What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
itsecurityguru.webp 2022-02-03 11:19:52 9 out of 10 Security Leaders Warn of Skills Shortage (lien direct) Despite business backing and a recruitment push, new research suggests most tech security decision-makers are struggling to address the skilled professional shortage. Stott and May, a global cybersecurity recruitment firm has joined forces with venture investor Forgepoint Capital to compose the Cyber Security in Focus. Responses from cybersecurity directors, security operations directors and VPs of product […]
itsecurityguru.webp 2022-02-03 10:27:30 (Déjà vu) Hackers steal $326 million from blockchain platform Wormhole (lien direct) Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to the tune of $326 million in cryptocurrency. Wormhole is a platform enabling users to transfer cryptocurrency across different blockchains. It  locks the original token in a smart contract and mints a wrapped version of the stored token that is trans. Avalanche, Oasis, Binance […] Vulnerability
itsecurityguru.webp 2022-02-03 10:00:04 Obrela acquires Encode to become one of Europe\'s largest MDR players (lien direct) Obrela Security Industries, a leading provider of security analytics and cyber risk management services, has announced the acquisition of Encode, a Security Analytics and Response Orchestration provider.  The move establishes Obrela as one of the largest cybersecurity and Managed Detection and Response (MDR) players in the EMEA. George Patsis, CEO of Obrela said, “Our acquisition […] Guideline
itsecurityguru.webp 2022-02-02 17:00:04 AI-powered tools to fend off ransomware attacks (lien direct) Zero trust-type security has become the standard for any self-respecting security software provider and is a step in the right direction in the never-ending battle against the bad hacker actors of the worlds. Unfortunately, it doesn't seem the be the final answer to storing corporate data securely for an enterprise and its users. Zero trust […] Ransomware
itsecurityguru.webp 2022-02-02 16:38:03 Salt Security brings API security to the channel (lien direct) Salt Security, the API security company, has announced the global expansion of its Salt Security Essential Partner Program, with the company noting that it will be instrumental in ensuring customers around the world can protect the APIs fueling their digital transformations, application modernisations, cloud migrations, and other digital initiatives. The company state that it has […]
itsecurityguru.webp 2022-02-02 15:00:48 Cloudflare launches paid public bug bounty program (lien direct) The American web infrastructure and website security company Cloudflare has announced the launch of a new public bug bounty program. Rushil Shah, a Product Security Engineer at Cloudflare said, “today we are launching Cloudflare’s paid public bug bounty program,” “We believe bug bounties are a vital part of every security team’s toolbox and have been […] ★★
itsecurityguru.webp 2022-02-02 13:15:45 Cato Networks delivers first CASB for instant visibility and control of cloud application data risk (lien direct) Cato Networks yesterday announced the release of Cato CASB, the first Cloud Access Security Broker (CASB) to help companies with visibility and managing cloud application data risk. This new offering “addresses a critical visibility and control gap created by cloud migration but must be converged into a broad SASE platform to be truly effective across […]
itsecurityguru.webp 2022-02-02 11:25:39 FBI warns of scam job listings (lien direct) Scammers are conducting phishing campaigns using fake advertisements on recruitment platforms. The FBI issued the warning today through a public service announcement (PSA) on their Internet Crime Complaint Centre (IC3). “The FBI warns that malicious actors or ‘scammers’ continue to exploit security weaknesses on job recruitment websites to post fraudulent job postings in order to […] ★★★★★
itsecurityguru.webp 2022-02-02 09:54:44 Business leaders are confident in their defences, despite over half falling victim to ransomware (lien direct) New research from Adarma, the UK's largest independent cyber threat management company, has discovered a major disconnect in the way organisations think and act in the face of ransomware. Adarma’s nationwide ransomware study surveyed 500 C-level executives at UK businesses with over 2,000 employees and found that 58% of respondents have experienced a ransomware attack, with […] Ransomware Threat
itsecurityguru.webp 2022-02-01 17:04:36 Hackers are now using ransomware in attempt to remain undetected (lien direct) Iranian hackers are now using new malware to conduct cyber espionage campaigns and steal data. In some cases they drop ransomware in an attempt to avoid detection. Researchers at Cybereason attribute the two separate campaigns to an Iranian hacking group known as Phosphorous. Moses Staff, another state-backed group, is also believed to be involved. It […] Ransomware Malware ★★★★★
