What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-22 13:02:19 | Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (lien direct) | Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach. As part of the incident, which was identified on September 4, 2021, unknown threat actors accessed files that contained sensitive personal information related to patients. | Data Breach Threat | ||
|
2021-11-22 12:32:00 | Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications (lien direct) | More than 20 vulnerabilities have been identified by Cisco's Talos research and threat intelligence unit in a Lantronix Wi-Fi module designed for critical industrial and commercial applications. | Threat | ||
|
2021-11-22 11:29:33 | WhatsApp Pushes Privacy Update to Comply With Irish Ruling (lien direct) | WhatsApp is adding more details to its privacy policy and flagging that information for European users, after Irish regulators slapped the chat service with a record fine for breaching strict EU data privacy rules. | |||
|
2021-11-19 17:10:44 | New \'SharkBot\' Android Banking Malware Hitting U.S., UK and Italy Targets (lien direct) | A new Android banking trojan has been found, targeting international banks from the United Kingdom and Italy (including in the U.S.). and five different cryptocurrency services. Twenty-two instances have been discovered, but more are expected. | Malware | ||
|
2021-11-19 16:02:19 | Canadian Teen Arrested Over Theft of $36 Million in Cryptocurrency (lien direct) | A Canadian teen has been arrested for their alleged role in the theft of roughly $36.5 million (CAD$46 million) worth of cryptocurrency from a single victim in the United States, according to the Hamilton Police in Ontario, Canada. | |||
|
2021-11-19 15:39:56 | U.S Banks Required to Report Cyberattacks to Regulators Within 36 Hours (lien direct) | In less than half a year, banks in the United States will be required to notify federal regulators of serious cybersecurity incidents within 36 hours. | |||
|
2021-11-19 13:44:45 | California Pizza Kitchen Says Employee Data Stolen in Breach (lien direct) | American pizza chain California Pizza Kitchen (CPK) is notifying employees of a data breach that might have resulted in some of their personal information being accessed by hackers. | Data Breach | ||
|
2021-11-19 12:39:34 | SnapAttack Spins Out of Booz Allen Hamilton With $8 Million in Funding (lien direct) | Threat hunting and detection company SnapAttack this week announced closing an $8 million funding round, just as it spun out of Booz Allen Hamilton. The funding round was led by Volition Capital. Booz Allen Hamilton and Strategic Cyber Ventures (SCV) also invested in the new independent company. | |||
|
2021-11-19 12:02:40 | GBG to Acquire Acuant in $736 Million Deal (lien direct) | UK-based identity verification and fraud prevention solutions provider GBG on Thursday announced that it has agreed to acquire Acuant in a $736 million deal. | |||
|
2021-11-19 11:49:21 | SecurityWeek to Host Security Operations Summit as Virtual Event Dec. 8 (lien direct) | 
|
|||
|
2021-11-19 11:10:33 | North Korean Hacker Group Intensifies Espionage Campaigns (lien direct) | A North Korea-linked threat actor tracked as TA406 has intensified its attacks in 2021, particularly credential harvesting campaigns, Proofpoint reports. | Threat | ||
|
2021-11-18 20:37:12 | US Indicts Iranians for Election Meddling (lien direct) | The US Justice Department announced indictments Thursday of two Iranians who allegedly took part in an online "disinformation and threat" campaign to influence American voters in the 2020 presidential election. | |||
|
2021-11-18 18:54:25 | Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector (lien direct) | Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets. | Threat | ||
|
2021-11-18 16:23:14 | Acronyms Aside, the SOC of the Future Needs These 3 Capabilities (lien direct) | Every discipline has its acronyms, but I'd venture to say cybersecurity has more than its share. We use them to describe threat actors and how they operate, as well as different security teams, their certifications and the tools they use. There's nothing wrong with acronyms, but when they are used to describe emerging solutions, an interesting phenomenon occurs…that new acronym becomes the next silver bullet technology that will solve all our security problems. | Threat | ||
|
2021-11-18 15:42:53 | Cyber Defenders Should Prepare for Holiday Ransomware Attacks (lien direct) | High days and holidays are prime time for ransomware. This should come as no surprise to anyone – but many companies remain surprisingly unaware or at least unprepared. | Ransomware | ||
|
2021-11-18 14:41:26 | New ETW Attacks Can Allow Hackers to \'Blind\' Security Products (lien direct) | Researchers have described two new attack methods that can be used to “blind” cybersecurity products that rely on a logging mechanism named Event Tracing for Windows (ETW). | |||
|
2021-11-18 14:16:56 | MDR Company Expel Raises $140 Million at Unicorn Valuation (lien direct) | Managed detection and response (MDR) provider Expel on Thursday announced raising $140.3 million in a Series E funding round. Founded in 2016, the company has raised nearly $258 million in total and it's now valued at more than $1 billion, earning it “unicorn” status. | |||
|
2021-11-18 13:22:01 | Israel Defence Minister\'s Cleaner Charged With Spying for Iran (lien direct) | A man employed in the home of Israeli Defence Minister Benny Gantz was charged Thursday with attempting to spy for the Black Shadow hackers, who are purportedly linked to Iran. | |||
|
2021-11-18 12:29:41 | Cloud Security Firm Lacework Raises Record-Breaking $1.3 Billion (lien direct) | 
|
|||
|
2021-11-18 12:12:49 | Microsoft Informs Users of High-Severity Vulnerability in Azure AD (lien direct) | Microsoft on Wednesday informed customers about a recently patched information disclosure vulnerability affecting Azure Active Directory (AD). | Vulnerability | ||
|
2021-11-18 11:49:24 | FBI Warns of Actively Exploited FatPipe Zero-Day Vulnerability (lien direct) | The Federal Bureau of Investigation (FBI) this week sounded the alarm on a zero-day vulnerability in FatPipe products that has been under active exploitation since at least May 2021. | Vulnerability | ||
|
2021-11-18 11:33:10 | How to Improve Red Team Effectiveness using Obfuscation (lien direct) | Setting up an obfuscated network in the cloud gives a red team the flexibility to test security against different cloud vendors | |||
|
2021-11-18 10:41:26 | Solving the Right to be Forgotten Problem (lien direct) | The Right to be Forgotten (technically the right to erasure or for users to have personal data removed from service providers' records) creates a big problem for suppliers. This right is becoming standard across the new global wave of data protection and consumer privacy legislation that has followed GDPR. | |||
|
2021-11-17 20:31:13 | Cloud Data Protection Startup Laminar Closes $32M Funding Round (lien direct) | Public cloud data protection provider Laminar on Wednesday emerged from stealth with $32 million in Series A funding. To date, the startup has raised $37 million in venture capital investments. The new investment round was led by Insight Partners. Meron Capital, SentinelOne, and TLV Partners also participated. | |||
|
2021-11-17 15:55:00 | U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws (lien direct) | Iranian Threat Actors Target U.S. Critical Infrastructure, Australian Organizations | Threat | ||
|
2021-11-17 14:43:31 | Netgear Patches Code Execution Vulnerability Affecting Many Products (lien direct) | A vulnerability in Netgear small office/home office (SOHO) devices can be exploited by an attacker on the local area network (LAN) to execute code remotely with root privileges, GRIMM security researchers warn. | Vulnerability | ||
|
2021-11-17 13:30:25 | Robinhood Says Thousands of Phone Numbers Also Stolen in Breach (lien direct) | 
Mobile stock trading platform Robinhood on Tuesday confirmed that phone numbers and other information have also been stolen in the recent data breach.
|
|||
|
2021-11-17 13:08:25 | Open XDR Company Stellar Cyber Raises $38 Million (lien direct) | Detection and response solutions provider Stellar Cyber on Tuesday announced that it has raised $38 million in Series B funding. To date, the company has raised over $68 million. | |||
|
2021-11-17 12:05:47 | CISA Releases Incident and Vulnerability Response Playbooks (lien direct) | In response to an executive order signed by President Biden in May, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two cybersecurity playbooks focusing on incident response and vulnerability response. | Vulnerability | ||
|
2021-11-17 11:14:12 | UK Orders National Security Review of NVIDIA Deal to Buy Arm (lien direct) | American technology company NVIDIA's planned $40 billion takeover of British chip designer Arm Ltd. faces months of delays after the U.K. government asked competition regulators Tuesday to investigate the national security implications of the deal. | |||
|
2021-11-16 20:44:51 | Chrome 96 Plugs High-Risk Browser Flaws (lien direct) | Google this week announced the availability of Chrome 96 in the stable channel with fixes for 25 security flaws, including 18 bugs reported by external security researchers. | |||
|
2021-11-16 20:33:56 | Mandiant Attributes Ghostwriter APT Attacks to Belarus (lien direct) | The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team. | Threat | ||
|
2021-11-16 20:07:55 | Blacksmith: Rowhammer Fuzzer Bypasses Existing Protections (lien direct) | A group of security researchers devised a new attack that completely bypasses the existing mitigations against the Rowhammer vulnerability in dynamic random-access memory (DRAM) chips. | Vulnerability | ||
|
2021-11-16 19:18:21 | Hackers Targeted Afghan Officials on Facebook Amid Taliban Offensive (lien direct) | Facebook revealed Tuesday it had worked to block a hacker group that targeted the accounts of people tied to Afghanistan's then-government and security forces as the Taliban was moving in to take power. | |||
|
2021-11-16 18:41:48 | FBI Hacker Offers to Sell Data Allegedly Stolen in Robinhood Breach (lien direct) | The hacker who last week sent out thousands of fake emails from FBI systems is offering to sell data allegedly stolen in the recent breach at mobile stock trading platform Robinhood. | |||
|
2021-11-16 16:39:16 | GitHub Confirms Another Major NPM Security Defect (lien direct) | Microsoft-owned GitHub is again flagging major security problems in the npm registry, warning that a pair of newly discovered vulnerabilities continue to expose the soft underbelly of the open-source software supply chain. | |||
|
2021-11-16 15:55:13 | Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy (lien direct) | External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. | Threat | ||
|
2021-11-16 13:02:33 | Intel CPU Vulnerability Can Expose Cryptographic Keys (lien direct) | One of the vulnerabilities patched recently by Intel in its processors could allow an attacker with physical access to the targeted system to obtain cryptographic keys, according to the cybersecurity firm whose researchers discovered the flaw. | Vulnerability | ||
|
2021-11-16 12:47:34 | Emotet Using TrickBot to Get Back in the Game (lien direct) | Roughly one million computers were freed of the Emotet malware in April this year, but the botnet might reappear, as the Trojan's developers have apparently started distributing it again. | Malware | ||
|
2021-11-15 20:56:35 | Microsoft Says HTML Smuggling Attacks On The Rise (lien direct) | Microsoft says it has observed an increase in the use of HTML smuggling in malicious attacks distributing remote access Trojans (RATs), banking malware, and other malicious payloads. | |||
|
2021-11-15 17:40:53 | Costco Hit by Card Skimming Attack Head of Holiday Season (lien direct) | Costco, one of the world's largest retailers, has warned customers that they may have had bank card details stolen, following reports that payment card skimming devices were discovered at Costco warehouses. | |||
|
2021-11-15 15:56:43 | (Déjà vu) Cybersecurity M&A Roundup for Second Week of November 2021 (lien direct) | 
Eight cybersecurity-related acquisitions were announced in the second week of November 2021 (November 8-14).
|
|||
|
2021-11-15 15:06:56 | Diebold Nixdorf ATM Flaws Allowed Attackers to Modify Firmware, Steal Cash (lien direct) | Security researchers with Positive Technologies have published information on a couple of vulnerabilities in Diebold Nixdorf ATMs that could have allowed for an attacker to replace the firmware on the system and withdraw cash. | |||
|
2021-11-15 12:47:22 | IoT Protocol Used by NASA, Siemens and Volkswagen Can Be Exploited by Hackers (lien direct) | Researchers Warn DDS Protocol Can Be Abused for Lateral Movement and Malware C&C Researchers have shown that a widely used protocol named Data Distribution Service (DDS) is affected by vulnerabilities that could be exploited by threat actors for various purposes. | Malware Threat | ||
|
2021-11-15 12:21:59 | Network Security Company Netography Raises $45 Million (lien direct) | Network detection and response (NDR) solutions provider Netography has raised $45 million in Series A funding, which brings the total raised by the company to $47.6 million. The new investment round was led by Bessemer Venture Partners and SYN Ventures. Existing investors Andreessen Horowitz, Harpoon Ventures, Mango Capital, and Wing Venture Capital also contributed. | |||
|
2021-11-15 12:02:14 | Four Things Your CISO Wants Your Board to Know (lien direct) | For years, it seems like we've been rationalizing why your company's Chief Information Security Officer (CISO) deserves a seat at the boardroom table. In many industries, we've come a long way since then. At more and more organizations, CISOs have stepped up and begun conferring regularly with the CFO, CTO, and CEO on security strategy, cyber risk, and how to approach digital transformation. | |||
|
2021-11-15 11:18:35 | Fake Emails Sent From FBI Address via Compromised Law Enforcement Portal (lien direct) | Thousands of fake emails coming from an FBI email address were sent out on Friday by someone who exploited a vulnerability in a law enforcement portal. The FBI has confirmed the breach, but said impact was limited. | Vulnerability | ||
|
2021-11-12 20:06:52 | Intel, AMD Patch High Severity Security Flaws (lien direct) | Chipmakers Intel and AMD this week released patches for multiple security vulnerabilities in a wide range of product lines, including fixes for a series of high-risk issues in software drivers. | |||
|
2021-11-12 17:55:01 | \'BotenaGo\' Malware Targets Routers, IoT Devices with Over 30 Exploits (lien direct) | A newly discovered Golang-based malware is using over 30 exploits in attacks, potentially putting millions of routers and Internet of Things (IoT) at risk of malware infection, according to a warning from AT&T Alien Labs. | Malware | ||
|
2021-11-12 17:36:21 | Zoom Patches High-Risk Flaws in Meeting Connector, Keybase Client (lien direct) | Video messaging technology giant Zoom has shipped patches for high-severity vulnerabilities that expose enterprise users to remote code execution and command injection attacks. |
To see everything:
Our RSS (filtrered)
