What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-27 08:58:45 | Oil and gas companies take cyber resilience pledge (lien direct) | The past two years have seen the energy industry suffer multiple major security breaches, highlighting the need for a collaborative effort in response. During the World Economic Forum (WEF) Annual Meeting 2022, 18 corporations announced their pledge to cooperate on a dedicated solution to strengthen infrastructure across the industry ecosystem. The Cyber Resilience Pledge, according […] | ★★★ | ||
|
2022-05-26 16:08:57 | Salt Security Helps bpLaunchpad Reimagine energy by Enabling API Based Innovation (lien direct) | bp Launchpad, the in-house business accelerator for bp, has selected Salt Security as its technology solution for API security. The business accelerator aims to strengthen energy resilience by aiding in the growth of global startup companies within the renewable energy sector. The companies involved are digitally-led and help deliver cleaner, more affordable, and reliable energy. […] | |||
|
2022-05-26 10:09:58 | Security pros believe cybersecurity strategies will soon be obsolete (lien direct) | Crossword Cybersecurity Plc has released a report highlighting anxieties surrounding security strategies soon growing outdated. Over 200 CISOS and senior cybersecurity professionals were surveyed. Key findings include: 40% of respondents expect their current cybersecurity strategy be outdated in the next two years. A further 37% expected their current cybersecurity strategy be outdated in the next […] | |||
|
2022-05-26 09:57:51 | Insider threats caused 68% of legal sector breaches (lien direct) | Insider threats were responsible for 68% of data breaches at UK law firms, according to new research from the Information Commissioner's Office (ICO). ICO Data from Q3 2021 was analysed by NetDocuments found that only 32% of breaches in the legal sector were caused by outside threats. Other key findings include: 54% of data breaches […] | Threat | ||
|
2022-05-25 10:38:12 | Privacy focused browser allows Microsoft trackers (lien direct) | DuckDuckGo, a privacy focused web browser, has come under fire for allowing Microsoft trackers on third-party sites as part of their syndicated search content contract with the company. The search engine takes pride in not tracking user searches or behaviour, and not building user profiles to display targeting advertising, instead using contextual advertisements from their […] | |||
|
2022-05-25 10:04:38 | US government lacks ransomware data (lien direct) | A new report from the United States Senate Committee on Homeland Security & Governmental Affairs has revealed that the US government lacks comprehensive data on ransomware attacks. Notably, the report shows that authorities are largely in the dark as to how much is lost in ransom payments. The report is the culmination of a 10-month investigation into […] | Ransomware | ||
|
2022-05-24 10:29:45 | Cyberattack on General Motors exposes customer data (lien direct) | US automobile behemoth General Motors (GM) has confirmed that it suffered a credential stuffing attack last month. GM said that it detected malicious login activity between April 11-29 2022, resulting in the exposure of customer information and allowing hackers to redeem gift card reward points. GM sent a data breach notification to affected customers, saying: […] | Data Breach | ||
|
2022-05-24 09:51:39 | Clearview AI fined £7.5m for harvesting data (lien direct) | Clearview AI has been fined by the UK’s Information Commissioner’s Office (ICO) for breaking UK data protection laws. The £7.5m fine is a huge reduction from the £17m the ICO initially planned to fine the web-based intelligence platform in November 2021. The initial fine was proposed following a joint investigation conducted in accordance with the […] | |||
|
2022-05-23 09:40:42 | Chinese hackers caught spying on Russian defence institutes (lien direct) | A minimum of two research institutes in Russia and third likely in Belarus have suffered an espionage attack carried out by a Chinese nation-state advanced persistent threat grout (APT). Codenamed “Twisted Panda,” the attacks come in the wake of Russia’s military invasion of Ukraine, an event that has prompted many threat actors to switch tactics […] | Threat | ||
|
2022-05-23 09:13:22 | (Déjà vu) Cryptocurrency scammers use Elon Musk deep fake (lien direct) | Deep fakes depicting videos of Elon Musk and other prominent figures in the cryptocurrency scene are promoting a BitVex trading platform scam that steals deposited currency. The spoof BitVex crypto trading platform claims to be owned by Tesla CEO Elon Musk, saying in the deep fake that he created the site to allow investors to […] | |||
|
