What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-07 14:40:00 | Cyber Security Works to Rebrand As Securin Inc. (lien direct) | Securin Inc. will provide tech-enabled security solutions, vulnerability intelligence and deep domain expertise. | General Information | ★★★ | |
|
2023-03-07 00:46:00 | Machine Learning Improves Prediction of Exploited Vulnerabilities (lien direct) | The third iteration of the Exploit Prediction Scoring System (EPSS) performs 82% better than previous versions, giving companies a better tool for evaluating vulnerabilities and prioritizing patching. | Tool | ★★★★ | |
|
2023-03-06 21:30:00 | Shein Shopping App Glitch Copies Android Clipboard Contents (lien direct) | The Android app unnecessarily accessed clipboard device contents, which often includes passwords and other sensitive data. | ★ | ||
|
2023-03-06 19:25:00 | Police Raid Rounds Up Core Members of DoppelPaymer Ransomware Gang (lien direct) | This is the latest in a line of law-enforcement actions busting up the ransomware scene. | Ransomware | ★ | |
|
2023-03-06 18:40:00 | NIST\'s Quantum-Proof Algorithm Has a Bug, Analysts Say (lien direct) | A team has found that the Crystals-Kyber encryption algorithm is open to side-channel attacks, under certain implementations. | ★★ | ||
|
2023-03-06 18:10:00 | SANS Institute Partners With Google to Launch Cloud Diversity Academy (lien direct) | Pas de details / No more details | Cloud | ★★★ | |
|
2023-03-06 15:00:00 | Name That Edge Toon: Domino Effect (lien direct) | Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. | ★★ | ||
|
2023-03-06 15:00:00 | The Role of Verifiable Credentials In Preventing Account Compromise (lien direct) | As digital identity verification challenges grow, organizations need to adopt a more advanced and forward-focused approach to preventing hacks. | ★★★ | ||
|
2023-03-04 00:20:00 | Rapid7 Brings Threat Intel Data to USF Cybersecurity Lab (lien direct) | The Rapid7 Cyber Threat Intelligence Laboratory at the University of South Florida will provide data on real-world threats for faculty and students to use in their research. | Threat | ★★★ | |
|
2023-03-03 21:02:03 | EV Charging Infrastructure Offers an Electric Cyberattack Opportunity (lien direct) | Attackers have already targeted electric vehicle (EV) charging stations, and experts are calling for cybersecurity standards to protect this necessary component of the electrified future. | ★★★ | ||
|
2023-03-03 20:30:46 | Indigo Books Refuses LockBit Ransomware Demand (lien direct) | Canada's largest bookseller rejected the pressure of the ransomware gang's countdown timer, despite data threats. | Ransomware | ★★ | |
|
2023-03-03 19:21:04 | Polish Politician\'s Phone Patrolled by Pegasus (lien direct) | A mayor backing Polish opposition elections in parliament has been targeted by special services with Pegasus spyware. | ★★★ | ||
|
2023-03-03 18:00:00 | 3 Ways Security Teams Can Use IP Data Context (lien direct) | Innocently or not, residential proxy networks can obscure the actual geolocation of an access point. Here's why that's not great and what you can do about it. | ★★★ | ||
|
2023-03-03 17:17:00 | Chick-fil-A Customers Have a Bone to Pick After Account Takeovers (lien direct) | A two-month-long automated credential-stuffing campaign exposed personal information of Chick-fil-A customers, including birthdays, phone numbers, and membership details. | ★★ | ||
|
2023-03-03 15:00:00 | It\'s Time to Assess the Potential Dangers of an Increasingly Connected World (lien direct) | With critical infrastructures ever more dependent on the cloud connectivity, the world needs a more stable infrastructure to avoid a crippling cyberattack. | Cloud | ★★★ | |
|
2023-03-03 02:44:00 | IBM Contributes Supply Chain Security Tools to OWASP (lien direct) | License Scanner and SBOM Utility will boost the capabilities of OWASP's CycloneDX Software Bill of Materials standard. | ★★★ | ||
|
2023-03-02 23:26:00 | Axis Security Acquisition Strengthens Aruba\'s SASE Solutions With Integrated Cloud Security and SD-WAN (lien direct) | Pas de details / No more details | Cloud | ★★★ | |
|
2023-03-02 23:06:00 | CISA, MITRE Look to Take ATT&CK Framework Out of the Weeds (lien direct) | The Decider tool is designed to make the ATT&CK framework more accessible and usable for security analysts of every level, with an intuitive interface and simplified language. | Tool | ★★★ | |
|
2023-03-02 22:06:00 | Biden\'s Cybersecurity Strategy Calls for Software Liability, Tighter Critical Infrastructure Security (lien direct) | The new White House plan outlines proposed minimum security requirements in critical infrastructure - and for shifting liability for software products to vendors. | ★★★ | ||
|
2023-03-02 22:00:00 | BlackLotus Bookit Found Targeting Windows 11 (lien direct) | Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find. | ★★★ | ||
|
2023-03-02 18:24:00 | What GoDaddy\'s Years-Long Breach Means for Millions of Clients (lien direct) | The same "sophisticated" threat actor has pummeled the domain host on an ongoing basis since 2020, making off with customer logins, source code, and more. Here's what to do. | Threat | ★★★ | |
|
2023-03-02 18:00:25 | Sale of Stolen Credentials and Initial Access Dominate Dark Web Markets (lien direct) | Access-as-a-service took off in underground markets with more than 775 million credentials for sale and thousands of ads for access-as-a-service. | ★★★★ | ||
|
2023-03-02 18:00:00 | Everybody Wants Least Privilege, So Why Isn\'t Anyone Achieving It? (lien direct) | Overcoming the obstacles of this security principle can mitigate the damages of an attack. | ★★★★ | ||
|
2023-03-02 17:00:00 | New Report: Inside the High Risk of Third-Party SaaS Apps (lien direct) | A new report from Adaptive Shield looks at the how volume of applications being connected to the SaaS stack and the risk they represent to company data. | Cloud | ★★★ | |
|
2023-03-02 16:16:00 | Booking.com\'s OAuth Implementation Allows Full Account Takeover (lien direct) | Researchers exploited issues in the authentication protocol to force an open redirection from the popular hotel reservations site when users used Facebook to log in to accounts. | ★★★ | ||
|
2023-03-02 16:10:59 | Hackers Target Young Gamers: How Your Child Can Cause Business Compromise (lien direct) | It's 10 p.m. Do you know what your children are playing? In the age of remote work, hackers are actively targeting kids, with implications for enterprises. | ★★★ | ||
|
2023-03-02 15:00:00 | On Shaky Ground: Why Dependencies Will Be Your Downfall (lien direct) | There's never enough time or staff to scan code repositories. To avoid dependency confusion attacks, use automated CI/CD tools to make fixes in hard-to-manage software dependencies. | ★★★ | ||
|
2023-03-01 23:50:00 | Ermetic Adds Kubernetes Security to CNAPP (lien direct) | The automated capabilities can discover misconfigurations, compliance violations, and risk or excessive privileges in Kubernetes clusters. | Uber | ★★★ | |
|
2023-03-01 22:58:00 | Octillo Launches Women\'s Cybersecurity Scholarship in Partnership With the Center for Cyber Safety and Education (lien direct) | Pas de details / No more details | ★ | ||
|
2023-03-01 22:50:00 | (Déjà vu) DoControl\'s 2023 SaaS Security Threat Landscape Report Finds Enterprises and Mid-Market Organizations Have Exposed Public SaaS Assets (lien direct) | Volume of SaaS assets and events magnifies risks associated with manual management and remediation. | Threat Cloud | ★ | |
|
2023-03-01 22:40:00 | Visibility Is as Vital as Zero Trust for Low-Code/No-Code Security (lien direct) | By authenticating and authorizing every application, and by maintaining data lineage for auditing, enterprises can reduce the chances of data exfiltration. | ★★ | ||
|
2023-03-01 22:40:00 | Forescout Addresses Modern SecOps Challenges With Launch of Forescout XDR (lien direct) | New eXtended Detection and Response Solution is 450X more efficient than typical SOCs at converting telemetry and logs into actionable alerts. | ★★ | ||
|
2023-03-01 22:30:00 | Fastly Launches Managed Security Service to Protect Enterprises From Rising Web Application Attacks (lien direct) | Pas de details / No more details | ★★ | ||
|
2023-03-01 22:25:00 | Dish Blames Ransomware Attack for Disruptions of Internal Systems, Call Center Services (lien direct) | The cyberattackers might have potentially accessed customer information, the service provider warns. | Ransomware | ★★ | |
|
2023-03-01 20:40:00 | Offensive Security Is Now OffSec - Refresh Reflects Future of Cybersecurity Learning and Skills Development (lien direct) | Updated OffSec™ identity substantiates the company's commitment to expanding its cybersecurity content and resources to prepare infosec professionals for the future. | ★★ | ||
|
2023-03-01 19:34:00 | Linux Support Expands Cyber Spy Group\'s Arsenal (lien direct) | An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems. | Malware | ★★★ | |
|
2023-03-01 18:33:26 | What Happened in That Cyberattack? With Some Cloud Services, You May Never Know (lien direct) | More cyberattackers are targeting organizations' cloud environments, but some cloud services, such as Google Cloud Platform's storage, fail to create adequate logs for forensics. | Cloud | ★★★ | |
|
2023-03-01 18:00:00 | The Importance of Recession-Proofing Security Operations (lien direct) | Make sure cybersecurity is taken seriously and consistently across the board. Educate the ecosystem beyond your own organization to mitigate security risks for everyone. | ★★ | ||
|
2023-03-01 15:30:00 | CISA: ZK Java Framework RCE Flaw Under Active Exploit (lien direct) | The flaw, which drew attention in October when it was found in ConnectWise products, could pose a significant risk to the supply chain if not patched immediately. | ★★ | ||
|
2023-03-01 15:00:00 | Without FIDO2, MFA Falls Short (lien direct) | The open authentication standard addresses existing multifactor authentication security vulnerabilities. | General Information | ★★ | |
|
2023-03-01 14:59:02 | Cyberattackers Double Down on Bypassing MFA (lien direct) | As companies increasingly adopt MFA (even as companies like Twitter disable it), cybercriminals are developing a variety of strategies to steal credentials and gain access to high-value accounts anyway. | ★★ | ||
|
2023-03-01 01:21:00 | CISOs Share Their 3 Top Challenges for Cybersecurity Management (lien direct) | The biggest dilemmas in running a modern cybersecurity team are not all about software, said CISOs from HSBC, Citi, and Sepio. | ★★★ | ||
|
2023-03-01 00:45:00 | Google Adds Client-Side Encryption to Gmail, Calendar (lien direct) | The data protection capability is now available across multiple Workspace applications: Gmail, Calendar, Drive, Docs, Slides, Sheets, and Meet. | ★★ | ||
|
2023-02-28 23:09:00 | (Déjà vu) Hoxhunt Launches Human Risk Management Platform (lien direct) | Platform uniquely designed to facilitate automated compliance, security behavior change. | ★★★ | ||
|
2023-02-28 23:02:00 | Two of The Worst Healthcare Data Breaches in US History Happened Last Year (lien direct) | Pas de details / No more details | ★★ | ||
|
2023-02-28 22:32:00 | LastPass DevOps Engineer Targeted for Cloud Decryption Keys in Latest Breach Revelation (lien direct) | The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says. | Cloud | LastPass | ★★ |
|
2023-02-28 22:04:00 | Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike\'s Heels (lien direct) | The framework-as-a-service signals an intensification of the cat-and-mouse game between defenders detecting lateral movement, and cybercriminals looking to go unnoticed. | ★★★ | ||
|
2023-02-28 21:20:00 | US Marshals Ransomware Hit Is \'Major\' Incident (lien direct) | Unknown attackers made off with a raft of PII, the Justice Department says - but witnesses in the protection program are still safe. | Ransomware | ★★ | |
|
2023-02-28 18:55:00 | WannaCry Hero & Kronos Malware Author Named Cybrary Fellow (lien direct) | Marcus Hutchins, who set up a "kill switch" that stopped WannaCry's spread, later pled guilty to creating the infamous Kronos banking malware. | Malware | Wannacry Wannacry | ★★★ |
|
2023-02-28 17:43:44 | Pernicious Permissions: How Kubernetes Cryptomining Became an AWS Cloud Data Heist (lien direct) | The opportunistic "SCARLETEEL" attack on a firm's Amazon Web Services account turns into targeted data theft after the intruder uses an overpermissioned service to jump into cloud system. | Cloud | Uber | ★★ |
To see everything:
Our RSS (filtrered)
