What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-15 11:20:04 | One Identity launches Cloud Infrastructure Entitlement Management (lien direct) | One Identity, the provider of unified identity security, has announced the availability of One Identity Cloud Infrastructure Entitlement Management (CIEM), enabling businesses to support governance and privileged access for cloud infrastructure objects. The company said this innovation along with other new releases such as its Application Governance module and a new connector to Microsoft Teams, […] | |||
|
2022-02-15 11:06:35 | (Déjà vu) Google update fixes zero-day vulnerability (lien direct) | Google has released Chrome 98.0.4758.102 for Windows, Mac, and Linux, as fix for a high-severity zero-day vulnerability used by cyber-attackers. “Google is aware of reports that an exploit for CVE-2022-0609 exists in the wild,” the company said in a security advisory released today. Chrome update will roll out over the coming weeks but it is possible […] | Vulnerability | ||
|
2022-02-15 10:55:59 | Morley companies suffers data breach (lien direct) | A data breach at a business services company based in Saginaw, Michigan may have exposed the personal information of 521,00 people. The attack was detected on August 1 last year when data in the company’s care became unavailable. The breach comes as a direct result of cyber-criminals targeting Morley Companies. Michigan attorney general Dana Nessel confirmed […] | Data Breach | ||
|
2022-02-15 10:22:42 | Ukraine says it has been targeted by Russian cyber-attacks (lien direct) | The Security Service of Ukraine (SSU) says that the attacks aim provoke anxiety and undermine Ukrainian society’s confidence in the state’s ability to defend its citizens. “Ukraine is facing attempts to systemically sow panic, spread fake information and distort the real state of affairs. All this combined is nothing more than another massive wave of […] | |||
|
2022-02-15 10:09:00 | Local authority earmarks $380k for cyber-attack recovery (lien direct) | Following a breach in December, Gloucester City Council has set aside $380k to recover from the incident. The local authority admitted at the time of the attack that it could take up to 6 months fix as servers would need rebuilding. Councillors have admitted, however, that the sum may not be enough to handle the […] | |||
|
2022-02-14 17:19:59 | Scammers increasingly targeting women on dating sites (lien direct) | TSB has released data ahead of Valentine’s day showing how dating sites are “riddled with scammers”. Unfortunately, it has shown that women were targeted in two-thirds of the cases it analysed and the average age of those scammed was 47 years old. The average amount of money swindled from women was £6,300 compared with men […] | ★★ | ||
|
2022-02-14 12:07:49 | (Déjà vu) Croatian phone carrier reports data breach (lien direct) | ‘A1 Hrvatska’, a Croatian phone carrier, has disclosed a data breach exposing the personal information of roughly 200,000 of its customers. The organisation has not provided many details outside the fact that they suffered a cybersecurity incident involving the unauthorised access of one of their user databases containing sensitive personal information. The information leaked includes […] | Data Breach | ||
|
2022-02-14 11:52:32 | Half of all emails in 2021 were spam (lien direct) | Email spam rates averaged 46% over the year globally, according to a new report by Kaspersky. In its new Spam and Phishing in 2021 report, the Russian AV company revealed that spam rates peaked at 48% in June. The majority came from machines in Russia (25%), followed by Germany (14%), the US (10%) and China (9%). […] | Spam | ||
|
2022-02-14 11:39:02 | Major car dealer suffers ransomware attack (lien direct) | Emil Frey, a Swiss car dealer have released a statement confirming that they were hit with a ransomware attack last month. The company, which is ranked as the number 1 car dealership in Europe, showed up on the list of victims for the Hive ransomware on February 1 later confirming that they were attacked in […] | Ransomware | ||
|
2022-02-14 11:28:15 | Sensitive business addresses published in COVID data breach (lien direct) | The addresses of defence sites, a missile maintenance unit and domestic violence shelters were among the 500,000 addresses leaked by mistake. This is the first major breach of the New South Wales government’s huge store of QR code data. Premier Dominic Perrottet said the information was uploaded in error and “shouldn't have happened”. The mistake […] | Data Breach | ||
|
