Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 20:43:13 |
DHS Review Board Deems Log4j an \'Endemic\' Cyber Threat (lien direct) |
Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. |
Vulnerability
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 20:22:15 |
New Phishing Kit Hijacks WordPress Sites for PayPal Scam (lien direct) |
Attackers use scam security checks to steal victims' government documents, photos, banking information, and email passwords, researchers warn. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 19:35:18 |
Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project (lien direct) |
Developers can now rest assured that the code they are using, as well as their GitHub accounts, are safe. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 19:30:17 |
AEI HorizonX Ventures Joins Shift5 Series B Funding Round (lien direct) |
Investment bolsters Shift5's traction within commercial aerospace and defense industries. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 18:06:59 |
Data of Nearly 2M Patients Exposed in Ransomware Attack on Healthcare Debt Collection Firm (lien direct) |
Professional Finance Company (PFC) was hit in February 2022 by a ransomware attack. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 14:50:20 |
Is Cryptocurrency\'s Crash Causing Headaches for Ransomware Gangs? (lien direct) |
Bitcoin is down more than 70% from its highs late last year, causing disruptions for cybercriminals and the underground exchanges that fuel the dark markets. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 14:00:00 |
Virtual CISOs Are the Best Defense Against Accelerating Cyber-Risks (lien direct) |
A poor, permanent hire can be a very expensive error, whereas a mis-hire on a virtual CISO can be rapidly corrected. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 13:33:18 |
The Next Generation of Threat Detection Will Require Both Human and Machine Expertise (lien direct) |
To be truly effective, threat detection and response need to combine the strengths of people and technology. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-14 13:31:46 |
Data Breaches Linked to Ransomware Declined in Q2 2022 (lien direct) |
Phishing retained its place as the top root cause of data compromises, according to new data from the Identity Theft Resource Center (ITRC). |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 22:55:00 |
Researchers Devise New Speculative Execution Attacks Against Some Intel, AMD CPUs (lien direct) |
"Retbleed" bypasses a commonly used mechanism for protecting against a certain kind of side-channel attack. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 21:23:00 |
CyberRatings.org Issues AAA Rating on Forcepoint\'s Cloud Network Firewall (lien direct) |
Forcepoint's test results are second in a series of publications on this new technology. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 21:09:34 |
Report: Financial Institutions Overly Complacent About Current Authentication Methods (lien direct) |
New research report finds most financial organizations have experienced a breach due to an authentication weakness, yet only a third took action |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 20:24:52 |
Mozilla: EU\'s eIDAS Proposal Attracts Growing Criticism (lien direct) |
In the wrong hands, the changes could enable state-sponsored internet surveillance says Mozilla's Chief Security Officer |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 20:21:32 |
Nearly Half of Enterprise Endpoints Present Significant Security Risks (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 19:52:37 |
MacOS Bug Could Let Malicious Code Break Out of Application Sandbox (lien direct) |
Microsoft reveals now-fixed flaw in Apple's App Sandbox controls could allow attackers to escalate device privileges and deploy malware. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 19:39:00 |
The 3 Critical Elements You Need for Vulnerability Management Today (lien direct) |
Most organizations are flying blind when remediating vulnerabilities. We lack the tooling to secure software fast enough. We need a new approach to vulnerability management now. |
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 18:44:03 |
Internet Searches Reveal Surprisingly Prevalent Ransomware (lien direct) |
Two mostly defunct threats - WannaCry and NonPetya - top the list of ransomware searches, but does that mean they are still causing problems? |
Ransomware
|
Wannacry
Wannacry
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 17:00:00 |
3 Golden Rules of Modern Third-Party Risk Management (lien direct) |
It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 15:08:28 |
Survey: Small Cybersecurity Teams Face Greater Risk from Attacks than Larger Enterprises (lien direct) |
Cynet CISO survey reveals lack of staff, skills, and resources driving smaller teams to outsource security with advanced tools, technologies, and services. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 14:54:51 |
Microsoft: 10,000 Orgs Targeted in Phishing Attack That Bypasses Multifactor Authentication (lien direct) |
The massive phishing campaign does not exploit a vulnerability in MFA. Instead, it spoofs an Office 365 authentication page to steal credentials. |
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 14:17:34 |
US Government and QuSecure Orchestrate First-Ever Post-Quantum Encryption Communication over a Government Network (lien direct) |
QuSecure's QuProtect leverages unique post-quantum cryptographic algorithm on government legacy systems to achieve world's first and only post-quantum resilient channel within a government facility. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 14:01:36 |
New Research Reveals 93% of Organizations Surveyed Have Had Failed IIoT/OT Security Projects (lien direct) |
Barracuda research finds organizations are struggling to protect operational technology and getting breached as a result. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 14:00:00 |
Keep Humans in the Loop in SOC Operations (lien direct) |
Machine learning and automation can help free up security pros for higher-value tasks. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 13:39:07 |
Exostar Empowers SMBs with Enhanced, Low-Cost, Easy-to-Use Microsoft 365 and CMMC 2.0 Solutions (lien direct) |
Upgrades to the Exostar platform promote secure, compliant collaboration and handling of controlled unclassified information. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 12:00:00 |
QuickBooks Vishing Scam Targets Small Businesses (lien direct) |
Businesses receive an invoice via email with a credit card charge and are asked to call a fake number and hand over personal information to receive a refund. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-13 00:33:43 |
Getting Up and Running with Windows Autopatch (lien direct) |
This Tech Tip outlines how system administrators can get started with automated continuous patching for their Windows devices and applications. |
Patching
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 22:42:37 |
PyPI Mandates 2FA, Plans Google Titan Key Giveaway (lien direct) |
Python's most popular package manager is intent on securing the supply chain by requiring developers to enable two-factor authentication. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 21:58:23 |
Core Security by HelpSystems Introduces New Ransomware Simulator (lien direct) |
. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 21:52:48 |
Microsoft Issues Fixes for 84 Vulnerabilities: Here\'s What to Patch Now (lien direct) |
July's security update included fixes for one actively exploited flaw, more than 30 bugs in Azure Site Recovery, and four privilege escalation bugs in Windows Print Spooler. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 21:52:27 |
Privitar Announces Kormoon Acquisition, Extending Data Privacy and Provisioning Capabilities (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 20:00:00 |
Understanding the Omdia Threat Detection Data Lifecycle (lien direct) |
Data quality is key in an effective TDIR solution. Omdia's threat detection data lifecycle highlights the considerations for effective data-driven threat detection |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 18:28:21 |
Don\'t Have a COW: Containers on Windows and Other Container-Escape Research (lien direct) |
Several pieces of Black Hat USA research will explore container design weaknesses and escalation of privilege attacks that can lead to container escapes. |
Guideline
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 17:27:47 |
One-Third of Users Without Security Awareness Training Click on Phishing URLs (lien direct) |
New data from security training provider shows half of untrained users in consulting, energy, and healthcare industries fall for phishing attacks. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 17:00:00 |
5 Traits That Differentiate CISOs From CIROs (lien direct) |
Chief information risk officers must have a keen understanding of - and interaction with - the business. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 14:21:35 |
Deloitte Launches Zero Trust Access, a New Managed Security Service (lien direct) |
. |
|
Deloitte
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 14:00:00 |
How Confidential Computing Locks Down Data, Regardless of Its State (lien direct) |
Whether data's in motion, at rest, or in use, confidential computing makes moving workloads to the public cloud safer, and can enhance data security in other deployments. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 13:07:56 |
Accessible Cybersecurity Awareness Training Reduces Your Risk of Cyberattack (lien direct) |
If you're not teaching all of your employees proper security hygiene, you are leaving the door open to risk. Close that door by providing accessible training. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-12 12:00:00 |
Ransomware Scourge Drives Price Hikes in Cyber Insurance (lien direct) |
Cybersecurity insurance costs are rising, and insurers are likely to demand more direct access to organizational metrics and measures to make more accurate risk assessments. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 23:47:34 |
Paladin Cloud Launches New Cloud Security and Governance Platform (lien direct) |
The new open source security-as-code platform will help developers and security teams automatically detect security policy violations across the organization's cloud infrastructure. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 22:18:59 |
Fake Google Software Updates Spread New Ransomware (lien direct) |
"HavanaCrypt" is also using a command-and-control server that is hosted on a Microsoft Hosting Service IP address, researchers say. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 21:38:10 |
\'Luna Moth\' Group Ransoms Data Without the Ransomware (lien direct) |
Unsophisticated campaigns use off-the-shelf RATs and other tools to exfiltrate data and demand a ransom to keep it private. |
Ransomware
Tool
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 17:37:27 |
Online Payment Fraud Expected to Cost $343B Over Next 5 Years (lien direct) |
Fraudster innovation will continue to drive successful phishing, business email compromise, and socially engineered attacks, researchers say. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 16:02:36 |
Omdia: Sustainability Ranks Top on Data Center Operators\' Agendas Despite Cost and Reliability Barriers (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 14:01:00 |
Proposed SEC Rules Require More Transparency About Cyber-Risk (lien direct) |
The new guidelines would require public companies to file periodic disclosures about their cybersecurity practices and notify the SEC within 96 hours of a material breach. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 14:00:00 |
Building Guardrails for Autonomic Security (lien direct) |
AI's potential for automating security has promise, but there are miles to go in establishing decision-making boundaries. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 14:00:00 |
Diversity in Cybersecurity: Fostering Gender-Inclusive Teams That Perform Better (lien direct) |
Proactive steps in recruiting women to cybersecurity teams, along with policies focused on diversity, equity, and inclusion, help make cybersecurity teams more effective. Addressing specific barriers that female candidates face will make those teams more inclusive and more representative. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-11 13:10:56 |
New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials (lien direct) |
Scams pressure victims to "resolve an issue that could impact their status, business." |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-08 19:36:57 |
Microsoft Reverses Course on Blocking Office Macros by Default (lien direct) |
Security experts criticize company for reversing course on a decision it made just this February to block macros in files downloaded from the Internet. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-08 18:12:16 |
DoJ Charges CEO for Dealing $1B in Fake Cisco Gear (lien direct) |
Fraudster allegedly passed off refurbished, modified Cisco equipment as new to hospitals, schools, and even the military. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-08 16:02:36 |
SOAR Market Worth $2.3 Billion by 2027, According to Exclusive Report by MarketsandMarkets (lien direct) |
. |
|
|
|