What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-07 10:01:47 | Marriott Confirms Small-Scale Data Breach (lien direct) | International hotel chain Marriott has confirmed that an unknown threat actor has accessed data on a computer at one of its hotels. | Data Breach Threat | ||
|
2022-07-07 09:47:33 | Hackers Using \'Brute Ratel C4\' Red-Teaming Tool to Evade Detection (lien direct) | The Brute Ratel C4 (BRc4) red-teaming and adversarial attack simulation tool has been used by nation-state attackers to evade detection, according to security researchers at Palo Alto Networks. | Tool | ||
|
2022-07-06 18:15:34 | Apple Adds \'Lockdown Mode\' to Thwart .Gov Mercenary Spyware (lien direct) | Faced with a surge in state-sponsored mercenary spyware attacks targeting its flagship iOS platform, Apple plans to add a new 'Lockdown Mode' that significantly reduces attack surface and adds technical roadblocks to limit sophisticated software exploits. | |||
|
2022-07-06 17:35:35 | Researchers Flag \'Significant Escalation\' in Software Supply Chain Attacks (lien direct) | Security researchers at ReversingLabs are warning of a “significant escalation in software supply chain attacks” after discovering more than two dozen malicious NPM packages siphoning user data from mobile and desktop applications. | |||
|
2022-07-06 15:51:48 | Is an Infrastructure War on the Horizon? (lien direct) | On February 24, Russia launched its full-scale assault on Ukraine. The invader's weapons included tanks, heavy artillery… and software. On April 8, attackers armed with Industroyer2, a species of malware designed to incapacitate power stations and plunge whole cities into darkness, managed to briefly penetrate Ukrainian defenses, putting two million homes at risk. | Malware | ||
|
2022-07-06 15:32:35 | DoD Launches \'Hack US\' Bounties for Major Flaws in Publicly Exposed Assets (lien direct) | The United States Department of Defense (DoD) has launched a one-week bug bounty program to reward researchers who find high- and critical-severity vulnerabilities in publicly accessible assets owned by the DoD. | |||
|
2022-07-06 10:48:56 | Alleged Chinese Police Database Hack Leaks Data of 1 Billion (lien direct) | Hackers claim to have obtained a trove of data on 1 billion Chinese from a Shanghai police database in a leak that, if confirmed, could be one of the largest data breaches in history. | Hack | ||
|
2022-07-05 18:23:58 | Data Breach at PFC USA Impacts Patients of 650 Healthcare Providers (lien direct) | Just ahead of the 4th of July weekend, accounts receivable management firm Professional Finance Company (PFC USA) started sending out data breach notification letters to patients of over 650 healthcare providers across the country. | Data Breach | ||
|
2022-07-05 16:36:56 | UK Military Investigates Hacks on Army Social Media Accounts (lien direct) | British military authorities are trying to find out who hacked the army's social media accounts over the weekend, flooding them with cryptocurrency videos and posts related to collectible electronic art. | Hack | ||
|
2022-07-02 11:14:34 | Dutch Uni Gets Cyber Ransom Money Back... With Interest (lien direct) | A Dutch university that fell victim to a massive ransomware attack has partly received back its stolen money... which in the meantime more than doubled in value, a news report said on Saturday. | Ransomware | ||
|
2022-06-30 18:31:42 | Oak9 Lands $8 Million in New Venture Investment (lien direct) | Chicago-based Infrastructure-as-Code (IaC) startup oak9 has attracted new interest from venture capitalists with Cisco Investments and Morgan Stanley's Next Level Fund joining a new $8 million funding round. | |||
|
2022-06-30 17:27:16 | North Korea Lazarus Hackers Blamed for $100 Million Horizon Bridge Heist (lien direct) | The infamous North Korean Lazarus hacking group is the prime suspect in the $100 million hack of Harmony's Horizon Bridge, according to new data and research from blockchain analytics firm Elliptic. | Hack | APT 38 | |
|
2022-06-30 15:10:56 | Token Raises $13 Million for Its Biometric Authentication Ring (lien direct) | Wearable authentication solutions provider Token this week announced that it has raised $13 million in Series B funding. To date, the company has raised $22.9 million. Led by Grand Oaks Capital, the investment round will allow Token to accelerate product development and to increase demand for its technology. | |||
|
2022-06-30 13:37:05 | Google Workspace Now Warns Admins of Sensitive Changes (lien direct) | Google this week announced that new warnings added in the Google Workspace Alert Center will keep administrators notified of critical and sensitive configuration changes. | |||
|
2022-06-30 12:31:52 | SOHO Routers in North America and Europe Targeted With \'ZuoRAT\' Malware (lien direct) | A remote access trojan (RAT) targeting small office/home office (SOHO) devices has remained undetected for nearly two years, according to security researchers with Black Lotus Labs, the threat intelligence arm of Lumen Technologies. | Malware Threat | ||
|
2022-06-30 11:53:50 | Feature: Securing the Metaverse and Web3 (lien direct) |
Type:
Story
Image:
Link:
Building SecurityInto the Metaverse and Web3
Securing the Metaverse and Web3
|
★★★★★ | ||
|
2022-06-30 11:42:17 | Brocade Vulnerabilities Could Impact Storage Solutions of Several Major Companies (lien direct) | Broadcom revealed recently that some of the software provided by its storage networking subsidiary Brocade is affected by several vulnerabilities, and it seems possible that the flaws could impact the products of several major companies. | ★★★ | ||
|
2022-06-30 11:11:22 | Vulnerability in Amazon Photos Android App Exposed User Information (lien direct) | Cybersecurity firm Checkmarx has published details on a high-severity vulnerability in the Amazon Photos Android application that could have allowed malicious apps to steal an Amazon access token. | Vulnerability | ||
|
2022-06-30 10:33:18 | RSAC22 and Infosecurity Europe, Three Weeks, Two Events (lien direct) | In the last couple of years, events were taken online, moved to virtual forums and conducted using social platforms via video set-up. Events became simpler to attend, but the individual component of the experience was missing – we all wanted to mix with our peers and see the eyes of a vendor as they pitch their latest message for automation, intelligence, analytics, or response solutions for cybersecurity. | |||
|
2022-06-30 10:20:36 | Canadian NetWalker Ransomware Affiliate Pleads Guilty in US (lien direct) | A Canadian national has pleaded guilty in a United States court to charges related to his role in a cybercrime operation involving the NetWalker ransomware. Sebastien Vachon-Desjardins, 34, is a former Canadian government employee. He was previously sentenced to seven years in prison in Canada for ransomware attacks. | Ransomware Guideline | ★★★★ | |
|
2022-06-30 10:18:53 | Cyberattack Hits Norway, Pro-Russian Hacker Group Fingered (lien direct) | A cyberattack temporarily knocked out public and private websites in Norway in the past 24 hours, Norwegian authorities said Wednesday. | |||
|
2022-06-29 13:57:09 | Azure Service Fabric Vulnerability Can Lead to Cluster Takeover (lien direct) | Microsoft has patched a vulnerability that could allow an attacker with access to an Azure Linux container to escalate privileges and take over the entire cluster. | Vulnerability | ||
|
2022-06-29 13:31:52 | Securing the Metaverse and Web3 (lien direct) | 
|
|||
|
2022-06-29 13:26:03 | Firefox 102 Patches 19 Vulnerabilities, Improves Privacy (lien direct) | Mozilla this week announced the availability of Firefox 102 in the stable channel with patches for 19 vulnerabilities, including four high-severity bugs. | |||
|
2022-06-29 11:51:07 | CISA Calls for Expedited Adoption of Modern Authentication Ahead of Deadline (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies and private organizations to switch to Modern Auth in Exchange Online before October 1, 2022. | |||
|
2022-06-29 11:01:02 | MITRE Publishes 2022 List of 25 Most Dangerous Vulnerabilities (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) and the nonprofit organization MITRE have published the 2022 list of the 25 most dangerous vulnerabilities. | |||
|
2022-06-29 10:19:46 | CISA-Funded Project Enables Students With Disabilities to Learn Cybersecurity (lien direct) | Cybersecurity workforce development organization CYBER.ORG on Monday announced the launch of Project Access, a national effort to provide cybersecurity education to blind and visually impaired students. | |||
|
2022-06-28 19:51:12 | Normalyze Announces $22 Million for DSPM Technology (lien direct) | Bay Area startup Normalyze on Monday announced a $22 million in Series A funding as venture capital investors rush to place bets on the newly coined Data Security Posture Management (DSPM) space. | |||
|
2022-06-28 17:00:13 | Google Introduces New Capabilities for Cloud Armor Web Security Service (lien direct) | Google today announced a new set of features for Cloud Armor, its distributed denial-of-service (DDoS) mitigation service and web application firewall (WAF). | |||
|
2022-06-28 16:43:08 | CISA Says \'PwnKit\' Linux Vulnerability Exploited in Attacks (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) says a Linux vulnerability tracked as CVE-2021-4034 and PwnKit has been exploited in attacks. | Vulnerability | ||
|
2022-06-28 16:27:46 | Cyolo Banks $60M Series B for ZTNA Technology (lien direct) | Cyolo, an Israeli startup building technology for zero trust networking, on Monday announced a new $60 million investment led by the venture investing arm of National Grid. In addition to National Grid Partners, Cyolo said it scored investments from Glilot Capital Partners, Flint Capital, Differential Ventures, and Merlin Ventures. | |||
|
2022-06-28 14:21:59 | Chinese Threat Actor Targets Rare Earth Mining Companies in North America, Australia (lien direct) | Mandiant's security researchers have been tracking influence campaigns that a Chinese threat actor named Dragonbridge has been conducting against rare earth mining companies in Australia, Canada, and the United States. | Threat | ||
|
2022-06-28 13:01:05 | New Database Catalogs Cloud Vulnerabilities, Security Issues (lien direct) | Cloud security company Wiz has announced the launch of a new database whose goal is to keep track of vulnerabilities and other security issues affecting cloud services. | |||
|
2022-06-28 12:27:39 | Cyber-Physical Security: Benchmarking to Advance Your Journey (lien direct) | Operational resilience is a priority and organizations are decisive about protecting cyber-physical systems (CPS) in today's consolidated and converged reality | |||
|
2022-06-28 12:23:49 | Chinese Hackers Target Building Management Systems (lien direct) | Threat hunters at Kaspersky have uncovered a series of attacks that targeted organizations across telecoms, transportation, and industrial sectors with the ShadowPad backdoor. The campaign hit the manufacturing and telecoms industries in Afghanistan and Pakistan, and a logistics and transport organization (a port) in Malaysia. | |||
|
2022-06-28 11:06:53 | LockBit 3.0 Ransomware Emerges With Bug Bounty Program (lien direct) | The LockBit 3.0 ransomware operation was launched recently and it includes a bug bounty program offering up to $1 million for vulnerabilities and various other types of information. | Ransomware | ||
|
2022-06-27 17:35:51 | Lithuania Says Hit by Cyberattack, Russia \'Probably\' to Blame (lien direct) | Lithuania said Monday it had been hit by an "intense" cyberattack, probably Russian, days after Moscow protested restrictions Vilnius imposed on the rail transit of certain goods to Kaliningrad. | |||
|
2022-06-27 15:14:10 | NIST Releases New macOS Security Guidance for Organizations (lien direct) | The National Institute of Standards and Technology (NIST) has published the final version of its guidance on securing macOS endpoints and assessing their security. | |||
|
2022-06-27 14:06:11 | House Passes ICS Cybersecurity Training Bill (lien direct) | The US House of Representatives has passed a new cybersecurity bill named the “Industrial Control Systems Cybersecurity Training Act.” | |||
|
2022-06-27 13:02:44 | Cerby Emerges From Stealth With Security Platform for Unmanageable Apps (lien direct) | California-based company Cerby on Monday announced that it has emerged from stealth mode with a security platform for unmanageable applications, as well as $12 million in seed funding. | |||
|
2022-06-27 12:20:01 | FTC Takes Action Against CafePress Over Massive Data Breach, Cover-Up (lien direct) | The Federal Trade Commission (FTC) on Friday announced that it has finalized an order against CafePress, requiring it to improve its security posture following a cybersecurity incident that the company attempted to cover up. | |||
|
2022-06-27 11:13:05 | Netsec Goggle Customizes Brave Search Results to Show Only Cybersecurity Websites (lien direct) | Cybersecurity consulting firm Forces Unseen has developed a “Goggle” for the Brave search engine that allows users to obtain results only from cybersecurity websites. | |||
|
2022-06-27 10:08:30 | Cyberattack Forces Iran Steel Company to Halt Production (lien direct) | One of Iran's major steel companies said on Monday it was forced to halt production after being hit by a cyberattack, apparently marking one of the biggest such assaults on the country's strategic industrial sector in recent memory. | |||
|
2022-06-24 13:53:25 | Researchers: It Took Oracle 6 Months to Patch \'Mega\' Vulnerability Affecting Many Systems (lien direct) | Security researchers have published technical details on a critical Fusion Middleware vulnerability that Oracle took six months to patch. | Vulnerability | ||
|
2022-06-24 13:38:18 | CrowdStrike: Ransomware Actor Caught Exploiting Mitel VOIP Zero-Day (lien direct) | Security researchers at CrowdStrike have stumbled upon ransomware actors deploying zero-day exploits against Mitel VOIP appliances sitting on the network perimeter. | Ransomware | ||
|
2022-06-24 12:21:16 | Black Basta Ransomware Becomes Major Threat in Two Months (lien direct) | 
|
Ransomware Threat | ||
|
2022-06-24 12:12:43 | Hadrian Raises $11 Million for Offensive Security Platform (lien direct) | Offensive security startup Hadrian today announced that it has received €10.5 million ($11 million) in unsolicited seed funding that brings the total invested in the company to $13.7 million. The investment round was led by HV Capital, with participation from Picus Capital, previous investor Slimmer.AI, and various angel investors. | |||
|
2022-06-24 11:20:20 | Codesys Patches 11 Flaws Likely Affecting Controllers From Several ICS Vendors (lien direct) | Codesys this week announced patches for nearly a dozen vulnerabilities discovered in the company's products by researchers at Chinese cybersecurity firm NSFocus. | |||
|
2022-06-24 10:30:56 | US Agencies Warn Organizations of Log4Shell Attacks Against VMware Products (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) and the Coast Guard Cyber Command (CGCYBER) have issued a joint advisory to warn organizations that threat actors continue to exploit the Log4Shell vulnerability in VMware Horizon and Unified Access Gateway (UAG) servers. | Vulnerability Threat | ★★ | |
|
2022-06-24 09:59:13 | US, UK, New Zealand Issue PowerShell Security Guidance (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the National Cyber Security Centres in New Zealand (NZ NCSC) and the United Kingdom (NCSC-UK) have issued joint guidance on the proper configuration and monitoring of PowerShell to eliminate the risk of abuse. |
To see everything:
Our RSS (filtrered)
