What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-16 20:19:10 | FBI: Criminals Using BEC Attacks to Scavenge Food Shipments (lien direct) | Cybercriminal rats are at play: Several food suppliers and distributors have experienced hundreds of thousands of dollars in losses after fulfilling fraudulently placed orders for food and ingredient shipments. | ★★★ | ||
|
2022-12-16 18:35:36 | Organizations Unprepared for Upcoming Data Privacy Regulations (lien direct) | A comprehensive data privacy program requires involvement from all parts of the business that deal with personal data. | ★★ | ||
|
2022-12-16 17:35:19 | With SASE Definition Still Cloudy, Forum Proposes Standard (lien direct) | Even without an overarching dictionary of common definitions, the concept of a secure access service edge (SASE) has spread, but a standard could help cloud services work better together. | ★★★ | ||
|
2022-12-16 16:04:25 | Iran-Backed Charming Kitten APT Eyes Kinetic Ops, Kidnapping (lien direct) | The not-so-charming APT's intelligence-gathering initiatives are likely being used by the Iranian state to target kidnapping victims. | APT 35 | ★★★ | |
|
2022-12-16 16:00:03 | Chinese APT Group MirrorFace Interferes in Japanese Elections (lien direct) | The MirrorFace group has deployed popular malware LodeInfo for spying and data theft against certain members of the Japanese House of Representatives. | Malware | ★★★ | |
|
2022-12-16 15:00:00 | Zero Trust in the Era of Edge (lien direct) | Accelerating security challenges and the increasing footprint of edge and IoT devices call for zero-trust principles to drive cyber resiliency. | ★★★ | ||
|
2022-12-16 15:00:00 | Compliance Is Not Enough: How to Manage Your Customer Data (lien direct) | Effective customer data management helps companies avoid data breaches and the resulting cascade of issues. From validating "clean" data to centralized storage and a data governance strategy, management steps can help keep data safe. | ★★★ | ||
|
2022-12-16 14:00:00 | Live From London: Next-Gen Cybersecurity Takes Stage at Black Hat Europe (lien direct) | Check out our slideshow detailing the emerging cybersecurity trends in cloud, creating a defensible Internet, malware evolution, and more that lit up audiences in London. | Malware | ★★ | |
|
2022-12-15 23:00:00 | NIST Finally Retires SHA-1, Kind Of (lien direct) | SHA-1 was deprecated in 2011. NIST has set the hashing algorithm's final retirement date to Dec. 31, 2030. | ★★★ | ||
|
2022-12-15 22:00:00 | Zero Trust Shouldn\'t Be The New Normal (lien direct) | Zero trust is useful in some situations, but organizations should not be trying to fit zero trust everywhere. In some cases, identity-based networking is an appropriate alternative. | ★★★ | ||
|
2022-12-15 21:07:00 | (Déjà vu) Axonius Bolsters SaaS Management Offering With Behavioral Analytics and SaaS User-Device Association Capabilities (lien direct) | New features bring greater visibility and context into SaaS applications access and activity. | ★ | ||
|
2022-12-15 21:00:00 | Stolen Data on 80K+ Members of FBI-Run InfraGard Reportedly for Sale on Dark Web Forum (lien direct) | InfraGard's members include key security decision-makers and stakeholders from all 16 US civilian critical-infrastructure sectors. | ★★★ | ||
|
2022-12-15 19:07:38 | Meta Ponies Up $300K Bounty for Zero-Click Mobile RCE Bugs in Facebook (lien direct) | Facebook's parent company has also expanded bug-bounty payouts to include Oculus and other "metaverse" gadgets for AR/VR. | ★★★ | ||
|
2022-12-15 19:00:00 | DDoS Attack Platforms Shut Down in Global Law Enforcement Operation (lien direct) | Sweeping operation took down around 50 popular DDoS platforms, just one of which was used in 30M attacks, Europol says. | ★★★ | ||
|
2022-12-15 16:20:20 | Blackmailing MoneyMonger Malware Hides in Flutter Mobile Apps (lien direct) | Money-lending apps built using the Flutter software development kit hide a predatory spyware threat and highlight a growing trend of using personal data for blackmail. | Malware Threat Prediction | ★★★ | |
|
2022-12-15 15:00:00 | Data Destruction Policies in the Age of Cloud Computing (lien direct) | It's time for on-the-record answers to questions about data destruction in cloud environments. Without access, how do you verify data has been destroyed? Do processes meet DoD standards, or do we need to adjust standards to meet reality? | ★★ | ||
|
2022-12-15 14:59:21 | API Flaws in Lego Marketplace Put User Accounts, Data at Risk (lien direct) | Attackers also could breach internal production data to compromise a corporate network using vulnerabilities found in the BrickLink online platform. | ★★ | ||
|
2022-12-14 22:00:20 | NSA Slices Up 5G Mobile Security Risks (lien direct) | The feds' mobile service provider guidance details cybersecurity threat vectors associated with 5G network slicing. | Threat | ★★ | |
|
2022-12-14 21:20:00 | Cybereason Warns Global Organizations Against Destructive Ransomware Attacks From Black Basta Gang (lien direct) | The Royal Ransomware Group has emerged as a threat to companies in 2022 and they have carried out dozens of successful attacks on global companies. Cybereason suggests that companies raise their awareness of this potential pending threat. | Ransomware Threat | ★★ | |
|
2022-12-14 20:09:00 | Keysight Announces 400GE Network Cybersecurity Test Platform (lien direct) | Pas de details / No more details | ★★ | ||
|
2022-12-14 19:46:00 | Epic Management Provides Notice of Data Security Incident (lien direct) | Pas de details / No more details | ★★ | ||
|
2022-12-14 18:50:59 | Microsoft-Signed Malicious Drivers Usher In EDR-Killers, Ransomware (lien direct) | Malicious Windows drivers signed as legit by Microsoft have been spotted as part of a toolkit used to kill off security processes in post-exploitation cyber activity. | Ransomware | ★★★ | |
|
2022-12-14 18:00:00 | CSAF Is the Future of Vulnerability Management (lien direct) | Version 2.0 of the Common Security Advisory Framework will enable organizations to automate vulnerability remediation. | Vulnerability | ★★★ | |
|
2022-12-14 17:20:07 | Apple Zero-Day Actively Exploited on iPhone 15 (lien direct) | Without many details, Apple patches a vulnerability that has been exploited in the wild to execute code. | Vulnerability | ★★ | |
|
2022-12-14 15:06:25 | Automated Cyber Campaign Creates Masses of Bogus Software Building Blocks (lien direct) | The proliferation of automated cyberattacks against npm, NuGet, and PyPI underscores the growing sophistication of threat actors and the threats to open source software supply chains. | Threat | ★★★ | |
|
2022-10-12 14:00:00 | Cloud Data Breaches Are Running Rampant. What Are the Common Characteristics? (lien direct) | Protecting against data breaches requires detailed analysis of recent attacks for remediation and prevention. | |||
|
2022-10-12 13:52:08 | 2 Out of 3 Companies See Zero Trust Network Access as Key to Mitigate Work-From-Anywhere Risks, According to New EMA Report (lien direct) | Report also shows that cloud-based solutions minimize complexity to enable easy adoption by small to midsize businesses. | |||
|
2022-10-12 13:30:55 | InterVision Announces Study Identifying Ransomware as No. 1 Threat to Business Longevity (lien direct) | InterVision releases a new website focused on the customer experience, making B2B cybersecurity purchasing decisions easier. | Ransomware Threat | ||
|
2022-10-12 13:14:53 | Palo Alto Networks Ushers in the Next-Generation Security Operations Center With General Availability of Cortex XSIAM - the Autonomous Security Operations Platform (lien direct) | Early adopters reaping the benefits of improved SOC operations and efficiencies. | |||
|
2022-10-11 20:32:10 | Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched (lien direct) | The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited. | |||
|
2022-10-11 19:01:37 | AI and Residual Finger Heat Could Be a Password Cracker\'s Latest Tools (lien direct) | New research demonstrates the use of thermal camera images of keyboards and screens in concert with AI to correctly guess computer passwords faster and more accurately. | |||
|
2022-10-11 18:23:07 | Critical Open Source vm2 Sandbox Escape Bug Affects Millions (lien direct) | Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine. | |||
|
2022-10-11 17:53:47 | OT Cybersecurity Leader Paul Brager Passes Away (lien direct) | The IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry. | |||
|
2022-10-11 17:49:46 | Intel Processor UEFI Source Code Leaked (lien direct) | Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher. | |||
|
2022-10-11 17:00:00 | It\'s Time to Make Security an Innovation Enabler (lien direct) | How data-driven security can best safeguard your unique cloud operations. | |||
|
2022-10-11 15:21:39 | Skybox Security Unveils Industry\'s First SaaS Solution For Security Policy and Vulnerability Management Across Hybrid Environments (lien direct) | Skybox Security Cloud Edition ushers in a new era of proactive cybersecurity . | Vulnerability | ||
|
2022-10-11 15:17:20 | Dependency Management Aims to Make Security Easier (lien direct) | Existing software security firms and new startups tackle the tasks of exposing dependencies and helping developers manage their use of open-source components. | |||
|
2022-10-11 15:15:01 | DigiCert Root CA Approved for Matter Device Attestation by Connectivity Standards Alliance (lien direct) | DigiCert ready to help smart home device manufacturers achieve Matter compliance rapidly and at scale. | |||
|
2022-10-11 15:09:21 | Delinea Releases \'Cloud Server Privilege Management for Dummies\' eBook (lien direct) | . | |||
|
2022-10-11 14:57:49 | Stairwell Announces $45M Series B Funding Round (lien direct) | Investment led by Section 32 will be used to scale the product and team. | |||
|
2022-10-11 14:13:42 | Outpost24 Announces Expansion of Penetration Testing Offerings to North America (lien direct) | Pen testing solutions to empower businesses to proactively address application security vulnerabilities amid surging threats. | |||
|
2022-10-11 14:01:28 | High-Value Targets: String of Aussie Telco Breaches Continues (lien direct) | Australian IT services provider Dialog has announced a breach, making it the third telecom company in the area compromised in less than a month. | |||
|
2022-10-11 14:00:00 | Proposed SEC Disclosure Rules Could Transform Cyber-Incident Response (lien direct) | It's not too early for firms to start preparing for change. | |||
|
2022-10-11 13:34:26 | Cybersecurity Survey of State CISOs Identifies Many Positive Trends (lien direct) | . | |||
|
2022-10-10 20:45:00 | US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet (lien direct) | Killnet calls on other groups to launch similar attacks against US civilian infrastructure, including marine terminals and logistics facilities, weather monitoring centers, and healthcare systems. | |||
|
2022-10-10 20:35:32 | Emotet Rises Again With More Sophistication, Evasion (lien direct) | An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware - complexity that helps it dodge analysis. | Malware | ||
|
2022-10-10 18:17:44 | Zimbra RCE Bug Under Active Attack (lien direct) | A flaw in unpatched Zimbra email servers could allow attackers to obtain remote code execution by pushing malicious files past filters. | |||
|
2022-10-10 14:00:00 | 6 Things Every CISO Should Do the First 90 Days on the Job (lien direct) | A CISO's responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago. | |||
|
2022-10-08 13:00:44 | Email Defenses Under Siege: Phishing Attacks Dramatically Improve (lien direct) | About 1 in 5 phishing email messages reach workers' inboxes, as attackers get better at dodging Microsoft's platform defenses and defenders run into processing limitations. | |||
|
2022-10-07 22:52:00 | Credential Harvesting Is Retail Industry\'s Top Threat (lien direct) | Why bother with new tactics and exploits when the old tricks are still effective? | Threat |
To see everything:
Our RSS (filtrered)
