What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-07 22:11:36 | High-Severity Flaw in Argo CD Is Information Leak Risk (lien direct) | A high-severity security vulnerability in Argo CD could allow an attacker to access sensitive information from target applications. | Vulnerability | ||
|
2022-02-07 22:02:01 | UpdateAgent macOS Malware Becoming Stealthier, More Menacing (lien direct) |
Type:
Story
Image:
Link:
UpdateAgent macOS Malware Becoming Stealthier, More Menacing
Microsoft Says "UpdateAgent" Mac Trojan Becoming Fully-Powered Spy Toolkit
|
Malware | ||
|
2022-02-07 22:01:44 | Google Cloud Gets Virtual Machine Threat Detection (lien direct) | Google on Monday announced the public preview of a new tool to help identify threats within virtual machines (VMs) running on its Google Cloud infrastructure. | Tool Threat | ||
|
2022-02-07 20:35:23 | IRS to End Use of Facial Recognition to Identify Taxpayers (lien direct) | The IRS said Monday it will suspend the use of facial recognition technology to authenticate people who create online accounts after the practice was criticized by privacy advocates and lawmakers. | |||
|
2022-02-07 18:40:14 | New Mexico Lawmakers Propose $45M School Cybersecurity Fund (lien direct) | Lawmakers in New Mexico are considering major investments in cybersecurity, following two serious cyberattacks against school districts in the state just last month, and increased vulnerability of information technology in K-12 schools nationally. | Vulnerability | ||
|
2022-02-07 17:46:48 | Microsoft Says Mac Trojan Becoming Stealthier, More Menacing (lien direct) | Malware hunters at Microsoft are calling attention to a nasty macOS malware family that has evolved quickly from a basic information-gathering trojan to a stealthy backdoor with more powerful capabilities. | Malware | ||
|
2022-02-07 16:13:15 | Microsoft Disables MSIX Protocol Due to Abuse by Malware (lien direct) | Microsoft announced on Friday that the ms-appinstaller protocol for MSIX has been disabled temporarily due to the fact that it has been abused by malware. | Malware | ||
|
2022-02-07 14:42:54 | Gaining and Retaining Security Staff in The Age of the Great Resignation (lien direct) | Cybersecurity employers need to adapt their recruitment and retention practices to gain from benefits and minimize detriments | |||
|
2022-02-07 14:11:47 | FBI Publishes IOCs for LockBit 2.0 Ransomware Attacks (lien direct) | The Federal Bureau of Investigation (FBI) on Friday released indicators of compromise (IOCs) associated with the LockBit 2.0 ransomware. LockBit 2.0, which is distributed as a Ransomware-as-a-Service (RaaS), makes detection and mitigation difficult, due to the use of a variety of tactics, techniques, and procedures (TTPs). | Ransomware | ||
|
2022-02-07 13:49:30 | FCC: Telecom Firms Requested $5.6 Billion to Replace Chinese Gear (lien direct) | The U.S. government has allocated $1.9 billion to help small telecom providers replace Chinese equipment in their networks, but the Federal Communications Commission (FCC) says these companies have requested $5.6 billion. | |||
|
2022-02-07 12:41:19 | UN Experts: North Korea Stealing Millions in Cyber Attacks (lien direct) | North Korea is continuing to steal hundreds of millions of dollars from financial institutions and cryptocurrency firms and exchanges, illicit money that is an important source of funding for its nuclear and missile programs, U.N. experts said in a report quoting cyber specialists. | |||
|
2022-02-07 11:55:33 | New Report Alleges Widespread Pegasus Spying by Israel Police (lien direct) | Police used Pegasus spyware to hack phones of dozens of prominent Israelis, including a son of former premier Benjamin Netanyahu, activists and senior government officials, an Israeli newspaper reported Monday. | Hack | ||
|
2022-02-07 11:34:18 | Ransomware Attack on Aviation Services Firm Swissport Leads to Flight Delays (lien direct) | Aviation services company Swissport on Friday said it was targeted in a cyberattack that has caused some disruption to its operations. | |||
