What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-24 10:24:16 | F5 to Acquire Threat Stack for $68 Million in Cash (lien direct) | Cloud application and security solutions provider F5 this week announced that it has agreed to acquire threat detection firm Threat Stack for $68 million in cash. Threat Stack provides a platform that monitors cloud, hybrid cloud, multi-cloud, and containerized environments, and can automatically correlate events to identify suspicious activity. | Threat | ||
|
2021-09-21 17:42:50 | Decade-Old Adobe ColdFusion Vulnerabilities Exploited by Ransomware Gang (lien direct) | Two ColdFusion vulnerabilities patched by Adobe more than a decade ago have been exploited by threat actors in a recent attack, according to cybersecurity firm Sophos. | Ransomware Threat | ★★ | |
|
2021-09-20 13:11:59 | Attackers Use Linux Binaries as Loaders for Windows Malware (lien direct) | Using Microsoft's Windows Subsystem for Linux (WSL), attackers have leveraged Linux binaries to load payloads into Windows processes, according to researchers with Black Lotus Labs, the threat intelligence unit of tech company Lumen. | Malware Threat | ||
|
2021-09-20 10:26:33 | Nigerian Threat Actor Targeting Aviation Industry Since 2018 (lien direct) | A threat actor likely operating out of Nigeria has been engaged in various malicious campaigns for the past five years and it has mainly targeted the aviation industry for the last two, Cisco's Talos security researchers reveal. | Threat | ||
|
2021-09-16 13:01:07 | (Déjà vu) How Threat Response is Evolving (lien direct) | As adversaries changed their view of an attack to include vectors across an organization, defenders have had to evolve their approach as well. This is best captured by Mark Harris from Gartner who observed that adversaries have shifted their focus of attacks from infecting files to infecting systems and now to infecting the entire enterprise. Previously, I talked about how this has impacted our approach to threat detection. | Threat | ||
|
2021-09-16 10:51:24 | Links Found Between MSHTML Zero-Day Attacks and Ransomware Operations (lien direct) | Microsoft and threat intelligence company RiskIQ reported finding links between the exploitation of a recently patched Windows zero-day vulnerability and known ransomware operators. | Ransomware Vulnerability Threat | ||
|
2021-09-15 10:53:19 | The Ongoing Reciprocal Relationship Between APTs and Cybercriminals (lien direct) | The two main villains of the cyber security world are the nation state-backed Advance Persistent Threats (APTs) and cybercriminals, with their comprehensive infrastructure and circles known as the dark web. Both threat actors are independent, each with its own goals, actors and methods. However, over the years there has been quite a lot of cross-pollination between the two. | Threat | ||
|
2021-09-13 16:53:46 | Tens of Thousands of Unpatched Fortinet VPNs Hacked via Old Security Flaw (lien direct) | A threat actor has leaked online access credentials for 87,000 Fortinet VPN devices that were apparently compromised using a vulnerability identified and patched two years ago. | Vulnerability Threat | ||
|
2021-09-09 10:43:29 | Is the Taliban a Cyber Threat to the West? (lien direct) | 
|
Threat | ||
|
2021-09-01 10:12:09 | Tackling the Threat Intelligence Problem with Multiple Sources and Robust RFI Services (lien direct) | A prevention-only strategy to combat threats is not sufficient; enterprises must incorporate intelligence from all relevant intelligence domains | Threat | ||
|
2021-08-26 18:13:01 | FIN8 Hackers Add \'Sardonic\' Backdoor to Malware Arsenal (lien direct) | The financially-motivated threat actor tracked as FIN8 has added a potent new backdoor to its arsenal and is already using it in attacks in-the-wild, according to researchers at endpoint security firm Bitdefender. | Malware Threat | ||
|
2021-08-26 11:30:00 | How Threat Detection is Evolving (lien direct) | As adversaries have shifted the focus of attacks to achieve their goals, defenders must evolve their approach to threat detection | Threat | ||
|
2021-08-25 11:04:48 | The VC View: Digital Transformation (lien direct) | After every company goes through digital transformation, their threat model will change in response | Threat | ||
|
2021-08-23 15:07:14 | Realtek SDK Vulnerabilities Exploited in Attacks Days After Disclosure (lien direct) | Researchers noticed that threat actors started exploiting Realtek SDK vulnerabilities shortly after their details were made public. | Threat | ||
|
2021-08-18 18:03:43 | Report: Iranian APT Hexane Targets Israeli Companies (lien direct) | Over the past several months, an Iran-linked threat actor tracked as Hexane has attempted to breach numerous Israeli organizations using supply chain tools, according to a new report from security vendor ClearSky. | Threat | ||
|
2021-08-17 12:01:35 | Millions of IoT Devices Exposed to Attacks Due to Cloud Platform Vulnerability (lien direct) | Researchers at FireEye's threat intelligence and incident response unit Mandiant have identified a critical vulnerability that exposes millions of IoT devices to remote attacks. | Vulnerability Threat | ||
|
2021-08-16 12:20:27 | Understanding and Improving the Burden on Threat Hunters (lien direct) | Despite increased security budgets, threat hunters say they are under-resourced and overstretched | Threat | ||
|
2021-08-11 10:17:09 | A Closer Look at Intel\'s Hardware-Enabled Threat Detection Push (lien direct) | 
|
Threat | ||
|
2021-08-10 10:21:04 | At Least 30,000 Internet-Exposed Exchange Servers Vulnerable to ProxyShell Attacks (lien direct) | Tens of thousands of internet-exposed Microsoft Exchange servers appear to be affected by the ProxyShell vulnerabilities, and they could get compromised at any moment considering that threat actors are already scanning the web for vulnerable devices. | Threat | ||
|
2021-08-05 15:48:35 | Iran-Linked Hackers Expand Arsenal With New Android Backdoor (lien direct) | The Iran-linked hacking group named Charming Kitten has added a new Android backdoor to its arsenal and successfully compromised individuals associated with the Iranian reformist movement, according to security researchers with IBM's X-Force threat intelligence team. | Threat Conference | APT 35 APT 35 | |
|
2021-08-05 10:59:01 | Researchers Analyze Chinese Malware Used Against Russian Government (lien direct) | At least two Chinese cyberespionage groups targeted Russian federal executive authorities in 2020, security researchers with threat hunting and intelligence firm Group-IB reveal. | Malware Threat | ||
|
2021-08-03 04:00:51 | DeadRinger: A Three-Pronged Attack by Chinese Military Actors against Major Telcos (lien direct) | Researchers have discovered three separate Chinese military affiliated advanced threat groups simultaneously targeting and compromising the same Southeast Asian telcos. The attack groups concerned are Soft Cell, Naikon, and a third group, possibly Emissary Panda (also known as APT27). | Threat | APT 30 APT 27 | |
|
2021-07-30 14:07:11 | New Chinese Threat Group \'GhostEmperor\' Targets Governments, Telecom Firms (lien direct) | A previously undocumented Chinese-speaking threat actor is targeting Microsoft Exchange vulnerabilities in an attempt to compromise high-profile victims, Kaspersky reveals. Tracked as GhostEmperor, the long-running operation focuses on targets in Southeast Asia and uses a formerly unknown Windows kernel-mode rootkit. | Threat | ||
|
2021-07-28 15:28:56 | US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack (lien direct) | The U.S. government and its allies are pleading with defenders to pay attention to gaping holes in perimeter-type devices, warning that advanced threat actors are feasting on known security defects in VPN appliances, network product gateways and enterprise cloud applications. | Threat Guideline | ||
|
2021-07-28 11:37:28 | Iranian Spies Maintained Social Media Persona for Years Before Targeting Defense Contractor (lien direct) | An Iranian state-sponsored threat actor tracked as TA456 maintained a social media account for several years before engaging with their intended victim, cybersecurity firm Proofpoint reports. | Threat | ||
|
2021-07-27 12:09:31 | Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S. (lien direct) | A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States. | Tool Vulnerability Threat | ||
|
2021-07-27 10:29:15 | Creating an Effective Threat Hunting Program with Limited Resources (lien direct) | Developing various data sets for threat hunting engagements will further mature your program and help uncover the unknown | Threat | ||
|
2021-07-26 12:26:33 | Leading Threat to Industrial Security is Not What You Think (lien direct) | As attackers become more sophisticated, so do their attacks. This in turn exposes threat vectors that once were thought to be well protected, or at least not interesting enough to attack. Nowhere is this truer than in industrial control systems (ICS) environments. | Threat | ||
|
2021-07-22 14:15:29 | Google Cloud Unveils New SOC, IDS Solutions (lien direct) | Google Cloud this week announced new security offerings for its customers, including Autonomic Security Operations to improve security operations centers (SOCs) and Cloud Intrusion Detection System (IDS) for network-based threat detection. | Threat | ||
|
2021-07-22 12:54:44 | China-Linked APT31 Abuses Hacked Routers in Attacks, France Warns (lien direct) | The French National Agency for the Security of Information Systems (ANSSI) on Wednesday issued an alert to warn organizations that a threat group tracked as APT31 has been abusing compromised routers in its recent attacks. | Threat | APT 31 | |
|
2021-07-21 15:53:54 | DNSFilter Raises $30 Million in Series A Funding (lien direct) | Cybersecurity firm raises $30 Million to support growth of its AI-based DNS threat protection system | Threat | ||
|
2021-07-20 15:55:58 | Rapid7 Acquires Threat Intelligence Firm Intsights for $335 Million (lien direct) | Boston- based cybersecurity firm Rapid7 announced on Tuesday that it has shelled out $335 million to acquire threat intelligence startup Intsights. | Threat | ||
|
2021-07-20 10:47:30 | Mitigating Threats to Encryption From Quantum and Bad Random (lien direct) | 
|
Threat | ||
|
2021-07-19 16:51:49 | Collective Intelligence: Realities and Hardships of Crowdsourced Threat Intel (lien direct) | Enterprise security teams need to move from the consumption of crowdsourced threat intelligence (CTI) to an additional mode of contribution | Threat | ||
|
2021-07-19 14:51:49 | Cisco Discloses Details of Critical Advantech Router Tool Vulnerabilities (lien direct) | Cisco's Talos threat intelligence and research unit has disclosed the details of several critical vulnerabilities affecting a router monitoring application made by Taiwan-based industrial and IoT solutions provider Advantech. The affected tool is R-SeeNet, which is designed to help network administrators monitor their Advantech routers. | Tool Threat | ||
|
2021-07-16 16:27:17 | Cisco Patches High-Risk Flaw in ASA, FTD Software (lien direct) | Cisco on Thursday released patches for a high severity vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software, warning that exploitation could lead to crippling denial-of-service attacks. | Vulnerability Threat Guideline | ||
|
2021-07-16 11:01:27 | UK Spy Agency Releases Annual Threat Report (lien direct) | MI5's Annual Threat Update Parallels U.S. Intelligence Threat Warnings MI5's UK Annual Threat Update 2021 from director general Ken McCallum almost mirrors the threat warnings delivered by U.S. government agencies: ransomware and IP theft in cyber, and extreme right-wing terrorism amplified by online echo chambers. | Ransomware Threat | ||
|
2021-07-14 18:20:32 | Chinese Hackers Target Government Entities in Widespread Campaign (lien direct) | A newly uncovered advanced persistent threat (APT) campaign is targeting a large number of users in South Asia, including government entities, according to a new report from anti-malware vendor Kaspersky. | Threat | ||
|
2021-07-14 10:03:53 | Microsoft Says SolarWinds Serv-U Zero-Day Exploited by Chinese Group (lien direct) | Microsoft said on Tuesday that a recently patched SolarWinds Serv-U zero-day vulnerability has been exploited by a Chinese threat group. | Vulnerability Threat | ||
|
2021-07-14 08:45:49 | CISA Says Multiple Threat Actors Exploiting Windows \'PrintNightmare\' Vulnerability (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday issued Emergency Directive 21-04, which requires all federal agencies to apply the available patches for the recently disclosed Microsoft Print Spooler service vulnerability within one week. | Vulnerability Threat | ||
|
2021-07-13 12:37:09 | Iranian Hackers Impersonate British Scholars in Recent Campaign (lien direct) | In a recent attack campaign, the Iran-linked threat actor tracked as TA453 has been posing as UK scholars with the University of London's School of Oriental and African Studies (SOAS) to engage targets of interest and steal their credentials, security researchers with Proofpoint reveal. | Threat Studies | ||
|
2021-07-13 12:30:00 | Defeating the Organized Cybercrime Ecosystem (lien direct) | The recent attack against users of the Kaseya VSA platform is yet another example of the increasingly organized dynamic of cybercrime. The days of the lone attacker are long gone; these attacks are now big business with significant reconnaissance. Unofficial reports have identified the REvil ransomware threat actors as being behind this supply chain attack. | Ransomware Threat | ||
|
2021-07-12 18:48:04 | Microsoft to Acquire Threat Intelligence Vendor RiskIQ (lien direct) | Microsoft has flexed its muscles in the cybersecurity space, and will drop a reported $500 million in cash to acquire RiskIQ, a late stage startup in the threat intelligence and attack surface management business. | Threat | ||
|
2021-07-09 16:43:18 | Insurer CNA Starts Notifying Customers of Ransomware Attack (lien direct) | Commercial insurer CNA has started notifying customers that threat actors did have access to some personal data during a ransomware attack in March. | Ransomware Threat | ||
|
2021-07-08 14:20:43 | Use of Common Malware in Operation Targeting Energy Sector Makes Attribution Difficult (lien direct) | Researchers at cybersecurity firm Intezer have been monitoring a campaign that appears to be mainly aimed at the energy sector, but attribution to a known threat group is made difficult by the fact that the operation involves several common malware families. | Malware Threat | ||
|
2021-07-02 15:59:37 | Hackers Compromise Mongolian Certificate Authority to Spread Malware (lien direct) | An unknown threat actor has compromised the servers of Mongolian certificate authority (CA) MonPass and abused the organization's website for malware distribution, according to security researchers at Avast. | Malware Threat | ||
|
2021-07-01 11:07:38 | Vulnerability Found in Industrial Remote Access Product From Claroty (lien direct) | The Secure Remote Access (SRA) product of industrial cybersecurity firm Claroty is affected by a vulnerability that could be useful to threat actors targeting industrial organizations. | Vulnerability Threat | ||
|
2021-06-30 16:59:19 | IBM Gifts Threat Hunting Tool to Open Cybersecurity Alliance (lien direct) | IBM Corp. on Wednesday announced that it is contributing the Kestrel open-source programming language for threat hunting to the Open Cybersecurity Alliance (OCA). | Tool Threat | ||
|
2021-06-29 11:05:13 | UN Security Council Confronts Growing Threat of Cyber Attacks (lien direct) | The UN Security Council on Tuesday will hold its first formal public meeting on cybersecurity, addressing the growing threat of hacks to countries' key infrastructure, an issue Joe Biden recently raised with his Russian counterpart Vladimir Putin. | Threat | ||
|
2021-06-28 21:20:34 | Threat Actor Abuses Microsoft\'s WHCP to Sign Malicious Drivers (lien direct) | Microsoft is investigating an incident where a threat actor submitted malicious drivers for certification through the Windows Hardware Compatibility Program. Built by a third-party, the drivers were designed to target gaming environments and could allow the attacker to spoof their location and play from anywhere. | Threat |
To see everything:
Our RSS (filtrered)
