What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-03-11 08:36:11 | Dropbox abusé dans le nouveau phishing, l'escroque Dropbox Abused in New Phishing, Malspam Scam to Steal SaaS Logins (lien direct) |
> Par waqas
Ce nouvel atterrissage par e-mail Dropbox dans votre boîte de réception pourrait faire partie d'une attaque de phishing ou de calspam!
Ceci est un article de HackRead.com Lire le post original: Dropbox abusé dans un nouveau phishing, l'escroquerie de calspam pour voler des connexions SaaS
>By Waqas That new Dropbox email landing in your inbox might be part of a phishing or malspam attack! This is a post from HackRead.com Read the original post: Dropbox Abused in New Phishing, Malspam Scam to Steal SaaS Logins |
Cloud | ★★ | |
 |
2024-03-11 06:00:16 | How Proofpoint aide les agences gouvernementales fédérales à se défendre contre les cybercriminels et les menaces d'initiés How Proofpoint Helps Federal Government Agencies Defend Against Cybercriminals and Insider Threats (lien direct) |
Protecting people and defending data are ongoing priorities for federal agencies whose missions are constantly under attack. These entities struggle to keep pace with an array of potent threats, like insiders who steal secrets about missile technology and threat actors who use living off the land techniques (LOTL). Proofpoint can provide agencies with a critical edge in their efforts to defend data from risky users and detect real-time identity threats. Products to help with these challenges include: Proofpoint Insider Threat Management Proofpoint Identity Threat Defense This blog takes a closer look at these products and how they help our federal customers. Understand the context behind user behavior with Proofpoint ITM Across all levels of government, data loss is costly-these incidents have cost agencies $26 billion over the past eight years. A critical first step toward preventing data loss and risky behavior is to understand that data does not lose itself. People lose it. Employees, third parties and contractors have access to more data than ever-on their laptops, in email and the cloud. But you can\'t reduce the risk of insider threats without first understanding the context behind user behavior. Context also helps you to choose the best response when an insider-led incident occurs, whether it\'s due to a malicious, compromised or careless user. Proofpoint ITM can help you gain that vital context. It also helps you to move swiftly to address insider threats. Here\'s how: Get a clear picture of threats. You can gain complete context into users and their data activity on endpoints, and web and cloud applications. User attribution is easy thanks to a clear, visual timeline and flexible, real-time screenshots. Identify risks proactively. Proofpoint includes preconfigured indicators of risk that can help you catch user activities in real time, like data exfiltration, privilege abuse, unauthorized access and security controls bypass. The out-of-the-box Insider Threat Library was built using feedback from our customers as well as guidelines from NIST, MITRE and the CERT Division of the Software Engineering Institute at Carnegie Mellon. Investigate faster. You can investigate incidents with more efficiency when you can see user intent. With Proofpoint ITM, you can gather, package and export the evidence (who, what, where, when and user intent) and share it easily with groups outside of security such as HR, legal and privacy. This saves time and reduces the cost of investigations. Get better time to value. Proofpoint ITM has a single, lightweight user-mode agent that is easy to install and invisible to your users. With a converged DLP and ITM solution, you can monitor everyday and risky users. Gain efficiencies and manage risks Here are more ways that Proofpoint ITM helps federal agencies: Manage alert rules efficiently. Alert rules are grouped by categories and assigned to user lists, which streamlines management. Comply with privacy laws. Agencies can protect privacy by anonymizing users in the dashboard, which helps eliminate bias in investigations. Manage risks at a department level. Large agencies can manage employee risks based on their department or group by using Active Directory group-based permissions. Each group has a dedicated security team member or manager. Meet zero trust and CMMC needs Agencies can use ITM to meet their zero trust and Cybersecurity Maturity Model Certification (CMMC) needs as well. Proofpoint ITM capabilities support several pillars of Zero Trust and more than seven domains of CMMC. For Zero Trust, Proofpoint ITM helps agencies align to these pillars: Department of Defense: Data and Visibility and Analytics Pillar Cybersecurity and Infrastructure Security Agency: Data and Devices Pillars Proofpoint Information Protection products help our customers with these CMMC domains: Access Controls Asset Management Audit and Accountability Configuration Management Incident Response Media Protect | Ransomware Vulnerability Threat Cloud | ★★★ | |
 |
2024-03-07 21:55:26 | Veeam et Microsoft annoncent le développement conjoint de solutions d\'IA (lien direct) | Veeam et Microsoft annoncent le développement conjoint de solutions d'IA pour la plateforme leader de protection des données et de lutte contre les ransomwares Les deux sociétés commercialiseront conjointement l'offre Veeam Data Cloud pour Microsoft Azure et pour Microsoft 365 annoncée récemment, et qui s'appuie sur la plateforme leader sur le marché de la sauvegarde pour Microsoft 365 avec plus de 18 millions d'utilisateurs protégés. - Produits | Cloud | ★★ | |
 |
2024-03-07 19:20:18 | Échange de cloud Netskope pour votre voyage de confiance zéro Netskope Cloud Exchange for Your Zero Trust Journey (lien direct) |
> Au début de 2023, mon collègue et vice-président des intégrations technologiques et du développement commercial, David Willis nous a guidés en réalisant la véritable puissance de Netskope Cloud Exchange.Dans l'article, David a peint l'évolution de l'échange de nuages en mettant l'accent sur la façon dont le module Netkope Cloud Kenet Exchange (CTE) a mûri depuis sa libération.Dans [& # 8230;]
>Early in 2023 my colleague, and VP of Technology Integrations and Business Development, David Willis walked us through Realizing the True Power of Netskope Cloud Exchange. In the article, David painted the evolution of Cloud Exchange with a focus on how the Netskope Cloud Threat Exchange (CTE) module has matured since it was released. In […] |
Threat Cloud | ★★ | |
 |
2024-03-07 16:47:17 | Falcon Cloud Security prend en charge le pilote automatique GKE pour sécuriser plus de charges de travail GCP Falcon Cloud Security Supports GKE Autopilot to Secure More GCP Workloads (lien direct) |
Dans le paysage en constante évolution de la sécurité des nuages, rester en avance sur la courbe est primordial.Aujourd'hui, nous annonçons une amélioration passionnante: Crowdsstrike Falcon & Reg;Cloud Security prend désormais en charge le pilote automatique Google Kubernetes Engine (GKE).Cette intégration marque une étape importante dans notre engagement à fournir une sécurité et des solutions axées sur les DevseCops de pointe pour les environnements cloud modernes.Cette nouvelle capacité [& # 8230;]
In the ever-evolving landscape of cloud security, staying ahead of the curve is paramount. Today, we are announcing an exciting enhancement: CrowdStrike Falcon® Cloud Security now supports Google Kubernetes Engine (GKE) Autopilot. This integration marks an important milestone in our commitment to providing cutting-edge DevSecOps-focused security and solutions for modern cloud environments. This new capability […] |
Cloud | ★★★ | |
 |
2024-03-07 16:41:00 | Identité humaine vs non humaine en SaaS Human vs. Non-Human Identity in SaaS (lien direct) |
Dans l'environnement SaaS en évolution rapide d'aujourd'hui, l'accent est mis sur les utilisateurs humains.Il s'agit de l'un des domaines les plus compromis de la gestion de la sécurité SaaS et nécessite une gouvernance stricte des rôles et des autorisations utilisateur, la surveillance des utilisateurs privilégiés, leur niveau d'activité (dormant, actif, hyperactif), leur type (interne / externe), qu'ils soientMenés, déménageurs, ou sortants, et plus encore. & nbsp;
Pas
In today\'s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and permissions, monitoring of privileged users, their level of activity (dormant, active, hyperactive), their type (internal/ external), whether they are joiners, movers, or leavers, and more. Not |
Cloud | ★★ | |
|
2024-03-07 14:51:14 | Cellebrite lance le processus d'autorisation FedRamp Cellebrite Launches FedRAMP Authorization Process (lien direct) |
Cellebrite lance le processus d'autorisation Fedramp pour fournir aux clients fédéraux une sécurité cloud améliorée.La collaboration avec Coalfire offrira aux clients fédéraux l'accès à la technologie SaaS Cellebrite
-
revues de produits
Cellebrite Launches FedRAMP Authorization Process to Provide Federal Customers with Enhanced Cloud Security. Collaboration with Coalfire Will Deliver Federal Customers Access to Cellebrite SaaS Technology - Product Reviews |
Cloud | ★★ | |
 |
2024-03-07 12:00:13 | Comment l'IA publique peut renforcer la démocratie How Public AI Can Strengthen Democracy (lien direct) |
avec la concentration du monde en se tournant vers Misinformation , Manipulation , et propagande pure et simple avant l'élection présidentielle américaine de 2024, nous savons que la démocratie a un problème d'IA.Mais nous apprenons que l'IA a également un problème de démocratie.Les deux défis doivent être relevés pour le bien de la gouvernance démocratique et de la protection du public.
Just Trois grandes entreprises technologiques (Microsoft, Google et Amazon) contrôlent environ les deux tiers du marché mondial des ressources de cloud computing utilisées pour former et déployer des modèles d'IA.Ils ont beaucoup de talents d'IA, la capacité d'innovation à grande échelle et font face à peu de réglementations publiques pour leurs produits et activités ...
With the world’s focus turning to misinformation, manipulation, and outright propaganda ahead of the 2024 U.S. presidential election, we know that democracy has an AI problem. But we’re learning that AI has a democracy problem, too. Both challenges must be addressed for the sake of democratic governance and public protection. Just three Big Tech firms (Microsoft, Google, and Amazon) control about two-thirds of the global market for the cloud computing resources used to train and deploy AI models. They have a lot of the AI talent, the capacity for large-scale innovation, and face few public regulations for their products and activities... |
Cloud | ★★ | |
 |
2024-03-07 11:00:00 | Sécuriser l'IA Securing AI (lien direct) |
With the proliferation of AI/ML enabled technologies to deliver business value, the need to protect data privacy and secure AI/ML applications from security risks is paramount. An AI governance framework model like the NIST AI RMF to enable business innovation and manage risk is just as important as adopting guidelines to secure AI. Responsible AI starts with securing AI by design and securing AI with Zero Trust architecture principles. Vulnerabilities in ChatGPT A recent discovered vulnerability found in version gpt-3.5-turbo exposed identifiable information. The vulnerability was reported in the news late November 2023. By repeating a particular word continuously to the chatbot it triggered the vulnerability. A group of security researchers with Google DeepMind, Cornell University, CMU, UC Berkeley, ETH Zurich, and the University of Washington studied the “extractable memorization” of training data that an adversary can extract by querying a ML model without prior knowledge of the training dataset. The researchers’ report show an adversary can extract gigabytes of training data from open-source language models. In the vulnerability testing, a new developed divergence attack on the aligned ChatGPT caused the model to emit training data 150 times higher. Findings show larger and more capable LLMs are more vulnerable to data extraction attacks, emitting more memorized training data as the volume gets larger. While similar attacks have been documented with unaligned models, the new ChatGPT vulnerability exposed a successful attack on LLM models typically built with strict guardrails found in aligned models. This raises questions about best practices and methods in how AI systems could better secure LLM models, build training data that is reliable and trustworthy, and protect privacy. U.S. and UK’s Bilateral cybersecurity effort on securing AI The US Cybersecurity Infrastructure and Security Agency (CISA) and UK’s National Cyber Security Center (NCSC) in cooperation with 21 agencies and ministries from 18 other countries are supporting the first global guidelines for AI security. The new UK-led guidelines for securing AI as part of the U.S. and UK’s bilateral cybersecurity effort was announced at the end of November 2023. The pledge is an acknowledgement of AI risk by nation leaders and government agencies worldwide and is the beginning of international collaboration to ensure the safety and security of AI by design. The Department of Homeland Security (DHS) CISA and UK NCSC joint guidelines for Secure AI system Development aims to ensure cybersecurity decisions are embedded at every stage of the AI development lifecycle from the start and throughout, and not as an afterthought. Securing AI by design Securing AI by design is a key approach to mitigate cybersecurity risks and other vulnerabilities in AI systems. Ensuring the entire AI system development lifecycle process is secure from design to development, deployment, and operations and maintenance is critical to an organization realizing its full benefits. The guidelines documented in the Guidelines for Secure AI System Development aligns closely to software development life cycle practices defined in the NSCS’s Secure development and deployment guidance and the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). The 4 pillars that embody the Guidelines for Secure AI System Development offers guidance for AI providers of any systems whether newly created from the ground up or built on top of tools and services provided from | Tool Vulnerability Threat Mobile Medical Cloud Technical | ChatGPT | ★★ |
 |
2024-03-07 09:16:25 | ANY.RUN – La sandbox cloud des chasseurs de malwares (lien direct) | ANY.RUN est un service basé sur le cloud pour l'analyse des malwares sous Windows et Linux, aidant les analystes à étudier les menaces en toute sécurité. Offrant un contrôle total sur l'activité des malwares, la plateforme présente des avantages tels que l'accès instantané aux résultats et une structure arborescente visuelle interactive. ANY.RUN est compatible avec les navigateurs et systèmes d'exploitation populaires, et prend en charge l'analyse des malwares Linux. Il offre une solution rentable pour les organisations. | Threat Cloud | ★★ | |
 |
2024-03-06 22:36:53 | Cloud-y Linux Malware Rains sur Apache, Docker, Redis &Confluence Cloud-y Linux Malware Rains on Apache, Docker, Redis & Confluence (lien direct) |
Les cyberattaques "filants" qui brandissent une volet en ligne Linux positionnent pour un compromis plus large en cloud en exploitant des erreurs de configurations courantes et un bogue de confluence atlassien connu.
"Spinning YARN" cyberattackers wielding a Linux webshell are positioning for broader cloud compromise by exploiting common misconfigurations and a known Atlassian Confluence bug. |
Malware Cloud | ★★ | |
|
2024-03-06 21:59:52 | Veeam lance Veeam Data Cloud Veeam Launches Veeam Data Cloud (lien direct) |
Les cyberattaques "filants" qui brandissent une volet en ligne Linux positionnent pour un compromis plus large en cloud en exploitant des erreurs de configurations courantes et un bogue de confluence atlassien connu.
"Spinning YARN" cyberattackers wielding a Linux webshell are positioning for broader cloud compromise by exploiting common misconfigurations and a known Atlassian Confluence bug. |
Cloud | ★★ | |
|
2024-03-06 16:53:40 | Snowflake s\'associe à Mistral AI pour proposer des modèles de langage grâce à Snowflake Cortex (lien direct) | Snowflake s'associe à Mistral AI pour proposer aux entreprises des modèles de langage de pointe grâce à Snowflake Cortex • Le modèle le plus récent et le plus puissant de Mistral AI, Mistral Large, est désormais disponible dans le Data Cloud de Snowflake pour exploiter en toute sécurité l'IA générative avec les données d'entreprise. • Snowflake Ventures s'associe à Mistral AI pour étendre les capacités de l'IA générative et permettre à davantage de développeurs d'exploiter de manière transparente la puissance des grands modèles de langage. • Snowflake Cortex LLM Functions, en public preview, permet aux utilisateurs de créer rapidement et facilement des applications d'IA générative. - Business | Cloud | ★★★ | |
 |
2024-03-06 15:50:14 | La campagne de logiciels malveillants Linux cible les serveurs cloud mortels Linux Malware Campaign Targets Misconfigured Cloud Servers (lien direct) |
> Une nouvelle campagne de logiciels malveillants a été observée ciblant les instances d'apache Hadoop, Confluence, Docker et Redis. .
>A new malware campaign has been observed targeting misconfigured Apache Hadoop, Confluence, Docker, and Redis instances. |
Malware Cloud | ★★ | |
|
2024-03-06 15:00:00 | Mémo sur les menaces du cloud: Google Drive a abusé des organisations ciblées dans les pays asiatiques Cloud Threats Memo: Google Drive Abused to Target Organizations in Asian Countries (lien direct) |
> Le dernier exemple d'une menace persistante avancée exploitant un service cloud légitime pour fournir une charge utile malveillante a récemment été déterminé par les chercheurs de Trend Micro.En tant que suivi d'une campagne ciblant plusieurs pays européens, découvert en juillet 2023 et attribué à l'APT Earth Preta (également connu sous le nom de Mustang Panda et Bronze [& # 8230;]
>The latest example of an advanced persistent threat exploiting a legitimate cloud service to deliver a malicious payload was recently unearthed by researchers at Trend Micro. As a follow up of a campaign targeting several European countries, discovered in July 2023 and attributed to the APT Earth Preta (also known as Mustang Panda and Bronze […] |
Threat Prediction Cloud | ★★ | |
|
2024-03-06 15:00:00 | 10 processus essentiels pour réduire les 11 premiers risques de cloud 10 Essential Processes for Reducing the Top 11 Cloud Risks (lien direct) |
Les défis de la sécurité du cloud de Cloud Security Alliance \\ peuvent être relevés en mettant les bons processus en place.
The Cloud Security Alliance\'s "Pandemic 11" cloud security challenges can be addressed by putting the right processes in place. |
Cloud | ★★★ | |
|
2024-03-06 13:52:40 | (Déjà vu) F5 ajoute des tests de pénétration automatisés (lien direct) | F5 ajoute des tests de pénétration automatisés pour renforcer les capacités de sécurité des applications multicloud • La solution automatisée de reconnaissance de la sécurité et de test de pénétration sera intégrée à Distributed Cloud Services de F5. • La technologie acquise par Heyhack renforce le portefeuille de sécurité des applications multicloud de F5, permettant aux clients d'automatiser la découverte des vulnérabilités. - Produits | Cloud | ★★ | |
 |
2024-03-06 12:55:24 | Top 6 vecteurs de violation SaaS et comment les empêcher Top 6 SaaS Breach Vectors and How to Prevent Them (lien direct) |
> En moyenne, les équipes informatiques ne connaissent que 20% des applications SaaS utilisées dans leurs organisations1.Si les contrôles standard pouvaient être facilement appliqués aux applications SaaS, ce nombre serait peu de préoccupation.Cependant, la fréquence des incidents de sécurité liées au SaaS raconte une histoire différente, avec des titres fréquents sur les PII visibles publiquement, le rachat du compte via des tiers piratés et une exfiltration malveillante des bases de données clients entières.De toute évidence, les solutions actuelles ne suffisent pas.Quelle est la répartition des violations basées sur le SaaS?Les violations de données SaaS représentent l'exposition aux données dans quatre organisations sur cinq, et près de la moitié (43%) des incidents de sécurité liés [& # 8230;]
>On average, IT teams are only aware of 20% of the SaaS applications used in their organizations1. If standard controls could be easily applied to SaaS apps, then this number would be little cause for concern. However, the frequency of SaaS-related security incidents tells a different story, with frequent headlines on publicly visible PII, account takeover through hacked third parties and malicious exfiltration of entire customer databases. Clearly, current solutions are not enough. How Prevalent are SaaS-based Breaches? SaaS data breaches account for data exposure in four out of five organizations , and almost half (43%) experience security incidents related […] |
Cloud | ★★★ | |
|
2024-03-06 09:37:40 | F5 ajoute des tests de pénétration automatisés pour renforcer les capacités de sécurité des applications multicloud F5 Adds Automated Penetration Testing to Strengthen Multicloud Application Security Capabilities (lien direct) |
F5 ajoute des tests de pénétration automatisés pour renforcer les capacités de sécurité des applications multicloud
• La solution automatisée de reconnaissance de reconnaissance et de test de pénétration sera incorporée dans les services cloud distribués F5.
• La technologie acquise via Heyhack renforce le portefeuille de sécurité des applications multicloud de F5 \\, permettant aux clients d'automatiser la découverte de vulnérabilité.
-
revues de produits
F5 Adds Automated Penetration Testing to Strengthen Multicloud Application Security Capabilities • Automated security reconnaissance and penetration testing solution will be incorporated into F5 Distributed Cloud Services. • Technology acquired through Heyhack strengthens F5\'s multicloud application security portfolio, enabling customers to automate vulnerability discovery. - Product Reviews |
Vulnerability Cloud | ★★★ | |
 |
2024-03-06 08:17:14 | Après Google Cloud, AWS : pourquoi ils suppriment les frais de sortie (lien direct) | Dans la lignée de Google Cloud, AWS supprime, sous conditions, les frais de changement de fournisseur. Dans quel contexte ? | Cloud | ★★★ | |
|
2024-03-05 21:07:02 | Crowdsstrike pour acquérir la sécurité du flux, établit la norme pour la sécurité des données cloud moderne CrowdStrike to Acquire Flow Security, Sets the Standard for Modern Cloud Data Security (lien direct) |
Je suis ravi d'annoncer l'accord de Crowdsstrike \\ pour acquérir la sécurité de flux, un pionnier de la gestion de la posture de sécurité des données (DSPM) et de la première et la seule solution de sécurité d'exécution de données cloud de l'industrie.Avec cette acquisition, CrowdStrike établit la norme pour la sécurité du cloud moderne avec une protection complète de données en temps réel couvrant des environnements de terminaison et de cloud, offrant le seul cloud [& # 8230;]
I\'m thrilled to announce CrowdStrike\'s agreement to acquire Flow Security, a pioneer in data security posture management (DSPM) and the industry\'s first and only cloud data runtime security solution. With this acquisition, CrowdStrike is setting the standard for modern cloud security with complete real-time data protection spanning endpoint and cloud environments, delivering the only cloud […] |
Cloud | ★★ | |
|
2024-03-05 16:25:00 | Qu'est-ce que la gestion de l'exposition et en quoi diffère-t-elle d'ASM? What is Exposure Management and How Does it Differ from ASM? (lien direct) |
Les startups et les échelles sont souvent des organisations d'abord en cloud et ont rarement des environnements d'héritage sur prémage étendus.De même, en connaissant l'agilité et la flexibilité que les environnements cloud offrent, le marché intermédiaire fonctionne principalement dans un état hybride, en partie dans le cloud mais avec certains actifs sur site.
Bien qu'il y ait eu un peu de backswing contre les prix et le verrouillage présentés lors de l'utilisation
Startups and scales-ups are often cloud-first organizations and rarely have sprawling legacy on-prem environments. Likewise, knowing the agility and flexibility that cloud environments provide, the mid-market is predominantly running in a hybrid state, partly in the cloud but with some on-prem assets. While there has been a bit of a backswing against the pricing and lock-in presented when using |
Cloud | ★★★ | |
|
2024-03-05 16:22:28 | (Déjà vu) Vade rejoint le groupe HornetSecurity Vade joins Hornetsecurity Group (lien direct) |
Vade rejoint HornetSecurity Group, créant un leader européen de cybersécurité
Le partenariat vise à positionner le groupe en tant que fournisseur de cybersécurité prééminent pour les clients et les partenaires en Europe qui apprécient la souveraineté des données et les meilleurs services de cloud, de conformité et de sécurité des communications numériques
-
nouvelles commerciales
Vade joins Hornetsecurity Group, creating a European cybersecurity leader Partnership aims to position the group as the preeminent cybersecurity provider for customers and partners in Europe who value data sovereignty and best-in-class cloud, compliance and digital communications security services - Business News |
Cloud | ★★★ | |
 |
2024-03-05 15:23:31 | Cloud Range lance la formation initiale du commandant des cyber-incidents pour améliorer le temps de réponse, élever les performances Cloud Range launches initial cyber incident Commander Training to improve response time, elevate performance (lien direct) |
Cloud Range a annoncé mardi le lancement de son nouveau programme de formation, Cybersecurity Incident Commander Training.Offert pour un ...
Cloud Range announced Tuesday the launch of its new training program, Cybersecurity Incident Commander Training. Offered for a... |
Cloud | ★★★ | |
 |
2024-03-05 14:30:42 | Présentation du lancement de Multicloud de Red Canary \\ Introducing Red Canary\\'s multicloud launch (lien direct) |
Trouvez et arrêtez les risques et menaces dans le cloud à travers AWS, Azure, GCP et Linux avec nos nouvelles capabilties multi-multical.
Find and stop cloud risks and threats across AWS, Azure, GCP, and Linux with our new multicloud capabilties. |
Cloud | ★★ | |
|
2024-03-05 14:30:16 | Red Canary apporte une expertise MDR à Microsoft Azure Cloud Red Canary brings MDR expertise to Microsoft Azure Cloud (lien direct) |
Red Canary ingère directement des données de télémétrie et des alertes à partir des journaux d'audit Azure et du défenseur du cloud, détectant les menaces que d'autres manquent.
