Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 22:54:00 |
\'Money Lover\' Finance App Exposes User Data (lien direct) |
A broken access control vulnerability could have led to dangerous follow-on attacks for users of the money-management app. |
Vulnerability
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 22:21:00 |
Fresh (Buggy) Clop Ransomware Variant Targets Linux Systems (lien direct) |
For the moment, victims can decrypt data without paying a ransom. But Clop is a ransomware variant that has caused havoc on Windows systems, so that's bound to change. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 21:05:00 |
DPRK Using Unpatched Zimbra Devices to Spy on Researchers (lien direct) |
Lazarus Group used a known Zimbra bug to steal data from medical and energy researchers. |
Medical
Medical
|
APT 38
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 19:18:00 |
New Banking Trojan Targeting 100M Pix Payment Platform Accounts (lien direct) |
New malware demonstrates how threat actors are pivoting toward payment platform attacks, researchers say. |
Malware
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 18:10:00 |
Industrial Cybersecurity Innovator Opscura Receives $9.4M in Series A Funding as Critical Operations Transform (lien direct) |
Pas de details / No more details |
Industrial
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 18:06:00 |
Ongoing VMware ESXi Ransomware Attack Highlights Inherent Virtualization Risks (lien direct) |
The global assault on vulnerable VMware hypervisors may have been mitigated by updating to the latest version of the product, but patch management is only part of the story. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 18:00:00 |
With TikTok Bans, the Time for Operational Governance Is Now (lien direct) |
Emerging risks and trends need to be monitored, but cybersecurity challenges can be fixed with a focus on the fundamentals. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 17:44:00 |
Backdoor in Dingo Cryptocurrency Allows Creator to Steal (Nearly) Everything (lien direct) |
A tax variable in the software implementing the Dingo Token allows the creators to charge 99% in fees per transaction, essentially stealing funds, an analysis finds. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 17:10:00 |
Coalfire Compliance Essentials Optimized for Automated Evidence Collection (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 17:05:00 |
ARMO Integrates ChatGPT to Help Users Secure Kubernetes (lien direct) |
Pas de details / No more details |
|
Uber
ChatGPT
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 16:33:00 |
(Déjà vu) Intel 471 Announces Powerful and Scalable Attack Surface Protection Solution Suite (lien direct) |
Pas de details / No more details |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 16:30:00 |
Infosec Launches New Office Comedy Themed Security Awareness Training Series (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 16:11:00 |
Financial Institutions Are Suffering From Increasingly Sophisticated Cyberattacks, According to Contrast Security (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 16:05:00 |
Valtix Survey: 95% of Organizations Say Multi-cloud Is a \'Strategic Priority\' but Only 58% Have the Security Architecture to Support It (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 16:00:00 |
DataDome\'s Inaugural E-Commerce Holiday Bot & Online Fraud Report Reveals the U.S. as the Top Source of Bot Attacks (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 15:00:00 |
Optimizing Cybersecurity Investments in a Constrained Spending Environment (lien direct) |
Three ways to stay safe in an economically uncertain 2023. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 15:00:00 |
5 Ways to Survive Scam Season - or Rather, Tax Season (lien direct) |
Security pros need to look beyond user education to find and disarm fraudulent actors. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 08:00:00 |
A Fool With a Tool Is Still a Fool: A Cyber Take (lien direct) |
New tech often requires new thinking - but that's harder to install. |
Tool
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-07 01:00:00 |
Keeping KillNet at Bay: Use the IP Address Blocklist (lien direct) |
Security teams can use a blocklist containing tens of thousands of proxy IP addresses used by the pro-Russian hacktivist group to defend their organizations from DDoS attacks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 22:30:00 |
Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out (lien direct) |
Pas de details / No more details |
Studies
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 22:20:56 |
Crypto Drainers Are Ready to Ransack Investor Wallets (lien direct) |
Cryptocurrency drainers are the latest hot ticket being used in a string of lucrative cyberattacks aimed at virtual currency investors. |
General Information
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 22:11:00 |
Global Ransomware Attack on VMware EXSi Hypervisors Continues to Spread (lien direct) |
The fresh "ESXiArgs" malware is exploiting a 2-year-old RCE security vulnerability (tracked as CVE-2021-21974), resulting in thousands of unpatched servers falling prey to the campaign. |
Ransomware
Malware
Vulnerability
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 21:38:00 |
Cadien Cyber Response Launches to Deliver Incident Response & Complex Digital Forensics Services (lien direct) |
Pas de details / No more details |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 20:00:00 |
Cybercrime Shows No Signs of Slowing Down (lien direct) |
Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023. |
Studies
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 19:18:00 |
Patching & Passwords Lead the Problem Pack for Cyber-Teams (lien direct) |
Despite growing awareness, organizations remain plagued with unpatched vulnerabilities and weaknesses in credential policies. |
Patching
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 15:00:00 |
(Déjà vu) Name That Edge Toon: For the Birds (lien direct) |
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-06 15:00:00 |
How Cybercriminals Are Operationalizing Money Laundering and What to Do About It (lien direct) |
It's time to share threat intelligence, prioritize digital literacy and cyber hygiene, and use digital risk-protection services to stem the rising money laundering tide. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-03 22:04:00 |
What CISOs Can Do About Brand Impersonation Scam Sites (lien direct) |
Apply these 9 tips to proactively fight fraudulent websites that steal customers' trust, money, and personally identifiable information. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-03 21:41:00 |
Iran-Backed Actor Behind \'Holy Souls\' Cyberattack on Charlie Hebdo, Microsoft Says (lien direct) |
The January attack was in retaliation for the satirical French magazine's decision to launch a cartoon contest to lampoon Iran's Supreme Leader. |
Guideline
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-03 16:00:00 |
Scores of Redis Servers Infested by Sophisticated Custom-Built Malware (lien direct) |
At least 1,200 Redis servers worldwide have been infected with "HeadCrab" cryptominers since 2021. |
Malware
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-03 15:00:00 |
How the Cloud Is Shifting CISO Priorities (lien direct) |
The greatly expanding attack surface created by the cloud needs to be protected. |
Studies
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-03 03:00:00 |
MITRE Releases Tool to Design Cyber Resilient Systems (lien direct) |
Engineers can use the Cyber Resiliency Engineering Framework Navigator to visuzalize their cyber resiliency capabilities. |
Tool
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 21:20:00 |
Hornetsecurity Combats QR Code Phishing With Launch of New Technology (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 21:05:00 |
Korelock Launches IOT Smart Lock Technology Company (lien direct) |
Denver-based business secures Series A Funding through partnerships with Iron Gate Capital and Kozo Keikaku Engineering. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 20:53:00 |
Cyberattack on Fintech Firm Disrupts Derivatives Trading Globally (lien direct) |
The Russia-linked LockBit ransomware group claims to be behind the attack that fouled automated transactions for dozens of clients of financial technology firm ION Group. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 19:01:00 |
6 Examples of the Evolution of a Scam Site (lien direct) |
Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 18:23:00 |
Rising \'Firebrick Ostrich\' BEC Group Launches Industrial-Scale Cyberattacks (lien direct) |
The group's wanton attacks demonstrate that business email compromise is everything a hacker can want in one package: low risk, high reward, quick, easy, and low effort. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 16:08:00 |
Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter (lien direct) |
Analysts find that 98% of QNAP NAS are vulnerable to CVE-2022-27596, which allows unauthenticated, remote SQL code injection. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 15:00:00 |
AppSec Playbook 2023: Study of 829M Attacks on 1,400 Websites (lien direct) |
The total number of 61,000 open vulnerabilities, including 1,700 critical ones that have been open for 180+ days, exposes businesses to potential attacks. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 15:00:00 |
Managing the Governance Model for Software Development in a No-Code Ecosystem (lien direct) |
Forward-leading business and technology leaders are seeing the value of the "do-It-yourself" approach. |
Guideline
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 14:50:00 |
Cybersecurity Leaders Launch First Attack Matrix for Software Supply Chain Security (lien direct) |
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security. |
Guideline
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 14:40:00 |
ChatGPT May Already Be Used In Nation State Cyberattacks, Say IT Decision Makers in BlackBerry Global Research (lien direct) |
Pas de details / No more details |
|
ChatGPT
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 11:01:00 |
Discrepancies Discovered in Vulnerability Severity Ratings (lien direct) |
Differences in how the National Vulnerability Database (NVD) and vendors score bugs can make patch prioritization harder, study says. |
Vulnerability
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-02 09:00:00 |
Lazarus Group Rises Again, to Gather Intelligence on Energy, Healthcare Firms (lien direct) |
An OpSec slip from the North Korean threat group helps researchers attribute what was first suspected as a ransomware attack to nation-state espionage. |
Ransomware
Threat
|
APT 38
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-01 23:36:00 |
Why CISOs Should Care About Brand Impersonation Scam Sites (lien direct) |
Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-01 22:12:13 |
Nearly All Firms Have Ties With Breached Third Parties (lien direct) |
The average organization does business with 11 third parties, and 98% of organizations do business with a third party who has suffered a breach, an analysis finds. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-01 21:31:56 |
CISA to Open Supply Chain Risk Management Office (lien direct) |
A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance. |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-01 20:58:00 |
Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazley Report (lien direct) |
Noting 13% year-over-year growth in fraudulent instruction as a cause of loss, report predicts organizations must get smarter about educating employees to spot fraudulent tactics. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-01 20:32:00 |
Radiant Logic Signs Definitive Agreement to Acquire Brainwave GRC (lien direct) |
Move will strengthen position as a leader in the identity governance and analytics market. |
Guideline
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-01 20:29:00 |
Vista Equity Partners Completes Acquisition of KnowBe4 (lien direct) |
. |
|
|
★★
|