Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-06-03 10:00:06 |
Atlassian Confluence Servers Hacked via Zero-Day Vulnerability (lien direct) |
Atlassian scrambling to patch Confluence Server zero-day exploited by multiple threat groups
Atlassian customers have been warned that hackers are exploiting a Confluence Server zero-day vulnerability. The flaw is currently unpatched and it appears to have been exploited by multiple threat groups.
|
Vulnerability
Threat
|
|
|
|
2022-06-02 17:46:42 |
Report: Clipminer Botnet Operators Rake in $1.7 Million (lien direct) |
Cybercriminals operating the Clipminer botnet have raked in at least $1.7 million in illicit gains to date, according to an estimate by security researchers at Symantec.
|
|
|
★★★
|
|
2022-06-02 17:32:28 |
Exiled Iran Group Claims Tehran Hacking Attack (lien direct) |
An exiled Iranian opposition group Thursday claimed a hacking attack which it said temporarily took control of dozens of websites run by Tehran's municipality and thousands of the capital's surveillance cameras.
|
|
|
★★★★
|
|
2022-06-02 16:06:11 |
Logging and Security Analytics Firm Devo Banks New $100 Million Investment (lien direct) |
Devo Technology, a late-stage startup building technology for data logging and security analytics, has closed a new $100 million funding round that pushes its valuation in the $2 billion range.
|
|
|
|
|
2022-06-02 15:00:17 |
Millions of Budget Smartphones With UNISOC Chips Vulnerable to Remote DoS Attacks (lien direct) |
Millions of budget smartphones that use UNISOC chipsets could have their communications remotely disrupted by hackers due to a critical vulnerability discovered recently by researchers at cybersecurity firm Check Point.
|
Vulnerability
|
|
|
|
2022-06-02 15:00:11 |
Dutch Used Pegasus Spyware on Most-Wanted Criminal: Report (lien direct) |
Dutch secret services have used the controversial Israeli spyware known as Pegasus to hack targets including the country's most-wanted criminal, a news report said on Thursday.
|
Hack
|
|
|
|
2022-06-02 13:43:48 |
Cloud Data Security Startup Laminar Raises $30 Million (lien direct) |
Public cloud data protection startup Laminar today announced that it has raised an additional $30 million in an extended Series A funding round.
|
|
|
|
|
2022-06-02 13:19:03 |
US Authorities Seize Domains Selling Stolen Data, DDoS Services (lien direct) |
US law enforcement agencies this week announced the seizure of three domains that sold compromised personal information and facilitated cyberattacks on victim networks.
|
|
|
|
|
2022-06-02 12:52:06 |
Leaks Show Conti Ransomware Group Working on Firmware Exploits (lien direct) |
The recent Conti leaks show that the notorious ransomware group has been working on firmware exploits targeting the Intel Management Engine (ME) system.
|
Ransomware
|
|
★★★★★
|
|
2022-06-02 12:38:45 |
US Warns Organizations of \'Karakurt\' Cyber Extortion Group (lien direct) |
Several government agencies in the United States have issued a joint cybersecurity alert to warn organizations about a data extortion group named “Karakurt.”
|
|
|
|
|
2022-06-02 12:30:00 |
Cloud Security Startup JupiterOne Lands $70 Million at \'Unicorn\' Valuation (lien direct) |
Cloud security startup JupiterOne has raised $70 million in a new round of financing that values the company north of $1 billion.
|
|
|
|
|
2022-06-02 12:18:34 |
Coralogix Raises $142 Million for Data Observability Platform (lien direct) |
Data analytics company Coralogix announced on Wednesday that it has closed a $142 million Series D funding round, which brings the total raised by the firm to $238 million.
|
|
|
|
|
2022-06-02 11:11:24 |
Automation. Where do We Go from Here? (lien direct) |
What's next in the evolution of security automation and orchestration?
|
|
|
|
|
2022-06-02 10:45:08 |
Access Brokers and Ransomware-as-a-Service Gangs Tighten Relationships (lien direct) |
Access brokers sell compromised network access to help ransomware gangs launch attacks
|
Ransomware
|
|
|
|
2022-06-02 10:04:13 |
Cybercriminals Hold 1,200 Unsecured Elasticsearch Databases for Ransom (lien direct) |
Secureworks warns of a new attack campaign targeting internet-exposed, improperly secured Elasticsearch databases to replace their data with a ransom note.
|
|
|
|
|
2022-06-01 22:02:37 |
Paladin Capital Closes $372 Million Cyber Fund II (lien direct) |
Cybersecurity and technology investment firm Paladin Capital Group announced on Wednesday that it has closed its Cyber Fund II with over $370 million.
|
|
|
|
|
2022-06-01 19:41:25 |
Video: A Civil Discourse on SBOMs (lien direct) |
|
|
|
|
|
2022-06-01 18:38:52 |
Wray: FBI Blocked Planned Cyberattack on Children\'s Hospital (lien direct) |
The FBI thwarted a planned cyberattack on a children's hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government, FBI Director Christopher Wray said Wednesday.
