What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-20 14:56:28 | 2024 Experts de l'industrie de la cybersécurité Prédictions: Partie 1 2024 Cybersecurity Industry Experts Predictions: Part 1 (lien direct) |
Alors que 2023 tire à sa fin, il est temps pour les experts de la cybersécurité de regarder leurs boules de cristal et de prédire ce que l'année prochaine s'est réservée à l'industrie de la sécurité.Dans la première partie de nos prédictions, des experts en rafale de My1login, I-Confidential et OSP Cyber Academy révèlent ce qu'ils croient être le plus grand [& # 8230;]
Le post 2024 Experts de l'industrie de la cybersécurité Prédictions: Partie 1 est apparu pour la première fois sur gourou de la sécurité informatique .
As 2023 draws to a close, it\'s time for cybersecurity experts to gaze into their crystal balls and predict what the next year has set in store for the security industry. In the first part of our predictions round-up experts at My1Login, i-confidential, and OSP Cyber Academy reveal what they believe will be the biggest […] The post 2024 Cybersecurity Industry Experts Predictions: Part 1 first appeared on IT Security Guru. |
Prediction Prediction | ★★ | |
 |
2023-12-20 13:44:47 | IA, Deepfakes, cyberharcèlement entre mineurs, fraudes aux dons et Jeux Olympiques : McAfee dévoile ses prédictions en matière de cybermenaces pour 2024 (lien direct) | IA, Deepfakes, cyberharcèlement entre mineurs, fraudes aux dons et Jeux Olympiques : McAfee dévoile ses prédictions en matière de cybermenaces pour 2024 - Investigations | Prediction | ★★ | |
 |
2023-12-19 09:08:04 | Manipulation de modèles linguistiques, piratage de casques VR, attaques de Vishing : que nous réserve l\'année " cyber " 2024 ? (lien direct) | Chaque nouvelle tendance technologique ouvre de nouveaux vecteurs d'attaque pour les cybercriminels. En 2024, les menaces émergentes ciblant les entreprises et les particuliers seront encore plus intenses, complexes et difficiles à gérer. | Threat Prediction | ★★★ | |
 |
2023-12-18 22:51:00 | Dans les coulisses: la frappe coordonnée de Jaskago \\ sur macOS et Windows Behind the Scenes: JaskaGO\\'s Coordinated Strike on macOS and Windows (lien direct) |
Executive summary
In recent developments, a sophisticated malware stealer strain crafted in the Go programming language has been discovered by AT&T Alien Labs, posing a severe threat to both Windows and macOS operating systems.
As of the time of publishing of this article, traditional antivirus solutions have low or even non-existent detection rates, making it a stealthy and formidable adversary.
Key takeaways:
The malware is equipped with an extensive array of commands from its Command and Control (C&C) server.
JaskaGO can persist in different methods in infected system.
Users face a heightened risk of data compromise as the malware excels at exfiltrating valuable information, ranging from browser credentials to cryptocurrency wallet details and other sensitive user files.
Background
JaskaGO contributes to a growing trend in malware development leveraging the Go programming language. Go, also known as Golang, is recognized for its simplicity, efficiency, and cross-platform capabilities. Its ease of use has made it an attractive choice for malware authors seeking to create versatile and sophisticated threats.
While macOS is often perceived as a secure operating system, there exists a prevalent misconception among users that it is impervious to malware. Historically, this misbelief has stemmed from the relative scarcity of macOS-targeted threats compared to other platforms. However, JaskaGO serves as a stark reminder that both Windows and macOS users are constantly at risk of malware attacks.
As the malware use of file names resembling well-known applications (such as “Capcut_Installer_Intel_M1.dmg”, “Anyconnect.exe”) suggest a common strategy of malware deployment under the guise of legitimate software in pirated application web pages.
The first JaskaGo sample was observed in July 2023, initially targeting Mac users. Following this opening assault, dozens of new samples have been identified as the threat evolved its capabilities and developed in both macOS and to Windows versions; its low detection rate is evident by its recent sample by anti-virus engines. (Figure 1)
 .
Figure 1. As captured by Alien Labs: Anti-virus detection for recent JaskaGO samples within VirusTotal.
Analysis
Upon initial execution, the malware cunningly presents a deceptive message box, displaying a fake error message, claiming a missing file. This is strategically designed to mislead the user into believing that the malicious code failed to run. (Figure 2)
Figure 2. As captured by Alien Labs: Fake error message.
Anti-VM
The malware conducts thorough checks to determine if it is operating within a virtual machine (VM). This process begins with the examination of general machine information, where specific criteria such as the number of processors, system up-time, available system memory, and MAC addresses are checked. The presence of MAC addresses associated with well-known VM software, such as VMware or VirtualBox, is a key indicator. (Figure 3)
Figure 3. As captured by Alien Labs: Looking for VM related MAC addresses.
Additionally, the malware\'s Windows version searches for VM-related traces in both the registry and the file system. (Figure 4)
|
Malware Vulnerability Threat Prediction Technical | ★★★ | |
 |
2023-12-18 20:10:00 | Top 7 Tendances façonnant la sécurité SaaS en 2024 Top 7 Trends Shaping SaaS Security in 2024 (lien direct) |
Au cours des dernières années, le SaaS est devenu l'épine dorsale de l'informatique de l'informatique.Les entreprises de services, telles que les pratiques médicales, les cabinets d'avocats et les cabinets de services financiers, sont presque entièrement basés sur le SaaS.Les entreprises non services, y compris les fabricants et les détaillants, ont environ 70% de leur logiciel dans le cloud. & NBSP;
Ces applications contiennent une mine de données, du général peu sensible
Over the past few years, SaaS has developed into the backbone of corporate IT. Service businesses, such as medical practices, law firms, and financial services firms, are almost entirely SaaS based. Non-service businesses, including manufacturers and retailers, have about 70% of their software in the cloud. These applications contain a wealth of data, from minimally sensitive general |
Prediction Medical Cloud | ★★★ | |
 |
2023-12-18 06:00:21 | Une approche de risque intégrée pour briser la chaîne d'attaque juridique et de conformité: les informations de Proofpoint Protect 2023 An Integrated Risk Approach to Breaking the Legal and Compliance Attack Chain: Insights from Proofpoint Protect 2023 (lien direct) |
Last September, Proofpoint held our first in-person event since the pandemic in New York City, Protect 2023. In this blog post, our Chief Compliance Officer in Residence John Pepe shares some key insights from the leaders who participated in the Compliance Leader\'s Roundtable at that conference. A big part of that discussion was exploring how combining data points from multiple tools can help stop known risk patterns before problems escalate. “Break the Attack Chain” is a Proofpoint initiative that outlines our approach to prevent and disrupt cyberattacks that target people and their data. The attack chain can basically be broken down into eight steps and three main stages: Initial compromise Privilege escalation Data exfiltration Steps in the attack chain. We believe that breaking the attack chain is so important that we made it the theme of Protect 2023. When you break the attack chain, you reduce the risks and the impact of cyberattacks. And you avoid a lot of the financial, reputational and operational damage. Proofpoint argues that this starts by taking a people-centric approach to security that focuses on the human factors that enable and motivate attackers. But this theme isn\'t just relevant to cybersecurity. It\'s also an important concept that\'s relevant to compliance professionals and their current challenges. Recently at the Protect 2023 conference, we explored how the industry is using this idea to rethink the ways it approaches and mitigates risk. What\'s top of mind for compliance professionals right now? Part of my job at Proofpoint is to provide our customers-some of whom are highly regulated-with executive briefings on compliance and regulatory best practices. I also have a lot of critical discussions with the legal and regulatory communities. So I understand why the concept of breaking the attack chain transcends cybersecurity and really resonates with these groups. That\'s why I chose to explore it at Protect 2023 at the Compliance Leader\'s Roundtable. This panel was comprised of a chief compliance officer from a leading financial services provider, the head of surveillance for an asset manager, and a chief information security officer. And our topic was “What\'s Top of Mind for Compliance Professionals Post COVID-19." The discussion was informal and focused on work-from-home (WFH) initiatives during and after the pandemic. Two interconnected areas were of particular interest: Risks and programs related to WFH, with a special focus on collaboration platforms How behavioral indicators may help to predict potential legal or compliance issues When talking about insider risks and threats, the panelists explored: Best practices for controlling messaging apps and mitigating risks in mobile texts and chat How behavioral modeling and analytics can be used to enhance risk monitoring for user conduct How combining multiple compliance approaches can help form a holistic risk management program, which can mean integrating: Threat detection People analytics Conduct compliance applications As part of the conversation, I brought up the topic of employee behaviors and patterns that can lead to legal or compliance issues. The example scenario I offered was of a disgruntled employee who had received an underwhelming bonus or was passed up for a promotion. To get back at the company, this person stole sensitive company data and intellectual property (IP) before they left their job. The panel discussed behaviors or telemetry that might be present in such a scenario. And they talked about whether any data about user conduct might help detect and prevent potential losses. An integrated approach to breaking the attack chain What follows are some of the ways that our panelists use tools to mitigate risks. And how Proofpoint can help. Combining internal and external data One of the most crucial aspects of a surveillance analyst\'s job, especially in financial services, is monitoring employee risk. The roundtable emp | Tool Threat Mobile Prediction Conference | ★★★ | |
|
2023-12-15 10:10:59 | 6 tendances et prédictions de la cybersécurité pour 2024 6 Cybersecurity Trends and Predictions for 2024 (lien direct) |
6 Tendances et prédictions de la cybersécurité pour 2024
Qui expliquent pourquoi les menaces d'identité ne peuvent plus être ignorées
par: Mickey Boodaei, PDG et co-fondateur, Transmit Security.
