What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-08 12:09:02 | PHP Developers Share Update on Recent Breach (lien direct) | The developers of the PHP scripting language have shared an update on the recently disclosed breach in which attackers planted malicious code. | |||
|
2021-04-08 11:13:54 | $200,000 Awarded for Zero-Click Zoom Exploit at Pwn2Own (lien direct) | Two researchers earned $200,000 on the second day of the Pwn2Own 2021 hacking competition for a Zoom exploit allowing remote code execution without user interaction. | |||
|
2021-04-08 10:50:21 | Vulnerability in \'Domain Time II\' Could Lead to Server, Network Compromise (lien direct) | A vulnerability residing in the “Domain Time II” network time solution can be exploited in Man-on-the-Side (MotS) attacks, cyber-security firm GRIMM warned on Tuesday. | Vulnerability | ||
|
2021-04-07 16:35:09 | Open Source Security Management Firm WhiteSource Raises $75 Million (lien direct) | Open source security management company WhiteSource on Wednesday announced that it has raised $75 million in a Series D funding round. | ★★★★ | ||
|
2021-04-07 16:27:46 | Report: Supplier Impersonation Attacks a Major Risk (lien direct) | Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks, according to a new report from enterprise security company Proofpoint. | ★★★ | ||
|
2021-04-07 15:10:01 | Fake Netflix App Luring Android Users to Malware (lien direct) | Researchers Flag 'FlixOnline' as a Malicious Android Play Store App That Combines Social Engineering With WhatsApp Auto-Replies to Propagate | Malware | ||
|
2021-04-07 14:43:05 | What Cybersecurity Policy Changes Should We Expect from the Biden Administration? (lien direct) | As the U.S. transitions to a new presidential administration, which can be expected to differ largely from the last, it is hard not to speculate how President Biden's Administration will reduce the risk of a major cyberattack against the U.S. or her interests. | ★★ | ||
|
2021-04-07 14:00:04 | Facebook Removes 14 Networks Fueling Deceptive Campaigns (lien direct) | Facebook this week announced that in March it removed a total of 14 networks of accounts from its online services, for spreading deceptive content meant to manipulate public opinion. | ★★★★★ | ||
|
2021-04-07 13:26:30 | Details Disclosed for GitHub Pages Flaws That Earned Researchers $35,000 (lien direct) | A researcher has disclosed the details of a series of vulnerabilities that could have been exploited by an attacker to access an organization's private pages on GitHub. | |||
|
2021-04-07 11:33:06 | Google Patches Critical Code Execution Vulnerability in Android (lien direct) | The April 2021 Android security bulletin published this week by Google describes more than 30 vulnerabilities in the mobile operating system, including a remote code execution flaw in the System component. | Vulnerability | ||
|
2021-04-07 10:48:21 | White Hats Earn $440,000 for Hacking Microsoft Products on First Day of Pwn2Own 2021 (lien direct) | On the first day of the Pwn2Own 2021 hacking competition, participants earned more than half a million dollars, including $440,000 for demonstrating exploits against Microsoft products. | |||
|
2021-04-07 02:15:44 | Facebook Says Hackers \'Scraped\' Data of 533 Million Users in 2019 Leak (lien direct) | Facebook said Tuesday that hackers "scraped" personal data of some half-billion users back in 2019 by taking advantage of a feature designed to help people easily find friends using contact lists. | |||
|
2021-04-07 01:34:53 | Senators Press for More on SolarWinds Hack After AP Report (lien direct) | Key lawmakers said Tuesday they're concerned they've been kept in the dark about what suspected Russian hackers stole from the federal government and they pressed Biden administration officials for more details about the scope of what's known as the SolarWinds hack. | Hack | ||
|
2021-04-06 20:14:53 | Threat Actors Quick to Target (Patched) SAP Vulnerabilities (lien direct) | Threat actors are constantly targeting new vulnerabilities in SAP applications within days after the availability of security patches, according to a joint report issued by SAP and Onapsis. | |||
|
2021-04-06 15:04:52 | ThreatQuotient Adds $22.5 Million in Funding (lien direct) | ThreatQuotient, a threat intelligence and security operations platform provider, has closed $22.5 million in new financing through a combination of equity and debt financing. | Threat | ||
|
2021-04-06 14:33:29 | APT Group Using Voice Changing Software in Spear-Phishing Campaign (lien direct) | A sub-group of the 'Molerats' threat-actor has been using voice-changing software to successfully trick targets into installing malware, according to a warning from Cado Security. | |||
|
2021-04-06 14:23:10 | US DoD Launches Vuln Disclosure Program for Contractor Networks (lien direct) | The United States Department of Defense (DoD) this week announced the launch of a new vulnerability disclosure program on HackerOne to identify vulnerabilities in Defense Industrial Base (DIB) contractor networks. | Vulnerability | ||
|
2021-04-06 14:14:15 | The Rise of Industrial IoT and How to Mitigate Risk (lien direct) | With the acceleration of digital transformation and convergence of IT and operational technology (OT) networks, Internet of Things (IoT) and Industrial IoT (IIoT) devices are becoming essential tools for companies in sectors including oil and gas, energy, utilities, manufacturing, pharmaceuticals, and food and beverage. | |||
|
2021-04-06 11:39:09 | All Eyes on PCAP: The Gold Standard of Traffic Analysis (lien direct) | PCAP Enables Defenders to See and Capture Exactly What Has Happened Across a Network, But Comes With Challenges | |||
|
2021-04-05 22:01:56 | China-Linked \'Cycldek\' Hackers Target Vietnamese Government, Military (lien direct) | China-linked cyber-espionage group Cycldek is showing increasing sophistication in a series of recent attacks targeting government and military entities in Vietnam, according to a report from anti-malware vendor Kaspersky. | |||
|
2021-04-05 15:59:15 | CISA, FBI Warn of Attacks Targeting Fortinet FortiOS (lien direct) | The U.S. government is warning that Advanced Persistent Threat (APT) actors are exploiting vulnerabilities in Fortinet FortiOS in ongoing attacks targeting commercial, government, and technology services networks. | Threat | ||
|
2021-04-05 15:51:20 | VMware Patches Critical Flaw in Carbon Black Cloud Workload (lien direct) | A critical vulnerability recently addressed in the VMware Carbon Black Cloud Workload could be abused to execute code on a vulnerable server, according to a warning from a security researcher who discovered the bug. | Vulnerability | ||
|
2021-04-05 15:44:34 | University of California Victim of Nationwide Hack Attack (lien direct) | The University of California is warning its students and staff that a ransomware group might have stolen and published their personal data and that of hundreds of other schools, government agencies and companies nationwide. | Ransomware Hack | ||
|
2021-04-03 10:51:30 | US lawmakers Press Online Ad Auctioneers Over User Data (lien direct) | A bipartisan group of US senators on Friday sent letters to major digital ad exchanges, including Google and Twitter, asking whether user data was sold to foreign entities who could use it for blackmail or other malicious ends. | |||
|
2021-04-02 15:45:24 | SecureDrop Workstation Gets Post-Audit Security Refresh (lien direct) | The open-source SecureDrop Workstation has undergone a security makeover after a third-party security audit flagged multiple problems, including a high-risk bug that could allow an attacker to plant files on target machines. | |||
|
2021-04-02 12:42:32 | Financial Sector Remains Most Targeted by Threat Actors: IBM (lien direct) | Organizations in the financial and insurance sectors were the most targeted by threat actors in 2020, continuing a trend that was first observed roughly five years ago, IBM Security reports. | Threat | ||
|
2021-04-02 12:22:59 | Nine Critical Flaws in FactoryTalk Product Pose Serious Risk to Industrial Firms (lien direct) | Industrial automation giant Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product. | |||
|
2021-04-02 01:45:26 | US Looks to Keep Critical Sectors Safe From Cyberattacks (lien direct) | A top Biden administration official says the government is undertaking a new effort to help electric utilities, water districts and other critical industries protect against potentially damaging cyberattacks. | |||
|
2021-04-02 01:32:31 | Large Florida School District Hit by Ransomware Attack (lien direct) | The computer system of one of the nation's largest school districts was hacked by a criminal gang that encrypted district data and demanded $40 million in ransom or it would erase the files and post students' and employees' personal information online. | Ransomware | ||
|
2021-04-01 19:46:47 | DHS Gives Federal Agencies 5 Days to Identify Vulnerable MS Exchange Servers (lien direct) | The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a supplemental directive requiring all federal agencies to identify | |||
|
2021-04-01 19:38:58 | Unpatched RCE Flaws Affect Tens of Thousands of QNAP SOHO NAS Devices (lien direct) | A pair of unpatched vulnerabilities in QNAP small office/home office (SOHO) network attached storage (NAS) devices could allow attackers to execute code remotely, according to a warning from security researchers at SAM Seamless Network. | |||
|
2021-04-01 19:29:15 | Kansas Man Charged with Tampering with Public Water System (lien direct) | The United States Department of Justice this week announced official charges against a Kansas man, for accessing and tampering with a public water system. | |||
|
2021-04-01 18:35:10 | After Hack, Officials Draw Attention to Supply Chain Threats (lien direct) | The U.S. government is working to draw attention to supply chain vulnerabilities, an issue that received particular attention late last year after suspected Russian hackers gained access to federal agencies and private corporations by sneaking malicious code into widely used software. | |||
|
2021-04-01 17:58:06 | Molson Coors Cyberattack, Storms Could Cost Company $140 Million (lien direct) | Cyber Incident and Texas Storms Will Delay Between 1.8 and 2.0 Million Hectoliters of Beer Production and Shipments | |||
|
2021-04-01 14:30:21 | Ubiquiti Shares Dive After Reportedly Downplaying \'Catastrophic\' Data Breach (lien direct) | Shares of New York City-based IoT device maker Ubiquiti (NYSE: UI) fell significantly this week following a report claiming that the recently disclosed data breach was “catastrophic” and that its impact was downplayed. | Data Breach | ||
|
2021-04-01 13:55:26 | (Déjà vu) Administrator of Dark Web Portal Pleads Guilty to Money Laundering (lien direct) | An Israeli national has pleaded guilty to his role in operating DeepDotWeb (DDW), a website that functioned as a gateway to various Dark Web marketplaces, the U.S. Justice Department announced on Wednesday. | Guideline | ||
|
2021-04-01 11:45:08 | VMware vROps Flaws Can Provide \'Unlimited Opportunities\' in Attacks on Companies (lien direct) | A couple of serious vulnerabilities patched recently by VMware in its vRealize Operations (vROps) product can pose a significant risk to organizations, according to a researcher involved in the discovery of the security bugs. | |||
|
2021-04-01 11:12:08 | Improve Data Utilization to Modernize the SOC (lien direct) | The Ability to Think Global, Act Local is One of the Hallmarks of a Modern Security Operations Center | |||
|
2021-04-01 10:42:15 | Cybersecurity M&A Roundup: 40 Deals Announced in March 2021 (lien direct) | 
|
|||
|
2021-04-01 03:35:06 | Websites of EU Mobile Providers Fail to Properly Secure User Data: Report (lien direct) | Sensitive data pertaining to the customers of top mobile services providers in the European Union is at risk of compromise due to improperly secured websites, data security and privacy firm Tala reveals. | |||
|
2021-03-31 21:35:01 | Citrix Patches DoS Vulnerabilities in Hypervisor (lien direct) | Vulnerabilities Citrix patched in Hypervisor this week could allow for code executed in a virtual machine to cause denial of service on the host. | |||
|
2021-03-31 20:57:11 | North Korean .Gov Hackers Back With Fake Pen-Test Company (lien direct) | A North Korean government-backed APT group has been caught using a fake pen-testing company and a range of sock puppet social media accounts in an escalation of a hacking campaign targeting security research professionals. | |||
|
2021-03-31 20:17:58 | Microsoft Wins $22 Billion Deal Making Headsets for US Army (lien direct) | Microsoft won a nearly $22 billion contract to supply U.S. Army combat troops with its augmented reality headsets. | |||
|
2021-03-31 17:21:33 | Dutch Data Protection Authority Fines Booking.com Over Incident Notification (lien direct) | The Dutch Data Protection Authority announced on Wednesday that it has issued a fine of €475,000 (roughly $550,000) to online travel agency Booking.com for failing to report a data security incident within the required timeframe. | |||
|
2021-03-31 16:29:44 | Living Security Raises $14 Million for Its Human Risk Management Platform (lien direct) | Living Security, an Austin, Texas-based company that specializes in cybersecurity awareness training, on Tuesday announced that it raised $14 million in a Series B funding round. The round was led by Updata Partners, with participation from Silverton Partners, Active Capital, Rain Capital and SaaS Venture Partners. | |||
|
2021-03-31 15:49:41 | Analyzing the UK\'s Nuclear Deterrence Theory for Cyberspace (lien direct) | 
|
|||
|
2021-03-31 14:14:05 | Iranian Hackers Target Medical Personnel in US, Israel (lien direct) | Deviating from their typical activity, an Iranian threat actor known as TA453 has mounted a phishing campaign targeting senior medical professionals in the United States and Israel, cybersecurity firm Proofpoint reports. | Threat | ||
|
2021-03-31 13:02:46 | Critical Infrastructure Protection Firm OPSWAT Secures $125 Million Growth Funding (lien direct) | Critical infrastructure protection firm OPSWAT has secured $125 million growth funding from Brighton Park Capital. The money will be used to accelerate the firm's global growth, to invest in R&D, and to pursue strategic acquisitions. | |||
|
2021-03-31 12:00:08 | Chinese Researchers Earn Another $20,000 for Chrome Sandbox Escape (lien direct) | Researchers from Chinese cybersecurity company Qihoo 360 have earned another $20,000 from Google for a sandbox escape vulnerability affecting the Chrome web browser. | Vulnerability | ||
|
2021-03-31 10:19:51 | The Often-Overlooked Element of a Hack: Endpoints (lien direct) | It is Vital to Maintain Granular Visibility and Control Over Access Points to Establish Resilience |
To see everything:
Our RSS (filtrered)
