What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-25 17:23:07 | OT Remote Access Firm Xona Raises $7.2 Million in Series A Funding (lien direct) | Xona Systems, an Annapolis MD-based provider of frictionless remote authentication and access to the critical infrastructure, has raised $7.2 million in a Series A funding round led by DataTribe Opportunities Fund with participation from TFX Capital and individual investors. It brings the total raised to date to $9.4 million. | |||
|
2022-05-25 15:02:53 | Alleged Cybercrime Ringleader Arrested in Nigeria (lien direct) | An unnamed Nigerian man has been arrested over his alleged role leading a cybercrime group that specialized in phishing and business email compromise (BEC). The arrest, announced on Wednesday by Interpol, is the result of an international operation involving law enforcement and several cybersecurity companies. | Guideline | ||
|
2022-05-25 14:58:27 | Webinar Today: Missing Links for Managing OT Cyber Risk (lien direct) | 
|
|||
|
2022-05-25 14:42:33 | Tapping Neurodiverse Candidates Can Address Cybersecurity Skills Shortage (lien direct) | While neurodiverse candidates don't fit the traditional mold of applicants, they can often excel at highly focused, analytical work | |||
|
2022-05-25 14:26:26 | Tidelift Raises $27 Million to Tackle Open Source Supply Chain Security (lien direct) | Boston, Mass.-based Tidelift, a company on a mission to address open source supply chain “health and security,” has raised $27 million in Series C funding. | |||
|
2022-05-25 13:43:44 | WhiteSource Becomes Mend, Adds Automatic Code Remediation (lien direct) | WhiteSource Changes Company Name to Mend | |||
|
2022-05-25 12:31:10 | Two Cybersecurity Companies Offering Free Risk Assessments (lien direct) | Endpoint security company Tanium and risk management solutions provider Reciprocity have each announced free risk assessment offerings this week. | |||
|
2022-05-25 11:23:47 | Notorious Vietnamese Hacker Turns Government Cyber Agent (lien direct) | At the height of his career, Vietnamese hacker Ngo Minh Hieu made a fortune stealing the personal data of hundreds of millions of Americans. Now he has been recruited by his own authoritarian government to hunt, he says, the kind of cyber criminal he once used to be. | |||
|
2022-05-25 11:12:13 | Chrome 102 Patches 32 Vulnerabilities (lien direct) | Google on Tuesday announced the stable channel release of Chrome 102, which patches 32 vulnerabilities, including a critical flaw reported by an anonymous researcher. | |||
|
2022-05-25 10:37:49 | Google Discloses Details of Zoom Zero-Click Remote Code Execution Exploit (lien direct) | Google's Project Zero has disclosed the details of a zero-click remote code execution exploit targeting the Zoom video conferencing software. | |||
|
2022-05-25 10:05:50 | Trend Micro Patches Vulnerability Exploited by Chinese Cyberspies (lien direct) | Cybersecurity company Trend Micro has updated one of its products to patch a vulnerability that has been exploited by a threat actor linked to China. | Vulnerability Threat | ||
|
2022-05-24 18:13:54 | Video: Fireside Chat With Shane Huntley, Director at Google\'s Threat Analysis Group (lien direct) | Threat | |||
|
2022-05-24 15:08:40 | PyPI Served Malicious Version of Popular \'Ctx\' Python Package (lien direct) | A popular Python package was compromised recently and replaced with a malicious version apparently designed to help the attacker obtain AWS credentials. | |||
|
2022-05-24 14:48:56 | Semperis Banks $200 Million to Scale Enterprise ID Protection Tech (lien direct) | Enterprise identity protection vendor Semperis has banked $200 million in a new round of funding that values the company north of $1 billion. | |||
|
2022-05-24 14:16:32 | Red Access Raises $6 Million for Secure Browsing Tech (lien direct) | Israeli startup scores investor interest in technology to help businesses block web-borne cyberattacks An early-stage Israeli startup working on secure browsing technology has banked $6 million in seed-round investment led by Elron Ventures and Ten Eleven Ventures. | |||
|
2022-05-24 13:59:51 | LimaCharlie Banks $5.45 Million in Seed Funding (lien direct) | LimaCharlie, a California company supplying tools to run an MSSP or SOC on a pay-as-you-use model, has attracted $5.45 million in seed round financing. | Tool | ||
|
2022-05-24 12:57:19 | Hackers Can \'Pre-Hijack\' Online Accounts Before They Are Created by Users (lien direct) | Threat actors could gain access to users' online accounts by leveraging a new type of technique that involves pre-hijacking an account before it's actually registered by the victim. “Account pre-hijacking” is a new class of attacks that can be used to gain access to a targeted account, and many online services could be vulnerable. | |||
