What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-21 12:14:45 | New phishing campaign claims $80m per month (lien direct) | A new phishing campaign has been discovered by researchers which is estimated to have cost victims approximately $80 million per month globally. Researchers have reported that the campaign offers fake giveaways and surveys from popular brands in order to steal data from victims in over 90 countries worldwide, including US, Canada and Italy. The researchers […] | |||
|
2021-12-21 11:31:35 | Hellmann warns customers to be aware of scammers (lien direct) | Hellman fell victim to a cyberattack, which was confirmed on December 9th and initially impacted all connections to their central data centre. While business operations have since started back up, there has been an increase in customers reporting fraudulent calls and mails attempting to scam them out of money. The company is still investigating what […] | |||
|
2021-12-21 11:13:37 | Warning over patching Active Directory takeover flaws (lien direct) | Customers of Microsoft are being cautioned to patch a couple of Active Directory domain service privilege escalation flaws that together could allow bad actors takeover of Windows domains. The two security updates go by CVE-2021-42287 and CVE-2021-42278 and were originally reported by Andrew Bartlett of Catalyst IT. The urgency to patch these security vulnerabilities escalated as a new […] | Patching | ||
|
2021-12-20 12:04:15 | Fraudsters thriving off new Spiderman film hype (lien direct) | Spiderman fans have been warned to watch out for the latest scam, in which fraudsters are using the hype around the newest film to spread malicious files and phishing pages. Kaspersky researchers have discovered that scammers are taking advantage of the latest installment of the super-hero franchise, by tricking fans into entering their payment details […] | ★★★ | ||
|
2021-12-20 11:59:42 | 1.8 million card details stolen from sporting goods sites (lien direct) | Around 1.8 million customers credit card details were stolen following a cyberattack on four affiliated online sporting goods websites. The incident took place on October 1st, 2021, affecting Tackle Warehouse LLC, Running Warehouse LLC, Tennis Warehouse LLC and Skate Warehouse LLC. The website owners only became aware of the incident on October 15th, 2021. An […] | ★★★★ | ||
|
2021-12-17 17:13:22 | Nozomi Networks and BT Team to Deliver Advanced OT and IoT Cybersecurity to Enterprises Worldwide (lien direct) | Nozomi Networks Inc., the leader in OT and IoT security, and BT, a leading provider of global communications and security services, this week announced they have partnered to broaden BT's portfolio of security solutions available for industrial and critical infrastructure organizations around the world. A member of Nozomi Networks' MSSP Elite Partner Program, BT will […] | Guideline | ||
|
2021-12-17 14:00:51 | How COVID-19 made the Zero Trust model the right approach to modernise networks (lien direct) | The COVID-19 pandemic is likely to go down in history as one of the defining moments of our lifetime. From a business perspective, it transformed business models, changed customer expectations, and disrupted the networks that run businesses. These changes are long lasting and accelerated the digital transformation journey, a journey that is now driven by […] | |||
|
2021-12-16 21:47:37 | (Déjà vu) Anubis Android Malware Found Targeting Nearly 400 Financial Apps (lien direct) | Security researchers at Lookout have discovered the Anubis Android Banking malware is again wreaking havoc after being found targeting the customers of nearly 400 financial institutions, cryptocurrency wallets and virtual payment platforms. This new malware campaign is also masquerading as the official account management application from leading French telecommunications company, Orange S.A. The infamous Anubis […] | Malware Guideline | ||
|
2021-12-16 13:07:52 | Security awareness gaps identified in the UK according to new Armis study (lien direct) | Armis, the unified asset visibility and security platform provider, has released findings from a nationwide study of 2,000 UK employees that analysed their thoughts on the country's cyber resilience and their own attitudes to security. The results demonstrate the lack of awareness towards cybersecurity in the UK. Despite 60% admitting to having been impacted by a […] | ★★★★ | ||
|
2021-12-16 10:24:11 | Digital Security by Design reinforced through new Government National Cyber Strategy (lien direct) | The UK Government announced their new National Cyber Strategy. The strategy officially launched yesterday morning (Wednesday 15th December) at the International Convention Centre in Birmingham. Stephen Barclay MP, Chancellor of the Duchy of Lancaster, set out the Strategy's vision for the UK to be a leading responsible and democratic cyber power, able to protect and promote […] | Guideline | ★★★★ | |
|
2021-12-10 15:12:46 | Securing Diversity for Success (lien direct) | With work still to be done to boost diversity and inclusion in cyber security, KPMG UK's Katie Diacon unpacks where some of the challenges exist, and what could make a difference. Cyber security is one of the most innovative and dynamic sectors to work in, and it is increasingly vital to the operational resilience of […] | |||
|
2021-12-10 13:05:03 | 10 countries take part in financial cyberattack war game (lien direct) | Reuters has reported exclusively on a simulated war game in which 10 countries, including Israel, the US, UK, Germany, Italy and Switzerland, cooperated to fight a mock cyberattack on the global financial system. The event evolved over 10 days as sensitive data emerged on the Dark Web and the war game used fake news reports […] | |||
|
2021-12-10 11:40:12 | Nobelium hackers targeting governments and businesses (lien direct) | The hackers responsible for the SolarWinds supply chain attacks have again been linked to multiple attacks targeting businesses and governments globally. The hacking group is continuing to refine and retool its methods at an incredible speed while targeting cloud solution providers, services and reseller companies. The intrusions are being actively tracked under two different activity […] | ★★ | ||
|
2021-12-10 11:22:39 | Weak passwords caused 30% of security breaches (lien direct) | A recent survey, conducted by GoodFirms, assesses the risk factors associated with password management and how to safeguard them from attacks or breaches. The results revealed that 30% of respondents reported password leaks and security breaches as a result of poor password practices. Surveyees admitted to making poor password choices, such as sharing them with […] | |||
|
2021-12-09 10:47:55 | Call centre network security at risk: GOautodial vulnerability could lead to information disclosure and RCE (lien direct) | GOautodial, an open source call center software suite with 50,000 users around the world, has patched two vulnerabilities that could lead to information disclosure and remote code execution (RCE). Unearthed by Scott Tolley of the Synopsys Cybersecurity Research Center (CyRC), the first bug – tracked as CVE-2021-43175 – has been rated medium severity. An API router accepts a username, password, and action […] | Vulnerability Guideline | ★★ | |
|
2021-12-09 10:42:15 | NIST analysis shows record number of reported vulnerabilities in 2021 (lien direct) | The National Institute of Standards and Technology (NIST) released analysis showing the number of vulnerabilities reported in 2021 was 18,378 this year. The figure set a record for the fifth year in a row, though the amount of high severity vulnerabilities fell when compared with 2020 There were 3,646 reported high risk vulnerabilities in 2021, as […] | ★★★★★ | ||
|
2021-12-09 10:40:28 | Passport forgeries at all time high (lien direct) | A new Identity Fraud Report, conducted by Onfido, has revealed that passports are the most frequently attacked form of identity document. In fact, over the course of the past year, fraudsters increasingly forged passports as opposed to national identity cards. Onfido’s researchers believe this to be a sign of fraudsters changing their methods: “they [are […] | |||
|
2021-12-09 10:28:42 | Cybercriminals take advantage of unpatched Hikvision systems (lien direct) | Moobot botnet is leveraging a known remote code execution (RCE) vulnerability in Hikvision products (CVE-2021-36260) to spread a Moobot, which carries out distributed denial of service (DDoS) attacks. The attack surface could be significant: China-based Hikvision touted itself as the “world's leading video-surveillance products supplier” on the company site. Although a patch was released in September, […] | Vulnerability Guideline | ||
