What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-28 08:16:04 | (Déjà vu) Cost of a data breach hits record high during the pandemic (lien direct) | IBM research indicates that the cost of an enterprise data breach reached a record high during the COVID-19 pandemic. IBM has estimated in its new “Cost of a Data Breach” report that the average data breach now runs upward of $4 million. In fact, in 2021, a typical data breach experienced by companies now costs […] | Data Breach | ||
|
2021-07-28 08:10:15 | Praying Mantis hacker group strikes IIS web servers (lien direct) | An APT group dubbed Praying Mantis or TG1021, by researchers from incident response firm Sygnia, has hit IIS web servers with deserialization flaws and memory-resident malware. It says Praying Mantis group is likely a nation-state threat actor using custom malware that is especially good at avoiding detection to compromise major public and private organisations over […] | Malware Threat | ||
|
2021-07-28 07:58:53 | Racing car dealership says PwC failed to spot fraud (lien direct) | PwC is being sued by a racing car dealer for failing to spot alleged fraud. The UK accounting firm giant has been sued by the administrators of JD Classics, a racing car dealership, for allegedly failing to to spot fraud resulting in losses of over £41m. PwC was accused by administrators from Alvarez & Marsal of […] | |||
|
2021-07-27 08:05:19 | NHS COVID passes targeted by scammers (lien direct) | The CEO of Egress has warned that COVID passport phishing emails are circulating – and directed users to fake NHS websites. The NHS COVID passes allow people to show their coronavirus vaccination details or test results, and are considered an official COVID-19 status. These passes may be requested if a person is travelling abroad or […] | |||
|
2021-07-27 07:57:50 | TikTok to open new cybersecurity centre in Dublin (lien direct) | TikTok has announced it it opening a new cybersecurity centre to fight 'next-generation security threats' in Ireland. The social media giant said Dublin will be the first location of what it calls ‘regional fusion centres’ around the world, to help the company respond to security incidents in real time, 24 hours a day. 'When people […] | |||
|
2021-07-27 07:53:08 | Discord targeted to spread malware (lien direct) | In a new campaign, cybercriminals are using Discord to target gamers and steal their credentials and financial info. The bad actors have abused Discord to host, spread, and control malware aimed at the users of this chat service, according to new research from Sophos. Since last year, Discord has increased in popularity with 140 […] | Malware | ||
|
2021-07-26 11:17:30 | Specops Secure Service Desk Product Review (lien direct) | Supplier: Specops Software Website: specopssoft.com Price: Based on volume Scores Performance 5/5 Features 5/5 Value for Money 4/5 Ease of Use 4.5/5 Overall 5/5 Verdict Tight integration with Windows AD and support for a wide choice of identity services allows Secure Service Desk to verify that password reset requests are from bona fide users. […] | |||
|
2021-07-26 08:28:27 | Man City whistleblower to aid authorities in Financial Fair Play investigation (lien direct) | The man who allegedly hacked Many City is to offer Premier League help in FFP investigation. The alleged hacker, Rui Pinto, at the heart of the Football Leaks allegations has offered assistance to the Premier League in their ongoing investigation of Manchester City. Rui Pinto has been identified as the “whistleblower” who provided German newspaper […] | |||
|
2021-07-26 08:21:30 | Fresh warnings over mobile apps containing Joker malware (lien direct) | Zscaler has discovered a new batch of apps on the Google Play Store hiding Joker malware that that can steal users’ cash and read their text messages. Researchers at Zscaler’s ThreatLabz have warned people to delete these “Joker apps” that can steal cash and read your text messages from Android phones. The malware can even […] | Malware | ||
|
2021-07-26 08:14:02 | (Déjà vu) New Windows security flaw dubbed PetiPotam discovered (lien direct) | Security researcher, Gilles Lionel, has uncovered a new NTLM relay attack that lets hackers take over Windows domains, the Hacker News has reported. The security flaw, named PetiPotam, in the Windows operating system can be exploited to coerce remote Windows servers, including Domain Controllers, to authenticate with a malicious destination, thereby allowing an adversary to […] | |||
|
