What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
itsecurityguru.webp 2023-03-23 09:35:04 Fortune 500 Noms d'entreprise trouvés dans les données de mot de passe compromises [Fortune 500 Company Names Found in Compromised Password Data] (lien direct) Les nouvelles recherches publiées par Specips Software décrivent les noms d'entreprise Fortune 500 les plus courants qui apparaissent dans les données de mot de passe compromises.L'équipe de recherche Specops a analysé un sous-ensemble de 800 millions de mots de passe de la plus grande base de données de protection par mot de passe violé pour obtenir ces résultats.Parmi les dix premiers, des noms familiers populaires comme Coca-Cola (16 710 apparitions), Starbucks (3 800 apparitions) [& # 8230;]
New research released by Specops Software outlines the most common Fortune 500 company names that show up in compromised password data. The Specops research team analysed an 800 million password subset of the larger Breached Password Protection database to obtain these results. Among the top ten, popular household names like Coca-Cola (16,710 appearances), Starbucks (3,800 appearances) […] 		Studies ★★★
zataz.webp 2023-03-23 09:33:42 Cryptomonnaie : les utilisateurs ont perdu plus d\'un milliard de dollars en Ethereum (lien direct) Suite à des bogues et erreurs, les utilisateurs d'Ethereum ont perdu l'accès à 636 000 ETH (1,15 milliard de dollars) depuis le lancement du réseau, d'après le PDG de Coinbase, Conor Grogan.... Studies ★★
Trend.webp 2023-03-23 00:00:00 Emballez-le secrètement: les stratégies furtives mises à jour de la Terre [Pack it Secretly: Earth Preta\\'s Updated Stealthy Strategies] (lien direct) Après des mois d'enquête, nous avons constaté que plusieurs logiciels malveillants non divulgués et outils intéressants utilisés à des fins d'exfiltration étaient utilisés par la Terre Preta.Nous avons également observé que les acteurs de la menace modifiaient activement leurs outils, tactiques et procédures (TTP) pour contourner les solutions de sécurité.Dans cette entrée de blog, nous présenterons et analyserons les autres outils et les logiciels malveillants utilisés par l'acteur de menace.
After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures (TTPs) to bypass security solutions. In this blog entry, we will introduce and analyze the other tools and malware used by the threat actor.		 Malware Threat Studies ★★★
Chercheur.webp 2023-03-22 23:11:08 Google suspend l'application de commerce électronique chinois Pinduoduo sur les logiciels malveillants [Google Suspends Chinese E-Commerce App Pinduoduo Over Malware] (lien direct) Google dit qu'il a suspendu l'application pour le géant du commerce électronique chinois Pinduoduo après que les logiciels malveillants ont été trouvés dans les versions de l'application.Cette décision intervient quelques semaines seulement après que les chercheurs en sécurité chinois ont publié une analyse suggérant que l'application populaire de commerce électronique a cherché à saisir le contrôle total des appareils affectés en exploitant plusieurs vulnérabilités de sécurité dans une variété de smartphones Android.
Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.		 Malware Studies ★★
DarkReading.webp 2023-03-22 20:57:00 Le sondage de Kaspersky en trouve qu'un utilisateur sur trois a connu des cryptoft [Kaspersky Survey Finds One in Three Users Have Experienced CryptoTheft] (lien direct) Google dit qu'il a suspendu l'application pour le géant du commerce électronique chinois Pinduoduo après que les logiciels malveillants ont été trouvés dans les versions de l'application.Cette décision intervient quelques semaines seulement après que les chercheurs en sécurité chinois ont publié une analyse suggérant que l'application populaire de commerce électronique a cherché à saisir le contrôle total des appareils affectés en exploitant plusieurs vulnérabilités de sécurité dans une variété de smartphones Android.
Google says it has suspended the app for the Chinese e-commerce giant Pinduoduo after malware was found in versions of the app. The move comes just weeks after Chinese security researchers published an analysis suggesting the popular e-commerce app sought to seize total control over affected devices by exploiting multiple security vulnerabilities in a variety of Android-based smartphones.		 Studies ★★
globalsecuritymag.webp 2023-03-22 12:18:04 Comment les comités de direction perçoivent-ils l\'impact de la cybersécurité sur l\'activité de leur entreprise ? (lien direct) Trend Micro Incorporated s'est intéressée à travers l'étude mondiale 'Risky Rewards' à la perception des dirigeants de la fonction Cybersécurité dans l'entreprise. - Investigations Studies ★★★
mcafee.webp 2023-03-22 08:00:59 4 menaces de logiciels malveillants mobiles que vous ne pouvez même pas voir [4 Mobile Malware Threats You Can\\'t Even See] (lien direct) > D'ici 2030, les experts prédisent qu'il y aura 5 milliards d'appareils liés à la 5G.1 pour la population générale, cette connectivité ...
> By 2030, experts predict that there will be 5 billion devices connected to 5G.1 For the general population, this connectedness... 		Malware Studies Prediction ★★
Fortinet.webp 2023-03-22 06:00:00 Informations clés du rapport de sécurité du cloud 2023 [Key Insights from the 2023 Cloud Security Report] (lien direct) Lisez comment les entreprises exploitent le cloud, comment leurs équipes de sécurité réagissent aux menaces liées au cloud et aux défis qui naviguent dans le parcours d'adoption du cloud.
Read how businesses are harnessing the cloud, how their security teams respond to cloud-related threats, and the challenges navigating the cloud adoption journey.		 Studies Cloud ★★
The_State_of_Security.webp 2023-03-22 04:13:11 VIN Cybersecurity Exploits et comment les aborder en 2023 [VIN Cybersecurity Exploits and How to Address Them in 2023] (lien direct) La cybersécurité n'est plus le domaine exclusif des ordinateurs, des serveurs et des appareils portables.À mesure que la connectivité sans fil se développe, cela rend de nombreuses activités quotidiennes plus pratiques, mais cela signifie également que les voitures peuvent être vulnérables aux cyberattaques.Les véhicules connectés, autonomes, partagés et électriques commencent à dominer le marché automobile, mais ils comportent souvent des risques de cybersécurité importants.Des recherches récentes montrent comment les applications et les services qui permettent aux conducteurs d'accéder à leurs fonctions \\ 'à distance sont tout aussi facilement accessibles aux parties non autorisées.Comment les cybercriminels exploitent le chercheur en sécurité VINS, Sam ...
Cybersecurity is no longer the exclusive domain of computers, servers, and handheld devices. As wireless connectivity grows, it makes many daily activities more convenient, but it also means that cars may be vulnerable to cyberattacks. Connected, Autonomous, Shared and Electric vehicles are starting to dominate the auto market, but they often carry significant cybersecurity risks. Recent research shows how the apps and services that let drivers access their cars\' functions remotely are just as easily accessible to unauthorized parties. How Cybercriminals Exploit VINs Security researcher, Sam...		 Studies ★★
globalsecuritymag.webp 2023-03-17 13:12:23 ChatGPT4 : Une première analyse de la sécurité menée par Check Point Research (CPR) conclut à l\'existence de scénarios susceptibles d\'entraîner une accélération de la cybercriminalité (lien direct) Check Point Research (CPR) publie une première analyse de ChatGPT4. Elle met en évidence cinq scénarios permettant aux acteurs de la menace de rationaliser les efforts et les dispositions malveillantes plus rapidement et plus précisément. - Marchés Studies ChatGPT ★★★
InfoSecurityMag.webp 2023-03-16 10:10:00 BEC Volumes Double on Phishing Surge (lien direct) Business email compromise overtakes ransomware Ransomware Studies ★★
globalsecuritymag.webp 2023-03-15 17:27:46 Troisième édition de l\'étude " ransomware " Cybereason : Les SOC modernes face aux attaques par ransomwares (lien direct) Troisième édition de l'étude " ransomware " Cybereason : Les SOC modernes face aux attaques par ransomwares. La nouvelle étude de Cybereason révèle que les attaques par ransomwares et la pénurie de main-d'œuvre sont des leviers pour l'évolution des SOC (centres d'opérations de sécurité) - Investigations Ransomware Studies ★★★
globalsecuritymag.webp 2023-03-15 17:17:57 Rapport Ivanti : 70 % des fonctionnaires travaillent à distance au moins une partie du temps : les organisations gouvernementales ne sont pas assez préparées aux effets du travail hybride et à la nouvelle frontière des vulnérabilités (lien direct) Selon le dernier rapport Ivanti, 70 % des fonctionnaires travaillent à distance au moins une partie du temps : les organisations gouvernementales ne sont pas assez préparées aux effets du travail hybride et à la nouvelle frontière des vulnérabilités. Ce rapport révèle aussi que les fonctionnaires de la génération Z et les Millennials sont deux fois plus susceptibles d'avoir une cyber-hygiène insuffisante que les générations précédentes. - Investigations Studies ★★★
SecureList.webp 2023-03-15 10:00:35 Business on the dark web: deals and regulatory mechanisms (lien direct) How deals and arrangements are made on the dark web, what parties are involved, what escrow services and arbitration are and how these affect the security of deals. Studies ★★
