What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-25 14:54:45 | Changing Approaches to Preventing Ransomware Attacks (lien direct) | Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries | Ransomware Threat | ||
|
2021-10-25 14:21:51 | (Déjà vu) Cybersecurity M&A Roundup for October 11-24, 2021 (lien direct) | 
A total of 15 cybersecurity-related acquisitions were announced October 11-24, 2021.
|
|||
|
2021-10-25 12:26:34 | Researcher Earns $2 Million for Critical Vulnerability in Polygon (lien direct) | Security researcher Gerhard Wagner earned a $2 million bug bounty reward for a critical vulnerability in Polygon's Plasma Bridge that could have allowed a malicious user to submit the same withdrawal transaction 224 times, with different exit IDs. | Vulnerability | ||
|
2021-10-25 11:25:15 | Facebook Sues Ukrainian for Scraping, Selling Data of 178 Million Users (lien direct) | Facebook last week filed a lawsuit against a Ukrainian national who allegedly scraped the information of 178 million of its users and then sold the obtained information on hacker forums. | |||
|
2021-10-23 16:24:37 | \'Critical Severity\' Warning for Malware Embedded in Popular JavaScript Library (lien direct) | Security responders are scrambling this weekend to assess the damage from crypto-mining malware embedded in an npm package (JavaScript library) that counts close to 8 million downloads per week. | Malware | ||
|
2021-10-22 18:59:43 | REvil Ransomware Gang Hit by Law Enforcement Hack-Back Operation (lien direct) | The global fight against ransomware took a new twist this week with the United States leading a law enforcement effort to hack back and disrupt the extortion group behind the Colonial Pipeline cyberattack. | Ransomware Hack Guideline | ||
|
2021-10-22 17:16:58 | Microsoft Introduces Security Program for Non-Profits (lien direct) | Tech giant Microsoft has rolled out new security offering to provide non-profit organizationss with additional security in the event of a nation-state attack. | |||
|
2021-10-22 16:54:10 | US Intel Warns China Could Dominate Advanced Technologies (lien direct) | U.S. officials issued new warnings Friday about China's ambitions in artificial intelligence and a range of advanced technologies that could eventually give Beijing a decisive military edge and possible dominance over health care and other essential sectors in America. | |||
|
2021-10-22 15:13:47 | Organizations Can Now Try Out End-to-End Encrypted Microsoft Teams Calls (lien direct) | 
Microsoft this week announced that organizations can now enable their employees to make one-to-one calls on Teams that are protected by end-to-end encryption.
|
|||
|
2021-10-22 14:41:38 | Facebook Introduces New Tool for Finding SSRF Vulnerabilities (lien direct) | Facebook on Thursday announced a new tool designed to help security researchers hunt for Server-Side Request Forgery (SSRF) vulnerabilities. | Tool | ||
|
2021-10-22 14:12:12 | After Nation-State Hackers, Cybercriminals Also Add Sliver Pentest Tool to Arsenal (lien direct) | The cybercriminal group tracked as TA551 recently showed a significant change in tactics with the addition of the open-source pentest tool Sliver to its arsenal, according to cybersecurity firm Proofpoint. | Tool | ||
|
2021-10-22 11:24:28 | Snap\'s Stock Drops as iPhone Privacy Controls Pinch Ad Sales (lien direct) | Snapchat's corporate parent disclosed Thursday that its ad sales are being hurt by a privacy crackdown that rolled out on Apple's iPhones earlier this year, raising investor fears that the app's financial growth is going into a tailspin. | |||
|
2021-10-22 10:54:57 | Critical Vulnerabilities Found in AUVESY Product Used by Major Industrial Firms (lien direct) | A total of 17 types of vulnerabilities, including many rated critical and high severity, have been found by researchers in the Versiondog data management product made by AUVESY. | |||
|
2021-10-22 08:51:49 | Cookie Theft Malware Used to Hijack YouTube Accounts (lien direct) | Google says it has disrupted phishing attacks in which threat actors were attempting to use cookie theft malware to hijack YouTube accounts and abuse them to promote cryptocurrency scams. | Malware Threat | ||
|
2021-10-21 15:08:19 | Consumer Security Firm Aura Raises $200 Million at $2.5 Billion Valuation (lien direct) | Aura, a Burlington, MA-based company that provides cybersecurity solutions for consumers, has announced raising $200 million in a Series F funding round. The funding, which values Aura at $2.5 billion post money, brings the total raised by the firm to $650 million. | |||
|
2021-10-21 14:18:39 | FiveSys Rootkit Abuses Microsoft-Issued Digital Signature (lien direct) | A rootkit named FiveSys is able to evade detection and slip unnoticed onto Windows users' systems courtesy of a Microsoft-issued digital signature, according to security researchers with Bitdefender. | |||
|
2021-10-21 13:01:23 | Smart Security Camera Startup Rhombus Systems Raises $10 Million (lien direct) | Sacramento, CA-based Rhombus Systems – a provider of smart security cameras – has raised $10 million in a Series A funding round led by Cota Capital. | |||
|
2021-10-21 11:31:50 | Two Bulletproof Hosting Administrators Sentenced to Prison in U.S. (lien direct) | The United States Department of Justice this week announced that two individuals involved in providing bulletproof hosting to various malware families were sentenced to prison. | Malware | ||
|
2021-10-21 11:17:35 | Former Execs of Cybersecurity Firm GigaTrust Charged With Financial Fraud (lien direct) | Three former executives of now defunct cybersecurity company GigaTrust have been charged for defrauding investors and lenders in a $50 million fraud scheme. | |||
|
2021-10-21 10:32:34 | US to Curb Hacking Tool Exports to Russia, China (lien direct) | US authorities unveiled Wednesday long-delayed new rules aimed at clamping down on export to nations like Russia and China of hacking technology amid a sharp uptick in cyberattacks globally. The rules, which are set to go into force in 90 days, would prevent the sale of certain software or devices to a list of countries unless approved by a bureau of the Commerce Department. | Tool | ||
|
2021-10-20 20:02:15 | Google Patches 19 Vulnerabilities in Chrome 95 Browser Refresh (lien direct) | Google has released a new version of its flagship Chrome web browser with patches for a total of 19 vulnerabilities, including 16 reported by external researchers. | |||
|
2021-10-20 15:17:31 | Investors Bet Big on Attempts to Solve Encryption \'Holy Grail\' (lien direct) | News Analysis: Venture capital investors are pumping millions of dollars into privacy enhancing technology (PET) projects, betting that hardware and software innovation is finally coming together to solve one of the “holy grails” of encryption. | |||
|
2021-10-20 15:12:33 | Query.AI Raises $15 Million in Series A Funding Round (lien direct) | Query.AI, a company that has developed a security investigations platform for enterprises, this week announced raising $15 million in a Series A funding round, which brings the total raised to nearly $20 million. | |||
|
2021-10-20 13:59:02 | Magnitude EK Expands Arsenal With PuzzleMaker Exploit Chain (lien direct) | The Magnitude exploit kit (EK) is now capable of targeting Chromium-based browsers running on Windows systems, security researchers with Avast warn. | |||
|
2021-10-20 12:53:49 | Threat Detection Marketplace SOC Prime Raises $11 Million (lien direct) | Threat detection marketplace SOC Prime this week announced that it has raised $11 million in Series A funding. To date, the company has raised a total of $11.5 million. The new capital, the company says, will help it accelerate the adoption of its marketplace, which allows security researchers to monetize their content to help others fend off cyberattacks. | |||
|
2021-10-20 12:34:21 | Acer Confirms Breach of Servers in Taiwan (lien direct) | Taiwanese tech giant Acer has confirmed that, in addition to servers in India, hackers breached some of its systems in Taiwan. | |||
|
2021-10-20 11:47:59 | Zerodium Buying Zero-Day Exploits Targeting VPN Software (lien direct) | Exploit acquisition company Zerodium on Tuesday announced that it's looking to buy zero-day exploits targeting popular VPN software. Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. | |||
|
2021-10-20 11:02:21 | Oracle\'s October 2021 CPU Includes 419 Security Patches (lien direct) | Oracle on Tuesday announced the release of its latest quarterly Critical Patch Update (CPU), which includes a total of 419 security patches for vulnerabilities across the company's portfolio. Just over half of the patches address vulnerabilities that could be exploited remotely without authentication, Oracle announced. | |||
|
2021-10-20 10:27:59 | Missouri Budget Officials Outline $50M Cost of Data Breach (lien direct) | Help for roughly 100,000 teachers whose Social Security numbers were made vulnerable in a massive state data breach could cost Missouri as much as $50 million, the governor's office confirmed Tuesday. | Data Breach | ||
|
2021-10-20 10:16:05 | How to Spot an Effective Security Practitioner (lien direct) | By understanding what makes a great security practitioner, organizations can learn how to recruit and retain effective security practitioners | |||
|
2021-10-19 21:42:01 | U.S. Government Issues Urgent Warning on BlackMatter Ransomware (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) this week published a joint advisory to warn organizations of an increased threat posed by the BlackMatter ransomware gang. | Ransomware Threat | ||
|
2021-10-19 21:31:23 | Nation-State APT Targets Afghans With New Toolset (lien direct) | A previously unseen threat actor, likely a nation-state, is targeting various entities in South Asia, with a focus on Afghanistan, according to a warning from anti-malware vendor Symantec. | Threat | ||
|
2021-10-19 14:56:06 | Microsoft, Intel and Goldman Sachs Lead New Supply Chain Security Group at TCG (lien direct) | Microsoft, Intel and Goldman Sachs will lead a new work group focusing on supply chain security at the Trusted Computing Group (TCG). TCG is a non-profit organization that develops, defines and promotes open and vendor-neutral industry specifications and standards for trusted computing platforms, including the widely used Trusted Platform Module (TPM). | Guideline | ||
|
2021-10-19 14:17:42 | Customer Data Privacy Provider Skyflow Raises $45 Million (lien direct) | Customer data privacy company Skyflow today announced that it has raised $45 million in Series B funding. Over the past 18 months, the company has raised $70 million. The new funding round was led by Insight Partners. Mouro Capital, MS&AD Ventures, Canvas Ventures, Foundation Capital, and Coinbase board member Gokul Rajaram also participated. | |||
|
2021-10-19 13:46:39 | Valence Emerges From Stealth to Address Business App Connectivity Risks (lien direct) | Another Israel-based cybersecurity startup has emerged from stealth mode. The company, Valence, claims to have developed a platform that leverages zero trust principles to help organizations manage risks associated with the connectivity between various business applications. | |||
|
2021-10-19 13:03:48 | University of Pittsburgh Medical Center Hacker Sentenced to Prison (lien direct) | The individual who hacked the human resources databases of the University of Pittsburgh Medical Center was sentenced to seven years in prison, the United States Department of Justice announced. | |||
|
2021-10-19 12:56:14 | SASE Firm Cato Networks Raises $200 Million at $2.5 Billion Valuation (lien direct) | Tel Aviv, Israel-based Secure Access Service Edge (SASE) provider Cato Networks on Tuesday announced raising $200 million at a market valuation of $2.5 billion. | |||
|
2021-10-19 11:11:25 | The VC View: Vendor Risk Management (lien direct) | Unlike other areas of security, the COVID-19 pandemic has not made a big impact on the Vendor risk management (VRM) sector. This space would have been a Top 10 security project even without a pandemic, as it has been going down this path for years: moving away from security questionnaires to finding something more predictable, useful and scalable. | |||
|
2021-10-19 10:52:43 | $1.9 Million Paid Out for Exploits at China\'s Tianfu Cup Hacking Contest (lien direct) | 
iOS 15, Chrome, Windows, VMware Hacked at China's Tianfu Cup
|
|||
|
2021-10-19 10:27:04 | Has Facebook Sidestepped GDPR\'s User Consent Requirements? (lien direct) | 
|
|||
|
2021-10-18 23:51:16 | Sinclair Hit by Ransomware Attack, TV Stations Disrupted (lien direct) | Sinclair Broadcast Group, which operates dozens of TV stations across the U.S., said Monday that some of its servers and work stations were encrypted with ransomware and that data was stolen from its network. | Ransomware | ||
|
2021-10-18 17:39:30 | Free Decryptor Released for BlackByte Ransomware (lien direct) | Trustwave's SpiderLabs security researchers have released a free decryptor that victims of the BlackByte ransomware can use to restore their files. | Ransomware | ||
|
2021-10-18 16:54:38 | Private Data Sharing Firm TripleBlind Raises $24 Million in Series A Funding (lien direct) | Private data sharing solutions provider TripleBlind on Monday announced raising $24 million in an oversubscribed Series A funding round, which brings the total raised by the company to more than $32 million. | |||
|
2021-10-18 13:41:58 | Third Party Attacks Are Increasing, But Third-Party Risk Management Is Failing (lien direct) | The risks associated with supply chain (for software and services) is huge and growing. A new report shows that boardroom awareness and budgets for third-party risk management has increased; but this is not necessarily translating into effective action. | |||
|
2021-10-18 13:32:43 | Banks Informed U.S. Treasury of $590 Million in Ransomware Payments (lien direct) | The United States Department of the Treasury's Financial Crimes Enforcement Network (FinCEN) has identified a total of 177 cryptocurrency wallets associated with the top 10 most commonly reported ransomware variants during the first half of the year. | Ransomware | ||
|
2021-10-18 12:49:42 | Password Auditing Tool L0phtCrack Released as Open Source (lien direct) | The password auditing and recovery tool L0phtCrack is now open source and the project is looking for both maintainers and contributors. First released in 1997, L0phtCrack can be used to test password strength and recover lost Windows passwords via dictionary, brute-force, and other types of attacks. | Tool | ||
|
2021-10-18 12:18:18 | Many Prometheus Endpoints Expose Sensitive Data (lien direct) | Unprotected instances of open source event monitoring solution Prometheus may leak metric and label data to the Internet, software company JFrog warns. | |||
|
2021-10-18 12:04:26 | Accenture Confirms Data Stolen in Ransomware Attack (lien direct) | Consulting giant Accenture has confirmed that proprietary information was stolen in a ransomware attack disclosed in August 2021. | Ransomware | ||
|
2021-10-18 10:19:14 | Missouri Governor Urged to Appoint Cybersecurity Panel (lien direct) | Three months after creation of a commission to identify cybersecurity risks in state government, Missouri Gov. Mike Parson has yet to appoint any members. A state lawmaker said Friday that vulnerabilities exposed on a state website prove the need for just such a panel of experts. | |||
|
2021-10-16 01:24:11 | Cyberattack Disrupts Services at Ecuador\'s Largest Bank (lien direct) | Customers of Ecuador's largest bank continued to experience service disruptions on Friday following a cyberattack on the institution several days earlier. |
To see everything:
Our RSS (filtrered)
