What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-28 14:21:59 | Chinese Threat Actor Targets Rare Earth Mining Companies in North America, Australia (lien direct) | Mandiant's security researchers have been tracking influence campaigns that a Chinese threat actor named Dragonbridge has been conducting against rare earth mining companies in Australia, Canada, and the United States. | Threat | ||
|
2022-06-28 13:01:05 | New Database Catalogs Cloud Vulnerabilities, Security Issues (lien direct) | Cloud security company Wiz has announced the launch of a new database whose goal is to keep track of vulnerabilities and other security issues affecting cloud services. | |||
|
2022-06-28 12:27:39 | Cyber-Physical Security: Benchmarking to Advance Your Journey (lien direct) | Operational resilience is a priority and organizations are decisive about protecting cyber-physical systems (CPS) in today's consolidated and converged reality | |||
|
2022-06-28 12:23:49 | Chinese Hackers Target Building Management Systems (lien direct) | Threat hunters at Kaspersky have uncovered a series of attacks that targeted organizations across telecoms, transportation, and industrial sectors with the ShadowPad backdoor. The campaign hit the manufacturing and telecoms industries in Afghanistan and Pakistan, and a logistics and transport organization (a port) in Malaysia. | |||
|
2022-06-28 11:06:53 | LockBit 3.0 Ransomware Emerges With Bug Bounty Program (lien direct) | The LockBit 3.0 ransomware operation was launched recently and it includes a bug bounty program offering up to $1 million for vulnerabilities and various other types of information. | Ransomware | ||
|
2022-06-27 17:35:51 | Lithuania Says Hit by Cyberattack, Russia \'Probably\' to Blame (lien direct) | Lithuania said Monday it had been hit by an "intense" cyberattack, probably Russian, days after Moscow protested restrictions Vilnius imposed on the rail transit of certain goods to Kaliningrad. | |||
|
2022-06-27 15:14:10 | NIST Releases New macOS Security Guidance for Organizations (lien direct) | The National Institute of Standards and Technology (NIST) has published the final version of its guidance on securing macOS endpoints and assessing their security. | |||
|
2022-06-27 14:06:11 | House Passes ICS Cybersecurity Training Bill (lien direct) | The US House of Representatives has passed a new cybersecurity bill named the “Industrial Control Systems Cybersecurity Training Act.” | |||
|
2022-06-27 13:02:44 | Cerby Emerges From Stealth With Security Platform for Unmanageable Apps (lien direct) | California-based company Cerby on Monday announced that it has emerged from stealth mode with a security platform for unmanageable applications, as well as $12 million in seed funding. | |||
|
2022-06-27 12:20:01 | FTC Takes Action Against CafePress Over Massive Data Breach, Cover-Up (lien direct) | The Federal Trade Commission (FTC) on Friday announced that it has finalized an order against CafePress, requiring it to improve its security posture following a cybersecurity incident that the company attempted to cover up. | |||
|
2022-06-27 11:13:05 | Netsec Goggle Customizes Brave Search Results to Show Only Cybersecurity Websites (lien direct) | Cybersecurity consulting firm Forces Unseen has developed a “Goggle” for the Brave search engine that allows users to obtain results only from cybersecurity websites. | |||
|
2022-06-27 10:08:30 | Cyberattack Forces Iran Steel Company to Halt Production (lien direct) | One of Iran's major steel companies said on Monday it was forced to halt production after being hit by a cyberattack, apparently marking one of the biggest such assaults on the country's strategic industrial sector in recent memory. | |||
|
2022-06-24 13:53:25 | Researchers: It Took Oracle 6 Months to Patch \'Mega\' Vulnerability Affecting Many Systems (lien direct) | Security researchers have published technical details on a critical Fusion Middleware vulnerability that Oracle took six months to patch. | Vulnerability | ||
|
2022-06-24 13:38:18 | CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day (lien direct) | Security researchers at CrowdStrike have stumbled upon ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter. | Ransomware | ||
|
2022-06-24 12:21:16 | Black Basta Ransomware Becomes Major Threat in Two Months (lien direct) | 
|
Ransomware Threat | ||
|
2022-06-24 12:12:43 | Hadrian Raises $11 Million for Offensive Security Platform (lien direct) | Offensive security startup Hadrian today announced that it has received €10.5 million ($11 million) in unsolicited seed funding that brings the total invested in the company to $13.7 million. The investment round was led by HV Capital, with participation from Picus Capital, previous investor Slimmer.AI, and various angel investors. | |||
|
2022-06-24 11:20:20 | Codesys Patches 11 Flaws Likely Affecting Controllers From Several ICS Vendors (lien direct) | Codesys this week announced patches for nearly a dozen vulnerabilities discovered in the company's products by researchers at Chinese cybersecurity firm NSFocus. | |||
|
2022-06-24 10:30:56 | US Agencies Warn Organizations of Log4Shell Attacks Against VMware Products (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Coast Guard Cyber Command (CGCYBER) have issued a joint advisory to warn organizations that threat actors continue to exploit the Log4Shell vulnerability in VMware Horizon and Unified Access Gateway (UAG) servers. | Vulnerability Threat | ★★ | |
|
2022-06-24 09:59:13 | US, UK, New Zealand Issue PowerShell Security Guidance (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Cyber Security Centres in New Zealand (NZ NCSC) and the United Kingdom (NCSC-UK) have issued joint guidance on the proper configuration and monitoring of PowerShell to eliminate the risk of abuse. | |||
|
2022-06-23 20:31:01 | Apple, Android Phones Targeted by Italian Spyware: Google (lien direct) | An Italy-based firm's hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said Thursday, casting a light on a "flourishing" spyware industry. | Tool | ||
|
2022-06-23 18:22:23 | A Year After Death, McAfee\'s Corpse Still in Spanish Morgue (lien direct) | The body of software entrepreneur John McAfee remained at a morgue in Spain Thursday a year after his death as a legal case filed by his family, who do not believe he committed suicide, is yet to be resolved. | ★★★★★ | ||
|
2022-06-23 15:45:42 | Biden Signs Two Cybersecurity Bills Into Law (lien direct) | Two bipartisan cybersecurity bills were signed into law on Tuesday, June 21, 2022, by US President Joe Biden: the Federal Rotational Cyber Workforce Program Act of 2021, and the State and Local Government Cybersecurity Act of 2021. | |||
|
2022-06-23 14:27:35 | Security Orchestration: Beware of the Hidden Financial Costs (lien direct) | Among the many improvements in cybersecurity technology and tools we've seen over the last few years, one of the most significant has been the inclusion of security automation and orchestration capabilities in solution categories beyond SOAR platforms. SIEM providers acquired stand-alone SOAR platforms, and endpoint detection and response (EDR) solutions broadened to include automation and orchestration capabilities to accelerate threat detection and response. | Tool Threat | ★★★★★ | |
|
2022-06-23 14:26:01 | Top Cryptographers Flag \'Devastating\' Flaws in MEGA Cloud Storage (lien direct) | Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service and warned that the issues could lead to “devastating attacks on the confidentiality and integrity of user data in the MEGA cloud.” | Guideline | ||
|
2022-06-23 13:46:41 | Chinese APT \'Bronze Starlight\' Uses Ransomware to Disguise Cyberespionage (lien direct) | A China-linked state-sponsored hacking group named Bronze Starlight was observed deploying various ransomware families to hide the true intent of its attacks. | Ransomware | ||
|
2022-06-23 12:48:13 | Affected ICS Vendors Start Responding to OT:Icefall Vulnerabilities (lien direct) | Some of the industrial control system (ICS) vendors impacted by the OT:Icefall vulnerabilities have released advisories to inform customers about the impact of the flaws and to provide mitigations. | |||
|
2022-06-23 12:33:26 | Johnson Controls Acquires Tempered Networks to Shield Buildings From Cyberattacks (lien direct) | Acquisition allows Johnson Controls to bring zero trust security to connected buildings | |||
|
2022-06-23 11:13:05 | MCG Health Faces Lawsuit Over Data Breach Impacting 1.1 Million Individuals (lien direct) | Patient care guidelines provider MCG Health faces a proposed class lawsuit over the compromise of patient information during a March 2022 data breach. A wholly-owned subsidiary of the New York-based Hearst Health network, MCG Health combines artificial intelligence with clinical expertise to help healthcare organizations provide care to their patients. | Data Breach | ||
|
2022-06-23 10:46:27 | US Subsidiary of Automotive Hose Maker Nichirin Hit by Ransomware (lien direct) | A US subsidiary of Nichirin, a Japanese company that makes hoses for the automotive industry, was recently hit by ransomware. The company said on Wednesday in a press release written in Japanese that the attack, aimed at Nichirin-Flex USA, was discovered on June 14. Other Nichirin subsidiaries do not appear to be affected. | Ransomware | ||
|
2022-06-22 19:06:20 | Firmware Security Startup Binarly Raises $3.6 Million in Seed Funding (lien direct) | Firmware security company Binarly on Wednesday announced that it has raised $3.6 million in a seed funding round led by Westwave Capital and Acrobator Ventures. Several angel investors also took part in the seed round, which will help the startup speed up R&D initiatives, expand its engineering team, and scale adoption of its technologies. | |||
|
2022-06-22 18:45:52 | Microsoft: Russian Cyber Spying Targets 42 Ukraine Allies (lien direct) | 
|
|||
|
2022-06-22 13:42:57 | SMA Technologies Patches Critical Security Issue in Workload Automation Solution (lien direct) | A critical vulnerability in the SMA Technologies OpCon UNIX agent results in the same SSH key being deployed with all installations. Aimed at financial institutions and insurance firms, OpCon is a cross-platform process automation and orchestration solution that can be used for the management of workloads across business-critical operations. | Vulnerability | ||
|
2022-06-22 13:20:16 | Delivery Firm Yodel Scrambling to Restore Operations Following Cyberattack (lien direct) | Delivery services provider Yodel says it is working on restoring operations after falling victim to a disruptive cyberattack. One of the largest couriers in the United Kingdom, Yodel was initially known as the Home Delivery Network, but it rebranded itself after acquiring the B2B and B2C operations of DHL Express UK. | |||
|
2022-06-22 13:17:05 | Aqua Security Ships Open-Source Tool for Auditing Software Supply Chain (lien direct) | Cloud security startup Aqua Security has partnered with the Center for Internet Security (CIS) to create guidelines for software supply chain security and followed up by shipping an open-source auditing tool to ensure compliance with the new benchmark. | Tool | ||
|
2022-06-22 12:46:13 | Belgian, Dutch Police Dismantle Cybercrime Group (lien direct) | Europol announced on Tuesday that police have dismantled a cybercrime group that made millions of euros through phishing and other types of schemes. | |||
|
2022-06-22 12:10:20 | Google Patches 14 Vulnerabilities With Release of Chrome 103 (lien direct) | Google this week announced the release of Chrome 103 to the stable channel with patches for a total of 14 vulnerabilities, including nine reported by external researchers. The most severe of these bugs is CVE-2022-2156, which is described as a critical-severity use-after-free issue in Base. | |||
|
2022-06-22 11:29:40 | Adobe Acrobat Reader Shuns Security Products Due to Compatibility Issues (lien direct) | Adobe Acrobat Reader blocks certain antimalware solutions from injecting their DLLs into its processes, essentially denying them visibility and creating security risks, ransomware prevention company Minerva Labs reports. | Ransomware | ||
|
2022-06-22 10:54:46 | Industry Reactions to \'OT:Icefall\' Vulnerabilities Found in ICS Products (lien direct) | Cybersecurity firm Forescout has disclosed OT:Icefall, a collection of 56 vulnerabilities discovered across the products of ten companies that make operational technology (OT) systems. | |||
|
2022-06-22 10:28:39 | New \'ToddyCat\' APT Targets High-Profile Entities in Europe, Asia (lien direct) | Kaspersky has detailed the activity of ToddyCat, a relatively new advanced persistent threat (ATP) actor that has been targeting high-profile entities in Europe and Asia for more than a year and a half. | Threat | ||
|
2022-06-21 13:31:07 | Cyberint Scores $40 Million Late-Stage Investment (lien direct) | Latest funding brings the total raised by Cyberint to $68 million | |||
|
2022-06-21 13:22:23 | RevealSecurity Raises $23M for Application Detection and Response (lien direct) | RevealSecurity, an Israeli data security startup building technology to thwart malicious insider threats, on Tuesday announced the closing of a $23 million funding round led by SYN Ventures. In addition to SYN Ventures, Hanaco Ventures, SilverTech Ventures and World Trade Ventures also joined as RevealSecurity investors. | |||
|
2022-06-21 13:04:25 | Flagstar Bank Data Breach Affects 1.5 Million Customers (lien direct) | Michigan-based Flagstar Bank, which has more than 150 branches across several US states, has disclosed a data breach that involved threat actors accessing files containing the personal information of 1.5 million individuals. | Data Breach Threat | ||
|
2022-06-21 12:28:03 | From Basecamp to Icefall: Secure by Design OT Makes Little Headway (lien direct) | OT:Icefall: 56 vulnerabilities plague OT devices from 10 different major industrial manufacturers | |||
|
2022-06-21 10:58:48 | False Air Raid Sirens in Israel Possibly Triggered by Iranian Cyberattack (lien direct) | Air raid sirens sounded in the Israeli cities of Jerusalem and Eilat on Sunday evening and it appears that they were triggered by a cyberattack, possibly conducted by Iranian hackers. | |||
|
2022-06-21 10:48:33 | Do Privacy and Data Protection Regulations Create as Many Problems as They Solve? (lien direct) | Divergent goals often result in data protection laws that are fundamentally flawed | |||
|
2022-06-21 10:42:33 | French Encryption Firm Cosmian Raises $4.4 Million (lien direct) | French deep tech firm Cosmian on Monday announced that it has raised €4.2 million ($4.4 million) in a venture funding round that brings the total raised by the company to €5.6 million ($5.9 million). The new investment round was led by La Banque Postale – via its new 115K innovation fund – and previous investor Elaia Partners. | |||
|
2022-06-20 15:13:02 | AutomationDirect Patches Vulnerabilities in PLC, HMI Products (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has informed organizations that AutomationDirect has patched several high-severity vulnerabilities in some of its programmable logic controller (PLC) and human-machine interface (HMI) products. | |||
|
2022-06-20 12:54:05 | Germany\'s Green Party Says Email System Hit by Cyberattack (lien direct) | The German Green party, which is part of the country's governing coalition, says its IT system was hit by a cyberattack last month that affected email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck. | |||
|
2022-06-20 12:05:13 | QNAP Appliances Targeted in New DeadBolt, eCh0raix Ransomware Campaigns (lien direct) | Network-attached storage (NAS) devices made by QNAP are being targeted in new attack campaigns involving DeadBolt and eCh0raix ransomware. | Ransomware | ||
|
2022-06-20 11:43:09 | Many OT Security Incidents Result in Outages Posing Physical Safety Risk: Fortinet (lien direct) | A survey conducted in March by Fortinet shows that over 40% of global cybersecurity incidents affecting organizations with operational technology (OT) systems resulted in outages that put physical safety at risk. |
To see everything:
Our RSS (filtrered)
