What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-20 11:13:47 | ALPHV Ransomware Operators Pressure Victim With Dedicated Leak Site (lien direct) | Cybercriminals who are using the ALPHV ransomware created a dedicated leak website in an apparent attempt to pressure one of their victims into paying the ransom. | Ransomware | ||
|
2022-06-20 10:58:14 | Jury Convicts Seattle Woman in Massive Capital One Hack (lien direct) | A federal jury on Friday convicted a former Seattle tech worker of several charges related to a massive hack of Capital One bank and other companies in 2019. | Hack | ||
|
2022-06-20 10:10:17 | Breach at Eye Care Software Vendor Hits Millions of Patients (lien direct) | The personal information of millions of individuals may have been stolen by threat actors as a result of a data breach at Eye Care Leaders, a firm that provides electronic health record and practice management solutions. | Data Breach Threat Guideline | ||
|
2022-06-17 15:06:02 | Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts (lien direct) | HR consulting firm Robert Half has started informing customers that their personal and financial information might have been compromised after hackers targeted their RobertHalf.com accounts. | |||
|
2022-06-17 14:11:02 | (Déjà vu) Now On Demand: SecurityWeek Cloud Security Summit, Presented by Palo Alto Networks (lien direct) | 
|
|||
|
2022-06-17 13:54:11 | Hybrid Networks Require an Integrated On-prem and Cloud Security Strategy (lien direct) | Today's dynamic networks change so fast that traditional point security solutions fail to keep up | |||
|
2022-06-17 13:49:51 | Law Enforcement Dismantle Infrastructure of Russian \'RSOCKS\' Botnet (lien direct) | The United States on Thursday announced the takedown of a botnet operated by Russian cybercriminals that ensnared millions of devices worldwide. | |||
|
2022-06-17 12:00:51 | Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations (lien direct) | More than one million WordPress websites were potentially impacted by a critical Ninja Forms plugin vulnerability that appears to have been exploited in the wild. With over one million installations, the popular Ninja Forms plugin helps administrators add customizable forms to their WordPress sites. | Vulnerability | ||
|
2022-06-17 11:34:55 | Cybersecurity M&A Deals Surge in First Half of June 2022 (lien direct) | 
|
|||
|
2022-06-17 10:27:04 | Costa Rica Chaos a Warning That Ransomware Threat Remains (lien direct) | Teachers unable to get paychecks. Tax and customs systems paralyzed. Health officials unable to access medical records or track the spread of COVID-19. A country's president declaring war against foreign hackers saying they want to overthrow the government. | Ransomware Threat | ||
|
2022-06-16 17:53:41 | \'MaliBot\' Android Malware Steals Financial, Personal Information (lien direct) | Researchers at F5 Labs have nabbed a new Android malware family capable of exfiltrating financial and personal information after taking control of infected devices. | Malware | ||
|
2022-06-16 17:19:09 | Volexity Blames \'DriftingCloud\' APT For Sophos Firewall Zero-Day (lien direct) | Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. | Malware | ||
|
2022-06-16 14:48:36 | Microsoft Dismisses False Reports About End of Patch Tuesday (lien direct) | Microsoft has dismissed reports about June 14 being the last Patch Tuesday, as the rollout of the Windows Autopatch service seems to be causing some confusion. | |||
|
2022-06-16 13:18:51 | Cisco Patches Critical Vulnerability in Email Security Appliance (lien direct) | Cisco on Wednesday announced patches for a critical vulnerability affecting its Email Security Appliance (ESA) and Secure Email and Web Manager products. | Vulnerability | ||
|
2022-06-16 12:40:24 | 2,000 People Arrested Worldwide for Social Engineering Schemes (lien direct) | Interpol announced on Wednesday that many individuals have been arrested and a significant amount of criminal assets have been seized as part of an international law enforcement operation targeting social engineering schemes. | |||
|
2022-06-16 11:55:20 | Sophisticated Android Spyware \'Hermit\' Used by Governments (lien direct) | Security researchers at Lookout have analyzed a sophisticated Android spyware family that appears to have been created to serve nation-state customers. | APT 37 | ||
|
2022-06-16 10:39:55 | Researchers Discover Way to Attack SharePoint and OneDrive Files With Ransomware (lien direct) | Ransomware can attack data in the cloud and launch attacks on cloud infrastructure Researchers have discovered a functionality within Office 365 that could allow attackers to ransom files stored on SharePoint and OneDrive. On disclosure to Microsoft, the researchers were told the system 'is working as intended'. That is, it's a feature, not a flaw. | Ransomware | ||
|
2022-06-16 10:21:43 | Using the Defense Readiness Index to Improve Security Team Skills (lien direct) | The challenges organizations face in developing cyber skills have never been more acute. Too often, security teams find themselves locked into reactive modes, continuously responding to immediate threats without being afforded the time to learn from them, so there's no opportunity to cross-train and upskill is missed. | Threat | ||
|
2022-06-15 19:23:21 | At Second Trial, Ex-CIA Employee Defends Himself in Big Leak (lien direct) | A former CIA software engineer charged with causing the biggest theft of classified information in CIA history defended himself at the start of his trial Tuesday, telling jurors he was falsely accused and the victim of a political witch hunt. | |||
|
2022-06-15 17:00:03 | GreyNoise Attracts Major Investor Interest (lien direct) | GreyNoise Intelligence, a startup competing in the crowded threat-intelligence space, has deposited $15 million in a new round of venture capital funding led by Radian Capital. | |||
|
2022-06-15 15:22:54 | (Déjà vu) Jit Banks Massive $38.5 Million Seed Round Funding (lien direct) | Jit, an Israeli startup promising technology to help developers simplify security when deploying cloud apps, has banked an eye-opening $38.5 million in seed-stage funding. The funding round was Boldstart Ventures. Venture capital outfit Insight Partners and Tiger Global Management also invested. | |||
|
2022-06-15 15:22:54 | Jit Banks Massive $38.5 Seed Round Funding (lien direct) | Jit, an Israeli startup promising technology to help developers simplify security when deploying cloud apps, has banked an eye-opening $38.5 million in seed-stage funding. The funding round was Boldstart Ventures. Venture capital outfit Insight Partners and Tiger Global Management also invested. | |||
|
2022-06-15 14:58:36 | (Déjà vu) Now LIVE: SecurityWeek Cloud Security Summit, Presented by Palo Alto Networks (lien direct) |
|
|||
|
2022-06-15 14:32:47 | Lessons for Better Fraud Decision-Making (lien direct) | Have you ever stopped to think about how you go about deciding whether to try a new restaurant that you've never been to? Even if you don't realize what you are doing, when you make this decision, you are likely collecting data around a number of different criteria, analyzing those data points, and then using that analysis to make a decision. Some of the criteria you evaluate might include: | |||
|
2022-06-15 13:52:14 | Critical Code Execution Vulnerability Patched in Splunk Enterprise (lien direct) | Splunk this week announced the release of out-of-band patches that address multiple vulnerabilities across Splunk Enterprise, including a critical issue that could lead to arbitrary code execution. | Vulnerability Guideline | ★★★ | |
|
2022-06-15 13:51:44 | So Long, Internet Explorer. The Browser Retires Today (lien direct) | Internet Explorer is finally headed out to pasture. As of Wednesday, Microsoft will no longer support the once-dominant browser that legions of web surfers loved to hate - and a few still claim to adore. The 27-year-old application now joins BlackBerry phones, dial-up modems and Palm Pilots in the dustbin of tech history. | ★★ | ||
|
2022-06-15 13:30:47 | Small Botnet Launches Record-Breaking 26 Million RPS DDoS Attack (lien direct) | Security and web performance services provider Cloudflare this week announced that it has mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 26 million requests-per-second (RPS). | ★★ | ||
|
2022-06-15 11:52:52 | New \'Hertzbleed\' Remote Side-Channel Attack Affects Intel, AMD Processors (lien direct) | A team of academic researchers has identified a new side-channel method that can allow hackers to remotely extract sensitive information from a targeted system through a CPU timing attack. | |||
|
2022-06-15 10:32:34 | Attackers Can Exploit Critical Citrix ADM Vulnerability to Reset Admin Passwords (lien direct) | Citrix on Tuesday warned of a critical vulnerability in Citrix Application Delivery Management (ADM) that could essentially allow an unauthenticated attacker to log in as administrator. | Vulnerability | ||
|
2022-06-15 10:01:07 | SAP Patches High-Severity NetWeaver Vulnerabilities (lien direct) | SAP on Tuesday announced the release of ten new and two updated security notes as part of its June 2022 Security Patch Day. Rated “Hot News” – the highest severity rating in SAP's book – the most important of these notes is an update to an April 2018 note containing the updates delivered for the Chrome-based browser in SAP Business Client. | |||
|
2022-06-15 09:04:08 | Microsoft to Acquire Cyber Threat Analysis Company Miburo (lien direct) | Microsoft on Tuesday announced that it's acquiring Miburo, a New York-based cyber threat analysis and research company that specializes in foreign information operations. Miburo provides analysis, consulting and training services. The startup's research team detects and attributes influence campaigns across over a dozen languages. | Threat | ★★★★★ | |
|
2022-06-14 18:38:33 | Windows Updates Patch Actively Exploited \'Follina\' Vulnerability (lien direct) | Microsoft has fixed roughly 50 vulnerabilities with its June 2022 Patch Tuesday updates, including the actively exploited flaw known as Follina and CVE-2022-30190. | Vulnerability | ||
|
2022-06-14 18:22:23 | Koverse Launches Zero Trust Data Platform (lien direct) | New attribute-based access controls (ABAC) protect sensitive data to power demanding analytics, data science, and AI use cases | |||
|
2022-06-14 16:53:47 | Adobe Plugs 46 Security Flaws on Patch Tuesday (lien direct) | Adobe's security response team has pushed out a massive batch of patches to cover at least 46 vulnerabilities in a wide range of enterprise-facing software products. As part of its scheduled Patch Tuesday release for June, Adobe warned of "critical" code execution flaws that expose both Windows and macOS users to malicious hacker attacks. | |||
|
2022-06-14 16:36:19 | (Déjà vu) ICS Patch Tuesday: Siemens, Schneider Electric Address Over 80 Vulnerabilities (lien direct) | Siemens and Schneider Electric have released their Patch Tuesday advisories for June 2022. The industrial giants have addressed a total of more than 80 vulnerabilities affecting their products. Siemens | |||
|
2022-06-14 16:18:52 | Report: L3 Emerges as Suitor for Embattled NSO Group (lien direct) | L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a suitor for Israeli exploit merchant NSO Group. | |||
|
2022-06-14 15:24:45 | Avast: New Linux Rootkit and Backdoor Align Perfectly (lien direct) | Malware hunters at Avast have analyzed a newly discovered rootkit and backdoor that target Linux and appear designed to function in synergy with each other. | |||
|
2022-06-14 13:20:09 | SecurityWeek to Host Cloud Security Summit, Presented by Palo Alto Networks, on June 15th (lien direct) |
|
|||
|
2022-06-14 13:06:01 | Operator of \'DownThem\' DDoS Service Sentenced to 24 Months in Prison (lien direct) | The operator of an infamous service that allowed users to launch distributed denial-of-service (DDoS) attacks was sentenced on Monday to 24 months in prison. | |||
|
2022-06-14 12:10:06 | Chinese Cyberespionage Group Starts Using New \'PingPull\' Malware (lien direct) | A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports. | Malware Threat | ||
|
2022-06-14 11:25:31 | Schneider Electric, Claroty Launch Cybersecurity Solution for Buildings (lien direct) | Schneider Electric and industrial cybersecurity firm Claroty on Monday announced the launch of a joint solution designed for securing smart buildings. | |||
|
2022-06-14 11:15:20 | Malware\'s Destruction Trajectory and How to Defeat It (lien direct) | Malware and targeted attacks on operating systems and firmware have become increasingly destructive in nature, and these more nefarious attack methods are rising in prevalence. And just to add insult to injury, there are more of them. Today's attacks are hitting more often, and they are hitting harder. | |||
|
2022-06-13 18:13:35 | Drupal Patches \'High-Risk\' Third-Party Library Flaws (lien direct) | The Drupal security team has released a "moderately critical" advisory to call attention to serious vulnerabilities in a third-party library and warned that hackers can exploit the bugs to remotely hijack Drupal-powered websites. | ★★★★★ | ||
|
2022-06-13 16:45:24 | HYCU Raises $53 Million for Data Backup Technology (lien direct) | Backup-as-a-service firm HYCU has raised $53 million in a Series B funding round that brings the total invested in the company to $140.5 million. The new funding round was led by Acrew Capital, with participation from all previous investors, along with Atlassian Ventures and Cisco Investments. | |||
|
2022-06-13 14:01:02 | Researchers: Wi-Fi Probe Requests Expose User Data (lien direct) | A group of academic researchers from the University of Hamburg in Germany has discovered that mobile devices leak identifying information about their owners via Wi-Fi probe requests. Mobile devices use these probe requests to receive information about nearby Wi-Fi access points and establish connections to them when a probe response is received. | |||
|
2022-06-13 13:17:05 | Chinese Hackers Adding Backdoor to iOS, Android Web3 Wallets in \'SeaFlower\' Campaign (lien direct) | Cybercriminals likely operating out of China are distributing backdoored versions of iOS and Android Web3 wallets in an effort to steal users' seed phrase. | |||
|
2022-06-13 13:02:35 | Facilitating Convergence of Physical Security and Cyber Security With Open Source Intelligence (lien direct) | The desire to merge aspects of physical and cyber security is nothing new, especially in maturing enterprises that are proactively extending their security capabilities. Since many aspects of physical security are connected to the internet, enterprises have started to build fusion centers that combine disciplines. By doing so, they are able to converge cyber and physical security, close gaps in coverage, and scale security to protect facilities and hundreds of thousands of employees. | |||
|
2022-06-13 11:50:23 | Academics Devise New Speculative Execution Attack Against Apple M1 Chips (lien direct) | A group of academic researchers has devised a new hardware attack that bypasses pointer authentication protections on Apple's M1 processor. | |||
|
2022-06-13 11:09:48 | Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability (lien direct) | A recently patched Confluence Server vulnerability is being exploited by multiple cybercrime and state-sponsored threat groups, according to Microsoft. | Vulnerability Threat | ||
|
2022-06-13 10:50:27 | Researcher Shows How Tesla Key Card Feature Can Be Abused to Steal Cars (lien direct) | A researcher has shown how a key card feature introduced by Tesla last year could be abused to add an unauthorized key that allows an attacker to open and start a vehicle. The research was conducted by Martin Herfurt, an Austria-based member of the Trifinite research group, which focuses on Bluetooth security. |
To see everything:
Our RSS (filtrered)
