What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-23 13:41:16 | Conti Ransomware Operation Shut Down After Brand Becomes Toxic (lien direct) | The Conti ransomware operation has undergone some significant organizational structure changes in the past months after the brand became toxic due to its affiliation with the Russian government. | Ransomware | ||
|
2022-05-23 13:24:30 | Facial Recognition Firm Clearview AI Fined $9.4 Million by UK Regulator (lien direct) | ICO orders Clearview AI to delete all UK data | |||
|
2022-05-23 11:31:22 | Over $1.1 Million Awarded at Pwn2Own Vancouver 2022 for 25 Zero-Day Vulnerabilities (lien direct) | 
Participants earned a total of more than $1.15 million at the Pwn2Own Vancouver 2022 hacking contest last week.
|
|||
|
2022-05-23 10:23:44 | Cisco Warns of Exploitation Attempts Targeting New IOS XR Vulnerability (lien direct) | Cisco informed customers on Friday that it's aware of in-the-wild exploitation attempts targeting a new vulnerability affecting its IOS XR software. | Vulnerability | ||
|
2022-05-23 08:52:29 | IBM Dives Into TrickBot Gang\'s Malware Crypting Operation (lien direct) | Researchers with IBM Security's X-Force division have analyzed 13 crypters employed by the cybercrime group behind the infamous TrickBot and Conti malware. | Malware | ||
|
2022-05-23 01:06:44 | Breach Exposed Data of Half-Million Chicago Students, Staff (lien direct) | The personal information of more than half a million Chicago Public Schools students and staff was compromised in a ransomware attack last December, but the vendor didn't report it to the district until last month, officials said. | Ransomware | ||
|
2022-05-20 12:37:19 | Nikkei Says Customer Data Likely Impacted in Ransomware Attack (lien direct) | Asian media giant Nikkei has disclosed a ransomware attack that might have impacted customer data. | Ransomware | ||
|
2022-05-20 12:15:12 | New Brute Force Attacks Against SQL Servers Use PowerShell Wrapper (lien direct) | Microsoft has warned organizations of a new wave of brute force cyberattacks that target SQL servers and use a rather uncommon living-off-the-land binary (LOLBin). Specifically, the attackers rely on a legitimate utility called sqlps.exe to achieve fileless persistence on SQL servers that use weak or default passwords. | |||
|
2022-05-20 11:45:29 | (Déjà vu) DoJ Will No Longer Use CFAA to Charge Ethical Hackers (lien direct) | The United States Department of Justice has announced that it would no longer charge ethical hackers under the controversial Computer Fraud and Abuse Act (CFAA). | |||
|
2022-05-19 17:50:03 | Pro-Russian Hackers Spread Hoaxes to Divide Ukraine, Allies (lien direct) | As Ukrainians flooded into Poland earlier this year to flee Russian invaders, a hacking group aligned with the Kremlin sought to spread rumors that criminal gangs were waiting to harvest the organs of child refugees. | |||
|
2022-05-19 17:35:51 | Researchers Spot Supply Chain Attack Targeting GitLab CI Pipelines (lien direct) | Security researchers at SentinelLabs are calling attention to a software chain supply attack targeting Rust developers with malware aimed directly at infecting GitLab Continuous Integration (CI) pipelines. | Malware | ||
|
2022-05-19 14:13:56 | Phishers Add Chatbot to the Phishing Lure (lien direct) | Researchers have discovered a new approach being taken by phishers to increase victim engagement and confidence: the addition of an interactive chatbot. We have all become accustomed to the chatbots used by many of the largest service providers – they are annoying, but something we must navigate. | |||
|
2022-05-19 14:01:44 | QuSecure Lauches Quantum-Resilient Encryption Platform (lien direct) | New firm launches to provide the Easy Button for implementing quantum secure encryption The pressure to implement quantum secure encryption is increasing. This isn't because functioning quantum computers able to crack asymmetric encryption are expected tomorrow, but because of the growing belief they could become available in five- or ten-years' time. | |||
|
2022-05-19 12:30:00 | Cloud Data Security Firm Dig Emerges From Stealth With $11 Million in Funding (lien direct) | Israel-based cloud data security company Dig Security on Thursday announced emerging from stealth mode with $11 million in seed funding. Dig's seed funding round was led by Israeli startup foundry Team8, with participation from CrowdStrike's Falcon Fund, CyberArk, Merlin Ventures, and several angel investors. | |||
|
2022-05-19 10:36:57 | US Recovers $15 Million From Ad Fraud Group (lien direct) | United States authorities announced this week that they have retrieved more than $15 million in illicit proceeds derived from the advertising fraud scheme known as “3ve.” | |||
|
2022-05-19 10:18:25 | Enterprise Data Protection Company Seclore Raises $27 Million (lien direct) | Enterprise data protection company Seclore this week announced that it has received $27 million in Series C growth funding, which brings the total raised by the firm to $46 million. The new investment round was led by Origami Capital Partners and Oquirrh Venture, and will allow Seclore to accelerate the development of its data security platform. | |||
|
2022-05-19 09:57:23 | CISA: Hackers Will Quickly Start Exploiting Newly Patched VMware Vulnerabilities (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organizations about two actively exploited VMware product vulnerabilities, and the agency believes two other freshly patched flaws will also be exploited soon. | |||
|
2022-05-19 08:42:20 | Microsoft Teams Exploits Earn Hackers $450,000 at Pwn2Own 2022 (lien direct) | Vulnerability researchers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022 hacking contest, including $450,000 for exploits targeting Microsoft Teams. | |||
|
2022-05-18 17:34:45 | Cornami Raises $68 Million for Quantum Secure Computing on Encrypted Data (lien direct) | Cornami, a company that helps organizations encrypt data to keep it safe from post-quantum threats, this week announced that it has raised $68 million in an oversubscribed Series C funding round. To date, the company has raised over $150 million. | |||
|
2022-05-18 15:06:31 | US Government Says North Korean IT Workers Enable DPRK Hacking Operations (lien direct) | The US government has warned companies that some of their IT workers may be from North Korea, and these individuals could be aiding their country's hacking operations. | |||
|
2022-05-18 15:06:01 | Now Live: SecurityWeek Threat Intelligence Summit Virtual Event (lien direct) | 
|
Threat | ||
|
2022-05-18 13:27:26 | The Vulnerable Maritime Supply Chain - a Threat to the Global Economy (lien direct) | 
|
Threat | ||
|
2022-05-18 12:39:28 | National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques (lien direct) | Cybersecurity agencies in the United States, the United Kingdom, Canada, the Netherlands, and New Zealand warn that threat actors exploit poor security practices for initial access to victim environments. | Threat | ||
|
2022-05-18 12:09:53 | Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver (lien direct) | The Shadowserver Foundation has started scanning the internet for Kubernetes API servers and found roughly 380,000 that allow some form of access. ShadowServer is conducting daily scans of the IPv4 space on ports 443 and 6443, looking for IP addresses that respond with an HTTP 200 OK status, which indicates that the request has succeeded. | Uber | ||
|
2022-05-18 10:51:46 | Carlyle to Acquire Defense Contractor ManTech in $4.2 Billion Deal (lien direct) | Private equity firm Carlyle is acquiring US defense contractor ManTech International Corporation in an all-cash deal valued at roughly $4.2 billion. | |||
|
2022-05-18 10:21:17 | NVIDIA Patches Code Execution Vulnerabilities in Graphics Driver (lien direct) | NVIDIA has announced the roll-out of updates for its graphics drivers to address multiple vulnerabilities, including four CVEs rated “high severity.” | |||
|
2022-05-18 08:38:10 | Large-Scale Attack Targeting Tatsu Builder WordPress Plugin (lien direct) | Tens of thousands of WordPress websites are potentially at risk of compromise as part of an ongoing large-scale attack targeting a remote code execution vulnerability in the Tatsu Builder plugin. | Vulnerability | ||
|
2022-05-17 16:47:02 | New Special Interest Group Aims to Enhance ICS/OT Cyber Defenses (lien direct) | MITRE has announced a new special interest group (SIG) whose goal is to help enhance cyber defenses for industrial control systems (ICS) and operational technology (OT). | |||
|
2022-05-17 16:33:32 | Learn to Use This First: Four Fundamental Tactics to Protect Email Ecosystems (lien direct) | There is a great line in the movie Braveheart where Uncle Argyle says to young William, “First, learn to use this, then I'll teach you to use this.” He is of course talking about William's mind over his sword, but it is a prophetic statement when applied to email security. Too often organizations are entering into an email ecosystem they are not prepared to safely use. It is our responsibility as security professionals to help with this. | |||
|
2022-05-17 14:05:47 | Access Orchestration Firm Pathlock Announces Several M&As and $200M Funding (lien direct) | Access orchestration solutions provider Pathlock has announced several mergers and acquisitions, as well as raising $200 million as part of these transactions. | |||
|
2022-05-17 13:28:12 | US Accuses Venezuelan Doctor of Creating and Selling Ransomware (lien direct) | A citizen of France and Venezuela has been charged in the United States for allegedly creating, using, and selling ransomware. | Ransomware | ||
|
2022-05-17 13:07:48 | SecurityWeek to Host Threat Intelligence Summit Virtual Event on May 18th (lien direct) |
|
Threat | ||
|
2022-05-17 12:24:22 | Musk: Doubt About Spam Accounts Could Scuttle Twitter Deal (lien direct) | 
|
Spam | ||
|
2022-05-17 12:16:59 | Pangea Lands $25 Million Investment for API Security Services (lien direct) | Serial entrepreneur Oliver Friedrichs scores $25 million from Ballistic Ventures to build an API security services platform. | |||
|
2022-05-17 11:45:16 | Apple Finally Patches Exploited Vulnerabilities in macOS Big Sur, Catalina (lien direct) | Apple on Monday rolled out security updates to patch tens of vulnerabilities across its operating systems, and it has finally released macOS Big Sur and Catalina patches for two exploited vulnerabilities. | |||
|
2022-05-17 10:40:41 | (Déjà vu) Cybersecurity M&A Roundup for May 1-15, 2022 (lien direct) | 
Fifteen cybersecurity-related M&A deals have been announced in the first half of May 2022.
|
|||
|
2022-05-16 17:21:06 | Researchers Devise New Type of Bluetooth LE Relay Attacks (lien direct) | Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations. | Tool | ||
|
2022-05-16 16:06:57 | Ransomware Gang Threatens to Overthrow Costa Rica Government (lien direct) | 
|
Ransomware | ||
|
2022-05-16 15:12:22 | Hackers Can Abuse Low-Power Mode to Run Malware on Powered-Off iPhones (lien direct) | 
|
Malware | ||
|
2022-05-16 13:58:33 | US, EU to Ramp Up Chip Making and Raise Pressure on Russia (lien direct) | The United States and the European Union announced on Monday a joint effort to boost microchip manufacturing and tackle Russian disinformation around the war in Ukraine. | |||
|
2022-05-16 13:53:35 | Defending the Healthcare Security Landscape in the Age of Connected Devices (lien direct) | Articles focused on cybersecurity threats facing the connected medical device market often cite a well-worn statistic: the average hospital bed in the United States has 10 to 15 internet-enabled devices that collect and transmit data. While this number is important, it only tells part of the larger story. | |||
|
2022-05-16 12:52:02 | \'Sysrv\' Botnet Targeting Recent Spring Cloud Gateway Vulnerability (lien direct) | A new variant of the Sysrv botnet has added a recent Spring Cloud Gateway vulnerability to its exploit portfolio, Microsoft warns. The Sysrv botnet has been active since at least late 2020, looking to exploit known security bugs in access interfaces in order to compromise Windows and Linux systems and install a Monero cryptominer on them. | Vulnerability | ★★ | |
|
2022-05-16 12:05:07 | SonicWall Patches Unauthorized Access Vulnerability in SMA Appliances (lien direct) | SonicWall has released patches for multiple vulnerabilities in its Secure Mobile Access (SMA) series appliances, including a high-severity issue that could lead to unauthorized access. | Vulnerability Guideline | ★★★★ | |
|
2022-05-16 11:16:20 | (Déjà vu) CISA Removes Windows Vulnerability From \'Must-Patch\' List Due to Buggy Update (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed a Windows flaw from its Known Exploited Vulnerabilities Catalog after it was informed by Microsoft that a recent update can cause problems on some types of systems. | Vulnerability | ||
|
2022-05-16 10:05:34 | Zyxel Firewall Vulnerability Exploitation Attempts Seen One Day After Disclosure (lien direct) | Exploitation attempts targeting a recently disclosed vulnerability affecting Zyxel firewalls started just one day after the flaw's existence came to light. | Vulnerability | ||
|
2022-05-14 19:48:45 | Hired \'Hackers\' Try, and Fail, to Invade Brazil Vote System (lien direct) | More than 20 would-be hackers gathered in the Brazilian electoral authority's headquarters in the capital this week. Their mission: infiltrate the nation's voting system ahead of a hotly anticipated race in October. | |||
|
2022-05-13 15:51:38 | Iran-Linked OilRig APT Caught Using New Backdoor (lien direct) | The Iran-linked hacking group OilRig was observed using a new backdoor in an attack against a government official within Jordan's foreign ministry, according to new research published this week. | APT 34 | ||
|
2022-05-13 15:11:38 | Hackers Can Make Siemens Building Automation Controllers \'Unavailable for Days\' (lien direct) | A vulnerability affecting building automation controllers from Siemens can be exploited to disrupt a device for an extended period of time, according to OT and IoT cybersecurity firm Nozomi Networks. | Vulnerability | ||
|
2022-05-13 13:26:53 | devOcean Emerges From Stealth With Cloud-Native Security Operations Platform (lien direct) | devOcean has emerged from stealth mode with a cloud-native security operations platform and $6 million in funding. The company's seed round was led by Glilot Capital Partners, with participation from angel investors. | APT 32 | ||
|
2022-05-13 12:41:23 | Critical Vulnerability Allows Remote Hacking of Zyxel Firewalls (lien direct) | Thousands of Zyxel firewalls could be vulnerable to remote attacks due to a vulnerability discovered recently by cybersecurity firm Rapid7. The vendor was quick to release a patch, but it did not immediately inform customers about it. | Vulnerability |
To see everything:
Our RSS (filtrered)
