according to threat intelligence company ReversingLabs. | Ransomware Threat | ||
|
2022-01-27 12:09:47 | White House Publishes Federal Zero Trust Strategy (lien direct) | 
|
|||
|
2022-01-27 11:58:05 | Software Supply Chain Protection Startup Scribe Security Raises $7 Million (lien direct) | Scribe Security, an Israeli startup seeking to protect the software supply chain, has raised $7 million in seed funding. The investment round was led by Elron Ventures and received participation from various other investors, including Tal Ventures and YYM Ventures. | |||
|
2022-01-27 11:46:26 | VMware Warns of Log4j Attacks Targeting Horizon Servers (lien direct) | VMware is urging customers to patch their VMware Horizon instances as these systems have been targeted in a recent wave of attacks exploiting the Log4Shell vulnerability. | |||
|
2022-01-27 09:52:24 | QNAP Warns NAS Users of DeadBolt Ransomware Attacks (lien direct) | Network-attached storage (NAS) solutions manufacturer QNAP on Wednesday warned users of a DeadBolt ransomware campaign targeting their devices, encouraging them to correctly secure any Internet-facing NAS and routers. | Ransomware | ||
|
2022-01-27 07:22:57 | Official Says Puerto Rico\'s Senate Targeted by Cyberattack (lien direct) | Puerto Rico's Senate announced Wednesday that it was the target of a cyberattack that disabled its internet provider, phone system and official online page, the latest in a string of similar incidents in recent years. | |||
|
2022-01-27 04:59:04 | Rights Group Says Lebanese Staffer Targeted With NSO Spyware (lien direct) | Human Rights Watch said Wednesday that one of its senior staff members was targeted last year with spyware designed by the Israeli hacker-for hire company NSO Group. | |||
|
2022-01-26 23:02:35 | Apple Patches \'Actively Exploited\' iOS Security Flaw (lien direct) | Apple late Wednesday pushed out an urgent iOS update with fixes for 11 documented security flaws and warned that one of the vulnerabilities “may have been actively exploited.” In a barebones advisory, Apple acknowledged the zero-day took aim at a memory corruption issue in IOMobileFrameBuffer, an oft-targeted iOS kernel extension. | |||
|
2022-01-26 18:26:41 | Sophisticated Threat Actor Targets Governments, Defense Industry in Western Asia (lien direct) | High-ranking government officials and individuals in the defense industry in Western Asia were targeted in a sophisticated campaign that involved the use of Graphite malware, according to XDR firm Trellix, which resulted from the merger between McAfee Enterprise and FireEye. | Threat | ||
|
2022-01-26 17:55:33 | Cyber Insights 2022: Identity (lien direct) | 
|
Threat | ||
|
2022-01-26 16:09:43 | New Open Source Tool Helps Identify EtherNet/IP Stacks for ICS Research, Analysis (lien direct) | Industrial cybersecurity firm Claroty on Wednesday announced a new open source tool designed for identifying EtherNet/IP stacks. According to the company, the new “EtherNet/IP & CIP Stack Detector” tool can be useful to security researchers, operational technology (OT) engineers, and asset owners. | Tool | ||
|
2022-01-26 15:27:18 | Virtual Event Today: Ransomware Resilience & Recovery Summit - Doors Are Open (lien direct) | 
|
Ransomware | ||
|
2022-01-26 13:58:55 | Slim.AI Raises $31 Million to Secure Cloud-Native Applications (lien direct) | Cloud-native application security startup Slim.AI today announced that it has raised $31 million in Series A funding, which brings the total raised by the company to $37.6 million. | |||
|
2022-01-26 13:37:44 | Apple Pays Out $100,000 for Webcam, User Account Hacking Exploit (lien direct) | A security researcher claims to have received a significant bug bounty from Apple for reporting a series of Safari and macOS vulnerabilities that could have been exploited to hijack a user's online accounts and webcam. | |||
|
2022-01-26 12:31:45 | Polkit Vulnerability Provides Root Privileges on Linux Systems (lien direct) | Qualys security researchers warn of an easily exploitable privilege escalation vulnerability in polkit's pkexec, a SUID-root program found in all Linux distributions. | Vulnerability | ||
|
2022-01-26 12:04:21 | Europe\'s Hypocrisy Over Personal Data Privacy Exposed (lien direct) | There seems to be a strong likelihood that European hypocrisy over personal data privacy might continue indefinitely | |||
|
2022-01-26 11:49:52 | Two More Poles Identified as Victims of Hacking With Spyware (lien direct) | Two more Poles have been identified as victims of phone hacking with the notoriously powerful spyware from Israel's NSO Group: an agrarian political leader at odds with Poland's right-wing government and the co-author of a book about the head of Poland's secret services. | Guideline | ||
