What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-30 07:57:44 | Dorset police investigating data breach (lien direct) | ITV reports on how Dorset police are investigating a “serious data breach” involving pupils from two schools in Christchurch. This is after information about an alleged race hate crime was sent by mistake to a man from Wimborne who had initially emailed the police about a separate incident. Dorset police insist it was human error […] | Data Breach | ||
|
2021-04-30 07:46:47 | Microsoft identifies critical code execution flaws in IoT and OT devices (lien direct) | The 25 security flaws are known collectively as BadAlloc and affect Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. The flaws are caused by memory allocation Integer Overflow or Wraparound bugs. Threat actors can exploit the vulnerabilities to trigger system crashes and execute malicious code remotely on susceptible IoT and OT systems. | Threat | ||
|
2021-04-30 07:38:14 | BBC reports on the Ransomware surge ruining lives (lien direct) | Technology giants Microsoft and Amazon, as well as the FBI and the UK’s National Crime Agency have joined the Ransomware Task Force (RTF) to give governments nearly 50 recommendations on how to take action against ransomware, according to a BBC report. The task force is critical now more than ever as ransomware gangs are now […] | Ransomware | ||
|
2021-04-29 08:07:42 | Lloyds Bank tells customers to beware of text message scam (lien direct) | Lloyds Bank customers are under attack by cybercriminals again. This time, text messages are being used to bait people into thinking there is a security issue with their bank accounts. An example message reads: “LLOYDS-SECURITY: You have successfully scheduled a payment of £69.99 to payee MR ADAMS 28/04. If this was NOT you, visit: https://payee-confirmationcentre.com.” […] | ★★★★★ | ||
|
2021-04-29 07:52:21 | Warning over illegally streaming football on websites “riddled with malware” (lien direct) | A report from cybersecurity firm Webroot shows that almost all (92%) illegal football streaming websites contain some form of malicious content, from malware and phishing lures to social engineering scams. This puts fans at considerable risk In fact, Webroot says in its report that anyone who used an illegal website to watch last weekend's Carabao […] | Malware | ||
|
2021-04-29 07:42:30 | Student researcher discovered Experian API flaw that exposed credit scores of “most Americans” (lien direct) | Credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity learned. Though the flaw has been fixed according to Experian, the researcher, Bill Demirkapi, who reported the finding says he fears the […] | |||
|
2021-04-26 09:22:59 | Cybersecurity and Online Gaming (lien direct) | The online gaming industry has exploded in recent years and is expected to generate close to $200 billion in revenue by 2022. Popular games are reporting revenues in the range of hundreds of millions of dollars per month. This booming industry is seeing significant growth, largely due to the pandemic, with many turning to […] | |||
|
2021-04-26 08:44:33 | Facebook disables Palestinian APT Group Activities (lien direct) | Facebook threat intelligence analysts discovered recent activities linked to two known APT Groups that have been active since 2015. According to Facebook, the groups, AridViper and Preventive Security Service, used Android and Windows malware and advanced social engineering tactics in an effort to attack journalists, human rights activities and military groups in the Middle East. […] | Malware Threat | ||
|
2021-04-23 14:38:43 | 90-Year-Old Woman falls victim to \'largest phone scam ever\' (lien direct) | An elderly woman has lost £23 Million to what could be the largest phone scam ever. The scam took place in Hong Kong in which the victim, who remains nameless, was contacted by someone pretending to be a Chinese official. The scammer tricked the woman in August last year, by telling her that her identity […] | |||
|
2021-04-23 08:48:52 | GCHQ: West faces “moment of reckoning” (lien direct) | Jeremy Fleming, the head of intelligence at intelligence agency GCHQ has said that the technology on which we rely will no longer be shaped by the West. When addressed with the growing challenge from China, he claimed: “we have to keep evolving our approach if we’re going to keep up.” As an example he listed […] | ★★★★★ | ||
|
2021-04-22 15:21:39 | Signal CEO hacks mobile-hacking firm (lien direct) | Moxie Marlinspike, CEO of encrypted messaging app Signal has found vulnerabilities in the software developed by Cellebrite. The vulnerabilities found in the data extraction company’s code allow for arbitrary code execution on the device. Cellebrites products are mostly used by governments and the police to unlock any iOS and Android devices to extract data. Late […] | ★★★★★ | ||
|
2021-04-22 10:45:14 | New UK laws to protect IoT devices amid sales surge (lien direct) | New figures published by the UK government show that almost half (49%) of UK residents have purchased at least one new smart device since the beginning of COVID-19. As a result, manufacturers of smart devices such as phones, speakers, and doorbells will need to provide customers with information about how long they will be guaranteed […] | ★★★★ | ||
|
2021-04-21 16:01:21 | PRODUCT REVIEW – Edgescan makes fullstack vulnerability management easy (lien direct) | Supplier: Edgescan Website: www.edgescan.com Price: Based on assets Scores Performance 5/5 Features 5/5 Value for Money 4/5 Ease of Use 5/5 Overall 5/5 Verdict: Fullstack vulnerability management made easy – Edgescan does all the hard work so you don't have to The pandemic has undoubtedly led to a massive surge in cyber-attacks but even as […] | Vulnerability | ||
|
2021-04-20 13:48:50 | Armis and UK\'s Eseye partner to secure connected devices on any cellular network (lien direct) | Global connectivity specialist Eseye and leading agentless device security platform provider Armis, today announced a strategic partnership and joint solution that enables organisations to deploy connected devices anywhere in the world with enterprise-class security and consistent, reliable cellular (4G/LTE/5G) connectivity. Eseye's unique Connectivity Management Platform enables devices to switch intelligently to any one of […] | Guideline | ||
|
2021-04-20 11:08:44 | Performanta acquires Identity Experts to bolster Microsoft IAM and security capabilities (lien direct) | Performanta, a fast-growing global provider of managed cyber security services to enterprise customers, today announced the acquisition of Identity Experts, a Microsoft Gold Security Partner and Identity & Access Management (IAM) specialist consultancy based in the UK. The move follows a significant investment round from Beech Tree Private Equity and will allow Performanta to extend […] | |||
|
2021-04-19 16:07:10 | AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne (lien direct) | AT&T has launched a managed endpoint security solution through its alliance with SentinelOne. AT&T Managed Endpoint Security with SentinelOne correlates the detection of endpoint threats through a single software agent that consolidates Antivirus, Endpoint Protection, Endpoint Detection and Response, and IoT security functions. The new solution provides comprehensive endpoint protection against ransomware and other cyberattacks, while […] | Ransomware | ||
|
2021-04-19 15:42:02 | Domino\'s India suffers data breach (lien direct) | Domino’s in India has suffered a data breach in which credit card details and personal information of both customers and employees have been exposed. The leaked information is being sold on the dark web, for which the hacker is demanding 10 BTC. Included in the data stolen are names, contact numbers, email IDs, addresses, credit […] | Data Breach | ||
|
2021-04-19 12:18:00 | Vulnerabilities found in older version of WhatsApp (lien direct) | Cert-In, the Indian cybersecurity watchdog has recently issued a ‘high’ severity rating against WhatsApp and WhatsApp Business. The emergency response team has reported finding ‘multiple’ vulnerabilities within the mobile application, which could give hackers access to sensitive information. A vulnerability note was released stating: “Successful exploitation of these vulnerabilities could allow the attacker to execute […] | Vulnerability | ||
|
2021-04-15 16:57:16 | University of Hertfordshire suffers system outage due to cyberattack (lien direct) | The University of Hertfordshire has been hit by a critical cyberattack resulting in online classes being shut down. The university released a statement on Wednesday evening (14th April) that an attack by cybercriminals had resulted in all its online services and systems being taken offline. “Shortly before 22:00 last night, the university experienced a cyber-attack […] | |||
|
2021-04-15 16:13:41 | Why taking the cybersecurity initiative can win you business (lien direct) | Our latest research into consumer behaviour has unearthed a conundrum: people knowingly take risks online even though they understand the dangers. On the one hand, we've got two out of three saying life is riskier now than it was five years ago, with serious concerns about losing data or being hacked. But on the other […] | |||
|
2021-04-15 12:18:29 | Outpost24 report finds Top 10 US Credit Unions all have web application issues (lien direct) | A report released this week by Outpost24, that examined the security posture of web applications amongst the Top 10 US Credit Unions, has revealed that they all have security issues. Using Outpost24's attack surface discovery tool called Scout, Outpost24 was able to analyse each Credit Union's public-facing web security environments against the seven most common attack vectors […] | Tool | ★★★★ | |
|
2021-04-15 10:40:28 | University of Hertfordshire hit by cyberattack (lien direct) | Yesterday the University of Hertfordshire was targetted by a cyberattack which resulted in the universities entire IT network being taken down, as well as all access to cloud-based services being blocked. The attack started on Wednesday night at 22:00, when the universities Wi-Fi network was taken down alongside the email system and the universities student […] | |||
|
2021-04-14 14:09:40 | Capcom release final update on ransomware attack (lien direct) | Capcom has released the final update on their investigation into the major ransomware attack they suffered last year. The investigation has found that the attackers accessed the company through an outdated VPN device. Through this avenue, the attackers were able to access the companies network, as well as any compromised devices in the network. The […] | Ransomware | ||
|
2021-04-14 10:54:21 | FBI removed web shells from Exchange Servers without consent (lien direct) | The FBI has been removing web shells from compromised Microsoft Exchange serves following court authorisation. However, owners of the Microsoft Exchange servers were never informed or able to approve of the FBI’s actions. In February, the hacking group HAFIUM exploited several vulnerabilities in Microsoft Exchange’s servers. The group installed web shells in compromised Exchange servers […] | |||
|
2021-04-13 17:00:41 | Synopsys Study reveals increase in Vulned erable, Outdated, and AbandonOpen Source Components in Commercial Software (lien direct) | Synopsys, Inc. has released its 2021 Open Source Security and Risk Analysis (OSSRA) report, which examines the result of more than 1,500 audits of commercial codebases. Produced by the Synopsys Cybersecurity Research Center (CyRC) and performed by the Black Duck® Audit Services team, the report highlights trends in open source usage within commercial applications, while simultaneously providing insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of. It also presents the widespread risks posed by unmanaged open source, including security vulnerabilities, outdated or abandoned components, […] | |||
|
2021-04-13 16:57:46 | Promising news: users are becoming more savvy to COVID-19 based phishing attacks finds KnowBe4 (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has revealed the results of its latest 2021 top-clicked phishing report. It found that, despite still seeing a few phishing email attacks related to COVID-19, users are becoming more savvy and alert to these types of scams. Real phishing emails that […] | |||
|
2021-04-13 16:34:26 | Tim Mackie takes lead channel role for Armis (lien direct) | Armis®, the agentless device security platform, today announced the appointment of Tim Mackie as the new Worldwide Vice President of Channel. As part of Armis' commitment to its global channel partner programme and the accelerating demand for businesses to collaborate with it, Mackie has been appointed to lead this high growth function. Mackie is a […] | Guideline | ||
|
2021-04-12 15:31:54 | Protected: Tweet Chat: The Social Dilemma (lien direct) | There is no excerpt because this is a protected post. | |||
|
2021-04-12 14:01:43 | At last – Thinking outside the SCIF (lien direct) | Q1/21 a symposium was hosted in the US under the title 'Thinking Outside the SCIF' (Sensitive Compartmented Information Facility) to put forward the case for the utilisation of OSINT (Open Source) within the US Military and Intelligence Communities. John McLaughlin (CIA) kicked off day one by correctly pointing out that there was nothing new about […] | ★★★★★ | ||
|
2021-04-12 13:23:23 | Nation-state attackers are increasingly targeting businesses (lien direct) | A new report by criminologists at the University of Surrey and cybersecurity researchers at HP has found that nation-state attacks have risen considerably in the last three years. The report also revealed that both enterprises and businesses are amongst the most targetted organisations by nation-state attackers. The research analyses nation-state attacks taking place between 2017 […] | ★★★★★ | ||
|
2021-04-12 13:15:52 | Israel allegedly takes responsibility for Iran cyberattack (lien direct) | Iran’s main nuclear facility suffered a cyberattack on Sunday, leading to a large scale blackout at Natanz, which Israel now appears to be taking responsibility for. Tehran’s nuclear energy chief described the attack as an act of terrorism, and demands a response against the perpetrators. The incident occurred shortly after the official restarted spinning advanced […] | Guideline | ||
|
2021-04-12 12:21:58 | Apple and Google block NHS Covid-19 App update (lien direct) | The new update to the NHS COVID-19 track and tracing app has been blocked by both Apple and Google, due to its failure to comply with the terms of a recent agreement. The new update would urge users to upload logs of venue check-ins via a barcode scan if they tested positive for COVID-19. The […] | ★★★★ | ||
|
2021-04-09 14:47:51 | Data belonging to over 500 million LinkedIn users sold online to hackers (lien direct) | It has been revealed today that social media platform LinkedIn is the latest to suffer a website scraping attack at the hands of cyber criminals. Data belonging to over 500 million of its users has been posted online and is reportedly being sold to hackers. The news comes only days after it was revealed that […] | ★★ | ||
|
2021-04-09 11:40:07 | Cyber-attacks have potential to spark armed conflict (lien direct) | Mike McGuire a senior lecturer in criminology at the University of Surrey has conducted a study, called Nation States, Cyberconflict and the Web of Profit using publicly available reports into state-sponsored attacks along with interviews with various experts. The study reveals that the world is coming increasingly close to nation state retaliating against cyber-attacks with […] | |||
|
2021-04-09 10:58:57 | LinkedIn Users\' details being sold online (lien direct) | Analysts stumbled across a scraped data set from LinkedIn, in which the data from over half a billion users is being sold online. This marks the second major cybersecurity incident in the past week. The information scraped includes the full names, email addresses, phone numbers, professional titles and other work-related data. CyberNews analysts have been […] | |||
|
2021-04-09 09:16:06 | Outpost24 mark 20th anniversary by naming Karl Thedéen as new CEO (lien direct) | Outpost24, specialists in managing cybersecurity exposure, has celebrated its 20th year anniversary by announcing the appointment of Karl Thedéen as the company's new Chief Executive Officer. Thedéen brings over 20 years of experience in the software and technology sector, having previously held CEO roles at Edgeware AB and Transmode AB public in 2011 before its […] | ★★★★★ | ||
|
2021-04-08 12:09:33 | Carding Mafia hack: 300,000 user accounts exposed (lien direct) | Have I been Pwned reported that the data breach exposed users’ email addresses, hashed passwords, usernames, and IP addresses. Of the 500,000 users of the hacking forum, 297,744 have been affected; however, the forum operators have not yet notified their users. The founder of Have I Been Pwned has confirmed the authenticity of the stolen […] | Data Breach | ||
|
2021-04-08 11:03:38 | University of California and Stanford University systems breached (lien direct) | In February Accellion was the victim of a major security incident, and since then the number of Universities affected by the breach are growing by the day. The latest victims of the breach are the University of California and Stanford University. The university systems have been breached due to the Accellion incident, with an unknown […] | ★★ | ||
|
2021-04-08 09:39:09 | Hackers are using web shells to steal credit cards (lien direct) | VISA has issued a warning about the increase of web shells being used by threat actors to steal credit card details. VISA has seen a rise in the number of threat actors using web shells on compromised servers in order to extract credit card details stolen from customers making payments online. VISA has said that […] | Threat | ||
|
2021-04-07 11:02:04 | Multiple EU organisations have been hit by a cyber-attack (lien direct) | In March a number of European Union organisations, including the European Commission, were hit by a cyber-attack. A spokesperson from the European Commission has revealed that the incident, thought to have taken place last week, impacted the IT infrastructure of several EU institutions. The spokesperson told BleepingComputer, “we are working closely with CERT-EU, the Computer […] | |||
|
2021-04-07 07:44:41 | Hackers actively exploiting SAP Bugs (lien direct) | Active cyberattacks have been reported on known security vulnerabilities in widely deployed SAP applications, giving the attackers access for full take over and the ability to infest an organisation completely. Researchers warn that these attacks could lead to full control of unsecured SAP applications. An alert issued by SAP informs that threat actors are carrying […] | Threat Guideline | ||
|
2021-04-07 00:00:44 | European Cybersecurity Blogger Awards 2021 Open for Nominations (lien direct) | The European Cybersecurity Blogger Awards has returned in 2021 to recognise the best blogs and podcasts in the cybersecurity industry, as voted by themselves or peers and judged by a panel of experts. Nominations have now opened until the 14th of May. The winners will be revealed during a virtual meet-up event on Tuesday, 9th […] | ★★ | ||
|
2021-04-06 16:12:19 | How Can Security Training Harden Your DevOps Process? (lien direct) | Many organisations that are turning to DevOps are struggling with various security challenges along the way. In “The Ultimate Guide of Orchestrating Security and DevOps,” tracing those obstacles to a lingering “cultural conflict” between the developers and security teams. Security teams are struggling to keep up with the pace that DevOps teams are used to, […] | |||
|
2021-04-06 15:56:54 | A battle cry for SMBs to address cybersecurity (lien direct) | When we read about cyberattacks in the news, they typically involve a well-known brand or large enterprise. The perception is the bigger the organization, the greater the impact. However, the recent attack on Microsoft Exchange Servers is expected to impact over 60,000 organisations. Indeed, this is likely to be higher given that recent research has […] | |||
|
2021-04-06 12:50:35 | Apple Mail zero-click vulnerability could allow attackers to take-over victims accounts (lien direct) | A zero-click vulnerability has been discovered in Apple’s macOS Mail which allows attackers to take over a users account by adding or modifying any arbitrary file in Apple Mail's sandbox environment. The bug known as CVE-2020-9922 can be exploited by sending an email with two .ZIP files attached. Once a user has received these emails […] | Vulnerability | ||
|
2021-04-06 12:21:36 | Fortinet FortiOS vulnerabilities are being exploited, warns FBI (lien direct) | A number of US agencies, such as the Federal Bureau of Investigations (FBI) and the Infrastructure Security Agency (CISA), have issued a joint warning that advanced persistent threat (APT) groups are exploiting vulnerabilities found in Fortinet FortiOS. The groups are exploiting the vulnerabilities in order to compromise both government and commercial organisations using the software. […] | Threat | ||
|
2021-04-02 09:37:19 | Decrypting Cryptocurrencies (lien direct) | By Chris Sedgwick, director of security operations at Talion Cryptocurrencies are a topic that touches many areas; not only finance and investing but technology and even political arenas. Although apolitical in itself, it is the structure behind these cryptocurrencies that make them a much talked about subject amongst political purists from across the political spectrum. […] | |||
|
2021-04-01 12:18:15 | Space Industry needs Cybersecurity (lien direct) | At the LORCA Live online event, Rob Meyerson, founder and CEO at Delalune Space claimed that the commercial space industry needs support from the cybersecurity sector in order to build trust and resilience. Former employee of NASA and Blue Origin, Meyerson is now focused on investing in new businesses that aim to operate in the […] | |||
|
2021-04-01 11:53:59 | Gambling Company hit with DDoS attack (lien direct) | Already, DDoS attacks have set a new record and taken the extortion trend that started in August 2020 to the next level. Akamai, an internet security company has already reported the largest known DDoS (RDDoS) attack. The company has said the attack was more complex than previously seen incidents of DDoS attacks. In February of […] | |||
|
2021-04-01 11:27:15 | (Déjà vu) Ubiquiti: cyberattack worse than originally reported (lien direct) | Ubiquiti suffered a data breach, which they disclosed in January 2021. Recent information, however, claims that the data breach report was potentially a cover-up of a larger incident that put customer data and devices deployed on corporate and home networks at risk. Ubiquiti originally reported that an attacker had accessed some of its IT systems, […] | Data Breach |
To see everything:
Our RSS (filtrered)
