SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2024-01-15 15:24:00	Ukrainien arrêté pour avoir infecté le fournisseur de cloud américain par des logiciels malveillants de cryptomine Ukrainian arrested for infecting US cloud provider with cryptomining malware (lien direct)	Un ressortissant ukrainien a été arrêté la semaine dernière pour avoir prétendument infecté les serveurs d'un fournisseur de services cloud américain «bien connu» avec un malware de cryptominage, selon la police ukrainienne .On pense qu'un pirate de 29 ans de la ville sud de Mykolaiv aura miné illicitement plus de 2 millions de dollars en crypto-monnaie au cours des deux dernières années.La police a dit A Ukrainian national was arrested last week for allegedly infecting the servers of “a well-known” American cloud service provider with a cryptomining malware, according to Ukrainian police. A 29-year-old hacker from the southern city of Mykolaiv is believed to have illicitly mined over $2 million in cryptocurrency over the past two years. The police said	Malware Cloud		★★
	2024-01-15 12:02:14	Services réseau managés : six marqueurs du marché en 2024 (lien direct)	SD-LAN, visibilité du cloud, prix des firewalls... Voici quelques-unes des perceptions de Gartner sur le marché des services réseau managés (MNS).	Cloud		★★★
	2024-01-15 08:19:50	Exposition du cloud, architecture hybride et attaques des PME : les prédictions cybersécurité de Tenable pour 2024 (lien direct)	Exposition du cloud, architecture hybride et attaques des PME : les prédictions cybersécurité de Tenable pour 2024 - Points de Vue	Prediction Cloud		★★★
	2024-01-15 04:25:55	Aperçu expert pour sécuriser votre infrastructure critique Expert Insight for Securing Your Critical Infrastructure (lien direct)	Au groupe de travail sur l'énergie et la conformité de l'énergie et la NERC de Tripwire, nous avons eu l'occasion de parler avec le directeur de la mesure du gaz, des contrôles et de la cybersécurité dans une grande entreprise d'énergie.Plus précisément, nous nous sommes concentrés sur la SCADA et les actifs sur le terrain de la technologie opérationnelle du gaz.L'expérience au niveau de la gestion d'une telle organisation a fourni une multitude de connaissances aux participants.L'environnement SCADA et l'infrastructure de la plupart des Cloud SCADA restent sur site.Cela est vrai pour de nombreuses entités du secteur de l'énergie et c'est plus que simplement être «démodé».L'implémentation très axée sur le matériel ... At Tripwire\'s recent Energy and NERC Compliance Working Group, we had the opportunity to speak with the Manager of Gas Measurement, Controls, & Cybersecurity at a large energy company. More specifically, we focused on SCADA and field assets of gas Operational Technology. The experience at the management level of such an organization provided a wealth of knowledge for the attendees. SCADA Environment and the Cloud Most SCADA infrastructure remains on-premises. This is true of many Energy sector entities and it is more than simply being "old-fashioned." The very hardware-focused implementation...	Cloud		★★★
	2024-01-13 15:31:00	Le cryptojacking ukrainien de 29 ans a été arrêté pour exploiter les services cloud 29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services (lien direct)	Un ressortissant ukrainien de 29 ans a été arrêté dans le cadre de la gestion d'un «programme de cryptojacking sophistiqué», leur rapporte plus de 2 millions de dollars (et 1,8 million) de bénéfices illicites. La personne a été appréhendé à Mykolaiv, en Ukraine, le 9 janvier par la police nationale d'Ukraine avec le soutien d'Europol et un fournisseur de services cloud sans nom après «mois de collaboration intensive». "Un nuage A 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine with support from Europol and an unnamed cloud service provider following “months of intensive collaboration.” “A cloud	Cloud		★★
	2024-01-12 20:58:00	Microsoft pour garder tous les clients personnels du cloud européen \\ 'dans le cadre de l'UE Microsoft to keep all European cloud customers\\' personal data within EU (lien direct)	" Microsoft stockera tous les données personnelles des clients du cloud au sein de l'Union européenne plutôt que d'autoriser les transferts à l'étranger, a déclaré jeudi la société - la dernière étape des efforts continus des fournisseurs de cloud pour naviguer dans des réglementations de confidentialité variables entre les juridictions.En vertu de la nouvelle politique, Microsoft conservera dans ce qu'il appelle la «limite de données de l'UE» Microsoft will store all cloud customers\' personal data within the European Union rather than allowing transfers abroad, the company said on Thursday - the latest step in ongoing efforts by cloud providers to navigate varying privacy regulations across jurisdictions. Under the new policy, Microsoft will keep within what it calls the “EU data boundary” all	Cloud		★★★
	2024-01-12 19:55:57	Explorer FBOT \|Des logiciels malveillants basés sur Python ciblant les services de cloud et de paiement Exploring FBot \| Python-Based Malware Targeting Cloud and Payment Services (lien direct)	#### Description FBOT est un outil de piratage basé sur Python distinct des autres familles de logiciels malveillants cloud, ciblant les serveurs Web, les services cloud et les plateformes SaaS comme AWS, Office365, PayPal, SendGrid et Twilio.Les caractéristiques clés incluent la récolte des informations d'identification pour les attaques de spam, les outils de détournement de compte AWS et les fonctions pour permettre des attaques contre PayPal et divers comptes SaaS. FBOT possède plusieurs fonctionnalités qui ciblent les services de paiement ainsi que les configurations SaaS.La fonction Validator PayPal valide l'état du compte PayPal en contactant une URL codée en dur avec une adresse e-mail lue à partir d'une liste de saisies.L'e-mail est ajouté à la demande de la section Détails du client pour valider si une adresse e-mail est associée à un compte PayPal. #### URL de référence (s) 1. https://www.sentinelone.com/labs/exploring-fbot-python-basked-malware-targeting-cloud-and-payment-services/ #### Date de publication 11 janvier 2024 #### Auteurs) Alex Delamotte #### Description FBot is a Python-based hacking tool distinct from other cloud malware families, targeting web servers, cloud services, and SaaS platforms like AWS, Office365, PayPal, Sendgrid, and Twilio. Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various SaaS accounts. FBot has several features that target payment services as well as SaaS configurations. The PayPal Validator feature validates PayPal account status by contacting a hardcoded URL with an email address read from an input list. The email is added to the request in the customer details section to validate whether an email address is associated with a PayPal account. #### Reference URL(s) 1. https://www.sentinelone.com/labs/exploring-fbot-python-based-malware-targeting-cloud-and-payment-services/ #### Publication Date January 11, 2024 #### Author(s) Alex Delamotte	Malware Tool Cloud		★★
