Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 16:06:33 |
Aggressive Ransomware Group FIN12 Moves Fast, Targets Big Companies (lien direct) |
A report published by Mandiant on Thursday details the activities and tools of FIN12, a highly aggressive ransomware group that has likely made a significant amount of money over the past years.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 14:55:55 |
Iran-linked MalKamak Hackers Targeting Aerospace, Telcos With ShellClient RAT (lien direct) |
Operation GhostShell Believed to be Linked to Iranian Threat Actor
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 14:46:17 |
Cisco Patches High-Severity Vulnerabilities in Security Appliances, Business Switches (lien direct) |
Cisco this week released patches for multiple high-severity vulnerabilities affecting its Web Security Appliance (WSA), Intersight Virtual Appliance, Small Business 220 switches, and other products.
Successful exploitation of these vulnerabilities could allow attackers to cause a denial of service (DoS) condition, execute arbitrary commands as root, or elevate privileges.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 14:11:43 |
How Integration is Evolving: The X Factor in XDR (lien direct) |
XDR must be approached as an open architecture where integration is the linchpin
Over the past couple of months, I've talked about how adversaries are evolving their approaches to attacks and the ripple effect that is having on our approach to detection and response.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 13:47:51 |
Microsoft: Russia Behind 58% of Detected State-Backed Hacks (lien direct) |
Russia accounted for most state-sponsored hacking detected by Microsoft over the past year, with a 58% share, mostly targeting government agencies and think tanks in the United States, followed by Ukraine, Britain and European NATO members, the company said.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 13:09:57 |
Nigerian Man Living in U.S. Charged Over Role in BEC Scheme (lien direct) |
A Nigerian national residing in Buffalo, New York, was indicted this week for facilitating a business email compromise (BEC) scam that resulted in hundreds of thousands of dollars being stolen from various companies.
Charged with conspiracy to commit wire fraud, the man, Eric Iwu, aka James, 32, faces up to 20 years in prison and a fine of $250,000.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 10:44:24 |
Medtronic Recalls Medical Devices Due to Security Risks That Can Lead to Injury, Death (lien direct) |
Medical device maker Medtronic is recalling remote controllers used with some of its insulin pumps due to cybersecurity risks that could lead to injury and even death.
|
Guideline
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-07 09:39:11 |
Building a Secure Remote Connection Solution for Today\'s Business (lien direct) |
The need for secure and reliable connectivity continues to be top of mind for many organizations. The persistence of the pandemic is making this essential. But even if it wasn't, many organizations are now committed to implementing permanent hybrid work and learning models, where employees and student alternate between on-premises and remote participation. The challenge of this transition involves more than just simple connectivity.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 19:48:51 |
Streaming Site Twitch Confirms Hack (lien direct) |
Amazon's popular live video streaming platform Twitch said Wednesday hackers had broken into its network after reports of exposed confidential company data surfaced online.
The service, where users often stream live video game play, confirmed the break-in on Twitter.
|
Hack
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 19:20:32 |
DevOps Security Startup Mondoo Scores $15M Investment (lien direct) |
Mondoo, a startup that provides security tools for DevOps teams, has raised $15 million in funding ($12 million in a new Series A round, and $3 million from a previously undisclosed seed round).
The Series A funding round was Led by Atomico with participation from a range of high-profile private investors.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 19:15:08 |
US Poised to Go After Contractors Who Don\'t Report Breaches (lien direct) |
The Justice Department is poised to sue government contractors and other companies who receive U.S. government grants if they fail to report breaches of their cyber systems, the department's No. 2 official said Wednesday.
|
|
|
★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 18:13:04 |
Ransomware Risk Assessment Service Aims to Deflect Attacks (lien direct) |
The function of cybersecurity is not to eliminate all attacks and compromises – that's impossible – but to make the attack so expensive and time-consuming on the attacker that he simply moves on to an easier target. That is the purpose of a new product/service designed to make commodity ransomware attacks less easy for the attacker.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 18:04:21 |
ESET Discovers UEFI Bootkit in Cyber Espionage Campaign (lien direct) |
Threat hunters at ESET are training the spotlight on a previously undocumented UEFI bootkit capable of hijacking the EFI System Partition (ESP) to maintain persistence on infected Windows machines.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 14:14:31 |
Yubico Enables Biometric Logins With New YubiKey Bio Series (lien direct) |
Yubico this week announced the general availability of YubiKey Bio Series, its first security key to support biometric authentication on desktop computers.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 13:10:54 |
Microsec.ai Exits Stealth With Cloud Application Runtime Protection Platform (lien direct) |
Microsec.ai on Tuesday emerged from stealth mode to deliver a Cloud Native Application Protection Platform (CNAPP) solution designed to protect cloud-native applications at runtime.
The company's agentless CNAPP solution aims to secure multi-cloud IaaS and PaaS environments, as well as containers and data, through a single, unified interface.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 12:42:03 |
Hackers Could Disrupt Industrial Processes via Flaws in Widely Used Honeywell DCS (lien direct) |
A distributed control system (DCS) product offered by Honeywell is affected by vulnerabilities that could allow malicious actors to disrupt industrial processes.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 12:14:46 |
The New Paradigm for Work from Anywhere: Zero Trust Network Access (ZTNA) (lien direct) |
It is important to listen to early adopters of ZTNA, as they can provide insights into key factors to success and help avoid pitfalls
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 12:01:12 |
Gravwell Emerges From Stealth With Data Fusion Platform for Security Teams (lien direct) |
Enterprise data fusion and analytics company Gravwell on Wednesday emerged from stealth mode with $3 million in seed funding from Next Frontier Capital, Gula Tech Adventures, Kickstart Fund, and Revolution's Rise of the Rest.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 11:34:29 |
Firefox 93 Improves Protection Against Tracking, Insecure Downloads (lien direct) |
Mozilla this week released Firefox 93 to the stable channel with several security improvements, including better privacy protections, patches, and anti-tracking capabilities.
Starting with Firefox 93, the browser blocks insecure HTTP downloads on encrypted (HTTPS) pages, to keep users safe from potentially unwanted or even malicious downloads.
|
|
|
★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 11:06:32 |
(Déjà vu) Over 100,000 Apache HTTP Servers Affected by Actively Exploited Zero-Day Flaw (lien direct) |
Users are urged to immediately patch an Apache HTTP Server zero-day vulnerability that has been exploited in the wild. More than 100,000 servers appear to be exposed to attacks.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 11:04:46 |
What\'s in a Threat Group Name? An Inside Look at the Intricacies of Nation-State Attribution (lien direct) |
Understanding the naming conventions of various threat groups can help us better understand the overall threat landscape
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 10:47:00 |
Audit: Cybersecurity Weak for Many Kansas School Districts (lien direct) |
Many Kansas school districts aren't taking basic steps to protect their computer systems and the privacy of sensitive information collected about students, according to a legislative audit release Tuesday.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 10:24:11 |
Superhero Passwords Pose Serious Risk to Personal, Enterprise Accounts (lien direct) |
Superheroes may be able to save everyone in a fantasy world, but they can't keep online accounts secure in the digital era, Mozilla warns.
With hundreds of thousands of occurrences in breach datasets, superhero passwords aren't a strong account protection method, even when the real identities of superheroes are used instead.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-06 08:22:11 |
Misconfigured Apache Airflow Instances Expose Sensitive Information (lien direct) |
Security researchers with Intezer have discovered several misconfigured Apache Airflow instances that exposed sensitive information to anyone on the Internet.
Improperly secured, the Airflow instances were found to expose credentials of cloud services providers, social media platforms, and payment processing services, including AWS, Slack, PayPal, and others.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 18:13:43 |
Chase Bank Heavily Targeted Via XBALTI Phishing Kit (lien direct) |
During the three months from mid-May to mid-August 2021, researchers detected a 300% increase in phishing URLs within their own telemetry targeting Chase Bank. Chase was the sixth most targeted brand, behind obvious companies as PayPal, Apple, and Facebook.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 16:53:44 |
Adaptive Shield Raises $30M for SaaS Security Posture Management (lien direct) |
Adaptive Shield, an Israeli cybersecurity startup that specializes in software-as-a-service (SaaS) application security, on Tuesday announced the closing of a $30 million Series B funding round to expand operations around the world.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 14:32:28 |
Cloud Security Company Orca Raises $550 Million in Extended Series C Round (lien direct) |
Cloud security company Orca Security on Tuesday announced that it has raised $550 million in an extended Series C funding round, at a valuation of $1.8 billion.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 13:57:05 |
Arizona Launches Command Center to Combat Cyberattacks (lien direct) |
Arizona Gov. Doug Ducey has launched a Cyber Command Center that will deal with threats to government computers.
At a ceremony Monday at the Department of Public Safety's Arizona Counter Terrorism Information Center in Phoenix, Ducey said the command center will be critical in ensuring the state's cyber infrastructure remains safe and secure.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 13:30:42 |
Secure Data Collaboration Firm Duality Technologies Raises $30 Million (lien direct) |
Privacy-focused data collaboration solutions provider Duality Technologies today announced that it has raised $30 million in Series B funding. To date, the company has received a total of $49 million.
|
|
|
★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 12:45:49 |
Cloud Services Providers Introduce Trusted Cloud Principles (lien direct) |
Major cloud services providers last week formally introduced the Trusted Cloud Principles, an initiative aimed at bringing standardization and consistencies across platforms.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 12:19:08 |
Telecoms Giant Syniverse Discloses Years-Long Data Breach (lien direct) |
Syniverse, a company whose connectivity services are used by nearly all mobile carriers in the world, said hackers had access to its information technology (IT) and operational technology (OT) systems for years.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 11:44:09 |
Google Patches Over 50 Serious Vulnerabilities in Android (lien direct) |
Google on Monday announced the availability of new security patches for Android, aimed at addressing more than 50 vulnerabilities in the mobile operating system.
The most severe of the security flaws described in the October 2021 Security Bulletin is an issue in the Android System component that could be exploited to achieve remote code execution.
|
|
|
★★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 10:31:17 |
ICS Security Experts Share Tales From the Trenches - Part 2 (lien direct) |
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-05 10:00:07 |
NSA\'s Rob Joyce Explains \'Sand and Friction\' Security Strategy (lien direct) |
News Analysis: The newly minted director of cybersecurity at NSA offers a candid assessment of the nation-state threat landscape and argues that adding “sand and friction” to adversary operations is a winning strategy.
|
Threat
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 15:02:17 |
Two \'Prolific\' Ransomware Operators Arrested in Ukraine (lien direct) |
Two individuals who were allegedly part of a “prolific” ransomware group have been arrested in Ukraine, Europol and Ukraine's Cyber Police announced on Monday.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 13:25:57 |
Hackers Stole Cryptocurrency From Thousands of Coinbase Accounts (lien direct) |
Coinbase last week sent out notification letters to thousands of users to inform them that funds were stolen from their accounts during an attack earlier this year.
|
|
|
★★★
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 12:52:27 |
Expired Let\'s Encrypt Root Certificate Causes Problems for Many Companies (lien direct) |
A root certificate used by Let's Encrypt expired on September 30 and, despite being notified a long time in advance, many companies experienced problems.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 11:37:56 |
Pottawatomie County Fixing Systems After Ransomware Attack (lien direct) |
Computer systems are being restored in Pottawatomie County are after hackers launched a ransomware attack on Sept. 17, county officials said Friday.
