What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-13 11:09:48 | Cybercriminals, State-Sponsored Threat Actors Exploiting Confluence Server Vulnerability (lien direct) | A recently patched Confluence Server vulnerability is being exploited by multiple cybercrime and state-sponsored threat groups, according to Microsoft. | Vulnerability Threat | ||
|
2022-06-10 13:46:32 | 38 Tech Leaders Sign Cyber Resilience Pledge (lien direct) | The Coalition to Reduce Cyber Risk (CR2) announced this week that it has been joined by 37 organizations across eight countries in signing a pledge to improve cyber resilience and combat threats such as ransomware. | Threat | ★★★★★ | |
|
2022-06-09 13:00:28 | US Details Chinese Attacks Against Telecoms Providers (lien direct) | Several US government agencies have issued a joint cybersecurity advisory to provide information on the techniques and tactics that China-linked threat actors have been using to compromise telecom companies and network services providers. | Threat | ||
|
2022-06-08 16:28:56 | Snowflake Launches Cybersecurity Workload to Find Threats Across Massive Data Sets (lien direct) | Data cloud company Snowflake (NYSE: SNOW) is the latest enterprise technology firm looking to help fuel the massive data lakes that power enterprise security programs. | Threat | ||
|
2022-06-03 12:17:57 | Lebanese Threat Actor \'Polonium\' Targets Israeli Organizations (lien direct) | Microsoft says it has uncovered and disabled the OneDrive infrastructure of a Lebanon-based threat actor targeting organizations in Israel. | Threat | ||
|
2022-06-03 10:00:06 | Atlassian Confluence Servers Hacked via Zero-Day Vulnerability (lien direct) | Atlassian scrambling to patch Confluence Server zero-day exploited by multiple threat groups Atlassian customers have been warned that hackers are exploiting a Confluence Server zero-day vulnerability. The flaw is currently unpatched and it appears to have been exploited by multiple threat groups. | Vulnerability Threat | ||
|
2022-06-01 15:32:22 | ReliaQuest to Buy Digital Shadows for $160 Million (lien direct) | Fresh off a $300 million funding round and a billion-dollar valuation, security operations vendor ReliaQuest on Wednesday announced plans to acquire threat intelligence startup Digital Shadows in a deal valued at $160 million. | Threat | ||
|
2022-06-01 10:21:24 | Chinese Threat Actors Exploiting \'Follina\' Vulnerability (lien direct) | The Windows zero-day vulnerability identified as Follina and CVE-2022-30190 is being exploited in an increasing number of attacks, including by a Chinese APT group. | Vulnerability Threat | ||
|
2022-05-27 11:16:54 | FBI: Higher Education Credentials Sold on Cybercrime Forums (lien direct) | The FBI issued an alert on Thursday to inform the higher education sector about the exposure of credentials that can allow threat actors to access user accounts or an organization's network. According to the FBI, cybercriminals have been selling usernames and passwords on various public and dark web forums. | Threat | ||
|
2022-05-26 11:09:44 | Critical Vulnerabilities Found in Open Automation Software Platform (lien direct) | Cisco's Talos research and threat intelligence unit revealed on Wednesday that one of its employees discovered several critical and high-severity vulnerabilities in the Open Automation Software Platform. | Threat | ||
|
2022-05-25 10:05:50 | Trend Micro Patches Vulnerability Exploited by Chinese Cyberspies (lien direct) | Cybersecurity company Trend Micro has updated one of its products to patch a vulnerability that has been exploited by a threat actor linked to China. | Vulnerability Threat | ||
|
2022-05-24 18:13:54 | Video: Fireside Chat With Shane Huntley, Director at Google\'s Threat Analysis Group (lien direct) | Threat | |||
|
2022-05-24 10:41:48 | Cybersecurity Community Warned of Fake PoC Exploits Delivering Malware (lien direct) | Researchers have spotted fake proof-of-concept (PoC) exploits that appear to have been created by threat actors in an effort to deliver malware to members of the cybersecurity community. | Malware Threat | ||
|
2022-05-18 15:06:01 | Now Live: SecurityWeek Threat Intelligence Summit Virtual Event (lien direct) | 
|
Threat | ||
|
2022-05-18 13:27:26 | The Vulnerable Maritime Supply Chain - a Threat to the Global Economy (lien direct) | 
|
Threat | ||
|
2022-05-18 12:39:28 | National Cybersecurity Agencies Describe Commonly Used Initial Access Techniques (lien direct) | Cybersecurity agencies in the United States, the United Kingdom, Canada, the Netherlands, and New Zealand warn that threat actors exploit poor security practices for initial access to victim environments. | Threat | ||
|
2022-05-17 13:07:48 | SecurityWeek to Host Threat Intelligence Summit Virtual Event on May 18th (lien direct) |
|
Threat | ||
|
2022-05-13 11:22:38 | \'IceApple\' Post-Exploitation Framework Created for Long-Running Operations (lien direct) | CrowdStrike has detailed a new post-exploitation framework that could be the work of a state-sponsored threat actor, one likely linked to China. | Threat | ||
|
2022-05-12 13:18:29 | Iranian Cyberspy Group Launching Ransomware Attacks Against US (lien direct) | Over the past several months, Iran-linked cyberespionage group Charming Kitten has been engaging in financially-motivated activities, the Secureworks Counter Threat Unit (CTU) reports. | Ransomware Threat Conference | APT 35 APT 35 | ★★★ |
|
2022-05-11 10:49:16 | Critical Vulnerability Exploited to \'Destroy\' BIG-IP Appliances (lien direct) | The recently patched F5 BIG-IP vulnerability tracked as CVE-2022-1388 is being increasingly exploited by threat actors, including to “destroy” affected appliances. | Vulnerability Threat | ★★★ | |
|
2022-05-10 10:05:31 | 7 Steps to Start Reducing Risk to Your Critical Infrastructure Quickly (lien direct) | In my previous column, I wrote about the steady drumbeat of alerts, news reports, and actual attacks demonstrating that critical infrastructure has been in the crosshairs of nation-state threat actors and cyber criminals for years. Now, evolving intelligence indicates attacks on critical infrastructure networks are taking center stage in the theater of war. | Threat | ★★ | |
|
2022-05-04 19:16:02 | Google Sees More APTs Using Ukraine War-Related Themes (lien direct) | Researchers at Google's Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyberattacks went up in April with a surge in malware attacks targeting critical infrastructure. | Malware Threat | ||
|
2022-05-03 16:48:52 | German Finance Watchdog Sees \'Very Big\' Risk of Cyberattacks (lien direct) | Germany's financial regulator BaFin warned Tuesday of the "very big" risk of cyberattacks targeting the financial sector, a threat it said had become "more likely" since Russia's war on Ukraine. | Threat | ||
|
2022-05-03 12:44:42 | Deepfakes Are a Growing Threat to Cybersecurity and Society: Europol (lien direct) | Deepfakes, left unchecked, are set to become the cybercriminals' next big weapon | Threat | ||
|
2022-04-28 13:32:36 | Cisco Patches 11 High-Severity Vulnerabilities in Security Products (lien direct) | Cisco this week announced the release of its April 2022 bundle of security advisories for Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD), and Firepower Management Center (FMC). | Threat | ||
|
2022-04-27 10:00:15 | Achieving Sustainable Cybersecurity Through Proper Care and Feeding (lien direct) | Climate change is probably the greatest threat our planet faces today, but this challenge also presents an opportunity to do the right thing. It's time to step back and look at the role of the IT industry in developing, deploying, maintaining, growing and eventually, sustainably retiring technology and solutions. | Threat | ||
|
2022-04-26 13:47:41 | 4-Hour Time-to-Ransom Seen in Quantum Attack as Accelerated Ransomware Increasingly Common (lien direct) | As part of a recent cyberattack, threat actors deployed ransomware less than four hours after compromising the victim's environment, according to researchers with The DFIR Report. | Ransomware Threat | ||
|
2022-04-22 14:45:38 | When Attacks Surge, Turn to Data to Strengthen Detection and Response (lien direct) | News of cyber criminals and nation-state actors capitalizing on events, planned or unplanned, for financial gain or to wreak havoc have dominated the headlines over the past few years. From COVID to elections to devastating weather events, and now the tragic conflict in Ukraine. We've seen threat actors launch ransomware, supply chain attacks and other sophisticated tactics to compromise organizations and the services they deliver. But the human spirit is strong. | Threat | ||
|
2022-04-22 13:34:23 | Motorola Launches Cyber Threat Information Sharing Hub for Public Safety (lien direct) | Motorola Solutions announced this week the creation of the Public Safety Threat Alliance, a cyber threat intelligence sharing hub for the public safety community. | Threat | ||
|
2022-04-19 15:05:28 | Economic Warfare: Attacks on Critical Infrastructure Part of Geopolitical Conflict (lien direct) | We've known for years that since at least March of 2016, Russian government threat actors have been targeting multiple U.S. critical infrastructure sectors including the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors. | Threat | ||
|
2022-04-13 08:44:47 | Silverfort Banks $65 Million for Identity Threat Protection Platform (lien direct) | Identity security firm Silverfort on Tuesday announced closing a $65 million Series C funding round that brings the total raised by the company to just over $100 million. | Threat | ||
|
2022-04-12 10:45:14 | CISA Tells Orgs to Patch WatchGuard Flaw Exploited for Months Before Disclosure (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to patch a WatchGuard firewall vulnerability exploited in attacks linked to a Russian state-sponsored threat actor. While the US government has known about the exploitation of this flaw for several months, federal agencies are apparently only now being told to patch it. | Vulnerability Threat | ||
|
2022-04-08 11:05:47 | Microsoft Disrupts Infrastructure Used by Russia\'s Hackers in Ukraine Attacks (lien direct) | Microsoft on Thursday said it has attempted to disrupt cyberattacks launched by the Russian government against Ukraine by seizing some of the domains leveraged by a notorious state-sponsored threat group. | Threat | ||
|
2022-04-07 15:22:42 | Healthcare and the Other CIA (lien direct) | For IT professionals, the acronym “CIA” refers to the Confidentiality, Integrity and Availability of information, not the Central Intelligence Agency. However, given the current threat level to data security, IT teams may wish they could get a little help from people with intelligence community tradecraft experience. | Threat | ||
|
2022-04-06 10:57:37 | Europe Warned About Cyber Threat to Industrial Infrastructure (lien direct) | Malicious cyber actors pose a serious threat to Europe's industrial infrastructure, with at least ten hacker groups known to target European organizations, according to a new report from industrial cybersecurity firm Dragos. | Threat | ★★★ | |
|
2022-03-31 12:31:50 | The Importance of Open Source to an XDR Architecture (lien direct) | No longer satisfied with infecting files or systems, adversaries are now intent on crippling entire enterprises. Damaging supply chain, ransomware and wiper attacks are making headline news, impacting not only the organization but their stakeholders too. As threat actors' approaches and targets change, our approach to detection and response is changing as well. | Ransomware Threat | ||
|
2022-03-31 10:38:54 | Spring4Shell: Spring Flaws Lead to Confusion, Concerns of New Log4Shell-Like Threat (lien direct) | 
The disclosure of several vulnerabilities affecting the widely used Spring Java framework has led to confusion and concerns that organizations may need to deal with a flaw similar to the notorious Log4Shell.
|
Threat | ||
|
2022-03-28 16:52:22 | Checkmarx Finds Threat Actor \'Fully Automating\' NPM Supply Chain Attacks (lien direct) | Threat hunters at Checkmarx on Monday raised an alarm after discovering a threat actor fully automating the creation and delivery of "hundreds of malicious packages" into the NPM ecosystem. | Threat | ||
|
2022-03-25 15:38:53 | Chinese Hackers Seen Targeting Ukraine Post-Invasion (lien direct) | A known threat actor has launched what appears to be the first Chinese hacking attempts targeting Ukraine digital assets since the Russian invasion a month ago. | Threat | ||
|
2022-03-25 11:27:39 | How European Rulings Imperil Flagship Google Product (lien direct) | Lax laws and sweetheart deals are becoming a thing of the past for big tech firms, particularly in Europe where a series of rulings is posing a major threat to one of Google's flagship products. More than half of the world's websites use Google Analytics to help their owners understand the behavior of users. | Threat | ||
|
2022-03-24 11:08:21 | Achieving Positive Outcomes With Multi-Domain Cyber and Open Source Intelligence (lien direct) | The Many Faces of Threat Intelligence: Part 2 | Threat | ||
|
2022-03-23 18:28:38 | Ransomware, Malware-as-a-Service Dominate Threat Landscape (lien direct) | Ransomware continues to expand with double-extortion now the standard; the malware-as-a-service model is now common; and criminals are increasingly 'living off the land', according to data from Red Canary. | Threat | ||
|
2022-03-23 14:26:08 | Chinese Cyberspies Seen Using macOS Variant of \'Gimmick\' Malware (lien direct) | In late 2021, incident response and threat intelligence firm Volexity observed a Chinese threat actor using a macOS variant of the malware known as Gimmick. | Malware Threat | ||
|
2022-03-22 09:43:26 | Hotels in Macau Targeted in Attacks Linked to South Korea\'s DarkHotel APT (lien direct) | The South Korea-linked state-sponsored threat actor DarkHotel is believed to have conducted a series of recent attacks targeting major hotel chains in Macau, according to Trellix, an XDR company launched earlier this year following the merger of McAfee Enterprise and FireEye. | Threat | ||
|
2022-03-16 12:21:51 | US Warns About Russian Attacks Exploiting MFA Protocols, PrintNightmare Flaw (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI on Tuesday warned organizations that Russian state-sponsored threat actors have gained access to networks and systems by exploiting default multi-factor authentication (MFA) protocols and a Windows vulnerability known as PrintNightmare. | Vulnerability Threat | ||
|
2022-03-15 11:38:33 | CaddyWiper: Another Destructive Wiper Malware Targeting Ukraine (lien direct) | ESET's security researchers have identified another data wiper targeting Ukrainian organizations, the third destructive malware identified since Russia began its invasion of the country. Dubbed CaddyWiper, the threat does not show significant code similarities with known malware families, and has been used only against a small number of organizations. | Malware Threat | ★★★★ | |
|
2022-03-10 15:29:01 | From Cyber Threats to Cyber Talent, Insights From the Front Lines (lien direct) | A conversation with Callie Guenther, cyber threat intelligence (CTI) manager at Critical Start | Threat | ||
|
2022-03-08 15:01:20 | U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool (lien direct) | A threat group believed to be sponsored by the Chinese government has breached the networks of U.S. state governments, including through the exploitation of a zero-day vulnerability. | Tool Threat | ||
|
2022-03-07 15:31:59 | Russia-Ukraine: Threat of Local Cyber Operations Escalating Into Global Cyberwar (lien direct) | 
|
Threat | ||
|
2022-03-03 13:22:20 | CardinalOps Raises $17.5 Million for Threat Coverage Optimization Platform (lien direct) | CardinalOps, which describes itself as a threat coverage optimization company, on Thursday announced raising $17.5 million in a Series A funding round that brings the total raised by the firm to $24 million. The investment, led by Viola Ventures, will be used by the Israel-based company to improve its product and for go-to-market activities. | Threat |
To see everything:
Our RSS (filtrered)
