What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-31 19:54:12 | An Overview of the Netskope AWS CloudTrail Lake Integration (lien direct) | >Following the recent AWS CloudTrail Lake announcement, this blog will guide you through how to configure a Netskope Cloud Exchange instance to send Netskope user access logs to AWS CloudTrail Lake using the Cloud Log Shipper (CLS) module and the CLS plugin developed for CloudTrail Lake. Cloud Exchange (deployed in Amazon ECS on Fargate) can […] | ★★ | ||
|
2023-01-27 18:26:29 | 5 Tips To Keep in Mind for Data Privacy Day (lien direct) | >No matter what industry you're in, data privacy is an issue that impacts you. And when it comes to being safe online with sensitive data, whether that's your personal data or sensitive data that is important to your organization, being informed is the first step. With that in mind, ahead of Data Privacy Day on […] | Studies | ★★★ | |
|
2023-01-26 17:08:48 | NewEdge is a SASE-ready Infrastructure that is Second to None (lien direct) | >Cloud security, let alone SASE, doesn't work without the underlying infrastructure that provides a consistent “baseload” to deliver the security capabilities integral to protecting users, sites, apps, and most importantly the data. This is more important than ever with security a board-level priority and organizations confronted with an ever-growing number of risks, ranging from the […] | ★★ | ||
|
2023-01-25 15:00:00 | The Best Strategies for Security and Technology Leaders Managing in a Hybrid Work World (lien direct) | >It should come as no surprise to anyone who has lived through the last three years that the way we work has changed drastically. The onset of the COVID-19 pandemic forced organizations to figure out how to better enable their employees to work from home securely and easily. The result was an acceleration of trends […] | ★★ | ||
|
2023-01-25 07:00:00 | The Security Implications of A Digital Twin (lien direct) | >Digital twins are digital replicas of physical assets, processes, and systems, and they are used to perform simulations and analysis to optimise the real-world performance of those assets, processes, or systems. They have become increasingly popular in many industries, including manufacturing, healthcare, and transportation. However, as digital twins become more prevalent, it is important to […] | ★★ | ||
|
2023-01-20 15:00:00 | ChatGPT: Dispelling FUD, Driving Awareness About Real Threats (lien direct) | >Summary ChatGPT is an artificial intelligence chatbot created by OpenAI, reaching 1 million users at the end of 2022. It is able to generate fluent responses given specific inputs. It is a variant of the GPT (Generative Pre-trained Transformer) model and, according to OpenAI, it was trained by mixing Reinforcement Learning from Human Feedback (RLHF) […] | ChatGPT | ★★★ | |
|
2023-01-19 19:57:37 | Cloud Threats Memo: Threat Actors Continue to Abuse Cloud Services to Deliver Malware in 2023 (lien direct) | >Our most recent Cloud and Threat Report highlighted how threat actors abuse cloud services (with a special focus on cloud storage apps) to deliver malicious content (and yes, OneDrive leads the chart of the most exploited apps). To confirm that this trend will likely continue in 2023, researchers at Trend Micro have discovered an active […] | Malware Threat Guideline Prediction | ★★★ | |
|
2023-01-18 07:00:00 | The Impact of AI on Cybersecurity: Balancing the Risks and Opportunities (lien direct) | >As artificial intelligence (AI) advances, I am seeing a lot of discussion on LinkedIn and in the online media about the advantages it may bring for either the threat actors (“batten down the hatches, we are all doomed”) or the security defence teams (“it’s OK, relax, AI has you covered”). It has occurred to me […] | Threat | ★★★ | |
|
2023-01-11 07:00:00 | Myth Busting: Why Moving From VPN to ZTNA Doesn\'t Have to be a Heavy Lift (lien direct) | >Over the last few years many organizations have already introduced a zero trust network access (ZTNA) solution, and are seeing the benefits from it. But many others have been put off by the work needed to transition to a zero trust-based access model and the associated technical integration work. In this blog I will unpack […] | ★★★ | ||
|
2023-01-10 21:44:13 | Understanding Evolving Insider Risks in a Hybrid World (lien direct) | >Insider risks are threats that already have access to an organization's sensitive information. They are people who have physical access to the organization's buildings and credentials to sign-on to the network. But maybe more importantly, they're familiar with the organization's processes, they speak the company lingo, and they know where the important assets reside. Whether […] | ★★★ | ||
