What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-06 17:17:48 | Zoho Confirms New Zero-Day, Ships Exploit Detector (lien direct) | The security problems at enterprise software provider Zoho continue to multiply with confirmation of a new critical authentication bypass vulnerability -- the third in four months -- being exploited in the wild by advanced threat actors. | Vulnerability Threat | ||
|
2021-12-03 11:11:06 | Facebook Expands Advanced Security Program to More Countries (lien direct) | Facebook on Thursday announced that it is on track to make its Facebook Protect security program available globally. The program is meant to help individuals at risk of being targeted by threat actors, including government officials, human rights defenders, and journalists, to better secure their accounts and prevent potential compromise. | Threat | ||
|
2021-12-01 16:14:02 | Prediction Season: What\'s in Store for Cybersecurity in 2022? (lien direct) | The past year has been quite challenging and tiring for many IT and security professionals, as threat actors capitalized on the rapidly changing environment created by accelerated digitalization and cloud transformation in response to the COVID-19 pandemic. | Threat | ||
|
2021-12-01 15:31:29 | Critical Vulnerability Found in More Than 150 HP Printer Models (lien direct) | Multiple Vulnerabilities Found in More Than 150 HP Printer Models; Critical Flaw Could Allow Attackers to Move Laterally Vulnerabilities in more than 150 multi-function printers from HP demonstrate that any type of device that connects to a network can expand the perceived threat surface. | Vulnerability Threat | ||
|
2021-12-01 11:50:49 | Yanluowang Ransomware Targeting U.S. Financial Corporations (lien direct) | Security researchers with Symantec believe that the Yanluowang ransomware is operated by a threat actor that was previously affiliated to the FiveHands group. | Ransomware Threat | ||
|
2021-12-01 11:30:59 | \'WIRTE\' Attacks Targeting Middle Eastern Governments Linked to Hamas Cyberspies (lien direct) | Over the past couple of years, a threat actor tracked as WIRTE has continued its assaults on entities in the Middle East using “living off the land” techniques, Kaspersky reports. | Threat | ||
|
2021-11-30 12:24:19 | North Korean Hackers Use New \'Chinotto\' Malware to Target Windows, Android Devices (lien direct) | Kaspersky has analyzed a new espionage campaign conducted by the threat actor named ScarCruft, and the security firm's researchers have uncovered a previously unknown malware that has been used to target Windows and Android devices. | Malware Threat Cloud | APT 37 | |
|
2021-11-30 11:54:54 | MI6 Spy Chief Says China, Russia, Iran Top UK Threat List (lien direct) | UK spies seek help from tech firms against cyber threats | Threat | ||
|
2021-11-22 13:02:19 | Utah Medical Group Discloses Data Breach Affecting Over 580,000 Patients (lien direct) | Farmington, Utah-based radiology medical center Utah Imaging Associates has started informing former and current patients that their information might have been compromised in a data breach. As part of the incident, which was identified on September 4, 2021, unknown threat actors accessed files that contained sensitive personal information related to patients. | Data Breach Threat | ||
|
2021-11-22 12:32:00 | Serious Vulnerabilities Found in Wi-Fi Module Designed for Critical Industrial Applications (lien direct) | More than 20 vulnerabilities have been identified by Cisco's Talos research and threat intelligence unit in a Lantronix Wi-Fi module designed for critical industrial and commercial applications. | Threat | ||
|
2021-11-19 11:10:33 | North Korean Hacker Group Intensifies Espionage Campaigns (lien direct) | A North Korea-linked threat actor tracked as TA406 has intensified its attacks in 2021, particularly credential harvesting campaigns, Proofpoint reports. | Threat | ||
|
2021-11-18 18:54:25 | Supply Chain Security Fears Escalate as Iranian APTs Caught Hitting IT Services Sector (lien direct) | Fears of software supply chain attacks escalated again this week with a new warning from Microsoft that it has caught Iranian threat actors breaking into IT services shops in India and Israel and using that access to hit the real targets. | Threat | ||
|
2021-11-18 16:23:14 | Acronyms Aside, the SOC of the Future Needs These 3 Capabilities (lien direct) | Every discipline has its acronyms, but I'd venture to say cybersecurity has more than its share. We use them to describe threat actors and how they operate, as well as different security teams, their certifications and the tools they use. There's nothing wrong with acronyms, but when they are used to describe emerging solutions, an interesting phenomenon occurs…that new acronym becomes the next silver bullet technology that will solve all our security problems. | Threat | ||
|
2021-11-17 15:55:00 | U.S., U.K. and Australia Warn of Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws (lien direct) | Iranian Threat Actors Target U.S. Critical Infrastructure, Australian Organizations | Threat | ||
|
2021-11-16 20:33:56 | Mandiant Attributes Ghostwriter APT Attacks to Belarus (lien direct) | The Belarusian government is at least partially responsible for the Ghostwriter disinformation campaign, according to security researchers at the Mandiant Threat Intelligence team. | Threat | ||
|
2021-11-16 15:55:13 | Threat Hunting Firm Team Cymru Acquires Attack Surface Management Firm Amplicy (lien direct) | External threat hunting firm Team Cymru has acquired threat surface management firm Amplicy. | Threat | ||
|
2021-11-15 12:47:22 | IoT Protocol Used by NASA, Siemens and Volkswagen Can Be Exploited by Hackers (lien direct) | Researchers Warn DDS Protocol Can Be Abused for Lateral Movement and Malware C&C Researchers have shown that a widely used protocol named Data Distribution Service (DDS) is affected by vulnerabilities that could be exploited by threat actors for various purposes. | Malware Threat | ||
|
2021-11-10 12:06:35 | The Rising Threat Stemming From Identity Sprawl (lien direct) | Identity sprawl in the age of remote working and business transformation is a threat to cybersecurity | Threat | ||
|
2021-11-08 17:27:54 | US Government Contractor EWA Discloses Data-Theft Breach (lien direct) | U.S. government defense contractor Electronic Warfare Associates (EWA) has started sending out notifications to warn of a data breach that resulted in the theft of Personally Identifiable Information (PII). In early August 2021, the company said a threat actor was able to compromise the EWA email system following a successful phishing attack. | Data Breach Threat | ||
|
2021-11-04 14:55:50 | Ukraine Names Russian FSB Officers Involved in Gamaredon Cyberattacks (lien direct) | Ukraine's security service, the SBU, on Thursday revealed the identities of five individuals allegedly involved in cyberattacks attributed to a Russia-linked threat group named Gamaredon. | Threat | ||
|
2021-11-02 16:05:05 | IBM Security to Acquire ReaQta for xDR Push (lien direct) | IBM Security on Tuesday announced plans to acquire ReaQta, an early-stage European startup in the red-hot autonomous threat detection and response business. Financial terms of the transaction were not released. ReaQta, based in the Netherlands, raised an undisclosed Series A funding round earlier this year. | Threat | ||
|
2021-11-02 12:51:34 | Security Pros Know What They Need to Do, But Constrained by Lack of Resources (lien direct) | A new survey report describes security teams as trapped by a lack of resources into continuing what they have been doing (which, from empirical evidence, clearly is not working) rather than migrating their efforts to what they believe they should be doing (risk analysis and threat modeling). | Threat | ||
|
2021-10-28 12:25:51 | Cisco Patches High-Severity DoS Vulnerabilities in ASA, FTD Software (lien direct) | Cisco this week announced the release of a new set of security patches to address multiple vulnerabilities affecting Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC) software. | Threat | ||
|
2021-10-26 12:28:47 | BillQuick Billing Software Exploited to Hack U.S. Engineering Company (lien direct) | Hackers abused the BillQuick Web Suite billing software to compromise the network of an engineering company in the United States and deploy ransomware, threat detection firm Huntress reports. | Hack Threat | ||
|
2021-10-25 14:54:45 | Changing Approaches to Preventing Ransomware Attacks (lien direct) | Conducting scaled and cost-effective attack surface and digital threat monitoring gives organizations of all sizes the best chance of identifying and defeating their adversaries | Ransomware Threat | ||
|
2021-10-22 08:51:49 | Cookie Theft Malware Used to Hijack YouTube Accounts (lien direct) | Google says it has disrupted phishing attacks in which threat actors were attempting to use cookie theft malware to hijack YouTube accounts and abuse them to promote cryptocurrency scams. | Malware Threat | ||
|
2021-10-19 21:42:01 | U.S. Government Issues Urgent Warning on BlackMatter Ransomware (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) this week published a joint advisory to warn organizations of an increased threat posed by the BlackMatter ransomware gang. | Ransomware Threat | ||
|
2021-10-19 21:31:23 | Nation-State APT Targets Afghans With New Toolset (lien direct) | A previously unseen threat actor, likely a nation-state, is targeting various entities in South Asia, with a focus on Afghanistan, according to a warning from anti-malware vendor Symantec. | Threat | ||
|
2021-10-15 13:22:31 | Russia-Linked TA505 Back at Targeting Financial Institutions (lien direct) | Russia-linked threat actor TA505 has been observed using a lightweight Office file for malware distribution in a new campaign targeting financial institutions in multiple geographies. The attacks target organizations across multiple sectors in Canada, the United States, Hong Kong, Europe, and more, and have seen low detection rates in Google's VirusTotal scanning engine. | Malware Threat | ||
|
2021-10-15 12:47:22 | Nations Vow to Combat Ransomware at US-Led Summit (lien direct) | Over two dozen nations resolved Thursday to battle collectively against the global and escalating threat posed by cyber-extortionists, following a Washington-led anti-ransomware summit. | Ransomware Threat | ||
|
2021-10-13 13:43:00 | Extortionist Hacker Group SnapMC Breaches Networks in Under 30 Minutes (lien direct) | Over the past few months, a threat actor has been increasingly breaching enterprise networks to steal data and extort victims, but without disrupting their operations, researchers with the NCC Group reveal. | Threat | ||
|
2021-10-13 12:20:12 | Apple Points to Android Malware Infections in Argument Against Sideloading on iOS (lien direct) | Apple Threat Analysis Report Highlights Risks Posed by Sideloading on iOS Apple on Wednesday published a 30-page threat analysis report in an effort to show why allowing sideloading on iOS would pose serious privacy and security risks to iPhone users. | Malware Threat | ||
|
2021-10-12 15:08:23 | Cybereason Partners With Google Chronicle on XDR Product (lien direct) | Extended Detection and Response (XDR) is touted as the security solution for the increasingly complex modern IT ecosphere. The principle is to extend EDR threat hunting beyond the endpoint and across the entire infrastructure. Cybereason has announced a partnership with Google Chronicle – the latter to provide ecosphere data, and the former to provide the threat hunting capability. | Threat | ||
|
2021-10-11 17:04:04 | Microsoft Exposes Iran-linked APT Targeting U.S., Israeli Defense Tech Sectors (lien direct) | Threat hunters at Microsoft are raising the alarm about a new Iran-linked threat actor caught using password-spraying techniques to break into defense technology companies in the United States, Israel and parts of the Middle East. | Threat | ||
|
2021-10-07 14:55:55 | Iran-linked MalKamak Hackers Targeting Aerospace, Telcos With ShellClient RAT (lien direct) | Operation GhostShell Believed to be Linked to Iranian Threat Actor | Threat | ||
|
2021-10-06 11:04:46 | What\'s in a Threat Group Name? An Inside Look at the Intricacies of Nation-State Attribution (lien direct) | Understanding the naming conventions of various threat groups can help us better understand the overall threat landscape | Threat | ||
|
2021-10-05 10:00:07 | NSA\'s Rob Joyce Explains \'Sand and Friction\' Security Strategy (lien direct) | News Analysis: The newly minted director of cybersecurity at NSA offers a candid assessment of the nation-state threat landscape and argues that adding “sand and friction” to adversary operations is a winning strategy. | Threat | ||
|
2021-09-30 13:25:16 | New CISA Tool Helps Organizations Assess Insider Threat Risks (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week released a tool to help organizations assess their insider threat risk posture. | Tool Threat | ||
|
