What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-24 17:38:28 | Facebook Trumpets Massive New Supercomputer (lien direct) | Facebook's parent company Meta announced on Monday it was launching one of the world's most powerful supercomputers to boost its capacity to process data, despite persistent disputes over privacy and disinformation. | |||
|
2022-01-24 16:16:45 | CWP Flaws That Expose Servers to Remote Attacks Possibly Exploited in the Wild (lien direct) | Researchers discovered that the Control Web Panel (CWP) web hosting panel is affected by two serious vulnerabilities that can allow attackers to remotely hack servers, and it's possible that they may have already been exploited in the wild. | Hack | ||
|
2022-01-24 15:12:55 | Hacked AccessPress Site Served Backdoored WordPress Plugins, Themes (lien direct) | Unknown threat actors implanted backdoor code into multiple WordPress themes and plugins after compromising the website of their developer, Automattic's Jatpack security research team reports. | Threat | ||
|
2022-01-24 14:31:11 | GDPR Fines Surged Sevenfold to $1.25 Billion in 2021: Study (lien direct) | Fines issued for GDPR non-compliance increased sevenfold from 2020 to 2021, analysis shows | |||
|
2022-01-24 14:03:28 | Assange Wins First Stage in Effort to Appeal US Extradition (lien direct) | WikiLeaks founder Julian Assange on Monday won the first stage of his effort to overturn a U.K. ruling that opened the door for his extradition to U.S. to stand trial on espionage charges. | |||
|
2022-01-24 12:38:20 | Ukraine Attack: Hackers Had Access for Months Before Causing Damage (lien direct) | In the recent attack aimed at the Ukrainian government, the attackers likely had access to the targeted network for months before causing damage, according to Cisco's Talos threat intelligence and research unit. | Threat | ||
|
2022-01-24 11:54:38 | Russian Authorities Arrest Head of International Cybercrime Group (lien direct) | Four individuals believed to be members of the international cyber theft ring known as the “Infraud Organization” were arrested in Russia, news agency TASS reports. | |||
|
2022-01-21 17:19:32 | Cloud Security Provider Anitian Raises $55 Million (lien direct) | Cloud security and compliance automation startup Anitian this week closed a $55 million Series B funding round led by Sageview Capital. The new investment brings the total raised by Anitian $71 million and provides fresh capital to fuel ambitious expansion plans. | |||
|
2022-01-21 17:13:55 | CISA Releases Final IPv6 Security Guidance for Federal Agencies (lien direct) | The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) on Thursday released the final version of its IPv6 security guidance for federal agencies. | |||
|
2022-01-21 16:14:21 | DoH Makes It Difficult to Track Botnets: Spamhaus (lien direct) | The use of DNS over HTTPS (DoH) for command and control communications is making it more difficult to track botnets, according to anti-spam nonprofit Spamhaus. | |||
|
2022-01-21 14:38:03 | F5 Patches Two Dozen Vulnerabilities in BIG-IP (lien direct) | Cloud security and application delivery solutions provider F5 this week announced patches for 25 vulnerabilities affecting its BIG-IP, BIG-IQ, and NGINX products. A total of 23 security flaws were addressed in the BIG-IP application delivery controller (ADC), including 13 high-severity issues, all of which carry a CVSS score of 7.5. | |||
|
2022-01-21 14:04:11 | Industry Reactions to Biden Cybersecurity Memo: Feedback Friday (lien direct) | U.S. President Joe Biden this week signed a memorandum on boosting the cybersecurity of National Security, Department of Defense, and Intelligence Community Systems. | |||
|
2022-01-21 13:13:34 | High-Severity Vulnerabilities Patched in McAfee Enterprise Product (lien direct) | Two high-severity vulnerabilities that can be exploited for privilege escalation have been patched in a McAfee enterprise product component. | |||
|
2022-01-21 13:04:31 | Dark Web Chatter: What Other Russian Hackers Are Saying About the REvil Arrests (lien direct) | The takedown of the REvil ransomware gang by the Russian FSB on January 14, 2022, took the world by surprise. Before this, the unwritten rule was that hackers would be safe in Russia provided they did not attack Russia. | Ransomware | ||
|
2022-01-21 12:24:41 | FBI Warns Organizations of Diavol Ransomware Attacks (lien direct) | The Federal Bureau of Investigation (FBI) this week shared a series of indicators of compromise (IoCs) associated with the Diavol ransomware family. | Ransomware | ||
|
2022-01-21 12:05:57 | Insurance and Fintech Firm Acrisure Launches Cyber Services Division (lien direct) | 
|
|||
|
2022-01-21 09:34:39 | Nigerian Authorities Arrest 11 Members of Prolific BEC Fraud Group (lien direct) | Nigerian authorities have arrested 11 individuals believed to be members of the business email compromise (BEC) crime ring tracked as SilverTerrier. The 11 suspects were arrested as part of a 10-day operation (December 13-22, 2021) in which the Nigerian Police collaborated with Interpol and private security firms Palo Alto Networks and Group-IB. | |||
|
2022-01-20 20:02:27 | Security Scanners Across Europe Tied to China Govt, Military (lien direct) | At some of the world's most sensitive spots, authorities have installed security screening devices made by a single Chinese company with deep ties to China's military and the highest levels of the ruling Communist Party. | |||
|
2022-01-20 19:32:15 | Prolific Chinese APT Caught Using \'MoonBounce\' UEFI Firmware Implant (lien direct) | Threat hunters at Kaspersky have spotted a well-known Chinese APT actor using an UEFI implant to maintain stealthy persistence across reboots, disk formatting or disk replacements. | |||
|
2022-01-20 18:47:33 | Cyber Insights 2022: Nation-States (lien direct) | 
|
Threat | ||
|
2022-01-20 18:44:20 | Cisco Patches Critical Vulnerability in RCM for StarOS (lien direct) | Cisco on Tuesday announced patches for a critical vulnerability in the Redundancy Configuration Manager (RCM) for the StarOS software running on its ASR 5000 networking devices. A Cisco proprietary node/network function, RCM delivers redundancy of StarOS-based user plane functions. | Vulnerability | ||
|
2022-01-20 18:24:07 | Seven Ways to Ensure Successful Cross-Team Security Initiatives (lien direct) | Many organizations have one or more strategic initiatives that involve a large amount of coordination and cooperation across functions and teams. In my experience, these cross-team initiatives are often the most challenging ones, while simultaneously being the most rewarding. There are a number of reasons why this is the case, though I'd like to take a look at a different angle in this piece. | |||
|
2022-01-20 15:40:18 | Resurrected jQuery UI Library Haunts Websites, Enterprise Products (lien direct) | Drupal developers this week informed users about several vulnerabilities discovered in a third-party library that was recently resurrected after it had apparently been discontinued. | |||
|
2022-01-20 14:26:12 | Software Supply Chain Attacks Tripled in 2021: Study (lien direct) | 2021 can be described as the year of the software supply chain attack – the year in which SolarWinds opened the world's eyes, and the extent of the threat became apparent. | Threat | ||
|
2022-01-20 13:42:59 | SolarWinds Patches Serv-U Vulnerability Propagating Log4j Attacks (lien direct) | SolarWinds this week released patches for a Serv-U vulnerability that Microsoft says has been abused for the propagation of Log4j attacks. | Vulnerability | ||
|
2022-01-20 13:03:39 | Data of 7 Million OpenSubtitles Users Leaked After Hack Despite Site Paying Ransom (lien direct) | OpenSubtitles Hack Shows Why Paying Ransom Offers No Guarantees Popular subtitles website OpenSubtitles on Tuesday admitted that its systems had been hacked after the details of nearly seven million user accounts were leaked, despite the site allegedly paying a ransom to avoid this situation. | Hack | ||
|
2022-01-20 12:26:32 | Red Cross Appeals to Hackers After Major Cyberattack (lien direct) | The International Committee of the Red Cross on Thursday made an appeal to hackers who seized a trove of private data, saying they were willing to speak "directly and confidentially" to those behind the cyberattack. | |||
|
2022-01-20 11:57:02 | NSA Authorized to Issue Binding Operational Directives to Boost NSS Cybersecurity (lien direct) | 
|
|||
|
2022-01-20 11:04:19 | Google Pays Out Over $100,000 for Vulnerabilities Patched With Chrome 97 Update (lien direct) | Google on Tuesday announced the release of 26 security patches as part of its latest Chrome update, including one for a critical-severity bug. A total of 22 vulnerabilities addressed with the latest Chrome refresh were reported by external researchers, including one critical-severity, 16 high-severity, and five medium-severity issues. | |||
|
2022-01-20 11:02:43 | Living Off the "Edge" of the Land (lien direct) | Edge-Access Trojans (EATs) allow attackers to collect data and even disrupt crucial decisions as the edge of the network | |||
|
2022-01-20 09:41:31 | Kaspersky Launches New Service for Removing Malicious Domains (lien direct) | Cybersecurity solutions provider Kaspersky this week announced the launch of a new service to help organizations take action against malicious websites. With the new Takedown Service, organizations essentially delegate Kaspersky to manage the process of eliminating phishing and other malicious domains that may target their brands. | |||
|
2022-01-19 21:43:47 | Red Cross Falls Victim to Massive Cyberattack (lien direct) | The International Committee of the Red Cross was the victim of a massive cyberattack in which hackers seized the data of more than 515,000 extremely vulnerable people, some of whom had fled conflicts, it said on Wednesday. | |||
|
2022-01-19 20:05:49 | Microsoft Edge Adds Security Mode to Thwart Malware Attacks (lien direct) | A new security feature in the latest beta of the Microsoft Edge browser can help protect web surfers from zero-day attacks. | Malware | ||
|
2022-01-19 19:56:02 | Project Zero: Zoom Platform Missed ASLR Exploit Mitigation (lien direct) | A prominent security researcher poking around at the Zoom video conferencing platform found worrying signs the company failed to enable a decades-old anti-exploit mitigation, a blunder that greatly increased exposure to malicious hacker attacks. | |||
|
2022-01-19 19:38:07 | FBI, US Agencies Look Beyond Indictments in Cybercrime Fight (lien direct) | The FBI and other federal agencies are increasingly looking to counter cyber threats through tools other than criminal indictments, the head of the bureau's cyber division said in an interview with The Associated Press. | |||
|
2022-01-19 18:44:07 | Thousands of Industrial Firms Targeted in Attacks Leveraging Short-Lived Malware (lien direct) | Thousands of industrial organizations worldwide have been hit in campaigns that leverage short-lived malware to harvest corporate credentials that are then sold by threat actors for a profit, according to Kaspersky. | Malware Threat | ||
|
2022-01-19 17:30:54 | U.S. Olympians Told to Use \'Burner Phones\' in China (lien direct) | 
Olympic athletes heading to China for the upcoming Winter Games should use burner phones and rental computers, and understand clearly that there's “no expectation of data security or privacy while operating in China.”
|
|||
|
2022-01-19 16:15:29 | Cloud Security Firm Polar Security Emerges From Stealth With $8.5 Million Seed Funding (lien direct) | Tel Aviv, Israel-based cloud security firm Polar Security has emerged from stealth with $8.5 million seed funding in a round led by Glilot Capital Partners with participation from IBI Tech Fund. | |||
|
2022-01-19 15:24:37 | Oracle\'s First Security Updates for 2022 Include 497 Patches (lien direct) | Oracle on Tuesday announced its first set of quarterly security updates for 2022, which include a total of 497 new patches. More than half of the addressed vulnerabilities can be exploited remotely without authentication. | |||
|
2022-01-19 14:27:42 | BlackBerry Researchers Dive Into Prometheus TDS Operations (lien direct) | BlackBerry's security researchers have closely analyzed the Prometheus TDS (Traffic Direction System) and discovered a correlation with a leaked Cobalt Strike SSL key pair, as well as with various malware families. | Malware | ||
|
2022-01-19 13:59:33 | 1Password Raises Mammoth $620 Million Funding Round (lien direct) | Investors continue to pour cash into Canadian password management software vendor 1Password, pushing the company's valuation to $6.8 billion. | |||
|
2022-01-19 13:31:16 | XDR Firm Trellix Launches Following Merger of McAfee Enterprise and FireEye (lien direct) | Private equity giant Symphony Technology Group (STG) on Wednesday announced the launch of Trellix, an extended detection and response (XDR) solutions provider created following the merger of McAfee Enterprise and FireEye. | |||
|
2022-01-19 12:37:35 | Ukraine Attacks Involved Exploitation of Log4j, October CMS Vulnerabilities (lien direct) | 
CISA Warns Organizations of 'Critical Threats' Following Ukraine Attacks
|
|||
|
2022-01-19 12:10:17 | Zero Trust Network Access Provider Banyan Security Raises $30 Million (lien direct) | Zero trust network access (ZTNA) solutions provider Banyan Security on Tuesday announced that it has raised $30 million in Series B funding, which brings the total raised by the company to $47 million. The funding round was led by Third Point Ventures, with participation from Alter Venture Partners, SIG, Shasta Ventures, and Unusual Ventures. | |||
|
2022-01-19 10:52:32 | Mandatory Chinese Olympics App Has \'Devastating\' Encryption Flaw: Analyst (lien direct) | An app all attendees of the upcoming Beijing Olympics must use has encryption flaws that could allow personal information to leak, a cyber security watchdog said Tuesday. | |||
|
2022-01-18 19:41:55 | Multi-Factor Authentication Bypass Led to Box Account Takeover (lien direct) | A vulnerability in Box's implementation of multi-factor authentication (MFA) allowed attackers to take over victim's accounts without having access to the victim's phone, according to new research from Varonis. | Vulnerability | ||
|
2022-01-18 19:41:26 | Cyber Insights 2022: Supply Chain (lien direct) | 
|
|||
|
2022-01-18 16:48:49 | Cloud Detection and Response Firm Permiso Emerges From Stealth With $10M in Funding (lien direct) | Cloud infrastructure identity detection and response firm Permiso has emerged from stealth with $10 million seed funding. The company identifies and tracks human, machine, vendor and service provider identities in IaaS and PaaS infrastructures. | |||
|
2022-01-18 16:39:54 | VirusTotal Hacking Offers a Supercharged Version of Google Hacking (lien direct) | Chronicle's VirusTotal (VT) is a boon to security researchers and a gift to potential criminals. Apart from virus samples it contains likely millions of user credentials readily available to anyone who knows where and how to look. | |||
|
2022-01-18 15:13:59 | Israel Lawmakers Outraged Over Claim Police Used NSO Spyware (lien direct) | Israeli lawmakers on Tuesday called for a parliamentary inquiry into the police's alleged use of sophisticated spyware on Israeli citizens, including protesters opposed to former Prime Minister Benjamin Netanyahu, following a newspaper report on the surveillance. |
To see everything:
Our RSS (filtrered)
