What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-12 18:18:34 | Journal d'un ingénieur de détection: soufflé à BitsAdmin Diary of a Detection Engineer: Blown to BITSAdmin (lien direct) |
La combinaison de l'outil BitsAdmin avec Veritas Backup Software a pointé nos ingénieurs de détection vers une tentative d'attaque de ransomware.
The combination of the BITSAdmin tool with Veritas backup software pointed our detection engineers to an attempted ransomware attack. |
Ransomware Tool | ★★★ | |
 |
2023-12-12 12:00:09 | Durcissant les bandes de base cellulaire dans Android Hardening cellular basebands in Android (lien direct) |
Posted by Ivan Lozano and Roger Piqueras Jover Android\'s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellular baseband given its unique combination of running in an elevated privilege and parsing untrusted inputs that are remotely delivered into the device. This post covers how to use two high-value sanitizers which can prevent specific classes of vulnerabilities found within the baseband. They are architecture agnostic, suitable for bare-metal deployment, and should be enabled in existing C/C++ code bases to mitigate unknown vulnerabilities. Beyond security, addressing the issues uncovered by these sanitizers improves code health and overall stability, reducing resources spent addressing bugs in the future. An increasingly popular attack surface As we outlined previously, security research focused on the baseband has highlighted a consistent lack of exploit mitigations in firmware. Baseband Remote Code Execution (RCE) exploits have their own categorization in well-known third-party marketplaces with a relatively low payout. This suggests baseband bugs may potentially be abundant and/or not too complex to find and exploit, and their prominent inclusion in the marketplace demonstrates that they are useful. Baseband security and exploitation has been a recurring theme in security conferences for the last decade. Researchers have also made a dent in this area in well-known exploitation contests. Most recently, this area has become prominent enough that it is common to find practical baseband exploitation trainings in top security conferences. Acknowledging this trend, combined with the severity and apparent abundance of these vulnerabilities, last year we introduced updates to the severity guidelines of Android\'s Vulnerability Rewards Program (VRP). For example, we consider vulnerabilities allowing Remote Code Execution (RCE) in the cellular baseband to be of CRITICAL severity. Mitigating Vulnerability Root Causes with Sanitizers Common classes of vulnerabilities can be mitigated through the use of sanitizers provided by Clang-based toolchains. These sanitizers insert runtime checks against common classes of vulnerabilities. GCC-based toolchains may also provide some level of support for these flags as well, but will not be considered further in this post. We encourage you to check your toolchain\'s documentation. Two sanitizers included in Undefine | Tool Vulnerability Threat Mobile Prediction Conference | ★★★ | |
 |
2023-12-12 11:00:00 | Qu'est-ce que le partage de l'intelligence des menaces de cybersécurité What is Cybersecurity threat intelligence sharing (lien direct) |
Knowledge is power and collaboration is key for organizations to continuously adapt and improve their security measures in order to stay ahead of cybercriminals. An effective way to stay ahead is by enhancing an organization\'s security posture through cybersecurity threat intelligence sharing. By exchanging information about potential and existing cyber threats with other organizations, individuals, or entities, organizations can better understand the threat landscape and make informed decisions about their security strategies. In this article, we will explore what threat intelligence sharing is and provide guidance on starting your own program.
How threat intelligence sharing works
Threat intelligence sharing can be compared to a neighborhood watch program, where community members collaborate and share information about suspicious activities, potential threats, and crime incidents to improve the overall safety and security of the neighborhood.
Similarly, threat intelligence sharing is a collaborative process that enables organizations to exchange information such as indicators of compromise (IoCs), tactics, techniques, and procedures (TTPs), and vulnerabilities between each other. It involves gathering threat intelligence from various sources, such as internal network logs, security tools, open-source intelligence (OSINT), commercial threat intelligence feeds, and industry-specific sharing communities like Information Sharing and Analysis Centers (ISACs).
The collected data is then analyzed to identify patterns, trends, and actionable insights, which help organizations understand the threat landscape and make informed decisions about their security strategies.
Addressing threat intelligence sharing legal, regulatory, and privacy concerns
To maintain privacy and foster collaboration, organizations should establish clear guidelines and use standardized protocols like Structured Threat Information Expression (STIX) or Trusted Automated eXchange of Indicator Information (TAXII) when sharing threat intelligence outside the company. This collaborative approach will ultimately improve the security posture of all participating organizations.
Also, participating organizations should work closely with legal and compliance teams to understand the requirements and establish guidelines for sharing threat intelligence while adhering to data privacy regulations and industry-specific compliance standards. Guidelines should include sanitization, anonymization, and encryption techniques to protect sensitive information from being publicly disclosed.
How threat intelligence data is structured
Standardized formats and languages, such as STIX or TAXII, are used to structure the data, ensuring consistency, readability, and easy processing by different tools and systems. Organizations share this threat intelligence through various channels, including email, file transfers, web platforms, or automated protocols like STIX and TAXII. Shared intelligence is then consumed, and appropriate countermeasures are implemented based on the insights gained.
Organizations collaboratively and continuously monitor the effectiveness of their threat intelligence sharing efforts, providing feedback to each other and refining their processes to improve the quality and relevance of the shared data.
Benefits of participating in threat intelligence sharing
Just as neighborhood watch programs promote involvement through community building, shared responsibility, and mutual benefit, threat intelligence sharing programs encourage participation by doing the following:
Raising aw |
Tool Vulnerability Threat Commercial | ★★★ | |
 |
2023-12-12 10:37:13 | Android iMessage App Beeper publie la mise à jour de travail de l'outil Blue Bubbled Android iMessage app Beeper releases working update of blue-bubbled tool (lien direct) |
Dev prétend avoir résolu le problème \\ 'qui a fait que les messages ne sont pas envoyés ou reçus \' Le développeur derrière Beeper Mini vient de publier une version mise à jour de l'application Android autonome qui, selon les utilisateurs, peutCasquez le bloc Apple mis en place pendant le week-end.…
Dev claims to have fixed \'issue that caused messages not to be sent or received\' The developer behind Beeper Mini just released an updated version of the standalone Android app that users say can sidestep the block Apple put in place over the weekend.… |
Tool Mobile | ★★★ | |
 |
2023-12-12 05:00:00 | Mémoire de sécurité: TA4557 cible les recruteurs directement par e-mail Security Brief: TA4557 Targets Recruiters Directly via Email (lien direct) |
What happened Since at least October 2023, TA4557 began using a new technique of targeting recruiters with direct emails that ultimately lead to malware delivery. The initial emails are benign and express interest in an open role. If the target replies, the attack chain commences. Previously, throughout most of 2022 and 2023, TA4557 typically applied to existing open job listings purporting to be a job applicant. The actor included malicious URLs, or files containing malicious URLs, in the application. Notably, the URLs were not hyperlinked and the user would have to copy and paste the URL text to visit the website. The legitimate job hosting sites would then generate and send email notifications to the prospective employers who posted the positions. In recently observed campaigns, TA4557 used both the new method of emailing recruiters directly as well as the older technique of applying to jobs posted on public job boards to commence the attack chain. Specifically in the attack chain that uses the new direct email technique, once the recipient replies to the initial email, the actor was observed responding with a URL linking to an actor-controlled website posing as a candidate resume. Alternatively, the actor was observed replying with a PDF or Word attachment containing instructions to visit the fake resume website. Example initial outreach email by TA4557 to inquire about a job posting. Example follow up email containing a URL linking to a fake resume website. Very notably, in campaigns observed in early November 2023, Proofpoint observed TA4557 direct the recipient to “refer to the domain name of my email address to access my portfolio” in the initial email instead of sending the resume website URL directly in a follow up response. This is likely a further attempt to evade automated detection of suspicious domains. Email purporting to be from a candidate directing the recipient to visit the domain in an email address. If the potential victims visit the “personal website” as directed by the threat actor, the page mimics a candidate\'s resume or job site for the candidate (TA4557) applying for a posted role. The website uses filtering to determine whether to direct the user to the next stage of the attack chain. Example of a fake candidate website operated by TA4557 that leads to download of a zip attachment. If the potential victim does not pass the filtering checks, they are directed to a page containing a resume in plain text. Alternatively, if they pass the filtering checks, they are directed to the candidate website. The candidate website uses a CAPTCHA which, if completed, will initiate the download of a zip file containing a shortcut file (LNK). The LNK, if executed, abuses legitimate software functions in "ie4uinit.exe" to download and execute a scriptlet from a location stored in the "ie4uinit.inf" file. This technique is commonly referred to as "Living Off The Land" (LOTL). The scriptlet decrypts and drops a DLL in the %APPDATA%\Microsoft folder. Next, it attempts to create a new regsrv32 process to execute the DLL using Windows Management Instrumentation (WMI) and, if that fails, tries an alternative approach using the ActiveX Object Run method. The DLL employs anti-sandbox and anti-analysis techniques. It incorporates a loop specifically designed to retrieve the RC4 key necessary for deciphering the More_Eggs backdoor. This loop is strategically crafted to extend its execution time, enhancing its evasion capabilities within a sandbox environment. Furthermore, the DLL employs multiple checks to determine if it is currently being debugged, utilizing the NtQueryInformationProcess function. The DLL drops the More_Eggs backdoor along with the MSXSL executable. Subsequently, it initiates the creation of the MSXSL process using the WMI service. Once completed, the DLL deletes itself. More_Eggs can be used to establish persistence, profile the machine, and drop additional payloads. Attribution Proofpoint has been tracking TA4557 since 2018 as a | Malware Tool Threat | ★★★ | |
 |
2023-12-11 16:53:06 | Entité électrique ukrainienne ciblée d'électrum à l'aide d'outils personnalisés et de logiciels malveillants CaddyWiper, octobre 2022 ELECTRUM Targeted Ukrainian Electric Entity Using Custom Tools and CaddyWiper Malware, October 2022 (lien direct) |
> Le 9 novembre 2023, Mandiant a publié de nouveaux détails des enquêtes médico-légales à la suite d'une attaque perturbatrice contre l'Ukraine Electric Sondat qui ...
