What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-14 10:03:53 | Microsoft Says SolarWinds Serv-U Zero-Day Exploited by Chinese Group (lien direct) | Microsoft said on Tuesday that a recently patched SolarWinds Serv-U zero-day vulnerability has been exploited by a Chinese threat group. | Vulnerability Threat | ||
|
2021-07-14 08:45:49 | CISA Says Multiple Threat Actors Exploiting Windows \'PrintNightmare\' Vulnerability (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued Emergency Directive 21-04, which requires all federal agencies to apply the available patches for the recently disclosed Microsoft Print Spooler service vulnerability within one week. | Vulnerability Threat | ||
|
2021-07-14 08:30:00 | US to Seek Global Rules on AI misuse, Blinken Says (lien direct) | The United States will seek global rules on how to prevent misuse of artificial intelligence, Secretary of State Antony Blinken said Tuesday, as he renewed warnings against Russia over hacking. | |||
|
2021-07-14 00:17:19 | REvil Ransomware Gang Goes Offline, Prompting Questions (lien direct) | A Russian-based hacker group blamed for a massive ransomware attack went offline Tuesday, sparking speculation about whether the move was the result of a government-led action. | Ransomware | ||
|
2021-07-13 19:02:07 | SAP Patches High-Risk Vulnerabilities in NetWeaver (lien direct) | German software maker SAP has released 12 new security notes as part of its July 2021 security patch day, as well as updates for three previously released security notes. | |||
|
2021-07-13 17:52:19 | Microsoft Patches 3 Under-Attack Windows Zero-Days (lien direct) | Microsoft's Patch Tuesday bundle for July 2021 landed with a loud thud as the world's largest software maker warns of a new wave of zero-day attacks hitting its flagship Windows operating system. | |||
|
2021-07-13 17:12:46 | Firefox 90 Adds Cross-Origin Protections, Advanced Tracker Blocker (lien direct) | Mozilla this week pushed Firefox 90 to the stable channel with several security improvements, including better protections against cross-origin threats and an advanced tracker blocking mechanism. | |||
|
2021-07-13 15:08:49 | Adobe: Critical Flaws in Reader, Acrobat, Illustrator (lien direct) | Adobe has issued multiple security advisories with patches for critical vulnerabilities in a wide range of software products, including the ever-present Adobe Acrobat and Reader application. | |||
|
2021-07-13 14:30:56 | AttackIQ Raises $44 Million in Series C Funding Round (lien direct) | Breach and attack simulation (BAS) solutions provider AttackIQ today announced that it has raised $44 million in a Series C funding round that brings the total raised by the company to approximately $79 million. | |||
|
2021-07-13 13:36:25 | Security Operations Firm Arctic Wolf Raises $150 Million at $4.3 Billion Valuation (lien direct) | SOC-as-a-service solutions provider Arctic Wolf on Tuesday announced raising $150 million in a Series F funding round, at a valuation of $4.3 billion. | |||
|
2021-07-13 12:37:09 | Iranian Hackers Impersonate British Scholars in Recent Campaign (lien direct) | In a recent attack campaign, the Iran-linked threat actor tracked as TA453 has been posing as UK scholars with the University of London's School of Oriental and African Studies (SOAS) to engage targets of interest and steal their credentials, security researchers with Proofpoint reveal. | Threat Studies | ||
|
2021-07-13 12:30:00 | Defeating the Organized Cybercrime Ecosystem (lien direct) | The recent attack against users of the Kaseya VSA platform is yet another example of the increasingly organized dynamic of cybercrime. The days of the lone attacker are long gone; these attacks are now big business with significant reconnaissance. Unofficial reports have identified the REvil ransomware threat actors as being behind this supply chain attack. | Ransomware Threat | ||
|
2021-07-13 12:29:13 | Google Cloud Certificate Authority Service Becomes Generally Available (lien direct) | Google Cloud on Monday announced that its Certificate Authority Service is now generally available. | |||
|
2021-07-13 11:35:23 | Great Power or Great Vulnerability? Securing 5G and 6G Networks (lien direct) | As our world becomes increasingly virtual, fast, and reliable network connections have never been more critical. Businesses and consumers alike expect a fully connected experience in all aspects of their lives and eagerly await 5G's faster data speeds, lower latency, and increased connectivity. | |||
|
2021-07-13 11:10:03 | Critical Vulnerability Can Be Exploited to Hack Schneider Electric\'s Modicon PLCs (lien direct) | A vulnerability affecting some of Schneider Electric's Modicon programmable logic controllers (PLCs) can be exploited to bypass authentication mechanisms, allowing attackers to take complete control of the targeted device. | Hack Vulnerability | ||
|
2021-07-13 10:14:41 | Recently Patched ForgeRock AM Vulnerability Exploited in Attacks (lien direct) | Government agencies in the United States and Australia warn organizations that a recently patched vulnerability affecting ForgeRock Access Management has been exploited in the wild. | Vulnerability | ||
|
2021-07-13 04:03:27 | Fashion Retailer Guess Notifies Users of Data Breach (lien direct) | Fashion retailer Guess last week confirmed that the personal data of some customers was compromised in a ransomware attack it suffered in February 2021. | Ransomware Data Breach | ||
|
2021-07-12 18:48:04 | Microsoft to Acquire Threat Intelligence Vendor RiskIQ (lien direct) | Microsoft has flexed its muscles in the cybersecurity space, and will drop a reported $500 million in cash to acquire RiskIQ, a late stage startup in the threat intelligence and attack surface management business. | Threat | ||
|
2021-07-12 16:00:58 | Solarwinds Confirms New Zero-Day Flaw Under Attack (lien direct) | Security responders at SolarWinds are scrambling to contain a new zero-day vulnerability being actively exploited in what is being described as “limited, targeted attacks.” | Vulnerability | ||
|
2021-07-12 13:50:12 | CISA Releases Analysis of 2020 Risk and Vulnerability Assessments (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) has published the results of the Risk and Vulnerability Assessments (RVAs) it conducted in fiscal year 2020, revealing some of the security weaknesses that impact government and critical infrastructure organizations. | Vulnerability | ||
|
2021-07-12 13:05:03 | Mitsubishi Electric Patches Vulnerabilities in Air Conditioning Systems (lien direct) | Mitsubishi Electric recently patched critical and high-severity vulnerabilities affecting many of its air conditioning products, mainly centralized controllers. | |||
|
2021-07-12 12:01:11 | Seizing Cryptocurrency: How is Law Enforcement Tracing and Recovering Bitcoin Payments? (lien direct) | 
A look into recent cryptocurrency tracing and recovery operations by the FBI and UK's Metropolitan Police
|
|||
|
2021-07-12 11:50:00 | Kaseya Releases Patches for Vulnerabilities Exploited in Ransomware Attack (lien direct) | IT management solutions provider Kaseya has released patches for the vulnerabilities exploited in the recent ransomware attack, and the company has also started restoring SaaS services. | Ransomware | ||
|
2021-07-12 10:58:37 | Netskope Raises $300 Million at $7.5 Billion Valuation (lien direct) | Secure Access Service Edge (SASE) provider Netskope on Friday announced closing a new $300 million investment round at a post-money valuation of $7.5 billion. To date, the company has raised more than $1 billion in funding. | |||
|
2021-07-12 10:18:40 | Consumer Group Lodges EU Complaint Against WhatsApp (lien direct) | The European Consumer Organisation announced Monday it had lodged a complaint with the European Commission against Facebook's attempt to modify the terms of service for the WhatsApp messenging service. | |||
|
2021-07-10 16:25:43 | "Cyber Disruption" Stops Websites of Iranian Ministry (lien direct) | Websites of Iran's transport and urbanization ministry Saturday went out of service after a “cyber disruption” in computer systems of its staff, the official IRNA news agency reported. The report did not elaborate but said the case is under investigation. This is the second abnormality in computer systems related to the ministry. | |||
|
2021-07-10 16:22:11 | Biden Tells Putin Russia Must Crack Down on Cybercriminals (lien direct) | President Joe Biden told Russian President Vladimir Putin in a Friday phone call that he must “take action” against cybercriminals acting in his country and that the U.S. reserves the right to “defend its people and its critical infrastructure” from future attacks, the White House said. | |||
|
2021-07-09 16:43:18 | Insurer CNA Starts Notifying Customers of Ransomware Attack (lien direct) | Commercial insurer CNA has started notifying customers that threat actors did have access to some personal data during a ransomware attack in March. | Ransomware Threat | ||
|
2021-07-09 14:58:51 | ZLoader Adopts New Macro-Related Delivery Technique in Recent Attacks (lien direct) | The ZLoader malware family has switched to a new delivery mechanism in recent spam campaigns, fetching malicious code only after the initial attachment has been opened, McAfee reports. | Spam Malware | ||
|
2021-07-09 14:05:59 | (Déjà vu) Cybersecurity M&A Roundup: 14 Deals Announced July 1-8, 2021 (lien direct) | 
A total of 14 cybersecurity-related acquisitions were announced between July 1 and July 8, 2021.
|
|||
|
2021-07-09 13:55:05 | Did Microsoft Botch the PrintNightmare Patch? (lien direct) | Just days after shipping an emergency Windows update to cover a dangerous code execution flaw (CVE-2021-1675) in the Print Spooler service, Microsoft is investigating a new set of claims that its so-called 'PrintNightmare' patch has not properly fixed the underlying vulnerability. | |||
|
2021-07-09 12:05:03 | Microsoft Paid Out $13.6 Million in Bug Bounties in Past Year (lien direct) | Microsoft this week revealed that it paid out more than $13.6 million in bug bounties between July 1, 2020, and June 30, 2021. As part of the company's 17 bug bounty and grant programs, participating security researchers can earn awards as high as $250,000 -- the highest rewards are for critical vulnerabilities in Hyper-V. | |||
|
2021-07-09 11:03:48 | Sage X3 Vulnerabilities Can Pose Serious Risk to Organizations (lien direct) | Researchers at cybersecurity firm Rapid7 have uncovered several vulnerabilities in the Sage X3 enterprise resource planning (ERP) product, including flaws that can be exploited remotely without authentication to take complete control of a system. | |||
|
2021-07-09 10:41:02 | Restart After Hacks Delayed Again by Software Firm (lien direct) | A US software firm hit by a ransomware attack that crippled companies worldwide put off restarting its servers until Sunday to harden defenses against further breaches. | Ransomware | ||
|
2021-07-09 03:53:15 | Morgan Stanley Hit by Accellion Hack Through Third-Party Vendor (lien direct) | Investment banking firm Morgan Stanley has informed the New Hampshire Attorney General that personal information of some customers was compromised through a third-party vendor that was using the Accellion FTA service. | Hack | ||
|
2021-07-09 02:33:23 | Israel Says It\'s Targeting Hamas\' Cryptocurrency Accounts (lien direct) | Israel said Thursday it will begin seizing cryptocurrency accounts used by the Palestinian Hamas group to raise money for its armed wing. | |||
|
2021-07-08 17:30:03 | Cisco Patches High Severity Vulnerabilities in BPA, WSA (lien direct) | Cisco this week released patches for high severity vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users to privilege escalation attacks. | |||
|
2021-07-08 14:20:43 | Use of Common Malware in Operation Targeting Energy Sector Makes Attribution Difficult (lien direct) | Researchers at cybersecurity firm Intezer have been monitoring a campaign that appears to be mainly aimed at the energy sector, but attribution to a known threat group is made difficult by the fact that the operation involves several common malware families. | Malware Threat | ||
|
2021-07-08 13:18:20 | IoT/OT Device Security Firm NanoLock Raises $11 Million (lien direct) | NanoLock Security, an Israel-based company that specializes in IoT and operational technology (OT) device protection and management, this week announced raising $11 million in a Series B funding round. | |||
|
2021-07-08 13:01:17 | Mac Malware Used in Attacks Targeting Industrial Organizations in Middle East (lien direct) | A malicious campaign focused on the industrial sector in the Middle East has been expanded to also target Mac computers, security researchers at Kaspersky have discovered. | Malware | ||
|
2021-07-08 12:29:03 | Biden Pressured to Act on \'Russian\' Ransomware, Hacking (lien direct) | Top US officials met at the White House on stopping ransomware Wednesday, as pressure mounted on President Joe Biden to take action against Russia over cyberattacks. | Ransomware | ||
|
2021-07-08 11:53:22 | Android Updates for July 2021 Patch Tens of High-Severity Vulnerabilities (lien direct) | Google on Wednesday announced the availability of the July 2021 security updates for the Android operating system, which include patches for over 40 vulnerabilities. | |||
|
2021-07-08 11:24:50 | Emails Offering Kaseya Patches Deliver Malware (lien direct) | IT management software maker Kaseya is still working on patching the vulnerabilities exploited in the recent ransomware attack, but some cybercriminals are sending out emails offering the patches in an effort to distribute their malware. | Ransomware Malware Patching | ||
|
2021-07-08 10:28:49 | Non-Malicious Android Crypto Mining Apps Scam Users at Scale (lien direct) | With no bad behavior, the mobile apps are difficult to detect by automated security scans | |||
|
2021-07-07 15:49:01 | CISA Says Philips Vue Healthcare Products Affected by 15 Vulnerabilities (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday published an advisory to inform organizations about a total of 15 vulnerabilities affecting Philips Vue healthcare products. | |||
|
2021-07-07 15:44:13 | RNC Says No Data Accessed in Synnex Breach (lien direct) | The Republican National Committee says none of its data was compromised in a cyberattack that involved B2B IT services provider Synnex. | |||
|
2021-07-07 14:42:43 | Sophos Acquires Capsule8 to Beef up Linux Protection (lien direct) | British anti-malware powerhouse Sophos has acquired Capsule8 to beef up the Linux protection capabilities to its endpoint detection and response product stack. Financial terms of the deal were not disclosed. | |||
|
2021-07-07 14:37:34 | Kaspersky Password Manager Generated Passwords That Could Quickly Be Brute-Forced (lien direct) | A vulnerability in the Kaspersky Password Manager resulted in the created passwords being weak enough to allow an attacker to brute-force them in seconds, a security researcher claims. | Vulnerability | ||
|
2021-07-07 13:10:44 | Continuous Updates: Everything You Need to Know About the Kaseya Ransomware Attack (lien direct) | 
|
Ransomware | ★★★ | |
|
2021-07-07 12:44:18 | Rural Alabama Electric Cooperative Hit by Ransomware Attack (lien direct) | A utility that provides power in rural southeastern Alabama was hit by a ransomware attack that meant customers temporarily can't access their account information, but an executive said Tuesday that systems were beginning to be brought back online. | Ransomware |
To see everything:
Our RSS (filtrered)
