What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-04-25 15:48:10 | Former DNC CISO Bob Lord Joins CISA Cybersecurity Division (lien direct) | The U.S. government's Cybersecurity and Infrastructure Security Agency (CISA) has added former DNC security chief Bob Lord to its roster of technical advisors. | |||
|
2022-04-25 14:42:27 | State TV Says Iran Foiled Cyberattacks on Public Services (lien direct) | Iran's state television said authorities have foiled massive cyberattacks that sought to target public services, both government and privately owned. | |||
|
2022-04-25 11:27:42 | Atlassian Patches Critical Authentication Bypass Vulnerability in Jira (lien direct) | Atlassian last week announced that its popular issue and project tracking software Jira is affected by a critical vulnerability, and advised customers to take action. | Vulnerability | ||
|
2022-04-25 10:58:44 | \'Hack DHS\' Participants Awarded $125,000 for Over 100 Vulnerabilities (lien direct) | The Department of Homeland Security (DHS) has announced the results of the first phase of its “Hack DHS” bug bounty program. | |||
|
2022-04-25 10:25:53 | Lapsus$ Hackers Gained Access to T-Mobile Systems, Source Code (lien direct) | T-Mobile has admitted that its systems were breached recently, but the telecoms giant claimed the hackers did not steal anything of value. T-Mobile is another high-profile victim of the hacker group named Lapsus$. The gang has targeted several major companies, in many cases leaking large amounts of source code and other data stolen from their systems. | |||
|
2022-04-24 18:39:15 | Spain Vows to be Transparent in Probe of Pegasus Spyware Use (lien direct) | Spanish authorities are pledging full transparency as they launch inquiries into allegations that the phones of dozens of supporters of Catalan independence were hacked with powerful and controversial spyware only sold to government agencies. | |||
|
2022-04-23 09:46:23 | Cyberattack Causes Chaos in Costa Rica Government Systems (lien direct) | 
Nearly a week into a ransomware attack that has crippled Costa Rican government computer systems, the country refused to pay a ransom as it struggled to implement workarounds and braced itself as hackers began publishing stolen information.
|
Ransomware | ||
|
2022-04-22 17:18:36 | Strike Security Scores Funding for \'Perpetual Pentesting\' for SMBs (lien direct) | South American startup Strike Security has secured $5.4 million to fund an ambitious plan to disrupt the penetration testing and attack surface management business. | |||
|
2022-04-22 14:45:38 | When Attacks Surge, Turn to Data to Strengthen Detection and Response (lien direct) | News of cyber criminals and nation-state actors capitalizing on events, planned or unplanned, for financial gain or to wreak havoc have dominated the headlines over the past few years. From COVID to elections to devastating weather events, and now the tragic conflict in Ukraine. We've seen threat actors launch ransomware, supply chain attacks and other sophisticated tactics to compromise organizations and the services they deliver. But the human spirit is strong. | Threat | ||
|
2022-04-22 13:34:23 | Motorola Launches Cyber Threat Information Sharing Hub for Public Safety (lien direct) | Motorola Solutions announced this week the creation of the Public Safety Threat Alliance, a cyber threat intelligence sharing hub for the public safety community. | Threat | ||
|
2022-04-22 12:28:23 | Several Critical Vulnerabilities Affect SmartPPT, SmartICS Industrial Products (lien direct) | A security researcher has discovered several vulnerabilities, including ones rated critical- and high-severity, in industrial products made by Elcomplus, a Russian company specializing in professional radio communications and industrial automation. | |||
|
2022-04-22 11:07:48 | Unpatched Vulnerability Allows Hackers to Steal Emails of RainLoop Users (lien direct) | An unpatched vulnerability affecting the RainLoop webmail client can be exploited to hijack a user's session and steal their emails, according to application security firm Sonar. | Vulnerability | ||
|
2022-04-22 11:01:03 | VMware\'s Head of Cybersecurity Strategy Discusses Modern Bank Heists (lien direct) | Digital Bank Heists – Because That's Where the Money Is Today The financial sector is in the crosshairs of criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. | |||
|
2022-04-22 10:55:31 | Audio Codec Made by Apple Introduced Serious Vulnerabilities in Millions of Android Phones (lien direct) | An open source audio codec developed by Apple is affected by serious vulnerabilities that have been pushed to millions of Android devices by some of the world's largest mobile chipset manufacturers. | |||
|
2022-04-21 19:45:26 | Catalan Chief Accuses Spain\'s Intelligence Agency of Hacking (lien direct) | The head of Catalonia's regional government is accusing Spain's intelligence agency of conducting what he calls “massive political espionage” on the northeastern region's independence movement and says that relations with Spain's national authorities are “on hold” as a consequence. | |||
|
2022-04-21 18:12:22 | Google, Mandiant Share Data on Record Pace of Zero-Day Discoveries (lien direct) | Google and Mandiant separately called attention to a dramatic surge in the discovery of in-the-wild zero-day attacks and warned that nation-state APT actors, ransomware gangs and private mercenary exploit firms are burning through zero-days at record pace. | Ransomware | ||
|
2022-04-21 17:27:09 | Meta Offers Rewards for Flaws Allowing Attackers to Bypass Integrity Checks (lien direct) | Facebook parent company Meta today announced that its bug bounty program will cover vulnerabilities that can be exploited to bypass integrity safeguards. | |||
|
2022-04-21 15:08:25 | ICS Exploits Earn Hackers $400,000 at Pwn2Own Miami 2022 (lien direct) | 
Pwn2Own Miami 2022, a hacking contest focusing on industrial control systems (ICS), has come to an end, with contestants earning a total of $400,000 for their exploits.
|
|||
|
2022-04-21 13:23:27 | Today\'s Network is Different, Not Dead - Here\'s How You Secure It (lien direct) | Rapid changes to a network can easily result in gaps in protection and enforcement | |||
|
2022-04-21 12:43:17 | Access Bypass, Data Overwrite Vulnerabilities Patched in Drupal (lien direct) | Drupal on Wednesday announced the release of security updates to resolve a couple vulnerabilities that could lead to access bypass and data overwrite. | Guideline | ||
|
2022-04-21 12:29:53 | Cisco Patches Virtual Conference Software Vulnerability Reported by NSA (lien direct) | Cisco on Wednesday announced the release of patches for several high-severity vulnerabilities in its products, including a bug reported by the National Security Agency (NSA). | Vulnerability | ||
|
2022-04-21 11:41:46 | Many Industrial Firms Say Cybersecurity Systems Cause Problems to Operations (lien direct) | Despite an increase in cybersecurity incidents, many industrial organizations turn off security systems if they interrupt or otherwise impact operations, according to a global survey conducted earlier this year by Kaspersky. | |||
|
2022-04-21 10:23:07 | (Déjà vu) FBI Shares Information on BlackCat Ransomware Attacks (lien direct) | The Federal Bureau of Investigation (FBI) this week published indicators of compromise (IOCs) associated with the BlackCat Ransomware-as-a-Service (RaaS). | Ransomware | ||
|
2022-04-21 08:36:12 | New BotenaGo Variant Infects Lilin Security Cameras With Mirai (lien direct) | A newly identified variant of the BotenaGo malware is specifically targeting security cameras manufactured by Taiwan-based Lilin, warns OT and IoT security firm Nozomi Networks. | Malware | ||
|
2022-04-20 20:55:28 | US, Allies Say New Intel Suggests Coming Russian Cyberattack (lien direct) | Five allied countries including the United States warned Wednesday that "evolving intelligence" indicated Russia was poised to launch powerful cyberattacks against rivals supporting Ukraine. | |||
|
2022-04-20 17:14:58 | ThreatLocker Raises $100 Million for Zero Trust Endpoint Security Solution (lien direct) | Zero Trust endpoint security provider ThreatLocker this week announced that it has raised $100 million in Series C funding, which brings the total investment in the company to $124.4 million. The new funding round was led by General Atlantic, with additional investment from Arthur Ventures and Elephant VC. | |||
|
2022-04-20 15:38:16 | When Is It Right to Stay Silent? (lien direct) | If you know that a person or group has poor intentions, it may make sense to begin documenting and reporting nefarious activity | |||
|
2022-04-20 15:01:35 | FBI Warns of Ransomware Attacks on Farming Co-ops During Planting, Harvest Seasons (lien direct) | The FBI issued a private industry notification on Wednesday to warn agricultural cooperatives about a potential increase in ransomware attacks during planting and harvest seasons. | Ransomware | ||
|
2022-04-20 13:25:42 | (Déjà vu) Organizations Warned of Attacks Exploiting Recently Patched Windows Vulnerability (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) says a recently patched Windows Print Spooler vulnerability has been exploited in attacks. | Vulnerability | ||
|
2022-04-20 13:03:18 | Serious Vulnerabilities Found in AWS\'s Log4Shell Hot Patches (lien direct) | Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to escape containers, according to Palo Alto Networks. | |||
|
2022-04-20 12:54:27 | Judge Sends Assange Extradition Decision to UK Government (lien direct) | A British judge on Wednesday formally approved the extradition of Julian Assange to the United States to face spying charges. The case will now go to Britain's interior minister for a decision, though the WikiLeaks founder still has legal avenues of appeal. | |||
|
2022-04-20 11:00:32 | Proposed US Guidance, Legislation Show Increasing Importance of Cloud Security (lien direct) | The United States is working on guidance and legislation that show the government is placing increasing importance on cloud security. | |||
|
2022-04-20 09:57:39 | (Déjà vu) Oracle Releases 520 New Security Patches With April 2022 CPU (lien direct) | Oracle on Tuesday announced the release of 520 security fixes as part of its April 2022 Critical Patch Update (CPU), including nearly 300 for vulnerabilities that can be exploited remotely without authentication. | |||
|
2022-04-19 22:04:24 | Okta Closes Lapsus$ Breach Probe, Adds New Security Controls (lien direct) | Identity and access management tech firm Okta says it has concluded an investigation into the embarrassing Lapsus$ hacking incident and has severed ties with a third-party company at the center of the breach. | |||
|
2022-04-19 19:10:13 | SeeMetrics Raises $6M for Portfolio Management Platform (lien direct) | An Israeli startup has raised early-stage funding to build technology to help cybersecurity teams measure, track and simplify security program operations. | |||
|
2022-04-19 18:46:07 | Firmware Flaws Allow Disabling Secure Boot on Lenovo Laptops (lien direct) | Computer maker Lenovo has started pushing security patches to address three vulnerabilities impacting the UEFI firmware of more than 110 laptop models. | |||
|
2022-04-19 16:37:37 | Attacker Dwell Times Down, But No Consistent Correlation to Breach Impact: Mandiant (lien direct) | While the median attacker dwell time has declined in recent years, it has no consistent correlation to the effect of a breach | |||
|
2022-04-19 15:23:08 | Webinar Today: Preparing for Emerging Threats (lien direct) | 
|
|||
|
2022-04-19 15:07:46 | Fortress Raises $125 Million to Secure Critical Industry Supply Chains (lien direct) | Fortress Information Security on Tuesday announced raising $125 million from Goldman Sachs, an investment that it plans on using to help critical industry operators and government agencies secure their supply chains. The company previously raised roughly $40 million in several funding rounds between 2015 and 2020. | |||
|
2022-04-19 15:05:28 | Economic Warfare: Attacks on Critical Infrastructure Part of Geopolitical Conflict (lien direct) | We've known for years that since at least March of 2016, Russian government threat actors have been targeting multiple U.S. critical infrastructure sectors including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. | Threat | ||
|
2022-04-19 13:39:38 | Over 30 Countries Take Part in NATO\'s \'Locked Shields 2022\' Cyber Exercise (lien direct) | NATO's Cooperative Cyber Defence Centre of Excellence (CCDCOE) on Tuesday kicked off the thirteen installment of Locked Shields, its annual live-fire cyber defense exercise. | |||
|
2022-04-19 11:40:34 | Online Fraud Prevention Startup SEON Raises $94 Million (lien direct) | Online fraud prevention startup SEON today announced that it has closed a $94 million Series B funding round that brings the total investment in the company to $107 million. The funding round was led by IVP, with additional investment from Creandum and PortfoLion, as well as several angel investors. | |||
|
2022-04-19 11:15:49 | (Déjà vu) Cybersecurity M&A Roundup for April 1-15, 2022 (lien direct) | 
Twenty-one cybersecurity-related M&A deals have been announced in the first half of April 2022.
|
|||
|
2022-04-19 10:12:54 | US: Hackers Continue Aiding North Korea Generate Funds via Cryptocurrency Attacks (lien direct) | North Korean state-sponsored hacking group Lazarus continues to target blockchain and cryptocurrency organizations in recent campaigns, the United States government warns. | APT 38 APT 28 | ||
|
2022-04-18 19:54:13 | Citizen Lab Documents Israeli Surveillance Spyware Infections in Spain (lien direct) | Security researchers have found fresh evidence linking a pair of mercenary Israeli hacking companies to mobile malware attacks on members of Catalan civil society. | Malware | ||
|
2022-04-18 15:28:09 | Webex Monitors Microphone Even When Muted, Researchers Say (lien direct) | Cisco's enterprise-facing Webex video conferencing and messaging utility monitors the microphone at all times, even when the user's microphone is muted in the software, according to warning from a group of academic researchers. | |||
|
2022-04-18 13:56:53 | FBI Warns of \'Reverse\' Instant Payments Phishing Schemes (lien direct) | The Federal Bureau of Investigation (FBI) has issued an alert on a new phishing scheme aimed at tricking victims into making money transfers to accounts controlled by cybercriminals. | |||
|
2022-04-18 13:47:29 | GitHub Warns of Private Repositories Downloaded Using Stolen OAuth Tokens (lien direct) | GitHub has sounded the alarm on a cyberattack that resulted in the private repositories of dozens of organizations being downloaded by an unauthorized party abusing stolen OAuth user tokens. The incident was identified on April 12, when the code hosting platform observed suspicious activity on its npm production infrastructure. | |||
|
2022-04-17 10:12:03 | OHSU Apologizes After Phishing Test Draws Complaints (lien direct) | Officials at Oregon Health & Science University have apologized to employees after a fake phishing test drew complaints about raising false hopes. | |||
|
2022-04-15 14:24:33 | North Korea APT Lazarus Targeting Chemical Sector (lien direct) | Threat hunters at Symantec have spotted signs that North Korea's Lazarus APT group is targeting companies in the chemical sector in an ongoing cyberespionage campaign that includes fake job lures and clever social engineering. | APT 38 APT 28 |
To see everything:
Our RSS (filtrered)
