Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-02-24 15:28:56 |
NSA Informs Cisco of Vulnerability Exposing Nexus Switches to DoS Attacks (lien direct) |
Cisco this week announced the availability of patches for four vulnerabilities in its FXOS and NX-OS network operating systems, including one denial of service bug that was reported by the NSA.
|
Vulnerability
|
|
|
|
2022-02-24 14:24:39 |
Deadbolt Ransomware Targeting Asustor NAS Devices (lien direct) |
Storage solutions provider Asustor this week issued a warning to alert users of Deadbolt ransomware attacks targeting its network-attached storage (NAS) appliances.
|
Ransomware
|
|
|
|
2022-02-24 13:48:19 |
Russia, Ukraine and the Danger of a Global Cyberwar (lien direct) |
Type:
Story
Image:
Link:
Russia, Ukraine and the Danger of a Global Cyberwar
Russia, Ukraine and the Danger of a Global Cyberwar
|
|
|
★★★★
|
|
2022-02-24 13:41:26 |
New York Plans Cybersecurity Hub to Coordinate Responses (lien direct) |
New York wants to improve its cybersecurity defenses and will open a joint operations center in the coming months to coordinate between government agencies, critical businesses and utilities, Gov. Kathy Hochul said Tuesday.
|
|
|
|
|
2022-02-24 13:21:39 |
Belden Sells Tripwire for $350M After Acquiring It for $710M (lien direct) |
Belden on Wednesday announced that it has completed the sale of cybersecurity and compliance solutions provider Tripwire for $350 million in cash, after acquiring it for $710 million in cash.
|
|
|
|
|
2022-02-24 12:47:33 |
anecdotes Raises $25 Million for Its Compliance OS Platform (lien direct) |
Compliance solutions provider anecdotes this week announced that it has raised $25 million in Series A funding, which brings the total investment in the company to $30 million.
The new funding round was led by Red Dot Capital Partners and received participation from Aleph, Glilot Capital Partners, Shasta Ventures, and Vintage Investment Partners.
|
|
|
|
|
2022-02-24 11:59:38 |
Destructive \'HermeticWiper\' Malware Targets Computers in Ukraine (lien direct) |
Just as Russia was preparing to launch an invasion of Ukraine, Ukrainian government websites were disrupted by DDoS attacks and cybersecurity firms reported seeing what appeared to be a new piece of malware on hundreds of devices in the country.
|
Malware
|
|
|
|
2022-02-24 11:34:25 |
New \'Cyclops Blink\' Malware Linked to Russian State Hackers Targets Firewalls (lien direct) |
Russia-Linked Sandworm Group Replaces VPNFilter With New Malware
|
Malware
|
VPNFilter
VPNFilter
|
|
|
2022-02-24 10:47:07 |
Salesforce Paid Out $12.2 Million in Bug Bounty Rewards to Date (lien direct) |
Customer relationship management services provider Salesforce says it has handed out more than $12.2 million in payouts to the ethical hackers who reported vulnerabilities as part of its bug bounty program.
|
|
|
|
|
2022-02-24 09:54:44 |
Cyberattacks Accompany Russian Military Assault on Ukraine (lien direct) |
The websites of Ukraine's defense, foreign and interior ministries were unreachable or painfully slow to load Thursday morning after a punishing wave of distributed-denial-of-service attacks as Russia struck at its neighbor, explosions shaking the capital of Kyiv and other major cities.
|
|
|
|
|
2022-02-23 16:05:46 |
Chinese Researchers Detail Linux Backdoor of NSA-Linked Equation Group (lien direct) |
A team of researchers from China's Pangu Lab on Wednesday published a 50-page report detailing a piece of Linux malware allegedly used against many targets by the threat actor known as the Equation Group, which has been linked to the U.S. National Security Agency (NSA).
|
Malware
Threat
|
|
★★★★
|
|
2022-02-23 15:14:40 |
Cyber Intelligence Firm Cyble Bags $10 Million in Series A Funding (lien direct) |
Cyber intelligence firm Cyble this week announced closing a $10 million Series A funding round that brings the total raised by the company to roughly $14.5 million.
The round was led by Blackbird and received participation from previous investors Cendana Capital, January Capital, Spider Capital, and VentureSouq.
|
|
|
|
|
2022-02-23 14:40:59 |
Astrix Security Nabs $15M to Tackle Attack Surface Sprawl (lien direct) |
Israeli startup Astrix Security has banked $15 million in early stage venture capital investment to build technology to help organizations secure third-party app integrations.
The Tel Aviv-based Astrix said the seed round was led by Bessemer Venture Partners and F2 Capital. Venrock and a list of angel investors also participated.
|
|
|
|
|
2022-02-23 13:56:01 |
Shadowserver Starts Conducting Daily Scans to Help Secure ICS (lien direct) |
The Shadowserver Foundation this week announced that it has started conducting daily internet scans in an effort to identify exposed industrial control systems (ICS) and help organizations reduce their exposure to attacks.
|
|
|
|
|
2022-02-23 13:26:12 |
SecurityWeek to Host 2022 Attack Surface Management Summit Today (lien direct) |
Security Leaders Will Walk Away from Virtual Event with New Strategies to Get Ahead of Attackers
|
Guideline
|
|
|
|
2022-02-23 12:38:05 |
CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool (lien direct) |
The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution.
|
Tool
|
|
|
|
2022-02-23 12:06:05 |
Cybercriminals Seek to Profit From Russia-Ukraine Conflict (lien direct) |
Dark web threat actors are looking to take advantage of the tensions between Russia and Ukraine, offering network access and databases that could be relevant to those involved in the conflict, according to a new report from Accenture.
|
Threat
|
|
|
|
2022-02-23 11:38:05 |
Increasing Number of Threat Groups Targeting OT Systems in North America (lien direct) |
An increasing number of threat groups have been targeting organizations with industrial control system (ICS) or other operational technology (OT) environments, according to a new report from industrial cybersecurity company Dragos.
|
Threat
|
|
|
|
2022-02-23 10:54:28 |
EU to Activate Cyber Response Team to Help Ukraine (lien direct) |
The European Union is set to activate an EU cyber response team to help Ukraine face Russian attacks, the unit's leader Lithuania said on Tuesday.
|
Guideline
|
|
|
|
2022-02-22 16:37:38 |
Colonial Pipeline Names Adam Tice as Chief Information Security Officer (lien direct) |
Colonial Pipeline announced on Tuesday that Adam Tice has joined the company as Chief Information Security Officer (CISO).
Tice recently led security operations, detection and response, threat intelligence, and investigations at Silicon Valley Bank.
|
Threat
|
|
|
|
2022-02-22 16:33:37 |
MDR Vendor eSentire Banks $325M at \'Unicorn\' Valuation (lien direct) |
Canadian cybersecurity vendor eSentire has scored $325 million in new financing at a heady valuation north of a billion dollars.
|
|
|
|
|
2022-02-22 16:06:27 |
\'Xenomorph\' Android Trojan Targets 56 Banking Applications (lien direct) |
More than 50,000 individuals have downloaded a new Android banking trojan through Google Play, according to online fraud detection firm ThreatFabric.
|
|
|
|
|
2022-02-22 15:18:36 |
Enterprise IoT Security Firm Phosphorus Raises $38 Million (lien direct) |
Nashville, TN-based IoT security firm Phosphorus Cybersecurity has raised $38 million in a Series A funding round led by SYN Ventures and MassMutual Ventures. Phosphorus discovers, delivers timely and automated patching and credential rotation for IoT devices in what it calls the 'Security of Things'.
|
Patching
Conference
|
APT 35
APT 35
|
|
|
2022-02-22 14:06:57 |
Mobile Malware Attacks Dropped in 2021 but Sophistication Increased (lien direct) |
The number of mobile malware attacks saw a significant drop in 2021, but attacks were more sophisticated, according to the latest mobile malware report from Kaspersky.
|
Malware
|
|
|
|
2022-02-22 13:04:49 |
Webinar Today: Highly Evasive Adaptive Threats (HEAT) (lien direct) |
|
Ransomware
|
|
|
|
2022-02-22 12:24:10 |
Cookware Distribution Giant Meyer Discloses Data Breach (lien direct) |
Cookware and bakeware distribution giant Meyer Corporation has started informing employees of a cyberattack that resulted in the theft of some of their personal data.
