Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-12-14 17:20:07 |
Apple Zero-Day Actively Exploited on iPhone 15 (lien direct) |
Without many details, Apple patches a vulnerability that has been exploited in the wild to execute code. |
Vulnerability
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-12-14 15:06:25 |
Automated Cyber Campaign Creates Masses of Bogus Software Building Blocks (lien direct) |
The proliferation of automated cyberattacks against npm, NuGet, and PyPI underscores the growing sophistication of threat actors and the threats to open source software supply chains. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-12 14:00:00 |
Cloud Data Breaches Are Running Rampant. What Are the Common Characteristics? (lien direct) |
Protecting against data breaches requires detailed analysis of recent attacks for remediation and prevention. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-12 13:52:08 |
2 Out of 3 Companies See Zero Trust Network Access as Key to Mitigate Work-From-Anywhere Risks, According to New EMA Report (lien direct) |
Report also shows that cloud-based solutions minimize complexity to enable easy adoption by small to midsize businesses. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-12 13:30:55 |
InterVision Announces Study Identifying Ransomware as No. 1 Threat to Business Longevity (lien direct) |
InterVision releases a new website focused on the customer experience, making B2B cybersecurity purchasing decisions easier. |
Ransomware
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-12 13:14:53 |
Palo Alto Networks Ushers in the Next-Generation Security Operations Center With General Availability of Cortex XSIAM - the Autonomous Security Operations Platform (lien direct) |
Early adopters reaping the benefits of improved SOC operations and efficiencies. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 20:32:10 |
Microsoft Addresses Zero-Days, but Exchange Server Exploit Chain Remains Unpatched (lien direct) |
The computing giant didn't fix ProxyNotLogon in October's Patch Tuesday, but it disclosed a rare 10-out-of-10 bug and patched two other zero-days, including one being exploited. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 19:01:37 |
AI and Residual Finger Heat Could Be a Password Cracker\'s Latest Tools (lien direct) |
New research demonstrates the use of thermal camera images of keyboards and screens in concert with AI to correctly guess computer passwords faster and more accurately. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 18:23:07 |
Critical Open Source vm2 Sandbox Escape Bug Affects Millions (lien direct) |
Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 17:53:47 |
OT Cybersecurity Leader Paul Brager Passes Away (lien direct) |
The IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 17:49:46 |
Intel Processor UEFI Source Code Leaked (lien direct) |
Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 17:00:00 |
It\'s Time to Make Security an Innovation Enabler (lien direct) |
How data-driven security can best safeguard your unique cloud operations. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 15:21:39 |
Skybox Security Unveils Industry\'s First SaaS Solution For Security Policy and Vulnerability Management Across Hybrid Environments (lien direct) |
Skybox Security Cloud Edition ushers in a new era of proactive cybersecurity . |
Vulnerability
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 15:17:20 |
Dependency Management Aims to Make Security Easier (lien direct) |
Existing software security firms and new startups tackle the tasks of exposing dependencies and helping developers manage their use of open-source components. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 15:15:01 |
DigiCert Root CA Approved for Matter Device Attestation by Connectivity Standards Alliance (lien direct) |
DigiCert ready to help smart home device manufacturers achieve Matter compliance rapidly and at scale. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 15:09:21 |
Delinea Releases \'Cloud Server Privilege Management for Dummies\' eBook (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 14:57:49 |
Stairwell Announces $45M Series B Funding Round (lien direct) |
Investment led by Section 32 will be used to scale the product and team. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 14:13:42 |
Outpost24 Announces Expansion of Penetration Testing Offerings to North America (lien direct) |
Pen testing solutions to empower businesses to proactively address application security vulnerabilities amid surging threats. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 14:01:28 |
High-Value Targets: String of Aussie Telco Breaches Continues (lien direct) |
Australian IT services provider Dialog has announced a breach, making it the third telecom company in the area compromised in less than a month. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 14:00:00 |
Proposed SEC Disclosure Rules Could Transform Cyber-Incident Response (lien direct) |
It's not too early for firms to start preparing for change. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-11 13:34:26 |
Cybersecurity Survey of State CISOs Identifies Many Positive Trends (lien direct) |
. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-10 20:45:00 |
US Airports in Cyberattack Crosshairs for Pro-Russian Group Killnet (lien direct) |
Killnet calls on other groups to launch similar attacks against US civilian infrastructure, including marine terminals and logistics facilities, weather monitoring centers, and healthcare systems. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-10 20:35:32 |
Emotet Rises Again With More Sophistication, Evasion (lien direct) |
An analysis of the malware and its infection strategies finds nearly 21,000 minor and 139 major variations on the malware - complexity that helps it dodge analysis. |
Malware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-10 18:17:44 |
Zimbra RCE Bug Under Active Attack (lien direct) |
A flaw in unpatched Zimbra email servers could allow attackers to obtain remote code execution by pushing malicious files past filters. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-10 14:00:00 |
6 Things Every CISO Should Do the First 90 Days on the Job (lien direct) |
A CISO's responsibilities have evolved immensely in recent years, so their first three months on the job should look a different today than they might have several years ago. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-08 13:00:44 |
Email Defenses Under Siege: Phishing Attacks Dramatically Improve (lien direct) |
About 1 in 5 phishing email messages reach workers' inboxes, as attackers get better at dodging Microsoft's platform defenses and defenders run into processing limitations. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 22:52:00 |