|
2022-02-07 11:06:55 | CISA Urges Organizations to Patch Exploited Windows Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has expanded its list of vulnerabilities known to be exploited in malicious attacks with a recently addressed Windows zero-day flaw. | Vulnerability | ||
|
2022-02-06 21:20:51 | Breach of Washington State Database May Expose Personal Information (lien direct) | The Washington State Department of Licensing said the personal information of potentially millions of licensed professionals may have been exposed after it detected suspicious activity on its online licensing system. | |||
|
2022-02-06 00:37:16 | Massachusetts Lawmakers Weighing Online Data Privacy Bill (lien direct) | A bill that would grant Massachusetts residents what supporters describe as fundamental internet privacy rights - including greater control over their personal information - is making its way through the Statehouse. | |||
|
2022-02-04 21:24:15 | Microsoft, Symantec Share Notes on Russian Hacks Hitting Ukraine (lien direct) | Threat hunters at Microsoft and Symantec are sharing notes on a barrage of new cyberespionage attacks from Russia's spy agency hitting organizations in Ukraine. | |||
|
2022-02-04 16:01:08 | Business Services Firm Morley Discloses Data Breach Affecting 500,000 People (lien direct) | Business services company Morley this week announced being targeted in a ransomware attack that may have resulted in the information of more than 500,000 individuals getting stolen. | Ransomware Data Breach | ||
|
2022-02-04 14:55:54 | Media Giant News Corp Targeted in China-Linked Cyberattack (lien direct) | Global multimedia giant News Corp on Friday revealed it fell victim to a targeted cyberattack that appears to have been conducted by a “foreign government.” | |||
|
2022-02-04 12:26:10 | DHS Connects Government, Private Sector in New Cyber Safety Review Board (lien direct) | Long-awaited public-private initiative established to evaluate nation's cybersecurity and improve resilience | |||
|
2022-02-04 11:42:27 | Target Open Sources Web Skimmer Detection Tool (lien direct) | Retail giant Target this week announced the open source availability of an internal tool designed for the detection of web skimming attacks. | Tool | ||
|
2022-02-04 09:35:19 | Chinese Hackers Target Financial Institutions in Taiwan With Custom Backdoor (lien direct) | Between 2020 and 2021, a China-linked advanced persistent threat (APT) actor ran an espionage campaign targeting financial institutions in Taiwan, Symantec reports. Tracked as Antlion, the hacking group is believed to have been active since at least 2011, and is likely backed by the Chinese government. | Threat | ||
|
2022-02-03 22:31:47 | Volexity Warns of \'Active Exploitation\' of Zimbra Zero-Day (lien direct) | Malware hunters at Volexity are raising the alarm for a Chinese threat actor seen exploiting a zero-day flaw in the Zimbra email platform to infect media and government targets in Europe. | Threat | ||
|
2022-02-03 20:07:10 | Bridging the Gap Between Training and Behavior (lien direct) | While employees want to do the right thing when it comes to protecting their organization from cyber threats, we cannot expect them to be perfect | |||
|
2022-02-03 19:56:43 | Intel Patched 226 Vulnerabilities in 2021 (lien direct) | Intel patched 226 vulnerabilities in its products last year, according to data from the 2021 Product Security Report released by the chip giant on Thursday. | |||
|
2022-02-03 14:27:31 | Over $300 Million in Cryptocurrency Stolen in Wormhole Hack (lien direct) | Blockchain bridge Wormhole has confirmed that roughly $320 million worth of cryptocurrency has been stolen following a hack discovered on Wednesday. | Hack | ||
|
2022-02-03 12:50:54 | Ransomware Attack Disrupts Manufacturing at KP Snacks (lien direct) | British snacks producer Kenyon Produce (KP) Snacks has fallen victim to a ransomware attack that caused some disruptions to its manufacturing and distribution operations. The German-owned company says it became aware of the attack on January 28, and that it immediately took the necessary steps to contain the incident. | Ransomware | ||
|
2022-02-03 12:07:21 | Critical Vulnerabilities Found in Sealevel Device Used in ICS Environments (lien direct) | Cisco's Talos security researchers have published details on a series of critical vulnerabilities that Sealevel has addressed in the SeaConnect 370W WiFi-connected edge device. | |||
|
2022-02-03 11:56:41 | Cisco Patches Critical Vulnerabilities in Small Business RV Routers (lien direct) | Cisco this week announced patches for multiple vulnerabilities in its Small Business RV160, RV260, RV340, and RV345 series routers, including critical bugs that could lead to the execution of arbitrary code with root privileges. | Guideline | ||
|
2022-02-03 11:36:53 | European Oil Port Terminals Hit by Cyberattack (lien direct) | Major oil terminals in some of Western Europe's biggest ports have fallen victim to a cyberattack, sources confirmed on Thursday. Belgian prosecutors have launched an investigation into the hacking of oil facilities in the country's ports, including Antwerp, Europe's second biggest port after Rotterdam. | |||
|
2022-02-03 11:09:58 | Ransomware Often Hits Industrial Systems, With Significant Impact: Survey (lien direct) | Ransomware attacks in many cases hit industrial control systems (ICS) or operational technology (OT) environments, and impact is often significant, according to a report published on Thursday by IoT and industrial cybersecurity company Claroty. | |||
|
2022-02-03 09:35:51 | Financially Motivated Hackers Use Leaked Conti Ransomware Techniques in Attacks (lien direct) | A series of financially motivated attacks are employing techniques observed in Conti ransomware playbooks that were leaked online in August 2021, Mandiant reports. | Ransomware | ||
|
2022-02-03 02:58:35 | FBI Confirms It Bought Spyware From Israel\'s NSO Group (lien direct) | The FBI has confirmed purchasing NSO Group's powerful spyware tool Pegasus, whose chronic abuse to surveil journalists, dissidents and human rights activists has long been established. It suggested its motivation was to “stay abreast of emerging technologies and tradecraft.” | Tool | ||
|
2022-02-02 20:03:13 | Purple Teaming Security Management Firm PlexTrac Raises $70 Million (lien direct) | Boise, Idaho-based PlexTrac has raised $70 million in a Series B funding round led by Insight Partners with participation from existing investors Madrona Venture Group, Noro-Moseley Partners and StageDotO Ventures. | |||
|
2022-02-02 16:09:01 | Trend Micro Patches Vulnerabilities in Hybrid Cloud Security Products (lien direct) | Trend Micro recently patched two high-severity vulnerabilities affecting some of its hybrid cloud security products. Details and proof-of-concept (PoC) exploits have been released by the researchers who found the flaws. | ★★ | ||
|
2022-02-02 15:45:48 | 1,300 Malicious Packages Found in Popular npm JavaScript Package Manager (lien direct) | Malicious actors are using the npm registry as the start point for open source software (OSS) supply chain attacks. Open source software offers huge potential for criminals and nation states to deliver widespread supply chain attacks. OSS registries provide a major feeding ground with easy access. | |||
|
2022-02-02 15:00:03 | Tennessee Community College Suffers Ransomware Attack (lien direct) | A Tennessee community college suffered a data security attack that may have resulted in unauthorized access to personal information of former and current students, faculty and staff, officials said. | Ransomware | ||
|
2022-02-02 14:33:19 | Walmart Dissects New \'Sugar\' Ransomware (lien direct) | The cyber threat team at retail giant Walmart has dissected a new ransomware family dubbed Sugar, which is available to cybercriminals as a ransomware-as-a-service (RaaS). | Ransomware Threat | ||
|
2022-02-02 12:57:58 | Passage Emerges From Stealth With Biometric User Authentication Platform (lien direct) | Austin, Texas-based Passage this week announced that it has emerged from stealth mode with $4 million in funding and a public beta version of its biometric user authentication platform for developers. | |||
|
2022-02-02 12:06:33 | (Déjà vu) Cloudflare Launches Public Bug Bounty Program (lien direct) | Web performance and security services provider Cloudflare this week announced that its bug bounty program is now open to all vulnerability hunters on HackerOne. | Vulnerability | ★★★★ | |
|
2022-02-02 11:51:03 | FBI Warns of Potential Cyberattacks Targeting 2022 Winter Olympics (lien direct) | The Federal Bureau of Investigation (FBI) on Tuesday announced the release of a Private Industry Notification (PIN) to warn entities associated with the 2022 Winter Olympics and Paralympic games of potential cyberattacks targeting them. | |||
|
2022-02-02 11:39:18 | Samba Patches Critical Flaws That Earned Researchers Big Rewards (lien direct) | The latest updates for Samba, the widely used interoperability suite that provides file and print sharing capabilities between Windows and Unix computers, patch critical vulnerabilities that earned researchers tens of thousands of dollars at a recent hacking contest. | |||
|
2022-02-02 11:03:14 | ESET Patches High-Severity Vulnerability in Windows Applications (lien direct) | Antivirus firm ESET on Monday announced patches for a local privilege escalation vulnerability impacting its Windows clients. Tracked as CVE-2021-37852 and reported to ESET by the Zero Day Initiative (ZDI), the vulnerability is considered “high severity,” as it could allow an attacker to misuse the AMSI scanning feature. | Vulnerability | ||
|
2022-02-02 09:50:47 | (Déjà vu) Google Patches 27 Vulnerabilities With Release of Chrome 98 (lien direct) | Google on Tuesday announced the release of Chrome 98 in the stable channel with a total of 27 security fixes inside, including 19 for vulnerabilities reported by external researchers. The most severe of these security defects could be exploited to execute arbitrary code with the same privileges as the Chrome browser has on the target system. | |||
|
2022-02-02 03:45:55 | Forescout Acquires Healthcare Cybersecurity Firm CyberMDX (lien direct) | Device security firm Forescout Technologies announced on Tuesday that is has acquired healthcare cybersecurity firm CyberMDX, which provides solutions to protect medical devices and clinical networks. | |||
|
2022-02-02 02:29:50 | RIPTA Data Breach Affected About 22,000 People (lien direct) | A data breach at the state agency that operates Rhode Island's public bus service compromised the personal information of about 22,000 people, agency officials said at a legislative hearing. | Data Breach | ||
|
2022-02-01 21:26:53 | Newly Detected "StrifeWater" RAT Linked to Iranian APT (lien direct) | The Iranian threat group known as Moses Staff was first spotted in October 2021. It claims its purpose is to harm Israeli companies by leaking sensitive stolen data, but it has also been seen targeting a variety of industries in countries such as Italy, India, Germany, Chile, Turkey, UAE and the U.S. | Threat | ||
|
2022-02-01 19:46:41 | Think Big, Start Small, Move Fast: Applying Lessons From The Mayo Clinic to Cybersecurity (lien direct) | I have previously written about how much the Mayo Clinic impacted my life through my experience and time there. In that article I discussed their approach to multi-disciplinary patient triaging and how looking at patients as a whole, rather than a system of discrete systems, helps them to make the right decisions. | |||
|
2022-02-01 19:04:31 | Israeli Police: Possible Improper Surveillance by Our Own (lien direct) | Israel's national police force on Tuesday said it had found evidence pointing to improper use of sophisticated spyware by its own investigators to snoop on Israeli citizens' phones. | |||
|
2022-02-01 18:29:29 | OpenSSF Alpha-Omega Project Tackles Supply Chain Security (lien direct) | Microsoft and Google are throwing their weight behind a new Linux Foundation OpenSSF initiative to address major security gaps in the open-source software ecosystem. |
To see everything:
Our RSS (filtrered)
