What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
SecurityWeek.webp 2022-09-26 15:23:00 Hackers Leak French Hospital Patient Data in Ransom Fight (lien direct) Hackers who crippled a French hospital and stole a trove of data last month have released personal records of patients online, officials have confirmed. The cyberattackers demanded a multimillion dollar ransom from the Corbeil-Essonnes hospital near Paris a month ago, but the institution refused to pay.
SecurityWeek.webp 2022-09-26 13:46:57 Australia Mulls Tougher Cybersecurity Laws After Data Breach (lien direct) The Australian government said on Monday it is considering tougher cybersecurity rules for telecommunications companies and blamed Optus, the nation's second-largest wireless carrier, for an unprecedented breach of personal data from 9.8 million customers. Data Breach
SecurityWeek.webp 2022-09-26 13:44:27 Breached American Airlines Email Accounts Abused for Phishing (lien direct) American Airlines discovered it was breached after receiving reports of employee email accounts being used in phishing attacks. Last week, the airline started informing some of its customers that their personal data was likely compromised in a data breach identified in early July. Data Breach
SecurityWeek.webp 2022-09-26 11:33:08 Ukraine Cracks Down on Group Selling Hacked Accounts to Pro-Russia Propagandists (lien direct) Ukrainian authorities take down cybercrime group that hacked 30 million accounts Ukrainian authorities say they have taken down a pro-Russia hacking group that compromised user accounts and then sold them for profit on dark web portals.
SecurityWeek.webp 2022-09-26 10:50:50 Hacktivist Attacks Show Ease of Hacking Industrial Control Systems (lien direct) Hacktivists might not know a lot about industrial control systems (ICS), but they're well aware of the potential implications of these devices getting compromised. That is why some groups have been targeting these systems - which are often unprotected and easy to hack - to draw attention to their cause. Hack
SecurityWeek.webp 2022-09-23 13:45:42 "Left and Right of Boom" - Having a Winning Strategy (lien direct) As security practitioners are painfully aware, it is not a matter of if but when their organization will come under cyberattack. Given this year's geopolitical events, the likelihood of falling victim to an attack has exponentially increased. And while the cybersecurity landscape will continue to evolve; many organizations seem to be holding on to the belief that deploying more preventive security tools will result in greater protection against these threats. 
SecurityWeek.webp 2022-09-22 14:53:33 Twitter Logs Out Some Users Due to Security Issue Related to Password Resets (lien direct) Twitter said on Wednesday that some users have been logged out of their active sessions in response to a bug that posed a security risk. The issue was related to password resets - when users reset their password, their active sessions on Android and iOS devices were not closed. Impacted users have been directly notified.
SecurityWeek.webp 2022-09-22 13:45:21 Australian Telecoms Firm Optus Discloses Breach Impacting Customer Data (lien direct) Australian telecoms company Optus has disclosed a data breach impacting the personal information of both former and current customers. Founded in 1981, Optus is the second largest wireless services provider in Australia, with nearly 9.7 million subscribers. It's currently owned by Singapore Telecommunications. Data Breach
SecurityWeek.webp 2022-09-22 00:25:11 European Spyware Investigators Criticize Israel and Poland (lien direct) European Parliament members investigating the use of surveillance spyware by European Union governments sharply criticized Israel on Wednesday for a lack of transparency in allowing the sale of powerful Israeli spyware to European governments that have used it against critics.
SecurityWeek.webp 2022-09-21 10:35:00 iBoot Power Distribution Unit Flaws Allow Hackers to Remotely Shut Down Devices (lien direct) Critical vulnerabilities discovered by researchers in Dataprobe's iBoot power distribution unit (PDU) can allow malicious actors to remotely hack the product and shut down connected devices, potentially causing disruption within the targeted organization. Hack
SecurityWeek.webp 2022-09-21 10:14:28 VMware Warns of \'ChromeLoader\' Delivering Ransomware, Destructive Malware (lien direct) VMware's Carbon Black team warns that the ChromeLoader malware is now delivering malware such as ZipBomb and the Enigma ransomware to business services and government organizations. Ransomware Malware
SecurityWeek.webp 2022-09-20 15:05:06 CrowdStrike to Buy Reposify, Invests in Salt Security (lien direct) Endpoint detection and response pioneer CrowdStrike is elbowing its way into new security markets with a planned acquisition of attack surface management startup Reposify and a strategic investment in API security vendor Salt Security.
SecurityWeek.webp 2022-09-20 14:28:22 (Déjà vu) Over 50,000 Revolut Customers Affected by Data Breach (lien direct) Financial technology company Revolut has started informing some customers that it has been targeted in a cyberattack that resulted in their information getting compromised. Data Breach
SecurityWeek.webp 2022-09-20 13:48:57 Quantifying ROI in Cybersecurity Spend (lien direct) In cybersecurity, there are too many variables on both the attack and defense sides to easily calculate ROI for specific spends
SecurityWeek.webp 2022-09-20 12:43:44 New York Emergency Services Provider Says Patient Data Stolen in Ransomware Attack (lien direct) The personal information of roughly 320,000 individuals was compromised following a ransomware attack at New York-based ambulance services provider Empress EMS (Emergency Medical Services). Ransomware
SecurityWeek.webp 2022-09-20 12:34:22 American Airlines Says Personal Data Exposed After Email Phishing Attack (lien direct) American Airlines is informing some customers that their personal information may have been compromised after threat actors gained access to employee email accounts. Threat
SecurityWeek.webp 2022-09-20 10:29:21 EU Court Rules Against German Data Collection Law (lien direct) A German law requiring telecoms companies to retain customer data is a breach of EU legislation, a European court ruled Tuesday, prompting the justice minister to vow an overhaul of the rules. 
SecurityWeek.webp 2022-09-19 19:02:09 Uber Confirms Hacker Accessed Internal Tools, Bug Bounty Dashboard (lien direct) Ride-hailing giant Uber is moving quickly to downplay the impact from a devastating security breach that included the theft of employee credentials, access to the HackerOne bug bounty dashboard and data from an internal invoicing tool. Uber Uber
SecurityWeek.webp 2022-09-19 14:03:12 Rockstar Games Confirms Breach Leading to GTA 6 Leak (lien direct) Video game publisher Rockstar Games has confirmed suffering a network breach that resulted in videos from the upcoming Grand Theft Auto (GTA) 6 game getting leaked.
SecurityWeek.webp 2022-09-19 13:24:40 Eyeglass Reflections Can Leak Information During Video Calls (lien direct) A group of academic researchers have devised a method of reconstructing text exposed via participants' eyeglasses and other reflective objects during video conferences.
SecurityWeek.webp 2022-09-19 10:47:33 LastPass Found No Code Injection Attempts Following August Data Breach (lien direct) Password management software provider LastPass says its investigation into the August 2022 data breach has not revealed any attempts to inject malicious code into LastPass software. Data Breach LastPass
SecurityWeek.webp 2022-09-19 10:24:11 GTA 6 Videos and Source Code Stolen in Rockstar Games Hack (lien direct) The Rockstar Games hacker also claims to be behind the recent Uber breach Hack Uber Uber
SecurityWeek.webp 2022-09-17 16:14:00 Serious Breach at Uber Spotlights Hacker Social Deception (lien direct) The ride-hailing service Uber said Friday that all its services were operational following what security professionals are calling a major data breach, claiming there was no evidence the hacker got access to sensitive user data. Uber Uber
SecurityWeek.webp 2022-09-16 11:07:32 Akamai Sees Europe\'s Biggest DDoS Attack to Date (lien direct) Akamai recently mitigated a distributed denial-of-service (DDoS) attack that set a new record for attacks targeting European organizations in terms of packets per second.
SecurityWeek.webp 2022-09-16 09:22:19 Uber Investigating Data Breach After Hacker Claims of Extensive Compromise (lien direct) Uber hacked Uber “responding to a cybersecurity incident” after hacker claims to have breached several systems Data Breach Uber
SecurityWeek.webp 2022-09-14 14:35:30 Bishop Fox Releases Open Source Cloud Hacking Tool \'CloudFox\' (lien direct) Cybersecurity firm Bishop Fox has announced the release of CloudFox, an open source tool designed to help find exploitable attack paths in cloud infrastructure. The command line tool has been created for penetration testers and other offensive security professionals. Tool
SecurityWeek.webp 2022-09-14 11:45:00 Malware Infects Magento-Powered Stores via FishPig Distribution Server (lien direct) For the past several weeks, Magento stores have been injected with malware via a supply chain attack that targeted the FishPig distribution server. Specialized in Magento optimizations and Magento-WordPress integrations, FishPig offers various Magento extensions that have gathered over 200,000 downloads. Malware
SecurityWeek.webp 2022-09-13 11:04:16 iOS 16 Rolls Out With Passwordless Authentication, Spyware Protection (lien direct) Apple this week has started rolling out iOS 16 with several security and privacy improvements meant to keep users protected from malware, state-sponsored attackers, and an abusive spouse.
SecurityWeek.webp 2022-09-13 10:15:39 Spyware, Ransomware, Cryptojacking Malware Increasingly Detected on ICS Devices (lien direct) Spyware, ransomware and cryptojacking malware have been increasingly detected on industrial control system (ICS) computers, according to data collected in the first half of 2022 by cybersecurity firm Kaspersky. Ransomware Malware
SecurityWeek.webp 2022-09-13 09:42:44 U-Haul Says Customer Data Accessed Using Compromised Credentials (lien direct) Moving and storage giant U-Haul has started informing customers of a data breach impacting some of their personal information. On Friday, U-Haul began sending notification letters to potentially impacted customers to inform them that compromised credentials were used to access some of their data without authorization. Data Breach
SecurityWeek.webp 2022-09-12 11:34:17 Vulnerability in BackupBuddy Plugin Exploited to Hack WordPress Sites (lien direct) A recently resolved vulnerability in the BackupBuddy WordPress plugin has been exploited in malicious attacks since late August, Defiant's Wordfence team warns. Hack Vulnerability
SecurityWeek.webp 2022-09-12 10:49:30 Google Patches Critical Vulnerabilities in Pixel Phones (lien direct) Google's September 2022 security update for Pixel devices addresses two critical vulnerabilities. A total of 46 other security flaws were resolved in the Android platform this month.
SecurityWeek.webp 2022-09-10 16:01:37 Iran Strongly Condemns US Sanctions Over Albania Hacking (lien direct) Iran on Saturday strongly condemned a US decision to impose sanctions on its intelligence ministry, blamed for a major cyber attack on NATO ally Albania.
SecurityWeek.webp 2022-09-08 18:01:32 New \'Shikitega\' Linux Malware Grabs Complete Control of Infected Systems (lien direct) Security researchers with AT&T Alien Labs are warning of a new piece of malware that can take full control of infected Linux systems, including Internet of Things (IoT) devices. Malware
SecurityWeek.webp 2022-09-07 20:49:31 Cymulate Closes $70M Series D Funding Round (lien direct) Cymulate, a late-stage Israeli startup in the breach and attack simulation space, has closed a $70 million Series D funding round led by existing investor One Peak.
SecurityWeek.webp 2022-09-06 06:46:28 Samsung US Says Customer Data Compromised in July Data Breach (lien direct) Just before the Labor Day holiday weekend, electronics giant Samsung US announced that the personal information of some customers was compromised in a July data breach. As part of the incident, which was identified roughly a month ago, an unauthorized third party gained access to some of Samsung's US systems and exfiltrated information stored on them. Data Breach
SecurityWeek.webp 2022-09-04 16:17:40 KeyBank: Hackers of Third-Party Provider Stole Customer Data (lien direct) Hackers stole personal data including Social Security numbers, addresses and account numbers of home mortgage holders at KeyBank, the bank reports, in the breach of a third-party vendor that serves multiple corporate clients. ★★★★
SecurityWeek.webp 2022-09-01 14:55:16 Cyber Safety for Summer Vacation (lien direct) Let's get back to summer travel. My original title for this byline was “Hack for the Holidays,” but I decided that my ever-friendly content editor would likely reject the thought – however, the statement does highlight an area we should all consider.
