What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-09-30 12:56:03 | SASIG Cybersecurity Skills Festival Helps Close the Cybersecurity Skills Gap (lien direct) | Cybersecurity awareness is steadily growing, with organisations and individuals alike adapting best practices. That being said, the alarm bells are still ringing when it comes to the cybersecurity skills gap, especially as organisations increasingly need more employees to support the growing need for a strong security posture. Unfortunately, this skills shortage isn't going anywhere anytime […] | ★★ | ||
|
2021-09-29 09:25:47 | Staying Secure When Growing A Business (lien direct) | Technology is an often overlooked yet vitally important factor when setting up or developing a successful business. Even if your business doesn't physically require digital technology to undertake your services (physical trades, physical stores ect…), there's always somewhere within your establishment that digital or security-based technology can be a worthwhile investment. Small businesses can find […] | |||
|
2021-09-28 15:36:37 | AT&T announces free virtual Business Summit (lien direct) | The AT&T Business Summit has been announced and this year, it will be a free virtual event taking place on the 27th and 28th of October. Those interested can register here: https://register-bizsummit.att.com/#/login Some highlights from the event from AT&T Cybersecurity include: Securing the edge with Zero Trust and SASE Breakout Speakers: Todd Waskelis […] | |||
|
2021-09-17 09:20:03 | Section 889: the US Regulation that extends far beyond the US (lien direct) | One of the largest security threats that countries face is the breach of sensitive government systems and data. With the world constantly developing and undergoing digital transformation, the devices we all rely on for both our personal and work lives are increasingly manufactured in countries considered potentially or even actively hostile toward our national interests. The U.S. […] | |||
|
2021-09-16 14:51:07 | Security Serious: Organizers aim to set new Guinness World Records® title for Viewership of an Online Security Lesson (lien direct) | Cybersecurity companies KnowBe4 and OneLogin have partnered with Security Serious in a bid to set a brand new Guinness World Records title for the Most views of a cyber security lesson video on YouTube in 24 hours. The record will be attempted on the 14th of October 2021, during European Cybersecurity Awareness Month and Security Serious Week, with the video available to view […] | |||
|
2021-09-16 14:44:44 | Desiree Lee appointed as new CTO for Data at Armis (lien direct) | Armis, the unified asset visibility and security platform provider, has announced Desiree Lee as its new Chief Technology Officer (CTO) for Data, reporting directly to Nadir Izrael, co-founder and Global CTO at Armis. Lee's appointment, the company says, reinforces its strategic commitment to ensuring total visibility of all assets and devices in its customers' eco-systems. […] | |||
|
2021-09-15 15:59:40 | Major Azure vulnerability discovered by security researchers at Wiz (lien direct) | Cloud security vendor Wiz, who also found a massive vulnerability in Microsoft Azure’s CosmosDB-managed database service recently, has found another security vulnerability in Azure that impacts Linux virtual machines. Users could end up with a little-known service called OMI installed as a byproduct of enabling any of several logging reporting and/or management options in Azure’s […] | Vulnerability | ||
|
2021-09-15 14:33:57 | Cybersecurity Investment: Supporting SME decision making (lien direct) | Small businesses (SMEs) form the backbone of the digital economy so it’s crucial that they can make the right kinds of security investments to protect themselves from cyber attacks. However, the various frameworks to guide security investments are often too costly and difficult for SMEs to implement, and the potential of insurance and its financial […] | |||
|
2021-09-13 14:16:03 | Lookout Delivers First Zero Trust Solution For Any App That Dynamically Adapts Based On Data Sensitivity And Continuous Risk Assessment Of Endpoints And Users (lien direct) | Lookout, Inc., an integrated endpoint-to-cloud security company, today announced the industry's first Zero Trust access solution that dynamically adapts to changes in the risk levels of mobile endpoints and users as well as the sensitivity level of data. The solution is an expansion of Lookout Continuous Conditional Access (CCA), achieved by integrating the company’s Mobile Endpoint […] | |||
|
2021-09-10 14:00:20 | Red Canary Releases New Security Operations Platform (lien direct) | Red Canary, a security ally for businesses, has recently announced a number of significant updates to its SaaS (Software-as-a-Service)-based Security Operations Platform. Companies of all sizes around the world already use the Red Canary solution to detect threats, respond to incidents and improve their security operations. The original platform offers customers effective MDR (Managed Detection […] | |||