itsecurityguru.webp 2023-03-13 14:28:45 Nine In 10 £5m+ Businesses Hit By Cyber Attacks (lien direct) Almost nine in 10 UK businesses turning over more than £5 million annually have experienced a cyberattack, according to new research from Forbes Advisor. The study questioned senior decision makers across a range of UK small and medium-sized enterprises (SMEs), finding that more than half (57%) had suffered an online attack. However, firms with an annual […] Studies ★★
InfoSecurityMag.webp 2023-03-13 10:00:00 Investment Fraud is Now Biggest Cybercrime Earner (lien direct) Category surged 127% year-on-year, says FBI Studies ★★★
globalsecuritymag.webp 2023-03-09 13:46:44 Etude Kaspersky : malgré une légère baisse en 2022, le problème des stalkerwares reste un phénomène mondial (lien direct) Etude Kaspersky : malgré une légère baisse en 2022, le problème des stalkerwares reste un phénomène mondial - Investigations Studies ★★★
globalsecuritymag.webp 2023-03-09 10:12:05 New Ivanti Report Finds That With 70% of Government Employees Working Virtually At Least Some of the Time, Government Organizations Underprepared for Effects of Hybrid Work and the New Frontier of Vulnerabilities (lien direct) New Ivanti Report Finds That With 70% of Government Employees Working Virtually At Least Some of the Time, Government Organizations Underprepared for Effects of Hybrid Work and the New Frontier of Vulnerabilities Report also found Gen Z and Millennial Government Workers Twice as Likely to Have Poor Cyber Hygiene When Compared to Older Generations - Special Reports Studies ★★★
InfoSecurityMag.webp 2023-03-09 09:30:00 Fifth of Government Workers Don\'t Care if Employer is Hacked (lien direct) Ivanti warns of "human-sized" security gaps Studies ★★★
TrendMicro.webp 2023-03-09 00:00:00 Examining Ransomware Payments From a Data-Science Lens (lien direct) In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” Ransomware Studies ★★★
itsecurityguru.webp 2023-03-08 14:16:44 Research Reveals \'Password\' Still the Most Common Term Used by Hackers to Breach Enterprise Networks (lien direct) Password management and user authentication solutions provider Specops Software has today announced the release of its annual Weak Password Report which analysed over 800 million breached passwords and suggests that passwords continue to be a weak spot in an organisation’s network. The study found 88% of passwords used in successful attacks consisted of 12 characters […] Studies ★★★
DarkReading.webp 2023-03-07 17:38:00 Palo Alto Survey Reveals 90% of Organizations Cannot Resolve Cyberthreats Within an Hour (lien direct) Third annual report identifies top security gaps and challenges for organizations operating in the cloud. Studies ★★★★
Fortinet.webp 2023-03-06 09:36:00 Highlights from the 2023 Work-From-Anywhere Global Study (lien direct) Fortinet has commissioned a global research study to better understand existing work-from-home (WFH) policies and how those tie in with cybersecurity concerns and priorities across organizations. Studies ★★★
globalsecuritymag.webp 2023-03-02 14:28:29 Kaspersky : Les entreprises font appel à des experts externes afin de gérer les solutions de cybersécurité plus efficacement (lien direct) Le rapport annuel de Kaspersky sur l'économie de la sécurité informatique a révélé que la complexité des solutions de cybersécurité obligeait les entreprises à externaliser certaines fonctions vers des fournisseurs de services de sécurité informatique, car ces derniers disposent d'une plus grande expertise pour gérer les technologies plus efficacement que les employés de l'entreprise. Une solution de cybersécurité complexe ne garantira pas la meilleure protection si elle n'est pas mise en œuvre par un (...) - Investigations Studies ★★★
Fortinet.webp 2023-03-02 09:58:00 Fortinet is Named a Visionary in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms (lien direct) Fortinet's recognition is in part due to our commitment to continuous innovation of Fortinet's behavior-based endpoint protection and extended detection and response (XDR) solutions. Read more. Studies ★★
InfoSecurityMag.webp 2023-02-27 18:00:00 Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers (lien direct) Kaspersky said the figures are more than double what the team observed in 2021 Studies ★★
globalsecuritymag.webp 2023-02-27 16:02:59 Only 2 in 10 organisations are fully confident that their cyber insurance will cover their cyber risk in 2023, research study by CSI Ltd finds (lien direct) Only 2 in 10 organisations are fully confident that their cyber insurance will cover their cyber risk in 2023, research study by CSI Ltd finds - Special Reports Studies ★★★
Chercheur.webp 2023-02-24 19:51:23 Who\'s Behind the Botnet-Based Service BHProxies? (lien direct) A security firm has discovered that a five-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here's a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service. Studies ★★★
Chercheur.webp 2023-02-24 12:34:49 Putting Undetectable Backdoors in Machine Learning Models (lien direct) This is really interesting research from a few months ago: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key,” the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees... Studies ★★
InfoSecurityMag.webp 2023-02-24 10:15:00 Investment Scams Drive $9bn in Fraud in 2022 (lien direct) FTC says consumer fraud is up 30% on the previous year Studies ★★★
DarkReading.webp 2023-02-24 00:03:00 87% of Container Images in Production Have Critical or High-Severity Vulnerabilities (lien direct) At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain. Studies ★★
Cybereason.webp 2023-02-23 21:33:59 New Studies Paint Bleak Picture of Future SOC Effectiveness (lien direct) New Studies Paint Bleak Picture of Future SOC Effectiveness Studies ★★★
RecordedFuture.webp 2023-02-23 19:31:29 Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting (lien direct) What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says Studies ★★★★
knowbe4.webp 2023-02-23 16:27:44 28% of Users Open BEC Emails as BEC Attack Volume Skyrockets by 178% (lien direct) 28% of Users Open BEC Emails as BEC Attack Volume Skyrockets by 178% Studies ★★★
globalsecuritymag.webp 2023-02-23 10:02:29 Les fuites de données imputables aux employés sont plus préoccupantes pour les entreprises européennes que celles causées par des cyberattaques (lien direct) Les fuites de données imputables aux employés sont plus préoccupantes pour les entreprises européennes que celles causées par des cyberattaques Les fuites de données causées par intrusion dans les systèmes internes d'une entreprise, qu'elles soient le résultat d'une cyberattaque (23 % au global, 17 % en Europe) ou imputable à des employés (22 % au global, 21 % en Europe), constitue le problème de sécurité auquel les entreprises sont le plus fréquemment confrontées, selon les répondants de la dernière enquête Economie de la sécurité informatique de Kaspersky. - Investigations Studies ★★★★
Pirate.webp 2023-02-23 09:57:48 Attaques BEC, acteurs APT, et Lockbit, les cyber menaces sont en hausse ! (lien direct) >Trellix, spécialiste de la cybersécurité et pionnier dans la détection et la réponse étendues (XDR), publie aujourd'hui son "Threat Report February 2023" qui se penche sur les tendances en matière de cybersécurité et les méthodes d'attaque utilisées au dernier trimestre 2022.  The post Attaques BEC, acteurs APT, et Lockbit, les cyber menaces sont en hausse ! first appeared on UnderNews. Studies ★★★
globalsecuritymag.webp 2023-02-23 09:36:18 Cybersécurité : un niveau de menaces encore élevé pour les entreprises en 2022 (lien direct) En se basant sur le dernier panorama des risques cyber de l'ANSSI, le bilan annuel de la CNIL, ou encore le récent baromètre du CESIN, Oodrive dresse un bilan de la réalité de la cybersécurité au sein des entreprises en France à travers une infographie. - Malwares Studies ★★
DarkReading.webp 2023-02-22 20:40:00 Half of Apps Have High-Risk Vulnerabilities Due to Open Source (lien direct) Open source software dependencies are affecting the software security of different industries in different ways, with mature industries becoming more selective in their open source usage. Studies ★★★
DarkReading.webp 2023-02-22 19:59:11 1 in 4 CISOs Wants to Say Sayonara to Security (lien direct) Thanks to burnout and stress, Gartner predicts churn and even departure from profession among half of today's security leaders by 2025. Studies Guideline ★★★
knowbe4.webp 2023-02-07 18:52:22 Do Not Fall Victim to Cyber Attacks – Find Out What the Latest Hiscox Report Reveals! (lien direct) Do Not Fall Victim to Cyber Attacks – Find Out What the Latest Hiscox Report Reveals! Studies ★★★
InfoSecurityMag.webp 2023-02-07 09:30:00 UK Banks Still Failing on Digital Security - Report (lien direct) Which? study finds many fail to provide basic online protection Studies ★★★
globalsecuritymag.webp 2023-02-07 08:08:10 3e édition de lEtude de l\'Observatoire du digital flow d\'Inetum (lien direct) Etude de l'Observatoire du digital flow, 3e édition : • Des attentes fortes des actifs sur la cybersécurité • Un levier de performance collective attendu sur les nouvelles technologies par les dirigeants d'entreprises • Une attente commune avec les dirigeants d'entreprises pour un digital green qui favorise les impacts positifs des technologies • Des métiers porteurs et accessibles aussi aux femmes - Investigations Studies ★★★
News.webp 2023-02-07 03:00:11 Surprise! China\'s top Android phones collect way more info (lien direct) Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice.… Studies ★★★
DarkReading.webp 2023-02-06 22:30:00 Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out (lien direct) Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice.… Studies ★★★
DarkReading.webp 2023-02-06 20:00:00 Cybercrime Shows No Signs of Slowing Down (lien direct) Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023. Studies ★★★
ComputerWeekly.webp 2023-02-06 19:01:00 Online banks still riddled with cyber security flaws, report says (lien direct) Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023. Studies ★★★
DarkReading.webp 2023-02-03 15:00:00 How the Cloud Is Shifting CISO Priorities (lien direct) The greatly expanding attack surface created by the cloud needs to be protected. Studies ★★★
Anomali.webp 2023-02-02 09:13:00 Introducing the Anomali User Research Group (lien direct) User research groups contribute significantly to product development through a data-led approach incorporating actual customers’ opinions and ideas. This information ultimately influences a product’s design, capabilities & features. User research groups can also be a source of valuable customer feedback during beta testing and after the product is launched, helping to discover potential problems or areas for improvement. A sense of community and engagement around a product can be fostered via user groups, and this can improve client loyalty and advocacy. Enterprise user research groups are especially crucial to cybersecurity because they allow members to share their knowledge, experiences, and insights while working together to solve common security problems.  Introducing the Program At Anomali, we’re always finding ways to improve and build innovative solutions that fit your needs. That’s why we set up the Anomali User Research Group. Whether you’re an Anomali Customer or not, as long as you’re a cybersecurity professional, we want to hear from you.  We’re seeking Cyber Security Professionals of all types & roles with hands-on experience working with Enterprise Security Products to share their experiences and help shape the future of Anomali products. But we’re especially interested in people who work in Cyber Threat Intelligence (CTI), Security Operations (SecOps), and Incident Response (IR), to name a few.  About the UX Team Anomali’s UX (User Experience) Team is made up of a combination of UX Designers & Researchers who follow the principles of User-Centered Design (UCD). UCD is an iterative design approach that focuses on understanding users and their needs by involving them at various stages of the design process through a range of research methods & techniques (e.g. surveys, interviews, usability studies, card sorts, etc.) to create highly-usable, accessible and intuitive products that meet their needs. Naturally, user research is at the heart of everything we do in the UX department. We’re constantly conducting various types of research across multiple topics to enhance our understanding of users & the problems they face. We actively use this data to help guide design & development decisions, from initial ideas & concepts to published products.  Research Methods & Topics To Be Covered  The specific research studies we’ll be running throughout 2023 are still being planned, but projects could range from simple survey studies to discovery research using interviews to usability testing new products, features & workflows. All studies are conducted remotely via Zoom with a researcher and a designer, typically lasting between 30 mins to an hour. We’ll handle all the setup and scheduling at a time convenient for you, then after the study is complete, you’ll receive a thank-you gift for your contribution. How to Get Involved Click here to fill out the Sign-Up Form, tell us a bit about yourself and we'll get in touch when we have a study we think you’d be a good fit for. Threat Studies ★★
InfoSecurityMag.webp 2023-02-01 14:00:00 Almost all Organizations are Working with Recently Breached Vendors (lien direct) The latest supply chain security report from SecurityScorecard and the Cyentia Institute shows worrying findings Studies ★★★★
SecurityWeek.webp 2023-02-01 12:00:00 Cyber Insights 2023: Criminal Gangs (lien direct) >Despite some geopolitical overlaps with state attackers, the majority of cyberattacks still come from simple – or perhaps sophisticated – criminals who are more motivated by money than politics. Studies ★★★
Last update at: 2024-05-16 11:08:14
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter