What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-08 23:50:05 | GCP-2024-007 (lien direct) | Publié: 2024-02-08 Description Description Gravité notes Les CVE suivants exposent le maillage de service Anthos aux vulnérabilités exploitables: CVE-2024-23322: Envoyé se bloque lorsque le ralenti et les demandes par essai se produisent dans l'intervalle de retour. CVE-2024-23323: utilisation excessive du processeur lorsque le matrice du modèle URI est configuré en utilisant Regex. CVE-2024-23324: L'autorisation externe peut être contournée lorsque le filtre de protocole proxy définit les métadonnées UTF-8 non valides. Envoyé se bloque lors de l'utilisation d'un type d'adresse qui n'est pas pris en charge par l'OS. CVE-2024-23327: Crash en protocole proxy lorsque le type de commande est local . Pour les instructions et plus de détails, voir le Bulletin de service de service Anthos . High cve-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 Published: 2024-02-08Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-23322: Envoy crashes when idle and requests per try timeout occur within the backoff interval. CVE-2024-23323: Excessive CPU usage when URI template matcher is configured using regex. CVE-2024-23324: External authorization can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata. Envoy crashes when using an address type that isn\'t supported by the OS. CVE-2024-23327: Crash in proxy protocol when command type is LOCAL. For instructions and more details, see the Anthos Service Meshsecurity bulletin. High CVE-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 | Vulnerability Cloud | ||
 |
2024-02-08 22:05:51 | étherfax normes de télécopie de nuages sécurisables pionnières etherFAX Pioneering Interoperable Secure Cloud Fax Standards (lien direct) |
Pas de details / No more details | Cloud | ★★ | |
 |
2024-02-08 15:58:42 | US Credit Union Service a fui des millions d'enregistrements et de mots de passe en texte brut US Credit Union Service Leaks Millions of Records and Passwords in Plain Text (lien direct) |
> Par waqas
La base de données cloud appartenant au service de coopérative de crédit a été laissée exposée sans aucune authentification ou mots de passe de sécurité, permettant un accès public.
Ceci est un article de HackRead.com Lire le post original: US Credit Union Service fuit des millions d'enregistrements et de mots de passe en texte brut
>By Waqas The cloud database belonging to Credit Union Service was left exposed without any security authentication or passwords, allowing public access. This is a post from HackRead.com Read the original post: US Credit Union Service Leaks Millions of Records and Passwords in Plain Text |
Cloud | ★★★ | |
 |
2024-02-08 12:43:30 | SailPoint présente deux nouvelles offres : la Suite Identity Security Cloud Standard et Packages Customer Success Portfolio (lien direct) | SailPoint présente deux nouvelles offres : la Suite Identity Security Cloud Standard et Packages Customer Success Portfolio Ces nouvelles solutions visent à donner aux clients la capacité de réussir leurs projets grâce à des offres correspondant à la maturité de leur programme et à la taille de l'entreprise. - Produits | Cloud | ★★ | |
|
2024-02-08 08:36:58 | AddixGroup et ARS créent une coentreprise spécialiste en cybersécurité et infrastructure Cloud (lien direct) | AddixGroup et ARS créent une coentreprise spécialiste en cybersécurité et infrastructure Cloud - Business | Cloud | ★★ | |
 |
2024-02-08 08:12:34 | SecurityGate s'associe à MicroSec pour étendre les offres de cybersécurité sur les marchés du secteur critique SecurityGate partners with MicroSec to expand cybersecurity offerings in critical sector markets (lien direct) |
> Securitygate Inc., un fournisseur de plate-forme SaaS pour l'OT / ICS Cyber Improvement, a annoncé mercredi son partenariat avec MicroSec, un zéro-trust ...
>SecurityGate Inc., a SaaS platform provider for OT/ICS cyber improvement, announced Wednesday its partnership with MicroSec, a zero-trust... |
Industrial Cloud | ★★ | |
|
2024-02-07 14:23:10 | Qualys dévoile totalcloud 2.0 Qualys Unveils TotalCloud 2.0 (lien direct) |
Qualits dévoile TotalCloud 2.0 avec Trurisk Insights pour mesurer, communiquer et éliminer le cyber-risque dans les applications de cloud et de SaaS
La solution élargie rassemble des infrastructures cloud, des applications SaaS et des actifs exposés en externe pour une vue unifiée du risque dans les environnements multi-nucartes
-
revues de produits
Qualys Unveils TotalCloud 2.0 with TruRisk Insights to Measure, Communicate, and Eliminate Cyber Risk in Cloud and SaaS Applications Expanded solution brings cloud infrastructure, SaaS apps and externally exposed assets together for a unified view of risk across multi-cloud environments - Product Reviews |
Cloud | ★★ | |
|
2024-02-07 11:57:03 | Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service (lien direct) | Verizon Business propose une solution de geste de geste Multicloud & agrave;L \\ 'Offre Network-As-A-Service
Solution de cette Simplifie le d & eacute; applications Ploiment D \\ 'et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride.
-
Produits
Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service Cette solution simplifie le déploiement d\'applications et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride. - Produits |
Cloud | ★★★ | |
|
2024-02-06 22:59:22 | Cisco ajoute de nouvelles capacités de sécurité et d'IA à l'étape suivante vers Cisco Networking Cloud Vision Cisco Adds New Security and AI Capabilities in Next Step Toward Cisco Networking Cloud Vision (lien direct) |
Pas de details / No more details | Cloud | ★★ | |
 |
2024-02-06 16:23:00 | Comment un client d'entreprise de 10 milliards de dollars a considérablement augmenté sa posture de sécurité SaaS avec 201% de ROI en utilisant SSPM How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM (lien direct) |
Les applications SaaS sont les chéris du monde du logiciel.Ils permettent de travailler de n'importe où, facilitent la collaboration et offrent une alternative rentable à la possession du logiciel.Dans le même temps, les fonctionnalités mêmes qui font des applications SaaS ainsi adoptées & # 8211;Accès de n'importe où et de la collaboration & # 8211;Peut également être exploité par les acteurs de la menace.
