Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-13 14:00:00 |
Business Security Starts With Identity (lien direct) |
How identity-centric security can support business objectives. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-13 13:46:51 |
Gartner Survey Shows 75% of Organizations Are Pursuing Security Vendor Consolidation in 2022 (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-13 13:00:00 |
Attackers Can Compromise Most Cloud Data in Just 3 Steps (lien direct) |
An analysis of cloud services finds that known vulnerabilities typically open the door for attackers, while insecure cloud architectures allow them to gain access to the crown jewels. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 21:28:40 |
How Machine Learning Can Boost Network Visibility for OT Teams (lien direct) |
Opswat says its new tool uses neural networks to protect critical environments through AI-assisted asset discovery, network visibility, and risk management. |
Tool
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 21:01:20 |
Google Releases Pixel Patches for Critical Bugs (lien direct) |
Unpatched Pixel devices are at risk for escalation of privileges, Google warns. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 19:46:23 |
Federal Privacy Bill That Would Preempt State Privacy Laws Faces Uncertain Future (lien direct) |
The American Data Privacy and Protection Act would provide federal-level protections that don't exist in most states, but override existing, stronger state protections. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 19:05:42 |
Cisco Data Breach Attributed to Lapsus$ Ransomware Group (lien direct) |
Analysis shows attackers breached employee credentials with voice phishing and were preparing a ransomware attack against Cisco Systems. |
Ransomware
Data Breach
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 16:48:35 |
Cybersecurity Awareness Campaigns: How Effective Are They in Changing Behavior? (lien direct) |
Your chance to be a part of a ground-breaking study. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 14:05:47 |
Google Completes Acquisition of Mandiant (lien direct) |
The threat-intelligence and cyberdefense company company will join Google Cloud and retain its brand name. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 14:00:00 |
Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats (lien direct) |
Users must continually be made aware of new threats, including attacks targeting shipping, the supply chain, email, and hybrid workers. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-12 13:13:22 |
Report Highlights Prevalence of Software Supply Chain Risks (lien direct) |
Multiclient research report shows organizations are significantly increasing efforts to secure their supply chains in response to software supply chain attacks. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 20:18:37 |
Zane Lackey: \'Technology Is the Easy Bit\' (lien direct) |
Security Pro File: The DevOps evangelist and angel investor shares his expertise with the next generation of startups. If you're lucky, maybe he'll even share his Lagavulin. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 19:00:00 |
Monti, the New Conti: Ransomware Gang Uses Recycled Code (lien direct) |
A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 17:56:48 |
Attackers Exploit Zero-Day WordPress Plug-in Vulnerability in BackupBuddy (lien direct) |
The critical flaw in BackupBuddy is one of thousands of security issues reported in recent years in products that WordPress sites use to extend functionality. |
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 16:48:02 |
US Sanctions Iran Over APT Cyberattack Activity (lien direct) |
The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities. |
Prediction
|
APT 39
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 14:29:16 |
Microsoft, Cloud Providers Move to Ban Basic Authentication (lien direct) |
Microsoft moves ahead with a plan to sunset basic authentication, and other providers are moving - or have moved - to requiring more secure authentication as well. Is your company ready? |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 14:22:58 |
LockBit, ALPHV & Other Ransomware Gang Leak Sites Hit by DDoS Attacks (lien direct) |
A sweeping effort to prevent a raft of targeted cybercrime groups from posting ransomware victims' data publicly is hampering their operations, causing outages. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-09 14:00:00 |
Why Ports Are at Risk of Cyberattacks (lien direct) |
More docked ships bring a new challenge. The longer a ship is docked, the more vulnerable the port is to a cyberattack. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 19:19:24 |
Darktrace Shares Plunge After Thoma Bravo Acquisition Falls Apart (lien direct) |
No agreement could be reached on terms of a firm offer, the provider of AI-based cybersecurity products says. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 17:22:52 |
A Pragmatic Response to the Quantum Threat (lien direct) |
You certainly don't need to panic, but you do need to form a plan to prepare for the post-quantum reality. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 17:00:00 |
5 Keys to Better Key Management (lien direct) |
From analyzing your company's risk profile to knowing where keys are stored and who can access them, prioritize key clean-up and management. Make compliance an outcome and develop a risk management strategy. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 15:53:08 |
Meta to Appeal $400M GDPR Fine for Mishandling Teen Data in Instagram (lien direct) |
Instagram and Facebook parent company Meta was slapped with the fine for exposing the personal data of minors. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 15:20:00 |
Vulnerability Exploits, Not Phishing, Are the Top Cyberattack Vector for Initial Compromise (lien direct) |
A slew of Microsoft Exchange vulnerabilities (including ProxyLogon) fueled a surge in attacks targeting software flaws in 2021, but the trend has continued this year. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 14:39:48 |
Former Conti Ransomware Members Join Initial Access Broker Group Targeting Ukraine (lien direct) |
The initial access broker (IAB) for ransomware gangs known as UAC-0098 has targeted Ukrainian organizations in five separate phishing campaigns spanning April to August. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 14:00:00 |
Everything You Need To Know About BlackCat (AlphaV) (lien direct) |
A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-08 13:44:28 |
SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform (lien direct) |
Investment to fuel growth and market presence as demand grows for SaaS' next-generation security tools for managed service providers. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 21:50:17 |
Pen Testing Evolves for the DevSecOps World (lien direct) |
