What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-01 15:25:54 | Becoming Elon Musk – the Danger of Artificial Intelligence (lien direct) | A Tel Aviv, Israel-based artificial intelligence (AI) firm, with a mission to build trust in AI and protect AI from cyber threats, privacy issues, and safety incidents, has developed the opposite: an attack against facial recognition systems that can fool the algorithm into misinterpreting the image. | |||
|
2021-07-01 15:22:08 | (Déjà vu) Cybersecurity M&A Roundup: 37 Deals Announced in June 2021 (lien direct) | 
A total of 37 cybersecurity-related acquisitions and mergers were announced in June 2021.
|
|||
|
2021-07-01 14:49:43 | Critical, Exploitable Flaws in NETGEAR Router Firmware (lien direct) | Security researchers at Microsoft are flagging multiple gaping security holes in firmware shipped on NETGEAR routers, warning that exploitation could lead to identity theft and full system compromise. | Guideline | ||
|
2021-07-01 14:17:15 | Study Finds Insurance Companies Lack Cyber Hygiene (lien direct) | A study of exposed web-app attack surface reveals that insurance companies are not good at keeping their own security house in order | |||
|
2021-07-01 14:12:44 | Google, OpenSSF Update Scorecards Project With New Security Checks (lien direct) | Google's Open Source security team, in collaboration with the Open Source Security Foundation (OpenSSF) community, today announced an update to the Scorecards project to include more security checks. | |||
|
2021-07-01 11:54:04 | Twitter Enables Use of Security Keys as Sole Two-Factor Authentication Method (lien direct) | Twitter this week announced that it allows users to enroll security keys and use them as the only form of two-factor authentication (2FA) to secure their accounts. | ★★★★★ | ||
|
2021-07-01 11:28:24 | (Déjà vu) CISA Adds Ransomware Module to Cyber Security Evaluation Tool (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the release of a new module for its Cyber Security Evaluation Tool (CSET), namely the Ransomware Readiness Assessment (RRA). | Ransomware Tool | ||
|
2021-07-01 11:07:38 | Vulnerability Found in Industrial Remote Access Product From Claroty (lien direct) | The Secure Remote Access (SRA) product of industrial cybersecurity firm Claroty is affected by a vulnerability that could be useful to threat actors targeting industrial organizations. | Vulnerability Threat | ||
|
2021-07-01 10:28:50 | Microsoft Exec: Targeting of Americans\' Records \'Routine\' (lien direct) | Federal law enforcement agencies secretly seek the data of Microsoft customers thousands of times a year, according to congressional testimony Wednesday by a senior executive at the technology company. | |||
|
2021-07-01 03:50:52 | Authorities Take Down DoubleVPN Service for Aiding Cybercriminals (lien direct) | Law enforcement agencies in Europe, the US, and Canada on Tuesday announced the takedown of DoubleVPN, a virtual private network (VPN) service that allegedly helped cybercriminals conduct nefarious activities. | |||
|
2021-06-30 16:59:19 | IBM Gifts Threat Hunting Tool to Open Cybersecurity Alliance (lien direct) | IBM Corp. on Wednesday announced that it is contributing the Kestrel open-source programming language for threat hunting to the Open Cybersecurity Alliance (OCA). | Tool Threat | ||
|
2021-06-30 15:09:16 | Ransomware Increasingly Detected on Industrial Systems: Report (lien direct) | Trend Micro on Wednesday released a new report describing the threats affecting industrial control system (ICS) endpoints in 2020. According to the report, ransomware infections saw a significant increase last year, mainly due to a rise in Sodinokibi (REvil), Ryuk, Nefilim and LockBit attacks launched between September and December. | Ransomware | ||
|
2021-06-30 14:51:29 | Putin\'s Phone-in Hit by \'Cyberattacks\' (lien direct) | A televised phone-in with Russian President Vladimir Putin Wednesday was targeted by "powerful" cyberattacks, the state-run Rossiya 24 network which broadcast the event said. Shown on Kremlin-friendly media, the annual session with Putin sees the president field in real time queries submitted by Russians throughout the country. | |||
|
2021-06-30 14:08:12 | Windows Admins Scrambling to Contain \'PrintNightmare\' Flaw Exposure (lien direct) | Windows network administrators are scrambling to contain the fallout from the release of proof-of-concept code for a nasty Windows Print Spooler vulnerability that exposes Windows servers to remote code execution attacks. | |||
|
2021-06-30 13:46:13 | Facebook Sues Four Vietnamese Nationals for Hacking Accounts (lien direct) | Facebook this week announced filing two lawsuits - one against an organization and its agents and one against four individuals in Vietnam - over advertising-related schemes. | |||
|
2021-06-30 12:48:54 | Zero-Day Vulnerability Exploited in Recent Attacks on WD Storage Devices (lien direct) | Western Digital (WD) on Tuesday confirmed that the recent attacks targeting some of its older network-attached storage (NAS) devices involved the exploitation of a zero-day vulnerability. | Vulnerability | ||