|
2023-01-05 16:35:50 | I\'m a Technology Leader Who Sees Opportunities for Accelerating Security Transformation Through Networking and Infrastructure. Here\'s Why I Joined Netskope. (lien direct) | >Right now, I see a great opportunity in the cybersecurity industry to help customers as they navigate through security transformation. I don't come from a traditional security background; I'm what we might call a “networking guy.” But about two and a half years ago, in my previous role at Dell, I started noticing a trend […] | Prediction | ★ | |
|
2023-01-04 15:00:00 | Four Resolutions for Security Leaders to Keep in Mind for 2023 (lien direct) | >Starting off a new year often comes with a re-energized sense of taking stock of big changes you want to make and how you want to accomplish them. And, as we come off of “prediction season”, there's also a sense of the hot topics and challenges that are already on the horizon for the security […] | ★★★ | ||
|
2023-01-04 07:00:00 | Data Insights for Parenting…and Cybersecurity Teams (lien direct) | I am often struck by the similarities in the skill set required for both parenting and cybersecurity. With children-as with employees-it is much easier to keep everyone safe if you have a little bit of visibility into what's actually going on. The hardest child to parent effectively is one who shuts themselves away in their […] | ★★ | ||
|
2022-12-29 17:00:00 | A Closer Look at Hybrid Work Environments and Cyber Insurance Coverage (lien direct) | >Organizations seeking cyber insurance coverage are typically required by their insurer to provide evidence of a panoply of controls around information security, disaster recovery, and related risk and technology requirements and best practices. When organizational data resides only on-premises, documenting, evaluating and maintaining these controls have their challenges but are fairly straightforward for the IT, […] | ★★ | ||
|
2022-12-27 15:29:48 | (Déjà vu) 3 Key Use Cases Along the SASE & Zero Trust Journey (lien direct) | In the first part of this blog series, I took a look at how an understanding of digital strategy and digital risk is key to starting a security transformation journey. And in the second, I dug further into how a secure access service edge (SASE) architecture with security service edge (SSE) capabilities and zero trust […] | ★★ | ||
|
2022-12-22 15:15:08 | Data Protection is Finally a Barbecue Conversation for Ordinary Australians. (lien direct) | >Co-authored by David Fairman and Netskope CXO Advisors Samm MacLeod and Nicholas McKenzie Cyber incidents are becoming increasingly common and disruptive–whether it’s ransomware, data breaches, or leaks. The number of compelling events in the last few months in Australia have shown us the implications for businesses, and their customers, when a breach occurs. There has […] | ★★ | ||
|
2022-12-21 07:00:00 | The Three Why\'s of Vendor Consolidation (lien direct) | >Consolidating vendors has always been on the mind of digital leaders, but the current economic climate has elevated this topic, with a recent Gartner survey claiming that 75% of organisations are currently pursuing security vendor consolidation projects, up from 29% in 2020. On the face of it, we can put this down to the need […] | Guideline | ★★★ | |
|
2022-12-20 15:00:00 | Big Trends and Hot Topics From H-ISAC 2022 (lien direct) | >Last week, I had the opportunity to attend and speak at the H-ISAC fall summit here in Phoenix. As always, this conference is a great opportunity to meet back up with customers and friends from all around the Healthcare sector. This leads to illuminating conversations that really give me a higher definition picture of what […] | Guideline | ★★ | |
|
2022-12-19 21:02:20 | Cloud Threats Memo: State-sponsored Threat Actors Continue to Abuse Legitimate Cloud Services (lien direct) | >Threat actors exploiting cloud services are keeping me very busy in these final days of this troubled 2022. The main character of this Cloud Threats Memo is MuddyWater (also known as Earth Vetala, MERCURY, Static Kitten, Seedworm, and TEMP.Zagros), one of the most prolific cyber espionage groups, active since at least 2017, and believed to […] | Threat | ★★★★ | |
|
2022-12-15 15:07:31 | Netskope Client: Enabling a Secure Borderless Workforce (lien direct) | >In order to enable and sustain an effective and secure hybrid work environment, enterprises need security that can deliver protection anywhere, stop modern threats, ensure compliance, and maintain consistent policies across both on-premise and remote locations. The expansion of the attack surface that came with remote work and the increasing use of public cloud were […] | ★ | ||
|
2022-12-14 07:00:00 | A Quantum Arms Race in Cybersecurity (lien direct) | >In 2001, NIST (the US National Institute of Standards and Technology) announced Advanced Encryption Standard (AES), a new encryption standard, designed to help organisations enhance protections against brute force attacks. The previous Data Encryption Standard (DES) had become vulnerable, with processing power growing, and the Electronic Frontier Foundation (EFF) had proved that DES encryption could […] | ★★★ | ||
|
2022-12-13 22:16:36 | Cloud Threats Memo: Understanding the Dead Drop Resolver Technique (lien direct) | >If I asked you what the common ways to exploit a cloud app for malicious purposes are, I bet your answer would probably be either to use it to distribute malicious content (such as malware or phishing pages), or to host the command and control (C2) infrastructure. In reality another frequent technique is the dead […] | Malware | ★★★★ | |
|
2022-12-13 12:45:00 | How Netskope Cloud Exchange as a Managed Service Can Help Improve Your Security Posture (lien direct) | >Starting January 1, 2023, Netskope will offer customers Cloud Exchange (CE), its industry leading integration platform, as a managed service. This managed service will enable a much larger customer base to benefit from CE, including customers lacking in-house resources or preferring to consume CE as a managed service. The new managed service delivers CE as […] | Guideline | ★★ | |
|
2022-12-07 07:00:00 | Implementation Insights: What We Learned From Keeping French Students Secure (lien direct) | >Sometimes in the comms team here at Netskope I hear fantastic tales that are not yet approved for public consumption. The frustration is very real when I hear of a creative customer implementation that cannot yet be told to the wider world. But today I have contrived a clever way to be able to share […] | ★★ | ||
|
2022-12-06 19:07:40 | Cloud Threats Memo: Cyber Espionage Exploiting Google Drive for C2 Infrastructure (lien direct) | >Another day, another legitimate cloud service exploited for a cyber espionage campaign… Researchers at ESET recently discovered Dolphin, a previously unreported backdoor used by the North-Korean threat actor APT37 (AKA ScarCruft and Reaper) against selected targets. The backdoor, deployed after the initial compromise using less sophisticated malware, was observed for the first time in early […] | Threat Cloud | APT 37 | ★★★ |
|
2022-12-06 16:14:25 | Managing Risks with SASE, SSE, and Zero Trust (lien direct) | >In the first part of this blog series, I took a look at how an understanding of digital strategy and digital risk is key to starting a security transformation journey. In this post, I am digging further into how a secure access service edge (SASE) architecture with security service edge (SSE) capabilities and zero trust […] | ★★ | ||
|
2022-12-01 15:54:45 | Important Takeaways from the Orange and Netskope Partnership (lien direct) | >Recently, Orange Business Services, Orange Cyberdefense, and Netskope announced a global partnership to deliver a fully integrated secure access service edge (SASE) solution on the Orange network. The partnership includes the deployment of Netskope data planes inside the Orange network to provide a full stack of security service edge (SSE) services that will be available […] | ★★★ | ||
|
2022-11-30 19:09:46 | Cloud Threats Memo: Yet Another Cyber Espionage Campaign Exploiting Cloud Services (lien direct) | >In the latest example of a cloud service being exploited for cyber espionage, researchers from Trend Micro have shed light on a campaign, conducted between March and October 2022, targeting government, academic, foundations, and research sectors of multiple countries including Myanmar, Australia, the Philippines, Japan, and Taiwan. The campaign has been attributed to a notorious […] | ★★★ | ||
|
2022-11-30 15:39:00 | How Graph-powered SSPM Adds the Right Context (lien direct) | >SaaS apps have become the “easy button” for organizations seeking a fast and simple way to make foundational business apps available to their employees. According to Gartner, “SaaS remains the largest public cloud services market segment, forecasted to reach $176.6 billion in end-user spending in 2022,” growing 14% over 2021. And according to research by […] | ★★★ | ||
|
2022-11-30 07:00:00 | Digital Strategies For A Fast Approaching Future (lien direct) | >The future is arriving faster than you think. By 2030, fully automated vehicles are expected to account for 12% of global vehicle sales-a number that hikes to 20% for new vehicle sales in China. Tomorrow, 1st December, the first electric, semi-autonomous lorries with a range of 500 miles roll off the Tesla production line – […] | ★★★ | ||
|
2022-11-29 15:32:38 | Test Drive Netskope Private Access: A Modern ZTNA Solution (lien direct) | >We are pleased to announce that Netskope Private Access (NPA) is now available to test drive, meaning you can experience a truly modern zero trust network access (ZTNA) solution firsthand with no commitment and no software to download or install. Selecting and implementing the right ZTNA solution is a crucial part of the SASE journey, […] | ★★ | ||
|
2022-11-23 15:54:40 | Detecting Ransomware Using Machine Learning (lien direct) | >Co-authored by Yihua Liao, Ari Azarafrooz, and Yi Zhang Ransomware attacks are on the rise. Many organizations have fallen victim to ransomware attacks. While there are different forms of ransomware, it typically involves the attacker breaching an organization's network, encrypting a large amount of the organization's files, which usually contain sensitive information, exfiltrating the encrypted […] | Ransomware | ||
|
2022-11-23 07:00:00 | What Does The Twitter Chaos Tell Us About The Security Of Our Data? (lien direct) | >What a few weeks it has been for Twitter, from the sacking of half its workforce, and the rushed release of a new feature that allows impersonation of people and brands, through to the unintentional lock out of some users with a certain multi-factor authentication (MFA) configuration enabled. Added to this, we have also seen […] | ★★★ | ||
|
2022-11-22 17:34:43 | Netskope Threat Labs: What We\'ll See In 2023 (lien direct) | Continuing our ongoing series of expert predictions, the following come from Netskope Threat Labs, including what we see on the horizon for software supply chain, phishing, and ransomware. Phishing operations will increase in sophistication to bypass MFA Phishing is a social engineering technique. You need to find someone with their guard down and convince them […] | Threat | ★★★★ | |
|
2022-11-21 19:35:03 | Framing the Modern Conversation Around Digital Transformation and Digital Risk (lien direct) | >Following my recent AISA session about security transformation in October, I am digging further into the value that can come from both security and digital transformation, applying security service edge capabilities and zero trust principles as part of the broader digital transformation strategy.. In the first part of this three-part blog series, I am going […] | General Information | ★★★ | |
|
2022-11-18 15:18:03 | Netskope Threat Coverage: Prestige Ransomware (lien direct) | >Summary In October 2022, a novel ransomware named Prestige was found targeting logistics and transportation sectors in Ukraine and Poland. According to Microsoft, victims affected by Prestige overlap with previous victims targeted by HermeticWiper, spotted in February 2022. The research also shows that the attackers deployed the ransomware within an hour between all victims, abusing […] | Ransomware Threat | ||
|
2022-11-17 14:09:34 | What We See for 2023-Predictions for Cloud Security & Beyond (lien direct) | As the new year draws closer, we’ve asked our experts here at Netskope to see what they have on their radar for 2023. Similar to years past, we've broken these predictions out into “Long Shots,” more out-there predictions we think could potentially happen in the next year, and “Trending Topics,” predictions around topics you may […] | |||
|
2022-11-16 14:00:00 | Cloud Abuse: New Technique Using Adobe Acrobat to Host Phishing (lien direct) | >Summary Netskope Threat Labs recently discovered a phishing campaign that is abusing Adobe Acrobat to host a Microsoft Office phishing page. While abusing free cloud services to host malicious content is a popular attack technique, this is the first time we have seen Adobe Acrobat used to deliver malicious content. The attack starts with a […] | Threat | ||
|
2022-11-16 07:00:00 | Netskope: Cloud Services Vendor Of The Year (lien direct) | >Last week Netskope was awarded the “Cloud Services Vendor Of The Year” trophy at the UK's CRN Awards. It is the second award we have won for our efforts in the UK channel this year – earlier in the summer we took home CRN's “Technology Innovation” gong as well. Now that the dust has settled-and […] | |||
|
2022-11-15 19:48:53 | Deep Learning for Phishing Website Detection (lien direct) | >Introduction Phishing is one of the most common online security threats. A phishing website tries to mimic a legitimate page in order to obtain sensitive data such as usernames, passwords, or financial and health-related information from potential victims. Machine learning (ML) algorithms have been used to detect phishing websites, as a complementary approach to signature […] | |||
|
2022-11-10 14:00:00 | New Phishing Technique Targeting Over 20 Crypto Wallets (lien direct) | >Summary Netskope Threat Labs spotted a new crypto-phishing attack that aims to steal sensitive data from crypto wallets, including private keys and security recovery phrases, disguising itself as a service to revoke stolen ERC (Ethereum Request for Comments) assets. The page was created and hosted with Netlify, which is a free cloud service to create […] | Threat | ★★★★★ | |
|
2022-11-09 14:00:00 | BlackCat Ransomware: Tactics and Techniques From a Targeted Attack (lien direct) | >Summary BlackCat (a.k.a. ALPHV and Noberus) is a Ransomware-as-a-Service (RaaS) group that emerged in November 2021, making headlines for being a sophisticated ransomware written in Rust. It has both Windows and Linux variants and the payload can be customized to adapt to the attacker's needs. BlackCat is also believed to be the successor of the […] | Ransomware | ||
|
2022-11-08 15:05:13 | The Key Mechanics of Building a Good Security Business Case (lien direct) | >As we enter the thick of budget season, especially in a time where budgets are expected to start tightening, security and IT leaders need to anticipate the discussions they are going to have with executive leaders. This means proactively preparing a formal business case for the security program to ensure funding for upcoming projects. But, […] | Guideline | ||
|
2022-11-07 07:00:00 | Remember, Remember: What Guy Fawkes and the Gunpowder Plot Can Teach Us About Modern Cyber Attacks (lien direct) | >10 years ago I moved to the UK and made it my home, and I love living here. I like Marmite, debates over whether the evening meal is dinner, tea, or supper, the constant requirement to remark upon the weather… and the many bizarre traditions. One of these bizarre traditions is Bonfire Night, celebrated on […] | |||
|
2022-11-03 17:04:14 | Netskope and Okta: Coming Together for Continuous Adaptive Trust (lien direct) | >Challenges from the modern workforce The problem of securing the modern workforce goes beyond occasional spats between IT and security. The real problems we see are user credentials under constant attack, alongside attempts to harvest and exploit enterprise data. Plus the cloud resources that workforces need are tough to secure, especially when deployed outside of […] | ★★ | ||
|
2022-11-03 15:05:11 | Cloud Threats Memo: Exploiting Google Forms for Phishing Campaigns (lien direct) | >A recent campaign, unearthed by researchers at INKY, is the latest example of exploitation of a legitimate cloud service. The campaign impersonates the U.S. Small Business Administration (SBA), targeting small businesses that are unaware of the fact that the SBA recently stopped accepting applications for COVID-19 relief loans or grants. The element that makes this […] | ★★★★ | ||
|
2022-11-02 06:00:00 | Is Digital Distrust The Answer? (lien direct) | >“Digital trust” is a hot topic at the moment-with McKinsey as the latest to dive into the term. The consultancy's “Why Digital Trust Matters” report presents global research among business leaders and consumers, exploring consumer perceptions of digital trust, and the behaviours it motivates. McKinsey defines digital trust as “the confidence in an organisation to […] | Guideline | ★★ | |
|
2022-11-01 16:35:10 | Cybersecurity Awareness Month: Recognizing Phishing and Using Multi-factor Authentication (lien direct) | >Phishing is a well known threat that users are constantly being warned about, but as we are in Cybersercurity Awarenss Month though, some may still be wondering what exactly phishing is and how to prevent it. In this blog, I am going to dig into how you can recognize phishing and how enabling multi-factor authentication […] | Threat | ★★★★ | |
|
2022-10-20 20:03:52 | Making Sense of Zero Trust Through the Lens of Networking and Infrastructure (lien direct) | >“Zero trust” still confuses people-and for good reason. While the term conveys a certain absolute authority (“zero,” “nope,” “nothing”), contemporary approaches offer much more nuanced capabilities. And while zero trust today is typically associated with security initiatives, the concepts have their origin in the definition of network perimeters, who is granted access, and how that […] | |||
|
2022-10-19 19:45:51 | Cybersecurity Awareness Month: Answering 3 Big Questions About Secure Passwords (lien direct) | >Passwords have been employed by many since the days of the Roman Empire, and they quickly became omnipresent as we approached the digital age. However, rapid changes in the security landscape have forced us to evolve what our passwords look like and how they are used. At times, this has led to conflicting advice and […] |
To see everything:
Our RSS (filtrered)
