What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-13 19:34:41 | Swedish Sports Body Hacked by Russians, Officials Say (lien direct) | The organization that oversees Sweden's national sports federations was hacked by Russian military intelligence in 2017-18, officials said Tuesday, in a data-breaching campaign that also affected some of the world's leading sporting bodies, including FIFA and the World Anti-Doping Agency. | Guideline | ||
|
2021-04-13 19:08:51 | Breaches Detected Faster, But Ransomware Surge a Major Factor: FireEye (lien direct) | Data from FireEye's Mandiant incident response division shows that the time it takes organizations to detect a malicious hacker attack continues to drop, but it's not only due to better threat detection capabilities. | Ransomware Threat | ||
|
2021-04-13 18:26:50 | MS Patch Tuesday: NSA Reports New Critical Exchange Flaws (lien direct) | Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks. | ★★★★★ | ||
|
2021-04-13 17:51:47 | Adobe Patches Critical Code Execution Vulnerabilities in Photoshop, Bridge (lien direct) | Adobe on Tuesday announced patches for vulnerabilities in four of its products, including critical code execution flaws affecting Photoshop and Bridge. | |||
|
2021-04-13 13:50:20 | Exploit Released for Critical Vulnerability Affecting QNAP NAS Devices (lien direct) | An exploit is now publicly available for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station video management system. | Vulnerability | ||
|
2021-04-13 13:08:52 | CISA Details Malware Found on Hacked Exchange Servers (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published details on additional malware identified on compromised Microsoft Exchange servers, namely China Chopper webshells and DearCry ransomware. | Malware | ||
|
2021-04-13 12:32:24 | (Déjà vu) PoC Exploit Released for Unpatched Flaw Affecting Chromium-Based Browsers (lien direct) | A researcher has made public a proof-of-concept (PoC) exploit for a recently discovered vulnerability affecting Chrome, Edge and other Chromium-based web browsers. | Vulnerability | ||
|
2021-04-13 12:01:45 | Small Kansas Water Utility System Hacking Highlights Risks (lien direct) | A former Kansas utility worker has been charged with remotely tampering with a public water system's cleaning procedures, highlighting the difficulty smaller utilities face in protecting against hackers. | |||
|
2021-04-13 03:36:08 | Grambling Grad Getting Louisiana\'s 1st Cybersecurity Degree (lien direct) | A Grambling State University student is about to get Louisiana's first bachelor's degree in cybersecurity at a time when data breaches are making headlines. Alexis White of Arcadia already has a degree in biology. She earned it in 2018 - the year Grambling won approval for the state's only bachelor's degree program in cybersecurity. | |||
|
2021-04-12 22:18:25 | Joker Android Trojan Lands in Huawei AppGallery App Store (lien direct) | Ten variants of the Joker Android Trojan managed to slip into the Huawei AppGallery app store and were downloaded by more than 538,000 users, according to new data from Russian anti-malware vendor Doctor Web. | |||
|
2021-04-12 17:51:12 | DoControl Emerges From Stealth With SaaS Security Platform (lien direct) | DoControl emerged from stealth mode on Monday with an automated data access controls platform for SaaS applications, and more than $13 million in funding. | ★★★★ | ||
|
2021-04-12 17:33:53 | IcedID Trojan Operators Experimenting With New Delivery Methods (lien direct) | The threat actors behind the IcedID Trojan are experimenting with various delivery methods to increase efficiency, including sending malicious messages from web-based contact forms. | Threat | ||
|
2021-04-12 17:33:53 | Iran Used Fake Instagram Accounts to Try to Nab Israelis: Spy Agencies (lien direct) | Israeli spy agencies accused Iran on Monday of using fake social media accounts to lure citizens of the Jewish state abroad "to harm or abduct them". | ★★ | ||
|
2021-04-12 16:48:40 | Unearthing the \'Attackability\' of Vulnerabilities that Attract Hackers (lien direct) | Vulnerability management is largely about patch management: finding, triaging and patching the most critical vulnerabilities in your environment. Each aspect of this process presents its own problems. | Patching | ||
|
2021-04-12 16:44:05 | ID Verification Firm Veriff Lands $69 Million in Series B Funding (lien direct) | Veriff, a provider of automated identity verification technology, today announced that it has secured $69 million in Series B financing, bringing the total amount raised by the company to $92.8 million. | ★★★ | ||
|
2021-04-12 16:02:24 | The VC View: Data Security - Deciphering a Misunderstood Category (lien direct) | I'm both excited and concerned to write about data security as one of the hot trends to monitor in 2021. Data security is a tough topic to summarize and I'd argue it may be the most misunderstood category in security right now. We're a raw industry that has been shaken up multiple times for years. | ★★★★★ | ||
|
2021-04-12 15:43:22 | Biden Names 2 Ex-NSA Officials for Senior Cyber Positions (lien direct) | President Joe Biden has selected two former senior National Security Agency officials for key cyber roles in his administration, the White House said Monday. | |||
|
2021-04-12 13:20:11 | Iran Blames Israel for Sabotage at Natanz Nuclear Site (lien direct) | Iran blamed Israel on Monday for a sabotage attack on its underground Natanz nuclear facility that damaged its centrifuges, an assault that imperils ongoing talks over Tehran's tattered nuclear deal and brings a shadow war between the two countries into the light. | |||
|
2021-04-12 12:58:08 | Cybersecurity M&A Roundup for April 1-11, 2021 (lien direct) | 
Eleven cybersecurity-related acquisitions and mergers were announced in the first part of April 2021.
|
|||
|
2021-04-12 11:35:59 | Fed Chair Says Cyberattacks Main Risk to US Economy (lien direct) | Federal Reserve chairman Jerome Powell said he was more worried about the risk of a large-scale cyberattack than another financial crisis like that of 2008. The risks of a 2008-like crisis with a need for government bailouts of banks were "very, very low," the head of the US central bank said during an interview aired Sunday on CBS's "60 minutes." | |||
|
2021-04-12 11:03:24 | Zerodium Offering $300,000 for WordPress Exploits (lien direct) | Exploit acquisition company Zerodium announced last week that it's temporarily offering $300,000 for high-impact WordPress exploits. | |||
|
2021-04-11 19:07:27 | Iran Calls Natanz Atomic Site Blackout \'Nuclear Terrorism\' (lien direct) | Iran on Sunday described a blackout at its underground Natanz atomic facility an act of “nuclear terrorism,” raising regional tensions as world powers and Tehran continue to negotiate over its tattered nuclear deal. | |||
|
2021-04-09 18:16:50 | Microsoft Open-Sources \'CyberBattleSim\' Enterprise Environment Simulator (lien direct) | Microsoft this week announced the open source availability of Python code for “CyberBattleSim,” a research toolkit that supports simulating complex computer systems. | |||
|
2021-04-09 16:55:31 | CISA Releases Tool to Detect Microsoft 365 Compromise (lien direct) | The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential compromise within Microsoft Azure and Microsoft 365 environments. | Tool | ||
|
2021-04-09 12:15:04 | Security Automation Firm Tines Raises $26 Million at $300 Million Valuation (lien direct) | Tines, an Ireland-based company that provides no-code automation solutions for security and operations teams, on Thursday announced that it has raised $26 million in a Series B funding round, at a valuation of $300 million. | |||
|
2021-04-09 11:58:30 | LG Promises Three Years of OS Updates for Premium Android Smartphones (lien direct) | South Korean tech giant LG this week announced that it will continue to provide operating system updates to users of its premium Android smartphones, for up to three years. | |||
|
2021-04-09 11:07:21 | Pwn2Own 2021 Participants Earn Over $1.2 Million for Their Exploits (lien direct) | The Pwn2Own 2021 hacking competition has come to an end, with participants earning more than $1.2 million - more than ever paid out at the event - for exploits in the browser, virtualization, server, local privilege escalation, and enterprise communications categories. | |||
|
2021-04-09 08:46:29 | Collaboration Platforms Increasingly Abused for Malware Distribution, Data Exfiltration (lien direct) | Threat actors are increasingly abusing collaboration platforms for nefarious purposes, including malware delivery and data exfiltration, security researchers with Cisco's Talos division report. | Malware | ||
|
2021-04-08 18:54:58 | Cisco Patches Critical Flaw in SD-WAN vManage (lien direct) | Cisco this week announced patches for tens of vulnerabilities across its product portfolio, including a critical severity issue impacting the SD-WAN vManage software. | |||
|
2021-04-08 18:35:33 | Cost of Sandboxing Prompts Shift to Memory-Safe Languages. A Little Too Late? (lien direct) | NEWS ANALYSIS: Google's decision to promote Rust for low-level Android programming is another sign that the shelf-life for memory corruption mitigations are no match for the speed of in-the-wild exploit development. | |||
|
2021-04-08 15:06:39 | Library Dependencies and the Open Source Supply Chain Nightmare (lien direct) | 
It's a bigger problem than is immediately apparent, and has the potential for hacks as big as Equifax and as widespread as SolarWinds.
|
Equifax Equifax | ||
|
2021-04-08 14:19:27 | Belden Says Health-Related Information Exposed in Data Breach (lien direct) | Specialty networking solutions provider Belden on Wednesday shared an update on the data breach disclosed in November 2020, and said health-related information was also exposed. | Data Breach | ||
|
2021-04-08 13:47:10 | Cring Ransomware Targets Industrial Organizations (lien direct) | Cring ransomware operators are exploiting an old path traversal vulnerability in the FortiOS SSL VPN web portal to gain access to enterprise networks, Kaspersky warns. | Ransomware Vulnerability | ||
|
2021-04-08 12:09:02 | PHP Developers Share Update on Recent Breach (lien direct) | The developers of the PHP scripting language have shared an update on the recently disclosed breach in which attackers planted malicious code. | |||
|
2021-04-08 11:13:54 | $200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own (lien direct) | Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user interaction. | |||
|
2021-04-08 10:50:21 | Vulnerability in \'Domain Time II\' Could Lead to Server, Network Compromise (lien direct) | A vulnerability residing in the “Domain Time II” network time solution can be exploited in Man-on-the-Side (MotS) attacks, cyber-security firm GRIMM warned on Tuesday. | Vulnerability | ||
|
2021-04-07 16:35:09 | Open Source Security Management Firm WhiteSource Raises $75 Million (lien direct) | Open source security management company WhiteSource on Wednesday announced that it has raised $75 million in a Series D funding round. | ★★★★ | ||
|
2021-04-07 16:27:46 | Report: Supplier Impersonation Attacks a Major Risk (lien direct) | Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks, according to a new report from enterprise security company Proofpoint. | ★★★ | ||
|
2021-04-07 15:10:01 | Fake Netflix App Luring Android Users to Malware (lien direct) | Researchers Flag 'FlixOnline' as a Malicious Android Play Store App That Combines Social Engineering With WhatsApp Auto-Replies to Propagate | Malware | ||
|
2021-04-07 14:43:05 | What Cybersecurity Policy Changes Should We Expect from the Biden Administration? (lien direct) | As the U.S. transitions to a new presidential administration, which can be expected to differ largely from the last, it is hard not to speculate how President Biden's Administration will reduce the risk of a major cyberattack against the U.S. or her interests. | ★★ | ||
|
2021-04-07 14:00:04 | Facebook Removes 14 Networks Fueling Deceptive Campaigns (lien direct) | Facebook this week announced that in March it removed a total of 14 networks of accounts from its online services, for spreading deceptive content meant to manipulate public opinion. | ★★★★★ | ||
|
2021-04-07 13:26:30 | Details Disclosed for GitHub Pages Flaws That Earned Researchers $35,000 (lien direct) | A researcher has disclosed the details of a series of vulnerabilities that could have been exploited by an attacker to access an organization's private pages on GitHub. | |||
|
2021-04-07 11:33:06 | Google Patches Critical Code Execution Vulnerability in Android (lien direct) | The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component. | Vulnerability | ||
|
2021-04-07 10:48:21 | White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021 (lien direct) | On the first day of the Pwn2Own 2021 hacking competition, participants earned more than half a million dollars, including $440,000 for demonstrating exploits against Microsoft products. | |||
|
2021-04-07 02:15:44 | Facebook Says Hackers \'Scraped\' Data of 533 Million Users in 2019 Leak (lien direct) | Facebook said Tuesday that hackers "scraped" personal data of some half-billion users back in 2019 by taking advantage of a feature designed to help people easily find friends using contact lists. | |||
|
2021-04-07 01:34:53 | Senators Press for More on SolarWinds Hack After AP Report (lien direct) | Key lawmakers said Tuesday they're concerned they've been kept in the dark about what suspected Russian hackers stole from the federal government and they pressed Biden administration officials for more details about the scope of what's known as the SolarWinds hack. | Hack | ||
|
2021-04-06 20:14:53 | Threat Actors Quick to Target (Patched) SAP Vulnerabilities (lien direct) | Threat actors are constantly targeting new vulnerabilities in SAP applications within days after the availability of security patches, according to a joint report issued by SAP and Onapsis. | |||
|
2021-04-06 15:04:52 | ThreatQuotient Adds $22.5 Million in Funding (lien direct) | ThreatQuotient, a threat intelligence and security operations platform provider, has closed $22.5 million in new financing through a combination of equity and debt financing. | Threat | ||
|
2021-04-06 14:33:29 | APT Group Using Voice Changing Software in Spear-Phishing Campaign (lien direct) | A sub-group of the 'Molerats' threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security. | |||
|
2021-04-06 14:23:10 | US DoD Launches Vuln Disclosure Program for Contractor Networks (lien direct) | The United States Department of Defense (DoD) this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base (DIB) contractor networks. | Vulnerability |
To see everything:
Our RSS (filtrered)
