What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
Blog.webp 2023-09-11 05:05:00 Rapport de tendance des menaces sur les ransomwares & # 8211;Juillet 2023
Threat Trend Report on Ransomware – July 2023 (lien direct)		 Ce rapport fournit des statistiques sur le nombre de nouveaux échantillons de ransomware, des systèmes ciblés et des entreprises ciblées en juillet 2023, ainsi que des problèmes de ransomware notables en Corée et dans d'autres pays.Tendances clés 1) Plus d'entreprises affectées par l'exploitation des ransomwares de Clop & # 8217;Problèmes
This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in July 2023, as well as notable ransomware issues in Korea and other countries. Key Trends 1) More businesses affected by CLOP ransomware’s exploitation of MOVEit zero-day vulnerability 2) Big Head ransomware disguised as an emergency Windows update 3) Detection names for ransomware disguised as Sophos file ATIP_2023_Jul_Threat Trend Report on Ransomware Statistics and Major Issues 		Ransomware Vulnerability Threat Prediction ★★
Blog.webp 2023-09-11 05:02:48 Rapport de tendance des menaces sur les groupes APT & # 8211;Juillet 2023
Threat Trend Report on APT Groups – July 2023 (lien direct)		 juillet 2023 Problèmes majeurs sur les groupes APT 1) APT28 2) APT29 3) APT31 4) Camouflaged Hunter 5) Chicheur charmant 6) Gamaredon 7) Kimsuky 8) Konni 9) Lazarus 10) Mustang Panda 11) Patchwork 12) Eyes rouges 13) Pirates d'espace 14) Turla 15) ATIP_2023_JUL_JULAT RAPPORT D'APTER LE Rapport sur les APT
July 2023 Major Issues on APT Groups 1) APT28 2) APT29 3) APT31 4) Camouflaged Hunter 5) Charming Kitten 6) Gamaredon 7) Kimsuky 8) Konni 9) Lazarus 10) Mustang Panda 11) Patchwork 12) Red Eyes 13) Space Pirates 14) Turla 15) Unclassified ATIP_2023_Jul_Threat Trend Report on APT Groups 		Threat Prediction APT 38 APT 37 APT 37 APT 35 APT 35 APT 29 APT 29 APT 28 APT 28 APT 31 ★★
Blog.webp 2023-09-11 05:02:13 Rapport sur la tendance du Web Deep et Dark WEB & # 8211;Juillet 2023
Deep Web and Dark Web Threat Trend Report – July 2023 (lien direct)		 Ce rapport de tendance sur le Web Deep et le réseau sombre de juillet 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteur de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.1) Ransomware (1) Alphv (Blackcat) (2) Cactus (3) Clop (4) Monti 2) Forum & # 38;Black Market (1) La vente de Genesis Market (2) Base de données pour violation de la base de données (3) US Medical Institution & # 8217; s Base de données 3) Acteur de menace (1) ...
This trend report on the deep web and dark web of July 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actor. We would like to state beforehand that some of the content has yet to be confirmed to be true. 1) Ransomware (1) ALPHV (BlackCat) (2) Cactus (3) CLOP (4) Monti 2) Forum & Black Market (1) The Sale of Genesis Market (2) BreachedForums Database on Sale (3) US Medical Institution’s Database Breached 3) Threat Actor (1)... 		Ransomware Threat Prediction Medical ★★
Blog.webp 2023-09-11 05:01:36 Rapport de tendance des menaces sur le groupe Kimsuky & # 8211;Juillet 2023
Threat Trend Report on Kimsuky Group – July 2023 (lien direct)		 Les activités de Kimsuky Group & # 8217;diversifie simultanément leurs méthodes d'attaque.De plus, il n'y avait pas de problèmes particuliers concernant les types d'applications et RandomQuery car ils sont désormais moins utilisés.Le type BabyShark qui sera décrit en détail sur ce rapport sera inclus dans les statistiques de juillet.ATIP_2023_JUL_TRÉTERAT RAPPORT DE TRENDE SUR LE GROUPE KIMSUKY
The Kimsuky group’s activities in July 2023 showed that FlowerPower is gaining traction, and the group is simultaneously diversifying their attack methods. Additionally, there were no particular issues regarding AppleSeed and RandomQuery types as they are now less used. The BabyShark type to be described in detail further on this report will be included in the statistics from July thereon. ATIP_2023_Jul_Threat Trend Report on Kimsuky Group 		Threat Prediction ★★
AlienVault.webp 2023-09-07 10:00:00 Le jeu du chat et de la souris: rester en avance sur l'évolution des menaces de cybersécurité
The cat and mouse game: Staying ahead of evolving cybersecurity threats (lien direct)		 The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Cybersecurity threats refer to malicious activities conducted over digital networks, targeting systems, devices, and data. These threats encompass a wide range of attacks, from stealing sensitive information and spreading malware to disrupting critical infrastructure. And their impact extends beyond technical realms. They can and regularly do affect individuals, businesses, and society at large. Individuals face risks of identity theft, financial loss, and invasion of privacy. Businesses can suffer from data breaches, financial damages, and reputational harm. Societal consequences include compromised infrastructure, erosion of trust in digital systems, and potential disruptions to essential services. As technology becomes increasingly integrated into our lives, understanding and addressing cyber threats is crucial for safeguarding personal, economic, and societal well-being. The cat and mouse game will never end, and it’s important to not only be aware of where the good guys stand but what to expect while running your business and trying to stay safe. The dynamic nature of cyber threats The dynamic nature of cyber threats lies in their continuous evolution and adaptation. Cybercriminals are relentless in their pursuit of new vulnerabilities, techniques, and tools to breach systems and compromise data. In response, cybersecurity experts are in a constant race to anticipate and counter emerging threats. They develop advanced security protocols like cloud penetration testing, analyze attack patterns, and collaborate to share threat intelligence. This ongoing battle is marked by innovation on both sides. What cybersecurity pros have at their disposal Cybersecurity professionals employ artificial intelligence, machine learning, and behavioural analytics to predict and detect threats, while cybercriminals use sophisticated social engineering and encryption techniques to evade detection. This tug-of-war highlights the necessity of a proactive approach to cybersecurity. As threats evolve, defenders must not only address current vulnerabilities but also anticipate future attack vectors. The rapid pace of technological change means that cybersecurity is not a one-time investment, but an ongoing commitment to staying updated, adapting strategies, and collaborating across sectors to safeguard digital ecosystems. The evolution of cyber threats The cyber threats that your business is likely to face in the 2020s are much different and far more insidious than they were back in the early days of the internet. The early days We have gone from: Viruses and worms: In the early days of computing, viruses and worms were the first types of cyber threats. They spread through infected files and email attachments, causing damage or disruption to systems. Malware: As technology advanced, so did malware. This category includes various types, such as Trojans, which masquerade as legitimate software, and keyloggers, which record keystrokes to steal sensitive information. Current threats What businesses and individuals must contend with now is shocking and, if you haven’t been following the industry and cyber threat landscape, very frightening. Contemporary threats include: Phishing and social engineering: With the rise of the internet, cybercriminals shifted to tactics that exploit human psychology. Phishing attacks trick users into revealing personal information or click Malware Tool Vulnerability Threat Prediction ★★★
InfoSecurityMag.webp 2023-09-01 13:30:00 Groupe de cyber-espionnage sophistiqué Earthing Exposed
Sophisticated Cyber-Espionage Group Earth Estries Exposed (lien direct)		 Trend Micro a noté que les «œstries de la Terre» employaient des tactiques avancées pour infiltrer les réseaux
Trend Micro noted that “Earth Estries” employed advanced tactics to infiltrate networks		 Prediction ★★★
Trend.webp 2023-09-01 00:00:00 Revisiter le kit de phishing 16Shop, Trend-Interpol Partnership
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership (lien direct)		 Dans cette entrée, nous résumons les analyses de sécurité et les enquêtes effectuées sur le 16shop de phishing en tant que service au fil des ans.Nous décrivons également le partenariat entre Trend Micro et Interpol pour éliminer les principaux administrateurs et serveurs de cette campagne de phishing massive.
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.		 Prediction ★★★
globalsecuritymag.webp 2023-08-30 10:28:07 CERTFR-2023-AVI-0699 : Multiples vulnérabilités dans Trend Micro Mobile Security (30 août 2023) (lien direct) De multiples vulnérabilités ont été découvertes dans Trend Micro Mobile Security. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS). - Vulnérabilités Prediction
Trend.webp 2023-08-29 00:00:00 Le logiciel malveillant Android furtif MMRat effectue une fraude bancaire via de faux magasins d'applications
Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores (lien direct)		 L'équipe MARS (Mobile Application Reputation Service) de Trend Micro a découvert un nouveau cheval de Troie bancaire Android totalement non détecté, baptisé MMRat, qui cible les utilisateurs mobiles d'Asie du Sud-Est depuis fin juin 2023.
The Trend Micro Mobile Application Reputation Service (MARS) team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023.		 Malware Prediction ★★
The_Hackers_News.webp 2023-08-28 16:57:00 Cyberattaques ciblant les applications de commerce électronique
Cyberattacks Targeting E-commerce Applications (lien direct)		 Les cyberattaques contre les applications de commerce électronique sont une tendance courante en 2023, à mesure que les entreprises de commerce électronique deviennent de plus en plus omnicanales, elles créent et déploient de plus en plus d'interfaces API, les acteurs malveillants explorant constamment de nouvelles façons d'exploiter les vulnérabilités.C'est pourquoi des tests réguliers et une surveillance continue sont nécessaires pour protéger pleinement les applications Web, en identifiant les faiblesses afin qu'elles puissent être
Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing and ongoing monitoring are necessary to fully protect web applications, identifying weaknesses so they can be		 Threat Prediction ★★
CVE.webp 2023-08-24 17:15:08 CVE-2023-34973 (lien direct) Il a été rapporté qu'une vulnérabilité d'entropie insuffisante affecte les systèmes d'exploitation QNAP.S'il est exploité, la vulnérabilité permet peut-être aux utilisateurs distants de prédire le secret via des vecteurs non spécifiés. Nous avons déjà corrigé la vulnérabilité dans les versions suivantes: QTS 5.0.1.2425 Build 20230609 et plus tard QTS 5.1.0.2444 Build 20230629 et plus tard Quts Hero H5.1.0.2424 Build 20230609 et plus tard
An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to predict secret via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later		 Vulnerability Prediction
TrendMicro.webp 2023-08-23 00:00:00 Interpol + tendance pour lutter contre les réseaux de cybercriminalité africains
INTERPOL + Trend to Fight African Cybercrime Networks (lien direct)		 Global Threat Intelligence aide à perturber des milliers de réseaux de cybercrimes africains
Global threat intelligence helps to disrupt thousands of African cyber crimes networks		 Threat Prediction ★★
Trend.webp 2023-08-21 00:00:00 Ex-uss CISO explique les agences \\ 'lutte avec Biden Eo
Ex-USSS CISO Explains Agencies\\' Struggle with Biden EO (lien direct)		 Ed Cabrera, ancien CISO des services secrets américains et chef de la cybersécurité actuel pour Trend Micro, explique pourquoi les agences fédérales sont lentes à se conformer au décret exécutif de la cybersécurité de Biden \\.
Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden\'s cybersecurity executive order.		 Prediction ★★
AlienVault.webp 2023-08-16 11:00:00 Proxynation: le lien sombre entre les applications proxy et les logiciels malveillants
ProxyNation: The dark nexus between proxy apps and malware (lien direct)		 Executive summary AT&T Alien Labs researchers recently discovered a massive campaign of threats delivering a proxy server application to Windows machines. A company is charging for proxy service on traffic that goes through those machines. This is a continuation of research described in our blog on Mac systems turned into proxy exit nodes by AdLoad. In this research, Alien Labs identified a company that offers proxy services, wherein proxy requests are rerouted through compromised systems that have been transformed into residential exit nodes due to malware infiltration. Although the proxy website claims that its exit nodes come only from users who have been informed and agreed to the use of their device, Alien Labs has evidence that malware writers are installing the proxy silently in infected systems. In addition, as the proxy application is signed, it has no anti-virus detection, going under the radar of security companies. In this follow up article we explore the dramatic rise in Windows malware delivering the same payload to create a 400,000 proxy botnet. Key takeaways: In just one week AT&T Alien Labs researchers observed more than a thousand new malware samples in the wild delivering the proxy application. According to the proxy website, there are more than 400,000 proxy exit nodes, and it is not clear how many of them were installed by malware. The application is silently installed by malware on infected machines without user knowledge and interaction. The proxy application is signed and has zero anti-virus detection. The proxy is written in Go programming language and is spread by malware both on Windows and macOS. Analysis In the constantly evolving landscape of cyber threats, malicious actors continuously find new and ingenious ways to exploit technology for their own gain. Recently Alien Labs has observed an emerging trend where malware creators are utilizing proxy applications as their tool of choice. Different malware strains are delivering the proxy - relying on users looking for interesting things, like cracked software and games. The proxy is written in the Go programming language, giving it the flexibility to be compiled into binaries compatible with various operating systems, including macOS and Windows. Despite the fact that the binaries originated from the same source code, macOS samples are detected by numerous security checks while the Windows proxy application skirts around these measures unseen. This lack of detection is most likely due to the application being signed. (Figure 1)  proxy on VT  Figure 1. As  on Virus Total: Proxy application – zero detections. After being executed on a compromised system, the malware proceeds to quietly download and install the proxy application. This covert process takes place without requiring any user interaction and often occurs alongside the installation of additional malware or adware elements. The proxy application and most of the malware delivering it are packed using Inno Setup, a free and popular Windows installer. installing proxy silently Figure 2. As observed by Alien Labs: Malware embedded script to install the proxy silently. As shown in the figure 2 above, the malware uses specific Inno Malware Tool Threat Prediction ★★
Blog.webp 2023-08-16 06:46:45 Rapport de tendance des menaces sur les groupes APT & # 8211;Juin 2023
Threat Trend Report on APT Groups – June 2023 (lien direct)		 Tendances du groupe APT & # 8211;Juin 2023 1) Andariel 2) APT28 3) Cadet Blizzard (Dev-0586) 4) Camaro Dragon 5) Chicheau charmant (Mint Sandstorm) 6) Gamaredon (Shuckworm) 7) Ke3Chang (Apt15, Nickel) 8) Kimsuky 9) Lazarus 10) Eau boueuse 11) Mustang Panda 12) Oceanlotus 13) Patchwork (éléphant blanc) 14) REd Eyes (APT37) 15) Sharp Panda 16) Sidecopy 17) Soldat Stealth ATIP_2023_JUN_THREAT Rapport de tendance sur les groupes APT
APT Group Trends – June 2023  1) Andariel 2) APT28 3) Cadet Blizzard (DEV-0586) 4) Camaro Dragon 5) Charming Kitten (Mint Sandstorm) 6) Gamaredon (Shuckworm) 7) Ke3chang (APT15, Nickel) 8) Kimsuky 9) Lazarus 10) Muddy Water 11) Mustang Panda 12) OceanLotus 13) Patchwork (White Elephant) 14) Red Eyes (APT37) 15) Sharp Panda 16) SideCopy 17) Stealth Soldier ATIP_2023_Jun_Threat Trend Report on APT Groups 		Threat Prediction APT 38 APT 37 APT 37 APT 35 APT 35 APT 32 APT 32 APT 28 APT 28 APT 15 APT 15 APT 25 ★★
Blog.webp 2023-08-16 06:46:19 Rapport sur la tendance des menaces Web Deep & Dark & # 8211;Juin 2023
Deep Web & Dark Web Threat Trend Report – June 2023 (lien direct)		 Ce rapport de tendance sur le Web Deep et le réseau sombre de juin 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteur de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.1) Ransomware (1) CLOP (2) Lockbit (3) Snatch (4) groupe RA (5) groupes de ransomwares & # 8217;Recrutement affilié ADS 2) Forum & # 38;Marché noir (1) Le marché du monopole & # 8217; S'exploitant arrêté (2) Suspension des exposés pour pour les forums (3) la renaissance de BreachForums 3) Menace ...
This trend report on the deep web and dark web of June 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actor. We would like to state beforehand that some of the content has yet to be confirmed to be true. 1) Ransomware (1) CLOP (2) LockBit (3) Snatch (4) RA Group (5) Ransomware Groups’ Affiliate Recruitment Ads 2) Forum & Black Market (1) Monopoly Market’s Operator Arrested (2) Suspension of ExposedForums (3) Rebirth of BreachForums 3) Threat... 		Ransomware Threat Prediction ★★
Blog.webp 2023-08-16 06:45:59 Rapport de tendance des menaces sur Kimsuky & # 8211;Juin 2023
Threat Trend Report on Kimsuky – June 2023 (lien direct)		 Les activités du groupe Kimsuk observées en juin 2023 ont montré une légère augmentation du nombre global de domaine entièrement qualifié entièrement qualifiéNoms (FQDN), avec plus de types d'applications détectés par rapport aux activités du groupe en mai.À un moment donné, la fonction de collecte d'informations a été retirée du type de fleurs, mais quelques jours plus tard, les échantillons ont été équipés de ladite fonctionnalité.De plus, le type RandomQuery a montré des tentatives pour se transformer en un nouveau système après mars 2023, mais il semble ...
Activities of the Kimsuky group observed during June 2023 showed a slight increase in the overall number of fully qualified domain names (FQDNs), with more AppleSeed types detected in comparison to the group’s activities in May. At one point, the information collection feature was removed from the FlowerPower type, but a few days later, samples were equipped with the said feature again. Also, the RandomQuery type showed attempts to change into a new system after March 2023, but it seems... 		Threat Prediction ★★
Blog.webp 2023-08-16 06:45:39 Rapport de tendance des menaces sur les ransomwares & # 8211;Juin 2023
Threat Trend Report on Ransomware – June 2023 (lien direct)		 Ce rapport fournit des statistiques sur de nouveaux échantillons de ransomware, des systèmes attaqués et des entreprises ciblées en juin 2023, ainsi queEn tant que problèmes de ransomware notables en Corée et dans d'autres pays.D'autres problèmes et statistiques majeurs pour les ransomwares qui ne sont pas mentionnés dans le rapport peuvent être trouvés en recherchant les mots clés suivants ou via le menu Statistiques de la plate-forme AHNLAB Threat Intelligence (ATIP).Les statistiques des ransomwares en tapant le nombre d'échantillons de ransomware et de systèmes ciblés sont basés sur les noms de détection désignés ...
This report provides statistics on new ransomware samples, attacked systems, and targeted businesses in June 2023, as well as notable ransomware issues in Korea and other countries. Other major issues and statistics for ransomware that are not mentioned in the report can be found by searching for the following keywords or via the Statistics menu at AhnLab Threat Intelligence Platform (ATIP). Ransomware Statistics by Type The number of ransomware samples and targeted systems are based on the detection names designated... 		Ransomware Threat Prediction ★★
AlienVault.webp 2023-08-09 10:00:00 Attention à l'écart (d'interprétation): une autre raison pour laquelle la modélisation des menaces est importante
Mind the (Interpretation) gap: Another reason why threat modeling is important (lien direct)		 The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Where do vulnerabilities fit with respect to security standards and guidelines? Was it a coverage issue or an interpretation and implementation issue? Where does a product, environment, organization, or business vertical fail the most in terms of standards requirements? These questions are usually left unanswered because of the gap between standards or regulations on the one hand, and requirements interpretation and implementation, on the other. Certified products and environments often suffer from security issues that were supposed to be covered by the requirements of the standard. In [1], for instance, the authors give examples of vulnerable products that were IEC 62443 certified. In [2], SANS discusses the case of PCI-certified companies and why they are still being breached. This “interpretation gap,” whether it manifests in the implementation of requirements or in the assessment process, hinders security and leads to the fact that being compliant is not necessarily the same as being secure. Admittedly, the interpretation of guidelines and requirements in standards, which have a descriptive approach in general, is not an easy task. Requirements can be rather generic and wide open to interpretation depending on the context, resources, the current threat landscape, the underlying technologies, etc. Specific requirements might also lead to conflicting interpretations depending on the type of stakeholder, which will inevitably affect the implementation side. Threat modeling is one way to avoid shortcomings (or even possible shortcuts) in the implementation of standards, and the organization\'s own security policies. Think of threat modeling as an enforcement mechanism for the proper implementation of requirements. The reason this is the case is simple; threat modeling thinks of the requirements in terms of relevant threats to the system, and determines mitigations to reduce or completely avoid the associated risks. Consequently, each requirement is mapped to a set of threats and mitigations that covers relevant use cases under specific conditions or context, e.g., what are the trust boundaries, protocols and technologies under use or consideration, third-party interactions, dataflows, data storage, etc. This is becoming a must-have nowadays since, when it comes to technical requirements, the concern about their interpretation still persists even when companies have been audited against them. In the following, the presented data analysis makes the link between disclosed vulnerabilities in Industrial Control Systems (ICS) and the technical requirements reported in the ‘gold standard’ of standards in this area, namely the IEC 62443. It shows the difficulty of satisfying the requirements in broad terms and the need for more specific context and processes. CISA ICS advisories’ mapping The analysis of CISA ICS advisories data, representing close to 2,5K advisories released between 2010 and mid-2023 [3], reveals the extent of the challenge an implementer or an assessor is faced with. Table 1 presents the top weaknesses and the associated count of advisories as well as IEC 62443 requirements’ mapping. Affected sectors, the CVSS severity distribution, and top weaknesses per sector are also reported; in Figures 1 and 2, and Table 2. Table 1. Top weaknesses in CISA’s ICS advisories and their IEC 62443 mapping. Weakness Name Tool Vulnerability Threat Industrial Prediction ★★
GoogleSec.webp 2023-08-08 13:33:00 Chute et zenbleed: Googlers aide à sécuriser l'écosystème
Downfall and Zenbleed: Googlers helping secure the ecosystem (lien direct)		 Tavis Ormandy, Software Engineer and Daniel Moghimi, Senior Research ScientistFinding and mitigating security vulnerabilities is critical to keeping Internet users safe.  However, the more complex a system becomes, the harder it is to secure-and that is also the case with computing hardware and processors, which have developed highly advanced capabilities over the years. This post will detail this trend by exploring Downfall and Zenbleed, two new security vulnerabilities (one of which was disclosed today) that prior to mitigation had the potential to affect billions of personal and cloud computers, signifying the importance of vulnerability research and cross-industry collaboration. Had these vulnerabilities not been discovered by Google researchers, and instead by adversaries, they would have enabled attackers to compromise Internet users. For both vulnerabilities, Google worked closely with our partners in the industry to develop fixes, deploy mitigations and gather details to share widely and better secure the ecosystem.What are Downfall and Zenbleed?Downfall (CVE-2022-40982) and Zenbleed (CVE-2023-20593) are two different vulnerabilities affecting CPUs - Intel Core (6th - 11th generation) and AMD Zen2, respectively. They allow an attacker to violate the software-hardware boundary established in modern processors. This could allow an attacker to access data in internal hardware registers that hold information belonging to other users of the system (both across different virtual machines and different processes). These vulnerabilities arise from complex optimizations in modern CPUs tha Vulnerability Prediction Cloud ★★
DarkReading.webp 2023-08-08 00:54:00 Les utilisateurs d'Apple voient Big Mac Attack, explique Accenture
Apple Users See Big Mac Attack, Says Accenture (lien direct)		 L'unité du renseignement du cyber-menace d'Accenture \\ a observé une augmentation dix fois des acteurs de la menace du Web sombre ciblant les macos depuis 2019, et la tendance est prête à se poursuivre.
Accenture\'s Cyber Threat Intelligence unit has observed a tenfold rise in Dark Web threat actors targeting macOS since 2019, and the trend is poised to continue.		 Threat Prediction ★★
Trend.webp 2023-08-07 00:00:00 Les dernières campagnes Batloader utilisent Pyarmor Pro pour l'évasion
Latest Batloader Campaigns Use Pyarmor Pro for Evasion (lien direct)		 En juin 2023, Trend Micro a observé une mise à niveau des techniques d'évasion utilisées par le malware d'accès initial d'accès Batloader, que nous avons couvert dans les entrées de blog précédentes.
In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we\'ve covered in previous blog entries.		 Prediction ★★
globalsecuritymag.webp 2023-08-01 20:21:32 GuardZ identifie les nouveaux logiciels malveillants macOS HVNC, révélant la tendance émergente des outils d'attaque de macOS en tant que service
Guardz Identifies New macOS hVNC Malware, Revealing Emerging Trend of macOS Attack-as-a-Service Tools (lien direct)		 Guardz identifie les nouveaux logiciels malveillants MacOS HVNC, révélant la tendance émergente des outils d'attaque macOS en tant que service Pour la deuxième fois en un mois, l'équipe de recherche GuardZ révèle l'existence d'un autre logiciel malveillant ciblant les appareils MacOS disponibles sur le Web Dark, qui permet aux acteurs malveillants d'obtenir un accès furtif et continu aux systèmes infectés - mise à jour malveillant
Guardz Identifies New macOS hVNC Malware, Revealing Emerging Trend of macOS Attack-as-a-Service Tools For the second time in one month, the Guardz research team discloses the existence of another malware targeting macOS devices available on the dark web, which enables malicious actors to obtain stealthy and continuous access to infected systems - Malware Update		 Malware Tool Prediction ★★
DarkReading.webp 2023-07-31 14:00:00 Meilleures pratiques pour la sécurité privée de l'entreprise 5G
Best Practices for Enterprise Private 5G Security (lien direct)		 Les dernières recherches d'Omdia \\ avec Trend Micro et CTone mettent la lumière sur les défis de sécurité 5G et les moyens d'étendre efficacement la sécurité de qualité d'entreprise vers les réseaux 5G
Omdia\'s latest research with Trend Micro and CTOne sheds light on 5G security challenges and ways to effectively extend enterprise-grade security to 5G networks		 Prediction ★★
Trend.webp 2023-07-28 00:00:00 Cherryblos connexes et logiciels malveillants Android associés impliqués dans des campagnes d'escroquerie
Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns (lien direct)		 L'équipe du Service de réputation d'application mobile de Trend Micro \'s Mobile a découvert deux nouvelles familles de logiciels malveillants Android impliqués dans des crypto-monnaies et des campagnes d'escroquerie motivées financièrement ciblant les utilisateurs d'Android.
Trend Micro\'s Mobile Application Reputation Service (MARS) team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users.		 Malware Mobile Prediction ★★
GoogleSec.webp 2023-07-27 12:01:55 Les hauts et les bas de 0 jours: une année en revue des 0 jours exploités dans le monde en 2022
The Ups and Downs of 0-days: A Year in Review of 0-days Exploited In-the-Wild in 2022 (lien direct)		 Maddie Stone, Security Researcher, Threat Analysis Group (TAG)This is Google\'s fourth annual year-in-review of 0-days exploited in-the-wild [2021, 2020, 2019] and builds off of the mid-year 2022 review. The goal of this report is not to detail each individual exploit, but instead to analyze the exploits from the year as a whole, looking for trends, gaps, lessons learned, and successes. Executive Summary41 in-the-wild 0-days were detected and disclosed in 2022, the second-most ever recorded since we began tracking in mid-2014, but down from the 69 detected in 2021.  Although a 40% drop might seem like a clear-cut win for improving security, the reality is more complicated. Some of our key takeaways from 2022 include:N-days function like 0-days on Android due to long patching times. Across the Android ecosystem there were multiple cases where patches were not available to users for a significant time. Attackers didn\'t need 0-day exploits and instead were able to use n-days that functioned as 0-days. Tool Vulnerability Threat Prediction Conference ★★★
The_Hackers_News.webp 2023-07-26 16:23:00 La montée alarmante des infostelleurs: comment détecter cette menace silencieuse
The Alarming Rise of Infostealers: How to Detect this Silent Threat (lien direct)		 Une nouvelle étude menée par les hautstycs a révélé une augmentation frappante de la distribution des logiciels malveillants de vol d'informations (A.K.A.Les incidents ont plus que doublé au premier trimestre 2023, indiquant une tendance alarmante qui menace les organisations mondiales. Selon le nouveau livre blanc Uptycs \\ ', les voleurs sont des tueurs d'organisations, une variété de nouveaux voleurs d'informations ont émergé cette année, en préparation
A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new Uptycs\' whitepaper, Stealers are Organization Killers, a variety of new info stealers have emerged this year, preying		 Threat Studies Prediction ★★
DarkReading.webp 2023-07-25 16:39:24 \\ 'fraudegpt \\' chatbot malveillant maintenant à vendre sur Dark Web
\\'FraudGPT\\' Malicious Chatbot Now for Sale on Dark Web (lien direct)		 L'offre générative basée sur l'abonnement et générateur AI se joint à une tendance croissante vers le "jailbreaking générateur d'IA" pour créer des outils de copie pour les cyberattaques.
The subscription-based, generative AI-driven offering joins a growing trend toward "generative AI jailbreaking" to create ChatGPT copycat tools for cyberattacks.		 Tool Prediction ChatGPT ChatGPT ★★
globalsecuritymag.webp 2023-07-24 12:57:59 Trend Micro annonce Trend Vision One – Endpoint Security. (lien direct) #VisionOne #endpoint #Security • La nouvelle offre EPP-EDR Trend Vision One - Endpoint Security vient enrichir la plateforme unifiée de cybersécurité Vision One ™, conçue pour consolider le management, la protection, la détection, la réponse de toutes les briques de sécurité et simplifier les opérations de sécurité sur une console unique. • Vision One™ couvre la gestion des risques des emails, des endpoints, des serveurs, des workloads cloud, de l'OT et de la 5G. - Produits Prediction ★★
Trend.webp 2023-07-24 00:00:00 Trend Vision One ™ - un chemin de consolidation de cybersécurité
Trend Vision One™ - A Cybersecurity Consolidation Path (lien direct)		 Une approche unique offre une valeur supérieure à la somme de ses parties
A single-platform approach delivers value greater than the sum of its parts		 Prediction ★★
AlienVault.webp 2023-07-20 10:00:00 Protéger les infrastructures énergétiques des cyberattaques
Protecting energy infrastructure from cyberattacks (lien direct)		 The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In the current geopolitical climate, the energy sector, which powers our modern society - from homes and businesses to critical infrastructure and national defense systems, finds itself under the growing threat of cyberattacks. With the energy sector\'s growing dependence on digital technologies and interconnectivity, the attack surface for cybercriminals has expanded. This situation is further complicated by incidents such as the SolarWinds and Colonial Pipeline attacks years ago, which compromised numerous value chains, along with recent escalations in cyber threats. These circumstances highlight the urgent need for a robust and proactive cybersecurity strategy in the energy sector. Why the energy sector is vulnerable According to McKinsey, the energy sector is particularly vulnerable to cyber threats due to several characteristics that amplify the risk and impact of attacks against utilities: The threat landscape has expanded, with nation-state actors, sophisticated players, cybercriminals, and hacktivists targeting infrastructure providers. This diverse range of threat actors poses varying levels of sophistication and potential disruptions to electric power and gas operations. The geographically distributed nature of organizations\' infrastructure further complicates cybersecurity efforts. Maintaining visibility across both information technology (IT) and operational technology (OT) systems becomes challenging, not only within utility-controlled sites but also in consumer-facing devices that may contain cyber vulnerabilities, thereby compromising revenue or the overall security of the grid. The organizational complexity of the energy sector exposes vulnerabilities to cyberattacks. Utilities often rely on multiple business units responsible for different aspects of energy generation, transmission, and distribution. This diversity introduces separate IT and OT policy regimes, making it difficult to ensure the network\'s overall security. To illustrate the potential impact across the entire value chain, it\'s worth noting that electric organizations, in particular, could face cyber threats capable of disrupting various stages, including generation, transmission, distribution, and network segments. Generation stage: Potential disruptions in this stage could stem from service interruptions and ransomware attacks targeting power plants and clean-energy generators. The primary vulnerabilities lie in legacy generation systems and clean-energy infrastructure that were not originally designed with cybersecurity in mind. Transmission stage: The large-scale disruption of power to consumers could occur through remote disconnection of services. This is possible due to physical security weaknesses that allow unauthorized access to grid control systems, leading to potential disruptions. Distribution stage: Disruptions at substations could result in regional service loss and customer disruptions. The root cause of such disruptions can be traced back to distributed power systems and the limited security built into Supervisory Control and Data Acquisition (SCADA) systems. Network stage: Cyber threats at this stage could lead to the theft of customer information, fraudulent activities, and service disruptions. These threats are driven by the extensive attack surface presented by Internet of Things (IoT) devices, including smart meters and electric vehicles. Recommendations for enhancing cybersecurity in the energy Sector To further strengthen cybersecurity practices in the ene Ransomware Spam Vulnerability Threat Prediction ★★★★
The_Hackers_News.webp 2023-07-18 18:28:00 Entités pakistanaises ciblées dans une attaque sophistiquée déploiement de l'ombre malveillante
Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware (lien direct)		 Un acteur de menace non identifié a compromis une application utilisée par plusieurs entités au Pakistan pour livrer Shadowpad, un successeur à la porte dérobée Plugx qui est généralement associée aux équipes de piratage chinois. Les objectifs comprenaient une entité gouvernementale pakistanaise, une banque du secteur public et un fournisseur de télécommunications, selon Trend Micro.Les infections ont eu lieu entre la mi-février 2022 et
An unidentified threat actor compromised an application used by multiple entities in Pakistan to deliver ShadowPad, a successor to the PlugX backdoor that\'s commonly associated with Chinese hacking crews. Targets included a Pakistan government entity, a public sector bank, and a telecommunications provider, according to Trend Micro. The infections took place between mid-February 2022 and		 Malware Threat Prediction ★★
RecordedFuture.webp 2023-07-17 21:00:00 TJ Maxx, Shutterfly, Tomtom Dernières organisations pour confirmer les violations Moveit
TJ Maxx, Shutterfly, TomTom latest organizations to confirm MOVEit breaches (lien direct)		 Plus de 350 organisations ont déclaré avoir accédé ou volée aux données après une vulnérabilité exploitée dans le logiciel de transfert de fichiers Moveit largement utilisé, avec une série de nouvelles entreprises et d'établissements d'enseignement confirmant qu'ils ont été touchés ces derniers jours.Le gang de ransomware CloP a poursuivi sa tendance à ajouter de nouvelles victimes à son
More than 350 organizations have said they had data accessed or stolen after a vulnerability was exploited in the widely-used MOVEit file transfer software, with a slew of new companies and educational institutions confirming they were affected in recent days. The Clop ransomware gang on Monday continued its trend of adding new victims to its		 Ransomware Vulnerability Prediction ★★
Trend.webp 2023-07-17 00:00:00 Prendre le combat aux cybercriminels
Taking the Fight to the Cyber-Criminals (lien direct)		 Trend Micro et Interpol collaborent pour créer un monde numérique plus sûr
Trend Micro and INTERPOL collaborate to create a safer digital world		 Prediction ★★
RecordedFuture.webp 2023-07-14 16:43:00 Les pirates ciblent le gouvernement pakistanais, le fournisseur de banques et de télécommunications avec des logiciels malveillants de fabrication en Chine
Hackers target Pakistani government, bank and telecom provider with China-made malware (lien direct)		 Un groupe de pirates inconnu a compromis une application gouvernementale pakistanaise pour infecter les victimes du malware de ShadowPad lié à la Chine, ont révélé des chercheurs.La société de cybersécurité Trend Micro a identifié trois entités au Pakistan ciblées par Shadowpad l'année dernière: une agence gouvernementale anonyme, une banque d'État et un fournisseur de télécommunications.Les chercheurs pensent qu'il peut s'agir d'une attaque de la chaîne d'approvisionnement,
An unknown hacker group compromised a Pakistani government app to infect victims with the China-linked Shadowpad malware, researchers have found. Cybersecurity firm Trend Micro identified three entities in Pakistan targeted by Shadowpad last year: an unnamed government agency, a state bank and a telecommunications provider. The researchers believe it may have been a supply-chain attack,		 Malware Prediction ★★★
InfoSecurityMag.webp 2023-07-14 13:00:00 Backdoor préférée de l'APT chinois trouvé dans l'application du gouvernement pakistanais
Chinese APT Favorite Backdoor Found in Pakistani Government App (lien direct)		 Trend Micro a trouvé une porte dérobée précédemment exploitée par divers acteurs de menaces chinoises dans une application populaire utilisée par les agences gouvernementales du Pakistan
Trend Micro found a backdoor previously exploited by various Chinese threat actors in a popular application used by Pakistan\'s government agencies		 Threat Prediction ★★
DarkReading.webp 2023-07-11 15:06:00 Code d'exploitation de bug de VMware critique publié dans la nature
Critical VMware Bug Exploit Code Released Into the Wild (lien direct)		 Le code d'exploit a été porté à l'attention de VMware par un chercheur anonyme, en tandem avec l'initiative Trend Micro Zero Day.
The exploit code was brought to VMware\'s attention by an anonymous researcher, in tandem with the Trend Micro Zero Day Initiative.		 Prediction ★★
Checkpoint.webp 2023-07-11 14:00:48 Abaisser la barre (D)?Vérifier l'analyse de la sécurité de la recherche sur les préoccupations concernant les limites de Google Bard \\
Lowering the Bar(d)? Check Point Research\\'s security analysis spurs concerns over Google Bard\\'s limitations (lien direct)		 > Faits saillants: Check Point Research (CPR) publie une analyse de la plate-forme AI générative de Google \\ 'Bard \', surfaisant plusieurs scénarios où la plate-forme permet aux cybercriminels \\ 'les efforts malveillantsPour générer des e-mails de phishing, les keyloggers malware et le code de base du code Ransomware continueront de surveiller cette tendance et les développements inquiétants dans ce domaine, et rapportera davantage les antécédents & # 8211;L'essor des machines intelligentes La révolution de l'IA générative a déclenché un changement de paradigme dans le domaine de l'intelligence artificielle, permettant aux machines de créer et de générer du contenu avec une sophistication remarquable.L'IA générative fait référence au sous-ensemble de modèles et d'algorithmes d'IA qui [& # 8230;]
>Highlights: Check Point Research (CPR) releases an analysis of Google\'s generative AI platform \'Bard\', surfacing several scenarios where the platform permits cybercriminals\' malicious efforts Check Point Researchers were able to generate phishing emails, malware keyloggers and basic ransomware code CPR will continue monitoring this worrying trend and developments in this area, and will further report Background – The rise of intelligent machines The revolution of generative AI has sparked a paradigm shift in the field of artificial intelligence, enabling machines to create and generate content with remarkable sophistication. Generative AI refers to the subset of AI models and algorithms that […] 		Ransomware Malware Prediction ★★★
InfoSecurityMag.webp 2023-07-10 15:30:00 Android OS Tools Fuel Cybercrime Spree, proie des utilisateurs numériques
Android OS Tools Fuel Cybercrime Spree, Prey on Digital Users (lien direct)		 Selon la réécurité, la tendance pose des défis pour les banques et les systèmes de paiement en ligne
According to Resecurity, the trend poses challenges for online banking and payment systems		 Prediction ★★
Blog.webp 2023-07-07 02:33:56 Rapport sur la tendance des menaces Web Deep & Dark & # 8211;Mai 2023
Deep Web & Dark Web Threat Trend Report – May 2023 (lien direct)		 Ce rapport de tendance sur le Web Deep et le Web Dark de mai 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteur de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.Ransomware & # 8211;Alphv (Blackcat) & # 8211;Akira & # 8211;Bianlian & # 8211;RA Groupe & # 8211;Royal Forum & # 38;Marché noir & # 8211;Les criminels liés à la drogue ont appréhendé les informations collectées à la suite de la fermeture du marché du monopole & # 8211;RAIDFORUMS & # 8217; s Base de données a divulgué l'acteur de menace & # 8211;...
This trend report on the deep web and dark web of May 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actor. We would like to state beforehand that some of the content has yet to be confirmed to be true. Ransomware –  ALPHV (BlackCat) –  Akira –  BianLian –  RA Group –  Royal Forum & Black Market –  Drug-related Criminals Apprehended Through Information Collected Following the Shutdown of Monopoly Market –  RaidForums’s Database Leaked Threat Actor – ... 		Ransomware Threat Prediction ★★
Blog.webp 2023-07-07 02:33:29 Rapport de tendance des menaces sur les groupes APT & # 8211;Mai 2023
Threat Trend Report on APT Groups – May 2023 (lien direct)		 Les cas de grands groupes APT pour le mai 2023 réunis à partir de documents rendus publics par des sociétés de sécurité et des institutions sont comme commesuit.& # 8211;Agrius & # 8211;Andariel & # 8211;APT28 & # 8211;APT29 & # 8211;APT-C-36 (Blind Eagle) & # 8211;Camaro Dragon & # 8211;CloudWizard & # 8211;Earth Longzhi (APT41) & # 8211;Goldenjackal & # 8211;Kimsuky & # 8211;Lazarus & # 8211;Lancefly & # 8211;Oilalpha & # 8211;Red Eyes (Apt37, Scarcruft) & # 8211;Sidecopy & # 8211;Sidewinder & # 8211;Tribu transparente (APT36) & # 8211;Volt Typhoon (Silhouette de bronze) ATIP_2023_MAY_TRADEAT Rapport sur les groupes APT_20230609
The cases of major APT groups for May 2023 gathered from materials made public by security companies and institutions are as follows. – Agrius – Andariel – APT28 – APT29 – APT-C-36 (Blind Eagle) – Camaro Dragon – CloudWizard – Earth Longzhi (APT41) – GoldenJackal – Kimsuky – Lazarus – Lancefly – OilAlpha – Red Eyes (APT37, ScarCruft) – SideCopy – SideWinder – Transparent Tribe (APT36) – Volt Typhoon (Bronze Silhouette) ATIP_2023_May_Threat Trend Report on APT Groups_20230609 		Threat Prediction APT 41 APT 38 APT 37 APT 37 APT 29 APT 29 APT 28 APT 28 APT 36 APT 36 Guam Guam APT-C-17 APT-C-17 GoldenJackal GoldenJackal APT-C-36 ★★★
Blog.webp 2023-07-07 02:33:04 CVE TREND RAPPORT & # 8211;Mai 2023
CVE Trend Report – May 2023 (lien direct)		 suite à la récente abus de vulnérabilités dans diverses distributions et attaques de logiciels malveillants, il devient de plus en plus crucial pour détecter dire ditinformations tôt.Zero-day et d'autres vulnérabilités se propagent généralement plus rapidement dans les réseaux sociaux.Sur la base des informations collectées via l'infrastructure interne, les tendances des vulnérabilités actuellement sous les projecteurs sont fournies via les services ATIP.De plus, ATIP offre des informations sur lesdites vulnérabilités & # 8217;Caractéristiques et contre-mesures grâce à des coupures de presse connexes, des notes de l'ASEC, des rapports d'analyse, des avis de sécurité, etc.Ce rapport présente ...
Following the recent abuse of vulnerabilities in various malware distributions and attacks, it is becoming more crucial to detect said information early on.  Zero-day and other various vulnerabilities are typically spread faster through social networks. Based on the information collected through in-house infrastructure, trends on vulnerabilities currently in the spotlight are provided through ATIP services. Additionally, ATIP offers information on said vulnerabilities’ characteristics and countermeasures through related News Clippings, ASEC Notes, analysis reports, security advisories, and more. This report introduces... 		Malware Prediction ★★★
Blog.webp 2023-07-07 02:32:40 Rapport de tendance des menaces sur les ransomwares & # 8211;Mai 2023
Threat Trend Report on Ransomware – May 2023 (lien direct)		 Ce rapport fournit des statistiques sur de nouveaux échantillons de ransomware, des systèmes attaqués et des entreprises ciblées en mai 2023, ainsi queEn tant que problèmes de ransomware notables en Corée et dans d'autres pays.D'autres problèmes et statistiques majeurs pour les ransomwares qui ne sont pas mentionnés dans le rapport peuvent être trouvés en recherchant les mots clés suivants ou via le menu Statistiques de la plate-forme AHNLAB Threat Intelligence (ATIP).& # 8211;Ransomware & # 8211;Les statistiques par type le nombre d'échantillons de ransomware et de systèmes ciblés sont basés sur la détection ...
This report provides statistics on new ransomware samples, attacked systems, and targeted businesses in May 2023, as well as notable ransomware issues in Korea and other countries. Other major issues and statistics for ransomware that are not mentioned in the report can be found by searching for the following keywords or via the Statistics menu at AhnLab Threat Intelligence Platform (ATIP). – Ransomware – Statistics by Type The number of ransomware samples and targeted systems are based on the detection... 		Ransomware Threat Prediction ★★
Blog.webp 2023-07-07 02:32:15 Rapport de tendance des menaces sur Kimsuky & # 8211;Mai 2023
Threat Trend Report on Kimsuky – May 2023 (lien direct)		 Les activités du groupe Kimsuk ont augmenté légèrement par rapport à leurs activités en avril en avril.De plus, de nouveaux domaines de niveau supérieur (TLD) ont commencé à être détectés, et il y a eu de petits changements dans les codes.Figure 1. Statistiques FQDN par type d'attaque au cours des 3 derniers mois (unité: chacun) ATIP_2023_MAY_TRADEAT Rapport de tendance sur le groupe Kimsuk
The Kimsuky group’s activities in May 2023 had increased slightly in comparison to their activities in April. Also, new top-level domains (TLDs) have begun to be detected, and there were small changes to the codes.  Figure 1. FQDN statistics by attack type in the last 3 months (Unit: each) ATIP_2023_May_Threat Trend Report on Kimsuky Group 		Threat Prediction ★★
AlienVault.webp 2023-07-05 10:00:00 Naviguer dans le paysage de la cyber-assurance en tant que citoyen numérique de la génération Z
Navigating the Cyber Insurance landscape as a Gen Z digital citizen (lien direct)		 The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In the modern world, cybersecurity and cyber insurance go hand in hand. As we head into the future and the presence of AI in every part of your life grows, so will the responsibilities that need to be taken to ensure security and peace of mind regarding your data and personally identifiable information. As the relatively new cyber insurance industry gets on its feet, it will become more accessible to everyday life, and that trend is already emerging. Teens already are involved in many insurance policies (car, life, health, etc.), so why not add cyber to that and bring the extra reassurance that you are protected against any new threats that could come up? Insurance is put in place to mitigate your risk against external factors that could cause harm to you, your business, or other entities. Cyber insurance is a sub-industry of this and helps reduce risks from ransomware, data breaches, lawsuits, and more. As more industry gears towards individual cyber insurance, we will likely see policies shifting towards protecting against individual data loss and possible foul play. Cyber insurance is a crucial tool for managing risks in a modern environment. With it, customers can expect to mitigate risks in extortion, identity theft, cybercrimes, and data breaches. For example, if you were sent a phishing email asking for banking information, you click on it, enter your details, and fall victim to a common scam. You get a wire confirmation not long after. If your policy included wire fraud coverage, you would receive adequate compensation for these problems. This same experience can apply to many other situations and problems. It could range from general cybercrime to identity theft, the commonality being that you would be covered and reimbursed for any associated losses. However, because this insurance genre is so new, every policy is tailored to the individual buyer, so each problem has certain exceptions. To get the best coverage and risk mitigation, you must understand the most important thing for you and your family in an ever-evolving world. What is Cybersecurity Insurance? Cyber insurance is a policy that protects you and your personal information online. It\'s a way to recover if you\'re hacked or experience a data breach. Cyber insurance could cover the cost of repairing your computer, restoring data, and defending yourself if attacked. Cyber insurance is vital because cyber-attacks are becoming increasingly common. How does it work? Cyber insurance is like any other type of insurance policy where you pay a monthly or yearly premium to a company, and in return, they cover damages that may occur. In the case of cyber insurance, the policies can vary depending on what you need to be covered. Coverage could include cybercrime, extortion, online identity theft, and data breaches. There are different levels of coverage, such as liability and loss of reputation, when companies suffer data breaches that compromise their customers\' personal information. Overall, cyber insurance is an essential safeguard against cyber threats. A cyber-attack can happen to anyone, and the costs can be staggering. Victims will have to contend with the financial burden without cyber insurance. AI in the modern era and Cyber Insurance As technology advances, the threat of AI-driven attacks looms over businesses and consumers alike, making cyber insurance a vital consideration for anyone looking to protect themselves from the consequences of an attack. We, as students, wanted to get an industry experts view on this topic as well, so we sat down with Eric Wistrand, CTO of Couch Braunsdorf Insurance Agency, to discuss the increasing relevance of cyber insurance in modern-day markets as AI ramps up and cybercrime becomes more prevalent.    &nbs Malware Tool Threat Prediction ★★
globalsecuritymag.webp 2023-07-05 09:46:09 Blackfog: Moveit Attack et CloP Variant Fuels Forges in Ransomware Attacks in Second le plus High Mois Record Record
Blackfog: MOVEit attack and CLOP variant fuels surge in ransomware attacks in second highest month on record (lien direct)		 Le Dr Darren Williams, PDG de Blackfog, note qu '«après un record de tous les temps en mai, juin voit une continuation de cette tendance avec le deuxième plus grand nombre d'attaques de ransomwares enregistrées avec 46 divulguées publiquement, et un record 396 non divulguésattaques.Cela représente un rapport de 8,6: 1 des attaques non déclarées aux attaques signalées, ou 860% non signalés, alimentés en partie par l'attaque Moveit et la variante des ransomwares CLOP. - mise à jour malveillant
Dr Darren Williams, CEO of Blackfog, notes that “After an all-time record in May, June sees a continuation of this trend with the second highest number of ransomware attacks on record with 46 publicly disclosed, and a record 396 undisclosed attacks. This represents a ratio of 8.6:1 of unreported to reported attacks, or 860% going unreported, fuelled in part by the MOVEit attack and the CLOP ransomware variant. - Malware Update		 Ransomware Prediction ★★
InfoSecurityMag.webp 2023-07-04 14:30:00 OT ACTES Priorité élevée aux dirigeants de la sécurité alors que les menaces industrielles se profilent
OT Assets High Priority for Security Leaders as Industrial Threats Loom (lien direct)		 Une étude du SANS Institute et Trend Micro a trouvé des écarts majeurs entre l'informatique et la visibilité des actifs OT au sein des organisations
A study by the SANS Institute and Trend Micro found major discrepancies between IT and OT asset visibility within organizations		 Industrial Prediction ★★
RecordedFuture.webp 2023-07-03 17:09:00 Les pirates chinois ciblent les ambassades européennes avec une technique de contrebande HTML
Chinese hackers target European embassies with HTML smuggling technique (lien direct)		 Les cyber-espions chinois ont ciblé les ministères des Affaires étrangères et les ambassades des États européens au cours des derniers mois, selon de nouvelles recherches.La campagne d'espionnage «représente une tendance plus importante au sein de l'écosystème chinois, soulignant un passage à la ciblage des entités européennes, en mettant l'accent sur leur politique étrangère», chercheurs de Check Point a déclaré lundi.Le
Chinese cyber spies have been targeting the foreign affairs ministries and embassies of European states in recent months, according to new research. The espionage campaign “represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting European entities, with a focus on their foreign policy,” researchers from Check Point said Monday. The		 Prediction ★★
The_Hackers_News.webp 2023-07-03 10:16:00 Opérateurs BlackCat distribuant des ransomwares déguisés en winSCP via malvertising
BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising (lien direct)		 Les acteurs de menace associés au ransomware BlackCat ont été observés en utilisant des astuces de malvertising pour distribuer des installateurs voyous de l'application de transfert de fichiers WinSCP. "Les acteurs malveillants ont utilisé le malvertising pour distribuer un élément de malware via des pages Web clonées d'organisations légitimes", a déclaré Trend Micro Researchers dans une analyse publiée la semaine dernière."Dans ce cas, la distribution
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Trend Micro researchers said in an analysis published last week. "In this case, the distribution		 Ransomware Malware Threat Prediction ★★★
Checkpoint.webp 2023-07-03 09:46:57 Acteurs de menace chinoise ciblant l'Europe dans la campagne Smugx
Chinese Threat Actors Targeting Europe in SmugX Campaign (lien direct)		 > Introduction Au cours des deux derniers mois, Check Point Research (RCR) a suivi l'activité d'un acteur de menace chinois ciblant les ministères et les ambassades des affaires étrangères en Europe.Combiné avec d'autres activités chinoises précédemment rapportées par Check Point Research, cela représente une tendance plus large dans l'écosystème chinois, pointant un passage au ciblage [& # 8230;]
>Introduction In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting […] 		Threat Prediction ★★
Last update at: 2024-06-16 09:10:46
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter