What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-19 14:56:06 | Microsoft, Intel and Goldman Sachs Lead New Supply Chain Security Group at TCG (lien direct) | Microsoft, Intel and Goldman Sachs will lead a new work group focusing on supply chain security at the Trusted Computing Group (TCG). TCG is a non-profit organization that develops, defines and promotes open and vendor-neutral industry specifications and standards for trusted computing platforms, including the widely used Trusted Platform Module (TPM). | Guideline | ||
|
2021-10-19 14:17:42 | Customer Data Privacy Provider Skyflow Raises $45 Million (lien direct) | Customer data privacy company Skyflow today announced that it has raised $45 million in Series B funding. Over the past 18 months, the company has raised $70 million. The new funding round was led by Insight Partners. Mouro Capital, MS&AD Ventures, Canvas Ventures, Foundation Capital, and Coinbase board member Gokul Rajaram also participated. | |||
|
2021-10-19 13:46:39 | Valence Emerges From Stealth to Address Business App Connectivity Risks (lien direct) | Another Israel-based cybersecurity startup has emerged from stealth mode. The company, Valence, claims to have developed a platform that leverages zero trust principles to help organizations manage risks associated with the connectivity between various business applications. | |||
|
2021-10-19 13:03:48 | University of Pittsburgh Medical Center Hacker Sentenced to Prison (lien direct) | The individual who hacked the human resources databases of the University of Pittsburgh Medical Center was sentenced to seven years in prison, the United States Department of Justice announced. | |||
|
2021-10-19 12:56:14 | SASE Firm Cato Networks Raises $200 Million at $2.5 Billion Valuation (lien direct) | Tel Aviv, Israel-based Secure Access Service Edge (SASE) provider Cato Networks on Tuesday announced raising $200 million at a market valuation of $2.5 billion. | |||
|
2021-10-19 11:11:25 | The VC View: Vendor Risk Management (lien direct) | Unlike other areas of security, the COVID-19 pandemic has not made a big impact on the Vendor risk management (VRM) sector. This space would have been a Top 10 security project even without a pandemic, as it has been going down this path for years: moving away from security questionnaires to finding something more predictable, useful and scalable. | |||
|
2021-10-19 10:52:43 | $1.9 Million Paid Out for Exploits at China\'s Tianfu Cup Hacking Contest (lien direct) | 
iOS 15, Chrome, Windows, VMware Hacked at China's Tianfu Cup
|
|||
|
2021-10-19 10:27:04 | Has Facebook Sidestepped GDPR\'s User Consent Requirements? (lien direct) | 
|
|||
|
2021-10-18 23:51:16 | Sinclair Hit by Ransomware Attack, TV Stations Disrupted (lien direct) | Sinclair Broadcast Group, which operates dozens of TV stations across the U.S., said Monday that some of its servers and work stations were encrypted with ransomware and that data was stolen from its network. | Ransomware | ||
|
2021-10-18 17:39:30 | Free Decryptor Released for BlackByte Ransomware (lien direct) | Trustwave's SpiderLabs security researchers have released a free decryptor that victims of the BlackByte ransomware can use to restore their files. | Ransomware | ||
|
2021-10-18 16:54:38 | Private Data Sharing Firm TripleBlind Raises $24 Million in Series A Funding (lien direct) | Private data sharing solutions provider TripleBlind on Monday announced raising $24 million in an oversubscribed Series A funding round, which brings the total raised by the company to more than $32 million. | |||
|
2021-10-18 13:41:58 | Third Party Attacks Are Increasing, But Third-Party Risk Management Is Failing (lien direct) | The risks associated with supply chain (for software and services) is huge and growing. A new report shows that boardroom awareness and budgets for third-party risk management has increased; but this is not necessarily translating into effective action. | |||
|
2021-10-18 13:32:43 | Banks Informed U.S. Treasury of $590 Million in Ransomware Payments (lien direct) | The United States Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) has identified a total of 177 cryptocurrency wallets associated with the top 10 most commonly reported ransomware variants during the first half of the year. | Ransomware | ||
