What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-23 13:10:53 | Défense en profondeur pour la gestion des secrets: découverte, visibilité, détection des fuites et IA Defense-in-Depth for Secrets Management: Discovery, Visibility, Leak Detection and AI (lien direct) |
Dans le passé, de nombreuses équipes de sécurité ont envisagé de sécuriser suffisamment de secrets & # 8211;Si vos secrets étaient sécurisés, vous étiez bon.Alors que vous restez toujours en quelque sorte sur ce cours, les professionnels de la sécurité reconnaissent de plus en plus que la sécurisation de secrets ...
In the past, many security teams considered securing secrets enough – if your secrets were secured, you were good. While you\'re still kind-of-good staying on this course, security professionals increasingly recognize that just securing secrets... |
★★★ | ||
|
2024-04-09 15:05:01 | Cookies au-delà des navigateurs: comment évoluer les attaques basées sur la session Cookies Beyond Browsers: How Session-Based Attacks Are Evolving (lien direct) |
Au cours des dernières années, nous avons assisté à un changement significatif dans le paysage d'attaque, de voler des informations d'identification de texte claires au ciblage de l'authentification basée sur la session.Cette tendance est motivée par la prolifération de l'authentification multi-facteurs (MFA), ...
In the past few years, we have witnessed a significant shift in the attack landscape, from stealing clear text credentials to targeting session-based authentication. This trend is driven by the proliferation of multi-factor authentication (MFA),... |
Prediction | ★★ | |
|
2024-04-02 19:52:00 | Quelle est la sécurisation de l'identité numérique automobile? How Secure is Automotive Digital Identity? (lien direct) |
Dans la voie rapide de l'industrie automobile, la fusion de l'innovation numérique avec l'ingénierie des véhicules a révolutionné la façon dont nous fabriquons, conduisons et protégeons nos véhicules.Cela aide également à s'assurer que nos voitures sont sauvegardées contre le cyber ...
In the automotive industry’s fast lane, the fusion of digital innovation with vehicular engineering has revolutionized how we manufacture, drive and protect our vehicles. It also helps to ensure our cars are safeguarded against cyber... |
★★★ | ||
|
2024-03-28 14:30:22 | Sécurité électorale: défendre la démocratie dans le paysage dynamique du cyber-menace d'aujourd'hui Election Security: Defending Democracy in Today\\'s Dynamic Cyber Threat Landscape (lien direct) |
Avec plus de 50 pays qui se dirigent vers les urnes cette année, y compris les grandes économies comme les États-Unis, l'Inde et le Royaume-Uni, 2024, d'une manière ou d'une autre, sera une année déterminante avec plus de 4 milliards d'électeurs ...
With over 50 countries heading to the polls this year, including major economies like the U.S., India and the U.K., 2024, one way or another, will be a defining year with over 4 billion voters... |
Threat | ★★★ | |
|
2024-03-21 12:53:37 | CIO POV: Ce qui fait un bon voisin dans un mauvais quartier de cyber CIO POV: What Makes a Good Neighbor in a Bad Cyber Neighborhood (lien direct) |
«Il est décourageant d'essayer d'être un bon voisin dans un mauvais quartier.»& # 8211; William Castle Cette citation du regretté réalisateur d'American Horror Film m'a récemment traversé la tête comme je pense à ...
“It\'s discouraging to try to be a good neighbor in a bad neighborhood.” –William Castle This quote from the late American horror film director has recently been running through my head as I think of... |
★★ | ||
|
2024-03-05 15:57:40 | Pourquoi votre organisation a besoin de secrets et de rotations dynamiques Why Your Organization Needs Dynamic Secrets and Rotation (lien direct) |
Dans le paysage numérique en évolution rapide d'aujourd'hui, les organisations sont confrontées à un formidable éventail de cybermenaces, les attaques et les violations de données devenant de plus en plus répandues.Alors que les entreprises adoptent des technologies transformatrices telles que l'IA, l'automatisation, les architectures natives dans le cloud, les microservices et ...
In today’s rapidly evolving digital landscape, organizations confront a formidable array of cyber threats, with attacks and data breaches becoming increasingly prevalent. As businesses embrace transformative technologies such as AI, automation, cloud-native architectures, microservices and... |
★★ | ||
|
2024-02-21 14:37:16 | Browser en entreprise: la passerelle vers la sécurisation de toutes les identités Enterprise Browser: The Gateway to Securing All Identities (lien direct) |
Avec de nouvelles identités, environnements et méthodes d'attaque dominant le paysage des menaces d'aujourd'hui, les chefs de cybersécurité sont hyper concentrés sur la sécurisation des identités pour protéger les entreprises.Cependant, il existe un écart de sécurité flagrant et élevé que les acteurs de menace exploitent activement pour voler ...
With new identities, environments and attack methods dominating today\'s threat landscape, cybersecurity leaders are hyper-focused on securing identities to safeguard enterprises. However, a glaring, high-touch security gap exists that threat actors actively exploit to steal... |
Threat | ★★ | |
|
2024-02-15 14:44:46 | CIO POV: 3 considérations comme le cyber-roller coaster 2024 rassemble la vitesse CIO POV: 3 Considerations as the 2024 Cyber Roller Coaster Gathers Speed (lien direct) |
Si le premier mois et plus de 2024 est une indication, cette année est probablement tout sauf ordinaire dans le domaine de la cybersécurité.Rien qu'en janvier, une triade d'événements s'est déroulée, chacune de plus fascinante que le ...
If the first month-plus of 2024 is any indication, this year is likely to be anything but ordinary in the cybersecurity realm. In January alone, a triad of events unfolded, each more riveting than the... |
★★ | ||
|
2024-02-08 14:51:00 | Attaque d'APT29 \\ sur Microsoft: suivi des empreintes de pas Cozy Bear \\ APT29\\'s Attack on Microsoft: Tracking Cozy Bear\\'s Footprints (lien direct) |
Un chapitre nouveau et préoccupant s'est déroulé en ces temps troublés du chaos géopolitique.L'acteur confortable des menaces d'ours a provoqué des violations importantes ciblant Microsoft et HPE, et d'autres sont susceptibles de venir.Ces récents ...
A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely to come. These recent... |
Threat | APT 29 | ★★★ |
|
2023-12-07 20:55:31 | Comment répondre aux exigences de cyber-assurance lorsque toutes les identités sont à risque How to Meet Cyber Insurance Requirements When All Identities Are at Risk (lien direct) |
La fréquence et la sophistication croissantes des cyberattaques, en particulier sur le front des ransomwares, ont obligé encore plus d'entreprises à rechercher une couverture de cyber-assurance.Mais à mesure que le besoin de couverture augmente, les complexités aussi.Même si...
The growing frequency and sophistication of cyberattacks, especially on the ransomware front, have compelled even more companies to seek cyber insurance coverage. But as the need for coverage grows, so do the complexities. Even though... |
Ransomware | ★★ | |
|
2023-10-24 22:01:56 | Assembler l'attaque de l'unité de support d'Okta \\ Piecing Together the Attack on Okta\\'s Support Unit (lien direct) |
La violation d'Okta d'octobre 2023 est le dernier exemple d'une longue lignée d'attaques d'identité tierces.Sur la base des rapports à ce jour, il semble que l'attaque du système de gestion des cas d'assistance d'Okta \\ ait permis un ...
The October 2023 Okta breach is the latest example in a long line of third-party identity attacks. Based on reports to date, it seems that the attack on Okta\'s support case management system enabled a... |
★★ | ||
|
2023-10-13 12:51:52 | Nos cœurs sont brisés, mais nous prévaudrons Our Hearts Are Broken, But We Will Prevail (lien direct) |
Nous sommes horrifiés par l'attaque barbare contre Israël et le peuple israélien.Ceux d'entre nous qui regardent à distance sont solidaires avec nos amis, nos proches et nos collègues qui sont ...
We are horrified by the barbaric attack on Israel and the Israeli people. Those of us who are watching from a distance are standing in solidarity with our friends, loved ones and colleagues who are... |
★★★ | ||
|
2023-06-27 19:36:41 | Les meilleures pratiques de macOS pour lutter contre l'augmentation des ransomwares macOS Least Privilege Best Practices to Combat Rising Ransomware (lien direct) |
Le ransomware représente une violation sur quatre, et de plus en plus, il va après les utilisateurs de macOS d'entreprise.Les attaques de ransomware macOS montent historiquement, cela n'avait pas beaucoup de sens financier pour les attaquants de créer des logiciels malveillants spécifiques au Mac depuis ...
Ransomware accounts for one in every four breaches, and increasingly, it\'s going after enterprise macOS users. macOS Ransomware Attacks are Mounting Historically, it didn\'t make much financial sense for attackers to create Mac-specific malware since... |
Ransomware Malware | ★★ | |
|
2023-06-13 12:31:05 | Les six principaux risques de sécurité de l'identité aggravant la cyber dette et élargissant la surface d'attaque Top Six Identity Security Risks Compounding Cyber Debt and Expanding the Attack Surface (lien direct) |
La période prolongée de coûts à faible capital et le financement largement disponible peut être terminée, mais l'adoption numérique persiste alors que les chefs d'entreprise cherchent à débloquer l'efficacité et l'innovation partout.Cela entraîne une identité exponentielle mais souvent non sécurisée ...
The prolonged period of low-capital costs and widely available funding may be over, yet digital adoption persists as business leaders seek to unlock efficiencies and innovation everywhere. This is driving exponential but often unsecure identity... |
Studies Guideline | ★★★ | |
|
2023-06-08 07:10:02 | Analyse de 3 scénarios d'attaque d'IA offensive Analyzing 3 Offensive AI Attack Scenarios (lien direct) |
L'intelligence artificielle (IA) transforme la société moderne à une vitesse sans précédent.Il peut faire vos devoirs, vous aider à prendre de meilleures décisions d'investissement, transformer votre selfie en une peinture de la Renaissance ou écrire du code en votre nom.Alors que...
Artificial intelligence (AI) is transforming modern society at unprecedented speed. It can do your homework, help you make better investment decisions, turn your selfie into a Renaissance painting or write code on your behalf. While... |
★★ | ||
|
2023-06-01 06:38:13 | Cyber Breach Retmediation \\'s 5 étapes du cycle Cyber Breach Remediation\\'s 5-Step Cycle (lien direct) |
Les organisations ont tendance à tomber en deux catégories: celles qui ont été violées et celles qui ne réalisent pas encore qu'elles ont été violées.Si vous appartenez au premier groupe, croyez-le ou non, vous êtes dans la chance ....
Organizations tend to fall into two categories: those that have been breached and those that don\'t yet realize they\'ve been breached. If you belong to the first group, believe it or not, you\'re in luck.... |
★★★ | ||
|
2023-03-27 08:12:45 | LTT Attack cible les cookies de session pour pousser l'escroquerie cryptographique [LTT Attack Targets Session Cookies to Push Crypto Scam] (lien direct) | Les escroqueries cryptographiques montent en flèche: en 2022, le FBI a suivi une augmentation de 183% d'une année à l'autre, entraînant 2,57 milliards de dollars de pertes.La semaine dernière, la populaire chaîne YouTube Linus Tech Tips (LTT pour faire court) & # 8211;et deux canaux associés ...
Crypto scams are skyrocketing: In 2022, the FBI tracked an 183% year-over-year increase, driving $2.57 billion in losses. Last week, the popular YouTube channel Linus Tech Tips (LTT for short) – and two associated channels... |
★★★ | ||
|
2023-03-17 18:37:32 | Protect Passwords, Don\'t Just Manage Them: A Game Plan for CIOs and CISOs (lien direct) | When 921 password attacks occur per second, it's time to treat everyday employees' credentials like the true operational risk they are. Today's attackers assign a level of value to employees' passwords they once reserved for... | ★★★ | ||
|
2023-02-07 22:27:22 | Post-CircleCI Breach, Focus on Identity Security Strategy (lien direct) | When news of the recent CircleCI breach broke, developers everywhere scrambled to rotate tokens and remove hardcoded secrets stored in the popular CI/CD platform to minimize their exposure. Now that the dust has settled and... | ★★★ | ||
|
2023-01-19 20:24:53 | Zero-Days in RGB Keyboards, Top DID Network Exposed at INTENT Threat Research Summit (lien direct) | Data breach headlines are daily reminders that cyberattackers keep innovating. While constant research to uncover threats and share crucial intelligence with defenders is far less visible, the second annual INTENT Summit offered a glimpse. Together... | Data Breach Threat | ★★★ | |
|
2023-01-13 21:03:50 | CircleCI Breach Exposes Risk of Hard-coded Secrets (lien direct) | The recent CircleCI breach highlights the risk of storing secrets in places like private code repositories (GitHub), scripts, configuration files, files encrypted at rest, CI/CD pipeline code or anywhere where they cannot easily rotated, audited,... | ★★★ | ||
|
2023-01-11 17:00:50 | Six Takeaways from Recent Ransomware Attacks (lien direct) | 2022 ransomware attack learnings can inform 2023 cybersecurity strategies, helping organizations combat threats and reduce risk with greater confidence. The CyberArk 2022 Identity Security Threat Landscape Report shows the ransomware attack vector continues to be... | Ransomware Threat | ★★ | |
|
2023-01-03 14:00:25 | CyberArk Labs\' 2022 Threat Research in Review (lien direct) | Cyber defenders need timely, accurate threat intelligence to protect their organizations. This is what drives our CyberArk Labs team to produce innovative research, expose new attack methods and encourage greater industry collaboration. While there was... | Threat | ★★★ | |
|
2022-12-29 14:00:37 | Trust Issues Podcast: A 2022 Cyber Episodes Replay (lien direct) | Since launching last spring, the CyberArk Trust Issues Podcast has covered a range of top-of-mind cybersecurity subjects. Whether you're interested in CISO perspectives, cutting-edge threat research or best practices for advancing your Identity Security strategy,... | Threat | ★★ | |
|
2022-12-16 14:00:35 | 2023 Cybersecurity Trends We\'re Tracking (lien direct) | Cybersecurity doesn't happen in a vacuum. Evolving attack trends, world events, regulatory changes, shifting organizational priorities and many other factors influence enterprise programs. With 2023 just around the corner, cybersecurity teams are considering them all... | Prediction | ★★★ | |
|
2022-12-15 14:00:27 | Latest Uber Breach Underscores Third-Party Vendor Security Challenges (lien direct) | Uber is back in the spotlight, this time for a breach involving a third-party vendor. According to reports, an attacker accessed the vendor organization's public cloud backup server, obtaining and then leaking sensitive Uber data,... | Uber Uber | ★★ | |
|
2022-11-23 14:00:17 | Meet PCI DSS and Protect Cardholder Data with PAM Controls (lien direct) | The 2022 holiday online shopping season is shaping up to be a busy one. An estimated 63.9 million people will shop this Cyber Monday, while global eCommerce transactions are expected to climb 15% from October... | |||
|
2022-10-21 13:00:20 | 2023 Cyber Insurance Looks Different. Are You Ready? (lien direct) | Rampant ransomware attacks have made cyber insurance a C-suite priority. Despite the raised consciousness, it's more difficult than ever to secure or renew a policy. Nefarious activity continues to put pressure on carriers who are... | Ransomware | ||
|
2022-10-03 13:00:57 | This Cybersecurity Awareness Month, Set Your Identity Security Strategy to Master Cyber Fundamentals (lien direct) | As Cybersecurity Awareness Month (CSAM) begins this October, government and private organizations in the United States, the European Union and around the world are promoting safe and secure digital behaviors. The 2022 theme of “See... | |||
|
2022-09-20 20:06:38 | Unpacking the Uber Breach (lien direct) | In the days following the September 15 Uber breach disclosure, much has been written about how one, allegedly 18-year-old attacker was able to successfully infiltrate the ridesharing giant's IT infrastructure and gain access to sensitive... | Uber Uber | ||
|
2022-08-23 13:00:43 | LockBit 3.0 Ransomware Learns from Defenders, Launches Bug Bounty Program, Begs “Hack Me” (lien direct) | The evolution of LockBit – one of the largest ransomware as a service (RaaS) operations in history – exemplifies continued attack commoditization and underground innovation. Since LockBit 3.0 (aka LockBit Black) launched in June 2022,... | Ransomware | ||
|
2022-08-10 12:50:43 | CyberArk Acquires C3M, Accelerating Cloud Privilege Security and Cyber Risk Reduction (lien direct) | In 2018, as cloud adoption was nearing a tipping point, and a series of major cyber attacks signaled the rise of the cloud service misconfiguration error, we founded C3M on the belief that cloud security... | |||
|
2022-08-05 13:00:51 | 6 Identity Security Soundbites from David Higgins, CyberArk EMEA Technical Director (lien direct) | CyberArk EMEA Technical Director David Higgins works closely with some of the world's largest and most heavily regulated organizations in architecting Identity Security strategies that help mitigate cyber risk and confidently enable digital business. Higgins... | |||
|
2022-07-12 13:00:13 | Cyber Attack Commoditization and the Rise of Access-as-a-Service (lien direct) | Despite lingering, dated depictions of dark-hooded figures, cyber crime has matured into a highly professional business sector. With strong backing by organized crime syndicates and nation states, many operations look a lot like any other... | |||
|
2022-06-29 12:47:21 | Australia\'s Growing Focus on Critical Infrastructure Cybersecurity (lien direct) | Just over a year ago, a cyber criminal syndicate carried out a massive ransomware attack against a large U.S. oil distribution network, disrupting fuel supplies and triggering panic buying and widespread gasoline shortages. Soon afterward,... | Ransomware | ||
|
2022-06-24 13:00:38 | Trust, Patient Empowerment and Data: Insights From Takeda\'s Chief Digital Trust Officer (lien direct) | It seems logical that the more data a healthcare provider can collect, the better patient treatment will potentially be. But unlike other situations where we're generally comfortable removing the human element from the equation, such... | |||
|
2022-06-22 13:00:50 | What\'s Missing in Healthcare Ransomware and Supply Chain Defense (lien direct) | The omnipresent ransomware threat is changing how healthcare organizations approach cybersecurity - from formalizing practices in an effort to obtain cyber insurance coverage to improving their ability to restore encrypted data after attacks. But as... | Ransomware Threat | ||
|
2022-06-17 13:00:25 | RSA 2022, Wi-Fi Cracking Across San Francisco and How It All Comes Down to Trust (lien direct) | Trust – how to build it, how to strengthen it and how to restore it – was a major theme at RSA Conference 2022. Members of our CyberArk team joined 26,000 attendees online and in... | |||
|
2022-06-10 15:58:31 | Celebrating Our LGBTQIA2S++ Community With Pride (lien direct) | This Pride Month, we celebrate the diverse identities and tremendous contributions of LGBTQIA2S++ people around the world and within our CyberArk community. But nurturing an inclusive, supportive workplace isn't something that ends on June 30... | |||
|
2022-06-07 13:00:07 | What the 2022 NBA Finals Teaches Us About All-Star Cybersecurity (lien direct) | It's NBA Finals time in the United States, and our global CyberArk team - from our die-hard Boston Celtics and Golden State Warriors fans to our threat researchers –by day, ballers –by night in Israel... | Threat | ||
|
2022-06-02 10:00:00 | Step Away From the QR Code and Read These 7 Safety Tips (lien direct) | This post is authored by Len Noe, a technical evangelist and white hat hacker at CyberArk. Listen to his recent “Trust Issues” podcast episode on transhumanism and charting the final cybersecurity frontier. If it seems... | |||
|
2022-06-01 13:00:45 | 2022 Verizon DBIR: 15 Years, 15 Takeaways (lien direct) | Since 2008, the Verizon Data Breach Investigations Report (DBIR) has provided the global cybersecurity community with valuable insights on the evolving threat landscape. Not only does the latest 2022 report dig deep into current trends,... | Data Breach Threat | ||
|
2022-05-24 13:00:40 | RPA and the Speed vs. Security Balancing Act (lien direct) | Robotic process automation, or RPA for short, is one of those hefty technical terms that can be tough to explain without a lot of jargon. But at the highest level, RPA is all about using... | |||
|
2022-05-19 13:00:45 | 6 Best Practices for Securing Employee Workstations Everywhere (lien direct) | The future of work is “less about a place and more about people's potential,” notes a recent Accenture study, which found that 63% of high-growth companies have already adopted “productivity anywhere.” Organizations around the world... | |||
|
2022-05-12 10:45:04 | CyberArk Ventures: Bringing Security-First Innovators Together to Amplify Impact (lien direct) | Security is our north star at CyberArk. It guides every step we take as a company, from pioneering the Privileged Access Management space to delivering on our Identity Security vision today. Our continued focus on... | |||
|
2022-05-10 13:19:14 | 4 Extraordinary Women in Identity Security Named to CRN\'s 2022 Women of the Channel List (lien direct) | Each year, CRN's Women of the Channel list honors the accomplishments of female leaders in the IT channel. Today, we celebrate four of CyberArk's own incredible Women in Identity Security named to CRN's newly published... | Guideline | ||
|
2022-05-06 16:49:00 | CISOs Are Having a Moment. Here\'s How to Make It Last (lien direct) | The landmark Sarbanes-Oxley Act of 2002 (SOX) was passed during a highly tumultuous era, overhauling corporate governance and bringing financial expertise to the boardroom. Fast-forward to present day, and uncertainty is again the prevailing economic... | |||
|
2022-05-03 13:00:33 | You\'ve Got Privileged Access Management… But Can You Keep Secrets Secure? (lien direct) | Threat actors don't often need to execute the latest zero-day exploit or fight through firewalls to launch their attacks. Instead, they simply walk through the front door with stolen user credentials and take over legitimate... | Threat | ||
|
2022-04-27 15:30:51 | CyberArk SaaS Solutions Now In-Process for FedRAMP High Authorization (lien direct) | The Biden Administration's Executive Order (EO) on “Improving the Nation's Cybersecurity (14028)” and memorandum on “Moving the U.S. Government Toward Zero Trust Cybersecurity Principles (OMB M-22-09)” have underscored Identity Security's key role in protecting sensitive government data and infrastructure from... | |||
|
2022-04-26 11:14:27 | Secrets Management to Protect the Software Supply Chain: A Q&A with IDC\'s Jim Mercer (lien direct) | Governments and intelligence agencies continue to emphasize technology providers' critical role in strengthening cybersecurity and supply chain resilience for the long run. In fact, the Biden Administration's recent call to “bake security in, don't bolt... |
To see everything:
Our RSS (filtrered)
