What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-23 20:31:01 | Apple, Android Phones Targeted by Italian Spyware: Google (lien direct) | An Italy-based firm's hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said Thursday, casting a light on a "flourishing" spyware industry. | Tool | ||
|
2022-06-23 18:22:23 | A Year After Death, McAfee\'s Corpse Still in Spanish Morgue (lien direct) | The body of software entrepreneur John McAfee remained at a morgue in Spain Thursday a year after his death as a legal case filed by his family, who do not believe he committed suicide, is yet to be resolved. | ★★★★★ | ||
|
2022-06-23 15:45:42 | Biden Signs Two Cybersecurity Bills Into Law (lien direct) | Two bipartisan cybersecurity bills were signed into law on Tuesday, June 21, 2022, by US President Joe Biden: the Federal Rotational Cyber Workforce Program Act of 2021, and the State and Local Government Cybersecurity Act of 2021. | |||
|
2022-06-23 14:27:35 | Security Orchestration: Beware of the Hidden Financial Costs (lien direct) | Among the many improvements in cybersecurity technology and tools we've seen over the last few years, one of the most significant has been the inclusion of security automation and orchestration capabilities in solution categories beyond SOAR platforms. SIEM providers acquired stand-alone SOAR platforms, and endpoint detection and response (EDR) solutions broadened to include automation and orchestration capabilities to accelerate threat detection and response. | Tool Threat | ★★★★★ | |
|
2022-06-23 14:26:01 | Top Cryptographers Flag \'Devastating\' Flaws in MEGA Cloud Storage (lien direct) | Cryptographers at Swiss university ETH Zurich have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service and warned that the issues could lead to “devastating attacks on the confidentiality and integrity of user data in the MEGA cloud.” | Guideline | ||
|
2022-06-23 13:46:41 | Chinese APT \'Bronze Starlight\' Uses Ransomware to Disguise Cyberespionage (lien direct) | A China-linked state-sponsored hacking group named Bronze Starlight was observed deploying various ransomware families to hide the true intent of its attacks. | Ransomware | ||
|
2022-06-23 12:48:13 | Affected ICS Vendors Start Responding to OT:Icefall Vulnerabilities (lien direct) | Some of the industrial control system (ICS) vendors impacted by the OT:Icefall vulnerabilities have released advisories to inform customers about the impact of the flaws and to provide mitigations. | |||
|
2022-06-23 12:33:26 | Johnson Controls Acquires Tempered Networks to Shield Buildings From Cyberattacks (lien direct) | Acquisition allows Johnson Controls to bring zero trust security to connected buildings | |||
|
2022-06-23 11:13:05 | MCG Health Faces Lawsuit Over Data Breach Impacting 1.1 Million Individuals (lien direct) | Patient care guidelines provider MCG Health faces a proposed class lawsuit over the compromise of patient information during a March 2022 data breach. A wholly-owned subsidiary of the New York-based Hearst Health network, MCG Health combines artificial intelligence with clinical expertise to help healthcare organizations provide care to their patients. | Data Breach | ||
|
2022-06-23 10:46:27 | US Subsidiary of Automotive Hose Maker Nichirin Hit by Ransomware (lien direct) | A US subsidiary of Nichirin, a Japanese company that makes hoses for the automotive industry, was recently hit by ransomware. The company said on Wednesday in a press release written in Japanese that the attack, aimed at Nichirin-Flex USA, was discovered on June 14. Other Nichirin subsidiaries do not appear to be affected. | Ransomware | ||
|
2022-06-22 19:06:20 | Firmware Security Startup Binarly Raises $3.6 Million in Seed Funding (lien direct) | Firmware security company Binarly on Wednesday announced that it has raised $3.6 million in a seed funding round led by Westwave Capital and Acrobator Ventures. Several angel investors also took part in the seed round, which will help the startup speed up R&D initiatives, expand its engineering team, and scale adoption of its technologies. | |||
|
2022-06-22 18:45:52 | Microsoft: Russian Cyber Spying Targets 42 Ukraine Allies (lien direct) | 
|
|||
|
2022-06-22 13:42:57 | SMA Technologies Patches Critical Security Issue in Workload Automation Solution (lien direct) | A critical vulnerability in the SMA Technologies OpCon UNIX agent results in the same SSH key being deployed with all installations. Aimed at financial institutions and insurance firms, OpCon is a cross-platform process automation and orchestration solution that can be used for the management of workloads across business-critical operations. | Vulnerability | ||
|
2022-06-22 13:20:16 | Delivery Firm Yodel Scrambling to Restore Operations Following Cyberattack (lien direct) | Delivery services provider Yodel says it is working on restoring operations after falling victim to a disruptive cyberattack. One of the largest couriers in the United Kingdom, Yodel was initially known as the Home Delivery Network, but it rebranded itself after acquiring the B2B and B2C operations of DHL Express UK. | |||
|
2022-06-22 13:17:05 | Aqua Security Ships Open-Source Tool for Auditing Software Supply Chain (lien direct) | Cloud security startup Aqua Security has partnered with the Center for Internet Security (CIS) to create guidelines for software supply chain security and followed up by shipping an open-source auditing tool to ensure compliance with the new benchmark. | Tool | ||
|
2022-06-22 12:46:13 | Belgian, Dutch Police Dismantle Cybercrime Group (lien direct) | Europol announced on Tuesday that police have dismantled a cybercrime group that made millions of euros through phishing and other types of schemes. | |||
|
2022-06-22 12:10:20 | Google Patches 14 Vulnerabilities With Release of Chrome 103 (lien direct) | Google this week announced the release of Chrome 103 to the stable channel with patches for a total of 14 vulnerabilities, including nine reported by external researchers. The most severe of these bugs is CVE-2022-2156, which is described as a critical-severity use-after-free issue in Base. | |||
|
2022-06-22 11:29:40 | Adobe Acrobat Reader Shuns Security Products Due to Compatibility Issues (lien direct) | Adobe Acrobat Reader blocks certain antimalware solutions from injecting their DLLs into its processes, essentially denying them visibility and creating security risks, ransomware prevention company Minerva Labs reports. | Ransomware | ||
|
2022-06-22 10:54:46 | Industry Reactions to \'OT:Icefall\' Vulnerabilities Found in ICS Products (lien direct) | Cybersecurity firm Forescout has disclosed OT:Icefall, a collection of 56 vulnerabilities discovered across the products of ten companies that make operational technology (OT) systems. | |||
|
2022-06-22 10:28:39 | New \'ToddyCat\' APT Targets High-Profile Entities in Europe, Asia (lien direct) | Kaspersky has detailed the activity of ToddyCat, a relatively new advanced persistent threat (ATP) actor that has been targeting high-profile entities in Europe and Asia for more than a year and a half. | Threat | ||
|
2022-06-21 13:31:07 | Cyberint Scores $40 Million Late-Stage Investment (lien direct) | Latest funding brings the total raised by Cyberint to $68 million | |||
|
2022-06-21 13:22:23 | RevealSecurity Raises $23M for Application Detection and Response (lien direct) | RevealSecurity, an Israeli data security startup building technology to thwart malicious insider threats, on Tuesday announced the closing of a $23 million funding round led by SYN Ventures. In addition to SYN Ventures, Hanaco Ventures, SilverTech Ventures and World Trade Ventures also joined as RevealSecurity investors. | |||
|
2022-06-21 13:04:25 | Flagstar Bank Data Breach Affects 1.5 Million Customers (lien direct) | Michigan-based Flagstar Bank, which has more than 150 branches across several US states, has disclosed a data breach that involved threat actors accessing files containing the personal information of 1.5 million individuals. | Data Breach Threat | ||
|
2022-06-21 12:28:03 | From Basecamp to Icefall: Secure by Design OT Makes Little Headway (lien direct) | OT:Icefall: 56 vulnerabilities plague OT devices from 10 different major industrial manufacturers | |||
|
2022-06-21 10:58:48 | False Air Raid Sirens in Israel Possibly Triggered by Iranian Cyberattack (lien direct) | Air raid sirens sounded in the Israeli cities of Jerusalem and Eilat on Sunday evening and it appears that they were triggered by a cyberattack, possibly conducted by Iranian hackers. | |||
|
2022-06-21 10:48:33 | Do Privacy and Data Protection Regulations Create as Many Problems as They Solve? (lien direct) | Divergent goals often result in data protection laws that are fundamentally flawed | |||
|
2022-06-21 10:42:33 | French Encryption Firm Cosmian Raises $4.4 Million (lien direct) | French deep tech firm Cosmian on Monday announced that it has raised €4.2 million ($4.4 million) in a venture funding round that brings the total raised by the company to €5.6 million ($5.9 million). The new investment round was led by La Banque Postale – via its new 115K innovation fund – and previous investor Elaia Partners. | |||
|
2022-06-20 15:13:02 | AutomationDirect Patches Vulnerabilities in PLC, HMI Products (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has informed organizations that AutomationDirect has patched several high-severity vulnerabilities in some of its programmable logic controller (PLC) and human-machine interface (HMI) products. | |||
|
2022-06-20 12:54:05 | Germany\'s Green Party Says Email System Hit by Cyberattack (lien direct) | The German Green party, which is part of the country's governing coalition, says its IT system was hit by a cyberattack last month that affected email accounts belonging to Foreign Minister Annalena Baerbock and Economy Minister Robert Habeck. | |||
|
2022-06-20 12:05:13 | QNAP Appliances Targeted in New DeadBolt, eCh0raix Ransomware Campaigns (lien direct) | Network-attached storage (NAS) devices made by QNAP are being targeted in new attack campaigns involving DeadBolt and eCh0raix ransomware. | Ransomware | ||
|
2022-06-20 11:43:09 | Many OT Security Incidents Result in Outages Posing Physical Safety Risk: Fortinet (lien direct) | A survey conducted in March by Fortinet shows that over 40% of global cybersecurity incidents affecting organizations with operational technology (OT) systems resulted in outages that put physical safety at risk. | |||
|
2022-06-20 11:13:47 | ALPHV Ransomware Operators Pressure Victim With Dedicated Leak Site (lien direct) | Cybercriminals who are using the ALPHV ransomware created a dedicated leak website in an apparent attempt to pressure one of their victims into paying the ransom. | Ransomware | ||
|
2022-06-20 10:58:14 | Jury Convicts Seattle Woman in Massive Capital One Hack (lien direct) | A federal jury on Friday convicted a former Seattle tech worker of several charges related to a massive hack of Capital One bank and other companies in 2019. | Hack | ||
|
2022-06-20 10:10:17 | Breach at Eye Care Software Vendor Hits Millions of Patients (lien direct) | The personal information of millions of individuals may have been stolen by threat actors as a result of a data breach at Eye Care Leaders, a firm that provides electronic health record and practice management solutions. | Data Breach Threat Guideline | ||
|
2022-06-17 15:06:02 | Staffing Firm Robert Half Says Hackers Targeted Over 1,000 Customer Accounts (lien direct) | HR consulting firm Robert Half has started informing customers that their personal and financial information might have been compromised after hackers targeted their RobertHalf.com accounts. | |||
|
2022-06-17 14:11:02 | (Déjà vu) Now On Demand: SecurityWeek Cloud Security Summit, Presented by Palo Alto Networks (lien direct) | 
|
|||
|
2022-06-17 13:54:11 | Hybrid Networks Require an Integrated On-prem and Cloud Security Strategy (lien direct) | Today's dynamic networks change so fast that traditional point security solutions fail to keep up | |||
|
2022-06-17 13:49:51 | Law Enforcement Dismantle Infrastructure of Russian \'RSOCKS\' Botnet (lien direct) | The United States on Thursday announced the takedown of a botnet operated by Russian cybercriminals that ensnared millions of devices worldwide. | |||
|
2022-06-17 12:00:51 | Exploited Vulnerability Patched in WordPress Plugin With Over 1 Million Installations (lien direct) | More than one million WordPress websites were potentially impacted by a critical Ninja Forms plugin vulnerability that appears to have been exploited in the wild. With over one million installations, the popular Ninja Forms plugin helps administrators add customizable forms to their WordPress sites. | Vulnerability | ||
|
2022-06-17 11:34:55 | Cybersecurity M&A Deals Surge in First Half of June 2022 (lien direct) | 
|
|||
|
2022-06-17 10:27:04 | Costa Rica Chaos a Warning That Ransomware Threat Remains (lien direct) | Teachers unable to get paychecks. Tax and customs systems paralyzed. Health officials unable to access medical records or track the spread of COVID-19. A country's president declaring war against foreign hackers saying they want to overthrow the government. | Ransomware Threat | ||
|
2022-06-16 17:53:41 | \'MaliBot\' Android Malware Steals Financial, Personal Information (lien direct) | Researchers at F5 Labs have nabbed a new Android malware family capable of exfiltrating financial and personal information after taking control of infected devices. | Malware | ||
|
2022-06-16 17:19:09 | Volexity Blames \'DriftingCloud\' APT For Sophos Firewall Zero-Day (lien direct) | Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors and launch man-in-the-middle attacks. | Malware | ||
|
2022-06-16 14:48:36 | Microsoft Dismisses False Reports About End of Patch Tuesday (lien direct) | Microsoft has dismissed reports about June 14 being the last Patch Tuesday, as the rollout of the Windows Autopatch service seems to be causing some confusion. | |||
|
2022-06-16 13:18:51 | Cisco Patches Critical Vulnerability in Email Security Appliance (lien direct) | Cisco on Wednesday announced patches for a critical vulnerability affecting its Email Security Appliance (ESA) and Secure Email and Web Manager products. | Vulnerability | ||
|
2022-06-16 12:40:24 | 2,000 People Arrested Worldwide for Social Engineering Schemes (lien direct) | Interpol announced on Wednesday that many individuals have been arrested and a significant amount of criminal assets have been seized as part of an international law enforcement operation targeting social engineering schemes. | |||
|
2022-06-16 11:55:20 | Sophisticated Android Spyware \'Hermit\' Used by Governments (lien direct) | Security researchers at Lookout have analyzed a sophisticated Android spyware family that appears to have been created to serve nation-state customers. | APT 37 | ||
|
2022-06-16 10:39:55 | Researchers Discover Way to Attack SharePoint and OneDrive Files With Ransomware (lien direct) | Ransomware can attack data in the cloud and launch attacks on cloud infrastructure Researchers have discovered a functionality within Office 365 that could allow attackers to ransom files stored on SharePoint and OneDrive. On disclosure to Microsoft, the researchers were told the system 'is working as intended'. That is, it's a feature, not a flaw. | Ransomware | ||
|
2022-06-16 10:21:43 | Using the Defense Readiness Index to Improve Security Team Skills (lien direct) | The challenges organizations face in developing cyber skills have never been more acute. Too often, security teams find themselves locked into reactive modes, continuously responding to immediate threats without being afforded the time to learn from them, so there's no opportunity to cross-train and upskill is missed. | Threat | ||
|
2022-06-15 19:23:21 | At Second Trial, Ex-CIA Employee Defends Himself in Big Leak (lien direct) | A former CIA software engineer charged with causing the biggest theft of classified information in CIA history defended himself at the start of his trial Tuesday, telling jurors he was falsely accused and the victim of a political witch hunt. |
To see everything:
Our RSS (filtrered)
