What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-09 09:30:00 | Fifth of Government Workers Don\'t Care if Employer is Hacked (lien direct) | Ivanti warns of "human-sized" security gaps | Studies | ★★★ | |
 |
2023-03-09 00:00:00 | Examining Ransomware Payments From a Data-Science Lens (lien direct) | In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” | Ransomware Studies | ★★★ | |
 |
2023-03-08 14:16:44 | Research Reveals \'Password\' Still the Most Common Term Used by Hackers to Breach Enterprise Networks (lien direct) | Password management and user authentication solutions provider Specops Software has today announced the release of its annual Weak Password Report which analysed over 800 million breached passwords and suggests that passwords continue to be a weak spot in an organisation’s network. The study found 88% of passwords used in successful attacks consisted of 12 characters […] | Studies | ★★★ | |
 |
2023-03-07 17:38:00 | Palo Alto Survey Reveals 90% of Organizations Cannot Resolve Cyberthreats Within an Hour (lien direct) | Third annual report identifies top security gaps and challenges for organizations operating in the cloud. | Studies | ★★★★ | |
 |
2023-03-06 09:36:00 | Highlights from the 2023 Work-From-Anywhere Global Study (lien direct) | Fortinet has commissioned a global research study to better understand existing work-from-home (WFH) policies and how those tie in with cybersecurity concerns and priorities across organizations. | Studies | ★★★ | |
 |
2023-03-02 14:28:29 | Kaspersky : Les entreprises font appel à des experts externes afin de gérer les solutions de cybersécurité plus efficacement (lien direct) | Le rapport annuel de Kaspersky sur l'économie de la sécurité informatique a révélé que la complexité des solutions de cybersécurité obligeait les entreprises à externaliser certaines fonctions vers des fournisseurs de services de sécurité informatique, car ces derniers disposent d'une plus grande expertise pour gérer les technologies plus efficacement que les employés de l'entreprise. Une solution de cybersécurité complexe ne garantira pas la meilleure protection si elle n'est pas mise en œuvre par un (...) - Investigations | Studies | ★★★ | |
|
2023-03-02 09:58:00 | Fortinet is Named a Visionary in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms (lien direct) | Fortinet's recognition is in part due to our commitment to continuous innovation of Fortinet's behavior-based endpoint protection and extended detection and response (XDR) solutions. Read more. | Studies | ★★ | |
|
2023-02-27 18:00:00 | Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers (lien direct) | Kaspersky said the figures are more than double what the team observed in 2021 | Studies | ★★ | |
|
2023-02-27 16:02:59 | Only 2 in 10 organisations are fully confident that their cyber insurance will cover their cyber risk in 2023, research study by CSI Ltd finds (lien direct) | Only 2 in 10 organisations are fully confident that their cyber insurance will cover their cyber risk in 2023, research study by CSI Ltd finds - Special Reports | Studies | ★★★ | |
 |
2023-02-24 19:51:23 | Who\'s Behind the Botnet-Based Service BHProxies? (lien direct) | A security firm has discovered that a five-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here's a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service. | Studies | ★★★ | |
|
2023-02-24 12:34:49 | Putting Undetectable Backdoors in Machine Learning Models (lien direct) | This is really interesting research from a few months ago: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key,” the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees... | Studies | ★★ | |
|
2023-02-24 10:15:00 | Investment Scams Drive $9bn in Fraud in 2022 (lien direct) | FTC says consumer fraud is up 30% on the previous year | Studies | ★★★ | |
|
2023-02-24 00:03:00 | 87% of Container Images in Production Have Critical or High-Severity Vulnerabilities (lien direct) | At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain. | Studies | ★★ | |
 |
2023-02-23 21:33:59 | New Studies Paint Bleak Picture of Future SOC Effectiveness (lien direct) |
|
Studies | ★★★ | |
 |
2023-02-23 19:31:29 | Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting (lien direct) |  What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says |
Studies | ★★★★ | |
 |
2023-02-23 16:27:44 | 28% of Users Open BEC Emails as BEC Attack Volume Skyrockets by 178% (lien direct) |
|
Studies | ★★★ | |
|
2023-02-23 10:02:29 | Les fuites de données imputables aux employés sont plus préoccupantes pour les entreprises européennes que celles causées par des cyberattaques (lien direct) | Les fuites de données imputables aux employés sont plus préoccupantes pour les entreprises européennes que celles causées par des cyberattaques Les fuites de données causées par intrusion dans les systèmes internes d'une entreprise, qu'elles soient le résultat d'une cyberattaque (23 % au global, 17 % en Europe) ou imputable à des employés (22 % au global, 21 % en Europe), constitue le problème de sécurité auquel les entreprises sont le plus fréquemment confrontées, selon les répondants de la dernière enquête Economie de la sécurité informatique de Kaspersky. - Investigations | Studies | ★★★★ | |
 |
2023-02-23 09:57:48 | Attaques BEC, acteurs APT, et Lockbit, les cyber menaces sont en hausse ! (lien direct) | >Trellix, spécialiste de la cybersécurité et pionnier dans la détection et la réponse étendues (XDR), publie aujourd'hui son "Threat Report February 2023" qui se penche sur les tendances en matière de cybersécurité et les méthodes d'attaque utilisées au dernier trimestre 2022. The post Attaques BEC, acteurs APT, et Lockbit, les cyber menaces sont en hausse ! first appeared on UnderNews. | Studies | ★★★ | |
|
2023-02-23 09:36:18 | Cybersécurité : un niveau de menaces encore élevé pour les entreprises en 2022 (lien direct) | En se basant sur le dernier panorama des risques cyber de l'ANSSI, le bilan annuel de la CNIL, ou encore le récent baromètre du CESIN, Oodrive dresse un bilan de la réalité de la cybersécurité au sein des entreprises en France à travers une infographie. - Malwares | Studies | ★★ | |
|
2023-02-22 20:40:00 | Half of Apps Have High-Risk Vulnerabilities Due to Open Source (lien direct) | Open source software dependencies are affecting the software security of different industries in different ways, with mature industries becoming more selective in their open source usage. | Studies | ★★★ | |
|
2023-02-22 19:59:11 | 1 in 4 CISOs Wants to Say Sayonara to Security (lien direct) | Thanks to burnout and stress, Gartner predicts churn and even departure from profession among half of today's security leaders by 2025. | Studies Guideline | ★★★ | |
|
2023-02-07 18:52:22 | Do Not Fall Victim to Cyber Attacks – Find Out What the Latest Hiscox Report Reveals! (lien direct) |
|
Studies | ★★★ | |
|
2023-02-07 09:30:00 | UK Banks Still Failing on Digital Security - Report (lien direct) | Which? study finds many fail to provide basic online protection | Studies | ★★★ | |
|
2023-02-07 08:08:10 | 3e édition de lEtude de l\'Observatoire du digital flow d\'Inetum (lien direct) | Etude de l'Observatoire du digital flow, 3e édition : • Des attentes fortes des actifs sur la cybersécurité • Un levier de performance collective attendu sur les nouvelles technologies par les dirigeants d'entreprises • Une attente commune avec les dirigeants d'entreprises pour un digital green qui favorise les impacts positifs des technologies • Des métiers porteurs et accessibles aussi aux femmes - Investigations | Studies | ★★★ | |
 |
2023-02-07 03:00:11 | Surprise! China\'s top Android phones collect way more info (lien direct) | Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice.… | Studies | ★★★ | |
|
2023-02-06 22:30:00 | Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out (lien direct) | Pas de details / No more details | Studies | ★★★ | |
|
2023-02-06 20:00:00 | Cybercrime Shows No Signs of Slowing Down (lien direct) | Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023. | Studies | ★★★ | |
 |
2023-02-06 19:01:00 | Online banks still riddled with cyber security flaws, report says (lien direct) | Pas de details / No more details | Studies | ★★★ | |
|
2023-02-03 15:00:00 | How the Cloud Is Shifting CISO Priorities (lien direct) | The greatly expanding attack surface created by the cloud needs to be protected. | Studies | ★★★ | |
 |
2023-02-02 09:13:00 | Introducing the Anomali User Research Group (lien direct) | User research groups contribute significantly to product development through a data-led approach incorporating actual customers’ opinions and ideas. This information ultimately influences a product’s design, capabilities & features. User research groups can also be a source of valuable customer feedback during beta testing and after the product is launched, helping to discover potential problems or areas for improvement. A sense of community and engagement around a product can be fostered via user groups, and this can improve client loyalty and advocacy. Enterprise user research groups are especially crucial to cybersecurity because they allow members to share their knowledge, experiences, and insights while working together to solve common security problems. Introducing the Program At Anomali, we’re always finding ways to improve and build innovative solutions that fit your needs. That’s why we set up the Anomali User Research Group. Whether you’re an Anomali Customer or not, as long as you’re a cybersecurity professional, we want to hear from you. We’re seeking Cyber Security Professionals of all types & roles with hands-on experience working with Enterprise Security Products to share their experiences and help shape the future of Anomali products. But we’re especially interested in people who work in Cyber Threat Intelligence (CTI), Security Operations (SecOps), and Incident Response (IR), to name a few. About the UX Team Anomali’s UX (User Experience) Team is made up of a combination of UX Designers & Researchers who follow the principles of User-Centered Design (UCD). UCD is an iterative design approach that focuses on understanding users and their needs by involving them at various stages of the design process through a range of research methods & techniques (e.g. surveys, interviews, usability studies, card sorts, etc.) to create highly-usable, accessible and intuitive products that meet their needs. Naturally, user research is at the heart of everything we do in the UX department. We’re constantly conducting various types of research across multiple topics to enhance our understanding of users & the problems they face. We actively use this data to help guide design & development decisions, from initial ideas & concepts to published products. Research Methods & Topics To Be Covered The specific research studies we’ll be running throughout 2023 are still being planned, but projects could range from simple survey studies to discovery research using interviews to usability testing new products, features & workflows. All studies are conducted remotely via Zoom with a researcher and a designer, typically lasting between 30 mins to an hour. We’ll handle all the setup and scheduling at a time convenient for you, then after the study is complete, you’ll receive a thank-you gift for your contribution. How to Get Involved Click here to fill out the Sign-Up Form, tell us a bit about yourself and we'll get in touch when we have a study we think you’d be a good fit for. | Threat Studies | ★★ | |
|
2023-02-01 14:00:00 | Almost all Organizations are Working with Recently Breached Vendors (lien direct) | The latest supply chain security report from SecurityScorecard and the Cyentia Institute shows worrying findings | Studies | ★★★★ | |
 |
2023-02-01 12:00:00 | Cyber Insights 2023: Criminal Gangs (lien direct) | >Despite some geopolitical overlaps with state attackers, the majority of cyberattacks still come from simple – or perhaps sophisticated – criminals who are more motivated by money than politics. | Studies | ★★★ | |
 |
2023-01-27 18:26:29 | 5 Tips To Keep in Mind for Data Privacy Day (lien direct) | >No matter what industry you're in, data privacy is an issue that impacts you. And when it comes to being safe online with sensitive data, whether that's your personal data or sensitive data that is important to your organization, being informed is the first step. With that in mind, ahead of Data Privacy Day on […] | Studies | ★★★ | |
 |
2023-01-11 23:00:00 | La recherche sur la vulnérabilité met en évidence 2022 Vulnerability Research Highlights 2022 (lien direct) |
Notre équipe de recherche revient sur une grande année et résume les points forts de leur recherche sur la vulnérabilité en 2022.
