What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-09 10:47:55 | Call centre network security at risk: GOautodial vulnerability could lead to information disclosure and RCE (lien direct) | GOautodial, an open source call center software suite with 50,000 users around the world, has patched two vulnerabilities that could lead to information disclosure and remote code execution (RCE). Unearthed by Scott Tolley of the Synopsys Cybersecurity Research Center (CyRC), the first bug – tracked as CVE-2021-43175 – has been rated medium severity. An API router accepts a username, password, and action […] | Vulnerability Guideline | ★★ | |
|
2021-12-09 10:28:42 | Cybercriminals take advantage of unpatched Hikvision systems (lien direct) | Moobot botnet is leveraging a known remote code execution (RCE) vulnerability in Hikvision products (CVE-2021-36260) to spread a Moobot, which carries out distributed denial of service (DDoS) attacks. The attack surface could be significant: China-based Hikvision touted itself as the “world's leading video-surveillance products supplier” on the company site. Although a patch was released in September, […] | Vulnerability Guideline | ||
|
2021-12-08 11:40:00 | Omicron variant being used to phish students (lien direct) | A new phishing attack, discovered by Proofpoint, is using the Omicron variant of COVID-19 to steal students’ credentials and gain access to accounts. The threat-actors targeting US universities are leveraging the concern around the new virus strain to trick students into opening attachments that lead students to spoofed university login portals. This isn’t an entirely […] | Guideline | ||
|
2021-12-08 11:03:58 | (Déjà vu) Ransomware attack locks hotel guests out of rooms (lien direct) | Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. However it has since been revealed that it was the target of Conti ransomware, leading to hotel guests being locked out of their rooms. As IoT becomes more connected the threat of home and corporate […] | Threat Guideline | ||
|
2021-11-11 13:46:18 | Europe\'s top 10 pharma manufacturers all have vulnerable web applications (lien direct) | Outpost24, an innovator in identifying and managing cybersecurity exposure, today announced the results of its 2021 Web Application Security for Healthcare report for the top 10 European pharmaceutical organisations, as ranked by Drugs Discovery and Development based on annual revenue, R&D spend, employee numbers, leadership and more. Using Outpost24's external attack surface management tool, the study evaluates the digital footprint of the Top 10 pharmaceutical organisations in the EU by discovering their […] | Guideline | ||
|
2021-11-10 14:08:49 | Armis sees demand for OT/ICS cybersecurity rise 400% year on year (lien direct) | Armis, the unified asset visibility and security platform provider, has formally announced its leadership in the OT / ICS cybersecurity category with the world's leading enterprises after seeing a huge 400% increase in demand this past year. Only the Armis platform spans multiple verticals and can cater to the convergence of IT & OT. No […] | Guideline | ||
|
2021-10-18 13:28:48 | Organisers of Security Serious Week set new Guinness World Records® title for an Online Cybersecurity Lesson (lien direct) | Security Serious 2021 run by Eskenzi PR and sponsored by leading cybersecurity companies KnowBe4 and OneLogin, has officially set the Guinness World Records title for the Most views of a cyber security lesson video on YouTube in 24 hours. The training lesson achieved 2136 views and was presented by security experts Javvad Malik, lead security awareness advocate at KnowBe4 […] | Guideline | ||
|
2021-10-15 11:22:07 | Armis Appoints new Chief Advocacy Officer and General Manager (lien direct) | Armis, the leading unified asset visibility and security platform provider, has announced the appointment of B2B SaaS veteran Conor Coughlan as their new Chief Advocacy Officer (CAO) and General Manager for EMEA. Coughlan will be responsible globally for the establishment and operation of their new advocacy programs and strategically accelerating their expansion across the EMEA region. Conor […] | Guideline | ||
|
2021-10-08 13:27:51 | Cybersecurity experts discuss the Twitch data breach (lien direct) | The Amazon-owned video game streaming platform Twitch has exposed roughly 135 gigabytes of data, revealing source code and payout figures for streamers. Twitch confirmed the leak after the data was advertised on 4chan. Here’s what cybersecurity experts had to say on the matter: Javvad Malik, lead security awareness advocate, KnowBe4 The Twitch breach is a […] | Data Breach Guideline | ||
|
2021-09-09 10:25:08 | Jenkins discloses attack on its Atlassian Confluence service (lien direct) | The open source automation server Jenkins has disclosed a successful attack on its Confluence service. Attackers abused an Open Graph Navigation Library (OGNL) injection flaw – the same vulnerability type involved in the notorious 2017 Equifax hack – capable of leading to remote code execution (RCE) in Confluence Server and Data Center instances. Rated CVSS […] | Hack Vulnerability Guideline | Equifax Equifax | |
|
2021-09-03 14:50:13 | How to Smartly Scale AppSec Testing (lien direct) | The IT Security Guru has paired up with Synopsys, a recognised leader in application security, to bring you the webinar, ‘How to Smartly Scale AppSec Testing’. No matter what any blog or vendor says you know there is no silver bullet for application security. Complete one item on your to-do list, seven more things are […] | Guideline | ||
|
2021-07-23 15:40:21 | Gartner MQ for PAM regards One Identity as a Leader in 2021 (lien direct) | One Identity, an identity-centric security provider, has been named a Leader in the 2021 Gartner Magic Quadrant for Privileged Access Management (PAM) as the company continues to deliver on its next-generation PAM vision. One Identity helps businesses address the shortcomings of legacy security offerings that are fragmented, complex, manual and too narrow to meet today's […] | Guideline | ★★★ | |
|
2021-07-14 11:34:14 | Outpost24 acquires threat intelligence provider Blueliv (lien direct) | Outpost24 has acquired Blueliv, one of the world’s leading cyber threat intelligence companies which will create one of the largest cybersecurity providers in Europe. The objective: to provide the most advanced threat landscape monitoring solution to help businesses identify threats targeting their organizations and dramatically reduce risk exposure. “It has been a difficult 18 months […] | Threat Guideline | ||
|
2021-07-13 10:29:49 | Armis discloses critical vulnerability that allows remote takeover of Schneider Electric industrial controllers (lien direct) | Researchers at Armis, the unified asset visibility and security platform provider, have disclosed the discovery of an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers (PLCs) that can lead to remote-code-execution (RCE). The vulnerability, dubbed Modipwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 […] | Vulnerability Guideline | ||
|
2021-06-30 13:39:59 | JFrog Acquires Vdoo to bolster Continuous Security from Development to Device (lien direct) | The liquid software company, JFrog has announced its intention to acquire Vdoo Connected Trust Ltd. (“Vdoo”). The company plans to accelerate its efforts to provide an industry-leading security offering to support DevOps users as they respond to the disruption in the market for continuous software delivery. As part of the JFrog Platform, Vdoo will accelerate […] | Guideline | ||
|
2021-06-30 12:59:15 | Access Control: The 5 Single Sign-On Benefits (lien direct) | In March 2020, many people began working from home due to the COVID-19 pandemic. The email to your teammates stating that you were “working from home” instantly had new meaning. Working from home resulted in additional risk management and security challenges for employees, executive leadership, and information technology (IT) teams. Organizations that had not embarked […] | Guideline | ||
|
2021-06-17 10:45:29 | Biden says 16 sectors should be off limits to attack (lien direct) | In a speech on Wednesday, the U.S. President, Joe Biden told the Russian President, that 16 sectors of critical infrastructure should be “off-limits” to attacks, specifically cyberattacks. Unfortunately, analysts believe his efforts to be futile. Robert Golladay, the EMEA and APAC director at Illusive claims that “the fact that one of the leaders of the […] | Guideline | ||
|
2021-06-17 10:08:14 | Over a billion CVS health records exposed (lien direct) | On Thursday, an online database belonging to CVS Health was discovered online. This was the result of another misconfigured cloud service, which can significantly impact security and lead to a massive data leak. The uncovered database was not password-protected and had no security defences in place to prevent access from unauthorised persons. The database was […] | Guideline | ||
|
2021-06-16 14:33:52 | The Legacy of Security Champions (lien direct) | What will the legacy of security leaders be in the years to come? Will they be remembered as the defenders of the cyber realm, heroes or will history view them as annoying barriers who did nothing but slow down innovation? Many security leaders agree that too many times, the security team is viewed as the […] | Guideline | ||
|
2021-05-27 07:48:30 | VSCode Extension vulnerabilities could lead to cyberattacks on the supply chain (lien direct) | The Hacker News has reported that newly discovered bugs in VSCode Extensions could lead to supply chain attacks. The severe security flaws uncovered in the popular Visual Studio Code extensions could enable attackers to compromise local machines and build/deployment systems through a developer’s integrated development environment (IDE). The vulnerable extensions can also be exploited to […] | Guideline | ||
|
2021-05-14 09:50:05 | Heightened work-related stress and increased workloads are taking their toll on technology leader\'s mental wellbeing (lien direct) | A CISOs workday is riddled with high-stress situations as they constantly battle the deluge of threats emerging from the ever-expanding threat landscape. Therefore it is no wonder that the majority of technology leaders are feeling stressed. In recent years the challenges that CISOs face have only intensified. Since the pandemic, security professionals have had […] | Threat Guideline | ||
|
2021-05-06 13:07:24 | It\'s World Password Day – Here\'s what the experts say (lien direct) | Passwords essentially are the gateways to our digital lives. From business accounts, social media, shopping, banking – you name it – if they're compromised, it can have big implications. To mark the day, we've compiled the advice of some of the world's leading experts in cybersecurity to help keep individuals and, ultimately, businesses safer on […] | Guideline | ||
|
2021-04-20 13:48:50 | Armis and UK\'s Eseye partner to secure connected devices on any cellular network (lien direct) | Global connectivity specialist Eseye and leading agentless device security platform provider Armis, today announced a strategic partnership and joint solution that enables organisations to deploy connected devices anywhere in the world with enterprise-class security and consistent, reliable cellular (4G/LTE/5G) connectivity. Eseye's unique Connectivity Management Platform enables devices to switch intelligently to any one of […] | Guideline | ||
|
2021-04-13 16:34:26 | Tim Mackie takes lead channel role for Armis (lien direct) | Armis®, the agentless device security platform, today announced the appointment of Tim Mackie as the new Worldwide Vice President of Channel. As part of Armis' commitment to its global channel partner programme and the accelerating demand for businesses to collaborate with it, Mackie has been appointed to lead this high growth function. Mackie is a […] | Guideline | ||
|
2021-04-12 13:15:52 | Israel allegedly takes responsibility for Iran cyberattack (lien direct) | Iran’s main nuclear facility suffered a cyberattack on Sunday, leading to a large scale blackout at Natanz, which Israel now appears to be taking responsibility for. Tehran’s nuclear energy chief described the attack as an act of terrorism, and demands a response against the perpetrators. The incident occurred shortly after the official restarted spinning advanced […] | Guideline | ||
|
2021-04-07 07:44:41 | Hackers actively exploiting SAP Bugs (lien direct) | Active cyberattacks have been reported on known security vulnerabilities in widely deployed SAP applications, giving the attackers access for full take over and the ability to infest an organisation completely. Researchers warn that these attacks could lead to full control of unsecured SAP applications. An alert issued by SAP informs that threat actors are carrying […] | Threat Guideline | ||
|
2021-03-25 14:46:33 | Attackers exploiting recently-patched vulnerabilities (lien direct) | Two vulnerabilities were discovered across the Legacy Themes and plugins in the popular suite of tools for WordPress websites from the marketing platform Thrive Themes. The purpose of Thrive Themes is to help WordPress websites “convert visitors into leads and customers.” The suite of products affected is called Thrive Suite, in which the Legacy Themes […] | Guideline | ||
|
2021-03-24 11:23:09 | Financial Risk Management Platform Feedzai becomes Portugal\'s first tech unicorn (lien direct) | Feedzai, the cloud-based financial risk management platform, today announced a $200 million Series D investment round led by leading global investment firm KKR, with participation from existing investors Sapphire Ventures, and Citi Ventures. The company states that the new investment will be used to accelerate its global expansion, further develop its product offerings, and boost […] | Guideline | ||
|
2021-03-24 11:13:16 | California Controller\'s Office employee falls for phishing link (lien direct) | A California State Controller’s Office employee fell for a phishing link, leading to a data breach that resulted in the theft of around 9,000 records. The employee, who worked in the Unclaimed Property division clicked on a phishing link received in an email and then proceeded to enter a user ID and password. This gave […] | Data Breach Guideline | ||
|
2021-03-16 16:37:31 | First trustees announced for the UK Cyber Security Council (lien direct) | The UK Cyber Security Council – the independent 'umbrella' organisation for the UK cyber security profession – has introduced its first four trustees, which it says is a key milestone in its formation. The four initial trustees that form the inaugural leadership of the Council are: Dr Claudia Natanson (chair): Dr Claudia Natanson is […] | Guideline | ★★★★★ | |
|
2021-03-08 14:40:11 | International Women\'s Day: the road towards equality is still long for the cybersecurity industry (lien direct) | A new study has revealed that women hold only 10 percent of board positions and 16 percent of management positions within the world's leading cybersecurity companies. The study was carried out by cybersecurity specialists Eskenzi PR and Marketing, and looked at the websites of 138 companies from the Cybersecurity Ventures Hot 150 to understand the […] | Guideline | ||
|
2021-03-02 11:23:37 | Twitter tightens rules on the spread of misinformation (lien direct) | On Monday, Twitter announced its plan to introduce a new strike system to halt the spread of misinformation on the platform. The social media platform will start labelling tweets that “may contain misleading information about COVID-19 vaccines” and remove any that violate Twitter guidelines. The company has already removed thousands of tweets and examined over […] | Guideline | ||
|
2021-02-19 14:59:20 | US cities affected after ATFS Ransomware attack (lien direct) | Automatic Funds Transfer Services was targeted in a ransomware attack on the 3rd of February. The payment processor is used by many cities and agencies throughout the US. The data used for billing and verifying customers and residents is extremely varied, leading researchers to believe the attack could have had a massive and widespread impact. […] | Ransomware Guideline | ||
|
2021-02-19 12:45:48 | Red Canary closes $81 million Series C financing round led by Summit Partners (lien direct) | Red Canary has closed its $81 million Series C financing round led by global growth equity investor Summit Partners. The new funding will help to support continued investment in both product and team expansion as the company continues to work toward enabling every organization to make its greatest impact without concern of cyber-attacks. A leading provider […] | Guideline | ★★★ | |
|
2021-02-09 11:54:54 | Iranian surveillance operations targeting dissidents (lien direct) | According to a leading cyber-security company, Iran is targeting dissidents in an effort to install spyware on their PC and mobile devices. More than 1,000 individuals were affected. The spyware was being used to steal call recordings and media files. One of the groups is known as Domestic Kitten or APT-50, which allegedly tricked people […] | Guideline | ||
|
2021-02-03 10:01:52 | Nozomi Networks Tops 100% Revenue Growth (lien direct) | Nozomi Networks Inc., the leader in OT and IoT security, today announced record 2020 growth and tremendous momentum moving into 2021. As industrial and critical infrastructure cybersecurity threats made operational resilience a top priority for large enterprises around the world, the company experienced 110% growth in annual recurring revenue (ARR) and doubled its customer base […] | Guideline | ||
|
2021-02-01 14:55:16 | (Déjà vu) Severe Bug in Libgcrypt Encryption Library (lien direct) | The flaw was discovered on January 28th by Travis Ormandy of Project Zero, which is a security research unti within Google. It was found in GNU Privacy Guard (GnuPG)’s Libgcrypt encryption software, and potentially allowed attackers to write arbitrary data to the target machine. This is a severe vulnerability, which could lead to remote code […] | Guideline | ★★ | |
|
2021-01-27 16:46:47 | More than 13,000 malware threats were detected every hour in 2020 (lien direct) | New research from Seqrite has found that in 2020 there were 13,733 malware threats detected every hour. The report showed that of all threats Trojan malware threats were the leaders quarter-on-quarter (QoQ) and year-on-year (YoY). According to the research out of the 113 million malware detections, the first quarter totalled the highest at 36 million […] | Malware Guideline | ||
|
2021-01-27 10:33:47 | The Hacked and Yet to Be Hacked: SolarWinds Breach Shows Detection is Key to Reducing Risk and Damage (lien direct) | Several years back, a number of security industry leaders began declaring that there are only two types of organizations, those that have been hacked and those that don't yet know it. Industry analyst firm Gartner agreed and shortly thereafter began advising organizations to build out security strategies that could respond to this fact of digital […] | Guideline | ||
|
2021-01-26 10:55:51 | Crane manufacturer Palfinger hit by global cyberattack (lien direct) | Palfinger, a global leader in crane and lifting manufacturing, has been targetted by a cyberattack which has disturbed both the companies business operations and IT systems. The crane manufacturer is Austrian based and has more than 11,000 employees in over 35 locations. Being one of the global leaders in crane and lifting solutions, Palfinger has […] | Guideline | ||
|
2021-01-25 12:14:31 | ADT Technician Watched Customers in their Homes (lien direct) | Surveillance Camer The former ADT Security technician pleaded guilty to computer fraud. He admitted to secretly tapping into customers’ home security systems over 9,600 times since 2015. A prosecutor explained how Aviles added his personal email address to his customers’ ADT Pulse accounts, giving him real-time access to their surveillance systems. “This defendant, entrusted with […] | Guideline | ||
|
2021-01-22 17:06:17 | Cybersecurity Failure among Highest Risks, warns World Economic Forum (lien direct) | The 16th edition of the World Economic Forum's (WEF) Global Risk Report was released on Tuesday, and many of the risks/threats contained are unsurprising. The results are based on the Global Risks Perception Survey and were completed by 650 members of the World Economic Forums diverse leadership communities. According to this, the key threats of […] | Guideline | ★★ | |
|
2021-01-21 11:41:09 | Barmak Meftah Joins Nozomi Networks Board of Directors (lien direct) | Nozomi Networks Inc., the leader in OT and IoT security, today announced that Barmak Meftah has joined Nozomi Networks' board of directors. Recognized globally as one of the most successful business leaders in enterprise security, Mr. Meftah has more than 25 years of experience building market-leading enterprise SaaS and cybersecurity companies. Most recently, he was […] | Guideline | ||
|
2021-01-19 16:09:52 | Vdoo Reveals an Extension Funding Round with Qumra Capital and Verizon Ventures Joining as Investors (lien direct) | Vdoo, a leader in product security for embedded software, today revealed it had extended its Series B funding to $57M, in an additional round led by Qumra Capital, Verizon Ventures, and others. The round was completed in the third quarter of last year, and the new funding was leveraged to expand Vdoo's offering to the […] | Guideline | ||
|
2021-01-15 12:48:03 | Classiscam: Fake Ads hit European Market (lien direct) | A scam, known as Classiscam, is leading users to fraudulent merchant sites or phishing pages using fake tailored advertisements. The Cybercriminals use brands that are extremely popular in Europe including, LeBoinCoin, Allegro, OLX, Sbazar, FAN. Courier, Lalafo, Kufar and DHL. Anyone tricked by the scam falls victim to payment data theft. Security Researchers at Group-IB […] | Guideline | ||
|
2021-01-14 15:28:27 | Cybereason Announces New Partnership With Intel (lien direct) | Cybereason has entered into a new partnership with Intel. The two companies announced their combined plan to adopt and release new Intel Hardware Shield protections, which will further defend businesses from Ransomware attacks. Cybereason is a leader in future-ready attack protection, who aims to end cyber-attacks in an instant while Intel is known for being […] | Ransomware Guideline | ||
|
2021-01-11 15:29:16 | Creating a culture of cybersecurity and tech innovation (lien direct) | Cloud native technologies have the potential to truly change the way we access and secure applications, but the success of this relies on the people and processes in place to handle the roll out of these technologies. This requires appropriate leadership, and decision makers within an organisation who demonstrate robust cloud security leadership are more […] | Guideline | ||
|
2020-12-15 11:48:52 | Over 45 Million Medical Images available online (lien direct) | CybelAngel, a world leader in digital risk protection, discovered over 45 million medical imaging files – such as CT scans and X-rays– which were accessible online on unprotected servers. These findings were released in CybelAngels’s report “Full Body Exposure”, which is the result of a six-month research investigation into Digital Imaging and Communications in Medicine […] | Guideline | ||
|
2020-12-01 17:18:53 | Glasswall successfully raises £18 million from leading investors to fund continued expansion (lien direct) | Glasswall, the leading cybersecurity technology group, announces that it has successfully raised £18 million in additional equity capital to finance its continued expansion. The funding round was led by IPGL, Lord Spencer's private investment group, and a number of other high net worth investors including Lord Rose, Chairman of Ocado, Lance Uggla, Chairman and CEO […] | Guideline | ||
|
2020-11-20 12:06:45 | Nozomi Networks partners with Honeywell to strengthen OT cybersecurity (lien direct) | Honeywell (NYSE: HON) and Nozomi Networks have announced a cybersecurity partnership today to deliver more comprehensive, end-to-end cybersecurity for Operational Technology (OT) environments. The partnership combines Nozomi Networks' industry-leading OT & Internet of Things (IoT) security and visibility capabilities with the strengths of Honeywell Forge Cybersecurity software, professional consulting and managed security services from Honeywell. […] | Guideline |
To see everything:
Our RSS (filtrered)
