Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 14:50:00 |
Cybersecurity Worries Around Hybrid Working Drop, but Many IT Leaders Still Concerned Over Cyber-Skills Gap (lien direct) |
S-RM reports show that cybersecurity concerns surrounding hybrid work prevail for 37% of organizations. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 14:23:00 |
Supply Chain Security Global Market Report 2022: Sector to Reach $3.5 Billion by 2027 at an 11% CAGR (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 21:37:22 |
T-Mobile Breached Again, This Time Exposing 37M Customers\' Data (lien direct) |
This time around, weak API security allowed a threat actor to access account information, the mobile phone giant reported. |
Threat
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 21:18:04 |
Ransomware Profits Decline as Victims Dig In, Refuse to Pay (lien direct) |
Two new reports show ransomware revenues for threat actors dropped sharply in 2022 as more victims ignored ransom demands. |
Ransomware
Threat
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 21:10:26 |
Compromised Zendesk Employee Credentials Lead to Breach (lien direct) |
Zendesk has alerted customers to a successful SMS phishing campaign that has exposed "service data," but details remain scarce. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 21:00:00 |
GPT Emerges as Key AI Tech for Security Vendors (lien direct) |
Orca Security is one of the companies integrating conversational AI technology into its products. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 16:22:00 |
Critical Manufacturing Sector in the Bull\'s-eye (lien direct) |
Serious security flaws go unpatched, and ransomware attacks increase against manufacturers. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 15:00:00 |
The Evolution of Account Takeover Attacks: Initial Access Brokers for IoT (lien direct) |
Head off account takeover attacks by being proactive about IoT security. Start with designing and building better security protocols into IoT devices, always change weak default configurations, and regularly apply patches to ensure that IoT devices are secure. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-20 00:20:00 |
PayPal Breach Exposed PII of Nearly 35K Accounts (lien direct) |
The credential-stuffing attack, likely fueled by password reuse, yielded personal identifiable information that can be used to verify the authenticity of previously stolen data. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 23:14:00 |
EmojiDeploy Attack Chain Targets Misconfigured Azure Service (lien direct) |
Multiple misconfigurations in a service that underpins many Azure features could have allowed an attacker to remotely compromise a cloud user's system. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 22:00:00 |
Massive Adware Campaign Shuttered (lien direct) |
Mainly Apple iOS in-app ads were targeted, injecting malicious JavaScript code to rack up phony views. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 21:30:00 |
Attackers Crafted Custom Malware for Fortinet Zero-Day (lien direct) |
The "BoldMove" backdoor demonstrates a high level of knowledge of FortiOS, according to Mandiant researchers, who said the attacker appears to be based out of China. |
Malware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 18:54:00 |
Roaming Mantis Uses DNS Changers to Target Users via Compromised Public Routers (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 18:35:00 |
Shift Identity Left: Preventing Identity-Based Breaches (lien direct) |
Traditional compliance and IAM are insufficient to secure the modern enterprise. We must shift left with modern access controls to avoid costly data breaches. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 18:00:00 |
(Déjà vu) Name That Toon: Poker Hand (lien direct) |
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 16:36:00 |
The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows (lien direct) |
The report highlights concerning security stats following two years of extreme tech growth. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 15:37:00 |
SynSaber Releases ICS Vulnerabilities & CVEs Report Covering Second Half of 2022 (lien direct) |
ICS/OT cybersecurity firm finds 35% of CVEs in second half of 2022 unpatchable. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 15:30:00 |
SecurityGen Identifies the Cybersecurity Priorities for Mobile Operators in 2023 (lien direct) |
Open architecture, non-standalone roaming, nation-state attacks, ransomware, and the need for more industry collaboration are among the major 5G security challenges that operators must address in the year ahead. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 15:15:56 |
KnowBe4 to Offer $10,000 Women in Cybersecurity Scholarship and (ISC) 2 Certification Education Package (lien direct) |
KnowBe4 partners with the Center for Cyber Safety and Education to bolster women
in cybersecurity for the fourth consecutive year. |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 15:06:29 |
International Council of E-Commerce Consultants Launches Cybersecurity Essentials Professional Certificate Program on edX (lien direct) |
New program enables students and early career professionals to learn critical skills required in today's entry-level cybersecurity field, helping address urgent cyber workforce jobs gap. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 15:00:00 |
Ethically Exploiting Vulnerabilities: A Play-by-Play (lien direct) |
There's a fine line between a hacker and an attacker, but it pays to be proactive. Consider tests by ethical hackers, a red team, or pen testers, and then bolster your company's defenses against malicious attacks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 14:44:00 |
New Research From EMA Reveals How Organizations Are Struggling to Develop Secure Software Applications (lien direct) |
Research shows that over 50% of organizations performing software development
struggle with fully integrating security into their software development
lifecycle. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 14:00:00 |
Cybercriminals Target Telecom Provider Networks (lien direct) |
The growing use of mobile devices for MFA and the proliferation of 5G and VoIP in general could result in more attacks in future, experts say. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 08:00:00 |
As Social Engineering Tactics Change, So Must Your Security Training (lien direct) |
Craft specific awareness training for high-exposure teams like finance, and reinforce other critical awareness training across the organization. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-19 02:00:00 |
Data Security in Multicloud: Limit Access, Increase Visibility (lien direct) |
Ensuring that data can be easily discovered, classified, and secured is a crucial cornerstone of a data security strategy. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 23:37:00 |
How Would the FTC Rule on Noncompetes Affect Data Security? (lien direct) |
Without noncompetes, how do organizations make sure employees aren't taking intellectual property when they go work to work for a competitor? |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 22:04:00 |
Vulnerable Historian Servers Imperil OT Networks (lien direct) |
These specialized database servers, which collect and archive information on device operation, often connect IT and OT networks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 19:25:00 |
Founder and Majority Owner of Cryptocurrency Exchange Charged With Processing Over $700 Million of Illicit Funds (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 19:24:00 |
Sophos Cuts Jobs to Focus on Cybersecurity Services (lien direct) |
Layoffs intended to cut costs, help company shift its focus on cybersecurity services, Sophos says. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 19:21:00 |
ChatGPT Could Create Polymorphic Malware Wave, Researchers Warn (lien direct) |
The powerful AI bot can produce malware without malicious code, making it tough to mitigate. |
Malware
|
ChatGPT
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 18:13:00 |
DoControl Announces SaaS Security Platform Expansion With Shadow Apps Module Launch (lien direct) |
New module introduces shadow SaaS application discovery, monitoring, and remediation to protect businesses from supply chain attacks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 18:10:00 |
KnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend (lien direct) |
KnowBe4 releases overall 2022 and Q4 2022 global phishing test reports and finds business-related emails continue to be utilized as a phishing strategy and reveal top holiday email phishing subjects. |
Prediction
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 18:00:00 |
ChatGPT Opens New Opportunities for Cybercriminals: 5 Ways for Organizations to Get Ready (lien direct) |
From updating employee education and implementing stronger authentication protocols to monitoring corporate accounts and adopting a zero-trust model, companies can better prepare defenses against chatbot-augmented attacks. |
|
ChatGPT
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 17:10:00 |
ICS Confronted by Attackers Armed With New Motives, Tactics, and Malware (lien direct) |
Threat actors are diversifying across all aspects to attack critical infrastructure, muddying the threat landscape, and forcing industrial organizations to rethink their security. |
Malware
Threat
Industrial
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 15:30:00 |
Abacus Group Acquires Gotham Security and GoVanguard to Expand Cybersecurity Service Offerings (lien direct) |
Pas de details / No more details |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 15:15:00 |
Perception Point Launches Advanced Threat Protection and Rapid Remediation for Zendesk Customers (lien direct) |
The integration provides crucial protection for businesses' most vulnerable departments - help desks and customer support teams - preventing the most advanced threats sent by online users. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 15:04:00 |
New Coalfire Report Reveals CISOs Rising Influence (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 15:00:00 |
Cybersecurity and the Myth of Quiet Quitting (lien direct) |
People are working harder than ever, but they're not happy about it - and the insider threat is all too real. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 14:50:00 |
Lares Research Highlights Top 5 Penetration Test Findings From 2022 (lien direct) |
Range of Addressable Concerns Includes "Brute Forcing Accounts with Weak Passwords" and "Excessive File System Permissions." |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-18 01:00:00 |
Okta Expands No-Code Offerings for Identity Cloud (lien direct) |
With Actions Integrations, Okta is expanding its no-code offerings to help administrators manage and customize their identity workflow. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 22:08:00 |
Initial Access Broker Market Booms, Posing Growing Threat to Enterprises (lien direct) |
A rapid increase in the number of operators in the space - the "locksmiths" of the cyber underground - has made it substantially cheaper for cybercriminals to buy access to target networks. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 21:45:00 |
Secrets Rotation Recommended After CircleCI Security Incident (lien direct) |
Companies are being urged to update 0Auth, runner, and project API tokens, along with other secrets stashed with CircleCI. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 19:03:00 |
(Déjà vu) VIPRE Security Group Launches New Endpoint Detection and Response (EDR) Technology Built for SMEs (lien direct) |
VIPRE Endpoint Detection & Response (EDR) delivers streamlined, sophisticated, high-performing cloud-based EDR management in a single, easy-to-navigate console. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 19:00:00 |
Unpatched Zoho MangeEngine Products Under Active Cyberattack (lien direct) |
The latest critical bug is exploitable in dozens of ManageEngine products and exposes systems to catastrophic risks, researchers warn. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 18:00:00 |
Why Businesses Need to Think Like Hackers This Year (lien direct) |
Security professionals must update their skill sets and be proactive to stay ahead of cybercriminals. It's time to learn to think and act like an attacker to cope with the cyber "new normal." |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 18:00:00 |
A New Era Is Dawning in Cybersecurity, but Only the Best Algorithms Will Win (lien direct) |
Open source AI is lowering the barrier of entry for cybercriminals. Security teams must consider the right way to apply defensive AI to counter this threat. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 15:40:00 |
Cygna Labs Introduces Entitlement and Security for Active Directory (lien direct) |
Standalone product provides permission insights for Active Directory security and compliance. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 15:13:00 |
Microsoft Patches 4 SSRF Flaws in Separate Azure Cloud Services (lien direct) |
Two of the vulnerabilities - in Azure Functions and Azure Digital Twins - required no account authentication for an attacker to exploit them. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 15:00:00 |
3 Lessons Learned in Vulnerability Management (lien direct) |
In 2022, multiple high-profile vulnerabilities like Log4j and OpenSSL provided important takeaways for future public reporting. |
Vulnerability
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-17 15:00:00 |
5 Cybersecurity Tips for Higher Education Institutions (lien direct) |
Following these basic cybersecurity hygiene policies can help make data more secure and protect colleges and universities from becoming the next ransomware headline. The steps aren't complicated, and they won't break the bank. |
Ransomware
|
|
★★★
|