What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-10-27 10:29:32 | Iran Struggles to Relaunch Petrol Stations After Cyberattack (lien direct) | Iran struggled Wednesday to restart its petrol distribution system after it was hit by an unprecedented cyber-attack which security officials said was launched from abroad. | |||
|
2021-10-27 01:40:16 | 150 People Arrested in US-Europe Darknet Drug Probe (lien direct) | Law enforcement officials in the U.S. and Europe have arrested 150 people and seized more than $31 million in an international drug trafficking investigation stemming from sales on the darknet, the Justice Department said Tuesday. | |||
|
2021-10-26 18:06:23 | Adobe Patches Gaping Security Flaws in 14 Software Products (lien direct) | Adobe on Tuesday released a slew of urgent patches with fixes for more than 90 documented vulnerabilities that expose Windows, macOS and Linux users to malicious hacker attacks. The security defects affect a wide range of popular products, including Adobe Photoshop, Adobe InDesign, Adobe Illustrator and Adobe Premiere. | |||
|
2021-10-26 17:41:46 | Illumio Brings Visibility, Zero Trust Principles to Hybrid Cloud (lien direct) | A new product seeks to solve the two primary security issues that come with moving to the cloud: the danger of accidental misconfigurations and the loss of visibility. | |||
|
2021-10-26 17:10:51 | Iran Blames Cyberattack as Fuel Supply Hit (lien direct) | Iranian authorities on Tuesday blamed a mysterious cyber attack for unprecedented disruption to the country's fuel distribution network. | |||
|
2021-10-26 16:43:03 | Mozilla Blocks Malicious Firefox Add-Ons Abusing Proxy API (lien direct) | The open-source Mozilla Foundation says it blocked a series of malicious Firefox add-ons that misused the proxy API that extensions use to proxy web requests. The API allows add-ons to control the manner in which the browser connects to the Internet, and some extensions were found to abuse this. | |||
|
2021-10-26 16:33:10 | Researcher Explains Wi-Fi Password Cracking at Scale (lien direct) | A security researcher at CyberArk was able to easily break more than 70 percent of Wi-Fi passwords he sniffed using relatively simple, cheap equipment. | |||
|
2021-10-26 15:05:44 | Targets and Prizes Announced for 2022 ICS-Themed Pwn2Own (lien direct) | The Zero Day Initiative (ZDI) on Monday announced the targets and prizes for the next Pwn2Own Miami hacking contest, which focuses on industrial control system (ICS) products and associated protocols. | |||
|
2021-10-26 14:17:46 | Cloud Security Company Sonrai Raises $50 Million (lien direct) | Public cloud security provider Sonrai Security today announced that it has raised $50 million in Series C funding, which brings the total raised by the company to $88.5 million. The new funding round was led by ISTARI, but existing investors Menlo Ventures, New Brunswick Innovation Fund, Polaris Partners, and TenEleven Ventures also contributed. | |||
|
2021-10-26 13:11:25 | Enterprise Data Privacy Startup Piiano Emerges From Stealth Mode (lien direct) | Tel Aviv, Israel-based Piiano emerged from stealth mode on Tuesday with $9 million in seed funding and a data engineering solution designed to help enterprises centralize and secure personal and other sensitive information. | |||
|
2021-10-26 12:28:47 | BillQuick Billing Software Exploited to Hack U.S. Engineering Company (lien direct) | Hackers abused the BillQuick Web Suite billing software to compromise the network of an engineering company in the United States and deploy ransomware, threat detection firm Huntress reports. | Hack Threat | ||
|
2021-10-26 11:11:01 | UK Spy Chiefs Seal Cloud Data Deal With Amazon: FT (lien direct) | UK intelligence agencies have entrusted classified data to Amazon's cloud computing arm AWS in a deal designed to vastly speed up their espionage capabilities, the Financial Times reported on Tuesday. | |||
|
2021-10-26 11:07:25 | Logging and Security Analytics Firm Devo Raises $250 Million at $1.5 Billion Valuation (lien direct) | Cambridge, MA-based cloud-native logging, SIEM and security analytics company Devo Technology on Tuesday announced that it has achieved unicorn status after raising $250 million. | |||
|
2021-10-26 10:07:11 | US State Department Sets Up Cyber Bureau, Envoy Amid Hacking Alarm (lien direct) | US Secretary of State Antony Blinken announced Monday that the State Department will establish a new bureau and envoy to handle cyber policy, revamping amid alarm over rising hacking attacks. In a memo to staff, Blinken said that a review showed a need for structural changes on "how the State Department should adapt to 21st-century challenges." | |||
|
2021-10-25 18:13:38 | Kansas Man Admits Hacking Public Water Facility (lien direct) | Roughly seven months after being indicted for his actions, a Kansas man admitted in court to tampering with the systems at the Post Rock Rural Water District. | |||
|
2021-10-25 17:51:31 | CISA Raises Alarm on Critical Vulnerability in Discourse Forum Software (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) over the weekend issued an alert on a critical vulnerability in open source discussion platform Discourse. | Vulnerability | ||
|
2021-10-25 15:03:02 | Russia-Linked SolarWinds Hackers Continue Launching Supply Chain Attacks (lien direct) | The Russia-linked cyberespionage group that hacked IT management solutions provider SolarWinds continues to launch supply chain attacks, Microsoft warned on Monday. | |||
|
2021-10-25 14:54:45 | Changing Approaches to Preventing Ransomware Attacks (lien direct) | Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries | Ransomware Threat | ||
|
2021-10-25 14:21:51 | (Déjà vu) Cybersecurity M&A Roundup for October 11-24, 2021 (lien direct) | 
A total of 15 cybersecurity-related acquisitions were announced October 11-24, 2021.
|
|||
|
2021-10-25 12:26:34 | Researcher Earns $2 Million for Critical Vulnerability in Polygon (lien direct) | Security researcher Gerhard Wagner earned a $2 million bug bounty reward for a critical vulnerability in Polygon's Plasma Bridge that could have allowed a malicious user to submit the same withdrawal transaction 224 times, with different exit IDs. | Vulnerability | ||
|
2021-10-25 11:25:15 | Facebook Sues Ukrainian for Scraping, Selling Data of 178 Million Users (lien direct) | Facebook last week filed a lawsuit against a Ukrainian national who allegedly scraped the information of 178 million of its users and then sold the obtained information on hacker forums. | |||
|
2021-10-23 16:24:37 | \'Critical Severity\' Warning for Malware Embedded in Popular JavaScript Library (lien direct) | Security responders are scrambling this weekend to assess the damage from crypto-mining malware embedded in an npm package (JavaScript library) that counts close to 8 million downloads per week. | Malware | ||
|
2021-10-22 18:59:43 | REvil Ransomware Gang Hit by Law Enforcement Hack-Back Operation (lien direct) | The global fight against ransomware took a new twist this week with the United States leading a law enforcement effort to hack back and disrupt the extortion group behind the Colonial Pipeline cyberattack. | Ransomware Hack Guideline | ||
|
2021-10-22 17:16:58 | Microsoft Introduces Security Program for Non-Profits (lien direct) | Tech giant Microsoft has rolled out new security offering to provide non-profit organizationss with additional security in the event of a nation-state attack. | |||
|
2021-10-22 16:54:10 | US Intel Warns China Could Dominate Advanced Technologies (lien direct) | U.S. officials issued new warnings Friday about China's ambitions in artificial intelligence and a range of advanced technologies that could eventually give Beijing a decisive military edge and possible dominance over health care and other essential sectors in America. | |||
|
2021-10-22 15:13:47 | Organizations Can Now Try Out End-to-End Encrypted Microsoft Teams Calls (lien direct) | 
Microsoft this week announced that organizations can now enable their employees to make one-to-one calls on Teams that are protected by end-to-end encryption.
|
|||
|
2021-10-22 14:41:38 | Facebook Introduces New Tool for Finding SSRF Vulnerabilities (lien direct) | Facebook on Thursday announced a new tool designed to help security researchers hunt for Server-Side Request Forgery (SSRF) vulnerabilities. | Tool | ||
|
2021-10-22 14:12:12 | After Nation-State Hackers, Cybercriminals Also Add Sliver Pentest Tool to Arsenal (lien direct) | The cybercriminal group tracked as TA551 recently showed a significant change in tactics with the addition of the open-source pentest tool Sliver to its arsenal, according to cybersecurity firm Proofpoint. | Tool | ||
|
2021-10-22 11:24:28 | Snap\'s Stock Drops as iPhone Privacy Controls Pinch Ad Sales (lien direct) | Snapchat's corporate parent disclosed Thursday that its ad sales are being hurt by a privacy crackdown that rolled out on Apple's iPhones earlier this year, raising investor fears that the app's financial growth is going into a tailspin. | |||
|
2021-10-22 10:54:57 | Critical Vulnerabilities Found in AUVESY Product Used by Major Industrial Firms (lien direct) | A total of 17 types of vulnerabilities, including many rated critical and high severity, have been found by researchers in the Versiondog data management product made by AUVESY. | |||
|
2021-10-22 08:51:49 | Cookie Theft Malware Used to Hijack YouTube Accounts (lien direct) | Google says it has disrupted phishing attacks in which threat actors were attempting to use cookie theft malware to hijack YouTube accounts and abuse them to promote cryptocurrency scams. | Malware Threat | ||
|
2021-10-21 15:08:19 | Consumer Security Firm Aura Raises $200 Million at $2.5 Billion Valuation (lien direct) | Aura, a Burlington, MA-based company that provides cybersecurity solutions for consumers, has announced raising $200 million in a Series F funding round. The funding, which values Aura at $2.5 billion post money, brings the total raised by the firm to $650 million. | |||
|
2021-10-21 14:18:39 | FiveSys Rootkit Abuses Microsoft-Issued Digital Signature (lien direct) | A rootkit named FiveSys is able to evade detection and slip unnoticed onto Windows users' systems courtesy of a Microsoft-issued digital signature, according to security researchers with Bitdefender. | |||
|
2021-10-21 13:01:23 | Smart Security Camera Startup Rhombus Systems Raises $10 Million (lien direct) | Sacramento, CA-based Rhombus Systems – a provider of smart security cameras – has raised $10 million in a Series A funding round led by Cota Capital. | |||
|
2021-10-21 11:31:50 | Two Bulletproof Hosting Administrators Sentenced to Prison in U.S. (lien direct) | The United States Department of Justice this week announced that two individuals involved in providing bulletproof hosting to various malware families were sentenced to prison. | Malware | ||
|
2021-10-21 11:17:35 | Former Execs of Cybersecurity Firm GigaTrust Charged With Financial Fraud (lien direct) | Three former executives of now defunct cybersecurity company GigaTrust have been charged for defrauding investors and lenders in a $50 million fraud scheme. | |||
|
2021-10-21 10:32:34 | US to Curb Hacking Tool Exports to Russia, China (lien direct) | US authorities unveiled Wednesday long-delayed new rules aimed at clamping down on export to nations like Russia and China of hacking technology amid a sharp uptick in cyberattacks globally. The rules, which are set to go into force in 90 days, would prevent the sale of certain software or devices to a list of countries unless approved by a bureau of the Commerce Department. | Tool | ||
|
2021-10-20 20:02:15 | Google Patches 19 Vulnerabilities in Chrome 95 Browser Refresh (lien direct) | Google has released a new version of its flagship Chrome web browser with patches for a total of 19 vulnerabilities, including 16 reported by external researchers. | |||
|
2021-10-20 15:17:31 | Investors Bet Big on Attempts to Solve Encryption \'Holy Grail\' (lien direct) | News Analysis: Venture capital investors are pumping millions of dollars into privacy enhancing technology (PET) projects, betting that hardware and software innovation is finally coming together to solve one of the “holy grails” of encryption. | |||
|
2021-10-20 15:12:33 | Query.AI Raises $15 Million in Series A Funding Round (lien direct) | Query.AI, a company that has developed a security investigations platform for enterprises, this week announced raising $15 million in a Series A funding round, which brings the total raised to nearly $20 million. | |||
|
2021-10-20 13:59:02 | Magnitude EK Expands Arsenal With PuzzleMaker Exploit Chain (lien direct) | The Magnitude exploit kit (EK) is now capable of targeting Chromium-based browsers running on Windows systems, security researchers with Avast warn. | |||
|
2021-10-20 12:53:49 | Threat Detection Marketplace SOC Prime Raises $11 Million (lien direct) | Threat detection marketplace SOC Prime this week announced that it has raised $11 million in Series A funding. To date, the company has raised a total of $11.5 million. The new capital, the company says, will help it accelerate the adoption of its marketplace, which allows security researchers to monetize their content to help others fend off cyberattacks. | |||
|
2021-10-20 12:34:21 | Acer Confirms Breach of Servers in Taiwan (lien direct) | Taiwanese tech giant Acer has confirmed that, in addition to servers in India, hackers breached some of its systems in Taiwan. | |||
|
2021-10-20 11:47:59 | Zerodium Buying Zero-Day Exploits Targeting VPN Software (lien direct) | Exploit acquisition company Zerodium on Tuesday announced that it's looking to buy zero-day exploits targeting popular VPN software. Specifically, the company wants to acquire exploits that work against the Windows versions of the ExpressVPN, NordVPN and Surfshark applications. These VPN services have millions of users. | |||
|
2021-10-20 11:02:21 | Oracle\'s October 2021 CPU Includes 419 Security Patches (lien direct) | Oracle on Tuesday announced the release of its latest quarterly Critical Patch Update (CPU), which includes a total of 419 security patches for vulnerabilities across the company's portfolio. Just over half of the patches address vulnerabilities that could be exploited remotely without authentication, Oracle announced. | |||
|
2021-10-20 10:27:59 | Missouri Budget Officials Outline $50M Cost of Data Breach (lien direct) | Help for roughly 100,000 teachers whose Social Security numbers were made vulnerable in a massive state data breach could cost Missouri as much as $50 million, the governor's office confirmed Tuesday. | Data Breach | ||
|
2021-10-20 10:16:05 | How to Spot an Effective Security Practitioner (lien direct) | By understanding what makes a great security practitioner, organizations can learn how to recruit and retain effective security practitioners | |||
|
2021-10-19 21:42:01 | U.S. Government Issues Urgent Warning on BlackMatter Ransomware (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) this week published a joint advisory to warn organizations of an increased threat posed by the BlackMatter ransomware gang. | Ransomware Threat | ||
|
2021-10-19 21:31:23 | Nation-State APT Targets Afghans With New Toolset (lien direct) | A previously unseen threat actor, likely a nation-state, is targeting various entities in South Asia, with a focus on Afghanistan, according to a warning from anti-malware vendor Symantec. | Threat | ||
|
2021-10-19 14:56:06 | Microsoft, Intel and Goldman Sachs Lead New Supply Chain Security Group at TCG (lien direct) | Microsoft, Intel and Goldman Sachs will lead a new work group focusing on supply chain security at the Trusted Computing Group (TCG). TCG is a non-profit organization that develops, defines and promotes open and vendor-neutral industry specifications and standards for trusted computing platforms, including the widely used Trusted Platform Module (TPM). | Guideline |
To see everything:
Our RSS (filtrered)
