What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-13 13:49:34 | Résultats clés de CrowdStrike \\'s 2024 Rapport de sécurité des applications Key Findings from CrowdStrike\\'s 2024 State of Application Security Report (lien direct) |
Au fur et à mesure que les organisations déplacent leurs applications et leurs opérations vers le cloud et stimulent de plus en plus les revenus via des logiciels, des applications natives dans le cloud et des API ont émergé parmi les plus grands domaines du risque de sécurité moderne.Selon les données accessibles au public, huit des 10 meilleures violations de données de 2023 étaient liées aux surfaces d'attaque d'application.1 Ces huit violations ont été exposées à elles seules [& # 8230;]
As organizations shift their applications and operations to the cloud and increasingly drive revenues through software, cloud-native applications and APIs have emerged among the greatest areas of modern security risk. According to publicly available data, eight of the top 10 data breaches of 2023 were related to application attack surfaces.1 These eight breaches alone exposed […] |
Studies Cloud | ★★★★ | |
 |
2024-02-13 09:56:30 | Le PICUS Red Report 2024 révèle une augmentation de 333% des logiciels malveillants qui cible et désactive les contrôles de sécurité The Picus Red Report 2024 reveals 333% increase in malware that targets and disables security controls (lien direct) |
Surge dans les logiciels malveillants «Hunter-Killer» découverts par Picus Security
Le rapport PICUS Red 2024 révèle une augmentation de 333% des logiciels malveillants qui cible et désactive les contrôles de sécurité
-
rapports spéciaux
Surge in “Hunter-killer” Malware Uncovered by Picus Security The Picus Red Report 2024 reveals 333% increase in malware that targets and disables security controls - Special Reports |
Malware Studies | ★★★★ | |
 |
2024-02-12 20:42:30 | Les Nations Unies fouillant dans les cyberattaques de crypto DPRC totalisant 3 milliards de dollars United Nations Digging Into DPRK Crypto Cyberattacks Totaling $3B (lien direct) |
L'ONU aurait enquête sur des dizaines de cyberattaques cryptographiques soupçonnées d'avoir obtenu le régime nord-coréen des milliards pour financer son programme nucléaire.
The UN is reportedly investigating dozens of crypto cyberattacks suspected to have earned the North Korean regime billions to fund its nuclear program. |
Studies | ★★ | |
 |
2024-02-12 08:02:39 | 4 étapes pour empêcher le compromis des e-mails des fournisseurs dans votre chaîne d'approvisionnement 4 Steps to Prevent Vendor Email Compromise in Your Supply Chain (lien direct) |
Supply chains have become a focal point for cyberattacks in a world where business ecosystems are increasingly connected. Email threats are a significant risk factor, as threat actors are keen to use compromised email accounts to their advantage. Every month, a staggering 80% of Proofpoint customers face attacks that originate from compromised vendor, third-party or supplier email accounts. Known as supplier account compromise, or vendor email compromise, these attacks involve threat actors infiltrating business communications between trusted partners so that they can launch internal and external attacks. Their ultimate goal might be to steal money, steal data, distribute malware or simply cause havoc. In this blog post, we\'ll explain how vendor emails are compromised and how you can stop these attacks. Finally, we\'ll tell you how Proofpoint can help. What\'s at stake Supply chain compromise attacks can be costly for businesses. IBM, in its latest Cost of a Data Breach Report, says that the average total cost of a cyberattack that involves supply chain compromise is $4.76 million. That is almost 12% higher than the cost of an incident that doesn\'t involve the supply chain. In addition to the financial implications, compromised accounts can lead to: Phishing scams that result in even more compromised accounts Reputational and brand damage Complex legal liabilities between business partners How does vendor email compromise occur? Supply chain compromise attacks are highly targeted. They can stretch out over several months. And typically, they are structured as a multistep process. The bad actor initiates the assault by gaining access to the email account of a vendor or supplier through various means. Phishing attacks are one example. Once the attacker gains access, they will lay low for an extended period to observe the vendor\'s email communications. During this time, the adversary will study the language and context of messages so that they can blend in well and avoid detection. Attackers might also use this observation period to establish persistence. They will create mail rules and infrastructure so that they can continue to receive and send messages even after the vendor has regained control of the account. Once they establish access and persistence, the attackers will begin to insert themselves into conversations within the supplier\'s company as well as with external partners and customers. By posing as the sender, the attacker takes advantage of established trust between parties to increase their chances of success. Overview of a vendor email compromise attack. Proofpoint has observed a growing trend of attackers targeting accounts within smaller businesses and using them to gain entry into larger companies. Threat actors often assume that small businesses have less protection than large companies. They see them as targets that can help them achieve a bigger payday. How to stop vendor email compromise If you want to defend against these attacks, it\'s critical to understand the methods behind them. Such a formidable problem requires a strategic and multilayered solution. The four broad steps below can help. Step 1: Know your suppliers Your first line of defense against these email attacks sounds simple, but it\'s challenging. It is the ability to intimately “know your supplier” and understand their security strategy. This requires more than a one-time vendor assessment. Your security teams will need to prioritize continuous monitoring of your company\'s business partnerships. On top of that knowledge, you need a thorough understanding of the access and privileges that your business grants to each vendor. Compromised accounts that have uncontrolled access may be able to exfiltrate sensitive data or upload malware like ransomware. So, when you know what your suppliers can (and can\'t) access, you can identify a data breach faster. Other steps, like requiring multifactor authentication (MFA) for vendor accounts, can | Ransomware Data Breach Malware Tool Threat Studies Prediction Cloud | ★★★ | |
 |
2024-02-09 15:51:37 | La recherche Nozomi révèle des menaces croissantes pour les infrastructures critiques des anomalies du réseau OT et IoT Nozomi research reveals growing threats to critical infrastructure from OT and IoT network anomalies (lien direct) |
Les nouvelles recherches de Nozomi Networks ont révélé que les anomalies omnipinées (technologie opérationnelle) et IoT du réseau élevaient du rouge ...
New research from Nozomi Networks has disclosed that pervasive OT (operational technology) and IoT network anomalies raise red... |
Studies Industrial | ★★★★ | |
 |
2024-02-09 13:46:14 | Les paiements de ransomwares ont atteint un record en 2023 & # 8211;Semaine en sécurité avec Tony Anscombe Ransomware payments hit a record high in 2023 – Week in security with Tony Anscombe (lien direct) |
Appelé une "année du bassin versant pour les ransomwares", 2023 a marqué un renversement de la baisse des paiements des ransomwares observés l'année précédente
Called a "watershed year for ransomware", 2023 marked a reversal from the decline in ransomware payments observed in the previous year |
Ransomware Studies | ★★★★ | |
 |
2024-02-07 12:04:25 | Enseigner aux LLM pour être trompeuses Teaching LLMs to Be Deceptive (lien direct) |
Recherche intéressante: & # 8220; Agents dormeurs: entraînement des LLM trompeurs qui persistent par la formation à la sécurité & # 8220 ;: | Studies | ★★★ | |
 |
2024-02-06 10:49:32 | Google relie plus de 60 jours zéro aux vendeurs de logiciels espions commerciaux Google Links Over 60 Zero-Days to Commercial Spyware Vendors (lien direct) |
> Plus de 60 des Adobe, Google, Android, Microsoft, Mozilla et Apple Zero-Days qui ont été révélés depuis 2016 attribués à des fournisseurs de logiciels espions.
>More than 60 of the Adobe, Google, Android, Microsoft, Mozilla and Apple zero-days that have come to light since 2016 attributed to spyware vendors. |
Studies Mobile Commercial | ★★★★ | |
|
2024-02-03 17:06:19 | Kaspersky prévoit que les ransomwares restent les principales menaces aux entreprises industrielles en 2024 Kaspersky predicts ransomware to remain top threat to industrial enterprises in 2024 (lien direct) |
Kaspersky a identifié qu'il ne s'attend pas à des changements rapides dans le paysage de la cyber-menace industrielle cette année dans ...
Kaspersky identified that it does not expect rapid changes in the industrial cyber threat landscape this year in... |
Ransomware Threat Studies Industrial | ★★★ | |
|
2024-02-02 21:44:09 | CORNE CISO: Gen Z Challenges, Ciso Liability & AMP;Étude de cas de Cathay Pacific CISO Corner: Gen Z Challenges, CISO Liability & Cathay Pacific Case Study (lien direct) |
Roundup-up de Dark Reading \\ de Cyber-opérations stratégiques pour les principaux responsables de la sécurité de l'information.
Dark Reading\'s roundup of strategic cyber-operations insights for chief information security officers. |
Studies | ★★★ | |
|
2024-02-01 13:29:32 | 835 Vulnérabilités de sécurité trouvées par des pirates éthiques en 2023, en les apportant & Euro; 417 000 en gains, montre l'étude 835 security vulnerabilities found by ethical hackers in 2023, bringing them €417,000 in earnings, study shows (lien direct) |
Surfshark a analysé le référentiel Hackerone des vulnérabilités de sécurité rapportée par les pirates de white-hat et a constaté qu'en 2023, 835 vulnérabilités de sécurité ont été trouvées sur 105 sites Web, ce qui a apporté des bénéfices d'au moins & Euro; 417000 aux pirates éthiques.
-
rapports spéciaux
Surfshark analyzed the HackerOne repository of security vulnerabilities reported by white-hat hackers and found that in 2023, 835 security vulnerabilities were found across 105 websites, which brought earnings of at least €417,000 to ethical hackers. - Special Reports |
Vulnerability Studies | ★★★ | |
|
2024-02-01 12:06:14 | Réseau de surveillance approfondie de Facebook \\ Facebook\\'s Extensive Surveillance Network (lien direct) |
Consumer Reports est reportage que Facebook a construit un réseau de surveillance massif:
En utilisant un panel de 709 bénévoles qui ont partagé des archives de leurs données Facebook, Consumer Reports a constaté qu'un total de 186 892 entreprises envoyaient des données à leur sujet au réseau social.En moyenne, chaque participant à l'étude a fait envoyer ses données à Facebook par 2 230 entreprises.Ce nombre variait considérablement, avec certains panélistes & # 8217;Données répertoriant plus de 7 000 entreprises fournissant leurs données.Le balisage a aidé les rapports à la consommation recrutant les participants pour l'étude.Les participants ont téléchargé une archive des trois années précédentes de leurs données à partir de leurs paramètres Facebook, puis l'ont fourni aux rapports Consumer ...
Consumer Reports is reporting that Facebook has built a massive surveillance network: Using a panel of 709 volunteers who shared archives of their Facebook data, Consumer Reports found that a total of 186,892 companies sent data about them to the social network. On average, each participant in the study had their data sent to Facebook by 2,230 companies. That number varied significantly, with some panelists’ data listing over 7,000 companies providing their data. The Markup helped Consumer Reports recruit participants for the study. Participants downloaded an archive of the previous three years of their data from their Facebook settings, then provided it to Consumer Reports... |
Studies | ★★★ | |
|
2024-02-01 09:50:52 | 300 millions de données de compte utilisateur ont été divulguées à l'échelle mondiale en 2023 - Tendances de violation de données 300 million user account data leaked globally in 2023 - data breach trends (lien direct) |
10 comptes ont été divulgués chaque seconde de 2023, l'étude globale de Surfshark \\ montre: & copy;Boguslaw Mazur
«Alors que nous regardons en arrière sur 2023, il y a une tendance positive dans les violations de données & # 8211;Une diminution de 20% des comptes touchés par rapport à 2022. Malgré cette amélioration, 300 millions d'utilisateurs dans le monde ont encore subi des violations », explique Agneska Sablovskaja, chercheuse principale chez Surfshark.«Même une fuite de données de compte unique peut entraîner un accès non autorisé, risquant l'utilisation abusive des informations personnelles, l'identité potentielle ou (...)
-
rapports spéciaux
/ /
affiche
10 accounts were leaked every second of 2023, Surfshark\'s global study shows: © Boguslaw Mazur “As we look back on 2023, there\'s a positive trend in data breaches – a 20% decrease in affected accounts compared to 2022. Despite this improvement, 300 million users worldwide still experienced breaches,” says Agneska Sablovskaja, Lead Researcher at Surfshark. “Even a single account data leak can lead to unauthorized access, risking the misuse of personal information, potential identity or (...) - Special Reports / affiche |
Data Breach Studies Prediction | ★★★ | |
|
2024-02-01 08:45:38 | Txone Networks rapporte des défis dans la cybersécurité OT / ICS dans toutes les industries en raison des RAAS, des attaques de chaîne d'approvisionnement, de la géopolitique TXOne Networks reports challenges in OT/ICS cybersecurity across industries due to RaaS, supply chain attacks, geopolitics (lien direct) |
Cyber-Physical Systems (CPS) Sécurité Txone Networks publié cette semaine son rapport annuel 2023 détaillant une fourchette croissante ...
Cyber-physical systems (CPS) security firm TXOne Networks published this week its 2023 annual report detailing a growing range... |
Studies Industrial | ★★★★ | |
|
2024-02-01 06:00:12 | Le pare-feu humain: Pourquoi la formation de sensibilisation à la sécurité est une couche de défense efficace The Human Firewall: Why Security Awareness Training Is an Effective Layer of Defense (lien direct) |
Do security awareness programs lead to a quantifiable reduction in risk? Do they directly impact a company\'s security culture? In short, are these programs effective? The answer to these questions is a resounding yes! With 74% of all data breaches involving the human element, the importance of educating people to help prevent a breach cannot be understated. However, for training to be effective, it needs to be frequent, ongoing and provided to everyone. Users should learn about: How to identify and protect themselves from evolving cyberthreats What best practices they can use to keep data safe Why following security policies is important In this blog post, we discuss the various ways that security awareness training can have a positive impact on your company. We also discuss how to make your program better and how to measure your success. Security awareness training effectiveness Let\'s look at three ways that security awareness training can help you boost your defenses. 1. Mitigate your risks By teaching your team how to spot and handle threats, you can cut down on data breaches and security incidents. Our study on the effects of using Proofpoint Security Awareness showed that many companies saw up to a 40% decrease in the number of harmful links clicked by users. Think about this: every click on a malicious link could lead to credential theft, a ransomware infection, or the exploitation of a zero-day vulnerability. So, an effective security awareness program essentially reduces security incidents by a similar amount. Want more evidence about how important it is? Just check out this study that shows security risks can be reduced by as much as 80%. Here is more food for thought. If a malicious link does not directly result in a breach, it must still be investigated. The average time to identify a breach is 204 days. So, if you can reduce the number of incidents you need to investigate, you can see real savings in time and resources. 2. Comply with regulations Security awareness education helps your company comply with data regulations, which are always changing. This can help you avoid hefty fines and damage to your reputation. In many cases, having a security awareness program can keep you compliant with several regulations. This includes U.S. state privacy laws, the European Union\'s GDPR and other industry regulations. 3. Cultivate a strong security culture An effective security awareness program doesn\'t have to be all doom and gloom. Done right, it can help you foster a positive security culture. More than half of users (56%) believe that being recognized or rewarded would make their company\'s security awareness efforts more effective. But only 8% of users say that their company provides them with incentives to practice “good” cybersecurity behavior. When you make security fun through games, contests, and reward and recognition programs, you can keep your employees engaged. You can also motivate them to feel personally responsible for security. That, in turn, can inspire them to be proactive about keeping your critical assets safe. Finally, be sure to incorporate security principles into your company\'s core values. For example, your business leaders should regularly discuss the importance of security. That will help users to understand that everyone plays a vital role in keeping the business safe. How to make your security awareness program effective The verdict is clear. Security awareness programs can tangibly reduce organizational risks. When asked about the connection between their security awareness efforts and their company\'s cybersecurity resilience, a resounding 96% of security professionals say that there is more than just a strong link. They say that it\'s either a direct result of security training or that training is a strong contributor. Let\'s discuss how you can make your program more effective. Assess your security posture The first step toward effectiveness is to assess your company\'s security posture | Ransomware Tool Vulnerability Threat Studies | ★★★ | |
|
2024-01-31 23:32:00 | Kasperskys ics Cert Kasperskys ICS CERT Predictions for 2024: Ransomware Rampage, Cosmopolitical Hacktivism, and Beyond (lien direct) |
Do security awareness programs lead to a quantifiable reduction in risk? Do they directly impact a company\'s security culture? In short, are these programs effective? The answer to these questions is a resounding yes! With 74% of all data breaches involving the human element, the importance of educating people to help prevent a breach cannot be understated. However, for training to be effective, it needs to be frequent, ongoing and provided to everyone. Users should learn about: How to identify and protect themselves from evolving cyberthreats What best practices they can use to keep data safe Why following security policies is important In this blog post, we discuss the various ways that security awareness training can have a positive impact on your company. We also discuss how to make your program better and how to measure your success. Security awareness training effectiveness Let\'s look at three ways that security awareness training can help you boost your defenses. 1. Mitigate your risks By teaching your team how to spot and handle threats, you can cut down on data breaches and security incidents. Our study on the effects of using Proofpoint Security Awareness showed that many companies saw up to a 40% decrease in the number of harmful links clicked by users. Think about this: every click on a malicious link could lead to credential theft, a ransomware infection, or the exploitation of a zero-day vulnerability. So, an effective security awareness program essentially reduces security incidents by a similar amount. Want more evidence about how important it is? Just check out this study that shows security risks can be reduced by as much as 80%. Here is more food for thought. If a malicious link does not directly result in a breach, it must still be investigated. The average time to identify a breach is 204 days. So, if you can reduce the number of incidents you need to investigate, you can see real savings in time and resources. 2. Comply with regulations Security awareness education helps your company comply with data regulations, which are always changing. This can help you avoid hefty fines and damage to your reputation. In many cases, having a security awareness program can keep you compliant with several regulations. This includes U.S. state privacy laws, the European Union\'s GDPR and other industry regulations. 3. Cultivate a strong security culture An effective security awareness program doesn\'t have to be all doom and gloom. Done right, it can help you foster a positive security culture. More than half of users (56%) believe that being recognized or rewarded would make their company\'s security awareness efforts more effective. But only 8% of users say that their company provides them with incentives to practice “good” cybersecurity behavior. When you make security fun through games, contests, and reward and recognition programs, you can keep your employees engaged. You can also motivate them to feel personally responsible for security. That, in turn, can inspire them to be proactive about keeping your critical assets safe. Finally, be sure to incorporate security principles into your company\'s core values. For example, your business leaders should regularly discuss the importance of security. That will help users to understand that everyone plays a vital role in keeping the business safe. How to make your security awareness program effective The verdict is clear. Security awareness programs can tangibly reduce organizational risks. When asked about the connection between their security awareness efforts and their company\'s cybersecurity resilience, a resounding 96% of security professionals say that there is more than just a strong link. They say that it\'s either a direct result of security training or that training is a strong contributor. Let\'s discuss how you can make your program more effective. Assess your security posture The first step toward effectiveness is to assess your company\'s security posture | Ransomware Studies Industrial | ★★★★ | |
|
2024-01-30 13:47:04 | (Déjà vu) La recherche de la délibération révèle que les ransomwares sont de retour en augmentation alors que les cybercriminels \\ 'la motivation se déplace vers l'exfiltration des données Delinea Research Reveals that Ransomware is Back on the Rise as Cybercriminals\\' Motivation Shifts to Data Exfiltration (lien direct) |
La recherche sur la conduite révèle que les ransomwares sont de retour en augmentation alors que les cybercriminels \\ 'se déplacent vers l'exfiltration des données
Plus de 75% des organisations paient des ransomwares à mesure que les entreprises de taille moyenne deviennent la cible préférée, le cloud devient le vecteur d'attaque le plus vulnérable
-
mise à jour malveillant
Delinea Research Reveals that Ransomware is Back on the Rise as Cybercriminals\' Motivation Shifts to Data Exfiltration More than 75% of organizations are paying ransomware as mid-sized companies become the preferred target, cloud becomes the most vulnerable attack vector - Malware Update |
Ransomware Studies Cloud | ★ | |
|
2024-01-30 13:45:17 | L\'étude Delinea révèle que les ransomwares sont de nouveau en hausse alors que les cybercriminels se tournent vers l\'exfiltration de données (lien direct) | L'étude Delinea révèle que les ransomwares sont de nouveau en hausse alors que les cybercriminels se tournent vers l'exfiltration de données • Plus de 75 % des entreprises paient des ransomwares • Les entreprises de taille moyenne deviennent la cible privilégiée • L'informatique dématérialisée est le vecteur d'attaque le plus vulnérable - Malwares | Ransomware Studies | ★★★ | |
|
2024-01-30 09:57:45 | L'industrie aéronautique fait face à l'augmentation des risques de cybersécurité à mesure que les nouvelles technologies stimulent l'adoption, explique Aviation ISAC Survey Aviation industry faces rising cybersecurity risks as new technologies drive adoption, says Aviation ISAC survey (lien direct) |
L'édition 2024 de l'Aviation ISAC Cyber Risk Survey a mis en évidence une croissance significative en 2023 avec l'adoption ...