|
2021-12-08 11:40:00 | Omicron variant being used to phish students (lien direct) | A new phishing attack, discovered by Proofpoint, is using the Omicron variant of COVID-19 to steal students’ credentials and gain access to accounts. The threat-actors targeting US universities are leveraging the concern around the new virus strain to trick students into opening attachments that lead students to spoofed university login portals. This isn’t an entirely […] | Guideline | ||
|
2021-12-08 11:03:58 | (Déjà vu) Ransomware attack locks hotel guests out of rooms (lien direct) | Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. However it has since been revealed that it was the target of Conti ransomware, leading to hotel guests being locked out of their rooms. As IoT becomes more connected the threat of home and corporate […] | Threat Guideline | ||
|
2021-12-07 16:15:54 | Zero Trust core to contemporary cybersecurity strategy, One Identity research finds (lien direct) | One Identity, the unified identity security company, has released global survey findings that unpack the current state of Zero Trust awareness and adoption across the enterprise. After a year plagued by one disastrous cybersecurity incident after another, new findings from One Identity reveal that only 1 in 5 security stakeholders are confident in their organisation’s […] | ★★★ | ||
|
2021-12-07 11:52:04 | Dozens of malicious APT15 sites seized by Microsoft (lien direct) | Microsoft has seized a number of malicious sites which were targeting organisations based in 29 countries worldwide. The sites were used by the Nickle hacking group. Nickle is a China-based group also tracked as Playful Dragon, Royal APT, APT15, KE3CHANG and Vixen Panda. The group compromised serves belonging to diplomatic entities, government organisations and NGOs […] | APT 15 APT 15 APT 25 | ★★★ | |
|
2021-12-07 11:44:50 | Fraudsters abuse Twitter APIs to monitor public tweets and pish cryptocurrency scams (lien direct) | Fraudsters use bots to monitor Tweets requesting support to MetaMask, TrustWallet, and other crypto wallets to respond with scams within seconds, BleepingComputer reports. To launch these targeted attacks, scammers monitor all public Tweets fro specific keywords and phrases, such as “support”, “assistance” and “help”, paired with “MetaMask”, “Phantom”, “Yoro” and “TrustWallet”. Twitter bots are used […] | ★★ | ||
|
2021-12-07 10:48:37 | Conti ransomware hits Nordic Choice Hotels (lien direct) | Earlier this week, Nordic Choice Hotels announced an attack on its IT systems, which they believed to be a “computer virus”. It has now been confirmed that they were, in fact, hit by Conti ransomware, which has affected the hotel’s guest reservation and room key card systems. Fortunately, there is no indications that passwords or […] | Ransomware | ||
|
2021-12-07 10:24:21 | (Déjà vu) Kafka Cloud Clusters Expose Sensitive Data (lien direct) | Some of the world's largest companies have exposed large amounts of sensitive information from the cloud, researchers said – thanks to misconfigured Kafdrop services. Kafdrop is the management interface for Apache Kafka, an open-source, cloud-native platform for managing data streams. Kafka has several common use cases; for instance, in the finance sector it's often used […] | |||
|
2021-12-06 13:28:47 | Omicron phishing emails found targeting the UK (lien direct) | A phishing email suggesting that people can order a PCR test specific to the new Omicron COVID-19 variant has been found doing the rounds in the UK. It purports to be from the NHS and directs unsuspecting victims to a website that asks for their full name, DOB, home address, mobile number and email. It […] | |||
|
2021-12-06 11:44:50 | FBI warns that Cuba ransomware group has compromised 49 entities in five critical infrastructure sectors (lien direct) | The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors, an alert posted last Thursday by the agency stated. “Cuba ransomware is distributed through Hancitor malware, a […] | Ransomware | ||
|
2021-12-06 11:22:48 | BitMart hacked in “large-scale security breach” (lien direct) | BitMart, a trusted cryptocurrency trading platform has been the latest to suffer a breach, resulting in the loss of approximately $150 million. The hack was confirmed on Saturday, when BitMart confirmed in a statement that hackers had withdrawn a large amount in assets. The company added that withdrawals had been temporarily suspended and that a […] | Hack | ||
|
2021-12-06 11:14:30 | 14 New Cross-Site Leaks Attacks Discovered (lien direct) | Researchers from Niederrhein University and Ruhr-Universität Bochum (RUB) have discovered 14 new cross-site data leaks (XS-Leaks) attacks targetting a wide range of modern web browsers. The browsers affected include Microsoft Edge, Google Chrome, Opera, Apple Safari, Tor Browser, and Mozilla Firefox among many others. The researchers discovered the leaks by testing how well 56 browsers […] | |||
|
2021-12-06 11:13:48 | United States military hacking unit acknowldges offensive action to disrupt malware (lien direct) | US military’s hacking unit, Cyber Command, has taken offensive action to disrupt cybercriminal groups that have launched ransomware attacks on US companies, a spokesperson for the command confirmed to CNN Sunday. CNN reports: https://edition.cnn.com/2021/12/05/politics/us-cyber-command-disrupt-ransomware-operations/index.html | Ransomware Malware | ||
|
2021-12-03 14:42:23 | Home routers riddled with vulnerabilities (lien direct) | Security researchers tested nine popular WiFi routers and found they are riddled with vulnerabilities – even when running the latest firmware. In the nine models tested, a total of 226 vulnerabilities were found, the TP-Link Archer AX6000 and the Synology RT-2600ac resulting the most insecure, with 32 and 30 flaws, respectively. Conducted by IoT Inspector […] | |||
|
2021-12-03 12:46:27 | Expert comment: CS Energy ransomware attack (lien direct) | On Tuesday, energy generator CS Energy, which is owned by the Queensland government, fell victim to a ransomware attack that impacted operations. The incident occurred over the weekend, in yet the latest cyber threat to target critical infrastructure. As per the organisation’s announcement, the incident occurred on CS Energy's corporate network and has not impacted […] | Ransomware Threat | ||
|
2021-12-02 16:28:43 | Edgescan appoints Alon Verdnikov as CRO in a push to expand its presence in North America (lien direct) | Edgescan, the provider of the most comprehensive fullstack vulnerability management solution, today announces the appointment of Alon Verdnikov as Global CRO. Alon has a proven track record of managing global sales, marketing, customer success and global alliances and was previously VP of WW Sales and Alliances at Centrical whereby they achieved 800% ARR growth during […] | Vulnerability | ★★★★★ | |
|
2021-12-01 17:25:44 | Most Inspiring Women in Cyber Awards 2021 (lien direct) | Last night, with the help of our sponsors KPMG and Beazley, we celebrated this year's Most Inspiring Women in Cyber Awards. Hosted in Canary Wharf, the awards were kick-started by Jenny Radcliffe, who delivered an amazing speech about what it is to be a woman in this industry, using FAQs to frame her talk. Before recognising this year's 21 […] | |||
|
2021-12-01 11:48:52 | Pytilia partners with CSIT to deliver UKRI funded Digital Security by Design Project (lien direct) | Belfast based software consultancy firm Pytilia were selected as part of UK Research and Innovation's (UKRI) 'Digital Security by Design' (DSbD) competition to deliver technologies that will improve software defences against cyber vulnerabilities. UKRI's Digital Security by Design Challenge invests in projects that can help the UK's digital computing infrastructure become more secure by design. […] | |||
|
2021-12-01 11:27:36 | 8 Security Strategies Every Ecommerce Website Must Implement (lien direct) | For those businesses who think cybersecurity is just a word, let us tell you it is an unavoidable reality of 2021. Last year, more than a million WordPress websites got hacked. That includes more small businesses than large firms. So, if you were thinking of moving ahead before considering security threats in eCommerce, it is high time […] | |||
|
2021-12-01 10:56:39 | IoT Security firm Armis now valued at $3.4B (lien direct) | IoT security firm, Armis, recently announced that it has closed its latest investment round and increased its valuation to $3.4 billion. One Equity Partners (“OEP”), in conjunction with existing investors, made a combined $300 million investment to accelerate strategic platform development and global GTM initiatives, and to support future acquisitions. OEP will also be joining […] | ★★★★ | ||
|
2021-11-30 15:00:18 | (Déjà vu) Most Inspiring Women in Cyber 2021: Areej Eliyan, IT Administrator at MOEHE Qatar (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-29 15:00:34 | (Déjà vu) Most Inspiring Women in Cyber 2021: Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-26 14:35:44 | FBI warns consumers about Black Friday and holiday shopping scams (lien direct) | According to the Federal Bureau of Investigation (FBI), online shoppers risk losing more than $53 million during this year’s holiday season. Scams ranging from socially engineered emails promising great deals to hard-to-find gifts popping up for sale but never making it to the buyer’s address, the festive season is cybercriminals’ and fraudsters’ favourite time of […] | |||
|
2021-11-25 15:00:19 | (Déjà vu) Most Inspiring Women in Cyber 2021: Dr. Jacqui Taylor, CEO of FlyingBinary (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-24 15:00:31 | (Déjà vu) Most Inspiring Women in Cyber 2021: Regina Bluman, Security Analyst at Algolia (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-23 15:00:59 | (Déjà vu) Most Inspiring Women in Cyber 2021: Aileen Ryan, Senior Director Portfolio Strategy at Siemens EDA (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-22 15:00:37 | (Déjà vu) Most Inspiring Women in Cyber 2021: Gail Kent, Director of Messenger Policy at Facebook (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-19 15:00:20 | (Déjà vu) Most Inspiring Women in Cyber 2021: Rea James, Global Cyber Strategic Threat Intelligence Lead at Vodafone (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | Threat | ||
|
2021-11-18 15:00:54 | (Déjà vu) Most Inspiring Women in Cyber 2021: Gamze Konyar, Head of Cyber at Marsh CEE & Eastern Mediterranean Regions (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-18 14:09:34 | Armis study highlights device management complexities for NHS Trusts (lien direct) | Armis, the unified asset visibility and security platform provider, has released figures from a Freedom of Information (FOI) request to over 80 NHS Trusts that highlighted how compliance and device management complexities could be creating critical cybersecurity gaps. The study confirmed that while 85% had identified all devices, including medical devices, on the Trust's network, […] | |||
|
2021-11-17 15:00:26 | (Déjà vu) Most Inspiring Women in Cyber 2021: Jennifer Valentine, Security Specialist Lead at Jamf (lien direct) | The IT Security Guru's Most Inspiring Women in Cyber Awards aims to shed a light on the remarkable women in our industry. The following is a feature on just one of the many phenomenal women put forward for the 2021 awards. Presented in a Q&A format, the nominee's answers are written in their own words […] | |||
|
2021-11-17 13:35:06 | Bugcrowd correlates $27bn risk reduction with ethical hacking to find vulnerabilities (lien direct) | Bugcrowd, the crowdsourced cybersecurity platform, has published its Inside the Mind of a Hacker '21 report, which it says provides CIOs and CISOs valuable insight on ethical hackers and the economics of security research. Some new findings indicate a shift in the threat landscape with 8 out of 10 ethical hackers recently having identified a […] | Threat | ||
|
2021-11-16 16:02:03 | Managing chaos: How 9/11 and the pandemic changed the way organisations understand critical events (lien direct) | Most careers might take an unexpected turn from time to time but very few people see the path of their entire professional existence re-wired, without warning, in a single morning. One who did is Tracy Reinhold, now the chief security officer at critical event management company Everbridge, which has been described as the most successful security company nobody has heard of. The morning was September 11, 2001, probably the first time in world history when a billion human beings alive at the time will be able to say without […] |
To see everything:
Our RSS (filtrered)
