What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-01-24 19:38:35 | Cisco: Critical Meeting Management Bug Requires Urgent Patch (lien direct) | The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited.
The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited. |
Threat | ★★ | |
|
2025-01-24 19:14:06 | 3 Use Cases for Third-Party API Security (lien direct) | Third-party API security requires a tailored approach for different scenarios. Learn how to adapt your security strategy to outbound data flows, inbound traffic, and SaaS-to-SaaS interconnections.
Third-party API security requires a tailored approach for different scenarios. Learn how to adapt your security strategy to outbound data flows, inbound traffic, and SaaS-to-SaaS interconnections. |
★★ | ||
|
2025-01-24 15:00:00 | Strengthening Our National Security in the AI Era (lien direct) | For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well - consistently and cost-effectively.
For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well - consistently and cost-effectively. |
Tool | ★★★ | |
|
2025-01-24 02:00:00 | War Game Pits China Against Taiwan in All-Out Cyberwar (lien direct) | At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China.
At Black Hat and DEF CON, cybersecurity experts were asked to game out how Taiwan could protect its communications and power infrastructure in case of invasion by China. |
★★★ | ||
|
2025-01-23 22:24:16 | Tesla Gear Gets Hacked Multiple Times in Pwn2Own Contests (lien direct) | The first team to successfully hack the electric vehicle maker\'s charger won $50,000 for their ingenuity.
The first team to successfully hack the electric vehicle maker\'s charger won $50,000 for their ingenuity. |
Hack | ★★★ | |
|
2025-01-23 22:14:18 | CISA Calls For Action to Close the Software Understanding Gap (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-01-23 22:10:47 | Omdia Finds Phishing Attacks Top Smartphone Security Concern for Consumers (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-01-23 22:02:12 | Automox Releases Endpoint Management With FastAgent (lien direct) | Pas de details / No more details | ★★ | ||
|
2025-01-23 21:56:16 | 84% of Healthcare Organizations Spotted a Cyberattack in the Late Year (lien direct) | Pas de details / No more details | Medical | ★★★ | |
|
2025-01-23 20:37:53 | Cloudflare CDN Bug Outs User Locations on Signal, Discord (lien direct) | Attackers can use a zero- or one-click flaw to send a malicious image to targets - an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive.
Attackers can use a zero- or one-click flaw to send a malicious image to targets - an image that can deanonymize a user within seconds, posing a threat to journalists, activists, hackers, and others whose locations are sensitive. |
Threat | ★★★ | |
|
2025-01-23 17:57:23 | CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught (lien direct) | The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices.
The threat actors are abusing the vulnerabilities to gain initial access, obtain credentials, and install malicious scripts on user devices. |
Vulnerability Threat | ★★★ | |
|
2025-01-23 15:00:00 | The Security Risk of Rampant Shadow AI (lien direct) | While employees want to take advantage of the increased efficiency of GenAI and LLMs, CISOs and IT teams must be diligent and stay on top of the most up-to-date security regulations.
While employees want to take advantage of the increased efficiency of GenAI and LLMs, CISOs and IT teams must be diligent and stay on top of the most up-to-date security regulations. |
★★★ | ||
|
2025-01-23 15:00:00 | Black \\'Magic\\' Targets Enterprise Juniper Routers With Backdoor (lien direct) | Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don\'t run monitoring software like Sysmon, making the attacks harder to detect.
Such routers typically lack endpoint detection and response protection, are in front of a firewall, and don\'t run monitoring software like Sysmon, making the attacks harder to detect. |
★★★ | ||
|
2025-01-22 23:26:53 | Doti AI Launches Platform to Securely Find Enterprise Data (lien direct) | The AI-powered work platform helps organizations securely identify and access internal enterprise data as part of business processes and workflows.
The AI-powered work platform helps organizations securely identify and access internal enterprise data as part of business processes and workflows. |
★★★ | ||
|
2025-01-22 22:30:05 | Security Needs to Start Saying \\'No\\' Again (lien direct) | The rush to say \'yes\' allows cybersecurity teams to avoid hard conversations with business stakeholders, but also risks losing their ability to effectively protect organizations.
The rush to say \'yes\' allows cybersecurity teams to avoid hard conversations with business stakeholders, but also risks losing their ability to effectively protect organizations. |
★★★ | ||
|
2025-01-22 22:17:08 | Trump Overturns Biden Rules on AI Development, Security (lien direct) | The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture.
The new administration moved quickly to remove any constraints on AI development and collected $500 billion in investment pledges for an American-owned AI joint venture. |
★★★ | ||
|
2025-01-22 20:49:41 | Chinese Cyberspies Target South Korean VPN in Supply Chain Attack (lien direct) | Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea.
Advanced persistent threat group PlushDaemon, active since 2019, is using a sophisticated modular backdoor to collect data from infected systems in South Korea. |
Threat | ★★ | |
|
2025-01-22 20:24:12 | Trump Pardons \\'Silk Road\\' Dark Web Drug Market Creator (lien direct) | The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering.
The pardon comes after 11 years in prison for Ross Ulbricht, who was sentenced to life without parole on several charges, including computer hacking, distribution of narcotics, and money laundering. |
Legislation | ★★★ | |
|
2025-01-22 15:00:00 | Will 2025 See a Rise of NHI Attacks? (lien direct) | The flurry of non-human identity attacks at the end of 2024 demonstrates extremely strong momentum heading into the new year. That does not bode well.
The flurry of non-human identity attacks at the end of 2024 demonstrates extremely strong momentum heading into the new year. That does not bode well. |
★★★ | ||
|
2025-01-22 07:00:00 | Mandatory MFA, Biometrics Make Headway in Middle East, Africa (lien direct) | Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems.
Despite lagging in technology adoption, African and Middle Eastern organizations are catching up, driven by smartphone acceptance and national identity systems. |
★★ | ||
|
2025-01-21 23:02:17 | [Virtual Event]: Cybersecurity\\'s Most Promising New and Emerging Technologies (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-01-21 22:21:50 | Trump Fires Cyber Safety Board Investigating Salt Typhoon Hackers (lien direct) | In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US.
In a letter sent today, the acting DHS secretary terminated membership to all advisory boards, including the Cyber Safety Review Board (CSRB) tasked with investigating state-sponsored cyber threats against the US. |
★★★ | ||
|
2025-01-21 21:50:25 | Email Bombing, \\'Vishing\\' Tactics Abound in Microsoft 365 Attacks (lien direct) | Sophos noted more than 15 attacks have been reported during the past three months.
Sophos noted more than 15 attacks have been reported during the past three months. |
★★★ | ||
|
2025-01-21 21:15:18 | DONOT Group Deploys Malicious Android Apps in India (lien direct) | The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country\'s intelligence community.
The advanced persistent threat (APT) group is likely India-based and targeting individuals with connections to the country\'s intelligence community. |
Threat Mobile | ★★★ | |
|
2025-01-21 20:30:38 | HPE Investigates After Alleged Data Breach (lien direct) | The company reports that it is not experiencing any operational issues within its business, so far.
The company reports that it is not experiencing any operational issues within its business, so far. |
Data Breach | ★★★ | |
|
2025-01-21 18:09:18 | Mirai Botnet Spinoffs Unleash Global Wave of DDoS Attacks (lien direct) | Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide.
Two separate campaigns are targeting flaws in various IoT devices globally, with the goal of compromising them and propagating malware worldwide. |
Malware | ★★★ | |
|
2025-01-21 15:07:41 | Cisco Previews AI Defenses to Cloud Security Platform (lien direct) | Set for release in March, Cisco AI Defense will provide algorithmic red teaming of large language models with technology that came over as part of the Robust Intelligence acquisition last year.
Set for release in March, Cisco AI Defense will provide algorithmic red teaming of large language models with technology that came over as part of the Robust Intelligence acquisition last year. |
Cloud | ★★★ | |
|
2025-01-21 15:00:00 | Why CISOs Must Think Clearly Amid Regulatory Chaos (lien direct) | Even as the rule book changes, the profession of the CISO remains unchanged: protecting the organization in a world of constant, continually evolving threats.
Even as the rule book changes, the profession of the CISO remains unchanged: protecting the organization in a world of constant, continually evolving threats. |
★★★ | ||
|
2025-01-20 17:04:13 | Name That Toon: Incentives (lien direct) | Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a $25 gift card.
Feeling creative? Have something to say about cybersecurity? Submit your caption and our panel of experts will reward the winner with a $25 gift card. |
★★★ | ||
|
2025-01-20 14:30:00 | US Ban on Automotive Components Could Curb Supply Chain (lien direct) | The US Department of Commerce will prohibit the import of components for connected vehicles from China or Russia, as the US continues to ban technology it sees as potential national security threats.
The US Department of Commerce will prohibit the import of components for connected vehicles from China or Russia, as the US continues to ban technology it sees as potential national security threats. |
★★★ | ||
|
2025-01-20 14:00:00 | Phishing Attacks Are the Most Common Smartphone Security Issue for Consumers (lien direct) | New hands-on testing results show that most devices are unable to catch phishing emails, texts, or calls, leaving users at risk.
New hands-on testing results show that most devices are unable to catch phishing emails, texts, or calls, leaving users at risk. |
★★★ | ||
|
2025-01-17 22:03:46 | Has the TikTok Ban Already Backfired on US Cybersecurity? (lien direct) | The Supreme Court has affirmed TikTok\'s ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns.
The Supreme Court has affirmed TikTok\'s ban in the US, which has its users in revolt and is creating a whole new set of national cybersecurity concerns. |
★★★ | ||
|
2025-01-17 20:23:43 | Employees Enter Sensitive Data Into GenAI Prompts Far Too Often (lien direct) | The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises.
The propensity for users to enter customer data, source code, employee benefits information, financial data, and more into ChatGPT, Copilot, and others is racking up real risk for enterprises. |
ChatGPT | ★★★ | |
|
2025-01-17 19:44:31 | 15K Fortinet Device Configs Leaked to the Dark Web (lien direct) | The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully.
The stolen firewall data is thorough but more than 2 years old now, meaning that most organizations following even basic security practices face minimal risk, hopefully. |
★★★ | ||
|
2025-01-17 19:43:18 | US Sanctions Chinese Hacker & Firm for Treasury, Critical Infrastructure Breaches (lien direct) | The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon.
The cyber actor played a role in the Treasury breach as well as attacks on critical infrastructure, linked to China-backed advanced persistent threat (APT) group Salt Typhoon. |
Threat | ★★★ | |
|
2025-01-17 15:00:00 | Leveraging Behavioral Insights to Counter LLM-Enabled Hacking (lien direct) | As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.
As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses. |
★★★ | ||
|
2025-01-17 04:00:00 | Russian APT Phishes Kazakh Gov\\'t for Strategic Intel (lien direct) | A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.
A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states. |
★★★ | ||
|
2025-01-16 23:52:14 | Biden\\'s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense (lien direct) | New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks - but will the Trump administration follow through?
New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks - but will the Trump administration follow through? |
Tool | ★★★ | |
|
2025-01-16 22:03:05 | 183M Patient Records Exposed: Fortified Health Security Releases 2025 Healthcare Cybersecurity Report (lien direct) | Pas de details / No more details | Medical | ★★ | |
|
2025-01-16 21:45:36 | Karl Triebes Joins Ivanti as Chief Product Officer (lien direct) | Pas de details / No more details | ★★ | ||
|
2025-01-16 21:36:00 | CISA and US and International Partners Publish Guidance for OT Owners and Operators (lien direct) | Pas de details / No more details | Industrial | ★★★ | |
|
2025-01-16 21:32:14 | SEALSQ in Cooperation With WISeKey Expands Post-Quantum Footprint in Saudi Arabia (lien direct) | Pas de details / No more details | ★★ | ||
|
2025-01-16 21:14:20 | FTC Orders GoDaddy to Fix Inadequate Security Practices (lien direct) | The FTC claims that the Web hosting company\'s security failures led to several major breaches in the past few years.
The FTC claims that the Web hosting company\'s security failures led to several major breaches in the past few years. |
★★ | ||
|
2025-01-16 15:00:00 | Strategic Approaches to Threat Detection, Investigation & Response (lien direct) | By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence.
By staying vigilant, agile, and prepared, organizations can turn TDIR from a defensive strategy into a proactive enabler of security and operational excellence. |
Threat | ★★★ | |
|
2025-01-16 14:29:59 | Risk, Reputational Scores Enjoy Mixed Success as Security Tools (lien direct) | Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best - and better than nothing for most organizations and insurers.
Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best - and better than nothing for most organizations and insurers. |
Tool | ★★★ | |
|
2025-01-16 11:00:00 | Trusted Apps Sneak a Bug Into the UEFI Boot Process (lien direct) | Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.
Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process. |
★★★ | ||
|
2025-01-15 23:11:51 | (Déjà vu) CISA\\'s AI Playbook Pushes For More Information Sharing (lien direct) | The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats.
The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats. |
★★ | ||
|
2025-01-15 21:33:00 | Attackers Hijack Google Advertiser Accounts to Spread Malware (lien direct) | It\'s an especially brazen form of malvertising, researchers say, striking at the heart of Google\'s business; the tech giant says it\'s aware of the issue and is working quickly to address the problem.
It\'s an especially brazen form of malvertising, researchers say, striking at the heart of Google\'s business; the tech giant says it\'s aware of the issue and is working quickly to address the problem. |
Malware | ★★ | |
|
2025-01-15 16:51:35 | CISA: Second BeyondTrust Vulnerability Added to KEV Catalog (lien direct) | BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions.
BeyondTrust has patched all cloud instances of the vulnerability and has released patches for self-hosted versions. |
Vulnerability Cloud | ★★ | |
|
2025-01-15 16:18:50 | Extension Poisoning Campaign Highlights Gaps in Browser Security (lien direct) | Evidence suggests that some of the payloads and extensions may date as far back as April 2023.
Evidence suggests that some of the payloads and extensions may date as far back as April 2023. |
★★ |
To see everything:
Our RSS (filtrered)
