What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-05-02 12:18:16 | Les agences mondiales de cybersécurité émettent une alerte sur la menace des systèmes OT d'activité hacktiviste pro-russe Global cybersecurity agencies issue alert on threat to OT systems from pro-Russia hacktivist activity (lien direct) |
> Les agences mondiales de cybersécurité émettent une alerte critique concernant la menace immédiate pour les systèmes de technologie opérationnelle (OT) posés par ...
>Global cybersecurity agencies issue a critical alert regarding the immediate threat to operational technology (OT) systems posed by... |
Threat Industrial | ★★★★ | |
|
2024-05-02 12:15:21 | Insane Cyber ferme 4,2 millions de dollars pour sauvegarder les installations d'infrastructures critiques Insane Cyber closes $4.2 million funding round to safeguard critical infrastructure installations (lien direct) |
> Insane Cyber, un fournisseur d'offres de cybersécurité industrielle, a annoncé mercredi l'achèvement d'un financement en début de stade de 4,2 millions de dollars américains ...
>Insane Cyber, a vendor of industrial cybersecurity offerings, announced Wednesday the completion of a US$4.2 million early-stage funding... |
Industrial | ★★ | |
 |
2024-05-02 08:30:00 | Les États-Unis et le Royaume-Uni mettent en garde contre les attaques d'OT russes perturbatrices US and UK Warn of Disruptive Russian OT Attacks (lien direct) |
Les États-Unis et ses alliés affirment que les hacktivistes russes sont des opérations perturbatrices dans les secteurs de l'eau, de l'énergie, de l'alimentation et de l'agriculture
The US and its allies claim Russian hacktivists are disruptive operations in water, energy, food and agriculture sectors |
Industrial | ★★ | |
 |
2024-04-30 17:28:56 | Pour endommager les systèmes OT, les pirates exploitent les USB, les anciens bugs &Malware To Damage OT Systems, Hackers Tap USBs, Old Bugs & Malware (lien direct) |
Les USB ont quelque chose des techniques d'attaque les plus récentes et les plus chaudes: la capacité de combler les lacunes aériennes.
USBs have something the newest, hottest attack techniques lack: the ability to bridge air gaps. |
Malware Industrial | ★★★ | |
 |
2024-04-30 12:00:00 | Qu'est-ce que la cybersécurité OT et en quoi diffère-t-elle de la cybersécurité informatique? What Is OT Cybersecurity and How Does It Differ from IT Cybersecurity? (lien direct) |
> Dragos est une entreprise de cybersécurité industrielle tirant parti des logiciels, des renseignements et des services professionnels pour protéger la civilisation.Le SANS Institute rend la cybersécurité ...
Le post Qu'est-ce que la cybersécurité OT et en quoi diffère-t-elle de la cybersécurité? est apparu pour la première fois sur dragos .
>Dragos is an industrial cybersecurity company leveraging software, intelligence, and professional services to safeguard civilization. The SANS Institute empowers cybersecurity... The post What Is OT Cybersecurity and How Does It Differ from IT Cybersecurity? first appeared on Dragos. |
Industrial | ★★★ | |
 |
2024-04-29 16:05:58 | Faits saillants hebdomadaires, 29 avril 2024 Weekly OSINT Highlights, 29 April 2024 (lien direct) |
## Snapshot Last week\'s OSINT reporting reveals a diverse range of cyber threats targeting organizations globally. The articles highlight various attack vectors, including phishing emails with malware payloads (SSLoad, [Cobalt Strike](https://security.microsoft.com/intel-profiles/fd8511c1d61e93d39411acf36a31130a6795efe186497098fe0c6f2ccfb920fc)), ransomware variants (KageNoHitobito, DoNex), and mobile banking malware (Brokewell) distributed through fake domain schemes and overlay attacks. Threat actors behind these campaigns range from financially motivated ransomware groups to sophisticated state-sponsored actors like Sandworm ([Seashell Blizzard](https://sip.security.microsoft.com/intel-profiles/cf1e406a16835d56cf614430aea3962d7ed99f01ee3d9ee3048078288e5201bb)) and UAT4356 ([Storm-1849](https://sip.security.microsoft.com/intel-profiles/f3676211c9f06910f7f1f233d81347c1b837bddd93292c2e8f2eb860a27ad8d5)). Targetted organizations span Europe, Asia, and the Americas and targetted industries include critical infrastructure and IT. ## Description 1. **[Ongoing FROZEN#SHADOW Phishing Campaign](https://security.microsoft.com/intel-explorer/articles/e39d9bb3)**: The FROZEN#SHADOW campaign utilizes phishing emails to distribute SSLoad malware, alongside [Cobalt Strike](https://security.microsoft.com/intel-profiles/fd8511c1d61e93d39411acf36a31130a6795efe186497098fe0c6f2ccfb920fc) and ConnectWise ScreenConnect for extensive persistence and remote access. The victim organizations, predominantly in Europe, Asia, and the Americas, are targeted via JavaScript file downloads and MSI installers connecting to attacker-controlled domains. 2. **[Insights on KageNoHitobito and DoNex Ransomware](https://security.microsoft.com/intel-explorer/articles/ff848e92)**: KageNoHitobito and DoNex are ransomware variants with distinct encryption methods and ransom note presentations. While KageNoHitobito prompts victims to negotiate through a TOR site, DoNex terminates specific services and processes, deletes shadow copies, and may be linked to DarkRace ransomware. 3. **[Brokewell Mobile Banking Malware](https://security.microsoft.com/intel-explorer/articles/99a5deee)**: Brokewell poses a significant threat to the banking industry, utilizing overlay attacks, spyware functionalities, and remote control capabilities to steal credentials and device information. The malware\'s active development and promotion on underground channels indicate a growing interest among cybercriminals targeting different regions. 4. **[Malvertising Campaign Targeting IT Teams with MadMxShell](https://security.microsoft.com/intel-explorer/articles/ffa6ca10)**: A sophisticated threat actor distributes the MadMxShell backdoor through fake domains, using Google Ads to push them to the top of search results. MadMxShell employs complex evasion techniques, including multi-stage injection and DNS tunneling for C2 communication, indicating an interest in targeting IT professionals for unauthorized access. 5. **[ArcaneDoor Campaign by UAT4356 (Storm-1849)](https://security.microsoft.com/intel-explorer/articles/a0cf0328)**: UAT4356 (tracked by Microsoft as [Storm-1949](https://sip.security.microsoft.com/intel-profiles/f3676211c9f06910f7f1f233d81347c1b837bddd93292c2e8f2eb860a27ad8d5)) targets perimeter network devices like Cisco Adaptive Security Appliances (ASA) with backdoors "Line Runner" and "Line Dancer" for reconnaissance and malicious actions. The campaign showcases a state-sponsored actor\'s advanced tradecraft, with deliberate efforts to evade forensics and exploit 0-day vulnerabilities. The initial access vector used in this campaign remains unidentified, but two vulnerabilities ([CVE-2024-20353](https://security.microsoft.com/intel-explorer/cves/CVE-2024-20353/description) and[CVE-2024-20359](https://security.microsoft.com/intel-explorer/cves/CVE-2024-20359/description)) were exploited. 6. **[Kapeka Backdoor Linked to Sandworm (Seashell Blizzard)](https://security.microsoft.com/intel-explorer/articles/364efa92)**: Kapeka (tracked by Microsoft as K | Ransomware Malware Tool Vulnerability Threat Mobile Industrial | ★★★ | |
 |
2024-04-29 13:00:00 | Honeywell: les attaques de logiciels malveillants USB contre les organisations industrielles deviennent plus sophistiquées Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated (lien direct) |
> Une analyse menée par Honeywell montre qu'une grande partie des logiciels malveillants transmis par l'USB ciblant les organisations industrielles peut toujours provoquer des perturbations.
>An analysis conducted by Honeywell shows that much of the USB-borne malware targeting industrial organizations can still cause OT disruption. |
Malware Industrial | ★★★ | |
|
2024-04-29 07:19:52 | Microsoft fait ses débuts Icspector Framework pour permettre d'examiner les informations et les configurations des API industriels Microsoft debuts ICSpector framework to enable examining information and configurations of industrial PLCs (lien direct) |
> Le géant de la technologie Microsoft a déployé IcSpector, un cadre open source qui facilite l'examen des informations et des configurations de ...
>Tech giant Microsoft has rolled out ICSpector, an open-source framework that facilitates examining the information and configurations of... |
Industrial | ★★★ | |
|
2024-04-29 07:05:20 | Critical Start introduit les services de détection et de réponse gérés pour les environnements OT Critical Start introduces managed detection and response services for OT environments (lien direct) |
> Critical Start a annoncé la disponibilité à venir des services de détection et de réponse gérés par le démarrage critique (MDR) pour les opérationnels ...
>Critical Start has announced the upcoming availability of Critical Start Managed Detection and Response (MDR) services for Operational... |
Industrial | ★★ | |
|
2024-04-28 05:28:32 | Sécuriser le cloud, IIOT dans l'industrie 4.0 émerge cruciale pour protéger les opérations industrielles dans les environnements OT / ICS Securing cloud, IIoT in Industry 4.0 emerges crucial for protecting industrial operations across OT/ICS environments (lien direct) |
Les organisations sont de plus en plus obligées de protéger leur cloud et IIOT dans l'industrie 4.0 à travers OT / ICS (technologie opérationnelle / contrôle industriel ...
Organizations are increasingly forced to protect their cloud and IIoT in Industry 4.0 across OT/ICS (operational technology/industrial control... |
Industrial Cloud | ★★ | |
|
2024-04-26 19:12:08 | Todckat APT Group Honne les tactiques d'expiltration des données, exploite les outils légitimes ToddyCat APT Group Hones Data Exfiltration Tactics, Exploits Legitimate Tools (lien direct) |
#### Targeted Geolocations - Oceania - Southeast Asia - South Asia - East Asia - Central Asia #### Targeted Industries - Government Agencies & Services - Defense ## Snapshot Kaspersky reports the APT group ToddyCat has been observed targeting governmental organizations, particularly defense-related ones in the Asia-Pacific region, with the goal of stealing sensitive information on an industrial scale. ## Description They employ various tools and techniques, including traffic tunneling and the creation of reverse SSH tunnels, to maintain constant access to compromised infrastructure. The attackers utilize disguised OpenSSH private key files, execute scripts to modify folder permissions, create SSH tunnels to redirect network traffic, and employ the SoftEther VPN package to potentially facilitate unauthorized access and data exfiltration. Additionally, they use various files and techniques, such as concealing file purposes, copying files through shared resources, and tunneling to legitimate cloud providers, to gain access to victim hosts and evade detection. The threat actors initially gain access to systems by installing servers, modifying server settings, and utilizing tools like Ngrok and Krong to redirect C2 traffic and create tunnels for unauthorized access. They also employ the FRP client, a data collection tool named "cuthead", and a tool called "WAExp" to search for and collect browser local storage files containing data from the web version of WhatsApp. The attackers demonstrate a sophisticated and evolving approach to data collection and exfiltration, utilizing multiple tools and techniques to achieve their objectives. ## Recommendations Microsoft recommends the following mitigations to reduce the impact of Information stealer threats. - Check your Office 365 email filtering settings to ensure you block spoofed emails, spam, and emails with malware. Use [Microsoft Defender for Office 365](https://learn.microsoft.com/microsoft-365/security/office-365-security/defender-for-office-365?ocid=magicti_ta_learndoc) for enhanced phishing protection and coverage against new threats and polymorphic variants. Configure Microsoft Defender for Office 365 to [recheck links on click](https://learn.microsoft.com/microsoft-365/security/office-365-security/safe-links-about?ocid=magicti_ta_learndoc) and [delete sent mail](https://learn.microsoft.com/microsoft-365/security/office-365-security/zero-hour-auto-purge?ocid=magicti_ta_learndoc) in response to newly acquired threat intelligence. Turn on [safe attachments policies](https://learn.microsoft.com/microsoft-365/security/office-365-security/safe-attachments-policies-configure?ocid=magicti_ta_learndoc) to check attachments to inbound email. - Encourage users to use Microsoft Edge and other web browsers that support SmartScreen, which identifies and blocks malicious websites, including phishing sites, scam sites, and sites that host malware. - Turn on [cloud-delivered protection](https://learn.microsoft.com/microsoft-365/security/defender-endpoint/configure-block-at-first-sight-microsoft-defender-antivirus?ocid=magicti_ta_learndoc) in Microsoft Defender Antivirus, or the equivalent for your antivirus product, to cover rapidly evolving attacker tools and techniques. Cloud-based machine learning protections block a majority of new and unknown variants. - Enforce MFA on all accounts, remove users excluded from MFA, and strictly [require MFA](https://learn.microsoft.com/azure/active-directory/identity-protection/howto-identity-protection-configure-mfa-policy?ocid=magicti_ta_learndoc) from all devices, in all locations, at all times. - Enable passwordless authentication methods (for example, Windows Hello, FIDO keys, or Microsoft Authenticator) for accounts that support passwordless. For accounts that still require passwords, use authenticator apps like Microsoft Authenticator for MFA. [Refer to this article](https://learn.microsoft.com/azure/active-directory/authentic | Ransomware Spam Malware Tool Threat Industrial Cloud | ★★ | |
 |
2024-04-26 18:33:10 | Accélération de la réponse aux incidents en utilisant une AI générative Accelerating incident response using generative AI (lien direct) |
Lambert Rosique and Jan Keller, Security Workflow Automation, and Diana Kramer, Alexandra Bowen and Andrew Cho, Privacy and Security Incident Response IntroductionAs security professionals, we\'re constantly looking for ways to reduce risk and improve our workflow\'s efficiency. We\'ve made great strides in using AI to identify malicious content, block threats, and discover and fix vulnerabilities. We also published the Secure AI Framework (SAIF), a conceptual framework for secure AI systems to ensure we are deploying AI in a responsible manner. Today we are highlighting another way we use generative AI to help the defenders gain the advantage: Leveraging LLMs (Large Language Model) to speed-up our security and privacy incidents workflows. |
Tool Threat Industrial Cloud | ★★★ | |
|
2024-04-26 13:59:31 | Dragos rapporte que la baisse des attaques de ransomwares contre le secteur industriel au milieu des mesures d'application de la loi Dragos reports decline in ransomware attacks on industrial sector amid law enforcement measures (lien direct) |
> La société de cybersécurité industrielle Dragos a identifié que les pirates ont ciblé des équipements de systèmes de contrôle industriel (ICS), avec l'ingénierie ...
