What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
SecurityWeek.webp 2022-04-25 15:48:10 Former DNC CISO Bob Lord Joins CISA Cybersecurity Division (lien direct) The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) has added former DNC security chief Bob Lord to its roster of technical advisors.
SecurityWeek.webp 2022-04-25 14:42:27 State TV Says Iran Foiled Cyberattacks on Public Services (lien direct) Iran's state television said authorities have foiled massive cyberattacks that sought to target public services, both government and privately owned.
SecurityWeek.webp 2022-04-25 11:27:42 Atlassian Patches Critical Authentication Bypass Vulnerability in Jira (lien direct) Atlassian last week announced that its popular issue and project tracking software Jira is affected by a critical vulnerability, and advised customers to take action. Vulnerability
SecurityWeek.webp 2022-04-25 10:58:44 \'Hack DHS\' Participants Awarded $125,000 for Over 100 Vulnerabilities (lien direct) The Department of Homeland Security (DHS) has announced the results of the first phase of its “Hack DHS” bug bounty program.
SecurityWeek.webp 2022-04-25 10:25:53 Lapsus$ Hackers Gained Access to T-Mobile Systems, Source Code (lien direct) T-Mobile has admitted that its systems were breached recently, but the telecoms giant claimed the hackers did not steal anything of value. T-Mobile is another high-profile victim of the hacker group named Lapsus$. The gang has targeted several major companies, in many cases leaking large amounts of source code and other data stolen from their systems.
SecurityWeek.webp 2022-04-24 18:39:15 Spain Vows to be Transparent in Probe of Pegasus Spyware Use (lien direct) Spanish authorities are pledging full transparency as they launch inquiries into allegations that the phones of dozens of supporters of Catalan independence were hacked with powerful and controversial spyware only sold to government agencies.
SecurityWeek.webp 2022-04-23 09:46:23 Cyberattack Causes Chaos in Costa Rica Government Systems (lien direct) Costa Rican Flag Nearly a week into a ransomware attack that has crippled Costa Rican government computer systems, the country refused to pay a ransom as it struggled to implement workarounds and braced itself as hackers began publishing stolen information. Ransomware
SecurityWeek.webp 2022-04-22 17:18:36 Strike Security Scores Funding for \'Perpetual Pentesting\' for SMBs (lien direct) South American startup Strike Security has secured $5.4 million to fund an ambitious plan to disrupt the penetration testing and attack surface management business.
SecurityWeek.webp 2022-04-22 14:45:38 When Attacks Surge, Turn to Data to Strengthen Detection and Response (lien direct) News of cyber criminals and nation-state actors capitalizing on events, planned or unplanned, for financial gain or to wreak havoc have dominated the headlines over the past few years. From COVID to elections to devastating weather events, and now the tragic conflict in Ukraine. We've seen threat actors launch ransomware, supply chain attacks and other sophisticated tactics to compromise organizations and the services they deliver. But the human spirit is strong. Threat
SecurityWeek.webp 2022-04-22 13:34:23 Motorola Launches Cyber Threat Information Sharing Hub for Public Safety (lien direct) Motorola Solutions announced this week the creation of the Public Safety Threat Alliance, a cyber threat intelligence sharing hub for the public safety community. Threat
SecurityWeek.webp 2022-04-22 12:28:23 Several Critical Vulnerabilities Affect SmartPPT, SmartICS Industrial Products (lien direct) A security researcher has discovered several vulnerabilities, including ones rated critical- and high-severity, in industrial products made by Elcomplus, a Russian company specializing in professional radio communications and industrial automation.
SecurityWeek.webp 2022-04-22 11:07:48 Unpatched Vulnerability Allows Hackers to Steal Emails of RainLoop Users (lien direct) An unpatched vulnerability affecting the RainLoop webmail client can be exploited to hijack a user's session and steal their emails, according to application security firm Sonar. Vulnerability
SecurityWeek.webp 2022-04-22 11:01:03 VMware\'s Head of Cybersecurity Strategy Discusses Modern Bank Heists (lien direct) Digital Bank Heists – Because That's Where the Money Is Today The financial sector is in the crosshairs of criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. 
SecurityWeek.webp 2022-04-22 10:55:31 Audio Codec Made by Apple Introduced Serious Vulnerabilities in Millions of Android Phones (lien direct) An open source audio codec developed by Apple is affected by serious vulnerabilities that have been pushed to millions of Android devices by some of the world's largest mobile chipset manufacturers.
SecurityWeek.webp 2022-04-21 19:45:26 Catalan Chief Accuses Spain\'s Intelligence Agency of Hacking (lien direct) The head of Catalonia's regional government is accusing Spain's intelligence agency of conducting what he calls “massive political espionage” on the northeastern region's independence movement and says that relations with Spain's national authorities are “on hold” as a consequence.
SecurityWeek.webp 2022-04-21 18:12:22 Google, Mandiant Share Data on Record Pace of Zero-Day Discoveries (lien direct) Google and Mandiant separately called attention to a dramatic surge in the discovery of in-the-wild zero-day attacks and warned that nation-state APT actors, ransomware gangs and private mercenary exploit firms are burning through zero-days at record pace. Ransomware
SecurityWeek.webp 2022-04-21 17:27:09 Meta Offers Rewards for Flaws Allowing Attackers to Bypass Integrity Checks (lien direct) Facebook parent company Meta today announced that its bug bounty program will cover vulnerabilities that can be exploited to bypass integrity safeguards.
SecurityWeek.webp 2022-04-21 15:08:25 ICS Exploits Earn Hackers $400,000 at Pwn2Own Miami 2022 (lien direct) ICS Pwn2Own 2022 Pwn2Own Miami 2022, a hacking contest focusing on industrial control systems (ICS), has come to an end, with contestants earning a total of $400,000 for their exploits.
SecurityWeek.webp 2022-04-21 13:23:27 Today\'s Network is Different, Not Dead - Here\'s How You Secure It (lien direct) Rapid changes to a network can easily result in gaps in protection and enforcement
SecurityWeek.webp 2022-04-21 12:43:17 Access Bypass, Data Overwrite Vulnerabilities Patched in Drupal (lien direct) Drupal on Wednesday announced the release of security updates to resolve a couple vulnerabilities that could lead to access bypass and data overwrite. Guideline
SecurityWeek.webp 2022-04-21 12:29:53 Cisco Patches Virtual Conference Software Vulnerability Reported by NSA (lien direct) Cisco on Wednesday announced the release of patches for several high-severity vulnerabilities in its products, including a bug reported by the National Security Agency (NSA). Vulnerability
SecurityWeek.webp 2022-04-21 11:41:46 Many Industrial Firms Say Cybersecurity Systems Cause Problems to Operations (lien direct) Despite an increase in cybersecurity incidents, many industrial organizations turn off security systems if they interrupt or otherwise impact operations, according to a global survey conducted earlier this year by Kaspersky.
SecurityWeek.webp 2022-04-21 10:23:07 (Déjà vu) FBI Shares Information on BlackCat Ransomware Attacks (lien direct) The Federal Bureau of Investigation (FBI) this week published indicators of compromise (IOCs) associated with the BlackCat Ransomware-as-a-Service (RaaS). Ransomware
SecurityWeek.webp 2022-04-21 08:36:12 New BotenaGo Variant Infects Lilin Security Cameras With Mirai (lien direct) A newly identified variant of the BotenaGo malware is specifically targeting security cameras manufactured by Taiwan-based Lilin, warns OT and IoT security firm Nozomi Networks. Malware
SecurityWeek.webp 2022-04-20 20:55:28 US, Allies Say New Intel Suggests Coming Russian Cyberattack (lien direct) Five allied countries including the United States warned Wednesday that "evolving intelligence" indicated Russia was poised to launch powerful cyberattacks against rivals supporting Ukraine.
SecurityWeek.webp 2022-04-20 17:14:58 ThreatLocker Raises $100 Million for Zero Trust Endpoint Security Solution (lien direct) Zero Trust endpoint security provider ThreatLocker this week announced that it has raised $100 million in Series C funding, which brings the total investment in the company to $124.4 million. The new funding round was led by General Atlantic, with additional investment from Arthur Ventures and Elephant VC.
SecurityWeek.webp 2022-04-20 15:38:16 When Is It Right to Stay Silent? (lien direct) If you know that a person or group has poor intentions, it may make sense to begin documenting and reporting nefarious activity 
SecurityWeek.webp 2022-04-20 15:01:35 FBI Warns of Ransomware Attacks on Farming Co-ops During Planting, Harvest Seasons (lien direct) The FBI issued a private industry notification on Wednesday to warn agricultural cooperatives about a potential increase in ransomware attacks during planting and harvest seasons. Ransomware
SecurityWeek.webp 2022-04-20 13:25:42 (Déjà vu) Organizations Warned of Attacks Exploiting Recently Patched Windows Vulnerability (lien direct) The US Cybersecurity and Infrastructure Security Agency (CISA) says a recently patched Windows Print Spooler vulnerability has been exploited in attacks. Vulnerability
SecurityWeek.webp 2022-04-20 13:03:18 Serious Vulnerabilities Found in AWS\'s Log4Shell Hot Patches (lien direct) Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to escape containers, according to Palo Alto Networks.
SecurityWeek.webp 2022-04-20 12:54:27 Judge Sends Assange Extradition Decision to UK Government (lien direct) A British judge on Wednesday formally approved the extradition of Julian Assange to the United States to face spying charges. The case will now go to Britain's interior minister for a decision, though the WikiLeaks founder still has legal avenues of appeal.
SecurityWeek.webp 2022-04-20 11:00:32 Proposed US Guidance, Legislation Show Increasing Importance of Cloud Security (lien direct) The United States is working on guidance and legislation that show the government is placing increasing importance on cloud security.
SecurityWeek.webp 2022-04-20 09:57:39 (Déjà vu) Oracle Releases 520 New Security Patches With April 2022 CPU (lien direct) Oracle on Tuesday announced the release of 520 security fixes as part of its April 2022 Critical Patch Update (CPU), including nearly 300 for vulnerabilities that can be exploited remotely without authentication.
SecurityWeek.webp 2022-04-19 22:04:24 Okta Closes Lapsus$ Breach Probe, Adds New Security Controls (lien direct) Identity and access management tech firm Okta says it has concluded an investigation into the embarrassing Lapsus$ hacking incident and has severed ties with a third-party company at the center of the breach.
SecurityWeek.webp 2022-04-19 19:10:13 SeeMetrics Raises $6M for Portfolio Management Platform (lien direct) An Israeli startup has raised early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations.
SecurityWeek.webp 2022-04-19 18:46:07 Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops (lien direct) Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models.
SecurityWeek.webp 2022-04-19 16:37:37 Attacker Dwell Times Down, But No Consistent Correlation to Breach Impact: Mandiant (lien direct) While the median attacker dwell time has declined in recent years, it has no consistent correlation to the effect of a breach
SecurityWeek.webp 2022-04-19 15:23:08 Webinar Today: Preparing for Emerging Threats (lien direct) Preparing Your Workforce to Adapt to Emerging Threats
SecurityWeek.webp 2022-04-19 15:07:46 Fortress Raises $125 Million to Secure Critical Industry Supply Chains (lien direct) Fortress Information Security on Tuesday announced raising $125 million from Goldman Sachs, an investment that it plans on using to help critical industry operators and government agencies secure their supply chains. The company previously raised roughly $40 million in several funding rounds between 2015 and 2020.
SecurityWeek.webp 2022-04-19 15:05:28 Economic Warfare: Attacks on Critical Infrastructure Part of Geopolitical Conflict (lien direct) We've known for years that since at least March of 2016, Russian government threat actors have been targeting multiple U.S. critical infrastructure sectors including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. Threat
SecurityWeek.webp 2022-04-19 13:39:38 Over 30 Countries Take Part in NATO\'s \'Locked Shields 2022\' Cyber Exercise (lien direct) NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteen installment of Locked Shields, its annual live-fire cyber defense exercise.
SecurityWeek.webp 2022-04-19 11:40:34 Online Fraud Prevention Startup SEON Raises $94 Million (lien direct) Online fraud prevention startup SEON today announced that it has closed a $94 million Series B funding round that brings the total investment in the company to $107 million. The funding round was led by IVP, with additional investment from Creandum and PortfoLion, as well as several angel investors.
SecurityWeek.webp 2022-04-19 11:15:49 (Déjà vu) Cybersecurity M&A Roundup for April 1-15, 2022 (lien direct) Cybersecurity M&A Roundup for April 2022 Twenty-one cybersecurity-related M&A deals have been announced in the first half of April 2022.
SecurityWeek.webp 2022-04-19 10:12:54 US: Hackers Continue Aiding North Korea Generate Funds via Cryptocurrency Attacks (lien direct) North Korean state-sponsored hacking group Lazarus continues to target blockchain and cryptocurrency organizations in recent campaigns, the United States government warns. APT 38 APT 28
SecurityWeek.webp 2022-04-18 19:54:13 Citizen Lab Documents Israeli Surveillance Spyware Infections in Spain (lien direct) Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society. Malware
SecurityWeek.webp 2022-04-18 15:28:09 Webex Monitors Microphone Even When Muted, Researchers Say (lien direct) Cisco's enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user's microphone is muted in the software, according to warning from a group of academic researchers.
SecurityWeek.webp 2022-04-18 13:56:53 FBI Warns of \'Reverse\' Instant Payments Phishing Schemes (lien direct) The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals.
SecurityWeek.webp 2022-04-18 13:47:29 GitHub Warns of Private Repositories Downloaded Using Stolen OAuth Tokens (lien direct) GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party abusing stolen OAuth user tokens. The incident was identified on April 12, when the code hosting platform observed suspicious activity on its npm production infrastructure.
SecurityWeek.webp 2022-04-17 10:12:03 OHSU Apologizes After Phishing Test Draws Complaints (lien direct) Officials at Oregon Health & Science University have apologized to employees after a fake phishing test drew complaints about raising false hopes.
SecurityWeek.webp 2022-04-15 14:24:33 North Korea APT Lazarus Targeting Chemical Sector (lien direct) Threat hunters at Symantec have spotted signs that North Korea's Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage campaign that includes fake job lures and clever social engineering. APT 38 APT 28
Last update at: 2024-06-25 05:07:57
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter