What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-05 10:09:00 | Cisco Patches Critical VM Escape in NFV Infrastructure Software (lien direct) | Cisco on Wednesday announced patches to address severe vulnerabilities in Enterprise Network Function Virtualization Infrastructure Software (NFVIS), including a critical bug that allows attackers to escape from a guest virtual machine (VM). | |||
|
2022-05-05 01:35:25 | Idaho Needs to Shore Up Cybersecurity, Task Force Says (lien direct) | Idaho needs to be better prepared to defend against inevitable cyberattacks that could harm individuals, businesses and critical infrastructure, the Governor's Cybersecurity Task Force said in a report released Wednesday. | |||
|
2022-05-04 19:25:46 | Kaspersky Warns of Fileless Malware Hidden in Windows Event Logs (lien direct) | Threat hunters at Kaspersky are publicly documenting a malicious campaign that abuses Windows event logs to store fileless last stage Trojans and keep them hidden in the file system. | Malware | ||
|
2022-05-04 19:16:02 | Google Sees More APTs Using Ukraine War-Related Themes (lien direct) | Researchers at Google's Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyberattacks went up in April with a surge in malware attacks targeting critical infrastructure. | Malware Threat | ||
|
2022-05-04 18:22:21 | Hubble Technology Banks $9 Million for Asset Visibility Platform (lien direct) | An early-stage Virginia startup has banked $9 million in venture capital funding to build an “agentless technology asset visibility” aimed at disrupting the asset management space. | |||
|
2022-05-04 17:36:35 | F5 Informs BIG-IP Customers About 18 Serious Vulnerabilities (lien direct) | Security and application delivery solutions provider F5 on Wednesday released another quarterly security notification, which informs customers about more than 50 vulnerabilities and security exposures. | ★★★★ | ||
|
2022-05-04 16:28:39 | China-Linked Winnti APT Group Silently Stole Trade Secrets for Years: Report (lien direct) | "CuckooBees" campaign operated by Chinese cyber espionage group went undetected since 2019 | APT 41 | ||
|
2022-05-04 13:58:28 | Webinar Today: Blast Radius & Simulated Attack Paths (lien direct) | 
|
|||
|
2022-05-04 13:50:11 | Cisco Issues Fresh Warning Over Counterfeit Switches (lien direct) | Cisco has issued a “field notice” to advise customers of its Catalyst 2960X/2960XR switches to upgrade the IOS software on their devices in order to ensure that they are not counterfeit. | |||
|
2022-05-04 11:33:45 | Application Security Firm ShiftLeft Raises $29 Million (lien direct) | Application security firm ShiftLeft on Tuesday announced that it has received $29 million in expansion capital funding, which brings the total raised by the company to over $58 million. The new funding round was led by Blackstone Innovations Investments and SYN Ventures, with participation from previous investors. | |||
|
2022-05-04 11:20:20 | Chinese Hackers Abuse Cybersecurity Products for Malware Execution (lien direct) | Researchers at cybersecurity firm SentinelOne have observed a Chinese hacking group taking a trial-and-error approach to abusing antivirus applications for the sideloading of malicious DLLs. | Malware | ||
|
2022-05-04 10:37:29 | Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption (lien direct) | A researcher has shown how a type of vulnerability affecting many ransomware families can be exploited to control the malware and terminate it before it can encrypt files on compromised systems. | Ransomware Malware Vulnerability | ||
|
2022-05-03 18:01:03 | Cyberespionage Group Targeting M&A, Corporate Transactions Personnel (lien direct) | Security researchers at Mandiant are documenting the discovery of a new hacking group focused on cyberespionage targeting employees responsible for corporate development, large corporate transactions, and mergers and acquisitions. | |||
|
2022-05-03 16:48:52 | German Finance Watchdog Sees \'Very Big\' Risk of Cyberattacks (lien direct) | Germany's financial regulator BaFin warned Tuesday of the "very big" risk of cyberattacks targeting the financial sector, a threat it said had become "more likely" since Russia's war on Ukraine. | Threat | ||
|
2022-05-03 15:45:00 | For Smaller Enterprises Infrastructure Security Starts With Hygiene (lien direct) | The surge of cyber attacks in 2021 was a wake-up call for consumers, who felt the firsthand effects that can result from a breach. | |||
|
2022-05-03 14:24:45 | Cyberattack Causes Disruptions at Car Rental Giant Sixt (lien direct) | Sixt, a major car rental company that has more than 2,000 locations across over 110 countries, has been targeted in a cyberattack that caused some temporary disruptions. Sixt said it detected suspicious activity on IT systems on April 29 and soon confirmed that it had been hit by a cyberattack. | |||
|
2022-05-03 13:39:18 | Traceable AI Snags $60M for API Security Tech (lien direct) | Traceable AI, a startup building technology to reduce attack surfaces in APIs, has banked a new $60 million funding round that values the company at $450 million. | |||
|
2022-05-03 13:35:53 | Identity-Based Infrastructure Access Firm Teleport Raises $110 Million (lien direct) | Valued at $1.1 billion, Teleport becomes latest cybersecurity Unicorn | |||
|
2022-05-03 13:27:38 | DoD Announces Results of Vulnerability Disclosure Program for Defense Contractors (lien direct) | The US Department of Defense (DoD) on Monday announced the conclusion of a 12-month pilot Defense Industrial Base-Vulnerability Disclosure Program (DIB-VDP) aimed at finding flaws in contractor networks. | Vulnerability | ||
|
2022-05-03 12:46:32 | Many IoT Devices Exposed to Attacks Due to Unpatched Flaw in uClibc Library (lien direct) | Nozomi Networks, a firm specialized in securing operational technology (OT) and IoT systems, has disclosed a potentially serious vulnerability affecting a C standard library used by several major companies. | Vulnerability | ||
|
2022-05-03 12:44:42 | Deepfakes Are a Growing Threat to Cybersecurity and Society: Europol (lien direct) | Deepfakes, left unchecked, are set to become the cybercriminals' next big weapon | Threat | ||
|
2022-05-03 11:41:44 | California Man Convicted for Stealing Millions From DoD via Phishing Scheme (lien direct) | A California man was convicted last week for his role in a multi-million dollar phishing scheme targeting the US Department of Defense (DoD). | |||
|
2022-05-03 11:27:34 | Vulnerabilities in Aruba and Avaya Switches Expose Enterprise Networks to Attacks (lien direct) | Switches used by organizations around the world are affected by critical vulnerabilities that could allow malicious actors to gain remote access to enterprise networks and steal valuable data, according to enterprise device security company Armis. | |||
|
2022-05-03 10:24:15 | Michigan College Cancels Classes After Ransomware Attack (lien direct) | A Michigan community college has cancelled classes indefinitely following a ransomware attack over the weekend. | Ransomware | ||
|
2022-05-03 10:08:45 | Russian Cyberspies Target Diplomats With New Malware (lien direct) | Russian cyberespionage group APT29 has been observed using new malware and techniques in phishing campaigns targeting diplomatic organizations in Europe, the Americas, and Asia, Mandiant reports. | Malware | APT 29 | |
|
2022-05-03 08:51:21 | Google Rolls Out Developer Preview of Android Privacy Sandbox (lien direct) | Google has taken another step toward enabling new privacy-focused advertising solutions on Android, with the release of Privacy Sandbox in developer preview. | |||
|
2022-05-02 17:01:49 | GitHub Says Recent Attack Was Highly Targeted (lien direct) | Microsoft-owned code hosting platform GitHub says the recent cyberattack that resulted in the cloning of private repositories was highly targeted in nature. | |||
|
2022-05-02 13:31:56 | Smallstep Raises $26 Million for Automated Certificate Management Platform (lien direct) | Certificate management startup Smallstep Labs announced that it has raised $26 million in funding from several venture capital firms. | |||
|
2022-05-02 13:13:15 | New Black Basta Ransomware Possibly Linked to Conti Group (lien direct) | 
A new ransomware operation named Black Basta has targeted at least a dozen companies and some researchers believe there may be a connection to the notorious Conti group.
|
Ransomware | ||
|
2022-05-02 12:20:45 | Google Offering Up to $1.5 Million for Android 13 Beta Exploits (lien direct) | In an effort to improve the security of its mobile operating system, Google has temporarily increased the bug bounty payouts for vulnerabilities identified in Android 13 beta. | |||
|
2022-05-02 11:18:55 | (Déjà vu) Cybersecurity M&A Roundup: 37 Deals Announced in April 2022 (lien direct) | 
Thirty-seven cybersecurity-related merger and acquisition (M&A) deals were announced in April 2022.
|
|||
|
2022-05-02 10:59:08 | The VC View: The DevSecOps Evolution and Getting "Shift Left" Right (lien direct) | As the world increasingly moves to the cloud and digital-everything, organizations' risk postures have also changed. Embedding security into the business is the new, must-have approach and product security is the most seamless path to make it happen – led by the emergence of the engineering-centric CISO | |||
|
2022-05-02 10:28:19 | Spain: 2021 Spyware Attack Targeted Prime Minister\'s Phone (lien direct) | Spanish officials said Monday that the cellphones of the prime minister and the defense minister were infected last year with Pegasus spyware that is only available to government agencies in an unauthorized operation. | |||
|
2022-05-02 10:05:30 | New \'Bumblebee\' Malware Loader Used by Several Cybercrime Groups (lien direct) | Cybersecurity companies have analyzed “Bumblebee,” a relatively new custom malware downloader that appears to have been used by several cybercrime groups. | Malware | ||
|
2022-05-01 10:17:47 | \'Right to be Forgotten\': Israel Firm Promises to Purge Digital Footprint (lien direct) | Three young Israelis formerly serving in military cyber units have figured out how to locate your digital footprint -- and give you the tools to delete it. | |||
|
2022-04-29 17:07:03 | Fleet Raises $20M for Endpoint Visibility Technology (lien direct) | Fleet, an endpoint visibility technology vendor with open-source roots, has attracted $20 million in new funding at a valuation in the range of $100 million. | |||
|
2022-04-29 15:06:05 | Sabanci Group Acquires Majority Stake in OT Security Firm Radiflow for $45 Million (lien direct) | Turkey-based industrial and financial conglomerate Sabanci Group has signed an agreement to acquire a majority stake in operational technology (OT) cybersecurity company Radiflow for $45 million. | |||
|
2022-04-29 13:57:02 | New OpenSSF Project Hunts for Malicious Packages in Open Source Repositories (lien direct) | The Open Source Security Foundation (OpenSSF) has announced a new project whose goal is to help identify malicious packages in open source repositories. | |||
|
2022-04-29 12:06:05 | Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability (lien direct) | Rapid7 security researchers have identified 2,000 internet-exposed Linux servers that appear to be impacted by a Redis vulnerability that has been exploited in attacks. | Vulnerability | ||
|
2022-04-29 11:15:06 | Synology, QNAP, WD Warn Users About Vulnerabilities Exploited at Hacking Contest (lien direct) | Synology, QNAP and Western Digital (WD) have warned their customers about several critical Netatalk vulnerabilities that have been exploited at a recent hacking contest. | ★★ | ||
|
2022-04-29 10:56:55 | Google Adds Ways to Keep Personal Info Private in Searches (lien direct) | Google has expanded options for keeping personal information private from online searches. The company said Friday it will let people request that more types of content such as personal contact information like phone numbers, email and physical addresses be removed from search results. | |||
|
2022-04-29 10:32:21 | Data Security Firm Veza Emerges From Stealth With $110 Million in Funding (lien direct) | Data security company Veza has emerged from stealth mode after raising more than $110 million in funding. The investment came from venture firms such as Accel, Ballistic Ventures, Bain Capital, Norwest Venture Partners, GV, and True Ventures, as well as from various angel investors. | |||
|
2022-04-28 16:40:59 | Microsoft Warns of \'Nimbuspwn\' Security Flaws Haunting Linux (lien direct) | Vulnerability researchers at Microsoft are documenting the discovery of a pair of Linux privilege escalation flaws that could be chained together to plant dangerous malware or backdoors. | Malware | ||
|
2022-04-28 15:41:05 | 1.2 Million Bad Apps Blocked From Reaching Google Play in 2021 (lien direct) | Google claims that it prevented 1.2 million bad applications from reaching Google Play in 2021, but cybercriminals are still finding ways to deliver malware through the official Android app store. | Malware | ||
|
2022-04-28 15:28:56 | How Linux Became the New Bullseye for Bad Guys (lien direct) | Organizations need to secure, monitor and manage Linux just like any other endpoint in the network | |||
|
2022-04-28 15:25:12 | Synopsys to Acquire White Hat Security in $330M All-Cash Deal (lien direct) | Electronic design automation powerhouse Synopsys is expanding its reach into the cybersecurity business with plans to shell out $330 million to acquire White Hat security. | |||
|
2022-04-28 13:32:36 | Cisco Patches 11 High-Severity Vulnerabilities in Security Products (lien direct) | Cisco this week announced the release of its April 2022 bundle of security advisories for Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC). | Threat | ||
|
2022-04-28 12:53:49 | Critical Vulnerabilities in Azure PostgreSQL Exposed User Databases (lien direct) | Cloud security company Wiz has released the details of a series of critical vulnerabilities that could have been exploited to access databases belonging to Azure customers. | |||
|
2022-04-28 12:44:25 | National Cybersecurity Agencies List Most Exploited Vulnerabilities of 2021 (lien direct) | Cybersecurity agencies in the United States, Canada, United Kingdom, Australia and New Zealand have shared a list of the 15 most exploited vulnerabilities of 2021. | |||
|
2022-04-28 11:53:40 | Cloudflare Customer Targeted in Record HTTPS DDoS Attack (lien direct) | Security and web performance services provider Cloudflare recently mitigated the largest HTTPS distributed denial-of-service (DDoS) attack it has seen to date. |
To see everything:
Our RSS (filtrered)