|
2021-10-18 12:49:42 | Password Auditing Tool L0phtCrack Released as Open Source (lien direct) | The password auditing and recovery tool L0phtCrack is now open source and the project is looking for both maintainers and contributors. First released in 1997, L0phtCrack can be used to test password strength and recover lost Windows passwords via dictionary, brute-force, and other types of attacks. | Tool | ||
|
2021-10-18 12:18:18 | Many Prometheus Endpoints Expose Sensitive Data (lien direct) | Unprotected instances of open source event monitoring solution Prometheus may leak metric and label data to the Internet, software company JFrog warns. | |||
|
2021-10-18 12:04:26 | Accenture Confirms Data Stolen in Ransomware Attack (lien direct) | Consulting giant Accenture has confirmed that proprietary information was stolen in a ransomware attack disclosed in August 2021. | Ransomware | ||
|
2021-10-18 10:19:14 | Missouri Governor Urged to Appoint Cybersecurity Panel (lien direct) | Three months after creation of a commission to identify cybersecurity risks in state government, Missouri Gov. Mike Parson has yet to appoint any members. A state lawmaker said Friday that vulnerabilities exposed on a state website prove the need for just such a panel of experts. | |||
|
2021-10-16 01:24:11 | Cyberattack Disrupts Services at Ecuador\'s Largest Bank (lien direct) | Customers of Ecuador's largest bank continued to experience service disruptions on Friday following a cyberattack on the institution several days earlier. | |||
|
2021-10-15 18:11:10 | Twitch Says Hack Impacted \'Small Fraction of Users\' (lien direct) | Amazon-owned live streaming service Twitch on Friday shared another update on the recent data breach. The company says it's confident that only a “small fraction of users” are affected and that customer impact is minimal. The company said the breach was a result of a server configuration change that allowed the hackers to gain access to its systems. | Hack | ||
|
2021-10-15 13:22:31 | Russia-Linked TA505 Back at Targeting Financial Institutions (lien direct) | Russia-linked threat actor TA505 has been observed using a lightweight Office file for malware distribution in a new campaign targeting financial institutions in multiple geographies. The attacks target organizations across multiple sectors in Canada, the United States, Hong Kong, Europe, and more, and have seen low detection rates in Google's VirusTotal scanning engine. | Malware Threat | ||
|
2021-10-15 12:47:22 | Nations Vow to Combat Ransomware at US-Led Summit (lien direct) | Over two dozen nations resolved Thursday to battle collectively against the global and escalating threat posed by cyber-extortionists, following a Washington-led anti-ransomware summit. | Ransomware Threat | ||
|
2021-10-15 11:51:33 | Ransomware Hit SCADA Systems at 3 Water Facilities in U.S. (lien direct) | 
U.S. Warns of Attacks Targeting IT and OT Systems in Water Facilities
|
|||
|
2021-10-15 11:07:26 | Researchers Disclose New Side-Channel Attacks Affecting All AMD CPUs (lien direct) | Researchers have disclosed the details of new timing and power-based side-channel attacks that affect all CPUs made by AMD, but the chipmaker says no new mitigations are necessary. | |||
|
2021-10-15 10:42:43 | Deepfence Open Sources Vulnerability Mapping Tool \'ThreatMapper\' (lien direct) | Cloud and container security company Deepfence this week announced the open source availability of ThreatMapper, a tool designed to help organizations scan for, map, and rank application vulnerabilities. By performing post-deployment scans of applications and infrastructure, the platform seeks to identify emerging threats in both first-party and third-party solutions. | Tool Vulnerability | ★★★★ | |
|
2021-10-15 10:20:52 | Juniper Networks Patches Over 70 Vulnerabilities (lien direct) | Networking and cybersecurity solutions provider Juniper Networks this week released more than 40 security advisories to describe over 70 vulnerabilities that affect the company's products. | |||
|
2021-10-15 09:51:02 | S Korea Seeks Interpol Notice for Two Cyber Gang Leaders (lien direct) | South Korea said Friday it's asked Interpol for help to arrest two foreigners it alleges played a leading role in cyberattacks and large-scale extortion that targeted South Korean and U.S. companies. | Guideline | ||