Our research team looks back at a great year and summarizes the highlights of their vulnerability research in 2022. |
Vulnerability Studies | ★★★ | |
 |
2023-01-08 10:00:00 | Happy 20th Birthday TaoSecurity Blog (lien direct) |  Happy 20th birthday TaoSecurity Blog, born on 8 January 2003. Thank you BloggerBlogger (now part of Google) has continuously hosted this blog for 20 years, for free. I'd like to thank Blogger and Google for providing this platform for two decades. It's tough to find extant self-hosted security content that was born at the same time, or earlier. Bruce Schneier's Schneier on Security is the main one that comes to mind. If not for the wonderful Internet Archive, many blogs from the early days would be lost.StatisticsIn my 15 year post I included some statistics, so here are a few, current as of the evening of 7 January: I think it's cool to see almost 29 million "all time" views, but that's not the whole story.Here are the so-called "all time" statistics: It turns out that Blogger only started capturing these numbers in January 2011. That means I've had almost 29 million views in the last 12 years. I don't know what happened on 20 April 2022, when I had almost 1.5 million views?Top Ten Posts Since January 2011 |
Ransomware Studies Guideline | Solardwinds | ★★ |
|
2022-12-30 12:18:42 | Recovering Smartphone Voice from the Accelerometer (lien direct) | Yet another smartphone side-channel attack: “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers“: Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks on ear speakers, which produce much smaller scale vibrations, were believed impossible to eavesdrop with zero-permission motion sensors. In this work, we revisit this important line of reach. We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We investigate the impacts of these new ear speakers on built-in motion sensors and examine the potential to elicit private speech information from the minute vibrations. Our designed system ... | Threat Studies Guideline | ★★★★ | |
|
2022-12-29 15:22:48 | Phishing Activity Rose 130% in the Second Half of 2022, Representing Three-Quarters of All Email-Based Attacks (lien direct) |
|
Studies | ★★ | |
 |
2022-12-22 14:00:00 | What Can We Learn From Recent Cyber History? (lien direct) | >The Center for Strategic and International Studies compiled a list of significant cyber incidents dating back to 2003. Compiling attacks on government agencies, defense and high-tech companies or economic crimes with losses of more than a million dollars, this list reveals broader trends in cybersecurity for the past two decades. And, of course, there are […] | Studies | ★★ | |
 |
2022-12-21 11:41:48 | Malicious PyPI Package Found Posing as SentinelOne SDK in recent Hack Trend (lien direct) | In-depth studies on cybersecurity have just recently uncovered a new malicious package that was hiding out in the Python Package Index (PyPI) repository. This package was participating in a campaign known as SentinelSneak, in which it pretended to be a software development kit (SDK) for SentinelOne, a major company in the field of cybersecurity. The […] | Hack Studies Prediction | ★ | |
 |
2022-12-19 00:00:00 | Gagnant du Cyber Skills Award: Secure Software Development, Pauline Finlay, Edgescan Cyber Skills Award Winner: Secure Software Development, Pauline Finlay, Edgescan (lien direct) |
Parrainé par Cyber Ireland
Les Munster Technological University Faculty of Engineering & Science Awards reconnaissent et célèbrent les étudiants qui ont fait preuve d'excellence académique tout au long de l'année.Pour la première fois cette année, Cyber Skills avait une catégorie, honorant trois étudiants qui ont excellé dans leur chemin choisi.
Pauline partage son expérience de l'étude du développement de logiciels sécurisés avec des cyber-compétences et de la valeur que la voie lui a offerte.
«Ayant vu de première main les dégâts causés par la perte de données en raison d'une simple attaque de phishing, j'ai décidé d'un changement de carrière et je suis retourné au TUD pour étudier la criminalistique numérique et la cybersécurité.Après avoir obtenu mon diplôme avec un BSC (Hons), j'ai commencé comme analyste de sécurité avec Edgecan où je fais actuellement partie d'une équipe dédiée à l'amélioration de l'application client et de la sécurité du système.
Après mes études de diplôme, je cherchais une opportunité d'élargir mes connaissances des pratiques de codage sécurisées, en particulier en termes d'applications Web.Le cours est dispensé indépendant de la langue permettant à chaque étudiant de se concentrer sur les faiblesses et les vulnérabilités codantes réelles et les meilleures pratiques pour leur correction plutôt que sur un langage de codage inconnu.Le cours couvre non seulement les bonnes pratiques de codage, mais aussi la façon dont les vulnérabilités du système peuvent avoir un impact sur la posture de sécurité d'une organisation en termes de normes professionnelles.
J'ai découvert la voie de développement de logiciels sécurisé les compétences en cyber à travers un lien Cyber Ireland et après avoir assisté à une introduction virtuelle au cours et écouter ce que les professeurs avaient à dire sur le cours ont décidé que ce serait l'occasion idéale d'élargir mes compétences dans ce domaine ».
Sponsored by Cyber Ireland The Munster Technological University Faculty of Engineering & Science Awards recognise and celebrate students who have shown academic excellence throughout the year. For the first time this year, Cyber Skills had a category, honouring three students who excelled in their chosen pathway. Pauline shares her experience of studying Secure Software Development with Cyber Skills and the value the pathway has provided her. “Having seen first-hand the damage caused through data loss because of a simple phishing attack, I decided on a career change and returned to TUD to study Digital Forensics & Cyber Security. After graduating with a BSc (Hons) I started as a security analyst with Edgescan where I am currently part of a team dedicated to improving client application and system security. Following on from my degree studies, I was seeking an opportunity to expand my knowledge of secure coding practices, particularly in terms of web applications. The course is delivered language independent allowing each student to focus on the actual coding weaknesses and vulnerabilities and the best practices for their remediation rather than on an unfamiliar coding language. The course not only covers the good coding practices but also how system vulnerabilities can impact the security posture of an organisation in terms of professional standards. I discovered the Cyber Skills Secure Software Development pathway through a Cyber Ireland link and after attending a virtual introduction to the course and listening to what the lecturers had to say about the course decided it would be the perfect opportunity to expand my skills in this area”. |
Vulnerability Studies | ||
|
2022-12-19 00:00:00 | Gagnant du Cyber Skills Award: Secure Network Operations, Chloe Rocks, Dell Cyber Skills Award Winner: Secure Network Operations, Chloe Rocks, Dell (lien direct) |
Les Munster Technological University Faculty of Engineering & Science Awards reconnaissent et célèbrent les étudiants qui ont fait preuve d'excellence académique tout au long de l'année.Pour la première fois cette année, Cyber Skills avait une catégorie, honorant trois étudiants qui ont excellé dans leur chemin choisi.
Chloé partage son expérience de l'étude des opérations de réseau sécurisées avec des compétences en cyber et la valeur que la voie que lui a fournie.
«J'ai obtenu mon diplôme en 2020 en informatique Beng de l'Université du Queens Belfast et j'ai commencé à distance dans Dell Technologies en tant qu'analyste de cybersécurité dans la gestion des infrastructures en mai 2021.
En juin 2022, j'ai apporté le changement à l'équipe de sécurité du réseau, et je travaille maintenant dans l'hygiène des politiques qui se concentre sur le nettoyage et l'automatisation du pare-feu.
J'ai été informé de cette opportunité grâce à mon leadership au sein de Dell Technologies, qui ont toujours priorisé le développement continu de son personnel et ont été généreux de parrainer moi-même et plusieurs collègues pour entreprendre le parcours des cyber-compétences de notre choix.J'étais particulièrement ravi d'étudier une voie de cyber-compétences.
Non seulement il est développé en collaboration avec des partenaires de l'industrie tels que Dell Technologies et MasterCard, mais il a également été fourni par Munster Technological University, ce qui m'a fait ressortir par rapport à d'autres cours / certifications possibles.
J'ai vraiment apprécié mon temps en tant qu'étudiant des cyber-compétences;Les professeurs étaient très compétents dans leur domaine et ont fait un point pour rendre les informations aussi à jour que possible;en particulier le Dr O \\ 'Mahony qui nous a mis à jour sur les menaces et les attaques actuelles telles qu'elles se sont produites en temps réel et comment ils pourraient éventuellement être contrecarrés / empêchés.Les environnements de laboratoire ont été très bien développés et le contenu du cours dans son ensemble était très pertinent pour mon lieu de travail.
Je crois que j'ai acquis des compétences et des connaissances précieuses qui entreprennent cette voie, et cela a élargi ma vision de la sécurité du réseau dans son ensemble.Je suis très intéressé par d'autres voies de cyber-compétences à l'avenir, et je pense que cela deviendra une qualification digne à tenir ».
The Munster Technological University Faculty of Engineering & Science Awards recognise and celebrate students who have shown academic excellence throughout the year. For the first time this year, Cyber Skills had a category, honouring three students who excelled in their chosen pathway. Chloe shares her experience of studying Secure Network Operations with Cyber Skills and the value the pathway has provided her. “I graduated in 2020 in BEng Computer Science from Queens University Belfast and started remotely in Dell Technologies as a Cybersecurity Analyst in Infrastructure Management in May 2021. In June 2022, I made the change over to the Network Security team, and I am now working in Policy Hygiene which focuses on firewall clean-up and automation. I was made aware of this opportunity through my leadership within Dell Technologies, who have always prioritised the continual development of its staff and was generous to sponsor myself and several colleagues to undertake the Cyber Skills pathway of our choice. I was particularly excited to study a Cyber Skills pathway. Not only is it developed in collaboration with industry partners such as Dell Technologies and Mastercard, but it was also provided by Munster Technological University, which made it stand out to me compared to other possible courses/certifications. I thoroughly enjoyed my time as a Cyber Skills student; the lecturers were very knowledgeable in their field and made a point to make the information as up to date as possible; particularly Dr. O\'Mahony who |
Studies | ||
 |
2022-12-16 11:43:32 | Cloud souverain : l\'EU Data Boundary de Microsoft, encore loin du compte ? (lien direct) | Sous l'étendard EU Data Boundary, Microsoft poursuit l'intégration de la logique " résidence des données " dans ses services cloud. Où en est-on dans la pratique ? | Studies | ★★★ | |
 |
2022-12-15 03:21:53 | How to deal with cyberattacks this holiday season (lien direct) | The holiday season has arrived, and cyberattacks are expected to increase with the upcoming celebratory events. According to The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) 2022 Holiday Season Threat Trends and summary report, ransomware and phishing attacks are expected to increase in retail. With the FIFA World Cup 2022, many cybersecurity experts have advised heightened caution about online impersonation scams and phishing campaigns. Looking back at 2021, studies show a 30% increase in ransomware attacks, and a 70% increase in attempted ransomware attacks during... | Ransomware Threat Studies | ★★ | |
|
2022-12-14 09:14:34 | Tenable Study: Organizations See Expansion Opportunities, Ignore Security Red Flags and Jump Into the Metaverse (lien direct) | Tenable Study: Organizations See Expansion Opportunities, Ignore Security Red Flags and Jump Into the Metaverse - Special Reports | Studies | ★★★ | |
|
2022-12-09 10:30:00 | Government to Fund Security Studies for Hundreds of Students (lien direct) | Latest move shows urgent need to nurture skills pipeline | Studies | ★★★ | |
|
2022-12-07 12:04:41 | The Decoupling Principle (lien direct) | This is a really interesting paper that discusses what the authors call the Decoupling Principle: The idea is simple, yet previously not clearly articulated: to ensure privacy, information should be divided architecturally and institutionally such that each entity has only the information they need to perform their relevant function. Architectural decoupling entails splitting functionality for different fundamental actions in a system, such as decoupling authentication (proving who is allowed to use the network) from connectivity (establishing session state for communicating). Institutional decoupling entails splitting what information remains between non-colluding entities, such as distinct companies or network operators, or between a user and network peers. This decoupling makes service providers individually breach-proof, as they each have little or no sensitive data that can be lost to hackers. Put simply, the Decoupling Principle suggests always separating who you are from what you do... | Studies | ★★★ | |
|
2022-12-05 15:00:00 | Manufacturers Struggle to Manage Cyber-Threats from New Tech Deployments (lien direct) | 42% of UK manufacturers have been a victim of cybercrime in the past 12 months, according to new research | Studies | ★★★ | |
|
2022-12-05 08:29:29 | Les prévisions mondiales de Mandiant en matière de cybersécurité en 2023 (lien direct) | Les prévisions mondiales de Mandiant en matière de cybersécurité en 2023 Mandiant présente son rapport Mandiant Cyber Security Forecast 2023 et ses prédictions pour l'année à venir dans le monde. - Magic Quadrant | Studies | ★★ | |
|
2022-11-30 09:06:10 | Smishing : Les quatre arnaques les plus tendances en 2022 (lien direct) | Smishing : Les quatre arnaques les plus tendances en 2022 Cette année, ce ne sont pas moins de 3,5 milliards de sms frauduleux par jour qui ont été reçus dans le monde. Mais ce qui est plus effrayant est de constater que moins de 35 % des personnes qui les reçoivent ne savent pas qu'ils sont victimes d'une tentative d'hameçonnage. L'étude menée par Terranova Security avec IPSOS du mois d'octobre 2022 révélait d'ailleurs que seuls 8 % des Français citaient les sms comme une source d'arnaques… Un chiffre bien loin de la réalité actuelle ! - Investigations | Studies | ★★★ | |
|
2022-11-30 09:03:00 | Services financiers : une étude Akamai montre que les cyberattaques des applications Web et des API ont augmenté de 257 % par rapport à l\'année précédente (lien direct) | Services financiers : une étude Akamai montre que les cyberattaques des applications Web et des API ont augmenté de 257 % par rapport à l'année précédente Le rapport État des lieux de l'Internet montre que 80 % des pirates prennent pour cible les clients des services financiers plutôt que les institutions - Investigations | Studies | ★★★ |
To see everything:
Our RSS (filtrered)