Récemment, Adaptive Shield a commandé une
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors. Recently, Adaptive Shield commissioned a Total Economic |
Threat Cloud | ★★★ | |
|
2024-02-06 13:54:07 | Naitways annonce la création de son Security Operating Center (lien direct) | Naitways s'affirme comme un partenaire-clé des PME sur la cybersécurité Reconnu pour son très haut niveau d'expertise, son engagement et sa capacité à offrir des services sur-mesure, l'opérateur cloud et réseau étoffe son offre de cybersécurité pour couvrir non seulement l'évaluation et la protection des systèmes d'information mais aussi la détection et la réponse aux attaques. Il se positionne désormais comme un interlocuteur privilégié des directions générales et informatiques pour des arbitrages éclairés qui visent à sécuriser de bout en bout à la fois l'entreprise et ses données. - Produits | Cloud | ★★★ | |
|
2024-02-06 13:40:13 | IBM lance IBM LinuxONE 4 Express (lien direct) | Le nouveau serveur IBM LinuxONE 4 Express promet des économies et de la valeur grâce à un Cloud hybride cyber-résilient et à une plateforme d'IA • Le tout nouveau système IBM LinuxONE est conçu pour offrir cybersécurité, résilience, évolutivité et inférence de l'IA pour les environnements Cloud hybride. • La migration des applications Linux d'un système x86 comparé vers un IBM LinuxONE 4 Express peut permettre d'économiser plus de 52 % sur le coût total de possession sur 5 ans.[1] - Produits | Cloud | ★★ | |
 |
2024-02-06 10:35:42 | L\'EUCC adopté… en attendant son pendant cloud (lien direct) | L'EUCC, schéma européen de certification cyber axés sur les produits logiciels et matériels, vient d'être adopté. Celui dédié aux services cloud (EUCS) reste dans les cartons. | Cloud | ★★ | |
 |
2024-02-06 00:00:00 | Unifier la sécurité du nuage au-delà des silos Unifying Cloud Security Beyond Siloes (lien direct) |
Les attaques ne restent pas en siloes, et vos solutions de sécurité non plus.Explorez les avantages d'une plate-forme de cybersécurité qui consolide la sécurité sur plusieurs couches, y compris le cloud pour une gestion des risques plus proactive.
Attacks don\'t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers-including the cloud-for more proactive risk management. |
Cloud | ★★ | |
 |
2024-02-05 22:22:13 | Enpass Review 2024: prix, fonctionnalités, avantages et inconvénients Enpass Review 2024: Pricing, Features, Pros, & Cons (lien direct) |
ENPASS \\ 'Le stockage de mots de passe hors ligne et la prise en charge des services cloud tiers sont deux offres de fonctionnalités que vous ne trouvez pas aujourd'hui dans de nombreux autres gestionnaires de mots de passe.
Enpass\' offline password storage and support for third-party cloud services are two feature offerings you won\'t find in many other password managers today. |
Cloud | ★★ | |
|
2024-02-05 21:06:18 | GCP-2024-006 (lien direct) | Publié: 2024-02-5 Description Description Gravité notes Lorsqu'un proxy de gestion de l'API APIGEE se connecte à un Target Endpoint ou serveur cible , le proxy n'effectue pas la validation du nom d'hôtepour le certificat présenté par le point de terminaison cible ou le serveur cible par défaut.Si la validation du nom d'hôte n'est pas activée à l'aide de l'une des options suivantes, les proxys APIGEE se connectant à un point de terminaison cible ou un serveur cible peuvent être à risque pour une attaque de l'homme au milieu d'un utilisateur autorisé.Pour plus d'informations, consultez Configuration des TLs de bord au backend (nuage et privéCloud) . Pour les instructions et plus de détails, consultez le Bulletin de sécurité de l'apigan . High Published: 2024-02-5Description Description Severity Notes When an Apigee API Management proxy connects to a target endpoint or target server, the proxy does not perform hostname validation for the certificate presented by the target endpoint or target server by default. If hostname validation is not enabled using one of the following options, Apigee proxies connecting to a target endpoint or target server may be at risk for a man-in-the-middle attack by an authorized user. For more information, see Configuring TLS from Edge to the backend (Cloud and Private Cloud).For instructions and more details, see the Apigee security bulletin. High | Cloud | ||
 |
2024-02-05 13:59:16 | L\'importance de la visibilité pour une sécurité du Cloud efficace (lien direct) | >L'adoption croissante de la technologie Cloud a transformé la manière avec laquelle les entreprises fonctionnent, se développent et utilisent leurs ressources. Il n'est pas surprenant que tous les regards soient désormais tournés vers la sécurité du Cloud, car la surface d'attaque concernée augmente non seulement en taille mais aussi en complexité. Les prévisions de Gartner [...] | Cloud | ★★ | |
 |
2024-02-05 11:41:18 | 7 conseils pour développer une approche proactive pour éviter le vol de données 7 Tips to Develop a Proactive Approach to Prevent Data Theft (lien direct) |
Data is one of the most valuable assets for a modern enterprise. So, of course, it is a target for theft. Data theft is the unauthorized acquisition, copying or exfiltration of sensitive information that is typically stored in a digital format. To get it, bad actors either abuse privileges they already have or use various other means to gain access to computer systems, networks or digital storage devices. The data can range from user credentials to personal financial records and intellectual property. Companies of all sizes are targets of data theft. In September 2023, the personal data of 2,214 employees of the multinational confectionary firm The Hershey Company was stolen after a phishing attack. And in January 2024, the accounting firm of Framework Computer fell victim to an attack. A threat actor posed as the Framework\'s CEO and convinced the target to share a spreadsheet with the company\'s customer data. Data thieves aim to profit financially, disrupt business activities or do both by stealing high-value information. The fallout from a data breach can be very costly for a business-and the cost is going up. IBM reports that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years. Other data suggests that the average cost of a breach is more than double for U.S. businesses-nearly $9.5 million. Not all data breaches involve data theft, but stealing data is a top aim for many attackers. Even ransomware gangs have been shifting away from data encryption in their attacks, opting instead to steal massive amounts of data and use its value as a means to compel businesses to pay ransom. So, what can businesses do to prevent data theft? Taking a proactive approach toward stopping someone from stealing your data is a must. This blog post can help jump-start your thinking about how to improve data security. We explore how data theft happens and describe some common threats that lead to it. We also outline seven strategies that can help reduce your company\'s risk of exposure to data theft and highlight how Proofpoint can bolster your defenses. Understanding data theft-and who commits it Data theft is a serious security and privacy breach. Data thieves typically aim to steal information like: Personally identifiable information (PII) Financial records Intellectual property (IP) Trade secrets Login credentials Once they have it, bad actors can use stolen data for fraudulent activities or, in the case of credential theft, to gain unlawful access to accounts or systems. They can also sell high-value data on the dark web. The consequences of data theft for businesses can be significant, if not devastating. They include hefty compliance penalties, reputational damage, and financial and operational losses. Take the manufacturing industry as an example. According to one source, a staggering 478 companies in this industry have experienced a ransomware attack in the past five years. The costs in associated downtime are approximately $46.2 billion. To prevent data theft, it\'s important to recognize that bad actors from the outside aren\'t the only threat. Insiders, like malicious employees, contractors and vendors, can also steal data from secured file servers, database servers, cloud applications and other sources. And if they have the right privileges, stealing that data can be a breeze. An insider\'s goals for data theft may include fraud, the disclosure of trade secrets to a competitor for financial gain, or even corporate sabotage. As for how they can exfiltrate data, insiders can use various means, from removable media to personal email to physical printouts. How does data theft happen? Now, let\'s look at some common methods that attackers working from the outside might employ to breach a company\'s defenses and steal data. Phishing. Cybercriminals use phishing to target users through email, text messages, phone calls and other forms of communication. The core objective of this approach is to trick users into doing what | Ransomware Data Breach Malware Tool Vulnerability Threat Cloud | ★★★ | |
|
2024-02-02 16:00:00 | Cloudzy élève la cybersécurité: intégrer les informations de l'avenir enregistré pour révolutionner la sécurité du cloud Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security (lien direct) |
Cloudzy, un premier fournisseur d'infrastructures cloud, annonce fièrement une amélioration importante de son paysage de cybersécurité.Cette percée a été réalisée grâce à une consultation récente avec un avenir enregistré, un leader dans la fourniture de l'intelligence des menaces en temps réel et de l'analyse de la cybersécurité.Cette initiative, associée à une refonte des stratégies de cybersécurité de Cloudzy, représente un major
Cloudzy, a prominent cloud infrastructure provider, proudly announces a significant enhancement in its cybersecurity landscape. This breakthrough has been achieved through a recent consultation with Recorded Future, a leader in providing real-time threat intelligence and cybersecurity analytics. This initiative, coupled with an overhaul of Cloudzy\'s cybersecurity strategies, represents a major |
Threat Cloud | ★★★ | |
|
2024-02-02 14:45:56 | Move To Cloud : la gouvernance, pilier d\'une stratégie maîtrisée (lien direct) | Quelle que soit la raison invoquée, le recours au Cloud computing s'est largement accéléré dans les entreprises françaises ces dernières années. D'ailleurs, la considération économique n'est plus le seul facteur conduisant à réaliser cette transition ! | Cloud | ★★ | |
|
2024-02-02 05:00:40 | Brisez la chaîne d'attaque: le gambit d'ouverture Break the Attack Chain: The Opening Gambit (lien direct) |
The threat landscape has always evolved. But the pace of change over the last decade is unlike anything most security professionals have experienced before. Today\'s threats focus much less on our infrastructure and much more on our people. But that\'s not all. Where once a cyberattack may have been a stand-alone event, these events are now almost always multistage. In fact, most modern threats follow the same playbook: initial compromise, lateral movement and impact. While this approach has the potential to cause more damage, it also gives security teams more opportunities to spot and halt cyberattacks. By placing protections in key spots along the attack chain, we can thwart and frustrate would-be cybercriminals before their ultimate payoff. This starts with understanding the opening gambit: How do threat actors attempt to gain access to your king-in this case, your networks and data? And what can be done to keep them at bay? Understanding the playbook The chess parallels continue when we look at recent evolutions in the threat landscape, with our defensive tactics provoking an adapted method of attack. We see this in full effect when it comes to multifactor authentication (MFA). In recent years, security professionals have flocked to MFA to protect accounts and safeguard credentials. In response, threat actors have developed MFA bypass and spoofing methods to get around and weaponize these protections. So much so that MFA bypass can now be considered the norm when it comes to corporate credential phishing attacks. Increasingly, cybercriminals purchase off-the-shelf kits which enable them to use adversary-in-the-middle (AiTM) tactics to digitally eavesdrop and steal credentials. We have also seen an increase in other human-activated methods, such as telephone-oriented attack delivery (TOAD). This method combines voice and email phishing techniques to trick victims into disclosing sensitive information such as login credentials or financial data. Whatever the method, the desired outcome at this stage is the same. Cybercriminals seek to get inside your defenses so they can execute the next stage of their attack. That is what makes the opening gambit such a critical time in the lifecycle of a cyber threat. Modern threat actors are experts at remaining undetected once they are inside our networks. They know how to hide in plain sight, move laterally and escalate privileges. So, if this stage of the attack is a success, organizations have a huge problem. The good news is that the more we understand the tactics that today\'s cybercriminals use, the more we can adapt our defenses to stop them in their tracks before they can inflict significant damage. Countering the gambit The best opportunity to stop cybercriminals is before and during the initial compromise. By mastering a counter to the opening gambit, we can keep malicious actors where they belong-outside our perimeter. It will surprise no one that most threats start in the inbox. So, the more we can do to stop malicious messaging before it reaches our people, the better. There is no silver bullet in this respect. artificial intelligence (AI)-powered email security is as close as it gets. Proofpoint Email Protection is the only AI and machine learning-powered threat protection that disarms today\'s advanced attacks. Proofpoint Email Protection uses trillions of data points to detect and block business email compromise (BEC), phishing, ransomware, supply chain threats and plenty more. It also correlates threat intelligence across email, cloud and network data to help you stay ahead of new and evolving threats that target your people. However, the difficult reality is that nothing is entirely impenetrable. Today\'s security teams must assume some threats will reach the inbox. And your people need to be prepared when they do. Equipping this vital line of defense requires total visibility into who is being attacked in your organization-and when, where and how. Once you have identified the people who ar | Ransomware Threat Cloud | ★★★ | |
|
2024-02-02 05:00:36 | Développement d'une nouvelle norme Internet: le cadre de la politique relationnelle du domaine Developing a New Internet Standard: the Domain Relationship Policy Framework (lien direct) |
Engineering Insights is an ongoing blog series that gives a behind-the-scenes look into the technical challenges, lessons and advances that help our customers protect people and defend data every day. Each post is a firsthand account by one of our engineers about the process that led up to a Proofpoint innovation. In this blog post, we discuss the Domain Relationship Policy Framework (DRPF)-an effort that has been years in the making at Proofpoint. The DRPF is a simple method that is used to identify verifiably authorized relationships between arbitrary domains. We create a flexible way to publish policies. These policies can also describe complex domain relationships. The details for this new model require in-depth community discussions. These conversations will help us collectively steer the DRPF toward becoming a fully interoperable standard. We are now in the early proposal stage for the DRPF, and we are starting to engage more with the broader community. This post provides a glimpse down the road leading to standardization for the DRPF. Why Proofpoint developed DRPF To shine a light on why Proofpoint was inspired to develop the DRPF in the first place, let\'s consider the thinking of the initial designers of the Domain Name System (DNS). They assumed that subdomains would inherit the administrative control of their parent domains. And by extension, this should apply to all subsequent subdomains down the line. At the time, this was reasonable to assume. Most early domains and their subdomains operated in much the same way. For example, “university.edu” directly operated and controlled the administrative policies for subdomains such as “lab.university.edu” which flowed down to “project.lab.university.edu.” Since the mid-1980s, when DNS was widely deployed, there has been a growing trend of delegating subdomains to third parties. This reflects a breakdown of the hierarchical model of cascading policies. To see how this works, imagine that a business uses “company.com” as a domain. That business might delegate “marketing.company.com” to a third-party marketing agency. The subdomain must inherit some policies, while the subdomain administrator may apply other policies that don\'t apply to the parent domain. Notably, there is no mechanism yet for a domain to declare a relationship with another seemingly independent domain. Consider a parent company that operates multiple distinct brands. The company with a single set of policies may want them applied not only to “company.com” (and all of its subdomains). It may also want them applied to its brand domains “brand.com” and “anotherbrand.com.” It gets even more complex when any of the brand domains delegate various subdomains to other third parties. So, say some of them are delegated to marketing or API support. Each will potentially be governed by a mix of administrative policies. In this context, “policies” refers to published guidance that is used when these subdomains interact with the domain. Policies might be for information only. Or they might provide details that are required to use services that the domain operates. Most policies will be static (or appear so to the retrieving parties). But it is possible to imagine that they could contain directives akin to smart contracts in distributed ledgers. 3 Design characteristics that define DRPF The goal of the DRPF is to make deployment and adoption easier while making it flexible for future use cases. In many prior proposals, complex requirements bogged down efforts to get rid of administrative boundaries between and across disparate domains. Our work should be immediately useful with minimal effort and be able to support a wide array of ever-expanding use cases. In its simplest form, three design characteristics define the DRPF: A domain administrator publishes a policy assertion record for the domain so that a relying party can discover and retrieve it. The discovered policy assertion directs the relying party to where they can find | Tool Prediction Cloud Technical | ★★★ | |
 |
2024-02-01 19:26:04 | Le monde stockera 200 zettabytes de données d'ici 2025 The World Will Store 200 Zettabytes Of Data By 2025 (lien direct) |
> 50% de toutes les données à stocker dans le cloud parrainé par Arcserve & # 8211;Steve Morgan, rédacteur en chef Northport, N.Y. & # 8211;8 juin 2020 Le rapport de surface d'attaque de données 2020 (téléchargement PDF) prédit la quantité totale de données dont le monde aura besoin pour protéger
>50 percent of all data to be stored in the cloud Sponsored by Arcserve – Steve Morgan, Editor-in-Chief Northport, N.Y. – June 8, 2020 The 2020 Data Attack Surface Report (download PDF) predicts the total amount of data that the world will need to protect |
Cloud | ★★★ | |
 |
2024-02-01 13:51:02 | Malware DarkGate : l\'exploitation des applications et services cloud (lien direct) | >De nouvelles attaques de phishing abusent des demandes de chat de groupe Microsoft Teams pour envoyer des pièces jointes malveillantes qui installent des charges utiles de malware DarkGate sur les systèmes des victimes. Les attaquants ont utilisé ce qui semble être un utilisateur (ou un domaine) Teams compromis pour envoyer plus de 1 000 invitations […] The post Malware DarkGate : l'exploitation des applications et services cloud first appeared on UnderNews. | Malware Cloud | ★★★ | |
|
2024-02-01 09:48:58 | Le canal peut aider les PME à se protéger contre l'augmentation des menaces de sécurité The Channel can help SMEs protect themselves from increasing security threats (lien direct) |
La chaîne peut aider les PME à se protéger contre les menaces de sécurité croissantes
Selon également Cloud UK, les petites et moyennes entreprises (PME) peuvent utiliser le canal pour lutter contre l'augmentation des menaces de sécurité.