	2024-01-12 15:27:31	Comment Slack a développé son usage de Terraform (lien direct)	Slack revient sur la manière dont il a généralisé, à renfort d'outils maison, l'usage de Terraform sur son infrastructure cloud.	Cloud		★★★
	2024-01-12 13:16:14	Sentinellabs: Exploration de FBOT & # 8211;Des logiciels malveillants basés sur Python ciblant les services de cloud et de paiement SentinelLabs: Exploring FBot – Python-Based Malware Targeting Cloud and Payment Services (lien direct)	Explorer FBOT & # 8211;Des logiciels malveillants basés sur Python ciblant les services de cloud et de paiement La scène des outils de piratage cloud est très liée, avec de nombreux outils qui se fondent sur le code de l'autre.Cela est particulièrement vrai pour les familles de logiciels malveillants comme Alienfox, Greenbot, Legion et Predator, qui partagent le code à partir d'un module de crampons des informations d'identification appelée AndroxGH0st. - mise à jour malveillant Exploring FBot – Python-Based Malware Targeting Cloud and Payment Services The cloud hack tool scene is highly intertwined, with many tools relying on one another\'s code. This is particularly true for malware families like AlienFox, Greenbot, Legion, and Predator, which share code from a credential-scraping module called Androxgh0st. - Malware Update	Malware Hack Tool Cloud		★★★
	2024-01-12 13:00:33	ThreatCloud AI remporte le prix Big Innovation 2024 ThreatCloud AI Wins 2024 BIG Innovation Award (lien direct)	> Le Business Intelligence Group a décerné à ThreatCloud AI avec un prix Big Innovation 2024.Le portfolio de la sécurité des pouvoirs Ai POWERSCLOUD AI \\ est entier & # 8211;Du bord au nuage en passant par le réseau et au-delà.Il prend deux milliards de décisions de sécurité quotidiennement & # 8211;S'assurer que les cyberattaques sont bloquées avant de pouvoir faire des dégâts.Le menacecloud AI possède plus de 40 moteurs d'IA et d'apprentissage automatique (ML) qui identifient et bloquent les menaces émergentes qui n'ont jamais été vues auparavant.Les caractéristiques clés incluent ThreatCloud Graph, qui fournit une perspective multidimensionnelle sur la prévention des attaques du système de fichiers interplanétaires de cybersécurité (IPFS), qui analyse les URL et détecte les modèles IPF suspects PDF profonde, [& # 8230;] >The Business Intelligence Group awarded ThreatCloud AI with a 2024 BIG Innovation award. ThreatCloud AI powers Check Point\'s entire security portfolio – from edge to cloud to network and beyond. It makes two billion security decisions daily – ensuring that cyber-attacks are blocked before they can do any damage. ThreatCloud AI has over 40 AI and machine learning (ML) engines that identify and block emerging threats that were never seen before. Key features include ThreatCloud Graph, which provides a multi-dimensional perspective on cyber security Interplanetary File System (IPFS) attack prevention, which scans URLs and detects suspicious IPFS patterns Deep PDF, […]	Cloud		★★
	2024-01-12 10:39:05	Être certifié PCI DSS Being PCI DSS certified (lien direct)	> Être certifié PCI est un long voyage.Nous avons commencé il y a deux ans lorsque nous avons discuté d'une extension de notre couverture avec un client.Ce client traitait les données de la carte et devait par conséquent s'associer à des solutions de sécurité conformes à PCI pour surveiller son périmètre.Nous fournissions déjà notre plate-forme SoC SaaS en ce moment, mais pas une solution certifiée et c'était un problème pour leur conformité. la publication Suivante être certifié PCI dss est un article de ssekoia.io blog . >Being PCI certified is a long journey. We started two years ago when we were discussing an extension of our coverage with a customer. This customer was processing card data and consequently had to be partnering with PCI-compliant security solutions to monitor its perimeter. We were already providing our SaaS SOC platform at this time, but not a certified solution and that was a problem for their compliance. La publication suivante Being PCI DSS certified est un article de Sekoia.io Blog.	Cloud		★★
	2024-01-12 09:19:18	Google Cloud lâche du lest sur les frais de sortie (lien direct)	Scruté sur les frais de sortie, Google Cloud en annonce la fin... pour un cas bien spécifique.	Cloud		★★★
	2024-01-12 08:02:02	Une introduction à la sécurité AWS An Introduction to AWS Security (lien direct)	Les fournisseurs de cloud deviennent une partie essentielle de l'infrastructure informatique.Amazon Web Services (AWS), le plus grand fournisseur de cloud du monde, est utilisé par des millions d'organisations dans le monde et est couramment utilisé pour exécuter des charges de travail sensibles et critiques.Cela rend les professionnels de l'informatique et de la sécurité de comprendre les bases de la sécurité AWS et de prendre des mesures pour protéger leurs données et leurs charges de travail.En tant que client cloud, il est important de comprendre le modèle de responsabilité partagée AWS et les dix domaines de sécurité dont vous devez être conscient lors de l'utilisation d'AWS.Il existe également les meilleures pratiques exploitables qui ... Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world\'s biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical for IT and security professionals to understand the basics of AWS security and take measures to protect their data and workloads. As a cloud customer, it is important to understand the AWS shared responsibility model and the ten security domains you need to be aware of when using AWS. There are also actionable best practices that...	Cloud		★★
	2024-01-11 19:30:00	La nouvelle boîte à outils FBOT de piratage FBOT basée sur Python vise les plates-formes Cloud et SaaS New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms (lien direct)	Un nouvel outil de piratage basé sur Python appelé & nbsp; fbot & nbsp; a été découvert de ciblage des serveurs Web, des services cloud, des systèmes de gestion de contenu (CMS) et des plateformes SaaS telles que Amazon Web Services (AWS), Microsoft 365, PayPal, SendGrid et Twilio. «Les caractéristiques clés incluent la récolte des informations d'identification pour les attaques de spam, les outils de détournement de compte AWS et les fonctions pour permettre des attaques contre PayPal et divers A new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. “Key features include credential harvesting for spamming attacks, AWS account hijacking tools, and functions to enable attacks against PayPal and various	Tool Cloud		★★★
	2024-01-11 16:34:09	Cloud souverain : l\'EU Data Boundary de Microsoft, encore poreuse (lien direct)	Voilà un an, Microsoft amorçait la mise en place de son EU Data Boundary. Où en est cette initiative axée sur la résidence des données ?	Cloud		★★★
	2024-01-11 13:55:59	Explorer FBOT \|Des logiciels malveillants basés sur Python ciblant les services de cloud et de paiement Exploring FBot \| Python-Based Malware Targeting Cloud and Payment Services (lien direct)	Les acteurs de la menace des armes FBOT avec un outil d'attaque multifonction conçu pour détourner le cloud, le SaaS et les services Web. FBot arms threat actors with a multi-function attack tool designed to hijack cloud, Saas and web services.	Malware Tool Threat Cloud		★★
	2024-01-11 13:00:23	Les crédits Azure MACC rassemblent la poussière?Utilisez-les pour obtenir la meilleure prévention de la sécurité préalable Azure MACC Credits Gathering Dust? Use Them to Get the Best Prevention-First Security (lien direct)	> Alors que nous entrons en 2024, votre organisation peut avoir des crédits MACC ou Azure Commit-to-Consume (CTC) inutilisés à mesure que votre date de renouvellement annuelle approche.Ces crédits sont «les utiliser ou les perdre» - mais la bonne nouvelle est que vous pouvez maintenant transformer ces crédits inutilisés en une couche supplémentaire de sécurité alimentée par l'IA qui peut empêcher des attaques plus furtives.Que vous ayez des crédits qui expireront bientôt ou commencent à planifier vos dépenses Azure pour les 12 prochains mois, Check Point Horizon XDR / XPR vous offre désormais un moyen de bénéficier de tous les avantages du cadre d'engagement du coût du cloud de Microsoft \\Son MACC et CTC [& # 8230;] >As we enter 2024, your organization may have unused MACC or Azure commit-to-consume (CtC) credits as your annual renewal date draws near. These credits are “use them or lose them”-but the good news is that you can now transform those unused credits into an additional layer of AI-powered security that can prevent more stealthy attacks. Whether you have credits that will soon expire or are starting to plan your Azure spend for the next 12 months, Check Point Horizon XDR/XPR now offers you a way to gain all the benefits of Microsoft\'s cloud cost commitment framework-both its MACC and CtC […]	Cloud		★★★
	2024-01-11 09:27:04	Étude Netskope Threat Labs : les cybercriminels surfent sur l\'augmentation de 400 % de l\'utilisation d\'applications d\'IA générative par les employés (lien direct)	Étude Netskope Threat Labs : les cybercriminels surfent sur l'augmentation de 400 % de l'utilisation d'applications d'IA générative par les employés Une nouvelle étude détaille la forte croissance de l'adoption de l'intelligence artificielle générative, les risques liés aux applications en cloud, les principales menaces et les adversaires tout au long de l'année 2023. - Investigations	Threat Studies Cloud		★★★★
	2024-01-10 22:00:00	Des centaines de milliers de dollars d'actifs de crypto-monnaie Solana volés lors de récentes campagnes de draineur Clinksink Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns (lien direct)	Le 3 janvier 2024, le compte de médias sociaux de Mandiant \\ a été repris et utilisé par la suite pour distribuer des liens vers une page de phishing de drainage de crypto-monnaie.En travaillant avec X, nous avons pu reprendre le contrôle du compte et, sur la base de notre enquête sur les jours suivants, nous n'avons trouvé aucune preuve d'activité malveillante ou de compromis de, tous les systèmes de cloud mandiant ou Google qui ont conduit au compromis de cettecompte.Le billet de blog suivant fournit un aperçu supplémentaire de Draineur Levé dans cette campagne, que nous avons surnommé Clinksink. De nombreux acteurs ont mené des campagnes depuis On January 3, 2024, Mandiant\'s X social media account was taken over and subsequently used to distribute links to a cryptocurrency drainer phishing page. Working with X, we were able to regain control of the account and, based on our investigation over the following days, we found no evidence of malicious activity on, or compromise of, any Mandiant or Google Cloud systems that led to the compromise of this account. The following blog post provides additional insight into the drainer leveraged in this campaign, which we have dubbed CLINKSINK.Numerous actors have conducted campaigns since	Cloud		★★★
	2024-01-10 14:23:04	Comment Pinterest a monté son PaaS Kubernetes (lien direct)	Pinterest a entrepris de moderniser son infrastructure de calcul avec Kubernetes. Des API à la sémantique, il y a greffé ses outils et processus.	Tool Cloud		★★★
	2024-01-10 12:27:12	Rubrik accélère la cyber-résilience de Carhartt (lien direct)	Rubrik accélère la cyber-résilience de Carhartt La marque de vêtements de travail a migré plus de 600 charges de travail de plusieurs fournisseurs de sauvegarde vers Rubrik Security Cloud. - Marchés	Cloud		★★
	2024-01-10 08:42:11	SecurityScorecard annonce les premières évaluations de sécurité du secteur développées exclusivement pour les télécommunications (lien direct)	SecurityScorecard et les leaders du secteur fournissent des évaluations de sécurité spécifiques au secteur des télécommunications, des fournisseurs de services Internet et des fournisseurs de cloud. - Produits	Cloud		★★★
	2024-01-09 16:57:00	Pourquoi les liens publics exposent votre surface d'attaque SaaS Why Public Links Expose Your SaaS Attack Surface (lien direct)	La collaboration est un argument de vente puissant pour les applications SaaS.Microsoft, Github, Miro et d'autres font la promotion de la nature collaborative de leurs applications logicielles qui permettent aux utilisateurs d'en faire plus. Les liens vers des fichiers, des référentiels et des conseils peuvent être partagés avec n'importe qui, n'importe où.Cela encourage le travail d'équipe qui aide à créer des campagnes et des projets plus forts en encourageant la collaboration entre les employés Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone, anywhere. This encourages teamwork that helps create stronger campaigns and projects by encouraging collaboration among employees	Cloud		★★★
	2024-01-09 11:28:08	Le paraguay met en garde contre les attaques de ransomwares de chasse noire après la violation de Tigo Business Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach (lien direct)	L'armée du Paraguay met en garde contre les attaques de ransomwares de chasse noires après que les activités de Tigo ont subi une cyberattaque la semaine dernière sur le cloud et l'hébergement des services dans la division des affaires de la société.[...] The Paraguay military is warning of Black Hunt ransomware attacks after Tigo Business suffered a cyberattack last week impacting cloud and hosting services in the company\'s business division. [...]	Ransomware Cloud		★★
	2024-01-09 09:31:36	Tendance 2024 : l\'évolution de l\'intelligence artificielle sera un tremplin pour l\'IT (lien direct)	Selon Nutanix, l'IA va s'imposer dans le cloud, son évolution reposera sur l'algèbre linéaire, les systèmes d'infrastructure vont changer et les GPU seront mis de côté alors qu'Apple ne s'est pas encore prononcé sur le sujet.	Prediction Cloud		★★★
	2024-01-09 08:00:00	Enfin une surveillance vidéo efficace à base d\'intelligence artificielle grâce au combo Frigate + Home Assistant (lien direct)	Frigate est un enregistreur vidéo réseau (NVR) local pour Home Assistant, intégrant une détection d'objets AI en temps réel sans utiliser le cloud. Utilisant OpenCV, TensorFlow et Google Coral Accelerator, il offre des performances optimales, une intégration avec d'autres plateformes d'automatisation et des fonctionnalités telles que MQTT, enregistrements vidéo et streaming RTSP.	Cloud		★★
	2024-01-09 01:36:00	L'exécution de zéro confiance dans le cloud prend une stratégie Executing Zero Trust in the Cloud Takes Strategy (lien direct)	L'architecture Zero Trust est un catalyseur pivot de la cybersécurité cloud, mais une mise en œuvre appropriée implique une planification spécialisée. Zero trust architecture is a pivotal enabler of cloud cybersecurity, but proper implementation entails specialized planning.	Cloud		★★
	2024-01-08 16:31:08	Cybersécurité, Cloud et services à valeur ajoutée : les piliers d\'une infrastructure IT performante (lien direct)	Cybersécurité, Cloud et services à valeur ajoutée : les piliers d'une infrastructure IT performante Par François Guiraud, Directeur du Marketing NXO - Risk Management	Cloud		★★
	2024-01-08 06:00:19	ProofPoint reconnu en 2023 Gartner & Reg;Guide du marché pour les solutions de gestion des risques d'initiés Proofpoint Recognized in 2023 Gartner® Market Guide for Insider Risk Management Solutions (lien direct)	It\'s easy to understand why insider threats are one of the top cybersecurity challenges for security leaders. The shift to remote and hybrid work combined with data growth and cloud adoption has meant it\'s easier than ever for insiders to lose or steal data. Legacy systems simply don\'t provide the visibility into user behavior that\'s needed to detect and prevent insider threats. With so much potential for brand and financial damage, insider threats are now an issue for the C-suite. As a result, businesses are on the lookout for tools that can help them to better manage these threats. To help businesses understand what to look for, Gartner has recently released Market Guide for Insider Risk Management Solutions. In this report, Gartner explores what security and risk leaders should look for in an insider risk management (IRM) solution. It also provides guidance on how to implement a formal IRM program. Let\'s dive into some of its highlights. Must-have capabilities for IRM tools Gartner states that IRM “refers to the use of technical solutions to solve a fundamentally human problem.” And it defines IRM as “a methodology that includes the tools and capabilities to measure, detect and contain undesirable behavior of trusted accounts in the organization.” Gartner identifies three distinct types of users-careless, malicious and compromised. That, we feel, is in line with our view at Proofpoint. And the 2022 Cost of Insider Threats Global Report from Ponemon Institute notes that most insider risks can be attributed to errors and carelessness, followed by malicious and compromised users. In its Market Guide, Gartner identifies the mandatory capabilities of enterprise IRM platforms: Orchestration with other cybersecurity tooling Monitoring of employee activity and assimilating into a behavior-based risk model Dashboarding and alerting of high-risk activity Orchestration and initiation of intervention workflows This is the third consecutive year that Proofpoint is a Representative Vendor in the Market Guide. Proofpoint was an early and established leader in the market for IRM solutions. Our platform: Integrates with a broad ecosystem of cybersecurity tools. Our API-driven architecture means it\'s easy for you to feed alerts into your security tools. That includes security information and event management (SIEM) as well as SOAR and service management platforms, such as Splunk and ServiceNow. That, in turn, helps you gain a complete picture of potential threats. Provides a single lightweight agent with a dual purpose. With Proofpoint, you get the benefit of data loss prevention (DLP) and ITM in a single solution. This helps you protect against data loss and get deep visibility into user activities. With one agent, you can monitor everyday users. That includes low-risk and regular business users, risky users, such as departing employees, privileged users and targeted users. Offers one centralized dashboard. This saves you time and effort by allowing you to monitor users, correlate alerts and triage investigations from one place. You no longer need to waste your time switching between tools. You can quickly see your riskiest users, top alerts and file exfiltration activity in customizable dashboards. Includes tools to organize and streamline tasks. Proofpoint ITM lets you change the status of events with ease, streamline workflows and better collaborate with team members. Plus, you can add tags to help group and organize your alerts and work with more efficiency. DLP and IRM are converging In its latest Market Guide, Gartner says: “Data loss prevention (DLP) and insider risk strategies are increasingly converging into a unified solution. The convergence is driven by the recognition that preventing data loss and managing insider risks are interconnected goals.” A legacy approach relies on tracking data activity. But that approach is no longer sufficient because the modern way of working is more complex. Employees and third parties have access to more data than ever before. And ex	Tool Threat Cloud Technical		★★★
	2024-01-05 06:00:31	2023 Année en revue: versions de contenu axées sur les menaces pour la sensibilisation à la sécurité 2023 Year in Review: Threat-Driven Content Releases for Security Awareness (lien direct)	As a new year approaches, it is natural to reflect on recent accomplishments. At Proofpoint, we are reflecting on our work to deliver security awareness content and updated features in line with our ongoing goal to drive behavior change. Proofpoint Security Awareness integrates our rich threat intelligence, which means it taps into current and emerging attacks. Our threat analysts surface threat trends, such as artificial intelligence (AI)-enhanced vishing, malicious QR codes and remote IT support scams. And then we work quickly to release new training features and awareness material to ensure inform security administrators and educate employees about ever-evolving attacks. In 2023, our content releases focused on three areas: Delivering a threat-driven program Improving how security awareness administrators work Enhancing how people learn Let\'s review the past year and explore how Proofpoint used content releases to respond to the changing threat landscape. Image from AI Chatbot Threats training (play video). Quick turnaround for threat trends Proofpoint Security Awareness alerts customers to threats in two powerful ways-Threat Alerts and Attack Spotlights. It also continuously trains employees with threat-driven training modules. Threat Alerts These weekly releases focus on a specific and current ongoing attack. They explain what the threat is and who it might target. And they describe a specific lure, if applicable. Each alert is linked to activity that our threat analysts see happening in the wild. We recommend applicable training like simulated phishing and awareness material and include suggested email messaging. In 2023, we released Threat Alerts on: IRS-themed phishing lures for tax season (February, March, April) AI-enhanced vishing calls that impersonate loved ones (March) Malicious QR codes for credential phishing (May, August) Telephone-oriented attack delivery (TOAD) using a Geek Squad PDF lure (July, October) Charity donation scams around the Israel-Palestine crisis (October) Christmas party lures for credential phishing (November) Attack Spotlights These monthly releases cast a wider lens on attack types. They focus on a time-based or reoccurring threat that is expected to trend, typically related to holidays, travel seasons or shopping events. Each spotlight is released a month in advance with a campaign plan, awareness material and training modules, and is available in 12 core languages. In 2023, Proofpoint published these Attack Spotlight campaigns: Smishing with package delivery lures (February) Business email compromise (BEC) phishing with requests for quotations (RFQs) (April) LinkedIn phishing lures (May) Amazon phishing lures (June) Remote IT support scams (September) Gift card scams (December) Image from Attack Spotlight video (play video). Threat modules These training videos are relevant to the changing threat landscape. They are inspired by our threat intelligence and our team\'s threat landscape research. These micro-learning modules are grounded in learning science principles that are designed to drive behavior change. Each module has a concise and specific learning objective. The delivery of content is tailored to individual factors such as a person\'s role, learning style, vulnerability level and preferred language. In 2023, we covered these topics in our new threat training modules: Data loss protection AI chatbot threats Amazon phishing scams Cryptocurrency investment scams QR code dangers Multifactor authentication (MFA) Image from Threat Module video (play video). Staying ahead of generative AI attacks AI-powered systems are promoted as tools to help us work faster, and they are transforming businesses and industries. This wide-reaching access can create security risks from potential data breaches to concerns over user privacy. Your employees need to be aware of the limitations and risks of using AI-powered tools, especiall	Ransomware Tool Vulnerability Threat Studies Prediction Cloud		★★★★
	2024-01-04 13:35:17	Que rechercher dans un scanner de vulnérabilité open source What To Look For in an Open Source Vulnerability Scanner (lien direct)	L'une des principales préoccupations de sécurité que nous entendons des leaders de la technologie concerne la sécurité des logiciels open source (OSS) et le développement de logiciels cloud.Un scanner de vulnérabilité open source (pour la numérisation OSS) vous aide à découvrir le risque dans le code tiers que vous utilisez.Cependant, ce n'est pas parce qu'une solution scanne l'open source que vous réduisez finalement le risque de sécurité.Voici ce qu'il faut rechercher dans un scanner de vulnérabilité open source et une solution de test de sécurité pour trouver et corriger les vulnérabilités dans l'OSS. Contexte sur les vulnérabilités en open source et à quoi ressemble le risque Avant de pouvoir parler de ce qu'il faut rechercher dans une solution de numérisation, nous devons parler des vulnérabilités que les outils recherchent.Né en 1999, la base de données nationale de vulnérabilité (NVD) était un produit de l'Institut national des normes et de la technologie (NIST) conçu pour être «le référentiel du gouvernement américain des données de gestion de la vulnérabilité basées sur les normes».Il représente un indice des vulnérabilités connues… One of the top security concerns we hear from technology leaders is about the security of open source software (OSS) and cloud software development. An open source vulnerability scanner (for scanning OSS) helps you discover risk in the third-party code you use. However, just because a solution scans open source does not mean you are ultimately reducing security risk with it. Here is what to look for in an open source vulnerability scanner and security testing solution to find and fix vulnerabilities in OSS. Background on Vulnerabilities in Open Source and What the Risk Looks Like Before we can talk about what to look for in a scanning solution, we need to talk about the vulnerabilities the tools are looking for. Born in 1999, the National Vulnerability Database (NVD) was a product of the National Institute of Standards and Technology (NIST) made to be “the U.S. government repository of standards based vulnerability management data.” It represents an index of known vulnerabilities…	Tool Vulnerability Cloud		★★★
	2024-01-04 11:59:00	Compte Twitter de Mandiant \\ a été restauré après un piratage d'escroquerie de cryptographie de six heures Mandiant\\'s Twitter Account Restored After Six-Hour Crypto Scam Hack (lien direct)	La société américaine de cybersécurité et la filiale de Google Cloud Mandiant avait son compte X (anciennement Twitter) compromis pendant plus de six heures par un attaquant inconnu pour propager une arnaque de crypto-monnaie. Au cours de la rédaction, le compte & nbsp; a été restauré & nbsp; sur la plate-forme de médias sociaux. Il n'est actuellement pas clair comment le compte a été violé.Mais le compte mandiant piraté a été initialement renommé "@ American cybersecurity firm and Google Cloud subsidiary Mandiant had its X (formerly Twitter) account compromised for more than six hours by an unknown attacker to propagate a cryptocurrency scam. As of writing, the account has been restored on the social media platform. It\'s currently not clear how the account was breached. But the hacked Mandiant account was initially renamed to "@	Hack Cloud		★★★★
	2024-01-04 06:00:10	Cybersecurity Stop of the Month: MFA Manipulation (lien direct)	This blog post is part of a monthly series exploring the ever-evolving tactics of today\'s cybercriminals. Cybersecurity Stop of the Month focuses on the critical first three steps in the attack chain in the context of email threats. The series is designed to help you understand how to fortify your defenses to protect people and defend data against emerging threats in today\'s dynamic threat landscape. The critical first three steps of the attack chain: reconnaissance, initial compromise and persistence. So far in this series, we have covered the following types of attacks:  Supplier compromise  EvilProxy  SocGholish  eSignature phishing QR code phishing Telephone-oriented attack delivery (TOAD)   Payroll diversion In this post, we examine an attack technique called multifactor (MFA) manipulation. This malicious post-compromise attack poses a significant threat to cloud platforms. We cover the typical attack sequence to help you understand how it works. And we dive deeper into how Proofpoint account takeover capabilities detected and prevented one of these threats for our customer. Background MFA manipulation is an advanced technique where bad actors introduce their own MFA method into a compromised cloud account. These attackers are used after a cloud account takeover attack, or ATO. ATOs are an insidious threat that are alarmingly common. Recent research by Proofpoint threat analysts found that in 2023 almost all businesses (96%) were targeted by cloud-based attacks. What\'s more, a whopping 60% were successfully compromised and had at least one account taken over. MFA manipulation attacks can work several ways with bad actors having multiple options for getting around MFA. One way is to use an adversary-in-the-middle (AiTM) attack. This is where the bad actor inserts a proxy server between the victim and the website that they\'re trying to log into. Doing so enables them to steal that user\'s password as well as the session cookie. There\'s no indication to the user that they\'ve been attacked-it just seems like they\'ve logged into their account as usual. However, the attackers have what they need to establish persistence, which means they can maintain access even if the stolen MFA credentials are revoked or deemed invalid. The scenario Recently, Proofpoint intercepted a series of MFA manipulation attacks on a large real estate company. In one case, the bad actors used an AiTM attack to steal the credentials of the firm\'s financial controller as well as the session cookie. Once they did that, they logged into that user\'s business account and generated 27 unauthorized access activities. The threat: How did the attack happen? Here is a closer look at how this MFA manipulation attack played out: 1. Bad actors used the native “My Sign-Ins” app to add their own MFA methods to compromise Microsoft 365 accounts. We observed that the attackers registered their own authenticator app with notification and code. They made this move right after they gained access to the hijacked account as part of an automated attack flow execution. This, in turn, allowed them to secure their foothold within the targeted cloud environment. The typical MFA manipulation flow using Microsoft\'s “My Sign-Ins” app. 2. After the compromise, the attackers demonstrated a sophisticated approach. They combined MFA manipulation with OAuth application abuse. With OAuth abuse, an attacker authorizes and/or uses a third-party app to steal data, spread malware or execute other malicious activities. Attackers also use the abused app to maintain persistent access to specific resources even after their initial access to a compromised account has been cut off. 3. The attackers authorized the seemingly benign application, “PERFECTDATA SOFTWARE,” to gain persistent access to the user\'s account and the systems, as well as the resources and applications that the user could access. The permissions the attackers requested for this app included:	Malware Tool Vulnerability Threat Cloud		★★★
	2024-01-04 01:00:00	Début avec Passkeys, un service à la fois Getting Started With Passkeys, One Service at a Time (lien direct)	PassKeys aide à supprimer les mots de passe pour se connecter aux sites Web et aux services cloud.Ce conseil technique décrit les moyens de commencer. Passkeys help do away with passwords for logging into websites and cloud services. This Tech Tip outlines ways to get started.	Cloud		★★★
	2024-01-03 22:09:00	Sonicwall accélère les offres de sase;Acquérir un fournisseur de sécurité cloud éprouvé SonicWall Accelerates SASE Offerings; Acquires Proven Cloud Security Provider (lien direct)	PassKeys aide à supprimer les mots de passe pour se connecter aux sites Web et aux services cloud.Ce conseil technique décrit les moyens de commencer. Passkeys help do away with passwords for logging into websites and cloud services. This Tech Tip outlines ways to get started.	Cloud		★
	2024-01-03 22:00:00	Sentinélone pour étendre les capacités de sécurité du cloud avec l'acquisition de Pingsafe SentinelOne to Expand Cloud Security Capabilities With Acquisition of PingSafe (lien direct)	PassKeys aide à supprimer les mots de passe pour se connecter aux sites Web et aux services cloud.Ce conseil technique décrit les moyens de commencer. Passkeys help do away with passwords for logging into websites and cloud services. This Tech Tip outlines ways to get started.	Cloud		★★
	2024-01-03 17:34:59	SentinelOne® acquiert PingSafe (lien direct)	SentinelOne® étend ses capacités de sécurité dans le cloud avec l'acquisition de PingSafe La plateforme de protection des applications cloud natives complètera les capacités de sécurité du cloud alimentée par l'IA et fournira des capacités d'analyse globales. - Business	Cloud		★★
	2024-01-03 17:32:40	Sentinéone a acquis Pingsafe. SentinelOne acquired PingSafe. (lien direct)	Sentinelone & Reg;Pour étendre les capacités de sécurité du cloud avec l'acquisition de Pingsafe L'ajout de la plate-forme de protection des applications natifs cloud créera une plate-forme de sécurité cloud complète alimentée par l'IA et les capacités complètes d'analyse - nouvelles commerciales SentinelOne® to expand cloud security capabilities with acquisition of PingSafe Addition of cloud native application protection platform will create a comprehensive cloud security platform powered by AI and full analytics capabilities - Business News	Cloud		★★
	2024-01-03 16:16:00	5 façons de réduire les risques de sécurité SaaS 5 Ways to Reduce SaaS Security Risks (lien direct)	Alors que l'adoption de la technologie s'est déplacée pour être dirigée par des employés, juste à temps, et de tout emplacement ou appareil, les équipes informatiques et de sécurité se sont retrouvées à affronter une surface d'attaque SaaS en constante évolution, dont une grande partie est souvent inconnue ou non gérée.Cela augmente considérablement le risque de menaces basées sur l'identité et, selon un récent rapport de CrowdStrike, 80% des violations utilisent aujourd'hui As technology adoption has shifted to be employee-led, just in time, and from any location or device, IT and security teams have found themselves contending with an ever-sprawling SaaS attack surface, much of which is often unknown or unmanaged. This greatly increases the risk of identity-based threats, and according to a recent report from CrowdStrike, 80% of breaches today use compromised	Cloud		★★★
	2024-01-03 06:54:15	Tenable atteint Fedramp \\ 'Ready \\' désignation pour la sécurité du cloud tenable Tenable achieves FedRAMP \\'Ready\\' designation for Tenable Cloud Security (lien direct)	> La société de gestion de l'exposition Tenable a annoncé qu'elle avait atteint la désignation \\ 'prête \' au niveau d'impact modéré de ... >Exposure management company Tenable announced that it has achieved the \'Ready\' designation at the moderate impact level from...	Cloud		★★★
	2024-01-02 15:31:00	Le guide de l'acheteur de navigateur de l'entreprise définitive \\ The Definitive Enterprise Browser Buyer\\'s Guide (lien direct)	Les parties prenantes de la sécurité ont réalisé que le rôle de premier plan du navigateur dans l'environnement d'entreprise moderne nécessite une réévaluation de la façon dont il est géré et protégé.Bien que les risques Web d'origine du Web ne sont pas encore abordés par un patchwork de solutions de point final, de réseau et de cloud, il est maintenant clair que la protection partielle que ces solutions fournies ne sont plus suffisantes.Donc, Security stakeholders have come to realize that the prominent role the browser has in the modern corporate environment requires a re-evaluation of how it is managed and protected. While not long-ago web-borne risks were still addressed by a patchwork of endpoint, network, and cloud solutions, it is now clear that the partial protection these solutions provided is no longer sufficient. Therefore,	Cloud		★★
	2024-01-02 13:41:44	Bases de données cloud : entre écosystèmes et data fabrics (lien direct)	Garter a actualisé son Magic Quadrant des bases de données cloud (dbPaaS). D'écosystèmes en data fabrics, quelle vision donne-t-il de ce marché ?	Cloud Commercial		★★
	2024-01-02 11:08:18	Etude Zscaler : 86 % des cyberattaques transitent par des canaux chiffrés, et l\'industrie manufacturière est la plus ciblée (lien direct)	Etude Zscaler : 86 % des cyberattaques transitent par des canaux chiffrés, et l'industrie manufacturière est la plus ciblée Principaux constats : Les menaces via HTTPS sont en hausse de 24 % sur un an dans le cloud de Zscaler, soit près de 30 milliards de menaces bloquées. Les logiciels malveillants et les contenus malveillants chiffrés représentent une menace majeure, à l'origine de 78 % des attaques observées. L'industrie manufacturière a été le secteur le plus ciblé, et a subi 32 % des attaques chiffrées, alors que plus de 2,1 milliards de transactions liées à l'IA/au ML ont été traitées. Les exploits de navigateur et les sites de logiciels espions sont en hausse de 297 % et 290 % sur un an. - Investigations	Threat Studies Cloud		★★★★
	2023-12-31 10:09:18	Android Game Dev \\'s Google Drive Misconfig met en évidence les risques de sécurité cloud Android game dev\\'s Google Drive misconfig highlights cloud security risks (lien direct)	Le développeur de jeux japonais Ateam a prouvé qu'une simple erreur de configuration de Google Drive peut entraîner une exposition potentielle mais improbable d'informations sensibles pour près d'un million de personnes sur une période de six ans et huit mois.[...] Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely exposure of sensitive information for nearly one million people over a period of six years and eight months. [...]	Mobile Cloud		★★★
	2023-12-29 15:20:27	Les hôpitaux demandent aux tribunaux de forcer l'entreprise de stockage du cloud de retourner des données volées Hospitals ask courts to force cloud storage firm to return stolen data (lien direct)	Deux hôpitaux à but non lucratif de New York recherchent une ordonnance du tribunal pour récupérer les données volées dans une attaque de ransomware d'août qui est maintenant stockée sur les serveurs d'une société de stockage de Boston Cloud.[...] Two not-for-profit hospitals in New York are seeking a court order to retrieve data stolen in an August ransomware attack that\'s now stored on the servers of a Boston cloud storage company. [...]	Ransomware Legislation Medical Cloud		★★★
	2023-12-28 18:50:00	Google Cloud résout l'escalade du privilège Flaw impactant le service Kubernetes Google Cloud Resolves Privilege Escalation Flaw Impacting Kubernetes Service (lien direct)	Google Cloud a abordé un défaut de sécurité de la sévérité moyenne dans sa plate-forme qui pourrait être maltraité par un attaquant qui a déjà accès à un cluster Kubernetes pour augmenter ses privilèges. "Un attaquant qui a compromis le conteneur & nbsp; bit Cluent & nbsp; journalisation pourrait combiner cet accès avec des privilèges élevés requis par & nbsp; Anthos Service Mesh & nbsp; (sur des clusters qui l'ont permis) à Google Cloud has addressed a medium-severity security flaw in its platform that could be abused by an attacker who already has access to a Kubernetes cluster to escalate their privileges. "An attacker who has compromised the Fluent Bit logging container could combine that access with high privileges required by Anthos Service Mesh (on clusters that have enabled it) to	Cloud		★★★
	2023-12-28 14:18:07	Concevoir un indice de texte mutable à l'échelle de la pétaoctet rentable Designing a Cost-Efficient, Petabyte-Scale Mutable Full Text Index (lien direct)	Engineering Insights is an ongoing blog series that gives a behind-the-scenes look into the technical challenges, lessons and advances that help our customers protect people and defend data every day. Each post is a firsthand account by one of our engineers about the process that led up to a Proofpoint innovation. At Proofpoint, running a cost-effective, full-text search engine for compliance use cases is an imperative. Proofpoint customers expect to be able to find documents in multi-petabyte archives for legal and compliance reasons. They also need to index and perform searches quickly to meet these use cases. However, creating full-text search indexes with Proofpoint Enterprise Archive can be costly. So we devote considerable effort toward keeping those costs down. In this blog post, we explore some of the ways we do that while still supporting our customers\' requirements. Separating mutable and immutable data One of the most important and easiest ways to reduce costs is to separate mutable and immutable data. This approach doesn\'t always fit every use case, but for the Proofpoint Enterprise Archive it fits well. For archiving use cases-and especially for SEC 17a-4 compliance-data that is indexed can\'t be modified. That includes data-like text in message bodies and attachments. The Proofpoint Enterprise Archive has features that require the storage and mutation of data alongside a message, in accordance with U.S. Securities and Exchange Commission (SEC) compliance. (For example, to which folders a message is a member, and to which legal matters a message pertains.) To summarize, we have: Large immutable indexes Small mutable indexes By separating data into mutable and immutable categories, we can index these datasets separately. And we can use different infrastructure and provisioning rules to manage that data. The use of different infrastructure allows us to optimize the cost independently. Comparing the relative sizes of mutable and immutable indexes. Immutable index capacity planning and cost Normally, full-text search indexes must be provisioned to handle the load of initial write operations, any subsequent update operations and read operations. By indexing immutable data separately, we no longer need to provision enough capacity to handle the subsequent update operations. This requires less IO operations overall. To reduce IO needs further, the initial index population is managed carefully with explicit IO reservation. Sometimes, this will mean adding more capacity (nodes/servers/VMs) so that the IO needs of existing infrastructure are not overloaded. When you mutate indexes, it is typically best practice to leave an abundance of disk space to support the index merge operations when updates occur. In some cases, this can be as much as 50% free disk space. But with immutable indexes, you don\'t need to have so much spare capacity-and that helps to reduce costs. In summary, the following designs can help keep costs down: Reduce IO needs because documents do not mutate Reduce disk space requirements because free space for mutation isn\'t needed Careful IO planning on initial population, which reduces IO requirements Mutable index capacity planning and cost Meanwhile, mutable indexes benefit from standard practices. They can\'t receive the same reduced capacity as immutable indexes. However, given that they\'re a fraction of the size, it\'s a good trade-off. Comparing the relative free disk space of mutable and Immutable indexes. Optimized join with custom partitioning and routing In a distributed database, join operations can be expensive. We often have 10s to 100s of billions of documents for the archiving use case. When both sides of the join operation have large cardinality, it\'s impractical to use a generalized approach to join the mutable and immutable data. To make this high-cardinality join practical, we partition the data in the same way for both the mutable and immutable data. As a result, we end up with a one-t	Cloud Technical		★★★
	2023-12-28 00:00:07	Optimisation de la sécurité du cloud: un processus d'amélioration continue Cloud Security Optimization: A Process for Continuous Improvement (lien direct)	L'optimisation du cloud est le processus de sélection correctement et d'attribuer les bonnes ressources à une charge de travail ou à une application dans l'objectif ultime de minimiser les coûts tout en améliorant les performances et l'efficacité.Ces ressources peuvent aller de la puissance de calcul, de la mémoire et du stockage aux capacités du réseau.Le processus d'optimisation du cloud implique une surveillance, analyser et affiner en permanence ces ressources pour assurer des performances optimales.Qu'est-ce que la sécurité du cloud?La sécurité du cloud est un ensemble de politiques, de contrôles, de procédures et de technologies qui travaillent ensemble pour protéger les systèmes basés sur le cloud, les données ... Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization process involves continuously monitoring, analyzing, and fine-tuning these resources to ensure optimal performance. What Is Cloud Security? Cloud Security is a set of policies, controls, procedures, and technologies that work together to protect cloud-based systems, data...	Cloud		★★
	2023-12-27 09:19:46	3 incontournables des performances de recherche d'archives: une comparaison de logiciels d'archives de messagerie 3 Must-Haves of Archive Search Performance: An Email Archive Software Comparison (lien direct)	Yes, it\'s true that customers who use legacy on-premises archives or even modern cloud solutions say “fast search performance” is a primary reason to migrate to Proofpoint Archive. Our customers often highlight “fast search performance” as a key email archiving solution element. For reference, look no further than Gartner Peer Insights, where “search/index” is ranked the highest out of product feature areas evaluated by our customers. However, you don\'t buy a Tesla Model X just for its top speed. You don\'t purchase a Rolex just to tell time. And you don\'t subscribe to or license an archive just for its search performance. Of course, not having adequate search performance can spell dire consequences when you need to address e-discovery requests. Think of having to settle a lawsuit early because you can\'t get search results in time to determine whether it makes better sense to litigate. But there\'s more to email archive search performance than just speed. In this blog, we\'ll explore three factors that drive positive outcomes for our customers. Speed is one, and the other two are scalability and ease of use. 1: Speed When you run a search for specific information in your email archive, how long does it take to retrieve that information? Hours? Days? Longer? Search speed dictates how fast you receive results from a search. While some vendor email archiving tools are incredibly slow, Proofpoint Archive has a financially backed search service-level agreement (SLA) that obligates us to return search results in seconds, on average, for our customers. To give you with some context, here\'s what we found when we compared the email archive search speeds of Microsoft Purview eDiscovery and Proofpoint Archive-specifically when searching 100 mailboxes and 50,000 mailboxes. For this example, a total of 200 searches were run, based on an average of 10 cases managed per month with each case requiring 20 searches to be performed. Microsoft doesn\'t have search performance SLAs. But they provide “guidelines for average search time” based on the number of mailboxes searched. (See the table below.) Guidelines for average search times for Microsoft Purview eDiscovery solutions. Based on internal, anonymous archive usage reports, as of August 2023 the average search time for Proofpoint Archive was 3.28 seconds. Also, it\'s estimated that Microsoft will take about 1.67 hours to return results when searching 100 mailboxes. Proofpoint Archive returned results in about 0.18 hours, as shown below. A comparison of search speed between Microsoft and Proofpoint. At this level of searching, the search speed difference may not seem significant. However, if you factor in rerunning searches due to new data or a system failure (like index corruption) with Microsoft, the numbers can grow rapidly. The search speed expectation with Proofpoint remains consistent, given our average search performance, particularly when you run consecutive searches. The search speed difference becomes more noteworthy when you consider highly litigious organizations that need to run hundreds or thousands of searches across hundreds or thousands of mailboxes. In the second scenario, when searching 50,000 mailboxes, it\'s estimated that Microsoft will take about 66.67 hours to return search results. That\'s like having your team “babysit” Microsoft e-discovery searches for more than a week and a half every month! Separately, Proofpoint Archive is expected to remain the same at 0.18 hours. With Proofpoint, you get search results from the archive when you need them, helping to improve your ability to respond to e-discovery requests and internal investigations in a timely fashion. 2: Scalability When you address an e-discovery request, do you run only one search? Probably not. The factor of search scalability defines your ability to achieve your expected search speed performance time and time again, regardless of whether you\'re searching 100 mailboxes or 50,000 mailboxes-and regardless of	Tool Cloud		★★★
	2023-12-25 13:17:00	Cloud Atlas \\ 'Les attaques de phishing de lance ciblent l'agro russe et les sociétés de recherche Cloud Atlas\\' Spear-Phishing Attacks Target Russian Agro and Research Companies (lien direct)	L'acteur de menace appelé & nbsp; cloud atlas & nbsp; a été lié à un ensemble d'attaques de lance-plipage contre les entreprises russes. Les objectifs comprenaient une entreprise agro-industrielle russe et une société de recherche appartenant à l'État, selon A & NBSP; Report & NBSP; de F.A.C.T.T., une société autonome de cybersécurité s'est formée après la sortie officielle du groupe-ib \\ de Russie plus tôt cette année. Cloud Atlas, actif depuis à The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB\'s formal exit from Russia earlier this year. Cloud Atlas, active since at	Threat Cloud		★★★

Last update at: 2024-05-09 10:08:08
See our sources.

To see everything: Our RSS (filtrered)