What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-24 13:52:00 | 3 Key Questions for CISOs on the Wave of Historic Industrial Cybersecurity Legislation (lien direct) | The last 18 months have been nothing short of historic for critical infrastructure companies. First, came a series of dramatic developments that highlighted the risks to industrial environments: | |||
|
2021-11-24 13:03:49 | GoDaddy Says Several Brands Hit by Recent WordPress Hosting Breach (lien direct) | Domain registrar and web hosting giant GoDaddy says the recently disclosed data breach impacts several of its brands, including 123Reg, Domain Factory, Heart Internet, Host Europe, Media Temple and tsoHost. | Data Breach | ||
|
2021-11-24 12:18:31 | CISA, FBI Warn of Potential Critical Infrastructure Attacks on Holidays (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) this week reminded organizations of all types – with a focus on critical infrastructure – that cybercriminals tend to launch impactful cyberattacks during holidays and weekends. | |||
|
2021-11-24 11:41:32 | Researcher Awarded $10,000 for Google Cloud Platform Vulnerability (lien direct) | Security researcher David Schütz says he received over $10,000 in bug bounty payouts from Google after reporting a Google Cloud project vulnerability and subsequent bypasses to rolled-out fixes. | Vulnerability | ||
|
2021-11-24 09:37:59 | Industrial Cybersecurity Firm Applied Risk Acquired by DNV (lien direct) | Norway-based assurance and risk management solutions provider DNV is acquiring industrial cybersecurity company Applied Risk in an effort to create an “industrial cybersecurity powerhouse.” The companies will merge under the DNV brand. Financial terms of the deal have not been disclosed. | |||
|
2021-11-24 05:10:39 | Japan, Vietnam Look to Cyber Defense Against China (lien direct) | Japan and Vietnam on Tuesday signed a cybersecurity agreement as the two Asian nations rapidly step up their military ties amid concerns over China's growing assertiveness. | |||
|
2021-11-23 19:58:55 | Apple Slaps Lawsuit on NSO Group Over Pegasus iOS Exploitation (lien direct) | The troubles for Israeli surveillance software maker NSO Group continue to pile up with news that Apple has filed suit to ban the company from using its software, services or devices. | |||
|
2021-11-23 17:41:36 | PoC Exploit Published for Latest Microsoft Exchange Zero-Day (lien direct) | A security researcher has released proof-of-concept (PoC) exploit code for a recently patched code execution vulnerability affecting on-prem Microsoft Exchange Server installations. | Vulnerability | ||
|
2021-11-23 17:18:26 | Preventing a Cyber Pandemic in Healthcare (lien direct) | Without the sacrifice of our frontline workers over the past two challenging years, many of our communities would not have been able to receive vital care. However, while healthcare providers have been busy protecting our communities, who has protected the sensitive personal data collected in the process? | |||
|
2021-11-23 15:55:51 | Serious Vulnerability Found in Imunify360 Web Server Security Product (lien direct) | A vulnerability discovered in CloudLinux's Imunify360 security product could have been exploited for remote code execution using specially crafted files. | Vulnerability | ||
|
2021-11-23 14:29:08 | Low Code/No Code App Security Firm Zenity Emerges From Stealth (lien direct) | Low-code/no-code application security provider Zenity today announced that it has emerged from stealth mode with $5 million in seed funding. The investment round was led by Vertex Ventures and UpWest, but Zenity says it is also backed by former Google CISO Gerhard Eschelbeck and former SuccessFactors CIO Tom Fisher. | |||
|
2021-11-23 14:06:56 | Biomanufacturing Facilities Warned of Attacks Involving Sophisticated Malware (lien direct) | The Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) on Monday raised the alarm on cyberattacks targeting biomanufacturing facilities. | Malware | ||
|
2021-11-23 13:18:44 | Schwarz Group Acquires XM Cyber for $700 Million (lien direct) | Germany-based retail giant Schwarz Group this week announced the acquisition of security posture management company XM Cyber for $700 million. Schwarz Group, known for brands such as Lidl and Kaufland, is the world's fourth-largest retailer. Last year, it announced launching a cloud computing service for third-party retailers. | |||
|
2021-11-23 12:10:27 | Cyber Insurance Firm Resilience Raises $80 Million (lien direct) | Cyber insurance and security solutions provider Resilience on Monday announced raising $80 million in a Series C funding round. The funding round was co-led by General Catalyst and Corey Thomas of Rapid7, with participation from Lightspeed Venture Partners, Founders Fund, Charles River Ventures, Shield Capital, and Intact Ventures. | |||
|
2021-11-22 19:33:37 | Severe Code Execution Vulnerabilities Affect OpenVPN-Based Applications (lien direct) | Security researchers at Claroty have raised the alarm for a series of severe code execution vulnerabilities affecting virtual private network (VPN) solutions relying on OpenVPN. | |||