itsecurityguru.webp 2022-02-01 16:20:53 Andreas Deliandreadis announced as Kiteworks VP of Sales, EMEA (lien direct) Kiteworks has announced the appointment of Andreas Deliandreadis as its new Vice President of Sales, EMEA. With more than 20 years in technology and cybersecurity sales and business development in EMEA markets, Deliandreadis is responsible for driving international revenue growth across Europe, the Middle East, and Africa (EMEA). “It is a great honour and privilege […] ★★★★★
itsecurityguru.webp 2022-02-01 16:09:14 Armis and Eseye joint solution reliably secures connected devices on cellular networks (lien direct) Global connectivity specialist Eseye and agentless device security platform provider, Armis, have announced the general availability of a joint solution that enables organisations to deploy connected devices anywhere in the world with enterprise-class security and consistent, reliable cellular (4G/LTE/5G) connectivity.    The joint solution addresses how digital transformation has created a new generation of connected […] ★★
itsecurityguru.webp 2022-02-01 14:30:51 One in seven ransom extortion attempts leak key operational data (lien direct) One in seven ransomware extortion data leaks are revealing technology data critical to business operation, researchers say. In recent years, ransomware has catapulted in severity from its early days as barebone encryption and basic demand for payment. Historically, ransomware was used to infect systems and extort payments from the general public, typically in cryptocurrency such […] Ransomware
itsecurityguru.webp 2022-02-01 12:14:23 FBI warn olympians to leave devices at home (lien direct) The FBI has sent out an alert to warn attendees and athletes going to the Beijing Winter Olympics to leave mobiles and other devices at home due to the risk of potential cybercrime activities at the event. The alert was published yesterday by US law enforcement, who claimed that although they are not aware of […]
itsecurityguru.webp 2022-01-31 16:10:58 Cyber attacks at an all time high for UK corps (lien direct) A new survey of 450 top finance and risk professionals at UK-listed companies have found that nearly two-thirds of organisations have experienced a data breach or cyber attack in the first year and a half of the pandemic. The research also found that the rise in cyber attacks led to the loss of money and […] Data Breach
itsecurityguru.webp 2022-01-31 11:45:04 $2m Bug Bountry offered to Hackers (lien direct) Qubit Finance revealed last week that attackers exploited a vulnerability in its QBridge deposit function, resulting in a loss of $80m. The hackers stole a large amount of Ethereum by converting it into Binance coins and exploiting the vulnerability to withdraw the Binance tokens without depositing any of the Ethereum. Qubit has addressed the attackers […] Vulnerability
itsecurityguru.webp 2022-01-28 16:13:03 White House: Industrial Control Systems Cybersecurity Initiative to be extended to the water sector (lien direct) On Thursday 27th of January, the Biden-Harris Administration announced it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the water sector. The Water Sector Action plan outlines surge actions that will take place over the next 100 days to improve the cybersecurity of the sector. The action plan was developed in close partnership […]
itsecurityguru.webp 2022-01-28 15:52:38 A 19 year old security researcher was able to hack 25+ Teslas. Here\'s what happened (lien direct) A 19-year-old security researcher named David Colombo detailed  how he was able to remotely unlock the doors, open the windows, blast music, and start keyless driving for dozens of Teslas, WIRED reported. The vulnerabilities he exploited to do so aren’t in Tesla software itself, but in a third-party app. Salt Security‘s Michael Isbitsky, technical evangelist, […] Hack
itsecurityguru.webp 2022-01-28 08:30:07 Malware source code discovered on GitHub puts millions of IoT devices at risk (lien direct) The nefarious minds behind a dangerous malware called BotenaGo have uploaded the source code to GitHub on October 16th 2021 according to new research by security researchers at AT&T Alien Labs. This could mean hackers around the world, who now have access to this source code, have the ability to create their own versions of […] Malware
itsecurityguru.webp 2022-01-27 17:05:20 FluBot and TeaBot malware targeting androids worldwide (lien direct) Bitdefender’s Mobile Threat researchers have warned about some newly discovered Flubot and Teabot campaigns. The researchers claim that since December 2021 they have intercepted over 100,000 malicious SMS messages which were aiming to distribute Flubot malware. The researchers have said that they have observed that the attacks are more active in Germany, Spain, Poland, Australia, […] Malware Threat
itsecurityguru.webp 2022-01-27 12:15:19 API and database issues cause Discord outage (lien direct) Discord has announced that it suffered a ‘massive outage’, which affected user login and the voice chat features. The outage begun at 2:49 PM EST and came down to an issue with the application programming interface (API) that interrupted the communication between various services. While this issue was quickly resolved, Discord discovered another problem with […]
itsecurityguru.webp 2022-01-25 12:57:07 OpenSea loophole allows purchase of NFTs for discounted prices (lien direct) Yesterday, Elliptic, a blockchain security company, alongside multiple other users, took to Twitter to speak out about a bug found in OpenSea, an NFT marketplace. A flaw in the platform has allowed attackers to buy NFTs for a price much lower than what is listed on the platform. The issue affects Mutant Ape Yacht Club, […] ★★★★★
itsecurityguru.webp 2022-01-25 11:29:11 Belarus Hacktivists launch ransomware on Railway (lien direct) In protest of President Alexander Lukashenko and Russian troop movements through the country, Belarussian hacktivists have launched a ransomware attack against the railway systems. The Cyber-Partisans announced their attack on Twitter on Monday, along with a list of demands in exchange for the encryption keys. The attack has crippled the system and disrupted ticket sales, […] Ransomware
itsecurityguru.webp 2022-01-25 11:09:32 AT&T Cybersecurity Insights Report: Securing the Edge (lien direct) The 11th annual AT&T Cybersecurity Insights Report has been released today. Entitled Securing the Edge, it contains important insight into how organisations globally are architecting and securing edge initiatives, as well as some guidance on security essentials at the edge.   “We are seeing organisations moving away from centralised computing models to decentralised ones, like edge, and […]
itsecurityguru.webp 2022-01-25 10:13:21 Has that password been compromised? (lien direct) Password security has many well-debated weaknesses but one that gets surprisingly little attention is how organisations can know whether and when theirs have been compromised by outsiders. This lack of interest is surprising. Almost all cyberattacks today, including ransomware attacks, exploit stolen or leaked credentials (a password + username), which makes any compromise a critical incident in the making.  The traditional defence is to change […] Ransomware
itsecurityguru.webp 2022-01-24 13:16:36 (Déjà vu) Seventeen vulnerabilities added to Known Exploited Vulnerabilities Catalog (lien direct) The Cybersecurity and Infrastructure Security Agency (CISA) this week have added seventeen actively exploited vulnerabilities to the Known Exploited Vulnerabilities Catalog. These latest vulnerabilities bring the catalog up to a total of 341 vulnerabilities, and 10 of the newest 17 must be patched by the first week of February. In the list of 17 vulnerabilities, […]
itsecurityguru.webp 2022-01-24 12:41:07 MPs say some illegal content could evade new Online Safety Bill (lien direct) The government has claimed that its newly introduced Online Safety Bill will make the UK “the safest place in the world to be online”, but some have criticised the bill, warning that it doesn’t go far enough to combat things like cyber-flashing, child abuse or violence against women and girls.   The BBC reported that […]
itsecurityguru.webp 2022-01-24 11:53:43 FBI alert: malicious QR codes stealing money (lien direct) This week, Americans have been warned to watch out for maliciously crafted QR codes aimed at stealing credentials and financial information. The FBI posted this warning on their Internet Crime Complaint Center (IC3) last week. In the statement, the law enforcement agency said: “Cybercriminals are tampering with QR codes to redirect victims to malicious sites […]
itsecurityguru.webp 2022-01-20 10:54:37 Red Cross Hack exposes data of 515,000 (lien direct) It has been reported that the International Committee of the Red Cross has recently suffered a cyber-attack, during which the data of more that 515,000 vulnerable people was accessed and seized. Some of the individuals affected recently fled conflicts. The ICRC confirmed the attack in a published statement: “A sophisticated cybersecurity attack against computer servers […] Hack
itsecurityguru.webp 2022-01-18 11:31:52 Spoof Nintendo sites advertising discounted Switch consoles (lien direct) A new scam website has been impersonating Nintendo’s official website, pretending to sell discounted Nintendo Switch consoles. Last week, the Japanese video game company warned customers to be wary of the scam.  Nintendo rarely warns customers of such issues, so it has been said that this gives insight into the severity of the scams. On […]
itsecurityguru.webp 2022-01-18 11:13:32 DHL most imitated brand in phishing scams (lien direct) In Q4 of 2021, DHL was threat actors’ preferred brand to imitate when launching phishing campaigns. This pushed Microsoft into second place and Google into fourth. These findings were unsurprising as the last three months of the year include holidays such as Black Friday, Cyber Monday and Christmas; holidays that hackers frequently exploit as victims […] Threat
itsecurityguru.webp 2022-01-17 11:47:01 Alleged REvil hackers charged in court (lien direct) Eight people have been charged by Moscow court for their alleged involvement in the REvil ransomware gang, Russian News Agency (TASS) reported. The arrests were made as part of a larger raid on Friday across 25 locations in Moscow, St. Petersburg and Lipetsk. The men were charged on Saturday with violating Part 2 of Article […] Ransomware
itsecurityguru.webp 2022-01-17 11:46:59 Millions of UK Wi-Fi routers are vulnerable to security threats (lien direct) Researchers at Broadband Genie have found that millions of Wi-Fi routers in the UK are left vulnerable to threats because their owners don’t take the basic security measures to protect them. Broadband Genie surveyed 1,320 broadband users, with 88% stating that they have never updated their Wi-Fi router’s firmware, while 84% have never even bothered […] ★★★★
itsecurityguru.webp 2022-01-17 11:11:42 Romance Fraudster who Targeted more than 650 Victims has been Convicted for Two Years (lien direct) A London-based cyber fraudster who targeted 670 women, including one who was terminally ill, has been arrested by UK police and pleaded guilty to fraud and money laundering charges. Taking more than £20,000 from his marks, Osagie Aigbonohan operated out of a flat in Abbey Wood, London.   Police arrested Aigbonohan in July 2021 after […] Guideline ★★★
itsecurityguru.webp 2022-01-14 16:04:19 The FCC propose new rules for data breach reporting (lien direct) The Federal Communications Commission (FCC) has called for more in-depth requirements for data breach reporting in the telecommunications industry. The proposal follows the recent increase of attacks seen in the telecommunications sector. The proposal was shared on Wednesday by the Chairwoman of the FCC, Jessica Rosenworcel, in a Notice of Proposed Rulemaking (NPRM). The proposal […] Data Breach ★★★★★
itsecurityguru.webp 2022-01-14 15:40:09 Ukrainian government targeted in cyberattack (lien direct) Over a dozen Ukrainian government website have been down since Friday, following a cyber-attack that also targeted the embassies. Among the embassies impacted were the UK, US and Sweden, as well as the foreign and education ministries. It is still unclear who is behind the attack. Before the website went down a message appeared on […]
itsecurityguru.webp 2022-01-13 14:02:59 Lazarus Group, Cobalt Gang and FIN7 the Worst Threat Actors Targeting the Financial Services Sector (lien direct) A new industry report by Blueliv, an Outpost24 company, has deep dived into the evolving threat landscape that is surrounding the financial services sector. Using advanced threat intelligence gathered by Blueliv's Threat Compass; the 'Follow the Money' report reveals the main cyber threats and the culprits behind these malicious attacks to forewarn these vital institutions.  Threat intelligence gathered by Blueliv from the dark web and deep web showed that the main cyberthreats targeting the industry included: Phishing, […] Threat APT 38
itsecurityguru.webp 2022-01-13 10:46:50 EU to launch Cyberattack simulations on supply chains (lien direct) Later this week, EU governments will be staging a large-scale cyberattack against multiple of the member states. The attacks will specifically target supply chains and will aim to push governments to coordinate public communications and a diplomatic response. This exercise will last around six weeks and its purpose is to test Europe’s stress resilience, strengthen […]
itsecurityguru.webp 2022-01-12 11:28:55 Several EA accounts compromised by phishing mails (lien direct) Recently, it has been revealed that several EA Sports accounts were compromised by hackers via phishing techniques. The threat-actors exploited EA’s live chat, targeting high-profile players for account takeover. The attackers utilised social engineering methods, exploiting errors within the customer experience team and using this to bypass two-factor authentication. As a result, EA has released […]
itsecurityguru.webp 2022-01-11 15:32:35 KITEWORKS AND TOTEMO JOIN FORCES TO DELIVER MOST COMPREHENSIVE PRIVATE CONTENT COMMUNICATIONS PLATFORM (lien direct) London, UK, January 11, 2022 – Kiteworks, which governs and protects sensitive digital content moving within, into, and out of global enterprises, announced today that Kiteworks and totemo, the leading email encryption gateway provider used by hundreds of the largest multinational enterprises in the German, Austrian, and Swiss markets, have joined forces. Integration of totemo's email encryption […] Guideline
itsecurityguru.webp 2022-01-11 13:21:36 Cyber attacks on corporations hit record breaking highs (lien direct) New data has found that the number of global weekly cyberattacks has reached the highest record to date. The data has shown that there were 925 attempts per organization in Q4 2021. The data also revealed that the number of attempted attacks has been on a steady increase since Q2 2020, having seen 50% more […] ★★★★
itsecurityguru.webp 2022-01-11 11:43:30 How banks can help counter Human Trafficking (lien direct) Today marks National Human Trafficking Awareness Day. While predominately recognised in the US, it is for sure a global issue that banks can help address with the right technology and training, according to Brian Ferro, director of AML at Feedzai and certified anti-money laundering specialist. More than 40 million people are trapped in modern-day slavery, […]
itsecurityguru.webp 2022-01-11 11:19:31 £92m lost to romance scammers in 2021 (lien direct) Users of dating sites have been warned to be weary of romance scams between Christmas Day and Valentine’s Day. This is because during this time, scammers are out in full force seeking to establish contact and build rapport with victims and extort them for money. According to the National Fraud Intelligence Bureau (NFIB), just last […]
itsecurityguru.webp 2022-01-11 10:21:52 DDoS Attacks Increasing Again (lien direct) Distributed denial-of-service (DDoS) attacks are increasingly being accompanied by huge demands against their marks, according to an annual survey from Cloudflare. Ransom-motivated DDoS attacks increased 29% year-on-year and 175% between Q3 2021 and Q4 2021, according to the research on cyberattack trends showing that companies must do more to prevent DDoS attack vectors. The manufacturing […]
itsecurityguru.webp 2022-01-10 12:49:54 NPM libraries \'colors\' and \'faker\' corrupted (lien direct) Applications using the open-source libraries ‘colors’ and ‘faker’ have been breaking and printing gibberish. These libraries serve hundreds of thousands of projects, with millions of weekly downloads for open-source projects like Amazon’s Cloud Development Kit. Projects that were using the code began to print messages, including text, such as ‘LIBERTY LIBERTY LIBERTY’, to the surprise […]
itsecurityguru.webp 2022-01-10 11:25:50 The latest on the Log4j vulnerability (lien direct) The threat posed by the Log4j vulnerability hasn’t gone away over the holidays, with the UK’s National Health Service (NHS) issuing a warning that hackers are actively targeting the security flaw and recommending that organisations within the health service apply the necessary updates in order to protect themselves. “Affected organisations should review the VMware Horizon […] Vulnerability Threat
itsecurityguru.webp 2022-01-10 10:59:54 Cyberattack causes jail lockdown (lien direct) An emergency notice was filed by Bernalillo County in federal court last week, after a ransomware attack affected the Metropolitan Detention Center. The incident made it impossible for the MDC to comply with terms of a settlement agreement in a lawsuit over the jail conditions. The attack impacted the offices and systems in a variety […] Ransomware
itsecurityguru.webp 2022-01-05 12:17:46 DatPiff\'s users\' data available on hacking forum (lien direct) Around 7.5 million DatPiff users‘ account credentials and emails are available to download on RaidForum, a popular hacking forum. DatPiff is a mixtape hosting site that allows users to upload or download samples for free. The site has gained over 15 million users since launching in 2005. It appears that DatPiff’s users’ data has been […]
itsecurityguru.webp 2022-01-04 14:29:33 Exchange Server Bug Fixed (lien direct) Messages from corporate emails were being undelivered at the start of the new year due to a Microsoft Exchange Server bug. Microsoft published an update on 1st January 2022, stating that emails were getting stuck in transport queues of on-premise Exchange Servers. This problem was caused by a “date check failure” in the servers malware […] Malware
itsecurityguru.webp 2022-01-04 13:44:32 Vulnerability lets anyone send emails from Uber.com (lien direct) Researcher Seif Elsallamy recently discovered a vulnerability in Uber’s emailing system, which allows anyone to send an email on behalf of the company. If exploited, threat actors would be able to email the 57 million Uber users and drivers whose data was leaked in the 2016 data breach. Uber has been made aware of the […] Vulnerability Threat Uber Uber
Last update at: 2024-05-16 10:08:07
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter