SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2022-07-25 00:00:00	LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities (lien direct)	In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are similar to those of the BlackMatter ransomware.	Ransomware
	2022-07-20 00:00:00	Improving Software Supply Chain Cybersecurity (lien direct)	Explore use cases for software supply chain cyberattacks and mitigation strategies to improve security maturity and reduce cyber risk.
	2022-07-20 00:00:00	Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data (lien direct)	We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this report.	Threat
	2022-07-15 00:00:00	Top 5 Infrastructure as Code Security Challenges (lien direct)	Learn how to counteract the top five challenges of IaC and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks.	Threat
	2022-07-13 00:00:00	Worldwide 2021 Email Phishing Statistics & Examples (lien direct)	Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021.
	2022-07-11 00:00:00	Data Distribution Service: Mitigating Risks Part 3 (lien direct)	In the final chapter of our blog series, we discuss mitigating strategies and recommendations to keep DDS protected from malicious actors.
	2022-07-11 00:00:00	How Shady Code Commits Compromise the Security of the Open-Source Ecosystem (lien direct)	In this blog entry, we discuss how open-source code has been subjected to protest-driven code modifications by its maintainers or backers. We also provide an analysis of what these incidents could mean for the IT industry and the open source community.
	2022-07-07 00:00:00	GraphQL vs gRPC: Which One Creates More Secure APIs? (lien direct)	Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API frameworks and how to prevent them.
	2022-07-07 00:00:00	Unpacking Cloud-Based Cryptocurrency Miners That Abuse GitHub Actions and Azure Virtual Machines (lien direct)	We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for easy monetary gain.
	2022-07-06 00:00:00	Data Distribution Service: Exploring Vulnerabilities and Risks Part 2 (lien direct)	In part two of our series, we'll highlight both known and new DDS vulnerabilities and what they mean for mission critical operations.
	2022-07-06 00:00:00	Brand-New HavanaCrypt Ransomware Poses as Google Software Update App, Uses Microsoft Hosting Service IP Address as C&C Server (lien direct)	We recently found a new ransomware family, which we have dubbed as HavanaCrypt, that disguises itself as a legitimate Google Software Update application and uses a Microsoft web hosting service IP address as its command-and-control (C&C) server to circumvent detection.	Ransomware
	2022-07-06 00:00:00	ICS & OT Cybersecurity Attack Trends (lien direct)	We explore Trend Micro's latest research into industrial cybersecurity, including the impact of attacks, maturity of security programs, and recommendations for strengthening security.
	2022-07-05 00:00:00	(Déjà vu) Private 5G Network Security Expectations Part 2 (lien direct)	The importance of proof of “security” concepts in private 5G networks: Are verifications of system operations and new functions sufficient for your proof of concept in private wireless networks?
	2022-07-04 00:00:00	Data Distribution Service: An Overview Part 1 (lien direct)	In this three-part blog series, we'll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it.
	2022-06-30 00:00:00	DevOps vs SRE: Differences & Similarities (lien direct)	While DevOps and site reliability engineering teams often work together and have shared goals, there are important distinctions between the two. This article explores the differences between their functions and responsibilities.
	2022-06-29 00:00:00	How to Present Cloud Risk to the Board (lien direct)	Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security leaders better explain cyber risk to the board.	Guideline
	2022-06-22 00:00:00	Azure vs. AWS Developer Tools (lien direct)	Both AWS and Azure developer tools provide key efficiencies in your DevOps environment, learn the comparison between tools, any overlap, and use cases for both.	Tool
	2022-06-16 00:00:00	Security 101: Cloud-native Virtual Patching (lien direct)	Learn about the challenges faced when implementing a vulnerability and patch management policy and how does cloud-native virtual patching can help.	Vulnerability Patching
	2022-06-13 00:00:00	Addressing Cyber Risk with a Unified Platform (lien direct)	Hear from guest speaker, Forrester analyst, Allie Mellen, as she shares insights and advice on the factors firms should consider when looking at leveraging a security platform for managing the attack surface lifecycle.
	2022-06-09 00:00:00	Amazon EKS vs Azure Kubernetes Service (lien direct)	Managed Kubernetes services help organizations deploy, configure, and manage Kubernetes clusters. This article compares two of the biggest service providers: Amazon EKS and Azure Kubernetes Services.		Uber
	2022-06-04 00:00:00	Tutorial: How to Build Your First Node.js gRPC API (lien direct)	Compared to other API technologies like REST and GraphQL, gRPC is lightweight and exceptionally robust, thanks in large part to its use of protobufs. Interested in exploring how to build your own API? Read on to see how easy it is to do so with Node.js and gRPC.
	2022-06-02 00:00:00	Cyber Risk Management Strategies from Arjo CIO (lien direct)	Andrea Berg, CIO of Arjo, explores the critical need for effective and inclusive communication around IT requirements to expand beyond the security team and improve cyber risk management.
	2022-05-31 00:00:00	Managing Cyber Risk: The People Element (lien direct)	Explore the latest findings from Trend Micro's Cyber Risk Index (2H'2021) and how to better manage people to minimize cyber risk across the digital attack surface.
	2022-05-27 00:00:00	How to implement AWS Sustainability Pillar principles (lien direct)	Learn more about the AWS Well-Architected Framework Sustainability Pillar and how to securely and efficiently implement the six design principles to help you reduce your environmental impact while balancing agility and operational excellence.
	2022-05-19 00:00:00	Cyber risk management: Attribution strategies (lien direct)	Discover the importance of cyber attribution, the benefits, and the right tools to assist your efforts so you can better manage cyber risk across your digital attack surface.	Tool
	2022-05-19 00:00:00	Detect Azure AD Hybrid Cloud Vulnerabilities (lien direct)	AADInternals is a PowerShell module widely used by administrators for administering Azure Active Directory (AD) and Microsoft 365 - learn how to protect against their common vulnerabilities.
	2022-05-13 00:00:00	Sandstone CTO shares how to assess cyber risk in the cloud (lien direct)	Chaitanya Pinnamanemi discusses how visibility and prioritization are key to securing your digital attack surface and reducing cyber risk.
	2022-05-12 00:00:00	The Difference Between Virtual Machines and Containers (lien direct)	Discover the key differences, use cases, and benefits of virtual machines and containers.
	2022-05-11 00:00:00	Adding Guardrails To A Cloud Account After The Fact (lien direct)	This article outlines a priority checklist of which guardrails need to be applied to an existing cloud account. Answering questions like, can these guardrails be implemented without breaking anything? What level of testing is required?
	2022-05-04 00:00:00	Workshop: Simplifying Network Security in the Cloud (lien direct)	In this workshop, you will learn how to leverage Trend Micro Cloud One™ - Network Security to provide a powerful network security layer which can be deployed seamlessly into your existing AWS architecture.
	2022-05-02 00:00:00	AvosLocker Ransomware Variant Abuses Driver File to Disable Antivirus, Scans for Log4shell (lien direct)	We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions.	Ransomware
	2022-04-27 00:00:00	New AWS Competency Category - Why It\'s Important (lien direct)	AWS DevOps competency recently added a new category, DevSecOps to its arsenal. Explore our overview of the category and why it matters to security and development teams building in the cloud.
	2022-04-24 00:00:00	Unified Cybersecurity Platform: Why CISOs are Shifting (lien direct)	Our global study polled more than 2,300 IT security decision makers to discover how to best assist and support SecOps teams with a unified cybersecurity platform so you can be more resilient with less resources.
	2022-04-24 00:00:00	Aligning the c-suite with cyber risk management (lien direct)	As we creep toward a post-pandemic world, organizations need to plan accordingly. Explore Trend Micro's latest cyber risk research to enable your business to maximize its growth and potential.
	2022-04-24 00:00:00	Cybersecurity Predictions for 2022 (lien direct)	Explore Trend Micro Research's security insights and predictions for 2022 to enable more informed and proactive decision-making.
	2022-04-24 00:00:00	(Déjà vu) Trend Micro Partnering with Bit Discovery (lien direct)	We're excited to partner with Bit Discovery, bringing attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets (devices, identities, applications) but also external, internet-facing assets.			★★★★★
	2022-04-24 00:00:00	How XDR Security Aids in Cyber Risk Management (lien direct)	Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to better understanding, communicating, and mitigating cyber risk across your enterprise.	Threat
	2020-11-13 13:11:18	This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs (lien direct)	Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about a ransomware group that walked away with 2,200 Bitcoin: More than $33 million based on the current Bitcoin exchange rate. Also, read about this month's Patch...	Ransomware		★★★★
	2020-11-06 13:42:03	This Week in Security News: US Cyber Command Exposes New Russian Malware and REvil Ransomware Gang \'Acquires\' KPOT Malware (lien direct)	Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about eight new malware samples that were developed and deployed by Russian hackers in recent attacks. Also, read about how the operators of the REvil ransomware strain...	Ransomware Malware		★★★
	2020-10-30 13:59:08	This Week in Security News: Trend Micro Researcher Uncover Two Espionage Backdoors Associated with Operation Earth Kitsune and Trickbot and Ransomware Attackers Plan Big Hit on U.S. Hospitals (lien direct)	Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how Trend Micro researchers uncovered two new espionage backdoors associated with the 'Operation Earth Kitsune' campaign. Also, read about how U.S. healthcare providers have been put...	Ransomware		★★★★★
	2020-10-27 12:36:56	(Déjà vu) Trend Micro HouseCall for Home Networks: Giving You a Free Hand in Home Network Security (lien direct)	Remember when only desktop computers in our homes had connections to the internet? Thanks to the latest developments in smart device technology, almost everything now can be connected- security cameras, smart TVs, gaming consoles, and network storage, to name just a few. While a home network provides lots of benefits, it can also expose us...			★★★★
	2020-10-16 12:48:58	This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash (lien direct)	Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how cybercriminals are passing the time during the COVID-19 pandemic with online poker games, where the prizes include stolen data. Also, read about how VirusTotal...			★★★★
	2020-10-08 13:28:30	Cyber Security Awareness: A Critical Checklist (lien direct)	October 2020 marks the 17th year of National CyberSecurity Awareness Month, where users and organizations are encouraged to double their efforts to be aware of cybersecurity issues in all their digital dealings-and to take concrete steps to increase their privacy and security as necessary. The Cybersecurity & Infrastructure Security Agency (CISA), in conjunction with the...			★★★
	2020-10-02 12:05:55	This Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageX (lien direct)	Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how an adware family known primarily for distributing browser hijackers, Linkury, has been caught distributing malware. Also, read about a newly uncovered strain of the...	Malware		★★

Last update at: 2024-05-11 23:10:16
See our sources.

To see everything: Our RSS (filtrered)