What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-20 11:57:02 | NSA Authorized to Issue Binding Operational Directives to Boost NSS Cybersecurity (lien direct) | 
|
|||
|
2022-01-20 11:04:19 | Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 97 Update (lien direct) | Google on Tuesday announced the release of 26 security patches as part of its latest Chrome update, including one for a critical-severity bug. A total of 22 vulnerabilities addressed with the latest Chrome refresh were reported by external researchers, including one critical-severity, 16 high-severity, and five medium-severity issues. | |||
|
2022-01-20 11:02:43 | Living Off the "Edge" of the Land (lien direct) | Edge-Access Trojans (EATs) allow attackers to collect data and even disrupt crucial decisions as the edge of the network | |||
|
2022-01-20 09:41:31 | Kaspersky Launches New Service for Removing Malicious Domains (lien direct) | Cybersecurity solutions provider Kaspersky this week announced the launch of a new service to help organizations take action against malicious websites. With the new Takedown Service, organizations essentially delegate Kaspersky to manage the process of eliminating phishing and other malicious domains that may target their brands. | |||
|
2022-01-19 21:43:47 | Red Cross Falls Victim to Massive Cyberattack (lien direct) | The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday. | |||
|
2022-01-19 20:05:49 | Microsoft Edge Adds Security Mode to Thwart Malware Attacks (lien direct) | A new security feature in the latest beta of the Microsoft Edge browser can help protect web surfers from zero-day attacks. | Malware | ||
|
2022-01-19 19:56:02 | Project Zero: Zoom Platform Missed ASLR Exploit Mitigation (lien direct) | A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation, a blunder that greatly increased exposure to malicious hacker attacks. | |||
|
2022-01-19 19:38:07 | FBI, US Agencies Look Beyond Indictments in Cybercrime Fight (lien direct) | The FBI and other federal agencies are increasingly looking to counter cyber threats through tools other than criminal indictments, the head of the bureau's cyber division said in an interview with The Associated Press. | |||
|
2022-01-19 18:44:07 | Thousands of Industrial Firms Targeted in Attacks Leveraging Short-Lived Malware (lien direct) | Thousands of industrial organizations worldwide have been hit in campaigns that leverage short-lived malware to harvest corporate credentials that are then sold by threat actors for a profit, according to Kaspersky. | Malware Threat | ||
|
2022-01-19 17:30:54 | U.S. Olympians Told to Use \'Burner Phones\' in China (lien direct) | 
Olympic athletes heading to China for the upcoming Winter Games should use burner phones and rental computers, and understand clearly that there's “no expectation of data security or privacy while operating in China.”
|
|||
|
2022-01-19 16:15:29 | Cloud Security Firm Polar Security Emerges From Stealth With $8.5 Million Seed Funding (lien direct) | Tel Aviv, Israel-based cloud security firm Polar Security has emerged from stealth with $8.5 million seed funding in a round led by Glilot Capital Partners with participation from IBI Tech Fund. | |||
|
2022-01-19 15:24:37 | Oracle\'s First Security Updates for 2022 Include 497 Patches (lien direct) | Oracle on Tuesday announced its first set of quarterly security updates for 2022, which include a total of 497 new patches. More than half of the addressed vulnerabilities can be exploited remotely without authentication. | |||
|
2022-01-19 14:27:42 | BlackBerry Researchers Dive Into Prometheus TDS Operations (lien direct) | BlackBerry's security researchers have closely analyzed the Prometheus TDS (Traffic Direction System) and discovered a correlation with a leaked Cobalt Strike SSL key pair, as well as with various malware families. | Malware | ||
|
2022-01-19 13:59:33 | 1Password Raises Mammoth $620 Million Funding Round (lien direct) | Investors continue to pour cash into Canadian password management software vendor 1Password, pushing the company's valuation to $6.8 billion. | |||
|
2022-01-19 13:31:16 | XDR Firm Trellix Launches Following Merger of McAfee Enterprise and FireEye (lien direct) | Private equity giant Symphony Technology Group (STG) on Wednesday announced the launch of Trellix, an extended detection and response (XDR) solutions provider created following the merger of McAfee Enterprise and FireEye. | |||
|
2022-01-19 12:37:35 | Ukraine Attacks Involved Exploitation of Log4j, October CMS Vulnerabilities (lien direct) | 
CISA Warns Organizations of 'Critical Threats' Following Ukraine Attacks
|
|||
|
2022-01-19 12:10:17 | Zero Trust Network Access Provider Banyan Security Raises $30 Million (lien direct) | Zero trust network access (ZTNA) solutions provider Banyan Security on Tuesday announced that it has raised $30 million in Series B funding, which brings the total raised by the company to $47 million. The funding round was led by Third Point Ventures, with participation from Alter Venture Partners, SIG, Shasta Ventures, and Unusual Ventures. | |||
|
2022-01-19 10:52:32 | Mandatory Chinese Olympics App Has \'Devastating\' Encryption Flaw: Analyst (lien direct) | An app all attendees of the upcoming Beijing Olympics must use has encryption flaws that could allow personal information to leak, a cyber security watchdog said Tuesday. | |||
|
2022-01-18 19:41:55 | Multi-Factor Authentication Bypass Led to Box Account Takeover (lien direct) | A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over victim's accounts without having access to the victim's phone, according to new research from Varonis. | Vulnerability | ||
|
2022-01-18 19:41:26 | Cyber Insights 2022: Supply Chain (lien direct) | 
|
|||
|
2022-01-18 16:48:49 | Cloud Detection and Response Firm Permiso Emerges From Stealth With $10M in Funding (lien direct) | Cloud infrastructure identity detection and response firm Permiso has emerged from stealth with $10 million seed funding. The company identifies and tracks human, machine, vendor and service provider identities in IaaS and PaaS infrastructures. | |||
|
2022-01-18 16:39:54 | VirusTotal Hacking Offers a Supercharged Version of Google Hacking (lien direct) | Chronicle's VirusTotal (VT) is a boon to security researchers and a gift to potential criminals. Apart from virus samples it contains likely millions of user credentials readily available to anyone who knows where and how to look. | |||
|
2022-01-18 15:13:59 | Israel Lawmakers Outraged Over Claim Police Used NSO Spyware (lien direct) | Israeli lawmakers on Tuesday called for a parliamentary inquiry into the police's alleged use of sophisticated spyware on Israeli citizens, including protesters opposed to former Prime Minister Benjamin Netanyahu, following a newspaper report on the surveillance. | |||
|
2022-01-18 14:43:36 | Zoho Patches Critical Vulnerability in Endpoint Management Solutions (lien direct) | Zoho Corp on Monday said it has released patches for a critical vulnerability affecting Desktop Central and Desktop Central MSP, the endpoint management solutions from ManageEngine. | Vulnerability | ||
|
2022-01-18 14:26:22 | Five Key Signals From Russia\'s REvil Ransomware Bust (lien direct) | The sudden move by Russia's top law enforcement agency to conduct a very public takedown of the REvil ransomware operation has set tongues wagging about how diplomacy may hold the key to slowing big-game ransomware attacks. | Ransomware | ||
|
2022-01-18 14:12:40 | VPNLab Goes Down After Servers Seized in Law Enforcement Operation (lien direct) | Europol on Tuesday announced the shutdown of VPNLab, a VPN service that had often been used by cybercriminals. VPNLab has been shut down after law enforcement authorities seized 15 servers across 10 countries. Police in Germany, the Czech Republic, France, Latvia, Hungary, Ukraine, the UK, the US, and Canada took part in the operation. | |||
|
2022-01-18 13:35:58 | Accellion Reaches $8.1 Million Settlement Over FTA Data Breach (lien direct) | Enterprise content firewall provider Accellion has reached an $8.1 million settlement to end a lawsuit over a data breach involving its legacy file sharing service FTA, Reuters reports. | Data Breach | ||
|
2022-01-18 12:39:33 | ICS Vendors Targeted in Espionage Campaign Focusing on Renewable Energy (lien direct) | Major industrial control system (ICS) vendors and other types of organizations have been targeted in a cyberespionage campaign that appears to focus on renewable energy. | |||
|
2022-01-18 11:49:28 | How to Attract Hard-to-Find Cybersecurity Talent (lien direct) | It's tempting to view cybersecurity through the lens that new and better technology will knock down threats and deliver all the protection an organization needs. While the right tools, applications and systems are essential, the problem for most organizations is managing a security framework. | |||
|
2022-01-18 11:00:59 | World Economic Forum Highlights Continued Gap Between Security and Business Leaders (lien direct) | Despite the current 'buzz' cliché phrase that 'security is top of mind' with business leadership, a new report from the World Economic Forum (WEF) highlights the continuing gap between business and security leaders. | Guideline | ||
|
2022-01-18 09:35:35 | NATO, Ukraine Sign Deal to \'Deepen\' Cyber Cooperation (lien direct) | NATO on Monday inked a deal to bolster its cyber support for Ukraine, after a sweeping hacking attack against Kyiv heightened tensions amid fears that Russia could be plotting an invasion. | |||
|
2022-01-18 04:14:09 | Additional Healthcare Firms Disclose Impact From Netgain Ransomware Attack (lien direct) | Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago. | Ransomware Data Breach | ||
|
2022-01-17 16:06:30 | Vulnerability in IDEMIA Biometric Readers Allows Hackers to Unlock Doors (lien direct) | A critical vulnerability impacting multiple IDEMIA biometric identification devices can be exploited to unlock doors and turnstiles. Because of this security defect, if the TLS protocol is not activated, an attacker in the network can send specific commands without authentication to open doors or turnstiles directly operated by a vulnerable device. | Vulnerability | ||
|
2022-01-17 15:03:47 | Oracle to Release Nearly 500 New Security Patches (lien direct) | Oracle is preparing the release of nearly 500 new security patches with its Critical Patch Update (CPU) for January 2022. | |||
|
2022-01-17 14:14:23 | Safari 15 Vulnerability Allows Cross-Site Tracking of Users (lien direct) | A vulnerability in Apple's implementation of the IndexedDB API in Safari 15 allows websites to track users' activity on other sites and even to reveal their identity, browser fingerprinting and fraud detection firm FingerprintJS explains. | Vulnerability | ||
|
2022-01-17 13:13:42 | Critical SAP Vulnerability Allows Supply Chain Attacks (lien direct) | A critical vulnerability addressed recently in SAP NetWeaver AS ABAP and ABAP Platform could be abused to set up supply chain attacks, SAP security solutions provider SecurityBridge warns. | Vulnerability | ||
|
2022-01-17 12:23:14 | Cybersecurity M&A Roundup for January 1-16, 2022 (lien direct) | 
Fifteen acquisitions were announced in the first half of January 2022.
|
|||
|
2022-01-17 11:40:12 | Personal Information Compromised in Goodwill Website Hack (lien direct) | Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach. | Hack | ||
|
2022-01-16 21:06:57 | Microsoft Uncovers Destructive Malware Used in Ukraine Cyberattacks (lien direct) | Newly detected WhisperGate malware being used by previously unknown threat group in cyberattacks against Ukraine | Malware Threat | ||
|
2022-01-16 17:23:36 | Russian Court Remands Hackers in Custody (lien direct) | A Moscow court on Saturday remanded eight hackers in custody for two months as Russia cracks down on the REvil cybercrime group at Washington's request. | |||
|
2022-01-16 14:19:42 | Ukraine Says Has \'Evidence\' Russia Behind Cyberattack (lien direct) | Ukraine said Sunday it had evidence that Russia was behind a massive cyberattack that knocked out key government websites this past week, as Microsoft warned the hack could be far worse than first thought. | Hack | ||
|
2022-01-15 20:27:33 | Ukraine Hacks Add to Worries of Cyber Conflict With Russia (lien direct) | Hackers on Friday temporarily shut down dozens of Ukrainian government websites, causing no major damage but adding to simmering tensions while Russia amasses troops on the Ukrainian border. Separately, in a rare gesture to the U.S. at a time of chilly relations, Russia said it had arrested members of a major ransomware gang that targeted U.S. entities. | Ransomware | ||
|
2022-01-14 18:55:01 | Details Published on AWS Flaws Leading to Data Leaks (lien direct) | Researchers at cloud security startup Orca Security have publicly documented a pair of vulnerabilities in AWS CloudFormation and AWS Glue that attackers could use to leak sensitive files or access other customers' data. | |||
|
2022-01-14 16:21:56 | Austrian Regulator Says Google Analytics Contravenes GDPR (lien direct) | A new ruling from the Austrian Data Protection Authority (DPA) traps EU/U.S. data transfers between a rock and hard place. The rock is GDPR. The hard place is FISA. And the two are fundamentally incompatible. | |||
|
2022-01-14 15:29:16 | North Korean Hackers Stole $400 Million Worth of Cryptocurrency in 2021 (lien direct) | North Korea-linked hacking group Lazarus stole close to $400 million worth of crypto-assets last year, Chainalysis reports. | APT 38 APT 28 | ||
|
2022-01-14 15:04:04 | Cyber Attack in Albuquerque Latest to Target Public Schools (lien direct) | When the superintendent of Albuquerque Public Schools announced earlier this week a cyber attack would lead to the cancellation of classes for around 75,000 students, he noted that the district's technology department had been fending off attacks “for the last few weeks.” | Guideline | ||
|
2022-01-14 14:29:33 | Russia Lays the Smackdown on REvil Ransomware Gang (lien direct) | Russia on Friday said it has cracked down on the infamous REvil hacking group, known for its high profile supply chain attack against software maker Kaseya, and a ransomware attack against JBS USA that forced the shutdown of a portion of the world's largest meat processing company. | Ransomware | ||
|
2022-01-14 13:07:51 | Recent GootLoader Campaign Targets Law, Accounting Firms (lien direct) | A recently observed GootLoader campaign has been focusing on infecting the devices of legal and accounting company employees with malware, eSentire reports. | |||
|
2022-01-14 12:16:10 | Salvadoran Government Denies Using Spyware on Journalists (lien direct) | The government of El Salvador has denied using the Israeli Pegasus software to spy on journalists and activists. | |||
|
2022-01-14 11:45:39 | U.S. Government, Tech Giants Discuss Open Source Software Security (lien direct) | 
|
To see everything:
Our RSS (filtrered)