Penetration testing not only serves to triage and validate other defect discovery activities, it informs risk management activities, such as threat modeling and secure design. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 19:30:50 |
Holiday Inn Owner InterContinental Has a Breach Trend (lien direct) |
After a high-profile 2017 breach and a Holiday Inn ransomware hit earlier this year, IHG confirms that its booking channels and applications have been disrupted in yet another cyberattack. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 17:00:00 |
Fighting Ransomware Takes an Army: Our Public & Private Sector Soldiers Join Forces (lien direct) |
Continued collaboration will help win the fight as cybersecurity remains a national priority. International and public-private cooperation is helping stem the damage from ransomware threats and cyberattacks. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 16:35:00 |
How Can I Protect My SaaS Apps Amid Employee Turnover? (lien direct) |
A SaaS-specific security solution can help security teams make sure apps and usage are both secure, reducing the chances of a breach. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 15:53:37 |
Next-Gen Linux Malware Takes Over Devices With Unique Tool Set (lien direct) |
The Shikitega malware takes over IoT and endpoint devices, exploits vulnerabilities, uses advanced encoding, abuses cloud services for C2, installs a cryptominer, and allows full remote control. |
Malware
Tool
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 14:37:13 |
Iran-Linked APT Cozies Up to \'Enemies\' in Trust-Based Spy Game (lien direct) |
APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance. |
|
APT 42
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-07 14:00:01 |
Some Employees Aren\'t Just Leaving Companies - They\'re Defrauding Them (lien direct) |
Here are a few measures your organization can implement to minimize fraudulent behavior and losses. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 20:44:34 |
Mysterious \'Worok\' Group Launches Spy Effort With Obfuscated Code, Private Tools (lien direct) |
The threat actor - whose techniques and procedures do not match known groups - has created custom attack tools, including a program that hides scripts in .PNG images. |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 20:16:44 |
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks (lien direct) |
What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns. |
Malware
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 19:51:08 |
As LA Unified Battles Ransomware, CISA Warns About Back-to-School Attacks (lien direct) |
Hours after Los Angeles Unified School District hit with ransomware attack, CISA issued an alert that threat actors are actively targeting the education sector. |
Ransomware
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 19:37:38 |
(Déjà vu) Name That Edge Toon: Mime\'s the Word (lien direct) |
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 17:51:18 |
Internet Security & Encryption Pioneer Peter Eckersley Passes at 43 (lien direct) |
The founder of Let's Encrypt and an EFF technologist, Eckersley devoted his life's work to making the Internet safer and more secure. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 17:51:16 |
Critical QNAP NAS Zero-Day Bug Exploited to Deliver DeadBolt Ransomware (lien direct) |
This is the fourth DeadBolt campaign this year against QNAP customers, but it differs from previous attacks in exploiting an unpatched bug instead of a known vulnerability. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 17:17:24 |
The 3 Fundamentals of Building an Effective IoMT Security Strategy (lien direct) |
The high stakes and unique priorities for Internet of Medical Things devices require specialized cybersecurity strategies. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 15:12:28 |
Cymulate Raises $70M Series D Funding for Continuous Security Posture Testing (lien direct) |
Investor participation from prior round demonstrates confidence in the company's current and future performance. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 14:00:00 |
Botnets in the Age of Remote Work (lien direct) |
Here are some strategies for protecting the business against botnets poised to take advantage of remote-work vulnerabilities. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 13:56:23 |
EvilProxy Commodifies Reverse-Proxy Tactic for Phishing, Bypassing 2FA (lien direct) |
The phishing-as-a-service offering targets accounts from tech giants, and also has connections to PyPI phishing and the Twilio supply chain attack. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-06 13:00:00 |
Defenders Be Prepared: Cyberattacks Surge Against Linux Amid Cloud Migration (lien direct) |
Ransomware in particular poses a major threat, but security vendors say there has been an increase in Linux-targeted cryptojacking, malware, and vulnerability exploits as well, and defenders need to be ready. |
Ransomware
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-05 14:00:00 |
3 Critical Steps for Reducing Cloud Risk (lien direct) |
Having a better understanding of how clouds are built, connected, and managed helps organizations mitigate risks and reduce attack surfaces. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-02 19:02:25 |
Feds, npm Issue Supply Chain Security Guidance to Avert Another SolarWinds (lien direct) |
The US government and the Open Source Security Foundation have released guidance to shore up software supply chain security, and now it's up to developers to act. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-02 18:56:28 |
Researchers Spot Snowballing BianLian Ransomware Gang Activity (lien direct) |
The operators of the emerging cross-platform ransomware BianLian increased their command and control infrastructure this month, indicating an acceleration in their operational pace. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-02 17:44:45 |
4 Scenarios for the Digital World of 2040 (lien direct) |
Our digital future depends on the choices we make today. We need to invest in cybersecurity technologies and skills so that humanity can control its future. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-02 16:52:51 |
Raspberry Robin Malware Connected to Russian Evil Corp Gang (lien direct) |
Infections attributed to the USB-based worm have taken off, and now evidence links the malware to Dridex and the sanctioned Russian cybercriminal group Evil Corp. |
Malware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-09-02 15:16:40 |
AWS Tokens Lurking in Android, iOS Apps Crack Open Corporate Cloud Data (lien direct) |
Thousands of corporate mobile apps developed by businesses for use by their customers contain hard-coded AWS tokens that can be easily extracted and used to access the full run of corporate data stored in cloud buckets. |
|
|
|