What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-04-16 12:30:03 | What Is Endpoint Security Today? Big Data and Mobile Trends Point to the \'Startpoint\' (lien direct) | We can probably all agree that securing the devices on our networks is a fair definition of endpoint security. But within this traditional definition, what, really, is the endpoint of today? | |||
|
2019-04-15 18:50:02 | KuppingerCole Report: Leadership Compass of Access Management and Federation (lien direct) | >IBM Security Access Manager (ISAM) is rated as a leader in the Product, Marketing and Technology Leadership categories in KuppingerCole's Leadership Compass report on access management and federation. | Guideline | ||
|
2019-04-12 12:45:01 | What Is the Role of SIEM in the Fusion Center Era? (lien direct) | >A fusion center uses a wider set of data sources, collects data from both inside and outside the organization, and delivers it to the right people to help them respond and recover more efficiently. | |||
|
2019-04-12 12:00:02 | What Happens When Malware Sneaks Into Reputable Hardware, Applications and App Stores? (lien direct) | >To avoid malware, always get hardware and software from authorized and reputable sources and vendors, right? But what happens when those same sources actually contain or deliver malicious payloads? | Malware | ||
|
2019-04-11 13:00:02 | Dark Web TLS/SSL Certificates Highlight Need for Shift to Zero Trust Security (lien direct) | >Some of the latest website security threats originate from thriving dark web marketplaces for TLS/SSL certificates, which often come packaged with other cybercrime services. | |||
|
2019-04-11 12:00:02 | Cyber Resilience Study: Incident Response Plans and Security Automation Set High Performers Apart (lien direct) | >The fourth annual "The Cyber Resilience Organization" study found that 23 percent of respondents are now using security automation. | |||
|
2019-04-10 12:00:03 | How to Balance Speed and Security in Your Application Security Program (lien direct) | >To compete in today's software market, developers are under pressure to build quality code quickly. But DevOps processes that fail to account for application security are bound to miss critical flaws. | |||
|
2019-04-10 12:00:02 | Rewrite the Rules to Reduce Complexity in Your Security Architecture (lien direct) | >At RSAC 2019, Sridhar Muppidi and Devin Somppi implored vendors to "start looking at security as a team sport" and redouble their efforts to reduce complexity in their security architecture. | |||
|
2019-04-09 19:20:03 | Credential Dumping Campaign Hits Multinational Corporations (lien direct) | >X-Force researchers observed attackers targeting multinational corporations in various sectors using malicious scripts to automate attacks on misconfigured servers. | |||
|
2019-04-09 12:00:03 | SOAR: The Second Arm of Security Operations (lien direct) | >SIEM tools can help security operations center (SOC) teams detect threats, but what good is threat data without the context analysts need to quickly respond to incidents? That's where SOAR comes in. | Threat | ||
|
2019-04-09 12:00:02 | Is Cloud Business Moving too Fast for Cloud Security? (lien direct) | >Businesses that want to advance cloud security at scale need to invest in both the people and the technology that will reduce risks. | |||
|
2019-04-08 12:00:02 | Why Encryption Is the Cornerstone of Your Cloud Security (lien direct) | >When evaluating cloud providers, it's important to understand who is responsible for cloud security. Since the lines are often blurred, encryption is imperative to keep your data from prying eyes. | |||
|
2019-04-08 10:00:05 | Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns (lien direct) | IBM X-Force researchers observed cybercriminals engaging in three tax-themed malware campaigns. | Malware | ||
|
2019-04-08 10:00:03 | Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control (lien direct) | >IBM X-Force found a zero-day buffer overflow vulnerability in one of the most common routers on the market that could let malicious third parties take control of the device from a remote location. | Vulnerability | ||
|
2019-04-05 11:45:04 | Cryptojacking Attacks: Who\'s Mining on Your Coin? (lien direct) | X-Force data revealed that while browser-based cryptojacking was increasingly popular through most of 2018, cryptomining malware made a resurgence at the end of 2018 and into Q1 2019. | Malware | ||
|
2019-04-05 11:45:03 | Preparing for the CCPA: Leverage GDPR Investments to Accelerate Readiness (lien direct) | >To prepare for the CCPA and other upcoming data privacy regulations, start by applying the best practices and frameworks you used to achieve GDPR readiness when the regulation took effect last May. | |||
|
2019-04-05 11:45:01 | Stressed to Impress: Evolving Threats Raise the Stakes on Shared Security Culture (lien direct) | >Shared security culture is now critical for organizations to prevent IT burnout and respond to emerging threats. But what does this look like in practice? | |||
|
2019-04-05 11:00:02 | Why Cyber Range Training Should Be Top of Mind for Your Security Teams (lien direct) | >When reputation, revenue and customer trust is at stake, immersive cyber range training can help security teams detect, respond and manage incidents effectively. | |||
|
2019-04-04 15:20:03 | How a Cunning Remote Overlay Malware Met Its Match (lien direct) | >A remote overlay malware that is attacking Latin American banks met its match in a solution built from behavioral biometrics, deep research, reverse engineering and finely tuned threat modeling. | Malware Threat | ||
|
2019-04-04 14:40:01 | Preparing for the Unpredictable: Security in a New World of Mobile Malware (lien direct) | >Mobile malware is nothing new. But in recent months, attackers have been getting more creative and resourceful with how they conceal, distribute and deploy these threats. | Malware | ★★ | |
|
2019-04-04 12:45:04 | IcedID Banking Trojan Spruces Up Injection Tactics to Add Stealth (lien direct) | >IBM X-Force analyzed modifications made to IcedID that help the banking Trojan act more stealthily on infected devices. | |||
|
2019-04-04 12:00:02 | Capture the Flag Competitions Can Help Close the Security Skills Gap (lien direct) | >A capture the flag exercise gives security professionals and business leaders an opportunity to drill their cybersecurity response skills in a low-pressure yet highly engaging environment. | Guideline | ||
|
2019-04-03 14:15:02 | Reap the Promise of One and Done Authentication With SSO (lien direct) | >With SSO, employees can use one set of credentials to access all their apps instead of remembering, looking up and frequently resetting multiple passwords. | |||
|
2019-04-02 11:30:02 | To Move Forward Securely, Look Backward With Ongoing Risk Assessments (lien direct) | >If we focus on the future at the expense of performing risk assessments to maintain defenses against existing threats, we will always be one step behind attackers. | |||
|
2019-04-01 13:00:02 | Security Analyst Files Workman\'s Comp Claim for \'Seriously Fatigued Fingers\' (lien direct) | A level 3 security analyst announced he'll be taking a six-month leave due to "seriously fatigued fingers" and "a wonky eye" resulting from his daily activities to ensure data security and compliance. | |||
|
2019-04-01 11:00:02 | The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security (lien direct) | >Healthcare security is going to play a huge role if the utopian vision of a purely digital healthcare ecosystem is going to be realized. | |||
|
2019-03-29 13:05:01 | The Language of Business: Where the Board of Directors and Security Leaders Can Meet (lien direct) | >IT and security professionals must be able to talk business to the C-suite and the board of directors, especially if new security products need to be added into the organization's portfolio. | |||
|
2019-03-29 12:00:03 | How Chris Thomas Paired His Passion for Blockchain With Pen Testing (lien direct) | >Chris Thomas, X-Force Red's blockchain security expert, has always had an interest in understanding how technologies are built and operated. | |||
|
2019-03-29 12:00:02 | Foster a Culture of Knowledge Sharing in Your Security Operations Center (lien direct) | >To bridge the skills gap, increase efficiency and lighten the load of overwhelmed analysts, it's imperative to encourage knowledge sharing among your security operations center team. | |||
|
2019-03-29 11:00:02 | A Busy IT Infrastructure Can Lead to Security Disaster (lien direct) | >Smartphones, tablets and cloud computing have been leading the way in the workplace until now, but the growing popularity of the internet of things could totally change the look of IT infrastructure. | Guideline | ||
|
2019-03-28 16:30:03 | Speak the Board\'s Language to Communicate the Value of Security (lien direct) | CISOs around the world complain that their board won't allocate the necessary cybersecurity investment to keep the company safe. Part of the problem might be how we communicate the value of security. | |||
|
2019-03-28 16:30:02 | Let\'s Make 2019 the Year of Fewer Records Compromised in Data Breaches (lien direct) | A notable takeaway from the report was that despite fewer reported data breaches, 2018 witnessed a 126 percent uptick in the number of records breached containing personally identifiable information. | |||
|
2019-03-27 13:00:02 | Missed DNS Flag Day? It\'s Not Too Late to Upgrade Your Domain Security (lien direct) | Whether or not you plan on using DNS cookies or DNSSEC, foreseeing an upgrade plan for your software to the latest version made available as part of DNS Flag Day is highly advised. | |||
|
2019-03-27 12:40:02 | Here\'s What You Need to Know to Secure Your IoT Projects (lien direct) | Securing IoT projects requires a thorough understanding of your technology infrastructure, its services and components, and how they relate to each other. | |||
