What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-26 16:54:13 | Report: US Gov Executive Order to Mandate Data Breach Disclosure (lien direct) | A proposed executive order would set new rules on the disclosure of data breaches that also affect United States government agencies, according to a Reuters news report. | Data Breach | ||
|
2021-03-26 16:52:02 | EU, US Make New Attempt for Data Privacy Deal (lien direct) | Europe and the United States will use a thaw in ties to strike a pact that would allow for the exchange of private data across the Atlantic, replacing previous agreements struck down by an EU court. | |||
|
2021-03-26 16:14:03 | Kaspersky Sees Rise in Ransomware Attacks on ICS Devices in Developed Countries (lien direct) | Cybersecurity firm Kaspersky observed a drop in ransomware attacks on industrial control system (ICS) computers in the second half of 2020, but it saw an increase in these types of attacks in developed countries. | Ransomware | ||
|
2021-03-26 15:05:29 | (Déjà vu) Severe Flaws in Official \'Facebook for WordPress\' Plugin (lien direct) | A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence. | Vulnerability Guideline | ||
|
2021-03-26 15:05:29 | Severe Flaws in Facebook for WordPress Plugin (lien direct) | A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence. | Vulnerability Guideline | ||
|
2021-03-26 14:55:33 | QNAP Urges Users to Secure Devices Against Brute-Force Attacks (lien direct) | Network-attached storage appliance manufacturer QNAP Systems this week published an alert urging users to take the necessary steps to secure their devices against brute-force attacks. | |||
|
2021-03-26 14:31:06 | 5G Security Flaw Allows Data Access, DoS Attacks (lien direct) | A design flaw discovered in the architecture of 5G network slicing can allow malicious actors to access potentially sensitive data and launch denial-of-service (DoS) attacks, mobile network security company AdaptiveMobile Security warned this week. | |||
|
2021-03-26 12:22:04 | Vulnerabilities Can Allow Attackers to Remotely Gain Control of Weintek HMIs (lien direct) | A cybersecurity researcher who specializes in industrial control systems (ICS) has identified three types of critical vulnerabilities in products made by human-machine interface (HMI) manufacturer Weintek. | |||
|
2021-03-26 11:31:29 | Endpoint Security Provider Morphisec Bags $31 Million Investment (lien direct) | Endpoint security provider Morphisec on Thursday announced that it has raised $31 million in a new funding round led by JVP, with participation from existing investors, such as Orange and Deutsche Telekom Capital Partners. | |||
|
2021-03-26 10:59:11 | (Déjà vu) General Says Attacks by Foreign Hackers Are \'Clarion Call\' (lien direct) | The U.S. Cyber Command conducted more than two dozen operations aimed at thwarting interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. | Guideline | ||
|
2021-03-26 09:05:49 | Critical Flaw in Jabber for Windows Could Lead to Code Execution (lien direct) | Cisco this week announced the release of software updates that address several vulnerabilities in Jabber for desktop and mobile platforms, the most severe of which could be abused to execute arbitrary code with elevated privileges. | |||
|
2021-03-25 19:14:18 | New Code Execution Flaws In Solarwinds Orion Platform (lien direct) | Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. | |||
|
2021-03-25 17:46:39 | The Growing Need for a New Security Platform (lien direct) | The idea of a security platform is not new. Neither are the issues related to security and vendor sprawl inside an organization. The original idea behind the Next-Gen Firewall was to blend several products into a single platform to reduce IT overhead and simplify wiring closets that had been overrun with security devices. And it worked. NGFW solutions quickly became the cornerstone for security implementations in virtually every organization in the world. | |||
|
2021-03-25 17:09:07 | US Cyber Experts Conducted Operations to Safeguard Election (lien direct) | The U.S. Cyber Command conducted more than two dozen operations aimed at preventing interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. | Guideline | ||
|
2021-03-25 16:09:29 | New Slack Connect DM Feature Raises Security Concerns (lien direct) | Business communications platform Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to any other Slack user. | |||
|
2021-03-25 15:36:05 | Mamba Ransomware Leverages DiskCryptor for Encryption, FBI Warns (lien direct) | The Federal Bureau of Investigation (FBI) this week published an alert to warn of the fact that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives, including the operating system. | Ransomware Tool | ||
|
2021-03-25 15:21:55 | Feedzai Lands $200M in Series C Funding (lien direct) | Feedzai, a late-stage fintech startup, is the latest entrant into cybersecurity's unicorn club after snagging a new $200 million funding round that values the company at more than $1 billion. | |||
|
2021-03-25 15:16:04 | (Déjà vu) OpenSSL 1.1.1k Patches Two High-Severity Vulnerabilities (lien direct) | 
|
|||
|
2021-03-25 14:31:31 | Hackers Start Exploiting Recent Vulnerabilities in Thrive Theme WordPress Plugins (lien direct) | Over 100,000 WordPress websites could be exposed to attacks targeting a couple of recently addressed vulnerabilities affecting Thrive Theme plugins, warns the Wordfence Threat Intelligence Team at WordPress security company Defiant. | Threat | ||
|
2021-03-25 13:58:10 | 5 Things IT Should Ask Managed Security Providers (lien direct) | Over the past five years of running a managed security service offering, I've received no shortage of questions and requests from customers. They run the gamut from the completely outlandish to questions that have legitimately influenced change. Regardless of the question, it's important for managed security providers to listen to their customers and accept feedback, whether it's positive or negative. | |||
|
2021-03-25 12:31:50 | Microsoft Offers Up to $30,000 for Vulnerabilities in Teams Desktop Client (lien direct) | Microsoft on Wednesday announced that its bug bounty programs now also cover the desktop client of its Teams business communications platform. | |||
|
2021-03-25 00:02:58 | Judge Rejects Ex-CIA Worker\'s Try to Dismiss Hacking Charges (lien direct) | A former CIA employee cannot get espionage charges against him dismissed on the grounds that there weren't enough Hispanic or Black individuals on the grand jury that indicted him, a judge ruled Wednesday. | |||
|
2021-03-24 18:56:34 | Facebook Disrupts Chinese Spies Using iPhone, Android Malware (lien direct) | Facebook's threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world. | Malware Threat | ||
|
2021-03-24 17:54:24 | Air Charter Firm Solairus Aviation Suffers Data Breach (lien direct) | Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis. | Data Breach | ★★ | |
|
2021-03-24 17:12:45 | Microsoft: Ongoing, Expanding Campaign Bypassing Phishing Protections (lien direct) | A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft. | |||
|
2021-03-24 14:57:36 | Vulnerabilities in TBox RTUs Can Expose Industrial Organizations to Remote Attacks (lien direct) | UK-based industrial automation company Ovarro recently patched a series of vulnerabilities in its TBox remote terminal units (RTUs). Cybersecurity experts say these flaws could pose a serious risk to organizations. | |||
|
2021-03-24 13:44:41 | The Case for Taking Down Dark Web Sites (lien direct) | Taking Down Dark Web Sites May Cause Headache for Both the Bad Guys and the Good Guys | |||
|
2021-03-24 13:08:48 | Insurer CNA Says Cyberattack Caused Network Disruption (lien direct) | Commercial insurer CNA on Tuesday announced that it was recently targeted in what it described as a sophisticated cyberattack. The Chicago, Illinois-based company is one of the largest commercial insurers in the United States, offering cyber insurance policies alongside a broad range of other insurance products. | |||
|
2021-03-24 12:09:29 | Honeywell Says Malware Disrupted IT Systems (lien direct) | Industrial giant Honeywell on Tuesday revealed that some of its IT systems were disrupted as a result of a malware attack. The company said the intrusion was detected “recently” and only a “limited number” of IT systems were disrupted. No other information has been provided regarding impact. | Malware | ||
|
2021-03-23 20:37:49 | Purple Fox Malware Squirms Like a Worm on Windows (lien direct) | Malware hunters at Guardicore are warning that an aggressive botnet operator has turned to SMB password brute-forcing to infect and spread like a worm across the Microsoft Windows ecosystem. | Malware | ★★★★ | |
|
2021-03-23 19:12:55 | Firefox 87 Adds Stronger User Privacy Protections (lien direct) | Mozilla today announced the release of Firefox 87 in the stable channel fitted with a new intelligent tracker blocking mechanism. | |||
|
2021-03-23 17:05:10 | ID.me Snags $100M in Series C Funding (lien direct) | Digital identity network play ID.me, Inc. has joined the growing list of cybersecurity unicorns after banking a new $100 million funding round that values the company at $1.5 billion. | |||
|
2021-03-23 16:31:07 | Researchers Dive into the Operations of SilverFish Cyber-Espionage Group (lien direct) | Researchers with the PRODAFT Threat Intelligence Team took a deep dive into the operations of the SilverFish cyber-espionage group and linked one of its command and control (C&C) servers with recent high-profile malicious attacks. | Threat | ||
|
2021-03-23 15:37:03 | Sierra Wireless Says Ransomware Disrupted Production at Manufacturing Facilities (lien direct) | 
Canada-based IoT company Sierra Wireless revealed on Tuesday that its internal IT systems were hit by a ransomware attack on March 20.
|
Ransomware | ||
|
2021-03-23 14:45:35 | Identity Verification Provider Jumio Snags $150M Investment (lien direct) | Identity verification provider Jumio today announced a new $150 million investment round from private equity firm Great Hill Partners. | |||
|
2021-03-23 14:35:43 | The Cusp of a Virtual Analyst Revolution (lien direct) | Security Analytics and Threat Investigation Are in the Midst of a Sea Change | Threat | ||
|
2021-03-23 13:07:30 | Recently Patched Android Vulnerability Exploited in Attacks (lien direct) | Google has warned Android users that a recently patched vulnerability has been exploited in attacks. The vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates released in January 2021. | Vulnerability | ||
|
2021-03-23 12:30:09 | Facebook Fails in Bid to Derail $15 Bn Privacy Suit (lien direct) | The US Supreme Court on Monday declined to consider an appeal by Facebook that would have derailed a $15 billion lawsuit over whether it illegally tracked users about a decade ago. | |||
|
2021-03-23 12:12:19 | Cloud Security Company Orca Raises $210 Million at $1.2 Billion Valuation (lien direct) | Cloud security firm Orca has achieved “unicorn” status after raising $210 million in a Series C funding round that values the company at $1.2 billion. | |||
|
2021-03-23 04:52:53 | Remote Code Execution Vulnerability Patched in Apache OFBiz (lien direct) | One of the vulnerabilities addressed by the latest update for Apache OFBiz is an unsafe Java deserialization issue that could be exploited to execute code remotely, without authentication. | Vulnerability | ||
|
2021-03-23 01:00:52 | UK Unveils Plan for Smaller, More High-Tech Armed Forces (lien direct) | Britain plans to cut the size of its army and boost spending on drones, robots and a new “cyber force” under defense plans announced by the government on Monday. Defense Secretary Ben Wallace said the British Army would shrink from 76,500 soldiers to 72,500 by 2025. He said the army hadn't been at its “established strength” of 82,500 for several years. | |||
|
2021-03-22 18:37:00 | The VC View: Hot Trends in Security After the Pandemic (lien direct) | What Spaces Are Hot in Security and Will Get Attention in 2021? | |||
|
2021-03-22 18:28:34 | Defense of Convicted Cypriot Hacker in US Not Seeking Appeal (lien direct) | A lawyer for a Cypriot hacker who has served almost four years behind bars said he will not appeal against a one-year jail sentence in the US for cyber-crimes he committed as a minor. | |||
|
2021-03-22 15:47:07 | Shell Says Personal, Corporate Data Stolen in Accellion Security Incident (lien direct) | Oil and gas giant Royal Dutch Shell (Shell) is the latest company to have confirmed impact from the December 2020 cyber-attack on Accellion's File Transfer Appliance (FTA) file sharing service. | ★★ | ||
|
2021-03-22 15:04:29 | Electricity Distribution Systems at Increasing Risk of Cyberattacks, GAO Warns (lien direct) | A newly published report form the U.S. Government Accountability Office (GAO) describes the risks of cyber-attacks on the electricity grid's distribution systems, along with the scale of the potential impact of such attacks. | ★★ | ||
|
2021-03-22 14:00:25 | Researchers Raise Alarm for F5 BIG-IP Malware Attacks (lien direct) | The urgency to patch gaping security holes in F5 Networks BIG-IP and BIG-IQ products escalated over the weekend after researchers spotted malicious in-the-wild attack activity. | Malware | ||
|
2021-03-22 13:20:58 | US Sentences Russian, North Macedonian in Cyber Fraud Case (lien direct) | The United States sentenced a Russian and a North Macedonian on Friday to prison for their roles in a vast cyber crime operation. | ★★ | ||
|
2021-03-22 12:49:09 | TikTok Pays Out $11,000 Bounty for High-Impact Exploit (lien direct) | 
A researcher has earned over $11,000 from TikTok after disclosing a series of vulnerabilities that could have been chained for a high-impact 1-click exploit.
|
|||
|
2021-03-22 11:56:35 | (Déjà vu) Cybersecurity M&A Roundup for Week of Mar. 15, 2021 (lien direct) | 
More than a dozen cybersecurity-related acquisitions and mergers were announced in the third week of March 2021.
|
|||
|
2021-03-22 10:59:27 | Cyber Attack Tied to China Boosts Development Bank\'s Chief (lien direct) | The cyberattack crested just as finance officials from across Latin America were descending on Washington to commemorate the 60th anniversary of the Inter-American Development Bank. |
To see everything:
Our RSS (filtrered)