|
2021-11-22 18:42:35 | Philips Working on Patches for Vulnerabilities Found in Medical Products (lien direct) | Philips is working on patches for several vulnerabilities discovered by researchers in some of the company's medical products. | |||
|
2021-11-22 17:49:31 | (Déjà vu) U.S. Agencies Share More Details on ADSelfService Plus Vulnerability Exploitation (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Coast Guard Cyber Command (CGCYBER) have shared new details on in-the-wild attacks targeting a recently patched flawin Zoho's ManageEngine ADSelfService Plus product. | Vulnerability | ||
|
2021-11-22 17:32:26 | GoDaddy Breach Exposes 1.2 Million Managed WordPress Customer Accounts (lien direct) | Domain registrar and web hosting giant GoDaddy has been hacked and customer data for some 1.2 million WordPress users were exposed to the attacker for more than three months. | |||
|
2021-11-22 16:12:17 | Wind Turbine Giant Vestas Fending Off Cyberattack (lien direct) | Danish wind turbine giant Vestas Wind Systems has been hit by what appears to be a ransomware attack that took out parts of its internal IT infrastructure and caused unspecified data compromise. | Ransomware | ||
|
2021-11-22 15:55:47 | Researchers Hack Conti Ransomware Infrastructure (lien direct) | Prodaft security researchers exploited a vulnerability in the recovery servers used by the Conti Ransomware-as-a-Service (RaaS), which allowed them to gain insight into the inner workings of the ransomware. | Ransomware Hack Vulnerability | ||
|
2021-11-22 15:27:08 | Delivering on the Promise of 5G Requires New Security Standards (lien direct) | In order to deliver on the promise of 5G, we need new industry standards for security, testing, and training | |||
|
2021-11-22 14:31:41 | (Déjà vu) Cybersecurity M&A Roundup for Third Week of November 2021 (lien direct) | 
Seven cybersecurity-related acquisitions were announced in the third week of November 2021.
|
|||
|
2021-11-22 14:06:50 | CISO Conversations: Honda Aircraft, Bombardier CISOs Discuss Getting Started in Security (lien direct) | 
|
|||
|
2021-11-22 13:48:50 | Iran\'s Mahan Air Says Hit by Cyberattack (lien direct) | Iran's second-largest airline, Mahan Air, said it had been hit by a cyberattack Sunday, the latest of several targeting the company. "Mahan Air's computer system has suffered a new attack," the company said in a statement. | |||
|
2021-11-22 13:02:19 | Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (lien direct) | Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach. As part of the incident, which was identified on September 4, 2021, unknown threat actors accessed files that contained sensitive personal information related to patients. | Data Breach Threat | ||
|
2021-11-22 12:32:00 | Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications (lien direct) | More than 20 vulnerabilities have been identified by Cisco's Talos research and threat intelligence unit in a Lantronix Wi-Fi module designed for critical industrial and commercial applications. | Threat | ||
|
2021-11-22 11:29:33 | WhatsApp Pushes Privacy Update to Comply With Irish Ruling (lien direct) | WhatsApp is adding more details to its privacy policy and flagging that information for European users, after Irish regulators slapped the chat service with a record fine for breaching strict EU data privacy rules. | |||
|
2021-11-19 17:10:44 | New \'SharkBot\' Android Banking Malware Hitting U.S., UK and Italy Targets (lien direct) | A new Android banking trojan has been found, targeting international banks from the United Kingdom and Italy (including in the U.S.). and five different cryptocurrency services. Twenty-two instances have been discovered, but more are expected. | Malware | ||
|
2021-11-19 16:02:19 | Canadian Teen Arrested Over Theft of $36 Million in Cryptocurrency (lien direct) | A Canadian teen has been arrested for their alleged role in the theft of roughly $36.5 million (CAD$46 million) worth of cryptocurrency from a single victim in the United States, according to the Hamilton Police in Ontario, Canada. | |||
|
2021-11-19 15:39:56 | U.S Banks Required to Report Cyberattacks to Regulators Within 36 Hours (lien direct) | In less than half a year, banks in the United States will be required to notify federal regulators of serious cybersecurity incidents within 36 hours. | |||
|
2021-11-19 13:44:45 | California Pizza Kitchen Says Employee Data Stolen in Breach (lien direct) | American pizza chain California Pizza Kitchen (CPK) is notifying employees of a data breach that might have resulted in some of their personal information being accessed by hackers. | Data Breach | ||
|
2021-11-19 12:39:34 | SnapAttack Spins Out of Booz Allen Hamilton With $8 Million in Funding (lien direct) | Threat hunting and detection company SnapAttack this week announced closing an $8 million funding round, just as it spun out of Booz Allen Hamilton. The funding round was led by Volition Capital. Booz Allen Hamilton and Strategic Cyber Ventures (SCV) also invested in the new independent company. | |||
|
2021-11-19 12:02:40 | GBG to Acquire Acuant in $736 Million Deal (lien direct) | UK-based identity verification and fraud prevention solutions provider GBG on Thursday announced that it has agreed to acquire Acuant in a $736 million deal. | |||
|
2021-11-19 11:49:21 | SecurityWeek to Host Security Operations Summit as Virtual Event Dec. 8 (lien direct) | 
|
|||
|
2021-11-19 11:10:33 | North Korean Hacker Group Intensifies Espionage Campaigns (lien direct) | A North Korea-linked threat actor tracked as TA406 has intensified its attacks in 2021, particularly credential harvesting campaigns, Proofpoint reports. | Threat | ||
|
2021-11-18 20:37:12 | US Indicts Iranians for Election Meddling (lien direct) | The US Justice Department announced indictments Thursday of two Iranians who allegedly took part in an online "disinformation and threat" campaign to influence American voters in the 2020 presidential election. | |||
|
2021-11-18 18:54:25 | Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector (lien direct) | Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets. | Threat | ||
|
2021-11-18 16:23:14 | Acronyms Aside, the SOC of the Future Needs These 3 Capabilities (lien direct) | Every discipline has its acronyms, but I'd venture to say cybersecurity has more than its share. We use them to describe threat actors and how they operate, as well as different security teams, their certifications and the tools they use. There's nothing wrong with acronyms, but when they are used to describe emerging solutions, an interesting phenomenon occurs…that new acronym becomes the next silver bullet technology that will solve all our security problems. | Threat | ||
|
2021-11-18 15:42:53 | Cyber Defenders Should Prepare for Holiday Ransomware Attacks (lien direct) | High days and holidays are prime time for ransomware. This should come as no surprise to anyone – but many companies remain surprisingly unaware or at least unprepared. | Ransomware | ||
|
2021-11-18 14:41:26 | New ETW Attacks Can Allow Hackers to \'Blind\' Security Products (lien direct) | Researchers have described two new attack methods that can be used to “blind” cybersecurity products that rely on a logging mechanism named Event Tracing for Windows (ETW). | |||
|
2021-11-18 14:16:56 | MDR Company Expel Raises $140 Million at Unicorn Valuation (lien direct) | Managed detection and response (MDR) provider Expel on Thursday announced raising $140.3 million in a Series E funding round. Founded in 2016, the company has raised nearly $258 million in total and it's now valued at more than $1 billion, earning it “unicorn” status. | |||
|
2021-11-18 13:22:01 | Israel Defence Minister\'s Cleaner Charged With Spying for Iran (lien direct) | A man employed in the home of Israeli Defence Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hackers, who are purportedly linked to Iran. | |||
|
2021-11-18 12:29:41 | Cloud Security Firm Lacework Raises Record-Breaking $1.3 Billion (lien direct) | 
|
|||
|
2021-11-18 12:12:49 | Microsoft Informs Users of High-Severity Vulnerability in Azure AD (lien direct) | Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD). | Vulnerability | ||
|
2021-11-18 11:49:24 | FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability (lien direct) | The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021. | Vulnerability | ||
|
2021-11-18 11:33:10 | How to Improve Red Team Effectiveness using Obfuscation (lien direct) | Setting up an obfuscated network in the cloud gives a red team the flexibility to test security against different cloud vendors | |||
|
2021-11-18 10:41:26 | Solving the Right to be Forgotten Problem (lien direct) | The Right to be Forgotten (technically the right to erasure or for users to have personal data removed from service providers' records) creates a big problem for suppliers. This right is becoming standard across the new global wave of data protection and consumer privacy legislation that has followed GDPR. | |||
|
2021-11-17 20:31:13 | Cloud Data Protection Startup Laminar Closes $32M Funding Round (lien direct) | Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised $37 million in venture capital investments. The new investment round was led by Insight Partners. Meron Capital, SentinelOne, and TLV Partners also participated. | |||
|
2021-11-17 15:55:00 | U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws (lien direct) | Iranian Threat Actors Target U.S. Critical Infrastructure, Australian Organizations | Threat | ||
|
2021-11-17 14:43:31 | Netgear Patches Code Execution Vulnerability Affecting Many Products (lien direct) | A vulnerability in Netgear small office/home office (SOHO) devices can be exploited by an attacker on the local area network (LAN) to execute code remotely with root privileges, GRIMM security researchers warn. | Vulnerability |
To see everything:
Our RSS (filtrered)
