What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-08-10 15:47:13 | OPSWAT Presents New Malware Analysis Capabilities for Operational Technology at Black Hat USA 2022 (lien direct) | Product enhancements to offer full IT and OT threat intelligence services for OPSWAT customers. | Malware Threat | ||
|
2022-08-10 15:23:42 | Bugcrowd Taps Top Hackers for Live Hacking Event with Indeed at 2022 Black Hat Conference (lien direct) | . | |||
|
2022-08-10 14:46:53 | Deepfence ThreatMapper 1.4 Unveils Open Source Threat Graph to Visualize Cloud-Native Threat Landscape (lien direct) | New release also includes enterprise-grade cloud security posture management (CSPM) and YARA-based malware scanning capabilities. | Malware Threat | ||
|
2022-08-10 14:00:00 | Zero Trust & XDR: The New Architecture of Defense (lien direct) | Zero trust and XDR are complementary and both are necessary in today's modern IT environment. In this article, we discuss the intersection of zero trust and XDR. | |||
|
2022-08-10 14:00:00 | Compliance Certifications: Worth the Effort? (lien direct) | Because demonstrating compliance with industry regulations can be cumbersome and expensive, it's important to ensure they're also absolutely essential. | |||
|
2022-08-10 13:06:40 | Flow Security Launches Next-Gen Data Security Platform Following $10 Million Seed Round (lien direct) | First-of-its-kind solution discovers and protects both data at rest and in motion. | |||
|
2022-08-10 13:00:00 | Dark Reading News Desk: Live at Black Hat USA 2022 (lien direct) | LIVE: Dark Reading News Desk at Black Hat USA 2022 | |||
|
2022-08-10 12:56:16 | Looking Back at 25 Years of Black Hat (lien direct) | The Black Hat USA conference's silver jubilee is an opportunity to remember its defining moments, the impact it has made on the security community, and its legacy. | |||
|
2022-08-09 20:52:54 | Software Development Pipelines Offer Cybercriminals \'Free-Range\' Access to Cloud, On-Prem (lien direct) | A Q&A with NCC Group's Viktor Gazdag ahead of a Black Hat USA session on CI/CD pipeline risks reveals a scary, and expanding, campaign vector for software supply chain attacks and RCE. | |||
|
2022-08-09 20:25:07 | Microsoft Patches Zero-Day Actively Exploited in the Wild (lien direct) | The computing giant issued a massive Patch Tuesday update, including a pair of remote execution flaws in the Microsoft Support Diagnostic Tool (MSDT) after attackers used one of the vulnerabilities in a zero-day exploit. | Tool | ||
|
2022-08-09 20:23:25 | Halo Security Emerges From Stealth With Full Attack Surface Management Platform (lien direct) | The latest startup to enter the attack surface management space also has a free scanning service to audit the contents of any website. | |||
|
2022-08-09 17:16:19 | Cybrary Unveils Next-Generation Interactive, Hands-On Training Experience to Upskill Cybersecurity Professionals (lien direct) | New SOC Analyst Assessment delivers threat-informed training in a live lab environment to help cybersecurity professionals defend their organizations against the latest adversarial tactics and techniques. | |||
|
2022-08-09 17:12:16 | Researchers Debut Fresh RCE Vector for Common Google API Tool (lien direct) | The finding exposes the danger of older, unpatched bugs, which plague at least 4.5 million devices. | Tool | ||
|
2022-08-09 17:04:18 | Abusing Kerberos for Local Privilege Escalation (lien direct) | Upcoming Black Hat USA presentation will examine the implications of Kerberos weaknesses for security on the local machine. | |||
|
2022-08-09 17:00:00 | Domino\'s Takes a Methodical Approach to IoT (lien direct) | The success of Domino's Flex IoT project can be attributed in large part to the security best practices it followed. | |||
|
2022-08-09 16:43:50 | Russia-Ukraine Conflict Holds Cyberwar Lessons (lien direct) | Initial attacks used damaging wiper malware and targeted infrastructure, but the most enduring impacts will likely be from disinformation, researchers say. At Black Hat USA, SentinelOne's Juan Andres Guerrero-Saade and Tom Hegel will discuss. | Malware | ||
|
2022-08-09 16:22:48 | US Oil and Gas Sector at Risk of a Cyberbreach, According to BreachBits Study (lien direct) | Study offers a cyber "state of the industry" analysis from a hacker's perspective to help companies anticipate attacks. | |||
|
2022-08-09 16:12:19 | Netscout Arbor Insight Leverages Patented ASI Technology to Enhance Security and Operational Awareness for Network Operators of Any Scale (lien direct) | Extends all aspects of the Arbor Sightline solution with unique, real-time multidimensional DDoS and traffic analytics capabilities. | |||
|
2022-08-09 15:26:02 | Lacework Updates Threat Detection To Uncover More Malicious Activity and Speed Investigation at Scale (lien direct) | New time series model and enhanced alerting experience make it easy for organizations to address more threats in the cloud while enabling faster investigations. | Threat | ||
|
2022-08-09 14:50:12 | Don\'t Take the Cyber Safety Review Board\'s Log4j Report at Face Value (lien direct) | Given the lack of reporting requirements, the findings are more like assumptions. Here's what organizations can do to minimize exposure. | |||
|
2022-08-09 14:00:00 | Human Threat Hunters Are Essential to Thwarting Zero-Day Attacks (lien direct) | Machine-learning algorithms alone may miss signs of a successful attack on your organization. | Threat | ||
|
2022-08-08 19:00:00 | 10 Malicious Code Packages Slither into PyPI Registry (lien direct) | The discovery adds to the growing list of recent incidents where threat actors have used public code repositories to distribute malware in software supply chain attacks. | Malware Threat | ||
|
