What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-03-30 14:40:32 | Biden Extends Executive Order on Cyberattack Sanctions (lien direct) |  President Joe Biden on Monday sent a letter to the House of Representatives and the Senate to extend an executive order regarding sanctions issued in response to cyberattacks.
|
|||
|
2021-03-30 13:36:40 | Akamai Sees Largest DDoS Extortion Attack Known to Date (lien direct) | Distributed denial of service (DDoS) attacks are growing bigger in volume, and they have also become more targeted and increasingly persistent, according to web security services provider Akamai. | |||
|
2021-03-30 12:21:05 | What\'s Behind the Surge in Cybersecurity Unicorns? (lien direct) | 
Security Industry Experts Share Thoughts on Why Cybersecurity Unicorns Are No Longer Rare Sightings
|
|||
|
2021-03-30 12:17:54 | Linux Kernel Vulnerabilities Can Be Exploited to Bypass Spectre Mitigations (lien direct) | Recent Linux kernel updates include patches for a couple of vulnerabilities that could allow an attacker to bypass mitigations designed to protect devices against Spectre attacks. | |||
|
2021-03-29 18:30:38 | Vulnerability in \'netmask\' npm Package Affects 280,000 Projects (lien direct) | A vulnerability in the netmask npm package could expose private networks and lead to a variety of attacks, including malware delivery. | Malware Vulnerability Guideline | ||
|
2021-03-29 18:22:38 | CompuCom Cyber-Attack Costs Could Reach $28M (lien direct) | The financial impact from a March 1 cyber-attack on CompuCom, a wholly-owned subsidiary of ODP Corporation, is expected to reach the $28 million range, the company said. | |||
|
2021-03-29 14:48:20 | More Ransomware Gangs Targeting Vulnerable Exchange Servers (lien direct) | The Black Kingdom/Pydomer ransomware operators have joined the ranks of threat actors targeting the Exchange Server vulnerabilities that Microsoft disclosed in early March. | Ransomware Threat | ||
|
2021-03-29 14:03:11 | \'Hades\' Ransomware Hits Big Firms, but Operators Slow to Respond to Victims (lien direct) | Researchers from CrowdStrike, Accenture, and Awake Security have dissected some of the attacks involving the Hades ransomware and published information on both the malware itself and the tactics, techniques and procedures (TTPs) employed by its operators. | Ransomware Malware | ||
|
2021-03-29 13:05:12 | Backdoor Disguised as Typo Fix Added to PHP Source Code (lien direct) | The developers of the PHP scripting language revealed on Sunday that they had identified what appeared to be malicious code in the php-src repository hosted on the git.php.net server. | |||
|
2021-03-29 12:41:34 | AP Sources: SolarWinds Hack Got Emails of Top DHS Officials (lien direct) | Suspected Russian hackers gained access to email accounts belonging to the Trump administration's head of the Department of Homeland Security and members of the department's cybersecurity staff whose jobs included hunting threats from foreign countries, The Associated Press has learned. | Hack | ||
|
2021-03-26 21:56:05 | Apple Patches Under-Attack iOS Zero-Day (lien direct) | Apple has shipped an urgent security update to fix a major security flaw affecting iPhone, iPad and Apple Watch devices alongside a warning that the vulnerability is being actively exploited in the wild. | Vulnerability | ||
|
2021-03-26 20:19:42 | \'Russian Hackers\' Again Target German MPs: Report (lien direct) | Several German lawmakers have once again fallen victim to a cyber attack, local media said Friday, with security experts pointing the finger at Russian hackers. Hackers used phishing emails to gain access to the computers of at least seven federal MPs and 31 lawmakers in regional parliaments, according to Der Spiegel weekly. | |||
|
2021-03-26 16:54:13 | Report: US Gov Executive Order to Mandate Data Breach Disclosure (lien direct) | A proposed executive order would set new rules on the disclosure of data breaches that also affect United States government agencies, according to a Reuters news report. | Data Breach | ||
|
2021-03-26 16:52:02 | EU, US Make New Attempt for Data Privacy Deal (lien direct) | Europe and the United States will use a thaw in ties to strike a pact that would allow for the exchange of private data across the Atlantic, replacing previous agreements struck down by an EU court. | |||
|
2021-03-26 16:14:03 | Kaspersky Sees Rise in Ransomware Attacks on ICS Devices in Developed Countries (lien direct) | Cybersecurity firm Kaspersky observed a drop in ransomware attacks on industrial control system (ICS) computers in the second half of 2020, but it saw an increase in these types of attacks in developed countries. | Ransomware | ||
|
2021-03-26 15:05:29 | (Déjà vu) Severe Flaws in Official \'Facebook for WordPress\' Plugin (lien direct) | A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence. | Vulnerability Guideline | ||
|
2021-03-26 15:05:29 | Severe Flaws in Facebook for WordPress Plugin (lien direct) | A critical vulnerability in the official Facebook for WordPress plugin could be abused to upload arbitrary files, essentially leading to remote code execution, according to a warning from security researchers at Wordfence. | Vulnerability Guideline | ||
|
2021-03-26 14:55:33 | QNAP Urges Users to Secure Devices Against Brute-Force Attacks (lien direct) | Network-attached storage appliance manufacturer QNAP Systems this week published an alert urging users to take the necessary steps to secure their devices against brute-force attacks. | |||
|
2021-03-26 14:31:06 | 5G Security Flaw Allows Data Access, DoS Attacks (lien direct) | A design flaw discovered in the architecture of 5G network slicing can allow malicious actors to access potentially sensitive data and launch denial-of-service (DoS) attacks, mobile network security company AdaptiveMobile Security warned this week. | |||
|
2021-03-26 12:22:04 | Vulnerabilities Can Allow Attackers to Remotely Gain Control of Weintek HMIs (lien direct) | A cybersecurity researcher who specializes in industrial control systems (ICS) has identified three types of critical vulnerabilities in products made by human-machine interface (HMI) manufacturer Weintek. | |||
|
2021-03-26 11:31:29 | Endpoint Security Provider Morphisec Bags $31 Million Investment (lien direct) | Endpoint security provider Morphisec on Thursday announced that it has raised $31 million in a new funding round led by JVP, with participation from existing investors, such as Orange and Deutsche Telekom Capital Partners. | |||
|
2021-03-26 10:59:11 | (Déjà vu) General Says Attacks by Foreign Hackers Are \'Clarion Call\' (lien direct) | The U.S. Cyber Command conducted more than two dozen operations aimed at thwarting interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. | Guideline | ||
|
2021-03-26 09:05:49 | Critical Flaw in Jabber for Windows Could Lead to Code Execution (lien direct) | Cisco this week announced the release of software updates that address several vulnerabilities in Jabber for desktop and mobile platforms, the most severe of which could be abused to execute arbitrary code with elevated privileges. | |||
|
2021-03-25 19:14:18 | New Code Execution Flaws In Solarwinds Orion Platform (lien direct) | Solarwinds has shipped a major security update to fix at least four documented security vulnerabilities, including a pair of bugs that be exploited for remote code execution attacks. | |||
|
2021-03-25 17:46:39 | The Growing Need for a New Security Platform (lien direct) | The idea of a security platform is not new. Neither are the issues related to security and vendor sprawl inside an organization. The original idea behind the Next-Gen Firewall was to blend several products into a single platform to reduce IT overhead and simplify wiring closets that had been overrun with security devices. And it worked. NGFW solutions quickly became the cornerstone for security implementations in virtually every organization in the world. | |||
|
2021-03-25 17:09:07 | US Cyber Experts Conducted Operations to Safeguard Election (lien direct) | The U.S. Cyber Command conducted more than two dozen operations aimed at preventing interference in last November's presidential election, the general who leads the Pentagon's cyber force said Thursday. | Guideline | ||
|
2021-03-25 16:09:29 | New Slack Connect DM Feature Raises Security Concerns (lien direct) | Business communications platform Slack rushed to take action on Wednesday after customers raised security-related concerns regarding a new feature that allows users to send direct messages to any other Slack user. | |||
|
2021-03-25 15:36:05 | Mamba Ransomware Leverages DiskCryptor for Encryption, FBI Warns (lien direct) | The Federal Bureau of Investigation (FBI) this week published an alert to warn of the fact that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives, including the operating system. | Ransomware Tool | ||
|
2021-03-25 15:21:55 | Feedzai Lands $200M in Series C Funding (lien direct) | Feedzai, a late-stage fintech startup, is the latest entrant into cybersecurity's unicorn club after snagging a new $200 million funding round that values the company at more than $1 billion. | |||
|
2021-03-25 15:16:04 | (Déjà vu) OpenSSL 1.1.1k Patches Two High-Severity Vulnerabilities (lien direct) | 
|
|||
|
2021-03-25 14:31:31 | Hackers Start Exploiting Recent Vulnerabilities in Thrive Theme WordPress Plugins (lien direct) | Over 100,000 WordPress websites could be exposed to attacks targeting a couple of recently addressed vulnerabilities affecting Thrive Theme plugins, warns the Wordfence Threat Intelligence Team at WordPress security company Defiant. | Threat | ||
|
2021-03-25 13:58:10 | 5 Things IT Should Ask Managed Security Providers (lien direct) | Over the past five years of running a managed security service offering, I've received no shortage of questions and requests from customers. They run the gamut from the completely outlandish to questions that have legitimately influenced change. Regardless of the question, it's important for managed security providers to listen to their customers and accept feedback, whether it's positive or negative. | |||
|
2021-03-25 12:31:50 | Microsoft Offers Up to $30,000 for Vulnerabilities in Teams Desktop Client (lien direct) | Microsoft on Wednesday announced that its bug bounty programs now also cover the desktop client of its Teams business communications platform. | |||
|
2021-03-25 00:02:58 | Judge Rejects Ex-CIA Worker\'s Try to Dismiss Hacking Charges (lien direct) | A former CIA employee cannot get espionage charges against him dismissed on the grounds that there weren't enough Hispanic or Black individuals on the grand jury that indicted him, a judge ruled Wednesday. | |||
|
2021-03-24 18:56:34 | Facebook Disrupts Chinese Spies Using iPhone, Android Malware (lien direct) | Facebook's threat intelligence team says it has disrupted a sophisticated Chinese spying team that routinely use iPhone and Android malware to hit journalists, dissidents and activists around the world. | Malware Threat | ||
|
2021-03-24 17:54:24 | Air Charter Firm Solairus Aviation Suffers Data Breach (lien direct) | Private aviation services provider Solairus Aviation on Tuesday announced that some employee and customer data was compromised in a security incident at third-party vendor Avianis. | Data Breach | ★★ | |
|
2021-03-24 17:12:45 | Microsoft: Ongoing, Expanding Campaign Bypassing Phishing Protections (lien direct) | A phishing email campaign detailed earlier this month is expanding with the use of additional email services to hide malicious intent, according to a warning from software giant Microsoft. | |||
|
2021-03-24 14:57:36 | Vulnerabilities in TBox RTUs Can Expose Industrial Organizations to Remote Attacks (lien direct) | UK-based industrial automation company Ovarro recently patched a series of vulnerabilities in its TBox remote terminal units (RTUs). Cybersecurity experts say these flaws could pose a serious risk to organizations. | |||
|
2021-03-24 13:44:41 | The Case for Taking Down Dark Web Sites (lien direct) | Taking Down Dark Web Sites May Cause Headache for Both the Bad Guys and the Good Guys | |||
|
2021-03-24 13:08:48 | Insurer CNA Says Cyberattack Caused Network Disruption (lien direct) | Commercial insurer CNA on Tuesday announced that it was recently targeted in what it described as a sophisticated cyberattack. The Chicago, Illinois-based company is one of the largest commercial insurers in the United States, offering cyber insurance policies alongside a broad range of other insurance products. | |||
|
2021-03-24 12:09:29 | Honeywell Says Malware Disrupted IT Systems (lien direct) | Industrial giant Honeywell on Tuesday revealed that some of its IT systems were disrupted as a result of a malware attack. The company said the intrusion was detected “recently” and only a “limited number” of IT systems were disrupted. No other information has been provided regarding impact. | Malware | ||
|
2021-03-23 20:37:49 | Purple Fox Malware Squirms Like a Worm on Windows (lien direct) | Malware hunters at Guardicore are warning that an aggressive botnet operator has turned to SMB password brute-forcing to infect and spread like a worm across the Microsoft Windows ecosystem. | Malware | ★★★★ | |
|
2021-03-23 19:12:55 | Firefox 87 Adds Stronger User Privacy Protections (lien direct) | Mozilla today announced the release of Firefox 87 in the stable channel fitted with a new intelligent tracker blocking mechanism. | |||
|
2021-03-23 17:05:10 | ID.me Snags $100M in Series C Funding (lien direct) | Digital identity network play ID.me, Inc. has joined the growing list of cybersecurity unicorns after banking a new $100 million funding round that values the company at $1.5 billion. | |||
|
2021-03-23 16:31:07 | Researchers Dive into the Operations of SilverFish Cyber-Espionage Group (lien direct) | Researchers with the PRODAFT Threat Intelligence Team took a deep dive into the operations of the SilverFish cyber-espionage group and linked one of its command and control (C&C) servers with recent high-profile malicious attacks. | Threat | ||
|
2021-03-23 15:37:03 | Sierra Wireless Says Ransomware Disrupted Production at Manufacturing Facilities (lien direct) | 
Canada-based IoT company Sierra Wireless revealed on Tuesday that its internal IT systems were hit by a ransomware attack on March 20.
|
Ransomware | ||
|
2021-03-23 14:45:35 | Identity Verification Provider Jumio Snags $150M Investment (lien direct) | Identity verification provider Jumio today announced a new $150 million investment round from private equity firm Great Hill Partners. | |||
|
2021-03-23 14:35:43 | The Cusp of a Virtual Analyst Revolution (lien direct) | Security Analytics and Threat Investigation Are in the Midst of a Sea Change | Threat | ||
|
2021-03-23 13:07:30 | Recently Patched Android Vulnerability Exploited in Attacks (lien direct) | Google has warned Android users that a recently patched vulnerability has been exploited in attacks. The vulnerability in question, tracked as CVE-2020-11261, was patched by Google with the Android security updates released in January 2021. | Vulnerability | ||
|
2021-03-23 12:30:09 | Facebook Fails in Bid to Derail $15 Bn Privacy Suit (lien direct) | The US Supreme Court on Monday declined to consider an appeal by Facebook that would have derailed a $15 billion lawsuit over whether it illegally tracked users about a decade ago. |
To see everything:
Our RSS (filtrered)
