What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-21 12:43:17 | Access Bypass, Data Overwrite Vulnerabilities Patched in Drupal (lien direct) | Drupal on Wednesday announced the release of security updates to resolve a couple vulnerabilities that could lead to access bypass and data overwrite. | Guideline | ||
|
2022-04-21 12:29:53 | Cisco Patches Virtual Conference Software Vulnerability Reported by NSA (lien direct) | Cisco on Wednesday announced the release of patches for several high-severity vulnerabilities in its products, including a bug reported by the National Security Agency (NSA). | Vulnerability | ||
|
2022-04-21 11:41:46 | Many Industrial Firms Say Cybersecurity Systems Cause Problems to Operations (lien direct) | Despite an increase in cybersecurity incidents, many industrial organizations turn off security systems if they interrupt or otherwise impact operations, according to a global survey conducted earlier this year by Kaspersky. | |||
|
2022-04-21 10:23:07 | (Déjà vu) FBI Shares Information on BlackCat Ransomware Attacks (lien direct) | The Federal Bureau of Investigation (FBI) this week published indicators of compromise (IOCs) associated with the BlackCat Ransomware-as-a-Service (RaaS). | Ransomware | ||
|
2022-04-21 08:36:12 | New BotenaGo Variant Infects Lilin Security Cameras With Mirai (lien direct) | A newly identified variant of the BotenaGo malware is specifically targeting security cameras manufactured by Taiwan-based Lilin, warns OT and IoT security firm Nozomi Networks. | Malware | ||
|
2022-04-20 20:55:28 | US, Allies Say New Intel Suggests Coming Russian Cyberattack (lien direct) | Five allied countries including the United States warned Wednesday that "evolving intelligence" indicated Russia was poised to launch powerful cyberattacks against rivals supporting Ukraine. | |||
|
2022-04-20 17:14:58 | ThreatLocker Raises $100 Million for Zero Trust Endpoint Security Solution (lien direct) | Zero Trust endpoint security provider ThreatLocker this week announced that it has raised $100 million in Series C funding, which brings the total investment in the company to $124.4 million. The new funding round was led by General Atlantic, with additional investment from Arthur Ventures and Elephant VC. | |||
|
2022-04-20 15:38:16 | When Is It Right to Stay Silent? (lien direct) | If you know that a person or group has poor intentions, it may make sense to begin documenting and reporting nefarious activity | |||
|
2022-04-20 15:01:35 | FBI Warns of Ransomware Attacks on Farming Co-ops During Planting, Harvest Seasons (lien direct) | The FBI issued a private industry notification on Wednesday to warn agricultural cooperatives about a potential increase in ransomware attacks during planting and harvest seasons. | Ransomware | ||
|
2022-04-20 13:25:42 | (Déjà vu) Organizations Warned of Attacks Exploiting Recently Patched Windows Vulnerability (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) says a recently patched Windows Print Spooler vulnerability has been exploited in attacks. | Vulnerability | ||
|
2022-04-20 13:03:18 | Serious Vulnerabilities Found in AWS\'s Log4Shell Hot Patches (lien direct) | Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to escape containers, according to Palo Alto Networks. | |||
|
2022-04-20 12:54:27 | Judge Sends Assange Extradition Decision to UK Government (lien direct) | A British judge on Wednesday formally approved the extradition of Julian Assange to the United States to face spying charges. The case will now go to Britain's interior minister for a decision, though the WikiLeaks founder still has legal avenues of appeal. | |||
|
2022-04-20 11:00:32 | Proposed US Guidance, Legislation Show Increasing Importance of Cloud Security (lien direct) | The United States is working on guidance and legislation that show the government is placing increasing importance on cloud security. | |||
|
2022-04-20 09:57:39 | (Déjà vu) Oracle Releases 520 New Security Patches With April 2022 CPU (lien direct) | Oracle on Tuesday announced the release of 520 security fixes as part of its April 2022 Critical Patch Update (CPU), including nearly 300 for vulnerabilities that can be exploited remotely without authentication. | |||
|
2022-04-19 22:04:24 | Okta Closes Lapsus$ Breach Probe, Adds New Security Controls (lien direct) | Identity and access management tech firm Okta says it has concluded an investigation into the embarrassing Lapsus$ hacking incident and has severed ties with a third-party company at the center of the breach. | |||
|
2022-04-19 19:10:13 | SeeMetrics Raises $6M for Portfolio Management Platform (lien direct) | An Israeli startup has raised early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations. | |||
|
2022-04-19 18:46:07 | Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops (lien direct) | Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models. | |||
|
2022-04-19 16:37:37 | Attacker Dwell Times Down, But No Consistent Correlation to Breach Impact: Mandiant (lien direct) | While the median attacker dwell time has declined in recent years, it has no consistent correlation to the effect of a breach | |||
|
2022-04-19 15:23:08 | Webinar Today: Preparing for Emerging Threats (lien direct) | 
|
|||
|
2022-04-19 15:07:46 | Fortress Raises $125 Million to Secure Critical Industry Supply Chains (lien direct) | Fortress Information Security on Tuesday announced raising $125 million from Goldman Sachs, an investment that it plans on using to help critical industry operators and government agencies secure their supply chains. The company previously raised roughly $40 million in several funding rounds between 2015 and 2020. | |||
|
2022-04-19 15:05:28 | Economic Warfare: Attacks on Critical Infrastructure Part of Geopolitical Conflict (lien direct) | We've known for years that since at least March of 2016, Russian government threat actors have been targeting multiple U.S. critical infrastructure sectors including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. | Threat | ||
|
2022-04-19 13:39:38 | Over 30 Countries Take Part in NATO\'s \'Locked Shields 2022\' Cyber Exercise (lien direct) | NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteen installment of Locked Shields, its annual live-fire cyber defense exercise. | |||
|
2022-04-19 11:40:34 | Online Fraud Prevention Startup SEON Raises $94 Million (lien direct) | Online fraud prevention startup SEON today announced that it has closed a $94 million Series B funding round that brings the total investment in the company to $107 million. The funding round was led by IVP, with additional investment from Creandum and PortfoLion, as well as several angel investors. | |||
|
2022-04-19 11:15:49 | (Déjà vu) Cybersecurity M&A Roundup for April 1-15, 2022 (lien direct) | 
Twenty-one cybersecurity-related M&A deals have been announced in the first half of April 2022.
|
|||
|
2022-04-19 10:12:54 | US: Hackers Continue Aiding North Korea Generate Funds via Cryptocurrency Attacks (lien direct) | North Korean state-sponsored hacking group Lazarus continues to target blockchain and cryptocurrency organizations in recent campaigns, the United States government warns. | APT 38 APT 28 | ||
|
2022-04-18 19:54:13 | Citizen Lab Documents Israeli Surveillance Spyware Infections in Spain (lien direct) | Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society. | Malware | ||
|
2022-04-18 15:28:09 | Webex Monitors Microphone Even When Muted, Researchers Say (lien direct) | Cisco's enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user's microphone is muted in the software, according to warning from a group of academic researchers. | |||
|
2022-04-18 13:56:53 | FBI Warns of \'Reverse\' Instant Payments Phishing Schemes (lien direct) | The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals. | |||
|
2022-04-18 13:47:29 | GitHub Warns of Private Repositories Downloaded Using Stolen OAuth Tokens (lien direct) | GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party abusing stolen OAuth user tokens. The incident was identified on April 12, when the code hosting platform observed suspicious activity on its npm production infrastructure. | |||
|
2022-04-17 10:12:03 | OHSU Apologizes After Phishing Test Draws Complaints (lien direct) | Officials at Oregon Health & Science University have apologized to employees after a fake phishing test drew complaints about raising false hopes. | |||
|
2022-04-15 14:24:33 | North Korea APT Lazarus Targeting Chemical Sector (lien direct) | Threat hunters at Symantec have spotted signs that North Korea's Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage campaign that includes fake job lures and clever social engineering. | APT 38 APT 28 | ||
|
2022-04-15 13:36:05 | Juniper Networks Patches Vulnerabilities in Contrail Networking, Junos OS (lien direct) | Juniper Networks this week announced the release of patches for more than 30 vulnerabilities across its portfolio, including severe flaws in Contrail Networking and Junos OS. | |||
|
2022-04-15 12:31:54 | House Panels Probe Gov\'t Use of Facial Recognition Software (lien direct) | Two House committees have launched an investigation into the government's use of facial recognition software that was most recently used by the Internal Revenue Service, but stopped after complaints from lawmakers and privacy advocates. | |||
|
2022-04-15 10:58:19 | Conti Ransomware Gang Claims Cyberattack on Wind Turbine Giant Nordex (lien direct) | The Conti ransomware gang has claimed responsibility for a cyberattack that forced wind turbine giant Nordex to shut down internal systems on March 31. The incident, the company revealed in early April, was identified at an early stage, but resulted in multiple systems across Nordex's branches being taken offline. | Ransomware | ||
|
2022-04-15 10:41:57 | New \'Enemybot\' DDoS Botnet Targets Routers, Web Servers (lien direct) | A recently identified DDoS botnet has targeted several router models and various types of web servers by exploiting known vulnerabilities, Fortinet warns. | |||
|
2022-04-15 10:16:43 | Google Patches Third Actively Exploited Chrome Zero-Day of 2022 (lien direct) | A Chrome 100 update that Google announced on Thursday resolves two vulnerabilities in the popular browser, including one already exploited in the wild. | |||
|
2022-04-14 20:07:22 | U.S. Gov Blames North Korea Hackers for $600M Cryptocurrency Heist (lien direct) | The U.S. government says the recent $600 million Ronin Validator cryptocurrency heist was conducted by Lazarus Group, the notorious hacking outfit linked to the North Korean government. | Medical | APT 38 APT 28 | |
|
2022-04-14 18:42:21 | Critical Code Execution Flaw Haunts VMware Cloud Director (lien direct) | Cloud computing and virtualization technology firm VMWare on Thursday rolled out patches for an extremely critical security flaw in the VMWare Cloud Director product, warning that unpatched systems are at risk of remote code execution attacks. | |||
|
2022-04-14 16:25:06 | Cloud Security Startup DoControl Raises $30 Million (lien direct) | Cloud data security startup DoControl has closed a $30 million Series B funding round that brings the total raised by the company to $43 million. The financing round was led by Insight Partners, with additional investments from Cardumen Capital, CrowdStrike Falcon Fund, RTP Global, and StageOne Ventures. | |||
|
2022-04-14 14:39:13 | Obsidian Raises $90 Million for SaaS Security Platform (lien direct) | Obsidian Security on Thursday announced raising $90 million in a Series C funding round, which brings the total raised by the company to $119.5 million. The investment was led by Menlo Ventures, Norwest Venture Partners and IVP, with participation from Greylock, Wing and GV. Obsidian. | |||
|
2022-04-14 14:04:44 | Critical Vulnerability in Elementor Plugin Impacts Millions of WordPress Sites (lien direct) | A critical vulnerability addressed in the Elementor WordPress plugin could allow authenticated users to upload arbitrary files to affected websites, potentially leading to code execution. Elementor is a drag-and-drop website builder for WordPress that has more than 5 million installations. | Vulnerability Guideline | ||
|
2022-04-14 13:39:45 | Several Vulnerabilities Allow Disabling of Palo Alto Networks Products (lien direct) | Cybersecurity firm Palo Alto Networks has informed customers about several vulnerabilities that could allow a malicious actor to disable its products. | ★★★★★ | ||
|
2022-04-14 11:41:42 | Cisco Patches Critical Vulnerability in Wireless LAN Controller (lien direct) | Cisco announced on Wednesday that updates released for its Wireless LAN Controller (WLC) software address a critical vulnerability that could allow an attacker to bypass authentication. | Vulnerability | ||
|
2022-04-14 10:59:28 | Russia-Linked Pipedream/Incontroller ICS Malware Designed to Target Energy Facilities (lien direct) | Schneider Electric says no evidence that Incontroller/Pipedream malware exploits vulnerabilities | Malware | ||
|
2022-04-13 22:36:49 | VMWare Confirms Workspace One Exploits in the Wild (lien direct) | Less than a week after patching critical security defects affecting multiple enterprise-facing products, VMWare is warning that one of the flaws is being exploited in the wild. | |||
|
2022-04-13 19:37:53 | U.S. Warns New Sophisticated Malware Can Target ICS/SCADA Devices (lien direct) | [BREAKING NEWS - Check Back for Updates] Custom made, modular ICS attack framework can be used to disrupt and/or destruct devices in industrial environments | Malware | ||
|
2022-04-13 17:58:32 | Microsoft Seizes Control of Notorious Zloader Cybercrime Botnet (lien direct) | Microsoft has disrupted the operation of one of the most notorious cybercrime botnets and named a Crimean hacker as an alleged perpetrator behind the distribution of ransomware to the network of infected machines. | Ransomware | ||
|
2022-04-13 13:51:25 | Ransomware Claims Trending Downward, Insurance Firm Says (lien direct) | 
|
Ransomware | ||
|
2022-04-13 13:44:25 | Wind Turbine Giant Nordex Scrambling to Recover From Cyberattack (lien direct) | Nordex says cyber incident limited to internal IT infrastructure, wind turbine farms unaffected | |||
|
2022-04-13 13:37:37 | MDR Provider Critical Start Lands $215 Million Growth Investment (lien direct) | Managed detection and response (MDR) solutions provider Critical Start on Tuesday announced that it has received more than $215 million in strategic growth funding from private equity firm |
To see everything:
Our RSS (filtrered)
