What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-01-25 12:00:57 | Illinois Court Exposes More Than 323,000 Sensitive Records (lien direct) | Unsecured Server Exposed Records Containing Sensitive Personal Data and Case Notes From Cook County Court | |||
|
2021-01-23 20:23:10 | Chipmaker Intel Corp. Blames Internal Error on Data Leak (lien direct) | The computer chipmaker Intel Corp. on Friday blamed an internal error for a data leak that prompted it to release a quarterly earnings report early. It said its corporate network was not compromised. | |||
|
2021-01-23 12:07:19 | SonicWall Says Internal Systems Targeted by Hackers Exploiting Zero-Day Flaws (lien direct) | Cybersecurity firm SonicWall said late on Friday that some of its internal systems were targeted by “highly sophisticated threat actors” exploiting what appear to be zero-day vulnerabilities affecting some of the company's products. | Threat | ||
|
2021-01-22 17:53:59 | Microsoft Edge Adds Password Generator, Drops Support for Flash, FTP (lien direct) | Microsoft has shipped the stable version of the Microsoft Edge 88 browser, featuring a brand new Password Generator and the ability to alert on compromised credentials. The browser refresh also drops support for the FTP protocol and for the Adobe Flash plugin. | |||
|
2021-01-22 16:03:09 | Biden Orders Intel Agencies to Provide Full Assessment of SolarWinds Hack (lien direct) | Just says into his leadership role, U.S. President Joe Biden has instructed U.S. intelligence agencies to provide him with a detailed assessment of the SolarWinds hack, which fueled a global cyber espionage campaign impacting many high-profile government agencies and businesses. | Hack Guideline | ||
|
2021-01-22 16:02:33 | Intel\'s Early Earnings Release Triggered by Hack (lien direct) | U.S. chip-making giant Intel Corp. has acknowledged a website hack and premature data disclosure forced the early release of its earnings report for the fourth quarter of 2020. | Hack | ||
|
2021-01-22 14:56:44 | Sophos: Crypto-Jacking Campaign Linked to Iranian Company (lien direct) | An Iran-based software company is likely behind a recently identified crypto-jacking campaign targeting SQL servers, according to a report by British anti-malware vendor Sophos. | |||
|
2021-01-22 13:28:38 | QNAP Warns NAS Users of \'dovecat\' Malware Attacks (lien direct) | QNAP this week warned users of attacks targeting QNAP NAS (network-attached storage) devices with a piece of malware named “dovecat.” | Malware | ||
|
2021-01-22 12:03:03 | Thousands of Unprotected RDP Servers Can Be Abused for DDoS Attacks (lien direct) | Cybercriminals have been abusing unprotected servers running Microsoft's Remote Desktop Protocol (RDP) service to launch distributed denial-of-service (DDoS) attacks, application and network performance management company NETSCOUT warned this week. | |||
|
2021-01-21 17:45:17 | Enterprise Credentials Publicly Exposed by Cybercriminals (lien direct) | Cybercriminals behind a successful phishing campaign have exposed more than 1,000 corporate employee credentials on the Internet, according to a warning from security vendor Check Point. | |||
|
2021-01-21 16:13:50 | Drupal Updates Patch Another Vulnerability Related to Archive Files (lien direct) | Security updates released this week by the developers of the Drupal content management system (CMS) patch a vulnerability identified in a third-party library. | Vulnerability | ||
|
2021-01-21 15:39:37 | Multi-Cloud Network Security Provider Valtix Raises $12.5 Million (lien direct) | Multi-cloud network security platform provider Valtix on Thursday announced that it raised $12.5 million in strategic funding. | |||
|
2021-01-21 15:25:39 | Microsoft Details OPSEC, Anti-Forensic Techniques Used by SolarWinds Hackers (lien direct) | Microsoft on Wednesday released another report detailing the activities and the methods of the threat actor behind the attack on IT management solutions firm SolarWinds, including their malware delivery methods, anti-forensic behavior, and operational security (OPSEC). | Malware Threat | ||
|
2021-01-21 14:05:06 | Cisco Patches Critical Vulnerabilities in SD-WAN, DNA Center, SSMS Products (lien direct) | Cisco this week released patches to address a significant number of vulnerabilities across its product portfolio, including several critical flaws in SD-WAN products, DNA Center, and Smart Software Manager Satellite (SSMS). | |||
|
2021-01-21 12:26:34 | Amazon Awards $18,000 for Exploit Allowing Kindle E-Reader Takeover (lien direct) | Amazon has awarded an $18,000 bug bounty for an exploit chain that could have allowed an attacker to take complete control of a Kindle e-reader simply by knowing the targeted user's email address. | |||
|
2021-01-21 04:52:12 | Scanning Activity Detected After Release of Exploit for Critical SAP SolMan Flaw (lien direct) | A Russian researcher has made public on GitHub a functional exploit targeting a critical vulnerability that SAP patched in its Solution Manager product in March 2020. | Vulnerability | ||
|
2021-01-20 17:18:21 | \'LuckyBoy\' Malvertising Campaign Hits iOS, Android, XBox Users (lien direct) | A recently identified malvertising campaign targeting mobile and other connected devices users makes heavy use of obfuscation and cloaking to avoid detection. | |||
|
2021-01-20 16:34:22 | In a Remote Work Era, a People-First Approach Keeps Threat Intelligence Teams on Track (lien direct) | Far Too Many Organizations Are Still Failing to Develop Intelligence Requirements Based on the Needs of Their Stakeholders | Threat | ||
|
2021-01-20 16:04:58 | Snort 3 Becomes Generally Available (lien direct) | Snort 3 was officially released on Tuesday and users have been advised to switch to Snort 3 from any previous version of the popular intrusion prevention and intrusion detection system (IPS/IDS). | |||
|
2021-01-20 15:42:10 | Oracle\'s January 2021 CPU Contains 329 New Security Patches (lien direct) | Oracle this week announced the availability of its first cumulative set of security fixes for 2021, which includes a total of 329 new patches. | |||
|
2021-01-20 14:42:53 | Ransomware Took Heavy Toll on US in 2020: Researchers (lien direct) | Ransomware attacks took a heavy toll on the United States last year with more than 2,000 victims in government, education and health care, security researchers say in a new report. | |||
|
2021-01-20 14:12:10 | Chrome 88 Drops Flash, Patches Critical Vulnerability (lien direct) | Google has released Chrome 88 to the stable channel with several security improvements inside, including patches for 36 vulnerabilities, one of which is rated critical severity, and dropped support for Adobe Flash. | Vulnerability | ||
|
2021-01-20 13:12:56 | New \'FreakOut\' Malware Ensnares Linux Devices Into Botnet (lien direct) | A recently identified piece of malware is targeting Linux devices to ensnare them into a botnet capable of malicious activities such as distributed denial of service (DDoS) and crypto-mining attacks. | Malware | ||
|
2021-01-20 12:41:51 | Malwarebytes Targeted by SolarWinds Hackers (lien direct) | Cybersecurity firm Malwarebytes on Tuesday revealed that it too was targeted by the hackers who breached the systems of Texas-based IT management company SolarWinds as part of a sophisticated supply chain attack. | |||
|
2021-01-20 11:37:44 | DNSpooq Flaws Expose Millions of Devices to DNS Cache Poisoning, Other Attacks (lien direct) | Researchers at Israel-based boutique cybersecurity consultancy JSOF this week disclosed the details of seven potentially serious DNS-related vulnerabilities that could expose millions of devices to various types of attacks. | |||
|
2021-01-19 19:04:57 | FireEye Releases New Open Source Tool in Response to SolarWinds Hack (lien direct) | FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds. | Hack Tool Threat | ||
|
2021-01-19 18:25:55 | Hundreds of Networks Still Host Devices Infected With VPNFilter Malware (lien direct) | The VPNFilter malware is still present in hundreds of networks and malicious actors could take control of the infected devices, according to researchers at cybersecurity firm Trend Micro. | Malware | VPNFilter VPNFilter | |
|
2021-01-19 14:12:55 | Microsoft Enables Automatic Remediation in Defender for Endpoint (lien direct) | Microsoft this week announced that it has enabled automatic threat remediation in Microsoft Defender for Endpoint for users who opted into public previews. | Threat | ||
|
2021-01-19 13:54:55 | SaaS Application Backup Firm Rewind Raises $15 Million (lien direct) | Backup-as-a-service (BaaS) provider Rewind on Tuesday announced it has raised $15 million in Series A funding. Founded in 2015, the Ottawa, Canada-based company helps customers secure business-critical software-as-a-service (SaaS) application and cloud data, and claims more than 80,000 organizations in over 100 countries rely on its solutions. | |||
|
2021-01-19 13:09:32 | SolarWinds Hackers Used \'Raindrop\' Malware for Lateral Movement (lien direct) | The threat group behind the supply chain attack that targeted Texas-based IT management company SolarWinds leveraged a piece of malware named Raindrop for lateral movement and deploying additional payloads, Broadcom-owned cybersecurity firm Symantec reported on Tuesday. | Malware Threat | Solardwinds | |
|
2021-01-19 12:33:32 | Swimlane Raises $40 Million to Expand SOAR Business (lien direct) | Swimlane, a provider of security orchestration, automation and response (SOAR) solutions, announced today that it has raised $40 million in growth funding. | |||
|
2021-01-19 12:07:05 | OpenWrt Informs Users of Forum Breach (lien direct) | The OpenWrt Project, the developer of the open source Linux operating system for embedded devices, informed users on Monday that someone had breached its forum over the weekend. | |||
|