|
|
|
|
|
2022-06-01 15:32:22 |
ReliaQuest to Buy Digital Shadows for $160 Million (lien direct) |
Fresh off a $300 million funding round and a billion-dollar valuation, security operations vendor ReliaQuest on Wednesday announced plans to acquire threat intelligence startup Digital Shadows in a deal valued at $160 million.
|
Threat
|
|
|
|
2022-06-01 14:56:36 |
Unpatched Vulnerability Exposes Horde Webmail Servers to Attacks (lien direct) |
The Horde webmail software is affected by a serious vulnerability that can be exploited to gain complete access to an organization's emails.
|
Vulnerability
|
|
★★★
|
|
2022-06-01 11:44:02 |
Europol Announces Takedown of FluBot Mobile Spyware (lien direct) |
Europol today announced the takedown of FluBot, a piece of mobile malware targeting both Android and iOS devices that has been fast-spreading via SMS messages.
|
Malware
|
|
|
|
2022-06-01 11:35:03 |
Ransomware Group Claims to Have Breached Foxconn Factory (lien direct) |
Cybercriminals claim to have breached the systems of an important Foxconn factory in Mexico and they are threatening to leak stolen files if the company doesn't pay a ransom.
|
|
|
|
|
2022-06-01 11:17:24 |
Vendor Refuses to Remove Backdoor Account That Can Facilitate Attacks on Industrial Firms (lien direct) |
Korenix JetPort industrial serial device servers have a backdoor account that could be abused by malicious hackers in attacks aimed at industrial organizations, but the vendor says the account is needed for customer support.
|
|
|
|
|
2022-06-01 11:16:56 |
Researchers Devise Attack Using IoT and IT to Deliver Ransomware Against OT (lien direct) |
Critical industries must prepare themselves for a new wave of ransomware attacks specifically targeting OT
|
Ransomware
|
|
|
|
2022-06-01 10:21:24 |
Chinese Threat Actors Exploiting \'Follina\' Vulnerability (lien direct) |
The Windows zero-day vulnerability identified as Follina and CVE-2022-30190 is being exploited in an increasing number of attacks, including by a Chinese APT group.
|
Vulnerability
Threat
|
|
|
|
2022-06-01 08:40:59 |
Scanning Finds Over 3.6 Million Internet-Accessible MySQL Servers (lien direct) |
The Shadowserver Foundation warns of the security risk associated with more than 3.6 million internet-exposed MySQL servers that accept connections on port 3306/TCP.
|
|
|
|
|
2022-06-01 01:31:43 |
Cyber Agency: Voting Software Vulnerable in Some States (lien direct) |
Electronic voting machines from a leading vendor used in at least 16 states have software vulnerabilities that leave them susceptible to hacking if unaddressed, the nation's leading cybersecurity agency says in an advisory sent to state election officials.
|
Guideline
|
|
|
|
2022-06-01 00:30:00 |
Costa Rica Public Health System Targeted by Ransomware (lien direct) |
Another attempted hacking of a Costa Rican government agency's computer system led the country's public health agency to shut down its systems Tuesday to protect itself, complicating the medical care of thousands of people.
|
Ransomware
|
|
|
|
2022-05-31 18:17:48 |
Three Nigerian Users of Agent Tesla RAT Arrested (lien direct) |
Interpol on Monday announced the arrest of three Nigerians accused on using the Agent Tesla remote access trojan (RAT) in financial scams.
|
|
|
|
|
2022-05-31 18:10:10 |
Surefire Cyber Tackles Incident Response With $10M Series A Funding (lien direct) |
Forgepoint Capital, a venture capital firm focused on cybersecurity investments, is pumping $10 million into an early-stage startup created to provide incident response services within the lucrative cyber-insurance ecosystem.
|
|
|
|
|
2022-05-31 13:15:56 |
Cybersecurity Training Firm Hoxhunt Raises $40 Million (lien direct) |
Cybersecurity training firm Hoxhunt today announced that it has raised $40 million in Series B investment, which brings the total raised by the company to over $43 million.
The funding round was led by Level Equity Management, with participation from previous investor Icebreaker.vc.
|
|
|
|
|
2022-05-31 12:10:01 |
Seemplicity Launches With Cybersecurity Productivity Platform, $32 Million in Funding (lien direct) |
Cybersecurity workflow and productivity startup Seemplicity has emerged from stealth mode after raising a total of $32 million in seed and Series A funding.
|
|
|
|
|
2022-05-31 11:54:08 |
Seventh Member of International Cyber Fraud Ring Sentenced to Prison (lien direct) |
The US Department of Justice on Friday announced the sentencing of John Telusma, a former member of the international cybercrime enterprise known as the “Infraud Organization.”
|
|
|
|
|
2022-05-31 10:25:25 |
Microsoft Confirms Exploitation of \'Follina\' Zero-Day Vulnerability (lien direct) |
Microsoft has confirmed that Windows is affected by a zero-day vulnerability after researchers warned of exploitation in the wild.
|
Vulnerability
|
|
|
|
2022-05-30 11:10:12 |
Document Exploiting New Microsoft Office Zero-Day Seen in the Wild (lien direct) |
Cybersecurity researchers have issued a warning after spotting what appears to be a new Microsoft Office zero-day vulnerability that may have been exploited in the wild.
|
Vulnerability
|
|
|
|
2022-05-27 18:15:33 |
Exploitation of VMware Vulnerability Imminent Following Release of PoC (lien direct) |
When VMware announced patches for a critical vulnerability on May 18, users were warned that exploitation in the wild would likely start soon, and now a proof-of-concept (PoC) exploit targeting the flaw has been made public.
|
Vulnerability
|
|
|
|
2022-05-27 17:34:49 |
Microsoft Finds Major Security Flaws in Pre-Installed Android Apps (lien direct) |
Bug hunters at Microsoft are calling attention to several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps, warning that exploitation could have allowed the implantation of a persistent backdoor on Android devices.
|
|
|
|
|
2022-05-27 11:16:54 |
FBI: Higher Education Credentials Sold on Cybercrime Forums (lien direct) |
The FBI issued an alert on Thursday to inform the higher education sector about the exposure of credentials that can allow threat actors to access user accounts or an organization's network.
According to the FBI, cybercriminals have been selling usernames and passwords on various public and dark web forums.
|
Threat
|
|
|
|
2022-05-27 10:57:07 |
Google Announces New Chrome and Chrome OS Security Features for Enterprises (lien direct) |
Google on Thursday announced several new security features for enterprises that are using Chrome and Chrome OS.
|
|
|
|
|
2022-05-27 10:36:52 |
Hundreds Stranded After Ransomware Attack on Indian Airline (lien direct) |
Hundreds of Indian air travellers were stranded inside their planes after the low-cost airline SpiceJet cancelled or delayed flights due to an "attempted ransomware attack", the company has said.
|
Ransomware
|
|
|
|
2022-05-26 16:20:42 |
Spain to Tighten Control Over Secret Services After Spying Scandal (lien direct) |
Spain's prime minister vowed Thursday to tighten oversight of the country's secret services in the wake of a scandal over the hacking of top politicians' mobile phones that has roiled his fragile coalition government.
|
|
|
|
|
2022-05-26 15:45:37 |
SYN Ventures Closes $300M Fund for Cybersecurity Bets (lien direct) |
SYN Ventures, a Florida-based venture capital firm placing early-stage bets in cybersecurity startups, has closed a new $300 million fund and announced the addition of serial entrepreneur Ryan Permeh as full-time operating partner.
|
|
|
|
|
2022-05-26 15:03:32 |
Cloud Security Firm Lacework Lays Off 20% of Workforce (lien direct) |
Cloud security company Lacework is laying off a significant chunk of its workforce as a result of restructuring.
The firm blamed the layoffs on a “seismic shift” in public and private markets, which have forced it to restructure and change its plan.
|
|
|
|
|
2022-05-26 14:19:42 |
VMware to Absorb Broadcom Security Solutions Following $61 Billion Deal (lien direct) |
Chipmaker Broadcom on Thursday announced an agreement to acquire virtualization giant VMware for roughly $61 billion in cash and stock.
|
|
|
|
|
2022-05-26 14:10:26 |
Greg Johnson to Take Reins as McAfee CEO (lien direct) |
McAfee Corp. announced this week that Greg Johnson has been appointed President and Chief Executive Officer, effective June 13, 2022.
|
|
|
|
|
2022-05-26 13:04:32 |
QCT Servers Affected by \'Pantsdown\' BMC Vulnerability (lien direct) |
Servers made by Quanta Cloud Technology (QCT) are affected by the baseboard management controller (BMC) vulnerability known as CVE-2019-6260 and “Pantsdown.”
|
Vulnerability
|
|
|
|
2022-05-26 11:09:44 |
Critical Vulnerabilities Found in Open Automation Software Platform (lien direct) |
Cisco's Talos research and threat intelligence unit revealed on Wednesday that one of its employees discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform.
|
Threat
|
|
|
|
2022-05-26 01:08:03 |
Twitter to Pay $150M Penalty Over Privacy of Users\' Data (lien direct) |
Twitter will pay a $150 million penalty and put in new safeguards to settle federal regulators' allegations that the social platform failed to protect the privacy of users' data over a six-year span.
|
|
|
|
|
2022-05-25 17:23:07 |
OT Remote Access Firm Xona Raises $7.2 Million in Series A Funding (lien direct) |
Xona Systems, an Annapolis MD-based provider of frictionless remote authentication and access to the critical infrastructure, has raised $7.2 million in a Series A funding round led by DataTribe Opportunities Fund with participation from TFX Capital and individual investors. It brings the total raised to date to $9.4 million.
|
|
|
|
|
2022-05-25 15:02:53 |
Alleged Cybercrime Ringleader Arrested in Nigeria (lien direct) |
An unnamed Nigerian man has been arrested over his alleged role leading a cybercrime group that specialized in phishing and business email compromise (BEC).
The arrest, announced on Wednesday by Interpol, is the result of an international operation involving law enforcement and several cybersecurity companies.
|
Guideline
|
|
|