What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-04-17 14:47:02 | Les logiciels malveillants de récolte d'identification apparaissent sur Deep Web Credential harvesting malware appears on deep web (lien direct) |
> La nouvelle récolte d'identification axée sur le cloud disponible sur le service de messagerie cryptée Telegram fait partie d'une tendance de grattoirs Python, ce qui facilite l'appât plusieurs crochets de phishing.
>New cloud-focused credential harvester available on encrypted messaging service Telegram is part of a trend of Python scrapers making it easier to bait multiple phishing hooks. |
Malware Prediction | ★★ | |
 |
2023-04-14 07:25:40 | Commentaire: Maker de superyacht allemand haut de gamme amené à l'arrêt par ransomware Comment: High-end German Superyacht Maker brought to standstill by Ransomware (lien direct) |
Suite à la nouvelle de \\ que le fabricant allemand de superyacht l & uuml; RSSen a été frappé par une attaque de ransomware, apportant de grandes quantités de leurs opérations à l'arrêt, le Dr Darren Williams, PDG et fondateur de Blackfog, commentaire:
«Les attaquants ne font pas de discrimination - on pourrait dire, sauf où le signe du dollar est en jeu… avec le lien entre les ransomwares et les secteurs impliquant la super-riche de plus en plus répandue.Nous assistons à une tendance croissante d'attaques de ransomware \\ '\' (pensez à Ferrari en mars (...)
-
mise à jour malveillant
Following today\'s news that German Superyacht Maker Lürssen was Hit by a Ransomware Attack, bringing large amounts of their operations to a standstill, Dr. Darren Williams, CEO and founder of Blackfog, comment: “Attackers do not discriminate - one could say, except for where the dollar sign is at play… with the link between ransomware and sectors involving the super-rich becoming increasingly prevalent. We are witnessing a growing trend of \'high-end\' ransomware attacks (think Ferrari in March (...) - Malware Update |
Ransomware Prediction | ★★ | |
 |
2023-04-12 17:00:00 | Gartner: La conception centrée sur l'homme est la principale tendance de la cybersécurité pour 2023 Gartner: Human-Centric Design Is Top Cybersecurity Trend for 2023 (lien direct) |
Afin de réduire les risques et les échecs de cybersécurité, les organisations devront se concentrer sur les employés, la gestion et les nouveaux modèles opérationnels.
In order to reduce cybersecurity risks and failures, organizations will need to focus on employees, management, and new operating models. |
Prediction | ★★ | |
 |
2023-04-10 01:14:00 | Accélérer 2023 Keynotes: convergence, consolidation et innovation Accelerate 2023 Keynotes: Convergence, Consolidation, and Innovation (lien direct) |
Accélérer 2023 a débuté avec une série de keynotes de l'équipe de direction de Fortinet \\.Lisez pour en savoir plus sur la croissance clé, l'innovation et les plats à emporter des tendances des clients des séances.
Accelerate 2023 kicked off with a series of keynotes from Fortinet\'s executive team. Read to learn more about key growth, innovation, and customer trend takeaways from the sessions. |
Prediction | ★★ | |
|
2023-04-05 20:00:00 | Appsec se profile grande pour les finalistes de bac à sandbox de l'innovation RSAC 2023 AppSec Looms Large for RSAC 2023 Innovation Sandbox Finalists (lien direct) |
La sécurité des applications est la tendance dominante du concours de démarrage de cette année, mais l'IA, la blockchain et la conformité sont également représentées.
Application security is the dominant trend for this year\'s startup contest, but AI, blockchain, and compliance are all represented as well. |
Prediction | ★★ | |
 |
2023-04-04 00:00:00 | FAQ de la couverture cyber-assurance avec PDG de Datastream Cyber Insurance Coverage FAQ with DataStream CEO (lien direct) |
Pour aider les organisations à simplifier le processus de cyber-assurance et à comprendre les contrôles de sécurité incontournables impliqués, le spécialiste des micro-cyber-risques tendance, Vince Kearns, et le PDG et co-fondateur du flux de données, Andy Anderson, examinent la couverture de la cyber-assurance ainsi que les approches du renforcement des stratégies de cybersécurité de la cybersécurité.
To help organizations simplify the cyber insurance process and understand the must-have security controls involved, Trend Micro Cyber Risk Specialist, Vince Kearns, and Data Stream CEO and Co-Founder, Andy Anderson, examine cyber insurance coverage along with approaches to strengthening cybersecurity strategies. |
Prediction | ★★ | |
 |
2023-04-03 14:50:00 | Les logiciels malveillants OPCJacker Crypto-Storiel ciblent les utilisateurs avec un faux service VPN Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service (lien direct) |
Un nouveau logiciel malveillant de vol d'information appelé Opcjacker a été repéré dans la nature depuis la seconde moitié de 2022 dans le cadre d'une campagne de malvertisation.
"Les fonctions principales d'Opcjacker \\ incluent le keylogging, la prise de captures d'écran, le vol de données sensibles aux navigateurs, le chargement des modules supplémentaires et le remplacement des adresses de crypto-monnaie dans le presse-papiers à des fins de détournement", Trend Micro Researchers
A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022 as part of a malvertising campaign. "OpcJacker\'s main functions include keylogging, taking screenshots, stealing sensitive data from browsers, loading additional modules, and replacing cryptocurrency addresses in the clipboard for hijacking purposes," Trend Micro researchers |
Malware Prediction | ★★★ | |
|
2023-04-03 12:48:17 | Etude Trend Micro : Les groupes cybercriminels sont des entreprises comme les autres (lien direct) | Etude : Les groupes cybercriminels sont des entreprises comme les autres • C'est le constat du dernier rapport de Trend Micro qui illustre les similarités de fonctionnement des organisations criminelles avec celles entreprises légitimes. • Cette étude tend à soutenir les forces de l'ordre dans leur compréhension de la taille des groupuscules auxquels elles sont confrontées pour mener le plus efficacement leurs investigations. - Investigations | Prediction | ★★ | |
 |
2023-04-03 00:00:00 | Comment les solutions de messagerie propulsées par l'IA peuvent améliorer les équipes de sécurité How AI-Powered Email Solutions Can Level Up Security Teams (lien direct) |
Ce blog décrit les défis auxquels sont confrontés les équipes de sécurité dans la protection des organisations contre les attaques par e-mail.Il explore comment une solution de sécurité moderne basée sur l'IA peut aborder ces points de douleur avec une action autonome ciblée, des interfaces utilisateurs sans friction, des flux de travail optimisés et une visibilité complète des utilisateurs de comptes.
This blog outlines the challenges faced by security teams in protecting organizations from email-based attacks. It explores how a modern, AI-based security solution can tackle these pain points with targeted autonomous action, frictionless UIs, optimized workflows and full visibility of account users. |
General Information Prediction | ★★ | |
 |
2023-03-30 23:37:03 | La tendance à la hausse des documents OneNote pour la livraison de logiciels malveillants [The Rising Trend of OneNote Documents for Malware delivery] (lien direct) | > 
Rendu par Anandeshwar Unnikrishnan, Sakshi Jaiswal, Anuradha M McAfee Labs a récemment observé une nouvelle campagne de logiciels malveillants qui a utilisé des documents OneNote malveillants ...
> 
Authored By Anandeshwar Unnikrishnan,Sakshi Jaiswal,Anuradha M McAfee Labs has recently observed a new Malware campaign which used malicious OneNote documents...
|
Malware Prediction | ★★ | |
|
2023-03-30 15:38:00 | Alienfox Malware cible les clés API et les secrets des services AWS, Google et Microsoft Cloud [AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services] (lien direct) | Un nouveau "ensemble d'outils complet" appelé Alienfox est distribué sur Telegram comme moyen pour les acteurs de menace de récolter les informations d'identification des clés d'API et des secrets des fournisseurs de services cloud populaires.
"La propagation d'Alienfox représente une tendance non déclarée vers l'attaque des services cloud plus minimaux, inapproprié pour l'exploitation cryptographique, afin d'activer et d'étendre les campagnes ultérieures", Sentinelone Security
A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials from API keys and secrets from popular cloud service providers. "The spread of AlienFox represents an unreported trend towards attacking more minimal cloud services, unsuitable for crypto mining, in order to enable and expand subsequent campaigns," SentinelOne security |
Malware Threat Prediction Cloud | ★★★ | |
 |
2023-03-30 04:40:47 | Une autre année, un autre gang nord-coréen dépassant les logiciels malveillants et crypto-vole nommé [Another year, another North Korean malware-spreading, crypto-stealing gang named] (lien direct) | mandiant identifie \\ 'modérément sophistiqué \' mais \\ 'prolifique \' apt43 comme la menace mondiale la tenue de sécurité récemment acquise de Google Cloud \\ a nommé un nouveau méchant de NorthCorée: un gang de cybercriminalité, il appelle APT43 et accuse un déchaînement de cinq ans.…
Mandiant identifies \'moderately sophisticated\' but \'prolific\' APT43 as global menace Google Cloud\'s recently acquired security outfit Mandiant has named a new nasty from North Korea: a cyber crime gang it calls APT43 and accuses of a five-year rampage.… |
Studies Prediction | APT 43 | ★★ |
 |
2023-03-30 00:00:00 | Combattre les mercenaires avec l'accord technologique de cybersécurité [Fighting mercenaries with the Cybersecurity Tech Accord] (lien direct) | Principes de cyber-mercenaires de micro-co-auteurs tendance pour aider à guider l'industrie technologique et d'autres dans le traitement du marché croissant des cyber-mercenaires.
Trend Micro co-Authors Cyber Mercenary Principles to help guide the technology industry and others in dealing with the growing market of cyber mercenaries. |
Prediction | ★★★ | |
|
2023-03-22 08:00:59 | 4 menaces de logiciels malveillants mobiles que vous ne pouvez même pas voir [4 Mobile Malware Threats You Can\\'t Even See] (lien direct) | > 
D'ici 2030, les experts prédisent qu'il y aura 5 milliards d'appareils liés à la 5G.1 pour la population générale, cette connectivité ...
> 
By 2030, experts predict that there will be 5 billion devices connected to 5G.1 For the general population, this connectedness...
|
Malware Studies Prediction | ★★ | |
 |
2023-03-22 06:15:10 | CVE-2023-28005 (lien direct) | Une vulnérabilité dans Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 et ci-dessous pourrait permettre à un attaquant d'accès physique à un appareil affecté pour contourner Microsoft Windows?Sélectionnez le processus de démarrage dans le but d'exécuter d'autres attaques pour obtenir l'accès au contenu de l'appareil.Un attaquant doit d'abord obtenir un accès physique au système cible afin d'exploiter cette vulnérabilité.Il est également important de noter que le contenu des entraînements cryptés avec TMEE FDE serait toujours protégé et ne serait pas accessible par l'attaquant par exploitation de cette vulnérabilité seule.
A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows? Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the device. An attacker must first obtain physical access to the target system in order to exploit this vulnerability. It is also important to note that the contents of the drive(s) encrypted with TMEE FDE would still be protected and would NOT be accessible by the attacker by exploitation of this vulnerability alone. |
Vulnerability Prediction | ||
|
2023-03-21 19:06:00 | Pénurie de compétences en cybersécurité, récession des craintes de la récession \\ 'upSkilling \\' Tendance [Cybersecurity Skills Shortage, Recession Fears Drive \\'Upskilling\\' Training Trend] (lien direct) | Pour les entreprises, la formation d'un travailleur existant est moins chère que l'embauche, tandis que pour les employés, la formation apporte une sécurité d'emploi et un travail plus intéressant.
For companies, training an existing worker is cheaper than hiring, while for employees, training brings job security and more interesting work. |
Prediction | ★★★ | |
|
2023-03-21 00:00:00 | Comment votre stratégie de cybersécurité permet une meilleure entreprise [How Your Cybersecurity Strategy Enables Better Business] (lien direct) | 84% des répondants d'une enquête sur le micro-mondiale tendance ont déclaré que les politiques de cyber a un impact négatif sur les employés \\ 'à faire des emplois au bureau.Découvrez comment une stratégie de cybersécurité efficace peut permettre de meilleures affaires, au lieu de le ralentir.
84% of respondents in a Trend Micro global survey said cyber policies negatively impact employees\' abilities to do jobs in the office. Discover how an effective cybersecurity strategy can enable better business, instead of slowing it down. |
Prediction | ★★★ | |
 |
2023-03-16 06:12:33 | 2022 Threat Trend Report on Kimsuky (lien direct) | In comparison to 2021, 2022 was a year filled with invisible activities, new attack types, Fully Qualified Domain Names (FQDN), and attack preparations. AhnLab identified a significantly higher number of these activities in comparison to 2021. One of these cases involved an incorrect configuration of C2 servers, causing the files within the said servers to be exposed and allowing AhnLab to procure samples, server information files, and variant samples that had never been known externally. The threat actors are using... | Threat Prediction | ★★ | |
|
2023-03-16 06:11:08 | Threat Trend Report on Region-Specific Ransomware (lien direct) | Background Currently, ransomware creators include individuals, cyber criminal gangs and state-supported groups. Out of these individuals and groups, cyber criminal gangs are the most proactive in ransomware development, while individuals and state-supported groups are less so. Privately developed ransomware is most often for research purposes with the intention of destroying data. Some state-sponsored threat groups also develop ransomware. The purpose of these cases is not for financial gain either but for data destruction, and Wipers, which do not allow recovery,... | Ransomware Threat Prediction | ★★ | |
|
2023-03-10 21:15:15 | CVE-2023-25148 (lien direct) | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to exploit the vulnerability by changing a specific file into a pseudo-symlink, allowing privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Vulnerability Prediction | ||
|
2023-03-10 21:15:15 | CVE-2023-25145 (lien direct) | A link following vulnerability in the scanning function of Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Vulnerability Prediction | ||
|
2023-03-10 21:15:15 | CVE-2023-25146 (lien direct) | A security agent link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to quarantine a file, delete the original folder and replace with a junction to an arbitrary location, ultimately leading to an arbitrary file dropped to an arbitrary location. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | Vulnerability Guideline Prediction | ||
|
2023-03-10 21:15:15 | CVE-2023-25147 (lien direct) | An issue in the Trend Micro Apex One agent could allow an attacker who has previously acquired administrative rights via other means to bypass the protection by using a specifically crafted DLL during a specific update process. Please note: an attacker must first obtain administrative access on the target system via another method in order to exploit this. | Prediction | ||
|
2023-03-10 21:15:14 | CVE-2023-25143 (lien direct) | An uncontrolled search path element vulnerability in the Trend Micro Apex One Server installer could allow an attacker to achieve a remote code execution state on affected products. | Vulnerability Prediction | ||
|
2023-03-10 21:15:14 | CVE-2023-25144 (lien direct) | An improper access control vulnerability in the Trend Micro Apex One agent could allow a local attacker to gain elevated privileges and create arbitrary directories with arbitrary ownership. | Vulnerability Prediction | ||
|
2023-03-08 13:06:24 | Rapport Trend Micro sur l\'état de la cybersécurité en 2022 Avec 146 milliards de menaces détectées, l\'année 2022 bat tous les records ! (lien direct) | Trend Micro Incorporated dévoile son rapport annuel de sécurité pour l'année 2022. Intitulé 'Rethinking Tactics : 2022 Annual Cybersecurity Report', il alerte sur la recrudescence massive du nombre de menaces détectées en 2022 (+55 %) ainsi que sur la montée en flèche du volume de fichiers malveillants bloqués (+242 %). Au cours de l'année écoulée, les acteurs de la menace ont réalisé leur attaque sans faire de distinction entre le grand public et les entreprises. - Investigations | Prediction | ★★★ | |
 |
2023-03-08 09:30:00 | Cyber-Threat Detections Surge 55% in 2022 (lien direct) | Trend Micro stops a record 146 billion discrete threats | Prediction | ★★ | |
 |
2023-03-07 16:01:57 | Utilisation de l'analyse de la mémoire pour détecter les logiciels malveillants nullifiants EDR Using Memory Analysis to Detect EDR-Nullifying Malware (lien direct) |
> Dans le paysage de cybersécurité en constante évolution, les acteurs de la menace sont obligés d'évoluer et de modifier continuellement les tactiques, les techniques et les procédures (TTP) qu'ils utilisent pour lancer et maintenir les attaques avec succès.Ils modifient continuellement leurs logiciels malveillants et leurs méthodes d'exécution de commande pour échapper à la détection.Les attaquants dans ces cas tentent d'obtenir une longueur d'avance sur le logiciel de sécurité au niveau le plus élémentaire.Cependant, certaines techniques adoptent une approche différente, en visant plus dans la pile et en prenant directement des logiciels de sécurité.Les méthodes les plus effrontées consistent à tirer parti de divers outils qui terminent directement ou d'arrêt du logiciel de sécurité.En cas de succès, cette méthode est efficace pour donner un règne sans attaquant sur un système.Cependant, il est au coût potentiel d'alerter les utilisateurs ou les administrateurs que le logiciel a cessé de signaler de manière inattendue ou a été éteint.Qu'en est-il d'une technique qui vole un peu plus sous le radar?En novembre 2022, Trend Micro a publié un [& # 8230;]
>In the ever-changing cybersecurity landscape, threat actors are forced to evolve and continually modify the tactics, techniques, and procedures (TTPs) they employ to launch and sustain attacks successfully. They are continually modifying their malware and command-execution methods to evade detection. The attackers in these cases are attempting to get a step ahead of security software at the most basic level. However, some techniques take a different approach, aiming further up the stack and directly taking on security software. The most brazen methods involve leveraging various tools that directly terminate or shutdown security software. If successful, this method is effective at giving an attacker free reign on a system. However, it comes at the potential cost of alerting users or administrators that the software unexpectedly stopped reporting or was shut off. What about a technique that potentially flies a bit more under the radar? In November 2022, Trend Micro published a […] |
Malware Tool Threat Prediction | ★★★ | |
|
2023-03-03 11:32:26 | Ransomware-Angriffe zielen auf immer größere Unternehmen ab, während immer weniger Opfer das Lösegeld zahlen (lien direct) | Dr. Martin J. Krämer, Security Awareness Advocate bei KnowBe4 Ransomware Spezialisten zufolge zeichnet sich ein Trend ab, nach dem Unternehmen immer besser in der Lage sind, die Folgen der Angriffe abzufedern. Dabei zahlen die Unternehmen oft kein Lösegeld. Dennoch finden Cyberkriminelle immer neue Wege, Konten und Netzwerke zu kompromittieren und durch steigende Lösungsgelder größeren Profit zu generieren. - Malware / Ransomware, cybersecurite_home_droite | Prediction | ★ | |
|
2023-03-02 13:33:00 | SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics (lien direct) | The threat actor known as Lucky Mouse has developed a Linux version of a malware toolkit called SysUpdate, expanding on its ability to target devices running the operating system. The oldest version of the updated artifact dates back to July 2022, with the malware incorporating new features designed to evade security software and resist reverse engineering. Cybersecurity company Trend Micro said | Malware Threat Prediction | APT 27 | ★★ |
 |
2023-03-01 07:00:00 | Why Organisations Must Get to Grips With Cloud Delivered Malware (lien direct) | >Netskope has just published the Monthly Threat Report for February, with this month's report focused on what is going on in Europe. I don't intend to summarise the report in this blog, instead I want to zoom in and study a continuing trend that was highlighted in there; one that is unfortunately heading in the […] | Malware Threat Prediction Cloud | ★★★ | |
 |
2023-02-28 14:00:00 | CyberheistNews Vol 13 #09 [Eye Opener] Should You Click on Unsubscribe? (lien direct) |
CyberheistNews Vol 13 #09 | February 28th, 2023
[Eye Opener] Should You Click on Unsubscribe?
By Roger A. Grimes.
Some common questions we get are "Should I click on an unwanted email's 'Unsubscribe' link? Will that lead to more or less unwanted email?"
The short answer is that, in general, it is OK to click on a legitimate vendor's unsubscribe link. But if you think the email is sketchy or coming from a source you would not want to validate your email address as valid and active, or are unsure, do not take the chance, skip the unsubscribe action.
In many countries, legitimate vendors are bound by law to offer (free) unsubscribe functionality and abide by a user's preferences. For example, in the U.S., the 2003 CAN-SPAM Act states that businesses must offer clear instructions on how the recipient can remove themselves from the involved mailing list and that request must be honored within 10 days.
Note: Many countries have laws similar to the CAN-SPAM Act, although with privacy protection ranging the privacy spectrum from very little to a lot more protection. The unsubscribe feature does not have to be a URL link, but it does have to be an "internet-based way." The most popular alternative method besides a URL link is an email address to use.
In some cases, there are specific instructions you have to follow, such as put "Unsubscribe" in the subject of the email. Other times you are expected to craft your own message. Luckily, most of the time simply sending any email to the listed unsubscribe email address is enough to remove your email address from the mailing list.
[CONTINUED] at the KnowBe4 blog:https://blog.knowbe4.com/should-you-click-on-unsubscribe
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us TOMORROW, Wednesday, March 1, @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approac |
Malware Hack Tool Vulnerability Threat Guideline Prediction | APT 38 ChatGPT | ★★★ |
|
2023-02-27 15:34:00 | PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks (lien direct) | The PlugX remote access trojan has been observed masquerading as an open source Windows debugger tool called x64dbg in an attempt to circumvent security protections and gain control of a target system. "This file is a legitimate open-source debugger tool for Windows that is generally used to examine kernel-mode and user-mode code, crash dumps, or CPU registers," Trend Micro researchers Buddy | Tool Prediction | ★★★ | |
|
2023-02-27 00:00:00 | Round-the-Clock Defense Against Cryptojackers using Darktrace AI (lien direct) | Despite the market value of cryptocurrency itself decreasing in the final quarter of 2022, the number of known cryptocurrency mining software variants had more than trebled compared to the previous year. The intensive resource demands of mining cryptocurrency has exacerbated the trend of malicious hijacking third-party computers causing slower processing speeds and higher energy bills for many companies. | Prediction | ★★ | |
|
2023-02-24 20:20:00 | CISA: Beware of DDoS, Web Defacements on Anniversary of Russian Invasion of Ukraine (lien direct) | The Cybersecurity and Infrastructure Security Agency advises US and European nations to prepare for possible website attacks marking the Feb. 24 invasion of Ukraine by Russia. | Prediction | ★★★ | |
|
2023-02-24 18:40:00 | CISA Sounds Alarm on Cybersecurity Threats Amid Russia\'s Invasion Anniversary (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging organizations and individuals to increase their cyber vigilance, as Russia's military invasion of Ukraine officially enters one year. "CISA assesses that the United States and European nations may experience disruptive and defacement attacks against websites in an attempt to sow chaos and societal discord on February 24, | Prediction | ★★ | |
|
2023-02-24 09:30:00 | Firms Who Pay Ransom Subsidise 10 New Attacks: Report (lien direct) | Trend Micro urges victim organizations to resist extorters demands | Prediction | ★★★ | |
|
2023-02-24 09:15:38 | Trend Micro : Rançongiciels Chaque paiement de rançon finance 9 nouvelles attaques ! (lien direct) | Trend Micro Incorporated publie les résultats d'un nouveau rapport de recherches portant sur le fonctionnement des groupes de rançongiciels et la spirale de financement de leur attaque. Intitulé " What Decision Makers Need to Know About Ransomware Risk ", il révèle qu'il suffit du paiement de seulement 10 % des demandes de rançons pour financer de nouvelles vagues d'attaques. " Les rançongiciels constituent aujourd'hui une menace majeure pour la cybersécurité des entreprises, des collectivités et des (...) - Malwares | Ransomware Prediction | ★★★★ | |
|
2023-02-24 00:00:00 | 2022 Review: Trend Transforms to SaaS Cybersecurity (lien direct) | Transformation to a SaaS-based cybersecurity vendor | Prediction Cloud | ★★ | |
|
2023-02-24 00:00:00 | Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool (lien direct) | Trend Micro's Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX. | Tool Prediction | ★★★ | |
 |
2023-02-23 10:21:53 | An Analysis of Emerging Fortinet Vulnerabilities Trend (lien direct) | >By SOCRadar Research Fortinet is one of the major cybersecurity companies and offers 56 cybersecurity... | Prediction | ★★ | |
|
2023-02-22 16:25:00 | Trend Micro Acquires SOC Technology Expert Anlyz (lien direct) | Technology tuck-in enhances industry's broadest XDR security platform. | Prediction | ★★ | |
|
2023-02-21 14:08:15 | Trend Micro Incorporated présente sa vision de la centralisation et de l\'amélioration de la sécurité des environnements informatiques, OT et CT (lien direct) | Trend Micro centralise et supervise la sécurité des environnements critiques, notamment industriels Trend Micro renforce son offre sur la sécurité cross-domain pour offrir une visibilité et un contrôle mutualisé des systèmes cyber/physiques. - Produits | Prediction | ★★★ | |
|
2023-02-11 16:41:00 | Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users (lien direct) | Suspected Russian threat actors have been targeting Eastern European users in the crypto industry with fake job opportunities as bait to install information-stealing malware on compromised hosts. The attackers "use several highly obfuscated and under-development custom loaders in order to infect those involved in the cryptocurrency industry with Enigma stealer," Trend Micro researchers Aliakbar | Malware Threat Prediction | ★★ | |
 |
2023-02-11 00:12:02 | Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper (lien direct) | >In the previous blog in this series, we covered the foundational elements that make up Neighborhood Keeper, as well as... The post Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper first appeared on Dragos. | Threat Prediction | ★★★ | |
 |
2023-02-10 02:00:00 | Top cybersecurity M&A deals for 2023 (lien direct) | Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world's biggest tech companies as predictions of recession loomed and war in Ukraine dragged on with no end in sight.Global concern over cybersecurity has never been higher, with attacks coming fast and furious and in ever-growing numbers, and 65% of organizations planned to increase cybersecurity spending in 2023. That means CISOs may be pressured to do more with what they have as budgets shrink even as demand for security increases. And they should be aware of what could change if one of their vendors is acquired in this climate.To read this article in full, please click here | Prediction | ★★ | |
|
2023-02-09 13:24:00 | BrandPost: Security Trends to Watch in 2023 (lien direct) | It's that time of year again when many of your favorite security professionals and vendors roll out their predictions for the coming year. Although not all of us have clairvoyant abilities, seasoned pros can spot a trend early and inform the rest of us before we're caught off guard. Because adversaries continually adapt and change, security practitioners must also adapt their thinking, understanding, and defenses to combat innovation by using tools such as threat intelligence, threat hunting, and proactive suppression. In this spirit, we have identified a few trends to look out for before it's too late. Geopolitical unrest Although distributed denial-of-service (DDoS) attacks have steadily increased over the past 20 years, recent data firmly establishes the reality that network operators need to understand, prepare for, and expect attacks related to politics, religion, and ideology. Nation-state actors often directly target internet infrastructure to take out critical communications, e-commerce, and other vital infrastructure dependent on internet connectivity. This, of course, means targeting internet service provider (ISP) networks to hobble internet connectivity.To read this article in full, please click here | Threat Prediction | ★ | |
 |
2023-02-09 11:15:15 | How will the NIS2 Directive impact the European bug bounty market? (lien direct) | >The NIS2 Directive is due to be implemented across the EU by September next year. Find out how the legislation will impact the region's bug bounty and cybersecurity industry. In 2022, the bug bounty and crowdsourced security industry experienced a surge in its validation and growth across the globe due to supportive legislation. This trend […] | Prediction | ★★★ | |
 |
2023-02-08 14:00:00 | What CISOs Should Know About Hacking in 2023 (lien direct) | >The art of cyber crime is in a constant state of flux and evolution. Simply staying on pace with these trends is a significant part of the CISO’s job. Today’s modern CISO must ensure they are always prepared for the next big trend and remain ahead of adversaries. As we begin to navigate 2023, the […] | Prediction | ★★★ | |
 |
2023-02-07 22:16:16 | KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach (lien direct) | KrebsOnSecurity will likely have a decent amount of screen time in an upcoming Hulu documentary series about the 2015 megabreach at marital infidelity site Ashley Madison. While I can't predict what the producers will do with the video interviews we shot, it's fair to say the series will explore tantalizing new clues as to who may have been responsible for the attack. | Prediction | ★★★ |
To see everything:
Our RSS (filtrered)