SecurityWeek.webp 2022-09-01 14:29:19 Hardcoded AWS Credentials in 1,800 Mobile Apps Highlight Supply Chain Issues (lien direct) Symantec has discovered hardcoded AWS credentials in more than 1,800 mobile applications and warned of the potential risks associated with poor security practices. While Symantec's threat hunting team has looked at both Android and iOS apps, nearly all of the applications containing hardcoded credentials were developed for iOS. Threat
SecurityWeek.webp 2022-09-01 12:59:12 Ransomware Gang Claims Customer Data Stolen in TAP Air Portugal Hack (lien direct) The Ragnar Locker ransomware gang says it has exfiltrated customer data in a cyberattack on Portuguese state-owned flag carrier airline TAP Air Portugal. The incident was initially disclosed on August 26, when TAP announced on Twitter that it managed to foil the cyberattack before the threat actor could access any customer data. Ransomware Hack Threat
SecurityWeek.webp 2022-08-31 16:26:49 FBI\'s Team to Investigate Massive Cyberattack in Montenegro (lien direct) A rapid deployment team of FBI cyber experts is heading to Montenegro to investigate a massive and coordinated attack on the tiny Balkan nation's government and its services, the country's Ministry of Internal Affairs announced Wednesday.
SecurityWeek.webp 2022-08-31 10:52:29 Cybercriminals Apparently Involved in Russia-Linked Attack on Montenegro Government (lien direct) Montenegro has been targeted in a disruptive cyberattack blamed on Russian hackers, and a known ransomware group may have been involved. The country's Agency for National Security announced last week that government servers had been targeted in an ongoing attack that was described as massive and coordinated. Ransomware
SecurityWeek.webp 2022-08-30 14:51:39 How Technology Can Think Globally and Act Locally to Inform Global Cyber Policies (lien direct) As a cybersecurity professional, I appreciate the impact that cyber policy can have on the adoption of and effective utilization of technology. We see this working today in very advanced, mature industries. In the automotive industry, policies around safety for instance, have done wonders to reduce the number of injuries resulting from an accident. Likewise, policies for manufacturing and chemical production help reduce the risk associated with handling dangerous chemicals.
SecurityWeek.webp 2022-08-30 13:22:35 2.5 Million Impacted by Data Breach at Nelnet Servicing (lien direct) The data of more than 2.5 million individuals was compromised in a recent data breach at technology services provider Nelnet Servicing. The impacted individuals have taken student loans from Edfinancial and OSLA, which have contracted Nelnet for various services, including an online portal that student loan borrowers can use to access their accounts. Data Breach
SecurityWeek.webp 2022-08-30 11:20:14 Google Launches Bug Bounty Program for Open Source Projects (lien direct) Google today introduced a new bug bounty program to reward security researchers who discover and report vulnerabilities in the company's open source projects. As part of the new Open Source Software Vulnerability Rewards Program (OSS VRP), Google is offering bug bounty payouts of up to $31,337. The lowest vulnerability reward will be $100. Vulnerability
SecurityWeek.webp 2022-08-27 17:54:19 Facebook Parent Settles Suit in Cambridge Analytica Scandal (lien direct) Facebook's corporate parent has reached a tentative settlement in a lawsuit alleging the world's largest social network service allowed millions of its users' personal information to be fed to Cambridge Analytica, a firm that supported Donald Trump's victorious presidential campaign in 2016.
SecurityWeek.webp 2022-08-26 14:40:34 DoorDash Data Compromised Following Twilio Hack (lien direct) Food delivery company DoorDash revealed on Thursday that customer and employee data has been exposed as a result of a recent breach at a third-party vendor. DoorDash said hackers abused a third-party vendor's access to its systems. The attacker abused DoorDash's internal tools and gained access to the information of 'a small percentage of individuals'. Hack ★★★★★
SecurityWeek.webp 2022-08-25 20:05:19 LastPass Says Source Code Stolen in Data Breach (lien direct) Password management software firm LastPass has suffered a data breach that led to the theft of source code and proprietary technical information. Data Breach LastPass
SecurityWeek.webp 2022-08-25 16:02:56 Leaked Docs Show Spyware Firm Offering iOS, Android Hacking Services for $8 Million (lien direct) Leaked documents appear to show a little-known spyware company offering services that include Android and iOS device exploits for €8 million (roughly $8 million).
SecurityWeek.webp 2022-08-25 10:16:06 Microsoft Details New Post-Compromise Malware Used by Russian Cyberspies (lien direct) Microsoft this week published technical details on 'MagicWeb', a new post-exploitation tool used by Russia-linked cyberespionage group APT29. Malware Tool APT 29
Last update at: 2024-03-28 15:10:19
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter