What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-17 13:08:25 | Open XDR Company Stellar Cyber Raises $38 Million (lien direct) | Detection and response solutions provider Stellar Cyber on Tuesday announced that it has raised $38 million in Series B funding. To date, the company has raised over $68 million. | |||
|
2021-11-17 12:05:47 | CISA Releases Incident and Vulnerability Response Playbooks (lien direct) | In response to an executive order signed by President Biden in May, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two cybersecurity playbooks focusing on incident response and vulnerability response. | Vulnerability | ||
|
2021-11-17 11:14:12 | UK Orders National Security Review of NVIDIA Deal to Buy Arm (lien direct) | American technology company NVIDIA's planned $40 billion takeover of British chip designer Arm Ltd. faces months of delays after the U.K. government asked competition regulators Tuesday to investigate the national security implications of the deal. | |||
|
2021-11-16 20:44:51 | Chrome 96 Plugs High-Risk Browser Flaws (lien direct) | Google this week announced the availability of Chrome 96 in the stable channel with fixes for 25 security flaws, including 18 bugs reported by external security researchers. | |||
|
2021-11-16 20:33:56 | Mandiant Attributes Ghostwriter APT Attacks to Belarus (lien direct) | The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team. | Threat | ||
|
2021-11-16 20:07:55 | Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections (lien direct) | A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips. | Vulnerability | ||
|
2021-11-16 19:18:21 | Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive (lien direct) | Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan's then-government and security forces as the Taliban was moving in to take power. | |||
|
2021-11-16 18:41:48 | FBI Hacker Offers to Sell Data Allegedly Stolen in Robinhood Breach (lien direct) | The hacker who last week sent out thousands of fake emails from FBI systems is offering to sell data allegedly stolen in the recent breach at mobile stock trading platform Robinhood. | |||
|
2021-11-16 16:39:16 | GitHub Confirms Another Major NPM Security Defect (lien direct) | Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. | |||
|
2021-11-16 15:55:13 | Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy (lien direct) | External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. | Threat | ||
|
2021-11-16 13:02:33 | Intel CPU Vulnerability Can Expose Cryptographic Keys (lien direct) | One of the vulnerabilities patched recently by Intel in its processors could allow an attacker with physical access to the targeted system to obtain cryptographic keys, according to the cybersecurity firm whose researchers discovered the flaw. | Vulnerability | ||
|
2021-11-16 12:47:34 | Emotet Using TrickBot to Get Back in the Game (lien direct) | Roughly one million computers were freed of the Emotet malware in April this year, but the botnet might reappear, as the Trojan's developers have apparently started distributing it again. | Malware | ||
|
2021-11-15 20:56:35 | Microsoft Says HTML Smuggling Attacks On The Rise (lien direct) | Microsoft says it has observed an increase in the use of HTML smuggling in malicious attacks distributing remote access Trojans (RATs), banking malware, and other malicious payloads. | |||
|
2021-11-15 17:40:53 | Costco Hit by Card Skimming Attack Head of Holiday Season (lien direct) | Costco, one of the world's largest retailers, has warned customers that they may have had bank card details stolen, following reports that payment card skimming devices were discovered at Costco warehouses. | |||
|
2021-11-15 15:56:43 | (Déjà vu) Cybersecurity M&A Roundup for Second Week of November 2021 (lien direct) | 
Eight cybersecurity-related acquisitions were announced in the second week of November 2021 (November 8-14).
|
|||
|
2021-11-15 15:06:56 | Diebold Nixdorf ATM Flaws Allowed Attackers to Modify Firmware, Steal Cash (lien direct) | Security researchers with Positive Technologies have published information on a couple of vulnerabilities in Diebold Nixdorf ATMs that could have allowed for an attacker to replace the firmware on the system and withdraw cash. | |||
|
2021-11-15 12:47:22 | IoT Protocol Used by NASA, Siemens and Volkswagen Can Be Exploited by Hackers (lien direct) | Researchers Warn DDS Protocol Can Be Abused for Lateral Movement and Malware C&C Researchers have shown that a widely used protocol named Data Distribution Service (DDS) is affected by vulnerabilities that could be exploited by threat actors for various purposes. | Malware Threat | ||
|
2021-11-15 12:21:59 | Network Security Company Netography Raises $45 Million (lien direct) | Network detection and response (NDR) solutions provider Netography has raised $45 million in Series A funding, which brings the total raised by the company to $47.6 million. The new investment round was led by Bessemer Venture Partners and SYN Ventures. Existing investors Andreessen Horowitz, Harpoon Ventures, Mango Capital, and Wing Venture Capital also contributed. | |||
|
2021-11-15 12:02:14 | Four Things Your CISO Wants Your Board to Know (lien direct) | For years, it seems like we've been rationalizing why your company's Chief Information Security Officer (CISO) deserves a seat at the boardroom table. In many industries, we've come a long way since then. At more and more organizations, CISOs have stepped up and begun conferring regularly with the CFO, CTO, and CEO on security strategy, cyber risk, and how to approach digital transformation. | |||
|
2021-11-15 11:18:35 | Fake Emails Sent From FBI Address via Compromised Law Enforcement Portal (lien direct) | Thousands of fake emails coming from an FBI email address were sent out on Friday by someone who exploited a vulnerability in a law enforcement portal. The FBI has confirmed the breach, but said impact was limited. | Vulnerability | ||
|
2021-11-12 20:06:52 | Intel, AMD Patch High Severity Security Flaws (lien direct) | Chipmakers Intel and AMD this week released patches for multiple security vulnerabilities in a wide range of product lines, including fixes for a series of high-risk issues in software drivers. | |||
|
2021-11-12 17:55:01 | \'BotenaGo\' Malware Targets Routers, IoT Devices with Over 30 Exploits (lien direct) | A newly discovered Golang-based malware is using over 30 exploits in attacks, potentially putting millions of routers and Internet of Things (IoT) at risk of malware infection, according to a warning from AT&T Alien Labs. | Malware | ||
|
2021-11-12 17:36:21 | Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client (lien direct) | Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks. | |||
|
2021-11-12 16:03:40 | Researcher Shows Windows Flaw More Serious After Microsoft Releases Incomplete Patch (lien direct) | A researcher has discovered that a Windows vulnerability for which Microsoft released an incomplete patch in August is more serious than initially believed. | Vulnerability | ||
|
2021-11-12 15:33:09 | HPE Says Customer Data Compromised in Aruba Data Breach (lien direct) | Hewlett Packard Enterprise (HPE) has confirmed that a small amount of customer data was compromised in a data breach involving its subsidiary Aruba Networks. | Data Breach | ||
|
2021-11-12 14:21:04 | Google, Adobe Announce New Open Source Security Tools (lien direct) | Google and Adobe this week announced the availability of new open source security tools, for continuous fuzzing and detecting living-off-the-land attacks. Google releases ClusterFuzzLite | |||
|
2021-11-12 11:59:37 | macOS Zero-Day Exploited to Deliver Malware to Users in Hong Kong (lien direct) | Google on Thursday shared details about a recent attack that exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. | Malware Vulnerability | ||
|
2021-11-11 21:38:35 | Indonesia, UK Discuss Future Technology and Cybersecurity (lien direct) | British Foreign Secretary Liz Truss met with Indonesian officials on Thursday and discussed closer cooperation in future technologies, cybersecurity and economic relations as part of British efforts to deepen ties to Southeast Asia after leaving the European Union. | |||
|
2021-11-11 19:56:42 | Enlisting Employees to Fight Cyber Threats (lien direct) | With another Cybersecurity Awareness Month behind us, this is the perfect time to kick off or refresh a security awareness and training program for employees. The more that non-technical staff employees know about security issues, the better they can recognize, report, and even prevent threats. | |||
|
2021-11-11 18:10:56 | The Wild West of the Nascent Cyber Insurance Industry (lien direct) | 
|
|||
|
2021-11-11 12:59:42 | Nearly 100 TCP/IP Stack Vulnerabilities Found During 18-Month Research Project (lien direct) | An 18-month research project has resulted in the discovery of nearly 100 vulnerabilities across more than a dozen TCP/IP stacks. | |||
|
2021-11-11 12:06:40 | Contrast Security Raises $150 Million at \'Unicorn\' Valuation (lien direct) | Code security company Contrast Security this week announced that it has closed $150 million Series E funding round at a billion-dollar valuation, making the company the latest cybersecurity unicorn. | |||
|
2021-11-10 21:46:50 | Remote Code Execution Flaw in Palo Alto GlobalProtect VPN (lien direct) | 
|
|||
|
2021-11-10 20:11:40 | VMware Working on Patches for Serious vCenter Server Vulnerability (lien direct) | VMware announced on Wednesday that it's working on patches for a potentially serious privilege escalation vulnerability affecting vCenter Server. The vulnerability is tracked as CVE-2021-22048 and it has been assigned an “important” severity rating, which is equivalent to “high severity” based on its CVSS score of 7.1. | Vulnerability | ||
|
2021-11-10 19:03:59 | Critical Flaw in WordPress Plugin Leads to Database Wipe (lien direct) | A major security vulnerability in the WP Reset PRO WordPress plugin could be exploited by an authenticated user to wipe the entire database of a website, according to a warning from researchers at Packstack (formerly WebARX). | Vulnerability | ||
|
2021-11-10 16:17:33 | South Korean Users Targeted with Android Spyware \'PhoneSpy\' (lien direct) | More than 1,000 mobile phone users in South Korea have been targeted with a powerful piece of Android spyware as part of an ongoing campaign, according to a new report from Zimperium zLabs. Dubbed PhoneSpy, the malware was designed with extensive spyware capabilities inside, such including data theft, audio and video capture, and location monitoring. | Malware | ★★★ | |
|
2021-11-10 16:07:38 | RPC Firewall Dubbed \'Ransomware Kill Switch\' Released to Open Source (lien direct) | Today at Black Hat London, Zero Networks announced the release of its RPC firewall – also dubbed the 'ransomware kill switch' – into open source. The tool provides granular control over RPC, capable of blocking the use of lateral movement hacker tools and stopping almost all ransomware in its tracks. | Ransomware Tool | ||
|
2021-11-10 14:48:59 | Citrix Patches Critical Vulnerability in ADC, Gateway (lien direct) | Citrix this week released patches for a couple of vulnerabilities affecting Citrix ADC, Gateway, and SD-WAN, including a critical bug leading to denial of service (DoS). | Vulnerability Guideline | ||
|
2021-11-10 13:57:52 | ICS, OT Cybersecurity Incidents Cost Some U.S. Firms Over $100 Million: Survey (lien direct) | A report published on Wednesday by the Ponemon Institute and industrial cybersecurity firm Dragos shows that the average cost of a security incident impacting industrial control systems (ICS) or other operational technology (OT) systems is roughly $3 million, and some companies reported costs of over $100 million. | |||
|
2021-11-10 12:24:22 | Socure Raises $450 Million at $4.5 Billion Valuation (lien direct) | Digital identity verification provider Socure on Tuesday announced that it has closed a $450 million Series E funding round, at a $4.5 billion valuation. To date, the company raised close to $650 million. The new funding round was announced roughly half a year after Socure closed a $100 million Series D round, at a $1.3 billion valuation. | |||
|
2021-11-10 12:06:35 | The Rising Threat Stemming From Identity Sprawl (lien direct) | Identity sprawl in the age of remote working and business transformation is a threat to cybersecurity | Threat | ||
|
2021-11-10 11:10:48 | Taiwan Government Faces 5 Million Cyberattacks Daily: Official (lien direct) | Taiwan's government agencies face around five million cyberattacks and probes a day, an official said Wednesday, as a report warned of increasing Chinese cyber warfare targeting the self-ruled island. | ★★★★ | ||
|
2021-11-10 04:44:47 | 14 New Vulnerabilities Discovered in BusyBox (lien direct) | Researchers from software development company JFrog and industrial cybersecurity firm Claroty have identified a total of 14 new vulnerabilities in BusyBox, and on Tuesday they detailed some of their findings. | |||
|
2021-11-10 04:20:38 | SAP Patches Critical Vulnerability in ABAP Platform Kernel (lien direct) | SAP on Tuesday announced the release of five new and two updated security notes as part of its November 2021 Security Patch Day, including one note that deals with a critical vulnerability in ABAP Platform Kernel. | Vulnerability | ||
|
2021-11-09 19:23:04 | Zero-Days Under Attack: Microsoft Plugs Exchange Server, Excel Holes (lien direct) | Microsoft on Tuesday pushed out patches for at least 55 documented security vulnerabilities in a wide range of products and called urgent attention to a pair of flaws that have already been exploited in the wild. | |||
|
2021-11-09 18:43:53 | Russian Cybercrime Group Exploits SolarWinds Serv-U Vulnerability (lien direct) | The Russia-linked 'Evil Corp' cybercrime group has been exploiting a vulnerability in SolarWinds Serv-U for initial infection, cybersecurity and risk mitigation firm NCC Group reports. | Vulnerability | ||
|
2021-11-09 15:56:41 | Adobe Patches Critical RoboHelp Server Security Flaw (lien direct) | Software maker Adobe on Tuesday released patches to cover at least four documented security defects that expose users to malicious hacker attacks. The most serious of the flaw was addressed in RoboHelp Server and is rated “critical” because it exposes corporate environments to arbitrary code execution attacks. | |||
|
2021-11-09 14:57:21 | (Déjà vu) ICS Patch Tuesday: Siemens and Schneider Electric Address Over 50 Security Flaws (lien direct) | Industrial giants Siemens and Schneider Electric have released a total of 20 Patch Tuesday advisories to address more than 50 vulnerabilities affecting their products. Siemens | |||
|
2021-11-09 14:40:24 | Security is Everywhere. Can Your Services Keep Up? (lien direct) | Today's networks require flexible services designed to accompany efforts to protect any user accessing any service from any location on any device | |||
|
2021-11-09 14:18:14 | Many Healthcare, OT Systems Exposed to Attacks by NUCLEUS:13 Vulnerabilities (lien direct) | A series of 13 vulnerabilities identified in the Nucleus TCP/IP stack could be exploited to execute code remotely, cause a denial of service condition, or to obtain sensitive information, enterprise device security firm Forescout warns. |
To see everything:
Our RSS (filtrered)