|
2022-01-26 11:19:00 | SonicWall Customers Warned of Possible Attacks Exploiting Recent Vulnerability (lien direct) | Hackers have started targeting a recently patched vulnerability affecting SonicWall's Secure Mobile Access (SMA) 100 series appliances, and while the attacks observed to date do not appear to have been successful, that could soon change. | Vulnerability | ||
|
2022-01-25 18:41:25 | New macOS Malware \'DazzleSpy\' Used in Hong Kong Attacks (lien direct) | A recent campaign targeting individuals in Hong Kong has leveraged at least two pieces of malware designed to target macOS systems. | Malware | ||
|
2022-01-25 16:45:39 | UK\'s NCSC Pushes NMAP Scanner Scripts to Fill Defender Gap (lien direct) | The U.K. government's cybersecurity agency has announced plans to ship a collection of well-tested, reliable scanning scripts to help defenders find and fix high-priority software security vulnerabilities. | |||
|
2022-01-25 15:16:27 | PrinterLogic Patches Code Execution Flaws in Printer Management Suite (lien direct) | PrinterLogic has released security updates to address a total of nine vulnerabilities in Web Stack and Virtual Appliance, including three security defects that carry "high severity" ratings. | |||
|
2022-01-25 13:59:52 | XDR Firm Hunters Raises $68 Million in Series C Funding Round (lien direct) | Extended detection and response (XDR) company Hunters on Tuesday announced raising another $68 million, which brings the total investment secured by the firm to $118 million. | |||
|
2022-01-25 13:02:11 | Revelstoke Emerges From Stealth With SOAR Platform (lien direct) | California-based Revelstoke on Tuesday emerged from stealth mode with a security orchestration, automation and response (SOAR) platform designed to help organizations customize and automate their security operations center (SOC). | |||
|
2022-01-25 12:58:56 | Combating the Surge in Retail Theft and E-Commerce Fraud With Open Source Intelligence (lien direct) | Retailers have recently experienced a significant increase in the theft of goods from their physical locations. | |||
|
2022-01-25 12:18:03 | Delay in Creating New Cybersecurity Board Prompts Concern (lien direct) | This is not the first time lawmakers have been unhappy with the pace of progress under Biden | |||
|
2022-01-25 12:02:12 | Application Security Company ArmorCode Raises $8 Million (lien direct) | Application security startup ArmorCode today announced that it has received $8 million in additional seed funding, which brings the total raised by the company to $11 million. The funding round was led by Cervin Ventures and received participation from Sierra Ventures, Tau Ventures, and founders of Demisto and RedLock. | |||
|
2022-01-25 11:50:35 | Canada\'s Foreign Ministry Targeted In Cyberattack (lien direct) | Canada's foreign ministry was hit by a cyberattack last week that is still preventing diplomats from accessing certain online services, federal cyber security agencies confirmed on Monday. | |||
|
2022-01-25 11:18:42 | Port of Los Angeles Launches Cyber Resilience Center (lien direct) | 
|
|||
|
2022-01-25 09:43:13 | Fewer-Than-Expected Log4j Attacks, but Mirai Joins the Fray (lien direct) | Log4Shell, the critical unauthenticated remote code execution vulnerability identified in early December 2021 in the Apache Log4j logging utility, hasn't seen the mass exploitation that many expected, but an exploit for it is now part of the Mirai botnet's arsenal, researchers warn. | Vulnerability | ||
|
2022-01-25 01:13:22 | Belarus Hacktivists Target Railway in Anti-Russia Effort (lien direct) | A Belarusian hacktivist group says it has launched a limited cyberattack on the national railway company, aimed at impeding the movement of Russian troops and freight inside the Moscow-allied country. It said it encrypted some servers, databases and workstations. | |||
|
2022-01-24 22:22:33 | DC, 3 States Sue Google Saying it Invades Users\' Privacy (lien direct) | The District of Columbia and three states are suing Google for allegedly deceiving consumers and invading their privacy by making it nearly impossible for them to stop their location from being tracked. | |||
|
2022-01-24 20:05:48 | Court Awards Merck $1.4B Insurance Claim Over NotPetya Cyberattack (lien direct) | 
New Jersey court delivers summary judgment against insurance company's refusal to pay based on war exclusion clause
|
NotPetya NotPetya | ||
|
2022-01-24 17:54:59 | Microsoft Restricts Excel 4.0 Macros by Default (lien direct) | Microsoft has announced improved security for the users of its flagship Office productivity suite, courtesy of Excel 4.0 (XLM) macros now being restricted by default. |
To see everything:
Our RSS (filtrered)