2022-08-08 15:28:59 | Deepfakes Grow in Sophistication, Cyberattacks Rise Following Ukraine War (lien direct) | A rising tide of threats - from API exploits to deepfakes to extortionary ransomware attacks - is threatening to overwhelm IT security teams. | Ransomware | ||
|
2022-08-08 14:27:43 | HYAS Infosec Announces General Availability of Cybersecurity Solution for Production Environments (lien direct) | HYAS Confront provides total visibility into your production environment, giving you insight into potential issues like cyber threats before they become problems. | ★★★ | ||
|
2022-08-08 14:20:00 | We Have the Tech to Scale Up Open Source Vulnerability Fixes - Now It\'s Time to Leverage It (lien direct) | Q&A with Jonathan Leitschuh, inaugural HUMAN Dan Kaminsky Fellow, in advance of his upcoming Black Hat USA presentation. | Vulnerability | ||
|
2022-08-08 14:07:37 | What Adjustable Dumbbells Can Teach Us About Risk Management (lien direct) | A new workout leads to five smart lessons about the importance of converging security and fraud into a unified risk function. | Guideline | ||
|
2022-08-08 14:00:00 | Pipeline Operators Are Headed in the Right Direction, With or Without TSA\'s Updated Security Directives (lien direct) | A worsening threat landscape, increased digitization, and the long-term positive effects of modern security strategies are pushing critical infrastructure operators to do better. | Threat | ||
|
2022-08-05 18:25:25 | What Worries Security Teams About the Cloud? (lien direct) | What issues are cybersecurity professionals concerned about in 2022? You tell us! | |||
|
2022-08-05 17:12:31 | Genesis IAB Market Brings Polish to the Dark Web (lien direct) | As the market for initial access brokers matures, services like Genesis - which offers elite access to compromised systems and slick, professional services - are raising the bar in the underground economy. | |||
|
2022-08-05 16:38:36 | A Ransomware Explosion Fosters Thriving Dark Web Ecosystem (lien direct) | For the right price, threat actors can get just about anything they want to launch a ransomware attack - even without technical skills or any previous experience. | Ransomware Threat | ★★ | |
|
2022-08-05 16:25:40 | Stolen Data Gives Attackers Advantage Against Text-Based 2FA (lien direct) | With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place. | ★★★★ | ||
|
2022-08-05 16:20:31 | Fresh RapperBot Malware Variant Brute-Forces Its Way Into SSH Servers (lien direct) | Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access. | Malware | ★★★★ | |
|
2022-08-05 14:00:00 | How to Resolve Permission Issues in CI/CD Pipelines (lien direct) | This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines. | ★★★ | ||
|
2022-08-04 21:43:41 | Cyberattackers Increasingly Target Cloud IAM as a Weak Link (lien direct) | At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers. | |||
|
2022-08-04 21:03:16 | Amazon, IBM Move Swiftly on Post-Quantum Cryptographic Algorithms Selected by NIST (lien direct) | A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services. | |||
|
2022-08-04 20:36:33 | Time to Patch VMware Products Against a Critical New Vulnerability (lien direct) | A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines. | Vulnerability Threat | ||
|
2022-08-04 18:35:41 | High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover (lien direct) | The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users. | Vulnerability | ||
|
2022-08-04 18:05:45 | How Email Security Is Evolving (lien direct) | Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated. | |||
|
2022-08-04 15:16:48 | Massive China-Linked Disinformation Campaign Taps PR Firm for Help (lien direct) | A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US. | |||
|
2022-08-04 14:50:20 | Phylum Releases a Free Community Edition to Make Software Supply Chain Security More Accessible (lien direct) | Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits. | |||
|
2022-08-04 14:00:00 | The Myth of Protection Online - and What Comes Next (lien direct) | It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions. | |||
|
2022-08-04 13:26:14 | Deep Instinct Pioneers Deep-Learning Malware Prevention to Protect Mission-Critical Business Applications at Scale (lien direct) | Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector. | Malware | ||
|
2022-08-04 13:21:07 | 35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort? (lien direct) | In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys. | |||
|
2022-08-04 13:17:19 | Ping Identity to Go Private After $2.8B Acquisition (lien direct) | The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted. | |||
|
2022-08-03 23:50:36 | New Startup Footprint Tackles Identity Verification (lien direct) | Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity. | |||
|
2022-08-03 21:25:43 | How IT Teams Can Use \'Harm Reduction\' for Better Cybersecurity Outcomes (lien direct) | Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept - from phishing to shadow IT. | |||
|
2022-08-03 20:23:45 | Critical RCE Bug in DrayTek Routers Opens SMBs to Zero-Click Attacks (lien direct) | SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more. | |||
|
2022-08-03 19:57:48 | School Kid Uploads Ransomware Scripts to PyPI Repository as \'Fun\' Project (lien direct) | The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times. | Ransomware Malware | ||
|
2022-08-03 17:42:11 | Cyberattackers Drain Nearly $6M From Solana Crypto Wallets (lien direct) | So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets. | |||
|
2022-08-03 17:00:00 | Zero-Day Defense: Tips for Defusing the Threat (lien direct) | Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust. | Threat |
To see everything:
