What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-03-29 10:36:10 | SonicWall Patches Critical Vulnerability in Firewall Appliances (lien direct) | SonicWall has released patches for a critical-severity vulnerability in the web management interface of multiple firewall appliances. Tracked as CVE-2022-22274 (CVSS score of 9.4), the security flaw is described as a stack-based buffer overflow bug that impacts SonicOS. | Vulnerability | ||
|
2022-03-29 09:40:40 | US Brands Russian Cybersecurity Firm Kaspersky \'Security Threat\' (lien direct) | US regulators have deemed antivirus software maker Kaspersky a "threat to national security," a designation that will restrict its dealings in the United States. | |||
|
2022-03-28 19:28:47 | Researchers Hack Remote Keyless System of Honda Vehicles (lien direct) | A researcher has published proof-of-concept (PoC) videos to demonstrate how an attacker can remotely unlock the doors of a Honda vehicle, or even start its engine. | Hack | ||
|
2022-03-28 16:52:22 | Checkmarx Finds Threat Actor \'Fully Automating\' NPM Supply Chain Attacks (lien direct) | Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of "hundreds of malicious packages" into the NPM ecosystem. | Threat | ||
|
2022-03-28 16:01:29 | Estonian Ransomware Operator Sentenced to Prison in US (lien direct) | An Estonian man was sentenced to 66 months in prison in the United States for his role in ransomware attacks that caused more than $53 million in losses. The cybercriminal, Maksim Berezan, who was arrested in Latvia and later extradited to the United States, pleaded guilty in April 2021 to conspiracy to commit wire fraud and device fraud. | Ransomware Guideline | ||
|
2022-03-28 13:42:05 | German Authorities Seize Spyware Firm FinFisher\'s Accounts (lien direct) | German authorities have seized accounts belonging to the spyware company FinFisher amid an investigation into whether it broke export laws by selling its products to authoritarian governments. | ★★ | ||
|
2022-03-28 13:36:26 | Critical Remote Code Execution Vulnerability in Sophos Firewall (lien direct) | Sophos on Friday announced the rollout of urgent patches for a critical authentication bypass vulnerability in the web portal of its Sophos Firewall product. Reported by an external researcher via the Sophos bug bounty program, the vulnerability is tracked as CVE-2022-1040 and impacts Sophos Firewall v18.5 MR3 (18.5.3) and older releases. | Vulnerability | ||
|
2022-03-28 10:47:38 | (Déjà vu) CISA Adds 66 Vulnerabilities to \'Must Patch\' List (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has added 66 vulnerabilities to its list of known exploited security holes. | |||
|
2022-03-27 11:58:30 | Google Issues Emergency Fix for Chrome Zero-Day (lien direct) | Google has issued an emergency security update for Chrome 99 to resolve a vulnerability for which a public exploit already exists. | Vulnerability | ||
|
2022-03-25 17:29:10 | US, EU Sign Data Transfer Deal to Ease Privacy Concerns (lien direct) | The European Union and United States made a breakthrough in their yearslong battle over the privacy of data that flows across the Atlantic with a preliminary agreement Friday that paves the way for Europeans' personal information to be stored in the U.S. | |||
|
2022-03-25 15:38:53 | Chinese Hackers Seen Targeting Ukraine Post-Invasion (lien direct) | A known threat actor has launched what appears to be the first Chinese hacking attempts targeting Ukraine digital assets since the Russian invasion a month ago. | Threat | ||
|
2022-03-25 15:17:13 | MixMode Banks $45 Million in Series B Funding (lien direct) | Cyberattacks detection technology provider MixMode has announced the closing of a $45 million Series B funding round led by PSG, with participation from Entrada Ventures. | |||
|
2022-03-25 13:42:35 | The Elusive Goal of Network Security (lien direct) | While it's never perfect, it can always get better | |||
|
2022-03-25 12:42:19 | FBI: 649 Ransomware Attacks Reported on Critical Infrastructure Organizations in 2021 (lien direct) | The Federal Bureau of Investigation's (FBI) Internet Crime Complaint Center (IC3) says it received 649 complaints of ransomware attacks targeting critical infrastructure organizations in 2021. | Ransomware | ||
|
2022-03-25 11:27:39 | How European Rulings Imperil Flagship Google Product (lien direct) | Lax laws and sweetheart deals are becoming a thing of the past for big tech firms, particularly in Europe where a series of rulings is posing a major threat to one of Google's flagship products. More than half of the world's websites use Google Analytics to help their owners understand the behavior of users. | Threat | ||
|
2022-03-24 20:52:45 | North Korea Gov Hackers Caught Sharing Chrome Zero-Day (lien direct) | Malware hunters at Google have spotted signs that North Korean government hackers are sharing zero-day browser exploits for use in waves of targeted attacks hitting U.S. news media, crypto-banks and IT organizations. | |||
|
2022-03-24 19:23:06 | The Chaos (and Cost) of the Lapsus$ Hacking Carnage (lien direct) | 
|
|||
|
2022-03-24 15:42:32 | New Vidar Infostealer Campaign Hidden in Help File (lien direct) | Researchers discovered an email malware campaign in February 2022 that demonstrates the complexity attackers are introducing to the delivery mechanism in order to avoid detection. The new campaign delivers an old but frequently updated infostealer: Vidar. | Malware | ||
|
2022-03-24 15:23:22 | Over 100 Building Controllers in Russia Vulnerable to Remote Hacker Attacks (lien direct) | A researcher has identified critical vulnerabilities that can allegedly be exploited to remotely hack a building controller predominantly used by organizations in Russia. | Hack | ||
|
2022-03-24 14:23:22 | Enterprise Browser Startup Island Snags Massive Funding Round (lien direct) | An early-stage startup building a security-themed enterprise browser has raised $115 million at a $1.3 billion valuation, becoming a cybersecurity unicorn less than two months after emerging from stealth with $100 million in funding. | |||
|
2022-03-24 13:20:29 | Russian Operator of Cybercrime Marketplace Indicted in US (lien direct) | A Russian national has been indicted in the United States for allegedly operating a cybercrime marketplace where stolen credit card information and online banking account data was being traded. | |||
|
2022-03-24 12:37:47 | Many Critical Flaws Patched in Delta Electronics Energy Management System (lien direct) | At least 30 vulnerabilities were found in the past year in the DIAEnergie industrial energy management system made by Delta Electronics. The company says it has created patches for all of them, but for now most of those patches are only available on demand. | |||
|
2022-03-24 11:29:09 | VMware Patches Critical Vulnerabilities in Carbon Black App Control (lien direct) | VMware this week announced software updates that address two critical-severity vulnerabilities in its Carbon Black App Control product. An application allow listing solution, Carbon Black App Control allows security teams to secure enterprise systems by locking them down to prevent unwanted changes, and to maintain continuous compliance. | |||
|
2022-03-24 11:08:21 | Achieving Positive Outcomes With Multi-Domain Cyber and Open Source Intelligence (lien direct) | The Many Faces of Threat Intelligence: Part 2 | Threat | ||
|
2022-03-24 09:37:12 | Serious Vulnerability Exploited at Hacking Contest Impacts Over 200 HP Printers (lien direct) | HP this week announced that more than 200 printer models are impacted by a severe remote code execution vulnerability that was exploited by researchers at the Pwn2Own hacking contest last year, where participants earned a total of more than $1 million. | Vulnerability | ||
|
2022-03-23 18:43:55 | Theta Lake Raises $50 Million in Series B Funding Round (lien direct) | Theta Lake, a company that specializes in compliance and security solutions for collaboration platforms, on Wednesday announced raising $50 million in a Series B funding round. | |||
|
2022-03-23 18:28:38 | Ransomware, Malware-as-a-Service Dominate Threat Landscape (lien direct) | Ransomware continues to expand with double-extortion now the standard; the malware-as-a-service model is now common; and criminals are increasingly 'living off the land', according to data from Red Canary. | Threat | ||
|
2022-03-23 15:47:14 | A Sheep in Wolf\'s Clothing: Technology Alone is a Security Facade (lien direct) | The power of the technology to defend our IT systems is only as good as our ability to evolve it in the face of ever-changing adversary tradecraft | |||
|
2022-03-23 14:42:43 | Compliance Startup Trustero Emerges From Stealth With $8 Million in Funding (lien direct) | Trustero, a Palo Alto, California-based startup offering Compliance-as-a-Service (CaaS) for enterprises, has emerged from stealth mode with $8 million in seed funding. The investment round was led by Zetta Venture Partners, with participation from Engineering Capital and Vertex Ventures. | |||
|
2022-03-23 14:26:08 | Chinese Cyberspies Seen Using macOS Variant of \'Gimmick\' Malware (lien direct) | In late 2021, incident response and threat intelligence firm Volexity observed a Chinese threat actor using a macOS variant of the malware known as Gimmick. | Malware Threat | ||
|
2022-03-23 14:00:01 | Analysis Shows How Fast Various Ransomware Strains Encrypt 100,000 Files (lien direct) | Cybersecurity researchers at Splunk have conducted an analysis to determine how long it takes various ransomware strains to encrypt files on compromised systems. | Ransomware | ||
|
2022-03-23 13:04:49 | Virtual Event Today: Supply Chain Security Summit & Expo (lien direct) | 
|
|||
|
2022-03-23 11:40:26 | Microsoft, Okta Confirm Data Breaches Involving Compromised Accounts (lien direct) | Microsoft and Okta have both confirmed suffering data breaches after a cybercrime group announced targeting them, but the companies claim impact is limited. | |||
|
2022-03-23 00:03:52 | FBI Sees Growing Russian Hacker Interest in US Energy Firms (lien direct) | The FBI is warning that it has seen increased interest by Russian hackers in energy companies since the start of Russia's war against Ukraine, though it is offering no indication that a specific cyberattack is planned. | |||
|
2022-03-22 20:11:17 | \'Secrets Sprawl\' Haunts Software Supply Chain Security (lien direct) | A cybersecurity startup is warning of a major, unattended weak link in the software supply chain: the vexing problem of valuable corporate secrets -- API keys, usernames and passwords, and security certificates -- publicly exposed in corporate repositories. | |||
|
2022-03-22 17:22:44 | \'Serpent\' Backdoor Used in Malware Attacks on French Entities (lien direct) | French organizations in the construction, government, and real estate sectors have been targeted with a new backdoor in a string of malware attacks, according to a warning from Proofpoint. | Malware | ||
|
2022-03-22 16:05:15 | QNAP Devices Targeted in New Wave of DeadBolt Ransomware Attacks (lien direct) | Internet search engine Censys on Monday warned that a new wave of DeadBolt ransomware attacks has been targeting network-attached storage (NAS) devices made by QNAP. | Ransomware | ||
|
2022-03-22 13:51:00 | Demystifying Zero Trust (lien direct) | 
While many vendors use terms that include "zero trust," they often use it to mean different things
|
|||
|
2022-03-22 13:50:15 | Application Security Firm ForAllSecure Raises $21 Million (lien direct) | Application security testing firm ForAllSecure this week announced that it has closed a $21 million Series B investment round that brings the total raised by the company to $36 million. The funding round was co-led by Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA). | |||
|
2022-03-22 12:34:53 | Over 1 Million Impacted in Data Breach at Texas Dental Services Provider (lien direct) | Dental and orthodontic care provider JDC Healthcare Management (JDC) has revealed that the information of a large number of Texans was compromised in a data breach discovered last year. | Data Breach | ||
|
2022-03-22 11:51:19 | High-Severity UEFI Vulnerabilities Patched in Dell Enterprise Laptops (lien direct) | Firmware security company Binarly this week disclosed the details of several vulnerabilities that impact the Unified Extensible Firmware Interface (UEFI) of multiple Dell enterprise laptop models. | |||
|
2022-03-22 11:25:53 | Microsoft, Okta Investigating Data Theft Claims (lien direct) | Microsoft has launched an investigation after a hacker group claimed to have stolen the source code of some of the tech giant's products. | |||
|
2022-03-22 11:02:48 | SSE Company Skyhigh Security Emerges From McAfee Enterprise (lien direct) | Private equity giant Symphony Technology Group (STG) on Tuesday announced the launch of a new security service edge (SSE) company named Skyhigh Security. | |||
|
2022-03-22 09:43:26 | Hotels in Macau Targeted in Attacks Linked to South Korea\'s DarkHotel APT (lien direct) | The South Korea-linked state-sponsored threat actor DarkHotel is believed to have conducted a series of recent attacks targeting major hotel chains in Macau, according to Trellix, an XDR company launched earlier this year following the merger of McAfee Enterprise and FireEye. | Threat | ||
|
2022-03-22 01:33:20 | Biden Warns US Companies of Potential Russian Cyberattacks (lien direct) | 
|
|||
|
2022-03-21 18:16:11 | Russia-Linked Cyclops Blink Botnet Attacking ASUS Routers (lien direct) | Taiwanese electronics giant ASUS has issued an alert to warn users of Cyclops Blink botnet attacks targeting its routers. | ★★★★★ | ||
|
2022-03-21 14:02:57 | Hacktivists Leak Data Allegedly Stolen From Russian Energy Giant Transneft (lien direct) | Roughly 79 gigabytes of emails allegedly stolen from Russian state-controlled oil pipeline company Transneft emerged on a known leaks hosting website. The largest pipeline company in the world, the Moscow-based Transneft transports oil and oil products in Russia and the CIS countries, operating more than 70,000 kilometers of pipelines. | |||
|
2022-03-21 12:50:37 | Italy Investigates Russia\'s Kaspersky Antivirus Software (lien direct) | Italy's data privacy watchdog said Friday it was investigating the "potential risks" that Russian antivirus software Kaspersky could be used to launch cyberattacks. | |||
|
2022-03-21 12:11:40 | Cryptocurrency Services Hit by Data Breach at CRM Company HubSpot (lien direct) | Cambridge, MA-based customer relationship management (CRM) company HubSpot over the weekend confirmed being targeted by hackers after several cryptocurrency services started informing their customers about a cybersecurity incident involving HubSpot. | Data Breach | ||
|
2022-03-21 11:51:06 | Ukrainian Security Researcher Leaks Newer Conti Ransomware Source Code (lien direct) | A Ukrainian security researcher has leaked the source code of what appears to be a newer version of the Conti ransomware. This is part of a series of leaks prompted by the cybercrime group expressing support for Russia. | Ransomware | ★★★ |
To see everything:
Our RSS (filtrered)