2022-02-14 11:04:26 | San Francisco 49ers hit with ransomware attack (lien direct) | Mere hours before the Super Bowl kick off, the San Francisco 49ers confirmed they were the most recent victims of the BlackByte ransomware group. In a statement to ZDNet, the team said it “recently became aware of a network security incident” causing disruption to their corporate IT network. “Upon learning of the incident, we immediately initiated […] | Ransomware | ||
|
2022-02-11 17:08:40 | Microsoft fixes Defender flaw (lien direct) | Microsoft has addressed in the Microsoft Defender Antivirus that allowed attackers to plant and execute malicious payloads while avoiding Defender’s malware detection engine. The flaw affected even the latest Windows 10 versions and threat attackers have been able to exploit it since at least 2014. As BleepingComputer previously reported, the flaw resulted from lax security settings […] | Malware Threat | ||
|
2022-02-11 16:07:32 | DomainTools Announces Availability of Iris Detect (lien direct) | DomainTools has announced the availability of DomainTools Iris Detect, an innovative new product designed to discover and monitor domain names spoofing brands, trademarks, or other domains with unprecedented speed, accuracy, and comprehensiveness. Building on the world's largest databases of domain registration and Domain Name System (DNS) data developed by DomainTools and Farsight Security, the discovery engine underpinning Iris Detect […] | |||
|
2022-02-11 12:04:35 | Health data of thousands of Dorset patients leaked by mistake (lien direct) | A new study reports that Dorset Healthcare University NHS Foundation Trust (DHC) experienced the fourth highest number of data breaches in the UK. The trust argues this does not tell the whole story. Security website VPNoverview.com sent out Freedom of Information requests to 229 NHS foundations across the UK regarding data breaches. Of those, 152 […] | |||
|
2022-02-11 10:55:17 | DDoS attacks hit historic peak (lien direct) | Cybersecurity company Kaspersky found that distributed denial of service (DDoS) attacks recorded quarterly peaked towards the end of 2021. The company's DDoS attacks in Q4 2021 Report found the total number of DDoS attacks that occurred in Q4 2021 was 4.65 times higher compared with Q4 the previous year, then showing an increase of 52% […] | ★★★★ | ||
|
2022-02-11 10:38:32 | Nearly $1.3 billion ransom paid to hackers since 2020 (lien direct) | Cryptocurrency experts have warned that ransomware payments will likely surpass both the $602m already identified and the 2020 figure. The Ransomware Crypto Crime Report produced by blockchain investigations and analytics company Chainalysis presents significant insight into industry trends. The report shows that average payment size has soared in recent years. In 2019 it was only […] | Ransomware | ||
|
2022-02-10 16:47:27 | API Security in the spotlight as Salt Security becomes next Black Unicorn (lien direct) | In December 2021, Gartner® reviewed its earlier predictions about API attacks, commenting, “On Target: 2017 Prediction - By 2022, API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications…. As 2022 approaches, this prediction could arguably be counted as “missed” - but only because we underestimated the steep rise in […] | |||
|
2022-02-10 14:36:29 | Cybersecurity Association of Maryland to set up Centres of Excellence (lien direct) | The Cybersecurity of Maryland, Inc (CAMI) announced today plans to expand its membership program alongside setting up Centres of Excellence. CAMI aims to develop cybersecurity in the Old Line State through collaboration and advocacy. The organisation hopes to foster cooperation in cybersecurity through opportunities for companies across all industries. The organisation announced today that it […] | ★★★★★ | ||
|
2022-02-10 11:18:14 | MageCart attacks hit hundreds of outdated Magento sites (lien direct) | Analysts at Sansec found the source of over 500-ecommerce stores involving a single domain loading a credit card skimmer on all of them. The attack became evident in late January when a Sansec crawler discovered 374 infections in one day, all using the same malware. The domain that loaded the malware, naturalfreshmall[.]com, is currently offline […] | ★★★★ | ||
|
2022-02-10 11:00:59 | Rapper accused of laundering billions worth of bitcoin (lien direct) | A TikTok rapper and her husband have been charged with conspiring to launder $4.5bn worth of bitcoin. The bitcoin was stolen from a virtual currency exchange in 2016 in the biggest crypto-heist the world has ever seen. Heather Morgan, 31, and Ilya' Dutch' Lichtenstein, 34, both of New York, New York, were arrested in Manhattan on […] | |||
|
2022-02-09 11:51:25 | Safer Internet Day 2022 – How Can The Online World Be Safer Place? (lien direct) | The 8th of February marked the 19th Safer Internet Day which saw over 200 countries take a collaborative stance to make the Internet a safer and better place for all, particularly for younger people. Over the past 18 months, online activity sky-rocketed due to the disruptions caused by the pandemic. With many faced with lockdowns, […] | |||
