What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-08-03 04:00:51 | DeadRinger: A Three-Pronged Attack by Chinese Military Actors against Major Telcos (lien direct) | Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda (also known as APT27). | Threat | APT 30 APT 27 | |
|
2021-08-02 16:53:54 | Potential RCE Flaw Patched in PyPI\'s GitHub Repository (lien direct) | A vulnerability in the GitHub Actions workflow for PyPI's source repository could be exploited to perform a malicious pull request and eventually execute arbitrary code on pypi.org, according to a warning from a Japanese security researcher. | Vulnerability | ||
|
2021-08-02 16:03:11 | OT Security Firm Nozomi Networks Raises $100 Million (lien direct) | Nozomi Networks, a provider of operational technology (OT) and internet of things (IoT) cybersecurity solutions, said Monday that it has raised $100 million in Series D pre-IPO-funding round. | |||
|
2021-08-02 15:20:49 | Chipotle\'s Email Marketing Account Hacked to Spread Malware (lien direct) | Nobelium-style Phishing Tactics Used to Spread Malware | Malware | ||
|
2021-08-02 14:51:35 | (Déjà vu) Cybersecurity M&A Roundup: 38 Deals Announced in July 2021 (lien direct) | 
Nearly 40 cybersecurity-related mergers and acquisitions were announced in July 2021.
|
|||
|
2021-08-02 13:07:17 | Cisco, Sonatype and Others Join Open Source Security Foundation (lien direct) | The Open Source Security Foundation (OpenSSF), the cross-industry forum focused on improving open source software security, has expanded its member list with the addition of names such as Accurics, Anchore, Bloomberg Finance, Cisco Systems, Codethink, Cybertrust Japan, OpenUK, ShiftLeft, Sonatype and Tidelift. | |||
|
2021-08-02 12:45:35 | Amazon Fined 746 Mn Euros in Luxembourg Over Data Privacy (lien direct) | Amazon was fined 746 million euros ($880 million) by Luxembourg authorities over allegations it flouted the EU's data protection rules, the online retail giant said Friday. | |||
|
2021-08-02 11:30:54 | NSA Shares Guidance for Government Employees on Securing Wireless Devices in Public (lien direct) | The National Security Agency (NSA) has published a new document to provide a series of recommendations on how governmental agencies in the United States can mitigate the cybersecurity risks associated with the use of wireless devices in public settings. | ★★★★ | ||
|
2021-08-02 10:01:17 | Zoom to Settle US Privacy Lawsuit for $85 Mn (lien direct) | Zoom, the videoconferencing firm, has agreed to settle a class-action US privacy lawsuit for $85 million, it said Sunday. The suit charged that Zoom's sharing of users' personal data with Facebook, Google and LinkedIn was a breach of privacy for millions. | |||
|
2021-08-01 14:21:58 | Justice Department Says Russians Hacked Federal Prosecutors (lien direct) | The Russian hackers behind the massive SolarWinds cyberespionage campaign broke into the email accounts of some of the most prominent federal prosecutors' offices around the country last year, the Justice Department said. | |||
|
2021-07-30 15:29:39 | Android Banking Trojan \'Vultur\' Abusing Accessibility Services (lien direct) | A newly discovered Android banking Trojan relies on screen recording and keylogging instead of HTML overlays for the capturing of login credentials, according to security researchers at ThreatFabric. | |||
|
2021-07-30 15:25:25 | Russia\'s APT29 Still Actively Delivering Malware Used in COVID-19 Vaccine Spying (lien direct) | The Russian cyberespionage group known as APT29 and Cozy Bear is still actively delivering a piece of malware named WellMess, despite the fact that the malware was exposed and detailed last year by Western governments. | Malware | APT 29 APT 29 | |
|
2021-07-30 14:07:11 | New Chinese Threat Group \'GhostEmperor\' Targets Governments, Telecom Firms (lien direct) | A previously undocumented Chinese-speaking threat actor is targeting Microsoft Exchange vulnerabilities in an attempt to compromise high-profile victims, Kaspersky reveals. Tracked as GhostEmperor, the long-running operation focuses on targets in Southeast Asia and uses a formerly unknown Windows kernel-mode rootkit. | Threat | ||
|
2021-07-30 13:57:52 | Window of Exposure is Expanding and Hackers Know Exactly Where to Strike (lien direct) | For the last 15 years, researchers have produced an annual State of Application Security report. But in the last 18 pandemic driven months, they told SecurityWeek, “the world has turned on its head.” Both application development and use, and subsequent software compromises have grown dramatically. | |||
|
2021-07-30 12:40:57 | Remote Code Execution Flaws Patched in WordPress Download Manager Plugin (lien direct) | A vulnerability patched recently in the WordPress Download Manager plugin could be abused to execute arbitrary code under specific configurations, the Wordfence team at WordPress security company Defiant warns. | Vulnerability | ||
|
2021-07-30 11:57:59 | Microsoft Shares More Information on Protecting Systems Against PetitPotam Attacks (lien direct) | Microsoft has shared more information on how organizations can protect Windows domain controllers and other Windows servers against potential PetitPotam attacks. | |||
|
2021-07-30 11:07:46 | 21-Year-Old Woman Pleads Guilty to Sending Phishing Emails to Political Candidates (lien direct) | A 21-year-old Rhode Island woman has pleaded guilty to targeting candidates for political office and their campaign staff with phishing emails. The woman, Diana Lebeau, of Cranston, R.I., admitted in court to sending phishing emails to roughly 22 members of the campaign staff of a political candidate, posing as the campaign's managers or co-chairs. | Guideline | ||
|
2021-07-30 10:42:20 | S.Africa\'s Port Terminals Restored Following Cyber-Attack (lien direct) | Operating systems have been restored at South Africa's state-owned logistics firm, the company said Thursday following a cyber-attack last week that hit the country's key port terminals. | |||
|
2021-07-30 09:20:47 | Belarusian Nationals Arrested for Hacking ATMs Across Europe (lien direct) | Two Belarusian nationals were arrested earlier this month in Poland on the suspicion they engaged in multiple ATM jackpotting attacks. The two are believed to have committed dozens of ATM jackpotting attacks (also known as Black Box attacks) in several European countries, stealing an estimated €230,000 (approximately $273,000) in cash. | |||
|
2021-07-29 17:02:39 | Researchers Publish Details on Recent Critical Hyper-V Vulnerability (lien direct) | Security researchers at Guardicore Labs are sharing details of a critical vulnerability in Hyper-V that Microsoft patched in May 2021. | Vulnerability | ||
|
2021-07-29 15:37:25 | How Low-level Hackers Access High-end Malware (lien direct) | Hacking tool downloads from underground forums are increasing, and the tools are becoming more sophisticated; low-level hackers are gaining access to hacked versions of sophisticated tools; access broking is growing; and existing tools are repurposed for more aggressive attacks. | Malware Tool | ||
|
2021-07-29 15:19:19 | BlackCloak Raises $11 Million for Its Executive Protection Platform (lien direct) | BlackCloak, a company that provides cyber protection services for corporate executives and high-profile individuals, on Thursday announced that it has raised $11 million in a Series A funding round. | |||
|
2021-07-29 14:30:47 | Leaked Files From Offensive Cyber Unit Show Iran\'s Interest in Targeting ICS (lien direct) | 
|
|||
|
2021-07-29 14:14:40 | Turn Off, Turn On: Simple Step Can Thwart Top Phone Hackers (lien direct) | Regularly rebooting smartphones can make even the most sophisticated hackers work harder to maintain access and steal data from a phone | |||
|
2021-07-29 13:56:04 | MSSP SolCyber Emerges From Stealth With $20 Million Series A Funding (lien direct) | SolCyber has emerged from stealth with $20 million in Series A funding from ForgePoint Capital, claiming to be the first modern MSSP for the mid-market. Venture funding for an MSSP is not unknown, but not common. It indicates that VC has confidence that the MSSP can grow into a sizeable firm. | |||
|
2021-07-29 13:30:28 | Protect: The Second Pillar in Your Journey to Improve Industrial Cybersecurity Posture (lien direct) | In the last year, the National Security Agency (NSA) had ramped up its warnings on the risks of connecting industrial networks to IT networks issuing two cybersecurity advisories, the most recent just 10 days prior to the Colonial Pipeline disruption. Now, with the stakes raised and proof that our critical infrastructure is an easy target, the U.S. government is taking immediate action. | |||
|
2021-07-29 13:01:21 | Researchers Link Mysterious \'MeteorExpress\' Wiper to Iranian Train Cyberattack (lien direct) | Security researchers at SentinelOne have stumbled upon a hitherto unknown data-wiping malware that was part of a disruptive cyberattack against Iran's train system earlier this month. | Malware | ||
|
2021-07-29 12:42:15 | LogicGate Raises $113 Million in Series C Funding (lien direct) | Risk and compliance solutions provider LogicGate this week announced that it has raised $113 million in a Series C funding round, bringing the total raised by the company to $156 million. The funding round was led by growth equity firm PSG, with participation from existing investor Greenspring Associates. | ★★★ | ||
|
2021-07-29 11:11:51 | Google Details New Privacy and Security Policies for Android Apps (lien direct) | Google this week announced a series of updates to its Google Play policies that are meant to improve overall user privacy and security and provide more control over ads personalization. | |||
|
2021-07-29 09:59:16 | eCommerce Fraud Prevention Firm Riskified Prices IPO at $21 Per Share (lien direct) | Israel-based ecommerce fraud prevention company Riskified has announced the pricing of its initial public offering (IPO) as it prepares to start trading publicly on the New York Stock Exchange. | |||
|
2021-07-29 08:31:51 | Serious Vulnerabilities Found in Firmware Used by Many IP Camera Vendors (lien direct) | IP cameras offered by a dozen vendors are exposed to remote attacks due to several serious vulnerabilities found in the firmware they all share, according to France-based cybersecurity firm RandoriSec. | |||
|
2021-07-28 17:40:35 | US Acting to Better Protect Infrastructure From Cyberthreats (lien direct) | The Biden administration is taking steps to harden cybersecurity defenses for critical infrastructure, announcing on Wednesday the development of performance goals and a voluntary public-private partnership to protect core sectors. | |||
|
2021-07-28 15:39:17 | Foxit Plugs Multiple Security Holes in PDF Reader, Editor (lien direct) | Foxit Software this week released security updates for its PDF Reader and PDF Editor applications, to address multiple vulnerabilities, including some leading to remote code execution. | Guideline | ||
|
2021-07-28 15:28:56 | US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack (lien direct) | The U.S. government and its allies are pleading with defenders to pay attention to gaping holes in perimeter-type devices, warning that advanced threat actors are feasting on known security defects in VPN appliances, network product gateways and enterprise cloud applications. | Threat Guideline | ||
|
2021-07-28 14:45:17 | Cyber Asset Management Platform Noetic Launches With $20 Million in Funding (lien direct) | Cyber asset management and controls platform Noetic Cyber emerged from stealth mode today and also announced that it has raised $20 million in Series A funding. | |||
|
2021-07-28 14:10:44 | Hospital Network Reveals Cause of 2020 Cyberattack (lien direct) | A cyberattack that crippled the computer systems of a hospital network affecting six hospitals in Vermont and New York last fall happened after an employee opened a personal email on a company laptop while on vacation, a University of Vermont Health Network official said Tuesday. | |||
|
2021-07-28 13:59:00 | Leveraging People in the Email Security Battle (lien direct) | 
A combination of humans and technology is needed to truly move the needle on email security
|
|||
|
2021-07-28 13:25:30 | Survey Shows Reasons for Cloud Misconfigurations are Many and Complex (lien direct) | Using 'policy as code' helps the security team to be a cloud highway builder rather than a cloud toll booth operator | |||
|
2021-07-28 12:31:39 | University of San Diego Health Says Personal Information Stolen in Data Breach (lien direct) | University of San Diego Health this week revealed that personal information was accessed in a data breach involving unauthorized access to some employee email accounts. | Data Breach | ||
|
2021-07-28 11:37:28 | Iranian Spies Maintained Social Media Persona for Years Before Targeting Defense Contractor (lien direct) | An Iranian state-sponsored threat actor tracked as TA456 maintained a social media account for several years before engaging with their intended victim, cybersecurity firm Proofpoint reports. | Threat | ||
|
2021-07-28 11:13:44 | IBM: Average Cost of Data Breach Exceeds $4.2 Million (lien direct) | A global study commissioned by IBM Security shows that the average cost of a data breach exceeded $4.2 million during the coronavirus pandemic, which the company pointed out is the highest in the 17-year history of its “Cost of a Data Breach” report. | Data Breach | ||
|
2021-07-28 10:28:32 | In 1st Visit to Intel Agency, Biden Warns of Cyber Conflict (lien direct) | President Joe Biden used his first visit with rank-and-file members of the U.S. intelligence community - a part of government that was frequently criticized by his predecessor Donald Trump - to make a promise that he will “never politicize” their work. | |||
|
2021-07-28 09:35:28 | Cyber Insurance Firm At-Bay Raises $185 Million at $1.35 Billion Valuation (lien direct) | Cyber insurance firm At-Bay on Tuesday announced raising $185 million in a Series D funding round at a post-money valuation of $1.35 billion, which gives the company “unicorn” status. | |||
|
2021-07-27 18:47:20 | CODESYS Patches Dozen Vulnerabilities in Industrial Automation Products (lien direct) | Industrial automation software provider CODESYS this month informed customers about a dozen vulnerabilities affecting various products. More than half of these flaws were discovered by Cisco Talos and their details were disclosed on Monday. | |||
|
2021-07-27 16:06:33 | Google Paid Over $29 Million in Bug Bounty Rewards in 10 Years (lien direct) | Google says it has paid more than $29 million in rewards for pre-patch vulnerability data over the past 10 years. | Vulnerability | ||
|
2021-07-27 15:09:19 | Vulnerabilities Allow Hacking of Zimbra Webmail Servers With Single Email (lien direct) | Vulnerabilities in the Zimbra enterprise webmail solution could allow an attacker to gain unrestricted access to an organization's sent and received email messages, software security firm SonarSource reveals. | |||
|
2021-07-27 13:53:21 | 1Password Raises $100 Million at $2 Billion Valuation (lien direct) | Password management solutions provider 1Password today announced receiving a $100 million investment that increases its valuation to $2 billion. Previously, the company raised $200 million in a Series A funding round. | |||
|
2021-07-27 13:02:48 | Critical Vulnerability Found in Sunhillo Aerial Surveillance Product (lien direct) | An unauthenticated OS command injection vulnerability in the Sunhillo SureLine application could allow an attacker to execute arbitrary commands with root privileges, according to security researchers with the NCC Group. | Vulnerability | ||
|
2021-07-27 12:32:38 | Kaseya Denies Paying Cybercriminals Who Launched Ransomware Attack (lien direct) | IT management software firm Kaseya on Monday said it did not pay any money to cybercriminals, following speculation that it may have paid a ransom to obtain a decryptor that would allow customers hit by the recent ransomware attack to recover their files. | Ransomware | ||
|
2021-07-27 12:09:31 | Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S. (lien direct) | A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States. | Tool Vulnerability Threat |
To see everything:
Our RSS (filtrered)
