What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-12 10:52:42 | Tout savoir sur la sécurité SAP (lien direct) | >Les entreprises utilisant SAP comme une application métier ou un système ERP y stockent souvent leurs actifs les plus critiques, notamment leurs propriétés intellectuelles. Ces données doivent être protégées contre tout accès non autorisé susceptible de provenir à la fois de l'extérieur et de l'intérieur de l'entreprise. Les systèmes SAP nécessitent une protection et une [...] | ★★ | ||
|
2024-04-04 12:08:40 | Backdoor XZ Utils : vulnérabilité de la Supply Chain (CVE-2024-3094) (lien direct) | >IntroductionXZ Utils est un ensemble d'utilitaires de compression open source permettant de compresser et de décompresser des fichiers à l'aide de l'algorithme LZMA, connu pour son taux de compression élevé sans perte. XZ Utils est connu pour compresser les archives tar (tarballs), les packages logiciel, les images du noyau et les images initramfs (initial ram [...] | ★★★ | ||
|
2024-02-22 13:05:25 | ScreenConnect : Présentation du contournement de l\'authentification (CVE-2024-1709 et CVE-2024-1708) (lien direct) | >Le 19 février 2024, ConnectWise a publié un avis critique concernant deux vulnérabilités très préoccupantes, à savoir CVE-2024-1709 (avec un score CVSS de 10 : 'Critique') et CVE-2024-1708 (avec un score CVSS de 8,4 : 'Élevé') affectant les versions 23.9.7 et antérieures de ScreenConnect. Ces vulnérabilités ont été identifiées comme étant largement exploitables et ont été [...] | ★★ | ||
|
2024-02-05 13:59:16 | L\'importance de la visibilité pour une sécurité du Cloud efficace (lien direct) | >L'adoption croissante de la technologie Cloud a transformé la manière avec laquelle les entreprises fonctionnent, se développent et utilisent leurs ressources. Il n'est pas surprenant que tous les regards soient désormais tournés vers la sécurité du Cloud, car la surface d'attaque concernée augmente non seulement en taille mais aussi en complexité. Les prévisions de Gartner [...] | Cloud | ★★ | |
|
2024-02-05 11:52:30 | Pikabot : un cheval de Troie backdoor sophistiqué et modulaire doté de techniques d\'évasion avancées (lien direct) | Quelques faits marquantsPikabot est un cheval de Troie de type backdoor à plusieurs niveaux apparu début 2023.La caractéristique la plus remarquable de Pikabot est sa capacité de chargement, capable de diffuser des charges virales et disposant de plusieurs techniques d'évasion de la défense.Pikabot est programmé pour exécuter des commandes via un serveur Command & Control, [...] | ★★ | ||
|
2023-12-27 07:39:30 | Découverte du ransomware Rhysida et de ses activités (lien direct) | >Faits marquants concernant le ransomware RhysidaRhysida est devenu l'un des groupes de ransomware les plus actifs en novembre 2023.Il cible les grandes et moyennes entreprises avec un impact significatif sur le secteur de l'éducation.Les victimes du groupe Rhysida sont réparties dans 25 pays, avec une majorité de victimes aux États-Unis.Il utilise les familles de malware [...] | Ransomware Malware | ★★ | |
|
2023-12-21 09:00:52 | Cyber assurance : Table ronde Citalid, Logpoint, Verspieren (lien direct) | >Et si nous avions trouvé la recette parfaite d'accès à la cyber assurance? Avec la CRQ de Citalid, le SIEM de Logpoint et les conseils du courtier en assurance Verspieren, vous avez déjà les bons ingrédients. Ce replay de table ronde va vous apporter quelques informations croustillantes afin de trouver l'alchimie entre ces trois composantes.Je [...] | ★★ | ||
|
2023-12-04 12:32:05 | HTML Smuggling : comment détecter ce type d\'attaque ? (lien direct) | >Les applications Web modernes effectuent la majeure partie de leur traitement et de leur rendu côté client (Client Side Rendering), améliorant ainsi les expériences Web dynamiques et interactives. Cependant, cette architecture introduit un problème de sécurité connu sous le nom de HTML Smuggling. De nombreux acteurs malveillants, tels que Nobelium et Nokoyawa, utilisent cette technique [...] | ★★ | ||
|
2023-11-24 11:05:30 | Notre guide de tarification SIEM (lien direct) | > Aux prises avec la complexité des prix SIEM?Explorez notre guide pour les informations sur divers modèles, les coûts cachés et pourquoi l'approche transparente de Logpoint \\ se démarque.