Le post Electrum Electric Ukrainian Electric à l'aide d'outils personnalisés et de malware de caddywiper, octobre octobre, octobre2022 est apparu pour la première fois sur dragos .
>On November 9, 2023, Mandiant released new details from forensic investigations following a disruptive attack against Ukraine electric substation which... The post ELECTRUM Targeted Ukrainian Electric Entity Using Custom Tools and CaddyWiper Malware, October 2022 first appeared on Dragos. |
Malware Tool Industrial | ★★★ | |
 |
2023-12-11 13:00:22 | Autonomiser les défenses de la cybersécurité avec Horizon IOC Empower Cyber Security Defenses with Horizon IOC (lien direct) |
> Les menaces de cybersécurité se déplacent rapidement, donc avoir une solution robuste et centralisée pour gérer les indicateurs de compromis (CIO) est crucial.Check Point présente Horizon IOC, une plate-forme innovante conçue pour rationaliser la gestion du CIO dans l'entreprise.Gestion centralisée du CIO pour Horizon Control Horizon sans couture sert de plate-forme centralisée, intégrant de manière transparente les sources de données à partir de produits de contrôle, d'équipes SOC et de points de vente externes.Cet outil convivial permet aux organisations en consolidant divers flux de données dans une seule interface de gestion unifiée.L'application immédiate des politiques dans les politiques d'entreprise définies au sein du directeur de l'IOC Horizon ne sont pas seulement des directives théoriques;Ils sont immédiatement appliqués à travers [& # 8230;]
>Cyber security threats move fast, so having a robust and centralized solution for managing Indicators of Compromise (IOCs) is crucial. Check Point introduces Horizon IOC, an innovative platform designed to streamline IOC management across the enterprise. Centralized IOC Management for Seamless Control Horizon IOC serves as a centralized platform, seamlessly integrating data sources from Check Point products, SOC teams, and external outlets. This user-friendly tool empowers organizations by consolidating diverse data streams into one unified management interface. Immediate Policy Enforcement Across the Enterprise Policies set within the Horizon IOC manager are not just theoretical guidelines; they are immediately enforced across […] |
Tool | ★★ | |
|
2023-12-11 11:00:00 | Avez-vous pris en compte les risques d'IA dans votre cadre de gestion des risques Have you accounted for AI risk in your risk management framework (lien direct) |
L'intelligence artificielle (IA) est sur le point d'influencer considérablement diverses facettes de la société, couvrant les soins de santé, le transport, la finance et la sécurité nationale.Les praticiens de l'industrie et les citoyens dans l'ensemble envisagent et discutent activement des innombrables façons d'IA pourraient être utilisées ou devraient être appliquées. Il est crucial de comprendre et de traiter soigneusement les conséquences réelles du déploiement de l'IA, d'aller au-delà des suggestions pour votre prochaine vidéo en streaming ou des prédictions pour vos préférences d'achat.Néanmoins, une question centrale de notre époque tourne autour de la façon dont nous pouvons exploiter le pouvoir de l'IA pour le plus grand bien de la société, visant à améliorer la vie.L'espace entre l'introduction de la technologie innovante et son potentiel d'utilisation abusive se rétrécit rapidement.Alors que nous embrassons avec enthousiasme les capacités de l'IA, il est crucial de nous préparer à des risques technologiques accrus, allant des préjugés aux menaces de sécurité. Dans cette ère numérique, où les problèmes de cybersécurité sont déjà en augmentation, l'IA introduit un nouvel ensemble de vulnérabilités.Cependant, comme nous affronterons ces défis, il est crucial de ne pas perdre de vue la situation dans son ensemble.Le monde de l'IA englobe à la fois des aspects positifs et négatifs, et il évolue rapidement.Pour suivre le rythme, nous devons simultanément conduire l'adoption de l'IA, défendre contre ses risques associés et assurer une utilisation responsable.Ce n'est qu'alors que nous pouvons débloquer le plein potentiel de l'IA pour les progrès révolutionnaires sans compromettre nos progrès en cours. Aperçu du cadre de gestion des risques d'intelligence artificielle NIST Le cadre de gestion des risques de l'IA NIST (AI RMF) est une directive complète développée par le NIST, en collaboration avec diverses parties prenantes et en alignant les efforts législatifs, pour aider les organisations à gérer les risques associés aux systèmes d'IA.Il vise à améliorer la fiabilité et à minimiser les dommages potentiels des technologies de l'IA.Le cadre est divisé en deux parties principales: Planification et compréhension: cette partie se concentre sur l'hiver les organisations pour évaluer les risques et les avantages de l'IA, définissant les critères des systèmes d'IA dignes de confiance.La fiabilité est mesurée en fonction de facteurs tels que la validité, la fiabilité, la sécurité, la résilience, la responsabilité, la transparence, l'explication, l'amélioration de la confidentialité et l'équité avec les biais gérés. Guidance exploitable: cette section, connue sous le nom de noyau du cadre, décrit quatre étapes clés - gouverner, mapper, mesurer et gérer.Ces étapes sont intégrées dans le processus de développement du système d'IA pour établir une culture de gestion des risques, identifier et évaluer les risques et mettre en œuvre des stratégies d'atténuation efficaces. Gassement d'informations: collectionner des données essentielles sur les systèmes d'IA, tels que les détails du projet et les délais. Gover: Établir une forte culture de gouvernance pour la gestion des risques de l'IA dans toute l'organisation. MAP: Framer les risques dans le contexte du système d'IA pour améliorer l'identification des risques. Mesure: en utilisant diverses méthodes pour analyser et surveiller les risques d'IA et leurs impacts. Gérer: appliquer des pratiques systématiques pour traiter les risques identifiés, en se concentrant sur le traitement des risques et la planification des réponses. L'IA RMF est un excellent outil pour aider les organisations à créer un programme de gouvernance solide et à gérer les risques associés à leurs systèmes d'IA.Même s'il n'est pas obligatoire en vertu des lois propos | Tool Vulnerability Guideline | ★★★ | |
 |
2023-12-11 08:00:00 | Pixi – Pour créer des environnements de dev aux petits oignons (lien direct) | Pixi, un projet écrit en Rust, est un gestionnaire de paquets fonctionnant sur l'écosystème Conda, supportant plusieurs langages de programmation et permettant d'installer toutes les bibliothèques et outils nécessaires pour vos projets. Il crée automatiquement des lockfiles pour reproduire des environnements identiques entre les systèmes d'exploitation sans Docker. Pixi est également capable de créer des packages Conda prêts à être déployés. | Tool | ★★ | |
|
2023-12-10 08:00:00 | Comment installer Windows 11 ARM sur VMware Fusion – Apple Silicon (lien direct) | Après avoir réussi à installer un Windows 11 ARM sur son iMac M3 ARM64, l'auteur explique le processus : télécharger l'image de Windows 11 ARM, convertir le fichier .VHDX inutile pour VMware en .VMDK via l'outil vdiskmanager de VMware, puis créer une nouvelle VM dans VMware. Il faut ensuite sélectionner Windows 11 ARM comme OS, activer le 'Démarrage sécurisé UEFI', et choisir l'image VMDK comme disque virtuel. L'installation de Windows se fait sans support réseau, grâce à la commande 'OOBE\BYPASSNRO'. Pour activer le réseau, il faut lancer un Powershell en admin, entrer la commande 'Set-ExecutionPolicy RemoteSigned', et installer les Vmware Tools. | Tool | ★★ | |
 |
2023-12-08 22:00:00 | CISA ajoute des bogues Qlik au catalogue des vulnérabilités exploitées CISA adds Qlik bugs to exploited vulnerabilities catalog (lien direct) |
Deux vulnérabilités affectant un outil d'analyse de données populaires ont été ajoutées à la liste des bogues exploités de la Cybersecurity and Infrastructure Security Agency \\ Agency (CISA).Jeudi, cisa ajouté CVE-2023-41265 et CVE-2023-41266 à son catalogue, donnant le fédéralagences civiles jusqu'au 28 décembre pour corriger les problèmes.Les deux bogues étaient TrouvéCet été au sens Qlik -
Two vulnerabilities affecting a popular data analytics tool were added to the Cybersecurity and Infrastructure Security Agency\'s (CISA) list of exploited bugs this week. On Thursday, CISA added CVE-2023-41265 and CVE-2023-41266 to its catalog, giving federal civilian agencies until December 28 to patch the issues. Both bugs were found this summer in Qlik Sense - |
Tool Vulnerability | ★★★ | |
|
2023-12-08 06:00:37 | Protéger les identités: comment ITDR complète EDR et XDR pour garder les entreprises plus en sécurité Protecting identities: How ITDR Complements EDR and XDR to Keep Companies Safer (lien direct) |
Defenders who want to proactively protect their company\'s identities have no shortage of security tools to choose from. There are so many, in fact, that it seems like a new category of tool is invented every few months just to help keep them all straight. Because most security teams are finding it increasingly difficult to stop attackers as they use identity vulnerabilities to escalate privilege and move laterally across their organization\'s IT environment, some of today\'s newest tools focus on this middle part of the attack chain. Endpoint detection and response (EDR) and extended detection and response (XDR) are two tools that claim to cover this specialized area of defense. But unfortunately, because of their fundamental architecture and core capabilities, that\'s not really what they do best. That\'s why a new category of tool-identity threat detection and response (ITDR)-is emerging to fill the gaps. In this blog post, we\'ll explain the difference between EDR, XDR and ITDR so that you can understand how these tools complement and reinforce each other. They each have strengths, and when they\'re combined they provide even better security coverage. But first, let\'s rewind the cybersecurity evolution timeline back to the 1980s to understand why ITDR has emerged as a critical defense measure in today\'s threat landscape. The rise of antivirus software and firewalls We\'re starting in the 1980s because that\'s the decade that saw the advent of computer networks and the proliferation of personal computers. It also saw the rapid rise of new threats due to adversaries taking advantage of both trends. There were notable computer threats prior to this decade, of course. The “Creeper” self-replicating program in 1971 and the ANIMAL Trojan in 1975 are two examples. But the pace of development picked up considerably during the 1980s as personal computing and computer networking spread, and bad actors and other mischief-makers sought to profit from or simply break into (or break) devices and systems. In 1987, the aptly named Bernd Robert Fix, a German computer security expert, developed a software program to stop a virus known as Vienna. This virus destroyed random files on the computers it infected. Fix\'s program worked-and the antivirus software industry was born. However, while early antivirus tools were useful, they could only detect and remove known viruses from infected systems. The introduction of firewalls to monitor and control network traffic is another security advancement from the decade. Early “network layer” firewalls were designed to judge “packets” (small chunks of data) based on simple information like the source, destination and connection type. If the packets passed muster, they were sent to the system requesting the data; if not, they were discarded. The internet explosion-and the escalation of cybercrime The late 1990s and early 2000s witnessed the explosive growth of the internet as a key business platform, kicking off an era of tremendous change. It brought new opportunities but also many new security risks and threats. Cybercrime expanded and became a more formalized and global industry during this time. Bad actors focused on developing malware and other threats. Email with malicious attachments and crafty social engineering strategies quickly became favorite tools for adversaries looking to distribute their innovations and employ unsuspecting users in helping to activate their criminal campaigns. As cyberthreats became more sophisticated, defenders evolved traditional detective security tools to feature: Signature-based detection to identify known malware Heuristic analysis to detect previously difficult to detect threats based on suspicious behavioral patterns All of these methods were effective to a degree. But once again, they could not keep in step with cybercriminal innovation and tended to generate a lot of false positives and false negatives. Enter the SIEM Around 2005, security information and event management (SIEM) tools emerged to enhance | Ransomware Malware Tool Vulnerability Threat Studies Cloud | ★★★ | |
|
2023-12-07 07:28:54 | La cyberattaque la plus avancée de l'Iran \\ Iran\\'s Most Advanced Cyber Attack Yet (lien direct) |
> Depuis des années maintenant, les pirates parrainés par l'État d'Iran ont été parmi les plus prolifiques au monde.Mais prolifique ne signifie pas nécessairement sophistiqué & # 8212;Ses attaques ne sont pas très impressionnées dans la façon dont les États-Unis, la Russie et la Chine.Mais dans une campagne récemment découverte par Checkpoint, un APT iranien a déclenché des outils et des tactiques contrairement à [& # 8230;]
>For years now, Iran\'s state-sponsored hackers have been some of the most prolific in the world. But prolific does not necessarily mean sophisticated — its attacks haven\'t quite impressed in the way that the U.S., Russia, and China\'s do. But in a campaign recently uncovered by CheckPoint, one Iranian APT unleashed tools and tactics unlike […] |
Tool | ★★★ | |
 |
2023-12-07 00:04:10 | Chatgpt Builder aide à créer des campagnes d'arnaque et de piratage ChatGPT builder helps create scam and hack campaigns (lien direct) |
Un outil de pointe de l'IA ouverte semble mal modéré, ce qui lui permet d'être abusé par les cybercriminels.
A cutting-edge tool from Open AI appears to be poorly moderated, allowing it to be abused by cyber-criminals. |
Hack Tool | ChatGPT | ★★ |
 |
2023-12-07 00:00:00 | L'outil DFIR intégré peut simplifier et accélérer la cyber-criminalistique Integrated DFIR Tool Can Simplify and Accelerate Cyber Forensics (lien direct) |
Explorez des cas d'utilisation réels démontrant l'impact transformateur de Trend Vision One ™ & # 8211;Pays -cent-chef, un outil intégré de la criminalistique numérique et de la réponse aux incidents (DFIR)
Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR) tool |
Tool Prediction | ★★★ | |
|
2023-12-06 22:30:00 | Les dirigeants du Congrès cherchent à étendre le programme de surveillance contesté jusqu'en avril Congressional leaders seek to extend contested surveillance program until April (lien direct) |
La vie des outils d'espionnage étrangers qui devrait expirer dans quelques semaines pourrait être brièvement prolongée jusqu'au 19 avril après que les dirigeants du Congrès ont inséré un renouvellement à court terme dans le projet de loi annuel sur la politique de défense.La décision d'attacher un renouvellement temporaire de l'article 702 de la Foreign Intelligence Surveillance Act au plan de politique massive vient
The life of foreign spying tools set to expire in a few weeks could be briefly extended until April 19 after congressional leaders inserted a short-term renewal into the annual defense policy bill. The decision to attach a temporary renewal of Section 702 of the Foreign Intelligence Surveillance Act to the massive policy blueprint comes |
Tool | ★★ | |
 |
2023-12-06 20:55:10 | Le cyber stellaire lance un programme universitaire éprouvé sur le terrain Stellar Cyber Launches Field-Proven University Program (lien direct) |
Getting that first job after completing a university degree can be challenging. This is true even for cybersecurity - an industry with millions of available roles. Anecdotally, it can take 6 months or up to a year for a graduate to land their first job in cybersecurity. Sometimes, they have to settle for different roles that will eventually help them advance to the one they initially wanted. There are several reasons why new graduates can\'t find a job in cybersecurity. First, they don\'t have someone to guarantee for them yet. Companies would rather hire someone who has a proven track record - and real-life experience. Entry-level positions are scarce in cybersecurity. After you read the job description, you also realize that most job postings aren\'t really for someone who is just getting started in the industry. Since the last year was marked by a lot of layoffs, those who recently graduated are competing for jobs against highly skilled experts (in specific areas). At the heart of the problem is this: Most freshly graduated students don\'t have real-life experience to back up their theoretical knowledge. How does the OpenXDR innovator Stellar Cyber open up opportunities for future security professionals with its first and invite-only Stellar Cyber University Program? Skills Gap Created in University Graduates struggle to find opportunities because there is a gap between what the university teaches and the skills that are genuinely needed for the job. Companies often look for someone who has specialized knowledge and practical experience in a particular segment of security operations. This is where the skill gap is most evident in the IT industry. Therefore, the skills gap starts at university. While universities might want to provide students with practical experiences, most are limited by their funding and time constraints. We\'re talking about a quickly evolving industry that would require frequent alterations to the curriculum. It\'s not possible for universities to change the curriculum or even to provide training. They\'d have to cover the training, tools, and people to coach the students. This is why it\'s important for security vendors and universities that are teaching the next generation of security experts to collaborate and complete the theory with practice. Stellar Cyber\'s new program helps the universities do just that for free. “Stellar Cyber is proud to offer this comprehensive, collaborative education program free of charge for those training our cyber warriors of the future,” said Jim O’Hara, Chief Revenue Officer at Stellar Cyber. “We are honored to do our part to help shrink the worldwide cybersecurity skills gap and provide security services to communities in need. It\'s our objective to scale as broadly as possible and to assist universities as they prepare their graduates to enter the cybersecurity workforce.” Technology, Mentorship, and Training | Tool | ★★★ | |
|
2023-12-06 18:15:00 | Le pouvoir judiciaire de la Chambre efface facilement le projet de loi pour renouveler les outils de surveillance avec mandat de mandat House Judiciary easily clears bill to renew surveillance tools with warrant mandate (lien direct) |
Mercredi, le comité judiciaire de la Chambre a approuvé une massification massivement un projet de loi bipartite qui obligerait toutes les agences de renseignement aux États-Unis pour obtenir un mandat judiciaire avant de rechercher des informations sur les Américains récupérés par de puissants outils d'espionnage électronique.Les législateurs ont voté 35 à 2 en faveur du Protéger la liberté et finir la loi de surveillance sans mandat
The House Judiciary Committee on Wednesday overwhelmingly approved a bipartisan bill that would require all U.S. intelligence agencies to obtain a court warrant before searching for information about Americans retrieved by powerful electronic spying tools. Lawmakers voted 35 to 2 in favor of the Protect Liberty and End Warrantless Surveillance Act that would amend and |
Tool | ★★★ | |
|
2023-12-06 11:00:00 | Les 29 meilleures pratiques de sécurité des données pour votre entreprise Top 29 data security best practices for your enterprise (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In this digital era, as data is produced and gathered more than ever before, the importance of data security has surged. Given the widespread use of social media, e-commerce, and other online services, individuals are sharing their personal details with numerous entities. In this blog, we\'ll explore the key concepts of data security and highlight the best practices across various sectors. Many of these safeguarding measures are also mandated by data security legislation and standards. Without any further ado, let\'s start discussing data security, its importance, benefits and steps to make your data more secure. What is data security? Data security refers to the practice of protecting digital data from unauthorized access, corruption, theft, or loss. It encompasses a wide range of techniques, tools, and measures that ensure data is safe from various threats. Data security is crucial for individuals, businesses, and governments, as it ensures the confidentiality, integrity, and availability of data. Benefits of data security Following are the key benefits of data security. Protect your data - Ensuring your information is safe from both inside and outside threats offers peace of mind. This means you can focus more on advancing your business plans and less on potential data breaches. Boost your credibility - Companies aiming for lasting collaborations often scrutinize the reputation of their prospective partners. Demonstrating solid data protection practices can also build trust with your clientele. Meet data security standards - Adopting stringent security protocols ensures you adhere to data protection standards, helping you steer clear of hefty non-compliance penalties. Minimize legal costs - Proactively securing data is far more cost-effective than addressing the aftermath of a breach. Investing in data security now can save significant expenses related to potential incidents later. Ensure operational consistency - Strong data security measures pave the way for smooth business operations, decreasing the chances of interruptions that could impact profitability. Top 29 data security best practices for your organization Data discovery: Begin by identifying the types and sensitivity of the data your organization holds. This helps determine which data is critical and which must adhere to specific security regulations. By doing this, you\'ll have a clear understanding of how to prioritize your data protection. Limit sensitive data access: All employees don\'t require access to all information. Broad access increases the risk of internal breaches and data theft. Embrace the principle of least privilege (PoLP): Minimize risks by ensuring new accounts start with minimal data access, which can be expanded based on roles, needs, and seniority. This way, sensitive data is less exposed, even if a cyber attacker breaches an account. Data encryption: With a surge in cyber threats, it\'s essential to shield personal data. Encrypting data transforms readable information into coded text, challenging unauthorized users. Equip with anti-malware: To guard against data breaches from malware, equip your devices with reliable anti-malware software. Regular vulnerability checks: Since data resides on computers, it\'s continuously exposed to potential threats. Keep data safe by routinely assessing and updating your software, mitigating risks of breaches. E | Malware Tool Vulnerability Legislation Cloud | ★★★ | |
|
2023-12-06 08:01:35 | Conscience de sécurité et renseignement sur la sécurité: le jumelage parfait Proofpoint Security Awareness and Threat Intelligence: The Perfect Pairing (lien direct) |
Just like peanut butter and chocolate, when you add threat intelligence to a security awareness program, it\'s the perfect pairing. Together, they can help you efficiently train one of your most important yet most attacked lines of defense-your people. A robust security awareness program that is tailored, defined and driven by real-world threat insights and context is one of the strongest defenses you can implement. Every week, the Proofpoint Security Awareness team gets regular updates about new and emerging threats and social engineering trends from the Proofpoint Threat Intelligence Services team. This helps drive the development of our security awareness platform. Likewise, our customers can generate daily, weekly, monthly and ad-hoc threat intelligence reports to boost the efficacy of their security awareness programs. In this blog, we will discuss some ways that security awareness teams (SATs) can use threat intelligence from Proofpoint to supercharge their awareness programs. Tailor your program to defend against the latest threats Not all people within a company see the same threats. And the response to threats differs greatly across teams-even within the same business. That\'s why security awareness programs shouldn\'t a take one-size-fits-all approach. Here\'s where Proofpoint Threat Intelligence Services can help. Our team regularly briefs customers about which threat actors are targeting their business and industry, who within their company is clicking, which users and departments are attacked most, and what threats they\'re being targeted with. Proofpoint gives SAT teams the data they need so they can tailor the modules, training and phishing simulations to match those that their users face. Threats in the wild are converted to valuable, tailored awareness materials. Use cases Our threat intelligence services team analyzes exactly what threat actors are targeting when they go after a customer-both in terms of volume, but also at a granular department level. We regularly observe that it\'s more common for specific actors to target users within a specific department. Are threat actors targeting a specific department? This is a good example of how SAT teams can use threat intelligence to identify departments that are at risk and help keep them safe. In this case study, Proofpoint Threat Intelligence Services revealed that TA578-an initial access broker-was frequently targeting marketing and corporate communications departments with a standard copyright violation message lure. We highlighted this trend for a particular customer as we reviewed their TAP data. This Proofpoint threat actor victimology report shows that TA578 is targeting a marketing address. Proofpoint Threat Intelligence Services identified what was happening and also provided additional context about the threat actor, including: Tactics, techniques and procedures (TTPs) Malware payloads Attack chains Specific examples of message lures and landing pages Plus, Proofpoint offered recommendations for remediation and proactive, layered protection. Proofpoint Threat Intelligence Services report on TA578. The SAT team used this information in its Proofpoint Security Awareness program to train the marketing department about specific message lures. The team also created a phishing simulation that used a similar-style lure and content to educate those users about this unique threat. Are threat actors targeting specific people? Another use case for Proofpoint Threat Intelligence Services is that it can help SAT teams understand who at their company is clicking-and what types of message themes they are clicking on. Proofpoint Threat Intelligence Services report for a large healthcare customer. Proofpoint Threat Intelligence Services report shows which users are repeat clickers. This data is compiled from real threats that users have clicked on. SAT teams can use it to prioritize these users for additional awareness training. They can also pi | Tool Threat Studies Prediction | ★★★ | |
 |
2023-12-06 00:00:00 | Le rapport du Threat Lab de WatchGuard révèle une augmentation du nombre d\'acteurs malveillants exploitant les logiciels d\'accès à distance (lien direct) | PARIS – 6 décembre 2023 – WatchGuard® Technologies, leader mondial de la cybersécurité unifiée, publie les conclusions de son dernier rapport sur la sécurité Internet, détaillant les principales tendances en matière de malwares et de menaces pour la sécurité des réseaux et des endpoints, analysées par les chercheurs du Threat Lab de WatchGuard. Les principales conclusions tirées des données révèlent une augmentation des cas d'utilisation abusive des logiciels d'accès à distance, la montée en puissance des cyberattaquants qui utilisent des voleurs de mots de passe et de données pour s'emparer d'informations d'identification précieuses, et le recours par les acteurs malveillants non plus à des scripts, mais à des techniques de type " living off the land " pour lancer une attaque sur les endpoints. " Les acteurs malveillants emploient sans cesse de nouveaux outils et méthodes pour mener leurs campagnes d'attaque. Il est donc essentiel que les entreprises se tiennent au courant des dernières tactiques afin de renforcer leur stratégie de sécurité ", souligne Corey Nachreiner, Chief Security Officer chez WatchGuard. " Les plateformes de sécurité modernes, qui intègrent des pare-feux et des logiciels de protection des endpoints, peuvent renforcer la protection des réseaux et des appareils. En revanche, lorsque les attaques font appel à des tactiques d'ingénierie sociale, l'utilisateur final représente la dernière ligne de défense pour empêcher les acteurs malveillants de s'infiltrer dans les entreprises. Il est important que celles-ci dispensent une formation sur l'ingénierie sociale et adoptent une approche de sécurité unifiée mettant en place des couches de défense pouvant être administrées efficacement par des fournisseurs de services managés. " Parmi les principales conclusions, le dernier rapport sur la sécurité Internet basé sur des données du troisième trimestre 2023 révèle les éléments suivants : Les acteurs malveillants utilisent de plus en plus d'outils et de logiciels de gestion à distance pour contourner la détection des malwares, ce que le FBI et la CISA ont tous deux reconnu. En étudiant les principaux domaines du phishing, le Threat Lab a par exemple observé une escroquerie à l'assistance technique qui conduisait la victime à télécharger une version préconfigurée et non autorisée de TeamViewer, ce qui permettait au pirate d'accéder à distance à l'intégralité de son ordinateur. Une variante du ransomware Medusa fait son apparition au troisième trimestre, entraînant une augmentation de 89 % du nombre d'attaques de ransomwares sur les endpoints. De prime abord, les détections de ransomwares sur les endpoints semblent avoir diminué au cours du troisième trimestre. Pourtant, la variante du ransomware Medusa, qui figure pour la première fois dans le Top 10 des menaces liées aux malwares, a été détectée à l'aide d'une signature générique provenant du moteur de signatures automatisé du Threat Lab. Si l'on tient compte des détections de Medusa, les attaques par ransomware ont augmenté de 89 % d'un trimestre par rapport à l'autre. Les acteurs malveillants cessent d'utiliser des attaques basées sur des scripts et recourent de plus en plus à d'autres techniques de type " living off the land ". Le vecteur d'attaque que constituent les scripts malveillants a connu une baisse de 11 % au troisième trimestre, après avoir chut&eacut | Ransomware Malware Tool Threat | ★★ | |
 |
2023-12-05 23:30:00 | BUG BYTES # 218 & # 8211;Avent of Cyber, RCES et Hacking Poems Bug Bytes #218 – Advent of Cyber, RCEs and hacking poems (lien direct) |
> Bug Bytes est une newsletter hebdomadaire organisée par les membres de la communauté Bug Bounty.La deuxième série est organisée par InsiderPhd.Chaque semaine, elle nous tient à jour avec une liste complète des articles, des outils, des tutoriels et des ressources.Ce numéro couvre les semaines du 19 novembre au 3 décembre Intigriti News de mon cahier
>Bug Bytes is a weekly newsletter curated by members of the bug bounty community. The second series is curated by InsiderPhD. Every week, she keeps us up to date with a comprehensive list of write-ups, tools, tutorials and resources. This issue covers the weeks from November 19th to December 3rd Intigriti News From my notebook |
Tool | ★★★ | |
 |
2023-12-05 16:59:00 | Sécurité générative de l'IA: prévention de l'exposition aux données de Microsoft Copilot Generative AI Security: Preventing Microsoft Copilot Data Exposure (lien direct) |
Microsoft Copilot a été appelé l'un des outils de productivité les plus puissants de la planète.
Copilot est un assistant AI qui vit à l'intérieur de chacune de vos applications Microsoft 365 - Word, Excel, PowerPoint, Teams, Outlook, etc.Le rêve de Microsoft est de retirer la corvée du travail quotidien et de laisser les humains se concentrer sur le fait d'être des résolveurs de problèmes créatifs.
Ce qui fait de Copilot une bête différente de celle du chatte et
Microsoft Copilot has been called one of the most powerful productivity tools on the planet. Copilot is an AI assistant that lives inside each of your Microsoft 365 apps - Word, Excel, PowerPoint, Teams, Outlook, and so on. Microsoft\'s dream is to take the drudgery out of daily work and let humans focus on being creative problem-solvers. What makes Copilot a different beast than ChatGPT and |
Tool | ChatGPT | ★★★ |
|
2023-12-05 15:25:00 | Le panneau de maison cherche à sauter les autres sur FISA alors que la Maison Blanche fait un plaidoyer frais pour le renouvellement House panel looks to leapfrog others on FISA as White House makes fresh plea for renewal (lien direct) |
Le dernier projet de loi de la Chambre pour renouveler un outil de sécurité nationale controversé proposerait les restrictions les plus serrées sur le programme de surveillance gouvernementale.Le comité judiciaire de la Chambre lundi a dévoilé sa propre législation pour réautoriser L'article 702 de la Foreign Intelligence Surveillance Act, qui expirera dans quelques semaines sans approbation du Congrès, pour trois autres
The latest House bill to renew a controversial national security tool would propose the tightest restrictions yet on the government surveillance program. The House Judiciary Committee on Monday unveiled its own legislation to reauthorize Section 702 of the Foreign Intelligence Surveillance Act, which will expire in a few weeks without congressional approval, for another three |
Tool Legislation | ★★★ | |
 |
2023-12-05 12:01:49 | Comment fonctionne la machine de désinformation et comment 400 $ peuvent l'arrêter How The Disinformation Machine Works, And How $400 Can Stop It (lien direct) |
Plus précisément, lorsque les guerres éclatent, la désinformation passe à la vitesse supérieure. & NBSP; À la suite de l'attaque du 7 octobre, Internet a été submergé par un déluge de désinformation.Ce phénomène ne consiste pas à répandre des mensonges;C'est une tentative systématique d'amplifier les fausses nouvelles et de détourner des sources d'information crédibles pour la guerre de désinformation. & nbsp; Nouvelle tempête de désinformation: un casAnalyse Depuis le 7 octobre, une augmentation de la désinformation, allant de subtilement trompeuse à une fausse fausse, a été déchaînée.Il montre une utilisation sophistiquée des tactiques couramment utilisées dans les opérations d'influence parrainées par l'État et privée.Ces méthodes se concentrent particulièrement sur le mini-jeu ou le refus carrément de la participation du Hamas dans les événements surLa bordure de Gaza. BBC Vérifie l'échelle de la désinformation BBC Verify \'s Disinformation Expert, Shayan Sardarizadeh,décrit le pic initial de désinformation comme sans précédent.Le conflit entre Israël et le Hamas s'est immédiatement étendu dans le domaine de l'information et de la guerre psychologique.Selon Sardarizadeh, le récit déni que «c'est Israël qui a tué ses propres civils le 7 octobre, pas le Hamas», est devenu terriblement répandu en ligne.Les campagnes de désinformation comprennent la propagation des théories du complot et l'utilisation abusive du contenu de divers autres conflits, de manière inexacte présentée comme étant liée à la bande de Gaza.De telles tactiques du livre de jeu KGB sont ingénierie sociale à grande échelle. & Nbsp; AI et désinformation: une liaison dangereuse Un développement particulièrement alarmant est l'utilisation des technologies d'IA dans ces campagnes de désinformation.De Deepfakes aux faux comptes automatisés, ces outils représentent une escalade significative dans la sophistication de ces opérations.La campagne russe, par exemple, a fait de profondeurs les soldats des Tsahal et des postes générés par ordinateur pour une armée de faux comptes ouverts automatiquement. Coopting Credibilité de co-option: Le PlayBook of Disinformation Les acteurs malignes ciblent souvent des sources d'information établies pour donner l'authenticité à leurs récits.En dénaturant la déclaration des points de vente crédibles, ils visent à créer une base pour les théories du déni et du complot d'atrocité.Une instance notable de ceci est la manipulation des rapports à partir de |
Tool | ★★★ | |
|
2023-12-05 11:00:00 | Aperçu des systèmes de détection de fraude modernes Insights into modern fraud detection systems (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Information security requirements and standards are in a constant state of evolution. Recent issues, such as COVID-19 and the growing global reliance on mobile devices and remote work solutions, have played important roles in this ongoing transformation. At the same time, the increasing sophistication of cyber attackers has added new layers of complexity to the cybersecurity landscape. In this article, I will explore the importance of implementing fraud detection systems as a crucial measure to mitigate the impact of both traditional and emerging fraudulent schemes. Challenges faced by financial institutions The landscape of user behavior has undergone significant shifts, primarily driven by external factors such as the COVID-19 pandemic. This factor led to an increase in online transactions, coupled with reduced income streams for many individuals, resulting in decreased spending in specific user categories. Additionally, local conflicts, like the war in Ukraine and Israel, influence spending patterns in particular regions. The implementation of restrictive measures and the resulting increase in stress levels have provided cyber crooks with more opportunities to exploit social engineering techniques through acts of intimidation. One prevalent scam involves fraudsters posing as bank security officials to deceive unsuspecting individuals. Another concerning trend is the rise of legitimate channels that drive people to scam schemes via mainstream advertising platforms like Google and Facebook. Furthermore, the economic hardships some people face have led them to seek alternative income sources, driving them to engage in various forms of online criminal activities. Some individuals become involved in schemes where they act as money mules or work in illegal call centers. It is challenging for financial institutions to guarantee absolute safety. Malicious individuals can present counterfeit identification to authorize transactions that were initially denied by the anti-fraud system. While financial institutions strive to know as much as possible about their clients and run transactions carefully, they are constrained by data retention limitations (typically several months) and the need to respond within seconds, as stipulated by Service Level Agreements. So, again, achieving complete certainty about every transaction remains a huge problem. Detecting suspicious activities becomes even more challenging when malicious employees request details about a specific client or transaction, as this falls within their routine work tasks. Some fraud detection systems use computer webcams or video surveillance cameras to monitor employee behavior. Modern surveillance systems have become more intelligent, leveraging artificial intelligence and historical data to perform comprehensive risk assessments and take action when unusual employee behavior is detected. However, these cameras may not always be effective in identifying deceitful behavior when employees remain almost motionless. Understanding fraud detection systems Fraud detection systems are designed to detect and prevent various forms of fraudulent activities, ranging from account hijacking and | Tool Threat Mobile Prediction Technical | ★★★ | |
 |
2023-12-05 10:43:56 | La CISA prévoit une contribution sur l'outil d'évaluation de la cybersécurité fondamentale pour les entités SLTT CISA calls for input on foundational cybersecurity assessment tool for SLTT entities (lien direct) |
> L'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) a publié une soumission pour une nouvelle demande de collecte (ICR) ...
>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published a submission for a new collection request (ICR)... |
Tool | ★★★ | |
 |
2023-12-05 02:56:27 | Cinq choses que vous devez savoir sur les erreurs de sécurité Five Things You Need to Know About Security Misconfigurations (lien direct) |
Il est facile de supposer que les outils de sécurité sont efficacement configurés dès la sortie de la boîte, pour ainsi dire.Ce scénario est trop courant et peut entraîner de graves conséquences, telles que les violations de données si une organisation implémente des solutions logicielles avec de mauvaises configurations de sécurité.Une erreur de configuration est «une configuration incorrecte ou sous-optimale d'un système d'information ou d'un composant système qui peut conduire à des vulnérabilités», telle que définie par l'Institut national des normes et de la technologie (NIST).Afin d'éviter les erreurs de configuration et les incidents de sécurité qui peuvent en découler, c'est ...
It is easy to assume that security tools are effectively configured right out of the box, so to speak. This scenario is all too common and can lead to severe consequences, such as data breaches if an organization implements software solutions with improper security configurations. A misconfiguration is “an incorrect or suboptimal configuration of an information system or system component that may lead to vulnerabilities,” as defined by the National Institute of Standards and Technology (NIST). In order to prevent misconfigurations and the security incidents that can arise from them, it is... |
Tool Vulnerability | ★★★ | |
|
2023-12-04 11:49:08 | Applications de santé mentale: peuvent-ils faire confiance? Mental Health Apps: Can They Be Trusted? (lien direct) |
In the past few years, mental health apps have witnessed massive growth thanks to their potential to fix a multitude of mental health-related problems.
That said, they are not the best when it comes to managing and securing highly sensitive personal data.
Mental health apps with millions of downloads have been found guilty of selling, misusing, and leaking sensitive data of their users.
In this article, we have shared everything you need to know about the countless privacy concerns associated with mental health apps.
Let’s see if you can trust any mainstream mental health app or if they are all the same.
What Are Mental Health Apps? The name says it all, mental health apps offer tools, activities, and support to help cure serious problems like anxiety, depression, ADHD, Bipolar Disorder, substance abuse, and many more. While mental health apps can’t replace an actual doctor, they have been found to be quite effective in multiple instances. 
On the surface, mental health apps seem to be quite useful for the well-being of users, but you will be surprised to know that the research from Private Internet Access revealed that many mainstream apps fail to protect the privacy and security of their users.
Let’s get into details and discuss all of the problems associated with mental health apps and see how they have become the biggest data-harvesting machines.
Are Mental Health Apps Spying on You? Unlike other mainstream apps, mental health apps require substantially more information about their users for the app to function properly. |
Data Breach Tool Threat Medical | ★★★ | |
|
2023-12-04 11:00:00 | Comment les outils de collaboration d'équipe et la cybersécurité peuvent protéger les effectifs hybrides How team collaboration tools and Cybersecurity can safeguard hybrid workforces (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Hybrid operations are becoming an increasingly prevalent part of the business landscape. Certainly, this offers some fantastic opportunities for companies to reduce overhead costs and gain access to international talent. Yet, there are some distinct challenges hybrid workforces face, too. Key among these is the potential for cybersecurity issues to arise. When you have some employees working from the office and others operating remotely, a range of vulnerabilities may arise — not to mention that there may be hurdles to staff interacting effectively. So, let’s take a look at how team collaboration tools and cybersecurity measures can safeguard your hybrid workforce. Identifying and addressing relevant threats There are few businesses today that aren’t vulnerable to some form of cyber threat. However, the risks tend to depend on the specific business model. As a result, it’s important to first gain an understanding of the prevalent risks related to hybrid workplaces. This enables you to more effectively collaborate and develop safeguards. For hybrid businesses, a range of network security threats have the potential to disrupt operations and cause data breaches. These include: Malware. These malicious software or firmware programs usually enter a network when a person unintentionally downloads them after clicking a link or attachment. Depending on the type of malware, this can give hackers remote access to networks or capture data about network activity, alongside infecting other devices on the network. It’s important to ensure hybrid staff have malware detection software on both business and personal devices that they use to connect to company networks. In addition, you must give them training on how to avoid triggering malware downloads. Phishing. Social engineering attacks, like phishing, can be a challenging issue. These tactics are designed to skirt your security software by getting information or network access directly from your human workers. This may involve criminals posing as legitimate businesses or official entities and directing workers to cloned websites where they’ll be requested to enter sensitive information. You can mitigate this type of issue by monitoring network traffic to spot unusual activity, as well as educating staff on the details of these methods. Even if criminals gain passwords by these methods, setting up multi-factor authentication can limit how useful they are to hackers. That said, alongside the common threats, it’s important to get to know and address the issues with your specific hybrid business. Talk to your staff about their day-to-day working practices and the potential points of vulnerability. Discuss remote workers’ home network setups to establish whether there are end-to-end safeguards in place to prevent unauthorized access to networks. You can then collaborate on arranging additional equipment or protocols — such as access to an encrypted virtual private network (VPN) — that protect both the business and workers’ home equipment. Utilizing collaborative tools Effective collaboration is essential for all hybrid businesses. This isn’t just a matter of maintaining productivity. When employees have the right tools in place to wo | Malware Tool Vulnerability Threat Cloud | ★★ | |
 |
2023-12-04 10:39:37 | Comment l'analyse dynamique vous aide à améliorer l'automatisation des DevSecops How Dynamic Analysis Helps You Enhance Automation for DevSecOps (lien direct) |
DevSecops, également connu sous le nom de DevOps sécurisé, représente un état d'esprit dans le développement de logiciels qui maintient tout le monde responsable de la sécurité des applications.En favorisant la collaboration entre les développeurs et les opérations informatiques et en dirigeant les efforts collectifs vers une meilleure prise de décision de sécurité, les équipes de développement peuvent fournir des logiciels plus sûrs avec une plus grande vitesse et une plus grande efficacité.
Malgré ses avantages, la mise en œuvre de DevSecops peut introduire des frictions dans le processus de développement.Les outils traditionnels pour tester le code et évaluer le risque de sécurité des applications n'ont tout simplement pas été conçu pour la vitesse dont les tests DevOps ont besoin.
Pour naviguer dans ces défis, les équipes de développement doivent commencer avec des outils de test automatisés, car le fait de s'appuyer sur les processus manuels ne peut pas suivre le rythme des délais de développement accélérés.L'automatisation est considérée comme clé pour l'intégration continue de l'analyse de la sécurité et l'atténuation des menaces des flux de travail dynamiques.En tant qu'extension des principes DevOps, DevSecops Automation aide à intégrer les tests de sécurité…
DevSecOps, also known as secure DevOps, represents a mindset in software development that holds everyone accountable for application security. By fostering collaboration between developers and IT operations and directing collective efforts towards better security decision-making, development teams can deliver safer software with greater speed and efficiency. Despite its merits, implementing DevSecOps can introduce friction into the development process. Traditional tools for testing code and assessing application security risk simply weren\'t built for the speed that DevOps testing requires. To navigate these challenges, development teams need to start with automated testing tools, as relying on manual processes can\'t possibly keep pace with accelerated development timelines. Automation is considered key to continuous integration of security analysis and threat mitigation of dynamic workflows. As an extension of DevOps principles, DevSecOps automation helps integrate security testing… |
Tool Threat | ★★★ | |
|
2023-12-04 07:10:47 | Arrêt de cybersécurité du mois: Utilisation de l'IA comportementale pour écraser le détournement de la paie Cybersecurity Stop of the Month: Using Behavioral AI to Squash Payroll Diversion (lien direct) |
This blog post is part of a monthly series exploring the ever-evolving tactics of today\'s cybercriminals. Cybersecurity Stop of the Month focuses on the critical first steps in the attack chain – stopping the initial compromise-in the context of email threats. The series is designed to help you understand how to fortify your defenses to protect people and defend data against emerging threats in today\'s dynamic threat landscape. The first three steps of the attack chain: stop the initial compromise. In our previous posts, we have covered these attack types: Supplier compromise EvilProxy SocGholish E-signature phishing QR code phishing Telephone-oriented attack delivery (TOAD) In this installment we examine a payroll diversion threat that Proofpoint detected during a recent threat assessment. We also cover the typical attack sequence of payroll fraud and explain how Proofpoint uses multiple signals to detect and prevent these threats for our customers. Background Business email compromise (BEC) continues to grow in popularity and sophistication. The 2022 FBI Internet Crime Report notes that BEC attacks cost U.S. businesses $2.7 billion last year. The global figure is no doubt much higher. Ransomware victims, in contrast, lost just $34 million. Payroll diversion is a form of BEC. Typically, employees who have direct access to fulfilling payroll-related requests are prime targets. In these attacks, a bad actor pretends to be an employee who needs to update their direct deposit information. The new information is for an account that the bad actor owns. Once the fraudulent request is complete, the lost funds cannot be retrieved by the business. Payroll diversion fraud isn\'t a new form of BEC, but the frequency of this type of attack is on the rise. Proofpoint continues to see this type of threat getting through the defenses of other email security tools. Across all of our October 2023 threat assessments, we found that more than 400 of these threats got past 12 other email security tools. There are a few reasons why it\'s difficult for a lot of email security tools to detect or remediate these threats. The primary reason is because they don\'t usually carry malicious payloads like attachments or URLs. They also tend to be sent from personal email services-like Google, Yahoo and iCloud-and target specific users. Notably, API-based email security tools that scan for threats post-delivery are the most susceptible to not being able to detect or remediate this type of threat. This partly comes down to how they work. In order for them to be effective, they need security and IT teams to manually populate them with a dictionary of possible display names of all employees, which is a very time-consuming effort that is hard to scale. To avoid this, many organizations simply choose to enable display name prevention for their senior executives only. But bad actors behind payroll diversion don\'t just impersonate executives, they target anyone in the organization who can access corporate funds. In our example below, an attacker took advantage of this exact weakness. The scenario Proofpoint detected a payroll diversion attempt where the attacker posed as a non-executive employee. The email was sent to the director of human resources (HR) at a 300-person company in the energy and utilities industry. The company\'s incumbent email security tool delivered the message, and its API-based post-delivery remediation tool failed to detect and retract it. The threat: How did the attack happen? Here is a closer look at how this payroll diversion scam unfolded: 1. The deceptive message: The attacker sent a request to update their direct deposit information from an account that appeared to be a legitimate employee\'s personal email account. The original malicious message delivered to the recipient\'s inbox. 2. Payroll diversion attack sequence: If the recipient had engaged, the attacker\'s goal would have been to convince them to trans | Ransomware Tool Threat | Yahoo | ★★ |
 |
2023-12-04 01:13:29 | Ransomware Attacks utilisant RDP comme vecteur d'attaque & # 8211;Détecté par EDR Ransomware Attacks Using RDP as the Attack Vector – Detected by EDR (lien direct) |
Un service de bureau à distance fait référence à la fonctionnalité qui permet le contrôle à distance d'autres PC.Dans Windows, ce service est fourni par défaut via le protocole de bureau distant (RDP).Cela signifie que si le système cible est un environnement Windows, RDP peut être utilisé pour contrôler cette cible distante sans avoir à installer des outils de télécommande supplémentaires.Pour la télécommande, l'opérateur doit avoir des informations d'identification de compte pour le système cible et se connecter à l'aide de ces informations d'identification.En tant que tel, si ...
A remote desktop service refers to the feature that allows remote control of other PCs. In Windows, this service is provided by default through Remote Desktop Protocol (RDP). This means that if the target system is a Windows environment, RDP can be used to control this remote target without having to install additional remote control tools. For remote control, the operator is required to have account credentials for the target system and log in using these credentials. As such, if... |
Ransomware Tool | ★★ | |
|
2023-12-02 13:22:00 | Hacker russe Vladimir Dunaev condamné pour avoir créé un malware Trickbot Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware (lien direct) |
Un ressortissant russe a été reconnu coupable dans le cadre de son rôle dans le développement et le déploiement d'un logiciel malveillant connu sous le nom de Trickbot, a annoncé le ministère américain de la Justice (DOJ).
Vladimir Dunaev, 40 ans, a été & nbsp; arrêté & nbsp; en Corée du Sud en septembre 2021 et extradé aux États-Unis un mois plus tard.
"Dunaev a développé des modifications du navigateur et des outils malveillants qui ont aidé à la récolte et aux données des informations d'identification
A Russian national has been found guilty in connection with his role in developing and deploying a malware known as TrickBot, the U.S. Department of Justice (DoJ) announced. Vladimir Dunaev, 40, was arrested in South Korea in September 2021 and extradited to the U.S. a month later. "Dunaev developed browser modifications and malicious tools that aided in credential harvesting and data |
Malware Tool | ★★★ | |
|
2023-12-02 08:00:00 | Sauvez vos vieux routeurs en retrouvant leurs mots de passe par défaut ! (lien direct) | Dans un grenier obscur, un routeur est oublié. L'espoir revient avec DefaultCreds-cheat-sheet, un outil de recherche de mots de passe par défaut. Compatible avec Kali Linux, Ubuntu et Lubuntu, il offre des fonctionnalités comme la recherche de mots de passe et l'exportation de données. Suivez les étapes pour l'installer et l'utiliser à des fins éducatives uniquement. La curiosité et l'exploration sont essentielles pour apprendre avec cet outil. | Tool | ★★★★★ | |
|
2023-12-02 00:11:06 | L'approche centrée sur l'intention de Particle Network \\ vise à simplifier et sécuriser le Web3 Particle Network\\'s Intent-Centric Approach Aims to Simplify and Secure Web3 (lien direct) |
par owais sultan
Découvrez l'évolution du réseau de particules!D'un outil de portefeuille en tant que service à la couche d'accès modulaire centré sur l'intention, explorez la plate-forme & # 8217; S & # 8230;
Ceci est un article de HackRead.com Lire le post original: L'approche centrée sur l'intention des particules vise à simplifier et à sécuriser le web3
By Owais Sultan Discover Particle Network’s Web3 evolution! From a Wallet-as-a-Service tool to the Intent-Centric Modular Access Layer, explore the platform’s… This is a post from HackRead.com Read the original post: Particle Network’s Intent-Centric Approach Aims to Simplify and Secure Web3 |
Tool | ★★ | |
 |
2023-12-01 15:42:00 | Les sociétés saoudiennes externalisent la cybersécurité au milieu des incidents \\ 'graves \\' Saudi Companies Outsource Cybersecurity Amid \\'Serious\\' Incidents (lien direct) |
Les entreprises saoudiennes recherchent une aide supplémentaire en masse, en raison d'un manque d'outils et de personnel.
Saudi companies are seeking extra help in droves, because of a lack of tools and personnel. |
Tool | ★★ | |
|
2023-12-01 13:00:11 | Hub de sécurité AWS et 4 façons d'améliorer la sécurité AWS Security Hub and 4 Ways to Enhance Security (lien direct) |
> La sécurisation de l'ingénierie logicielle et des processus opérationnels est devenue de plus en plus difficile au cours de la dernière décennie.La majorité des charges de travail ont été migrées vers le cloud, et un plus grand nombre d'ingénieurs fonctionnent désormais à distance.Si votre organisation utilise une architecture native du cloud, il pourrait y avoir des déploiements hybrides qui incluent à la fois les ressources cloud et sur site, élargissant ainsi encore votre surface d'attaque.AWS Security Hub est un outil précieux pour assurer la posture de sécurité de vos charges de travail.Néanmoins, Check Point CloudGuard vous permet d'élever vos capacités de sécurité native du cloud.Il améliore l'expérience utilisateur des utilisateurs AWS Security Hub en fournissant des [& # 8230;] supplémentaires [& # 8230;]
>Securing software engineering and operational processes has become increasingly challenging over the past decade. The majority of workloads have been migrated to the cloud, and a larger number of engineers are now working remotely. If your organization employs a cloud-native architecture, there might be hybrid deployments that include both cloud and on-premises resources, thereby expanding your attack surface even further. AWS Security Hub is a valuable tool for ensuring the security posture of your workloads. Nevertheless, Check Point CloudGuard allows you to elevate your cloud-native security capabilities. It enhances the user experience of AWS Security Hub users by providing additional […] |
Tool Cloud | ★★ | |
 |
2023-12-01 10:52:41 | JO 2024 : un kit ANSSI pour la gestion de crise cyber (lien direct) | Dans la lignée de son panorama de la menace cyber pour les JO 2024, l'ANSSI publie un kit d'exercices de gestion de crise. | Tool Guideline | ★★★ | |
 |
2023-12-01 09:30:53 | Rendre la vie plus sûre et plus facile avec ce gestionnaire de mots de passe pour seulement 15 $ Make Life Safer and Easier With This Password Manager for Just $15 (lien direct) |
Stockez des mots de passe illimités dans des coffres de coffre-fort illimités sur plusieurs serveurs, personnalisez les champs, utilisez l'outil sur votre montre intelligente, profitez d'authentificateur intégré et bien plus encore.
Store unlimited passwords in unlimited vaults on multiple servers, customize fields, use the tool on your smart watch, enjoy built-in authenticator and much more. |
Tool | ★★★ | |
 |
2023-11-30 17:00:00 | Amélioration des outils d'analyse des logiciels malveillants de Flare \\ à Google Summer of Code 2023 Improving FLARE\\'s Malware Analysis Tools at Google Summer of Code 2023 (lien direct) |
Cet été a marqué la première année de la première année de l'équipe Flare \\ à googleÉté du code (GSOC) .GSOC est un programme mondial de mentorat en ligne axé sur l'introduction de nouveaux contributeurs au développement de logiciels open source.Les contributeurs du GSOC travaillent avec des mentors pour réaliser des projets de plus de 12 semaines qui soutiennent les organisations open source.En 2023, Flare a été acceptée en GSOC et a eu le privilège de travailler avec quatre contributeurs. Flare est une équipe d'ingénieurs et de chercheurs insensés qui se spécialisent dans l'analyse des logiciels malveillants, Exploiter Analyse et formation de logiciels malveillants.Flare développe, maintient et publie divers ouverts
This summer marked the FLARE team\'s first year participating in Google Summer of Code (GSoC). GSoC is a global online mentoring program focused on introducing new contributors to open source software development. GSoC contributors work with mentors to complete 12+ week projects that support open source organizations. During 2023 FLARE was accepted into GSoC and had the privilege of working with four contributors.FLARE is a team of reverse engineers and researchers who specialize in malware analysis, exploit analysis, and malware training. FLARE develops, maintains, and publishes various open |
Malware Tool Threat | ★★★ | |
|
2023-11-30 15:00:00 | 8 conseils sur la mise en œuvre des outils d'IA sans compromettre la sécurité 8 Tips on Leveraging AI Tools Without Compromising Security (lien direct) |
Les outils d'IA peuvent fournir des résultats rapides et faciles et offrir d'énormes avantages commerciaux - mais ils apportent également des risques cachés.
AI tools can deliver quick and easy results and offer huge business benefits - but they also bring hidden risks. |
Tool | ★★ | |
 |
2023-11-30 14:00:00 | Les logiciels malveillants du voleur Redline déploient via l'outil d'évasion Scrubcrypt RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool (lien direct) |
Le nouvel outil d'obscurcissement des broussailles est conçu pour éviter les protections antivirus
The new ScrubCrypt obfuscation tool is designed to avoid antivirus protections |
Malware Tool | ★★★ | |
|
2023-11-30 13:00:15 | L'information est le pouvoir, mais la désinformation est tout aussi puissante Information is power, but misinformation is just as powerful (lien direct) |
> Les techniques de désinformation et de manipulation employées par les cybercriminels deviennent de plus en plus sophistiquées en raison de la mise en œuvre de l'intelligence artificielle dans leurs systèmes que l'ère post-vérité a atteint de nouveaux sommets avec l'avènement de l'intelligence artificielle (IA).Avec la popularité croissante et l'utilisation d'outils d'IA génératifs tels que Chatgpt, la tâche de discerner entre ce qui est réel et faux est devenu plus compliqué, et les cybercriminels tirent parti de ces outils pour créer des menaces de plus en plus sophistiquées.Vérifier Pont Software Technologies a constaté qu'une entreprise sur 34 a connu une tentative d'attaque de ransomware au cours des trois premiers trimestres de 2023, une augmentation [& # 8230;]
>The disinformation and manipulation techniques employed by cybercriminals are becoming increasingly sophisticated due to the implementation of Artificial Intelligence in their systems The post-truth era has reached new heights with the advent of artificial intelligence (AI). With the increasing popularity and use of generative AI tools such as ChatGPT, the task of discerning between what is real and fake has become more complicated, and cybercriminals are leveraging these tools to create increasingly sophisticated threats. Check Pont Software Technologies has found that one in 34 companies have experienced an attempted ransomware attack in the first three quarters of 2023, an increase […] |
Ransomware Tool | ChatGPT ChatGPT | ★★ |
|
2023-11-30 11:00:00 | Sécration sécurisée: un guide pour parcourir Internet en toute sécurité Secure browsing: A guide to browsing the internet safely (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In an age when the internet is an integral part of our daily lives, ensuring your online safety and privacy is critical. Secure browsing is about protecting sensitive personal information and yourself from cyber threats such as malware, phishing, and hacking. This article delves into the various aspects of web browsing securely, from understanding the risks to implementing best practices and using the right tools to improve your online security. Understanding the risks Before delving into secure browsing techniques, it\'s critical to understand the risks. The internet is full of hazards, and a lack of awareness can leave you vulnerable. Here are a few of the most common dangers: Malware: When you download files, click on untrustworthy links, or visit compromised websites, malicious software can infect your device. Malware can steal your data, damage your system, or track your online activities once infected. Phishing: Phishing attacks involve duping users into disclosing sensitive information such as login credentials, credit card information, or personal information. These attacks frequently disguise themselves as legitimate emails or websites. Data protection: Many websites and online services collect and share your personal information without your permission, which can invade privacy and unwanted tracking. Hacking: Cybercriminals may try to gain unauthorized access to your accounts or devices, resulting in financial loss and damage to your online identity. Unsecured connections: Unsecured Wi-Fi networks expose your data to interception, as attackers can intercept your data. Browsing safely Now that you know the dangers, let\'s look at how to browse the web safely. Use a secure browser: Select a browser with a strong reputation for security features. Google Chrome, Mozilla Firefox, and Microsoft Edge provide regular security updates. Maintain software updates: Regularly update your browser and other software to patch vulnerabilities that cybercriminals may exploit. Use strong, unique passwords: Use solid, one-time passwords for each online account. To keep track of complex passwords, consider using a password manager. Enable two-factor authentication (2FA): Enable two-factor authentication wherever possible to add an extra layer of security to your online accounts. Stay informed: To stay informed about emerging threats and vulnerabilities, keep up with the latest cybersecurity news and best practices. Exercise caution with Email: Unsolicited emails should be avoided, especially those with attachments or links. Check the sender\'s identity before clicking on any links or downloading attachments. Use HTTPS: Look for HTTPS (secure browsing protocol) websites. Most modern browsers display a padlock icon in the address bar for secure sites. Install ad blockers and privacy extensions: Browser extensions such as uBlock Origin, Privacy Badger, and HTTPS Everywhere can help you protect your online privacy by blocking advertisements, tracking scripts, and forcing secure connections. Avoid public Wi-Fi for sensitive transactions: Avoid using public Wi-Fi networks when conducting sensitive transactions such as online banking or shopping. Consider using a Virtual Private Network (VPN) to encrypt your connection if you must use public Wi-Fi. Regularly clear browser data: Clear your browsing history, cookies, and cached data regularly to reduce your digital footprint. Tools for secure browsing Virtual private networks (VPNs): VPNs encrypt your internet connection, ma | Malware Tool Vulnerability Threat | LastPass LastPass | ★★ |
 |
2023-11-30 09:50:48 | Etude Afnic Réussir avec le web : La présence en ligne des TPE et PME françaises progresse, leurs pratiques de cybersécurité aussi (lien direct) | L'étude met en lumière d'importants progrès dans l'approche des micro-entreprises, TPE et PME françaises en matière de cybersécurité de leur présence en ligne. Cependant, elle révèle également un léger recul dans leur appropriation des outils visant à optimiser leur réputation et leur visibilité sur internet. L'Afnic, association en charge de plusieurs extensions parmi lesquelles le .fr, livre aujourd'hui les résultats de la 6ème édition de son étude Réussir avec le web, réalisée via son programme (...) - Points de Vue | Tool | ★★★ | |
|
2023-11-30 06:00:38 | L'avenir de la conformité: suivre le rythme d'un paysage en constante évolution The Future of Compliance: Keeping Pace with an Ever-Changing Landscape (lien direct) |
Nothing stands still in cybersecurity-and that includes compliance. Just as new threats drive the need for new deterrents, new technologies and evolving business practices drive the need for greater oversight. Over the last few years, compliance, regulation and governance have begun evolving faster than we have seen for some time. This has been in response to rapid changes we\'ve seen ripple across industries caused by new technologies, like artificial intelligence (AI) and machine learning, and new ways of doing business launched in response to the pandemic. In this blog, we explore what has changed within the world of compliance over the last few years and where things are likely heading. On compliance trends Like many industries, compliance and regulation tend to follow market trends. If we go back a few years, we saw a raft of privacy legislation introduced in the wake of the European Union\'s introduction of the General Data Protection Regulation (GDPR). High profile events also tend to shift the attitudes of regulators. For example, financial services companies found themselves in the spotlight following the 2008 economic crash, while the auto industry faced similar scrutiny after the emissions scandal. During these times, regulators tend to turn their attention to enforcement, and they are willing to make an example of a company if that\'s what\'s needed to improve things. Over the years, many regulators have become much more aggressive in this area, expanding their scope and proactively applying their rules. Of course, technology drives regulatory change, too. The pandemic has recently accelerated the mass adoption of collaborative technologies and communication channels like Microsoft Teams, Zoom, Slack and many more. The availability and advancement of these channels have changed how we communicate and how we access and share data, both inside and outside of our organizations. In turn, compliance requirements have had to adapt to accommodate new ways of working. On AI and ML compliance Over the last two or three years, we have seen exciting advances in generative AI. But it has also made possible some fundamental capabilities that will become incredibly important. For example, in a world with so many claims of fake news and misrepresentation, the ability to retain immutable records is a big deal. “Immutable” effectively means that something cannot be changed and cannot be hacked. This is huge not just from a source of truth perspective but also regarding reproducibility. As we use AI tools en masse, questions will be asked about why specific systems are making certain decisions. Is AI discriminating against specific ZIP codes, for example? And if not, can those in charge of these systems prove that? In many cases, doing so will take work. AI could be better at explaining how it gets to its decisions. In order to do so, businesses will need to return to the original, immutable data. And as they become increasingly information-intensive, getting back to that source data sets a high bar of capability. AI\'s ability to process vast data sets will also raise concerns around testing. Before any organization puts a system or platform into the world, potential users want to be confident that it has been suitably tested. But even if a company spends millions of dollars testing a system, it will still sometimes fail-and errors will get through. In the past, we could accept a failure rate of, say, one in a million. But today\'s software is much more complex than anything we\'ve been able to produce in the past. So, a one-in-a-million failure rate in a system running 100, 200 or 300 million events in a day quickly adds up to widespread failures. Regulators will need to iron out how they intend to protect consumers and the markets from issues like these and set clear guidelines regarding who, ultimately, is accountable. On the future of compliance Current trends are likely to continue to drive the development of compliance management. Currently, we\'re seeing a lot of instability. While t | Tool Legislation | ★★ | |
|
2023-11-30 01:00:00 | Rundown of Security News d'Aws Re: Invent 2023 Rundown of Security News from AWS re:Invent 2023 (lien direct) |
Amazon Web Services a annoncé des améliorations à plusieurs de ses outils de sécurité, notamment GuardDuty, Inspector, Detective, IAM Access Analyzer et Secrets Manager, pour n'en nommer que quelques-uns lors de son événement Re: Invent.
Amazon Web Services announced enhancements to several of its security tools, including GuardDuty, Inspector, Detective, IAM Access Analyzer, and Secrets Manager, to name a few during its re:Invent event. |
Tool | ★★ | |
|
2023-11-29 21:05:00 | CISA warns of attacks on Unitronics tool used by water utilities, wastewater systems (lien direct) |
Le gouvernement fédéral avertit que les pirates ciblent un outil spécifique utilisé par les systèmes d'eau et d'eaux usées après que deux services publics ont annoncé des attaques cette semaine.L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a déclaré qu'elle répondait au Exploitation active des contrôleurs logiques programmables unitroniques (PLC) utilisés par de nombreuses organisations du secteur de l'eau.Cisa
The federal government is warning that hackers are targeting a specific tool used by water and wastewater systems after two utilities announced attacks this week. The Cybersecurity and Infrastructure Security Agency (CISA) said it is responding to the active exploitation of Unitronics programmable logic controllers (PLCs) used by many organizations in the water sector. CISA |
Tool Industrial | ★★★ | |
|
2023-11-29 20:16:43 | La mise à jour de Mitre ATT & CK comprend la découverte Wi-Fi, l'évasion de la défense et les tactiques de mascarading MITRE ATT&CK Update Includes Wi-Fi Discovery, Defense Evasion and Masquerading Tactics (lien direct) |
Ce matin, cardinalops a annoncé leur contribution à mitre att & amp; ck v14, le cadre standard de l'industrie pour comprendre les catégories de jeu et le comportement.
-
nouvelles commerciales
This morning, CardinalOps announced their contribution to MITRE ATT&CK v14, the industry-standard framework for understanding cyber adversary playbooks and behavior. - Business News |
Tool | ★★★★ |
To see everything:
Our RSS (filtrered)
