What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-04 12:44:43 | Broward Health data breach exposes data of 1,357,879 individuals (lien direct) | Broward Health, a Florida-based healthcare system with over thirty locations, has suffered a significant data breach impacting over a million individuals. The incident took place last October, and Broward Health was able to identify the intrusion four days after the compromise. Authorities were informed immediately, and employees were invited to reset their credentials. It now […] | Data Breach | ||
|
2022-01-04 12:12:43 | New iOS vulnerability DoS bug revealed (lien direct) | A new denial of service (DoS) vulnerability dubbed “doorLock” was recently revealed in Apple HomeKit, impacting iOS 14.7 through 15.2. Apple HomeKit is a software framework that lets iPhone and iPad users control smart home appliances from their devices. According to the researcher who disclosed the details, Apple has been aware of the vulnerability since […] | Vulnerability | ||
|
2021-12-24 12:12:42 | The IT Security Guru Buyer\'s Guide 2022 (lien direct) | Cybersecurity and compliance are now essential pillars within the modern enterprise. They are integral to the business continuity and legal responsibility of every organization, large or small. What's more, these obligations are exponentially more complex than they were just 5 years ago. However, since these are relatively new obligations that means finding the best vendors […] | ★★★★★ | ||
|
2021-12-24 11:41:17 | Flaw behind Gatekeeper bypass fixed on macOS (lien direct) | Apple has fixed the macOS vulnerability that could be exploited by unsigned and unauthorized script-based apps to bypass macOS security protocols on fully patched systems. The flaw was identified as CVE-2021-30853, and the vulnerability has been addressed on macOS 11.6. | Vulnerability | ||
|
2021-12-24 11:32:34 | (Déjà vu) Unique cyber-attacks declined for the first time in 3 years (lien direct) | New data has found that unique cyber-attacks have declined for the first time since 2018. The research has shown that in Q3 2021 there has been a 4.8% decline in unique attacks, which is the first decline recorded since 2018. The researchers have said that this reduction was mainly due to a decline in ransomware […] | Ransomware | ||
|
2021-12-24 11:24:05 | New CoinSpot phishing campaign discovered (lien direct) | A new phishing campaign is targeting CoinSpot cryptocurrency exchange users in order to steal two-factor authentication (2FA) codes. The threat actors are sending emails from a Yahoo email address, which replicates CoinSpot emails, asking recipients to cancel or confirm a withdrawal transaction. The researchers who discovered the campaign said “the threat actor observed here been […] | Threat | Yahoo Yahoo | |
|
2021-12-23 12:09:51 | Monongalia Health System victim to BEC attack (lien direct) | Monongalia Health System, Inc., a health system for three hospitals based in West Virginia, USA, has been hit by a business email compromise (BEC) scam. The health system provider was unaware that their cybersecurity defences had been infiltrated. They were alerted by a vendor who had reported not receiving payment in July 2021. Since alerted […] | |||
|
2021-12-23 11:56:33 | World\'s top cybsersecurity agencies warn of Apache vulnerability threats (lien direct) | The Fives Eyes intelligence alliance have warned that threat actors are actively exploiting an Apache vulnerability in the Log4j logging library. The Five Eyes alliance, consisting of cybersecurity agencies in US, UK, Australia, Canada and New Zealand, announced in a joint statement on Wednesday that, “sophisticated cyber threat actors are actively scanning networks to potentially […] | Vulnerability Threat | ||
|
2021-12-23 11:18:29 | Belgium\'s Military hit by cyber attack (lien direct) | The Belgium Defense Ministry has announced that it has experienced a cyberattack after threat actors exploited a Log4j vulnerability. The attack took place on December 16 and was confirmed this week. According to a Belgium military spokesman, Commander Olivier Séverin, the incident caused damage to internet-connected services, which in turn halted part of the ministry’s […] | Threat | ||
|
2021-12-22 15:23:05 | What\'s in store for cybersecurity in 2022? (lien direct) | As 2021 draws to an end, it's safe to say it was an eventful year from a cybersecurity perspective. Ransomware became the go-to for cybercriminal gangs and insecure databases still plagued organisations. So, what's on the horizon for 2022? More of the same or will hackers turn their attentions elsewhere? We asked some security experts […] | Ransomware | ||
|
2021-12-22 10:23:46 | Just Dance latest cyber-attack victim (lien direct) | Popular gaming platform Ubisoft has this week confirmed a cyber attack, which affected the IT infrastructure of Just Dance. The gaming giant explained in a statement, that the attack was brought on by a misconfiguration, which was quickly fixed upon identification. However, before the remediation was issued, unauthorised individuals were able to access and potentially […] | |||
|
2021-12-21 12:14:45 | New phishing campaign claims $80m per month (lien direct) | A new phishing campaign has been discovered by researchers which is estimated to have cost victims approximately $80 million per month globally. Researchers have reported that the campaign offers fake giveaways and surveys from popular brands in order to steal data from victims in over 90 countries worldwide, including US, Canada and Italy. The researchers […] | |||
|
2021-12-21 11:31:35 | Hellmann warns customers to be aware of scammers (lien direct) | Hellman fell victim to a cyberattack, which was confirmed on December 9th and initially impacted all connections to their central data centre. While business operations have since started back up, there has been an increase in customers reporting fraudulent calls and mails attempting to scam them out of money. The company is still investigating what […] | |||
|
2021-12-21 11:13:37 | Warning over patching Active Directory takeover flaws (lien direct) | Customers of Microsoft are being cautioned to patch a couple of Active Directory domain service privilege escalation flaws that together could allow bad actors takeover of Windows domains. The two security updates go by CVE-2021-42287 and CVE-2021-42278 and were originally reported by Andrew Bartlett of Catalyst IT. The urgency to patch these security vulnerabilities escalated as a new […] | Patching | ||
|
2021-12-20 12:04:15 | Fraudsters thriving off new Spiderman film hype (lien direct) | Spiderman fans have been warned to watch out for the latest scam, in which fraudsters are using the hype around the newest film to spread malicious files and phishing pages. Kaspersky researchers have discovered that scammers are taking advantage of the latest installment of the super-hero franchise, by tricking fans into entering their payment details […] | ★★★ | ||
|
2021-12-20 11:59:42 | 1.8 million card details stolen from sporting goods sites (lien direct) | Around 1.8 million customers credit card details were stolen following a cyberattack on four affiliated online sporting goods websites. The incident took place on October 1st, 2021, affecting Tackle Warehouse LLC, Running Warehouse LLC, Tennis Warehouse LLC and Skate Warehouse LLC. The website owners only became aware of the incident on October 15th, 2021. An […] | ★★★★ | ||
|
2021-12-17 17:13:22 | Nozomi Networks and BT Team to Deliver Advanced OT and IoT Cybersecurity to Enterprises Worldwide (lien direct) | Nozomi Networks Inc., the leader in OT and IoT security, and BT, a leading provider of global communications and security services, this week announced they have partnered to broaden BT's portfolio of security solutions available for industrial and critical infrastructure organizations around the world. A member of Nozomi Networks' MSSP Elite Partner Program, BT will […] | Guideline | ||
|
2021-12-17 14:00:51 | How COVID-19 made the Zero Trust model the right approach to modernise networks (lien direct) | The COVID-19 pandemic is likely to go down in history as one of the defining moments of our lifetime. From a business perspective, it transformed business models, changed customer expectations, and disrupted the networks that run businesses. These changes are long lasting and accelerated the digital transformation journey, a journey that is now driven by […] | |||
|
2021-12-16 21:47:37 | (Déjà vu) Anubis Android Malware Found Targeting Nearly 400 Financial Apps (lien direct) | Security researchers at Lookout have discovered the Anubis Android Banking malware is again wreaking havoc after being found targeting the customers of nearly 400 financial institutions, cryptocurrency wallets and virtual payment platforms. This new malware campaign is also masquerading as the official account management application from leading French telecommunications company, Orange S.A. The infamous Anubis […] | Malware Guideline | ||
|
2021-12-16 13:07:52 | Security awareness gaps identified in the UK according to new Armis study (lien direct) | Armis, the unified asset visibility and security platform provider, has released findings from a nationwide study of 2,000 UK employees that analysed their thoughts on the country's cyber resilience and their own attitudes to security. The results demonstrate the lack of awareness towards cybersecurity in the UK. Despite 60% admitting to having been impacted by a […] | ★★★★ | ||
|
2021-12-16 10:24:11 | Digital Security by Design reinforced through new Government National Cyber Strategy (lien direct) | The UK Government announced their new National Cyber Strategy. The strategy officially launched yesterday morning (Wednesday 15th December) at the International Convention Centre in Birmingham. Stephen Barclay MP, Chancellor of the Duchy of Lancaster, set out the Strategy's vision for the UK to be a leading responsible and democratic cyber power, able to protect and promote […] | Guideline | ★★★★ | |
|
2021-12-10 15:12:46 | Securing Diversity for Success (lien direct) | With work still to be done to boost diversity and inclusion in cyber security, KPMG UK's Katie Diacon unpacks where some of the challenges exist, and what could make a difference. Cyber security is one of the most innovative and dynamic sectors to work in, and it is increasingly vital to the operational resilience of […] | |||
|
2021-12-10 13:05:03 | 10 countries take part in financial cyberattack war game (lien direct) | Reuters has reported exclusively on a simulated war game in which 10 countries, including Israel, the US, UK, Germany, Italy and Switzerland, cooperated to fight a mock cyberattack on the global financial system. The event evolved over 10 days as sensitive data emerged on the Dark Web and the war game used fake news reports […] | |||
|
2021-12-10 11:40:12 | Nobelium hackers targeting governments and businesses (lien direct) | The hackers responsible for the SolarWinds supply chain attacks have again been linked to multiple attacks targeting businesses and governments globally. The hacking group is continuing to refine and retool its methods at an incredible speed while targeting cloud solution providers, services and reseller companies. The intrusions are being actively tracked under two different activity […] | ★★ | ||
|
2021-12-10 11:22:39 | Weak passwords caused 30% of security breaches (lien direct) | A recent survey, conducted by GoodFirms, assesses the risk factors associated with password management and how to safeguard them from attacks or breaches. The results revealed that 30% of respondents reported password leaks and security breaches as a result of poor password practices. Surveyees admitted to making poor password choices, such as sharing them with […] | |||
|
2021-12-09 10:47:55 | Call centre network security at risk: GOautodial vulnerability could lead to information disclosure and RCE (lien direct) | GOautodial, an open source call center software suite with 50,000 users around the world, has patched two vulnerabilities that could lead to information disclosure and remote code execution (RCE). Unearthed by Scott Tolley of the Synopsys Cybersecurity Research Center (CyRC), the first bug – tracked as CVE-2021-43175 – has been rated medium severity. An API router accepts a username, password, and action […] | Vulnerability Guideline | ★★ | |
|
2021-12-09 10:42:15 | NIST analysis shows record number of reported vulnerabilities in 2021 (lien direct) | The National Institute of Standards and Technology (NIST) released analysis showing the number of vulnerabilities reported in 2021 was 18,378 this year. The figure set a record for the fifth year in a row, though the amount of high severity vulnerabilities fell when compared with 2020 There were 3,646 reported high risk vulnerabilities in 2021, as […] | ★★★★★ | ||
|
2021-12-09 10:40:28 | Passport forgeries at all time high (lien direct) | A new Identity Fraud Report, conducted by Onfido, has revealed that passports are the most frequently attacked form of identity document. In fact, over the course of the past year, fraudsters increasingly forged passports as opposed to national identity cards. Onfido’s researchers believe this to be a sign of fraudsters changing their methods: “they [are […] | |||
|
2021-12-09 10:28:42 | Cybercriminals take advantage of unpatched Hikvision systems (lien direct) | Moobot botnet is leveraging a known remote code execution (RCE) vulnerability in Hikvision products (CVE-2021-36260) to spread a Moobot, which carries out distributed denial of service (DDoS) attacks. The attack surface could be significant: China-based Hikvision touted itself as the “world's leading video-surveillance products supplier” on the company site. Although a patch was released in September, […] | Vulnerability Guideline | ||
|
2021-12-08 11:40:00 | Omicron variant being used to phish students (lien direct) | A new phishing attack, discovered by Proofpoint, is using the Omicron variant of COVID-19 to steal students’ credentials and gain access to accounts. The threat-actors targeting US universities are leveraging the concern around the new virus strain to trick students into opening attachments that lead students to spoofed university login portals. This isn’t an entirely […] | Guideline | ||
|
2021-12-08 11:03:58 | (Déjà vu) Ransomware attack locks hotel guests out of rooms (lien direct) | Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. However it has since been revealed that it was the target of Conti ransomware, leading to hotel guests being locked out of their rooms. As IoT becomes more connected the threat of home and corporate […] | Threat Guideline | ||
|
2021-12-07 16:15:54 | Zero Trust core to contemporary cybersecurity strategy, One Identity research finds (lien direct) | One Identity, the unified identity security company, has released global survey findings that unpack the current state of Zero Trust awareness and adoption across the enterprise. After a year plagued by one disastrous cybersecurity incident after another, new findings from One Identity reveal that only 1 in 5 security stakeholders are confident in their organisation’s […] | ★★★ | ||
|
2021-12-07 11:52:04 | Dozens of malicious APT15 sites seized by Microsoft (lien direct) | Microsoft has seized a number of malicious sites which were targeting organisations based in 29 countries worldwide. The sites were used by the Nickle hacking group. Nickle is a China-based group also tracked as Playful Dragon, Royal APT, APT15, KE3CHANG and Vixen Panda. The group compromised serves belonging to diplomatic entities, government organisations and NGOs […] | APT 15 APT 15 APT 25 | ★★★ | |
|
2021-12-07 11:44:50 | Fraudsters abuse Twitter APIs to monitor public tweets and pish cryptocurrency scams (lien direct) | Fraudsters use bots to monitor Tweets requesting support to MetaMask, TrustWallet, and other crypto wallets to respond with scams within seconds, BleepingComputer reports. To launch these targeted attacks, scammers monitor all public Tweets fro specific keywords and phrases, such as “support”, “assistance” and “help”, paired with “MetaMask”, “Phantom”, “Yoro” and “TrustWallet”. Twitter bots are used […] | ★★ | ||
|
2021-12-07 10:48:37 | Conti ransomware hits Nordic Choice Hotels (lien direct) | Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. It has now been confirmed that they were, in fact, hit by Conti ransomware, which has affected the hotel’s guest reservation and room key card systems. Fortunately, there is no indications that passwords or […] | Ransomware | ||
|
2021-12-07 10:24:21 | (Déjà vu) Kafka Cloud Clusters Expose Sensitive Data (lien direct) | Some of the world's largest companies have exposed large amounts of sensitive information from the cloud, researchers said – thanks to misconfigured Kafdrop services. Kafdrop is the management interface for Apache Kafka, an open-source, cloud-native platform for managing data streams. Kafka has several common use cases; for instance, in the finance sector it's often used […] | |||
|
2021-12-06 13:28:47 | Omicron phishing emails found targeting the UK (lien direct) | A phishing email suggesting that people can order a PCR test specific to the new Omicron COVID-19 variant has been found doing the rounds in the UK. It purports to be from the NHS and directs unsuspecting victims to a website that asks for their full name, DOB, home address, mobile number and email. It […] | |||
|
2021-12-06 11:44:50 | FBI warns that Cuba ransomware group has compromised 49 entities in five critical infrastructure sectors (lien direct) | The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors, an alert posted last Thursday by the agency stated. “Cuba ransomware is distributed through Hancitor malware, a […] | Ransomware | ||
|
2021-12-06 11:22:48 | BitMart hacked in “large-scale security breach” (lien direct) | BitMart, a trusted cryptocurrency trading platform has been the latest to suffer a breach, resulting in the loss of approximately $150 million. The hack was confirmed on Saturday, when BitMart confirmed in a statement that hackers had withdrawn a large amount in assets. The company added that withdrawals had been temporarily suspended and that a […] | Hack | ||
|
2021-12-06 11:14:30 | 14 New Cross-Site Leaks Attacks Discovered (lien direct) | Researchers from Niederrhein University and Ruhr-Universität Bochum (RUB) have discovered 14 new cross-site data leaks (XS-Leaks) attacks targetting a wide range of modern web browsers. The browsers affected include Microsoft Edge, Google Chrome, Opera, Apple Safari, Tor Browser, and Mozilla Firefox among many others. The researchers discovered the leaks by testing how well 56 browsers […] | |||
|
2021-12-06 11:13:48 | United States military hacking unit acknowldges offensive action to disrupt malware (lien direct) | US military’s hacking unit, Cyber Command, has taken offensive action to disrupt cybercriminal groups that have launched ransomware attacks on US companies, a spokesperson for the command confirmed to CNN Sunday. CNN reports: https://edition.cnn.com/2021/12/05/politics/us-cyber-command-disrupt-ransomware-operations/index.html | Ransomware Malware | ||
|
2021-12-03 14:42:23 | Home routers riddled with vulnerabilities (lien direct) | Security researchers tested nine popular WiFi routers and found they are riddled with vulnerabilities – even when running the latest firmware. In the nine models tested, a total of 226 vulnerabilities were found, the TP-Link Archer AX6000 and the Synology RT-2600ac resulting the most insecure, with 32 and 30 flaws, respectively. Conducted by IoT Inspector […] | |||
|
2021-12-03 12:46:27 | Expert comment: CS Energy ransomware attack (lien direct) | On Tuesday, energy generator CS Energy, which is owned by the Queensland government, fell victim to a ransomware attack that impacted operations. The incident occurred over the weekend, in yet the latest cyber threat to target critical infrastructure. As per the organisation’s announcement, the incident occurred on CS Energy's corporate network and has not impacted […] | Ransomware Threat | ||
|
2021-12-02 16:28:43 | Edgescan appoints Alon Verdnikov as CRO in a push to expand its presence in North America (lien direct) | Edgescan, the provider of the most comprehensive fullstack vulnerability management solution, today announces the appointment of Alon Verdnikov as Global CRO. Alon has a proven track record of managing global sales, marketing, customer success and global alliances and was previously VP of WW Sales and Alliances at Centrical whereby they achieved 800% ARR growth during […] | Vulnerability | ★★★★★ | |
|
2021-12-01 17:25:44 | Most Inspiring Women in Cyber Awards 2021 (lien direct) | Last night, with the help of our sponsors KPMG and Beazley, we celebrated this year's Most Inspiring Women in Cyber Awards. Hosted in Canary Wharf, the awards were kick-started by Jenny Radcliffe, who delivered an amazing speech about what it is to be a woman in this industry, using FAQs to frame her talk. Before recognising this year's 21 […] | |||
|
2021-12-01 11:48:52 | Pytilia partners with CSIT to deliver UKRI funded Digital Security by Design Project (lien direct) | Belfast based software consultancy firm Pytilia were selected as part of UK Research and Innovation's (UKRI) 'Digital Security by Design' (DSbD) competition to deliver technologies that will improve software defences against cyber vulnerabilities. UKRI's Digital Security by Design Challenge invests in projects that can help the UK's digital computing infrastructure become more secure by design. […] | |||
|
2021-12-01 11:27:36 | 8 Security Strategies Every Ecommerce Website Must Implement (lien direct) | For those businesses who think cybersecurity is just a word, let us tell you it is an unavoidable reality of 2021. Last year, more than a million WordPress websites got hacked. That includes more small businesses than large firms. So, if you were thinking of moving ahead before considering security threats in eCommerce, it is high time […] | |||
|
2021-12-01 10:56:39 | IoT Security firm Armis now valued at $3.4B (lien direct) | IoT security firm, Armis, recently announced that it has closed its latest investment round and increased its valuation to $3.4 billion. One Equity Partners (“OEP”), in conjunction with existing investors, made a combined $300 million investment to accelerate strategic platform development and global GTM initiatives, and to support future acquisitions. OEP will also be joining […] | ★★★★ | ||
|
2021-11-30 15:00:18 | (Déjà vu) Most Inspiring Women in Cyber 2021: Areej Eliyan, IT Administrator at MOEHE Qatar (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-29 15:00:34 | (Déjà vu) Most Inspiring Women in Cyber 2021: Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] |
To see everything:
Our RSS (filtrered)
