What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-25 11:07:08 | 2022 Verizon Data Breach Investigations Report, Cyber Security Experts Reactions (lien direct) | The 2022 Verizon Data Breach Investigations Report has been released and the study provides an analysis of security breaches and attack vectors from the last year. | Data Breach | ||
|
2022-05-25 10:58:36 | EUS Car Giant General Motors Hit By Credential Stuffing Attack (lien direct) | Following the news that US Car Giant General Motors was hit by a credential stuffing attack last month that exposed customer information and allowed hackers to redeem points for gift cards, information security experts reacted below. | |||
|
2022-05-24 17:27:50 | The 8 Design Principles Of A Zero Trust Network (lien direct) | The connected world is a changed world, and enterprises can no longer assume that they have full control over closed networks. Further accelerating the new normal is the COVID-19 pandemic, which shifted a large proportion of the workforce to remote working and forced businesses to increase their use of cloud platforms to support a variety […] | |||
|
2022-05-24 17:24:12 | Facial Recognition Company Clearview Ai Fined £7.5m For Illegally Using Images Of Brits Scraped From Online (lien direct) | Following the news that: Facial recognition company Clearview AI fined £7.5m for illegally using images of Brits scraped from online Facial recognition company Clearview AI fined £7.5m for illegally using images of Brits scraped from online | Science & Tech News | Sky News | |||
|
2022-05-24 17:18:43 | Chicago Public Schools Data Breach – Expert Comments (lien direct) | Privacy and data security experts commented on data breach news from Chicago: Chicago Public Schools says ransomware attack affects nearly 500,000 students and 56,000 employees | Ransomware Data Breach | ||
|
2022-05-24 12:09:24 | GDPR Anniversay, Expert Insight On What Lead To GDPR Fines (lien direct) | Please see comment by Industry leaders on the anniversary of GDPR. The comment focuses on how poor identity access management can lead to GDPR fines, and why organizations need to invest in Identity Data Fabrics. | Guideline | ||
|
2022-05-23 14:04:07 | Navigating The Cyber Arms Race, Expert Weighs In (lien direct) | Cyberwarfare is taking on a new meaning as the Costa Rican president announces “we're at war” with renowned ransomware group Conti, following extortionate ransom demands from the government. SonicWall, the cyber security giant highlights the staggering increase in ransomware in its trusted annual threat report: Government sector saw a 1885% increase in ransomware attacks 105% […] | Ransomware Threat | ||
|
2022-05-23 13:45:50 | The Shield Of Identity-first Security (lien direct) | Ransomware gang, Conti, is demonstrating its growing political power, as Costa Rican President calls smaller nations to action. | Ransomware | ||
|
2022-05-23 13:37:21 | On Increased Cyber Attack Risk (lien direct) | In the wake of Russia's invasion of Ukraine and the shift to hybrid working, the Institute of Directors has found that 72% of business leaders view cyber risk as a significant concern for their organisation, with 58% believing that the risk of a cyber-attack on their organisation has increased. | Guideline | ||
|
2022-05-22 21:00:04 | Evasive Bots Driving Online Fraud: 2022 Report (lien direct) | According to the 2022 Imperva Bad Bot Report, bots accounted for almost 28% of global web traffic in 2021. The Imperva Threat Research team estimates that 27.7% of online traffic is bad bots. These bad bots are now more advanced and evasive than ever, mimicking human behavior in ways that make them harder to detect […] | Threat | ||
|
2022-05-22 20:50:22 | Global Food Supply Chain Threatened By Hackers (lien direct) | As reported by BBC News, modern “smart” farm machinery is vulnerable to malicious hackers, leaving global supply chains exposed to risk, experts are warning. It is feared hackers could exploit flaws in agricultural hardware used to plant and harvest crops. Agricultural manufacturing giant John Deere says it is now working to fix any weak spots […] | |||
|
2022-05-22 20:45:37 | New MITRE Framework For Supply Chain Security (lien direct) | It has been reported that MITRE has built a prototype framework for information and communications technology (ICT) that defines and quantifies risks and security concerns over the supply chain – including software. MITRE's so-called System of Trust (SoT) prototype framework is, in essence, a standard methodology for evaluating suppliers, supplies, and service providers. | |||
|
2022-05-22 20:39:26 | Web Tracker Caught Intercepting Online Forms Even Before Users Hit Submit (lien direct) | Following the news that: Web Tracker Caught Intercepting Online Forms Even Before Users Hit Submit https://thehackernews.com/2022/05/web-trackers-caught-intercepting-online.html | |||
|
2022-05-22 20:35:03 | (Déjà vu) Conti Ransomware Shuts Down Operation, Rebrands Into Smaller Units (lien direct) | It has been reported that the notorious Conti ransomware gang has officially shut down its operation, with infrastructure taken offline and team leaders told that the brand is no more. This news comes from Advanced Intel’s Yelisey Boguslavskiy, who tweeted this afternoon that the gang’s internal infrastructure was turned off. While public-facing ‘Conti News’ data leak and the ransom […] | Ransomware Guideline | ||
|
2022-05-22 11:38:48 | Media giant Nikkei Suffers Ransomware Attack (lien direct) | Media giant Nikkei's Asian unit has been hit by a ransomware attack. While the extent of the attack and whether or not customer data was leaked is still unknown, Nikkei has been forced to shut down affected servers as they investigate further. This attack follows a 2019 incident where Nikkei lost $29 million in a […] | Ransomware | ||
|
2022-05-19 14:59:33 | (Déjà vu) Omnicell Suffers Ransomware Attack, Impact To Internal Systems (lien direct) | It has been reported that multinational company Omnicell recently confirmed that it had experienced a data breach following a reported ransomware attack, impacting internal systems. The company, headquartered in Mountain View, California, USA, learned of the ransomware attack, which it disclosed on May 9 2022 in a 10-Q filing with the Securities and Exchange Commission. […] | Ransomware Data Breach | ||
|
2022-05-19 14:56:45 | Texas State Dept. Of Insurance Consumer Data Breach (lien direct) | In a newly reported data leak, Social Security numbers, addresses, names, dates of birth, and phone numbers were accessible on the Texas Department of Insurance website: State website exposed 1.8 million Texans’ data over three years | Data Breach | ||
|
2022-05-19 14:54:02 | Britain Can Legally Launch Cyberattacks Against Hostile States, Experts Reaction (lien direct) | According to The Telegraph, Britain's Attorney General Suella Braveman will argue in a speech to Chatham House today that international law applies equally to equally in the cyber world as in the real world, where the principle of “non-intervention” in another country's affairs allows states to take defensive countermeasures. The news comes off the back […] | |||
|
2022-05-19 14:51:09 | Can I Trust You? Online Fraud Boom Casts Doubt Over Brands\' Ability To Protect Consumers\' Digital Identities (lien direct) | Research from Onfido demonstrates the emotional cost of fraud is a breakdown of trust between consumers and brands Onfido, the leading global digital identity verification and authentication provider, today announces the results of a study revealing the emotional impact of fraud on UK consumers and how this is fostering distrust of brands responsible for keeping […] | Guideline | ||
|
2022-05-18 16:10:18 | Tesla “Phone-as-a-Key” Passive Entry Vulnerable To Relay Attacks – Expert Comments (lien direct) | Researchers at NCC Group have created a new type of Bluetooth Low Energy (BLE) relay attack that can bypass existing relay attack protections. Excerpts: The Tesla Model 3 and Model Y employ a Bluetooth Low Energy (BLE) based passive entry system. This system allows users with an authorized mobile device or key fob within a […] | |||
|
2022-05-18 16:01:27 | Credit Card Data scraped From US Business\' Online Checkout Pages (lien direct) | FLASH # MC-000170-MW details how cyber actors have been observed scraping credit card data from US business' online checkout pages and maintaining persistence by injecting malicious PHP code. Summary As of January 2022, unidentified cyber actors unlawfully scraped credit card data from a US business by injecting malicious PHP Hypertext Preprocessor (PHP) code into the […] | |||
|
2022-05-18 15:55:14 | NSA: NO Backdoors In New Encryption Standards – Expert Comments (lien direct) | Information Security experts commenting on news that the NSA Swears It Won’t Allow Backdoors in New Encryption Standards. The genesis is comments made by the NSA Director of Cybersecurity last week that there will be no backdoors in the quantum computer resistant encryption standards being developed by the federal government. Following this line of thinking, we […] | |||
|
2022-05-18 15:51:26 | Government Advisory – Top Attack Vectors (lien direct) | A joint security advisory from multiple national cybersecurity agencies, across the United States, Canada, New Zealand, the Netherlands, and the United Kingdom, has been released and it includes guidance on the top 10 most commonly exploited attackers vectors cybercriminals use to gain an initial access to organisations: https://www.cisa.gov/uscert/ncas/alerts/aa22-137a | |||
|
2022-05-18 15:45:01 | Expert Commentary: Omnicell Hit By Cyber Attack (lien direct) | Multinational company Omnicell recently confirmed that it had experienced a data breach following a reported ransomware attack, impacting internal systems. The company, headquartered in Mountain View, California, USA, learned of the ransomware attack, which it disclosed on May 9 2022 in a 10-Q filing with the Securities and Exchange Commission. More details are likely to […] | Ransomware Data Breach | ||
|
2022-05-18 15:40:02 | Musk Twitter Takeover – Is Digital Identity Broken? Expert Weighs In (lien direct) | In light of the ongoing speculation around Musk's Twitter takeover and how it could be dependent on verifying the number of bot accounts, please see below for a comment from Industry leader about how digital identity is broken and the changes we need to see to rebuild digital trust in social media platforms. | Guideline | ||
|
2022-05-17 13:17:37 | Google & Other RTB Companies Behind \'Biggest Data Breach Ever Recorded\' (lien direct) | The Irish Council for Civil Liberties (ICCL) is reporting on the scale of Real-Time Bidding data broadcasts in the U.S. and Europe. Key insights RTB is the biggest data breach ever recorded. It tracks and shares what people view online and their real-world location 294 billion times in the U.S. and 197 billion times […] | Data Breach | ||
|
2022-05-17 13:02:37 | New \'NIS2\' Cybersecurity Standards – Expert Comment (lien direct) | Following the news that Europe has moved closer toward new cybersecurity standards and reporting rules following a provisional network and information systems agreement dubbed NIS2 by the European Council and Parliament, please find comments below from Saket Modi, who highlights that the new regulations are a step in the right direction, but more needs to […] | |||
|
2022-05-16 10:33:40 | Cornwall Council Data Breach (lien direct) | The Cornwall council accidentally published the personal details of five schoolchildren in publicly accessible meeting documents. Cornwall Council has apologized for the data breach, including their names, addresses, and dates of birth. It made the error when it published online documents for a meeting of its School Transport Appeals Committee. | Data Breach | ||
|
2022-05-16 10:28:48 | Kaspersky: 9 Of 10 Orgs Previously Hit With Ransomware Would Pay If Targeted Again (lien direct) | Kaspersky has released a new report, “How business executives perceive the ransomware threat” showing that in 88% of organizations around the world that were previously attacked by ransomware, business leaders would choose to pay a ransom if faced with another attack. Across organizations that have yet to be victimized, only 67% would be willing to pay, […] | Ransomware Guideline | ||
|
2022-05-13 13:01:07 | “Eternity Project” Malware Leverages Telegram For Distribution (lien direct) | Cyble researchers detail their discovery of the ‘Eternity Project,’ a new malware-as-a-service offering that includes stealers, clippers, worms, miners, ransomware, and DDoS Bots. The group is said to have a Telegram channel (with 500+ subscribers) promoting the malware, complete with detailed videos of the products. Excerpt: The features of the stealer malware mentioned on the TAs […] | Malware | ||
|
2022-05-12 14:04:28 | FBI, CISA, And NSA Warn Of Hackers Increasingly Targeting MSPs (lien direct) | A Joint Advisory released today by members of the Five Eyes intelligence alliance warned MSPs and their customers that they’re being targeted by supply chain attacks. Excerpts: This joint Cybersecurity Advisory (CSA) provides actions MSPs and their customers can take to reduce their risk of falling victim to a cyber intrusion. This advisory describes cybersecurity […] | ★★ | ||
|
2022-05-12 13:57:59 | PII Of 21M SuperVPN, GeckoVPN Users Leaked On Telegram (lien direct) | VPNMentor is reporting that a database containing the personal details and login credentials of 21 million users was leaked in a Telegram group. The dump also exposed the data of VPN users including SuperVPN, GeckoVPN, and ChatVPN. The database contains 10GB worth of data and is available for free on several different Telegram groups. (the […] | ★★★ | ||
|
2022-05-12 13:52:59 | Lincoln College To Close Permanently After Cyberattack – 5 Cyber Experts Comment (lien direct) | Lincoln College (a private IL college named for Abraham Lincoln) announced that it is closing as a result of the financial burdens of the pandemic and a devastating December 2021 cyberattack “that thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections. All systems required for […] | ★★★ | ||
|
2022-05-12 13:37:28 | (Déjà vu) British Man Charged With Hacking US Bank Computers (lien direct) | It has been reported that a British man has been charged in New York with unauthorized computer intrusion, securities fraud, wire fraud and other crimes, causing more than $5m of losses. According to a 10-count complaint made public yesterday, Idris Dayo Mustapha, 32, a UK citizen, and others used phishing and other means to obtain user credentials from […] | ★★ | ||
|
2022-05-12 13:28:09 | Expert Reaction On Cyber Threats Five Years On From WannaCry (lien direct) | Today marks the fifth anniversary of the NHS WannaCry cyber-attack. Cyber security expert reacted below. | Wannacry Wannacry | ★★ | |
|
2022-05-11 12:57:31 | Wannacry – 5 Years On, 68% Of Enterprises Are Still At Risk (lien direct) | 5 years on from one of the world’s most damaging ransomware attacks, research from network detection and response leader ExtraHop has found that 68% of enterprises are still running insecure protocol that were exploited by the North Korean ransomware. | Ransomware Guideline | Wannacry | ★★★ |
|
2022-05-11 12:44:10 | British Man Charged In New York With Hacking Into Bank Computers, Stealing Millions (lien direct) | According to Reuters, a British man has been charged in New York for hacking into email servers and computers belonging to U.S. banks and brokerages in order to access investors’ accounts, causing more than $5 million of losses. Idris Dayo Mustapha, 32 and others are accused of using phishing and other means to obtain user […] | ★★ | ||
|
2022-05-11 12:39:21 | Why Its So Important For Organisations To Put Staff Welfare First When A Cyber-attack Strikes. (lien direct) | At CyberUK2022, The NCSC published fresh guidelines on how organisations can prioritise staff welfare in their cyber incident response plans: https://www.ncsc.gov.uk/guidance/putting-staff-welfare-at-the-heart-of-incident-response In response to the announcement, Laurie Mercer, Security Engineer at HackerOne – the world's most trusted provider of ethical hacking solutions – has provided his personal thoughts on why its so important for organisations […] | ★★ | ||
|
2022-05-10 13:30:57 | Horizon3ai Publishes Root Cause Of CVE-2022-1388, F5\'s BIG-IP iControl REST Endpoint Critical Vulnerability (lien direct) | F5 recently patched a critical vulnerability in their BIG-IP iControl REST endpoint CVE-2022-1388. This vulnerability is particularly worrisome for users because it is simple to exploit and provides an attacker with a method to execute arbitrary system commands. Attack engineers with Horizon3ai discovered the root cause of the vulnerability and have published an examination of its inner […] | Vulnerability | ★★★★ | |
|
2022-05-10 13:07:36 | Mental Health Awareness Week: How Does Cybercrime Affect Victims\' Mental Wellbeing? (lien direct) | This week is Mental Health Awareness Week (9-15 May), which was founded by the Mental Health Foundation 21 years ago. With a large percentage of our time now spent online, the Internet has a massive impact on our mental wellbeing. As a result, falling victim to cybercrime or online scams can be an incredibly distressing […] | ★★ | ||
|
2022-05-10 12:34:33 | What Does The Future Hold For Blockchain Within Third-Party Risk Management? (lien direct) | The benefits of using technology to manage third-party risk are not lost on compliance professionals. When you consider the growing size, complexity and geographic diversity of companies' third-party ecosystems, it's easy to see why. 60% of organisations now work with more than 1,000 third parties and managing the risks of doing business with them is […] | ★★ | ||
|
2022-05-09 13:09:46 | How To Build A DevOps Strategy With APIs (lien direct) | Organizations are rapidly turning to APIs because they bridge the gap between independent applications and programs and, in turn, facilitate proper and consistent communication between them. APIs have become a fundamental part of every application, and it’s easy to see why many companies are developing their applications using APIs and DevOps. APIs can become more […] | ★★ | ||
|
2022-05-06 20:39:33 | FBI: Business Email Compromise: The $43 Billion Scam (lien direct) | According to the FBI, business email compromise (BEC) and email account compromise (EAC) losses have surpassed $43 billion globally. (BEC/EAC) is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests. STATISTICAL DATA The BEC/EAC scam continues to grow and evolve, targeting small local businesses to larger corporations, and personal transactions. […] | ★★★ | ||
|
2022-05-06 18:14:04 | Expert Advise On Colonial Pipeline Ransomware Attack Anniversary (lien direct) | This week is the anniversary of the Colonial Pipelines attack, which saw one of the biggest pipelines in the US temporarily shut down, following a ransomware attack by DarkSide, a ransomware-as-a-service group that is believed to be linked to Russia. Not only did the attack affect millions but heralded a new era of cybercrime. In […] | Ransomware | ★★★ | |
|
2022-05-06 12:17:16 | Security Advisory Issued For Critical F5 Vulnerability (lien direct) | It has been reported that F5 has issued a security advisory warning about a flaw that may allow unauthenticated attackers with network access to execute arbitrary system commands, perform file actions, and disable services on BIG-IP. The vulnerability is tracked as CVE-2022-1388 and has a CVSS v3 severity rating of 9.8, categorized as critical. Its exploitation […] | Vulnerability | ★★★★ | |
|
2022-05-06 12:10:46 | White House Says To Prepare For Cryptography-Cracking Quantum Computers (lien direct) | President Joe Biden signed a national security memorandum (NSM) on Thursday asking government agencies to implement measures that would mitigate risks posed by quantum computers to US national cyber security. The NSM outlines the risks of cryptanalytically relevant quantum computers (CRQC), such as their likely ability to brake current public-key cryptography. More information: https://www.bleepingcomputer.com/news/security/white-house-prepare-for-cryptography-cracking-quantum-computers/ Memorandum: https://www.whitehouse.gov/briefing-room/statements-releases/2022/05/04/national-security-memorandum-on-promoting-united-states-leadership-in-quantum-computing-while-mitigating-risks-to-vulnerable-cryptographic-systems/ | Guideline | ★★★ | |
|
2022-05-06 11:58:05 | NIST Update Supply Chain Guidance (lien direct) | This morning the National Institute of Standards and Technology released new guidance on securing the supply chain against cyber-attacks. In response, please see below comments from cybersecurity expert who outlines the positive nature of this NIST guidance, exploring how supply chain attacks are becoming increasingly popular targets, and why it is more critical than ever […] | ★★★ | ||
|
2022-05-06 11:53:51 | Breaking: Expert OpenSea Phishing Vulnerability (lien direct) | OpenSea has announced a vulnerability and is advising all to avoid clicking on a suspicious link. This is not the first time OpenSea has had a phishing-related incident and shows the need for greater care in our own security. | Vulnerability | ★★★★ | |
|
2022-05-04 12:51:14 | The 2022+ Fit-for-Purpose OSINT Toolkit In The Age Of Digital Risk Growth (lien direct) | For about a decade now, I have both practiced and taught, what has, up to 2022, seemingly been considered a Grey Art – that of Open-Source Intelligence (OSINT), and its related methodologies in the UK, the UAE, Pakistan, India, and the Far East for Commercials, Industrials, Government, Police Authorities, and Military Agencies, and in that […] | ★★★★★ | ||
|
2022-05-02 22:14:13 | Grindr User Data For Sale, Expert Reaction (lien direct) | The WSJ is among outlets reporting that Grindr User Data Has Been for Sale for Years, noting: “The information was available for sale since at least 2017, and historical data may still be obtainable, the people said. Grindr two years ago cut off the flow of location data to any ad networks, ending the possibility […] |
To see everything:
Our RSS (filtrered)