-
opinion
The Channel can help SMEs protect themselves from increasing security threats According to ALSO Cloud UK, small and medium-sized businesses (SMEs) can use the Channel to combat increasing security threats. - Opinion |
Cloud | ★★★ | |
|
2024-01-31 22:00:00 | \\ 'navires qui fuisent \\' Les bogues cloud autorisent les évasions du conteneur à l'échelle mondiale \\'Leaky Vessels\\' Cloud Bugs Allow Container Escapes Globally (lien direct) |
Les quatre vulnérabilités de sécurité se trouvent dans Docker et au-delà, et une affectant RUNC affecte essentiellement tous les développeurs natifs du cloud dans le monde.
The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloud-native developer worldwide. |
Vulnerability Cloud | ★★★ | |
 |
2024-01-31 21:23:24 | ESET participe à une opération mondiale pour perturber le Trojan bancaire Grandoreiro ESET Takes Part in Global Operation to Disrupt the Grandoreiro Banking Trojan (lien direct) |
#### Description
ESET a travaillé avec la police fédérale du Brésil dans le but de perturber le botnet Grandoreiro, fournissant une analyse technique, des informations statistiques et des serveurs C&C connus aux autorités.
Grandoreiro est un cheval de Troie bancaire latino-américain qui est actif depuis au moins 2017 et cible le Brésil, le Mexique et l'Espagne.Les opérateurs de Grandoreiro \\ ont abusé des fournisseurs de cloud tels que Azure et AWS pour héberger leur infrastructure réseau.
#### URL de référence (s)
1. https://www.welivesecurity.com/en/eset-research/eset-takes-partit-hobal-opération-srupt-grandoreiro-banking-trojan/
#### Date de publication
30 janvier 2024
#### Auteurs)
Recherche ESET
#### Description ESET has worked with the Federal Police of Brazil on an effort to disrupt the Grandoreiro botnet, providing technical analysis, statistical information and known C&C servers to the authorities. Grandoreiro is a Latin American banking trojan that has been active since at least 2017 and targets Brazil, Mexico, and Spain. Grandoreiro\'s operators have abused cloud providers such as Azure and AWS to host their network infrastructure. #### Reference URL(s) 1. https://www.welivesecurity.com/en/eset-research/eset-takes-part-global-operation-disrupt-grandoreiro-banking-trojan/ #### Publication Date January 30, 2024 #### Author(s) ESET Research |
Cloud Technical | ★★★ | |
|
2024-01-31 20:08:14 | GCP-2024-005 (lien direct) | Publié: 2024-01-31 Description Description Gravité notes Une vulnérabilité de sécurité, CVE-2024-21626, a été découverte dans runc où un utilisateur avec la permission de créer des pods sur le système d'exploitation optimisé et les nœuds ubuntu à conteneur pourraitêtre en mesure d'accéder à un accès complet au système de fichiers de nœud. Pour les instructions et plus de détails, consultez les bulletins suivants: Bulletin de sécurité gke gke sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité en métal nus High CVE-2024-21626 Published: 2024-01-31Description Description Severity Notes A security vulnerability, CVE-2024-21626, has been discovered in runc where a user with permission to create Pods on Container-Optimized OS and Ubuntu nodes might be able to gain full access to the node filesystem. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2024-21626 | Vulnerability Cloud | ||
|
2024-01-31 17:38:37 | Sécuriser votre paysage SaaS: examiner de plus près la reprise après sinistre, la gestion de la posture Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management (lien direct) |
> Par waqas
Imaginez que vous êtes sur un bateau, naviguant dans les eaux en constante évolution du monde de la technologie.Les applications SaaS sont comme & # 8230;
Ceci est un article de HackRead.com Lire le post original: Sécuriser votre paysage SaaS: regard plus approfondi sur la reprise après sinistre, la gestion de la posture
>By Waqas Imagine you’re on a boat, navigating through the ever-changing waters of the tech world. SaaS applications are like… This is a post from HackRead.com Read the original post: Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management |
Cloud | ★★ | |
|
2024-01-31 16:30:00 | La SEC a gagné \\ 'ne que les CISO soient: comprendre les nouvelles règles de cybersécurité SaaS The SEC Won\\'t Let CISOs Be: Understanding New SaaS Cybersecurity Rules (lien direct) |
La sec n'est pas de donner à SaaS une passe gratuite.Les sociétés publiques applicables, appelées «inscrits», sont désormais soumises à des exigences de divulgation et de préparation à la cybersécurité des cyber
Les nouveaux mandats de cybersécurité & nbsp; ne font aucune distinction entre les données exposées dans une violation qui a été stockée sur site, dans le
The SEC isn\'t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the |
Cloud | ★★ | |
 |
2024-01-31 16:00:19 | Pourquoi les adversaires ont la tête dans le nuage Why adversaries have their heads in the cloud (lien direct) |
Regardez des experts de Red Canary et ailleurs parcourir les techniques d'attaque courantes dans les environnements Cloud Azure et AWS
Watch experts from Red Canary and elsewhere walk through common attack techniques in Azure and AWS cloud environments |
Cloud | ★★★ | |
|
2024-01-31 15:00:00 | Gérer l'identité dans les nuages essentiels à la sécurité des entreprises Managing Identity Across Clouds Critical to Enterprise Security (lien direct) |
La gestion de l'accès privilégié (PAM) est notoirement difficile à déployer et l'utilisation croissante du cloud a rendu plus complexe.
Privileged access management (PAM) is notoriously difficult to deploy and companies\' increasing use of cloud has made it even more complex. |
Cloud | ★★★ | |
 |
2024-01-31 15:00:00 | Le rapport Sysdig expose 91% de défaillance des analyses d'exécution Sysdig Report Exposes 91% Failure in Runtime Scans (lien direct) |
La recherche a également révélé que 69% des entreprises n'ont pas encore intégré l'IA dans des environnements cloud
The research also revealed 69% of enterprises have yet to integrate AI into cloud environments |
Cloud | ★★ | |
 |
2024-01-31 13:50:00 | Gestion de la posture de sécurité des données vs gestion de la posture de sécurité cloud Data security posture management vs cloud security posture management (lien direct) |
> & # 8220; Une violation de données vient de se produire & # 8221;, est une phrase qu'aucun professionnel de la sécurité ne veut entendre.Du CISO sur Down aux analystes SOC, une violation de données est la définition d'une très mauvaise journée.Cela peut causer de graves dommages à la marque et une perte financière pour les entreprises, entraîner des changements de carrière brusques parmi les professionnels de la sécurité et [& # 8230;]
>“A data breach has just occurred”, is a phrase no security professional wants to hear. From the CISO on down to the SOC analysts, a data breach is the definition of a very bad day. It can cause serious brand damage and financial loss for enterprises, lead to abrupt career changes among security professionals, and […] |
Data Breach Cloud | ★★ | |
 |
2024-01-31 13:07:18 | Échelle de sécurité avec l'IA: de la détection à la solution Scaling security with AI: from detection to solution (lien direct) |
Dongge Liu and Oliver Chang, Google Open Source Security Team, Jan Nowakowski and Jan Keller, Machine Learning for Security TeamThe AI world moves fast, so we\'ve been hard at work keeping security apace with recent advancements. One of our approaches, in alignment with Google\'s Safer AI Framework (SAIF), is using AI itself to automate and streamline routine and manual security tasks, including fixing security bugs. Last year we wrote about our experiences using LLMs to expand vulnerability testing coverage, and we\'re excited to share some updates. Today, we\'re releasing our fuzzing framework as a free, open source resource that researchers and developers can use to improve fuzzing\'s bug-finding abilities. We\'ll also show you how we\'re using AI to speed up the bug patching process. By sharing these experiences, we hope to spark new ideas and drive innovation for a stronger ecosystem security.Update: AI-powered vulnerability discoveryLast August, we announced our framework to automate manual aspects of fuzz testing (“fuzzing”) that often hindered open source maintainers from fuzzing their projects effectively. We used LLMs to write project-specific code to boost fuzzing coverage and find more vulnerabilities. Our initial results on a subset of projects in our free OSS-Fuzz service | Vulnerability Patching Cloud | ★★ | |
 |
2024-01-31 12:04:33 | Règles de données proposées par CFPB \\ CFPB\\'s Proposed Data Rules (lien direct) |
En octobre, le Consumer Financial Protection Bureau (CFPB) a proposé unEnsemble de règles que s'ils sont mis en œuvre transformeraient la façon dont les institutions financières génèrent des données personnelles sur leurs clients.Les règles rendent le contrôle de ces données entre les mains des Américains ordinaires, tout en sapant l'économie du courtier de données et en augmentant le choix et la concurrence des clients.Au-delà de ces effets économiques, les règles ont d'importants avantages de sécurité des données.
Les règles du CFPB s'alignent sur une idée de sécurité clé: le principe de découplage .En séparant quelles entreprises voient quelles parties de nos données et dans quels contextes, nous pouvons prendre le contrôle des données sur nous-mêmes (amélioration de la confidentialité) et durcir les infrastructures cloud contre les hacks (amélioration de la sécurité).Les responsables de la CFPB ont décrit les nouvelles règles comme une tentative d'accélérer un changement vers & # 8220; Open Banking, & # 8221;Et après une première période de commentaires sur les nouvelles règles terminées à la fin de l'année dernière, Rohit Chopra, le directeur du CFPB, ...
