What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-12 11:00:00 | Le réseau sécurisé commence (et se termine) au point final Secure networking starts (and ends) at the endpoint (lien direct) |
One step behind
The last decade has been challenging for the cyber industry. Attackers always seem to have the upper hand while defenders play catch up. It’s common to point to the ever-accelerating frequency and sophistication of attacks, siloed security that creates gaps, and a shortage of skilled cyber professionals as rationale for this lagging position. All are true but none represent the core reason for our current situation.
The reason we are where we are is because of cloud computing. Don’t get me wrong, cloud computing has been and continues to be profoundly beneficial. It enabled digital transformation that reshaped how we do business. But it is also a huge disruptor that turned traditional, centralized computing and data networking models on their head, forcing carriers and network suppliers alike to innovate and adapt or risk obsolescence. And as networking models shifted, from centralized to distributed, so too did security, but always at a lagging pace.
With cloud computing, distributed networking, and cloud-based security becoming standard, organizations must reassess their cybersecurity approach. It is imperative that they adopt comprehensive end-to-end solutions that align with the evolving landscape of cloud computing and connectivity to address their cyber challenges.
Cloud computing’s cascading effect
It’s always been about data – where data lives and how it is accessed by users. Shifts in data residency and access have triggered a series of events, beginning with:
Our introduction to the cloud
Server virtualization and cloud compute infrastructure, frequently referred to as infrastructure as a service (IaaS), ushered in low cost, flexible, and resource efficient computing via virtual machines (VMs)
Growth in cloud computing shifted focus to new ways that enabled users, whether in offices (sites) or at home (remote users), to access the data required to perform their job duties
Cloud adoption led to new networking models
Networks were re-architected to align with shifting data residency, from centralized data centers to distributed cloud infrastructure
This transition included moving from MPLS/datacenter designs to SD-WAN with Internet breakouts and hybrid or multi-cloud solutions
Network security transformation lagged
As data networking models evolved so too did network security, but at a lagging pace
Over time, the expansion of cloud-delivered security solutions helped organizations to align and optimize network security within this new cloud and networking environment
But this new data and networking paradigm requires consideration beyond network security
Endpoint security has become more critical to consider in this new age of cloud computing and network connectivity where the focus is now squarely on enabling users on laptops, desktops, and mobile devices (endpoints) to access data on cloud servers and VMs (also endpoints)
Endpoints bookend this continuum of users accessing data on cloud workloads, and as an essential part of the communications flow, they must be considered when designing an end-to-end security solution
Doubling down on the cloud
We have come a long way from the initial cloud use case of test/dev. We’ve since moved to running production-grade applications in the cloud and are now entering the next phase of cloud application development – microservices and containerization. As the cloud becomes increasingly foundational to your organization, it is crucial to prioritize robust security for all cloud workloads. This includes ensuring top-performing endpoint security not only for VMs but a |
Mobile Cloud | ★★ | |
 |
2024-02-12 10:00:00 | Les compromis Azure en cours Target Target Senior Execs, Microsoft 365 Apps Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps (lien direct) |
Les attaquants franchissent des environnements cloud et jouent à des jeux avec les applications Microsoft 365 d'entreprise, et d'autres victimes sont susceptibles de venir.
Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come. |
Cloud | ★★ | |
 |
2024-02-12 09:21:01 | Infodis fait l\'acquisition de Prolival (lien direct) | Infodis achève sa stratégie de transformation vers les services d'Infogérance, Cloud et Cybersécurité avec l'acquisition de la société Prolival et de son Cloud souverain Horizon. - Business | Cloud | ★★ | |
|
2024-02-12 08:21:20 | Logrhythm élargit le partenariat avec la finance électronique LogRhythm Expands Partnership with e-finance (lien direct) |
Logrhythm élargit le partenariat avec la finance électronique pour accélérer l'innovation de cybersécurité en Égypte
La finance électronique ajoute un logythme à sa plate-forme de cloud computing intégrée pour une croissance numérique sûre et sécurisée qui s'aligne sur l'Égypte Vision 2030
-
nouvelles commerciales
LogRhythm Expands Partnership with e-finance to Accelerate Cybersecurity Innovation in Egypt e-finance adds LogRhythm to its integrated cloud computing platform for safe and secure digital growth that aligns with Egypt Vision 2030 - Business News |
Cloud | ★★ | |
 |
2024-02-12 08:02:39 | 4 étapes pour empêcher le compromis des e-mails des fournisseurs dans votre chaîne d'approvisionnement 4 Steps to Prevent Vendor Email Compromise in Your Supply Chain (lien direct) |
Supply chains have become a focal point for cyberattacks in a world where business ecosystems are increasingly connected. Email threats are a significant risk factor, as threat actors are keen to use compromised email accounts to their advantage. Every month, a staggering 80% of Proofpoint customers face attacks that originate from compromised vendor, third-party or supplier email accounts. Known as supplier account compromise, or vendor email compromise, these attacks involve threat actors infiltrating business communications between trusted partners so that they can launch internal and external attacks. Their ultimate goal might be to steal money, steal data, distribute malware or simply cause havoc. In this blog post, we\'ll explain how vendor emails are compromised and how you can stop these attacks. Finally, we\'ll tell you how Proofpoint can help. What\'s at stake Supply chain compromise attacks can be costly for businesses. IBM, in its latest Cost of a Data Breach Report, says that the average total cost of a cyberattack that involves supply chain compromise is $4.76 million. That is almost 12% higher than the cost of an incident that doesn\'t involve the supply chain. In addition to the financial implications, compromised accounts can lead to: Phishing scams that result in even more compromised accounts Reputational and brand damage Complex legal liabilities between business partners How does vendor email compromise occur? Supply chain compromise attacks are highly targeted. They can stretch out over several months. And typically, they are structured as a multistep process. The bad actor initiates the assault by gaining access to the email account of a vendor or supplier through various means. Phishing attacks are one example. Once the attacker gains access, they will lay low for an extended period to observe the vendor\'s email communications. During this time, the adversary will study the language and context of messages so that they can blend in well and avoid detection. Attackers might also use this observation period to establish persistence. They will create mail rules and infrastructure so that they can continue to receive and send messages even after the vendor has regained control of the account. Once they establish access and persistence, the attackers will begin to insert themselves into conversations within the supplier\'s company as well as with external partners and customers. By posing as the sender, the attacker takes advantage of established trust between parties to increase their chances of success. Overview of a vendor email compromise attack. Proofpoint has observed a growing trend of attackers targeting accounts within smaller businesses and using them to gain entry into larger companies. Threat actors often assume that small businesses have less protection than large companies. They see them as targets that can help them achieve a bigger payday. How to stop vendor email compromise If you want to defend against these attacks, it\'s critical to understand the methods behind them. Such a formidable problem requires a strategic and multilayered solution. The four broad steps below can help. Step 1: Know your suppliers Your first line of defense against these email attacks sounds simple, but it\'s challenging. It is the ability to intimately “know your supplier” and understand their security strategy. This requires more than a one-time vendor assessment. Your security teams will need to prioritize continuous monitoring of your company\'s business partnerships. On top of that knowledge, you need a thorough understanding of the access and privileges that your business grants to each vendor. Compromised accounts that have uncontrolled access may be able to exfiltrate sensitive data or upload malware like ransomware. So, when you know what your suppliers can (and can\'t) access, you can identify a data breach faster. Other steps, like requiring multifactor authentication (MFA) for vendor accounts, can | Ransomware Data Breach Malware Tool Threat Studies Prediction Cloud | ★★★ | |
|
2024-02-12 07:37:05 | Alerte communautaire: campagne malveillante en cours impactant les environnements cloud Azure Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments (lien direct) |
Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accounts, including senior executives. This post serves as a community warning regarding the attack and offers suggestions that affected organizations can implement to protect themselves from it. What are we seeing? In late November 2023, Proofpoint researchers detected a new malicious campaign, integrating credential phishing and cloud account takeover (ATO) techniques. As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents. For example, some weaponized documents include embedded links to “View document” which, in turn, redirect users to a malicious phishing webpage upon clicking the URL. Threat actors seemingly direct their focus toward a wide range of individuals holding diverse titles across different organizations, impacting hundreds of users globally. The affected user base encompasses a wide spectrum of positions, with frequent targets including Sales Directors, Account Managers, and Finance Managers. Individuals holding executive positions such as “Vice President, Operations”, "Chief Financial Officer & Treasurer" and "President & CEO" were also among those targeted. The varied selection of targeted roles indicates a practical strategy by threat actors, aiming to compromise accounts with various levels of access to valuable resources and responsibilities across organizational functions. Following the attack\'s behavioral patterns and techniques, our threat analysts identified specific indicators of compromise (IOCs) associated with this campaign. Namely, the use of a specific Linux user-agent utilized by attackers during the access phase of the attack chain: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Attackers predominantly utilize this user-agent to access the \'OfficeHome\' sign-in application along with unauthorized access to additional native Microsoft365 apps, such as: \'Office365 Shell WCSS-Client\' (indicative of browser access to Office365 applications) \'Office 365 Exchange Online\' (indicative of post-compromise mailbox abuse, data exfiltration and email threats proliferation) \'My Signins\' (used by attackers for MFA manipulation; for more info about this technique, see our recent Cybersecurity Stop of the Month blog) \'My Apps\' \'My Profile\' Post compromise risks Successful initial access often leads to a sequence of unauthorized post-compromise activities, including: MFA manipulation. Attackers register their own MFA methods to maintain persistent access. We have observed attackers choosing different authentication methods, including the registration of alternative phone numbers for authentication via SMS or phone call. However, in most MFA manipulation instances, attackers preferred to add an authenticator app with notification and code. Examples of MFA manipulation events, executed by attackers in a compromised cloud tenant. Data exfiltration. Attackers access and download sensitive files, including financial assets, internal security protocols, and user credentials. Internal and external phishing. Mailbox access is leveraged to conduct lateral movement within impacted organizations and to target specific user accounts with personalized phishing threats. Financial fraud. In an effort to perpetrate financial fraud, internal email messages are dispatched to target Human Resources and Financial departments within affected organizations. Mailbox rules. Attackers create dedicated obfuscation rules, intended to cover their tracks and erase all evidence of malicious activity from victims\' mailboxes. Examples of obfuscation mailbox rules created by attackers following successful account takeover. Operational infrastructure Our forensic analysis of the attack has surfaced several proxies, | Malware Tool Threat Cloud | ★★★ | |
 |
2024-02-09 21:23:05 | Comment sécuriser les applications critiques d'entreprise How to Secure Business-Critical Applications (lien direct) |
Alors que les organisations déplacent davantage de leurs applications critiques au cloud, les adversaires déplacent leurs tactiques en conséquence.Et dans le cloud, il est clair que les cybercriminels se tournent sur les applications logicielles: en fait, les données de l'industrie montrent que 8 des 10 meilleures violations en 2023 étaient liées aux applications.Les plus précieux d'entre eux, [& # 8230;]
As organizations move more of their business-critical applications to the cloud, adversaries are shifting their tactics accordingly. And within the cloud, it\'s clear that cybercriminals are setting their sights on software applications: In fact, industry data shows 8 out of the top 10 breaches in 2023 were related to applications. The most valuable of these, […] |
Cloud | ★★★ | |
 |
2024-02-09 16:12:53 | Mémo sur les menaces cloud: Retour aux bases: New Darkgate Campaign Exploite Microsoft Teams Cloud Threats Memo: Back to the Basics: New DarkGate Campaign Exploiting Microsoft Teams (lien direct) |
> Darkgate est un logiciel malveillant de marchandise avec plusieurs fonctionnalités, notamment la possibilité de télécharger et d'exécuter des fichiers en mémoire, un module de calcul réseau virtuel caché (HVNC), de keylogging, de capacités de vol d'information et d'escalade de privilège.Ce malware a été livré dans plusieurs campagnes au cours des derniers mois depuis au moins septembre 2023, et l'une des caractéristiques communes [& # 8230;]
>DarkGate is a commodity malware with multiple features including the ability to download and execute files to memory, a hidden virtual network computing (HVNC) module, keylogging, information-stealing capabilities, and privilege escalation. This malware has been delivered in multiple campaigns over the past few months since at least September 2023, and one of the common characteristics […] |
Malware Cloud | ★★★ | |
 |
2024-02-09 13:10:00 | Wazuh à l'ère du cloud: naviguer dans les défis de la cybersécurité Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity (lien direct) |
Le cloud computing a innové comment les organisations opérent et gèrent les opérations informatiques, telles que le stockage de données, le déploiement des applications, la mise en réseau et la gestion globale des ressources.Le cloud offre l'évolutivité, l'adaptabilité et l'accessibilité, permettant aux entreprises d'atteindre une croissance durable.Cependant, l'adoption des technologies cloud dans votre infrastructure présente divers risques de cybersécurité et
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and |
Cloud | ★★ | |
 |
2024-02-08 23:50:05 | GCP-2024-007 (lien direct) | Publié: 2024-02-08 Description Description Gravité notes Les CVE suivants exposent le maillage de service Anthos aux vulnérabilités exploitables: CVE-2024-23322: Envoyé se bloque lorsque le ralenti et les demandes par essai se produisent dans l'intervalle de retour. CVE-2024-23323: utilisation excessive du processeur lorsque le matrice du modèle URI est configuré en utilisant Regex. CVE-2024-23324: L'autorisation externe peut être contournée lorsque le filtre de protocole proxy définit les métadonnées UTF-8 non valides. Envoyé se bloque lors de l'utilisation d'un type d'adresse qui n'est pas pris en charge par l'OS. CVE-2024-23327: Crash en protocole proxy lorsque le type de commande est local . Pour les instructions et plus de détails, voir le Bulletin de service de service Anthos . High cve-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 Published: 2024-02-08Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-23322: Envoy crashes when idle and requests per try timeout occur within the backoff interval. CVE-2024-23323: Excessive CPU usage when URI template matcher is configured using regex. CVE-2024-23324: External authorization can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata. Envoy crashes when using an address type that isn\'t supported by the OS. CVE-2024-23327: Crash in proxy protocol when command type is LOCAL. For instructions and more details, see the Anthos Service Meshsecurity bulletin. High CVE-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 | Vulnerability Cloud | ||
|
2024-02-08 22:05:51 | étherfax normes de télécopie de nuages sécurisables pionnières etherFAX Pioneering Interoperable Secure Cloud Fax Standards (lien direct) |
Publié: 2024-02-08 Description Description Gravité notes Les CVE suivants exposent le maillage de service Anthos aux vulnérabilités exploitables: CVE-2024-23322: Envoyé se bloque lorsque le ralenti et les demandes par essai se produisent dans l'intervalle de retour. CVE-2024-23323: utilisation excessive du processeur lorsque le matrice du modèle URI est configuré en utilisant Regex. CVE-2024-23324: L'autorisation externe peut être contournée lorsque le filtre de protocole proxy définit les métadonnées UTF-8 non valides. Envoyé se bloque lors de l'utilisation d'un type d'adresse qui n'est pas pris en charge par l'OS. CVE-2024-23327: Crash en protocole proxy lorsque le type de commande est local . Pour les instructions et plus de détails, voir le Bulletin de service de service Anthos . High cve-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 Published: 2024-02-08Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-23322: Envoy crashes when idle and requests per try timeout occur within the backoff interval. CVE-2024-23323: Excessive CPU usage when URI template matcher is configured using regex. CVE-2024-23324: External authorization can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata. Envoy crashes when using an address type that isn\'t supported by the OS. CVE-2024-23327: Crash in proxy protocol when command type is LOCAL. For instructions and more details, see the Anthos Service Meshsecurity bulletin. High CVE-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 | Cloud | ★★ | |
 |
2024-02-08 15:58:42 | US Credit Union Service a fui des millions d'enregistrements et de mots de passe en texte brut US Credit Union Service Leaks Millions of Records and Passwords in Plain Text (lien direct) |
> Par waqas
La base de données cloud appartenant au service de coopérative de crédit a été laissée exposée sans aucune authentification ou mots de passe de sécurité, permettant un accès public.
Ceci est un article de HackRead.com Lire le post original: US Credit Union Service fuit des millions d'enregistrements et de mots de passe en texte brut
>By Waqas The cloud database belonging to Credit Union Service was left exposed without any security authentication or passwords, allowing public access. This is a post from HackRead.com Read the original post: US Credit Union Service Leaks Millions of Records and Passwords in Plain Text |
Cloud | ★★★ | |
|
2024-02-08 12:43:30 | SailPoint présente deux nouvelles offres : la Suite Identity Security Cloud Standard et Packages Customer Success Portfolio (lien direct) | SailPoint présente deux nouvelles offres : la Suite Identity Security Cloud Standard et Packages Customer Success Portfolio Ces nouvelles solutions visent à donner aux clients la capacité de réussir leurs projets grâce à des offres correspondant à la maturité de leur programme et à la taille de l'entreprise. - Produits | Cloud | ★★ | |
|
2024-02-08 08:36:58 | AddixGroup et ARS créent une coentreprise spécialiste en cybersécurité et infrastructure Cloud (lien direct) | AddixGroup et ARS créent une coentreprise spécialiste en cybersécurité et infrastructure Cloud - Business | Cloud | ★★ | |
 |
2024-02-08 08:12:34 | SecurityGate s'associe à MicroSec pour étendre les offres de cybersécurité sur les marchés du secteur critique SecurityGate partners with MicroSec to expand cybersecurity offerings in critical sector markets (lien direct) |
> Securitygate Inc., un fournisseur de plate-forme SaaS pour l'OT / ICS Cyber Improvement, a annoncé mercredi son partenariat avec MicroSec, un zéro-trust ...
>SecurityGate Inc., a SaaS platform provider for OT/ICS cyber improvement, announced Wednesday its partnership with MicroSec, a zero-trust... |
Industrial Cloud | ★★ | |
|
2024-02-07 14:23:10 | Qualys dévoile totalcloud 2.0 Qualys Unveils TotalCloud 2.0 (lien direct) |
Qualits dévoile TotalCloud 2.0 avec Trurisk Insights pour mesurer, communiquer et éliminer le cyber-risque dans les applications de cloud et de SaaS
La solution élargie rassemble des infrastructures cloud, des applications SaaS et des actifs exposés en externe pour une vue unifiée du risque dans les environnements multi-nucartes
-
revues de produits
Qualys Unveils TotalCloud 2.0 with TruRisk Insights to Measure, Communicate, and Eliminate Cyber Risk in Cloud and SaaS Applications Expanded solution brings cloud infrastructure, SaaS apps and externally exposed assets together for a unified view of risk across multi-cloud environments - Product Reviews |
Cloud | ★★ | |
|
2024-02-07 11:57:03 | Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service (lien direct) | Verizon Business propose une solution de geste de geste Multicloud & agrave;L \\ 'Offre Network-As-A-Service
Solution de cette Simplifie le d & eacute; applications Ploiment D \\ 'et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride.
-
Produits
Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service Cette solution simplifie le déploiement d\'applications et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride. - Produits |
Cloud | ★★★ | |
|
2024-02-06 22:59:22 | Cisco ajoute de nouvelles capacités de sécurité et d'IA à l'étape suivante vers Cisco Networking Cloud Vision Cisco Adds New Security and AI Capabilities in Next Step Toward Cisco Networking Cloud Vision (lien direct) |
Verizon Business propose une solution de geste de geste Multicloud & agrave;L \\ 'Offre Network-As-A-Service
Solution de cette Simplifie le d & eacute; applications Ploiment D \\ 'et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride.
-
Produits
Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service Cette solution simplifie le déploiement d\'applications et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride. - Produits |
Cloud | ★★ | |
|
2024-02-06 16:23:00 | Comment un client d'entreprise de 10 milliards de dollars a considérablement augmenté sa posture de sécurité SaaS avec 201% de ROI en utilisant SSPM How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM (lien direct) |
Les applications SaaS sont les chéris du monde du logiciel.Ils permettent de travailler de n'importe où, facilitent la collaboration et offrent une alternative rentable à la possession du logiciel.Dans le même temps, les fonctionnalités mêmes qui font des applications SaaS ainsi adoptées & # 8211;Accès de n'importe où et de la collaboration & # 8211;Peut également être exploité par les acteurs de la menace.
Récemment, Adaptive Shield a commandé une
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors. Recently, Adaptive Shield commissioned a Total Economic |
Threat Cloud | ★★★ | |
|
2024-02-06 13:54:07 | Naitways annonce la création de son Security Operating Center (lien direct) | Naitways s'affirme comme un partenaire-clé des PME sur la cybersécurité Reconnu pour son très haut niveau d'expertise, son engagement et sa capacité à offrir des services sur-mesure, l'opérateur cloud et réseau étoffe son offre de cybersécurité pour couvrir non seulement l'évaluation et la protection des systèmes d'information mais aussi la détection et la réponse aux attaques. Il se positionne désormais comme un interlocuteur privilégié des directions générales et informatiques pour des arbitrages éclairés qui visent à sécuriser de bout en bout à la fois l'entreprise et ses données. - Produits | Cloud | ★★★ | |
|
2024-02-06 13:40:13 | IBM lance IBM LinuxONE 4 Express (lien direct) | Le nouveau serveur IBM LinuxONE 4 Express promet des économies et de la valeur grâce à un Cloud hybride cyber-résilient et à une plateforme d'IA • Le tout nouveau système IBM LinuxONE est conçu pour offrir cybersécurité, résilience, évolutivité et inférence de l'IA pour les environnements Cloud hybride. • La migration des applications Linux d'un système x86 comparé vers un IBM LinuxONE 4 Express peut permettre d'économiser plus de 52 % sur le coût total de possession sur 5 ans.[1] - Produits | Cloud | ★★ | |
 |
2024-02-06 10:35:42 | L\'EUCC adopté… en attendant son pendant cloud (lien direct) | L'EUCC, schéma européen de certification cyber axés sur les produits logiciels et matériels, vient d'être adopté. Celui dédié aux services cloud (EUCS) reste dans les cartons. | Cloud | ★★ | |
 |
2024-02-06 00:00:00 | Unifier la sécurité du nuage au-delà des silos Unifying Cloud Security Beyond Siloes (lien direct) |
Les attaques ne restent pas en siloes, et vos solutions de sécurité non plus.Explorez les avantages d'une plate-forme de cybersécurité qui consolide la sécurité sur plusieurs couches, y compris le cloud pour une gestion des risques plus proactive.
Attacks don\'t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers-including the cloud-for more proactive risk management. |
Cloud | ★★ | |
 |
2024-02-05 22:22:13 | Enpass Review 2024: prix, fonctionnalités, avantages et inconvénients Enpass Review 2024: Pricing, Features, Pros, & Cons (lien direct) |
ENPASS \\ 'Le stockage de mots de passe hors ligne et la prise en charge des services cloud tiers sont deux offres de fonctionnalités que vous ne trouvez pas aujourd'hui dans de nombreux autres gestionnaires de mots de passe.
Enpass\' offline password storage and support for third-party cloud services are two feature offerings you won\'t find in many other password managers today. |
Cloud | ★★ | |
|
2024-02-05 21:06:18 | GCP-2024-006 (lien direct) | Publié: 2024-02-5 Description Description Gravité notes Lorsqu'un proxy de gestion de l'API APIGEE se connecte à un Target Endpoint ou serveur cible , le proxy n'effectue pas la validation du nom d'hôtepour le certificat présenté par le point de terminaison cible ou le serveur cible par défaut.Si la validation du nom d'hôte n'est pas activée à l'aide de l'une des options suivantes, les proxys APIGEE se connectant à un point de terminaison cible ou un serveur cible peuvent être à risque pour une attaque de l'homme au milieu d'un utilisateur autorisé.Pour plus d'informations, consultez Configuration des TLs de bord au backend (nuage et privéCloud) . Pour les instructions et plus de détails, consultez le Bulletin de sécurité de l'apigan . High Published: 2024-02-5Description Description Severity Notes When an Apigee API Management proxy connects to a target endpoint or target server, the proxy does not perform hostname validation for the certificate presented by the target endpoint or target server by default. If hostname validation is not enabled using one of the following options, Apigee proxies connecting to a target endpoint or target server may be at risk for a man-in-the-middle attack by an authorized user. For more information, see Configuring TLS from Edge to the backend (Cloud and Private Cloud).For instructions and more details, see the Apigee security bulletin. High | Cloud | ||
 |
2024-02-05 13:59:16 | L\'importance de la visibilité pour une sécurité du Cloud efficace (lien direct) | >L'adoption croissante de la technologie Cloud a transformé la manière avec laquelle les entreprises fonctionnent, se développent et utilisent leurs ressources. Il n'est pas surprenant que tous les regards soient désormais tournés vers la sécurité du Cloud, car la surface d'attaque concernée augmente non seulement en taille mais aussi en complexité. Les prévisions de Gartner [...] | Cloud | ★★ | |
|
2024-02-05 11:41:18 | 7 conseils pour développer une approche proactive pour éviter le vol de données 7 Tips to Develop a Proactive Approach to Prevent Data Theft (lien direct) |
Data is one of the most valuable assets for a modern enterprise. So, of course, it is a target for theft. Data theft is the unauthorized acquisition, copying or exfiltration of sensitive information that is typically stored in a digital format. To get it, bad actors either abuse privileges they already have or use various other means to gain access to computer systems, networks or digital storage devices. The data can range from user credentials to personal financial records and intellectual property. Companies of all sizes are targets of data theft. In September 2023, the personal data of 2,214 employees of the multinational confectionary firm The Hershey Company was stolen after a phishing attack. And in January 2024, the accounting firm of Framework Computer fell victim to an attack. A threat actor posed as the Framework\'s CEO and convinced the target to share a spreadsheet with the company\'s customer data. Data thieves aim to profit financially, disrupt business activities or do both by stealing high-value information. The fallout from a data breach can be very costly for a business-and the cost is going up. IBM reports that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years. Other data suggests that the average cost of a breach is more than double for U.S. businesses-nearly $9.5 million. Not all data breaches involve data theft, but stealing data is a top aim for many attackers. Even ransomware gangs have been shifting away from data encryption in their attacks, opting instead to steal massive amounts of data and use its value as a means to compel businesses to pay ransom. So, what can businesses do to prevent data theft? Taking a proactive approach toward stopping someone from stealing your data is a must. This blog post can help jump-start your thinking about how to improve data security. We explore how data theft happens and describe some common threats that lead to it. We also outline seven strategies that can help reduce your company\'s risk of exposure to data theft and highlight how Proofpoint can bolster your defenses. Understanding data theft-and who commits it Data theft is a serious security and privacy breach. Data thieves typically aim to steal information like: Personally identifiable information (PII) Financial records Intellectual property (IP) Trade secrets Login credentials Once they have it, bad actors can use stolen data for fraudulent activities or, in the case of credential theft, to gain unlawful access to accounts or systems. They can also sell high-value data on the dark web. The consequences of data theft for businesses can be significant, if not devastating. They include hefty compliance penalties, reputational damage, and financial and operational losses. Take the manufacturing industry as an example. According to one source, a staggering 478 companies in this industry have experienced a ransomware attack in the past five years. The costs in associated downtime are approximately $46.2 billion. To prevent data theft, it\'s important to recognize that bad actors from the outside aren\'t the only threat. Insiders, like malicious employees, contractors and vendors, can also steal data from secured file servers, database servers, cloud applications and other sources. And if they have the right privileges, stealing that data can be a breeze. An insider\'s goals for data theft may include fraud, the disclosure of trade secrets to a competitor for financial gain, or even corporate sabotage. As for how they can exfiltrate data, insiders can use various means, from removable media to personal email to physical printouts. How does data theft happen? Now, let\'s look at some common methods that attackers working from the outside might employ to breach a company\'s defenses and steal data. Phishing. Cybercriminals use phishing to target users through email, text messages, phone calls and other forms of communication. The core objective of this approach is to trick users into doing what | Ransomware Data Breach Malware Tool Vulnerability Threat Cloud | ★★★ | |
|
2024-02-02 16:00:00 | Cloudzy élève la cybersécurité: intégrer les informations de l'avenir enregistré pour révolutionner la sécurité du cloud Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security (lien direct) |
Cloudzy, un premier fournisseur d'infrastructures cloud, annonce fièrement une amélioration importante de son paysage de cybersécurité.Cette percée a été réalisée grâce à une consultation récente avec un avenir enregistré, un leader dans la fourniture de l'intelligence des menaces en temps réel et de l'analyse de la cybersécurité.Cette initiative, associée à une refonte des stratégies de cybersécurité de Cloudzy, représente un major
Cloudzy, a prominent cloud infrastructure provider, proudly announces a significant enhancement in its cybersecurity landscape. This breakthrough has been achieved through a recent consultation with Recorded Future, a leader in providing real-time threat intelligence and cybersecurity analytics. This initiative, coupled with an overhaul of Cloudzy\'s cybersecurity strategies, represents a major |
Threat Cloud | ★★★ | |
|
2024-02-02 14:45:56 | Move To Cloud : la gouvernance, pilier d\'une stratégie maîtrisée (lien direct) | Quelle que soit la raison invoquée, le recours au Cloud computing s'est largement accéléré dans les entreprises françaises ces dernières années. D'ailleurs, la considération économique n'est plus le seul facteur conduisant à réaliser cette transition ! | Cloud | ★★ | |
|
2024-02-02 05:00:40 | Brisez la chaîne d'attaque: le gambit d'ouverture Break the Attack Chain: The Opening Gambit (lien direct) |
The threat landscape has always evolved. But the pace of change over the last decade is unlike anything most security professionals have experienced before. Today\'s threats focus much less on our infrastructure and much more on our people. But that\'s not all. Where once a cyberattack may have been a stand-alone event, these events are now almost always multistage. In fact, most modern threats follow the same playbook: initial compromise, lateral movement and impact. While this approach has the potential to cause more damage, it also gives security teams more opportunities to spot and halt cyberattacks. By placing protections in key spots along the attack chain, we can thwart and frustrate would-be cybercriminals before their ultimate payoff. This starts with understanding the opening gambit: How do threat actors attempt to gain access to your king-in this case, your networks and data? And what can be done to keep them at bay? Understanding the playbook The chess parallels continue when we look at recent evolutions in the threat landscape, with our defensive tactics provoking an adapted method of attack. We see this in full effect when it comes to multifactor authentication (MFA). In recent years, security professionals have flocked to MFA to protect accounts and safeguard credentials. In response, threat actors have developed MFA bypass and spoofing methods to get around and weaponize these protections. So much so that MFA bypass can now be considered the norm when it comes to corporate credential phishing attacks. Increasingly, cybercriminals purchase off-the-shelf kits which enable them to use adversary-in-the-middle (AiTM) tactics to digitally eavesdrop and steal credentials. We have also seen an increase in other human-activated methods, such as telephone-oriented attack delivery (TOAD). This method combines voice and email phishing techniques to trick victims into disclosing sensitive information such as login credentials or financial data. Whatever the method, the desired outcome at this stage is the same. Cybercriminals seek to get inside your defenses so they can execute the next stage of their attack. That is what makes the opening gambit such a critical time in the lifecycle of a cyber threat. Modern threat actors are experts at remaining undetected once they are inside our networks. They know how to hide in plain sight, move laterally and escalate privileges. So, if this stage of the attack is a success, organizations have a huge problem. The good news is that the more we understand the tactics that today\'s cybercriminals use, the more we can adapt our defenses to stop them in their tracks before they can inflict significant damage. Countering the gambit The best opportunity to stop cybercriminals is before and during the initial compromise. By mastering a counter to the opening gambit, we can keep malicious actors where they belong-outside our perimeter. It will surprise no one that most threats start in the inbox. So, the more we can do to stop malicious messaging before it reaches our people, the better. There is no silver bullet in this respect. artificial intelligence (AI)-powered email security is as close as it gets. Proofpoint Email Protection is the only AI and machine learning-powered threat protection that disarms today\'s advanced attacks. Proofpoint Email Protection uses trillions of data points to detect and block business email compromise (BEC), phishing, ransomware, supply chain threats and plenty more. It also correlates threat intelligence across email, cloud and network data to help you stay ahead of new and evolving threats that target your people. However, the difficult reality is that nothing is entirely impenetrable. Today\'s security teams must assume some threats will reach the inbox. And your people need to be prepared when they do. Equipping this vital line of defense requires total visibility into who is being attacked in your organization-and when, where and how. Once you have identified the people who ar | Ransomware Threat Cloud | ★★★ | |
|
2024-02-02 05:00:36 | Développement d'une nouvelle norme Internet: le cadre de la politique relationnelle du domaine Developing a New Internet Standard: the Domain Relationship Policy Framework (lien direct) |
Engineering Insights is an ongoing blog series that gives a behind-the-scenes look into the technical challenges, lessons and advances that help our customers protect people and defend data every day. Each post is a firsthand account by one of our engineers about the process that led up to a Proofpoint innovation. In this blog post, we discuss the Domain Relationship Policy Framework (DRPF)-an effort that has been years in the making at Proofpoint. The DRPF is a simple method that is used to identify verifiably authorized relationships between arbitrary domains. We create a flexible way to publish policies. These policies can also describe complex domain relationships. The details for this new model require in-depth community discussions. These conversations will help us collectively steer the DRPF toward becoming a fully interoperable standard. We are now in the early proposal stage for the DRPF, and we are starting to engage more with the broader community. This post provides a glimpse down the road leading to standardization for the DRPF. Why Proofpoint developed DRPF To shine a light on why Proofpoint was inspired to develop the DRPF in the first place, let\'s consider the thinking of the initial designers of the Domain Name System (DNS). They assumed that subdomains would inherit the administrative control of their parent domains. And by extension, this should apply to all subsequent subdomains down the line. At the time, this was reasonable to assume. Most early domains and their subdomains operated in much the same way. For example, “university.edu” directly operated and controlled the administrative policies for subdomains such as “lab.university.edu” which flowed down to “project.lab.university.edu.” Since the mid-1980s, when DNS was widely deployed, there has been a growing trend of delegating subdomains to third parties. This reflects a breakdown of the hierarchical model of cascading policies. To see how this works, imagine that a business uses “company.com” as a domain. That business might delegate “marketing.company.com” to a third-party marketing agency. The subdomain must inherit some policies, while the subdomain administrator may apply other policies that don\'t apply to the parent domain. Notably, there is no mechanism yet for a domain to declare a relationship with another seemingly independent domain. Consider a parent company that operates multiple distinct brands. The company with a single set of policies may want them applied not only to “company.com” (and all of its subdomains). It may also want them applied to its brand domains “brand.com” and “anotherbrand.com.” It gets even more complex when any of the brand domains delegate various subdomains to other third parties. So, say some of them are delegated to marketing or API support. Each will potentially be governed by a mix of administrative policies. In this context, “policies” refers to published guidance that is used when these subdomains interact with the domain. Policies might be for information only. Or they might provide details that are required to use services that the domain operates. Most policies will be static (or appear so to the retrieving parties). But it is possible to imagine that they could contain directives akin to smart contracts in distributed ledgers. 3 Design characteristics that define DRPF The goal of the DRPF is to make deployment and adoption easier while making it flexible for future use cases. In many prior proposals, complex requirements bogged down efforts to get rid of administrative boundaries between and across disparate domains. Our work should be immediately useful with minimal effort and be able to support a wide array of ever-expanding use cases. In its simplest form, three design characteristics define the DRPF: A domain administrator publishes a policy assertion record for the domain so that a relying party can discover and retrieve it. The discovered policy assertion directs the relying party to where they can find | Tool Prediction Cloud Technical | ★★★ | |
 |
2024-02-01 19:26:04 | Le monde stockera 200 zettabytes de données d'ici 2025 The World Will Store 200 Zettabytes Of Data By 2025 (lien direct) |
> 50% de toutes les données à stocker dans le cloud parrainé par Arcserve & # 8211;Steve Morgan, rédacteur en chef Northport, N.Y. & # 8211;8 juin 2020 Le rapport de surface d'attaque de données 2020 (téléchargement PDF) prédit la quantité totale de données dont le monde aura besoin pour protéger
>50 percent of all data to be stored in the cloud Sponsored by Arcserve – Steve Morgan, Editor-in-Chief Northport, N.Y. – June 8, 2020 The 2020 Data Attack Surface Report (download PDF) predicts the total amount of data that the world will need to protect |
Cloud | ★★★ | |
 |
2024-02-01 13:51:02 | Malware DarkGate : l\'exploitation des applications et services cloud (lien direct) | >De nouvelles attaques de phishing abusent des demandes de chat de groupe Microsoft Teams pour envoyer des pièces jointes malveillantes qui installent des charges utiles de malware DarkGate sur les systèmes des victimes. Les attaquants ont utilisé ce qui semble être un utilisateur (ou un domaine) Teams compromis pour envoyer plus de 1 000 invitations […] The post Malware DarkGate : l'exploitation des applications et services cloud first appeared on UnderNews. | Malware Cloud | ★★★ | |
|
2024-02-01 09:48:58 | Le canal peut aider les PME à se protéger contre l'augmentation des menaces de sécurité The Channel can help SMEs protect themselves from increasing security threats (lien direct) |
La chaîne peut aider les PME à se protéger contre les menaces de sécurité croissantes
Selon également Cloud UK, les petites et moyennes entreprises (PME) peuvent utiliser le canal pour lutter contre l'augmentation des menaces de sécurité.
-
opinion
The Channel can help SMEs protect themselves from increasing security threats According to ALSO Cloud UK, small and medium-sized businesses (SMEs) can use the Channel to combat increasing security threats. - Opinion |
Cloud | ★★★ | |
|
2024-01-31 22:00:00 | \\ 'navires qui fuisent \\' Les bogues cloud autorisent les évasions du conteneur à l'échelle mondiale \\'Leaky Vessels\\' Cloud Bugs Allow Container Escapes Globally (lien direct) |
Les quatre vulnérabilités de sécurité se trouvent dans Docker et au-delà, et une affectant RUNC affecte essentiellement tous les développeurs natifs du cloud dans le monde.
The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloud-native developer worldwide. |
Vulnerability Cloud | ★★★ | |
 |
2024-01-31 21:23:24 | ESET participe à une opération mondiale pour perturber le Trojan bancaire Grandoreiro ESET Takes Part in Global Operation to Disrupt the Grandoreiro Banking Trojan (lien direct) |
#### Description
ESET a travaillé avec la police fédérale du Brésil dans le but de perturber le botnet Grandoreiro, fournissant une analyse technique, des informations statistiques et des serveurs C&C connus aux autorités.
Grandoreiro est un cheval de Troie bancaire latino-américain qui est actif depuis au moins 2017 et cible le Brésil, le Mexique et l'Espagne.Les opérateurs de Grandoreiro \\ ont abusé des fournisseurs de cloud tels que Azure et AWS pour héberger leur infrastructure réseau.
#### URL de référence (s)
1. https://www.welivesecurity.com/en/eset-research/eset-takes-partit-hobal-opération-srupt-grandoreiro-banking-trojan/
#### Date de publication
30 janvier 2024
#### Auteurs)
Recherche ESET
#### Description ESET has worked with the Federal Police of Brazil on an effort to disrupt the Grandoreiro botnet, providing technical analysis, statistical information and known C&C servers to the authorities. Grandoreiro is a Latin American banking trojan that has been active since at least 2017 and targets Brazil, Mexico, and Spain. Grandoreiro\'s operators have abused cloud providers such as Azure and AWS to host their network infrastructure. #### Reference URL(s) 1. https://www.welivesecurity.com/en/eset-research/eset-takes-part-global-operation-disrupt-grandoreiro-banking-trojan/ #### Publication Date January 30, 2024 #### Author(s) ESET Research |
Cloud Technical | ★★★ | |
|
2024-01-31 20:08:14 | GCP-2024-005 (lien direct) | Publié: 2024-01-31 Description Description Gravité notes Une vulnérabilité de sécurité, CVE-2024-21626, a été découverte dans runc où un utilisateur avec la permission de créer des pods sur le système d'exploitation optimisé et les nœuds ubuntu à conteneur pourraitêtre en mesure d'accéder à un accès complet au système de fichiers de nœud. Pour les instructions et plus de détails, consultez les bulletins suivants: Bulletin de sécurité gke gke sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité en métal nus High CVE-2024-21626 Published: 2024-01-31Description Description Severity Notes A security vulnerability, CVE-2024-21626, has been discovered in runc where a user with permission to create Pods on Container-Optimized OS and Ubuntu nodes might be able to gain full access to the node filesystem. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2024-21626 | Vulnerability Cloud | ||
|
2024-01-31 17:38:37 | Sécuriser votre paysage SaaS: examiner de plus près la reprise après sinistre, la gestion de la posture Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management (lien direct) |
> Par waqas
Imaginez que vous êtes sur un bateau, naviguant dans les eaux en constante évolution du monde de la technologie.Les applications SaaS sont comme & # 8230;
Ceci est un article de HackRead.com Lire le post original: Sécuriser votre paysage SaaS: regard plus approfondi sur la reprise après sinistre, la gestion de la posture
>By Waqas Imagine you’re on a boat, navigating through the ever-changing waters of the tech world. SaaS applications are like… This is a post from HackRead.com Read the original post: Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management |
Cloud | ★★ | |
|
2024-01-31 16:30:00 | La SEC a gagné \\ 'ne que les CISO soient: comprendre les nouvelles règles de cybersécurité SaaS The SEC Won\\'t Let CISOs Be: Understanding New SaaS Cybersecurity Rules (lien direct) |
La sec n'est pas de donner à SaaS une passe gratuite.Les sociétés publiques applicables, appelées «inscrits», sont désormais soumises à des exigences de divulgation et de préparation à la cybersécurité des cyber
Les nouveaux mandats de cybersécurité & nbsp; ne font aucune distinction entre les données exposées dans une violation qui a été stockée sur site, dans le
The SEC isn\'t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the |
Cloud | ★★ | |
 |
2024-01-31 16:00:19 | Pourquoi les adversaires ont la tête dans le nuage Why adversaries have their heads in the cloud (lien direct) |
Regardez des experts de Red Canary et ailleurs parcourir les techniques d'attaque courantes dans les environnements Cloud Azure et AWS
Watch experts from Red Canary and elsewhere walk through common attack techniques in Azure and AWS cloud environments |
Cloud | ★★★ | |
|
2024-01-31 15:00:00 | Gérer l'identité dans les nuages essentiels à la sécurité des entreprises Managing Identity Across Clouds Critical to Enterprise Security (lien direct) |
La gestion de l'accès privilégié (PAM) est notoirement difficile à déployer et l'utilisation croissante du cloud a rendu plus complexe.
Privileged access management (PAM) is notoriously difficult to deploy and companies\' increasing use of cloud has made it even more complex. |
Cloud | ★★★ | |
 |
2024-01-31 15:00:00 | Le rapport Sysdig expose 91% de défaillance des analyses d'exécution Sysdig Report Exposes 91% Failure in Runtime Scans (lien direct) |
La recherche a également révélé que 69% des entreprises n'ont pas encore intégré l'IA dans des environnements cloud
The research also revealed 69% of enterprises have yet to integrate AI into cloud environments |
Cloud | ★★ | |
 |
2024-01-31 13:50:00 | Gestion de la posture de sécurité des données vs gestion de la posture de sécurité cloud Data security posture management vs cloud security posture management (lien direct) |
> & # 8220; Une violation de données vient de se produire & # 8221;, est une phrase qu'aucun professionnel de la sécurité ne veut entendre.Du CISO sur Down aux analystes SOC, une violation de données est la définition d'une très mauvaise journée.Cela peut causer de graves dommages à la marque et une perte financière pour les entreprises, entraîner des changements de carrière brusques parmi les professionnels de la sécurité et [& # 8230;]
>“A data breach has just occurred”, is a phrase no security professional wants to hear. From the CISO on down to the SOC analysts, a data breach is the definition of a very bad day. It can cause serious brand damage and financial loss for enterprises, lead to abrupt career changes among security professionals, and […] |
Data Breach Cloud | ★★ | |
 |
2024-01-31 13:07:18 | Échelle de sécurité avec l'IA: de la détection à la solution Scaling security with AI: from detection to solution (lien direct) |
Dongge Liu and Oliver Chang, Google Open Source Security Team, Jan Nowakowski and Jan Keller, Machine Learning for Security TeamThe AI world moves fast, so we\'ve been hard at work keeping security apace with recent advancements. One of our approaches, in alignment with Google\'s Safer AI Framework (SAIF), is using AI itself to automate and streamline routine and manual security tasks, including fixing security bugs. Last year we wrote about our experiences using LLMs to expand vulnerability testing coverage, and we\'re excited to share some updates. Today, we\'re releasing our fuzzing framework as a free, open source resource that researchers and developers can use to improve fuzzing\'s bug-finding abilities. We\'ll also show you how we\'re using AI to speed up the bug patching process. By sharing these experiences, we hope to spark new ideas and drive innovation for a stronger ecosystem security.Update: AI-powered vulnerability discoveryLast August, we announced our framework to automate manual aspects of fuzz testing (“fuzzing”) that often hindered open source maintainers from fuzzing their projects effectively. We used LLMs to write project-specific code to boost fuzzing coverage and find more vulnerabilities. Our initial results on a subset of projects in our free OSS-Fuzz service | Vulnerability Patching Cloud | ★★ | |
 |
2024-01-31 12:04:33 | Règles de données proposées par CFPB \\ CFPB\\'s Proposed Data Rules (lien direct) |
En octobre, le Consumer Financial Protection Bureau (CFPB) a proposé unEnsemble de règles que s'ils sont mis en œuvre transformeraient la façon dont les institutions financières génèrent des données personnelles sur leurs clients.Les règles rendent le contrôle de ces données entre les mains des Américains ordinaires, tout en sapant l'économie du courtier de données et en augmentant le choix et la concurrence des clients.Au-delà de ces effets économiques, les règles ont d'importants avantages de sécurité des données.
Les règles du CFPB s'alignent sur une idée de sécurité clé: le principe de découplage .En séparant quelles entreprises voient quelles parties de nos données et dans quels contextes, nous pouvons prendre le contrôle des données sur nous-mêmes (amélioration de la confidentialité) et durcir les infrastructures cloud contre les hacks (amélioration de la sécurité).Les responsables de la CFPB ont décrit les nouvelles règles comme une tentative d'accélérer un changement vers & # 8220; Open Banking, & # 8221;Et après une première période de commentaires sur les nouvelles règles terminées à la fin de l'année dernière, Rohit Chopra, le directeur du CFPB, ...
In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. The rules put control of that data back in the hands of ordinary Americans, while at the same time undermining the data broker economy and increasing customer choice and competition. Beyond these economic effects, the rules have important data security benefits. The CFPB’s rules align with a key security idea: the decoupling principle. By separating which companies see what parts of our data, and in what contexts, we can gain control over data about ourselves (improving privacy) and harden cloud infrastructure against hacks (improving security). Officials at the CFPB have described the new rules as an attempt to accelerate a shift toward “open banking,” and after an initial comment period on the new rules closed late last year, Rohit Chopra, the CFPB’s director, ... |
Cloud | ★★ | |
|
2024-01-31 11:00:00 | Bulletproofing the Retail Cloud avec la sécurité de l'API Bulletproofing the retail cloud with API security (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Application programming interface (API) security is critical for retailers increasingly reliant on cloud technology. However, they also open potential gateways for cyber threats, making robust security protocols essential to protect sensitive data and maintain customer trust. The complexity of retail systems, which often involve numerous third-party integrations, can create multiple points of vulnerability. Evolving cyber threats necessitate a dynamic approach to API security, making it a moving target that requires continuous attention and adaptation. Understanding the retail cloud environment API is a set of protocols and tools that allows different software applications to communicate with each other. In cloud environments, it facilitates the interaction between cloud services and applications, enabling features — like data synchronization, payment processing and inventory management — to work seamlessly together. It is also pivotal in the retail sector by connecting various services and applications to deliver a smooth shopping experience. If organizations neglect API security, cybercriminals can exploit APIs to access confidential information, leading to a loss of customer trust, which is critical in the highly competitive retail market. Regular API audits and assessments These audits help identify vulnerabilities before attackers can exploit them, ensuring organizations can promptly address security gaps. Regular assessments are also proactive measures to fix current issues and anticipate future threats. They enable IT teams to verify that security measures are current with the latest protection standards and to confirm APIs comply with internal policies and external regulations. By routinely evaluating API security, retailers can detect anomalies, manage access controls effectively and guarantee they consistently apply encryption standards. Robust authentication and authorization They verify the identity of users and systems, ensuring only legitimate parties can access sensitive retail data. Utilizing multi-factor authentication, which requires more than one verification method, significantly enhances security by adding layers that an unauthorized user must penetrate. With authorization, it’s crucial to implement protocols that dictate what authenticated users can do. Effective approval guarantees users have access only to the data and actions necessary for their role. For instance, role-based access control can help manage user permissions with greater granularity. Retailers can assign roles and permissions based on job functions, enabling tight control over who is authorized to view or alter data within the API ecosystem. Encryption and data protection Encryption is an essential barrier, obscuring data to make it indecipherable to unauthorized users who might intercept it during transmission or gain access to storage systems. It’s also critical for retailers to manage encryption keys with strict policies, ensuring only authorized personnel can decrypt the data. Beyond protection, comprehensive data encryption allows retailers, especially in the apparel industry, to collect and analyze extensive customer data safely. This data is invaluable for forecasting trends, customer pre | Tool Vulnerability Threat Cloud | ★★★ | |
|
2024-01-31 07:00:00 | Menaces croissantes: tactiques d'ingénierie sociale à l'ère du cloud Rising Threats: Social Engineering Tactics in the Cloud Age (lien direct) |
> Au cours de la dernière année, les tactiques d'ingénierie sociale utilisées pour les cyberattaques ont considérablement évolué alors que les attaquants manipulent la confiance, les biais et les vulnérabilités inhérents au comportement humain individuel pour obtenir un accès non autorisé à des informations ou des systèmes sensibles. & # 160;Notre rapport sur le cloud et les menaces «Année en revue», a révélé qu'en 2023, l'ingénierie sociale était la plus courante [& # 8230;]
>Over the past year, the social engineering tactics used for cyber attacks have evolved significantly as attackers manipulate the inherent trust, biases, and vulnerabilities of individual human behavior to gain unauthorized access to sensitive information or systems. Our “year in review” Cloud and Threat Report, revealed that in 2023, social engineering was the most common […] |
Vulnerability Threat Cloud | ★★ | |
 |
2024-01-30 20:30:00 | Évolution de UNC4990: Découvrir les profondeurs cachées de USB MALWARE \\ Evolution of UNC4990: Uncovering USB Malware\\'s Hidden Depths (lien direct) |
Défense gérée mandiante Suivi unc4990 , un acteur qui utilise fortement les périphériques USB pour l'infection initiale.UNC4990 cible principalement les utilisateurs basés en Italie et est probablement motivé par un gain financier.Nos recherches montrent que cette campagne est en cours depuis au moins 2020. malgré son apparition sur la tactique séculaire de l'armement USBDrives, UNC4990 continue d'évoluer leurs outils, tactiques et procédures (TTPS).L'acteur est passé de l'utilisation de fichiers texte codés apparemment bénins à l'hébergement de charges utiles sur des sites Web populaires tels que Ars Technica, Github, Gitlab et Vimeo. Les services légitimes abusés par
Mandiant Managed Defense has been tracking UNC4990, an actor who heavily uses USB devices for initial infection. UNC4990 primarily targets users based in Italy and is likely motivated by financial gain. Our research shows this campaign has been ongoing since at least 2020.Despite relying on the age-old tactic of weaponizing USB drives, UNC4990 continues to evolve their tools, tactics and procedures (TTPs). The actor has moved from using seemingly benign encoded text files to hosting payloads on popular websites such as Ars Technica, GitHub, GitLab, and Vimeo.The legitimate services abused by |
Malware Tool Cloud | ★★★★ | |
|
2024-01-30 20:11:34 | Falcon Fund in Focus: Aembit renforce la sécurité pour l'accès à la charge de travail à la charge de travail Falcon Fund in Focus: Aembit Strengthens Security for Workload-to-Workload Access (lien direct) |
L'essor des services cloud distribués et l'omniprésence des API ont fait que l'architecture d'application native du cloud est devenue très fragmentée.L'application d'un accès sécurisé est une étape essentielle pour renforcer la sécurité car les environnements informatiques deviennent plus complexes - mais pour de nombreuses organisations, assurer un accès sécurisé dans cette architecture en évolution est un défi constant.Accès sécurisé existant [& # 8230;]
The rise of distributed cloud services and the omnipresence of APIs has caused cloud-native application architecture to become highly fragmented. Enforcing secure access is a critical step in strengthening security as IT environments become more complex - but for many organizations, ensuring secure access across this evolving architecture is a constant challenge. Existing secure access […] |
Cloud | ★★ | |
|
2024-01-30 14:38:58 | CrowdStrike a nommé un leader de Forrester Wave pour la sécurité de la charge de travail cloud CrowdStrike Named a Leader in Forrester Wave for Cloud Workload Security (lien direct) |
Aujourd'hui, nous sommes fiers d'annoncer que Forrester a nommé Crowdsstrike un leader dans la sécurité de la charge de travail de Forrester Wave ™: Cloud, T1 2024, indiquant que «Crowdsstrike brille dans CWP sans agent [protection contre la charge de travail cloud] et la protection d'exécution des conteneurs».Forrester a identifié les 13 fournisseurs les plus importants de la sécurité de la charge de travail cloud et a recherché, analysé et noté en fonction des forces [& # 8230;]
Today, we\'re proud to announce that Forrester has named CrowdStrike a Leader in The Forrester Wave™: Cloud Workload Security, Q1 2024, stating “CrowdStrike shines in agentless CWP [cloud workload protection] and container runtime protection.” Forrester identified the 13 most significant vendors in cloud workload security and researched, analyzed and scored them based on the strengths […] |
Cloud Commercial | ★★ |
To see everything:
Our RSS (filtrered)