|
2021-09-09 12:24:04 | Cybereason and Smarttech247 announce Partnership to tackle advanced cyber threats (lien direct) | This week, Cybereason and Smarttech247 have announced a partnership to enable joint customers to detect and end cyber-attacks on endpoints anywhere on their networks. With businesses today facing a constant barrage of cyber threats, including destructive ransomware attacks and other malicious activity, it is vital for organisations to be best prepared for the worst-case scenario. […] | Ransomware | ||
|
2021-09-09 10:34:46 | The Pegasus project: key takeaways for the corporate world (lien direct) | Forbidden Stories, a Paris-based non-profit organisation that seeks to ensure the freedom of speech of journalists, recently announced that the Pegasus Project surveillance solution by the Israeli NSO Group selected 50,000 phone numbers for surveillance by its customers following a data leak. The NSO Group has always maintained that the purpose of the Pegasus Project […] | |||
|
2021-09-09 10:25:08 | Jenkins discloses attack on its Atlassian Confluence service (lien direct) | The open source automation server Jenkins has disclosed a successful attack on its Confluence service. Attackers abused an Open Graph Navigation Library (OGNL) injection flaw – the same vulnerability type involved in the notorious 2017 Equifax hack – capable of leading to remote code execution (RCE) in Confluence Server and Data Center instances. Rated CVSS […] | Hack Vulnerability Guideline | Equifax Equifax | |
|
2021-09-09 09:12:24 | (Déjà vu) Russian publication Yandex says it is experiencing a “record scale” DDoS attack (lien direct) | Russian internet giant Yandex has been targeted in a massive distributed denial-of-service (DDoS) attack that started last week and and it reportedly continues this week, Bleeping Computer reports. Russian media called the assault the largest in the history of Russian internet (RuNet), and that a US based company confirmed that the attack was ongoing. The […] | |||
|
2021-09-08 10:12:09 | Beating ransomware – 6 issues to solve before it strikes (lien direct) | Being struck by ransomware has been compared to having a heart attack. It's something that stalks everyone in theory and yet when it happens the shock of the experience is always a surprise. For the first seconds, minutes – and sometimes hours – organisations are on their own. It's a moment of unexpected trauma which […] | Ransomware | ||
|
2021-09-07 16:21:52 | KnowBe4 hosts KB4-CON EMEA to help strengthen organisations\' Human Firewalls (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, will be hosting KB4-CON EMEA (Europe, Middle East and Africa) on the 23rd of September 2021. The European virtual event is an extension of the highly successful KB4-CON US event, which the company says attracted over 10,000 registrants. The cybersecurity-focused event […] | |||
|
2021-09-07 02:30:31 | Password Security – Now\'s the time to get serious (lien direct) | Did you know that over 80% of breaches involve brute force or lost and stolen credentials, and that over 70% of employees reuse passwords at work? Passwords are on your first line of defence against cyber-attacks and won't be going away any time soon, getting this piece of the puzzle correct is foundational for cyber defence, the protection […] | |||
|
2021-09-06 10:27:12 | Irish Gardai clamp down on cyber gang that attacked HSE (lien direct) | Gardaí have seized cyber infrastructure used by the cyber gang involved in the HSE cyber attack earlier this year. The operation is believed to have prevented more than 750 ransomware attacks, the Irish Times has reported. The Garda-led operation targeted websites, domain names and servers used in the attacks, has been led by An Garda […] | Ransomware | ||
|
2021-09-06 10:17:14 | US Cyber Command issues warning on Atlassian Confluence software (lien direct) | The US Cyber Command issued a warning that the Atlassian Corp. PLC's Confluence software is being exploited on a large scale and that users should patch their installations immediately. The vulnerability, formally named CVE-2021-26084, was revealed by Atlassian on Aug. 25 and was described as allowing an authenticated user to execute arbitrary code on a […] | |||
|
2021-09-03 14:50:13 | How to Smartly Scale AppSec Testing (lien direct) | The IT Security Guru has paired up with Synopsys, a recognised leader in application security, to bring you the webinar, ‘How to Smartly Scale AppSec Testing’. No matter what any blog or vendor says you know there is no silver bullet for application security. Complete one item on your to-do list, seven more things are […] | Guideline | ||
|
2021-08-31 15:23:11 | Startup success: manoeuvring a competitive industry (lien direct) | They say hard work is one of the core tenets of success. But, while a strong work ethic can undoubtedly get the job done, the efficiency and experience to guide hard work can go a long way. After all, even if you’re willing to work as hard as possible, it’s not easy to tackle a […] | |||
|
2021-08-31 11:49:52 | CISA Bad Practices list updated to include single-factor authentication (SFA) (lien direct) | The US’ CYbersecurity Infrastructure Security Agency (CISA) has added signle-factor authentication (SFA) to its list of bad practices, which outlines exceptionally risky cybersecurity practices. The agency has specified that this low-security method of authentication is particularly dangerous when used to secure Critical Infrastructure or National Critical Functions. The list also includes the use of unsupported/end-of-life […] | |||
|
2021-08-31 11:42:33 | Microsoft warns of phishing campaign abusing \'open redirects\' (lien direct) | Office 365 customers have been warned by Microsoft of an ongoing phishing campaign that abuses open redirects, an email sales and marketing tool that redirects a visitor to an untrusted site. An http parameter may contain a URL value and could cause the web application to redirect the request to the specified URL. By modifying […] | Tool | ||
|
2021-08-27 12:38:43 | Cybersecurity Is the \'Core National Security Challenge\' according to Biden at this week\'s CEO Summit (lien direct) | On Wednesday, President Joe Biden hosted executives from major technology, financial and energy companies for a summit on national cybersecurity, saying that the issue was “the core national security challenge we are facing.” At the start of the meeting, whilst talking to reporters in attendance, President Biden estimated that approximately 500,000 US cybersecurity jobs are […] | |||
|
2021-08-24 16:20:07 | 38 million personal identifiable information exposed in Microsoft Power Apps data leak (lien direct) | Researchers at cybersecurity vendor Upguard have discovered multiple data leaks resulting from Microsoft Power Apps portals configured to allow public access – a new vector of data exposure. The types of data exposed varied between portals, including personal information used for COVID-19 contact tracing, COVID-19 vaccination appointments, social security numbers for job applicants, employee IDs, […] | |||
|
2021-08-20 13:45:59 | The four As of identity-based security (lien direct) | In the famous words of David Byrne, there is no time for “dancing, or lovey dovey” when it comes to security. In a world where technology is constantly evolving, it is important to always stay on top of protecting confidential and sensitive information. The standard go-to for security within organisations is the account-based approach; however, […] | |||
|
2021-08-20 13:39:16 | DemonWare ransomware gang attempts to recruit disgruntled employees in insider threat scheme (lien direct) | According to a report by Abnormal Security, on August 12, 2021, their team identified and blocked a number of emails sent to customers soliciting them to become accomplices in an insider threat scheme. The goal was for them to infect their companies' networks with ransomware. These emails allege to come from someone with ties to […] | Ransomware Threat | ||
|
2021-08-20 13:38:31 | T-Mobile data breach impacts over 40 million users – Security Experts Have Their Say (lien direct) | T-Mobile, one of the world’s largest telecommunications providers and mobile networks, admitted this week that over 40 million customers had been impacted by a data breach. With a reported 104 million T-Mobile customers, this latest breach has hit a significant number of the user base. The company released a statement saying “a highly sophisticated cyberattack” […] | Data Breach | ★★ | |
|
2021-08-19 16:28:07 | Visibility into vulnerabilities: 3 steps to improve software vulnerability management (lien direct) | Vulnerabilities in enterprise IT are everywhere. While it's clear that they need to be addressed, how to do so isn't as clear. The sheer number of vulnerable software versions in an enterprise environment can be overwhelming, making it challenging to address them. The process requires time: to identify the need for an update, to create […] | Vulnerability | ||
|
2021-08-19 14:17:11 | Armis continues to expand in healthcare markets with appointment of new CTO for healthcare (lien direct) | Armis, the unified asset visibility and security platform provider, today announced Oscar Miranda as its new Chief Technology Officer (CTO) for Healthcare. His appointment, the company says, further reinforces Armis’ strategic commitment to securing the healthcare sector, particularly when it comes to identifying and providing mitigation steps for vulnerabilities associated with connected devices within the […] | |||
|
2021-08-16 16:19:56 | Ransomware is a societal problem requiring societal solutions (lien direct) | Ransomware is a crime that is predominantly financially motivated, yet the effects of attacks are far broader and more profound than just the financial impact. Pervasive attacks against healthcare, local government, schools and other forms of critical infrastructure are threatening our quality and safety of life every day. These disruptive attacks tear at the very […] | |||
|
2021-08-16 16:13:10 | What does the Colonial Pipeline attack tell us about security today? (lien direct) | In May the US Colonial Pipeline shut its operational network after a ransomware cyber-attack. It's said to be one of the costliest attacks for an economy. A painful accolade if ever there was one. New details are emerging about the specifics of the pipeline attack all the time but there are a few concerns that […] | Ransomware | ||
|
2021-08-16 16:04:32 | Why you should never pay for ransomware (lien direct) | In the last 13 months the UK lost a reported £10.4 million to cybercrime, as per official police statistics. One of the most damaging forms of cybercrime comes in the form of Ransomware. Not only that, but 81% of cyber security experts believe we are likely to see more ransomware than ever across the next […] | Ransomware | ||
|
2021-08-11 16:17:02 | Comparitech research shows cybercrime victims lose $17.4 billion annually in the UK (lien direct) | Researchers at Comparitech, the security and privacy advice and comparison website, have conducted an assessment of reported figures released by the police and/or government, to reveal that victims worldwide lose an estimated $318bn each year to cybercrime. Unfortunately, the UK specifically was found to have the highest number of reported cybercrime victims with 1,095 victims […] | |||
|
2021-08-06 13:50:31 | DNS vulnerability allows for \'nation-state level spying\' (lien direct) | A new class of DNS vulnerabilities has been discovered, which impacts major DNS-as-a-Service (DNSaaS) providers. It could give hackers the ability to access sensitive information on corporate networks and the power for ‘nation-state level spying’. The flaws provide potential hackers with intelligence harvesting abilities by using a simple domain registration. The research explained: “We found […] | Vulnerability | ||
|
2021-08-06 11:03:22 | CISA partners with Amazon, Google, Microsoft and others to fight Ransomware (lien direct) | The Cybersecurity and Infrastructure Security Agency (CISA) has unveiled a new initiative, in which it will partner with several tech companies to bolster the U.S.’s defences against cyber threats. Named the Joint Cyber Defense Collaborative, the effort aims to combat ransomware and cyberattacks on critical infrastructure. The announcement comes after a string of high-profile attacks, […] | Ransomware | ||
|
2021-08-05 09:51:25 | Vulnerabilities allow for takeover of capsule hotel rooms (lien direct) | Kya Supa, security consultant at LEXFO, inadvertently found a series of security bugs in IoT devices within connected hotel rooms. These vulnerabilities allowed him to take control of the amenities in multiple capsule hotel rooms (tiny rooms stacked side-by-side). Supa presented his findings on Wednesday at the Black Hat Conference 2021. The rooms are controlled […] | |||
|
2021-08-05 09:28:24 | Ransomware hits Isle of Wight schools (lien direct) | The Isle of Wight Education Federation disclosed that its IT systems were shut down last week as a result of a ransomware attack. The attackers encrypted the school data of Carisbrooke College, Island 6th Form, Medina College, Barton Prymary, Hunnyhill Primary and Lanesend Primary. The police have been informed and are working with the schools […] | Ransomware | ||
|
2021-08-05 08:39:25 | Round Table: Confident Cyber Security (lien direct) | The Eskenzi Cyber Book and Film Club take a look at Jessica Barker's book 'Confident Cyber Security: How to Get Started in Cyber Security and Futureproof Your Career,' an easy-to-read, jargon-busting guide on the world of cybersecurity. Javvad Malik – Security Awareness Advocate at KnowBe4, hosts the roundtable and is joined by Jessica Barker, Stephen Khan – […] | |||
|
2021-08-04 17:05:07 | Feedzai acquires behavioural biometrics specialist Revelock to secure cashless commerce (lien direct) | Feedzai, the cloud-based financial risk management platform company, has announced the acquisition of an advanced behavioural biometric platform, Revelock, following a significant $200m investment round earlier this year. Feedzai's acquisition of Revelock will create “the world's largest AI-powered financial risk management platform with native, integrated behavioural biometrics”, the company states. The integrated platform enables financial institutions […] | |||
|
2021-08-04 10:58:03 | Critical flaws affecting embedded TCP/IP Stack used in OT devices (lien direct) | On Wednesday, cybersecurity researchers disclosed 14 vulnerabilities that affect a common TCP/IP stack, which is used in a large amount of OT devices. These devices are manufactured by less than 200 vendors and utilised in manufacturing plants, power generation, water treatment and critical infrastructure sectors. The vulnerabilities have been labelled “INFRA:HALT” and target NicheStack. If […] | |||
|
2021-08-04 10:26:16 | Lazio region hit by Ransomware (lien direct) | On Sunday morning, Italy’s Lazio region suffered a ransomware attack, disabling its IT systems and disrupting the COVID-19 vaccination registration portal. The attackers reportedly encrypted every file in the portal’s data centre and shut down its IT network. President of the Lazio region, Nicola Zingaretti issued a statement, in which she said: “On the night […] | Ransomware | ||
|
2021-08-03 11:09:43 | 2021 sets new record for ransomware attacks (lien direct) | Ransomware attacks have sky-rocketed this year, with H1 2021 already surpassing last year’s total of 304.6 million. Attackers are continuously targeting established technology, infrastructure, innocent people and vulnerable institutions, resulting in a 151% year-to-date increase. April and May of this year reached a new record high while June saw 78.4 recorded ransomware attacks. Both the […] | Ransomware | ||
|
2021-08-03 10:41:06 | Major telecommunications companies hit by APT (lien direct) | Cybereason Nocturnos has published a new report disclosing the discovery of three cyberespionage campaigns that have been targeting major telecommunications companies. The attackers are suspected to be working for “Chinese state interests” and have been tied to the name “DeadRinger”. The campaign have been ongoing in Southeast Asia, and have been specifically focused on telcos, […] | |||
|
2021-08-02 12:46:12 | Armis identifies PwnedPiper vulnerabilities in Swisslog\'s Translogic Pneumatic Tube Systems (lien direct) | Researchers at Armis have discovered nine critical vulnerabilities in the Nexus Control Panel, which powers all current models of Translogic's pneumatic tube system (PTS) stations by Swisslog Healthcare. The Translogic PTS system is a critical infrastructure for healthcare used in more than 3,000 hospitals worldwide. The system is responsible for delivering medications, blood products, and various […] | |||
|
2021-07-29 11:51:22 | Synopsys Rapid Scan helps developers build secure apps with faster, accurate application security testing (lien direct) | This week, Synopsys announced the availability of new Rapid Scan capabilities in its Coverity static application security testing (SAST) and Black Duck software composition analysis (SCA) solutions. The Rapid Scan features provide fast, lightweight vulnerability detection for both proprietary and open source code. Rapid Scan is optimised for the early stages of development, particularly for […] | Vulnerability | ||
|
2021-07-29 08:13:33 | Hacking group targets American defence contractors with aerobics instructor persona (lien direct) | Proofpoint has uncovered a scheme by a group of Iranian hackers posing as a flirty aerobics instructor to target employees of American defence contractors. The hackers created a fake persona named Marcella Flores to try to dupe employees and compromise their computers, according to Proofpoint researchers. The group, also known as TA456 or Tortoiseshell, has […] | |||
|
2021-07-29 08:03:28 | More than 1 in 5 exploits sold on the Dark Web are over three years old (lien direct) | Recent Trend Micro research points to a big problem when it comes to keeping up with patching in legacy IT equipment. It found that nearly a quarter (22%) of exploits sold on cybercriminal underground are more than three years old, indicating the scale of threat from unpatched legacy vulnerabilities. Trend Micro has thus urged organisations to […] | Patching | ||
|
2021-07-29 07:52:32 | Biden signs national security directive to boost critical infrastructure cyber defences (lien direct) | US President Biden has signed a national security directive aimed at boosting defences against ransomware attacks and the hacking of critical infrastructure, such as energy, food, water and power systems. Crucially, the directive sets performance standards for technology and systems used by private companies in these sectors - although it can’t force those companies […] | Ransomware | ||
|
2021-07-28 16:07:46 | Think twice before using Olympics sports in your password (lien direct) | The Authlogics Password Breach Database has once again revealed the weaknesses in people's account security, this time shining a light on the effect the Olympics have had on people's password choices. With the Olympics in full swing, it is clear that sports have been at the top of people's minds, although when it comes to […] |
To see everything:
Our RSS (filtrered)