-
opinion
6 Cybersecurity Trends and Predictions for 2024 That Explain Why Identity Threats Can No Longer Be Ignored By: Mickey Boodaei, CEO & Co-Founder, Transmit Security. - Opinion |
Prediction | ★★ | |
|
2023-12-15 09:34:27 | SoSafe dévoile ses prévisions 2024 sur l\'évolution de la cybercriminalité (lien direct) | SoSafe dévoile ses prévisions 2024 sur l'évolution de la cybercriminalité - Points de Vue | Prediction | ★★ | |
|
2023-12-14 18:34:12 | 10 prédictions de sécurité pour 2024 10 Security Predictions for 2024 (lien direct) |
Dans un contexte de conditions économiques incertaines et de troubles géopolitiques, 2023 approche de sa fin.Mais ce n'est pas toutes de mauvaises nouvelles.Dans la course contre les gangs cyber-criminels et les acteurs de menaces malveillants en 2023, les catastrophes majeures ne se sont pas matérialisées et l'état de cyber-défense est plus fort que jamais.De nouvelles solutions pour l'IoT et la sécurité OT, l'accent mis sur les vulnérabilités open source et les progrès dans la formation de sensibilisation à la sécurité au sein des organisations sont tous des signes de défenses plus fortes.Avec ce (...)
-
opinion
Against a backdrop of uncertain economic conditions and geopolitical unrest, 2023 nears its end. But it isn\'t all bad news. In the race against cyber criminal gangs and malicious threat actors in 2023, major catastrophes have not materialized, and the state of cyber defense is stronger than ever. New solutions for IoT and OT security, a focus on open source vulnerabilities, and progress in security awareness training within organizations are all signs of stronger defenses. With this (...) - Opinion |
Vulnerability Threat Industrial Prediction | ★★★ | |
|
2023-12-14 15:21:09 | 2024 Prédiction de Chad Cardenas, le groupe Syndicate 2024 Prediction from Chad Cardenas, The Syndicate Group (lien direct) |
Chad Cardenas, fondateur et PDG du Syndicate Group, une entreprise de capital-risque tirant parti de la puissance de l'écosystème de la chaîne pour accélérer la croissance des startups, a récemment partagé la prédiction suivante pour 2024, ce que je pensais que votre public pourrait être intéressé: Pas de ralentissement dans le cyber, canal pour jouer un rôle accru: l'industrie de la cybersécurité continuera de s'épanouir alors que les organisations mettent en œuvre et réviseront continuellement l'infrastructure nécessaire pour gérer les risques et prévenir contre les attaques.Comme cyber (...)
-
opinion
Chad Cardenas, Founder and CEO of The Syndicate Group, a venture firm leveraging the power of the channel ecosystem to accelerate startup growth, recently shared the following prediction for 2024, which I thought your audience might be interested in: No Slowdown in Cyber, Channel to Play Increased Role: The cybersecurity industry will continue to flourish as organizations continually update and revise the infrastructure needed to manage risk and prevent against attacks. As cyber (...) - Opinion |
Prediction | ★★★ | |
 |
2023-12-14 14:00:00 | 2024 Prédictions de sécurité de l'équipe de recherche sur sonar 2024 Security Predictions from the Sonar Research Team (lien direct) |
Réfléchissant sur les changements dans l'industrie au cours de la dernière année, ainsi que les recherches que nous avons publiées, l'équipe de recherche sur la vulnérabilité de Sonar s'est réunie et a compilé nos réflexions sur ce que nous prévoyons pour la cybersécurité en 2024.
Reflecting on changes in the industry over the past year, as well as the research we\'ve published, the Sonar Vulnerability Research team came together and compiled our thoughts on what we foresee for cybersecurity in 2024. |
Vulnerability Prediction | ★★★ | |
|
2023-12-14 13:41:27 | 2024-2026 : ce que réserve la cybersécurité (lien direct) | 2024-2026 : ce que réserve la cybersécurité par CyberArk - Points de Vue | Prediction | ★★★ | |
|
2023-12-14 12:07:01 | Cybersécurité : à quoi s\'attendre en 2024 concernant l\'IA ? (lien direct) | Cybersécurité : à quoi s'attendre en 2024 concernant l'IA ? - Points de Vue | Prediction | ★★★ | |
|
2023-12-14 09:06:19 | Crystal Morin, Sysdig : ses prédictions 2024 en matière de cybersécurité (lien direct) | Crystal Morin, Sysdig : ses prédictions 2024 en matière de cybersécurité au niveau international Crystal Morin, Cybersecurity Strategist pour Sysdig, s'exprime sur ce qui sera important dans le paysage de la cybersécurité en 2024. - Points de Vue | Prediction | ★★★ | |
|
2023-12-14 07:44:10 | J'ai cassé mon téléphone!Une mise à jour sur les nouveaux développements dans les attaques conversationnelles contre le mobile I Broke My Phone! An Update on New Developments in Conversational Attacks on Mobile (lien direct) |
C'est la saison des achats, ce qui ne peut signifier qu'une chose: des dizaines de fausses messages de «livraison manqués» qui tentent de voler notre argent, nos données et nos identités.Mais il y a de bonnes nouvelles.Les données de preuve Point montrent que la croissance des smirs a ralenti au cours des 18 derniers mois dans de nombreuses régions, devenant une partie établie du paysage plutôt qu'une menace croissante. Tendances mondiales de smirs. Cependant, le risque reste grave.Et dans de nombreux cas, les attaques deviennent plus spécialisées et sournoises. De nouvelles attaques conversationnelles émergent Au cours de la dernière année, nous avons connu une croissance rapide des attaques conversationnelles contre le mobile.Ces tactiques impliquent que les attaquants envoient plusieurs messages, imitant les modèles d'engagement authentique pour renforcer la confiance.Pendant ce temps, nous avons vu le volume des attaques conversationnelles augmenter de 318% dans le monde, 328% aux États-Unis et 663% dans la boucherie de porc au Royaume-Uni, que nous avons couverte auparavant sur le blog, est un exemple notabled'une menace conversationnelle.Mais ce n'est pas le seul. Dans certaines parties du monde, une usurpation d'identité est devenue une tendance importante.C'est là que l'attaquant prétend être quelqu'un que la victime connaît, comme un membre de la famille, un ami ou une connaissance des entreprises.L'usurpation d'identité peut augmenter la probabilité que la victime faisait confiance au message et attiré dans la conversation. Au Royaume-Uni, l'une des tactiques d'identité communes est de prétendre être un enfant avec un téléphone perdu ou cassé. Exemple d'un texte envoyé par les attaquants. Ceci est un exemple classique de l'ingénierie sociale, en utilisant l'anxiété parentale pour contourner notre prudence habituelle.La prochaine étape dans les abus de conversation implique généralement de persuader la victime de passer à WhatsApp ou un autre service de messagerie avant de demander un transfert d'argent.Dans ce cas, la somme est susceptible d'être faible, mais nous avons vu des montants importants demandés et reçus dans une gamme de leurres conversationnels. Des messages familiaux similaires ont également été signalés en Nouvelle-Zélande.Aux États-Unis, l'identité est plus susceptible d'être un ami ou une connaissance d'entreprise revendiquant une connexion manquée ou demandant à rattraper son retard.Les méthodes qui réussissent dans un pays sont souvent appliquées ailleurs, donc il ne faudra peut-être pas longtemps avant que «Hey Mum» du Royaume-Uni ne devienne «Hey Mom» d'Amérique \\. Et comme les licenciements et l'incertitude économique restent une réalité pour beaucoup, les escroqueries de recrutement ont également passé le courrier électronique au mobile.Après une approche initiale via SMS, les attaquants tenteront de poursuivre l'engagement sur un service de messagerie.Les victimes peuvent être ciblées pour une fraude à des fins avancées, faire face au vol de données personnelles ou être recrutées comme des mules de l'argent pour le blanchiment de gangs criminels. Restez vigilant et signalez des messages malveillants Le ralentissement de la croissance peut sembler une bonne nouvelle.Mais la réalité est que les attaques de smirs sont simplement devenues omniprésentes, tout en grandissant en sophistication et en ruse.Et le risque pour les utilisateurs et l'écosystème mobile reste sévère.Nos téléphones sont toujours au centre de notre vie personnelle, professionnelle et financière.À mesure que les escroqueries deviennent plus variées et ciblées, le coût de la victime d'une attaque peut être significatif. Si vous rencontrez du shishing, du spam ou d'autres contenus suspects, assurez-vous d'utiliser les fonctionnalités de rapport Android et iOS.Ou si la capacité de rapport simplifiée n'est pas disponible, vous pouvez transmettre des messages texte de spam à 7726 qui épellent le «spam» sur le clavier | Spam Threat Mobile Prediction | ★★★ | |
|
2023-12-12 16:20:17 | Démocratisation de l\'IA, généralisation du Modern Edge et du Zero Trust : Dell Technologies dévoile les tendances technologiques pour 2024 (lien direct) | Démocratisation de l'IA, généralisation du Modern Edge et du Zero Trust : Dell Technologies dévoile les tendances technologiques pour 2024. • En 2024, L'IA générative évoluera de la phase de rupture vers une phase d'optimisation, marquant ainsi la transition de la théorie aux applications pratiques. • L'approche " plateformes Edge " va se généraliser, avec des entreprises et des écosystèmes proposant des modèles de plateformes Edge plus simples. • Les infrastructures Zero Trust deviendront la norme en 2024 et seront même obligatoires pour un certain nombre d'industries. - Points de Vue | Prediction | ★★★ | |
 |
2023-12-12 12:00:09 | Durcissant les bandes de base cellulaire dans Android Hardening cellular basebands in Android (lien direct) |
Posted by Ivan Lozano and Roger Piqueras Jover Android\'s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellular baseband given its unique combination of running in an elevated privilege and parsing untrusted inputs that are remotely delivered into the device. This post covers how to use two high-value sanitizers which can prevent specific classes of vulnerabilities found within the baseband. They are architecture agnostic, suitable for bare-metal deployment, and should be enabled in existing C/C++ code bases to mitigate unknown vulnerabilities. Beyond security, addressing the issues uncovered by these sanitizers improves code health and overall stability, reducing resources spent addressing bugs in the future. An increasingly popular attack surface As we outlined previously, security research focused on the baseband has highlighted a consistent lack of exploit mitigations in firmware. Baseband Remote Code Execution (RCE) exploits have their own categorization in well-known third-party marketplaces with a relatively low payout. This suggests baseband bugs may potentially be abundant and/or not too complex to find and exploit, and their prominent inclusion in the marketplace demonstrates that they are useful. Baseband security and exploitation has been a recurring theme in security conferences for the last decade. Researchers have also made a dent in this area in well-known exploitation contests. Most recently, this area has become prominent enough that it is common to find practical baseband exploitation trainings in top security conferences. Acknowledging this trend, combined with the severity and apparent abundance of these vulnerabilities, last year we introduced updates to the severity guidelines of Android\'s Vulnerability Rewards Program (VRP). For example, we consider vulnerabilities allowing Remote Code Execution (RCE) in the cellular baseband to be of CRITICAL severity. Mitigating Vulnerability Root Causes with Sanitizers Common classes of vulnerabilities can be mitigated through the use of sanitizers provided by Clang-based toolchains. These sanitizers insert runtime checks against common classes of vulnerabilities. GCC-based toolchains may also provide some level of support for these flags as well, but will not be considered further in this post. We encourage you to check your toolchain\'s documentation. Two sanitizers included in Undefine | Tool Vulnerability Threat Mobile Prediction Conference | ★★★ | |
 |
2023-12-12 11:00:02 | Securonix 2024 Prédictions de cybersécurité Securonix 2024 Cybersecurity Predictions (lien direct) |
Securonix 2024 Prédictions de cybersécurité.Nos experts ont réfléchi à ce que nous avons appris en 2023 et a partagé leurs pensées dans ces prévisions sur les tendances, les défis et les opportunités qui nous attendent en 2024.
Securonix 2024 Cybersecurity Predictions. Our experts reflected on what we learned in 2023, and shared their thoughts in this forecast on the trends, challenges and opportunities that lie ahead in 2024. |
Prediction | ★★★ | |
|
2023-12-12 09:00:37 | Cybersécurité : ce que les hackers du dark web prédisent pour 2024 (lien direct) | NORDVPN : Cybersécurité : ce que les hackers du dark web prédisent pour 2024 - Points de Vue | Prediction | ★★★ | |
|
2023-12-11 16:23:00 | Webinaire - Psychologie de l'ingénierie sociale: décoder l'esprit d'un cyber-attaquant Webinar - Psychology of Social Engineering: Decoding the Mind of a Cyber Attacker (lien direct) |
Dans le paysage de cybersécurité en constante évolution, une méthode se distingue par son efficacité effrayante & # 8211;ingénierie sociale.Mais pourquoi ça marche si bien?La réponse réside dans la danse complexe entre l'esprit de l'attaquant et la psychologie humaine.
Notre prochain webinaire, & nbsp; "Pensez comme un pirate, défendez-vous comme un pro", & nbsp; met en évidence cette tendance alarmante.Nous nous plongeons profondément dans l'ingénierie sociale, explorant son
In the ever-evolving cybersecurity landscape, one method stands out for its chilling effectiveness – social engineering. But why does it work so well? The answer lies in the intricate dance between the attacker\'s mind and human psychology. Our upcoming webinar, "Think Like a Hacker, Defend Like a Pro," highlights this alarming trend. We delve deep into social engineering, exploring its |
Prediction | ★★ | |
|
2023-12-11 09:01:23 | OmniIndex annonce les prédictions de l'IA pour 2024: durabilité, sécurité et conclusion des cas d'utilisation de l'IA OmniIndex announces AI predictions for 2024: sustainability, security and finding AI use cases (lien direct) |
OmniIndex annonce les prédictions de l'IA pour 2024: durabilité, sécurité et recherche sur les cas d'utilisation de l'IA
-
opinion
OmniIndex announces AI predictions for 2024: sustainability, security and finding AI use cases - Opinion |
Prediction | ★★ | |
|
2023-12-08 16:38:00 | Ransomware-as-a-Service: la menace croissante que vous ne pouvez pas ignorer Ransomware-as-a-Service: The Growing Threat You Can\\'t Ignore (lien direct) |
Les attaques de ransomwares et NBSP; sont devenues une menace importante et omniprésente dans le domaine en constante évolution de la cybersécurité.Parmi les différentes itérations des ransomwares, une tendance qui a pris de l'importance est le ransomware en tant que service (RAAS).Ce développement alarmant a transformé le paysage de la cybercriminalité, permettant aux personnes ayant une expertise technique limitée de mener des attaques dévastatrices.
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals with limited technical expertise to carry out devastating attacks. |
Ransomware Threat Prediction Technical | ★★ | |
 |
2023-12-08 05:00:33 | 2023 octobre & # 8211;Rapport de tendance des menaces sur les groupes APT 2023 Oct – Threat Trend Report on APT Groups (lien direct) |
Dans ce rapport, nous couvrons des groupes de menaces dirigés par la nation présumés de mener du cyber-espionnage ou du sabotage sous le soutien du soutiendes gouvernements de certains pays, appelés groupes de menace persistante avancés (APT) & # 8221;Pour des raisons pratiques.Par conséquent, ce rapport ne contient pas d'informations sur les groupes de cybercrimins visant à obtenir des bénéfices financiers.Nous avons organisé des analyses liées aux groupes APT divulgués par des sociétés de sécurité et des institutions, notamment AHNLAB au cours du mois précédent;Cependant, le contenu de certains groupes APT peut ne pas ...
In this report, we cover nation-led threat groups presumed to conduct cyber espionage or sabotage under the support of the governments of certain countries, referred to as “Advanced Persistent Threat (APT) groups” for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial profits. We organized analyses related to APT groups disclosed by security companies and institutions including AhnLab during the previous month; however, the content of some APT groups may not... |
Threat Prediction | ★★ | |
|
2023-12-08 05:00:12 | 2023 octobre & # 8211;Rapport sur la tendance des menaces du Web Deep et Dark 2023 Oct – Deep Web and Dark Web Threat Trend Report (lien direct) |
Ce rapport de tendance sur le Web Deep et le réseau sombre d'octobre 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteurs de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.Ransomware & # 8211;Regard de la ruche?Hunters International & # 8211;NOESCAPE Ransomware Gang & # 8211;Ragnarlocker DLS fermé & # 8211;Trigona disparaît Forum & # 38;Marché noir & # 8211;La base de données 23andMe a fui et vendu & # 8211;Violation du système de support d'Okta \\ détecté ...
This trend report on the deep web and dark web of October 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actors. We would like to state beforehand that some of the content has yet to be confirmed to be true. Ransomware – Rebrand of Hive? Hunters International – NoEscape Ransomware Gang – RagnarLocker DLS Shut Down – Trigona Disappears Forum & Black Market – 23andMe Database Leaked and Being Sold – Breach of Okta\'s Support System Detected... |
Ransomware Threat Prediction | ★★★ | |
|
2023-12-08 04:59:47 | 2023 octobre & # 8211;Rapport de tendance des menaces sur le groupe Kimsuky 2023 Oct – Threat Trend Report on Kimsuky Group (lien direct) |
Les activités de Kimsuky en octobre 2023 ont légèrement diminué par rapport à leurs activités globales en septembre en septembre.Un domaine de phishing a été découvert, mais parce qu'il utilise l'infrastructure BabyShark, il a été classé comme type BabyShark.Il y avait aussi un type composé où Flowerpower et RandomQuery étaient distribués simultanément.Enfin, davantage de changements dans le système de fleurs via une fragmentation du script ont été observés.2023_OCT_THREAT TREND RAPPORT SUR KIMSUKY GROUP
The Kimsuky group’s activities in October 2023 decreased slightly in comparison to their overall activities in September. One phishing domain was discovered, but because it uses the BabyShark infrastructure, it was classified as the BabyShark type. There was also a compound type where FlowerPower and RandomQuery were distributed simultaneously. Finally, more changes to the FlowerPower system via script fragmentation were observed. 2023_Oct_Threat Trend Report on Kimsuky Group |
Threat Prediction | ★★★ | |
|
2023-12-08 04:58:39 | 2023 octobre & # 8211;Rapport de tendance des menaces sur les statistiques des ransomwares et les problèmes majeurs 2023 Oct – Threat Trend Report on Ransomware Statistics and Major Issues (lien direct) |
Ce rapport fournit des statistiques sur le nombre de nouveaux échantillons de ransomware, des systèmes ciblés et des entreprises ciblées en octobre 2023, ainsi que des problèmes de ransomware notables en Corée et dans d'autres pays.Tendances clés 1) Hellokitty Ransomware & # 8217; s Code source fuite 2) Attaques de ransomware contre le serveur WS_FTP non corrigé 3) BlackCat Ransomware utilise & # 8216; Munchkin & # 8217;Alpine Linux VM 4) Autres 2023_OCT_THERAT RAPPORT DE TENDANCE SUR LES STATISTIQUES RANSOMWAGIES ET LES MAJEURS INSCULTATIONS
This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in October 2023, as well as notable ransomware issues in Korea and other countries. Key Trends 1) HelloKitty Ransomware’s Source Code Leaked 2) Ransomware Attacks Against Unpatched WS_FTP Server 3) BlackCat Ransomware Uses ‘Munchkin’ Alpine Linux VM 4) Others 2023_Oct_Threat Trend Report on Ransomware Statistics and Major Issues |
Ransomware Threat Prediction | ★★ | |
 |
2023-12-08 00:00:00 | La sécurité Web se développe dans Secure Service Edge (SSE) Web Security Expands into Secure Service Edge (SSE) (lien direct) |
Trend obtient un accès Web depuis plus d'une décennie avec l'innovation prospective et une empreinte mondiale pour soutenir la stratégie de sécurité de notre client \\.Nous nous engageons dans nos clients \\ 'parcours de transformation de leur posture de sécurité actuelle, de s'aligner sur les principes de confiance Zero et d'adopter une architecture de sécurité moderne et pleinement intégrée.
Trend has been securing web access for over a decade with forward-looking innovation and a global footprint to support our customer\'s security strategy. We are committed to our customers\' journey of transforming their current security posture, aligning with Zero Trust principles, and embracing a modern, fully integrated security architecture. |
Prediction | ★★ | |
|
2023-12-07 15:44:39 | Tendances 2024 : cinq cybermenaces à anticiper d\'urgence (lien direct) | De l'utilisation malveillante de l'Intelligence Artificielle (IA), en passant par la professionnalisation accélérée des groupes cybercriminels, le caractère polymorphique des cybermenaces se fonde à la fois sur la sophistication des cyberattaques, ainsi que la professionnalisation des cybercriminels. | Prediction | ★★★ | |
|
2023-12-07 14:29:12 | Gen révèle ses prédictions en cybersécurité pour 2024 (lien direct) | Gen révèle ses prédictions en cybersécurité pour 2024 Avec une IA de plus en plus sophistiquée, les menaces deviendront plus personnalisées aussi bien pour les personnes que les petites entreprises. - Points de Vue | Threat Prediction | ★★★ | |
|
2023-12-07 00:00:00 | 2023 Revue: réfléchir sur les tendances de la cybersécurité 2023 Review: Reflecting on Cybersecurity Trends (lien direct) |
Chaque année, les experts pèsent avec les prédictions de ce que les grandes tendances de cybersécurité seront en raison de la fréquence à laquelle ont-elles raison?C'est Greg Young et Bill Malik de la tendance de questions Micro \\ a récemment demandé récemment sur leur véritable podcast de cybersécurité, en examinant ce que les prévisionnistes se sont trompés sur un large éventail de sujets, de l'IA aux facteurs humains.
