What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-30 19:10:40 | Reshaping the Threat Landscape: Deepfake Cyberattacks Are Here (lien direct) | It's time to dispel notions of deepfakes as an emergent threat. All the pieces for widespread attacks are in place and readily available to cybercriminals, even unsophisticated ones. | Threat | ||
|
2022-09-30 18:44:43 | Cybercriminals See Allure in BEC Attacks Over Ransomware (lien direct) | While ransomware seems stalled, business email compromise (BEC) attacks continue to make profits from the ProxyShell and Log4j vulnerabilities, nearly doubling in the latest quarter. | Ransomware | ||
|
2022-09-30 17:38:23 | Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack (lien direct) | Malicious Comm100 files have been found scattered throughout North America, and across sectors including tech, healthcare, manufacturing, telecom, insurance, and others. | |||
|
2022-09-30 16:24:00 | Microsoft Confirms Pair of Blindsiding Exchange Zero-Days, No Patch Yet (lien direct) | The "ProxyNotShell" security vulnerabilities can be chained for remote code execution and total takeover of corporate email platforms. | |||
|
2022-09-30 14:47:01 | SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates (lien direct) | The SolarMarker group is exploiting a vulnerable WordPress-run website to encourage victims to download fake Chrome browser updates, part of a new tactic in its watering-hole attacks. | |||
|
2022-09-30 14:00:00 | With the Software Supply Chain, You Can\'t Secure What You Don\'t Measure (lien direct) | Reports to the National Vulnerability Database jumped in 2022, but we should pay just as much attention to the flaws that are not being reported to NVD, including those affecting the software supply chain. | Vulnerability | ||
|
2022-09-30 13:22:54 | Onyxia Raises $5M to Help Companies Proactively Manage Cybersecurity Risks Using AI (lien direct) | Onyxia, an AI-powered cybersecurity strategy and performance platform providing a centralized way for security teams to monitor and manage cybersecurity efforts in real time, has raised $5 million in seed fundraising led by World Trade Ventures with participation by Silvertech Ventures and angel investors. | |||
|
2022-09-30 00:28:31 | Cyera Survey Finds One in Three Respondents Want to Minimize Cloud Data Risk (lien direct) | Multiple providers say 'cloud data sprawl' makes managing cloud data risk a priority initiative within the next 12 months. | |||
|
2022-09-30 00:24:44 | Safous Adds Browser Isolation to Its Zero-Trust Network Access Service (lien direct) | This new function offers secure access to corporate applications and external SaaS through a virtual browser. | |||
|
2022-09-30 00:11:05 | Israel Cybersecurity Enterprise (ICE) Teams with CybeReady to Deliver World-Class Security Training (lien direct) | Security service provider selects cybersecurity training platform to safeguard enterprises in LATAM. | |||
|
2022-09-29 23:56:38 | Aunalytics Launches Security Patching Platform as a Service (lien direct) | Expedited software patching and updating recognized as one of the most important processes to protect against system compromise from cyberattacks. | Patching | ||
|
2022-09-29 23:44:18 | Veristor Partners with SANS Security Awareness to Deliver Employee Security Awareness Training (lien direct) | Companies collaborate to strengthen organizations' first line of security defense – end users. | |||
|
2022-09-29 23:39:32 | YouMail, Inc. and WMC Global Partner to Deliver Voice and SMS Phishing Disruption Services (lien direct) | Joint phishing intelligence solution provides 360-degree mobile communication defense. | |||
|
2022-09-29 23:33:05 | (Déjà vu) Organizations Finding the Need for New Approaches on the Cybersecurity Front, CompTIA research reveals (lien direct) | Settling for 'satisfactory' level of readiness may underestimate growing levels of risk. | |||
|
2022-09-29 23:31:00 | Intel Hardens Confidential Computing With Project Amber Updates (lien direct) | The chip giant has developed new features and services to make it more difficult for malicious hackers and insiders to access sensitive data from applications in the cloud. | |||
|
2022-09-29 23:27:30 | Latest Delinea Update Streamlines DevOps Security (lien direct) | . | |||
|
2022-09-29 23:23:04 | KnowBe4 Simplifies Compliance Requirements for Healthcare Privacy (lien direct) | KnowBe4's Compliance Audit Readiness Assessment (CARA) now addresses select requirements from HIPAA Security Rule. | |||
|
2022-09-29 23:19:02 | Pathlock Expands SAP Capabilities with Acquisition of Grey Monarch (lien direct) | Combination of two companies to help SAP customers streamline audit, compliance and control processes. | |||
|
2022-09-29 23:10:05 | Ransomware Attacks Continue Increasing: 20% of All Reported Attacks Occurred in the Last 12 Months - New Survey (lien direct) | Survey of over 2,000 IT pros revealed that a quarter either don't know or don't think Microsoft 365 data can be affected by ransomware. | |||
|
2022-09-29 21:44:03 | Why the US Should Help Secure Mexican Infrastructure - and What It Gets in Return (lien direct) | Call it cross-border enlightened self-interest: As one of the US's premier trade partners and closest neighbors, what's bad for Mexico is bad for the US. | |||
|
2022-09-29 20:32:28 | The Country Where You Live Impacts Password Choices (lien direct) | Literacy, levels of personal freedom, and other macro-social factors help determine how strong average passwords are in a given locale, researchers have found. | |||
|
2022-09-29 19:26:44 | Dangerous New Attack Technique Compromising VMware ESXi Hypervisors (lien direct) | China-based threat actor used poisoned vSphere Installation Bundles to deliver multiple backdoors on systems, security vendor says. | Threat | ||
|
2022-09-29 18:33:01 | 3 Reasons Why BEC Scams Work in Real Estate (lien direct) | Identity verification could be the key to fighting back and building trust in an industry beset with high-stakes fraud. | |||
|
2022-09-29 15:01:08 | (ISC)² Recruits More Than 55,000 Cybersecurity Candidates in First 30 Days of New Programs to Address Workforce Gap (lien direct) | 2,700 cybersecurity career pursuers have already passed the (ISC)2 Certified in Cybersecurity℠ exam, with more than 53,000 more people registered for a free course and exam. | |||
|
2022-09-29 14:42:12 | Capital One Phish Showcases Growing Bank-Brand Targeting Trend (lien direct) | Capital One lures leveraged the bank's new partnership with Authentify, showing that phishers watch the headlines, and take advantage. | |||
|
2022-09-29 14:33:59 | Espionage Group Wields Steganographic Backdoor Against Govs, Stock Exchange (lien direct) | APT group Witchetty (aka LookingFrog) has exploited the ProxyShell and ProxyLogon vulnerabilities to gain initial access and deploy new custom cyber tools against government agencies and a stock exchange. | |||
|
2022-09-29 13:37:18 | XSS Flaw in Prevalent Media Imaging Tool Exposes Trove of Patient Data (lien direct) | Bugs in Canon Medical's Virea View could allow cyberattackers to access several sources of sensitive patient data. | Tool | ||
|
2022-09-29 13:00:00 | What Lurks in the Shadows of Cloud Security? (lien direct) | Organizations looking to get ahead in cloud security have gone down the path of deploying CSPM tooling with good results. Still, there's a clear picture that data security and security operations are next key areas of interest. | |||
|
2022-09-28 22:21:00 | Fake Accounts Are Not Your Friends! (lien direct) | Inflated user bases and fake engagement cause more harm than good, especially when the artificial accounts are based on stolen human identities. | |||
|
2022-09-28 21:33:20 | Plug Your Data Leaks: Integrating Data Loss Prevention into Your Security Stack (lien direct) | The average cost of a data-exposing cybersecurity incident is $4.35 million. If your business can't avoid to pay, make sure you've got a strong data loss prevention practice in place. | |||
|
2022-09-28 21:24:20 | Google Quashes 5 High-Severity Bugs With Chrome 106 Update (lien direct) | External researchers contributed 16 of the 20 security updates included in the new Chrome 106 Stable Channel rollout, including five high-severity bugs. | |||
|
2022-09-28 20:59:09 | Sophisticated Covert Cyberattack Campaign Targets Military Contractors (lien direct) | Malware used in the STEEP#MAVERICK campaign features rarely seen obfuscation, anti-analysis, and evasion capabilities. | Malware | ||
|
2022-09-28 20:12:30 | Fast Company CMS Hack Raises Security Questions (lien direct) | The company's website remains offline after hackers used its compromised CMS to send out racist messages. | Hack | ||
|
2022-09-28 19:57:25 | Container Supply Chain Attacks Cash In on Cryptojacking (lien direct) | Cloud-native threats are costing cloud customer victims money as cryptojackers mine their vulnerable cloud instances. | |||
|
2022-09-28 19:47:00 | Google Cloud DORA: Securing the Supply Chain Begins With Culture (lien direct) | The team's annual survey finds that the right development culture is better than technical measures when it comes to shoring up software supply chain security practices. An additional benefit: Less burnout. | |||
|
2022-09-28 19:42:20 | Phishing Attacks Crushed Records Last Quarter, Driven by Mobile (lien direct) | Shocking phishing numbers (more than 1 million in a single quarter) are being driven by vishing, smishing, and other lures that target mobile devices. | |||
|
2022-09-28 17:00:00 | The Countdown to DORA (lien direct) | With provisional agreement reached on the Digital Operational Resilience Act, the clock is now ticking for banks and information and communications technology (ICT) services companies with European operations. Here's what you need to know. | |||
|
2022-09-28 16:12:09 | Chaos Malware Resurfaces With All-New DDoS & Cryptomining Modules (lien direct) | The previously identified ransomware builder has veered in an entirely new direction, targeting consumers and business of all sizes by exploiting known CVEs through brute-forced and/or stolen SSH keys. | Ransomware Malware | ||
|
2022-09-28 14:23:35 | Illumio Introduces New Solution to Stop Endpoint Ransomware from Spreading Across the Hybrid Attack Surface (lien direct) | Illumio Endpoint extends zero trust segmentation to see risk and set policy across macOS and Windows devices. | Ransomware | ||
|
2022-09-28 14:21:55 | Jamf Announces Intent to Acquire ZecOps, to Provide a Market-Leading Security Solution for Mobile Devices as Targeted Attacks Continue to Grow (lien direct) | ZecOps extends Jamf's mobile security capabilities by adding advanced detections and incident response. | |||
|
2022-09-28 14:00:00 | When Will Cybersecurity Get Its Bloomberg Terminal? (lien direct) | The "single pane of glass" that gathers and correlates all the information security professionals need doesn't exist, so it's up to us to create it. | |||
|
2022-09-28 14:00:00 | Time to Change Our Flawed Approach to Security Awareness (lien direct) | Defend against phishing attacks with more than user training. Measure users' suspicion levels along with cognitive and behavioral factors, then build a risk index and use the information to better protect those who are most vulnerable. | |||
|
2022-09-28 13:39:44 | Malwarebytes Expands OneView Platform for MSPs (lien direct) | Malwarebytes achieves 250% year-over-year MSP partner growth, introduces new modules to enhance protection, detection, and resolution of threats for SMBs. | |||
|
2022-09-28 10:00:00 | Most Attackers Need Less Than 10 Hours to Find Weaknesses (lien direct) | Vulnerable configurations, software flaws, and exposed Web services allow hackers to find exploitable weaknesses in companies' perimeters in just hours, not days. | |||
|
2022-09-27 21:40:00 | Lazarus Lures Aspiring Crypto Pros With Fake Exchange Job Postings (lien direct) | Previously observed using fake Coinbase jobs, the North Korea-sponsored APT has expanded into using Crypo.com gigs as cover to distribute malware. | APT 38 | ||
|
2022-09-27 21:27:11 | Amid Sweeping Change, Cyber Defenders Face Escalating Visibility - and Pressure (lien direct) | Why cyber teams are now front and center for business enablement within organizations, and the significant challenges they face. | |||
|
2022-09-27 20:27:40 | FBI Helping Australian Authorities Investigate Massive Optus Data Breach: Reports (lien direct) | Initial reports suggest a basic security error allowed the attacker to access the company's live customer database via an unauthenticated API. | |||
|
2022-09-27 19:04:15 | Microsoft Rolls Out Passwordless Sign-on for Azure Virtual Desktop (lien direct) | Azure says cloud-native single sign-on with a passwordless option is most-requested new AVD feature in the product's history. | |||
|
2022-09-27 17:00:00 | Lessons from the GitHub Cybersecurity Breach: Protecting the Most Sensitive Data (lien direct) | This Tech Tip outlines three steps security teams should take to protect the information stored in Salesforce. | |||
|
2022-09-27 17:00:00 | 4 Data Security Best Practices You Should Know (lien direct) | There are numerous strategies to lessen the possibility and effects of a cyberattack, but doing so takes careful planning and targeted action. |
To see everything:
Our RSS (filtrered)