>Struggling with SIEM pricing complexity? Explore our guide for insights into various models, hidden costs, and why Logpoint\'s transparent approach stands out. |
★★ | ||
|
2023-11-06 10:58:30 | Phishing et Quishing : investigation des emails et réponse avec Logpoint (lien direct) | >Faits marquantsLe phishing est la forme de cybercriminalité la plus courante, avec environ 3,4 milliards de spams envoyés chaque jour.Les attaquants dépensaient entre 200 et 1 000 dollars par jour pour mener des campagnes de phishing.Au cours des six derniers mois, on estime que les utilisateurs n'ont signalé des tentatives de phishing que dans 11,3 [...] | ★★ | ||
|
2023-11-06 10:58:30 | Phishing et quais & # 8211;Enquête et réponse par e-mail à l'aide de LogPoint Phishing and Quishing – Email Investigation and Response Using Logpoint (lien direct) |
> Les faits rapides sont la forme la plus courante de cybercriminalité, avec environ 3,4 milliards de courriels de spam envoyés chaque jour. Les attaques ont dépensé 200 $ à 1000 $ par jour pour mener des campagnes de phishing.Au cours des six derniers mois, on pense que les utilisateurs ont déclaré que le phishing tentait que 11,3% du temps.Google bloque environ 100 millions de courriels de phishing chaque jour.[...]
>Fast FactsPhishing is the most common form of cybercrime, with an estimated 3.4 billion spam emails sent every day.Attackers spent $200-$1000 per day to carry out phishing campaigns. Over the past six months, it is thought that users reported phishing attempts only 11.3% of the time. Google blocks around 100 million phishing emails every day. [...] |
Spam | ★★★ | |
|
2023-10-10 12:09:54 | La chasse aux menaces avec LogPoint (lien direct) | >La chasse aux menaces est une expression très tendance dans l'univers de la cybersécurité, mais de quoi s'agit-il réellement? Les fonctionnalités proposées par LogPoint permettant cette chasse aux menaces, notamment l'analyse avancée, l'enrichissement, les corrélations, l'UEBA et la création de rapports, vous permettront de renforcer votre stratégie globale en matière de sécurité en utilisant une [...] | Threat | ★★ | |
|
2023-02-23 09:57:34 | Russia V Ukraine: Round two – Gamma Edition (lien direct) | >By Nilaa Maharjan; Logpoint Global Services & Security ResearchContentsWhat has happened?Anticipating the anniversaryGamaredon: Who are they?The impact of these malware strains?Download Report: Russia V Ukraine: Round two - Gamma EditionA year on since the first attack on Ukrainian territory and the unofficial beginning of the cyber war, the Secretary of Ukraine's National Security and Defense [...] | Malware | ★★ | |
|
2023-02-22 00:00:05 | Critical Infrastructure: Financial Data (lien direct) | >Cybersecurity is an essential practice for safeguarding data within business-critical systems and applications.Criminals are likely to target the sectors where the biggest potential windfalls are to be gained. Threat actors are constantly looking for ways to gain leverage and use it to their advantage - and the more compromising and sensitive the data, the better.The [...] | Threat | ★★ | |
|
2023-02-13 08:30:19 | 1st January – Logpoint Deep Dives 2023 (lien direct) | >SOAR - Apr 27, 2023 02:00 PM Troubleshooting Part 1 - May 25, 2023 02:00 PM Troubleshooting Part 2 - Jun 22, 2023 02:00 PM Normalization - Jul 27, 2023 02:00 PM Advanced queries and pattern finding - Aug 24, 2023 02:00 PM Scaling and Sizing - Sep 28, 2023 02:00 PM Join webinar [...] | ★★ | ||
|
2023-02-09 10:24:57 | Long-term resilience – Driven by innovative leadership (lien direct) | >Cybersecurity used to be seen as a less-than-necessary investment. Business leaders were of the opinion that it's better to gamble on not getting targeted by threat actors than to spend money on protecting their digital infrastructure and consequently diminish their profits. And so, fast forward to today and this opinion is way outdated. Thanks to the [...] | Threat Guideline | ★★ | |
|
2023-02-08 13:44:19 | Compliance: Public trading companies in USA to report cyber incidents to the SEC (lien direct) | >The US Securities and Exchange Commission (SEC) is expected to finalize rules in April 2023 that will require publicly traded companies to disclose details about "material" cyber incidents to the SEC and investors within four business days. The rules will also require corporate boards to disclose information about their cybersecurity governance, including who is responsible [...] | ★★ | ||
|
2023-02-07 02:02:20 | Emerging Threats: The PLAY with OWASSRF (lien direct) | >By Bibek Thapa Magar; Security ResearchContentsRansomware stats January 2023PLAY's OriginsThe tactics deployedWhat happens in the processExecutive Summary:First appeared in June 2022, still active and victimizing high-profile targets.Second Highest number of victims on the first week of January.Bypasses ProxyNotShell mitigations by exploiting OWASSRF vulnerability.After encrypting files, It adds “.PLAY” as an extension of the files and [...] | ★★★ | ||
|
2023-02-06 09:04:22 | A BOLDMOVE by the Chinese Hackers: Exploiting Fortinet Systems (lien direct) | >By Nilaa MaharjanContentsKey FindingsWhich Products and Versions are Affected?Making a BOLD statementBoldly going where no malware has gone beforeDetecting BOLDMOVE using LogpointInvestigation and response with LogpointRemediation and mitigation best practicesFinal ThoughtsTL;DRFortinet disclosed a zero-day vulnerability in its FortiOS SSL-VPN products in December 2022, which was discovered to have been exploited by ransomware gangs.The vulnerability, a [...] | Ransomware Malware Vulnerability | ★★ | |
|
2023-02-03 11:00:52 | Critical Infrastructure: Securing Police Force Data (lien direct) | >As cybersecurity becomes increasingly vital to the way we manage our computer systems, it's important to look across our social systems and make sure that every facet is secured. Police forces are one such social system, containing a particularly large amount of sensitive data and assets. It is crucial to understand not only why the police [...] | ★★ | ||
|
2023-02-03 10:11:29 | New Year: New Threats, New Vectors, New Actors (lien direct) | >We've all heard the phrase “new year, new me,” but in the world of cybersecurity, the new year can only mean one thing - New threats, vectors, and actors. As we head into 2023, cybercriminals will be doing everything they can to skirt your security efforts. Their methods and technologies are constantly evolving and becoming more [...] | ★★ | ||
|
2023-02-02 12:30:30 | Cyber Insurance: The only type of insurance your data, brand, and reputation need (lien direct) | >If you're running a business in 2023, it's more important than ever to have a watertight cybersecurity infrastructure in place. Even the most low-tech businesses will need some form of cybersecurity to ensure their records and sensitive data are protected. Unfortunately, cybercriminals are constantly getting smarter. It's a never-ending game of cat and mouse, leaving even [...] | ★★ | ||
|
2023-02-01 10:17:34 | Uncovering illegitimate Crypto-Mining Activity (Cryptojacking) in the Enterprise: Utilizing Network Logs for Investigation and Remediation (lien direct) | >By Swachchhanda Shrawan PoudelContentsCrypto mining fast factsThe current landscape of crypto miningHow cyber-miners gain access to your systemHow to detect crypto mining with LogpointEndpoint detection and remediation with Logpoint AgentXRemediation and mitigation best practicesTL;DRCryptocurrency mining is a process of using specialized software to solve complex mathematical problems in order to validate transactions on a cryptocurrency [...] | ★★ | ||
|
2023-02-01 09:05:23 | SAP: What is the SAP migration for 2027? (lien direct) | >SAP is one of the largest software companies in the world, providing enterprise application software across industries. Based in Germany, SAP software is used by 92% of Forbes Global 2000 companies, including organizations distributing 78% of the world's food and 82% of the world's medical devices. And so, as the saying goes when you have a [...] | Medical | ★★ | |
|
2023-01-31 12:36:14 | What does a CISO need to know about SAP SECURITY? (lien direct) | >SAP Systems had their evolution in years from closed mainframes to client-server-based systems with internet connection. But the perception about SAP Systems did not change in IT-Security Departments and they are still perceived as 'internal' or legacy corporate systems. The fact is, SAP Systems are interconnected with each other and besides that, there are many [...] | ★★ | ||
|
2023-01-31 12:17:12 | Crypto mining: Understanding and Protecting Against Cryptojacking (lien direct) | >We take it by now you have heard of crypto currency, so we won't insult you by explain too much about it. The likes of BitCoin, Dogecoin, and Ethereum to name but three are gathered en masse by “mining”. Cryptocurrency mining is the process of using specialized software to solve complex mathematical problems to validate transactions [...] | ★★ | ||
|
2023-01-27 09:16:11 | Critical Infrastructure: Protecting Health Service Data (lien direct) | >There are few sectors where privacy is as essential as it is in healthcare. People's health and personal information should be protected at all costs - and cyberattacks can jeopardize both.Unfortunately, healthcare institutions are a prime target for cybercriminals looking to obtain a wealth of sensitive data, including the names, addresses, social security numbers, and [...] | Industrial | ★★★ | |
|
2023-01-24 15:02:39 | Ransomware-as-a-Service (RaaS) – A Growing Threat in Cybersecurity (lien direct) | >In the world of cybersecurity, ransomware-as-a-service (RaaS) has become a growing concern for businesses and individuals alike. RaaS is a type of cyberattack where hackers gain access to a victim's system and then encrypt their files, making them unusable. The hacker will then demand a ransom from the victim in order to decrypt the files [...] | Threat | ★★ | |
|
2023-01-23 12:18:33 | Critical Infrastructure: KRITIS and SAP systems (lien direct) | >With the introduction of the IT Security Act 2.0, the BSI demands, among other things, the mandatory introduction of a SIEM system for companies with critical infrastructure.A SIEM (Security Information and Event Management) solution is software that can be used to collect, analyze and correlate security-related data from various sources in real time.What is the [...] | ★ | ||
|
2023-01-23 12:14:57 | Critical Infrastructure: KRITIS – How does the German IT Security Act (BSI) impact cybersecurity? (lien direct) | >The German IT Security Act 2.0 comes into force in May 2023. With the IT Security Act 2.0, the First Act to Increase the Security of Information Technology Systems was updated to increase cyber and information security against the backdrop of increasingly frequent and complex cyber-attacks and the continued digitalisation of everyday life.What is the [...] | ★ | ||
|
2023-01-20 14:29:43 | Critical Infrastructure: Five biggest threats to banks (lien direct) | >When it comes to complex and demanding cybersecurity jobs, being a CISO or analyst in the financial sector must be up there with some of the hardest. Not only is the financial sector a very appealing target for bad actors, but the data and assets you're looking to protect are some of the most valuable [...] | ★★ | ||
|
2023-01-18 15:09:22 | How can MSSPs leverage knowledge for multiple customers? Tips & Tricks for MSSPs (lien direct) | By: Gitte Gade, Product Marketing ManagerA 2022 study showed that the number one problem MSSP (Managed Security Service Provider) clients face today is security issues, especially focused on the risk of Ransomware attacks. The same study also showed that almost 75% of the MSSPs had more than 20% of their customers who experienced a cyberattack [...] | Ransomware | ★★ | |
|
2023-01-17 14:46:30 | Embracing randomness to detect threats through entropy (lien direct) | >By Bhabesh Raj Rai, Security ResearchContentsWhat is Entropy?The calculationUse cases using the entropy methodLayer your defenses to detect evasion and blindspotsTL;DRAdversaries are constantly shifting tactics and uncovering new ways to attack businesses. One way analysts can defend against the continuously changing threat landscape is by layering defenses to help eliminate unknown blind spots.Here we explain [...] | Threat | ★★★ | |
|
2023-01-16 12:43:43 | Hive hunter: The tools and tactics to track down Hive ransomware (lien direct) | >By Rabindra Dev Bhatta, Security ResearchContentsFast FactsTechnical analysisHunting Hive with LogpointInvestigation and response with LogpointRemediation and mitigation best practicesFinal thoughtsTL;DRA comparatively new ransomware, Hive is around one-and-a-half years old in the wild, but it is already among the top ransomware threats in the industry. Threat actors have been using Hive to target a variety of [...] | Ransomware Threat | ★★★ | |
|
2023-01-13 11:56:26 | Critical Infrastructure: Cybersecurity And The World Economy (lien direct) | >You may have noticed that, over the last two years, it seems that cyberattacks are on a steep rise. If so, you aren't wrong. In the first half of 2021 alone, there was a 1,318% year-on-year increase in ransomware attacks on banks. And if you work in a financial organization, your chances of experiencing a [...] | Ransomware | ★★ | |
|
2023-01-09 12:52:08 | Critical Infrastructure: Emails – Why are they such a target? (lien direct) | >Emails house a treasure trove of data, but what kind of data do they contain? How can it be targeted? And how can we protect ourselves from cyberattacks that solely aim to steal this information?Cyberattacks are a monumental problem and are constantly on the rise, a huge 66% of small to medium-sized businesses around the [...] | ★★★ | ||
|
2023-01-05 09:00:04 | A crowning achievement: Exploring the exploit of Royal ransomware (lien direct) | >By Anish Bogati, Security ResearchContentsFast FactsRoyal analysisAnalysis of an older version of RoyalDetecting Royal using LogpointInvestigation and response using LogpointEnd-to-end detection, investigation, and response of Royal with LogpointTL;DRFirst observed in January 2022 and unlike any other ransomware we have covered, Royal is a private group with no known affiliations at this time. In another campaign, [...] | Ransomware | ★★★★ | |
|
2022-12-30 08:00:23 | What is “Supplier Diversity” and how do you monitor it with Logpoint BCS for SAP solutions? (lien direct) | >Supplier diversity is a business strategy that ensures a diverse supplier base in the procurement of goods and services for any business or organization. It emphasizes the creation of a diverse supply chain that works to secure the inclusion of diverse groups in procurement plans for government, non-profits, and private industry.In other words, supplier diversity [...] | ★★ | ||
|
2022-12-20 09:46:39 | Les prédictions de Logpoint pour 2023 : une année durant laquelle les RSSI seront largement sollicités par les équipes dirigeantes (lien direct) | >L'année 2023 approche à grands pas et il est donc temps de vous présenter nos prévisions concernant le secteur de la cybersécurité. Nous nous attendons à ce que les RSSI soient confrontés à d'importants défis dans un contexte d'incertitude économique au niveau mondial et de nouvelle législation globale en matière de cybersécurité focalisée essentiellement sur [...] | ★★★ | ||
|
2022-12-20 09:46:39 | Logpoint 2023 predictions: The year of the business-driven CISO (lien direct) | >As 2023 closes in it's time to make our predictions for the cybersecurity market. We expect that CISOs will face daunting challenges amidst global economic uncertainty and comprehensive new cybersecurity legislation focusing more on the cybersecurity practices of businesses and organizations. It'll force them to overcome the last frontier – bridging the gap between technical [...] | ★★★ | ||
|
2022-12-14 09:17:48 | Emerging Threats: Emotet-ually Unstable – The resurgence of a nuisance (lien direct) | >By Anish Bogati, Logpoint Global Services and Security ResearchContentsTL;DRWhat is Emotet?Fast FactsBackgroundEmotet operations, tactics and techniquesTL;DREmotet, aka Geodo or Heodo, is a modular malware variant that was initially used as banking malware.At present Emotet is used as a dropper, which means it downloads other malware like IcedID, QakBOT, and TrickBot.Emotet was first detected in June [...] | Malware | ★★ | |
|
2022-12-13 17:06:37 | Understanding cyber risk as a “business risk” at senior management level (lien direct) | >By Andrew Lintell The C-suite cares about cybersecurity now more than ever. Every day there's a new headline with a cyberattack victim scrambling to understand what happened and what the operational and financial consequences are. The EU's new directive, NIS2 which increases the cybersecurity obligations of an organization through compliance, is also putting increased pressure on [...] | ★★ | ||
|
2022-12-07 11:56:23 | Detect, manage and respond: Clop ransomware (lien direct) | >by Santosh Nepal, Security Analytics EngineerContentsTL;DRFast FactsDetecting Clop using LogpointDetecting execution of a malicious documentIncident investigation and response using Logpoint SOAROut-of-the-box Logpoint playbooksBest practicesDetecting signs of ransomware from common threat actors early is keyTL;DRThere is a growing complexity of ransomware development and threat actors who are continuously adding different sophisticated techniques to their arsenal. When Michael [...] | Ransomware Threat | ★★★ | |
|
2022-12-05 10:30:44 | Agent-X open hours series (lien direct) | >Logpoint's converged security operations platform protects the entire business and now launches a new agent that improves threat detection, accelerates the investigation and ensures fast remediation.Logpoint's new agent, AgentX is a lightweight application that transports logs and telemetry from endpoints (all servers, workstations, and applications) to the SIEM, and performs automated real-time investigation and remediation [...] | Threat | ★★ | |
|
2022-12-02 09:03:00 | Hunting and remediating BlackCat ransomware (lien direct) | >By Anish Bogati and Bibek Thapa Magar; Security Research Contents TL;DR Hunting and remediating BlackCat ransomware Fast Facts Technical Analysis Detecting BlackCat with Logpoint Investigation and response using Logpoint SOAR Recommended Mitigation Despite prevalence and sophistication, it's easy to detect BlackCat TL;DR Known by many names, including ALPHV, AlphaV, ALPHVM, and Noberus, BlackCat ransomware [...] | Ransomware | ★★★ | |
|
2022-11-30 14:14:28 | How does the payment card industry meet compliance and security standards in an SAP System? (lien direct) | >The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from major card vendors. Of course, compliance standards such as GDPR cover name, address, and card details within SAP systems, but PCI DSS is the next level of compliance for cards. One of the [...] | ★★★ | ||
|
2022-11-30 12:18:44 | Secure your SAP system from web-based attacks with the latest Logpoint release (lien direct) | >By Martha Chrisander, Head of Product MarketingMultiple vulnerabilities published in CVEs and SAP Security Notes regarding web-based attacks against SAP systems are increasing the need for dedicated detection and response capabilities.According to the SAP Security Response Team, more than 40,000 SAP systems are exposed to the internet enabling remote employees to work more efficiently, supplying [...] | ★★ | ||
|
2022-11-30 12:12:16 | Cyber insurance paradigm shift: Protecting the business without the \'hail mary\' remedy (lien direct) | >Ransomware attacks and their significant financial threat to organizations have contributed to a growing interest in cyber insurance policies. After all, insurance has traditionally promised to cover everything from ransom payouts to incident response and PR related to corporate image taking a hit in the wake of an attack.Ironically, this year ransomware attacks have intensified [...] | Ransomware Threat | ★★ | |
|
2022-11-23 13:34:14 | The 6 Hour Reporting Deadline – Meeting India\'s New Cyber Security Directive. (lien direct) | > By Jack PorterEarlier this year the Indian government issued new directives requiring organizations to report cybersecurity incidents, multiple types of events and incidents are listed below. This requirement was promoted by India's Computer Emergency Response Team (CERT-In), who states it has identified specific gaps causing difficulties in security incident analysis and response and to address them, [...] | ★★★★ | ||
|
2022-11-17 14:16:51 | Detect, prevent and respond: A deep dive on malicious DLLs (lien direct) | >by Nilaa Maharjan, Security ResearchIndexClick the links and navigate to each section:What are DLLs?DLLs are a persistent attack vectorWhat is DLL misuse attack?DLL hijacking is a stealthy, persistent attackValue to you:Investigating DLL hijacking using LogpointAlert: Phantom DLL loaded for persistence or privilege escalationFour golden rules when hunting DLLsThe below queries can help hunt for DLLsHow [...] |
To see everything:
Our RSS (filtrered)