>Industrial cybersecurity firm Dragos has identified that hackers have targeted industrial control systems (ICS) equipment, with the engineering... |
Ransomware Legislation Industrial | ★★★★ | |
|
2024-04-26 07:20:28 | Le navigateur Cref de Mitre \\ s'aligne sur le CMMC de DOD \\ pour stimuler la cyber-résilience dans la base industrielle de la défense MITRE\\'s CREF Navigator aligns with DoD\\'s CMMC to boost cyber resilience in defense industrial base (lien direct) |
Organisation à but non lucratif Mitre a annoncé jeudi que son navigateur d'ingénierie de cyber-résilience (CREF) s'aligne avec le département américain ...
Non-profit organization MITRE announced Thursday that its Cyber Resiliency Engineering Framework (CREF) Navigator aligns with the U.S. Department... |
Industrial | ★★ | |
|
2024-04-25 13:00:00 | Analyse des ransomwares industriels de Dragos: T1 2024 Dragos Industrial Ransomware Analysis: Q1 2024 (lien direct) |
> Les informations fournies ici proviennent de chasseurs d'adversaires et d'analystes de la cyber-menace de l'intelligence et des analystes qui effectuent des recherches sur l'adversaire ...
Le post Dragos Industrial Ransomware Analysis: T1 2024 = "https://www.dragos.com"> dragos .
>Information provided here is sourced from Dragos OT Cyber Threat Intelligence adversary hunters and analysts who conduct research on adversary... The post Dragos Industrial Ransomware Analysis: Q1 2024 first appeared on Dragos. |
Ransomware Threat Industrial | ★★★ | |
|
2024-04-25 08:21:16 | Le rapport de ForeScout met en garde contre les risques de sécurité croissants pour les infrastructures critiques à mesure que les données exposées OT / ICS dégénèrent Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates (lien direct) |
Les chercheurs du bras de recherche de ForeStcout \\, Vedere Labs, ont fait l'alarme sur les menaces de sécurité ignorées pour exposer la critique ...
Researchers from Forescout\'s research arm, Vedere Labs, have raised an alarm about ignored security threats to exposed critical... |
Industrial | ★★ | |
 |
2024-04-24 20:59:50 | Critical Start introduit la cybersécurité pour ... Critical Start Introduces Cybersecurity for... (lien direct) |
Critical Start introduit la cybersécurité pour la technologie opérationnelle (OT) avec le lancement à venir du service MDR sur mesure
-
revues de produits
Critical Start Introduces Cybersecurity for Operational Technology (OT) with Upcoming Launch of Tailored MDR Service - Product Reviews |
Industrial | ★★ | |
|
2024-04-24 17:43:06 | La Commission européenne fait & euro; 112 millions d'investissement dans l'IA, recherche quantique dans le programme Horizon Europe European Commission makes €112 million investment in AI, quantum research under Horizon Europe program (lien direct) |
> La Commission européenne a lancé des appels à des propositions au sein de Horizon Europe & # 8217; s 2023-2024 Programme de travail numérique, industriel et spatial, se concentrant ...
>The European Commission initiated calls for proposals within Horizon Europe’s 2023-2024 digital, industrial, and space work program, focusing... |
Industrial | ★★★ | |
|
2024-04-24 14:00:00 | 2023: a \\ 'bonne \\' année pour les cyberattaques OT 2023: A \\'Good\\' Year for OT Cyberattacks (lien direct) |
Les attaques ont augmenté de "seulement" 19% l'année dernière.Mais ce nombre devrait augmenter de manière significative.
Attacks increased by "only" 19% last year. But that number is expected to grow significently. |
Industrial | ★★★ | |
|
2024-04-24 13:29:58 | ADM21 et Vecow lancent ECS-4700, Box PC compact robuste de qualité marine (lien direct) | Vecow a annoncé le lancement du ECS-4700, système compact innovant et robuste, conçu pour des applications d'IA dans des environnements difficiles. Conçu sur la base de processeurs I5/I7 de 13ème génération, ce modèle certifié EN60945 offre des performances exceptionnelles, prévues pour des environnements difficiles et réduits comme la Marine, la vision industrielle, le NVR mobile et autres applications Edge AI. L'ECS-4700 étend la gamme de BOX PC embarqués, ultra-compacts de Vecow avec des E/S (...) - Produits | Mobile Industrial | ★★ | |
|
2024-04-23 18:02:10 | Le conseil d'atténuation des risques acquiert un tiricon, stimulant les offres de cybersécurité et d'assurance de mission Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings (lien direct) |
> Consulting d'atténuation des risques (RMC), un fournisseur de gestion des risques et de solutions de cybersécurité industrielle pour les infrastructures critiques et critique ...
>Risk Mitigation Consulting (RMC), a provider of risk management and industrial cybersecurity solutions for critical infrastructure and critical... |
Industrial | ★★ | |
 |
2024-04-23 15:34:20 | Vol de données \\ 'sur une échelle industrielle \\' est l'objectif du groupe en Asie-Pacifique Data theft \\'on an industrial scale\\' is group\\'s goal in Asia-Pacific (lien direct) |
> Consulting d'atténuation des risques (RMC), un fournisseur de gestion des risques et de solutions de cybersécurité industrielle pour les infrastructures critiques et critique ...
>Risk Mitigation Consulting (RMC), a provider of risk management and industrial cybersecurity solutions for critical infrastructure and critical... |
Industrial | ★★★ | |
|
2024-04-23 08:54:08 | Le nouveau rapport CGCYBER met en garde contre les risques de cybersécurité dans le milieu marin en raison des systèmes OT connectés au réseau New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems (lien direct) |
> Le Cyber Command (CGCyber) de la Garde côtière américaine a annoncé lundi que l'OT (technologie opérationnelle) connecté au réseau introduit des vulnérabilités potentielles ...
>The U.S. Coast Guard Cyber Command (CGCYBER) announced on Monday that network-connected OT (operational technology) introduces potential vulnerabilities... |
Vulnerability Industrial | ★★★★ | |
 |
2024-04-22 20:41:00 | Le groupe de pirates russes Toddycat utilise des outils avancés pour le vol de données à l'échelle industrielle Russian Hacker Group ToddyCat Uses Advanced Tools for Industrial-Scale Data Theft (lien direct) |
L'acteur de menace & nbsp; connu sous le nom de & nbsp; toddycat & nbsp; a & nbsp; a été observé & nbsp; en utilisant un large éventail d'outils pour conserver l'accès à des environnements compromis et voler des données précieuses.
La société russe de cybersécurité Kaspersky a caractérisé l'adversaire comme s'appuyant sur divers programmes pour récolter des données sur une "échelle industrielle" des organisations gouvernementales principalement, certaines d'entre elles liées à la défense, située dans
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from primarily governmental organizations, some of them defense related, located in |
Tool Threat Industrial | ★★★ | |
 |
2024-04-22 15:00:00 | Zero Trust a-t-il raison pour l'OT, en ce moment? Is Zero Trust Right for OT, Right Now? (lien direct) |
Découvrez comment les organisations OT peuvent passer d'un modèle de confiance implicite hérité à un modèle de frust en zéro de manière transparente à travers et dans les infrastructures critiques.
Find out how OT organizations can shift from a legacy implied trust model to a zero-trust model seamlessly across and within critical infrastructures. |
Industrial | ★★★ | |
|
2024-04-22 12:30:29 | DC3, DCSA collabore pour lancer le programme de divulgation de vulnérabilité pour la base industrielle de la défense DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base (lien direct) |
> Le Département américain de la Défense (DOD) Cyber Crime Center (DC3) et l'agence de contre-espionnage et de sécurité de la défense (DCSA) annoncent ...
>The U.S. Department of Defense (DoD) Cyber Crime Center (DC3) and Defense Counterintelligence and Security Agency (DCSA) announce... |
Vulnerability Industrial | ★★ | |
|
2024-04-22 12:24:32 | Cascade, 2TS entrent dans la cybersécurité Alliance pour le marché africain Waterfall, 2TS enter into cybersecurity alliance for African market (lien direct) |
> Waterfall Security Solutions et Thuthukani Technology Solutions (2TS) ont annoncé un partenariat qui aidera à sécuriser les réseaux OT à travers ...
>Waterfall Security Solutions and Thuthukani Technology Solutions (2TS) announced a partnership that will help secure OT networks across... |
Industrial | ★★ | |
|
2024-04-22 10:55:30 | Le rapport sur les menaces USB de Honeywell 2024 révèle une augmentation significative de la fréquence des logiciels malveillants, mettant en évidence les préoccupations croissantes Honeywell\\'s 2024 USB Threat Report reveals significant rise in malware frequency, highlighting growing concerns (lien direct) |
Un nouveau rapport de l'équipe de Honeywell \'s GARD (Global Analysis, Research and Defence) a révélé que la fréquence globale des logiciels malveillants se poursuit ...
A new report from Honeywell\'s GARD (Global Analysis, Research, and Defense) team disclosed that overall malware frequency continues... |
Data Breach Malware Threat Industrial | ★★★ | |
|
2024-04-21 05:44:44 | Améliorer la cybersécurité industrielle en s'attaquant aux menaces, en respectant les réglementations, en stimulant la résilience opérationnelle Enhancing industrial cybersecurity by tackling threats, complying with regulations, boosting operational resilience (lien direct) |
> Les organisations de l'espace de cybersécurité industrielle traitent constamment des défis, notamment les violations de logiciels, les vulnérabilités matérielles, la chaîne d'approvisionnement ...
>Organizations across the industrial cybersecurity space are constantly dealing with challenges including software breaches, hardware vulnerabilities, supply chain... |
Vulnerability Industrial | ★★ | |
|
2024-04-19 15:51:17 | Radiflow, partenaire de réseaux exclusifs pour élever la cybersécurité OT Radiflow, Exclusive Networks partner to elevate OT cybersecurity (lien direct) |
> Exclusive Networks, un fournisseur mondial de cybersécurité spécialisé dans l'infrastructure numérique, a récemment dévoilé un nouveau partenariat de distribution avec ...
>Exclusive Networks, a global cybersecurity provider specializing in digital infrastructure, has recently unveiled a new distribution partnership with... |
Industrial | ★★★ | |
|
2024-04-19 14:09:19 | Mitre prévoit d'améliorer la cybersécurité en 2024 avec des sous-technologies ICS et l'intégration multi-domaines MITRE plans to enhance cybersecurity in 2024 with ICS sub-techniques and multi-domain integration (lien direct) |
Organisation à but non lucratif, Mitre a souligné jeudi que ses objectifs d'attr & # 38; CK 2024 sont de renforcer la convivialité et d'améliorer la réalisation ...
Non-profit organization MITRE outlined Thursday that its ATT&CK 2024 goals are to bolster broader usability and enhance actionable... |
Industrial | ★★★ | |
|
2024-04-19 14:03:45 | Nouveau projet de loi présenté pour mettre en place l'organisation des risques d'eau et de la résilience pour sécuriser les systèmes d'eau des cyber-menaces New bill introduced to set up Water Risk and Resilience Organization to secure water systems from cyber threats (lien direct) |
Deux membres du Congrès américain ont présenté un projet de loi visant à protéger les systèmes d'eau des cyber-menaces.La législation proposée ...
Two U.S. Congressmen have introduced a bill aimed at safeguarding water systems from cyber threats. The proposed legislation... |
Legislation Industrial | ★★★ | |
|
2024-04-18 20:25:50 | Les contrôleurs de réseau ICS ouverts à l'exploit à distance, aucun correctif disponible ICS Network Controllers Open to Remote Exploit, No Patches Available (lien direct) |
CISA advisory warns of critical ICS device flaws, but a lack of available fixes leaves network administrators on defense to prevent exploits.
CISA advisory warns of critical ICS device flaws, but a lack of available fixes leaves network administrators on defense to prevent exploits. |
Threat Industrial | ★★★ | |
|
2024-04-18 08:59:48 | (Déjà vu) Hexagon et Dragos dévoilent le partenariat stratégique Hexagon and Dragos unveil strategic partnership (lien direct) |
Hexagon et Dragos dévoilent le partenariat stratégique pour renforcer la cybersécurité industrielle
-
nouvelles commerciales
Hexagon and Dragos unveil strategic partnership to strengthen industrial cybersecurity - Business News |
Industrial | ★★ | |
|
2024-04-18 07:19:06 | Radiflow s'associe à des réseaux exclusifs Radiflow Partners with Exclusive Networks (lien direct) |
Radiflow s'associe à des réseaux exclusifs pour élever la cybersécurité OT
avec les solutions de cybersécurité et de gestion des risques de Radiflow \\ pour les environnements OT,
Réseaux exclusifs L'Italie étend sa gamme de technologies pour protéger les entreprises \\ '
Sites de production
-
nouvelles commerciales
Radiflow Partners with Exclusive Networks to Elevate OT Cybersecurity With Radiflow\'s cybersecurity and risk management solutions for OT environments, Exclusive Networks Italy expands its range of technologies to protect companies\' production sites - Business News |
Industrial | ★★ | |
|
2024-04-17 20:31:30 | Dangereux ICS Maleware cible les organisations en Russie et en Ukraine Dangerous ICS Malware Targets Orgs in Russia and Ukraine (lien direct) |
"Kapeka" et "Fuxnext" sont les derniers exemples de logiciels malveillants à émerger du conflit de longue date entre les deux pays.
"Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries. |
Malware Industrial | ★★★★ | |
|
2024-04-17 16:25:58 | Paysage cyber-menace pour le secteur américain de l'eau et des eaux usées OT Cyber Threat Landscape for the U.S. Water & Wastewater Sector (lien direct) |
> Dragos OT Cyber Threat Intelligence Les chasseurs et les analystes d'adversaire effectuent des recherches sur les opérations adversaires et leurs tactiques, techniques et procédures ...
Le post OT Cyber Threat Landscape pour l'US Water &Le secteur des eaux usées est apparu pour la première fois sur dragos .
>Dragos OT Cyber Threat Intelligence adversary hunters and analysts conduct research on adversary operations and their tactics, techniques, and procedures... The post OT Cyber Threat Landscape for the U.S. Water & Wastewater Sector first appeared on Dragos. |
Threat Industrial | ★★ | |
|
2024-04-17 12:52:50 | Hexagon et Dragos annoncent une alliance technique pour stimuler la cybersécurité industrielle, réduire le cyber-risque global Hexagon and Dragos announce technical alliance to boost industrial cybersecurity, reduce overall OT cyber risk (lien direct) |
dragos et hexagon ont uni leurs forces pour fournir aux organisations industrielles une visibilité et un contexte complet de l'ICS / OT ...
Dragos and Hexagon have joined forces to provide industrial organizations with the comprehensive visibility and context of ICS/OT... |
Industrial Technical | ★★ | |
|
2024-04-17 10:24:14 | Acheteurs de la cybersécurité industrielle \\ 'Guide 2024 Navigue du paysage industriel complexe Industrial Cybersecurity Buyers\\' Guide 2024 navigates complex industrial landscape (lien direct) |
> La sixième édition annuelle de la technologie de cybersécurité industrielle, des solutions et des acheteurs de services \\ 'Guide 2024 a été publié ...
>The sixth annual edition of the Industrial Cybersecurity Technology, Solutions, and Services Buyers\' Guide 2024 has been published... |
Industrial | ★★ | |
|
2024-04-15 13:47:34 | Kaspersky ICS CERT rapporte sur l'escalade des conséquences des cyberattaques contre les organisations industrielles Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations (lien direct) |
Les nouvelles données publiées par les chercheurs de l'équipe Kaspersky ICS CERT fournissent des détails sur les attaques cybercriminales et hacktiviste ...
New data released by researchers from the Kaspersky ICS CERT team provides details on cybercriminal and hacktivist attacks... |
Industrial | ★★★★ | |
|
2024-04-15 12:51:28 | Destructif ics malware \\ 'Fuxnet \\' utilisé par l'Ukraine contre l'infrastructure russe Destructive ICS Malware \\'Fuxnet\\' Used by Ukraine Against Russian Infrastructure (lien direct) |
ics malware Fuxnet prétendument utilisé par le groupe de blackjack ukrainien pour perturber les capteurs industriels et autres systèmes appartenant à une entreprise d'infrastructure de Moscou.
ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm. |
Malware Industrial | ★★★ | |
 |
2024-04-15 06:00:31 | Comment la protection d'identification de la preuve peut vous aider à répondre aux exigences de conformité CMMC How Proofpoint Impersonation Protection Can Help You Meet CMMC Compliance Requirements (lien direct) |
The Cybersecurity Maturity Model Certification (CMMC) program enforces the protection of sensitive unclassified information that the U.S. Department of Defense (DoD) shares with its contractors and subcontractors. Threat actors know how to hijack your trusted organization communications. They can impersonate you, your brand or your organization partners. And they can make a nice profit doing it. The FBI\'s 2023 Internet Crime Report notes that last year\'s adjusted losses from organization email compromise (BEC) cases exceeded $2.9 billion-up 7.4% from 2022. Bad actors use spoofed domains, lookalike domains, compromised supplier accounts and other tactics in their attacks. So it\'s important to keep communications with trusted partners, customers and suppliers safe. This should be a top focus for government agencies and the organizations that they work with since they are key targets for bad actors. Proofpoint helps you mitigate the risk of impersonation abuse with a holistic, multilayered approach. With Proofpoint Impersonation Protection, you can: Protect your organization\'s communications from impersonation threats Stop attackers from impersonating your brand Detect and defend against risky suppliers, including compromised supplier accounts Secure user and application emails so that they can be trusted We help our federal and defense industrial base customers with Level 3 CMMC controls around the Risk Assessment (RA) and Identification and Authentication (IA) Practices. Here\'s how. CMMC overviews for Level 3 controls In this section, we match CMMC compliance requirements with the capabilities of Proofpoint Impersonation Protection. CMMC Level 3 – Risk Assessment Practice RA.L3-3.11.1e – Threat-Informed Risk Assessment CMMC compliance requirement Employ threat intelligence, at a minimum from open or commercial sources, and any DoD-provided sources, as part of a risk assessment to guide and inform the development of organizational systems, security architectures, selection of security solutions, monitoring, threat hunting and response and recovery activities. RA.L3-3.11.3e – Advanced Risk Identification CMMC compliance requirement Employ advanced automation and analytics capabilities in support of analysts to predict and identify risks to organizations, systems and system components. RA.L3-3.11.6e – Supply Chain Risk Response CMMC compliance requirement Assess, respond to and monitor supply chain risks associated with organizational systems and system components. RA.L3-3.11.7e – Supply Chain Risk Plan CMMC compliance requirement Develop a plan for managing supply chain risks associated with organizational systems and system components; update the plan at least annually, and upon receipt of relevant cyber threat information, or in response to a relevant cyber incident. How Proofpoint Impersonation Protection meets the Risk Assessment (RA) Practice needs above Proofpoint Nexus Supplier Risk Explorer gives you insights into supplier risk. This includes threats where attackers are impersonating your agency as well as compromised suppliers and third parties. Supplier Risk can also be used as part of a vendor risk management process when sourcing and choosing new vendors/suppliers. Proofpoint provides visibility into supply chain threats, lookalike detection, and impersonations of your brand with Supplier Risk and Domain Discover. This helps to create the supply chain risk plans that are needed to comply with CMMC. Supplier Risk Explorer identifies supplier domains and shows you which suppliers pose a risk to your organization. As noted above, Supplier Risk Explorer assesses the risk level of supplier domains by evaluating several dimensions, including: Threats sent to your organization Threats sent to other Proofpoint customers The lookalikes of supplier domains Whether a domain was recently registered Whether a domain has a DMARC reject policy By ranking an | Threat Industrial Prediction Commercial | ★★ | |
|
2024-04-14 08:49:09 | Besoin continu pour faire face à des défis, élaborer des stratégies à travers la cybersécurité industrielle au milieu des menaces en évolution Continuous need to face challenges, build strategies across industrial cybersecurity amidst evolving threats (lien direct) |
Les cyber-menaces et les attaques croissantes contre les installations d'infrastructures critiques ont conduit à l'adaptation constante du changement ...
Rising cyber threats and attacks against critical infrastructure installations have led to the constant adaptation of the changing... |
Industrial | ★★ | |
|
2024-04-10 16:44:18 | Salvador assure les investissements de Deutsche Telekom pour étendre la plate-forme de récupération de cyber-attaque Salvador secures investment from Deutsche Telekom to expand cyber-attack recovery platform (lien direct) |
> La société de récupération des données OT / ICS Salvador Technologies a obtenu un investissement de Deutsche Telekom.Le financement sera utilisé ...
>OT/ICS data recovery firm Salvador Technologies has secured an investment from Deutsche Telekom. The funding will be used... |
Industrial | ★★ | |
|
2024-04-10 16:43:28 | Securitygate annonce la disponibilité générale du flux de travail ISA / IEC 62443-2-1 dans sa plate-forme SecurityGate announces general availability of ISA/IEC 62443-2-1 workflow in its platform (lien direct) |
> Securitygate Inc., un fournisseur de plate-forme SaaS pour l'OT / ICS Cyber Improvement, a annoncé mardi qu'il avait ajouté ISA / IEC 62443-2-1 ...
>SecurityGate Inc., a SaaS platform provider for OT/ICS cyber improvement, announced Tuesday that it has added ISA/IEC 62443-2-1... |
Industrial Cloud | ★★★ | |
|
2024-04-10 13:00:00 | The Hunt: détecter l'activité du groupe de menaces de voltzite dans les infrastructures critiques The Hunt: Detecting VOLTZITE Threat Group Activity in Critical Infrastructure (lien direct) |
> Bienvenue à & # 8220; The Hunt, & # 8221;Notre série de blogs offrant des informations et des stratégies approfondies pour défendre contre les cyber-risques sophistiqués menaçant OT ...
Le post la chasse: détection est apparu pour la première fois sur dragos .
>Welcome back to “The Hunt,” our blog series offering in-depth insights and strategies for defending against sophisticated cyber risks threatening OT... The post The Hunt: Detecting VOLTZITE Threat Group Activity in Critical Infrastructure first appeared on Dragos. |
Threat Industrial | ★★★ | |
|
2024-04-09 17:44:10 | Sécurité en cascade et partenaire Axys pour offrir une protection contre les centres de données Waterfall Security and AXYS partner to deliver OT protection for data centers (lien direct) |
> Waterfall Security et Axys ont annoncé mardi un nouveau partenariat qui offrira un nouveau niveau d'OT (opérationnel ...
>Waterfall Security and AXYS announced Tuesday a new partnership that will deliver a new level of OT (operational... |
Industrial | ★★ | |
|
2024-04-09 17:43:23 | Otorio s'intègre à ServiceNow pour stimuler la cybersécurité opérationnelle et l'efficacité OTORIO integrates with ServiceNow to boost operational cybersecurity and efficiency (lien direct) |
> La société de solutions de gestion des cyber-risques de sécurité otorio a annoncé mardi une intégration pour une gestion de sécurité OT dédiée avec ...
>OT security cyber risk management solutions company OTORIO announced Tuesday an integration for dedicated OT security management with... |
Industrial | ★★ | |
|
2024-04-09 14:00:00 | L'interférence étrangère entraîne une augmentation record du vol IP Foreign Interference Drives Record Surge in IP Theft (lien direct) |
DTEX affirme que l'espionnage industriel et le vol IP sont à un niveau record grâce aux initiés malveillants
DTEX claims industrial espionage and IP theft are at an all-time high thanks to malicious insiders |
Industrial | ★★★ | |
 |
2024-04-08 14:20:29 | 4 leçons Les entreprises industrielles peuvent tirer de la bibliothèque britannique Cyberattack 4 lessons industrial companies can draw from the British Library cyberattack (lien direct) |
Alors que les cyberattaques se produisent quotidiennement, peu attirent autant d'attention et de couverture médiatique que l'attaque qui a frappé la bibliothèque britannique en octobre 2023. L'attaque, qui a paralysé les systèmes en ligne de la bibliothèque \\ pendant des mois et a provoqué un coût estimé de & livre; 7 millions, était frappant par son ampleur.Pourtant, les attaquants de Blueprint suivis sont malheureusement familiers.Après [& # 8230;]
Le post 4 leçons Les sociétés industrielles peuvent s'appuyer dans la cyberattaque de la bibliothèque britannique C'est apparu pour la première fois sur gourou de la sécurité informatique .
While cyberattacks occur daily, few garner as much attention and media coverage as the attack that struck the British Library in October 2023. The attack, which paralysed the Library\'s online systems for months and caused an estimated cost of £7 million, was striking by its magnitude. Yet, the blueprint attackers followed is sadly familiar. After […] The post 4 lessons industrial companies can draw from the British Library cyberattack first appeared on IT Security Guru. |
Industrial | ★★★ |
To see everything:
Our RSS (filtrered)
