Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-03-18 15:09:20 |
Google Analyzes Activity of \'Exotic Lily\' Initial Access Broker (lien direct) |
Google on Thursday published an analysis of the activities associated with an initial access broker (IAB) linked to a Russian-speaking cybercrime group tracked as FIN12 and Wizard Spider.
|
|
|
|
|
2022-03-18 14:48:47 |
TransUnion Confirms Data Breach at South Africa Business (lien direct) |
Credit reporting giant TransUnion has confirmed a data breach affecting its South Africa business. The company appears to have been targeted by profit-driven cybercriminals.
|
Data Breach
|
|
|
|
2022-03-18 13:08:16 |
Gh0stCringe RAT Targeting Database Servers in Recent Attacks (lien direct) |
Security researchers have identified a series of recent Gh0stCringe RAT attacks that target MS-SQL and MySQL database servers for credential harvesting and data exfiltration.
|
|
|
|
|
2022-03-18 12:12:45 |
SATCOM Cybersecurity Alert Issued as Authorities Probe Possible Russian Attack (lien direct) |
|
|
|
★★★
|
|
2022-03-17 18:46:51 |
Todyl Banks $28M Series A Investment (lien direct) |
Security and networking platform start-up Todyl on Thursday announced the closing of a $28 million Series A funding round.
The new investment round was led by Anthos Capital with participation from previous investors Blu Ventures, StoneMill Ventures, and Tech Operators.
|
|
|
|
|
2022-03-17 16:48:08 |
Microsoft Releases Open Source Tool for Securing MikroTik Routers (lien direct) |
Microsoft this week released an open source tool that can be used to secure MikroTik routers and check for signs of abuse associated with the Trickbot malware.
|
Tool
|
|
|
|
2022-03-17 15:58:58 |
Software Supply Chain Weakness: Snyk Warns of \'Deliberate Sabotage\' of NPM Ecosystem (lien direct) |
Software supply chain security fears escalated again this week with the discovery of what's being described as "deliberate sabotage" of code in the open-source npm package manager ecosystem.
|
|
|
|
|
2022-03-17 13:53:42 |
SolarWinds Warns of Attacks Targeting Web Help Desk Users (lien direct) |
SolarWinds this week issued an alert to warn customers of potential cyberattacks targeting unpatched Web Help Desk (WHD) instances.
The WHD helpdesk solution provides a ticketing system, service and asset management capabilities, a centralized knowledge base, Active Directory integration, and more.
|
|
|
|
|
2022-03-17 13:29:07 |
Most NASA Systems at Risk From Insider Threats: Audit (lien direct) |
Most of the IT systems at the National Aeronautics and Space Administration (NASA) are exposed to higher-than-necessary risks from internal threats, a recent audit has concluded.
|
|
|
|
|
2022-03-17 12:53:52 |
NIST Releases ICS Cybersecurity Guidance for Manufacturers (lien direct) |
NIST guide provides examples of commercial products that manufacturers can use to address specific security risks
|
|
|
|
|
2022-03-17 12:20:45 |
Public and Private Sector Security: Better Protection by Collaboration (lien direct) |
Bringing the resources of government and the private sector together to share knowledge creates a high-definition picture of cyber threats
|
|
|
|
|
2022-03-17 12:15:13 |
\'LokiLocker\' Ransomware Packs Data Wiping Capabilities (lien direct) |
A recently identified Ransomware-as-a-Service (Raas) family includes both file encryption and data wiping functionality, rendering infected computers unusable if the victim does not pay the ransom in time.
|
Ransomware
|
|
|
|
2022-03-17 11:55:48 |
Cyber Security Takeover May Harm Competition: UK Regulator (lien direct) |
US cyber security giant NortonLifeLock's planned purchase of Czech rival Avast for more than $8 billion risks harming competition and could face an in-depth probe, Britain's regulator warned on Wednesday.
|
|
|
|
|
2022-03-16 16:03:13 |
Hackuity Emerges From Stealth With $13 Million in Funding (lien direct) |
Risk-based vulnerability management platform Hackuity this week emerged from stealth mode with a €12 million (roughly $13.2 million) investment.
The Series A funding round was led by Sonae IM and received participation from previous investor Caisse des Dépôts. To date, the company has raised $17.2 million.
|
Vulnerability
|
|
|
|
2022-03-16 15:45:07 |
Google Patches Critical Vulnerability With Chrome 99 Update (lien direct) |
A Chrome 99 update released by Google on Tuesday patches a critical vulnerability discovered by one of the company's own researchers.
|
Vulnerability
|
|
|
|
2022-03-16 14:32:42 |
CISA Adds 14 Windows Vulnerabilities to \'Must-Patch\' List (lien direct) |
The US Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday announced that it has added 15 vulnerabilities to its Known Exploited Vulnerabilities Catalog.
|
|
|
|
|
2022-03-16 14:12:42 |
Cloudflare Announces New Security Tools for Email, Applications, APIs (lien direct) |
Cloudflare this week made several security-related announcements, offering customers a new web application firewall (WAF) engine, as well as email security and API security tools.
|
|
|
|
|
2022-03-16 12:41:17 |
Severe Vulnerability Patched in CRI-O Container Engine for Kubernetes (lien direct) |
A severe vulnerability affecting the CRI-O container engine for Kubernetes could be exploited to escape the container and gain root access to the host, CrowdStrike reports.
CRI-O is a lightweight container runtime for Kubernetes with support for OCI (Open Container Initiative) compatible runtimes.
|
Vulnerability
|
Uber
|
|
|
2022-03-16 12:21:51 |
US Warns About Russian Attacks Exploiting MFA Protocols, PrintNightmare Flaw (lien direct) |
The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI on Tuesday warned organizations that Russian state-sponsored threat actors have gained access to networks and systems by exploiting default multi-factor authentication (MFA) protocols and a Windows vulnerability known as PrintNightmare.
|
Vulnerability
Threat
|
|
|
|
2022-03-16 12:03:10 |
Senators Ask DHS About Efforts to Protect US Against Russian Cyberattacks (lien direct) |
A bipartisan group of 22 United States senators sent a letter to the Department of Homeland Security (DHS) over the weekend to inquire about its efforts to protect the US against Russian cyber and disinformation threats.
|
|
|
|
|
2022-03-16 11:38:25 |
Cybersecurity M&A Roundup for March 1-15, 2022 (lien direct) |
Twenty-two cybersecurity-related M&A deals have been announced in the first half of March 2022.
|
|
|
|
|
2022-03-16 10:26:59 |
Germany Warns Against Russia\'s Kaspersky Anti-Virus Software (lien direct) |
German cybersecurity agency BSI on Tuesday urged consumers not to use anti-virus software made by Russia's Kaspersky, warning the firm could be implicated in hacking assaults amid Russia's war in Ukraine.
|
|
|
|
|
2022-03-16 01:09:12 |
Irish Regulator Fines Facebook for Privacy Law Violations (lien direct) |
Ireland's privacy watchdog has fined Facebook's parent company, Meta, 17 million euros, or about $19 million, for violating Europe's privacy law.
|
|
|
|
|
2022-03-15 19:15:19 |
High-Severity DoS Vulnerability Patched in OpenSSL (lien direct) |
OpenSSL updates announced on Tuesday patch a high-severity denial-of-service (DoS) vulnerability related to certificate parsing.
|
Vulnerability
|
|
|
|
2022-03-15 17:33:24 |
SentinelOne to Acquire Attivo Networks for $616M (lien direct) |
Enterprise cybersecurity powerhouse SentinelOne on Tuesday announced plans to spend $616 million to acquire Attivo Networks, a Silicon Valley startup that sells breach detection technology.
|
|
|
|
|
2022-03-15 15:22:42 |
OneLayer Emerges From Stealth With $8.2M to Build Security for Private 5G Networks (lien direct) |
Tel Aviv-based OneLayer emerged from stealth mode with $8.2 million in funding to build security for private 5G networks
|
|
|
|
|
2022-03-15 13:30:15 |
Julian Assange Denied US Extradition Appeal (lien direct) |
Julian Assange was on Monday denied permission to appeal to the UK Supreme Court against moves to extradite him to the United States, where he could face a lifetime in prison.
Washington wants to put the WikiLeaks founder on trial in connection with the publication of 500,000 secret military files relating to the US-led wars in Iraq and Afghanistan.
|
|
|
|
|
2022-03-15 13:11:09 |
Over 200 Organizations Take Part in CISA\'s Cyber Storm Exercise (lien direct) |
The Cybersecurity and Infrastructure Security Agency (CISA) last week hosted Cyber Storm VIII, a three-day national cyber exercise whose goal was to test preparedness to a cyber-crisis impacting critical infrastructure.
|
|
|
|
|
2022-03-15 12:44:26 |
The Rising Importance of Research Communities for Industrial Cybersecurity (lien direct) |
IT security research communities have been around for decades, sharing their findings with community members and the vendors of the affected product with the aim of accelerating some type of corrective action to safeguard users. As appreciation for the value of this service continued to grow, vendors began to offer bug bounty programs to provide researchers financial motivation to work with them to identify vulnerabilities.
|
|
|
|
|
2022-03-15 12:20:33 |
Cyber Insurance Firm Cowbell Raises $100 Million (lien direct) |
Cyber insurance provider Cowbell Cyber today announced that it has secured $100 million in Series B funding. The company previously raised $23.6 million.
The latest investment round was led by Anthemis Group. All previous investors participated as well, along with NYCA Partners, Permira, PruVen Capital, and Viola Fintech.
|
|
|
|
|
2022-03-15 12:04:22 |
Thousands of Secret Keys Found in Leaked Samsung Source Code (lien direct) |
An analysis of the recently leaked Samsung source code revealed that thousands of secret keys have been exposed, including many that could be highly useful to malicious actors.
|
|
|
|
|
2022-03-15 11:38:33 |
CaddyWiper: Another Destructive Wiper Malware Targeting Ukraine (lien direct) |
ESET's security researchers have identified another data wiper targeting Ukrainian organizations, the third destructive malware identified since Russia began its invasion of the country.
Dubbed CaddyWiper, the threat does not show significant code similarities with known malware families, and has been used only against a small number of organizations.
|
Malware
Threat
|
|
★★★★
|
|
2022-03-15 09:48:29 |
Israel Says Government Sites Targeted by Hack (lien direct) |
Israel's National Cyber Directorate said that the country suffered a cyber attack on Monday that briefly took down a number of government web sites.
|
Hack
|
|
|
|
2022-03-14 23:33:48 |
HD Moore\'s Rumble Raises $15M Series A Investment (lien direct) |
Less than a year after emerging from stealth $5 million in seed funding, HD Moore's Rumble asset management startup is attracting heavy interest from venture capital investors.
|
|
|
|
|
2022-03-14 19:03:53 |
Apple Patch Day: Gaping Security Holes in iOS, macOS, iPadOS (lien direct) |
Apple on Monday released fixes for at least 39 security defects in its flagship iOS/iPadOS platform, warning that the most serious of the flaws could expose users to remote code execution attacks.
|
|
|
|
|
2022-03-14 15:58:14 |
Car Parts Giant Denso Targeted by Ransomware Group (lien direct) |
Japanese car parts giant Denso on Monday said hackers recently accessed its network in Germany, and the incident appears to have involved a piece of ransomware.
|
Ransomware
|
|
|
|
2022-03-14 15:03:51 |
Critical Vulnerabilities Patched in Veeam Data Backup Solution (lien direct) |
Veeam over the weekend announced patches for two critical vulnerabilities impacting Backup & Replication, a backup solution for virtual environments.
The application provides data backup and restore capabilities for virtual machines running on Hyper-V, vSphere, and Nutanix AHV, as well as for servers and workstations, and for cloud-based workloads.
|
|
|
|
|
2022-03-14 13:51:19 |
Hackers Target German Branch of Russian Oil Giant Rosneft (lien direct) |
The German subsidiary of Russian energy giant Rosneft has been hit by a cyberattack, the Federal Office for Information Security (BSI) said on Monday, with hacker group Anonymous claiming responsibility.
Rosneft Deutschland reported the incident in the early hours of Saturday morning, the BSI said.
|
|
|
|
|
2022-03-14 13:39:26 |
Does the Free World Need a Global Cyber Alliance? (lien direct) |
The increasing incidence of aggressive cyber activity from Russia, China, Iran and North Korea, together with heightened concerns over the war in Ukraine, raises an important question: should the free world unite with a global cyber alliance in response?
|
|
|
|
|
2022-03-14 13:24:14 |
Ubisoft Resets Employee Passwords Following Cyberattack (lien direct) |
Ubisoft says it has initiated a company-wide password reset operation after learning that it fell victim to a cyberattack.
|
|
|
|
|
2022-03-14 12:53:09 |
AMD Updates Spectre Mitigations Following Intel Research (lien direct) |
AMD last week informed customers that it has updated mitigations for a variant of the Spectre side-channel attack. The update comes in response to research conducted by Intel.
|
|
|
|
|
2022-03-14 12:30:36 |
Ransomware Gang Threatens to Leak Files Stolen From Tire Giant Bridgestone (lien direct) |
A well-known ransomware group is threatening to leak files stolen from tire and rubber giant Bridgestone Americas.
|
Ransomware
|
|
|
|
2022-03-14 11:59:46 |
Over 500,000 Patients Hit by Data Breaches at Healthcare Firms in Alabama, Colorado (lien direct) |
The information of more than half a million individuals was likely compromised after three healthcare services providers in Alabama and Colorado suffered cybersecurity breaches.
|
|
|
|
|
2022-03-14 11:29:50 |
The VC View: Incident Response and SOC Evolution (lien direct) |
The evolution of cybersecurity incident response and the modern SOC continues to be one of the biggest post-pandemic security trends
|
|
|
|
|
2022-03-13 14:26:20 |
Filter Blocked 70,000 Emails to Indiana Lawmakers on Bill (lien direct) |
A spam filter blocked as many as 70,000 emails sent to Indiana legislators about a contentious bill that aimed to place restrictions on teaching about racism and political topics.
|
Spam
|
|
|
|
2022-03-11 19:37:11 |
Hacked US Companies to Face New Reporting Requirements (lien direct) |
Companies critical to U.S. national interests will now have to report when they're hacked or they pay ransomware, according to new rules approved by Congress.
|
|
|
|
|
2022-03-11 15:35:44 |
Google Attempts to Explain Surge in Chrome Zero-Day Exploitation (lien direct) |
14 Chrome Zero-Day Vulnerabilities Exploited in Attacks in 2021
The number of Chrome vulnerabilities exploited in malicious attacks has been increasing over the past years and Google believes several factors have contributed to this trend.
|
|
|
|
|
2022-03-11 13:47:28 |
Russian Cyber Restraint in Ukraine Puzzles Experts (lien direct) |
The absence of any crippling Russian cyberattacks against Ukraine is puzzling experts, but they warn that low-level assaults may be coming, including against the West in retaliation for sanctions.
|
|
|
|
|
2022-03-11 13:17:32 |
High-Severity Vulnerabilities Patched in Omron PLC Programming Software (lien direct) |
Several high-severity vulnerabilities that can be exploited for remote code execution were patched recently in the CX-Programmer software of Japanese electronics giant Omron.
|
|
|
|
|
2022-03-11 12:20:47 |
Meta Releases Open Source Browser Extension for Checking Code Authenticity (lien direct) |
Facebook parent company Meta this week announced the release of Code Verify, an open source browser extension meant to verify the authenticity of code served to the browser.
|
|
|
★★★★
|