A subsidiary of Meyer Manufacturing Co. Ltd, the California-based company is the largest distributor of cookware in the United States, and the second largest in the world.
|
Data Breach
|
|
|
|
2022-02-22 11:53:28 |
Israeli Probe Finds Police Spied on Citizen With Pegasus (lien direct) |
An Israeli government probe into allegations of police spying on citizens using Pegasus malware on Monday said police successfully infected the phone of one individual subject to a court order.
|
Malware
|
|
|
|
2022-02-22 11:03:47 |
SynSaber Launches Palm-Sized Threat Sensor for OT Environments (lien direct) |
Industrial asset and network monitoring solutions provider SynSaber has announced the general availability of its product, a small device that enables organizations to gain visibility into their operational technology (OT) environments and detect potential threats.
|
Threat
|
|
|
|
2022-02-22 09:45:28 |
Beyond Identity Becomes Unicorn With $100 Million Series C Funding Round (lien direct) |
Identity management solutions provider Beyond Identity on Tuesday announced raising $100 million in an oversubscribed Series C funding round that brings the total raised by the company to $205 million.
With this funding round, led by Evolution Equity Partners, Beyond Identity achieves unicorn status, with a valuation of $1.1 billion.
|
|
|
|
|
2022-02-21 20:23:44 |
Wiper Used in Attack on Iran National Media Network (lien direct) |
An analysis of a January attack targeting Iran's national media corporation has found the use of multiple malware families, including a data-wiper and custom backdoors.
|
Malware
|
|
|
|
2022-02-21 19:39:48 |
Coinbase Pays $250K for \'Market-Nuking\' Security Flaw (lien direct) |
Cryptocurrency exchange Coinbase has shelled out its largest ever bug bounty payment -- a quarter of a million dollars -- for what was described as a “market-nuking” security flaw that could have allowed users to sell bitcoins they didn't own.
|
|
|
|
|
2022-02-21 17:54:14 |
Researchers Devise Method to Decrypt Hive Ransomware-Encrypted Data (lien direct) |
A group of academic researchers has found a way to exploit a security flaw in the encryption algorithm used by the Hive ransomware to recover hijacked and encrypted data.
|
Ransomware
|
|
|
|
2022-02-21 13:38:47 |
At Olympics, Cybersecurity Worries Linger in Background (lien direct) |
Warnings to use disposable “burner” phones and laptops. Privacy-protecting software. Concerns about a security flaw in an official Games smartphone app.
|
|
|
|
|
2022-02-21 13:00:59 |
CISA Warns Critical Infrastructure Organizations of Foreign Influence Operations (lien direct) |
Newly published guidance from the United States Cybersecurity and Infrastructure Security Agency (CISA) provides critical infrastructure organizations with instructions on how to prepare for and mitigate foreign influence operations.
|
|
|
|
|
2022-02-21 12:37:59 |
Conti Ransomware \'Acquires\' TrickBot as It Thrives Amid Crackdowns (lien direct) |
Experts at threat intelligence and ransomware disruption company AdvIntel believe the notorious TrickBot malware has reached its limits, but its development team appears to have been “acquired” by the Conti ransomware gang, which has been thriving amid recent crackdowns.
|
Ransomware
Malware
Threat
|
|
|
|
2022-02-21 11:32:36 |
Vulnerability in UpdraftPlus Plugin Exposed Millions of WordPress Site Backups (lien direct) |
A high-severity vulnerability in the UpdraftPlus WordPress plugin can allow an attacker to obtain website backups that could contain sensitive information.
|
Vulnerability
|
|
|
|
2022-02-21 10:41:33 |
European Cybersecurity Agencies Issue Resilience Guidance for Decision Makers (lien direct) |
The European Union Agency for Cybersecurity (ENISA) and the European Union's Computer Emergency Response Team (CERT-EU) last week published a set of best practices to help organizations boost their cyber resilience.