2021-09-29 13:39:51 | COVID-19\'s Healthcare Feeding Frenzy for Cybercriminals (lien direct) | The COVID-19 pandemic has enlarged the threat landscape for all industry sectors; but none more so than healthcare. The primary areas of concern include insecure working from home, and stress related lax behavior at the office. | Threat | ||
|
2021-09-28 17:28:54 | Microsoft Details FoggyWeb Backdoor Used by SolarWinds Hackers (lien direct) | Microsoft on Monday published a blog post detailing a piece of malware used by the threat actor behind the SolarWinds attack to exfiltrate data from compromised servers. | Malware Threat | ||
|
2021-09-27 13:53:24 | UK-Based Threat Detection Firm SenseOn Raises $20 Million (lien direct) | SenseOn, a UK-based threat detection company, today announced that it has raised $20 million in Series A funding to scale its AI-based cybersecurity platform business. | Threat | ||
|
2021-09-27 08:38:40 | Threat Actor Targets Indian Government With Commercial RATs (lien direct) | A threat actor is employing commercial remote access Trojans (RATs) in a series of malicious attacks targeting Indian government and military personnel, Cisco's Talos security researchers warn. | Threat | ||
|
2021-09-24 14:44:43 | Google Says Threat Actors Using New Code Signing Tricks to Evade Detection (lien direct) | Financially motivated threat actors have started using new code signing tricks to increase the chances of their software evading detection on Windows systems, Google's Threat Analysis Group reported on Thursday. | Threat | ||
|
2021-09-24 10:24:16 | F5 to Acquire Threat Stack for $68 Million in Cash (lien direct) | Cloud application and security solutions provider F5 this week announced that it has agreed to acquire threat detection firm Threat Stack for $68 million in cash. Threat Stack provides a platform that monitors cloud, hybrid cloud, multi-cloud, and containerized environments, and can automatically correlate events to identify suspicious activity. | Threat | ||
|
2021-09-21 17:42:50 | Decade-Old Adobe ColdFusion Vulnerabilities Exploited by Ransomware Gang (lien direct) | Two ColdFusion vulnerabilities patched by Adobe more than a decade ago have been exploited by threat actors in a recent attack, according to cybersecurity firm Sophos. | Ransomware Threat | ★★ | |
|
2021-09-20 13:11:59 | Attackers Use Linux Binaries as Loaders for Windows Malware (lien direct) | Using Microsoft's Windows Subsystem for Linux (WSL), attackers have leveraged Linux binaries to load payloads into Windows processes, according to researchers with Black Lotus Labs, the threat intelligence unit of tech company Lumen. | Malware Threat | ||
|
2021-09-20 10:26:33 | Nigerian Threat Actor Targeting Aviation Industry Since 2018 (lien direct) | A threat actor likely operating out of Nigeria has been engaged in various malicious campaigns for the past five years and it has mainly targeted the aviation industry for the last two, Cisco's Talos security researchers reveal. | Threat | ||
|
2021-09-16 13:01:07 | (Déjà vu) How Threat Response is Evolving (lien direct) | As adversaries changed their view of an attack to include vectors across an organization, defenders have had to evolve their approach as well. This is best captured by Mark Harris from Gartner who observed that adversaries have shifted their focus of attacks from infecting files to infecting systems and now to infecting the entire enterprise. Previously, I talked about how this has impacted our approach to threat detection. | Threat | ||
|
2021-09-16 10:51:24 | Links Found Between MSHTML Zero-Day Attacks and Ransomware Operations (lien direct) | Microsoft and threat intelligence company RiskIQ reported finding links between the exploitation of a recently patched Windows zero-day vulnerability and known ransomware operators. | Ransomware Vulnerability Threat | ||
|
2021-09-15 10:53:19 | The Ongoing Reciprocal Relationship Between APTs and Cybercriminals (lien direct) | The two main villains of the cyber security world are the nation state-backed Advance Persistent Threats (APTs) and cybercriminals, with their comprehensive infrastructure and circles known as the dark web. Both threat actors are independent, each with its own goals, actors and methods. However, over the years there has been quite a lot of cross-pollination between the two. | Threat |
To see everything:
Our RSS (filtrered)