2022-05-20 10:07:10 | Conti ransomware group disbands (lien direct) | Conti ransomware gang has shut down their operation, taking infrastructure offline and informing team leaders that the brand ceases to exist. Yelisey Boguslavskiy, head of research at Advanced Intel, tweeted yesterday that the gang’s internal infrastructure had been switched off. Although public-facing ransom negotiation sites and the “Conti News” data leak are still online, Boguslavskiy […] | Ransomware Guideline | ||
|
2022-05-19 16:03:01 | Who is UNC1756 – the hacker threatening Costa Rica? (lien direct) | On 16 April 2022, the ContiNews ransomware PR site posted the gang’s newest victim: the Ministry of Finance of Costa Rica. Three days later, the post was updated with a sample of the stolen data, and a threat to continue attacks against Costa Rican agencies unless the government paid a requested ransom of $10 million. […] | Ransomware Threat | ||
|
2022-05-19 11:36:49 | (Déjà vu) Two million Texans have their details exposed (lien direct) | A programming issue at the Texas Department of Insurance (TDI) exposed the personal information of nearly two million Texans for nearly three years. The department revealed that information such as Social Security numbers, addresses, dates of birth and phone numbers was made publicly available from March 2019 to January 2022. The information belongs to 1.8 […] | |||
|
2022-05-18 14:55:41 | Good News…Security Culture is Improving Around the World (lien direct) | A new industry report evaluating the level of security culture worldwide has found a positive improvement overall. The 2022 Security Culture Report by KnowBe4 looked at trends in security culture for the first time, analysing the ideas, customs and social behaviors of an organisation that influence their security. In particular, the report looked at the […] | |||
|
2022-05-18 10:21:23 | North Korean devs go undercover to aid DPRK hackers (lien direct) | US authorities have warned that the Democratic People's Republic of Korea (DPRK) is sending IT workers to get freelance jobs at companies worldwide, with the goal of obtaining privileged access that could be used to open the door for cyber intrusions. Thousands of “highly skilled IT workers” have been directed or forced to target freelance […] | |||
|
2022-05-18 09:48:42 | Omnicell healthcare company hit by ransomware (lien direct) | Omnicell, a US based multinational healthcare company, has confirmed it suffered a data breach in the a wake of a suspected ransomware attack. The company disclosed the ransomware attack on May 9 2022 in a 10-Q filing with the Securities and Exchange Commission (SEC). In the filing, Omnicell stated: “Our IT systems and third-party cloud […] | Ransomware Data Breach | ||
|
2022-05-18 09:46:03 | OBRELA secures King Faisal Specialist Hospital and Research Centre (lien direct) | The Client The King Faisal Specialist Hospital and Research Centre (KFSH & RC) is a tertiary referral hospital which offers primary and highly specialised inpatient and outpatient medical care and participates in many clinical research studies. The hospital has reached an international standard of excellence equivalent to that of leading global academic medical centres. KFSH […] | Guideline | ||
|
2022-05-17 09:45:04 | Thanos and Jigsaw ransomware linked to 55 year old doctor (lien direct) | The US Department of Justice announced yesterday that Moises Luis Zagala Gonzalez, a 55-year-old cardiologist currently residing in Ciudad Bolivar, Venezuela, created and rented Jigsaw and Thanos ransomware to cybercriminals. Known online as Nosophoros, Aesculapius, and Nebuchadnezzar, Gonzales supported cybercriminals in their use of the ransomware, and shared in the profits made. “As alleged, the […] | Ransomware | ||
|
2022-05-17 09:33:26 | Italian police thwart Eurovision cyberattack (lien direct) | It has been revealed that Italian authorities derailed efforts by pro-Russian cybercriminals to disrupt the Eurovision song contest. Throughout both the performances and voting rounds, police were mobilised to block attacks on network infrastructure – Reuters reports that the attacks have been attributed to the Russian “Killnet” group and its affiliate “Legion”. Several Italian institutions […] | |||
|
2022-05-16 10:21:31 | UK announces nuclear cybersecurity strategy (lien direct) | The UK government has announced cybersecurity plans for the country’s civil nuclear sector in the newly published 2022 Civil Nuclear Cyber Security Strategy. The country’s nuclear program is growing into one of the most vital elements of the government’s plans to reach net-zero carbon emissions, but poses a significant risk as a target for state-backed […] | |||
|
2022-05-16 09:22:37 | EU announces provisional cybersecurity directive (lien direct) | The European Parliament announced a “provisional agreement” with the aim of bolstering cybersecurity and resilience of both public and private sector entities in the European Union. It’s expected that the revised directive, dubbed “NIS2” (short for network and information systems), will take the place of pre-existing legislation originally established in 2016. The revision puts in place […] | |||
|
2022-05-13 09:43:59 | Security pros say their mental health has declined (lien direct) | 27% of security professionals say their mental health has worsened over the past year. The study, carried out by Tines, also revealed that security professionals believe that their mental state has impacted their productivity. Tines, an automation specialist, surveyed more than 1000 security professionals in the US and Europe for its State of Mental Health […] | ★★★ | ||
|
2022-05-12 09:48:04 | NCSC launches free email security check (lien direct) | The UK’s National Cyber Security Centre (NCSC) has released a free tool designed to help organisations check whether their email security settings are sufficient. The Email Security Check service was released yesterday by the NCSC, an offshoot of the UK spy agency GCHQ. The tool works to look up publicly available information on anti-spoofing standards such as […] | Tool | ★★ | |
|
2022-05-12 09:28:38 | Five Eyes urges organisations to secure supply chains (lien direct) | A joint advisory issued by the Five Eyes nations has urged organisations to secure their supply chains as the war in Ukraine continues. The document, 'Protecting Against Cyber Threats to Managed Service Providers and their Customers,' was released jointly by relevant government agencies from the Five Eyes security alliance. The authorities are: The UK's National […] | ★★★ | ||
|
2022-05-11 09:52:34 | CNI firms see cyberattack surge (lien direct) | Over 70% of critical national infrastructure (CNI) providers in the UK have seen an increase in cyberattacks since Russia’s invasion of Ukraine, new research from Bridewell suggests. Bridewell, a security services provider, polled over 520 security decision-makers in the communications, utilities, finance, government and transport and aviation sectors in order to better understand their concerns […] | ★★★ | ||
|
2022-05-11 08:57:05 | (Déjà vu) Spain sacks spy chief over Pegasus scandal (lien direct) | Paz Estaban, head of the Spanish National Intelligence Centre (CNI), has been sacked for reportedly using Pegasus spyware to spy on leaders of the Catalan independence movement. Estaban and the CNI were also criticised for failing to prevent the phones of Prime Minister Pedro Sanchez and other high ranking officials from being infected by Pegasus […] | Guideline | ★★★ | |
|
2022-05-10 09:38:56 | NCSC shut down 2.7 million scams in 2021 (lien direct) | The National Cyber Security Centre (NCSC) removed 2.7 million online scams last year, it was revealed today. The announcement comes as the security agency shared the most recent data from its Active Cyber Defence initiative ahead of today’s flagship CYBERUK summit. According to the NCSC, neutralised scams included fake celebrity endorsements and spoof extortion emails. […] | ★★★ | ||
|
2022-05-10 09:11:30 | Research finds over 31,000 stolen credentials from the FTSE 100 on the Dark Web (lien direct) | Today, Outpost24 has released the results of its 2022 FTSE 100 Credential Theft Study outlining the number of breached credentials from the UK's most profitable companies online and found up to 31,135 exposed user credentials belonging to FTSE 100 companies on the open, deep and dark web. In fact, 75% of these credentials were stolen […] | ★★★★ | ||
|
2022-05-10 09:00:33 | KB4-Con: This is How Nicole Perlroth Tells Us the World Ends (lien direct) | “We have never been closer to a cataclysmic cyber event,” warns Nicole Perlroth, New York Times' cybersecurity journalist, at this year's KB4-Con in Orlando, Florida. Perlroth begins her talk by painting a picture of today's sombre reality, highlighting the threat of Russian cyberattacks on our critical infrastructure and the latest discovery of Pipedream – the […] | Threat | ★★★★ | |
|
2022-05-09 14:56:53 | AT&T launches SASE with Cisco Meraki to enable security anywhere (lien direct) | AT&T has introduced AT&T SASE with Cisco Meraki. Designed to provide businesses of nearly any size and industry with a powerful networking and security offering, this new managed service helps organisations improve network performance, enable resilient access and defend sensitive data. The service also helps protect against unauthorised use and loss while delivering flexibility for […] | ★★ | ||
|
2022-05-09 10:06:05 | Cyber attacks cause national emergency in Costa Rica (lien direct) | Rodrigo Chaves, President of Costa Rica, has declared a national emergency following a series of cyberattacks on government bodies. According to BleepingComputer, Conti has published the majority of the 672 GB of data appearing to belong to Costa Rican government agencies. Chaves signed the declaration into law on Sunday, May 8th, the same day that […] | ★★★★ | ||
|
2022-05-09 09:50:24 | US government offers up to $15m for Conti info (lien direct) | Authorities in the US have offered up to $15 million in rewards for information leading to the identification, arrest, and/or conviction of any individual affiliated with Conti ransomware variant attacks. The money, offered under the Department of State's Transnational Organized Crime Rewards Program (TOCRP), is split into two pots: up to $10m for information on […] | Ransomware Guideline | ★★★ | |
|
2022-05-06 10:39:03 | White House warns of cryptography-cracking quantum computers (lien direct) | President Joe Biden signed a national security memorandum (NSM) on Thursday calling for government agencies to implement measures to mitigate risks posed by guantum computers to US national cyber security. The NSM highlights the dangers of cryptanalytically relevant quantum computers (CRQC), including their potential ability to brake public-key cryptography. Immediate risks include: Endangering civilian and military […] | |||
|
2022-05-06 10:16:45 | South Korea joins NATO Cyber Defence Centre (lien direct) | NATO’s Cooperative Cyber Defence Centre of Excellence (CCDCOE) has admitted South Korea, the first Asian country to join. The country’s National Intelligence Service (NIS) made the announcement today, noting that it will represent South Korea in the centre’s training and research activities. “We plan to strengthen our cyber response capabilities to a world-class level by increasing […] | |||
|
2022-05-05 15:20:05 | One Identity Guest Blog – The password checklist (lien direct) | By Dan Conrad, Security team lead at One Identity It is not a secret that passwords are not a particularly secure method of protection, furthermore in a world where multifactor authentication is becoming the norm, talking about password hygiene seems a little dated but still, according to the Verizon 2021 Data Breach Investigations Report, credentials […] | Data Breach Guideline | ||
|
2022-05-05 10:21:16 | OWASP patches path traversal flaw (lien direct) | The Open Web Application Security Project (OWASP) has patched a vulnerability in its Enterprise Security API (ESAPI) that, if neglected, could have been abused to run path traversal attacks. The flaw, which had a security severity rating of 7.5 out of 10 and involved the ESAPI validator interface, can be resolved by applying the patched […] | Vulnerability | ||
|
2022-05-05 09:23:17 | 1000s of phishing emails sent from NHS inboxes (lien direct) | New research from the email security firm Inky has revealed that more than 1000 emails were sent from NHS inboxes over a six month period. The firm has claimed that the campaign, beginning October 2021, escalated “dramatically” in March of this year. After the findings were reported to the NHS on April 13, Inky reported that […] | |||
|
2022-05-04 10:40:06 | NCSC updates build environment best practices (lien direct) | The National Cyber Security Centre (NCSC), working alongside the Institute of Engineering and Technology (IET) and the UK’s Centre for the Protection of National Infrastructure (CPNI), has developed new document providing best practices for those involved in the design, management, operation and security of building-related systems. The Code of Practice: Cyber Security in the Built […] | |||
|
2022-05-04 10:01:16 | SEC bolsters cyber and crypto assets team (lien direct) | The Securities and Exchange Commission (SEC) has made serious improvements to its in-house cryptocurrency and cybersecurity skills. The move comes as an attempt to improve investor confidence and enhance the transparency of listed companies. 20 additional positions have been added to the regulator’s newly renamed Crypto Assets and Cyber Unit. Previously known as the Cyber […] | |||
|
2022-05-03 11:07:50 | TLStorm 2.0 – Airports, hospitals, hotels and enterprises at risk to new vulnerabilities (lien direct) | Armis, the unified asset visibility and security platform, disclosed five critical vulnerabilities, known as TLStorm 2.0, in the implementation of TLS communications in multiple models of network switches. The vulnerabilities stem from a similar design flaw identified in the TLStorm vulnerabilities (discovered earlier this year by Armis), expanding the reach of TLStorm to millions […] | |||
|
