What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-15 10:32:34 | Attackers Can Exploit Critical Citrix ADM Vulnerability to Reset Admin Passwords (lien direct) | Citrix on Tuesday warned of a critical vulnerability in Citrix Application Delivery Management (ADM) that could essentially allow an unauthenticated attacker to log in as administrator. | Vulnerability | ||
|
2022-06-15 10:01:07 | SAP Patches High-Severity NetWeaver Vulnerabilities (lien direct) | SAP on Tuesday announced the release of ten new and two updated security notes as part of its June 2022 Security Patch Day. Rated “Hot News” – the highest severity rating in SAP's book – the most important of these notes is an update to an April 2018 note containing the updates delivered for the Chrome-based browser in SAP Business Client. | |||
|
2022-06-15 09:04:08 | Microsoft to Acquire Cyber Threat Analysis Company Miburo (lien direct) | Microsoft on Tuesday announced that it's acquiring Miburo, a New York-based cyber threat analysis and research company that specializes in foreign information operations. Miburo provides analysis, consulting and training services. The startup's research team detects and attributes influence campaigns across over a dozen languages. | Threat | ★★★★★ | |
|
2022-06-14 18:38:33 | Windows Updates Patch Actively Exploited \'Follina\' Vulnerability (lien direct) | Microsoft has fixed roughly 50 vulnerabilities with its June 2022 Patch Tuesday updates, including the actively exploited flaw known as Follina and CVE-2022-30190. | Vulnerability | ||
|
2022-06-14 18:22:23 | Koverse Launches Zero Trust Data Platform (lien direct) | New attribute-based access controls (ABAC) protect sensitive data to power demanding analytics, data science, and AI use cases | |||
|
2022-06-14 16:53:47 | Adobe Plugs 46 Security Flaws on Patch Tuesday (lien direct) | Adobe's security response team has pushed out a massive batch of patches to cover at least 46 vulnerabilities in a wide range of enterprise-facing software products. As part of its scheduled Patch Tuesday release for June, Adobe warned of "critical" code execution flaws that expose both Windows and macOS users to malicious hacker attacks. | |||
|
2022-06-14 16:36:19 | (Déjà vu) ICS Patch Tuesday: Siemens, Schneider Electric Address Over 80 Vulnerabilities (lien direct) | Siemens and Schneider Electric have released their Patch Tuesday advisories for June 2022. The industrial giants have addressed a total of more than 80 vulnerabilities affecting their products. Siemens | |||
|
2022-06-14 16:18:52 | Report: L3 Emerges as Suitor for Embattled NSO Group (lien direct) | L3 Technologies, a U.S. government contractor that sells aerospace and defense technology, has emerged as a suitor for Israeli exploit merchant NSO Group. | |||
|
2022-06-14 15:24:45 | Avast: New Linux Rootkit and Backdoor Align Perfectly (lien direct) | Malware hunters at Avast have analyzed a newly discovered rootkit and backdoor that target Linux and appear designed to function in synergy with each other. | |||
|
2022-06-14 13:20:09 | SecurityWeek to Host Cloud Security Summit, Presented by Palo Alto Networks, on June 15th (lien direct) | 
|
|||
|
2022-06-14 13:06:01 | Operator of \'DownThem\' DDoS Service Sentenced to 24 Months in Prison (lien direct) | The operator of an infamous service that allowed users to launch distributed denial-of-service (DDoS) attacks was sentenced on Monday to 24 months in prison. | |||
|
2022-06-14 12:10:06 | Chinese Cyberespionage Group Starts Using New \'PingPull\' Malware (lien direct) | A Chinese state-sponsored threat actor known as Gallium has been using new malware in recent attacks that have been targeting organizations in the telecommunications, financial, and government sectors, Palo Alto Networks reports. | Malware Threat | ||
|
2022-06-14 11:25:31 | Schneider Electric, Claroty Launch Cybersecurity Solution for Buildings (lien direct) | Schneider Electric and industrial cybersecurity firm Claroty on Monday announced the launch of a joint solution designed for securing smart buildings. | |||
|
2022-06-14 11:15:20 | Malware\'s Destruction Trajectory and How to Defeat It (lien direct) | Malware and targeted attacks on operating systems and firmware have become increasingly destructive in nature, and these more nefarious attack methods are rising in prevalence. And just to add insult to injury, there are more of them. Today's attacks are hitting more often, and they are hitting harder. | |||
|
2022-06-13 18:13:35 | Drupal Patches \'High-Risk\' Third-Party Library Flaws (lien direct) | The Drupal security team has released a "moderately critical" advisory to call attention to serious vulnerabilities in a third-party library and warned that hackers can exploit the bugs to remotely hijack Drupal-powered websites. | ★★★★★ | ||
|
2022-06-13 16:45:24 | HYCU Raises $53 Million for Data Backup Technology (lien direct) | Backup-as-a-service firm HYCU has raised $53 million in a Series B funding round that brings the total invested in the company to $140.5 million. The new funding round was led by Acrew Capital, with participation from all previous investors, along with Atlassian Ventures and Cisco Investments. | |||
|
2022-06-13 14:01:02 | Researchers: Wi-Fi Probe Requests Expose User Data (lien direct) | A group of academic researchers from the University of Hamburg in Germany has discovered that mobile devices leak identifying information about their owners via Wi-Fi probe requests. Mobile devices use these probe requests to receive information about nearby Wi-Fi access points and establish connections to them when a probe response is received. | |||
|
2022-06-13 13:17:05 | Chinese Hackers Adding Backdoor to iOS, Android Web3 Wallets in \'SeaFlower\' Campaign (lien direct) | Cybercriminals likely operating out of China are distributing backdoored versions of iOS and Android Web3 wallets in an effort to steal users' seed phrase. | |||
|
2022-06-13 13:02:35 | Facilitating Convergence of Physical Security and Cyber Security With Open Source Intelligence (lien direct) | The desire to merge aspects of physical and cyber security is nothing new, especially in maturing enterprises that are proactively extending their security capabilities. Since many aspects of physical security are connected to the internet, enterprises have started to build fusion centers that combine disciplines. By doing so, they are able to converge cyber and physical security, close gaps in coverage, and scale security to protect facilities and hundreds of thousands of employees. | |||
|
2022-06-13 11:50:23 | Academics Devise New Speculative Execution Attack Against Apple M1 Chips (lien direct) | A group of academic researchers has devised a new hardware attack that bypasses pointer authentication protections on Apple's M1 processor. | |||
|
2022-06-13 11:09:48 | Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability (lien direct) | A recently patched Confluence Server vulnerability is being exploited by multiple cybercrime and state-sponsored threat groups, according to Microsoft. | Vulnerability Threat | ||
|
2022-06-13 10:50:27 | Researcher Shows How Tesla Key Card Feature Can Be Abused to Steal Cars (lien direct) | A researcher has shown how a key card feature introduced by Tesla last year could be abused to add an unauthorized key that allows an attacker to open and start a vehicle. The research was conducted by Martin Herfurt, an Austria-based member of the Trifinite research group, which focuses on Bluetooth security. | |||
|
2022-06-11 15:45:15 | Cybersecurity Courses Ramp Up Amid Shortage of Professionals (lien direct) | The pressure was on. Someone, somewhere, was attacking computer systems so customers couldn't reach certain websites. In a windowless room in Denver, Zack Privette had worked all morning with his security team to figure out what the cyber strangers were up to. | |||
|
2022-06-10 19:34:41 | Billion-Dollar Valuations Can\'t Halt Layoffs at OneTrust, Cybereason (lien direct) | Two cybersecurity vendors that recently boasted of raising hundreds of millions of dollars at unicorn valuations have confirmed staff cuts as the turmoil in the capital markets start to wreak havoc on late-stage startups. | |||
|
2022-06-10 13:46:32 | 38 Tech Leaders Sign Cyber Resilience Pledge (lien direct) | The Coalition to Reduce Cyber Risk (CR2) announced this week that it has been joined by 37 organizations across eight countries in signing a pledge to improve cyber resilience and combat threats such as ransomware. | Threat | ★★★★★ | |
|
2022-06-10 11:37:35 | Chinese Cyberspy Group \'Aoqin Dragon\' Targeting Southeast Asia, Australia Since 2013 (lien direct) | SentinelOne security researchers have analyzed the operations of a Chinese cyberespionage group that has been actively targeting education, government, and telecommunication organizations in Australia and Southeast Asia since at least 2013. | |||
|
2022-06-10 11:15:30 | (Déjà vu) Chrome 102 Update Patches High-Severity Vulnerabilities (lien direct) | Google this week announced the release of a Chrome browser update that resolves seven vulnerabilities, including four issues reported by external researchers. | |||
|
2022-06-10 10:38:11 | InfiRay Thermal Camera Flaws Can Allow Hackers to Tamper With Industrial Processes (lien direct) | InfiRay thermal cameras are affected by vulnerabilities that could allow malicious hackers to tamper with industrial processes, including to disrupt production or to make modifications that result in lower quality products. | |||
|
2022-06-10 10:08:04 | Highly-Evasive Linux Malware \'Symbiote\' Infects All Running Processes (lien direct) | Security researchers with BlackBerry and Intezer have shared details on a new Linux malware that “parasitically” infects all running processes on a target machine. | Malware | ||
|
2022-06-09 13:51:23 | \'Follina\' Vulnerability Exploited to Deliver Qbot, AsyncRAT, Other Malware (lien direct) | Several malware families are being delivered using the recently disclosed Windows vulnerability identified as Follina and CVE-2022-30190, which remains without an official patch. | Malware Vulnerability | ||
|
2022-06-09 13:00:28 | US Details Chinese Attacks Against Telecoms Providers (lien direct) | Several US government agencies have issued a joint cybersecurity advisory to provide information on the techniques and tactics that China-linked threat actors have been using to compromise telecom companies and network services providers. | Threat | ||
|
2022-06-09 11:15:31 | (Déjà vu) RSA Conference 2022 - Announcements Summary (Day 3) (lien direct) | 
Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.
|
|||
|
2022-06-09 10:42:29 | Threat Actors Start Exploiting Meeting Owl Pro Vulnerability Days After Disclosure (lien direct) | Threat actors have already started exploiting a severe vulnerability that Owl Labs addressed in its video conferencing devices earlier this week. | Vulnerability | ||
|
2022-06-09 10:14:12 | Reports: Twitter to Provide Musk With Raw Daily Tweet Data (lien direct) | 
|
|||
|
2022-06-09 09:51:24 | DefenseStorm Raises $15 Million for Banking Security and Compliance Platform (lien direct) | DefenseStorm this week announced that it has raised $15 million in Series C funding, which brings the total investment in the company to $67 million. JAM FINTOP, a venture fund focusing on financial institutions, shelled out $5 million in the funding round, with the rest coming from existing investors. | |||
|
2022-06-08 16:28:56 | Snowflake Launches Cybersecurity Workload to Find Threats Across Massive Data Sets (lien direct) | Data cloud company Snowflake (NYSE: SNOW) is the latest enterprise technology firm looking to help fuel the massive data lakes that power enterprise security programs. | Threat | ||
|
2022-06-08 15:37:52 | It Doesn\'t Pay to Pay: Study Finds Eighty Percent of Ransomware Victims Attacked Again (lien direct) | It doesn't pay to pay. This advice on ransomware payment is often given, but rarely enumerated. Now it has been. A new study finds that 80% of companies that paid a ransom were hit a second time, with 40% paying again. Seventy percent of these paid a higher amount the second time round. | Ransomware | ||
|
2022-06-08 14:46:39 | Access Management Firm Opal Launches With $10 Million Series A Investment (lien direct) | Access management provider Opal has launched this week with a $10 million Series A funding round led by Greylock. To date, the company has raised $11.8 million. Founded in 2020, the San Francisco- and New York-based startup helps organizations manage employee access by granting it more selectively, to reduce attack surface. | |||
|
2022-06-08 13:55:03 | (Déjà vu) CISA Clarifies Criteria for Adding Vulnerabilities to \'Must Patch\' List (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has provided clarifications on the criteria for adding vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. | |||
|
2022-06-08 13:22:00 | Data Breach at Shields Health Care Group Impacts 2 Million Patients (lien direct) | Shields Health Care Group has informed roughly two million individuals of a cybersecurity incident that potentially impacted their personal data. The Massachusetts-based firm provides management and imaging services to more than 50 healthcare partners and facilities throughout New England. | |||
|
2022-06-08 12:23:42 | OSINT Authentication Firm 443ID Emerges From Stealth with $8 Million Seed Funding (lien direct) | Austin, Texas-based identity and access management firm 443ID has emerged from stealth with $8 million seed funding in a round led by Bill Wood Ventures and Silverton Partners. 443ID focuses on open source intelligence (OSINT) for authentication and authorization. | |||
|
2022-06-08 11:48:25 | Owl Labs Patches Severe Vulnerability in Video Conferencing Devices (lien direct) | Video conferencing company Owl Labs has released patches for a severe vulnerability affecting its Meeting Owl Pro and Whiteboard Owl devices. Owl Labs' Meeting Owl Pro features a 360° lens camera to offer a panoramic view of the conference room. It offers support for various video conferencing solutions, including Zoom, Skype, and Google Meet. | Vulnerability | ||
|
2022-06-08 11:30:02 | Cloud Data Access Firm Immuta Raises $100 Million (lien direct) | Boston-based cloud data access and security firm Immuta has raised $100 million in a Series E round led by NightDragon, and joined by new investor Snowflake Ventures (the VC arm of Snowflake), with participation from existing investors. The new funding brings the total raised to $267 million, and values the company at $1 billion. | |||
|
2022-06-08 11:07:55 | (Déjà vu) RSA Conference 2022 - Announcements Summary (Day 2) (lien direct) |
Hundreds of companies are showcasing their products and services this week at the 2022 edition of the RSA Conference in San Francisco.
|
|||
|
2022-06-08 10:35:07 | SSNDOB Cybercrime Marketplace Taken Down by Law Enforcement (lien direct) | US law enforcement on Tuesday announced the takedown of SSNDOB Marketplace, a series of websites selling personally identifiable information (PII). For years, the SSNDOB Marketplace sold the personal information – such as Social Security numbers, names, and birth dates – of millions of people, including approximately 24 million individuals in the US. | |||
|
2022-06-08 10:16:06 | Whistic Raises $35 Million in Series B Funding for Vendor Security Network (lien direct) | Vendor security assessment company Whistic on Tuesday announced that it has raised $35 million in Series B funding, which brings the total investment in the company to $51 million. The new funding round was led by JMI Equity, with participation from Album VC, Emergence Capital, Forgepoint Capital, and FJ Labs. | |||
|
2022-06-07 18:57:03 | IBM to Acquire Randori for Attack Surface Management Tech (lien direct) | Technology giant IBM has announced plans to acquire early-stage attack surface management startup Randori in a deal that signals a major expansion of Big Blue's cybersecurity ambitions. | |||
|
2022-06-07 18:48:57 | Technical Details Released for Recently Patched Zyxel Firewall Vulnerabilities (lien direct) | Security researchers with HN Security have published technical details on two vulnerabilities affecting many Zyxel products. Tracked as CVE-2022-26531 and CVE-2022-26532, the two security holes were addressed in late May 2022 with patches for multiple firewalls, access points (APs), and AP controllers. | |||
|
2022-06-07 18:22:14 | Apple Announces New Security Update Feature in iOS 16, macOS Ventura (lien direct) | Apple this week announced a new feature designed to ensure that important security updates will be delivered to its devices faster in an effort to protect users against potential threats. The new feature, named Rapid Security Response, will become available in the upcoming iOS 16 and macOS Ventura, both scheduled for release in late 2022. | |||
|
2022-06-07 17:12:30 | Spanish Judge to Seek Testimony From NSO on Pegasus Spyware (lien direct) | A Spanish judge will travel to Israel to seek testimony from the head of tech company NSO, the maker of the controversial Pegasus spyware used in tapping politicians' phones in Spain, the country's National Court said Tuesday. |
To see everything:
Our RSS (filtrered)