Credential Harvesting Is Retail Industry\'s Top Threat (lien direct) |
Why bother with new tactics and exploits when the old tricks are still effective? |
Threat
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 19:59:03 |
Cybersecurity Will Account for Nearly One-Quarter of AI Software Market Through 2025 (lien direct) |
A boom in artificial intelligence-powered detection and remediation tools pushes security spending to the top of the AI market, according to Forrester. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 19:00:00 |
Meta Flags Malicious Android, iOS Apps Affecting 1M Facebook Users (lien direct) |
Some 400 mobile apps have posed as legitimate software on Google Play and the Apple App Store over the past year, and were designed to steal Facebook user credentials. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 16:50:32 |
State Bar of Georgia Notifies Members and Employees of Cybersecurity Incident (lien direct) |
Current and former employees and members are being offered complimentary credit monitoring and
identity protection services as some personal information may have been accessed. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 16:45:00 |
Patch Now: Fortinet FortiGate & FortiProxy Contain Critical Vuln (lien direct) |
Fortinet issued a customer advisory urging customers to apply its update immediately. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 15:12:36 |
LofyGang Uses 100s of Malicious NPM Packages to Poison Open Source Software (lien direct) |
The group has been operating for over a year, promoting their tools in hacking forums, stealing credit card information, and using typosquatting techniques to target open source software flaws. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 14:00:00 |
We Can Save Security Teams From Crushing Workloads. Will We? (lien direct) |
Today, the processing of mountain-high stacks of alarms is considered "security." That system is failing customers and the cybersecurity workforce. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 13:15:24 |
CyberRatings.org Invites Industry Participation in Forthcoming Enterprise Firewall and Data Center Firewall Tests (lien direct) |
Test methodologies published today, and their scope includes security effectiveness, performance, stability and reliability, and total cost of ownership. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-07 00:11:00 |
Sharing Knowledge at 44CON (lien direct) |
The infosec conference named after the UK's calling code returned this year with a focus on building a healthy community. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 20:45:00 |
macOS Archive Utility Bug Lets Malicious Apps Bypass Security Checks (lien direct) |
Exploit allows unsigned and unnotarized macOS applications to bypass Gatekeeper and other security, without notifying the user. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 19:56:01 |
Russian Hackers Shut Down US State Government Websites (lien direct) |
Russian-speaking cyberattackers boast they are behind disruption of Colorado, Kentucky, and Mississippi government websites. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 18:30:00 |
US Consumers Are Finally Becoming More Security & Privacy Conscious (lien direct) |
The trend, spotted by Consumer Reports, could mean good news for organizations struggling to contain remote work challenges. |
|
|
★★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 15:35:12 |
Hackers Have It Out for Microsoft Email Defenses (lien direct) |
Cybercriminals are focusing more and more on crafting special email attacks that evade Microsoft Defender and Office security. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 15:15:20 |
Russia-Linked Cybercrime Group Hawks Combo of Malicious Services With LilithBot (lien direct) |
The malware-as-a-service group Eternity is selling a one-stop shop for various malware modules it's been distributing individually via a subscription model on Telegram. |
Malware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 14:00:00 |
School Is in Session: 5 Lessons for Future Cybersecurity Pros (lien direct) |
Opportunities in the field continue to grow - and show no signs of slowing down. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 13:15:00 |
7 IoT Devices That Make Security Pros Cringe (lien direct) |
A look at everything from truly dumb smart devices to cool-looking IoT tech with huge cybersecurity and privacy implications. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 13:13:32 |
New SonicWall Survey Data Reveals 91% of Organizations Fear Ransomware Attacks in 2022 (lien direct) |
Amid an economic downturn, cybersecurity staffing shortages, and endless cyberattacks, financially motivated attacks are the top concern among IT professionals. |
Ransomware
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 13:09:23 |
Research Reveals Microsoft Teams Security and Backup Flaws, With Over Half of Users Sharing Business-Critical Information on the Platform (lien direct) |
Most backup and security vendors overlook this vital communication channel. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-06 13:04:20 |
Contrast Security Launches Expanded Security Testing Tools for JavaScript and Popular Angular, React, and jQuery Frameworks (lien direct) |
New language and framework support empowers developers to analyze front-end code for vulnerabilities throughout the development lifecycle. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 21:44:39 |
Relentless Russian Cyberattacks on Ukraine Raise Important Policy Questions (lien direct) |
Microsoft cybersecurity executive John Hewie explained cyberwar developments and what they mean for Western democratic policy going forward. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 20:00:00 |
Ikea Smart Light System Flaw Lets Attackers Turn Bulbs on Full Blast (lien direct) |
With just one malformed Zigbee frame, attackers could take over certain Ikea smart lightbulbs, leaving users unable to turn the lights down. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 19:25:32 |
CISA: Multiple APT Groups Infiltrate Defense Organization (lien direct) |
Advanced attackers gained access to Microsoft Exchange services, conducted searches of email, and used an open source toolkit to collect data from the network for nearly a year. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 18:00:00 |
Secure Your Application Layer, Secure Your Business (lien direct) |
Users and malicious actors interact with your business through the application layer. Build trust in your software by securing this first line of defense. |
|
|
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2022-10-05 17:45:00 |
NullMixer Dropper Delivers a Multimalware Code Bomb (lien direct) |
In one shot, Trojan dropper NullMixer installs a suite of downloaders, banking Trojans, stealers, and spyware on victims' systems. |
|
|
|