Every year, experts weigh in with predictions of what the big cybersecurity trends will be-but how often are they right? That\'s the question Trend Micro\'s Greg Young and Bill Malik asked recently on their Real Cybersecurity podcast, looking at what forecasters got wrong on a wide range of topics, from AI to human factors. |
Prediction | ★★★ | |
|
2023-12-07 00:00:00 | L'outil DFIR intégré peut simplifier et accélérer la cyber-criminalistique Integrated DFIR Tool Can Simplify and Accelerate Cyber Forensics (lien direct) |
Explorez des cas d'utilisation réels démontrant l'impact transformateur de Trend Vision One ™ & # 8211;Pays -cent-chef, un outil intégré de la criminalistique numérique et de la réponse aux incidents (DFIR)
Explore real use cases demonstrating the transformative impact of Trend Vision One™ – Forensics, an integrated Digital Forensics and Incident Response (DFIR) tool |
Tool Prediction | ★★★ | |
 |
2023-12-06 22:00:00 | Les écoles du Maine, de l'Indiana et de la Géorgie font face aux attaques de ransomwares Schools in Maine, Indiana and Georgia contend with ransomware attacks (lien direct) |
Les collèges et les écoles de la maternelle à la 12e année dans plusieurs États sont confrontés à des incidents de ransomwares provoquant des pannes et une fuite de données sensibles - une continuation d'une tendance qui a affecté les campus à l'échelle nationale tout au long de l'année.Écoles du comté de Henry - Un district à une heure d'Atlanta avec des dizaines d'écoles élémentaires, intermédiaires et secondaires avec plus de 44 000 étudiants
Colleges and K-12 schools in several states are dealing with ransomware incidents causing outages and leaking sensitive data - a continuation of a trend that has affected campuses nationwide throughout the year. Henry County Schools - a district an hour from Atlanta with dozens of elementary, middle and high schools with more than 44,000 students |
Ransomware Prediction | ★★★ | |
|
2023-12-06 17:06:21 | Salt Security 2024 Tendances et prédictions de sécurité Salt Security 2024 Security Trends & Predictions (lien direct) |
Salt Security 2024 Tendances et prédictions de sécurité par Nick Rago, CTO sur le terrain à Salt Security
-
opinion
Salt Security 2024 Security Trends & Predictions by Nick Rago, Field CTO at Salt Security - Opinion |
Prediction | ★★★ | |
|
2023-12-06 16:54:19 | 2024 Prédictions de cybersécurité: aperçu des experts de l'industrie 2024 Cybersecurity Predictions: Insights From Industry Experts (lien direct) |
2024 Prédictions de cybersécurité: aperçu des experts de l'industrie
-
opinion
2024 Cybersecurity Predictions: Insights From Industry Experts - Opinion |
Industrial Prediction | ★★★ | |
|
2023-12-06 13:52:46 | KnowBe4 : Prévisions 2024 en matière de cybersécurité pour l\'Europe, le Moyen-Orient et l\'Afrique (lien direct) | Prévisions 2024 en matière de cybersécurité pour l'Europe, le Moyen-Orient et l'Afrique par les experts en cybersécurité de KnowBe4 Les tendances annoncées pour 2024 concernent notamment la législation sur l'IA, les attaques par rançongiciel (ou ransomware) visant les services de la chaîne d'approvisionnement, les campagnes de désinformation débouchant sur des tentatives d'extorsion et bien plus encore Accéder au contenu multimédia - Points de Vue | Prediction | ★★★ | |
|
2023-12-06 08:01:35 | Conscience de sécurité et renseignement sur la sécurité: le jumelage parfait Proofpoint Security Awareness and Threat Intelligence: The Perfect Pairing (lien direct) |
Just like peanut butter and chocolate, when you add threat intelligence to a security awareness program, it\'s the perfect pairing. Together, they can help you efficiently train one of your most important yet most attacked lines of defense-your people. A robust security awareness program that is tailored, defined and driven by real-world threat insights and context is one of the strongest defenses you can implement. Every week, the Proofpoint Security Awareness team gets regular updates about new and emerging threats and social engineering trends from the Proofpoint Threat Intelligence Services team. This helps drive the development of our security awareness platform. Likewise, our customers can generate daily, weekly, monthly and ad-hoc threat intelligence reports to boost the efficacy of their security awareness programs. In this blog, we will discuss some ways that security awareness teams (SATs) can use threat intelligence from Proofpoint to supercharge their awareness programs. Tailor your program to defend against the latest threats Not all people within a company see the same threats. And the response to threats differs greatly across teams-even within the same business. That\'s why security awareness programs shouldn\'t a take one-size-fits-all approach. Here\'s where Proofpoint Threat Intelligence Services can help. Our team regularly briefs customers about which threat actors are targeting their business and industry, who within their company is clicking, which users and departments are attacked most, and what threats they\'re being targeted with. Proofpoint gives SAT teams the data they need so they can tailor the modules, training and phishing simulations to match those that their users face. Threats in the wild are converted to valuable, tailored awareness materials. Use cases Our threat intelligence services team analyzes exactly what threat actors are targeting when they go after a customer-both in terms of volume, but also at a granular department level. We regularly observe that it\'s more common for specific actors to target users within a specific department. Are threat actors targeting a specific department? This is a good example of how SAT teams can use threat intelligence to identify departments that are at risk and help keep them safe. In this case study, Proofpoint Threat Intelligence Services revealed that TA578-an initial access broker-was frequently targeting marketing and corporate communications departments with a standard copyright violation message lure. We highlighted this trend for a particular customer as we reviewed their TAP data. This Proofpoint threat actor victimology report shows that TA578 is targeting a marketing address. Proofpoint Threat Intelligence Services identified what was happening and also provided additional context about the threat actor, including: Tactics, techniques and procedures (TTPs) Malware payloads Attack chains Specific examples of message lures and landing pages Plus, Proofpoint offered recommendations for remediation and proactive, layered protection. Proofpoint Threat Intelligence Services report on TA578. The SAT team used this information in its Proofpoint Security Awareness program to train the marketing department about specific message lures. The team also created a phishing simulation that used a similar-style lure and content to educate those users about this unique threat. Are threat actors targeting specific people? Another use case for Proofpoint Threat Intelligence Services is that it can help SAT teams understand who at their company is clicking-and what types of message themes they are clicking on. Proofpoint Threat Intelligence Services report for a large healthcare customer. Proofpoint Threat Intelligence Services report shows which users are repeat clickers. This data is compiled from real threats that users have clicked on. SAT teams can use it to prioritize these users for additional awareness training. They can also pi | Tool Threat Studies Prediction | ★★★ | |
|
2023-12-06 00:00:00 | Momentum avant: apprentissages clés de Trend Micro \\'s Security Predictions pour 2024 Forward Momentum: Key Learnings From Trend Micro\\'s Security Predictions for 2024 (lien direct) |
Dans cette entrée de blog, nous discutons des prédictions de l'équipe d'experts en sécurité de Trend Micro \\ sur les moteurs du changement qui figurent en bonne place en 2024.
In this blog entry, we discuss predictions from Trend Micro\'s team of security experts about the drivers of change that will figure prominently in 2024. |
Prediction | ★★★ | |
 |
2023-12-05 13:00:37 | (Déjà vu) Crypto Deception dévoilé: Vérifier les rapports de recherche sur les points Crypto Deception Unveiled: Check Point Research Reports Manipulation of Pool Liquidity Skyrockets Token Price by 22,000% (lien direct) |
> par Oded Vanunu, Dikla Barda, Roman Zaikin Démasking Tactics Tactics: une enquête récente de la recherche sur le point de contrôle expose unTendance troublante dans le paysage des crypto-monnaies.Les acteurs trompeurs manipulent la liquidité de la piscine, envoyant des prix en jetons en flèche de 22 000% choquants.80 000 $ qui ont dévoilé: la manipulation de la liquidité de la piscine a entraîné un vol rapide et calculé de 80 000 $ de détenteurs de jetons sans méfiance.Cet incident met en lumière les stratégies évolutives que les escrocs utilisés pour exploiter les plateformes de financement décentralisées.Paysage de la menace continue: Cet incident suit à chaud dans les talons d'une arnaque à un million de dollars précédemment signalée.Vérifier la recherche sur les points récemment plongés dans les subtilités de [& # 8230;]
>By Oded Vanunu, Dikla Barda, Roman Zaikin Unmasking Deceptive Tactics: A recent investigation by Check Point Research exposes a troubling trend in the cryptocurrency landscape. Deceptive actors are manipulating pool liquidity, sending token prices soaring by a shocking 22,000%. $80,000 Heist Unveiled: The manipulation of pool liquidity resulted in a swift and calculated theft of $80,000 from unsuspecting token holders. This incident sheds light on the evolving strategies scammers employ to exploit decentralized finance platforms. Continued Threat Landscape: This incident follows hot on the heels of a previously reported million-dollar scam. Check Point Research recently delved into the intricacies of […] |
Threat Prediction | ★ | |
|
2023-12-05 12:49:39 | Crypto Deception dévoilée: Vérifier les rapports de recherche sur les points de recherche La manipulation de la liquidité de la piscine monte en tâches de token de 22 000%. Crypto Deception Unveiled: Check Point Research Reports Manipulation of Pool Liquidity Skyrockets Token Price by 22,000%. (lien direct) |
> Par Oded Vanunu, Dikla Barda, Roman Zaikin Démasking Tactics Tactics: & # 160; Une enquête récente de Check Point Research expose unTendance troublante dans le paysage des crypto-monnaies.Les acteurs trompeurs manipulent la liquidité de la piscine, envoyant des prix en jetons en flèche de 22 000% choquants.80 000 $ qui ont dévoilé: & # 160; la manipulation de la liquidité de la piscine a entraîné un vol rapide et calculé de 80 000 $ de [& # 8230;]
>By Oded Vanunu, Dikla Barda, Roman Zaikin Unmasking Deceptive Tactics: A recent investigation by Check Point Research exposes a troubling trend in the cryptocurrency landscape. Deceptive actors are manipulating pool liquidity, sending token prices soaring by a shocking 22,000%. $80,000 Heist Unveiled: The manipulation of pool liquidity resulted in a swift and calculated theft of $80,000 from […] |
Prediction | ★★★ | |
|
2023-12-05 11:00:00 | Aperçu des systèmes de détection de fraude modernes Insights into modern fraud detection systems (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Information security requirements and standards are in a constant state of evolution. Recent issues, such as COVID-19 and the growing global reliance on mobile devices and remote work solutions, have played important roles in this ongoing transformation. At the same time, the increasing sophistication of cyber attackers has added new layers of complexity to the cybersecurity landscape. In this article, I will explore the importance of implementing fraud detection systems as a crucial measure to mitigate the impact of both traditional and emerging fraudulent schemes. Challenges faced by financial institutions The landscape of user behavior has undergone significant shifts, primarily driven by external factors such as the COVID-19 pandemic. This factor led to an increase in online transactions, coupled with reduced income streams for many individuals, resulting in decreased spending in specific user categories. Additionally, local conflicts, like the war in Ukraine and Israel, influence spending patterns in particular regions. The implementation of restrictive measures and the resulting increase in stress levels have provided cyber crooks with more opportunities to exploit social engineering techniques through acts of intimidation. One prevalent scam involves fraudsters posing as bank security officials to deceive unsuspecting individuals. Another concerning trend is the rise of legitimate channels that drive people to scam schemes via mainstream advertising platforms like Google and Facebook. Furthermore, the economic hardships some people face have led them to seek alternative income sources, driving them to engage in various forms of online criminal activities. Some individuals become involved in schemes where they act as money mules or work in illegal call centers. It is challenging for financial institutions to guarantee absolute safety. Malicious individuals can present counterfeit identification to authorize transactions that were initially denied by the anti-fraud system. While financial institutions strive to know as much as possible about their clients and run transactions carefully, they are constrained by data retention limitations (typically several months) and the need to respond within seconds, as stipulated by Service Level Agreements. So, again, achieving complete certainty about every transaction remains a huge problem. Detecting suspicious activities becomes even more challenging when malicious employees request details about a specific client or transaction, as this falls within their routine work tasks. Some fraud detection systems use computer webcams or video surveillance cameras to monitor employee behavior. Modern surveillance systems have become more intelligent, leveraging artificial intelligence and historical data to perform comprehensive risk assessments and take action when unusual employee behavior is detected. However, these cameras may not always be effective in identifying deceitful behavior when employees remain almost motionless. Understanding fraud detection systems Fraud detection systems are designed to detect and prevent various forms of fraudulent activities, ranging from account hijacking and | Tool Threat Mobile Prediction Technical | ★★★ | |
|
2023-12-05 00:00:00 | Accélérer en 2024 avec l'équipe de Formule E de Neom McLaren Accelerating into 2024 with NEOM McLaren Formula E Team (lien direct) |
En savoir plus sur la tendance de l'innovation et de la résilience en ingénierie avec l'équipe de Formule E de Neom McLaren en 2024 et au-delà.
Learn more about how Trend is engineering innovation and resiliency with NEOM McLaren Formula E Team in 2024 and beyond. |
Prediction | ★★ | |
 |
2023-12-01 16:50:30 | Mémo sur les menaces du cloud: un parasite exploitant les services cloud légitimes Cloud Threats Memo: A Parasite Exploiting Legitimate Cloud Services (lien direct) |
> Les extensions de navigateur malveillant sont un vecteur d'attaque commun utilisé par les acteurs de la menace pour voler des informations sensibles, telles que les cookies d'authentification ou les informations de connexion, ou pour manipuler les transactions financières.Dans le dernier exemple d'une menace similaire, les chercheurs de Trend Micro ont découvert une extension Google Chrome malveillante (travaillant également sur des navigateurs à base de chrome tels que Microsoft [& # 8230;]
>Malicious browser extensions are a common attack vector used by threat actors to steal sensitive information, such as authentication cookies or login credentials, or to manipulate financial transactions. In the latest example of a similar threat, researchers from Trend Micro have discovered a malicious Google Chrome extension (also working on Chromium-based browsers such as Microsoft […] |
Threat Prediction Cloud | ★★ | |
 |
2023-11-30 09:10:53 | Cyber 2024 : Proofpoint voit cinq tendances clés (lien direct) | >En cette saison de prédictions pour l'année à venir, nous vous proposons un regard sur les tendances cyber 2024, à travers l'analyse de Patrick Joyce, RSSI Global chez Proofpoint, société spécialisée en matière de cybersécurité et de conformité. Tribune – L'année 2023 a une nouvelle fois été marquée par une recrudescence des cyberattaques – en […] The post Cyber 2024 : Proofpoint voit cinq tendances clés first appeared on UnderNews. | Prediction | ★★★ | |
|
2023-11-29 08:05:35 | Trend Micro Incorporated annonce Trend Vision One™ (lien direct) | Gestion des risques cyber La plateforme unique de Trend Micro maîtrise l'ensemble de la surface d'attaque des organisations on-premise et dans le Cloud Trend Micro dote sa plateforme Trend Vision One™ de fonctionnalités avancées pour faciliter la gestion de la cybersécurité des environnements cloud. Grâce à elles, les équipes de sécurité ont désormais la capacité d'éliminer les menaces de manière proactive grâce à une nouvelle hiérarchisation automatisée des risques. #Cloud #Cybersecurité #VisionOne - Produits | Threat Prediction Cloud | ★★ | |
 |
2023-11-29 00:00:00 | Les prédictions cyber 2024 du Threat Lab WatchGuard (lien direct) | Paris, le 29 novembre 2023 – WatchGuard® Technologies, l'un des leaders mondiaux de la cybersécurité unifiée publie ses prévisions pour 2024 en matière de cybersécurité. Le rapport couvre les attaques et les tendances en matière de sécurité de l'information qui, selon l'équipe de recherche du WatchGuard Threat Lab, émergeront en 2024, telles que : la manipulation des modèles linguistiques basés sur l'IA (les LLM ou Large Language Model qui ont donné naissance à des outils tels que ChatGPT ) ; les " Vishers " qui étendent leurs opérations malveillantes grâce aux chatbots vocaux basés sur l'IA ; les piratages de casques VR/MR modernes. Corey Nachreiner, Chief Security Officer chez WatchGuard Technologies explique : " Chaque nouvelle tendance technologique ouvre de nouveaux vecteurs d'attaque pour les cybercriminels. En 2024, les menaces émergentes ciblant les entreprises et les particuliers seront encore plus intenses, complexes et difficiles à gérer. Face à la pénurie de profils qualifiés en cybersécurité, le besoin de fournisseurs de services managés (MSP), de sécurité unifiée et de plateformes automatisées pour renforcer la cybersécurité et protéger les entreprises contre un éventail de menaces en constante évolution n'a jamais été aussi grand ". Voici un résumé des principales prévisions de l'équipe du WatchGuard Threat Lab en matière de cybersécurité pour 2024 : L'ingénierie de pointe permettra de manipuler les grands modèles de langages (LLM) : Les entreprises et les particuliers ont recours aux LLM pour améliorer leur efficacité opérationnelle. Or, les acteurs de la menace apprennent à exploiter les LLM à leurs propres fins malveillantes. En 2024, le WatchGuard Threat Lab prévoit qu'un ingénieur de requêtes avisé, qu'il s'agisse d'un attaquant criminel ou d'un chercheur, pourra déchiffrer le code et manipuler un LLM pour qu'il divulgue des données privées. Les ventes d'outils d'hameçonnage ciblé basés sur l'IA vont exploser sur le dark web : Les cybercriminels peuvent d'ores et déjà acheter sur le marché noir des outils qui envoient des emails non sollicités, rédigent automatiquement des textes convaincants et épluchent Internet et les médias sociaux à la recherche d'informations et de connaissances relatives à une cible particulière. Toutefois, bon nombre de ces outils sont encore manuels et les attaquants doivent cibler un seul utilisateur ou groupe de personnes à la fois. Les tâches clairement formatées de ce type se prêtent parfaitement à l'automatisation par le biais de l'intelligence artificielle et de l'apprentissage automatique. Il est donc probable que les outils alimentés par l'IA deviendront des best-sellers sur le dark web en 2024. L'hameçonnage vocal (vishing) basé sur l'IA aura le vent en poupe en 2024 : Bien que la voix sur IP (VoIP) et la technologie de l'automatisation facilitent la composition en masse de milliers de numéros, une fois qu'une victime potentielle se présente, un escroc humain est toujours nécessaire pour l'attirer dans ses filets. Ce système limite l'ampleur des opérations de vishing. Mais en 2024, la situation pourrait changer. WatchGuard prévoit que la combinaison de deepfake audio convaincants et de LLM capables de mener des conversations avec des victimes peu méfiantes augmentera considérablement l'ampleur et le volume des appels de vishing. Qui plus est, ces appels pourraient même ne p | Tool Threat Prediction | ChatGPT ChatGPT | ★★★ |
|
2023-11-28 23:05:04 | Prédictions 2024 de Proofpoint \\: Brace for Impact Proofpoint\\'s 2024 Predictions: Brace for Impact (lien direct) |
In the ever-evolving landscape of cybersecurity, defenders find themselves navigating yet another challenging year. Threat actors persistently refine their tactics, techniques, and procedures (TTPs), showcasing adaptability and the rapid iteration of novel and complex attack chains. At the heart of this evolution lies a crucial shift: threat actors now prioritize identity over technology. While the specifics of TTPs and the targeted technology may change, one constant remains: humans and their identities are the most targeted links in the attack chain. Recent instances of supply chain attacks exemplify this shift, illustrating how adversaries have pivoted from exploiting software vulnerabilities to targeting human vulnerabilities through social engineering and phishing. Notably, the innovative use of generative AI, especially its ability to improve phishing emails, exemplifies a shift towards manipulating human behavior rather than exploiting technological weaknesses. As we reflect on 2023, it becomes evident that cyber threat actors possess the capabilities and resources to adapt their tactics in response to increased security measures such as multi-factor authentication (MFA). Looking ahead to 2024, the trend suggests that threats will persistently revolve around humans, compelling defenders to take a different approach to breaking the attack chain. So, what\'s on the horizon? The experts at Proofpoint provide insightful predictions for the next 12 months, shedding light on what security teams might encounter and the implications of these trends. 1. Cyber Heists: Casinos are Just the Tip of the Iceberg Cyber criminals are increasingly targeting digital supply chain vendors, with a heightened focus on security and identity providers. Aggressive social engineering tactics, including phishing campaigns, are becoming more prevalent. The Scattered Spider group, responsible for ransomware attacks on Las Vegas casinos, showcases the sophistication of these tactics. Phishing help desk employees for login credentials and bypassing MFA through phishing one-time password (OTP) codes are becoming standard practices. These tactics have extended to supply chain attacks, compromising identity provider (IDP) vendors to access valuable customer information. The forecast for 2024 includes the replication and widespread adoption of such aggressive social engineering tactics, broadening the scope of initial compromise attempts beyond the traditional edge device and file transfer appliances. 2. Generative AI: The Double-Edged Sword The explosive growth of generative AI tools like ChatGPT, FraudGPT and WormGPT bring both promise and peril, but the sky is not falling as far as cybersecurity is concerned. While large language models took the stage, the fear of misuse prompted the U.S. president to issue an executive order in October 2023. At the moment, threat actors are making bank doing other things. Why bother reinventing the model when it\'s working just fine? But they\'ll morph their TTPs when detection starts to improve in those areas. On the flip side, more vendors will start injecting AI and large language models into their products and processes to boost their security offerings. Across the globe, privacy watchdogs and customers alike will demand responsible AI policies from technology companies, which means we\'ll start seeing statements being published about responsible AI policies. Expect both spectacular failures and responsible AI policies to emerge. 3. Mobile Device Phishing: The Rise of Omni-Channel Tactics take Centre Stage A notable trend for 2023 was the dramatic increase in mobile device phishing and we expect this threat to rise even more in 2024. Threat actors are strategically redirecting victims to mobile interactions, exploiting the vulnerabilities inherent in mobile platforms. Conversational abuse, including conversational smishing, has experienced exponential growth. Multi-touch campaigns aim to lure users away from desktops to mobile devices, utilizing tactics like QR codes and fraudulent voice calls | Ransomware Malware Tool Vulnerability Threat Mobile Prediction Prediction | ChatGPT ChatGPT | ★★★ |
 |
2023-11-28 21:56:39 | Spotlight des ransomwares: Trigona Ransomware Spotlight: Trigona (lien direct) |
#### Description
Le ransomware de Trigona, suivi pour la première fois par Trend Micro sous le nom d'eau, a émergé en octobre 2022, mais les binaires du ransomware ont été perçus dès juin de la même année.Le groupe s'est positionné comme gérant un schéma lucratif, lançant des attaques mondiales et des revenus publicitaires jusqu'à 20% à 50% pour chaque attaque réussie.)) Chats internes de Forum \\ et à l'aide des informations d'origine pour obtenir un accès initial aux cibles.
