What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-23 12:59:09 | Details Disclosed for Critical Vulnerability in Sophos Appliances (lien direct) | Organizations using security appliances from Sophos have been advised to make sure their devices are up to date after a researcher disclosed the details of a critical vulnerability patched last year. | Vulnerability | ||
|
2021-08-23 12:20:30 | PetitPotam Vulnerability Exploited in Ransomware Attacks (lien direct) | The recently disclosed Windows Server vulnerability dubbed “PetitPotam” is being actively exploited in malicious attacks, including some aimed at deploying a piece of ransomware named LockFile. | Ransomware Vulnerability | ||
|
2021-08-23 11:33:30 | CISA Warns Organizations of ProxyShell Attacks on Exchange Servers (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) over the weekend issued an alert to warn of malicious actors actively exploiting the recently disclosed Microsoft Exchange vulnerabilities named ProxyShell. | |||
|
2021-08-23 10:55:45 | JPMorgan Chase Bank Notifies Customers of Data Exposure (lien direct) | JPMorgan Chase Bank last week sent out notification letters to inform customers that their personal information might have been inadvertently exposed to other customers. | |||
|
2021-08-23 08:54:17 | Number of T-Mobile Customers Confirmed to Be Affected by Hack Reaches 54 Million (lien direct) | The number of T-Mobile customers confirmed to be affected by the recent hacker attack has reached more than 54 million, the wireless operator said in an update shared on Friday. | Hack | ||
|
2021-08-20 13:01:25 | CISA Issues Guidance on Protecting Data From Ransomware (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week published a new document providing recommendations on how to prevent data compromise during ransomware attacks. | Ransomware | ||
|
2021-08-20 12:22:01 | Google Discloses Details of Unpatched Windows AppContainer Flaw (lien direct) | Google disclosed the details of a Windows AppContainer flaw after Microsoft said it would not fix it, but the software giant later reversed course and said it could address it after all. | |||
|
2021-08-20 11:19:39 | Third-Party Patches Available for More PetitPotam Attack Vectors (lien direct) | Slovenia-based ACROS Security this week announced the release of patches that address additional attack vectors for the PetitPotam vulnerability. | |||
|
2021-08-20 10:27:32 | High-Severity DoS Vulnerability Patched in BIND DNS Software (lien direct) | The Internet Systems Consortium (ISC) this week publicly announced the availability of patches for a high-severity denial-of-service (DoS) vulnerability affecting its BIND DNS software. | Vulnerability | ||
|
2021-08-20 09:38:10 | China Passes Tough New Online Privacy Law (lien direct) | China passed a sweeping privacy law aimed at preventing businesses from collecting sensitive personal data Friday, as the country faces an uptick in internet scams and Beijing targets tech giants hoovering up personal data. | |||
|
2021-08-19 15:37:43 | Hackers Steal $97 Million from Japanese Crypto-Exchange Liquid (lien direct) | Japanese cryptocurrency exchange Liquid on Thursday announced it fell victim to an attack that resulted in large amounts of crypto-currency assets being stolen. Liquid announced that hackers were able to compromise its warm wallets, stealing various amounts of Ethereum, Bitcoin, Stablecoins, Ripple, and other tokens. | |||
|
2021-08-19 14:58:27 | Cisco: Critical Flaw in Older SMB Routers Will Remain Unpatched (lien direct) | Cisco this week published information on a critical code execution vulnerability affecting its small business RV110W, RV130, RV130W, and RV215W routers, but cautioned that there are no plans to release security fixes. | Vulnerability | ||
|
2021-08-19 13:04:43 | Over 600 ICS Vulnerabilities Disclosed in First Half of 2021: Report (lien direct) | More than 600 vulnerabilities affecting industrial control system (ICS) products were disclosed in the first half of 2021, according to industrial cybersecurity firm Claroty. | |||
|
2021-08-19 11:24:25 | Cyberattack Forces Memorial Health System to Cancel Surgeries, Divert Patients (lien direct) | Not-for-profit integrated health organization Memorial Health System is in the process of restoring operations after falling victim to a cyberattack on Sunday. The health system operates three hospitals (Marietta Memorial Hospital, Selby General Hospital, and Sistersville General Hospital) and multiple provider clinics and outpatient service sites. | |||
|
2021-08-19 10:06:45 | Detect: The Third Pillar of Industrial Cybersecurity (lien direct) | My first article in this series covered why visibility into industrial environments is challenging yet necessary, highlighting three key questions to ask when evaluating industrial cybersecurity solutions. | |||
|
2021-08-19 09:52:20 | GitHub Encourages Users to Adopt Two-Factor Authentication (lien direct) | Software repository platform GitHub is once again encouraging users to enable two-factor authentication (2FA) to better secure their accounts. The Microsoft-owned hosting service has had support for 2FA for eight years, and is now pushing for a wider use of the feature after it stopped accepting account passwords for authenticating Git operations. | |||
|
2021-08-19 08:43:03 | Belarus Brands Group Who Claimed to Hack Interior Ministry \'Extremist\' (lien direct) | A court in Belarus declared Wednesday a group of hackers who claim to have carried out a massive hack on the interior ministry in an attack on President Alexander Lukashenko's regime to be an "extremist" organisation. | Hack | ||
|
2021-08-18 19:06:27 | Report: Census Hit by Cyberattack, US Count Unaffected (lien direct) | U.S. Census Bureau computer servers uninvolved with the 2020 census were exploited last year during a cybersecurity attack, but hackers' attempts to keep access to the system were unsuccessful, according to a watchdog report released Wednesday. The attack took place in January 2020 on the bureau's remote access servers. | |||
|
2021-08-18 18:03:43 | Report: Iranian APT Hexane Targets Israeli Companies (lien direct) | Over the past several months, an Iran-linked threat actor tracked as Hexane has attempted to breach numerous Israeli organizations using supply chain tools, according to a new report from security vendor ClearSky. | Threat | ||
|
2021-08-18 15:04:14 | Threat Detection and Response Firm Blumira Raises $10.3 Million (lien direct) | Threat detection and response solutions provider Blumira on Wednesday announced raising $10.3 million in a Series A funding round led by early-stage venture capital firm Mercury. | |||
|
2021-08-18 13:44:16 | Blockchain Security Company CertiK Raises $24 Million (lien direct) | Blockchain security company CertiK this week announced raising $24 million in Series B+ funding, which adds to the $37 million Series B announced last month. To date, the company has raised more than $70 million. | |||
|
2021-08-18 12:14:53 | T-Mobile Confirms Data Breach Impacts Millions of Customers (lien direct) | T-Mobile has confirmed that hackers have stolen files storing information on millions of current and former customers. | Data Breach | ||
|
2021-08-18 11:19:55 | ICS Vendors Assess Impact of INFRA:HALT Vulnerabilities (lien direct) | Several major industrial control system (ICS) vendors have issued security advisories in response to the discovery of the NicheStack vulnerabilities collectively tracked as INFRA:HALT. | |||
|
2021-08-18 10:23:32 | BadAlloc Flaw Impacts Many Systems Running BlackBerry\'s QNX Embedded OS (lien direct) | BlackBerry this week informed customers that the QNX embedded operating system is affected by a BadAlloc vulnerability leading to arbitrary code execution or denial of service. | Vulnerability Guideline | ||
|
2021-08-17 23:14:52 | Adobe Plugs Critical Photoshop Security Flaws (lien direct) | Adobe has issued a warning for a pair of major security vulnerabilities affecting its popular Photoshop image manipulation software. The flaws, rated critical, expose both Windows and MacOS users to code execution attacks, Adobe said in an advisory released Tuesday. | |||
|
2021-08-17 16:03:33 | Houdini Malware Returns and Amazon\'s Sidewalk Enter Corporate Networks (lien direct) | The nature of a secure access service edge (SASE) platform provides visibility into a large number of internet data flows – and the larger the platform, the more dataflows can be analyzed. An analysis of more than 250 billion network flows during Q2 2021 shows increasing threats, a new use of an old malware, and the growing incidence of consumer devices in the workplace. | Malware | ||
|
2021-08-17 15:16:26 | High-Severity Command Injection Vulnerability Found in Fortinet Firewall (lien direct) | Researchers have discovered a vulnerability in Fortinet's FortiWeb web application firewall (WAF), and while it has been classified as high severity, the actual risk of exploitation in the wild seems low. | Vulnerability | ||
|
2021-08-17 14:03:36 | FBI Reportedly Exposed Secret Terrorist Watchlist (lien direct) | Security researcher Bob Diachenko claims to have discovered an unprotected Elasticsearch database containing 1.9 million records related to what appeared to be a terrorist watchlist of the United States government. | |||
|
2021-08-17 13:37:15 | Rural Sewage Plants Hit by Ransomware Attacks in Maine (lien direct) | A pair of ransomware attacks on sewage treatment plants in rural Maine communities demonstrates that small towns need to be just as vigilant as larger communities in protecting against hackers, local officials said. | Ransomware | ||
|
2021-08-17 12:01:35 | Millions of IoT Devices Exposed to Attacks Due to Cloud Platform Vulnerability (lien direct) | Researchers at FireEye's threat intelligence and incident response unit Mandiant have identified a critical vulnerability that exposes millions of IoT devices to remote attacks. | Vulnerability Threat | ||
|
2021-08-17 11:36:47 | Google Awards $42,000 for Two Serious Chrome Vulnerabilities (lien direct) | Google on Monday announced that a security update released for the Chrome web browser patches several high-severity vulnerabilities. | |||
|
2021-08-16 20:04:37 | T-Mobile Acknowledges Breach of Customer Data, Launches Probe (lien direct) | T-Mobile on Monday acknowledged a breach of customer information after a hacker group claimed to have obtained records of 100 million of the operator's US customers and offered some of the data on the dark web. | |||
|
2021-08-16 19:31:46 | Colonial Pipeline Confirms Personal Information Impacted in Ransomware Attack (lien direct) | Colonial Pipeline has started sending out notification letters to inform more than 5000 people that their personal information was compromised in a ransomware attack earlier this year. | Ransomware | ||
|
2021-08-16 18:35:12 | Devices From Many Vendors Can Be Hacked Remotely Due to Flaws in Realtek SDK (lien direct) | A large number of IoT systems could be exposed to remote hacker attacks due to serious vulnerabilities found in software development kits (SDKs) provided to device manufacturers by Taiwan-based semiconductor company Realtek. | |||
|
2021-08-16 16:34:04 | Defeating the False Sense of Cyber Safety (lien direct) | For multiple reasons, people generally don't take cybersecurity anywhere near as seriously as physical safety | |||
|
2021-08-16 14:26:04 | Experts: False Claims on Voting Machines Obscure Real Flaws (lien direct) | The aftermath of the 2020 election put an intense spotlight on voting machines as supporters of former President Donald Trump claimed victory was stolen from him. While the theories were unproven - and many outlandish and blatantly false - election security experts say there are real concerns that need to be addressed. | |||
|
2021-08-16 14:04:15 | Facebook Adds End-to-End Encryption to Calls in Messenger (lien direct) | Facebook has updated the end-to-end encryption features in Messenger to provide users with more secure voice and video calling capabilities. | |||
|
2021-08-16 12:43:52 | Cybersecurity M&A Roundup for August 9-15, 2021 (lien direct) | 
|
|||
|
2021-08-16 12:20:27 | Understanding and Improving the Burden on Threat Hunters (lien direct) | Despite increased security budgets, threat hunters say they are under-resourced and overstretched | Threat | ||
|
2021-08-16 11:48:00 | Hacker Pleads Guilty to SIM Swapping Attacks, Cryptocurrency Theft (lien direct) | A Rockport, Massachusetts, man has pleaded guilty over his role in a scheme targeting people who had high-value social media accounts or who were believed to have large amounts of cryptocurrency. | Guideline | ||
|
2021-08-16 11:07:12 | Cyber Leader Calls for Nonpartisan Path to Securing the Vote (lien direct) | Those entrusted with securing the nation's voting systems must remain nonpartisan as a myriad of complex and growing risks continue to threaten U.S. elections, one of the nation's top cybersecurity officials said Saturday. | |||
|
2021-08-13 12:57:37 | Voltage Glitching Attack on AMD Chips Poses Risk to Cloud Environments (lien direct) | Researchers have described a voltage glitching attack that shows AMD's Secure Encrypted Virtualization (SEV) technology may not provide proper protection for confidential data in cloud environments. The research was conducted by a team from the Technical University of Berlin (TU Berlin) and it was detailed in a paper published this week. | |||
|
2021-08-13 10:08:59 | Hackers Deploying Backdoors on Exchange Servers via ProxyShell Vulnerabilities (lien direct) | Threat actors have started exploiting the recently disclosed Microsoft Exchange Server vulnerabilities to deliver web shells that give them access to the compromised system. | |||
|
2021-08-13 09:56:55 | UN Experts Call for More Rules on Countries\' Use of Spyware (lien direct) | Human rights experts working with the United Nations on Thursday called on countries to pause the sale and transfer of spyware and other surveillance technology until they set rules governing its use, to ensure it won't impinge upon human rights. | |||
|
2021-08-12 17:57:49 | Hacker Dubbed \'Mr White Hat\' to Return Entire Stolen Crypto Fortune (lien direct) | A firm specializing in transferring cryptocurrency said Thursday that a hacker they are calling "Mr White Hat" was giving back all $613 million in digital loot from a record haul. Poly Network had put out word previously that nearly half of the digital assets swiped early this week had been returned. | |||
|
2021-08-12 17:35:16 | Trend Micro Confirms In-the-Wild Zero-Day Attacks (lien direct) | Security vendor Trend Micro has issued a warning for in-the-wild zero-day attacks hitting customers using its Apex One and Apex One as a Service products. | |||
|
2021-08-12 15:53:00 | Microsoft Confirms (Yet Another) PrintNightmare Flaw as Ransomware Actors Pounce (lien direct) | Exasperated Windows fleet administrators woke up Thursday to news of a new, unpatched Print Spooler vulnerability that leaves machines exposed to remote code execution attacks. | Ransomware Vulnerability | ||
|
2021-08-12 15:16:35 | New \'Allstar\' App Enforces Security Best Practices for GitHub Projects (lien direct) | The Open Source Security Foundation (OpenSSF) on Wednesday announced the availability of a new GitHub app that can be used to automatically and continuously enforce security best practices for GitHub projects. | |||
|
2021-08-12 13:10:53 | August 2021 ICS Patch Tuesday: Siemens, Schneider Address Over 50 Flaws (lien direct) | Siemens and Schneider Electric on Tuesday released 18 security advisories addressing a total of more than 50 vulnerabilities affecting their products. The vendors have provided patches, mitigations, and general security recommendations for reducing the risk of attacks. | |||
|
2021-08-12 11:48:33 | The Curious Case of the $600 Million Crypto Heist (lien direct) | Cryptocurrency investors have been transfixed over the past few days by the antics of a mysterious hacker who stole more than $600 million -- before giving some of it back. But is the thief a good samaritan who stole the money to expose a dangerous security flaw, or did they simply realize they were about to be caught? |
To see everything:
Our RSS (filtrered)
