What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-14 16:38:59 | La fuite massive de la base de données de cloud expose 380 enregistrements Massive Cloud Database Leak Exposes 380 Records (lien direct) |
> Par waqas
Un autre jour, une autre base de données cloud fuit dans la nature!
Ceci est un article de HackRead.com Lire la publication originale: La fuite massive de la base de données de cloud expose 380 enregistrements
>By Waqas Another day, another Cloud database leak in the wild! This is a post from HackRead.com Read the original post: Massive Cloud Database Leak Exposes 380 Records |
Cloud | ★★ | |
 |
2024-02-14 10:39:01 | F5 améliore F5 Distributed Cloud Services (lien direct) | Les nouvelles fonctionnalités de sécurité API et IA de bout en bout permettent aux clients de mieux protéger leurs applications alimentées par l'IA - Produits | Cloud | ★★ | |
 |
2024-02-14 01:00:00 | Comment la vulnérabilité peut faire de vous une victime le jour de la Saint-Valentin How Vulnerability Can Make You a Victim on Valentine\\'s Day (lien direct) |
> Selon le récent rapport sur le cloud et la menace de NetSkope \\, le rapport sur le cloud et la menace, la manière la plus courante dont les cyberattaquants ont eu accès aux organisations en 2023 était par le biais de l'ingénierie sociale.Alors qu'une tactique préférée des cybercriminels, en son cœur, l'ingénierie sociale n'est pas à propos de quelqu'un qui brisait le code tout en se couchant sur un clavier éclatant.Il repose sur des humains individuels [& # 8230;]
>According to Netskope\'s recent “Year in Review” Cloud and Threat Report, the most common way cyber attackers gained access to organisations in 2023 was through social engineering. While a favourite tactic of cyber criminals, at its heart, social engineering isn\'t about someone breaking code while hunched over a glowing keyboard. It relies on individual human […] |
Vulnerability Threat Cloud | ★★★ | |
 |
2024-02-13 17:28:33 | GCP-2024-009 (lien direct) | Publié: 2024-02-13 Description Description Gravité notes Le 13 février 2024, AMD a révélé deux vulnérabilités affectant SEV-SNP sur les processeurs EPYC sur la base des noyaux zen de la troisième génération "Milan" et de la quatrième génération "GenoA".Les vulnérabilités permettent aux attaquants privilégiés d'accéder aux données périmées des invités ou de provoquer une perte d'intégrité des clients. Google a appliqué des correctifs aux actifs affectés, y compris Google Cloud, pour s'assurer que les clients sont protégés.À l'heure actuelle, aucune preuve d'exploitation n'a été trouvée ou signalée à Google. Que dois-je faire? Aucune action client n'est requise.Les correctifs ont déjà été appliqués à la flotte Google Server pour Google Cloud, y compris le moteur de calcul. Pour plus d'informations, voir AMD Security Advisory AMD-SN-3007 . modéré CVE-2023-31346 CVE-2023-31347 Published: 2024-02-13Description Description Severity Notes On February 13, 2024, AMD disclosed two vulnerabilities affecting SEV-SNP on EPYC CPUs based on third generation "Milan" and fourth generation "Genoa" Zen cores. The vulnerabilities allow privileged attackers to access stale data from guests or cause a loss of guest integrity. Google has applied fixes to affected assets, including Google Cloud, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Fixes have already been applied to the Google server fleet for Google Cloud, including Compute Engine. For more information, see AMD security advisory AMD-SN-3007. Moderate CVE-2023-31346 CVE-2023-31347 | Vulnerability Cloud | ||
 |
2024-02-13 16:40:00 | Blizzard de minuit et Cloudflare-Atlassian Cybersecurity Incidents: Que savoir Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know (lien direct) |
Les incidents de cybersécurité à minuit et Cloudflare-atlassian ont fait des alarmes sur les vulnérabilités inhérentes aux principales plates-formes SaaS.Ces incidents illustrent les enjeux impliqués dans les violations SaaS - sauvegarder l'intégrité des applications SaaS et leurs données sensibles sont essentielles mais n'est pas facile.Des vecteurs de menace communs tels que le phisseur de lance sophistiqué, les erreurs de configuration et
The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches - safeguarding the integrity of SaaS apps and their sensitive data is critical but is not easy. Common threat vectors such as sophisticated spear-phishing, misconfigurations and |
Vulnerability Threat Cloud | ★★★ | |
|
2024-02-13 15:41:51 | Défendre contre les attaques basées sur les applications OAuth contre les SaaS Enterprise Defending Against OAuth App-Based Attacks on Enterprise SaaS (lien direct) |
> La croissance phénoménale de l'adoption de logiciels en tant que service (SaaS) a incité les entreprises de toutes tailles à déplacer leurs données critiques vers des applications basées sur le SaaS.Et comme les attaquants ont tendance à suivre les données pour induire une violation, leur nouveau domaine d'intérêt est le SaaS de l'entreprise.La récente attaque de blizzard de minuit par des acteurs de l'État-nation renforce clairement [& # 8230;]
>The phenomenal growth in the adoption of software as a service (SaaS) has prompted enterprises of all sizes to move their critical data to SaaS-based applications. And as attackers tend to follow data to induce a breach, their new area of focus is enterprise SaaS. The recent Midnight Blizzard attack by nation-state actors clearly reinforces […] |
Cloud | ★★ | |
 |
2024-02-13 13:49:34 | Résultats clés de CrowdStrike \\'s 2024 Rapport de sécurité des applications Key Findings from CrowdStrike\\'s 2024 State of Application Security Report (lien direct) |
Au fur et à mesure que les organisations déplacent leurs applications et leurs opérations vers le cloud et stimulent de plus en plus les revenus via des logiciels, des applications natives dans le cloud et des API ont émergé parmi les plus grands domaines du risque de sécurité moderne.Selon les données accessibles au public, huit des 10 meilleures violations de données de 2023 étaient liées aux surfaces d'attaque d'application.1 Ces huit violations ont été exposées à elles seules [& # 8230;]
As organizations shift their applications and operations to the cloud and increasingly drive revenues through software, cloud-native applications and APIs have emerged among the greatest areas of modern security risk. According to publicly available data, eight of the top 10 data breaches of 2023 were related to application attack surfaces.1 These eight breaches alone exposed […] |
Studies Cloud | ★★★★ | |
 |
2024-02-13 13:00:21 | Apprenez à connaître le point de chèque Harmony Sase Get to Know Check Point Harmony SASE (lien direct) |
> La nouvelle offre de la nouvelle offre Secure Access Service Edge (SASE) est désormais appelée harmonie.Le monde a changé au cours des dernières années, et l'ancienne façon d'obtenir un réseau standard sur site, avec ses notions à l'intérieur et à l'extérieur du périmètre, ne suffit plus.Il existe de nombreuses raisons pour ce changement, notamment la montée en puissance des réseaux de cloud public pour l'hébergement d'applications et de données, et l'agilité améliorée du flux de travail à partir de logiciels en tant que plateformes de service comme Salesforce et Office 365.Connexions haute performance, et il est clair [& # 8230;]
>Check Point\'s new Secure Access Service Edge (SASE) offering is now called Harmony SASE. The world has changed in the last few years, and the old way of securing a standard on-premises network, with its notions of inside and outside the perimeter, is no longer enough. There are many reasons for this change including the rise of public cloud networks for hosting applications and data, and the enhanced workflow agility from software as a service platforms like Salesforce and Office 365. Add to that the increasing trend of remote work and the need for high performance connections, and it\'s clear […] |
Prediction Cloud | ★★ | |
|
2024-02-12 22:37:28 | GCP-2024-008 (lien direct) | Publié: 2024-02-12 Description Description Gravité notes CVE-2023-5528 Permet à un attaquant de créer des pods et des volumes persistants sur les nœuds Windows d'une manière qui permet l'escalade du privilège d'administration sur ces nœuds. pour les instructions et plus de détails, voir leBulletins suivant: GKE Sécurité Bulletin Bulletin Bulletin Bulletin Bulletin Bulletin Bulletin de sécurité GKE GKE GKE gke sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur GKE sur le bulletin de sécurité en métal nu High CVE-2023-5528 Published: 2024-02-12Description Description Severity Notes CVE-2023-5528 allows an attacker to create pods and persistent volumes on Windows nodes in a way that enables admin privilege escalation on those nodes. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-5528 | Cloud | ||
|
2024-02-12 20:14:28 | Pourquoi les relations de regard sont essentielles pour fournir une expérience utilisateur phénoménale Why Peering Relationships are Key to Providing a Phenomenal User Experience (lien direct) |
> L'un des nombreux avantages de l'exécution de votre propre infrastructure de cloud privé est l'amélioration des performances lorsque vous contrôlez votre propre connectivité, raccourcissant le chemin et réduisant la latence pour les deux utilisateurs se connectant à votre cloud privé et à votre connectivité au premier mile aux applicationsEt services.L'alternative, et une utilisée par celles utilisant le public [& # 8230;]
>One of the many benefits of running your own private cloud infrastructure are the performance improvements when you\'re in control of your own connectivity, shortening the path and reducing latency for both users connecting to your private cloud and first mile connectivity to applications and services. The alternative, and one used by those utilizing public […] |
Cloud Commercial | ★★ | |
 |
2024-02-12 15:06:28 | Campagne de rachat de compte Cloud Azure en cours ciblant le personnel senior Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel (lien direct) |
> Une campagne de rachat actif du cloud a eu un impact sur des dizaines d'environnements Azure et compromis des centaines de comptes d'utilisateurs
>An active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts. |
Cloud | ★★★ | |
|
2024-02-12 13:00:14 | Les problèmes de personnes bloquent-ils votre migration de cloud sécurisée? Are People Problems Blocking Your Secure Cloud Migration? (lien direct) |
> Jonathan Maresky, Cloud Security Product Marketing Manager Qu'est-ce qui obtient des migrations cloud réussies et sécurisées?Demandez à la plupart des DSI, des architectes de cloud ou des ingénieurs informatiques qui questionnent, et leur esprit ira probablement d'abord aux obstacles technologiques & # 8211;Comme la complexité du déplacement des applications héritées dans le cloud, ou le défi de mettre à jour les politiques de sécurité pour répondre aux menaces du cloud.Ou, ils pourraient mentionner la difficulté du processus de migration du cloud lui-même.Ces défis font partie des raisons pour lesquelles la migration du cloud sécurisée peut être difficile pour de nombreuses organisations.Mais voici un autre problème qui a tendance à recevoir moins de discussions: les gens haies, par [& # 8230;]
>Jonathan Maresky, Cloud Security Product Marketing Manager What gets in the way of successful and secure cloud migrations? Ask most CIOs, cloud architects or IT engineers that question, and their minds will probably first go to technological hurdles – like the complexity of moving legacy apps into the cloud, or the challenge of updating security policies to address cloud threats. Or, they might mention the difficulty of the cloud migration process itself. Those challenges are part of why secure cloud migration can be hard for many organizations. But here’s another issue that tends to receive less discussion: People hurdles, by […] |
Cloud | ★★★ | |
 |
2024-02-12 11:00:00 | Le réseau sécurisé commence (et se termine) au point final Secure networking starts (and ends) at the endpoint (lien direct) |
One step behind
The last decade has been challenging for the cyber industry. Attackers always seem to have the upper hand while defenders play catch up. It’s common to point to the ever-accelerating frequency and sophistication of attacks, siloed security that creates gaps, and a shortage of skilled cyber professionals as rationale for this lagging position. All are true but none represent the core reason for our current situation.
The reason we are where we are is because of cloud computing. Don’t get me wrong, cloud computing has been and continues to be profoundly beneficial. It enabled digital transformation that reshaped how we do business. But it is also a huge disruptor that turned traditional, centralized computing and data networking models on their head, forcing carriers and network suppliers alike to innovate and adapt or risk obsolescence. And as networking models shifted, from centralized to distributed, so too did security, but always at a lagging pace.
With cloud computing, distributed networking, and cloud-based security becoming standard, organizations must reassess their cybersecurity approach. It is imperative that they adopt comprehensive end-to-end solutions that align with the evolving landscape of cloud computing and connectivity to address their cyber challenges.
Cloud computing’s cascading effect
It’s always been about data – where data lives and how it is accessed by users. Shifts in data residency and access have triggered a series of events, beginning with:
Our introduction to the cloud
Server virtualization and cloud compute infrastructure, frequently referred to as infrastructure as a service (IaaS), ushered in low cost, flexible, and resource efficient computing via virtual machines (VMs)
Growth in cloud computing shifted focus to new ways that enabled users, whether in offices (sites) or at home (remote users), to access the data required to perform their job duties
Cloud adoption led to new networking models
Networks were re-architected to align with shifting data residency, from centralized data centers to distributed cloud infrastructure
This transition included moving from MPLS/datacenter designs to SD-WAN with Internet breakouts and hybrid or multi-cloud solutions
Network security transformation lagged
As data networking models evolved so too did network security, but at a lagging pace
Over time, the expansion of cloud-delivered security solutions helped organizations to align and optimize network security within this new cloud and networking environment
But this new data and networking paradigm requires consideration beyond network security
Endpoint security has become more critical to consider in this new age of cloud computing and network connectivity where the focus is now squarely on enabling users on laptops, desktops, and mobile devices (endpoints) to access data on cloud servers and VMs (also endpoints)
Endpoints bookend this continuum of users accessing data on cloud workloads, and as an essential part of the communications flow, they must be considered when designing an end-to-end security solution
Doubling down on the cloud
We have come a long way from the initial cloud use case of test/dev. We’ve since moved to running production-grade applications in the cloud and are now entering the next phase of cloud application development – microservices and containerization. As the cloud becomes increasingly foundational to your organization, it is crucial to prioritize robust security for all cloud workloads. This includes ensuring top-performing endpoint security not only for VMs but a |
Mobile Cloud | ★★ | |
 |
2024-02-12 10:00:00 | Les compromis Azure en cours Target Target Senior Execs, Microsoft 365 Apps Ongoing Azure Compromises Target Senior Execs, Microsoft 365 Apps (lien direct) |
Les attaquants franchissent des environnements cloud et jouent à des jeux avec les applications Microsoft 365 d'entreprise, et d'autres victimes sont susceptibles de venir.
Attackers are breaching cloud environments and playing games with corporate Microsoft 365 apps, and further victims are likely to come. |
Cloud | ★★ | |
|
2024-02-12 09:21:01 | Infodis fait l\'acquisition de Prolival (lien direct) | Infodis achève sa stratégie de transformation vers les services d'Infogérance, Cloud et Cybersécurité avec l'acquisition de la société Prolival et de son Cloud souverain Horizon. - Business | Cloud | ★★ | |
|
2024-02-12 08:21:20 | Logrhythm élargit le partenariat avec la finance électronique LogRhythm Expands Partnership with e-finance (lien direct) |
Logrhythm élargit le partenariat avec la finance électronique pour accélérer l'innovation de cybersécurité en Égypte
La finance électronique ajoute un logythme à sa plate-forme de cloud computing intégrée pour une croissance numérique sûre et sécurisée qui s'aligne sur l'Égypte Vision 2030
-
nouvelles commerciales
LogRhythm Expands Partnership with e-finance to Accelerate Cybersecurity Innovation in Egypt e-finance adds LogRhythm to its integrated cloud computing platform for safe and secure digital growth that aligns with Egypt Vision 2030 - Business News |
Cloud | ★★ | |
 |
2024-02-12 08:02:39 | 4 étapes pour empêcher le compromis des e-mails des fournisseurs dans votre chaîne d'approvisionnement 4 Steps to Prevent Vendor Email Compromise in Your Supply Chain (lien direct) |
Supply chains have become a focal point for cyberattacks in a world where business ecosystems are increasingly connected. Email threats are a significant risk factor, as threat actors are keen to use compromised email accounts to their advantage. Every month, a staggering 80% of Proofpoint customers face attacks that originate from compromised vendor, third-party or supplier email accounts. Known as supplier account compromise, or vendor email compromise, these attacks involve threat actors infiltrating business communications between trusted partners so that they can launch internal and external attacks. Their ultimate goal might be to steal money, steal data, distribute malware or simply cause havoc. In this blog post, we\'ll explain how vendor emails are compromised and how you can stop these attacks. Finally, we\'ll tell you how Proofpoint can help. What\'s at stake Supply chain compromise attacks can be costly for businesses. IBM, in its latest Cost of a Data Breach Report, says that the average total cost of a cyberattack that involves supply chain compromise is $4.76 million. That is almost 12% higher than the cost of an incident that doesn\'t involve the supply chain. In addition to the financial implications, compromised accounts can lead to: Phishing scams that result in even more compromised accounts Reputational and brand damage Complex legal liabilities between business partners How does vendor email compromise occur? Supply chain compromise attacks are highly targeted. They can stretch out over several months. And typically, they are structured as a multistep process. The bad actor initiates the assault by gaining access to the email account of a vendor or supplier through various means. Phishing attacks are one example. Once the attacker gains access, they will lay low for an extended period to observe the vendor\'s email communications. During this time, the adversary will study the language and context of messages so that they can blend in well and avoid detection. Attackers might also use this observation period to establish persistence. They will create mail rules and infrastructure so that they can continue to receive and send messages even after the vendor has regained control of the account. Once they establish access and persistence, the attackers will begin to insert themselves into conversations within the supplier\'s company as well as with external partners and customers. By posing as the sender, the attacker takes advantage of established trust between parties to increase their chances of success. Overview of a vendor email compromise attack. Proofpoint has observed a growing trend of attackers targeting accounts within smaller businesses and using them to gain entry into larger companies. Threat actors often assume that small businesses have less protection than large companies. They see them as targets that can help them achieve a bigger payday. How to stop vendor email compromise If you want to defend against these attacks, it\'s critical to understand the methods behind them. Such a formidable problem requires a strategic and multilayered solution. The four broad steps below can help. Step 1: Know your suppliers Your first line of defense against these email attacks sounds simple, but it\'s challenging. It is the ability to intimately “know your supplier” and understand their security strategy. This requires more than a one-time vendor assessment. Your security teams will need to prioritize continuous monitoring of your company\'s business partnerships. On top of that knowledge, you need a thorough understanding of the access and privileges that your business grants to each vendor. Compromised accounts that have uncontrolled access may be able to exfiltrate sensitive data or upload malware like ransomware. So, when you know what your suppliers can (and can\'t) access, you can identify a data breach faster. Other steps, like requiring multifactor authentication (MFA) for vendor accounts, can | Ransomware Data Breach Malware Tool Threat Studies Prediction Cloud | ★★★ | |
|
2024-02-12 07:37:05 | Alerte communautaire: campagne malveillante en cours impactant les environnements cloud Azure Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments (lien direct) |
Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accounts, including senior executives. This post serves as a community warning regarding the attack and offers suggestions that affected organizations can implement to protect themselves from it. What are we seeing? In late November 2023, Proofpoint researchers detected a new malicious campaign, integrating credential phishing and cloud account takeover (ATO) techniques. As part of this campaign, which is still active, threat actors target users with individualized phishing lures within shared documents. For example, some weaponized documents include embedded links to “View document” which, in turn, redirect users to a malicious phishing webpage upon clicking the URL. Threat actors seemingly direct their focus toward a wide range of individuals holding diverse titles across different organizations, impacting hundreds of users globally. The affected user base encompasses a wide spectrum of positions, with frequent targets including Sales Directors, Account Managers, and Finance Managers. Individuals holding executive positions such as “Vice President, Operations”, "Chief Financial Officer & Treasurer" and "President & CEO" were also among those targeted. The varied selection of targeted roles indicates a practical strategy by threat actors, aiming to compromise accounts with various levels of access to valuable resources and responsibilities across organizational functions. Following the attack\'s behavioral patterns and techniques, our threat analysts identified specific indicators of compromise (IOCs) associated with this campaign. Namely, the use of a specific Linux user-agent utilized by attackers during the access phase of the attack chain: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Attackers predominantly utilize this user-agent to access the \'OfficeHome\' sign-in application along with unauthorized access to additional native Microsoft365 apps, such as: \'Office365 Shell WCSS-Client\' (indicative of browser access to Office365 applications) \'Office 365 Exchange Online\' (indicative of post-compromise mailbox abuse, data exfiltration and email threats proliferation) \'My Signins\' (used by attackers for MFA manipulation; for more info about this technique, see our recent Cybersecurity Stop of the Month blog) \'My Apps\' \'My Profile\' Post compromise risks Successful initial access often leads to a sequence of unauthorized post-compromise activities, including: MFA manipulation. Attackers register their own MFA methods to maintain persistent access. We have observed attackers choosing different authentication methods, including the registration of alternative phone numbers for authentication via SMS or phone call. However, in most MFA manipulation instances, attackers preferred to add an authenticator app with notification and code. Examples of MFA manipulation events, executed by attackers in a compromised cloud tenant. Data exfiltration. Attackers access and download sensitive files, including financial assets, internal security protocols, and user credentials. Internal and external phishing. Mailbox access is leveraged to conduct lateral movement within impacted organizations and to target specific user accounts with personalized phishing threats. Financial fraud. In an effort to perpetrate financial fraud, internal email messages are dispatched to target Human Resources and Financial departments within affected organizations. Mailbox rules. Attackers create dedicated obfuscation rules, intended to cover their tracks and erase all evidence of malicious activity from victims\' mailboxes. Examples of obfuscation mailbox rules created by attackers following successful account takeover. Operational infrastructure Our forensic analysis of the attack has surfaced several proxies, | Malware Tool Threat Cloud | ★★★ | |
|
2024-02-09 21:23:05 | Comment sécuriser les applications critiques d'entreprise How to Secure Business-Critical Applications (lien direct) |
Alors que les organisations déplacent davantage de leurs applications critiques au cloud, les adversaires déplacent leurs tactiques en conséquence.Et dans le cloud, il est clair que les cybercriminels se tournent sur les applications logicielles: en fait, les données de l'industrie montrent que 8 des 10 meilleures violations en 2023 étaient liées aux applications.Les plus précieux d'entre eux, [& # 8230;]
As organizations move more of their business-critical applications to the cloud, adversaries are shifting their tactics accordingly. And within the cloud, it\'s clear that cybercriminals are setting their sights on software applications: In fact, industry data shows 8 out of the top 10 breaches in 2023 were related to applications. The most valuable of these, […] |
Cloud | ★★★ | |
|
2024-02-09 16:12:53 | Mémo sur les menaces cloud: Retour aux bases: New Darkgate Campaign Exploite Microsoft Teams Cloud Threats Memo: Back to the Basics: New DarkGate Campaign Exploiting Microsoft Teams (lien direct) |
> Darkgate est un logiciel malveillant de marchandise avec plusieurs fonctionnalités, notamment la possibilité de télécharger et d'exécuter des fichiers en mémoire, un module de calcul réseau virtuel caché (HVNC), de keylogging, de capacités de vol d'information et d'escalade de privilège.Ce malware a été livré dans plusieurs campagnes au cours des derniers mois depuis au moins septembre 2023, et l'une des caractéristiques communes [& # 8230;]
>DarkGate is a commodity malware with multiple features including the ability to download and execute files to memory, a hidden virtual network computing (HVNC) module, keylogging, information-stealing capabilities, and privilege escalation. This malware has been delivered in multiple campaigns over the past few months since at least September 2023, and one of the common characteristics […] |
Malware Cloud | ★★★ | |
|
2024-02-09 13:10:00 | Wazuh à l'ère du cloud: naviguer dans les défis de la cybersécurité Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity (lien direct) |
Le cloud computing a innové comment les organisations opérent et gèrent les opérations informatiques, telles que le stockage de données, le déploiement des applications, la mise en réseau et la gestion globale des ressources.Le cloud offre l'évolutivité, l'adaptabilité et l'accessibilité, permettant aux entreprises d'atteindre une croissance durable.Cependant, l'adoption des technologies cloud dans votre infrastructure présente divers risques de cybersécurité et
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However, adopting cloud technologies into your infrastructure presents various cybersecurity risks and |
Cloud | ★★ | |
|
2024-02-08 23:50:05 | GCP-2024-007 (lien direct) | Publié: 2024-02-08 Description Description Gravité notes Les CVE suivants exposent le maillage de service Anthos aux vulnérabilités exploitables: CVE-2024-23322: Envoyé se bloque lorsque le ralenti et les demandes par essai se produisent dans l'intervalle de retour. CVE-2024-23323: utilisation excessive du processeur lorsque le matrice du modèle URI est configuré en utilisant Regex. CVE-2024-23324: L'autorisation externe peut être contournée lorsque le filtre de protocole proxy définit les métadonnées UTF-8 non valides. Envoyé se bloque lors de l'utilisation d'un type d'adresse qui n'est pas pris en charge par l'OS. CVE-2024-23327: Crash en protocole proxy lorsque le type de commande est local . Pour les instructions et plus de détails, voir le Bulletin de service de service Anthos . High cve-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 Published: 2024-02-08Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-23322: Envoy crashes when idle and requests per try timeout occur within the backoff interval. CVE-2024-23323: Excessive CPU usage when URI template matcher is configured using regex. CVE-2024-23324: External authorization can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata. Envoy crashes when using an address type that isn\'t supported by the OS. CVE-2024-23327: Crash in proxy protocol when command type is LOCAL. For instructions and more details, see the Anthos Service Meshsecurity bulletin. High CVE-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 | Vulnerability Cloud | ||
|
2024-02-08 22:05:51 | étherfax normes de télécopie de nuages sécurisables pionnières etherFAX Pioneering Interoperable Secure Cloud Fax Standards (lien direct) |
Publié: 2024-02-08 Description Description Gravité notes Les CVE suivants exposent le maillage de service Anthos aux vulnérabilités exploitables: CVE-2024-23322: Envoyé se bloque lorsque le ralenti et les demandes par essai se produisent dans l'intervalle de retour. CVE-2024-23323: utilisation excessive du processeur lorsque le matrice du modèle URI est configuré en utilisant Regex. CVE-2024-23324: L'autorisation externe peut être contournée lorsque le filtre de protocole proxy définit les métadonnées UTF-8 non valides. Envoyé se bloque lors de l'utilisation d'un type d'adresse qui n'est pas pris en charge par l'OS. CVE-2024-23327: Crash en protocole proxy lorsque le type de commande est local . Pour les instructions et plus de détails, voir le Bulletin de service de service Anthos . High cve-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 Published: 2024-02-08Description Description Severity Notes The following CVEs expose Anthos Service Mesh to exploitable vulnerabilities: CVE-2024-23322: Envoy crashes when idle and requests per try timeout occur within the backoff interval. CVE-2024-23323: Excessive CPU usage when URI template matcher is configured using regex. CVE-2024-23324: External authorization can be bypassed when Proxy protocol filter sets invalid UTF-8 metadata. Envoy crashes when using an address type that isn\'t supported by the OS. CVE-2024-23327: Crash in proxy protocol when command type is LOCAL. For instructions and more details, see the Anthos Service Meshsecurity bulletin. High CVE-2024-23322 CVE-2024-23323 CVE-2024-23324 CVE-2024-23325 CVE-2024-23327 | Cloud | ★★ | |
|
2024-02-08 15:58:42 | US Credit Union Service a fui des millions d'enregistrements et de mots de passe en texte brut US Credit Union Service Leaks Millions of Records and Passwords in Plain Text (lien direct) |
> Par waqas
La base de données cloud appartenant au service de coopérative de crédit a été laissée exposée sans aucune authentification ou mots de passe de sécurité, permettant un accès public.
Ceci est un article de HackRead.com Lire le post original: US Credit Union Service fuit des millions d'enregistrements et de mots de passe en texte brut
>By Waqas The cloud database belonging to Credit Union Service was left exposed without any security authentication or passwords, allowing public access. This is a post from HackRead.com Read the original post: US Credit Union Service Leaks Millions of Records and Passwords in Plain Text |
Cloud | ★★★ | |
|
2024-02-08 12:43:30 | SailPoint présente deux nouvelles offres : la Suite Identity Security Cloud Standard et Packages Customer Success Portfolio (lien direct) | SailPoint présente deux nouvelles offres : la Suite Identity Security Cloud Standard et Packages Customer Success Portfolio Ces nouvelles solutions visent à donner aux clients la capacité de réussir leurs projets grâce à des offres correspondant à la maturité de leur programme et à la taille de l'entreprise. - Produits | Cloud | ★★ | |
|
2024-02-08 08:36:58 | AddixGroup et ARS créent une coentreprise spécialiste en cybersécurité et infrastructure Cloud (lien direct) | AddixGroup et ARS créent une coentreprise spécialiste en cybersécurité et infrastructure Cloud - Business | Cloud | ★★ | |
 |
2024-02-08 08:12:34 | SecurityGate s'associe à MicroSec pour étendre les offres de cybersécurité sur les marchés du secteur critique SecurityGate partners with MicroSec to expand cybersecurity offerings in critical sector markets (lien direct) |
> Securitygate Inc., un fournisseur de plate-forme SaaS pour l'OT / ICS Cyber Improvement, a annoncé mercredi son partenariat avec MicroSec, un zéro-trust ...
>SecurityGate Inc., a SaaS platform provider for OT/ICS cyber improvement, announced Wednesday its partnership with MicroSec, a zero-trust... |
Industrial Cloud | ★★ | |
|
2024-02-07 14:23:10 | Qualys dévoile totalcloud 2.0 Qualys Unveils TotalCloud 2.0 (lien direct) |
Qualits dévoile TotalCloud 2.0 avec Trurisk Insights pour mesurer, communiquer et éliminer le cyber-risque dans les applications de cloud et de SaaS
La solution élargie rassemble des infrastructures cloud, des applications SaaS et des actifs exposés en externe pour une vue unifiée du risque dans les environnements multi-nucartes
-
revues de produits
Qualys Unveils TotalCloud 2.0 with TruRisk Insights to Measure, Communicate, and Eliminate Cyber Risk in Cloud and SaaS Applications Expanded solution brings cloud infrastructure, SaaS apps and externally exposed assets together for a unified view of risk across multi-cloud environments - Product Reviews |
Cloud | ★★ | |
|
2024-02-07 11:57:03 | Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service (lien direct) | Verizon Business propose une solution de geste de geste Multicloud & agrave;L \\ 'Offre Network-As-A-Service
Solution de cette Simplifie le d & eacute; applications Ploiment D \\ 'et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride.
-
Produits
Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service Cette solution simplifie le déploiement d\'applications et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride. - Produits |
Cloud | ★★★ | |
|
2024-02-06 22:59:22 | Cisco ajoute de nouvelles capacités de sécurité et d'IA à l'étape suivante vers Cisco Networking Cloud Vision Cisco Adds New Security and AI Capabilities in Next Step Toward Cisco Networking Cloud Vision (lien direct) |
Verizon Business propose une solution de geste de geste Multicloud & agrave;L \\ 'Offre Network-As-A-Service
Solution de cette Simplifie le d & eacute; applications Ploiment D \\ 'et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride.
-
Produits
Verizon Business propose une solution de gestion multicloud à l\'offre Network-as-a-Service Cette solution simplifie le déploiement d\'applications et la gestion des connexions cloud dans l\'environnement multicloud d\'un utilisateur. Elle fournit une vue consolidée de la performance des applications et de l\'architecture du réseau cloud, qu\'il soit public, privé ou hybride. - Produits |
Cloud | ★★ | |
|
2024-02-06 16:23:00 | Comment un client d'entreprise de 10 milliards de dollars a considérablement augmenté sa posture de sécurité SaaS avec 201% de ROI en utilisant SSPM How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM (lien direct) |
Les applications SaaS sont les chéris du monde du logiciel.Ils permettent de travailler de n'importe où, facilitent la collaboration et offrent une alternative rentable à la possession du logiciel.Dans le même temps, les fonctionnalités mêmes qui font des applications SaaS ainsi adoptées & # 8211;Accès de n'importe où et de la collaboration & # 8211;Peut également être exploité par les acteurs de la menace.
Récemment, Adaptive Shield a commandé une
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors. Recently, Adaptive Shield commissioned a Total Economic |
Threat Cloud | ★★★ | |
|
2024-02-06 13:54:07 | Naitways annonce la création de son Security Operating Center (lien direct) | Naitways s'affirme comme un partenaire-clé des PME sur la cybersécurité Reconnu pour son très haut niveau d'expertise, son engagement et sa capacité à offrir des services sur-mesure, l'opérateur cloud et réseau étoffe son offre de cybersécurité pour couvrir non seulement l'évaluation et la protection des systèmes d'information mais aussi la détection et la réponse aux attaques. Il se positionne désormais comme un interlocuteur privilégié des directions générales et informatiques pour des arbitrages éclairés qui visent à sécuriser de bout en bout à la fois l'entreprise et ses données. - Produits | Cloud | ★★★ | |
|
2024-02-06 13:40:13 | IBM lance IBM LinuxONE 4 Express (lien direct) | Le nouveau serveur IBM LinuxONE 4 Express promet des économies et de la valeur grâce à un Cloud hybride cyber-résilient et à une plateforme d'IA • Le tout nouveau système IBM LinuxONE est conçu pour offrir cybersécurité, résilience, évolutivité et inférence de l'IA pour les environnements Cloud hybride. • La migration des applications Linux d'un système x86 comparé vers un IBM LinuxONE 4 Express peut permettre d'économiser plus de 52 % sur le coût total de possession sur 5 ans.[1] - Produits | Cloud | ★★ | |
 |
2024-02-06 10:35:42 | L\'EUCC adopté… en attendant son pendant cloud (lien direct) | L'EUCC, schéma européen de certification cyber axés sur les produits logiciels et matériels, vient d'être adopté. Celui dédié aux services cloud (EUCS) reste dans les cartons. | Cloud | ★★ | |
 |
2024-02-06 00:00:00 | Unifier la sécurité du nuage au-delà des silos Unifying Cloud Security Beyond Siloes (lien direct) |
Les attaques ne restent pas en siloes, et vos solutions de sécurité non plus.Explorez les avantages d'une plate-forme de cybersécurité qui consolide la sécurité sur plusieurs couches, y compris le cloud pour une gestion des risques plus proactive.
Attacks don\'t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers-including the cloud-for more proactive risk management. |
Cloud | ★★ | |
 |
2024-02-05 22:22:13 | Enpass Review 2024: prix, fonctionnalités, avantages et inconvénients Enpass Review 2024: Pricing, Features, Pros, & Cons (lien direct) |
ENPASS \\ 'Le stockage de mots de passe hors ligne et la prise en charge des services cloud tiers sont deux offres de fonctionnalités que vous ne trouvez pas aujourd'hui dans de nombreux autres gestionnaires de mots de passe.
Enpass\' offline password storage and support for third-party cloud services are two feature offerings you won\'t find in many other password managers today. |
Cloud | ★★ | |
|
2024-02-05 21:06:18 | GCP-2024-006 (lien direct) | Publié: 2024-02-5 Description Description Gravité notes Lorsqu'un proxy de gestion de l'API APIGEE se connecte à un Target Endpoint ou serveur cible , le proxy n'effectue pas la validation du nom d'hôtepour le certificat présenté par le point de terminaison cible ou le serveur cible par défaut.Si la validation du nom d'hôte n'est pas activée à l'aide de l'une des options suivantes, les proxys APIGEE se connectant à un point de terminaison cible ou un serveur cible peuvent être à risque pour une attaque de l'homme au milieu d'un utilisateur autorisé.Pour plus d'informations, consultez Configuration des TLs de bord au backend (nuage et privéCloud) . Pour les instructions et plus de détails, consultez le Bulletin de sécurité de l'apigan . High Published: 2024-02-5Description Description Severity Notes When an Apigee API Management proxy connects to a target endpoint or target server, the proxy does not perform hostname validation for the certificate presented by the target endpoint or target server by default. If hostname validation is not enabled using one of the following options, Apigee proxies connecting to a target endpoint or target server may be at risk for a man-in-the-middle attack by an authorized user. For more information, see Configuring TLS from Edge to the backend (Cloud and Private Cloud).For instructions and more details, see the Apigee security bulletin. High | Cloud | ||
 |
2024-02-05 13:59:16 | L\'importance de la visibilité pour une sécurité du Cloud efficace (lien direct) | >L'adoption croissante de la technologie Cloud a transformé la manière avec laquelle les entreprises fonctionnent, se développent et utilisent leurs ressources. Il n'est pas surprenant que tous les regards soient désormais tournés vers la sécurité du Cloud, car la surface d'attaque concernée augmente non seulement en taille mais aussi en complexité. Les prévisions de Gartner [...] | Cloud | ★★ | |
|
2024-02-05 11:41:18 | 7 conseils pour développer une approche proactive pour éviter le vol de données 7 Tips to Develop a Proactive Approach to Prevent Data Theft (lien direct) |
Data is one of the most valuable assets for a modern enterprise. So, of course, it is a target for theft. Data theft is the unauthorized acquisition, copying or exfiltration of sensitive information that is typically stored in a digital format. To get it, bad actors either abuse privileges they already have or use various other means to gain access to computer systems, networks or digital storage devices. The data can range from user credentials to personal financial records and intellectual property. Companies of all sizes are targets of data theft. In September 2023, the personal data of 2,214 employees of the multinational confectionary firm The Hershey Company was stolen after a phishing attack. And in January 2024, the accounting firm of Framework Computer fell victim to an attack. A threat actor posed as the Framework\'s CEO and convinced the target to share a spreadsheet with the company\'s customer data. Data thieves aim to profit financially, disrupt business activities or do both by stealing high-value information. The fallout from a data breach can be very costly for a business-and the cost is going up. IBM reports that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years. Other data suggests that the average cost of a breach is more than double for U.S. businesses-nearly $9.5 million. Not all data breaches involve data theft, but stealing data is a top aim for many attackers. Even ransomware gangs have been shifting away from data encryption in their attacks, opting instead to steal massive amounts of data and use its value as a means to compel businesses to pay ransom. So, what can businesses do to prevent data theft? Taking a proactive approach toward stopping someone from stealing your data is a must. This blog post can help jump-start your thinking about how to improve data security. We explore how data theft happens and describe some common threats that lead to it. We also outline seven strategies that can help reduce your company\'s risk of exposure to data theft and highlight how Proofpoint can bolster your defenses. Understanding data theft-and who commits it Data theft is a serious security and privacy breach. Data thieves typically aim to steal information like: Personally identifiable information (PII) Financial records Intellectual property (IP) Trade secrets Login credentials Once they have it, bad actors can use stolen data for fraudulent activities or, in the case of credential theft, to gain unlawful access to accounts or systems. They can also sell high-value data on the dark web. The consequences of data theft for businesses can be significant, if not devastating. They include hefty compliance penalties, reputational damage, and financial and operational losses. Take the manufacturing industry as an example. According to one source, a staggering 478 companies in this industry have experienced a ransomware attack in the past five years. The costs in associated downtime are approximately $46.2 billion. To prevent data theft, it\'s important to recognize that bad actors from the outside aren\'t the only threat. Insiders, like malicious employees, contractors and vendors, can also steal data from secured file servers, database servers, cloud applications and other sources. And if they have the right privileges, stealing that data can be a breeze. An insider\'s goals for data theft may include fraud, the disclosure of trade secrets to a competitor for financial gain, or even corporate sabotage. As for how they can exfiltrate data, insiders can use various means, from removable media to personal email to physical printouts. How does data theft happen? Now, let\'s look at some common methods that attackers working from the outside might employ to breach a company\'s defenses and steal data. Phishing. Cybercriminals use phishing to target users through email, text messages, phone calls and other forms of communication. The core objective of this approach is to trick users into doing what | Ransomware Data Breach Malware Tool Vulnerability Threat Cloud | ★★★ | |
|
2024-02-02 16:00:00 | Cloudzy élève la cybersécurité: intégrer les informations de l'avenir enregistré pour révolutionner la sécurité du cloud Cloudzy Elevates Cybersecurity: Integrating Insights from Recorded Future to Revolutionize Cloud Security (lien direct) |
Cloudzy, un premier fournisseur d'infrastructures cloud, annonce fièrement une amélioration importante de son paysage de cybersécurité.Cette percée a été réalisée grâce à une consultation récente avec un avenir enregistré, un leader dans la fourniture de l'intelligence des menaces en temps réel et de l'analyse de la cybersécurité.Cette initiative, associée à une refonte des stratégies de cybersécurité de Cloudzy, représente un major
Cloudzy, a prominent cloud infrastructure provider, proudly announces a significant enhancement in its cybersecurity landscape. This breakthrough has been achieved through a recent consultation with Recorded Future, a leader in providing real-time threat intelligence and cybersecurity analytics. This initiative, coupled with an overhaul of Cloudzy\'s cybersecurity strategies, represents a major |
Threat Cloud | ★★★ | |
|
2024-02-02 14:45:56 | Move To Cloud : la gouvernance, pilier d\'une stratégie maîtrisée (lien direct) | Quelle que soit la raison invoquée, le recours au Cloud computing s'est largement accéléré dans les entreprises françaises ces dernières années. D'ailleurs, la considération économique n'est plus le seul facteur conduisant à réaliser cette transition ! | Cloud | ★★ | |
|
2024-02-02 05:00:40 | Brisez la chaîne d'attaque: le gambit d'ouverture Break the Attack Chain: The Opening Gambit (lien direct) |
The threat landscape has always evolved. But the pace of change over the last decade is unlike anything most security professionals have experienced before. Today\'s threats focus much less on our infrastructure and much more on our people. But that\'s not all. Where once a cyberattack may have been a stand-alone event, these events are now almost always multistage. In fact, most modern threats follow the same playbook: initial compromise, lateral movement and impact. While this approach has the potential to cause more damage, it also gives security teams more opportunities to spot and halt cyberattacks. By placing protections in key spots along the attack chain, we can thwart and frustrate would-be cybercriminals before their ultimate payoff. This starts with understanding the opening gambit: How do threat actors attempt to gain access to your king-in this case, your networks and data? And what can be done to keep them at bay? Understanding the playbook The chess parallels continue when we look at recent evolutions in the threat landscape, with our defensive tactics provoking an adapted method of attack. We see this in full effect when it comes to multifactor authentication (MFA). In recent years, security professionals have flocked to MFA to protect accounts and safeguard credentials. In response, threat actors have developed MFA bypass and spoofing methods to get around and weaponize these protections. So much so that MFA bypass can now be considered the norm when it comes to corporate credential phishing attacks. Increasingly, cybercriminals purchase off-the-shelf kits which enable them to use adversary-in-the-middle (AiTM) tactics to digitally eavesdrop and steal credentials. We have also seen an increase in other human-activated methods, such as telephone-oriented attack delivery (TOAD). This method combines voice and email phishing techniques to trick victims into disclosing sensitive information such as login credentials or financial data. Whatever the method, the desired outcome at this stage is the same. Cybercriminals seek to get inside your defenses so they can execute the next stage of their attack. That is what makes the opening gambit such a critical time in the lifecycle of a cyber threat. Modern threat actors are experts at remaining undetected once they are inside our networks. They know how to hide in plain sight, move laterally and escalate privileges. So, if this stage of the attack is a success, organizations have a huge problem. The good news is that the more we understand the tactics that today\'s cybercriminals use, the more we can adapt our defenses to stop them in their tracks before they can inflict significant damage. Countering the gambit The best opportunity to stop cybercriminals is before and during the initial compromise. By mastering a counter to the opening gambit, we can keep malicious actors where they belong-outside our perimeter. It will surprise no one that most threats start in the inbox. So, the more we can do to stop malicious messaging before it reaches our people, the better. There is no silver bullet in this respect. artificial intelligence (AI)-powered email security is as close as it gets. Proofpoint Email Protection is the only AI and machine learning-powered threat protection that disarms today\'s advanced attacks. Proofpoint Email Protection uses trillions of data points to detect and block business email compromise (BEC), phishing, ransomware, supply chain threats and plenty more. It also correlates threat intelligence across email, cloud and network data to help you stay ahead of new and evolving threats that target your people. However, the difficult reality is that nothing is entirely impenetrable. Today\'s security teams must assume some threats will reach the inbox. And your people need to be prepared when they do. Equipping this vital line of defense requires total visibility into who is being attacked in your organization-and when, where and how. Once you have identified the people who ar | Ransomware Threat Cloud | ★★★ | |
|
2024-02-02 05:00:36 | Développement d'une nouvelle norme Internet: le cadre de la politique relationnelle du domaine Developing a New Internet Standard: the Domain Relationship Policy Framework (lien direct) |
Engineering Insights is an ongoing blog series that gives a behind-the-scenes look into the technical challenges, lessons and advances that help our customers protect people and defend data every day. Each post is a firsthand account by one of our engineers about the process that led up to a Proofpoint innovation. In this blog post, we discuss the Domain Relationship Policy Framework (DRPF)-an effort that has been years in the making at Proofpoint. The DRPF is a simple method that is used to identify verifiably authorized relationships between arbitrary domains. We create a flexible way to publish policies. These policies can also describe complex domain relationships. The details for this new model require in-depth community discussions. These conversations will help us collectively steer the DRPF toward becoming a fully interoperable standard. We are now in the early proposal stage for the DRPF, and we are starting to engage more with the broader community. This post provides a glimpse down the road leading to standardization for the DRPF. Why Proofpoint developed DRPF To shine a light on why Proofpoint was inspired to develop the DRPF in the first place, let\'s consider the thinking of the initial designers of the Domain Name System (DNS). They assumed that subdomains would inherit the administrative control of their parent domains. And by extension, this should apply to all subsequent subdomains down the line. At the time, this was reasonable to assume. Most early domains and their subdomains operated in much the same way. For example, “university.edu” directly operated and controlled the administrative policies for subdomains such as “lab.university.edu” which flowed down to “project.lab.university.edu.” Since the mid-1980s, when DNS was widely deployed, there has been a growing trend of delegating subdomains to third parties. This reflects a breakdown of the hierarchical model of cascading policies. To see how this works, imagine that a business uses “company.com” as a domain. That business might delegate “marketing.company.com” to a third-party marketing agency. The subdomain must inherit some policies, while the subdomain administrator may apply other policies that don\'t apply to the parent domain. Notably, there is no mechanism yet for a domain to declare a relationship with another seemingly independent domain. Consider a parent company that operates multiple distinct brands. The company with a single set of policies may want them applied not only to “company.com” (and all of its subdomains). It may also want them applied to its brand domains “brand.com” and “anotherbrand.com.” It gets even more complex when any of the brand domains delegate various subdomains to other third parties. So, say some of them are delegated to marketing or API support. Each will potentially be governed by a mix of administrative policies. In this context, “policies” refers to published guidance that is used when these subdomains interact with the domain. Policies might be for information only. Or they might provide details that are required to use services that the domain operates. Most policies will be static (or appear so to the retrieving parties). But it is possible to imagine that they could contain directives akin to smart contracts in distributed ledgers. 3 Design characteristics that define DRPF The goal of the DRPF is to make deployment and adoption easier while making it flexible for future use cases. In many prior proposals, complex requirements bogged down efforts to get rid of administrative boundaries between and across disparate domains. Our work should be immediately useful with minimal effort and be able to support a wide array of ever-expanding use cases. In its simplest form, three design characteristics define the DRPF: A domain administrator publishes a policy assertion record for the domain so that a relying party can discover and retrieve it. The discovered policy assertion directs the relying party to where they can find | Tool Prediction Cloud Technical | ★★★ | |
 |
2024-02-01 19:26:04 | Le monde stockera 200 zettabytes de données d'ici 2025 The World Will Store 200 Zettabytes Of Data By 2025 (lien direct) |
> 50% de toutes les données à stocker dans le cloud parrainé par Arcserve & # 8211;Steve Morgan, rédacteur en chef Northport, N.Y. & # 8211;8 juin 2020 Le rapport de surface d'attaque de données 2020 (téléchargement PDF) prédit la quantité totale de données dont le monde aura besoin pour protéger
>50 percent of all data to be stored in the cloud Sponsored by Arcserve – Steve Morgan, Editor-in-Chief Northport, N.Y. – June 8, 2020 The 2020 Data Attack Surface Report (download PDF) predicts the total amount of data that the world will need to protect |
Cloud | ★★★ | |
 |
2024-02-01 13:51:02 | Malware DarkGate : l\'exploitation des applications et services cloud (lien direct) | >De nouvelles attaques de phishing abusent des demandes de chat de groupe Microsoft Teams pour envoyer des pièces jointes malveillantes qui installent des charges utiles de malware DarkGate sur les systèmes des victimes. Les attaquants ont utilisé ce qui semble être un utilisateur (ou un domaine) Teams compromis pour envoyer plus de 1 000 invitations […] The post Malware DarkGate : l'exploitation des applications et services cloud first appeared on UnderNews. | Malware Cloud | ★★★ | |
|
2024-02-01 09:48:58 | Le canal peut aider les PME à se protéger contre l'augmentation des menaces de sécurité The Channel can help SMEs protect themselves from increasing security threats (lien direct) |
La chaîne peut aider les PME à se protéger contre les menaces de sécurité croissantes
Selon également Cloud UK, les petites et moyennes entreprises (PME) peuvent utiliser le canal pour lutter contre l'augmentation des menaces de sécurité.
-
opinion
The Channel can help SMEs protect themselves from increasing security threats According to ALSO Cloud UK, small and medium-sized businesses (SMEs) can use the Channel to combat increasing security threats. - Opinion |
Cloud | ★★★ | |
|
2024-01-31 22:00:00 | \\ 'navires qui fuisent \\' Les bogues cloud autorisent les évasions du conteneur à l'échelle mondiale \\'Leaky Vessels\\' Cloud Bugs Allow Container Escapes Globally (lien direct) |
Les quatre vulnérabilités de sécurité se trouvent dans Docker et au-delà, et une affectant RUNC affecte essentiellement tous les développeurs natifs du cloud dans le monde.
The four security vulnerabilities are found in Docker and beyond, and one affecting runC affects essentially every cloud-native developer worldwide. |
Vulnerability Cloud | ★★★ | |
 |
2024-01-31 21:23:24 | ESET participe à une opération mondiale pour perturber le Trojan bancaire Grandoreiro ESET Takes Part in Global Operation to Disrupt the Grandoreiro Banking Trojan (lien direct) |
#### Description
ESET a travaillé avec la police fédérale du Brésil dans le but de perturber le botnet Grandoreiro, fournissant une analyse technique, des informations statistiques et des serveurs C&C connus aux autorités.
Grandoreiro est un cheval de Troie bancaire latino-américain qui est actif depuis au moins 2017 et cible le Brésil, le Mexique et l'Espagne.Les opérateurs de Grandoreiro \\ ont abusé des fournisseurs de cloud tels que Azure et AWS pour héberger leur infrastructure réseau.
#### URL de référence (s)
1. https://www.welivesecurity.com/en/eset-research/eset-takes-partit-hobal-opération-srupt-grandoreiro-banking-trojan/
#### Date de publication
30 janvier 2024
#### Auteurs)
Recherche ESET
#### Description ESET has worked with the Federal Police of Brazil on an effort to disrupt the Grandoreiro botnet, providing technical analysis, statistical information and known C&C servers to the authorities. Grandoreiro is a Latin American banking trojan that has been active since at least 2017 and targets Brazil, Mexico, and Spain. Grandoreiro\'s operators have abused cloud providers such as Azure and AWS to host their network infrastructure. #### Reference URL(s) 1. https://www.welivesecurity.com/en/eset-research/eset-takes-part-global-operation-disrupt-grandoreiro-banking-trojan/ #### Publication Date January 30, 2024 #### Author(s) ESET Research |
Cloud Technical | ★★★ | |
|
2024-01-31 20:08:14 | GCP-2024-005 (lien direct) | Publié: 2024-01-31 Description Description Gravité notes Une vulnérabilité de sécurité, CVE-2024-21626, a été découverte dans runc où un utilisateur avec la permission de créer des pods sur le système d'exploitation optimisé et les nœuds ubuntu à conteneur pourraitêtre en mesure d'accéder à un accès complet au système de fichiers de nœud. Pour les instructions et plus de détails, consultez les bulletins suivants: Bulletin de sécurité gke gke sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur gke sur le bulletin de sécurité en métal nus High CVE-2024-21626 Published: 2024-01-31Description Description Severity Notes A security vulnerability, CVE-2024-21626, has been discovered in runc where a user with permission to create Pods on Container-Optimized OS and Ubuntu nodes might be able to gain full access to the node filesystem. For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2024-21626 | Vulnerability Cloud | ||
|
2024-01-31 17:38:37 | Sécuriser votre paysage SaaS: examiner de plus près la reprise après sinistre, la gestion de la posture Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management (lien direct) |
> Par waqas
Imaginez que vous êtes sur un bateau, naviguant dans les eaux en constante évolution du monde de la technologie.Les applications SaaS sont comme & # 8230;
Ceci est un article de HackRead.com Lire le post original: Sécuriser votre paysage SaaS: regard plus approfondi sur la reprise après sinistre, la gestion de la posture
>By Waqas Imagine you’re on a boat, navigating through the ever-changing waters of the tech world. SaaS applications are like… This is a post from HackRead.com Read the original post: Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management |
Cloud | ★★ |
To see everything:
Our RSS (filtrered)