2021-07-23 16:30:43 | CASE STUDY: Archroma: designing security into company processes with Edgescan (lien direct) | What were the challenges Archroma was facing from a security perspective? We are a relatively young company, and we brought Edgescan on board quite early on, so rather than transitioning from another vulnerability management solution it was more a case of deploying the Edgescan SaaS across our IT infrastructure. We operate in the Operational Technology (OT) space, as well, but currently we have a different approach […] | Vulnerability | ||
|
2021-07-23 16:19:46 | European Commission proposes changes to EU law to increase cryptocurrency transaction transparency (lien direct) | European Commission regulators have proposed changes to EU law that would force companies that transfer Bitcoin or other crypto-assets to collect details on the recipient and sender. The proposals would make crypto-assets more traceable, the EU Commission said, and would help stop money-laundering and the financing of terrorism. The package also includes the proposal for […] | |||
|
2021-07-23 16:09:09 | Departing employees pose significant cloud security risks, report finds (lien direct) | This week, cybersecurity provider Netskope released the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs’ biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers. The results revealed that some departing employees present disproportionately significant cloud security […] | Threat | ||
|
2021-07-23 15:40:21 | Gartner MQ for PAM regards One Identity as a Leader in 2021 (lien direct) | One Identity, an identity-centric security provider, has been named a Leader in the 2021 Gartner Magic Quadrant for Privileged Access Management (PAM) as the company continues to deliver on its next-generation PAM vision. One Identity helps businesses address the shortcomings of legacy security offerings that are fragmented, complex, manual and too narrow to meet today's […] | Guideline | ★★★ | |
|
2021-07-23 13:39:40 | Five steps to password policy compliance (lien direct) | Hackers are using weak and stolen credentials in a significant way to compromise business-critical environments. Stealing access to your environment using a known password for a user account is a much easier way to compromise systems than relying on other vulnerabilities. Therefore, using good password security and robust password policies is an excellent way for […] | |||
|
2021-07-22 12:05:47 | Authlogics announces enhancements to its Password Security Management Product (lien direct) | Authlogics has announced the latest enhancements to its dynamic Password Security Management (PSM) product. The new features will help enterprises 'level up' their password policies in order to ensure heightened security. Instead of traditional costly policies which encourage users to change their passwords at regular intervals, PSM will bridge the gap between a fixed expiry date […] | |||
|
2021-07-21 14:46:43 | Back to work: Onslaught of personal devices could pose serious cybersecurity risk (lien direct) | A nationwide survey of 2,000 UK employees conducted by Censuswide on behalf of Armis, the unified asset visibility and security platform provider, analyses the new working culture and security of personal devices before the inevitable return to the office. The results demonstrate a heightened cybersecurity threat as the majority of the UK workforce (61%) intend […] | Threat | ||
|
2021-07-20 10:56:48 | Armis: Top Performer in Asset Visibility and Real-Time Detection in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) (lien direct) | Armis has announced its official participation in MITRE Engenuity's initial round of ATT&CK® Evaluations for industrial control systems (ICS). In these tests, MITRE Engenuity used the MITRE ATT&CK® knowledge base to emulate the tactics and techniques used in the TRITON malware attack against a petrochemical facility in Saudi Arabia. This malware was used to interact […] | Malware | ||
|
2021-07-19 14:33:08 | Netflix password crackdown: why users should be arguing for stronger measures (lien direct) | It was long overdue, but Netflix has finally started to explore ways to address its password problem. By prompting viewers to prove that they live with the holder of that account by receiving a code, sent via text or email, they are hoping to weed out password freeloaders who, let's face it, are probably costing […] | ★★ | ||
|
2021-07-19 14:25:39 | Combatting ransomware: a holistic approach (lien direct) | Although cybercrime as a whole has seen a rise during the pandemic, arguably ransomware has been one of the more successful and lucrative attack types. According to the World Economic Forum 2020 Global Risk Report, ransomware was the third most common, and second most damaging type of malware attack recorded last year, with payouts averaging […] | Ransomware Malware | ★★★★★ | |
|