|
2022-05-24 10:41:48 | Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware (lien direct) | Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community. | Malware Threat | ||
|
2022-05-24 01:31:45 | DC Sues Zuckerberg Over Cambridge Analytica Privacy Breach (lien direct) | The District of Columbia on Monday sued Meta chief Mark Zuckerberg, seeking to hold him personally liable for the Cambridge Analytica scandal, a privacy breach of millions of Facebook users' personal data that became a major corporate and political scandal. | |||
|
2022-05-23 13:41:16 | Conti Ransomware Operation Shut Down After Brand Becomes Toxic (lien direct) | The Conti ransomware operation has undergone some significant organizational structure changes in the past months after the brand became toxic due to its affiliation with the Russian government. | Ransomware | ||
|
2022-05-23 13:24:30 | Facial Recognition Firm Clearview AI Fined $9.4 Million by UK Regulator (lien direct) | ICO orders Clearview AI to delete all UK data | |||
|
2022-05-23 11:31:22 | Over $1.1 Million Awarded at Pwn2Own Vancouver 2022 for 25 Zero-Day Vulnerabilities (lien direct) | 
Participants earned a total of more than $1.15 million at the Pwn2Own Vancouver 2022 hacking contest last week.
|
|||
|
2022-05-23 10:23:44 | Cisco Warns of Exploitation Attempts Targeting New IOS XR Vulnerability (lien direct) | Cisco informed customers on Friday that it's aware of in-the-wild exploitation attempts targeting a new vulnerability affecting its IOS XR software. | Vulnerability | ||
|
2022-05-23 08:52:29 | IBM Dives Into TrickBot Gang\'s Malware Crypting Operation (lien direct) | Researchers with IBM Security's X-Force division have analyzed 13 crypters employed by the cybercrime group behind the infamous TrickBot and Conti malware. | Malware | ||
|
2022-05-23 01:06:44 | Breach Exposed Data of Half-Million Chicago Students, Staff (lien direct) | The personal information of more than half a million Chicago Public Schools students and staff was compromised in a ransomware attack last December, but the vendor didn't report it to the district until last month, officials said. | Ransomware | ||
|
2022-05-20 12:37:19 | Nikkei Says Customer Data Likely Impacted in Ransomware Attack (lien direct) | Asian media giant Nikkei has disclosed a ransomware attack that might have impacted customer data. | Ransomware | ||
|
2022-05-20 12:15:12 | New Brute Force Attacks Against SQL Servers Use PowerShell Wrapper (lien direct) | Microsoft has warned organizations of a new wave of brute force cyberattacks that target SQL servers and use a rather uncommon living-off-the-land binary (LOLBin). Specifically, the attackers rely on a legitimate utility called sqlps.exe to achieve fileless persistence on SQL servers that use weak or default passwords. | |||
|
2022-05-20 11:45:29 | (Déjà vu) DoJ Will No Longer Use CFAA to Charge Ethical Hackers (lien direct) | The United States Department of Justice has announced that it would no longer charge ethical hackers under the controversial Computer Fraud and Abuse Act (CFAA). | |||
|
2022-05-19 17:50:03 | Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies (lien direct) | As Ukrainians flooded into Poland earlier this year to flee Russian invaders, a hacking group aligned with the Kremlin sought to spread rumors that criminal gangs were waiting to harvest the organs of child refugees. | |||
|
2022-05-19 17:35:51 | Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines (lien direct) | Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. | Malware | ||
|
2022-05-19 14:13:56 | Phishers Add Chatbot to the Phishing Lure (lien direct) | Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers – they are annoying, but something we must navigate. | |||
|
2022-05-19 14:01:44 | QuSecure Lauches Quantum-Resilient Encryption Platform (lien direct) | New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn't because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the growing belief they could become available in five- or ten-years' time. | |||
|
2022-05-19 12:30:00 | Cloud Data Security Firm Dig Emerges From Stealth With $11 Million in Funding (lien direct) | Israel-based cloud data security company Dig Security on Thursday announced emerging from stealth mode with $11 million in seed funding. Dig's seed funding round was led by Israeli startup foundry Team8, with participation from CrowdStrike's Falcon Fund, CyberArk, Merlin Ventures, and several angel investors. | |||
|
2022-05-19 10:36:57 | US Recovers $15 Million From Ad Fraud Group (lien direct) | United States authorities announced this week that they have retrieved more than $15 million in illicit proceeds derived from the advertising fraud scheme known as “3ve.” | |||