The county resolved the attack by paying less than 10% of the hackers' original demands, County Administrator Chad Kinsley said in a statement.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 11:02:00 |
(Déjà vu) Cybersecurity M&A Roundup: 43 Deals Announced in September 2021 (lien direct) |
The number of cybersecurity-related mergers and acquisitions announced in the past months has remained constant, with roughly 40 deals announced in September 2021 as well.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 10:33:28 |
PoC Exploit Released for macOS Gatekeeper Bypass (lien direct) |
Rasmus Sten, a software engineer with F-Secure, has released proof-of-concept (PoC) exploit code for a macOS Gatekeeper bypass that Apple patched in April this year.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-04 08:38:08 |
Google Pledges $1 Million to Secure Open Source Program (lien direct) |
Google last week pledged $1 million in financial support to the Secure Open Source (SOS) rewards program run by the Linux Foundation.
The pilot program financially rewards developers who help improve the security of critical open source projects and is meant to complement existing vulnerability management programs.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-02 10:02:18 |
Suit Blames Baby\'s Death on Cyberattack at Alabama Hospital (lien direct) |
An Alabama woman whose 9-month-old daughter died has filed suit against the hospital where she was born claiming it did not disclose that its computer systems had been crippled by a cyberattack, which resulted in diminished care that resulted in the baby's death.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-01 13:16:42 |
Third-Party Identity Risk Provider SecZetta Raises $20.5 Million (lien direct) |
Third-party identity risk solutions provider SecZetta this week announced that it has raised $20.5 million in Series B funding, which brings the total raised by the company to $30.5 million.
The new investment round was led by SYN Ventures and new investor MassMutual Ventures. Existing investors ClearSky and Rally Ventures also contributed.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-01 12:26:35 |
Proposed Bill Would Require Organizations to Report Ransomware Payments (lien direct) |
U.S. senators this week introduced a bill that would require critical infrastructure organizations to inform the Cybersecurity and Infrastructure Security Agency (CISA) if they experience a cyberattack, and it would also require most private companies to notify the government if they have made a payment in response to a ransomware attack.
|
Ransomware
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-01 11:38:30 |
Neiman Marcus Confirms Payment Cards Compromised in Data Breach (lien direct) |
Luxury retail company Neiman Marcus Group on Thursday confirmed that customer information was indeed stolen in a data breach.
During the incident, which occurred in May 2020, hackers were able to exfiltrate information associated with online customer accounts, including payment card data, the company says.
|
Data Breach
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-01 10:58:28 |
Google Patches Two More Exploited Zero-Day Vulnerabilities in Chrome (lien direct) |
Google on Thursday announced the rollout of a Chrome update to address four security vulnerabilities, including two that are already being exploited in the wild.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-10-01 10:11:11 |
Google Patches Vulnerability in Cloud Endpoints Proxy (lien direct) |
A researcher has disclosed the details of a privilege escalation vulnerability he discovered in a Google Cloud component. The flaw was patched by Google in late August, but some users will need to manually update their systems to prevent potential exploitation.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-30 17:39:23 |
Hackers Can Exploit Apple AirTag Vulnerability to Lure Users to Malicious Sites (lien direct) |
Apple's AirTag product is affected by a vulnerability that could be exploited by hackers to lure unsuspecting users to phishing or other types of malicious websites.
|
Vulnerability
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-30 15:40:59 |
Xage Lands DOE Contract to Bring Zero Trust Principles to Emergency Responders (lien direct) |
Natural disasters such as extreme weather conditions can have a major disruptive effect on electricity supply. Power utilities are forced into emergency response status, which normally requires every available engineer from both in-house and third parties being called upon to find and fix the problems.
|
|
|
|
![SecurityWeek.webp](./Ressources/img/SecurityWeek.webp) |
2021-09-30 14:11:13 |
Telemetry Report Shows Patch Status of High-Profile Vulnerabilities (lien direct) |
|
Patching
|
|
|