|
2019-03-26 17:00:02 | When It Comes to Incident Response, Failing to Plan Means Planning to Fail (lien direct) | >In today's treacherous threat landscape, it seems the odds are overwhelmingly stacked against cyberdefenders. But there is one advantage attackers can't take away: thorough incident response planning. | Threat | ||
|
2019-03-26 12:30:02 | How to Lift the Veil on Mobile Application Security Threats (lien direct) | >Today's security leaders are tasked with complying with data privacy laws and enhancing user productivity while preserving their agility and securing them from mobile application security threats. | Guideline | ||
|
2019-03-25 16:40:02 | Adopting the NIST 800-53 Control Framework? Learn More About the Anticipated Changes in 2019 (lien direct) | >Organizations adopting NIST 800-53 should understand how upcoming changes will affect senior leadership accountability, data privacy and third-party assessments. | Guideline | ||
|
2019-03-25 12:10:02 | Think Inside the Box to Bridge the Cybersecurity Skills Gap (lien direct) | >The threat landscape is growing more perilous each day and our white hats need all the help they can get. The problem is that many organizations are struggling to close the cybersecurity skills gap. | Threat | ||
|
2019-03-22 13:00:03 | Taming Global Cybersecurity Risks Requires a Concerted Cyber Resilience Effort (lien direct) | >With the realization that "we're all in this together," boards want to learn how their organizations are collaborating with the rest of the ecosystem in planning and testing cyber resilience. | |||
|
2019-03-21 20:26:01 | 5 Characteristics of an Effective Incident Response Team: Lessons From the Front Line (lien direct) | >How you respond to a data breach matters. What qualities do the most elite incident response teams possess? The IBM X-Force IRIS team shares its lessons from the front line. | Data Breach | ||
|
2019-03-21 12:30:03 | Hunting for the True Meaning of Threat Hunting at RSAC 2019 (lien direct) | >Many vendors at RSAC 2019 boasted of their advanced and even automated threat hunting capabilities, but it's important to understand the difference between true threat hunting and marketing jargon. | Threat | ||
|
2019-03-21 12:00:02 | What Security Threats of the Past Can Tell Us About the Future of Cybersecurity (lien direct) | >If we look close enough, many new security threats are something we've seen in another form or an attack style we've had to previously defend against. | |||
|
2019-03-21 11:30:02 | Securing the Microservices Architecture: Decomposing the Monolith Without Compromising Information Security (lien direct) | >Ditching monolith for microservices may be right for your organization, but it's critical to address the relevant security considerations early in the process. | |||
|
2019-03-20 13:00:02 | Creating Meaningful Diversity of Thought in the Cybersecurity Workforce (lien direct) | >Let's add the diversity of approach, diversity of values and advocacy for deep customer empathy to the cybersecurity workforce diversity we are building. | |||
|
2019-03-20 10:00:02 | The Business of Organized Cybercrime: Rising Intergang Collaboration in 2018 (lien direct) | >In 2018, IBM X-Force researchers observed organized cybercrime groups collaborating, rather than competing over turf or even attacking each other, for the first time. | |||
|
2019-03-19 12:00:02 | Why You Should Integrate IoT Security Into Your Vulnerability Management Program (lien direct) | >Many IT professionals and executives alike are not addressing IoT security at the same level at which it's creating tangible business risks. | Vulnerability | ||
|
2019-03-18 12:45:01 | The Biggest Stories From RSAC 2019: What Scares the Cybersecurity Experts? (lien direct) | >When the perspectives of CISOs and experts at RSAC 2019 are viewed as a continuum, you can begin to see a story emerging about the state of cybersecurity in 2019. | |||
|
2019-03-15 20:45:02 | How Patch Posture Reporting Improves Security Landscapes (lien direct) | >If your vulnerability management tools do not report on your company's patch posture, you may be missing crucial holes in your software that are ripe for exploitation. | Vulnerability | ||
|
2019-03-15 13:55:01 | Will We See the Rise of Vaporworms and Other New Fileless Attacks in 2019? (lien direct) | >The evolution of the new and difficult-to-detect category of fileless malware may soon take an insidious turn with the development of what some researchers are calling vaporworms. | Malware | ||
|
2019-03-14 18:15:02 | Application Security Has Nothing to Do With Luck (lien direct) | >If a safe, secure product and a satisfied customer base is the pot of gold at the end of your rainbow, it's time to build application security processes into your development cycle. |
To see everything:
Our RSS (filtrered)