Red Canary directly ingests telemetry data and alerts from Azure Audit logs and Defender for Cloud, detecting threats that others miss. |
Cloud | ★★ | |
|
2024-03-05 13:04:41 | Vade rejoint Hornetsecurity Group (lien direct) | Vade rejoint Hornetsecurity Group, créant ainsi un leader européen de la cybersécurité Le partenariat vise à positionner le groupe comme le fournisseur de cybersécurité incontournable pour les clients et partenaires européens qui accordent de l'importance à la souveraineté des données et aux meilleurs services de sécurité pour le cloud, la conformité et les communications numériques. - Business | Cloud | ★★ | |
|
2024-03-05 08:30:26 | Sécurité du cloud en question : la nécessité de renforcer la cybersécurité (lien direct) | Sécurité du cloud en question : la nécessité de renforcer la cybersécurité. Fanch Francis, CEO de NANO Corp, Acteur de la cybersécurité et spécialiste de la surveillance réseau en temps réel et de suivi des politiques de sécurité, partage sa réaction quant à cette actualité : - Points de Vue | Cloud | ★★ | |
 |
2024-03-04 11:46:32 | 75+ listes de contrôle technologiques pour améliorer l'efficacité 75+ Tech Checklists to Improve Efficiency (lien direct) |
De la réponse des logiciels malveillants au stockage cloud, chaque organisation peut bénéficier d'une liste de contrôle pour assurer des opérations efficaces et lisses.
From malware response to cloud storage, every organization can benefit from a checklist to ensure effective and smooth operations. |
Malware Cloud | ★★★ | |
 |
2024-03-03 12:46:21 | ZATAZ découvre un nid de hackers avec plus de 1,7 million de victimes (lien direct) | Un hacker malveillant stocke dans un cloud public plus de 1,3 million d'internautes piratés. ZATAZ met la main sur le stockage et tente de le faire fermer !... | Cloud | ★★★ | |
|
2024-03-01 20:15:10 | Les problèmes NCSC de UK \\ ont avertissement en tant que pirates SVR ciblent les services cloud UK\\'s NCSC Issues Warning as SVR Hackers Target Cloud Services (lien direct) |
Cyber Espionage Group APT29 adapte ses tactiques aux environnements cloud.Voici ce que vous devez savoir.
Cyber espionage group APT29 is adapting its tactics for cloud environments. Here\'s what you should know. |
Cloud | APT 29 | ★★ |
 |
2024-03-01 18:45:16 | Accélérer l'adoption du cloud dans le secteur public écossais Accelerating Cloud Adoption Across the Scottish Public Sector (lien direct) |
> Le gouvernement écossais a développé un CPS pour donner un accès simplifié au secteur public écossais aux technologies cloud, offrant une arrêt aux plates-formes cloud.
>The Scottish Government developed a CPS to give Scottish Public Sector simplified access to cloud technologies, providing one stop to cloud platforms. |
Cloud | ★★ | |
|
2024-03-01 18:09:55 | La régulation de la biométrie se réchauffe, présatant les maux de tête de la conformité Biometrics Regulation Heats Up, Portending Compliance Headaches (lien direct) |
Un fourré croissant de lois sur la vie privée régulant la biométrie vise à protéger les consommateurs au milieu des violations des nuages croissantes et des fesseurs profondes créées par l'IA.Mais pour les entreprises qui gèrent les données biométriques, rester conforme est plus facile à dire qu'à faire.
A growing thicket of privacy laws regulating biometrics is aimed at protecting consumers amid increasing cloud breaches and AI-created deepfakes. But for businesses that handle biometric data, staying compliant is easier said than done. |
Cloud | ★★★ | |
 |
2024-03-01 13:49:02 | Advanced Cyber Defenfispinon Systems (ADCS) pour présenter une solution de gestion de surface d'attaque innovante à Cloud & Cyber Security Expo Advanced Cyber Defence Systems (ADCS) to Showcase Innovative Attack Surface Management Solution at Cloud & Cyber Security Expo (lien direct) |
Continuant à partir de leur série de webinaires populaires, Advanced Cyber Defense Systems (ACDS) prend leur & # 8216; Pensez comme un pirate & # 8217;série au cloud & # 38;Cyber Expo.Lors de l'événement, l'équipe démontera sa solution de gestion de surface d'attaque de pointe.De plus, le CTO de la société \\, Elliott Wilkes, livrera également un discours lors de l'événement, [& # 8230;]
le post Systèmes de cyberdéfense avancés (ADC) pour présenter une solution innovante de gestion de surface d'attaque à Cloud & Cyber Security Expo Apparu pour la première fois sur gourou de la sécurité informatique .
Continuing on from their popular webinar series, Advanced Cyber Defence Systems (ACDS) are taking their ‘Think Like a Hacker’ series to The Cloud & Cyber Expo. At the event, the team will be demoing their cutting-edge Attack Surface Management solution. Additionally, the company\'s CTO, Elliott Wilkes, will also be delivering a keynote at the event, […] The post Advanced Cyber Defence Systems (ADCS) to Showcase Innovative Attack Surface Management Solution at Cloud & Cyber Security Expo first appeared on IT Security Guru. |
Cloud | ★★ | |
|
2024-02-29 20:48:36 | Les applications cloud plaident pour la pentisting en tant que service Cloud Apps Make the Case for Pentesting-as-a-Service (lien direct) |
Les applications sont de plus en plus distribuées, en élargissant les surfaces d'attaque cloud des entreprises et nécessitant des tests réguliers pour trouver et corriger les vulnérabilités - sinon les entreprises risquent un étalement croissant de services.
Applications are increasingly distributed, expanding companies\' cloud attack surfaces, and requiring regular testing to find and fix vulnerabilities - else companies risk a growing sprawl of services. |
Vulnerability Cloud | ★★★ | |
|
2024-02-29 15:31:42 | Veeam® Software annonce Veeam Data Cloud (lien direct) | Avec sa nouvelle offre Veeam Data Cloud, Veeam réunit les meilleurs services de protection et restauration des données au sein d'une plateforme cloud unique En fédérant les tâches de stockage, de sauvegarde sur le cloud et de lutte contre les ransomwares pour les environnements Microsoft Azure et Microsoft 365, la plateforme tout-en-un Veeam Data Cloud protège actuellement plus de 18 millions d'utilisateurs. - Produits | Cloud | ★★ | |
|
2024-02-29 11:00:00 | Gouvernance de l'IA et préservation de la vie privée AI governance and preserving privacy (lien direct) |
AT&T Cybersecurity featured a dynamic cyber mashup panel with Akamai, Palo Alto Networks, SentinelOne, and the Cloud Security Alliance. We discussed some provocative topics around Artificial Intelligence (AI) and Machine Learning (ML) including responsible AI and securing AI. There were some good examples of best practices shared in an emerging AI world like implementing Zero Trust architecture and anonymization of sensitive data. Many thanks to our panelists for sharing their insights. Before diving into the hot topics around AI governance and protecting our privacy, let’s define ML and GenAI to provide some background on what they are and what they can do along with some real-world use case examples for better context on the impact and implications AI will have on our future. GenAI and ML Machine Learning (ML) is a subset of AI that relies on the development of algorithms to make decisions or predictions based on data without being explicitly programmed. It uses algorithms to automatically learn and improve from experience. GenAI is a subset of ML that focuses on creating new data samples that resemble real-world data. GenAI can produce new and original content through deep learning, a method in which data is processed like the human brain and is independent of direct human interaction. GenAI can produce new content based on text, images, 3D rendering, video, audio, music, and code and increasingly with multimodal capabilities can interpret different data prompts to generate different data types to describe an image, generate realistic images, create vibrant illustrations, predict contextually relevant content, answer questions in an informational way, and much more. Real world uses cases include summarizing reports, creating music in a specific style, develop and improve code faster, generate marketing content in different languages, detect and prevent fraud, optimize patient interactions, detect defects and quality issues, and predict and respond to cyber-attacks with automation capabilities at machine speed. Responsible AI Given the power to do good with AI - how do we balance the risk and reward for the good of society? What is an organization’s ethos and philosophy around AI governance? What is the organization’s philosophy around the reliability, transparency, accountability, safety, security, privacy, and fairness with AI, and one that is human-centered? It\'s important to build each of these pillarsn into an organization\'s AI innovation and business decision-making. Balancing the risk and reward of innovating AI/ML into an organization\'s ecosystem without compromising social responsibility and damaging the company\'s brand and reputation is crucial. At the center of AI where personal data is the DNA of our identity in a hyperconnected digital world, privacy is a top priority. Privacy concerns with AI In Cisco’s 2023 consumer privacy survey, a study of over 2600 consumers in 12 countries globally, indicates consumer awareness of data privacy rights is continuing to grow with the younger generations (age groups under 45) exercising their Data Subject Access rights and switching providers over their privacy practices and policies. Consumers support AI use but are also concerned. With those supporting AI for use: 48% believe AI can be useful in improving their lives 54% are willing to share anonymized personal data to improve AI products AI is an area that has some work to do to earn trust 60% of respondents believe the use of AI by organizations has already eroded trust in them 62% reported concerns about the business use of AI 72% of respondents indicated that having products and solutions aud | Studies Prediction Cloud Technical | ★★ | |
|
2024-02-29 06:00:13 | Briser la chaîne d'attaque: des mouvements décisifs Break the Attack Chain: Decisive Moves (lien direct) |
In our “Break the Attack Chain” blog series, we have looked at how threat actors compromise our defenses and move laterally within our networks to escalate privileges and prepare for their endgame. Now, we come to the final stage of the attack chain where it\'s necessary to broaden our outlook a little. While most external threat actors will follow the same playbook, they aren\'t our only adversaries. The modern reality is that data often just walks out of the door because our employees take it with them. More than 40% of employees admit to taking data when they leave. At the same time, careless employees who make security mistakes are responsible for more than half of insider-led data loss incidents. So, while it\'s important to detect and deter cybercriminals who want to exfiltrate our data, we must also watch out for our users. Whether they are malicious or careless, our users are just as capable of exposing sensitive data. In this third and final installment, we discuss how companies tend to lose data-and how we can better protect it from all manner of risks. Understanding data loss As with every stage in the attack chain, we must first understand threats before we can put protections in place. Let\'s start with the case of a cybercriminal following the typical attack chain. While this may not sound like a traditional insider attack, it\'s often aided by careless or reckless employees. Users expose data and open themselves and your business up to compromise in a multitude of ways, like using weak passwords, reusing credentials, forgoing security best practices and clicking on malicious links or attachments. Any of these risky moves give cybercriminals a way into your networks where they can embark on lateral movement and escalation. Incidents like these are so common that careless or compromised users cause over 80% of insider-led data loss. Malicious insiders make up the remainder. Insider threats could be a disgruntled employee looking to cause disruption, a user compromised by cybercriminals, or, increasingly, an employee who will soon leave your organization. In most cases, data exfiltration follows a three-stage pattern: Access. Users, whether malicious or compromised, will attempt to take as much information as possible. This could mean excessive downloading or copying from corporate drives or exporting data from web interfaces or client apps. Obfuscation. Both cybercriminals and malicious insiders will be aware of the kinds of activity likely to trigger alarms and will take steps to avoid them. Changing file names and extensions, deleting logs and browsing history, and encrypting files are typical strategies. Exfiltration. With targets acquired and tracks covered, data exfiltration is then carried out by copying files to a personal cloud or removable storage device and sharing files with personal or burner email accounts. Defending from the inside out As we explained in our webinar series, while the initial stage of the attack chain focuses on keeping malicious actors outside our organization, the final two stages are far more concerned with what\'s happening inside it. Therefore, any effective defense must work from the inside out. It must detect and deter suspicious activity before data can slip past internal protections and be exposed to the outside world. Of course, data can do many things-but it cannot leave an organization on its own. Whether compromised, careless or malicious, a human is integral to any data loss incident. That\'s why traditional data loss prevention (DLP) tools are not as effective as they used to be. By focusing on the content of an incident, they only address a third of the problem. Instead, a comprehensive defense against data loss must merge content classification with threat telemetry and user behavior. Proofpoint Information Protection is the only solution that uses all three across channels in a unified, cloud-native interface. With this information, security teams can identify who is accessing and moving data-when, where and why. And | Tool Threat Cloud | ★★★ | |
|
2024-02-28 13:44:31 | Une menace ombragée: l'escalade des cyberattaques API Web en 2024 A Shadowed Menace : The Escalation of Web API Cyber Attacks in 2024 (lien direct) |
> Faits saillants: augmentation significative des attaques: au cours du premier mois de 2024, les tentatives d'attaquer les API Web ont eu un impact sur 1 sur 4,6 organisations dans le monde chaque semaine, marquant une augmentation de 20% par rapport à janvier 2023, mettant en évidence le risque croissant associé aux vulnérabilités d'API.Impact à l'échelle de l'industrie: l'éducation mène le secteur le plus touché, la plupart des secteurs ayant une augmentation à deux chiffres des attaques de l'année dernière.Pendant ce temps, les réseaux organisationnels basés sur le cloud connaissent une augmentation de 34% des attaques par rapport à la même période l'année dernière, et dépassent les réseaux organisationnels sur site dans l'impact global des attaques d'API, soulignant l'évolution du paysage des menaces du cloud.Vulnérabilités et incidents notables: exploits comme le [& # 8230;]
>Highlights: Significant Increase in Attacks: In the first month of 2024, attempts to attack Web APIs impacted 1 in 4.6 organizations worldwide every week, marking a 20% increase compared to January 2023, highlighting the growing risk associated with API vulnerabilities. Industry-Wide Impact: Education leads as the most impacted sector, with most sectors having a double-digit surge in attacks from last year. Meanwhile, cloud-based organizational networks experience a 34% rise in attacks compared to the same period last year, and overtake on-prem organizational networks in the overall impact of API attacks, underscoring the evolving cloud threat landscape. Notable Vulnerabilities and Incidents: Exploits like the […] |
Vulnerability Threat Cloud | ★★★ | |
|
2024-02-27 21:49:18 | Russie \\ 'S \\' Midnight Blizzard \\ 'cible les comptes de service pour l'accès au cloud initial Russia\\'s \\'Midnight Blizzard\\' Targets Service Accounts for Initial Cloud Access (lien direct) |
La CISA et ses homologues au Royaume-Uni et dans d'autres pays cette semaine ont offert de nouvelles conseils sur la façon de gérer le récent passage de l'acteur de menace aux attaques cloud.
CISA and its counterparts in the UK and other countries this week offered new guidance on how to deal with the threat actor\'s recent shift to cloud attacks. |
Threat Cloud | ★★ | |
|
2024-02-27 20:00:14 | CloudGuard rationalise Azure Virtual Wan Security avec entrée directe CloudGuard Streamlines Azure Virtual WAN security with Direct Ingress (lien direct) |
> Alors qu'Azure Virtual Wan continue de gagner en popularité auprès des clients d'entreprise avec des environnements informatiques distribués et complexes, la nécessité d'une solution de sécurité complète, consolidée et collaborative pour protéger ces déploiements devient encore plus cruciale.Check Point CloudGuard offre aux clients une sécurité de réseau cloud de pointe pour leurs déploiements WAN virtuels, une connectivité sécurisée pour les environnements informatiques hétérogènes et distribués.La solution de point de contrôle permet une gestion de la sécurité unifiée et cohérente pour les nuages hybrides et les déploiements sur site avec une efficacité opérationnelle maximale.Microsoft a récemment annoncé que la nouvelle fonctionnalité à entrave directe (également appelée Internet Inbound ou Internet) est désormais en avant-première.Vérifier le point [& # 8230;]
>As Azure Virtual WAN continues to gain popularity among enterprise customers with distributed and complex IT environments, the need for a comprehensive, consolidated, and collaborative security solution to protect these deployments becomes even more crucial. Check Point CloudGuard provides customers with industry-leading cloud network security for their Virtual WAN deployments, secured connectivity for heterogeneous and distributed IT environments. The Check Point solution enables unified and consistent security management for hybrid-clouds and on-prem deployments with maximum operational efficiency. Microsoft recently announced that the new Direct Ingress functionality (also called internet inbound or internet ingress) is now in public preview. Check Point […] |
Cloud | ★★ | |
|
2024-02-27 16:04:00 | Cinq agences Eyes exposent des tactiques d'évolution des nuages en évolution de l'APT29 \\ Five Eyes Agencies Expose APT29\\'s Evolving Cloud Attack Tactics (lien direct) |
La cybersécurité et les agences de renseignement des cinq yeux des Nations ont publié un conseil conjoint détaillant les tactiques évolutives de l'acteur de menace parrainé par l'État russe connu sous le nom de & NBSP; APT29.
La tenue de piratage, également connue sous le nom de Bluebravo, Ursa masqué, Cozy Bear, Midnight Blizzard (anciennement Nobelium) et les Dukes, est évaluée pour être affiliée au Foreign Intelligence Service (SVR) de la
Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29. The hacking outfit, also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzard (formerly Nobelium), and The Dukes, is assessed to be affiliated with the Foreign Intelligence Service (SVR) of the |
Threat Cloud | APT 29 | ★★★ |
 |
2024-02-27 14:00:00 | Le besoin convaincant de protection des données natives dans le cloud The compelling need for cloud-native data protection (lien direct) |
> Les environnements cloud étaient des cibles fréquentes pour les cyberattaquants en 2023. Quatre-vingt-deux pour cent des violations qui impliquaient des données stockées dans le cloud se trouvaient dans des environnements publics, privés ou multi-clouds.Les attaquants ont acquis le plus d'accès aux environnements multi-cloud, avec 39% des violations couvrant des environnements multi-cloud en raison des problèmes de sécurité plus compliqués.Le coût de ces nuages [& # 8230;]
>Cloud environments were frequent targets for cyber attackers in 2023. Eighty-two percent of breaches that involved data stored in the cloud were in public, private or multi-cloud environments. Attackers gained the most access to multi-cloud environments, with 39% of breaches spanning multi-cloud environments because of the more complicated security issues. The cost of these cloud […] |
Cloud | ★★ | |
|
2024-02-27 11:50:59 | MWC 2024 : Huawei Cloud cherche à s\'étendre malgré les sanctions (lien direct) | Huawei Cloud ouvre de nouvelles zones de disponibilité, développe ses activités européennes et se concentre sur l'IA en s'adaptant aux sanctions américaines. | Cloud | ★★ | |
|
2024-02-27 11:00:00 | L'évolution du point de terminaison - passant des critères de terminaison traditionnels aux charges de travail cloud ou conteneurisées et les solutions de sécurité pour les protéger The endpoint evolution - Evolving from traditional endpoints to cloud or containerized workloads and the security solutions to protect them (lien direct) |
As organizations grow and more endpoints are added across the enterprise, they create an increasingly broad attack surface sophisticated attackers are looking to compromise. According to the 2019 Endpoint Security Trends Report 70% of breaches originate at the endpoint¹. That is likely because endpoints typically represent the Intersection between humans and machines creating vulnerable points of entry for cybercriminals. This is why it is increasingly important to secure your endpoints.
Growth in endpoints
An endpoint is defined as any computing device that communicates back and forth with a network to which it is connected. Some end user devices serve as an interface with human users while others are servers that communicate with other endpoints on the network. Traditional endpoints began as physical devices including servers, workstations, desktops, and laptops, all connected to a corporate network. When smartphones and tablets became handheld computing devices with access to corporate email, document sharing and collaboration tools the number of endpoints at least doubled.
Then came the rise of the Internet of Things (IoT) including devices like printers, webcams, smartwatches, and thermostats, all of which are connected to the network. Industries like healthcare and manufacturing are using millions of IoT sensors to collect and exchange data. This continued growth in IoT only increases the number of endpoints that need to be protected.
Another contribution to the growth in endpoints is the migration to the cloud. It is estimated that 67% of enterprise infrastructure is cloud-based². This cloud transformation is the evolution from physical devices to virtualization and containerization.
Endpoint virtualization
The cloud is a multi-tenant environment where multiple users run services on the same server hardware. Virtualization and containerization are both virtualization technologies that separate the host operating system from the programs that run in them.
Virtualization is achieved using a hypervisor, which splits CPU, RAM, and storage resources between multiple virtual machines (VMs). Each VM behaves like a separate computer that gets a guest operating system and each VM is independent of each other. This allows organizations to run multiple OS instances on a single server.
Containerization, on the other hand, runs a single host OS instance and uses a container engine to help package applications into container images that can be easily deployed and re-used. By splitting each individual application function or microservice into containers they can operate independently to improve enterprise resilience and scalability. Kubernetes then manages the orchestration of multiple containers. VMs and containers present very different security challenges so let’s look at the evolution of endpoint security and the solutions that meet the needs of complex customer environments.
Securing endpoints
For decades, organizations have heavily relied on antivirus (AV) software to secure endpoints. However, traditional antivirus worked by matching known malicious signatures in a database and can no longer protect against today’s sophisticated threats. Modern endpoint security solutions are less signature-based and much more behavior-based. Endpoint protection platforms (EPP) offer cloud native architectures that provide a layered defense against fileless attacks using machine learning and behavioral AI to protect against malicious activity. Endpoint detection and response (EDR) solutions went beyond protection by recording and storing endpoint-system level behaviors to detect malicious threats.
EDR solutions use data analytics combined with threat intelligence feeds to provide incident responders with the forensic data for completing investigations and threat hunting. In addi |
Malware Tool Vulnerability Threat Mobile Cloud | ★★ | |
|
2024-02-27 06:48:00 | CISA, NCSC, les partenaires mondiaux exposent les tactiques de cyber-espionnage SVR ciblant les environnements cloud CISA, NCSC, global partners expose SVR cyber espionage tactics targeting cloud environments (lien direct) |
> L'Agence américaine de sécurité de cybersécurité et d'infrastructure (CISA), en collaboration avec le UK National Cyber Security Center (NCSC) ...
>The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the UK National Cyber Security Centre (NCSC)... |
Cloud | ★★ | |
 |
2024-02-27 01:00:06 | L'ours confortable de la Russie plonge dans des environnements cloud avec un nouveau sac de trucs Russia\\'s Cozy Bear dives into cloud environments with a new bag of tricks (lien direct) |
Les espions du Kremlin \\ ont essayé le TTPS sur Microsoft, et maintenant ils se rendent aux courses Russia \'s Cozy Bear, l'équipage derrière la chaîne d'approvisionnement de SolarwindsAttack, a élargi ses objectifs et a évolué ses techniques pour pénétrer dans les organisations \\ 'Cloud Environments, selon les Five Eyes Governments.…
Kremlin\'s spies tried out the TTPs on Microsoft, and now they\'re off to the races Russia\'s notorious Cozy Bear, the crew behind the SolarWinds supply chain attack, has expanded its targets and evolved its techniques to break into organizations\' cloud environments, according to the Five Eyes governments.… |
Cloud | APT 29 | ★★★ |
|
2024-02-26 18:43:28 | La région du Golfe accélère l'adoption de zéro confiance Gulf Region Accelerates Adoption of Zero Trust (lien direct) |
Les Émirats arabes unis seront probablement l'un des premiers de la région à mettre en œuvre une sécurité zéro-confiance en raison de sa forte adoption des technologies cloud.
United Arab Emirates will likely be one of the first in the region to implement zero-trust security due to its heavy adoption of cloud technologies. |
Cloud | ★★ | |
 |
2024-02-26 17:18:53 | Cinq Nations Eyes préviennent d'évolution des pratiques de cyberespionnage russes ciblant les environnements cloud Five Eyes nations warn of evolving Russian cyberespionage practices targeting cloud environments (lien direct) |
> L'avis émis par le Centre national de cybersécurité du Royaume-Uni décompose les tactiques et les techniques de SVR Hacking Ops.
>The advisory issued by the U.K.\'s National Cyber Security Centre breaks down tactics and techniques from SVR hacking ops. |
Cloud | TYPEFRAME | ★★★ |
 |
2024-02-26 17:15:00 | CISA Issues Alert sur les tactiques d'infiltration des nuages d'APT29 \\ CISA Issues Alert on APT29\\'s Cloud Infiltration Tactics (lien direct) |
Connu sous le nom de Midnight Blizzard, les dukes ou l'ours confortable, le groupe a été identifié comme une entité russe opérant probablement sous le SVR
Known as Midnight Blizzard, the Dukes or Cozy Bear, the group has been identified as a Russian entity likely operating under the SVR |
Cloud | APT 29 | ★★ |
To see everything:
Our RSS (filtrered)
