What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-05-07 15:41:46 | Three US healthcare providers suffer data breach (lien direct) | Following a ransomware attack on the administrative services company, CaptureRx, at least three US healthcare providers suffered a data breach. The attach occurred on February 6, and an investigation was launched almost two weeks later, discovering that several files had been accessed by an unauthorised user. The personal health information (PHI) of more than 24,000 […] | Ransomware Data Breach | ||
|
2021-05-07 13:35:49 | Risk to Financial Services and Insurance Organisations increased by 125% in 2020, report reveals (lien direct) | Despite the increased use of mobile device management (MDM), mobile phishing among financial services was at an all-time high last year. A report conducted by endpoint security expert, Lookout, revealed a 125% increase in exposure to considerable risk in both financial services and insurance organisations. The financial report also uncovered that the risk exposure to […] | |||
|
2021-05-07 13:34:05 | Obrela teams up with ABS to boost industrial defences against cyberattacks (lien direct) | The recent cyber-attack against Oldsmar Water Plant in Florida has increased concerns over cybercriminals targeting industrial organisations and highlighted that the cyber-physical attacks that have been predicted for years, are now happening. In February this year, it was announced that cybercriminals had broken into the water plant and changed the level of sodium hydroxide being fed […] | |||
|
2021-05-07 10:09:24 | NCSC provides guidance on cybersecurity for smart cities (lien direct) | The National Cyber Security Centre (NCSC) has released a set of security principles for local authorities to help protect smart city technology from cyber threats. Along with the guidance, it is warning that compromise of a single system in a smart city could have a negative impact across the network if badly designed, this includes […] | ★★★★ | ||
|
2021-05-06 13:07:24 | It\'s World Password Day – Here\'s what the experts say (lien direct) | Passwords essentially are the gateways to our digital lives. From business accounts, social media, shopping, banking – you name it – if they're compromised, it can have big implications. To mark the day, we've compiled the advice of some of the world's leading experts in cybersecurity to help keep individuals and, ultimately, businesses safer on […] | Guideline | ||
|
2021-05-06 11:42:51 | Belgium\'s parliament suffer DDoS attack (lien direct) | On Tuesday the internet service provider Belnet fell victim to a cyberattack. The attack took place at 11:00am CEST when the company experienced a distributed denial of service (DDoS) attack. This resulted in Belnet’s servers being overloaded and preventing any availability of their online services. The attack affected any website with .be domains. As a […] | |||
|
2021-05-05 16:38:04 | 21Nails: Multiple Critical Vulnerabilities in Exim Mail Server (lien direct) | Researchers from Qualys released a study that found 21 unique vulnerabilities in the Exim mail server. Some of these can be linked together to obtain full remote unauthenticated code execution and gain root privileges. In a blog post, the Qualys Research Team said that the vulnerabilities potentially affect numerous organisations due to an estimated 60% […] | |||
|
2021-05-05 16:29:47 | Deja Vu: Apple macOS needs updating again to sort vulnerabilities (lien direct) | Just last week, Apple notified customers about a serious security vulnerability that was patched in macOS 11.3. And just a week later, it’s now warning over another bug fix in a macOS 11.3.1 release that corrects two separate issues which, if exploited, would allow for arbitrary code execution. It’s possible that these new vulns are […] | Vulnerability | ||
|
2021-05-04 17:16:10 | Synopsys Launches New Tool for Automated Application Security (lien direct) | Synopsys has today announced it will showcase the Software Integrity Group's new Intelligent Orchestration solution at RSA Conference on May 17th – 20th. Intelligent Orchestration is a dedicated application security automation pipeline, optimized for speed and efficiency, that ensures the right security tests are performed at the right time. Intelligent Orchestration, which runs in parallel to […] | Tool | ||
|
2021-04-30 07:57:44 | Dorset police investigating data breach (lien direct) | ITV reports on how Dorset police are investigating a “serious data breach” involving pupils from two schools in Christchurch. This is after information about an alleged race hate crime was sent by mistake to a man from Wimborne who had initially emailed the police about a separate incident. Dorset police insist it was human error […] | Data Breach | ||
|
2021-04-30 07:46:47 | Microsoft identifies critical code execution flaws in IoT and OT devices (lien direct) | The 25 security flaws are known collectively as BadAlloc and affect Internet of Things (IoT) devices and Operational Technology (OT) industrial systems. The flaws are caused by memory allocation Integer Overflow or Wraparound bugs. Threat actors can exploit the vulnerabilities to trigger system crashes and execute malicious code remotely on susceptible IoT and OT systems. | Threat | ||
|
2021-04-30 07:38:14 | BBC reports on the Ransomware surge ruining lives (lien direct) | Technology giants Microsoft and Amazon, as well as the FBI and the UK’s National Crime Agency have joined the Ransomware Task Force (RTF) to give governments nearly 50 recommendations on how to take action against ransomware, according to a BBC report. The task force is critical now more than ever as ransomware gangs are now […] | Ransomware | ||
|
2021-04-29 08:07:42 | Lloyds Bank tells customers to beware of text message scam (lien direct) | Lloyds Bank customers are under attack by cybercriminals again. This time, text messages are being used to bait people into thinking there is a security issue with their bank accounts. An example message reads: “LLOYDS-SECURITY: You have successfully scheduled a payment of £69.99 to payee MR ADAMS 28/04. If this was NOT you, visit: https://payee-confirmationcentre.com.” […] | ★★★★★ | ||
|
2021-04-29 07:52:21 | Warning over illegally streaming football on websites “riddled with malware” (lien direct) | A report from cybersecurity firm Webroot shows that almost all (92%) illegal football streaming websites contain some form of malicious content, from malware and phishing lures to social engineering scams. This puts fans at considerable risk In fact, Webroot says in its report that anyone who used an illegal website to watch last weekend's Carabao […] | Malware | ||
|
2021-04-29 07:42:30 | Student researcher discovered Experian API flaw that exposed credit scores of “most Americans” (lien direct) | Credit bureau Experian just fixed a weakness with a partner website that let anyone look up the credit score of tens of millions of Americans just by supplying their name and mailing address, KrebsOnSecurity learned. Though the flaw has been fixed according to Experian, the researcher, Bill Demirkapi, who reported the finding says he fears the […] | |||
|
2021-04-26 09:22:59 | Cybersecurity and Online Gaming (lien direct) | The online gaming industry has exploded in recent years and is expected to generate close to $200 billion in revenue by 2022. Popular games are reporting revenues in the range of hundreds of millions of dollars per month. This booming industry is seeing significant growth, largely due to the pandemic, with many turning to […] | |||
|
2021-04-26 08:44:33 | Facebook disables Palestinian APT Group Activities (lien direct) | Facebook threat intelligence analysts discovered recent activities linked to two known APT Groups that have been active since 2015. According to Facebook, the groups, AridViper and Preventive Security Service, used Android and Windows malware and advanced social engineering tactics in an effort to attack journalists, human rights activities and military groups in the Middle East. […] | Malware Threat | ||
|
2021-04-23 14:38:43 | 90-Year-Old Woman falls victim to \'largest phone scam ever\' (lien direct) | An elderly woman has lost £23 Million to what could be the largest phone scam ever. The scam took place in Hong Kong in which the victim, who remains nameless, was contacted by someone pretending to be a Chinese official. The scammer tricked the woman in August last year, by telling her that her identity […] | |||
|
2021-04-23 08:48:52 | GCHQ: West faces “moment of reckoning” (lien direct) | Jeremy Fleming, the head of intelligence at intelligence agency GCHQ has said that the technology on which we rely will no longer be shaped by the West. When addressed with the growing challenge from China, he claimed: “we have to keep evolving our approach if we’re going to keep up.” As an example he listed […] | ★★★★★ | ||
|
2021-04-22 15:21:39 | Signal CEO hacks mobile-hacking firm (lien direct) | Moxie Marlinspike, CEO of encrypted messaging app Signal has found vulnerabilities in the software developed by Cellebrite. The vulnerabilities found in the data extraction company’s code allow for arbitrary code execution on the device. Cellebrites products are mostly used by governments and the police to unlock any iOS and Android devices to extract data. Late […] | ★★★★★ | ||
|
2021-04-22 10:45:14 | New UK laws to protect IoT devices amid sales surge (lien direct) | New figures published by the UK government show that almost half (49%) of UK residents have purchased at least one new smart device since the beginning of COVID-19. As a result, manufacturers of smart devices such as phones, speakers, and doorbells will need to provide customers with information about how long they will be guaranteed […] | ★★★★ | ||
|
2021-04-21 16:01:21 | PRODUCT REVIEW – Edgescan makes fullstack vulnerability management easy (lien direct) | Supplier: Edgescan Website: www.edgescan.com Price: Based on assets Scores Performance 5/5 Features 5/5 Value for Money 4/5 Ease of Use 5/5 Overall 5/5 Verdict: Fullstack vulnerability management made easy – Edgescan does all the hard work so you don't have to The pandemic has undoubtedly led to a massive surge in cyber-attacks but even as […] | Vulnerability | ||
|
2021-04-20 13:48:50 | Armis and UK\'s Eseye partner to secure connected devices on any cellular network (lien direct) | Global connectivity specialist Eseye and leading agentless device security platform provider Armis, today announced a strategic partnership and joint solution that enables organisations to deploy connected devices anywhere in the world with enterprise-class security and consistent, reliable cellular (4G/LTE/5G) connectivity. Eseye's unique Connectivity Management Platform enables devices to switch intelligently to any one of […] | Guideline | ||
|
2021-04-20 11:08:44 | Performanta acquires Identity Experts to bolster Microsoft IAM and security capabilities (lien direct) | Performanta, a fast-growing global provider of managed cyber security services to enterprise customers, today announced the acquisition of Identity Experts, a Microsoft Gold Security Partner and Identity & Access Management (IAM) specialist consultancy based in the UK. The move follows a significant investment round from Beech Tree Private Equity and will allow Performanta to extend […] | |||
|
2021-04-19 16:07:10 | AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne (lien direct) | AT&T has launched a managed endpoint security solution through its alliance with SentinelOne. AT&T Managed Endpoint Security with SentinelOne correlates the detection of endpoint threats through a single software agent that consolidates Antivirus, Endpoint Protection, Endpoint Detection and Response, and IoT security functions. The new solution provides comprehensive endpoint protection against ransomware and other cyberattacks, while […] | Ransomware | ||
|
2021-04-19 15:42:02 | Domino\'s India suffers data breach (lien direct) | Domino’s in India has suffered a data breach in which credit card details and personal information of both customers and employees have been exposed. The leaked information is being sold on the dark web, for which the hacker is demanding 10 BTC. Included in the data stolen are names, contact numbers, email IDs, addresses, credit […] | Data Breach | ||
|
2021-04-19 12:18:00 | Vulnerabilities found in older version of WhatsApp (lien direct) | Cert-In, the Indian cybersecurity watchdog has recently issued a ‘high’ severity rating against WhatsApp and WhatsApp Business. The emergency response team has reported finding ‘multiple’ vulnerabilities within the mobile application, which could give hackers access to sensitive information. A vulnerability note was released stating: “Successful exploitation of these vulnerabilities could allow the attacker to execute […] | Vulnerability | ||
|
2021-04-15 16:57:16 | University of Hertfordshire suffers system outage due to cyberattack (lien direct) | The University of Hertfordshire has been hit by a critical cyberattack resulting in online classes being shut down. The university released a statement on Wednesday evening (14th April) that an attack by cybercriminals had resulted in all its online services and systems being taken offline. “Shortly before 22:00 last night, the university experienced a cyber-attack […] | |||
|
2021-04-15 16:13:41 | Why taking the cybersecurity initiative can win you business (lien direct) | Our latest research into consumer behaviour has unearthed a conundrum: people knowingly take risks online even though they understand the dangers. On the one hand, we've got two out of three saying life is riskier now than it was five years ago, with serious concerns about losing data or being hacked. But on the other […] | |||
|
2021-04-15 12:18:29 | Outpost24 report finds Top 10 US Credit Unions all have web application issues (lien direct) | A report released this week by Outpost24, that examined the security posture of web applications amongst the Top 10 US Credit Unions, has revealed that they all have security issues. Using Outpost24's attack surface discovery tool called Scout, Outpost24 was able to analyse each Credit Union's public-facing web security environments against the seven most common attack vectors […] | Tool | ★★★★ | |
|
2021-04-15 10:40:28 | University of Hertfordshire hit by cyberattack (lien direct) | Yesterday the University of Hertfordshire was targetted by a cyberattack which resulted in the universities entire IT network being taken down, as well as all access to cloud-based services being blocked. The attack started on Wednesday night at 22:00, when the universities Wi-Fi network was taken down alongside the email system and the universities student […] | |||
|
2021-04-14 14:09:40 | Capcom release final update on ransomware attack (lien direct) | Capcom has released the final update on their investigation into the major ransomware attack they suffered last year. The investigation has found that the attackers accessed the company through an outdated VPN device. Through this avenue, the attackers were able to access the companies network, as well as any compromised devices in the network. The […] | Ransomware | ||
|
2021-04-14 10:54:21 | FBI removed web shells from Exchange Servers without consent (lien direct) | The FBI has been removing web shells from compromised Microsoft Exchange serves following court authorisation. However, owners of the Microsoft Exchange servers were never informed or able to approve of the FBI’s actions. In February, the hacking group HAFIUM exploited several vulnerabilities in Microsoft Exchange’s servers. The group installed web shells in compromised Exchange servers […] | |||
|
2021-04-13 17:00:41 | Synopsys Study reveals increase in Vulned erable, Outdated, and AbandonOpen Source Components in Commercial Software (lien direct) | Synopsys, Inc. has released its 2021 Open Source Security and Risk Analysis (OSSRA) report, which examines the result of more than 1,500 audits of commercial codebases. Produced by the Synopsys Cybersecurity Research Center (CyRC) and performed by the Black Duck® Audit Services team, the report highlights trends in open source usage within commercial applications, while simultaneously providing insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of. It also presents the widespread risks posed by unmanaged open source, including security vulnerabilities, outdated or abandoned components, […] | |||
|
2021-04-13 16:57:46 | Promising news: users are becoming more savvy to COVID-19 based phishing attacks finds KnowBe4 (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has revealed the results of its latest 2021 top-clicked phishing report. It found that, despite still seeing a few phishing email attacks related to COVID-19, users are becoming more savvy and alert to these types of scams. Real phishing emails that […] | |||
|
2021-04-13 16:34:26 | Tim Mackie takes lead channel role for Armis (lien direct) | Armis®, the agentless device security platform, today announced the appointment of Tim Mackie as the new Worldwide Vice President of Channel. As part of Armis' commitment to its global channel partner programme and the accelerating demand for businesses to collaborate with it, Mackie has been appointed to lead this high growth function. Mackie is a […] | Guideline | ||
|
2021-04-12 15:31:54 | Protected: Tweet Chat: The Social Dilemma (lien direct) | There is no excerpt because this is a protected post. | |||
|
2021-04-12 14:01:43 | At last – Thinking outside the SCIF (lien direct) | Q1/21 a symposium was hosted in the US under the title 'Thinking Outside the SCIF' (Sensitive Compartmented Information Facility) to put forward the case for the utilisation of OSINT (Open Source) within the US Military and Intelligence Communities. John McLaughlin (CIA) kicked off day one by correctly pointing out that there was nothing new about […] | ★★★★★ | ||
|
2021-04-12 13:23:23 | Nation-state attackers are increasingly targeting businesses (lien direct) | A new report by criminologists at the University of Surrey and cybersecurity researchers at HP has found that nation-state attacks have risen considerably in the last three years. The report also revealed that both enterprises and businesses are amongst the most targetted organisations by nation-state attackers. The research analyses nation-state attacks taking place between 2017 […] | ★★★★★ | ||
|
2021-04-12 13:15:52 | Israel allegedly takes responsibility for Iran cyberattack (lien direct) | Iran’s main nuclear facility suffered a cyberattack on Sunday, leading to a large scale blackout at Natanz, which Israel now appears to be taking responsibility for. Tehran’s nuclear energy chief described the attack as an act of terrorism, and demands a response against the perpetrators. The incident occurred shortly after the official restarted spinning advanced […] | Guideline | ||
|
2021-04-12 12:21:58 | Apple and Google block NHS Covid-19 App update (lien direct) | The new update to the NHS COVID-19 track and tracing app has been blocked by both Apple and Google, due to its failure to comply with the terms of a recent agreement. The new update would urge users to upload logs of venue check-ins via a barcode scan if they tested positive for COVID-19. The […] | ★★★★ | ||
|
2021-04-09 14:47:51 | Data belonging to over 500 million LinkedIn users sold online to hackers (lien direct) | It has been revealed today that social media platform LinkedIn is the latest to suffer a website scraping attack at the hands of cyber criminals. Data belonging to over 500 million of its users has been posted online and is reportedly being sold to hackers. The news comes only days after it was revealed that […] | ★★ | ||
|
2021-04-09 11:40:07 | Cyber-attacks have potential to spark armed conflict (lien direct) | Mike McGuire a senior lecturer in criminology at the University of Surrey has conducted a study, called Nation States, Cyberconflict and the Web of Profit using publicly available reports into state-sponsored attacks along with interviews with various experts. The study reveals that the world is coming increasingly close to nation state retaliating against cyber-attacks with […] | |||
|
2021-04-09 10:58:57 | LinkedIn Users\' details being sold online (lien direct) | Analysts stumbled across a scraped data set from LinkedIn, in which the data from over half a billion users is being sold online. This marks the second major cybersecurity incident in the past week. The information scraped includes the full names, email addresses, phone numbers, professional titles and other work-related data. CyberNews analysts have been […] | |||
|
2021-04-09 09:16:06 | Outpost24 mark 20th anniversary by naming Karl Thedéen as new CEO (lien direct) | Outpost24, specialists in managing cybersecurity exposure, has celebrated its 20th year anniversary by announcing the appointment of Karl Thedéen as the company's new Chief Executive Officer. Thedéen brings over 20 years of experience in the software and technology sector, having previously held CEO roles at Edgeware AB and Transmode AB public in 2011 before its […] | ★★★★★ | ||
|
2021-04-08 12:09:33 | Carding Mafia hack: 300,000 user accounts exposed (lien direct) | Have I been Pwned reported that the data breach exposed users’ email addresses, hashed passwords, usernames, and IP addresses. Of the 500,000 users of the hacking forum, 297,744 have been affected; however, the forum operators have not yet notified their users. The founder of Have I Been Pwned has confirmed the authenticity of the stolen […] | Data Breach | ||
|
2021-04-08 11:03:38 | University of California and Stanford University systems breached (lien direct) | In February Accellion was the victim of a major security incident, and since then the number of Universities affected by the breach are growing by the day. The latest victims of the breach are the University of California and Stanford University. The university systems have been breached due to the Accellion incident, with an unknown […] | ★★ | ||
|
2021-04-08 09:39:09 | Hackers are using web shells to steal credit cards (lien direct) | VISA has issued a warning about the increase of web shells being used by threat actors to steal credit card details. VISA has seen a rise in the number of threat actors using web shells on compromised servers in order to extract credit card details stolen from customers making payments online. VISA has said that […] | Threat | ||
|
2021-04-07 11:02:04 | Multiple EU organisations have been hit by a cyber-attack (lien direct) | In March a number of European Union organisations, including the European Commission, were hit by a cyber-attack. A spokesperson from the European Commission has revealed that the incident, thought to have taken place last week, impacted the IT infrastructure of several EU institutions. The spokesperson told BleepingComputer, “we are working closely with CERT-EU, the Computer […] | |||
|
2021-04-07 07:44:41 | Hackers actively exploiting SAP Bugs (lien direct) | Active cyberattacks have been reported on known security vulnerabilities in widely deployed SAP applications, giving the attackers access for full take over and the ability to infest an organisation completely. Researchers warn that these attacks could lead to full control of unsecured SAP applications. An alert issued by SAP informs that threat actors are carrying […] | Threat Guideline |
To see everything:
Our RSS (filtrered)
