What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-14 09:41:32 | Ukraine Reports Massive Cyber Attack on Government Websites (lien direct) | Kyiv on Friday reported a massive cyber attack on key government websites as tensions between Russia and the West over Ukraine escalate following several rounds of unsuccessful talks. The education ministry said on Facebook that its website was down due to a "global (cyber) attack" that had taken place overnight. | |||
|
2022-01-14 00:51:00 | Maryland Lawmaker: Officials Misled on Ransomware Attack (lien direct) | A leading Maryland lawmaker said Thursday that top legislators were misled about the seriousness of a cyberattack on the state health department. | Ransomware Guideline | ||
|
2022-01-13 19:52:59 | Meshed Cybersecurity Platforms Enable Complex Business Environments (lien direct) | Cybercriminals are exploiting the confusion that results from organizations simply throwing money at their cybersecurity challenges | |||
|
2022-01-13 17:36:10 | FCC Chair Proposes New Policies for Carrier Data Breach Reporting (lien direct) | Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers' reporting of data breaches. | Data Breach | ||
|
2022-01-13 15:00:09 | Ransomware Group That Targeted Over 50 Companies Dismantled in Ukraine (lien direct) | Ukrainian authorities on Thursday announced arresting several individuals who are allegedly members of a major cybercrime group. According to the Security Service of Ukraine and the country's Cyber Police, the arrests are the result of an operation conducted in cooperation with law enforcement agencies in the United Kingdom and the United States. | |||
|
2022-01-13 13:51:11 | Maryland Confirms Ransomware Attack at Health Agency (lien direct) | The disruption of Maryland's reporting of COVID-19 data last month was caused by a ransomware attack, state officials said Wednesday. Chip Stewart, the state's chief information security officer, said the state has not paid extortion demands for the attack, which began on Dec. 4. | Ransomware | ||
|
2022-01-13 13:32:55 | Cisco Patches Critical Vulnerability in Contact Center Products (lien direct) | Cisco on Wednesday announced patches for a critical vulnerability in Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited remotely to elevate privileges to administrator. | Vulnerability | ||
|
2022-01-13 12:34:48 | ZDI Announces Rules and Prizes for Pwn2Own 2022 (lien direct) | Trend Micro's Zero Day Initiative (ZDI) on Wednesday announced the targets, prizes and rules for Pwn2Own Vancouver 2022, scheduled to take place May 18-20 alongside the CanSecWest conference. | |||
|
2022-01-13 11:55:25 | U.S. Cyber Command Officially Links MuddyWater Group to Iranian Intelligence (lien direct) | The U.S. Cyber Command (CYBERCOM) on Wednesday officially tied the advanced persistent threat (APT) actor known as MuddyWater to Iranian intelligence. | Threat | ||
|
2022-01-13 09:34:25 | Report: Dozens of El Salvador Journalists, Activists Hacked (lien direct) | Dozens of journalists and human rights defenders in El Salvador had their cellphones repeatedly hacked with sophisticated spyware over the past year and a half, an internet watchdog said Wednesday. | |||
|
2022-01-13 00:45:45 | Ransomware Attack Locks Down US Prison (lien direct) | A ransomware attack locked down a US jail, knocking out security cameras and leaving inmates confined to their cells, court documents show. | Ransomware | ||
|
2022-01-12 21:37:41 | Apple Patches iOS HomeKit Flaw After Researcher Warning (lien direct) | Apple has released an iOS security update with a fix for a persistent denial-of-service flaw in the HomeKit software framework but only after an independent researcher publicly criticized the company for ignoring his discovery. | |||
|
2022-01-12 17:58:09 | Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws (lien direct) | Mozilla has released Firefox 96 with patches for 18 security vulnerabilities affecting its flagship web browser and the Thunderbird mail program. Of the newly patched security flaws, nine are rated high-severity while six carry a "medium-severity" rating. | |||
|
2022-01-12 15:54:57 | Eureka Emerges From Stealth With Cloud Data Security Platform (lien direct) | Israel-based startup Eureka on Wednesday announced emerging from stealth mode with a cloud data security posture management platform and $8 million in seed funding. | |||
|
2022-01-12 14:54:12 | Security Validation Firm Pentera Raises $150 Million at $1 Billion Valuation (lien direct) | Automated security validation firm has now raised nearly $190 million in funding Boston, USA and Tel Aviv, Israel-based automated security validation (ASV) firm Pentera has raised $150 million in a Series C funding round led by K1 Investment Management, with participation from Evolution Equity Partners and Insight Partners. | |||
|
2022-01-12 14:53:40 | Microsoft Introduces New Security Update Notifications (lien direct) | Microsoft this week announced updated notifications for the Security Update Guide, the page where the tech company informs users of vulnerabilities that affect Microsoft products. | |||
|
2022-01-12 13:50:18 | (Déjà vu) ICS Patch Tuesday: Siemens, Schneider Electric Address 40 Vulnerabilities (lien direct) | The first round of security advisories released by Siemens and Schneider Electric in 2022 address a total of 40 vulnerabilities. Siemens | |||
|
2022-01-12 13:29:35 | New Cross-Platform Backdoor \'SysJoker\' Used in Targeted Attacks (lien direct) | A backdoor likely used by an advanced persistent threat (APT) actor in targeted attacks was built to target Windows, macOS, and Linux systems, Intezer reports. | Threat | ||
|
2022-01-12 12:14:51 | CISA Adds 15 Recent and Older Vulnerabilities to \'Must-Patch\' List (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week added 15 more vulnerabilities to its list of security bugs known to be exploited in malicious attacks. | |||
|
2022-01-12 11:43:32 | U.S. Issues Fresh Warning Over Russian Cyber Threats as Ukraine Tensions Mount (lien direct) | Several U.S. government agencies have issued a joint cybersecurity advisory to provide an overview of cyber operations linked to Russia. The advisory comes as tensions mount over a potential Russian invasion of Ukraine. | ★★★★★ | ||
|
2022-01-12 09:24:50 | SAP Patches Log4Shell Vulnerability in More Applications (lien direct) | German software maker SAP this week announced its first set of security updates for 2022, including patches for more applications affected by the Log4Shell vulnerability. | Vulnerability | ||
|
2022-01-12 02:14:12 | Albania Hires US Company to Boost Cybersecurity After Leak (lien direct) | The Albanian government said Tuesday that it would hire a U.S. company to bolster its cybersecurity following a large leak last month. | |||
|
2022-01-11 19:19:53 | Patch Tuesday: Microsoft Calls Attention to \'Wormable\' Windows Flaw (lien direct) | Microsoft's first batch of patches for 2022 is a big one: 97 documented security flaws in the Windows ecosystem, some serious enough to cause remote code execution attacks. | |||
|
2022-01-11 19:04:23 | Adobe Patches Reader Flaws That Earned Hackers $150,000 at Chinese Contest (lien direct) | Adobe on Tuesday announced security updates for several products, including for Acrobat and Reader, in which the software giant patched a total of 26 vulnerabilities. | |||
|
2022-01-11 18:24:26 | Details Disclosed for Recent Vulnerabilities in SonicWall Remote Access Appliances (lien direct) | Rapid7 today shared details on a series of vulnerabilities that SonicWall patched in the Secure Mobile Access (SMA) 100 series secure access gateway products last month. | |||
|
2022-01-11 16:23:12 | With the \'Great Resignation\' Comes the \'Great Exfiltration\' (lien direct) | Research shows the “Great Resignation” phenomenon is accompanied by a “Great Exfiltration” as people leave their jobs and take company data with them | |||
|
2022-01-11 15:42:08 | Millions of Routers Impacted by NetUSB Kernel Vulnerability (lien direct) | A vulnerability in the NetUSB kernel module could allow remote attackers to execute code on millions of router devices, endpoint security company SentinelOne warns. | Vulnerability | ||
|
2022-01-11 15:06:36 | Moxie Marlinspike Steps Down as Signal CEO (lien direct) | Celebrated cryptographer Moxie Marlinspike is stepping down as chief executive at Signal, temporarily turning the reins of the popular encrypted messaging platform to WhatsApp co-founder Brian Acton. | |||
|
2022-01-11 15:00:53 | CISA Steps up Public and Private Sector Collaboration in 2021 (lien direct) | We just concluded a very eventful year for the cybersecurity industry. Starting with an unprecedented wave of ransomware attacks on critical infrastructure targets, 2021 finished with the infamous Log4j vulnerabilities, which present a severe and ongoing threat to organizations and governments around the world. | Ransomware Threat | ||
|
2022-01-11 14:32:26 | Honeywell Launches New OT Cybersecurity Solution for Commercial Buildings (lien direct) | Honeywell on Tuesday announced the launch of a new cybersecurity solution for operational technology (OT) in commercial buildings. | |||
|
2022-01-11 13:11:49 | CISA Unaware of Any Significant Log4j Breaches in U.S. (lien direct) | CISA Concerned About Risk Posed by Log4Shell to Critical Infrastructure The U.S. Cybersecurity and Infrastructure Security Agency (CISA) says it's currently unaware of any significant breaches related to the recently disclosed Log4j vulnerabilities. | |||
|
2022-01-11 12:50:36 | Microsoft Details \'powerdir\' macOS Vulnerability Leading to Data Leaks (lien direct) | A vulnerability addressed recently in Apple's macOS platform could be exploited to gain unauthorized access to a user's personal data, Microsoft explains. | Vulnerability | ||
|
2022-01-11 12:27:51 | Industrial Firms Advised Not to Ignore Security Risks Posed by URL Parsing Confusion (lien direct) | Researchers from industrial cybersecurity firm Claroty and developer security company Snyk have analyzed more than a dozen URL parsing libraries and showed how inconsistencies can lead to various types of vulnerabilities. Industrial organizations have been advised not to ignore these findings. | Guideline | ||
|
2022-01-11 12:02:10 | Is the \'Great Resignation\' Impacting Cybersecurity? (lien direct) | The so-called 'great resignation' currently upending the U.S. labor market is starting to affect cybersecurity programs with a growing number of senior leaders opting for early retirement and mid-level managers leaving in droves for less stressful, fully remote work opportunities. | Guideline | ||
|
2022-01-11 11:24:57 | MRIoA Discloses Data Breach Affecting 134,000 People (lien direct) | Medical Review Institute of America (MRIoA) on Friday started notifying some individuals that their personal information was compromised in a cyberattack. | Data Breach | ||
|
2022-01-11 01:35:09 | Europol Ordered to Delete Data Not Linked With Crime (lien direct) | The European Union crime agency has been ordered by the 27-nation bloc's data protection watchdog to erase information related to individuals with no proven link to crime. The European Data Protection Supervisor said Monday that Europol was notified of the order on Jan. 3 following an inquiry that started in 2019. | |||
|
2022-01-10 19:16:52 | Apache Foundation Calls Out Open-Source Leechers (lien direct) | The Apache Software Foundation (ASF) is calling out for-profit companies leeching on open-source code, warning that “only a tiny percentage” of downstream vendors are contributing to securing the open-source ecosystem. | |||
|
2022-01-10 15:50:13 | U.S. Government Issues Warning Over Commercial Surveillance Tools (lien direct) | The U.S. State Department and the National Counterintelligence and Security Center (NCSC) on Friday issued a warning over the use of commercial surveillance tools. | |||
|
2022-01-10 15:31:35 | Abcbot DDoS Botnet Linked to Older Cryptojacking Campaign (lien direct) | The relatively recent Abcbot botnet appears to be operated by the same cybercriminals that launched a Xanthe-based cryptojacking campaign first detailed a couple of years ago, Cado Security says. | |||
|
2022-01-10 13:29:27 | SecurityWeek Cyber Insights 2022: Ransomware (lien direct) | 
|
Ransomware | ||
|
2022-01-10 13:04:03 | SonicWall Patches Y2K22 Bug in Email Security, Firewall Products (lien direct) | Cybersecurity firm SonicWall says it has released patches for some of its email security and firewall products to address a bug that resulted in failed junk box and message log updates. | |||
|
2022-01-10 12:42:44 | WordPress 5.8.3 Patches Several Injection Vulnerabilities (lien direct) | WordPress 5.8.3, a security release that became available last week, patches four injection-related vulnerabilities. Two of the flaws are SQL injections - one affects WP_Meta_Query (discovered by Ben Bidner of the WordPress security team) and one affects WP_Query (discovered by ngocnb and khuyenn of GiaoHangTietKiem JSC). | |||
|
2022-01-10 11:27:33 | Indian Cyberspies Expose Their Operation After Infecting Themselves With RAT (lien direct) | The India-linked threat actor tracked as Patchwork was observed employing a new variant of the BADNEWS backdoor in a recent campaign, but the hackers also infected one of their own computers, giving researchers a glimpse into their operations. | Threat | ||
|
2022-01-10 09:33:23 | QNAP Urges Users to Secure NAS Devices as Attacks Surge (lien direct) | Taiwan-based QNAP Systems on Friday warned users of an increase in attacks targeting network-attached storage (NAS) appliances, urging them to secure their devices as soon as possible. | |||
|
2022-01-07 19:17:48 | Attackers Hitting VMWare Horizon Servers With Log4j Exploits (lien direct) | Threat hunters in the U.K.'s National Health Service have raised an alarm for an unknown threat actor hitting vulnerable VMWare Horizon servers with exploits for the ubiquitous Log4j security flaw. | Threat | ||
|
2022-01-07 16:08:17 | Eight New macOS Malware Families Emerged in 2021 (lien direct) | Eight new macOS malware families emerged in 2021, according to Patrick Wardle, a security researcher who specializes in Apple products. | Malware | ||
|
2022-01-07 15:35:29 | Log4Shell-Like Vulnerability Found in Popular H2 Database (lien direct) | A critical, unauthenticated remote code execution vulnerability has been impacting the H2 database console since 2008. An open-source Java SQL database, H2 is an in-memory solution that eliminates the need to store data on disk, and is one of the most popular Maven packages, having roughly 7,000 artifact dependencies, | Vulnerability | ||
|
2022-01-07 13:48:33 | Cyber Ninjas Faces Fine Over Arizona Election Review Records (lien direct) | A judge said Thursday he will fine Cyber Ninjas, the contractor that led Arizona Republicans' 2020 election review, $50,000 a day if the firm doesn't immediately turn over public records related to the unprecedented inquiry. | |||
|
2022-01-07 12:35:19 | California Man Pleads Guilty Over Role in $50 Million Fraud Scheme (lien direct) | A California man this week admitted before a U.S. district judge to his role in a $50 million internet-enabled fraud scheme. Court documents claim that, between 2012 and 2020, Allen Giltman, 56, of Irvine, California, created fraudulent websites to ask for funds from investors. | |||
|
2022-01-07 12:12:38 | Online Pharmacy Service Ravkoo Discloses Data Breach (lien direct) | United States-based online pharmacy service Ravkoo this week started notifying patients of a data breach that potentially resulted in the exposure of personal information. | Data Breach |
To see everything:
Our RSS (filtrered)
