What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-21 13:17:58 | No-Code Security Automation Company ContraForce Emerges From Stealth (lien direct) | McKinney, Texas-based security automation and compliance solutions provider ContraForce on Tuesday announced emerging from stealth mode with $2 million in seed funding from cyber foundry DataTribe. | |||
|
2021-12-21 12:36:55 | Russian Hacker Extradited to US for Trading on Stolen Information (lien direct) | A Russian national was extradited to the United States from Switzerland over the weekend, to face charges for his alleged role in a scheme whose participants traded on information stolen from hacked U.S. companies. | |||
|
2021-12-21 12:19:11 | Vulnerabilities Can Allow Hackers to Tamper With Walk-Through Metal Detectors (lien direct) | Walk-through metal detectors made by Garrett are affected by potentially serious vulnerabilities that can be exploited to hack the devices and alter their configuration. | Hack | ||
|
2021-12-21 12:07:19 | AP Exclusive: Polish Opposition Duo Hacked With NSO Spyware (lien direct) | The aggressive cellphone break-ins of a high-profile lawyer representing top Polish opposition figures came in the final weeks of pivotal 2019 parliamentary elections. Two years later, a prosecutor challenging attempts by the populist right-wing government to purge the judiciary had her smartphone hacked. | |||
|
2021-12-21 11:14:12 | FBI Sees APTs Exploiting Recent ManageEngine Desktop Central Vulnerability (lien direct) | The Federal Bureau of Investigation (FBI) has released an alert regarding the exploitation of a recent vulnerability in Zoho's ManageEngine Desktop Central product. | Vulnerability | ||
|
2021-12-21 10:46:37 | 5 Ways to Reduce the Risk of Ransomware to Your OT Network (lien direct) | In the last year and half, we've seen an unprecedented increase in ransomware attacks on Operational Technology (OT) networks. While this surge is generating a lot of press coverage, it was something that experts within our industry have been anticipating for a while. | Ransomware | ||
|
2021-12-21 09:40:10 | Facebook Patches Vulnerability Exposing Page Admin Identity (lien direct) | Facebook paid a teenage researcher from Nepal a $4,750 bug bounty reward for a vulnerability that could have been exploited to uncover the identity of a page's administrator. | Vulnerability | ||
|
2021-12-20 19:29:59 | Google Finds 35,863 Java Packages Using Defective Log4j (lien direct) | The computer security industry is bracing for travel on long, bumpy roads littered with Log4j security problems as experts warn that software dependency patching hiccups will slow global mitigation efforts. | Patching | ||
|
2021-12-20 17:19:34 | Planning for the Future: What\'s Ahead in 2022 (lien direct) | Current security technology stacks are not keeping up with the increasing scale and sophistication of attacks | |||
|
2021-12-20 14:39:59 | ZeroFox to Go Public in $1.4 Billion SPAC Deal (lien direct) | Social media threat protection firm ZeroFox, announced on Monday that it would acquire incident response services firm IDX and become a publicly traded company via Merger with L&F Acquisition Corp. | Threat | ||
|
2021-12-20 14:13:06 | (Déjà vu) Cybersecurity M&A Roundup for December 13-19, 2021 (lien direct) | 
Eight cybersecurity-related mergers and acquisitions were announced December 13-19, 2021.
|
|||
|
2021-12-20 14:06:28 | VMware Patches Vulnerabilities in Workspace ONE Access (lien direct) | Patches released by VMware to address a couple of vulnerabilities in the Workspace ONE Access authentication solution also resolve the recent Log4Shell security flaw. | |||
|
2021-12-20 12:03:05 | Ransomware Operators Leak Data Stolen From Logistics Giant Hellmann (lien direct) | Logistics giant Hellmann Worldwide Logistics has confirmed that attackers were able to exfiltrate data from its systems during a cyberattack earlier this month. | |||
|
2021-12-20 11:47:42 | Log4j Update Patches New Vulnerability That Allows DoS Attacks (lien direct) | CISA Orders Federal Agencies to Mitigate Log4j Vulnerabilities The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive instructing federal agencies to mitigate the Log4j vulnerabilities. The announcement came just before the disclosure of a new flaw affecting the popular logging utility. | Vulnerability | ||
|
2021-12-19 20:19:04 | Ransomware Persists Even as High-Profile Attacks Have Slowed (lien direct) | In the months since President Joe Biden warned Russia's Vladimir Putin that he needed to crack down on ransomware gangs in his country, there hasn't been a massive attack like the one last May that resulted in gasoline shortages. But that's small comfort to Ken Trzaska. | Ransomware | ||
|
2021-12-17 19:43:13 | Trend Micro Spots Chinese Hackers Targeting Transportation Sector (lien direct) | Since the middle of 2020, a Chinese state-sponsored threat actor called 'Tropic Trooper' has been targeting transportation organizations and government entities related to transportation sector, Trend Micro reports. | Threat | APT 23 | |
|
2021-12-17 19:32:03 | Citizen Lab Exposes Cytrox as Vendor Behind \'Predator\' iPhone Spyware (lien direct) | The University of Toronto's Citizen Lab has discovered another player in the private sector mobile spyware business, fingering a tiny North Macedonia company called Cytrox as the makers of high-end iPhone implants. | |||
|
2021-12-17 18:36:52 | Russian Cyberspy Groups Start Exploiting Log4Shell Vulnerability (lien direct) | Severity of Second Log4j Vulnerability Increased to Critical Russia has been added to the list of nation states targeting the recently disclosed Log4Shell vulnerability, with exploitation attempts linked to several of the country's cyberespionage groups. | Vulnerability | ||
|
2021-12-17 15:29:14 | Phorpiex Botnet Hijacked 3,000 Cryptocurrency Transactions (lien direct) | Over the past five years, the Phorpiex botnet has managed to hijack approximately 3,000 cryptocurrency transactions, stealing at least hundreds of thousands of dollars, Check Point says. | |||
|
2021-12-17 14:14:50 | VMware Patches Critical Flaw in Workspace ONE UEM Console (lien direct) | VMware on Thursday announced the release of patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. | Vulnerability | ||
|
2021-12-17 12:47:04 | Virginia Museum Shuts Down Website Amid IT Breach (lien direct) | An information technology system security breach detected late last month prompted the Virginia Museum of Fine Arts to shut down its website for a state investigation, the museum announced this week. | ★★★★ | ||
|
2021-12-17 11:50:44 | Sophisticated Noberus Ransomware First to Be Coded in Rust (lien direct) | Symantec researchers have analyzed what appears to be the first ransomware family written in the Rust programming language. | Ransomware | ||
|
2021-12-17 11:17:39 | Spyware Find Highlights Depth of Hacker-for-Hire Industry (lien direct) | Security researchers said Thursday they found two kinds of commercial spyware on the phone of a leading exiled Egyptian dissident, providing new evidence of the depth and diversity of the abusive hacker-for-hire industry. | Guideline | ||
|
2021-12-16 20:26:34 | Meta Targets \'Cyber Mercenaries\' Using Facebook to Spy (lien direct) | Facebook parent Meta announced Thursday the shutdown of some 1,500 accounts tied to "cyber mercenary" companies accused of spying on activists, dissidents and journalists worldwide on behalf of paying clients. | |||
|
2021-12-16 18:39:40 | Google Says NSO Pegasus Zero-Click \'Most Technically Sophisticated Exploit Ever Seen\' (lien direct) | Security researchers at Google's Project Zero have picked apart one of the most notorious in-the-wild iPhone exploits and found a never-before-seen hacking roadmap that included a PDF file pretending to be a GIF image with a custom-coded virtual CPU built out of boolean pixel operations. | |||
|
2021-12-16 16:59:13 | Corellium Lands $25 Million Investment for Virtualization Tech (lien direct) | Fresh off a high-profile legal triumph over Apple, virtualization technology startup Corellium is now enjoying the attention of investors with Paladin Capital Group leading a $25 million funding round. | Guideline | ||
|
2021-12-16 16:18:47 | Thousands of Industrial Systems Targeted With New \'PseudoManuscrypt\' Spyware (lien direct) | Tens of thousands of devices around the world, including many industrial control systems (ICS) and government computers, have been targeted in what appears to be an espionage campaign that involves a new piece of malware dubbed PseudoManuscrypt, Kaspersky revealed on Thursday. | Malware | ||
|
2021-12-16 15:13:42 | Upskilling Cyber Defenders Requires a Readiness Environment (lien direct) | The cybersecurity threat landscape never stands still. New threats and threat actors appear all the time. They are highly trained, well-funded, and leverage the newest tools to pursue some form of cybercrime - extortion, terrorism, data theft, the list goes on. | Threat | ★★★★ | |
|
2021-12-16 15:03:18 | Iran-Linked APT Abuses Slack in Attacks on Asian Airline (lien direct) | The Iran-linked advanced persistent threat (APT) actor MuddyWater was observed deploying a backdoor that abuses Slack on the network of an Asian airline, IBM Security X-Force reports. | Threat | ★★★★★ | |
|
2021-12-16 14:41:29 | SecurityWeek Announces Virtual Cybersecurity Event Schedule for 2022 (lien direct) | SecurityWeek, a leading provider of cybersecurity news and information to global enterprises, today announced its official lineup of virtual cybersecurity events for 2022. | Guideline | ||
|
2021-12-16 13:31:05 | CISA Calls for Improved Critical Infrastructure Security (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday called on critical infrastructure owners and operators to improve their security stance against malicious cyberattacks. | |||
|
2021-12-16 13:08:18 | North American Propane Distributor \'Superior Plus\' Discloses Ransomware Attack (lien direct) | North American propane distributor Superior Plus this week announced that it had to shut down certain computer systems after falling victim to a ransomware attack. The company says it discovered the breach on Sunday, December 12, and that, as a response, it took steps to mitigate impact on corporate data and operations. | Ransomware | ||
|
2021-12-16 12:10:50 | Threat Groups Reportedly Working on Log4Shell Worm (lien direct) | 
Experts Comment on Concerns Related to Log4Shell Worm
|
|||
|
2021-12-16 11:39:58 | Iran-Linked Hackers Attack Israeli Targets: Company (lien direct) | An Iran-linked hacking group attacked seven Israeli targets over a 24-hour period this week, an Israeli cybersecurity firm said, in the latest episode of cyberwarfare between the rival states. | |||
|
2021-12-16 11:12:40 | Noname Security Raises $135 Million at \'Unicorn\' Valuation (lien direct) | API security platform Noname Security on Wednesday announced that it has become a cybersecurity unicorn after closing a $135 million Series C funding round. | |||
|
2021-12-15 21:31:01 | Microsoft Spots Multiple Nation-State APTs Exploiting Log4j Flaw (lien direct) | If defenders needed any more urgency to patch and mitigate the explosive Log4j zero-day, along comes word that APT actors linked to China, Iran, North Korea and Turkey have already pounced and are actively exploiting the CVSS 10.0 vulnerability. | |||
|
2021-12-15 20:57:52 | Investors Bet Big on Cloud Security Startups Ermetic, Dazz (lien direct) | Venture capital investors are continuing to bet big on cloud security technologies with two early-stage startups announcing a combined $130 million in funding for products to help businesses secure cloud deployments. | |||
|
2021-12-15 20:33:05 | US, Australia Agree to Share Phone, Text Records in Criminal Probes (lien direct) | The United States and Australia signed an agreement Wednesday to ease access by their justice departments to digital phone and email records needed in criminal investigations. | |||
|
2021-12-15 18:50:30 | API Security Firm Cequence Raises $60 Million (lien direct) | The rapid adoption of APIs to facilitate both digital transformation and the pandemic-related growth in online commerce has caused a rush to market. But as with all code produced and released in haste, there are frequent problems. Cyberattacks against APIs have become a growth area for cybercriminals. | |||
|
2021-12-15 14:51:31 | U.S. Government Launches \'Hack DHS\' Bug Bounty Program (lien direct) | The United States Department of Homeland Security (DHS) this week announced the launch of a bug bounty program focused on identifying vulnerabilities in its systems. | |||
|
2021-12-15 14:26:00 | Industry Reactions to Log4Shell Vulnerability (lien direct) | The widely used Log4j logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including profit-driven cybercriminals and state-sponsored groups. | Tool Vulnerability | ||
|
2021-12-15 14:04:56 | Facebook Will Reward Researchers for Reporting Scraping Bugs (lien direct) | Facebook Paid Out $2.3 Million in Bug Bounties in 2021 Social media giant Facebook today announced that it is expanding its bug bounty and data bounty programs to reward security researchers for reporting scraping vulnerabilities and databases. | |||
|
2021-12-15 14:00:20 | Railway Cybersecurity Firm Cylus Raises $30 Million (lien direct) | Tel Aviv, Israel-based railway cybersecurity firm Cylus has raised $30 million in a Series B funding round led by U.S. firm Ibex Investors and joined by Vertex Growth Fund, Strides International Business, Magma Venture Partners, Vertex Ventures Israel, Zohar Zisapel, and Glenrock Israel. | |||
|
2021-12-15 12:58:51 | SAP Patches Log4Shell Vulnerability in 20 Applications (lien direct) | German software maker SAP is scrambling to patch the Log4Shell vulnerability in its applications and has rolled out fixes for tens of other severe flaws in its products. | Vulnerability | ||
|
2021-12-15 12:42:48 | Recent Ransomware Trends Reinforce the Need for Cyber Hygiene, Collaboration (lien direct) | It's no secret that ransomware has reached near-epic proportions. We are hearing about ransomware attacks left and right – and those are just the ones we hear about. For every attack that makes the headlines, there are many more that don't. | Ransomware | ||
|
2021-12-15 12:33:33 | Sysdig Raises $350 Million at $2.5 Billion Valuation (lien direct) | Container and cloud security company Sysdig on Wednesday announced raising $350 million in a Series G funding round, at a valuation of $2.5 billion. | |||
|
2021-12-15 11:49:57 | Log4Shell Tools and Resources for Defenders (lien direct) |
Type:
Story
Image:
Link:
Log4Shell Tools and Resources for Defenders - Continuously Updated
Log4Shell Tools and Resources for Defenders - Continuously Updated
|
|||
|
2021-12-15 11:47:36 | Problematic Log4j Functionality Disabled as More Security Issues Come to Light (lien direct) | Developers of the widely used Apache Log4j Java-based logging tool have disabled problematic functionality as more security issues have come to light. | Tool | ||
|
2021-12-15 09:40:31 | Web Browsing Security Firm Guardio Raises $47 Million (lien direct) | Web browsing protection tool Guardio on Tuesday announced that it came out of bootstrap mode with $47 million in funding. Guardio's first ever investment round was led by Tiger Global. Cerca Partners, Emerge, Samsung Next, Union, and Vintage also participated. | Tool | ||
|
2021-12-15 04:54:29 | HR Management Firm Kronos Needs Weeks to Recover From Ransomware Attack (lien direct) | HR management platform Ultimate Kronos Group (UKG) on Monday started notifying customers that it fell victim to a ransomware attack that took down multiple applications over the weekend. | Ransomware |
To see everything:
Our RSS (filtrered)
