What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-18 15:13:59 | Israel Lawmakers Outraged Over Claim Police Used NSO Spyware (lien direct) | Israeli lawmakers on Tuesday called for a parliamentary inquiry into the police's alleged use of sophisticated spyware on Israeli citizens, including protesters opposed to former Prime Minister Benjamin Netanyahu, following a newspaper report on the surveillance. | |||
|
2022-01-18 14:43:36 | Zoho Patches Critical Vulnerability in Endpoint Management Solutions (lien direct) | Zoho Corp on Monday said it has released patches for a critical vulnerability affecting Desktop Central and Desktop Central MSP, the endpoint management solutions from ManageEngine. | Vulnerability | ||
|
2022-01-18 14:26:22 | Five Key Signals From Russia\'s REvil Ransomware Bust (lien direct) | The sudden move by Russia's top law enforcement agency to conduct a very public takedown of the REvil ransomware operation has set tongues wagging about how diplomacy may hold the key to slowing big-game ransomware attacks. | Ransomware | ||
|
2022-01-18 14:12:40 | VPNLab Goes Down After Servers Seized in Law Enforcement Operation (lien direct) | Europol on Tuesday announced the shutdown of VPNLab, a VPN service that had often been used by cybercriminals. VPNLab has been shut down after law enforcement authorities seized 15 servers across 10 countries. Police in Germany, the Czech Republic, France, Latvia, Hungary, Ukraine, the UK, the US, and Canada took part in the operation. | |||
|
2022-01-18 13:35:58 | Accellion Reaches $8.1 Million Settlement Over FTA Data Breach (lien direct) | Enterprise content firewall provider Accellion has reached an $8.1 million settlement to end a lawsuit over a data breach involving its legacy file sharing service FTA, Reuters reports. | Data Breach | ||
|
2022-01-18 12:39:33 | ICS Vendors Targeted in Espionage Campaign Focusing on Renewable Energy (lien direct) | Major industrial control system (ICS) vendors and other types of organizations have been targeted in a cyberespionage campaign that appears to focus on renewable energy. | |||
|
2022-01-18 11:49:28 | How to Attract Hard-to-Find Cybersecurity Talent (lien direct) | It's tempting to view cybersecurity through the lens that new and better technology will knock down threats and deliver all the protection an organization needs. While the right tools, applications and systems are essential, the problem for most organizations is managing a security framework. | |||
|
2022-01-18 11:00:59 | World Economic Forum Highlights Continued Gap Between Security and Business Leaders (lien direct) | Despite the current 'buzz' cliché phrase that 'security is top of mind' with business leadership, a new report from the World Economic Forum (WEF) highlights the continuing gap between business and security leaders. | Guideline | ||
|
2022-01-18 09:35:35 | NATO, Ukraine Sign Deal to \'Deepen\' Cyber Cooperation (lien direct) | NATO on Monday inked a deal to bolster its cyber support for Ukraine, after a sweeping hacking attack against Kyiv heightened tensions amid fears that Russia could be plotting an invasion. | |||
|
2022-01-18 04:14:09 | Additional Healthcare Firms Disclose Impact From Netgain Ransomware Attack (lien direct) | Healthcare providers Caring Communities and Entira Family Clinics are warning patients that their personal information may have been exposed in a data breach that hit tech vendor Netgain Technology more than a year ago. | Ransomware Data Breach | ||
|
2022-01-17 16:06:30 | Vulnerability in IDEMIA Biometric Readers Allows Hackers to Unlock Doors (lien direct) | A critical vulnerability impacting multiple IDEMIA biometric identification devices can be exploited to unlock doors and turnstiles. Because of this security defect, if the TLS protocol is not activated, an attacker in the network can send specific commands without authentication to open doors or turnstiles directly operated by a vulnerable device. | Vulnerability | ||
|
2022-01-17 15:03:47 | Oracle to Release Nearly 500 New Security Patches (lien direct) | Oracle is preparing the release of nearly 500 new security patches with its Critical Patch Update (CPU) for January 2022. | |||
|
2022-01-17 14:14:23 | Safari 15 Vulnerability Allows Cross-Site Tracking of Users (lien direct) | A vulnerability in Apple's implementation of the IndexedDB API in Safari 15 allows websites to track users' activity on other sites and even to reveal their identity, browser fingerprinting and fraud detection firm FingerprintJS explains. | Vulnerability | ||
|
2022-01-17 13:13:42 | Critical SAP Vulnerability Allows Supply Chain Attacks (lien direct) | A critical vulnerability addressed recently in SAP NetWeaver AS ABAP and ABAP Platform could be abused to set up supply chain attacks, SAP security solutions provider SecurityBridge warns. | Vulnerability | ||
|
2022-01-17 12:23:14 | Cybersecurity M&A Roundup for January 1-16, 2022 (lien direct) | 
Fifteen acquisitions were announced in the first half of January 2022.
|
|||
|
2022-01-17 11:40:12 | Personal Information Compromised in Goodwill Website Hack (lien direct) | Nonprofit organization Goodwill has started notifying users of its ShopGoodwill.com e-commerce platform that their personal information was compromised as a result of a cybersecurity breach. | Hack | ||
|
2022-01-16 21:06:57 | Microsoft Uncovers Destructive Malware Used in Ukraine Cyberattacks (lien direct) | Newly detected WhisperGate malware being used by previously unknown threat group in cyberattacks against Ukraine | Malware Threat | ||
|
2022-01-16 17:23:36 | Russian Court Remands Hackers in Custody (lien direct) | A Moscow court on Saturday remanded eight hackers in custody for two months as Russia cracks down on the REvil cybercrime group at Washington's request. | |||
|
2022-01-16 14:19:42 | Ukraine Says Has \'Evidence\' Russia Behind Cyberattack (lien direct) | Ukraine said Sunday it had evidence that Russia was behind a massive cyberattack that knocked out key government websites this past week, as Microsoft warned the hack could be far worse than first thought. | Hack | ||
|
2022-01-15 20:27:33 | Ukraine Hacks Add to Worries of Cyber Conflict With Russia (lien direct) | Hackers on Friday temporarily shut down dozens of Ukrainian government websites, causing no major damage but adding to simmering tensions while Russia amasses troops on the Ukrainian border. Separately, in a rare gesture to the U.S. at a time of chilly relations, Russia said it had arrested members of a major ransomware gang that targeted U.S. entities. | Ransomware | ||
|
2022-01-14 18:55:01 | Details Published on AWS Flaws Leading to Data Leaks (lien direct) | Researchers at cloud security startup Orca Security have publicly documented a pair of vulnerabilities in AWS CloudFormation and AWS Glue that attackers could use to leak sensitive files or access other customers' data. | |||
|
2022-01-14 16:21:56 | Austrian Regulator Says Google Analytics Contravenes GDPR (lien direct) | A new ruling from the Austrian Data Protection Authority (DPA) traps EU/U.S. data transfers between a rock and hard place. The rock is GDPR. The hard place is FISA. And the two are fundamentally incompatible. | |||
|
2022-01-14 15:29:16 | North Korean Hackers Stole $400 Million Worth of Cryptocurrency in 2021 (lien direct) | North Korea-linked hacking group Lazarus stole close to $400 million worth of crypto-assets last year, Chainalysis reports. | APT 38 APT 28 | ||
|
2022-01-14 15:04:04 | Cyber Attack in Albuquerque Latest to Target Public Schools (lien direct) | When the superintendent of Albuquerque Public Schools announced earlier this week a cyber attack would lead to the cancellation of classes for around 75,000 students, he noted that the district's technology department had been fending off attacks “for the last few weeks.” | Guideline | ||
|
2022-01-14 14:29:33 | Russia Lays the Smackdown on REvil Ransomware Gang (lien direct) | Russia on Friday said it has cracked down on the infamous REvil hacking group, known for its high profile supply chain attack against software maker Kaseya, and a ransomware attack against JBS USA that forced the shutdown of a portion of the world's largest meat processing company. | Ransomware | ||
|
2022-01-14 13:07:51 | Recent GootLoader Campaign Targets Law, Accounting Firms (lien direct) | A recently observed GootLoader campaign has been focusing on infecting the devices of legal and accounting company employees with malware, eSentire reports. | |||
|
2022-01-14 12:16:10 | Salvadoran Government Denies Using Spyware on Journalists (lien direct) | The government of El Salvador has denied using the Israeli Pegasus software to spy on journalists and activists. | |||
|
2022-01-14 11:45:39 | U.S. Government, Tech Giants Discuss Open Source Software Security (lien direct) | 
|
|||
|
2022-01-14 09:41:32 | Ukraine Reports Massive Cyber Attack on Government Websites (lien direct) | Kyiv on Friday reported a massive cyber attack on key government websites as tensions between Russia and the West over Ukraine escalate following several rounds of unsuccessful talks. The education ministry said on Facebook that its website was down due to a "global (cyber) attack" that had taken place overnight. | |||
|
2022-01-14 00:51:00 | Maryland Lawmaker: Officials Misled on Ransomware Attack (lien direct) | A leading Maryland lawmaker said Thursday that top legislators were misled about the seriousness of a cyberattack on the state health department. | Ransomware Guideline | ||
|
2022-01-13 19:52:59 | Meshed Cybersecurity Platforms Enable Complex Business Environments (lien direct) | Cybercriminals are exploiting the confusion that results from organizations simply throwing money at their cybersecurity challenges | |||
|
2022-01-13 17:36:10 | FCC Chair Proposes New Policies for Carrier Data Breach Reporting (lien direct) | Federal Communications Commission (FCC) chairwoman Jessica Rosenworcel this week proposed updated policies around telecom providers' reporting of data breaches. | Data Breach | ||
|
2022-01-13 15:00:09 | Ransomware Group That Targeted Over 50 Companies Dismantled in Ukraine (lien direct) | Ukrainian authorities on Thursday announced arresting several individuals who are allegedly members of a major cybercrime group. According to the Security Service of Ukraine and the country's Cyber Police, the arrests are the result of an operation conducted in cooperation with law enforcement agencies in the United Kingdom and the United States. | |||
|
2022-01-13 13:51:11 | Maryland Confirms Ransomware Attack at Health Agency (lien direct) | The disruption of Maryland's reporting of COVID-19 data last month was caused by a ransomware attack, state officials said Wednesday. Chip Stewart, the state's chief information security officer, said the state has not paid extortion demands for the attack, which began on Dec. 4. | Ransomware | ||
|
2022-01-13 13:32:55 | Cisco Patches Critical Vulnerability in Contact Center Products (lien direct) | Cisco on Wednesday announced patches for a critical vulnerability in Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited remotely to elevate privileges to administrator. | Vulnerability | ||
|
2022-01-13 12:34:48 | ZDI Announces Rules and Prizes for Pwn2Own 2022 (lien direct) | Trend Micro's Zero Day Initiative (ZDI) on Wednesday announced the targets, prizes and rules for Pwn2Own Vancouver 2022, scheduled to take place May 18-20 alongside the CanSecWest conference. | |||
|
2022-01-13 11:55:25 | U.S. Cyber Command Officially Links MuddyWater Group to Iranian Intelligence (lien direct) | The U.S. Cyber Command (CYBERCOM) on Wednesday officially tied the advanced persistent threat (APT) actor known as MuddyWater to Iranian intelligence. | Threat | ||
|
2022-01-13 09:34:25 | Report: Dozens of El Salvador Journalists, Activists Hacked (lien direct) | Dozens of journalists and human rights defenders in El Salvador had their cellphones repeatedly hacked with sophisticated spyware over the past year and a half, an internet watchdog said Wednesday. | |||
|
2022-01-13 00:45:45 | Ransomware Attack Locks Down US Prison (lien direct) | A ransomware attack locked down a US jail, knocking out security cameras and leaving inmates confined to their cells, court documents show. | Ransomware | ||
|
2022-01-12 21:37:41 | Apple Patches iOS HomeKit Flaw After Researcher Warning (lien direct) | Apple has released an iOS security update with a fix for a persistent denial-of-service flaw in the HomeKit software framework but only after an independent researcher publicly criticized the company for ignoring his discovery. | |||
|
2022-01-12 17:58:09 | Mozilla Patches High-Risk Firefox, Thunderbird Security Flaws (lien direct) | Mozilla has released Firefox 96 with patches for 18 security vulnerabilities affecting its flagship web browser and the Thunderbird mail program. Of the newly patched security flaws, nine are rated high-severity while six carry a "medium-severity" rating. | |||
|
2022-01-12 15:54:57 | Eureka Emerges From Stealth With Cloud Data Security Platform (lien direct) | Israel-based startup Eureka on Wednesday announced emerging from stealth mode with a cloud data security posture management platform and $8 million in seed funding. | |||
|
2022-01-12 14:54:12 | Security Validation Firm Pentera Raises $150 Million at $1 Billion Valuation (lien direct) | Automated security validation firm has now raised nearly $190 million in funding Boston, USA and Tel Aviv, Israel-based automated security validation (ASV) firm Pentera has raised $150 million in a Series C funding round led by K1 Investment Management, with participation from Evolution Equity Partners and Insight Partners. | |||
|
2022-01-12 14:53:40 | Microsoft Introduces New Security Update Notifications (lien direct) | Microsoft this week announced updated notifications for the Security Update Guide, the page where the tech company informs users of vulnerabilities that affect Microsoft products. | |||
|
2022-01-12 13:50:18 | (Déjà vu) ICS Patch Tuesday: Siemens, Schneider Electric Address 40 Vulnerabilities (lien direct) | The first round of security advisories released by Siemens and Schneider Electric in 2022 address a total of 40 vulnerabilities. Siemens | |||
|
2022-01-12 13:29:35 | New Cross-Platform Backdoor \'SysJoker\' Used in Targeted Attacks (lien direct) | A backdoor likely used by an advanced persistent threat (APT) actor in targeted attacks was built to target Windows, macOS, and Linux systems, Intezer reports. | Threat | ||
|
2022-01-12 12:14:51 | CISA Adds 15 Recent and Older Vulnerabilities to \'Must-Patch\' List (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week added 15 more vulnerabilities to its list of security bugs known to be exploited in malicious attacks. | |||
|
2022-01-12 11:43:32 | U.S. Issues Fresh Warning Over Russian Cyber Threats as Ukraine Tensions Mount (lien direct) | Several U.S. government agencies have issued a joint cybersecurity advisory to provide an overview of cyber operations linked to Russia. The advisory comes as tensions mount over a potential Russian invasion of Ukraine. | ★★★★★ | ||
|
2022-01-12 09:24:50 | SAP Patches Log4Shell Vulnerability in More Applications (lien direct) | German software maker SAP this week announced its first set of security updates for 2022, including patches for more applications affected by the Log4Shell vulnerability. | Vulnerability | ||
|
2022-01-12 02:14:12 | Albania Hires US Company to Boost Cybersecurity After Leak (lien direct) | The Albanian government said Tuesday that it would hire a U.S. company to bolster its cybersecurity following a large leak last month. |
To see everything:
