What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-21 20:00:00 | Best Practices for Securing and Governing Your Multicloud Deployment (lien direct) | Organizations can start by integrating functions like detection, prioritization, and remediation on to a single platform. | ★★★ | ||
|
2022-12-21 18:38:26 | (Déjà vu) Name That Toon: Kiss and Tell (lien direct) | Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. | ★★ | ||
|
2022-12-21 18:00:00 | \'Russian Hackers\' Help Fraudsters Hijack JFK Airport\'s Taxi Dispatch (lien direct) | DoJ charges allege they hacked into the taxi dispatch system for profit, selling the ability for cab drivers to skip the line for picking up a fare at JFK terminals. | ★★★ | ||
|
2022-12-21 16:32:00 | Kaspersky Research Finds Reverse Engineering Is the Most On-Demand Skill Among InfoSec Specialists (lien direct) | Pas de details / No more details | ★★★ | ||
|
2022-12-21 15:51:51 | Understanding the 3 Classes of Kubernetes Risk (lien direct) | The first step toward securing Kubernetes environments is understanding the risks they pose and identifying the ways in which those risks can be mitigated. | Uber | ★★ | |
|
2022-12-21 15:51:30 | How to Run Kubernetes More Securely (lien direct) | The open source container tool is quite popular among developers - and threat actors. Here are a few ways DevOps teams can take control. | Tool Threat | Uber | ★★ |
|
2022-12-21 15:03:30 | Godfather Banking Trojan Masquerades as Legitimate Google Play App (lien direct) | The malware has resurfaced, using an icon and name similar to the legitimate Google Play app MYT Music, a popular app with more than 10 million downloads. | Malware | ★★★ | |
|
2022-12-21 15:00:00 | Why Security Teams Shouldn\'t Snooze on MFA Fatigue (lien direct) | Employee education, biometric and adaptive authentication, and zero trust can go a long way in strengthening security. | ★★ | ||
|
2022-12-20 23:30:00 | Give Yourself the Gift of Secure Holiday E-Commerce (lien direct) | Automating your defenses can bring good tidings of great joy. | ★★ | ||
|
2022-12-20 23:00:00 | Paying Ransom: Why Manufacturers Shell Out to Cybercriminals (lien direct) | Lower cybersecurity awareness coupled with vulnerable OT gear makes manufacturers tempting targets, but zero trust can blunt attackers' advantages. | ★★ | ||
|
2022-12-20 21:34:00 | Bfore.Ai Releases \'The King, The Knight & The Snowball\' - Cybersecurity Book for Children (lien direct) | This unique fairytale is available for free just before Christmas to enjoy with the entire family. | ★★★★ | ||
|
2022-12-20 21:00:04 | Microsoft Warns on \'Achilles\' macOS Gatekeeper Bypass (lien direct) | The latest bypass for Apple's application-safety feature could allow malicious takeover of Macs. | ★★★ | ||
|
2022-12-20 20:12:00 | Raspberry Robin Worm Targets Telcos & Governments (lien direct) | With 10 layers of obfuscation and fake payloads, the Raspberry Robin worm is nesting its way deep into organizations. | ★★★★ | ||
|
2022-12-20 19:34:00 | NATO-Member Oil Refinery Targeted in Russian APT Blitz Against Ukraine (lien direct) | Security Service-backed Trident Ursa APT group shakes up tactics in its relentless cyberattacks against Ukraine. | ★★★ | ||
|
2022-12-20 19:22:00 | Searchlight Security Changes Name to Searchlight Cyber and Launches New Brand (lien direct) | Searchlight Cyber announces rebrand that reflects its status as a fast-growing cybersecurity business. | ★★ | ||
|
2022-12-20 19:20:00 | How AI/ML Can Thwart DDoS Attacks (lien direct) | When properly designed and trained, artificial intelligence and machine learning can help improve the accuracy of distributed denial-of-service detection and mitigation. | ★★ | ||
|
2022-12-20 18:00:00 | Coming to a SOC Near You: New Browsers, \'Posture\' Management, Virtual Assistants (lien direct) | Startups are coalescing around effective data loss prevention, reducing data attack surfaces, and viable AI automation. | ★★ | ||
|