|
2021-06-30 12:22:01 | Noname Security Raises $60 Million in Series B Funding (lien direct) | API security platform Noname Security today announced that it has raised $60 million in Series B funding. The new round brings the total raised by the company to $85 million. | |||
|
2021-06-30 11:39:09 | Authorities Lag Against Fast-Evolving Cyberspace Threats: Report (lien direct) | Governments worldwide are too often playing catch-up against private cyberspace operators in what is poised to become a key arena for defending national interests, the International Institute for Strategic Studies said Tuesday. | Studies | ||
|
2021-06-30 11:14:33 | Google Working on Patching GCP Vulnerability That Allows VM Takeover (lien direct) | A security researcher has disclosed the details of a vulnerability that can be exploited to take over virtual machines (VMs) on Google Cloud Platform. | Vulnerability Patching | ||
|
2021-06-30 00:48:49 | Colombia Catches Hacker Wanted in the U.S. for \'Gozi\' Virus (lien direct) | Colombian officials say they have arrested a Romanian hacker who is wanted in the U.S. for distributing a virus that infected more than a million computers from 2007 to 2012. | |||
|
2021-06-29 17:09:04 | Authentication Bypass in Adobe Experience Manager Impacts Large Organizations (lien direct) | Multiple large organizations were found to be impacted by an authentication bypass in Adobe Experience Manager CRX Package Manager, according to a warning from security vendor Detectify. | |||
|
2021-06-29 14:48:32 | Anti-Threat Intelligence Firm GreyNoise Scores Investment From CIA-backed In-Q-Tel (lien direct) | Start-up Helps Combat Analyst Alert Fatigue | |||
|
2021-06-29 13:41:46 | New Security Measures Announced for Google Play Developer Accounts (lien direct) | Google on Monday announced new security measures for developer accounts on Google Play, meant to ensure that each account is created by a real person. | |||
|
2021-06-29 12:58:18 | High-Severity Vulnerabilities Found in Several Phoenix Contact Industrial Products (lien direct) | Germany-based industrial solutions provider Phoenix Contact last week informed customers that a total of 10 vulnerabilities have been identified across several of the company's products. | |||
|
2021-06-29 12:17:09 | HealthVerity Raises $100 Million in Series D Funding (lien direct) | Healthcare data management provider HealthVerity this week announced that it has raised $100 million in Series D funding, which brings the total raised by the company to $142 million. | |||
|
2021-06-29 11:38:14 | Malvuln Project Catalogues 260 Vulnerabilities Found in Malware (lien direct) | 
|
Malware | ||
|
2021-06-29 11:05:13 | UN Security Council Confronts Growing Threat of Cyber Attacks (lien direct) | The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure, an issue Joe Biden recently raised with his Russian counterpart Vladimir Putin. | Threat | ||
|
2021-06-29 10:34:08 | (Déjà vu) SentinelOne Hopes to Raise $1 Billion in IPO After Increasing Price Range (lien direct) | SentinelOne on Monday updated the terms of its initial public offering (IPO), and the endpoint security company is now hoping to raise over $1 billion. SentinelOne filed for an IPO in early June and in an amendment made to its S-1 registration statement on June 21 the company revealed that it's offering 32 million shares of its Class A common stock. | |||
|
2021-06-28 21:20:34 | Threat Actor Abuses Microsoft\'s WHCP to Sign Malicious Drivers (lien direct) | Microsoft is investigating an incident where a threat actor submitted malicious drivers for certification through the Windows Hardware Compatibility Program. Built by a third-party, the drivers were designed to target gaming environments and could allow the attacker to spoof their location and play from anywhere. | Threat | ||
|
2021-06-28 21:11:41 | Mozilla Launches Privacy-Focused Browsing Data Sharing Platform (lien direct) | Mozilla has a new privacy-focused data sharing platform that provides users with increased control of their data and also allows them to contribute to a better Internet. | |||
|
2021-06-28 16:16:53 | Like Their Adversaries, Threat Hunters Need Anonymity (lien direct) | The pivot to remote work forced by the Covid-19 outbreak was sudden, but security stepped up to the challenge. According (ISC)², the association of certified cybersecurity professionals, three out of ten said they had a day or less to secure their employers' remote workers. | Threat | ||
|
2021-06-28 14:02:33 | Mercedes-Benz USA Says Vendor Exposed Customer Information (lien direct) | Mercedes-Benz USA said last week that sensitive personal information pertaining to its customers was inadvertently exposed by a vendor. | |||
|
2021-06-28 12:42:16 | GitHub Paid Out Over $1.5 Million via Bug Bounty Program Since 2016 (lien direct) | Microsoft-owned software development solutions provider GitHub announced on Friday that it has paid out more than $1.5 million through its bug bounty program since 2016, when it started using the HackerOne bug bounty platform. | |||
|
2021-06-28 11:50:49 | Microsoft: SolarWinds Hackers Continue to Target IT Companies (lien direct) | Microsoft says it has observed new activity associated with Nobelium, the Russia-linked threat actor that compromised IT management and monitoring solutions provider SolarWinds. | Threat | ||
|
2021-06-28 11:31:03 | XSS Vulnerability in Cisco Security Products Exploited in the Wild (lien direct) | A cross-site scripting (XSS) vulnerability patched last year in Cisco's Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has reportedly been exploited in the wild. | Vulnerability Threat | ||
|
2021-06-28 10:19:40 | Cybersecurity Leaders Scramble to Decipher SBOM Mandate (lien direct) | 
|
Guideline | ||
|
2021-06-28 08:44:42 | NewsBlur Restores Service After Hacker Wipes Database (lien direct) | Personal news reader NewsBlur was down for several hours last week after a hacker managed to wipe the service's database. The hacker was able to gain access to the database while the RSS reader was being transitioned to Docker, which circumvented some firewall rules and opened the NewsBlur MongoDB database to the public. | |||
|
2021-06-25 17:22:59 | Bit Discovery Banks $4 Million for Attack Surface Management Tech (lien direct) | Jeremiah Grossman's Bit Discovery has banked another $4 million in venture capital funding to compete in the crowded attack surface management space. | |||
|
2021-06-25 15:03:59 | AWS Acquires Encrypted Communications Service Wickr (lien direct) | Amazon's AWS subsidiary on Friday announced the acquisition of Wickr, a late-stage startup that sells end-to-end encrypted communications tools. Financial terms of the transaction were not released. Prior to the acquisition, Wickr raised a total of $73 million over four rounds of venture capital funding. | |||
|
2021-06-25 14:17:19 | Old Vulnerability Exploited to Hack, Wipe WD Storage Devices (lien direct) | Many owners of My Book Live and My Book Live Duo network-attached storage (NAS) devices made by Western Digital (WD) reported having their files wiped, and it seems that it's the result of an attack exploiting an old vulnerability. | Vulnerability | ★★★ | |
|
2021-06-25 12:38:30 | Google Rolling Out Security Update for Google Drive (lien direct) | Google this week announced a security update for Google Drive that is meant to make sharing links more secure for files stored with the service. | |||
|
2021-06-25 11:51:47 | Member of FIN7 Cybercrime Gang Sentenced to Prison in U.S. (lien direct) | A Ukrainian man has been sentenced to seven years in prison in the United States for his role within the cybercrime group known as FIN7. | |||
|
2021-06-25 11:08:59 | Vulnerabilities Expose Fortinet Firewalls to Remote Attacks (lien direct) | A high-severity vulnerability patched recently by Fortinet in its FortiWeb web application firewall (WAF) can be exploited to execute arbitrary commands. The flaw can pose an even more serious risk if it's chained with a misconfiguration and another recently discovered security hole. | Vulnerability | ||
|
2021-06-25 10:07:27 | Dutch Group Launches Data Harvesting Claim Against TikTok (lien direct) | A Dutch consumer group is launching a 1.5 billion euro ($1.8 billion) claim against TikTok over what it alleges is unlawful harvesting of personal data from users of the popular video sharing platform. | ★★ | ||
|
2021-06-25 08:45:07 | Researchers Detail Exploit Chain for Hijacking Atlassian Accounts (lien direct) | Researchers at cybersecurity firm Check Point discovered several vulnerabilities that could have been chained to take over Atlassian accounts or access a company's Bitbucket-hosted source code. Atlassian patched the flaws before their details were made public. | |||
|
2021-06-24 20:22:58 | Eclypsium: BIOSConnect Flaws Haunt Millions of Dell Computers (lien direct) | Security researchers at Eclypsium have figured out a way to exploit a set of high-severity vulnerabilities that expose millions of Dell computers to stealthy hacker attacks. | |||
|
2021-06-24 19:02:06 | Zyxel Warns Customers of Attacks on Security Appliances (lien direct) | Networking device manufacturer Zyxel has issued an alert to warn customers of attacks targeting a subset of security appliances that have remote management or SSL VPN enabled. | |||
|
2021-06-24 18:26:17 | Google Delays Phase Out of Tracking Tech by Nearly 2 Years (lien direct) | Google will delay by nearly two years the phase out of Chrome web browser technology that tracks users for ad purposes, saying that it needs more time to develop a replacement system. | |||
|
2021-06-24 17:01:04 | EU Announces New Joint Cyber Unit to Protect Against Critical Attacks (lien direct) | Joint Cyber Unit will create more situational awareness and guarantee preparedness to large-scale cybersecurity crises | |||
|
2021-06-24 15:05:00 | Cybersecurity Companies Join Forces Against Controversial DMCA Section (lien direct) | The Electronic Frontier Foundation (EFF) along with nearly two dozen cybersecurity companies have signed a statement regarding the use of a controversial section of the Digital Millennium Copyright Act (DMCA) against security researchers. |
To see everything:
Our RSS (filtrered)