2021-01-18 19:21:25 | FBI Warns of Employee Credential Phishing via Phone, Chat (lien direct) | The Federal Bureau of Investigation has issued a Private Industry Notification (PIN) to warn of attacks targeting enterprises, in which threat actors attempt to obtain employee credentials through vishing or chat rooms. | Threat | ||
|
2021-01-18 19:12:43 | Expired Domain Allowed Researcher to Hijack Country\'s TLD (lien direct) | A researcher claimed last week that he managed to take control of the country code top-level domain (ccTLD) for the Democratic Republic of Congo after an important domain name was left to expire. | |||
|
2021-01-18 17:51:34 | Researchers Estimate Ryuk Ransomware Operations to Be Worth $150 Million (lien direct) | The Ryuk ransomware criminal enterprise is estimated to be worth more than $150,000,000, security researchers say. | Ransomware | ||
|
2021-01-18 14:55:57 | Researchers Earn $50,000 for Hacking Apple Servers (lien direct) | A couple of researchers claim they have earned $50,000 from Apple for finding some serious vulnerabilities that gave them access to the tech giant's servers. | |||
|
2021-01-18 14:09:08 | Underground Carding Marketplace Joker\'s Stash Announces Shutdown (lien direct) | Joker's Stash, a large underground marketplace for stolen payment card data, has announced plans to shut down operations on February 15, 2021. The announcement was posted on a Russian-language cybercrime forum and detailed plans to cease all operations “forever.” | |||
|
2021-01-18 13:35:18 | WhatsApp Delays Data Sharing Change After Backlash (lien direct) | 
|
|||
|
2021-01-18 12:18:33 | Rob Joyce Appointed Director of Cybersecurity at NSA (lien direct) | The U.S. National Security Agency on Friday announced that Rob Joyce, an official who is highly respected in the cybersecurity community, has been named the agency's new director of cybersecurity.
|
|||
|
2021-01-16 15:47:14 | EU Regulator: Hackers \'Manipulated\' Stolen Vaccine Documents (lien direct) | The European Union's drug regulator said Friday that COVID-19 vaccine documents stolen from its servers by hackers have been not only leaked to the web, but “manipulated.” | |||
|
2021-01-15 19:17:34 | Tens of Vulnerabilities in Siemens PLM Products Allow Code Execution (lien direct) | Siemens this week informed customers that some of its product development solutions are affected by a total of nearly two dozen vulnerabilities that can be exploited for arbitrary code execution using malicious files. | |||
|
2021-01-15 19:00:11 | Data Security Startup Qohash Raises $6 Million (lien direct) | Canadian data security startup Qohash this week announced it raised CAD 8 million (approximately USD $6.3 million) in Series A funding. The financing was led by FINTOP Capital. | |||
|
2021-01-15 14:57:40 | Microsoft Reminds Organizations of Upcoming Phase in Patching Zerologon Vulnerability (lien direct) | Microsoft this week published a reminder for organizations that a February 9 security update will kick off the second phase of patching for the Zerologon vulnerability. | Vulnerability Patching | ||
|
2021-01-15 13:56:42 | Facebook Takes Legal Action Against Data Scrapers (lien direct) | Facebook on Thursday announced that it took legal action against two individuals for scraping data from its website. | |||
|
2021-01-15 13:12:25 | Malvuln Project Catalogues Vulnerabilities Found in Malware (lien direct) | 
A researcher has launched Malvuln, a project that catalogues vulnerabilities discovered in malware and provides information on how those vulnerabilities can be exploited.
|
Malware | ||
|
2021-01-15 12:11:18 | NSA Publishes Guidance for Enterprises on Adoption of Encrypted DNS (lien direct) | The National Security Agency (NSA) on Wednesday published guidance for businesses on the adoption of an encrypted domain name system (DNS) protocol, specifically DNS over HTTPS. | |||
|
2021-01-15 09:19:58 | Telegram-Based Automated Scam Service Helps Fraudsters Make Millions (lien direct) | More than 40 scammer groups are actively engaged in schemes leveraging a scam-as-a-service offering that provides users the tools and resources needed to conduct fraud, according to threat hunting and intelligence company Group-IB. | Threat | ||
|
2021-01-14 18:50:25 | Vulnerability Exposes F5 BIG-IP Systems to Remote DoS Attacks (lien direct) | A vulnerability discovered by a researcher in a BIG-IP product from F5 Networks can be exploited to launch remote denial-of-service (DoS) attacks. | Vulnerability | ||
|
2021-01-14 16:21:03 | Report: TikTok Harvested MAC Addresses By Exploiting Android Loophole (lien direct) | The ongoing controversies surrounding TikTok hit a new gear on Thursday with a bombshell report accusing the Chinese company of spying on millions of Android users using a technique banned by Google. | |||
|
2021-01-14 15:06:17 | CISA Warns Organizations About Attacks on Cloud Services (lien direct) | In light of successful cyberattacks targeting organizations' cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a series of recommendations on how businesses can improve their cloud security. |
To see everything:
Our RSS (filtrered)