The 2024 edition of the Aviation ISAC Cyber Risk Survey highlighted significant growth in 2023 with the adoption... |
Studies Industrial | ★★★ | |
 |
2024-01-29 11:00:00 | Étude de cas: USM de Vertek \\ partout où MDR aide plus grand concessionnaire automobile dans le nord-est à améliorer leur posture de cybersécurité Case study: Vertek\\'s USM Anywhere MDR helps larger auto dealership in the northeast improve their Cybersecurity posture (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Challenges A larger auto dealership in the northeast faced a number of cybersecurity challenges, including: Lack of resources: The dealership did not have the in-house expertise or resources to manage its own security operations center (SOC). The lack of trained security experts resulted in slower responses times to security incidents. Multiple security solutions: The dealership was using a variety of security solutions from different vendors, making it difficult to manage and correlate security data. Increased threat landscape: The dealership was facing an increasing number of cyber threats, including ransomware, phishing, and malware attacks. Solution The dealership engaged Vertek to implement their top of line Managed Detection and Response (MDR) service using AT&T AlienVault SIEM. Vertek\'s USM Anywhere MDR service provides 24/7 proactive threat monitoring, industry leading threat intelligence, and expert incident response. It is built on top of the AlienVault USM Anywhere platform, which is a unified security management (USM) platform that combines multiple essential security capabilities in one unified console. The service easily integrates with the existing security stack and is implemented without interruption to existing operations. Benefits Since implementing Vertek\'s USM Anywhere MDR service the dealership has experienced a number of benefits, including: Improved security posture: Vertek\'s MDR service has helped the dealership improve its overall security posture by identifying and mitigating security vulnerabilities, and by providing the dealership with actionable security insights. Vertek’s 24/7 SOC identifies and responds to security incidents with speed and accuracy using industry leading threat intelligence. Reduced workload and more effective allocation of resources: Vertek\'s MDR service has reduced the workload on the dealership\'s IT staff by freeing them up to focus on mission critical tasks that fall in line with their core competency. Working with Vertek instead of building an in-house security team has resulted in significant cost savings for the dealership. Improved peace of mind: Vertek\'s MDR service gives the dealership peace of mind knowing that their security is being monitored and managed by a team of experts with expert response to threats. Specific example Vertek was actively monitoring a customer\'s network for threats using their USM Anywhere MDR service. AlienVault SIEM detected a large number of failed login attempts to the customer\'s Active Directory server. Vertek\'s security team immediately investigated the incident and discovered that the attacker was using a brute-force attack to try to guess the passwords of Active Directory users. Vertek\'s security team used context data in the form of network traffic, end-user behavior analytics, and NXLOGS output from their IT tools to understand the significance of the attack. They knew that the Active Directory server was a critical system for the customer, and that if the attacker was able to gain access to the server, they would be able to compromise the entire network. Vertek also used threat intelligence from the MITRE ATT&CK Framework to understand the tactics, techniques, and procedures (TTPs) of the attacker. They knew that brute-force attacks were a common tactic used by ransomware gangs. Based on the context data and threat intelligence, Vertek was able to determine that the customer was facing a high-risk ransomware attack. Vertek\'s security team quickly took steps to mitiga | Ransomware Malware Tool Vulnerability Threat Studies | ★★★ | |
|
2024-01-25 19:00:00 | (Déjà vu) Panorays Study révèle que 94% des CISO se préoccupent des cyber-menaces tierces, mais seulement 3% ont mis en œuvre des mesures de sécurité Panorays Study Finds 94% of CISOs Are Concerned About Third-party Cyber Threats, Yet Only 3% Have Implemented Security Measures (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Challenges A larger auto dealership in the northeast faced a number of cybersecurity challenges, including: Lack of resources: The dealership did not have the in-house expertise or resources to manage its own security operations center (SOC). The lack of trained security experts resulted in slower responses times to security incidents. Multiple security solutions: The dealership was using a variety of security solutions from different vendors, making it difficult to manage and correlate security data. Increased threat landscape: The dealership was facing an increasing number of cyber threats, including ransomware, phishing, and malware attacks. Solution The dealership engaged Vertek to implement their top of line Managed Detection and Response (MDR) service using AT&T AlienVault SIEM. Vertek\'s USM Anywhere MDR service provides 24/7 proactive threat monitoring, industry leading threat intelligence, and expert incident response. It is built on top of the AlienVault USM Anywhere platform, which is a unified security management (USM) platform that combines multiple essential security capabilities in one unified console. The service easily integrates with the existing security stack and is implemented without interruption to existing operations. Benefits Since implementing Vertek\'s USM Anywhere MDR service the dealership has experienced a number of benefits, including: Improved security posture: Vertek\'s MDR service has helped the dealership improve its overall security posture by identifying and mitigating security vulnerabilities, and by providing the dealership with actionable security insights. Vertek’s 24/7 SOC identifies and responds to security incidents with speed and accuracy using industry leading threat intelligence. Reduced workload and more effective allocation of resources: Vertek\'s MDR service has reduced the workload on the dealership\'s IT staff by freeing them up to focus on mission critical tasks that fall in line with their core competency. Working with Vertek instead of building an in-house security team has resulted in significant cost savings for the dealership. Improved peace of mind: Vertek\'s MDR service gives the dealership peace of mind knowing that their security is being monitored and managed by a team of experts with expert response to threats. Specific example Vertek was actively monitoring a customer\'s network for threats using their USM Anywhere MDR service. AlienVault SIEM detected a large number of failed login attempts to the customer\'s Active Directory server. Vertek\'s security team immediately investigated the incident and discovered that the attacker was using a brute-force attack to try to guess the passwords of Active Directory users. Vertek\'s security team used context data in the form of network traffic, end-user behavior analytics, and NXLOGS output from their IT tools to understand the significance of the attack. They knew that the Active Directory server was a critical system for the customer, and that if the attacker was able to gain access to the server, they would be able to compromise the entire network. Vertek also used threat intelligence from the MITRE ATT&CK Framework to understand the tactics, techniques, and procedures (TTPs) of the attacker. They knew that brute-force attacks were a common tactic used by ransomware gangs. Based on the context data and threat intelligence, Vertek was able to determine that the customer was facing a high-risk ransomware attack. Vertek\'s security team quickly took steps to mitiga | Studies | ★ | |
 |
2024-01-25 18:19:47 | Un nouveau projet de loi cherche à consolider la nourriture américaine, les secteurs de l'agriculture New bill looks to shore up US food, agriculture sectors (lien direct) |
Un duo bipartite des sénateurs américains a présenté jeudi une législation pour stimuler les défenses numériques protégeant les secteurs de l'agriculture et des infrastructures critiques. The Farm and Food Cybersecurity Act De Sens. Kirsten Gillibrand (D-ny) et Tom et Tom et TomLe coton (R-AR) obligerait le secrétaire à l'Agriculture à mener une étude tous les deux ans sur les cyber-menaces
A bipartisan duo of U.S. senators on Thursday introduced legislation to boost the digital defenses protecting the agriculture and food critical infrastructure sectors. The Farm and Food Cybersecurity Act from Sens. Kirsten Gillibrand (D-NY) and Tom Cotton (R-AR) would require the Secretary of Agriculture to conduct a study every two years on the cyber threats |
Studies Legislation | ★★★ | |
|
2024-01-25 17:38:02 | Panorays Study révèle que 94% des CISO se préoccupent des cyber-menaces tierces, mais seulement 3% ont mis en œuvre des mesures de sécurité Panorays Study Finds 94% of CISOs are Concerned About Third-party Cyber Threats, Yet Only 3% Have Implemented Security Measures (lien direct) |
L'étude Panorays révèle que 94% des CISO se préoccupent des cyber-menaces tierces, mais seulement 3% ont mis en œuvre des mesures de sécurité
-
rapports spéciaux
Panorays Study Finds 94% of CISOs are Concerned About Third-party Cyber Threats, Yet Only 3% Have Implemented Security Measures - Special Reports |
Studies | ★★★ | |
 |
2024-01-25 13:00:00 | Semaine de confidentialité des données: les violations des données américaines surfance, 2023 voit une augmentation de 78% des compromis Data Privacy Week: US Data Breaches Surge, 2023 Sees 78% Increase in Compromises (lien direct) |
Plus de 350 millions de personnes ont été touchées par les violations de données aux États-Unis en 2023 et 11% de toutes les sociétés cotées en bourse ont été compromises
Over 350 million individuals were impacted by data breaches in the US in 2023 and 11% of all publicly traded companies have been compromised |
Studies | ★★★★ | |
|
2024-01-25 09:09:47 | Une nouvelle étude Concordia montre que les parcs éoliens offshore sont vulnérables aux cyberattaques New Concordia study shows offshore wind farms are vulnerable to cyberattacks (lien direct) |
> Selon une étude récente menée par Concordia, les parcs éoliens offshore sont sensibles aux cyberattaques.L'étude met en évidence ...
>According to a recent study conducted by Concordia, offshore wind farms are susceptible to cyberattacks. The study highlights... |
Studies Studies | ★★★★ | |
|
2024-01-25 09:06:52 | La recherche de ForeScout révèle une augmentation alarmante des cyberattaques, souligne le besoin d'une meilleure cybersécurité des infrastructures critiques Forescout Research reveals alarming rise in cyberattacks, emphasizes need for better critical infrastructure cybersecurity (lien direct) |
Données publiées par ForeScout Research & # 8211;Vedere Labs révèle qu'il y a eu plus de 420 millions d'attaques enregistrées tout au long ...
Data published by Forescout Research – Vedere Labs reveals that there were over 420 million recorded attacks throughout... |
Studies | ★★★ | |
 |
2024-01-24 20:38:38 | Étude du National Cyber Security Center: L'IA générative peut augmenter la menace mondiale des ransomwares National Cyber Security Centre Study: Generative AI May Increase Global Ransomware Threat (lien direct) |
Voir les prédictions de NCSC \\ pour l'IA générative pour la cyberattaque et la défense jusqu'en 2025.
See NCSC\'s predictions for generative AI for cyber attack and defense through 2025. |
Ransomware Threat Studies | ★★★ | |
|
2024-01-24 13:03:55 | Armis: les tentatives d'attaque de cybersécurité doublent en 2023, besoin urgent de hiérartisation et d'atténuation des risques en 2024 Armis: Cybersecurity attack attempts double in 2023, urgent need for prioritization and risk mitigation in 2024 (lien direct) |
> La société de cybersécurité des renseignements d'actifs Armis a révélé que les attaques de cybersécurité tentent plus que doublé, augmentant 104% en 2023 ....
>Asset intelligence cybersecurity company Armis disclosed that cybersecurity attack attempts more than doubled, increasing 104 percent in 2023.... |
Studies Industrial | ★★★ | |
 |
2024-01-22 16:52:00 | 52% des vulnérabilités graves que nous trouvons sont liées à Windows 10 52% of Serious Vulnerabilities We Find are Related to Windows 10 (lien direct) |
Nous avons analysé 2,5 millions de vulnérabilités que nous avons découvertes dans les actifs de nos clients.C'est ce que nous avons trouvé.
Creuser dans les données
L'ensemble de données que nous analysons ici est représentatif d'un sous-ensemble de clients qui souscrivent à nos services de numérisation de vulnérabilité.Les actifs numérisés incluent ceux accessibles sur Internet, ainsi que ceux présents sur les réseaux internes.Les données incluent les résultats du réseau
We analyzed 2,5 million vulnerabilities we discovered in our customer\'s assets. This is what we found. Digging into the data The dataset we analyze here is representative of a subset of clients that subscribe to our vulnerability scanning services. Assets scanned include those reachable across the Internet, as well as those present on internal networks. The data includes findings for network |
Vulnerability Studies | ★★★★ | |
|
2024-01-22 14:42:50 | Les tentatives de cyberattaques ont plus que doublé en 2023, augmentant de 104 % (lien direct) | Les tentatives de cyberattaques ont plus que doublé en 2023, augmentant de 104 % Le système d'analyse de données exclusif d'Armis offre un plan d'action possible quant aux domaines à prioriser pour l'année à venir - Investigations | Studies | ★★★★ | |
|
2024-01-17 13:08:00 | L'Estonie arrête le professeur russe soupçonné d'espionnage Estonia arrests Russian professor on suspicion of espionage (lien direct) |
Un professeur d'université a été arrêté en Estonie soupçonné d'avoir facilité et conduit une activité de renseignement ciblant le pays.Viacheslav Morozov, 51 ans, était professeur de théorie internationale à l'Université de Tartu avant l'arrestation a conduit son emploi à être terminé , selon Kristiina T & Otilde; Nisson, le chef de l'Institut d'études politiques de l'Université.Le
A university professor has been arrested in Estonia on suspicion of facilitating and conducting intelligence activity targeting the country. Viacheslav Morozov, 51, was a professor of international theory at the University of Tartu before the arrest led to his employment being terminated, according to Kristiina Tõnisson, the head of the university\'s political studies institute. The |
Studies | ★★★ | |
|
2024-01-17 12:14:03 | Le code écrit avec des assistants d'IA est moins sécurisé Code Written with AI Assistants Is Less Secure (lien direct) |
Recherche intéressante: & # 8220; Les utilisateurs écrivent-ils un code plus peu sûr avec des assistants d'IA? & # 8220 ;:
Résumé: Nous effectuons la première étude utilisateur à grande échelle en examinant comment les utilisateurs interagissent avec un assistant de code AI pour résoudre une variété de tâches liées à la sécurité dans différents langages de programmation.Dans l'ensemble, nous constatons que les participants qui avaient accès à un assistant d'IA basé sur le modèle Codex-Davinci-002 d'Openai ont écrit du code nettement moins sécurisé que ceux sans accès.De plus, les participants ayant accès à un assistant d'IA étaient plus susceptibles de croire qu'ils ont écrit du code sécurisé que ceux sans accès à l'assistant d'IA.En outre, nous constatons que les participants qui ont fait confiance à l'IA moins et se sont engagés davantage dans le langage et le format de leurs invites (par exemple, le réhabrasage, l'ajustement de la température) a fourni du code avec moins de vulnérabilités de sécurité.Enfin, afin de mieux informer la conception des futurs assistants de code basés sur l'IA, nous fournissons une analyse approfondie des participants & # 8217;Comportement du langage et d'interaction, ainsi que la publication de notre interface utilisateur comme instrument pour mener des études similaires à l'avenir ...
Interesting research: “Do Users Write More Insecure Code with AI Assistants?“: Abstract: We conduct the first large-scale user study examining how users interact with an AI Code assistant to solve a variety of security related tasks across different programming languages. Overall, we find that participants who had access to an AI assistant based on OpenAI’s codex-davinci-002 model wrote significantly less secure code than those without access. Additionally, participants with access to an AI assistant were more likely to believe they wrote secure code than those without access to the AI assistant. Furthermore, we find that participants who trusted the AI less and engaged more with the language and format of their prompts (e.g. re-phrasing, adjusting temperature) provided code with fewer security vulnerabilities. Finally, in order to better inform the design of future AI-based Code assistants, we provide an in-depth analysis of participants’ language and interaction behavior, as well as release our user interface as an instrument to conduct similar studies in the future... |
Vulnerability Studies | ★★★★ | |
|
2024-01-16 16:19:00 | Étude de cas: le monstre de confidentialité des cookies dans le grand commerce mondial Case Study: The Cookie Privacy Monster in Big Global Retail (lien direct) |
Explorez comment une solution avancée de gestion de l'exposition a permis à un grand client de l'industrie du commerce de détail de se terminer sur le pas coquin en raison d'une erreur de configuration dans sa politique de gestion des cookies.Ce n'était rien de malveillant, mais les environnements Web modernes étant si complexes, des erreurs peuvent se produire et les amendes de non-conformité peuvent être à une surveillance. Téléchargez l'étude de cas complète et NBSP; ici.
Enfant,
Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn\'t anything malicious, but with modern web environments being so complex, mistakes can happen, and non-compliance fines can be just an oversight away.Download the full case study here. As a child, |
Studies | ★★★ | |
 |
2024-01-16 14:10:51 | Recherche de point de contrôle: 2023 & # 8211;L'année des méga attaques de ransomwares avec un impact sans précédent sur les organisations mondiales Check Point Research: 2023 – The year of Mega Ransomware attacks with unprecedented impact on global organizations (lien direct) |
> Un stupéfiant 1 organisation sur 10 dans le monde a frappé par de tentatives d'attaques de ransomwares en 2023, augmentant 33% par rapport à l'année précédente, lorsque 1 organisation sur 13 a reçu des attaques de ransomware tout au long de 2023, les organisations du mondeMoyenne, 1158 attaques par organisation par semaine des secteurs de vente au détail / gros ont été témoins d'un pic notable de 22% dans les attaques chaque semaine, par rapport aux tendances mondiales de 2022 dans les cyberattaques.à l'échelle mondiale.Vérifier l'analyse complète des données des données de cyber-attaques, y compris les statistiques pour tous [& # 8230;]
>A Staggering 1 in every 10 organizations worldwide hit by attempted Ransomware attacks in 2023, surging 33% from previous year, when 1 in every 13 organisations received ransomware attacks Throughout 2023, organizations around the world have each experienced over 60,000 attacks on average, 1158 attacks per organization per week Retail/Wholesale sectors witnessed a notable 22% spike in attacks weekly, compared to 2022 Global Trends in Cyberattacks The digital realm continues to be a battleground for cyber security, with 2023 marking another year of relentless cyber attacks globally. Check Point Research’s comprehensive analysis of cyber attack data, including statistics for all […] |
Ransomware Studies | ★★★★ | |
|
2024-01-16 13:45:00 | Courriel Nightmare: 94% des entreprises frappées par des attaques de phishing en 2023 Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023 (lien direct) |
Dans son dernier rapport sur les risques de sécurité par e-mail, Egress a constaté que les entreprises étaient 10% plus affectées négativement par les attaques de phishing en 2023 qu'en 2022
In its latest Email Security Risk Report, Egress found that businesses were 10% more negatively affected by phishing attacks in 2023 than in 2022 |
Studies | ★★★ | |
|
2024-01-16 08:09:50 | Les incidents cyber, en tête du Baromètre des risques d\'Allianz 2024 (lien direct) | Les incidents cyber, en tête du Baromètre des risques d'Allianz 2024 Les violations de données, les attaques contre les infrastructures essentielles ou les biens physiques et les attaques par ransomware, de plus en plus fréquentes, sont les risques cyber les plus préoccupants. L'interruption d'activité demeure à la 2e place, avec 31 % des réponses. Les catastrophes naturelles réalisent la plus forte hausse par rapport à 2023, avec 26 %, et se classent en 3e place. En France, les incidents cyber (44%) et les interruptions d'activité (40%) sont également en tête du classement, suivis par les risques d'incendie et explosion qui grimpent à la 3e place (25%). Le baromètre des risques Allianz explore également les risques de 23 secteurs clés : Transport & logistique (1e Évolutions législatives et réglementaires), Marine & transport maritime (1e ex aequo Incendie, explosion et Vol, fraude et corruption), Aviation (1e Risques politiques), Télécoms (1e Incidents cyber), Ingénierie, construction & immobilier (1e Catastrophes naturelles), Agriculture (1e Changement climatique) ... - Investigations | Ransomware Studies Prediction | ★★★ | |
|
2024-01-12 11:59:43 | Le rapport du CCB met en évidence le paysage cyber-menace en 2023, alors que les attaques hacktiviste et parrainée par l'État augmentent CCB report highlights cyber threat landscape in 2023, as hacktivist and state-sponsored attacks rise (lien direct) |
Le Center for Cybersecurity Belgium (CCB) a révélé que le paysage mondial de la cyber-menace en 2023 continuait d'être ...
The Centre for Cybersecurity Belgium (CCB) disclosed that the global cyber threat landscape in 2023 continued to be... |
Threat Studies | ★★★ | |
|
2024-01-11 15:24:12 | SecurityScoreCard Research: Volt Typhoon compromet 30% des appareils Cisco RV320 / 325 en 37 jours SecurityScorecard Threat Research: Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days (lien direct) |
Recherche de menace de sécurité de sécurité: Volt Typhoon compromet 30% des appareils Cisco RV320 / 325 en 37 jours
-
mise à jour malveillant
SecurityScorecard Threat Research: Volt Typhoon Compromises 30% of Cisco RV320/325 Devices in 37 Days - Malware Update |
Vulnerability Threat Studies | Guam | ★★★★ |
|
2024-01-11 09:27:04 | Étude Netskope Threat Labs : les cybercriminels surfent sur l\'augmentation de 400 % de l\'utilisation d\'applications d\'IA générative par les employés (lien direct) | Étude Netskope Threat Labs : les cybercriminels surfent sur l'augmentation de 400 % de l'utilisation d'applications d'IA générative par les employés Une nouvelle étude détaille la forte croissance de l'adoption de l'intelligence artificielle générative, les risques liés aux applications en cloud, les principales menaces et les adversaires tout au long de l'année 2023. - Investigations | Threat Studies Cloud | ★★★★ | |
|
2024-01-10 15:54:40 | En 2023, plus de la moitié des entreprises ont subi une cyberattaque ou ont été touchées par un incident entraînant une interruption d\'accès à leurs données (lien direct) | En 2023, plus de la moitié des entreprises ont subi une cyberattaque ou ont été touchées par un incident entraînant une interruption d'accès à leurs données • En moyenne, les perturbations informatiques ont engendré des coûts s'élevant à 2,61 millions de dollars par entreprise • 88 % des interrogés reconnaissent que l'IA générative génère des quantités significatives de nouvelles données à protéger • Seuls 28 % des entreprises victimes d'une attaque auraient été entièrement remboursées par leur assurance - Investigations | Studies | ★★★★ | |
|
2024-01-10 15:40:49 | Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023 (lien direct) | Microsoft revient à la première place en tant que marque la plus imitée dans les attaques de phishing pour le quatrième trimestre 2023
Le dernier rapport de phishing de marque de Check Point Research considère Microsoft comme la marque numéro un imite par les cybercriminels avec le secteur de la technologie dominant les dix premiers
-
mise à jour malveillant
/ /
affiche
Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023 The latest Brand Phishing Report from Check Point Research sees Microsoft as the number one impersonated brand by cybercriminals with the technology sector dominating the top ten - Malware Update / affiche |
Studies | ★★★ | |
|
2024-01-09 19:28:27 | 21 % des cyberincidents survenus dans les entreprises en France au cours des deux dernières années ont été provoqués par des employés (lien direct) | 21 % des cyberincidents survenus dans les entreprises en France au cours des deux dernières années ont été provoqués par des employés selon une récente étude menée par Kaspersky - Investigations | Studies | ★★★ | |
|
2024-01-09 14:41:02 | 85 % des plus grandes entreprises de télécommunications ont subi une violation de données de tiers au cours des 12 derniers mois (lien direct) | Un nouveau rapport de SecurityScorecard montre que pas moins de 85 % des plus grandes entreprises de télécommunications aux États-Unis, au Royaume-Uni, en France, en Italie, au Danemark et en Allemagne ont été victimes d'une violation de données par des tiers au cours des 12 derniers mois seulement. - Investigations | Studies | ★★ | |
|
2024-01-09 11:57:12 | L'augmentation préoccupante des attaques centrées sur l'identité: tendances et faits The Concerning Rise in Identity-Centric Attacks: Trends and Facts (lien direct) |
Identity threats are by no means a new type of crime. But in today\'s increasingly digitized world, there are more opportunities for bad actors to steal identities and engage in identity-centric attacks than ever before. Unfortunately, user identities are tough for businesses to protect. The fact that these types of attacks are skyrocketing is evidence of that-in the past year alone the Identity Defined Security Alliance reports that a whopping 84% of companies experienced an identity-related security breach. In this post, we\'ll take a look at identity attack statistics and trends and provide some recent case studies to illustrate how some attacks work. We\'ll also highlight one of the most important identity threat facts-that the human element plays a crucial role in the success of these attacks. Understanding identity-centric attacks There are many types of identity attacks. When most people think of these types of crimes, they often imagine traditional identity theft scenarios: Financial identity theft, where a criminal gains access to a victim\'s financial data, like their credit card details, bank account numbers or Social Security number, to make unauthorized purchases, withdraw funds or open new accounts. Tax identity theft, where a bad actor uses a victim\'s personal information to file false tax returns and claim refunds, diverting the money to their own accounts. Employment identity theft, where a fraudster uses a victim\'s identity to get a job, potentially causing issues for that person when discrepancies arise in their employment and tax records. But identity-based attacks also target enterprises and their online users. The cybercriminals behind these attacks might aim to steal sensitive data, siphon off funds, damage or disrupt systems, deploy ransomware or worse. Those are the types of identity attacks we\'re covering here. Identity threat trends and tactics In short, identity-centric attacks are a practical calculation by bad actors: Why would they invest their time and resources to build exploits to help them get in through a virtual back door when they can just walk through the front door? But before they reap the rewards, they still have some legwork to do. Here are a few techniques that cybercriminals use to progress identity-based attacks against businesses and their users: MFA bypass attacks. Many businesses today use multifactor authentication (MFA) to protect the account of their users. It\'s more secure than using passwords alone. But of course, bad actors have found new ways to bypass commonly used MFA methods. MFA fatigue attacks are one example. People-activated malware. People often give life to malware when they fall for a phishing scam or other social engineering tactics. Malware can appear in the form of a .zip file, QR code, .html link, MS Office file and more-there are at least 60 known techniques to plant people-activated malware on corporate networks. Active Directory (AD) attacks. Most enterprises today use AD as a primary method for directory services like user authentication and authorization. Cybercriminals are keen to target AD, which touches almost every place, person and device on a network. This approach works very well, too-more than half of identity-related breaches can be traced back to AD. Cached credentials harvesting. Cached credentials are commonly stored on endpoints, in memory, in the registry, in a browser or on disk. Attackers use various tools and techniques to collect these credentials and gain access to more privileged identities. Once they have harvested these credentials, they can use them to move laterally and log into different applications. Adversaries are likely to find a good “crop” when they are harvesting cached credentials. Recent research from Proofpoint found that more than one in 10 endpoints have exposed privileged account passwords, making it one of the most common identity risks. Keep in mind that cybercriminals are always innovating, and they are quick to build or adopt tools that | Ransomware Malware Tool Threat Studies | Uber | ★★ |
 |
2024-01-09 09:45:00 | L'étude révèle les cyber-risques aux élections américaines Study reveals cyber risks to US elections (lien direct) |
Identity threats are by no means a new type of crime. But in today\'s increasingly digitized world, there are more opportunities for bad actors to steal identities and engage in identity-centric attacks than ever before. Unfortunately, user identities are tough for businesses to protect. The fact that these types of attacks are skyrocketing is evidence of that-in the past year alone the Identity Defined Security Alliance reports that a whopping 84% of companies experienced an identity-related security breach. In this post, we\'ll take a look at identity attack statistics and trends and provide some recent case studies to illustrate how some attacks work. We\'ll also highlight one of the most important identity threat facts-that the human element plays a crucial role in the success of these attacks. Understanding identity-centric attacks There are many types of identity attacks. When most people think of these types of crimes, they often imagine traditional identity theft scenarios: Financial identity theft, where a criminal gains access to a victim\'s financial data, like their credit card details, bank account numbers or Social Security number, to make unauthorized purchases, withdraw funds or open new accounts. Tax identity theft, where a bad actor uses a victim\'s personal information to file false tax returns and claim refunds, diverting the money to their own accounts. Employment identity theft, where a fraudster uses a victim\'s identity to get a job, potentially causing issues for that person when discrepancies arise in their employment and tax records. But identity-based attacks also target enterprises and their online users. The cybercriminals behind these attacks might aim to steal sensitive data, siphon off funds, damage or disrupt systems, deploy ransomware or worse. Those are the types of identity attacks we\'re covering here. Identity threat trends and tactics In short, identity-centric attacks are a practical calculation by bad actors: Why would they invest their time and resources to build exploits to help them get in through a virtual back door when they can just walk through the front door? But before they reap the rewards, they still have some legwork to do. Here are a few techniques that cybercriminals use to progress identity-based attacks against businesses and their users: MFA bypass attacks. Many businesses today use multifactor authentication (MFA) to protect the account of their users. It\'s more secure than using passwords alone. But of course, bad actors have found new ways to bypass commonly used MFA methods. MFA fatigue attacks are one example. People-activated malware. People often give life to malware when they fall for a phishing scam or other social engineering tactics. Malware can appear in the form of a .zip file, QR code, .html link, MS Office file and more-there are at least 60 known techniques to plant people-activated malware on corporate networks. Active Directory (AD) attacks. Most enterprises today use AD as a primary method for directory services like user authentication and authorization. Cybercriminals are keen to target AD, which touches almost every place, person and device on a network. This approach works very well, too-more than half of identity-related breaches can be traced back to AD. Cached credentials harvesting. Cached credentials are commonly stored on endpoints, in memory, in the registry, in a browser or on disk. Attackers use various tools and techniques to collect these credentials and gain access to more privileged identities. Once they have harvested these credentials, they can use them to move laterally and log into different applications. Adversaries are likely to find a good “crop” when they are harvesting cached credentials. Recent research from Proofpoint found that more than one in 10 endpoints have exposed privileged account passwords, making it one of the most common identity risks. Keep in mind that cybercriminals are always innovating, and they are quick to build or adopt tools that | Studies | ★★ | |
|
2024-01-09 08:06:10 | Adapter ou périr: 60% des membres du conseil d'administration n'ont pas reçu une formation en cyber-résilience suffisante au cours de la dernière année Adapt or Perish: 60% of board members have not received sufficient cyber resilience training in the past year (lien direct) |
Adapter ou périr: 60% des membres du conseil d'administration n'ont pas reçu suffisamment de formation en cyber-résilience au cours de la dernière année par Bob Semple, le renseignement du conseil d'administration et l'Institut de gouvernance d'entreprise
-
rapports spéciaux
Adapt or Perish: 60% of board members have not received sufficient cyber resilience training in the past year by Bob Semple, Board Intelligence and The Corporate Governance Institute - Special Reports |
Studies | ★★ | |
 |
2024-01-08 22:00:59 | Problèmes séculaires au partage d'informations sur la cyber-menace demeure, Age-old problems to sharing cyber threat info remain, IG report finds (lien direct) |
> Sur-classification, un déluge de données et des ressources humaines et technologiques insuffisantes entravent toutes le partage des données de menace.
>Over-classification, a deluge of data and insufficient human and technological resources all hinder the sharing of threat data. |
Threat Studies | ★★★ | |
 |
2024-01-08 17:18:25 | Transparence des LLM : ce qui coince chez OpenAI & Cie (lien direct) | Il y a quelques semaines, Stanford publiait son " index de transparence des modèles de fondation ". Retour sur les points faibles qui en ressortent. | Studies | ★★★★ | |
 |
2024-01-08 13:22:44 | Données empoisonnées, manipulation malveillante: l'étude NIST révèle des vulnérabilités de l'IA Poisoned Data, Malicious Manipulation: NIST Study Reveals AI Vulnerabilities (lien direct) |
> Par waqas
NIST dévoile les informations sur les vulnérabilités de l'IA et les menaces potentielles.
Ceci est un article de HackRead.com Lire le post original: Données empoisonnées, manipulation malveillante: l'étude NIST révèle des vulnérabilités de l'IA
>By Waqas NIST Unveils Insights on AI Vulnerabilities and Potential Threats.w This is a post from HackRead.com Read the original post: Poisoned Data, Malicious Manipulation: NIST Study Reveals AI Vulnerabilities |
Vulnerability Studies | ★★ | |
|
2024-01-08 11:00:00 | Les pirates nord-coréens ont volé 600 millions de dollars en crypto en 2023 North Korean Hackers Stole $600m in Crypto in 2023 (lien direct) |
Les pirates nord-coréens restent efficaces pour voler la crypto-monnaie malgré la croissance de l'action internationale de l'application des lois
North Korean hackers remain effective in stealing cryptocurrency despite growing international law enforcement action |
Studies | ★★★★ |
To see everything:
Our RSS (filtrered)