In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. The rules put control of that data back in the hands of ordinary Americans, while at the same time undermining the data broker economy and increasing customer choice and competition. Beyond these economic effects, the rules have important data security benefits. The CFPB’s rules align with a key security idea: the decoupling principle. By separating which companies see what parts of our data, and in what contexts, we can gain control over data about ourselves (improving privacy) and harden cloud infrastructure against hacks (improving security). Officials at the CFPB have described the new rules as an attempt to accelerate a shift toward “open banking,” and after an initial comment period on the new rules closed late last year, Rohit Chopra, the CFPB’s director, ... |
Cloud | ★★ | |
 |
2024-01-31 11:00:00 | Bulletproofing the Retail Cloud avec la sécurité de l'API Bulletproofing the retail cloud with API security (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Application programming interface (API) security is critical for retailers increasingly reliant on cloud technology. However, they also open potential gateways for cyber threats, making robust security protocols essential to protect sensitive data and maintain customer trust. The complexity of retail systems, which often involve numerous third-party integrations, can create multiple points of vulnerability. Evolving cyber threats necessitate a dynamic approach to API security, making it a moving target that requires continuous attention and adaptation. Understanding the retail cloud environment API is a set of protocols and tools that allows different software applications to communicate with each other. In cloud environments, it facilitates the interaction between cloud services and applications, enabling features — like data synchronization, payment processing and inventory management — to work seamlessly together. It is also pivotal in the retail sector by connecting various services and applications to deliver a smooth shopping experience. If organizations neglect API security, cybercriminals can exploit APIs to access confidential information, leading to a loss of customer trust, which is critical in the highly competitive retail market. Regular API audits and assessments These audits help identify vulnerabilities before attackers can exploit them, ensuring organizations can promptly address security gaps. Regular assessments are also proactive measures to fix current issues and anticipate future threats. They enable IT teams to verify that security measures are current with the latest protection standards and to confirm APIs comply with internal policies and external regulations. By routinely evaluating API security, retailers can detect anomalies, manage access controls effectively and guarantee they consistently apply encryption standards. Robust authentication and authorization They verify the identity of users and systems, ensuring only legitimate parties can access sensitive retail data. Utilizing multi-factor authentication, which requires more than one verification method, significantly enhances security by adding layers that an unauthorized user must penetrate. With authorization, it’s crucial to implement protocols that dictate what authenticated users can do. Effective approval guarantees users have access only to the data and actions necessary for their role. For instance, role-based access control can help manage user permissions with greater granularity. Retailers can assign roles and permissions based on job functions, enabling tight control over who is authorized to view or alter data within the API ecosystem. Encryption and data protection Encryption is an essential barrier, obscuring data to make it indecipherable to unauthorized users who might intercept it during transmission or gain access to storage systems. It’s also critical for retailers to manage encryption keys with strict policies, ensuring only authorized personnel can decrypt the data. Beyond protection, comprehensive data encryption allows retailers, especially in the apparel industry, to collect and analyze extensive customer data safely. This data is invaluable for forecasting trends, customer pre | Tool Vulnerability Threat Cloud | ★★★ | |
 |
2024-01-31 07:00:00 | Menaces croissantes: tactiques d'ingénierie sociale à l'ère du cloud Rising Threats: Social Engineering Tactics in the Cloud Age (lien direct) |
> Au cours de la dernière année, les tactiques d'ingénierie sociale utilisées pour les cyberattaques ont considérablement évolué alors que les attaquants manipulent la confiance, les biais et les vulnérabilités inhérents au comportement humain individuel pour obtenir un accès non autorisé à des informations ou des systèmes sensibles. & # 160;Notre rapport sur le cloud et les menaces «Année en revue», a révélé qu'en 2023, l'ingénierie sociale était la plus courante [& # 8230;]
>Over the past year, the social engineering tactics used for cyber attacks have evolved significantly as attackers manipulate the inherent trust, biases, and vulnerabilities of individual human behavior to gain unauthorized access to sensitive information or systems. Our “year in review” Cloud and Threat Report, revealed that in 2023, social engineering was the most common […] |
Vulnerability Threat Cloud | ★★ | |
 |
2024-01-30 20:30:00 | Évolution de UNC4990: Découvrir les profondeurs cachées de USB MALWARE \\ Evolution of UNC4990: Uncovering USB Malware\\'s Hidden Depths (lien direct) |
Défense gérée mandiante Suivi unc4990 , un acteur qui utilise fortement les périphériques USB pour l'infection initiale.UNC4990 cible principalement les utilisateurs basés en Italie et est probablement motivé par un gain financier.Nos recherches montrent que cette campagne est en cours depuis au moins 2020. malgré son apparition sur la tactique séculaire de l'armement USBDrives, UNC4990 continue d'évoluer leurs outils, tactiques et procédures (TTPS).L'acteur est passé de l'utilisation de fichiers texte codés apparemment bénins à l'hébergement de charges utiles sur des sites Web populaires tels que Ars Technica, Github, Gitlab et Vimeo. Les services légitimes abusés par
Mandiant Managed Defense has been tracking UNC4990, an actor who heavily uses USB devices for initial infection. UNC4990 primarily targets users based in Italy and is likely motivated by financial gain. Our research shows this campaign has been ongoing since at least 2020.Despite relying on the age-old tactic of weaponizing USB drives, UNC4990 continues to evolve their tools, tactics and procedures (TTPs). The actor has moved from using seemingly benign encoded text files to hosting payloads on popular websites such as Ars Technica, GitHub, GitLab, and Vimeo.The legitimate services abused by |
Malware Tool Cloud | ★★★★ | |
 |
2024-01-30 20:11:34 | Falcon Fund in Focus: Aembit renforce la sécurité pour l'accès à la charge de travail à la charge de travail Falcon Fund in Focus: Aembit Strengthens Security for Workload-to-Workload Access (lien direct) |
L'essor des services cloud distribués et l'omniprésence des API ont fait que l'architecture d'application native du cloud est devenue très fragmentée.L'application d'un accès sécurisé est une étape essentielle pour renforcer la sécurité car les environnements informatiques deviennent plus complexes - mais pour de nombreuses organisations, assurer un accès sécurisé dans cette architecture en évolution est un défi constant.Accès sécurisé existant [& # 8230;]
The rise of distributed cloud services and the omnipresence of APIs has caused cloud-native application architecture to become highly fragmented. Enforcing secure access is a critical step in strengthening security as IT environments become more complex - but for many organizations, ensuring secure access across this evolving architecture is a constant challenge. Existing secure access […] |
Cloud | ★★ | |
|
2024-01-30 14:38:58 | CrowdStrike a nommé un leader de Forrester Wave pour la sécurité de la charge de travail cloud CrowdStrike Named a Leader in Forrester Wave for Cloud Workload Security (lien direct) |
Aujourd'hui, nous sommes fiers d'annoncer que Forrester a nommé Crowdsstrike un leader dans la sécurité de la charge de travail de Forrester Wave ™: Cloud, T1 2024, indiquant que «Crowdsstrike brille dans CWP sans agent [protection contre la charge de travail cloud] et la protection d'exécution des conteneurs».Forrester a identifié les 13 fournisseurs les plus importants de la sécurité de la charge de travail cloud et a recherché, analysé et noté en fonction des forces [& # 8230;]
Today, we\'re proud to announce that Forrester has named CrowdStrike a Leader in The Forrester Wave™: Cloud Workload Security, Q1 2024, stating “CrowdStrike shines in agentless CWP [cloud workload protection] and container runtime protection.” Forrester identified the 13 most significant vendors in cloud workload security and researched, analyzed and scored them based on the strengths […] |
Cloud Commercial | ★★ | |
|
2024-01-30 13:47:04 | (Déjà vu) La recherche de la délibération révèle que les ransomwares sont de retour en augmentation alors que les cybercriminels \\ 'la motivation se déplace vers l'exfiltration des données Delinea Research Reveals that Ransomware is Back on the Rise as Cybercriminals\\' Motivation Shifts to Data Exfiltration (lien direct) |
La recherche sur la conduite révèle que les ransomwares sont de retour en augmentation alors que les cybercriminels \\ 'se déplacent vers l'exfiltration des données
Plus de 75% des organisations paient des ransomwares à mesure que les entreprises de taille moyenne deviennent la cible préférée, le cloud devient le vecteur d'attaque le plus vulnérable
-
mise à jour malveillant
Delinea Research Reveals that Ransomware is Back on the Rise as Cybercriminals\' Motivation Shifts to Data Exfiltration More than 75% of organizations are paying ransomware as mid-sized companies become the preferred target, cloud becomes the most vulnerable attack vector - Malware Update |
Ransomware Studies Cloud | ★ | |
|
2024-01-30 07:53:06 | Verspieren choisit Rubrik (lien direct) | Rubrik choisi par Verspieren pour accélérer sa transformation numérique et renforcer sa cyber-résilience Le courtier en assurance français s'appuie sur la solution Rubrik Security Cloud pour protéger ses données et ses utilisateurs M365. - Marchés | Cloud | ★ | |
|
2024-01-29 17:03:00 | 493 entreprises partagent leurs batailles de sécurité SaaS & # 8211;Obtenez des informations dans ce webinaire 493 Companies Share Their SaaS Security Battles – Get Insights in this Webinar (lien direct) |
Dans le monde numérique d'aujourd'hui, les risques de sécurité sont plus répandus que jamais, en particulier en ce qui concerne les applications de logiciel en tant que service (SaaS).Saviez-vous qu'un alarmant 97% des entreprises sont confrontées à de graves risques des applications SaaS non sécurisées? En outre, environ 20% de ces organisations sont aux prises avec des menaces de données internes.Ces statistiques ne sont pas des nombres;Ils sont un réveil.
Étaient
In today\'s digital world, security risks are more prevalent than ever, especially when it comes to Software as a Service (SaaS) applications. Did you know that an alarming 97% of companies face serious risks from unsecured SaaS applications?Moreover, about 20% of these organizations are struggling with internal data threats. These statistics aren\'t just numbers; they\'re a wake-up call. We\'re |
Cloud | ★★★ | |
|
2024-01-29 11:37:39 | Suppression d\'emplois, IA, …la stratégie de SAP inquiète ses clients francophones (lien direct) | Après S/4 HANA et le Cloud, les clients francophones de SAP, regroupés au sein de l'USF, s'inquiètent du nouveau mouvement stratégique de l'éditeur allemand vers la GenAI. | Cloud | ★★★ | |
|
2024-01-29 09:12:14 | RHEL : une tarification chamboulée pour les VM cloud (lien direct) | L'usage de RHEL par les fournisseurs cloud sera bientôt facturé au vCPU. AWS fait évoluer en conséquence la tarification de ses VM. | Cloud | ★★ | |
|
2024-01-29 08:06:40 | Sysdig Nomm & Eacute;Meilleure solution de sécurité native du cloud par DevOps Dozen Sysdig nommé Best Cloud Native Security Solution par DevOps Dozen (lien direct) |
sysdig nomm & eacute;Meilleure solution de sécurité native de cloud par DevOps Dozen
-
affaires
Sysdig nommé Best Cloud Native Security Solution par DevOps Dozen - Business |
Cloud | ★★★ | |
|
2024-01-26 17:16:24 | Acteurs de menace distribuant des logiciels malveillants d'écran de OneDrive Threat Actors Distributing Screenshotter Malware from OneDrive (lien direct) |
> Selon les données collectées par Netskope Threat Labs, au cours de 2023, OneDrive était l'application cloud la plus exploitée en termes de téléchargements de logiciels malveillants.Et si une bonne journée commence le matin, 2024 ne promet rien de bon.En fait, début janvier et après une pause de neuf mois, des chercheurs de [& # 8230;]
>According to the data collected by Netskope Threat Labs, over the course of 2023, OneDrive was the most exploited cloud app in terms of malware downloads. And if a good day starts in the morning, 2024 does not promise anything good. In fact, at the beginning of January, and after a nine-month break, researchers from […] |
Malware Threat Cloud | ★★ | |
|
2024-01-26 12:11:52 | GenAI : Google Cloud et Hugging Face se rapprochent (lien direct) | Google Cloud et Hugging Face annonce une collaboration pour développer et accélérer l'adoption des modèles ouverts d'intelligence artificielle générative. | Cloud | ★★ | |
|
2024-01-25 23:30:00 | La migration vers le Cloud est en marche et rien ne l\'arrêtera (lien direct) | La migration vers le Cloud est en marche et rien ne l'arrêtera. Le Club de la Presse B to B a organisé un débat intitulé “ Quand faut-il migrer (réécrire) ou non ses applications vers le cloud public ? ” - Investigations / affiche | Cloud | ★★★ |
To see everything:
Our RSS (filtrered)
