Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 20:00:00 |
SaaS RootKit Exploits Hidden Rules in Microsoft 365 (lien direct) |
A vulnerability within Microsoft's OAuth application registration allows an attacker to create hidden forwarding rules that act as a malicious SaaS rootkit. |
Vulnerability
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 19:40:00 |
Hive Ransomware Gang Loses Its Honeycomb, Thanks to DoJ (lien direct) |
The US Department of Justice hacked into Hive's infrastructure, made off with hundreds of decryptors, and seized the gang's operations. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 19:26:07 |
German Government, Airports, Banks Hit With Killnet DDoS Attacks (lien direct) |
After Berlin pledged tanks for Ukraine, some German websites were knocked offline temporarily by Killnet DDoS attacks. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 18:18:00 |
7 Insights From a Ransomware Negotiator (lien direct) |
The rapid maturation and rebranding of ransomware groups calls for relentless preparation and flexibility in response, according to one view from the trenches. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 17:36:33 |
Companies Struggle With Zero Trust as Attackers Adapt to Get Around It (lien direct) |
Only one in 10 enterprises will create a robust zero-trust foundation in the next three years, while more than half of attacks won't even be prevented by it, according to Gartner. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 16:28:00 |
(Déjà vu) New Study Examines Application Connectivity Security in the Cloud (lien direct) |
Pas de details / No more details |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 16:12:00 |
Center for Cyber Safety and Education Opens 2023 Cybersecurity Scholarship Applications (lien direct) |
Program provides financial assistance to aspiring information security professionals, enabling students toward long-term career success. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 15:58:00 |
Cybellum Releases Enhanced SBOM Management and Compliance Oversight for Manufacturers with New Release of its Product Security Platform (lien direct) |
Advanced workflow, approval process, and management dashboard enhance control, distribution, and supervision, while reducing errors and streamlining the entire SBOM management process. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 15:43:00 |
NIST Risk Management Framework Aims to Improve Trustworthiness of Artificial Intelligence (lien direct) |
New guidance seeks to cultivate trust in AI technologies and promote AI innovation while mitigating risk |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 15:00:00 |
Organizations Must Brace for Privacy Impacts This Year (lien direct) |
Expect more regulatory and enforcement action in the US and around the world. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-26 00:34:00 |
Snyk Gets Nod of Approval With ServiceNow Strategic Investment (lien direct) |
One of the most closely watched security startups continues to build bank because its platform appeals to both developers and security pros. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 22:39:00 |
KORE Delivers IoT SAFE Solution for Massive IoT Use Cases with AWS (lien direct) |
Delivering secure, global IoT device connectivity, deployment, and management at scale. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 22:32:00 |
Data Privacy Day: Privado Flags Data Privacy Challenges In 2023 As It Hails Industry Stars (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 22:17:22 |
Microsoft Azure-Based Kerberos Attacks Crack Open Cloud Accounts (lien direct) |
Two common attacks against on-premises Kerberos authentication servers - known as Pass the Ticket and Silver Ticket - can be used against Microsoft's Azure AD Kerberos, a security firms says. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 21:43:00 |
Zacks Investment Research Hack Exposes Data for 820K Customers (lien direct) |
Zacks Elite sign-ups for the period 1999–2005 were accessed, including name, address, email address, phone number, and the password associated with Zacks.com. |
Hack
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 21:42:00 |
Google Pushes Privacy to the Limit in Updated Terms of Service (lien direct) |
In the Play Store's ToS, a paragraph says Google may remove "harmful" applications from users' devices. Is that a step too far? |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 21:35:00 |
Healthcare Remains Top Target in 2022 ITRC Breach Report (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 21:25:00 |
Despite Slowing Economy, Demand for Cybersecurity Workers Remains Strong (lien direct) |
New Cyberseek™ data shows US is short nearly 530,000 skilled cybersecurity staff. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 21:20:00 |
Davos Debrief: Critical Shortage of Cybersecurity Talent Requires Action on Several Fronts, CompTIA Executive Says (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 20:30:00 |
Researchers Pioneer PoC Exploit for NSA-Reported Bug in Windows CryptoAPI (lien direct) |
The security vulnerability allows attackers to spoof a target certificate and masquerade as any website, among other things. |
Vulnerability
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 19:35:00 |
GoTo Encrypted Backups Stolen in LastPass Breach (lien direct) |
Encrypted backups for several GoTo remote work tools were exfiltrated from LastPass, along with encryption keys. |
|
LastPass
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 18:00:00 |
Log4j Vulnerabilities Are Here to Stay - Are You Prepared? (lien direct) |
Don't make perfect the enemy of good in vulnerability management. Context is key - prioritize vulnerabilities that are actually exploitable. Act quickly if the vulnerability is on a potential attack path to a critical asset. |
Vulnerability
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 17:45:00 |
North Korea\'s Top APT Swindled $1B From Crypto Investors in 2022 (lien direct) |
The DPRK has turned crypto scams into big business to replenish its depleted state coffers. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 17:00:00 |
Multicloud Security Challenges Will Persist in 2023 (lien direct) |
Some predictions about impending security challenges, with a few tips for proactively addressing them. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 16:22:00 |
ThreatConnect Extends Threat Intelligence Platform to Enable Threat Intelligence Operations (TI Ops) (lien direct) |
Pas de details / No more details |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 16:15:00 |
BD Publishes 2022 Cybersecurity Annual Report (lien direct) |
Pas de details / No more details |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 16:10:00 |
Cybersecurity Budgets Increase for Retail & Hospitality Industry (lien direct) |
Despite economic headwinds and layoffs in other areas, most retail and hospitality CISOs expect to add staff in 2023, according to a new report. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 15:38:00 |
BlackBerry\'s Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute (lien direct) |
Report identifies 1.75m cyberattacks were stopped by BlackBerry in the last 90 days. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 15:00:00 |
Can\'t Fill Open Positions? Rewrite Your Minimum Requirements (lien direct) |
If you or your company can't find good infosec candidates, consider changing up the qualifications to find more nontraditional talent. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-25 00:34:00 |
Skyhawk Security Launches Multicloud Runtime Threat Detection and Response Platform (lien direct) |
Skyhawk Synthesis extends cloud security misconfiguration detection across multiple clouds, the company says - throwing cloud security posture management in for free. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 23:13:00 |
View from Davos: The Changing Economics of Cybercrime (lien direct) |
Participants in a working session on ransomware at the World Economic Forum discussed how planning ahead can reduce cyber risk. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 22:02:00 |
Ticketmaster Blames Bots in Taylor Swift \'Eras\' Tour Debacle (lien direct) |
Ticketmaster testified in the Senate that a cyberattack was to blame for the high-profile Taylor Swift concert sales collapse, but some senators aren't so sure. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 20:05:00 |
Forescout Appoints Technology Veteran Barry Mainz as CEO (lien direct) |
Mainz brings 25 years of industry experience to execute on Forescout's strategy and drive its next phase of growth. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 19:56:00 |
Fenix24 Releases White Paper Proposing New Cyber Incident Response Paradigm (lien direct) |
Restoration teams must be part of a collaborative, initial response team to address costly downtime. |
|
|
★★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 18:27:00 |
Armis State of Cyberwarfare and Trends Report: 2022-2023 Highlights Global IT and Security Professionals\' Sentiment on Cyberwarfare (lien direct) |
Respondents indicate organizations are unprepared to handle cyberwarfare, there's no one-size-fits-all response to ransomware, and cybersecurity spending is on the rise. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 18:21:00 |
Keeper Security Shares Password Best Practices Ahead of Data Privacy Day (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 18:05:00 |
The 2022-2023 Cloud Awards Announces Its Finalists (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 18:00:00 |
Chat Cybersecurity: AI Promises a Lot, But Can It Deliver? (lien direct) |
Machine learning offers great opportunities, but it still can't replace human experts. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 17:22:40 |
\'DragonSpark\' Malware: East Asian Cyberattackers Create an OSS Frankenstein (lien direct) |
Hackers cleverly cobbled together a suite of open source software - including a novel RAT - and hijacked servers owned by ordinary businesses. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 15:59:32 |
Microsoft to Block Excel Add-ins to Stop Office Exploits (lien direct) |
The company will block the configuration files, which interact with Web applications - since threat actors increasingly use the capability to install malicious code. |
Threat
|
|
★★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-24 15:00:00 |
Security and the Electric Vehicle Charging Infrastructure (lien direct) |
When EVs and smart chargers plug in to critical infrastructure, what can go wrong? Plenty. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 23:29:00 |
Wallarm Aims to Reduce the Harm From Compromised APIs (lien direct) |
API Leak Management software discovers exposed API keys and other secrets, blocks their use, and monitors for abuse, the company says. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 22:00:00 |
Pair of Galaxy App Store Bugs Offer Cyberattackers Mobile Device Access (lien direct) |
Devices running Android 12 and below are at risk of attackers downloading apps that direct users to a malicious domain. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 21:07:00 |
Organizations Likely to Experience Ransomware Threat in the Next 24 Months, According to Info-Tech Research Group (lien direct) |
Security leaders must build resiliency against these complex attacks immediately. |
Ransomware
Threat
Guideline
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 20:55:00 |
Magnet Forensics Inc. Enters Into Definitive Agreement to be Acquired by Thoma Bravo (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 20:16:00 |
SOCs to Face Greater Challenges From Cybercriminals Targeting Governments and Media in 2023 (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 17:48:00 |
FanDuel Sportsbook Bettors Exposed in Mailchimp Breach (lien direct) |
Amid all the NFL playoff action, FanDuel has sent an email warning to gamblers that their data was exposed in its third-party breach, putting them at risk for phishing attacks. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 17:32:00 |
No One Wants to Be Governed, Everyone Wants to Be Helped (lien direct) |
Here's how a security team can present itself to citizen developers as a valuable resource rather than a bureaucratic roadblock. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 17:05:00 |
TSA No-Fly List Snafu Highlights Risk of Keeping Sensitive Data in Dev Environments (lien direct) |
A Swiss hacker poking around in an unprotected Jenkins development server belonging to CommuteAir accessed the names and birthdates of some 1.5 million people on a TSA no-fly list from 2019. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-01-23 15:00:00 |
Gartner Predicts 10% of Large Enterprises Will Have a Mature and Measurable Zero-Trust Program in Place by 2026 (lien direct) |
Pas de details / No more details |
|
|
★★
|