Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-07-19 20:42:57 |
Ongoing Magecart Campaign Targets Online Ordering at Local Restaurants (lien direct) |
More than 311 local eateries have been breached through online ordering platforms MenuDrive, Harbortouch, and InTouchPOS, impacting 50K records - and counting. |
|
|
|
|
2022-07-19 19:24:43 |
Post-Breakup, Conti Ransomware Members Remain Dangerous (lien direct) |
The gang's members have moved into different criminal activities, and could regroup once law-enforcement attention has simmered down a bit, researchers say. |
Ransomware
|
|
|
|
2022-07-19 19:11:37 |
Startup Aims to Secure AI, Machine Learning Development (lien direct) |
With security experts warning against attacks on machine learning models and data, startup HiddenLayer aims to protect the neural networks powering AI-augmented products. |
|
|
|
|
2022-07-19 17:32:40 |
Okta Exposes Passwords in Clear Text for Possible Theft (lien direct) |
Researchers say Okta could allow attackers to easily exfiltrate passwords, impersonate other users, and alter logs to cover their tracks. |
|
|
|
|
2022-07-19 17:00:00 |
Will Your Cyber-Insurance Premiums Protect You in Times of War? (lien direct) |
Multiple cyber-insurance carriers have adopted act-of-war exclusions due to global political instability and are seeking to stretch the definition of war to deny coverage. |
|
|
|
|
2022-07-19 16:35:16 |
Huntress Acquires Curricula for $22M to Disrupt Security Training Market, Elevate Cyber Readiness for SMB Employees (lien direct) |
The Curricula platform uses behavioral science with a simplified approach to train and educate users - and marks another step forward in Huntress' mission to secure the 99%. |
|
|
|
|
2022-07-19 15:00:00 |
Unpatched GPS Tracker Security Bugs Threaten 1.5M Vehicles with Disruption (lien direct) |
A GPS device from MiCODUS has six security bugs that could allow attackers to monitor 1.5 million vehicles that use the tracker, or even remotely disable vehicles. |
|
|
|
|
2022-07-19 14:41:08 |
GhangorCloud Announces CAPE, a Next Generation Unified Compliance and Data Privacy Enforcement Solution (lien direct) |
New CAPE platform delivers patented intelligent automation and enforcement of consumer data privacy mandates at lowest total cost of ownership. |
|
|
|
|
2022-07-19 14:34:51 |
Enso Security Leads Industry Mission to Bring Control to Chaos With Community-Driven AppSec Map (lien direct) |
Builds personalization, posture scoring and enhanced market intelligence into interactive map of the application security ecosystem. |
|
|
|
|
2022-07-19 14:00:00 |
Protecting Against Kubernetes-Borne Ransomware (lien direct) |
The conventional wisdom that virtual container environments were somehow immune from malware and hackers has been upended. |
Ransomware
Malware
|
Uber
|
|
|
2022-07-19 13:33:27 |
Software Supply Chain Concerns Reach C-Suite (lien direct) |
Major supply chain attacks have had a significant impact on software security awareness and decision-making, with more investment planned for monitoring attack surfaces. |
|
|
|
|
2022-07-18 22:32:02 |
Trojanized Password Crackers Targeting Industrial Systems (lien direct) |
Tools purporting to help organizations recover lost passwords for PLCs are really droppers for malware targeting industrial control systems, vendor says. |
Malware
|
|
|
|
2022-07-18 22:10:35 |
Retbleed Fixed in Linux Kernel, Patch Delayed (lien direct) |
Linus Torvalds says Retbleed has been addressed in the Linux kernel, but code complexity means the release will be delayed by a week to give more time for testing. |
|
|
|
|
2022-07-18 20:54:47 |
FBI: Beware of Scam Cryptocurrency Investment Apps (lien direct) |
Law enforcement estimates campaign has already bilked cryptocurrency investors out of $42.7 million. |
|
|
|
|
2022-07-18 17:55:01 |
WordPress Page Builder Plug-in Under Attack, Can\'t Be Patched (lien direct) |
An ongoing campaign is actively targeting the vulnerability in the Kaswara Modern WPBakery Page Builder Addon, which is still installed on up to 8,000 sites, security analysts warn. |
Vulnerability
|
|
|
|
2022-07-18 17:10:00 |
Name That Toon: Modern-Day Fable (lien direct) |
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
|
|
2022-07-18 16:00:00 |
Ransomware Attempts Flag as Payments Also Decline (lien direct) |
Telecom and business services see the highest level of attacks, but the two most common ransomware families, which continue to be LockBit and Conti, are seen less often. |
Ransomware
|
|
|
|
2022-07-18 14:00:00 |
Watch Out for User Impersonation in Low-Code/No-Code Apps (lien direct) |
How a well-meaning employee could unwittingly share their identity with other users, causing a whole range of problems across IT, security, and the business. |
|
|
|
|
2022-07-15 18:13:26 |
What Are the Risks of Employees Going on a \'Hybrid Holiday\'? (lien direct) |
As more employees plan on taking longer holidays and working remotely from the destination for part of that time, organizations have to consider the risks. Like Wi-Fi networks. |
|
|
★★★
|
|
2022-07-15 16:43:25 |
Ex-CIA Programmer Found Guilty of Stealing Vault 7 Data, Giving It to Wikileaks (lien direct) |
Joshua Schulte has been convicted for his role in the Vault 7 Wikileaks data dump that exposed invasive US cyber intelligence tactics. |
|
|
|
|
2022-07-15 15:16:44 |
Sandworm APT Trolls Researchers on Its Trail as It Targets Ukraine (lien direct) |
Researchers who helped thwart the Russian nation-state group's recent attack on Ukraine's power supply will disclose at Black Hat USA what they found while reverse-engineering the powerful Industroyer2 malware used by the powerful hacking team. |
Malware
|
|
|
|
2022-07-15 14:00:00 |
How Hackers Create Fake Personas for Social Engineering (lien direct) |
And some ways to up your game for identifying fabricated online profiles of people who don't exist. |
|
|
|
|
2022-07-14 22:17:32 |
Bishop Fox Secures $75 Million in Growth Funding From Carrick Capital Partners (lien direct) |
Offensive security leader continues to defy market and economic trends with record growth and recognized innovation. |
Guideline
|
|
|
|
2022-07-14 20:43:13 |
DHS Review Board Deems Log4j an \'Endemic\' Cyber Threat (lien direct) |
Vulnerability will remain a "significant" threat for years to come and highlighted the need for more public and private sector support for open source software ecosystem, Cyber Safety Review Board says. |
Vulnerability
Threat
|
|
|
|
2022-07-14 20:22:15 |
New Phishing Kit Hijacks WordPress Sites for PayPal Scam (lien direct) |
Attackers use scam security checks to steal victims' government documents, photos, banking information, and email passwords, researchers warn. |
|
|
|
|
2022-07-14 19:35:18 |
Scribe Security Releases Code Integrity Validator Alongside Github Security Open Source Project (lien direct) |
Developers can now rest assured that the code they are using, as well as their GitHub accounts, are safe. |
|
|
|
|
2022-07-14 19:30:17 |
AEI HorizonX Ventures Joins Shift5 Series B Funding Round (lien direct) |
Investment bolsters Shift5's traction within commercial aerospace and defense industries. |
|
|
|
|
2022-07-14 18:06:59 |
Data of Nearly 2M Patients Exposed in Ransomware Attack on Healthcare Debt Collection Firm (lien direct) |
Professional Finance Company (PFC) was hit in February 2022 by a ransomware attack. |
Ransomware
|
|
|
|
2022-07-14 14:50:20 |
Is Cryptocurrency\'s Crash Causing Headaches for Ransomware Gangs? (lien direct) |
Bitcoin is down more than 70% from its highs late last year, causing disruptions for cybercriminals and the underground exchanges that fuel the dark markets. |
Ransomware
|
|
|
|
2022-07-14 14:00:00 |
Virtual CISOs Are the Best Defense Against Accelerating Cyber-Risks (lien direct) |
A poor, permanent hire can be a very expensive error, whereas a mis-hire on a virtual CISO can be rapidly corrected. |
|
|
|
|
2022-07-14 13:33:18 |
The Next Generation of Threat Detection Will Require Both Human and Machine Expertise (lien direct) |
To be truly effective, threat detection and response need to combine the strengths of people and technology. |
Threat
|
|
|
|
2022-07-14 13:31:46 |
Data Breaches Linked to Ransomware Declined in Q2 2022 (lien direct) |
Phishing retained its place as the top root cause of data compromises, according to new data from the Identity Theft Resource Center (ITRC). |
Ransomware
|
|
|
|
2022-07-13 22:55:00 |
Researchers Devise New Speculative Execution Attacks Against Some Intel, AMD CPUs (lien direct) |
"Retbleed" bypasses a commonly used mechanism for protecting against a certain kind of side-channel attack. |