2022-12-20 17:52:00 | Cybersecurity Company VMRay Extends Series B Investment to a Total of $34M USD to Drive Growth into New Markets (lien direct) | VMRay announces the closing of a Series B led by global alternative asset manager Tikehau Capital, which will fuel further expansion of the product portfolio to target a broader set of market segments. | ★★ | ||
|
2022-12-20 15:44:52 | \'Blindside\' Attack Subverts EDR Platforms From Windows Kernel (lien direct) | The technique loads a nonmonitored and unhooked DLL, and leverages debug techniques that could allow for running arbitrary code. | ★★★ | ||
|
2022-12-20 15:00:00 | Protecting Hospital Networks From \'Code Dark\' Scenarios (lien direct) | Asset inventory, behavioral baselining, and automated response are all key to keeping patients healthy and safe. | ★★ | ||
|
2022-12-20 14:41:52 | AWS Elastic IP Transfer Feature Gives Cyberattackers Free Range (lien direct) | Threat actors can take over victims' cloud accounts to steal data, or use them for command-and-control for phishing attacks, denial of service, or other cyberattacks. | Threat | ★★ | |
|
2022-12-19 22:50:00 | Are 100% Security Guarantees Possible? (lien direct) | Large vendors are commoditizing capabilities that claim to provide absolute security guarantees backed up by formal verification. How significant are these promises? | ★★ | ||
|
2022-12-19 21:28:00 | Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages (lien direct) | Sites spoofing Grammarly and a Cisco webpage are spreading the DarkTortilla threat, which is filled with follow-on malware attacks. | Malware | ★★ | |
|
2022-12-19 21:01:00 | T-Mobile Carrier Scammer Gets Decade in the Slammer (lien direct) | A mobile phone store owner stole T-Mobile employee credentials to "unlock" phones for resale, earning him millions in illicit profits. | ★★★ | ||
|
2022-12-19 21:00:00 | Threat Intelligence Through Web Scraping (lien direct) | Bright Data CEO Or Lenchner discusses how security teams are utilizing public Web data networks to safeguard their organizations from digital risks. | Threat | ★★ | |
|
2022-12-19 18:00:00 | Fortnite Developer Epic Games Slapped With $275M Penalty (lien direct) | Epic Games has been fined for violating children's online privacy, banned from using collected data. | ★★ | ||
|
2022-12-19 17:40:59 | Malicious Python Trojan Impersonates SentinelOne Security Client (lien direct) | A fully functional SentinelOne client is actually a Trojan horse that hides malicious code within; it was found lurking in the Python Package Index repository ecosystem. | ★★★ | ||
|
2022-12-19 16:09:36 | Security Skills Command Premiums in Tight Market (lien direct) | Recession fears notwithstanding, cybersecurity skills - both credentialed and noncredentialed - continue to attract higher pay and more job security. | ★★★ | ||
|
2022-12-19 15:00:00 | Rethinking Risk After the FTX Debacle (lien direct) | Risk is no longer a single entity, but rather an interconnected web of resources, assets, and users. | ★★★ | ||
|
2022-12-19 14:00:00 | Holiday Spam, Phishing Campaigns Challenge Retailers (lien direct) | Revived levels of holiday spending have caught the eye of threat actors who exploit consumer behaviors and prey on the surge of online payments and digital activities during the holidays. | Threat | ★★ | |
|
2022-12-16 23:00:00 | GitHub Expands Secret Scanning, 2FA Across Platform (lien direct) | Microsoft-owned GitHub is taking steps to secure the open source software ecosystem by rolling out security features to protect code repositories. | ★★★ | ||
|
2022-12-16 21:57:02 | Cyber Threats Loom as 5B People Prepare to Watch World Cup Final (lien direct) | The 2022 FIFA Men's World Cup final in Qatar will be the most-watched sporting event in history - but will cybercriminals score a hat trick off its state-of-the-art digital footprint? | ★★ | ||
|
2022-12-16 21:07:00 | Researcher Bypasses Akamai WAF (lien direct) | Patched several months ago, researcher reports how they used Spring Boot to sneak past Akamai's firewall and remotely execute code. | ★★★ | ||
|
2022-12-16 20:50:00 | New Botnet Targeting Minecraft Servers Poses Potential Enterprise Threat (lien direct) | Microsoft warns enterprises should pay attention to a new botnet used to launch DDoS attacks on private Minecraft Java servers. | Threat | ★★★ | |
|
2022-12-16 20:19:10 | FBI: Criminals Using BEC Attacks to Scavenge Food Shipments (lien direct) | Cybercriminal rats are at play: Several food suppliers and distributors have experienced hundreds of thousands of dollars in losses after fulfilling fraudulently placed orders for food and ingredient shipments. | ★★★ | ||
|
2022-12-16 18:35:36 | Organizations Unprepared for Upcoming Data Privacy Regulations (lien direct) | A comprehensive data privacy program requires involvement from all parts of the business that deal with personal data. | ★★ | ||
|
2022-12-16 17:35:19 | With SASE Definition Still Cloudy, Forum Proposes Standard (lien direct) | Even without an overarching dictionary of common definitions, the concept of a secure access service edge (SASE) has spread, but a standard could help cloud services work better together. | ★★★ | ||
|
2022-12-16 16:04:25 | Iran-Backed Charming Kitten APT Eyes Kinetic Ops, Kidnapping (lien direct) | The not-so-charming APT's intelligence-gathering initiatives are likely being used by the Iranian state to target kidnapping victims. | APT 35 | ★★★ | |
|
2022-12-16 16:00:03 | Chinese APT Group MirrorFace Interferes in Japanese Elections (lien direct) | The MirrorFace group has deployed popular malware LodeInfo for spying and data theft against certain members of the Japanese House of Representatives. | Malware | ★★★ | |
|
2022-12-16 15:00:00 | Zero Trust in the Era of Edge (lien direct) | Accelerating security challenges and the increasing footprint of edge and IoT devices call for zero-trust principles to drive cyber resiliency. | ★★★ | ||
|
2022-12-16 15:00:00 | Compliance Is Not Enough: How to Manage Your Customer Data (lien direct) | Effective customer data management helps companies avoid data breaches and the resulting cascade of issues. From validating "clean" data to centralized storage and a data governance strategy, management steps can help keep data safe. | ★★★ | ||
|
2022-12-16 14:00:00 | Live From London: Next-Gen Cybersecurity Takes Stage at Black Hat Europe (lien direct) | Check out our slideshow detailing the emerging cybersecurity trends in cloud, creating a defensible Internet, malware evolution, and more that lit up audiences in London. | Malware | ★★ | |
|
2022-12-15 23:00:00 | NIST Finally Retires SHA-1, Kind Of (lien direct) | SHA-1 was deprecated in 2011. NIST has set the hashing algorithm's final retirement date to Dec. 31, 2030. | ★★★ | ||
|
2022-12-15 22:00:00 | Zero Trust Shouldn\'t Be The New Normal (lien direct) | Zero trust is useful in some situations, but organizations should not be trying to fit zero trust everywhere. In some cases, identity-based networking is an appropriate alternative. | ★★★ | ||
|
2022-12-15 21:07:00 | (Déjà vu) Axonius Bolsters SaaS Management Offering With Behavioral Analytics and SaaS User-Device Association Capabilities (lien direct) | New features bring greater visibility and context into SaaS applications access and activity. | ★ | ||
|
2022-12-15 21:00:00 | Stolen Data on 80K+ Members of FBI-Run InfraGard Reportedly for Sale on Dark Web Forum (lien direct) | InfraGard's members include key security decision-makers and stakeholders from all 16 US civilian critical-infrastructure sectors. | ★★★ | ||
|
2022-12-15 19:07:38 | Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook (lien direct) | Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR. | ★★★ | ||
|
2022-12-15 19:00:00 | DDoS Attack Platforms Shut Down in Global Law Enforcement Operation (lien direct) | Sweeping operation took down around 50 popular DDoS platforms, just one of which was used in 30M attacks, Europol says. | ★★★ | ||
|
2022-12-15 16:20:20 | Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps (lien direct) | Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail. | Malware Threat Prediction | ★★★ | |
|
2022-12-15 15:00:00 | Data Destruction Policies in the Age of Cloud Computing (lien direct) | It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality? | ★★ |
To see everything:
Our RSS (filtrered)
