Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 17:00:00 |
Giving Away the Keys to Your Backups? Here\'s How to Keep Out Hackers (lien direct) |
As threat actors' sophistication has grown dramatically in the last few years, organizations haven't kept up with implementing the necessary countermeasure controls. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 15:12:08 |
NetSPI Raises $410 Million in Growth Funding from KKR (lien direct) |
New investment to fuel the offensive security leader's record-breaking growth and innovation pipeline. |
Guideline
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 14:00:00 |
7 Practical Considerations for Effective Threat Intelligence (lien direct) |
If your security team is considering, planning, building, or operating a threat intelligence capability, this advice can help. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 14:00:00 |
Why Don\'t CISOs Trust Their Employees? (lien direct) |
Executives fear "malicious insiders" as top cyber threat to companies, research shows. Reasonable steps to secure and monitor systems may prevent reputational damage but are not enough. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 13:01:39 |
RatMilad Spyware Scurries onto Enterprise Android Phones (lien direct) |
A novel mobile malware found lurking behind a phone-spoofing app is being distributed via Telegram and a dedicated website, in a broad operation to monitor corporate victims. |
Malware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 22:35:00 |
The Insecurities of Cybersecurity Success (lien direct) |
Becoming a big wheel doesn't have to cost your happiness, but grind culture makes that likely. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 21:48:35 |
Exposure Management? Understanding the Attacker Takes Center Stage (lien direct) |
Announcing its exposure management platform, Tenable joins other companies in offering ways - such as attack surface management - to look at business networks through the eyes of attackers. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 20:27:28 |
Microsoft Updates Mitigation for Exchange Server Zero-Days (lien direct) |
Researchers had discovered that Microsoft's original mitigation steps for the so-called "ProxyNotShell" flaws was easily bypassed. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 19:00:00 |
5 Attack Elements Every Organizations Should Be Monitoring (lien direct) |
Security teams have to protect an increasingly complex enterprise environment. Here are five elements of attack surface management they should consider. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 17:55:00 |
Aussie Telco Telstra Breached, Reportedly Exposing 30,000 Employees\' Data (lien direct) |
The Telstra cyber incident comes just weeks after its main rival Optus suffered a major compromise of its customer database. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 17:10:51 |
Former NSA Employee Faces Death Penalty for Selling Secrets (lien direct) |
Suspect allegedly thought he was swapping secrets with a foreign government for crypto - but the contact turned out to be an FBI agent. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 17:00:00 |
Workforce Data Privacy in the Modern Work Era (lien direct) |
It takes culture as well as individual and corporate responsibilities to ensure workforce data privacy and compliance. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 14:37:39 |
Steam Gaming Phish Showcases Browser-in-Browser Threat (lien direct) |
Attackers are using the recently emerged browser-in-the-browser phishing technique to steal accounts from Valve's popular gaming platform, but it's a warning shot to businesses. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 14:30:42 |
More Than 30% of All Malicious Attacks Target Shadow APIs (lien direct) |
New research spotlights how attackers are capitalizing on API-driven innovation. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 14:26:17 |
Eclypsium Raises Series B to Protect Digital Supply Chain As Attacks Grow (lien direct) |
The new round highlights market demand to protect global businesses from soaring breaches through supply chains of critical hardware, devices, firmware, and software. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 14:11:01 |
Aryaka Delivers Zero-Trust WAN Based on Unified SASE Architecture (lien direct) |
The new offering integrates firewall-as-a-service and secure web gateway into cloud-managed networking and security services. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 14:00:00 |
Ransomware 3.0: The Next Frontier (lien direct) |
Attackers are already circling back to reselling stolen data instead of - and in addition to - extortion. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 13:50:54 |
Tidal Cyber Closes $4M Funding Round To Expand Threat-Informed Defense Tech (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 13:10:00 |
Expert Insights: How to Protect Sensitive Machine-Learning Training Data Without Borking It (lien direct) |
Another element of ML security is the data used to train the machine learning system itself. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-04 02:00:00 |
Growing Reliance on Cloud Brings New Security Challenges (lien direct) |
With organizations expanding their cloud operations, cloud security is imperative to protect applications and data. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-03 20:56:00 |
Bumblebee Malware Loader\'s Payloads Significantly Vary by Victim System (lien direct) |
On some systems the malware drops infostealers and banking Trojans; on others it installs sophisticated post-compromise tools, new analysis shows. |
Malware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-03 20:51:18 |
First 72 Hours of Incident Response Critical to Taming Cyberattack Chaos (lien direct) |
Responding to cyberattacks is extraordinarily stressful, but better planning, frequent practice, and the availability of mental health services can help IR professionals, a survey finds. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-03 16:26:52 |
(Déjà vu) Name That Edge Toon: Mumbo Dumbo (lien direct) |
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-03 14:00:00 |
How AWS, Cisco, Netflix & SAP Are Approaching Cybersecurity Awareness Month (lien direct) |
This year's theme is "See Yourself in Cyber," and these security folks are using the month to reflect on the personal factor in cybersecurity. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 22:14:00 |
Worried About the Exchange Zero-Day? Here\'s What to Do (lien direct) |
While organizations wait for an official patch for the two zero-day flaws in Microsoft Exchange, they should scan their networks for signs of exploitation and apply these mitigations. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 20:31:00 |
LA School District Ransomware Attackers Now Threaten to Leak Stolen Data (lien direct) |
Weeks after it breached the Los Angeles Unified School District, the Vice Society ransomware group is threatening to leak the stolen data, unless they get paid. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 20:00:00 |
The Top 4 Mistakes in Security Programs to Avoid (lien direct) |
Overlooking even just a single security threat can severely erode a company's community and consumer confidence, tarnish reputation and brand, negatively impact corporate valuations, provide competitors with an advantage, and create unwanted scrutiny. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 19:10:40 |
Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here (lien direct) |
It's time to dispel notions of deepfakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to cybercriminals, even unsophisticated ones. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 18:44:43 |
Cybercriminals See Allure in BEC Attacks Over Ransomware (lien direct) |
While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 17:38:23 |
Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack (lien direct) |
Malicious Comm100 files have been found scattered throughout North America, and across sectors including tech, healthcare, manufacturing, telecom, insurance, and others. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 16:24:00 |
Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet (lien direct) |
The "ProxyNotShell" security vulnerabilities can be chained for remote code execution and total takeover of corporate email platforms. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 14:47:01 |
SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates (lien direct) |
The SolarMarker group is exploiting a vulnerable WordPress-run website to encourage victims to download fake Chrome browser updates, part of a new tactic in its watering-hole attacks. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 14:00:00 |
With the Software Supply Chain, You Can\'t Secure What You Don\'t Measure (lien direct) |
Reports to the National Vulnerability Database jumped in 2022, but we should pay just as much attention to the flaws that are not being reported to NVD, including those affecting the software supply chain. |
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 13:22:54 |
Onyxia Raises $5M to Help Companies Proactively Manage Cybersecurity Risks Using AI (lien direct) |
Onyxia, an AI-powered cybersecurity strategy and performance platform providing a centralized way for security teams to monitor and manage cybersecurity efforts in real time, has raised $5 million in seed fundraising led by World Trade Ventures with participation by Silvertech Ventures and angel investors. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 00:28:31 |
Cyera Survey Finds One in Three Respondents Want to Minimize Cloud Data Risk (lien direct) |
Multiple providers say 'cloud data sprawl' makes managing cloud data risk a priority initiative within the next 12 months. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 00:24:44 |
Safous Adds Browser Isolation to Its Zero-Trust Network Access Service (lien direct) |
This new function offers secure access to corporate applications and external SaaS through a virtual browser. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-30 00:11:05 |
Israel Cybersecurity Enterprise (ICE) Teams with CybeReady to Deliver World-Class Security Training (lien direct) |
Security service provider selects cybersecurity training platform to safeguard enterprises in LATAM. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:56:38 |
Aunalytics Launches Security Patching Platform as a Service (lien direct) |
Expedited software patching and updating recognized as one of the most important processes to protect against system compromise from cyberattacks. |
Patching
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:44:18 |
Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training (lien direct) |
Companies collaborate to strengthen organizations' first line of security defense – end users. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:39:32 |
YouMail, Inc. and WMC Global Partner to Deliver Voice and SMS Phishing Disruption Services (lien direct) |
Joint phishing intelligence solution provides 360-degree mobile communication defense. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:33:05 |
(Déjà vu) Organizations Finding the Need for New Approaches on the Cybersecurity Front, CompTIA research reveals (lien direct) |
Settling for 'satisfactory' level of readiness may underestimate growing levels of risk. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:31:00 |
Intel Hardens Confidential Computing With Project Amber Updates (lien direct) |
The chip giant has developed new features and services to make it more difficult for malicious hackers and insiders to access sensitive data from applications in the cloud. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:27:30 |
Latest Delinea Update Streamlines DevOps Security (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:23:04 |
KnowBe4 Simplifies Compliance Requirements for Healthcare Privacy (lien direct) |
KnowBe4's Compliance Audit Readiness Assessment (CARA) now addresses select requirements from HIPAA Security Rule. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:19:02 |
Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch (lien direct) |
Combination of two companies to help SAP customers streamline audit, compliance and control processes. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 23:10:05 |
Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey (lien direct) |
Survey of over 2,000 IT pros revealed that a quarter either don't know or don't think Microsoft 365 data can be affected by ransomware. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 21:44:03 |
Why the US Should Help Secure Mexican Infrastructure - and What It Gets in Return (lien direct) |
Call it cross-border enlightened self-interest: As one of the US's premier trade partners and closest neighbors, what's bad for Mexico is bad for the US. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 20:32:28 |
The Country Where You Live Impacts Password Choices (lien direct) |
Literacy, levels of personal freedom, and other macro-social factors help determine how strong average passwords are in a given locale, researchers have found. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 19:26:44 |
Dangerous New Attack Technique Compromising VMware ESXi Hypervisors (lien direct) |
China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-29 18:33:01 |
3 Reasons Why BEC Scams Work in Real Estate (lien direct) |
Identity verification could be the key to fighting back and building trust in an industry beset with high-stakes fraud. |
|
|
|