What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-10-29 16:00:00 | What\'s My Priority? The Key Pillars of Threat Intelligence (lien direct) | Often, in the world of information security and risk management, the question facing threat intelligence teams is amidst this sea of vulnerability disclosures, which ones matter the most to my organization? Which can impact us the most? And, how do I best explain threats to internal stakeholders in a way that helps minimize risk? Reducing […] | Vulnerability Threat | ||
|
2020-10-09 15:42:42 | How Cybersecurity Threat Intelligence Teams Spot Attacks Before They Start (lien direct) | A thorough cybersecurity threat intelligence team can turn a threat into a tool for future protection. Their job is to conduct background research on threat groups’ motivations and capabilities. This way, the intelligence team can be ready to protect an organization with even greater knowledge in the future. Strong cybersecurity threat intelligence about who attackers […] | Tool Threat | ||
|
2020-10-07 13:30:00 | Cybersecurity Awareness: 6 Myths And How To Combat Them (lien direct) | National Cybersecurity Awareness month is upon us. And, so is the opportunity to look at what common C-suite misconceptions could be handcuffing security awareness efforts. As we enter the back half of 2020, now is the time to look at myths and highlight their relevancy in this chaotic year. Which myths are in the modern threat landscape? […] | Threat | ||
|
2020-10-05 12:00:00 | Web Application Security Best Practices: A Developer\'s Guide (lien direct) | Digital adoption is only increasing in today’s world. It brings with it the challenges of safeguarding financial and personal data against potential threat actors. Including web application security best practices during application development can patch some of these holes and ensure the applications adhere to security standards and are free of vulnerabilities. The Impact of […] | Threat | ||
|
2020-10-02 09:00:00 | Top 5 Threat Vectors in Connected Cars and How to Combat Them (lien direct) | Plug-in electric and at least partially autonomous connected cars are a common sight on roads around the world. The software and electronic component market for those vehicles is projected to grow from $238 billion to $469 billion between 2020 and 2030. Both cybersecurity and ‘privacy by design and default’ have been holistically embedded into operations across many […] | Threat | ||
|
2020-09-28 10:00:00 | Ransomware 2020: Attack Trends Affecting Organizations Worldwide (lien direct) | Ransomware is one of the most intractable — and common — threats facing organizations across all industries and geographies. And, incidents of ransomware attacks continue to rise. Meanwhile, ransomware threat actors are adjusting their attack model to adapt to improvements that organizations are making to recover from these attacks. As of September 2020, one in […] | Ransomware Threat | ||
|
2020-09-17 10:00:00 | A New Botnet Attack Just Mozied Into Town (lien direct) | A relatively new player in the threat arena, the Mozi botnet, has spiked among Internet of things (IoT) devices, IBM X-Force has discovered. This malware has been active since late 2019 and has code overlap with Mirai and its variants. Mozi accounted for nearly 90% of the observed IoT network traffic from October 2019 through […] | Malware Threat | ★★★ | |
|
2020-09-04 11:30:00 | Incident Response: 5 Steps to Prevent False Positives (lien direct) | False positive alerts in your threat intel platform can leave your team scrambling. It’s like driving to the wrong address. You reach a place, but also waste time you could have used at your intended destination. For security teams, knowing how to screen for false positives saves time and makes the team more efficient at […] | Threat | ||
|
2020-09-03 18:00:00 | Under Attack: How Threat Actors are Exploiting SOCKS Proxies (lien direct) | From the basic building blocks of the internet to cryptocurrency mining on a supercomputer, SOCKS sits at the core of computing. A SOCKS proxy can be used to improve network security in an enterprise, but can also be exploited by cybercriminals for nefarious reasons. Take a look at how SOCKS proxies have been manipulated recently […] | Threat | ||
|
2020-08-24 11:45:00 | How Can Enterprises Protect Personally Identifiable Information? (lien direct) | With data breaches often appearing in the news, customers and enterprise leaders alike may be concerned that the enterprise isn’t doing enough to protect customers’ personally identifiable infomation (PII). As today’s chaotic economy makes for a hungry threat landscape, what methods can the enterprise apply to better protect the increased PII data flow? In some […] | Threat Guideline | ||
|
2020-08-17 11:00:00 | Threat Modeling in a Container Environment (lien direct) | As organizations turn to hybrid solutions, an increasing number of businesses are turning to container orchestration to provide a seamless solution to computing between environments. “Containers are units of software in which the code and all its dependencies are packed, allowing applications to run quickly and efficiently from one computing environment to another,” Container Journal explains. […] | Threat | ||
|
2020-08-06 11:35:00 | Shellshock In-Depth: Why This Old Vulnerability Won\'t Go Away (lien direct) | Shellshock is a bug in the Bash command-line interface shell that has existed for 30 years and was discovered as a significant threat in 2014. Today, Shellshock still remains a threat to enterprise. The threat is certainly less risky than in the year of discovery. However, in a year in which security priorities have […] | Vulnerability Threat | ||
|
2020-08-06 11:30:00 | Endpoint Security Using AI & MITRE For Your Remote Workforce (lien direct) | As employees increasingly work remotely, it is more important than ever to maintain visibility and threat detection in a remote working world. We have seen a significant increase in state-sponsored attacks and malicious phishing campaigns, and this trend is expected to continue. This period of remote work is a good time for enterprise to make […] | Threat | ||
|
2020-08-05 11:00:00 | Threat Hunting Techniques: A Quick Guide (lien direct) | Threat hunting is an essential part of security operations center services and should be incorporated at an early stage. Threat hunting is the art of finding the unknowns in the environment, going beyond traditional detection technologies, such as security information and event management (SIEM), endpoint detection and response (EDR) and others. There are multiple methods […] | Threat | ||
|
2020-07-29 17:15:56 | How and Why to Take a Holistic Approach to Threat Modeling (lien direct) | By taking a broader, more expansive view of threat modeling, organizations can consider the whole picture of their security strategy and improve efficiency. Threat modeling is a systematic approach to finding, prioritizing and fixing security threats, but it can be much more. It invites an exercise in systematic collaborative thinking, and as such its benefits […] | Threat | ||
|
2020-07-24 11:25:00 | Leveraging Open Source Can be Powerful for Cybersecurity (lien direct) | Security vendors and end users have access to the same technology and resources, if not more, than the threat actor community. However, the area where cybersecurity falls short as an industry is teamwork. Vendors and end users rarely talk to each other as a broader force. Thus, while innovation may happen for individual products, that […] | Threat | ||
|
2020-07-16 09:00:00 | New Research Exposes Iranian Threat Group\'s Operations (lien direct) | IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational errors-a basic misconfiguration-by suspected […] | Threat Conference | APT 35 | |
|
2020-07-07 12:29:02 | COVID-19 Cybercrime Capitalizing on Brazil\'s Government Assistance Program (lien direct) | IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-related phishing lures. In mid-March and […] | Threat | ★★★ | |
|
2020-06-24 11:30:00 | Visibility and Threat Detection in a Remote Working World (lien direct) | At the outset of the COVID-19 pandemic, when governments around the world put stay-at-home orders in place, it was hard to imagine the state of work would permanently change. Yet, as organizations rapidly adopted and expanded systems to enable a remote workforce - which doubled in size in just three weeks - company cultures began […] | Threat | ||
|
2020-06-23 11:00:00 | A Game of Chess: Entropy and Patterns in Threat Intelligence (lien direct) | During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms. By contrast, they […] | Threat | ||
|
2020-06-17 11:00:00 | Chaos Engineering and Security: Upgrading Simulation Exercises For More Dynamic Threat Environments (lien direct) | As the recent pandemic has swept the globe, malicious hackers have quickly pivoted to leverage the confusion to their benefit in carrying out cyberattacks. On April 8, 2020, the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Centre (NCSC) jointly released an alert […] | Threat | ||
|
2020-06-17 11:00:00 | The Importance of People and Culture within the Security Operations Center (lien direct) | Security operations centers (SOCs) have changed dramatically over the last decade. Gartner predicts that by 2022, 50 percent of all SOCs will transform into modern centers with integrated incident response, threat intelligence and threat hunting capabilities, up from less than 10 percent in 2015. Organizations are investing heavily in tooling for detection and response as the number of […] | Threat | ||
|
2020-06-10 13:00:00 | The Journey to Simplicity: User Experience in Security (lien direct) | Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors. We can all recite the challenges that security teams struggle with - too many solutions, not enough people, not enough visibility. With the average organization deploying 25 […] | Threat | ||
|
2020-06-10 12:30:03 | How Threat Actors Are Adapting to the Cloud (lien direct) | With organizations increasingly moving to cloud environments, cloud security is more critical than ever. Cloud environments often hold large troves of valuable and sensitive data that can put organizations and their customers at risk if they are breached. At the same time, many organizations are still discovering best practices surrounding cloud security and incident response. […] | Threat | ||
|
2020-05-04 13:00:56 | 6 Things to Do After Implementing Cybersecurity AI for Alert Management (lien direct) | Once cybersecurity AI automates threat monitoring tasks, what should infosec pros do next? Here are six ways to improve your post-AI security strategy. | Threat | ||
|
2020-04-29 10:00:23 | Ad Hoc or Managed Penetration Testing: Which One Is Best for You? (lien direct) | Due to legal regulations, internal policies, executive requests, and the desire to beat threat actors and avoid breaches, penetration testing is becoming a common practice. | Threat | ||
|
2020-04-13 12:55:53 | Grandoreiro Malware Now Targeting Banks in Spain (lien direct) | A familiar malware threat called Grandoreiro, a remote-overlay banking Trojan that typically affects bank customers in Brazil, has spread to attack banks in Spain. | Malware Threat | ||
|
2020-04-07 10:30:20 | ITG08 (aka FIN6) Partners With TrickBot Gang, Uses Anchor Framework (lien direct) | Financially motivated, adaptable, sophisticated and persistent, the ITG08 threat group is likely to remain one of the most potent cybercriminal groups in this new decade. | Threat | ||
|
2020-04-02 11:15:19 | How Relevance Scoring Can Make Your Threat Intelligence More Actionable (lien direct) | Relevance scoring is a technique that correlates the properties of security analysts' threat intelligence and those of their organization, such as the industry and region. | Threat | ||
|
2020-03-27 10:30:23 | Why Adversarial Examples Are Such a Dangerous Threat to Deep Learning (lien direct) | Adversarial examples can throw a wrench in deep learning processes and expose vulnerabilities. Organizations should take steps now to get ahead of these threats before they disrupt data processes. | Threat | ||
|
2020-03-25 17:40:21 | Recalibrate Insider Threat Controls When Your Employees Are Off the Corporate Network (lien direct) | With the rise of the remote workforce, CISOs need to shift focus from corporate networks to protect against insider threats and risks beyond the traditional perimeter. Here's what to consider. | Threat | ★★★★★ | |
|
2020-03-17 20:05:35 | IBM X-Force Threat Intelligence Cybersecurity Brief: Novel Coronavirus (COVID-19) (lien direct) | Global events such as the novel coronavirus (COVID-19) make all of us attractive targets for cybersecurity criminals. Whether it's phishing emails or new targeted scams, these tactics are meant to take advantage of citizens who are understandably concerned about their safety and health during this challenging time. COVID-19 email exploits can deliver damaging ransomware and […] | Ransomware Threat | ||
|
2020-03-17 11:15:20 | Grow Your Business With an Evolving Cloud Security Strategy (lien direct) | As the threat landscape becomes more complex every day, it is crucial that you adapt with an ever-evolving cloud security strategy. | Threat | ||
|
2020-03-10 10:45:20 | In 2020, IoT Security Must Be Part of Your Threat Management Strategy (lien direct) | From a threat management perspective, there is no logic in securing IT equipment while ignoring the IoT devices active in the same environment. Organizations must consider IoT devices as well. | Threat | ||
|
2020-03-06 12:00:25 | How a More Connected Approach Can Help With Threat Management (lien direct) | Using capabilities that maximize and connect existing security solutions and data sources can help organizations advance their threat management initiatives in multiple ways. | Threat | ||
|
2020-03-04 14:01:21 | Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT (lien direct) | The combination of digital transformation and the "Internet of Everything" is reshaping the modern landscape of OT, IoT and IoMT, meaning threat management must evolve in response. | Threat | ★★ | |
|
2020-03-03 11:00:26 | State of the Phish: IBM X-Force Reveals Current Phishing Attack Trends (lien direct) | Phishing has long been an infection vector of choice for threat actors, and for good reason - it is relatively easy, inexpensive and consistently successful. | Threat | ||
|
2020-03-02 12:30:25 | Leverage ATT&CK for ICS to Secure Industrial Control Systems (lien direct) | The core of MITRE ATT&CK for ICS provides an overview of the TTPs associated with threat actors that have carried out attacks against ICS systems. | Threat | ||
|
2020-02-27 11:40:21 | A Guide to Easy and Effective Threat Modeling (lien direct) | Threat modeling is a process by which potential threats can be identified, enumerated and prioritized, all from a hypothetical attacker's point of view. Learn more about building a threat model. | Threat | ||
|
2020-02-26 11:05:26 | What\'s Old Is New, What\'s New Is Old: Aged Vulnerabilities Still in Use in Attacks Today (lien direct) | Two vulnerabilities that were reported and patched in 2017 were used in nearly 90 percent of malspam messages in 2019. Why would threat actors use these old, well-known exploits in their attacks? | Threat | ||
|
2020-02-18 13:10:38 | Banking Trojans and Ransomware - A Treacherous Matrimony Bound to Get Worse (lien direct) | To combat the threat of banking Trojans and ransomware, organizations should stay up to date with the rapidly evolving threat landscape by utilizing the latest threat intelligence. | Ransomware Threat | ||
|
2020-02-17 19:50:20 | Why Threat Actors Are Increasingly Conducting Cyberattacks on Local Government (lien direct) | Cyberattacks on local government have increased dramatically over the last several years. What is it about municipal organizations and governments that makes them such attractive targets? | Threat | ||
|
2020-02-11 12:05:35 | X-Force Threat Intelligence Index Reveals Top Cybersecurity Risks of 2020 (lien direct) | The findings in the 2020 X-Force Threat Intelligence Index highlight the most common attack vectors, the evolution of ransomware and malware, the risks posed by inadvertent insiders and more. | Ransomware Threat | ||
|
2020-02-05 11:30:23 | Artificial Intelligence (AI) and Security: A Match Made in the SOC (lien direct) | When security analysts partner with artificial intelligence, the benefits include increased productivity, improved job satisfaction, and streamlined threat detection, investigation and response. | Threat | ||
|
2020-01-23 20:45:34 | What Is Threat Management? Common Challenges and Best Practices (lien direct) | Threat management is a framework often used by cybersecurity professionals to manage the life cycle of a threat in an effort to identify and respond to it with speed and accuracy. | Threat | ||
|
2020-01-10 11:30:20 | Is Juice Jacking a Legitimate Threat or Nothing to Worry About? (lien direct) | Juice jacking is either a rare or currently unpracticed attack that's brimming with potential for cybercriminals and spies. | Threat | ||
|
2019-12-13 14:00:37 | Connected Car Security Is a New Kind of Mobile Security Risk (lien direct) | With so much pessimism surrounding the threat landscape in the automobile industry, it's encouraging to hear that manufacturers are embracing connected car security concepts more than ever before. | Threat | ||
|
2019-12-04 14:25:33 | Save Time, Increase Efficiencies and Improve Security With a Modern SIEM (lien direct) | SIEM solutions must evolve to keep up with the rapidly changing threat landscape, technological advancements and the growing attack surface. | Threat | ||
|
2019-12-03 12:00:21 | When Stalkerware Stalks the Enterprise (lien direct) | Stalkerware is a real problem that can lead to individuals being tracked and stalked via software on their smartphones. It's also a growing and underappreciated threat to enterprises. | Threat Guideline | ||
|
2019-12-03 11:00:28 | TrickBot Widens Infection Campaigns in Japan Ahead of Holiday Season (lien direct) | The threat group operating the TrickBot Trojan has been modifying some of the malware's modules as they continue to deploy their attacks in the wild - most recently in Japan. | Threat |
To see everything:
Our RSS (filtrered)
