What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-15 14:59:21 | API Flaws in Lego Marketplace Put User Accounts, Data at Risk (lien direct) | Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform. | ★★ | ||
|
2022-12-14 22:00:20 | NSA Slices Up 5G Mobile Security Risks (lien direct) | The feds' mobile service provider guidance details cybersecurity threat vectors associated with 5G network slicing. | Threat | ★★ | |
|
2022-12-14 21:20:00 | Cybereason Warns Global Organizations Against Destructive Ransomware Attacks From Black Basta Gang (lien direct) | The Royal Ransomware Group has emerged as a threat to companies in 2022 and they have carried out dozens of successful attacks on global companies. Cybereason suggests that companies raise their awareness of this potential pending threat. | Ransomware Threat | ★★ | |
|
2022-12-14 20:09:00 | Keysight Announces 400GE Network Cybersecurity Test Platform (lien direct) | Pas de details / No more details | ★★ | ||
|
2022-12-14 19:46:00 | Epic Management Provides Notice of Data Security Incident (lien direct) | Pas de details / No more details | ★★ | ||
|
2022-12-14 18:50:59 | Microsoft-Signed Malicious Drivers Usher In EDR-Killers, Ransomware (lien direct) | Malicious Windows drivers signed as legit by Microsoft have been spotted as part of a toolkit used to kill off security processes in post-exploitation cyber activity. | Ransomware | ★★★ | |
|
2022-12-14 18:00:00 | CSAF Is the Future of Vulnerability Management (lien direct) | Version 2.0 of the Common Security Advisory Framework will enable organizations to automate vulnerability remediation. | Vulnerability | ★★★ | |
|
2022-12-14 17:20:07 | Apple Zero-Day Actively Exploited on iPhone 15 (lien direct) | Without many details, Apple patches a vulnerability that has been exploited in the wild to execute code. | Vulnerability | ★★ | |
|
2022-12-14 15:06:25 | Automated Cyber Campaign Creates Masses of Bogus Software Building Blocks (lien direct) | The proliferation of automated cyberattacks against npm, NuGet, and PyPI underscores the growing sophistication of threat actors and the threats to open source software supply chains. | Threat | ★★★ | |
|
2022-10-12 14:00:00 | Cloud Data Breaches Are Running Rampant. What Are the Common Characteristics? (lien direct) | Protecting against data breaches requires detailed analysis of recent attacks for remediation and prevention. | |||
|
2022-10-12 13:52:08 | 2 Out of 3 Companies See Zero Trust Network Access as Key to Mitigate Work-From-Anywhere Risks, According to New EMA Report (lien direct) | Report also shows that cloud-based solutions minimize complexity to enable easy adoption by small to midsize businesses. | |||
|
2022-10-12 13:30:55 | InterVision Announces Study Identifying Ransomware as No. 1 Threat to Business Longevity (lien direct) | InterVision releases a new website focused on the customer experience, making B2B cybersecurity purchasing decisions easier. | Ransomware Threat | ||
|
2022-10-12 13:14:53 | Palo Alto Networks Ushers in the Next-Generation Security Operations Center With General Availability of Cortex XSIAM - the Autonomous Security Operations Platform (lien direct) | Early adopters reaping the benefits of improved SOC operations and efficiencies. | |||
|
2022-10-11 20:32:10 | Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched (lien direct) | The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited. | |||
|
2022-10-11 19:01:37 | AI and Residual Finger Heat Could Be a Password Cracker\'s Latest Tools (lien direct) | New research demonstrates the use of thermal camera images of keyboards and screens in concert with AI to correctly guess computer passwords faster and more accurately. | |||
|
2022-10-11 18:23:07 | Critical Open Source vm2 Sandbox Escape Bug Affects Millions (lien direct) | Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine. | |||
|
2022-10-11 17:53:47 | OT Cybersecurity Leader Paul Brager Passes Away (lien direct) | The IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry. | |||
|
2022-10-11 17:49:46 | Intel Processor UEFI Source Code Leaked (lien direct) | Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher. | |||
|
2022-10-11 17:00:00 | It\'s Time to Make Security an Innovation Enabler (lien direct) | How data-driven security can best safeguard your unique cloud operations. | |||
|
2022-10-11 15:21:39 | Skybox Security Unveils Industry\'s First SaaS Solution For Security Policy and Vulnerability Management Across Hybrid Environments (lien direct) | Skybox Security Cloud Edition ushers in a new era of proactive cybersecurity . | Vulnerability | ||
|
2022-10-11 15:17:20 | Dependency Management Aims to Make Security Easier (lien direct) | Existing software security firms and new startups tackle the tasks of exposing dependencies and helping developers manage their use of open-source components. | |||
|
2022-10-11 15:15:01 | DigiCert Root CA Approved for Matter Device Attestation by Connectivity Standards Alliance (lien direct) | DigiCert ready to help smart home device manufacturers achieve Matter compliance rapidly and at scale. | |||
|
2022-10-11 15:09:21 | Delinea Releases \'Cloud Server Privilege Management for Dummies\' eBook (lien direct) | . | |||
|
2022-10-11 14:57:49 | Stairwell Announces $45M Series B Funding Round (lien direct) | Investment led by Section 32 will be used to scale the product and team. | |||
|
2022-10-11 14:13:42 | Outpost24 Announces Expansion of Penetration Testing Offerings to North America (lien direct) | Pen testing solutions to empower businesses to proactively address application security vulnerabilities amid surging threats. | |||
|
2022-10-11 14:01:28 | High-Value Targets: String of Aussie Telco Breaches Continues (lien direct) | Australian IT services provider Dialog has announced a breach, making it the third telecom company in the area compromised in less than a month. | |||
|
2022-10-11 14:00:00 | Proposed SEC Disclosure Rules Could Transform Cyber-Incident Response (lien direct) | It's not too early for firms to start preparing for change. | |||
|
2022-10-11 13:34:26 | Cybersecurity Survey of State CISOs Identifies Many Positive Trends (lien direct) | . | |||
|
2022-10-10 20:45:00 | US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet (lien direct) | Killnet calls on other groups to launch similar attacks against US civilian infrastructure, including marine terminals and logistics facilities, weather monitoring centers, and healthcare systems. | |||
|
2022-10-10 20:35:32 | Emotet Rises Again With More Sophistication, Evasion (lien direct) | An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware - complexity that helps it dodge analysis. | Malware | ||
|
2022-10-10 18:17:44 | Zimbra RCE Bug Under Active Attack (lien direct) | A flaw in unpatched Zimbra email servers could allow attackers to obtain remote code execution by pushing malicious files past filters. | |||
|
2022-10-10 14:00:00 | 6 Things Every CISO Should Do the First 90 Days on the Job (lien direct) | A CISO's responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago. | |||
|
2022-10-08 13:00:44 | Email Defenses Under Siege: Phishing Attacks Dramatically Improve (lien direct) | About 1 in 5 phishing email messages reach workers' inboxes, as attackers get better at dodging Microsoft's platform defenses and defenders run into processing limitations. | |||
|
2022-10-07 22:52:00 | Credential Harvesting Is Retail Industry\'s Top Threat (lien direct) | Why bother with new tactics and exploits when the old tricks are still effective? | Threat | ||
|
2022-10-07 19:59:03 | Cybersecurity Will Account for Nearly One-Quarter of AI Software Market Through 2025 (lien direct) | A boom in artificial intelligence-powered detection and remediation tools pushes security spending to the top of the AI market, according to Forrester. | |||
|
2022-10-07 19:00:00 | Meta Flags Malicious Android, iOS Apps Affecting 1M Facebook Users (lien direct) | Some 400 mobile apps have posed as legitimate software on Google Play and the Apple App Store over the past year, and were designed to steal Facebook user credentials. | |||
|
2022-10-07 16:50:32 | State Bar of Georgia Notifies Members and Employees of Cybersecurity Incident (lien direct) | Current and former employees and members are being offered complimentary credit monitoring and identity protection services as some personal information may have been accessed. | |||
|
2022-10-07 16:45:00 | Patch Now: Fortinet FortiGate & FortiProxy Contain Critical Vuln (lien direct) | Fortinet issued a customer advisory urging customers to apply its update immediately. | |||
|
2022-10-07 15:12:36 | LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software (lien direct) | The group has been operating for over a year, promoting their tools in hacking forums, stealing credit card information, and using typosquatting techniques to target open source software flaws. | |||
|
2022-10-07 14:00:00 | We Can Save Security Teams From Crushing Workloads. Will We? (lien direct) | Today, the processing of mountain-high stacks of alarms is considered "security." That system is failing customers and the cybersecurity workforce. | |||
|
2022-10-07 13:15:24 | CyberRatings.org Invites Industry Participation in Forthcoming Enterprise Firewall and Data Center Firewall Tests (lien direct) | Test methodologies published today, and their scope includes security effectiveness, performance, stability and reliability, and total cost of ownership. | |||
|
2022-10-07 00:11:00 | Sharing Knowledge at 44CON (lien direct) | The infosec conference named after the UK's calling code returned this year with a focus on building a healthy community. | |||
|
2022-10-06 20:45:00 | macOS Archive Utility Bug Lets Malicious Apps Bypass Security Checks (lien direct) | Exploit allows unsigned and unnotarized macOS applications to bypass Gatekeeper and other security, without notifying the user. | |||
|
2022-10-06 19:56:01 | Russian Hackers Shut Down US State Government Websites (lien direct) | Russian-speaking cyberattackers boast they are behind disruption of Colorado, Kentucky, and Mississippi government websites. | |||
|
2022-10-06 18:30:00 | US Consumers Are Finally Becoming More Security & Privacy Conscious (lien direct) | The trend, spotted by Consumer Reports, could mean good news for organizations struggling to contain remote work challenges. | ★★★★★ | ||
|
2022-10-06 15:35:12 | Hackers Have It Out for Microsoft Email Defenses (lien direct) | Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security. | |||
|
2022-10-06 15:15:20 | Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot (lien direct) | The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram. | Malware | ||
|
2022-10-06 14:00:00 | School Is in Session: 5 Lessons for Future Cybersecurity Pros (lien direct) | Opportunities in the field continue to grow - and show no signs of slowing down. | |||
|
2022-10-06 13:15:00 | 7 IoT Devices That Make Security Pros Cringe (lien direct) | A look at everything from truly dumb smart devices to cool-looking IoT tech with huge cybersecurity and privacy implications. | |||
|
2022-10-06 13:13:32 | New SonicWall Survey Data Reveals 91% of Organizations Fear Ransomware Attacks in 2022 (lien direct) | Amid an economic downturn, cybersecurity staffing shortages, and endless cyberattacks, financially motivated attacks are the top concern among IT professionals. | Ransomware |
To see everything:
Our RSS (filtrered)