|
2021-10-14 18:12:38 | VirusTotal Shares Analysis of 80 Million Ransomware Samples (lien direct) | At least 130 ransomware families were active in 2020 and in the first half of 2021, according to a recent data analysis from Google's VirusTotal scanning service. | Ransomware | ||
|
2021-10-14 15:00:08 | NFT Marketplace OpenSea Patches Flaw Potentially Leading to Cryptocurrency Theft (lien direct) | OpenSea, the world's largest NFT marketplace, has addressed a security vulnerability that could have allowed hackers to hijack user accounts and empty their crypto wallets with the help of maliciously crafted NFTs (non-fungible tokens). | Vulnerability | ||
|
2021-10-14 13:28:42 | Israeli Hospital Targeted in Ransomware Attack (lien direct) | An Israeli hospital was targeted Wednesday by a ransomware attack, officials said, with the state's cyber directorate calling it the first such attack on a hospital in the country. The Hillel Yaffe Medical Center is "currently using alternative systems to treat its patients", it said in a statement, describing the attack as "totally unexpected". | Ransomware | ||
|
2021-10-14 13:17:45 | Cyber Insurance Firm At-Bay Announces $20 Million Series D Extension (lien direct) | At-Bay, the cyber insurance company that aims to reduce ransomware risk, this week announced a $20 million extension to its Series D funding round. | Ransomware | ||
|
2021-10-14 12:54:10 | Hackers Claim to Have Stolen 60 GB of Data From Acer (lien direct) | A group of hackers claims to have stolen more than 60 gigabytes of data after breaching servers belonging to Taiwanese tech giant Acer. In a post on a publicly accessible hacker forum, a group calling itself “Desorden” claimed to have stolen databases and other files from breached Acer India servers. | |||
|
2021-10-14 11:14:55 | Data Privacy Compliance Startup CYTRIO Launches With $3.5 Million in Funding (lien direct) | Data privacy compliance startup CYTRIO this week announced its launch with $3.5 million in seed funding from Dreamit Ventures, Food Retail Ventures and Rockwood Group, as well as angel investors. | |||
|
2021-10-14 10:41:06 | Nations Reveal Ransomware Pain at US-Led Summit (lien direct) | A digital "disaster" in Germany, growing attacks in the United Arab Emirates and even Israel announcing a blitz underway: nations disclosed their struggle Wednesday against cyber-extortionists at a Washington-led anti-ransomware summit. | Ransomware | ||
|
2021-10-14 10:29:36 | How Do We Know About New Phishing Attacks? Because Some Human Reported It. (lien direct) | Keep training your people about the newest threats - the power of the collective is a critical element in how to stop phishing We hear it all the time: “The human is the weakest link!” or “People can't get their heads around the technology so how can we expect them to know bad when they see it?” | |||
|
2021-10-14 09:55:09 | Microsoft Adds Power Platform to Bug Bounty Program (lien direct) | Microsoft this week announced that it is now accepting vulnerability submissions for the Power Platform. Security researchers who hunt for and report security errors in Power Platform can now earn up to $20,000 in bounty rewards for severe flaws, as part of the recently rebranded Dynamics 365 and Power Platform Bounty Program. | Vulnerability | ||
|
2021-10-13 20:51:19 | Necro Python Botnet Starts Targeting Visual Tools DVRs (lien direct) | Security researchers have spotted signs of the Necro Python botnet targeting a vulnerability in Visual Tools DVR systems to install a Monero miner on infected systems. | Vulnerability | ||
|
2021-10-13 18:58:26 | OpenSSF Bags $10 Million Investment (lien direct) | The Linux Foundation has secured a new $10 million investment that will help expand and support the Open Source Security Foundation (OpenSSF). | |||
|
2021-10-13 18:27:31 | Intel, VMWare Join Patch Tuesday Parade (lien direct) | Technology giants Intel Corp. and VMWare joined the Patch Tuesday parade this week, rolling out fixes for security defects that expose users to malicious hacker attacks. | |||
|
2021-10-13 15:14:52 | Vendor Risk Management Firm Black Kite Raises $22 Million (lien direct) | Black Kite, a provider of third-party cyber risk rating services, announced today that it has raised $22 million in a Series B funding round led by Volition Capital, bringing the total raised by the Boston, Mass.-based company to more than $33.1 million. | |||
|
2021-10-13 14:40:12 | OT Cybersecurity Firm Shift5 Raises $20 Million to Protect Planes, Trains and Tanks (lien direct) | Shift5, an operational technology (OT) cybersecurity company specializing in transportation infrastructure and weapons systems, this week announced raising $20 million in a Series A funding round. The funding was led by 645 Ventures, with participation from Squadra Ventures, General Advance, and First In. | |||
|
2021-10-13 13:43:00 | Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes (lien direct) | Over the past few months, a threat actor has been increasingly breaching enterprise networks to steal data and extort victims, but without disrupting their operations, researchers with the NCC Group reveal. | Threat | ||
|
2021-10-13 13:08:35 | US Talks Global Cybersecurity Without a Key Player: Russia (lien direct) | Russia, which hosts many of the criminal syndicates behind ransomware attacks around the world was not invited to an international counter-ransomware event | Ransomware | ||
|
2021-10-13 12:20:12 | Apple Points to Android Malware Infections in Argument Against Sideloading on iOS (lien direct) | Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS Apple on Wednesday published a 30-page threat analysis report in an effort to show why allowing sideloading on iOS would pose serious privacy and security risks to iPhone users. | Malware Threat | ||
|
2021-10-13 10:07:23 | SAP Patches Critical Vulnerabilities in Environmental Compliance (lien direct) | On Tuesday, its October 2021 Security Patch Day, SAP announced the release of 13 new security notes and an update for a previously released note. Three of the notes are rated Hot News. | |||
|
2021-10-12 20:13:06 | CrowdStrike Launches Falcon XDR, Free Edition of Humio Data Warehouse (lien direct) | CrowdStrike made two major announcements at its own Fal.Con (virtual) conference this week, launching a free Community Edition of Humio, and announcing Falcon XDR. | |||
|
2021-10-12 19:53:49 | MS Patch Tuesday: 71 Vulns, One Exploited as Zero-Day (lien direct) | The Microsoft Patch Tuesday freight train for October rolled in with fixes for at least 71 security defects in Windows products and components and an urgent warning about a newly discovered zero-day cyberespionage campaign. | |||
|
2021-10-12 18:22:47 | Medical Technology Company Olympus Discloses Cyberattack (lien direct) | Japanese medical technology company Olympus this week revealed that its operations in the Americas were affected by a cyberattack. Detected on October 10, the attack forced the company to shut down some of its systems, but Olympus says that it is already working on restoring them back to normal. | |||
|
2021-10-12 17:57:58 | Adobe Patches Critical Code Execution Vulnerabilities in Several Products (lien direct) | Adobe on Tuesday announced that it has patched a total of 10 vulnerabilities across its Acrobat and Reader, Connect, Commerce, and Campaign Standard products. | |||
|
2021-10-12 15:50:58 | CISO Forum Panel: Navigating SBOMs and Supply Chain Security Transparency (lien direct) | At SecurityWeek's 2021 CISO Forum, a high-powered panel of experts discussed specific ways an SBOM can improve supply chain security and where expectations may be overblown. The conversation covers edge cases that are turning out to be more troublesome than anticipated and what might come next after SBOM and where there are opportunities for innovation (e.g., new tooling or standa | |||
|
2021-10-12 15:08:23 | Cybereason Partners With Google Chronicle on XDR Product (lien direct) | Extended Detection and Response (XDR) is touted as the security solution for the increasingly complex modern IT ecosphere. The principle is to extend EDR threat hunting beyond the endpoint and across the entire infrastructure. Cybereason has announced a partnership with Google Chronicle – the latter to provide ecosphere data, and the former to provide the threat hunting capability. | Threat |
To see everything:
Our RSS (filtrered)