|
|
|
|
2022-07-13 21:23:00 |
CyberRatings.org Issues AAA Rating on Forcepoint\'s Cloud Network Firewall (lien direct) |
Forcepoint's test results are second in a series of publications on this new technology. |
|
|
|
|
2022-07-13 21:09:34 |
Report: Financial Institutions Overly Complacent About Current Authentication Methods (lien direct) |
New research report finds most financial organizations have experienced a breach due to an authentication weakness, yet only a third took action |
|
|
|
|
2022-07-13 20:24:52 |
Mozilla: EU\'s eIDAS Proposal Attracts Growing Criticism (lien direct) |
In the wrong hands, the changes could enable state-sponsored internet surveillance says Mozilla's Chief Security Officer |
|
|
|
|
2022-07-13 20:21:32 |
Nearly Half of Enterprise Endpoints Present Significant Security Risks (lien direct) |
. |
|
|
|
|
2022-07-13 19:52:37 |
MacOS Bug Could Let Malicious Code Break Out of Application Sandbox (lien direct) |
Microsoft reveals now-fixed flaw in Apple's App Sandbox controls could allow attackers to escalate device privileges and deploy malware. |
|
|
|
|
2022-07-13 19:39:00 |
The 3 Critical Elements You Need for Vulnerability Management Today (lien direct) |
Most organizations are flying blind when remediating vulnerabilities. We lack the tooling to secure software fast enough. We need a new approach to vulnerability management now. |
Vulnerability
|
|
|
|
2022-07-13 18:44:03 |
Internet Searches Reveal Surprisingly Prevalent Ransomware (lien direct) |
Two mostly defunct threats - WannaCry and NonPetya - top the list of ransomware searches, but does that mean they are still causing problems? |
Ransomware
|
Wannacry
Wannacry
|
|
|
2022-07-13 17:00:00 |
3 Golden Rules of Modern Third-Party Risk Management (lien direct) |
It's time to expand the approach of TPRM solutions so risk management is more effective in the digital world. |
|
|
|
|
2022-07-13 15:08:28 |
Survey: Small Cybersecurity Teams Face Greater Risk from Attacks than Larger Enterprises (lien direct) |
Cynet CISO survey reveals lack of staff, skills, and resources driving smaller teams to outsource security with advanced tools, technologies, and services. |
|
|
|
|
2022-07-13 14:54:51 |
Microsoft: 10,000 Orgs Targeted in Phishing Attack That Bypasses Multifactor Authentication (lien direct) |
The massive phishing campaign does not exploit a vulnerability in MFA. Instead, it spoofs an Office 365 authentication page to steal credentials. |
Vulnerability
|
|
|
|
2022-07-13 14:17:34 |
US Government and QuSecure Orchestrate First-Ever Post-Quantum Encryption Communication over a Government Network (lien direct) |
QuSecure's QuProtect leverages unique post-quantum cryptographic algorithm on government legacy systems to achieve world's first and only post-quantum resilient channel within a government facility. |
|
|
|
|
2022-07-13 14:01:36 |
New Research Reveals 93% of Organizations Surveyed Have Had Failed IIoT/OT Security Projects (lien direct) |
Barracuda research finds organizations are struggling to protect operational technology and getting breached as a result. |
|
|
|
|
2022-07-13 14:00:00 |
Keep Humans in the Loop in SOC Operations (lien direct) |
Machine learning and automation can help free up security pros for higher-value tasks. |
|
|
|
|
2022-07-13 13:39:07 |
Exostar Empowers SMBs with Enhanced, Low-Cost, Easy-to-Use Microsoft 365 and CMMC 2.0 Solutions (lien direct) |
Upgrades to the Exostar platform promote secure, compliant collaboration and handling of controlled unclassified information. |
|
|
|
|
2022-07-13 12:00:00 |
QuickBooks Vishing Scam Targets Small Businesses (lien direct) |
Businesses receive an invoice via email with a credit card charge and are asked to call a fake number and hand over personal information to receive a refund. |
|
|
|
|
2022-07-13 00:33:43 |
Getting Up and Running with Windows Autopatch (lien direct) |
This Tech Tip outlines how system administrators can get started with automated continuous patching for their Windows devices and applications. |
Patching
|
|
|
|
2022-07-12 22:42:37 |
PyPI Mandates 2FA, Plans Google Titan Key Giveaway (lien direct) |
Python's most popular package manager is intent on securing the supply chain by requiring developers to enable two-factor authentication. |
|
|
|