2021-07-19 14:20:20 | The new ransomware threat: triple extortion (lien direct) | By the time you have finished reading this sentence, an organisation somewhere in the world will have fallen victim to a ransomware attack and had at least some of its corporate data encrypted. Globally, on average, the criminals behind ransomware attacks hit a new organisation every 10 seconds, but less than five years ago, it […] | Ransomware | ★★★★★ | |
|
2021-07-19 13:59:17 | Preparing for the ever-growing threat of ransomware (lien direct) | Ransomware is a growing threat to every organisation on the planet; it seems we can't go a day without seeing another high-profile ransomware attack being detailed in mainstream media. Cyber-criminals are innovating at a phenomenal pace in this growing 'industry', because they have the funds to do so. In fact, many cyber-criminal groups have more […] | Ransomware Threat | ||
|
2021-07-19 13:49:38 | It\'s time to get ahead of weaponised vulnerabilities (lien direct) | It comes as no surprise that the Covid-19 pandemic has resulted in an increase in security gaps. The global crisis revealed a multitude of nascent cyber-security shortcomings, including a lack of agility to support homeworking and an overreliance on on-premise security. It also created a whole host of new challenges, from scam Covid-related domains to […] | |||
|
2021-07-16 10:08:19 | OneLogin Eases Adoption of Zero Trust Framework with Delegated Administration (lien direct) | OneLogin has announced the launch of its Delegated Administration offering, which enables organizations to adopt the Zero Trust principle of least privilege access. By empowering IT administrators to easily delegate access on a granular level, organizations can balance productivity requirements with the need to aggressively protect their organization against security threats. OneLogin's Delegated Administration tool […] | Tool | ||
|
2021-07-14 16:22:30 | Security and HR phishing scams are luring employees, KnowBe4 report finds (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has revealed the results of its Q2 2021 top-clicked phishing report. There has been a significant rise in phishing email attacks related to HR topics, particularly regarding new policies that would affect all employees throughout organisations. Real phishing emails that were […] | ★★★★ | ||
|
2021-07-14 11:34:14 | Outpost24 acquires threat intelligence provider Blueliv (lien direct) | Outpost24 has acquired Blueliv, one of the world’s leading cyber threat intelligence companies which will create one of the largest cybersecurity providers in Europe. The objective: to provide the most advanced threat landscape monitoring solution to help businesses identify threats targeting their organizations and dramatically reduce risk exposure. “It has been a difficult 18 months […] | Threat Guideline | ||
|
2021-07-13 16:14:46 | Top 5 features of a secure password reset solution (lien direct) | Passwords are the first line of defense when it comes to digital security. For most businesses, each employee is going to have at least one username and password that they need to remember. In many cases, there will be many. This is, of course, is in addition to all of their personal accounts and passwords which are sometimes used on the same device […] | |||
|
2021-07-13 10:29:49 | Armis discloses critical vulnerability that allows remote takeover of Schneider Electric industrial controllers (lien direct) | Researchers at Armis, the unified asset visibility and security platform provider, have disclosed the discovery of an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers (PLCs) that can lead to remote-code-execution (RCE). The vulnerability, dubbed Modipwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 […] | Vulnerability Guideline | ||
|
2021-07-09 15:59:17 | Security professionals wish cloud providers would deliver specific security improvements, survey reveals (lien direct) | Of the 73% of security professionals with responsibility for the security of public cloud who operate in a multi-cloud environment, 98% think these more complex environments pose greater security challenges, a survey conducted for Tripwire by Dimensional Research reveals. Organizations have a wide range of reasons for going multi-cloud, including meeting varying business needs, running certain applications, distributing […] | |||
|
2021-07-02 14:45:45 | Nominations open for 6th annual Security Serious Unsung Heroes Awards (lien direct) | The sixth annual Security Serious Unsung Heroes Awards are now open for nominations. This is a chance to celebrate the people working on the frontlines to fight against cyber threats, no matter if they work in the classroom, law enforcement or corporate organisations. This year sees three new categories introduced, which will be for Business […] | |||
|
2021-07-02 13:00:29 | FCA rules Binance won\'t be allowed to conduct regulated activity in the UK (lien direct) | This week, news broke that the Financial Counduct Authority (FCA) has issued a warning to Binance, the world’s biggest cryptocurrency exchange. The ruling stated that firm cannot conduct any “regulated activity” in the UK, while also advising people to be wary of adverts promising high returns on crypto investments. Binance said the FCA notice would […] | |||
|
2021-06-30 13:39:59 | JFrog Acquires Vdoo to bolster Continuous Security from Development to Device (lien direct) | The liquid software company, JFrog has announced its intention to acquire Vdoo Connected Trust Ltd. (“Vdoo”). The company plans to accelerate its efforts to provide an industry-leading security offering to support DevOps users as they respond to the disruption in the market for continuous software delivery. As part of the JFrog Platform, Vdoo will accelerate […] | Guideline | ||
|
2021-06-30 12:59:15 | Access Control: The 5 Single Sign-On Benefits (lien direct) | In March 2020, many people began working from home due to the COVID-19 pandemic. The email to your teammates stating that you were “working from home” instantly had new meaning. Working from home resulted in additional risk management and security challenges for employees, executive leadership, and information technology (IT) teams. Organizations that had not embarked […] | Guideline | ||
|
2021-06-29 14:59:41 | New study from Armis reveals majority of UK workforce think cyberattacks will have major impact on everyday life (lien direct) | Armis, a unified asset visibility and security platform provider, has today released results from a survey that looked at the UK’s attitude towards cyberattacks on critical infrastructure. The study, carried out by Censuswide*, found that nearly 9 in 10 (87%) believe that cyberattacks on critical services, such as oil suppliers, healthcare services, police departments or […] | |||
|
2021-06-25 15:23:56 | REvil strikes Healthcare giant Grupo Fleury (lien direct) | This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online. On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its […] | |||
|
2021-06-25 15:08:28 | PS3 users reportedly banned from their accounts as a result of possible data breach (lien direct) | Sony has reportedly faced a security breach which resulted in millions of PS3 IDs being leaked to the hackers. This is thought to be the reason behind lots of PS3 users reporting in the PSN forums that they were banned for no reason whatsoever, according to reporting from Sportskeeda. While there is not enough evidence […] | Data Breach | ||
|
2021-06-25 14:48:29 | #RansomAware: Coalition forms to fight back on ransomware (lien direct) | A new cybersecurity coalition, which is backed by IT Security Guru, has launched this week in a move to fight back against ransomware. The coalition is part of a new movement headed by managed security service provider Talion, called #RansomAware, which encourages organisations to come clean on ransomware and speak up about the attacks they […] | Ransomware | ||
|
2021-06-24 15:48:52 | AT&T Alien Labs researchers analyse Linux version of Darkside ransomware (lien direct) | Shortly after hitting Colonial Pipeline, Darkside developers announced they would be closing operations. Nevertheless, researchers at AT&T Alien Labs have observed evidence that the group has completed a Linux version of its malware that is targeting ESXi servers hosting VMware virtual machines. To this point, the authors announced the Darkside 2.0 version with Linux capabilities. […] | Ransomware Malware | ||
|
2021-06-24 14:05:24 | Product news: One Identity\'s new next-generation PAM offerings (lien direct) | Safeguard Secure Remote Access provides a frictionless method for employees and contractors to securely access systems with privileged accounts from anywhere Endpoint Privilege Management helps organizations secure privilege on endpoints such as Windows desktops, Linux, and AD/AAD networks and attached systems Safeguard for DevOps enables developers to 'shift left' and build a secure secrets […] | |||
|
2021-06-24 13:17:55 | Comparitech finds 1 in 5 Google Play Apps for kids violates Children\'s Online Privacy Protection Act (lien direct) | Recent research from security and privacy comparison and advice website Comparitech.com, which has looked at children’s apps available through Google Play has found that 1 in 5 breach COPPA rules. Even more worrying is that half of the apps that violate the rules have received a “teacher-approved” badge. COPPA, imposed by the Federal Trade Commission […] | |||
|
2021-06-22 14:55:56 | Lookout expands partnership with Google Cloud to deliver endpoint to cloud security (lien direct) | Mobile security specialists, Lookout Inc. has announced it now has an expanded partnership with Google Cloud to provide endpoint-to-cloud security to organisations around the world. The new partnership will see Lookout deliver BeyondCorp Alliance product integrations and debuted its Lookout Mobile Endpoint Security solution on Google Cloud Marketplace. Lookout will reportedly bring additional choice of […] | |||
|
2021-06-22 10:27:08 | ITHC (IT Health Check) and PSN compliance: an overview and considerations (lien direct) | What is an IT Health Check (ITHC) An ITHC (IT Health Check) is a series of tests to ensure that your organisation is impenetrable to unauthorised persons. Specifically, organisations or individuals conduct an ITHC to confirm that they meet key requirements for PSN compliance. Direct from the ITHC supporting guidance: “Your ITHC should aim to provide assurance […] | |||
|
2021-06-17 10:45:29 | Biden says 16 sectors should be off limits to attack (lien direct) | In a speech on Wednesday, the U.S. President, Joe Biden told the Russian President, that 16 sectors of critical infrastructure should be “off-limits” to attacks, specifically cyberattacks. Unfortunately, analysts believe his efforts to be futile. Robert Golladay, the EMEA and APAC director at Illusive claims that “the fact that one of the leaders of the […] | Guideline | ||
|
2021-06-17 10:08:14 | Over a billion CVS health records exposed (lien direct) | On Thursday, an online database belonging to CVS Health was discovered online. This was the result of another misconfigured cloud service, which can significantly impact security and lead to a massive data leak. The uncovered database was not password-protected and had no security defences in place to prevent access from unauthorised persons. The database was […] | Guideline | ||
|
2021-06-16 14:33:52 | The Legacy of Security Champions (lien direct) | What will the legacy of security leaders be in the years to come? Will they be remembered as the defenders of the cyber realm, heroes or will history view them as annoying barriers who did nothing but slow down innovation? Many security leaders agree that too many times, the security team is viewed as the […] | Guideline | ||
|
2021-06-16 10:47:10 | Business security remains resilient in the wake of coronavirus (lien direct) | The coronavirus pandemic has put cybersecurity under a renewed spotlight. New ways of working and a fragmented workforce has challenged CISOs and their security teams; as the threat landscape has grown, nefarious actors have jumped at the chance to exploit the ever-fluid situation. We have seen attacks grow in frequency and sophistication; Telstra's Agility Report, […] | Threat | ||
|
2021-06-16 10:35:30 | Armis welcomes Crowdstrike\'s Michael Carpenter to company Board (lien direct) | Armis, the unified asset visibility and security platform provider, has announced the appointment of Michael Carpenter to Armis' Board of Directors. As the President of Global Sales and Field Operations at Crowdstrike, he was instrumental in expanding the sales organisation worldwide and generating business growth at incredible scale. This led to its IPO in 2019 […] | |||
|
2021-06-15 15:26:41 | CyberSmart Disrupts SME Cybersecurity with $10 million Series A Funding (lien direct) | CyberSmart has today announced the completion of a successful over-subscribed Series A funding round, bringing the total raised to over $10 million. Alongside deeptech fund IQ Capital and with the additional support of InsurTech specialist, Eos Venture Partners, and data science focused Winton Ventures, CyberSmart is set to further disrupt the cybersecurity market. The funding […] | |||
|
2021-06-11 15:56:08 | Ransomware will cost its victims more around $265 billion (USD) annually by 2031, Cybersecurity Ventures predicts (lien direct) | According to a report published by Cybersecurity Ventures, ransomware payments are predicted to cost victims over $265 billion by 2031. This isn’t difficult to imagine, given the recent streak of high-profile attacks, some of which caused a ripple effect that reflected on consumers finding themselves having to pay more for gas and finding heftier price […] | Ransomware | ||
|
2021-06-11 10:54:22 | One Identity Strengthens Executive Team (lien direct) | One Identity, the identity-centric security company, today announced the appointment of four executives that bring a wealth of software-as-a-service (SaaS) expertise to the organisation. The appointment of Rima Pawar as Vice President of Product Management, Joe Garber as Vice President of Marketing, Teri Robb as Vice President of North American Sales and Chris Wood as […] |
To see everything:
Our RSS (filtrered)
