What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-03-14 15:03:51 | Critical Vulnerabilities Patched in Veeam Data Backup Solution (lien direct) | Veeam over the weekend announced patches for two critical vulnerabilities impacting Backup & Replication, a backup solution for virtual environments. The application provides data backup and restore capabilities for virtual machines running on Hyper-V, vSphere, and Nutanix AHV, as well as for servers and workstations, and for cloud-based workloads. | |||
|
2022-03-14 13:51:19 | Hackers Target German Branch of Russian Oil Giant Rosneft (lien direct) | The German subsidiary of Russian energy giant Rosneft has been hit by a cyberattack, the Federal Office for Information Security (BSI) said on Monday, with hacker group Anonymous claiming responsibility. Rosneft Deutschland reported the incident in the early hours of Saturday morning, the BSI said. | |||
|
2022-03-14 13:39:26 | Does the Free World Need a Global Cyber Alliance? (lien direct) | The increasing incidence of aggressive cyber activity from Russia, China, Iran and North Korea, together with heightened concerns over the war in Ukraine, raises an important question: should the free world unite with a global cyber alliance in response? | |||
|
2022-03-14 13:24:14 | Ubisoft Resets Employee Passwords Following Cyberattack (lien direct) | Ubisoft says it has initiated a company-wide password reset operation after learning that it fell victim to a cyberattack. | |||
|
2022-03-14 12:53:09 | AMD Updates Spectre Mitigations Following Intel Research (lien direct) | AMD last week informed customers that it has updated mitigations for a variant of the Spectre side-channel attack. The update comes in response to research conducted by Intel. | |||
|
2022-03-14 12:30:36 | Ransomware Gang Threatens to Leak Files Stolen From Tire Giant Bridgestone (lien direct) | A well-known ransomware group is threatening to leak files stolen from tire and rubber giant Bridgestone Americas. | Ransomware | ||
|
2022-03-14 11:59:46 | Over 500,000 Patients Hit by Data Breaches at Healthcare Firms in Alabama, Colorado (lien direct) | The information of more than half a million individuals was likely compromised after three healthcare services providers in Alabama and Colorado suffered cybersecurity breaches. | |||
|
2022-03-14 11:29:50 | The VC View: Incident Response and SOC Evolution (lien direct) | The evolution of cybersecurity incident response and the modern SOC continues to be one of the biggest post-pandemic security trends | |||
|
2022-03-13 14:26:20 | Filter Blocked 70,000 Emails to Indiana Lawmakers on Bill (lien direct) | A spam filter blocked as many as 70,000 emails sent to Indiana legislators about a contentious bill that aimed to place restrictions on teaching about racism and political topics. | Spam | ||
|
2022-03-11 19:37:11 | Hacked US Companies to Face New Reporting Requirements (lien direct) | Companies critical to U.S. national interests will now have to report when they're hacked or they pay ransomware, according to new rules approved by Congress. | |||
|
2022-03-11 15:35:44 | Google Attempts to Explain Surge in Chrome Zero-Day Exploitation (lien direct) | 14 Chrome Zero-Day Vulnerabilities Exploited in Attacks in 2021 The number of Chrome vulnerabilities exploited in malicious attacks has been increasing over the past years and Google believes several factors have contributed to this trend. | |||
|
2022-03-11 13:47:28 | Russian Cyber Restraint in Ukraine Puzzles Experts (lien direct) | The absence of any crippling Russian cyberattacks against Ukraine is puzzling experts, but they warn that low-level assaults may be coming, including against the West in retaliation for sanctions. | |||
|
2022-03-11 13:17:32 | High-Severity Vulnerabilities Patched in Omron PLC Programming Software (lien direct) | Several high-severity vulnerabilities that can be exploited for remote code execution were patched recently in the CX-Programmer software of Japanese electronics giant Omron. | |||
|
2022-03-11 12:20:47 | Meta Releases Open Source Browser Extension for Checking Code Authenticity (lien direct) | Facebook parent company Meta this week announced the release of Code Verify, an open source browser extension meant to verify the authenticity of code served to the browser. | ★★★★ | ||
|
2022-03-11 12:02:48 | Canadian NetWalker Ransomware Operator Extradited to U.S. (lien direct) | A former Canadian government employee has been extradited to the United States to face charges related to dozens of NetWalker ransomware attacks. | Ransomware | ||
|
2022-03-11 11:47:24 | EU Lawmakers to Probe \'Political\' Pegasus Spyware Use (lien direct) | The European Parliament on Thursday created a "committee of inquiry" to probe accusations over the use of Pegasus spyware by governments in the bloc, notably in Hungary and Poland. | |||
|
2022-03-10 15:46:28 | U.S. Warns of Conti Ransomware Attacks as Gang Deals With Leak Fallout (lien direct) | The U.S. government has reissued an alert warning organizations about Conti ransomware attacks as the cybercrime group deals with the recent leaks. | Ransomware | ||
|
2022-03-10 15:29:01 | From Cyber Threats to Cyber Talent, Insights From the Front Lines (lien direct) | A conversation with Callie Guenther, cyber threat intelligence (CTI) manager at Critical Start | Threat | ||
|
2022-03-10 14:24:01 | 1Password Increases Top Bug Bounty Reward to $1 Million (lien direct) | Password management software vendor 1Password today announced that it is willing to pay up to $1 million to researchers able to steal secrets from its vault. The top reward is offered as part of the company's bug bounty program that has been running on Bugcrowd for years. | |||
|
2022-03-10 13:16:16 | Vodafone Investigating Source Code Theft Claims (lien direct) | Vodafone has launched an investigation after a cybercrime group claimed to have stolen hundreds of gigabytes of source code from the telecoms giant. The hacker group, calling itself “Lapsus$,” claims to have obtained roughly 200 Gb of source code files, allegedly representing approximately 5,000 GitHub repositories. | |||
|
2022-03-10 12:07:37 | Threat Intelligence Firm Cybersixgill Raises $35 Million (lien direct) | Threat intelligence company Cybersixgill today announced that it has closed a $35 million Series B investment round that brings the total raised by the company to $56 million. The funding round was led by More Provident and Pension Funds and REV Venture Partners, with additional participation from CrowdStrike, Elron Ventures, OurCrowd, and SonaeIM. | |||
|
2022-03-10 11:55:14 | New Variant of Spectre Attack Bypasses Intel and Arm Hardware Mitigations (lien direct) | A team of researchers from the Vrije Universiteit Amsterdam in the Netherlands has demonstrated a new Spectre attack variant that can bypass hardware mitigations implemented in recent years by Intel and Arm. | |||
|
2022-03-10 11:54:51 | All About the Bots: What Botnet Trends Portend for Security Pros (lien direct) | Protecting your organization against botnet threats requires a holistic, integrated approach to security | |||
|
2022-03-10 11:01:40 | China\'s Hacking of European Diplomats Aligns With Russia-Ukraine Conflict (lien direct) | In an ongoing campaign aligned with the current war in Ukraine, Chinese cyberespionage group Mustang Panda has been targeting European diplomats with an updated variant of the PlugX backdoor, cybersecurity company Proofpoint reports. | |||
|
2022-03-10 09:51:52 | Italy Fines US Facial Recognition Firm (lien direct) | Italy's data privacy watchdog on Wednesday fined US-based firm Clearview AI 20 million euros (almost $22 million) over its controversial facial recognition software. | |||
|
2022-03-10 01:47:28 | Alleged Ukrainian Hacker in US Court After Extradition From Poland (lien direct) | A Ukrainian man appeared before a US court on Wednesday to face charges over his role in ransomware attacks, including last year's hack of IT software company Kaseya. | Ransomware Hack | ||
|
2022-03-09 16:25:34 | HelpSystems to Acquire MDR Services Firm Alert Logic (lien direct) | Software firm HelpSystems continues on its cybersecurity buying spree, announcing on Wednesday that it has agreed to acquire Alert Logic, a provider of managed detection and response (MDR) services. | |||
|
2022-03-09 14:41:10 | Google Blocks Chinese Phishing Campaign Targeting U.S. Government (lien direct) | Google says it has blocked a phishing campaign originating from China and aimed at Gmail users associated with the U.S. government. | |||
|
2022-03-09 14:35:46 | Security Leaders Find Value in Veterans to Solve Cyber Skills Shortage (lien direct) | 
CISOs struggling to fill their vacancies should take a closer look at the opportunities afforded by military veterans
|
|||
|
2022-03-09 13:58:25 | Siemens Addresses Over 90 Vulnerabilities Affecting Third-Party Components (lien direct) | Siemens has released 15 new advisories to inform customers about more than 100 vulnerabilities affecting its products, including over 90 security flaws introduced by the use of third-party components. | |||
|
2022-03-09 12:00:43 | Security and the Peter Principle - Seven Signs That You Are Working for a "Peter" (lien direct) | Seven signs that you are working for a “Peter” and how you can adjust how you work to compensate | ★★★ | ||
|
2022-03-09 11:37:06 | Microsoft Warns of Spoofing Vulnerability in Defender for Endpoint (lien direct) | As part of its March 2022 security updates, Microsoft on Tuesday patched a class spoofing vulnerability in Defender for Endpoint and warned of its impact on all platforms. | Vulnerability | ||
|
2022-03-09 11:14:35 | 16 Vulnerabilities Found in Firmware of HP Enterprise Devices (lien direct) | Firmware security company Binarly has discovered more than a dozen potentially serious vulnerabilities affecting UEFI firmware present on devices from HP and possibly other vendors. | |||
|
2022-03-09 10:59:21 | The Psychology of Ransomware Response (lien direct) | 
|
Ransomware | ||
|
2022-03-08 21:21:25 | SAP Patches Critical Security Flaws in Monitoring Solutions (lien direct) | German software maker SAP this week announced the release of 12 new and four updated security notes as part of its March 2022 Patch Day. | |||
|
2022-03-08 20:03:57 | Patch Tuesday: Microsoft Fixes Multiple Code Execution Flaws (lien direct) | Microsoft's Patch Tuesday bundle for this month is a big one: 74 documented vulnerabilities in multiple Windows products and components, some serious enough to lead to remote code execution attacks. | Guideline | ||
|
2022-03-08 17:10:26 | Adobe Patches \'Critical\' Security Flaws in Illustrator, After Effects (lien direct) | Software maker Adobe on Tuesday shipped urgent security updates to fix code execution vulnerabilities in the widely deployed Illustrator and After Effects products. | |||
|
2022-03-08 16:16:24 | FBI Warns of RagnarLocker Ransomware Attacks on Critical Infrastructure (lien direct) | The Federal Bureau of Investigation (FBI) this week published an alert to provide additional information on the RagnarLocker ransomware, along with indicators of compromise (IoCs) associated with the malware. | Ransomware | ||
|
2022-03-08 15:52:39 | Medical, IoT Devices From Many Manufacturers Affected by \'Access:7\' Vulnerabilities (lien direct) | Many IoT and medical devices are affected by seven potentially serious vulnerabilities discovered in widely used remote management software, according to enterprise security company Forescout. | ★★ | ||
|
2022-03-08 15:01:20 | U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool (lien direct) | A threat group believed to be sponsored by the Chinese government has breached the networks of U.S. state governments, including through the exploitation of a zero-day vulnerability. | Tool Threat | ||
|
2022-03-08 13:42:08 | (Déjà vu) CISA Urges Organizations to Patch Recent Firefox Zero-Days (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday announced the inclusion of 11 security holes in its Known Exploited Vulnerabilities Catalog. | |||
|
2022-03-08 13:13:23 | Millions of APC Smart UPS Devices Can Be Remotely Hacked, Damaged (lien direct) | Uninterruptible power supply (UPS) products made by Schneider Electric subsidiary APC are affected by critical vulnerabilities that can be exploited to remotely hack and damage devices, according to enterprise device security company Armis. | Hack | ||
|
2022-03-08 11:46:07 | Google to Acquire Mandiant for $5.4 Billion in Cash (lien direct) | Google on Tuesday said it has agreed to acquire cybersecurity firm Mandiant in an all-cash deal valued at roughly $5.4 billion. | |||
|
2022-03-08 11:11:18 | Axonius Valued at $2.6 Billion After New $200 Million Funding Round (lien direct) | Cybersecurity asset management company Axonius on Tuesday announced that it has been valued at $2.6 billion after raising $200 million in a Series E funding round. | |||
|
2022-03-08 00:32:29 | Google Enters Bidding War for Mandiant: Reports (lien direct) | Google has joined the multi-billion-dollar jostling to purchase cybersecurity powerhouse Mandiant, according to published reports. | |||
|
2022-03-07 17:46:45 | U.S. Security Vendors Launch Critical Infrastructure Defense Project (lien direct) | Amid rising Russia tensions, Cloudflare, CrowdStrike and Ping Identity offer free security for Critical National Infrastructure operators | |||
|
2022-03-07 15:31:59 | Russia-Ukraine: Threat of Local Cyber Operations Escalating Into Global Cyberwar (lien direct) | 
|
Threat | ||
|
2022-03-07 13:49:20 | AppSec Firm Cider Security Emerges From Stealth With $38 Million in Funding (lien direct) | Application security startup Cider Security today emerged from stealth mode with $38 million in funding, which includes $6 million raised in a seed round and $32 million in Series A funding. The Series A funding round was led by Tiger Global Management and received participation from Glilot Capital Partners and Glilot's early growth fund, Glilot+. | |||
|
2022-03-07 12:20:18 | Google Fights Phishing With Updated Workspace Notifications (lien direct) | Google has made some changes to Google Workspace comment notifications in an effort to protect users against malware and phishing attacks. Previously, email notifications that were automatically sent to a user when someone mentioned them in a comment in a Google Workspace document only included the comment and the commenter's name. | Malware | ||
|
2022-03-07 11:35:15 | Emergency Firefox Update Patches Two Actively Exploited Zero-Day Vulnerabilities (lien direct) | Mozilla over the weekend issued an emergency security update for Firefox to address two zero-day vulnerabilities that have been exploited in attacks. |
To see everything:
Our RSS (filtrered)