En avril 2023, Trigona a commencé à cibler les serveurs compromis Microsoft SQL (MSSQL) via des attaques par force brute.Un mois plus tard, une version Linux de Trigona a été trouvée qui partageait des similitudes avec son homologue Windows.Le ransomware Trigona est également lié au crylock en raison de leurs similitudes de tactique, de techniques et de procédures (TTP), de nom de fichier de note de rançon et d'adresses e-mail utilisées.
Le ransomware de Trigona a le plus ciblé les organisations gouvernementales, les tentatives d'attaque représentant 21,4% du total des détections, selon les commentaires des clients tendance qui ont détaillé les industries dans lesquelles ils appartiennent.Trigona a également ciblé les entreprises dans la technologie, le commerce de détail, les biens de consommation à évolution rapide et les industries bancaires.Le groupe a opposé les petites et moyennes entreprises, qui représentaient plus de la moitié des victimes totales du groupe d'avril à octobre 2023. Trigona a compromis un total de 33 organisations au cours de la période susmentionnée.
#### URL de référence (s)
1. https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-ttegona
#### Date de publication
28 novembre 2023
#### Auteurs)
Micro-recherche tendance
#### Description The Trigona ransomware, first tracked by Trend Micro as Water Ungaw, emerged in October 2022 but binaries of the ransomware were seen as early as June of the same year. The group positioned itself as running a lucrative scheme, launching global attacks and advertising revenues up to 20% to 50% for each successful attack.The group was also reported as communicating with network access brokers who provide compromised credentials via the Russian Anonymous Marketplace (RAMP) forum\'s internal chats and using the sourced information to obtain initial access to targets. In April 2023, Trigona started targeting compromised Microsoft SQL (MSSQL) Servers via brute-force attacks. A month later, a Linux version of Trigona was found that shared similarities with its Windows counterpart. The Trigona ransomware is also linked to CryLock due to their similarities in tactics, techniques, and procedures (TTPs), ransom note file name, and email addresses used. Trigona ransomware targeted government organizations the most, with attack attempts making up 21.4% of total detections, according to feedback from Trend customers who detailed the industries in which they belong. Trigona also targeted enterprises in the technology, retail, fast-moving consumer goods, and banking industries. The group set its sights on small- and medium-sized businesses, which made up more than half of the group\'s total victims from April to October 2023. Trigona compromised a total of 33 organizations within the aforementioned period. #### Reference URL(s) 1. https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-trigona #### Publication Date November 28, 2023 #### Author(s) Trend Micro Research |
Ransomware Prediction | ★★★ | |
|
2023-11-28 17:44:32 | Cybersécurité : cinq tendances à suivre en 2024 (lien direct) | Cybersécurité : cinq tendances à suivre en 2024 par Netwrix Les attaques assistées par l'IA vont accélérer la cybercriminalité, tandis que les entreprises rencontreront de plus en plus de difficultés pour souscrire des polices de cyberassurance. - Points de Vue | Prediction | ★★★ | |
|
2023-11-28 17:38:09 | Cinq tendances de cybersécurité à s'attendre en 2024 Five cybersecurity trends to expect in 2024 (lien direct) |
Cinq tendances de cybersécurité à s'attendre en 2024
Les attaques alimentées par AI accéléreront la cybercriminalité et la cyber-assurance seront plus difficiles à obtenir.
-
opinion
Five cybersecurity trends to expect in 2024 AI-powered attacks will accelerate cybercrime and cyber insurance will be harder to get. - Opinion |
Prediction | ★★★ | |
 |
2023-11-28 00:00:00 | Enquêter sur le risque de références compromises et d'actifs exposés à Internet explorez le rapport révélant les industries et les tailles d'entreprise avec les taux les plus élevés d'identification compromises et d'actifs exposés à Internet.En savoir plus Investigating the Risk of Compromised Credentials and Internet-Exposed Assets Explore the report revealing industries and company sizes with the highest rates of compromised credentials and internet-exposed assets. Read More (lien direct) |
IntroductionIn this report, Kovrr collected and analyzed data to better understand one of the most common initial access vectors (1) - the use of compromised credentials (Valid Accounts - T1078) (2) to access internet-exposed assets (External Remote Services - T113) (3). The toxic combination of these two initial access vectors can allow malicious actors to gain a foothold in company networks before moving on to the next stage of their attack, which can be data theft, ransomware, denial of service, or any other action. There are numerous examples of breaches perpetrated by many attack groups that have occurred using this combination, for example, breaches by Lapsus (4) and APT39 (5), among others. âThis report seeks to demonstrate which industries and company sizes have the highest percentage of compromised credentials and number of internet-exposed assets and face a higher risk of having their networks breached by the toxic combination of the initial access vectors mentioned above.âIt should be noted that having an asset exposed to the internet does not inherently pose a risk or indicate that a company has poor security. In our highly digitized world, companies are required to expose services to the internet so their services can be accessed by customers, vendors, and remote employees. These services include VPN servers, SaaS applications developed by the company, databases, and shared storage units. However, there are some common cases when having an asset exposed to the internet can be extremely risky, for example:âWhen a company unintentionally exposes an asset due to misconfiguration.When a malicious third party obtains compromised credentials of a legitimate third party and accesses an exposed asset.  âTo limit unnecessary internet exposure, companies should employ the following possible mitigations:âUse Multi-Factor Authentication (MFA) for any services or assets that require a connection so that compromised credentials on their own will not be enough to breach an exposed asset.Limit access to the asset to only specific accounts, domains, and/or IP ranges.Segment the internal company network and isolate critical areas so that even if a network is breached through access to an external asset, attackers will not be able to use that access to reach wider or more sensitive areas of the company network. âSummaryâThe following are the main findings from the collected data:âThe Services industry is by far the most exposed to attackers. Companies from that industry have the highest percentage of compromised credentials (74%). However, they have a relatively low amount of internet-exposed assets per company (34%). However, given that an average cyber loss in this industry has been shown to be about $45M, this is highly concerning (6). The Services industry (SIC Division I) is followed by Division E (Transportation, Communications, Electric, Gas, and Sanitary Services, with an average loss of around $58M), which is followed by Division D (Manufacturing, with an average loss of around $25M). The revenue range for companies with the highest number of compromised credentials is $1M-$10M, followed by $10M-$50M. A similar trend is also observed when evaluating company size by the number of employees. Indeed, companies with fewer employees have a higher share of compromised credentials. On average, the larger the company (both in terms of revenue and number of employees (7)), the greater the number of internet-exposed assets.There is a correlation between the industries and revenue ranges of companies targeted by ransomware and those with the highest share of compromised credentials.   âMethodologyâThe data for this research was collected as follows:âData regarding compromised credentials was first collected from Hudson Rock, a provider of various cybercrime data. Data was collected for the previous six months, beginning March 2023. This data | Ransomware Threat Studies Prediction Cloud | APT 39 APT 39 APT 17 | ★★★ |
To see everything:
Our RSS (filtrered)
