What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-13 11:22:38 | \'IceApple\' Post-Exploitation Framework Created for Long-Running Operations (lien direct) | CrowdStrike has detailed a new post-exploitation framework that could be the work of a state-sponsored threat actor, one likely linked to China. | Threat | ||
|
2022-05-13 11:08:59 | Critical Vulnerabilities Provide Root Access to InHand Industrial Routers (lien direct) | A total of 17 vulnerabilities have been found in a wireless industrial router made by InHand Networks, including flaws that can be chained to gain root access by getting a user to click on a malicious link. | |||
|
2022-05-13 10:43:10 | Ukrainian Sentenced to US Prison for Selling Hacked Credentials (lien direct) | A Ukrainian national has been sentenced to four years in a US prison for decrypting stolen usernames and passwords and selling them on a dark web marketplace. | ★★ | ||
|
2022-05-13 10:12:51 | Organizations in Europe Targeted With New \'Nerbian\' RAT (lien direct) | Proofpoint's security researchers have documented a new remote access trojan (RAT) being used in a series of recent attacks targeting various industries in multiple European countries. | ★★ | ||
|
2022-05-12 20:37:12 | Maryland Governor Signs Bills to Strengthen Cybersecurity (lien direct) | Gov. Larry Hogan signed measures to strengthen cybersecurity in state and local governments in Maryland on Thursday, after lawmakers approved legislation and big investments earlier this year to protect vital systems against cyberattacks. | ★★ | ||
|
2022-05-12 20:24:54 | Costa Rica Declares Emergency in Ongoing Cyberattack (lien direct) | 
|
Ransomware | ★★ | |
|
2022-05-12 18:00:04 | BalkanID Raises $6M for Intelligent IGA Technology (lien direct) | BalkanID, a startup with ambitious plans to disrupt the Identity Governance and Administration (IGA) space, has banked $5.75 million in seed funding to help organizations find and remediate risky privileges across SaaS and public cloud infrastructure. | ★★ | ||
|
2022-05-12 16:24:06 | Russia Pushes Law to Force Taxi Apps to Share Data With Spy Agency (lien direct) | Russia's government has put forward a law to force ride-hailing apps to give the FSB intelligence agency real-time access to their data. The Russian authorities have been ramping up restrictions on public freedoms since the start of Moscow's offensive in Ukraine on February 24. | ★★★★ | ||
|
2022-05-12 14:10:14 | Size of Early Stage Cyber Deals Continues to Surge: DataTribe (lien direct) | Early stage cybersecurity deals continue to surge in terms of valuation and round size, and cyber may be more resilient to economic conditions compared to other verticals, cybersecurity venture capital firm and incubator DataTribe said in its latest Insights report. | ★★ | ||
|
2022-05-12 13:33:17 | Application Security Firm StackHawk Bags $20.7 Million in Series B Funding (lien direct) | Application security startup StackHawk today announced that it has raised $20.7 million in Series B funding, which brings the total investment in the company to $35.3 million. The funding round was co-led by Sapphire Ventures and Costanoa Ventures, with additional investment from Foundry Group and other investors. | ★★ | ||
|
2022-05-12 13:18:29 | Iranian Cyberspy Group Launching Ransomware Attacks Against US (lien direct) | Over the past several months, Iran-linked cyberespionage group Charming Kitten has been engaging in financially-motivated activities, the Secureworks Counter Threat Unit (CTU) reports. | Ransomware Threat Conference | APT 35 APT 35 | ★★★ |
|
2022-05-12 12:59:47 | Zero Trust Firm Xage Security Adds $6 Million \'Top-up\' to $30 Million Series B Funding (lien direct) | Palo Alto, Calif-based firm Xage has raised a $6 million top-up to the $30 million Series B funding it secured in January 2022. The new financing comes from SCF Partners, an investor in energy and critical infrastructure services, and Overture Venture Capital, which specializes in startups in government, energy and climate. | |||
|
2022-05-12 11:45:21 | HP Patches UEFI Vulnerabilities Affecting Over 200 Computers (lien direct) | HP on Wednesday announced the release of patches for two high-severity vulnerabilities that impact the UEFI firmware of more than 200 laptops, workstations, and other products. | ★★★★ | ||
|
2022-05-12 11:08:03 | Hundreds of Thousands of Konica Printers Vulnerable to Hacking via Physical Access (lien direct) | Researchers at Atos-owned cybersecurity consulting firm SEC Consult analyzed Konica Minolta printers to determine what could be achieved by an attacker who has physical access to a device. The answer: a lot! | ★★★ | ||
|
2022-05-12 10:38:11 | Prepare for What You Wish For: More CISOs on Boards (lien direct) | We have a long way to go to get adequate cybersecurity expertise on boards, but the time has come to make it happen | ★★ | ||
|
2022-05-12 10:19:38 | Intel Patches High-Severity Vulnerabilities in BIOS, Boot Guard (lien direct) | Intel on Tuesday announced the release of patches for multiple vulnerabilities across its product portfolio, including a series of high-severity vulnerabilities in the BIOS firmware of several processor models. | ★★★ | ||
|
2022-05-11 15:39:24 | The Importance of Wellness for Security Teams (lien direct) | With the talent shortage in security, employers need to use a variety of tools to recruit and retain top talent | ★★★ | ||
|
2022-05-11 15:37:18 | (Déjà vu) Chrome 101 Update Patches High-Severity Vulnerabilities (lien direct) | Google this week announced the release of a Chrome browser update that resolves a total of 13 vulnerabilities, including nine that were reported by external researchers. Of the externally reported security holes, seven are use-after-free bugs – these types of vulnerabilities could lead to arbitrary code execution. | Guideline | ★★★ | |
|
2022-05-11 15:09:47 | SaaS App Vanity URLs Can Be Spoofed for Phishing, Social Engineering (lien direct) | Vanity URLs offered by SaaS applications can be spoofed by malicious actors for phishing and social engineering, according to data security and analytics company Varonis. | ★★★ | ||
|
2022-05-11 14:56:25 | Ransomware Attack a Nail in the Coffin as Lincoln College Closes After 157 Years (lien direct) | Ransomware Attack and Covid-19 Blamed for Closure of Abraham Lincoln's Namesake College After 157 Years | ★★ | ||
|
2022-05-11 13:07:49 | Healthcare Technology Provider Omnicell Discloses Ransomware Attack (lien direct) | Healthcare technology company Omnicell revealed in a filing with the United States Securities and Exchange Commission (SEC) that it recently fell victim to a ransomware attack. | Ransomware | ★★★ | |
|
2022-05-11 12:21:09 | ICS Patch Tuesday: Siemens, Schneider Electric Address 43 Vulnerabilities (lien direct) | The 15 new advisories released by Siemens and Schneider Electric this Patch Tuesday address a total of 43 vulnerabilities, including ones that have been assigned a “critical” severity rating. | ★★★★ | ||
|
2022-05-11 12:01:48 | Webinar Today: Managing IoT/OT Visibility, Protection and Monitoring in a Zero Trust Environment (lien direct) | 
|
★★★ | ||
|
2022-05-11 11:48:38 | Africa Grapples With Way Forward on Cybercrime (lien direct) | Cyber experts are urging Africa to up its game in the face of criminals targeting the continent's fast-growing internet economy with scams and theft. | ★★ | ||
|
2022-05-11 11:17:40 | SAP Patches Spring4Shell Vulnerability in More Products (lien direct) | As part of its May 2022 Security Patch Day, SAP announced on Tuesday the release of eight new and four updated security notes, including three that address the recent Spring4Shell vulnerability in more products. | Vulnerability | ★★★ | |
|
2022-05-11 10:49:16 | Critical Vulnerability Exploited to \'Destroy\' BIG-IP Appliances (lien direct) | The recently patched F5 BIG-IP vulnerability tracked as CVE-2022-1388 is being increasingly exploited by threat actors, including to “destroy” affected appliances. | Vulnerability Threat | ★★★ | |
|
2022-05-11 10:09:56 | Windows Print Spooler Vulnerabilities Increasingly Exploited in Attacks (lien direct) | The number of attacks targeting Windows Print Spooler vulnerabilities has been increasing, according to cybersecurity firm Kaspersky. | ★★★★ | ||
|
2022-05-11 00:36:09 | Hackers Hit Web Hosting Provider Linked to Oregon Elections (lien direct) | A week before Oregon's primary election, the secretary of state's office is moving to protect the integrity of its online system where campaign finance records are published after a web hosting provider was hit by a ransomware attack. | Ransomware | ★★★★ | |
|
2022-05-10 18:22:58 | Patch Tuesday: Microsoft Warns of New Zero-Day Being Exploited (lien direct) | Microsoft on Tuesday released critical software updates to fix at least 73 documented security flaws in the Windows ecosystem and warned that unknown attackers are already launching zero-day man-in-the-middle attacks. | ★★★★ | ||
|
2022-05-10 18:02:52 | New Malware Samples Indicate Return of REvil Ransomware (lien direct) | New malware samples and a new Tor-based leak website suggest that the REvil ransomware operation has been resumed. Secureworks, which tracks the group behind REvil as Gold Southfield, has conducted an analysis of malware samples apparently created in March and April, and determined that the developer likely has access to the original REvil source code. | Ransomware Malware | ★★★ | |
|
2022-05-10 17:22:14 | Microsoft Azure Vulnerability Allowed Code Execution, Data Theft (lien direct) | Microsoft on Monday shared information on patches and mitigations for a vulnerability impacting Azure Data Factory and Azure Synapse Pipelines. | Vulnerability | ★★★★ | |
|
2022-05-10 16:32:05 | Adobe Warns of \'Critical\' Security Flaws in Enterprise Products (lien direct) | Software maker Adobe on Tuesday shipped patches to cover at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems are at risk of remote code execution attacks. | ★★★★ | ||
|
2022-05-10 12:33:20 | Email Security Firm Abnormal Security Raises $210 Million at $4 Billion Valuation (lien direct) | Email security startup Abnormal Security announced today that it has reached a $4 billion valuation after raising $210 million in a Series C investment, which brings the total raised by the AI-focused cybersecurity company to $285 million. | ★★ | ||
|
2022-05-10 12:09:36 | DarkCrystal RAT Offers Many Capabilities for Very Low Price (lien direct) | BlackBerry's security researchers have performed a deep analysis of the DarkCrystal RAT and the dark web activity of its developer. | ★★★★ | ||
|
2022-05-10 11:49:30 | (Déjà vu) West Blames Russia for Satellite Hack Ahead of Ukraine Invasion (lien direct) | Western powers on Tuesday accused Russian authorities of carrying out a cyberattack against a satellite network an hour before the invasion of Ukraine to pave the way for its assault. | Hack | ★★★ | |
|
2022-05-10 11:49:30 | EU Blames Russia for Satellite Hack Ahead of Ukraine Invasion (lien direct) | The European Union on Tuesday accused the Russian authorities of carrying out a cyberattack against a satellite network an hour before the invasion of Ukraine to pave the way for its assault. | Hack | ★★★ | |
|
2022-05-10 11:26:52 | Technical Details, IoCs Available for Actively Exploited BIG-IP Vulnerability (lien direct) | Indicators of compromise (IoCs) and other resources have been released to help defenders deal with the actively exploited F5 BIG-IP vulnerability tracked as CVE-2022-1388. | Vulnerability | ★★★★ | |
|
2022-05-10 10:51:50 | QNAP Patches Critical Vulnerability in Network Surveillance Products (lien direct) | Taiwanese network-attached storage (NAS) solutions provider QNAP Systems on Friday announced patches for a critical vulnerability impacting some of its network surveillance products. | Vulnerability | ★★★ | |
|
2022-05-10 10:17:22 | Microsoft Flexes Security Vendor Muscles With Managed Services (lien direct) | 
|
★★★ | ||
|
2022-05-10 10:05:31 | 7 Steps to Start Reducing Risk to Your Critical Infrastructure Quickly (lien direct) | In my previous column, I wrote about the steady drumbeat of alerts, news reports, and actual attacks demonstrating that critical infrastructure has been in the crosshairs of nation-state threat actors and cyber criminals for years. Now, evolving intelligence indicates attacks on critical infrastructure networks are taking center stage in the theater of war. | Threat | ★★ | |
|
2022-05-10 00:17:05 | Settlement Curbs Firm\'s Facial Recognition Database in US (lien direct) | Startup Clearview AI has agreed to limit access to its controversial facial recognition database in the United States, settling a lawsuit filed by privacy advocates, a court filing showed Monday. | ★★★ | ||
|
2022-05-09 17:19:16 | U.S. Offers $15 Million Bounty for Leaders of Conti Ransomware Gang (lien direct) | Eager to hunt down key leaders of the Conti ransomware gang, the United States Government is willing to pay up to $10 million for information leading to the identification and/or location of anyone holding a key leadership role in the group. | Ransomware Guideline | ★★★ | |
|
2022-05-09 13:55:07 | Regulator Proposes $1 Million Fine for Colonial Pipeline One Year After Cyberattack (lien direct) | 
|
★★ | ||
|
2022-05-09 12:43:56 | Ransomware Attack Hits Production Facilities of Agricultural Equipment Giant AGCO (lien direct) | Agricultural equipment giant AGCO says its business operations have been impacted after falling victim to a ransomware attack last week. AGCO designs, makes, and distributes agricultural machinery and precision technology, offering equipment under brands such as Challenger, Fendt, Massey Ferguson, and Valtra. | Ransomware | ★★★ | |
|
2022-05-09 11:32:32 | RubyGems Fixes Critical Gem Takeover Vulnerability (lien direct) | RubyGems has addressed a critical vulnerability that could have allowed any RubyGems.org user to remove and replace certain Ruby gems. A package hosting service for the Ruby programming language, RubyGems.org hosts more than 170,000 gems. RubyGems also functions as a package manager. | Vulnerability | ★★ | |
|
2022-05-09 11:06:56 | F5 BIG-IP in Attacker Crosshairs Following Disclosure of Critical Vulnerability (lien direct) | Organizations using F5's BIG-IP application delivery controllers are advised to immediately update their systems as a recently patched vulnerability is already being exploited in the wild. | Vulnerability | ★★★★ | |
|
2022-05-06 17:10:11 | Zero Trust VPN Company Tailscale Raises $100 Million (lien direct) | Zero trust enterprise VPN provider Tailscale this week announced that it has closed a $100 million Series B funding round that brings the total raised by the company to $115 million. The investment round was led by CRV and Insight Partners, with participation from existing investors Accel, Heavybit, Uncork Capital, and angel investors. | ★★ | ||
|
2022-05-06 13:34:41 | Heroku Shares Details on Recent GitHub Attack (lien direct) | Platform-as-a-service company Heroku this week shared additional details on an April cyberattack that resulted in unauthorized access to multiple customers' GitHub repositories. | ★★★★ | ||
|
2022-05-06 13:18:38 | Tech Giants Unite in Effort to Scrap Passwords (lien direct) | Apple, Google, and Microsoft announce support for passwordless sign-in via FIDO open authentication standard | ★★★★ | ||
|
2022-05-06 11:29:30 | Impact of Alexa Ranking Service Shutdown on Cybersecurity Industry (lien direct) | 
|
★★★★ |
To see everything:
Our RSS (filtrered)