|
2022-05-19 10:18:25 | Enterprise Data Protection Company Seclore Raises $27 Million (lien direct) | Enterprise data protection company Seclore this week announced that it has received $27 million in Series C growth funding, which brings the total raised by the firm to $46 million. The new investment round was led by Origami Capital Partners and Oquirrh Venture, and will allow Seclore to accelerate the development of its data security platform. | |||
|
2022-05-19 09:57:23 | CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations about two actively exploited VMware product vulnerabilities, and the agency believes two other freshly patched flaws will also be exploited soon. | |||
|
2022-05-19 08:42:20 | Microsoft Teams Exploits Earn Hackers $450,000 at Pwn2Own 2022 (lien direct) | Vulnerability researchers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022 hacking contest, including $450,000 for exploits targeting Microsoft Teams. | |||
|
2022-05-18 17:34:45 | Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data (lien direct) | Cornami, a company that helps organizations encrypt data to keep it safe from post-quantum threats, this week announced that it has raised $68 million in an oversubscribed Series C funding round. To date, the company has raised over $150 million. | |||
|
2022-05-18 15:06:31 | US Government Says North Korean IT Workers Enable DPRK Hacking Operations (lien direct) | The US government has warned companies that some of their IT workers may be from North Korea, and these individuals could be aiding their country's hacking operations. | |||
|
2022-05-18 15:06:01 | Now Live: SecurityWeek Threat Intelligence Summit Virtual Event (lien direct) | 
|
Threat | ||
|
2022-05-18 13:27:26 | The Vulnerable Maritime Supply Chain - a Threat to the Global Economy (lien direct) | 
|
Threat | ||
|
2022-05-18 12:39:28 | National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques (lien direct) | Cybersecurity agencies in the United States, the United Kingdom, Canada, the Netherlands, and New Zealand warn that threat actors exploit poor security practices for initial access to victim environments. | Threat | ||
|
2022-05-18 12:09:53 | Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver (lien direct) | The Shadowserver Foundation has started scanning the internet for Kubernetes API servers and found roughly 380,000 that allow some form of access. ShadowServer is conducting daily scans of the IPv4 space on ports 443 and 6443, looking for IP addresses that respond with an HTTP 200 OK status, which indicates that the request has succeeded. | Uber | ||
|
2022-05-18 10:51:46 | Carlyle to Acquire Defense Contractor ManTech in $4.2 Billion Deal (lien direct) | Private equity firm Carlyle is acquiring US defense contractor ManTech International Corporation in an all-cash deal valued at roughly $4.2 billion. | |||
|
2022-05-18 10:21:17 | NVIDIA Patches Code Execution Vulnerabilities in Graphics Driver (lien direct) | NVIDIA has announced the roll-out of updates for its graphics drivers to address multiple vulnerabilities, including four CVEs rated “high severity.” | |||
|
2022-05-18 08:38:10 | Large-Scale Attack Targeting Tatsu Builder WordPress Plugin (lien direct) | Tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin. | Vulnerability | ||
|
2022-05-17 16:47:02 | New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses (lien direct) | MITRE has announced a new special interest group (SIG) whose goal is to help enhance cyber defenses for industrial control systems (ICS) and operational technology (OT). | |||
|
2022-05-17 16:33:32 | Learn to Use This First: Four Fundamental Tactics to Protect Email Ecosystems (lien direct) | There is a great line in the movie Braveheart where Uncle Argyle says to young William, “First, learn to use this, then I'll teach you to use this.” He is of course talking about William's mind over his sword, but it is a prophetic statement when applied to email security. Too often organizations are entering into an email ecosystem they are not prepared to safely use. It is our responsibility as security professionals to help with this. | |||
|
2022-05-17 14:05:47 | Access Orchestration Firm Pathlock Announces Several M&As and $200M Funding (lien direct) | Access orchestration solutions provider Pathlock has announced several mergers and acquisitions, as well as raising $200 million as part of these transactions. | |||
|
2022-05-17 13:28:12 | US Accuses Venezuelan Doctor of Creating and Selling Ransomware (lien direct) | A citizen of France and Venezuela has been charged in the United States for allegedly creating, using, and selling ransomware. | Ransomware |
To see everything:
