What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-04-22 10:45:14 | New UK laws to protect IoT devices amid sales surge (lien direct) | New figures published by the UK government show that almost half (49%) of UK residents have purchased at least one new smart device since the beginning of COVID-19. As a result, manufacturers of smart devices such as phones, speakers, and doorbells will need to provide customers with information about how long they will be guaranteed […] | ★★★★ | ||
|
2021-04-21 16:01:21 | PRODUCT REVIEW – Edgescan makes fullstack vulnerability management easy (lien direct) | Supplier: Edgescan Website: www.edgescan.com Price: Based on assets Scores Performance 5/5 Features 5/5 Value for Money 4/5 Ease of Use 5/5 Overall 5/5 Verdict: Fullstack vulnerability management made easy – Edgescan does all the hard work so you don't have to The pandemic has undoubtedly led to a massive surge in cyber-attacks but even as […] | Vulnerability | ||
|
2021-04-20 13:48:50 | Armis and UK\'s Eseye partner to secure connected devices on any cellular network (lien direct) | Global connectivity specialist Eseye and leading agentless device security platform provider Armis, today announced a strategic partnership and joint solution that enables organisations to deploy connected devices anywhere in the world with enterprise-class security and consistent, reliable cellular (4G/LTE/5G) connectivity. Eseye's unique Connectivity Management Platform enables devices to switch intelligently to any one of […] | Guideline | ||
|
2021-04-20 11:08:44 | Performanta acquires Identity Experts to bolster Microsoft IAM and security capabilities (lien direct) | Performanta, a fast-growing global provider of managed cyber security services to enterprise customers, today announced the acquisition of Identity Experts, a Microsoft Gold Security Partner and Identity & Access Management (IAM) specialist consultancy based in the UK. The move follows a significant investment round from Beech Tree Private Equity and will allow Performanta to extend […] | |||
|
2021-04-19 16:07:10 | AT&T Cybersecurity Launches New Managed Endpoint Security Solution with SentinelOne (lien direct) | AT&T has launched a managed endpoint security solution through its alliance with SentinelOne. AT&T Managed Endpoint Security with SentinelOne correlates the detection of endpoint threats through a single software agent that consolidates Antivirus, Endpoint Protection, Endpoint Detection and Response, and IoT security functions. The new solution provides comprehensive endpoint protection against ransomware and other cyberattacks, while […] | Ransomware | ||
|
2021-04-19 15:42:02 | Domino\'s India suffers data breach (lien direct) | Domino’s in India has suffered a data breach in which credit card details and personal information of both customers and employees have been exposed. The leaked information is being sold on the dark web, for which the hacker is demanding 10 BTC. Included in the data stolen are names, contact numbers, email IDs, addresses, credit […] | Data Breach | ||
|
2021-04-19 12:18:00 | Vulnerabilities found in older version of WhatsApp (lien direct) | Cert-In, the Indian cybersecurity watchdog has recently issued a ‘high’ severity rating against WhatsApp and WhatsApp Business. The emergency response team has reported finding ‘multiple’ vulnerabilities within the mobile application, which could give hackers access to sensitive information. A vulnerability note was released stating: “Successful exploitation of these vulnerabilities could allow the attacker to execute […] | Vulnerability | ||
|
2021-04-15 16:57:16 | University of Hertfordshire suffers system outage due to cyberattack (lien direct) | The University of Hertfordshire has been hit by a critical cyberattack resulting in online classes being shut down. The university released a statement on Wednesday evening (14th April) that an attack by cybercriminals had resulted in all its online services and systems being taken offline. “Shortly before 22:00 last night, the university experienced a cyber-attack […] | |||
|
2021-04-15 16:13:41 | Why taking the cybersecurity initiative can win you business (lien direct) | Our latest research into consumer behaviour has unearthed a conundrum: people knowingly take risks online even though they understand the dangers. On the one hand, we've got two out of three saying life is riskier now than it was five years ago, with serious concerns about losing data or being hacked. But on the other […] | |||
|
2021-04-15 12:18:29 | Outpost24 report finds Top 10 US Credit Unions all have web application issues (lien direct) | A report released this week by Outpost24, that examined the security posture of web applications amongst the Top 10 US Credit Unions, has revealed that they all have security issues. Using Outpost24's attack surface discovery tool called Scout, Outpost24 was able to analyse each Credit Union's public-facing web security environments against the seven most common attack vectors […] | Tool | ★★★★ | |
|
2021-04-15 10:40:28 | University of Hertfordshire hit by cyberattack (lien direct) | Yesterday the University of Hertfordshire was targetted by a cyberattack which resulted in the universities entire IT network being taken down, as well as all access to cloud-based services being blocked. The attack started on Wednesday night at 22:00, when the universities Wi-Fi network was taken down alongside the email system and the universities student […] | |||
|
2021-04-14 14:09:40 | Capcom release final update on ransomware attack (lien direct) | Capcom has released the final update on their investigation into the major ransomware attack they suffered last year. The investigation has found that the attackers accessed the company through an outdated VPN device. Through this avenue, the attackers were able to access the companies network, as well as any compromised devices in the network. The […] | Ransomware | ||
|
2021-04-14 10:54:21 | FBI removed web shells from Exchange Servers without consent (lien direct) | The FBI has been removing web shells from compromised Microsoft Exchange serves following court authorisation. However, owners of the Microsoft Exchange servers were never informed or able to approve of the FBI’s actions. In February, the hacking group HAFIUM exploited several vulnerabilities in Microsoft Exchange’s servers. The group installed web shells in compromised Exchange servers […] | |||
|
2021-04-13 17:00:41 | Synopsys Study reveals increase in Vulned erable, Outdated, and AbandonOpen Source Components in Commercial Software (lien direct) | Synopsys, Inc. has released its 2021 Open Source Security and Risk Analysis (OSSRA) report, which examines the result of more than 1,500 audits of commercial codebases. Produced by the Synopsys Cybersecurity Research Center (CyRC) and performed by the Black Duck® Audit Services team, the report highlights trends in open source usage within commercial applications, while simultaneously providing insights to help commercial and open source developers better understand the interconnected software ecosystem they are part of. It also presents the widespread risks posed by unmanaged open source, including security vulnerabilities, outdated or abandoned components, […] | |||
|
2021-04-13 16:57:46 | Promising news: users are becoming more savvy to COVID-19 based phishing attacks finds KnowBe4 (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has revealed the results of its latest 2021 top-clicked phishing report. It found that, despite still seeing a few phishing email attacks related to COVID-19, users are becoming more savvy and alert to these types of scams. Real phishing emails that […] | |||
|
2021-04-13 16:34:26 | Tim Mackie takes lead channel role for Armis (lien direct) | Armis®, the agentless device security platform, today announced the appointment of Tim Mackie as the new Worldwide Vice President of Channel. As part of Armis' commitment to its global channel partner programme and the accelerating demand for businesses to collaborate with it, Mackie has been appointed to lead this high growth function. Mackie is a […] | Guideline | ||
|
2021-04-12 15:31:54 | Protected: Tweet Chat: The Social Dilemma (lien direct) | There is no excerpt because this is a protected post. | |||
|
2021-04-12 14:01:43 | At last – Thinking outside the SCIF (lien direct) | Q1/21 a symposium was hosted in the US under the title 'Thinking Outside the SCIF' (Sensitive Compartmented Information Facility) to put forward the case for the utilisation of OSINT (Open Source) within the US Military and Intelligence Communities. John McLaughlin (CIA) kicked off day one by correctly pointing out that there was nothing new about […] | ★★★★★ | ||
|
2021-04-12 13:23:23 | Nation-state attackers are increasingly targeting businesses (lien direct) | A new report by criminologists at the University of Surrey and cybersecurity researchers at HP has found that nation-state attacks have risen considerably in the last three years. The report also revealed that both enterprises and businesses are amongst the most targetted organisations by nation-state attackers. The research analyses nation-state attacks taking place between 2017 […] | ★★★★★ | ||
|
2021-04-12 13:15:52 | Israel allegedly takes responsibility for Iran cyberattack (lien direct) | Iran’s main nuclear facility suffered a cyberattack on Sunday, leading to a large scale blackout at Natanz, which Israel now appears to be taking responsibility for. Tehran’s nuclear energy chief described the attack as an act of terrorism, and demands a response against the perpetrators. The incident occurred shortly after the official restarted spinning advanced […] | Guideline | ||
|
2021-04-12 12:21:58 | Apple and Google block NHS Covid-19 App update (lien direct) | The new update to the NHS COVID-19 track and tracing app has been blocked by both Apple and Google, due to its failure to comply with the terms of a recent agreement. The new update would urge users to upload logs of venue check-ins via a barcode scan if they tested positive for COVID-19. The […] | ★★★★ | ||
|
2021-04-09 14:47:51 | Data belonging to over 500 million LinkedIn users sold online to hackers (lien direct) | It has been revealed today that social media platform LinkedIn is the latest to suffer a website scraping attack at the hands of cyber criminals. Data belonging to over 500 million of its users has been posted online and is reportedly being sold to hackers. The news comes only days after it was revealed that […] | ★★ | ||
|
2021-04-09 11:40:07 | Cyber-attacks have potential to spark armed conflict (lien direct) | Mike McGuire a senior lecturer in criminology at the University of Surrey has conducted a study, called Nation States, Cyberconflict and the Web of Profit using publicly available reports into state-sponsored attacks along with interviews with various experts. The study reveals that the world is coming increasingly close to nation state retaliating against cyber-attacks with […] | |||
|
2021-04-09 10:58:57 | LinkedIn Users\' details being sold online (lien direct) | Analysts stumbled across a scraped data set from LinkedIn, in which the data from over half a billion users is being sold online. This marks the second major cybersecurity incident in the past week. The information scraped includes the full names, email addresses, phone numbers, professional titles and other work-related data. CyberNews analysts have been […] | |||
|
2021-04-09 09:16:06 | Outpost24 mark 20th anniversary by naming Karl Thedéen as new CEO (lien direct) | Outpost24, specialists in managing cybersecurity exposure, has celebrated its 20th year anniversary by announcing the appointment of Karl Thedéen as the company's new Chief Executive Officer. Thedéen brings over 20 years of experience in the software and technology sector, having previously held CEO roles at Edgeware AB and Transmode AB public in 2011 before its […] | ★★★★★ | ||
|
2021-04-08 12:09:33 | Carding Mafia hack: 300,000 user accounts exposed (lien direct) | Have I been Pwned reported that the data breach exposed users’ email addresses, hashed passwords, usernames, and IP addresses. Of the 500,000 users of the hacking forum, 297,744 have been affected; however, the forum operators have not yet notified their users. The founder of Have I Been Pwned has confirmed the authenticity of the stolen […] | Data Breach | ||
|
2021-04-08 11:03:38 | University of California and Stanford University systems breached (lien direct) | In February Accellion was the victim of a major security incident, and since then the number of Universities affected by the breach are growing by the day. The latest victims of the breach are the University of California and Stanford University. The university systems have been breached due to the Accellion incident, with an unknown […] | ★★ | ||
|
2021-04-08 09:39:09 | Hackers are using web shells to steal credit cards (lien direct) | VISA has issued a warning about the increase of web shells being used by threat actors to steal credit card details. VISA has seen a rise in the number of threat actors using web shells on compromised servers in order to extract credit card details stolen from customers making payments online. VISA has said that […] | Threat | ||
|
2021-04-07 11:02:04 | Multiple EU organisations have been hit by a cyber-attack (lien direct) | In March a number of European Union organisations, including the European Commission, were hit by a cyber-attack. A spokesperson from the European Commission has revealed that the incident, thought to have taken place last week, impacted the IT infrastructure of several EU institutions. The spokesperson told BleepingComputer, “we are working closely with CERT-EU, the Computer […] | |||
|
2021-04-07 07:44:41 | Hackers actively exploiting SAP Bugs (lien direct) | Active cyberattacks have been reported on known security vulnerabilities in widely deployed SAP applications, giving the attackers access for full take over and the ability to infest an organisation completely. Researchers warn that these attacks could lead to full control of unsecured SAP applications. An alert issued by SAP informs that threat actors are carrying […] | Threat Guideline | ||
|
2021-04-07 00:00:44 | European Cybersecurity Blogger Awards 2021 Open for Nominations (lien direct) | The European Cybersecurity Blogger Awards has returned in 2021 to recognise the best blogs and podcasts in the cybersecurity industry, as voted by themselves or peers and judged by a panel of experts. Nominations have now opened until the 14th of May. The winners will be revealed during a virtual meet-up event on Tuesday, 9th […] | ★★ | ||
|
2021-04-06 16:12:19 | How Can Security Training Harden Your DevOps Process? (lien direct) | Many organisations that are turning to DevOps are struggling with various security challenges along the way. In “The Ultimate Guide of Orchestrating Security and DevOps,” tracing those obstacles to a lingering “cultural conflict” between the developers and security teams. Security teams are struggling to keep up with the pace that DevOps teams are used to, […] | |||
|
2021-04-06 15:56:54 | A battle cry for SMBs to address cybersecurity (lien direct) | When we read about cyberattacks in the news, they typically involve a well-known brand or large enterprise. The perception is the bigger the organization, the greater the impact. However, the recent attack on Microsoft Exchange Servers is expected to impact over 60,000 organisations. Indeed, this is likely to be higher given that recent research has […] | |||
|
2021-04-06 12:50:35 | Apple Mail zero-click vulnerability could allow attackers to take-over victims accounts (lien direct) | A zero-click vulnerability has been discovered in Apple’s macOS Mail which allows attackers to take over a users account by adding or modifying any arbitrary file in Apple Mail's sandbox environment. The bug known as CVE-2020-9922 can be exploited by sending an email with two .ZIP files attached. Once a user has received these emails […] | Vulnerability | ||
|
2021-04-06 12:21:36 | Fortinet FortiOS vulnerabilities are being exploited, warns FBI (lien direct) | A number of US agencies, such as the Federal Bureau of Investigations (FBI) and the Infrastructure Security Agency (CISA), have issued a joint warning that advanced persistent threat (APT) groups are exploiting vulnerabilities found in Fortinet FortiOS. The groups are exploiting the vulnerabilities in order to compromise both government and commercial organisations using the software. […] | Threat | ||
|
2021-04-02 09:37:19 | Decrypting Cryptocurrencies (lien direct) | By Chris Sedgwick, director of security operations at Talion Cryptocurrencies are a topic that touches many areas; not only finance and investing but technology and even political arenas. Although apolitical in itself, it is the structure behind these cryptocurrencies that make them a much talked about subject amongst political purists from across the political spectrum. […] | |||
|
2021-04-01 12:18:15 | Space Industry needs Cybersecurity (lien direct) | At the LORCA Live online event, Rob Meyerson, founder and CEO at Delalune Space claimed that the commercial space industry needs support from the cybersecurity sector in order to build trust and resilience. Former employee of NASA and Blue Origin, Meyerson is now focused on investing in new businesses that aim to operate in the […] | |||
|
2021-04-01 11:53:59 | Gambling Company hit with DDoS attack (lien direct) | Already, DDoS attacks have set a new record and taken the extortion trend that started in August 2020 to the next level. Akamai, an internet security company has already reported the largest known DDoS (RDDoS) attack. The company has said the attack was more complex than previously seen incidents of DDoS attacks. In February of […] | |||
|
2021-04-01 11:27:15 | (Déjà vu) Ubiquiti: cyberattack worse than originally reported (lien direct) | Ubiquiti suffered a data breach, which they disclosed in January 2021. Recent information, however, claims that the data breach report was potentially a cover-up of a larger incident that put customer data and devices deployed on corporate and home networks at risk. Ubiquiti originally reported that an attacker had accessed some of its IT systems, […] | Data Breach | ||
|
2021-04-01 11:13:35 | IoT and IIoT security a major concern for security pros, research finds (lien direct) | In an already volatile environment, organisations are constantly being warned of the growing threat posed by the Internet of Things (IoT) and Industrial Internet of Things (IIoT) devices as both converge to bring increased productivity and communications. Yet, this strive for better connectivity is presenting significant risks which are causing sleepless nights for security professionals. A […] | Threat | ||
|
2021-04-01 11:09:12 | Ubiquiti accused of downplaying a “catastrophic” security breach (lien direct) | American journalist and investigative reporter Brian Krebs reported this week that a whistleblower has alleged that Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders and security cameras, has massively downplayed a “catastrophic” incident to minimize the hit to its stock price. and that the third-party cloud […] | |||
|
2021-04-01 10:53:27 | North Korean hackers targeting Google researchers (lien direct) | A North Korean Hacking group, know to previously have targeted security researchers has recently created a fake offensive security firm. The threat actors were first documented in January 2021, per Google’s Threat Analysis Group (TAG). The TAG specialists have said that the North Korean hackers had developed a web of fake profiles on various social […] | Threat | ||
|
2021-04-01 09:18:34 | Why are you ignoring NIST, NSA and the NCSC? (lien direct) | Between August 2020 and February 2021, “the agencies”, National Institute of Standards and Technology (NIST), National Security Agency (NSA) and National Cyber Security Centre (NCSC) had all published final or preliminary (beta) guidance for Zero Trust (ZT) that is applicable to all sizes of organisations. I would suggest to you that the agencies are experts […] | |||
|
2021-03-31 17:22:37 | VMware urges customers to patch critical vulnerabilities in vRealize Operations platform (lien direct) | Cloud computing and visualisation software and services provider VMware has patched a serious vulnerability that could have led an attacker to steal admin credentials in vRealize Operations. In an advisory published on Tuesday, the company stated that “multiple vulnerabilities in VMware vRealize Operations were privately reported to VMware.” In the same announcement, VMware said that […] | Vulnerability | ||
|
2021-03-31 13:56:11 | UK Cyber Security Council Becomes Independent Entity (lien direct) | The Cyber Security Alliance-led Formation Project has created an umbrella body that will grow to champion cyber security education, training and skills. Today it was announced that the Formation Project to create the Council has completed, allowing the Government-mandated Council to officially become an independent entity, fully and only accountable to its Trustees. The Council […] | |||
|
2021-03-30 10:32:11 | $30,000 to researchers who find bugs in Teams (lien direct) | Microsoft is offering up a $30,000 reward to security researchers who can find vulnerabilities within the Microsoft Teams application. Over the last year, the remote working and collaboration platform has seen a massive increase in users as a result of the coronavirus pandemic. This new bug bounty programme potentially highlights the importance of the application’s […] | |||
|
2021-03-30 10:19:52 | Suspected Russian hackers breach US homeland security (lien direct) | The email accounts belonging to the Trump administration’s head of homeland security (DHS) along with those of members of cybersecurity staff have been hacked by suspected Russian hackers. The hackers specifically targeted the members of cybersecurity staff whose job it is to hunt threats from foreign countries. The accounts were breached in the SolarWinds intrusion, […] | |||
|
2021-03-29 15:57:01 | Ransomware causes shutdown of TV Network (lien direct) | The production systems at Nine Network, an Australian TV network went offline for 24 hours, as a result of a suspected state-backed attack. Following the system shut down early on Sunday morning, all the staff were ordered to work from home indefinitely while the teams deal with the repercussions. Vanessa Morley, Nine Entertainment’s people and […] | |||
|
2021-03-26 15:23:58 | Two vulnerabilities found in Intel Processors (lien direct) | Positive Technologies employees Mark Ermolov and Dmitry Sklyarov, together with independent researcher Maxim Goryachi discovered two undocumented instructions in Intel processors. These can be used to change the microcode, allowing for attackers to take control of the processor and the entire system. According to the data that has been published, the vulnerabilities were left undocumented […] | |||
|
2021-03-26 15:04:13 | Hades ransomware targets \'big game\' in the US (lien direct) | An analysis published on Friday reveals that at least three major companies have been recent victims of the Hades ransomware. The analysis was published by Accenture’s Cyber Investigation & Forensic Response (CIFR) and Cyber Threat Intelligence (ACTI) teams. Accenture claims that the threat actors are targeting organisations that generate at least $1 billion in annual […] | Ransomware Threat |
To see everything:
Our RSS (filtrered)
