What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-17 13:07:48 | SecurityWeek to Host Threat Intelligence Summit Virtual Event on May 18th (lien direct) | 
|
Threat | ||
|
2022-05-17 12:24:22 | Musk: Doubt About Spam Accounts Could Scuttle Twitter Deal (lien direct) | 
|
Spam | ||
|
2022-05-17 12:16:59 | Pangea Lands $25 Million Investment for API Security Services (lien direct) | Serial entrepreneur Oliver Friedrichs scores $25 million from Ballistic Ventures to build an API security services platform. | |||
|
2022-05-17 11:45:16 | Apple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina (lien direct) | Apple on Monday rolled out security updates to patch tens of vulnerabilities across its operating systems, and it has finally released macOS Big Sur and Catalina patches for two exploited vulnerabilities. | |||
|
2022-05-17 10:40:41 | (Déjà vu) Cybersecurity M&A Roundup for May 1-15, 2022 (lien direct) | 
Fifteen cybersecurity-related M&A deals have been announced in the first half of May 2022.
|
|||
|
2022-05-16 17:21:06 | Researchers Devise New Type of Bluetooth LE Relay Attacks (lien direct) | Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations. | Tool | ||
|
2022-05-16 16:06:57 | Ransomware Gang Threatens to Overthrow Costa Rica Government (lien direct) | 
|
Ransomware | ||
|
2022-05-16 15:12:22 | Hackers Can Abuse Low-Power Mode to Run Malware on Powered-Off iPhones (lien direct) | 
|
Malware | ||
|
2022-05-16 13:58:33 | US, EU to Ramp Up Chip Making and Raise Pressure on Russia (lien direct) | The United States and the European Union announced on Monday a joint effort to boost microchip manufacturing and tackle Russian disinformation around the war in Ukraine. | |||
|
2022-05-16 13:53:35 | Defending the Healthcare Security Landscape in the Age of Connected Devices (lien direct) | Articles focused on cybersecurity threats facing the connected medical device market often cite a well-worn statistic: the average hospital bed in the United States has 10 to 15 internet-enabled devices that collect and transmit data. While this number is important, it only tells part of the larger story. | |||
|
2022-05-16 12:52:02 | \'Sysrv\' Botnet Targeting Recent Spring Cloud Gateway Vulnerability (lien direct) | A new variant of the Sysrv botnet has added a recent Spring Cloud Gateway vulnerability to its exploit portfolio, Microsoft warns. The Sysrv botnet has been active since at least late 2020, looking to exploit known security bugs in access interfaces in order to compromise Windows and Linux systems and install a Monero cryptominer on them. | Vulnerability | ★★ | |
|
2022-05-16 12:05:07 | SonicWall Patches Unauthorized Access Vulnerability in SMA Appliances (lien direct) | SonicWall has released patches for multiple vulnerabilities in its Secure Mobile Access (SMA) series appliances, including a high-severity issue that could lead to unauthorized access. | Vulnerability Guideline | ★★★★ | |
|
2022-05-16 11:16:20 | (Déjà vu) CISA Removes Windows Vulnerability From \'Must-Patch\' List Due to Buggy Update (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed a Windows flaw from its Known Exploited Vulnerabilities Catalog after it was informed by Microsoft that a recent update can cause problems on some types of systems. | Vulnerability | ||
|
2022-05-16 10:05:34 | Zyxel Firewall Vulnerability Exploitation Attempts Seen One Day After Disclosure (lien direct) | Exploitation attempts targeting a recently disclosed vulnerability affecting Zyxel firewalls started just one day after the flaw's existence came to light. | Vulnerability | ||
|
2022-05-14 19:48:45 | Hired \'Hackers\' Try, and Fail, to Invade Brazil Vote System (lien direct) | More than 20 would-be hackers gathered in the Brazilian electoral authority's headquarters in the capital this week. Their mission: infiltrate the nation's voting system ahead of a hotly anticipated race in October. | |||
|
2022-05-13 15:51:38 | Iran-Linked OilRig APT Caught Using New Backdoor (lien direct) | The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan's foreign ministry, according to new research published this week. | APT 34 | ||
|
2022-05-13 15:11:38 | Hackers Can Make Siemens Building Automation Controllers \'Unavailable for Days\' (lien direct) | A vulnerability affecting building automation controllers from Siemens can be exploited to disrupt a device for an extended period of time, according to OT and IoT cybersecurity firm Nozomi Networks. | Vulnerability | ||
|
2022-05-13 13:26:53 | devOcean Emerges From Stealth With Cloud-Native Security Operations Platform (lien direct) | devOcean has emerged from stealth mode with a cloud-native security operations platform and $6 million in funding. The company's seed round was led by Glilot Capital Partners, with participation from angel investors. | APT 32 | ||
|
2022-05-13 12:41:23 | Critical Vulnerability Allows Remote Hacking of Zyxel Firewalls (lien direct) | Thousands of Zyxel firewalls could be vulnerable to remote attacks due to a vulnerability discovered recently by cybersecurity firm Rapid7. The vendor was quick to release a patch, but it did not immediately inform customers about it. | Vulnerability | ||
|
2022-05-13 11:22:38 | \'IceApple\' Post-Exploitation Framework Created for Long-Running Operations (lien direct) | CrowdStrike has detailed a new post-exploitation framework that could be the work of a state-sponsored threat actor, one likely linked to China. | Threat | ||
|
2022-05-13 11:08:59 | Critical Vulnerabilities Provide Root Access to InHand Industrial Routers (lien direct) | A total of 17 vulnerabilities have been found in a wireless industrial router made by InHand Networks, including flaws that can be chained to gain root access by getting a user to click on a malicious link. | |||
|
2022-05-13 10:43:10 | Ukrainian Sentenced to US Prison for Selling Hacked Credentials (lien direct) | A Ukrainian national has been sentenced to four years in a US prison for decrypting stolen usernames and passwords and selling them on a dark web marketplace. | ★★ | ||
|
2022-05-13 10:12:51 | Organizations in Europe Targeted With New \'Nerbian\' RAT (lien direct) | Proofpoint's security researchers have documented a new remote access trojan (RAT) being used in a series of recent attacks targeting various industries in multiple European countries. | ★★ | ||
|
2022-05-12 20:37:12 | Maryland Governor Signs Bills to Strengthen Cybersecurity (lien direct) | Gov. Larry Hogan signed measures to strengthen cybersecurity in state and local governments in Maryland on Thursday, after lawmakers approved legislation and big investments earlier this year to protect vital systems against cyberattacks. | ★★ | ||
|
2022-05-12 20:24:54 | Costa Rica Declares Emergency in Ongoing Cyberattack (lien direct) |
|
Ransomware | ★★ | |
|
2022-05-12 18:00:04 | BalkanID Raises $6M for Intelligent IGA Technology (lien direct) | BalkanID, a startup with ambitious plans to disrupt the Identity Governance and Administration (IGA) space, has banked $5.75 million in seed funding to help organizations find and remediate risky privileges across SaaS and public cloud infrastructure. | ★★ | ||
|
2022-05-12 16:24:06 | Russia Pushes Law to Force Taxi Apps to Share Data With Spy Agency (lien direct) | Russia's government has put forward a law to force ride-hailing apps to give the FSB intelligence agency real-time access to their data. The Russian authorities have been ramping up restrictions on public freedoms since the start of Moscow's offensive in Ukraine on February 24. | ★★★★ | ||
|
2022-05-12 14:10:14 | Size of Early Stage Cyber Deals Continues to Surge: DataTribe (lien direct) | Early stage cybersecurity deals continue to surge in terms of valuation and round size, and cyber may be more resilient to economic conditions compared to other verticals, cybersecurity venture capital firm and incubator DataTribe said in its latest Insights report. | ★★ | ||
|
2022-05-12 13:33:17 | Application Security Firm StackHawk Bags $20.7 Million in Series B Funding (lien direct) | Application security startup StackHawk today announced that it has raised $20.7 million in Series B funding, which brings the total investment in the company to $35.3 million. The funding round was co-led by Sapphire Ventures and Costanoa Ventures, with additional investment from Foundry Group and other investors. | ★★ | ||
|
2022-05-12 13:18:29 | Iranian Cyberspy Group Launching Ransomware Attacks Against US (lien direct) | Over the past several months, Iran-linked cyberespionage group Charming Kitten has been engaging in financially-motivated activities, the Secureworks Counter Threat Unit (CTU) reports. | Ransomware Threat Conference | APT 35 APT 35 | ★★★ |
|
2022-05-12 12:59:47 | Zero Trust Firm Xage Security Adds $6 Million \'Top-up\' to $30 Million Series B Funding (lien direct) | Palo Alto, Calif-based firm Xage has raised a $6 million top-up to the $30 million Series B funding it secured in January 2022. The new financing comes from SCF Partners, an investor in energy and critical infrastructure services, and Overture Venture Capital, which specializes in startups in government, energy and climate. | |||
|
2022-05-12 11:45:21 | HP Patches UEFI Vulnerabilities Affecting Over 200 Computers (lien direct) | HP on Wednesday announced the release of patches for two high-severity vulnerabilities that impact the UEFI firmware of more than 200 laptops, workstations, and other products. | ★★★★ | ||
|
2022-05-12 11:08:03 | Hundreds of Thousands of Konica Printers Vulnerable to Hacking via Physical Access (lien direct) | Researchers at Atos-owned cybersecurity consulting firm SEC Consult analyzed Konica Minolta printers to determine what could be achieved by an attacker who has physical access to a device. The answer: a lot! | ★★★ | ||
|
2022-05-12 10:38:11 | Prepare for What You Wish For: More CISOs on Boards (lien direct) | We have a long way to go to get adequate cybersecurity expertise on boards, but the time has come to make it happen | ★★ | ||
|
2022-05-12 10:19:38 | Intel Patches High-Severity Vulnerabilities in BIOS, Boot Guard (lien direct) | Intel on Tuesday announced the release of patches for multiple vulnerabilities across its product portfolio, including a series of high-severity vulnerabilities in the BIOS firmware of several processor models. | ★★★ | ||
|
2022-05-11 15:39:24 | The Importance of Wellness for Security Teams (lien direct) | With the talent shortage in security, employers need to use a variety of tools to recruit and retain top talent | ★★★ | ||
|
2022-05-11 15:37:18 | (Déjà vu) Chrome 101 Update Patches High-Severity Vulnerabilities (lien direct) | Google this week announced the release of a Chrome browser update that resolves a total of 13 vulnerabilities, including nine that were reported by external researchers. Of the externally reported security holes, seven are use-after-free bugs – these types of vulnerabilities could lead to arbitrary code execution. | Guideline | ★★★ | |
|
2022-05-11 15:09:47 | SaaS App Vanity URLs Can Be Spoofed for Phishing, Social Engineering (lien direct) | Vanity URLs offered by SaaS applications can be spoofed by malicious actors for phishing and social engineering, according to data security and analytics company Varonis. | ★★★ | ||
|
2022-05-11 14:56:25 | Ransomware Attack a Nail in the Coffin as Lincoln College Closes After 157 Years (lien direct) | Ransomware Attack and Covid-19 Blamed for Closure of Abraham Lincoln's Namesake College After 157 Years | ★★ | ||
|
2022-05-11 13:07:49 | Healthcare Technology Provider Omnicell Discloses Ransomware Attack (lien direct) | Healthcare technology company Omnicell revealed in a filing with the United States Securities and Exchange Commission (SEC) that it recently fell victim to a ransomware attack. | Ransomware | ★★★ | |
|
2022-05-11 12:21:09 | ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities (lien direct) | The 15 new advisories released by Siemens and Schneider Electric this Patch Tuesday address a total of 43 vulnerabilities, including ones that have been assigned a “critical” severity rating. | ★★★★ | ||
|
2022-05-11 12:01:48 | Webinar Today: Managing IoT/OT Visibility, Protection and Monitoring in a Zero Trust Environment (lien direct) | 
|
★★★ | ||
|
2022-05-11 11:48:38 | Africa Grapples With Way Forward on Cybercrime (lien direct) | Cyber experts are urging Africa to up its game in the face of criminals targeting the continent's fast-growing internet economy with scams and theft. | ★★ | ||
|
2022-05-11 11:17:40 | SAP Patches Spring4Shell Vulnerability in More Products (lien direct) | As part of its May 2022 Security Patch Day, SAP announced on Tuesday the release of eight new and four updated security notes, including three that address the recent Spring4Shell vulnerability in more products. | Vulnerability | ★★★ | |
|
2022-05-11 10:49:16 | Critical Vulnerability Exploited to \'Destroy\' BIG-IP Appliances (lien direct) | The recently patched F5 BIG-IP vulnerability tracked as CVE-2022-1388 is being increasingly exploited by threat actors, including to “destroy” affected appliances. | Vulnerability Threat | ★★★ | |
|
2022-05-11 10:09:56 | Windows Print Spooler Vulnerabilities Increasingly Exploited in Attacks (lien direct) | The number of attacks targeting Windows Print Spooler vulnerabilities has been increasing, according to cybersecurity firm Kaspersky. | ★★★★ | ||
|
2022-05-11 00:36:09 | Hackers Hit Web Hosting Provider Linked to Oregon Elections (lien direct) | A week before Oregon's primary election, the secretary of state's office is moving to protect the integrity of its online system where campaign finance records are published after a web hosting provider was hit by a ransomware attack. | Ransomware | ★★★★ | |
|
2022-05-10 18:22:58 | Patch Tuesday: Microsoft Warns of New Zero-Day Being Exploited (lien direct) | Microsoft on Tuesday released critical software updates to fix at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. | ★★★★ | ||
|
2022-05-10 18:02:52 | New Malware Samples Indicate Return of REvil Ransomware (lien direct) | New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has been resumed. Secureworks, which tracks the group behind REvil as Gold Southfield, has conducted an analysis of malware samples apparently created in March and April, and determined that the developer likely has access to the original REvil source code. | Ransomware Malware | ★★★ | |
|
2022-05-10 17:22:14 | Microsoft Azure Vulnerability Allowed Code Execution, Data Theft (lien direct) | Microsoft on Monday shared information on patches and mitigations for a vulnerability impacting Azure Data Factory and Azure Synapse Pipelines. | Vulnerability | ★★★★ |
To see everything:
Our RSS (filtrered)