|
|
|
|
|
2022-02-18 20:31:29 |
White House Accuses Russia of Cyberattacks Targeting Ukraine (lien direct) |
The White House on Friday accused Russia of being responsible for recent cyberattacks targeting Ukraine's defense ministry and major banks.
|
|
|
|
|
2022-02-18 17:02:53 |
CISA Creates List of Free Cybersecurity Tools and Services for Defenders (lien direct) |
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday announced that it has compiled a list of free cybersecurity tools and services that can help organizations reduce risk and improve resilience.
|
|
|
|
|
2022-02-18 15:22:34 |
Fast-Growing Golang-Based \'Kraken\' Botnet Emerges (lien direct) |
Over the past several months, a new Golang-based botnet targeting Windows has been ensnaring hundreds of new systems with every newly deployed command and control (C&C) server, cybersecurity firm ZeroFox reports.
|
|
|
|
|
2022-02-18 14:03:52 |
Microsoft Teams Abused for Malware Distribution in Recent Attacks (lien direct) |
A recently identified malicious campaign has been abusing Microsoft Teams for the distribution of malware, enterprise email security firm Avanan reports.
|
Malware
|
|
|
|
2022-02-18 13:10:00 |
Patch for Actively Exploited Flaw in Adobe Commerce and Magento Bypassed (lien direct) |
Adobe has announced new patches for the Commerce and Magento e-commerce platforms after researchers discovered that a fix for an actively exploited zero-day can be bypassed.
|
|
|
|
|
2022-02-18 12:18:10 |
NSA Provides Guidance on Cisco Device Passwords (lien direct) |
The National Security Agency (NSA) this week published recommendations regarding the use of specific passwords when looking to secure Cisco devices.
|
|
|
|
|
2022-02-18 10:59:43 |
VMware NSX Data Center Flaw Can Expose Virtual Systems to Attacks (lien direct) |
Details of Recently Patched VMware NSX Vulnerability Disclosed
VMware this week announced the availability of a patch for a high-severity vulnerability affecting the NSX Data Center for vSphere network virtualization product.
|
Vulnerability
|
|
|
|
2022-02-17 16:10:50 |
Google Introduces \'Privacy Sandbox\' for Ads on Android (lien direct) |
Google this week announced Privacy Sandbox on Android, a new initiative expected to lead to more private advertising solutions for its mobile users.
The new solutions, the Internet giant claims, will limit the sharing of user data and will also prevent the use of cross-app identifiers, advertising IDs included.
|
Guideline
|
|
|
|
2022-02-17 15:42:11 |
Intel Software and Firmware Updates Patch 18 High-Severity Vulnerabilities (lien direct) |
Intel has released software and firmware updates to address many vulnerabilities found in the company's products.
The chipmaker last week released 22 security advisories, including seven that have an overall severity rating of “high.”
|
|
|
|
|
2022-02-17 15:34:56 |
Are You Prepared for 2022\'s More Destructive Ransomware? (lien direct) |
We're barely into 2022, and already we're seeing ransomware proliferate. What we saw last year is that while most attacks continue to exploit known vulnerabilities, cybercriminals have also redoubled efforts to target new ones – such as what we saw with Hafnium and new Microsoft Exchange vulnerabilities.
|
Ransomware
|
|
|
|
2022-02-17 14:35:42 |
FBI Warns of BEC Scams Abusing Virtual Meeting Platforms (lien direct) |
The Federal Bureau of Investigation (FBI) this week issued an alert regarding the increasing use of virtual meeting platforms to conduct business email compromise (BEC) and email account compromise (EAC) scams.
|
|
|
|
|
2022-02-17 13:32:30 |
Malicious Emails Can Crash Cisco Email Security Appliances (lien direct) |
Cisco this week informed customers that its Email Security Appliance (ESA) product is affected by a high-severity denial of service (DoS) vulnerability that can be exploited using specially crafted emails.
|
Vulnerability
|
|
|
|
2022-02-17 13:04:01 |
(Déjà vu) Hackers Had Access to Red Cross Network for 70 Days (lien direct) |
One month after disclosing a data breach that affected roughly 515,000 people, the International Committee of the Red Cross (ICRC) announced that the hackers had access to its network for 70 days before the attack was discovered.
|
Data Breach
|
|
|