2022-05-03 09:33:45 | Cyber-espionage group targets Asian telecomms (lien direct) | Researchers at Sentinel Labs have identified a new cluster of malicious cyber activity tracked as Moshen drago, with its efforts aimed at telecommunication service providers in Central Asia. The new threat group does have overlaps with “RedFoxtrot” and “Nomad Panda,” notably including the use of ShadowPad and PlugX malware variants, their activities’ differentiate enough to […] | Malware Threat | ||
|
2022-05-03 09:10:15 | (Déjà vu) Spyware discovered on Spanish PM\'s phone (lien direct) | Spyware has been found on the mobile phones of Pedro Sánchez, prime minister of Spain, and Margarita Robles, the country’s minister of defence. The Spanish government revealed in a press conference given Monday morning that the phones had been infected withy Pegasus spyware, extracting data from both devices. Félix Bolaños, the minister for the presidency, […] | |||
|
2022-05-01 08:47:38 | 4 Reasons Why Data Science Is One of the Best Fields of Work (lien direct) | In the last decade, data science has become one of the most popular and in-demand fields of work. Data scientists are some of the highest-paid professionals in the world, and they get to use their skills to solve interesting problems. If you’re thinking about becoming a data scientist, here are four reasons who it is […] | |||
|
2022-04-29 10:02:16 | Deepfakes set to be used in organised crime (lien direct) | Europol has warned of a projected rise in the use of deepfake technology by organised crime organisations. Deepfakes involve the use of artificial intelligence to create realistic audio and audio-visual content “that convincingly shows people saying or doing things they never did, or create personas that never existed in the first place.” Facing Reality? Law […] | |||
|
2022-04-29 09:46:29 | Global security spending set to reach $198bn by 2025 (lien direct) | Market analysts at GlobalData have predicted that global cybersecurity spending is set to increase by 58%, reaching $198bn by 2025. GlobalData claims that an increasingly tense geopolitical landscape and the COVID-19 pandemic has placed the advantage squarely in the hands of threat actors. Spending will be primarily directed towards software, followed by services and hardware. “The […] | Threat | ||
|
2022-04-28 16:16:44 | KB4Con 2022 – The Latest in Hacking Techniques with the World\'s Most Famous Hacker (lien direct) | KB4Con 2022 ended on a high point as it involved an individual many of the attendees had been excited to hear from – someone who is widely considered to have coined the term hacking. It was none other than computing security consultant, author, “one-time world-most wanted hacker” and Chief Hacking Officer at KnowBe4, Kevin Mitnick. […] | |||
|
2022-04-28 16:14:38 | KB4Con 2022 – Cyber Resilience and the Fourth Industrial Revolution (lien direct) | Humanity has always embraced technology and, today, we are seeing increased IoT integration, cloud adoption and vast wave of remote workers who are connecting to more online infrastructures. However, this is leading many to question the cyber resiliency of organisations, particularly at a time when cyber-attacks are at an all-time high. In fact, according to […] | Guideline | ||
|
2022-04-28 11:21:35 | Ransoms only make up 15% of ransomware costs (lien direct) | Researchers at Check Point have revealed that the collateral damage of ransomware attacks make up costs roughly seven times higher than the ransom demanded by threat actors. The costs include financial implications caused by incident response efforts, system restoration, legal fees, monitoring costs and the overall impact of business disruption. Ransomware attacks are an increasingly popular […] | Ransomware Threat | ||
|
2022-04-28 08:51:12 | Synopsys Acquires WhiteHat Security to Expand Application Security Software-as-a-Service Capabilities (lien direct) | Yesterday, Synopsys, Inc. announced that it has signed a definitive agreement to acquire WhiteHat Security, a leading provider of application security Software-as-a-Service (SaaS). The addition of WhiteHat Security will provide Synopsys with significant SaaS capabilities and market-segment-leading dynamic application security testing (DAST) technology to strengthen what is considered one of the industry’s broadest application security testing portfolio. […] | Guideline | ★★ | |
|
2022-04-27 10:12:23 | Hackers claim to have breached Coca Cola (lien direct) | The group behind Stormous ransomware has announced the sale of almost 161GB of data allegedly belonging to Coca Cola. The data up for sale includes passwords, financial data and account details. The group is asking for 1.6467000 Bitcoin, or $ 64,396.67 for the data. The announcement follows Stormous publishing a poll in which the group […] | Ransomware |
To see everything:
Our RSS (filtrered)
