Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-27 17:21:51 |
Average Data Breach Costs Soar to $4.4M in 2022 (lien direct) |
Call it a 'cyber-tax': Those costs are usually passed on to consumers, not investors, as compromised businesses raise prices for goods and services. |
Data Breach
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-27 17:00:00 |
Is Your Home or Small Business Built on Secure Foundations? Think Again… (lien direct) |
Did you know that the standard router relied upon in homes and by thousands of small businesses is the most frequently attacked IoT device? James Willison, Project and Engagement Manager, IoT Security Foundation, explores the issue and reveals an ongoing initiative from the foundation that is designed to better secure the devices. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-27 16:10:39 |
First Cohort Graduates from PSM Cyber Stars Program at Liverpool FC (lien direct) |
New careers in IT open up for former footballers. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-27 14:00:00 |
The Great BizApp Hack: Cyber-Risks in Your Everyday Business Applications (lien direct) |
IT admins can lock some of the obvious open doors in business applications, but system visibility is key. Build automatic monitoring defenses and adopt a Git-like tool so you can "version" your business apps to restore prior states. |
Tool
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-27 13:48:22 |
No More Ransom Helped More Than 1.5 Million People Decrypt Their Devices (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-27 13:30:00 |
8 Hot Summer Fiction Reads for Cybersecurity Pros (lien direct) |
A reading list of recommended novels curated by cybersecurity experts for cybersecurity experts. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 22:40:47 |
Craig Newmark Gives UC Berkeley $2 Million for University Cybersecurity Clinics (lien direct) |
. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 22:23:55 |
Norton Consumer Cyber Safety Pulse Report: Phishing for New Bait on Social Media (lien direct) |
Year-long analysis from Norton Labs finds nearly three-quarters of phishing sites imitate Facebook. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 21:01:14 |
LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top (lien direct) |
Just ahead of its headline-grabbing attack on the Italian tax agency, the infamous ransomware group debuted an improved version of the malware featuring parts from Egregor and BlackMatter. |
Ransomware
Malware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 20:53:03 |
Microsoft Tops Brands Phishers Prefer (lien direct) |
Wide use of Microsoft 365 applications by business lets phishers easily launch data theft, BEC, ransomware, and other attacks, new report finds. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 20:45:00 |
Economic Downturn Raises Risk of Insiders Going Rogue (lien direct) |
Insiders could become more vulnerable to cybercrime recruitment efforts, new report says. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 20:12:08 |
AI Can Help Fintechs Fight Fraud-as-a-Service (lien direct) |
Artificial intelligence tools can help companies strike the right balance between preventing financial crime and maintaining customer service and satisfaction. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 19:59:46 |
Discord, Telegram Services Hijacked to Launch Array of Cyberattacks (lien direct) |
Attackers are easily turning popular messaging apps and their associated services - like bots, cloud infrastructure, and CDNs - against users, researchers warn. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 17:46:47 |
Flying Blind in Security Operations (lien direct) |
Too many organizations are STILL getting breached. Every day across large and small organizations, intrusions and breaches happen. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 17:00:00 |
How Risk-Based Vulnerability Management Has Made Security Easier (lien direct) |
Trying to remediate everything was never a winning strategy. RBVM is an approach that gets organizations better results with less effort. |
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 16:28:42 |
Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts (lien direct) |
Ducktail targets marketing and HR professionals through LinkedIn to hijack Facebook accounts and run malvertising schemes. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 14:00:00 |
The Beautiful Lies of Machine Learning in Security (lien direct) |
Machine learning should be considered an extension of - not a replacement for - existing security methods, systems, and teams. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 13:27:50 |
Siemens Energy Takes Next Step to Protect Critical Infrastructure (lien direct) |
Company joins AWS Partner Network to provide customers with industrial cybersecurity solution to ensure reliable electricity and fuel supplies. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-26 01:16:27 |
OpenFHE Brings New Encryption Tools to Developers (lien direct) |
The open source fully homomorphic encryption library from Duality Technologies is intended to help developers build their own FHE-enabled applications. |
|
|
★★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 20:35:41 |
Rare \'CosmicStrand\' UEFI Rootkit Swings into Cybercrime Orbit (lien direct) |
The firmware threat offers ultimate stealth and persistence - and may be distributed via tainted firmware components in a supply chain play, researchers theorize. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 19:47:15 |
Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs (lien direct) |
Several threat actors used Amadey Bot previously to steal information and distribute malware such as the GandCrab ransomware and the FlawedAmmy RAT. |
Ransomware
Malware
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 19:10:02 |
T-Mobile Pitches $4-Per-Customer Settlement for Data Leak Impacting 80M People (lien direct) |
After leaking 80 million US customer data records in a cyberattack last summer, T-Mobile offers to settle a wide-ranging class action suit for just $350 million. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 18:36:40 |
Why Layer 8 Is Great (lien direct) |
To help discern legitimate traffic from fraud, it helps to understand user intent as shown through their behavior. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 16:54:02 |
Qakbot Is Back With a New Trick: DLL Sideloading (lien direct) |
In the latest iteration, Qakbot operators are using DLL sideloading to deliver malware, a technique that places legitimate and malicious files together in a common directory to avoid detection. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 15:20:44 |
Aqua Launches Out-of-the-Box Runtime Security with Advanced Protection against the Most Sophisticated Threats (lien direct) |
Security professionals can now achieve real-time protection for their workloads in minutes. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 14:00:00 |
Getting Ahead of Supply Chain Attacks (lien direct) |
Attackers are willing to replicate entire networks, purchase domains, and persist for months, not to mention spend significantly to make these campaigns successful. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-25 13:33:25 |
Critical Filewave MDM Vulnerabilities Allow Attackers Full Mobile Device Control (lien direct) |
Two previously unknown critical vulnerabilities within FileWave's multiplatform MDM system could grant malicious actors access to the platform's most privileged user account. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 22:54:48 |
Understanding Proposed SEC Rules Through an ESG Lens (lien direct) |
Cyber threats are putting environmental, social, and governance discussions at the forefront of board meetings and C-suite discussions around the globe. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 21:26:36 |
ICYMI: Neopets & the Gaming Problem; SolarWinds Hackers Are Back; Google Ads Abused (lien direct) |
Dark Reading's weekly roundup of all the OTHER important stories of the week. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 19:42:40 |
Critical Bugs Threaten to Crack Atlassian Confluence Workspaces Wide Open (lien direct) |
A hardcoded password associated with the Questions for Confluence app has been publicly released, which will likely lead to exploit attempts that give cyberattackers access to all Confluence content. |
Guideline
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 18:02:01 |
Google Chrome Zero-Day Weaponized to Spy on Journalists (lien direct) |
Candiru attackers breached a news agency employee website to target journalists with DevilsTongue spyware, researchers say. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 16:43:09 |
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments (lien direct) |
Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology. |
Ransomware
Malware
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 15:46:10 |
(Déjà vu) Phishing Bonanza: Social Engineering Savvy Skyrockets as Malicious Actors Cash In (lien direct) |
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 15:28:22 |
Thales Expands Cybersecurity Portfolio With OneWelcome Acquisition (lien direct) |
With more staff working remotely, identity, authentication, and access have never been more important. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-22 14:00:00 |
What Firewalls Can - and Can\'t - Accomplish (lien direct) |
Understanding the limitations of firewalls is important to protecting the organization from evolving threats. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 20:25:24 |
Mysterious, Cloud-Enabled macOS Spyware Blows Onto the Scene (lien direct) |
The CloudMensis spyware, which can lift reams of sensitive information from Apple machines, is the first Mac malware observed to exclusively rely on cloud storage for C2 activities. |
Malware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 18:35:00 |
Equitable Digital Identity Verification Requires Moving Past Flawed Legacy Systems (lien direct) |
Data science can be used to improve access to government assistance while reducing fraud. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 17:57:01 |
Google Becomes First Cloud Operator to Join Healthcare ISAC (lien direct) |
Google Cloud pledges experts and other resources to Health Information Sharing and Analysis Center, a community of healthcare infrastructure operators and owners. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 17:00:00 |
What the White House\'s Cybersecurity Workforce Plan Should Look Like (lien direct) |
By embracing cybersecurity as a critical part of our national security and education strategy, and working together to invest in opportunities for all, we can create a safer, more secure world. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 16:30:00 |
The Market Is Teeming: Bargains on Dark Web Give Novice Cybercriminals a Quick Start (lien direct) |
A study of the unregulated dark markets shows that the vast majority of malware, exploits, and attacker tools sell for less than $10, giving would-be criminals a fast entry point. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 14:00:00 |
The Kronos Ransomware Attack: What You Need to Know So Your Business Isn\'t Next (lien direct) |
Identify your business's security posture and head off ransomware attacks with third-party risk management and vendor security assessments. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-21 13:27:50 |
Cybercrime Group TA4563 Targets DeFi Market With Evolving Evilnum Backdoor (lien direct) |
The cyber campaign, aimed at siphoning funds, uses an improved version of the malware, which can adjust infection paths based on recognized antivirus software. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 22:03:59 |
Cybersecurity Professionals Push Their Organizations Toward Vendor Consolidation and Product Integration (lien direct) |
New global study from ESG and ISSA reveals nearly half of organizations are consolidating or plan on consolidating the number of vendors they do business with |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 19:46:17 |
Lax Security Fuels Massive 8220 Gang Botnet Army Surge (lien direct) |
The threat group 8220 Gang's cryptocurrency miner and botnet reach has exploded to 30,000 global hosts, a notable increase over the past month, researchers say. |
Threat
|
APT 17
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 19:40:45 |
\'AIG\' Threat Group Launches with Unique Business Model (lien direct) |
The rapidly growing Atlas Intelligence Group relies on cyber-mercenaries to carry out its missions. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 18:22:54 |
Feds Recoup $500K From Maui Ransomware Gang (lien direct) |
Law enforcement hopes that retuning ransom payments to impacted businesses will demonstrate that working with the feds following a cybersecurity breach is "good business." |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 18:20:59 |
Data-Centric Security Market Worth $12.3B by 2027 - Exclusive Report by MarketsandMarkets™ (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 18:17:28 |
Mutare Voice Network Threat Survey Shows Nearly Half of Organizations Experienced Vishing or Social Engineering Attacks in Past Year (lien direct) |
Unsecured voice traffic, skyrocketing adoption of Teams-centric enterprise collaboration tools widen enterprise cybersecurity gaps and increase risk of breach. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 17:00:00 |
What InfoSec Pros Can Teach the Organization About ESG (lien direct) |
Security pros' experience with transparency and evaluating third-party partners positions them to act as key environmental, social, and governance advisers. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-07-20 15:05:49 |
Chaotic LAPSUS$ Group Goes Quiet, but Threat Likely Persists (lien direct) |
The LAPSUS$ group emerged with a big splash at the end of 2021, targeting companies, including Okta, with a "reckless and disruptive" approach to hacking. |
Threat
|
|
|