|
2022-02-09 11:09:07 | Molerats hackers deploy new malware (lien direct) | The APT group tracked as TA402 but widely known as Molerats has been observed using a new implant dubbed ‘NimbleMamba’. This comes as part of a cyber-espionage campaign leveraging geofencing and URL redirects to legitimate websites. Proofprint discovered the campaign and their analysts observed three variations of the infection chain, all targeting governments in Middle […] | Malware | ||
|
2022-02-09 10:57:38 | Cryptocurrency organisations hit with fake job offers (lien direct) | North Korean threat actors, known as the Lazarus group have been posting fake job listings to target the cryptocurrency vertical in the US, UK, Germany, Singapore and more. Lazarus hackers, also known as HIDDEN COBRA by the United States Intelligence Community and Zinc by Microsoft, have targeted cryptocurrency organisations in the past. The North Koreans are […] | Threat Medical | APT 38 APT 28 | ★★ |
|
2022-02-09 10:42:23 | Ransomware gang affiliate sentenced to 7 years (lien direct) | Following a guilty plea on January 31, Netwalker ransomware gang affiliate Sebastien Vachon-Desjardin was sentenced to seven years in prison for his involvement with the group by an Ontario court. Vachon-Desjardins reportedly pleaded guilty to give charges regarding “theft of computer data, extortion, the payment of cryptocurrency ransoms, and participating in the activities of a […] | Ransomware Guideline | ★★★★ | |
|
2022-02-08 11:16:13 | Russia arrests hacking group (lien direct) | According to Russian media, 6 men have been arrested at the request of the Ministry of Internal Affairs of the Russian Federation. The men are suspected of stealing and selling credit cards online. “The Tverskoy Court of Moscow received petitions from the investigation to select a measure of restraint in the form of detention against […] | ★★ | ||
|
2022-02-08 11:06:15 | QBot steals data in 30 minutes (lien direct) | Qbot, also known as Qakbot or QuakBot, has recently returned to lightning speed attacks, with analysts reporting that it only takes 30 minutes from infection to steal emails and credentials. A new report by DFIR suggests that Qbot was carrying out data-snatching operations in October 2021. It is now believed that the threat actors behind […] | Threat | ||
|
2022-02-08 10:52:20 | (Déjà vu) Washington suspects POLARIS breach (lien direct) | The Washington State Department of Licensing (DOL) has closed down their Professional Online Licensing and Regulatory Information System (POLARIS) as a precaution against suspicious activity. The system stores information regarding license holders and applicant. The information varies but may include Social Security numbers, dates of birth, drivers licence numbers and a range of other personally […] | |||
|
2022-02-08 10:38:41 | (Déjà vu) DPD Parcel tracking flaw may have exposed customer data (lien direct) | DPD Groups‘ package tracking system has potentially been exploited to access the personally identifiable details of its clients. DPD Group, a parcel delivery service with a global presence that ships around two billion parcels annually worldwide requires customers to track their parcels by entering a parcel code and a post code. Pen Test Partners researchers […] | |||
|
2022-02-07 12:25:02 | Cybersecurity compliance still not a priority for many (lien direct) | The most consistent data point in the IBM i Marketplace Survey Results over recent years has been the ever-present cybersecurity threat. This year is no exception. The study shows that 62% of organisations consider cybersecurity a number one concern as they plan their IT infrastructure. 22% cite regulations and compliance in their top five. While companies that […] | |||
|
2022-02-07 11:33:17 | BlackCat gang (ALPHV) linked with BlackMatter/Darkside ransomware operations (lien direct) | The BlackCat ransomware operation, also known as ALPHV has confirmed their former involvement in the notorious BlackMatter/Darkside ransomware operations. BlackCat/ALPHV, launched in November 2021, is a new feature-rich ransomware operation developed, somewhat unusually, in the Rust programming language. The ransomware executable is highly customizable, with different encryption methods and options allowing for attacks on a […] | Ransomware | ||
|
2022-02-07 11:11:16 | Sensitive information of over 500k people leaked (lien direct) | Morley Companies has announced that it was hit with a ransomware attack last year that resulted in the sensitive information of more than 500,000 people being leaked. The organisation provides business services to dozens of Fortune 500 companies. In a press release, the company said the ransomware attack began on August 1 and made their data […] | Ransomware | ||
|
2022-02-07 10:39:58 | $4.4 million stolen in attack on blockchain infrastructure (lien direct) | Hackers stole $4.4 million from the blockchain infrastructure company Meter in a cyberattack on Saturday. The company manages infrastructure allowing smart contracts to scale and travel through heterogonous blockchain networks. Both Meter and Moonriver networks were affected. The company said it manages an infrastructure that allows smart contracts to scale and travel through heterogeneous blockchain […] | |||
|
2022-02-04 16:36:50 | Ransomware gangs and supply chain vulnerabilities: Nozomi Networks Labs reports on the current threat landscape (lien direct) | While vulnerability disclosures increased 21% in the second half of 2021 and increasingly sophisticated criminal attacks made regular news, organizations are fighting back with targeted remediation efforts A new OT/IoT security trends report from Nozomi Networks Labs finds cyber threats have becoming a never-ending reality for critical business operations. In a review of the threat […] | Vulnerability Threat | ★★★★ | |
|
2022-02-04 16:33:23 | Russia-Ukraine escalation of tensions: FBI calls for reports of uptick in cyber activit (lien direct) | The FBI is asking US businesses to report any uptick in Russian hacking threats — the latest effort to prepare for potential Russian cyberattacks on US organizations amid Russia’s troop buildup on Ukraine’s border, CNN reported this week. “Have you identified any efforts by known or suspected Russian [hacking groups] to test exploitation capabilities, develop new malware […] | Malware | ★★★★★ | |
|
2022-02-04 15:29:27 | Edgescan partners with Manicode to revolutionise secure coding courses (lien direct) | Edgescan, the provider of the most comprehensive fullstack vulnerability management solution, today announces a partnership with Manicode Security, the secure coding education company. With a combination of lecture, security testing demonstration, and code review, Manicode classes are sure to entertain and educate app, web services, and mobile software developers and architects to the practices of […] | Vulnerability | ||
|
2022-02-04 11:11:20 | Zimbra zero-day vulnerability exploited to steal emails (lien direct) | Attacks linked to a Chinese threat actor have exploited a Zimbra’s zero-day vulnerability and are stealing emails linked to European government and media. Researchers say that at the time of writing the exploit has no available patch. Zimbra says that more than 200,000 businesses from over 140 countries are using its software, including over 1,000 […] | Vulnerability Threat | ||
|
2022-02-04 11:02:08 | Pharma employee credentials exposed (lien direct) | Employees and executives from the top 20 pharma companies on the Fortune 500 list have had their credentials exposed, new research suggests. Constella Intelligence identified 9,030 breaches/leakages and 4,549,871 exposed records-including attributes like email addresses, passwords, phone numbers, addresses, and even credit card and banking information-related to employee corporate credentials from the companies analysed. The circulation […] | |||
|
2022-02-04 10:51:03 | US Federal government creates cybersecurity incident review board (lien direct) | The Department of Homeland Security has announced a new Cyber Safety Review Board bringing together cybersecurity experts from public and private organizations to “review and assess significant cybersecurity events.” The board was part of the executive order that President Joe Biden signed last year. Experts have long called for a federal organisation for cybersecurity incidents […] | |||
|
2022-02-03 11:20:40 | KP snacks hit with ransomware attack (lien direct) | KP Snacks, purveyor of iconic British snacks such as Skips and Butterkist, has been hit with a ransomware attack threatening to impact deliveries at least until the end of March. The company announced that Conti, an incredibly effective Russian-speaking group, is behind the attack. As is typical for the gang, they stole data in a […] | Ransomware | ||
|
2022-02-03 11:19:52 | 9 out of 10 Security Leaders Warn of Skills Shortage (lien direct) | Despite business backing and a recruitment push, new research suggests most tech security decision-makers are struggling to address the skilled professional shortage. Stott and May, a global cybersecurity recruitment firm has joined forces with venture investor Forgepoint Capital to compose the Cyber Security in Focus. Responses from cybersecurity directors, security operations directors and VPs of product […] | |||
|
2022-02-03 10:27:30 | (Déjà vu) Hackers steal $326 million from blockchain platform Wormhole (lien direct) | Hackers have exploited a vulnerability in the Wormhole cross-chain crypto platform to the tune of $326 million in cryptocurrency. Wormhole is a platform enabling users to transfer cryptocurrency across different blockchains. It locks the original token in a smart contract and mints a wrapped version of the stored token that is trans. Avalanche, Oasis, Binance […] | Vulnerability | ||
|
2022-02-03 10:00:04 | Obrela acquires Encode to become one of Europe\'s largest MDR players (lien direct) | Obrela Security Industries, a leading provider of security analytics and cyber risk management services, has announced the acquisition of Encode, a Security Analytics and Response Orchestration provider. The move establishes Obrela as one of the largest cybersecurity and Managed Detection and Response (MDR) players in the EMEA. George Patsis, CEO of Obrela said, “Our acquisition […] | Guideline | ||
|
2022-02-02 17:00:04 | AI-powered tools to fend off ransomware attacks (lien direct) | Zero trust-type security has become the standard for any self-respecting security software provider and is a step in the right direction in the never-ending battle against the bad hacker actors of the worlds. Unfortunately, it doesn't seem the be the final answer to storing corporate data securely for an enterprise and its users. Zero trust […] | Ransomware | ||
|
2022-02-02 16:38:03 | Salt Security brings API security to the channel (lien direct) | Salt Security, the API security company, has announced the global expansion of its Salt Security Essential Partner Program, with the company noting that it will be instrumental in ensuring customers around the world can protect the APIs fueling their digital transformations, application modernisations, cloud migrations, and other digital initiatives. The company state that it has […] | |||
|
2022-02-02 15:00:48 | Cloudflare launches paid public bug bounty program (lien direct) | The American web infrastructure and website security company Cloudflare has announced the launch of a new public bug bounty program. Rushil Shah, a Product Security Engineer at Cloudflare said, “today we are launching Cloudflare’s paid public bug bounty program,” “We believe bug bounties are a vital part of every security team’s toolbox and have been […] | ★★ | ||
|
2022-02-02 13:15:45 | Cato Networks delivers first CASB for instant visibility and control of cloud application data risk (lien direct) | Cato Networks yesterday announced the release of Cato CASB, the first Cloud Access Security Broker (CASB) to help companies with visibility and managing cloud application data risk. This new offering “addresses a critical visibility and control gap created by cloud migration but must be converged into a broad SASE platform to be truly effective across […] | |||
|
2022-02-02 11:25:39 | FBI warns of scam job listings (lien direct) | Scammers are conducting phishing campaigns using fake advertisements on recruitment platforms. The FBI issued the warning today through a public service announcement (PSA) on their Internet Crime Complaint Centre (IC3). “The FBI warns that malicious actors or ‘scammers’ continue to exploit security weaknesses on job recruitment websites to post fraudulent job postings in order to […] | ★★★★★ | ||
|
2022-02-02 09:54:44 | Business leaders are confident in their defences, despite over half falling victim to ransomware (lien direct) | New research from Adarma, the UK's largest independent cyber threat management company, has discovered a major disconnect in the way organisations think and act in the face of ransomware. Adarma’s nationwide ransomware study surveyed 500 C-level executives at UK businesses with over 2,000 employees and found that 58% of respondents have experienced a ransomware attack, with […] | Ransomware Threat | ||
|
2022-02-01 17:04:36 | Hackers are now using ransomware in attempt to remain undetected (lien direct) | Iranian hackers are now using new malware to conduct cyber espionage campaigns and steal data. In some cases they drop ransomware in an attempt to avoid detection. Researchers at Cybereason attribute the two separate campaigns to an Iranian hacking group known as Phosphorous. Moses Staff, another state-backed group, is also believed to be involved. It […] | Ransomware Malware | ★★★★★ | |
|
2022-02-01 16:20:53 | Andreas Deliandreadis announced as Kiteworks VP of Sales, EMEA (lien direct) | Kiteworks has announced the appointment of Andreas Deliandreadis as its new Vice President of Sales, EMEA. With more than 20 years in technology and cybersecurity sales and business development in EMEA markets, Deliandreadis is responsible for driving international revenue growth across Europe, the Middle East, and Africa (EMEA). “It is a great honour and privilege […] | ★★★★★ |
To see everything:
Our RSS (filtrered)
