What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-09-29 06:05:00 | BrandPost: How to Defend Against Today\'s Top 5 Cyber Threats (lien direct) | Cyber threats are constantly evolving. As recently as 2016, Trojan malware accounted for nearly 50% of all breaches. Today, they are responsible for less than 7%.That's not to say that Trojans are any less harmful. According to the 2020 Verizon Data Breach Investigations Report (DBIR), their backdoor and remote-control capabilities are still used by advanced threat actors to conduct sophisticated attacks.Staying ahead of evolving threats is a challenge that keeps many IT professionals awake at night. Understanding today's most important cyber threats is the first step toward protecting any organization from attack. | Data Breach Malware Threat | ||
|
2020-09-11 03:00:00 | 11 types of hackers and how they will harm you (lien direct) | Hackers-and the malware they build and use-have grown up in the last couple of decades. When computers were big putty-colored boxes, hackers were just learning to walk and their pranks were juvenile - maybe they would create a bit of silly malware that did little more than flash “Legalize Marijuana!” or play Yankee Doodle across your screen. As computers have evolved into an economy of their own, hackers, too, have evolved out of those wide-eyed nerds into an audacious army of criminals. | Malware | ||
|
2020-09-03 11:43:00 | BrandPost: SIGRed: What Is It, How Serious Is It, and How Should You Respond? (lien direct) | Executive SummaryOn July 14th, 2020, Microsoft disclosed a vulnerability in the Microsoft DNS Server subsystem affecting all modern versions of Microsoft DNS. This vulnerability allows attackers to leverage malformed DNS responses to trigger remote code execution on unpatched Microsoft DNS servers without the need for authentication. A sufficiently capable attacker can leverage this vulnerability to obtain remote administrative access to Microsoft DNS Servers, which typically cohabitate with Microsoft Active Directory servers.In other words this vulnerability bypasses the majority of built-in security checks and security architecture while providing direct access to an organization's critical infrastructure. Additionally this vulnerability is "wormable", indicating that the attack is easily automated and can spread without user intervention via malware. | Vulnerability | ||
|
2020-09-03 08:32:00 | Evilnum group targets FinTech firms with new Python-based RAT (lien direct) | Evilnum, a group known for targeting financial technology companies, has added new malware and infection tricks to its arsenal, researchers warn. The group is suspected of offering APT-style hacker-for-hire services to other entities, a growing and worrying trend that's changing the threat landscape.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Evilnum appeared on the radar of security companies in 2018 when it started targeting FinTech companies throughout Europe with spear-phishing emails that try to pass malicious files as scans of credit cards, utility bills, ID cards, drivers licenses and other identity verification documents required by know-your-customer (KYC) regulations in the financial sector. | Malware Threat | ★★★★★ | |
|
2020-09-03 03:00:00 | How to choose the right security training provider for your team (lien direct) | Your enterprise's security team is entrusted with a critical mission: protecting systems, resources and users from phishing, ransomware, denial-of-service attacks, data theft, malware infection and assorted other attacks. Staying on top of emerging and evolving threats requires constant vigilance and, most importantly, a well-trained team. | Malware | ||
|
2020-08-31 06:00:00 | Cloud technology great for security but poses systemic risks, according to new report (lien direct) | Although nearly 30 years old, cloud computing is still a “new” technology for most organizations. The cloud promises to reduce costs and increase efficiencies through storage and management of large repositories of data and systems that are theoretically cheaper to maintain and easier to protect. [ Follow these 5 tips for better cloud security. | Get the latest from CSO by signing up for our newsletters. ] Given the growing rush by organizations to move to the cloud, it's no surprise that some policymakers in Washington are calling for regulation of this disruptive technology. Last year, Representative Katie Porter (D-CA) and Nydia Velázquez (D-NY), urged the Financial Stability Oversight Council (FSOC) to consider cloud services as essential elements of the modern banking system and subject them to an enforced regulatory regime. Their calls for this kind of oversight came in the wake of a major data breach of Capital One in which an employee of the financial institution was able to steal more than 100 million customer credit applications by exploiting a misconfigured firewall in operations hosted on Amazon Web Services (AWS). | Data Breach | ||
|
2020-08-27 06:38:00 | After a decade, Qbot Trojan malware gains new, dangerous tricks (lien direct) | The Qbot Trojan has been plaguing computer users and businesses for over a decade and the cybercriminals behind it are still coming up with new tricks that keep it one of the most prevalent and successful malware threats. The latest technique observed by security researchers involves the malware inserting itself into the legitimate email threads of their victims to spread. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-08-25 08:22:00 | BrandPost: CIS Password Policy Guide: Passphrases, Monitoring, and More (lien direct) | Love them or hate them, but passwords are a time-tested and imperfect method for user authentication that can protect organizations from cyber-attacks if used correctly. To be truly effective however, an organization's password policy must include additional defensive strategies to prevent unauthorized access.New password policy standards are based on two primary principles: leveraging real-world attack data and making it easier for users to create and remember passwords.Organizations need to employ updated tools and policies to conform to these new standards. These include new approaches to password creation, multi-factor authentication (MFA), account lockouts, and other safeguards. | |||
|
2020-08-24 03:00:00 | Mobile security failings putting enterprises at risk (lien direct) | A typical mobile security breach in a large organization can cost millions of dollars. Mobile Security can be a daunting task with many potential pitfalls to protect against. Knowing the key security exposure mechanisms can help you determine the best approach to security for your mobile users. | |||
|
2020-08-24 03:00:00 | 7 things to consider when choosing managed detection and response (lien direct) | Threat detection and response is a priority for most CISOs because they recognize that the faster a breach is detected and dealt with, the easier and cheaper it is to fix. And since it takes an average of 280 days to identify and contain a breach, according to Ponemon Institute research, there's plenty of room for improvement. | |||
|
2020-08-19 05:56:00 | BrandPost: Center for Internet Security\'s Community Defense Model (lien direct) | The CIS Critical Security Controls (CIS Controls) are a set of more than 170 cybersecurity defensive measures, called safeguards, organized into a set of 20 Control activities. A community of security experts cooperate to keep this list of safeguards up-to-date based on vendor summaries of recent attack activity described in reports like the Verizon Data Breach Investigations Report (DBIR) and their experiences defending actual networks. Enterprises can select safeguards from the CIS Controls to create a robust cyber defense mission for their organization. | Data Breach | ||
|
2020-08-17 11:56:00 | BrandPost: How to Restore Defenses to Newly Remote Workforces (lien direct) | Robin Vann is Chief Solution Officer and CTO at Reliance acsn, an end-to-end cybersecurity firm based in London.Vann and his teams provide high risk, highly regulated organizations with a complete range of cybersecurity services.When the pandemic struck, Vann and his teams worked on the front lines with their clients. He watched new vulnerabilities open and came to see how organizations must protect themselves in this moment.Here's what he learned.Today's Unsecured Remote WorkforceVann felt impressed as he watched organizations rapidly create new remote workforces. But he also grew worried. He saw many organizations massively increase their attack surface while simultaneously stripping away multiple layers of defense. | |||
|
2020-08-10 03:00:00 | 18 (new) ways attackers can compromise email (lien direct) | All organizations wrestle with chronic phishing attacks that are the primary vectors through which malicious actors breach systems and spread malware. | |||
|
2020-08-07 10:50:00 | Protocol gateway flaws reveal a weak point in ICS environments (lien direct) | Security researchers warn about widespread vulnerabilities in protocol gateways, small devices that connect industrial machinery and sensors to TCP/IP networks that are used to automate and control them. New research published this week by Trend Micro and presented at the Black Hat USA virtual security conference highlights a new threat via protocol translation attacks and reveals 9 flaws found in protocol gateways from different vendors.The identified vulnerabilities can enable various attack scenarios, from issuing stealth commands that could sabotage the operational process to gaining unauthorized access, decrypting configuration databases, exposing sensitive information and crashing critical equipment. | Threat | ||
|
2020-08-05 03:00:00 | What is a dictionary attack? And how you can easily stop them (lien direct) | Dictionary attack definition | |||
|
2020-07-29 10:00:00 | Linux GRUB2 bootloader flaw breaks Secure Boot on most computers and servers (lien direct) | Operating system maintainers, computer manufacturers, security and virtualization software vendors have worked together over the past few months to coordinate a unified response to a vulnerability that allows attackers to bypass boot process integrity verification, one of the key security features of modern computers. The flaw is located in the GRUB2 Linux bootloader, but because of how Secure Boot is implemented, it can be used to compromise the booting process of Windows and other systems as well.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Getting the patches that were announced today installed on all impacted computers and devices will require manual testing and deployment and will likely take a long time. It's reasonable to expect that some systems will never be updated and will remain vulnerable to boot-level malware and rogue firmware modifications. | Malware Vulnerability | ||
|
2020-07-24 03:00:00 | Microsoft Office the most targeted platform to carry out attacks (lien direct) | In 2019, Microsoft Office became cybercriminals' preferred platform when carrying out attacks, and the number of incidents keeps increasing, according to Kaspersky Lab researchers. Boris Larin, Vlad Stolyarov and Alexander Liskin showed at the company's Security Analyst Summit that the threat landscape has changed in the past two years and urged users to keep their software up-to-date and to avoid opening files that come from untrusted sources to reduce the risk of infection. [ Learn how to identify, block and remove malware from Windows PCs. | Get the latest from CSO by signing up for our newsletters. ] | Malware Threat | ||
|
2020-07-21 10:14:00 | BrandPost: How to Get Broader, Deeper MITRE Attack Coverage by Using EDR and NDR Together (lien direct) | The MITRE ATT&CK Framework has rapidly become the go-to lens through which security operations teams view their ability to detect attacker tactics, techniques, and procedures (TTPs). The ATT&CK Framework comprises 266 (and counting) TTPs across 12 tactic categories from initial compromise through maintaining persistence, defense evasion, and finally impact, spanning the course of a full cyberattack campaign.When enterprise SecOps teams start using MITRE ATT&CK, they gain a clearer view of which attack tactics they're able to detect, and which might fly under the radar or evade their defenses and eventually lead to a breach. Understanding these gaps in their defenses makes it easier to understand where to invest security budget, and how to update policies and procedures to fill those gaps. | Guideline | ||
|
2020-07-21 03:00:00 | Twitter hack raises alarm among government officials, security experts (lien direct) | A hack of Twitter last week shook the foundations of the internet, cybersecurity, and political worlds. A gang of young people purportedly obsessed with OGusers, early Twitter adopters with one or two characters in their handles, ostensibly targeted 130 high-profile accounts and reset passwords and sent messages from the accounts of 45 “celebrities.” The hacks appear financially motivated, with the attackers fleeing with $121,000 worth of bitcoin generated through the scam messages they sent from the accounts of Joe Biden, Barack Obama, Bill Gates, Elon Musk and other personages. [ Learn what makes these 6 social engineering techniques so effective. | Get the latest from CSO by signing up for our newsletters. ] | Hack | ||
|
2020-07-17 11:53:00 | Twitter VIP account hack highlights the danger of insider threats (lien direct) | Most companies are putting a lot of effort into making sure their network perimeters are secure against remote attacks, but they don't pay the same level of attention to threats that might originate inside their own organizations. The attack earlier this week that resulted in the hijacking of Twitter accounts belonging to high-profile individuals and brands is the perfect example of the impact a malicious or duped insider and poor privileged access monitoring could have on businesses. [ Learn what makes these 6 social engineering techniques so effective. | Get the latest from CSO by signing up for our newsletters. ] | Hack | ||
|
2020-07-14 05:00:00 | Critical flaw allows hackers to breach SAP systems with ease (lien direct) | SAP users should immediately deploy a newly released patch for a critical vulnerability that could allow hackers to compromise their systems and the data they contain. The flaw is in a core component that exists by default in most SAP deployments and can be exploited remotely without the need of a username and password.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Researchers from security firm Onapsis who found and reported the vulnerability estimate that 40,000 SAP customers worldwide might be affected. Over 2,500 vulnerable SAP systems are directly exposed to the internet and are at higher risk of being hacked, but attackers who gain access to local networks can compromise other deployments. | Vulnerability | ||
|
2020-07-13 06:48:00 | BrandPost: Virtual Security Analysts – Using AI to Bridge the Cybersecurity Skills Gap (lien direct) | Perhaps the most resource-intensive task required of security teams is the correlation and analysis of the massive volumes of data being produced by security devices and network sensors. This challenge is probably most apparent in the fact that network breaches often remain undetected for months, allowing cybercriminals to plant time-bombs, establish elaborate botnets, and slowly exfiltrate millions of records containing customer information and intellectual property. This challenge is compounded with the growing skills shortage the cybersecurity industry is facing globally, further adding to organizations' risks. In fact, a recent Fortinet survey found that 73% of organizations had at least one intrusion or breach over the past year that can be partially attributed to a gap in cybersecurity skills | |||
|
2020-07-08 03:00:00 | How to protect Windows networks from ransomware attacks (lien direct) | Honda's Customer Service and Financial Services were apparently hit by a ransomware attack recently. Kaspersky found samples in the VirusTotal database that make it appear that the company was targeted by the Snake ransomware. This incident made me think about what we can learn from how Honda was targeted to better protect Windows networks from ransomware attacks. | Ransomware | ||
|
2020-06-30 06:53:00 | Vulnerable drivers can enable crippling attacks against ATMs and POS systems (lien direct) | ATMs and point-of-sale (POS) systems have been a target for many cybercriminal groups over the past several years resulting in some of the largest card breaches and money heists in history. While attackers have various ways to break into these machines, researchers now warn that vulnerabilities in the drivers they contain could enable more persistent and damaging attacks.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Researchers from Eclypsium, a company that specializes in device security, have evaluted the security of device drivers, the programs that allow applications to talk to a system's hardware components and leverage their capabilities. Over the past year, their research project, dubbed Screwed Drivers, has identified vulnerabilities and design flaws in 40 Windows drivers from at least 20 different hardware vendors, highlighting widespread issues with this attack surface. | |||
|
2020-06-24 10:17:00 | BrandPost: ExtraHop Named in the 2020 Gartner Market Guide for UCaaS Monitoring (lien direct) | Unified Communications solutions have been integral to the enterprise for years, and as remote work becomes more common, the attack surface and potential for challenging performance issues increase with it. Remote workers logging in from new, unmanaged devices, shared devices, and generally using more UC services than ever will lead to more and more service issues and potential security leaks.On top of that, as with every type of enterprise solution, on-premises products will be replaced by those based in the cloud. The move to cloud-based solutions enables agility, but, as any person in IT Operations will remind you, digital transformation rarely happens in isolation. With each migration, the operations necessary to monitor and maintain that solution must also be able to function in the cloud. | Guideline | ||
|
2020-06-24 03:00:00 | Want better mobile security or privacy? Try these Android and iOS alternatives (lien direct) | In a market dominated by Android and iOS, a few mobile operating systems are daring to do something different. Graphene offers increased security for high-risk individuals and organizations, while /e/ wants to make privacy accessible to everyone. The two OSes are fighting against surveillance and surveillance capitalism, protecting consumers from the prying eyes of both nation-states and data-hungry companies. | |||
|
2020-06-23 03:00:00 | Brute-force attacks explained, and why they are on the rise (lien direct) | Brute-force attack definition | |||
|
2020-06-16 10:10:00 | BrandPost: SecureX: The Connective Tissue for Integrated Security (lien direct) | There's rarely a dull moment for security leaders. Many technology-related things are constantly evolving - the threat landscape, attack surface, business needs, and access to specific skill sets.That's why every security approach must enable both agility and stability - in other words, satisfy the ability to quickly respond to new events, while also providing robust, reliable security. “It comes down to simplifying the security team's day-to-day operations so that they can spend more time on higher-value activities that ultimately make their organization more secure,” says Jeff Reed, Senior Vice President of Product Management, Cisco Systems. | Threat Guideline | ||
|
2020-06-15 03:00:00 | Lessons learned from the ANPR data leak that shook Britain (lien direct) | On April 28, 2020, The Register reported the massive Automatic Number-Plate Recognition (ANPR) system used by the Sheffield government authorities was leaking some 8.6 million driver records. An online ANPR dashboard responsible for managing the cameras, tracking license plate numbers and viewing vehicle images was left exposed on the internet, without any password or security in place. This meant anybody on the internet could have accessed the dashboard via their web browser and peeked into a vehicle's journey or possibly corrupted records and overridden camera system settings. | |||
|
2020-06-11 00:00:00 | Enterprise internet attack surface is growing, report shows (lien direct) | The attack surface of large enterprises has grown in recent months driven by the new work conditions imposed by the COVID-19 pandemic. The threat has increased in many areas including servers that are directly accessible from the internet, domain names, websites, web forms, certificates, third-party applications and components or mobile apps. While some of those changes might be temporary, many are likely to be permanent, straining the ability of existing IT and security teams to manage and secure them.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Security firm RiskIQ, which specializes in digital asset discovery and protection, has used data collected recently by its technology through internet scans to assess the current global attack surface. Over two weeks, the company saw the addition of 2,959,498 new domain names and 772,786,941 new unique hosts to the web. | Threat | ||
|
2020-06-10 12:54:00 | Managing Risk, Resources, and Results with SOAR Solutions (lien direct) | The digital attack surface continues to expand due to a combination of evolving threats and new digital innovations. In an attempt to keep up, many organizations add security capabilities (often as dedicated point solutions) to address each new challenge, inadvertently adding complexity. This increased security complexity acerbates their current reality: too many vendors to manage, alerts to investigate, consoles to monitor, manual processes to follow, and a lack of skilled staff to manage expanding workloads.Incorporating security orchestration, automation, and response (SOAR) can alleviate these pressures before teams reach a breaking point. | |||
|
2020-06-04 03:00:00 | What is pretexting? Definition, examples and prevention (lien direct) | Pretexting definition Pretexting is form of social engineering in which an attacker tries to convince a victim to give up valuable information or access to a service or system. The distinguishing feature of this kind of attack is that the scam artists comes up with a story - or pretext - in order to fool the victim. The pretext generally casts the attacker in the role of someone in authority who has the right to access the information being sought, or who can use the information to help the victim.Pretexting has a fairly long history; in the U.K., where it's also known as blagging, it's a tool tabloid journalists have used for years to get access to salacious dirt on celebrities and politicians. But today it's commonly used by scam artists targeting private individuals and companies to try to get access to their financial accounts and private data. And pretexters can use any form of communication, including emails, texts, and voice phone calls, to ply their trade. | Tool | ||
|
2020-06-03 03:00:00 | Spring 2020: CISO rising (lien direct) | Welcome to the Summer 2020 digital issue of CSO, featuring winners of our CSO50 awards and Hall of Fame honorees. In these pages, we take a deep dive into the evolving role of the CISO, including the areas where they are taking on new responsibilities, the changing expectations around data privacy and protection, and some of the challenges ahead.[ Register now to view the Summer 2020 digital issue. ] Contents LEAD5 tips for scaling a security organization How to prepare your SOC for mergers, new business innovation and a constantly changing and growing attack surface. | Guideline | ||
|
2020-05-29 07:48:00 | BrandPost: Critical Insights to Closing the Growing Cybersecurity Skills Gap (lien direct) | The cybersecurity industry is facing an increasingly widening skills gap that has left many organizations even more vulnerable to breaches. According to a recent Fortinet-commissioned study, conducted by MaritzCX, 73% of respondents reported having had at least one intrusion or breach over the past year that can be directly attributed to a shortage in available cybersecurity talent. And as infrastructures become even more distributed amidst the COVID-19 pandemic, with a large percentage of the workforce now working from home, governments and businesses must work to close the skills gap to effectively secure these networks. | |||
|
2020-05-22 03:00:00 | How Abnormal Security combats business email compromise (lien direct) | When looking at all the different ways that hackers can threaten networks and enterprises, flashy incidents like ransomware scams often come to mind. But a relatively new kind of attack called business email compromise (BEC) has taken the lead in both frequency and overall damage, quickly becoming public enemy number one. | Guideline | ||
|
2020-05-21 06:39:00 | BrandPost: Real Time Matters in Endpoint Protection (lien direct) | Given the speed and potentially devastating impact of malware targeting your end users and devices (think ransomware these days), if your endpoint security isn't able to react immediately, the fight is over – and you will have lost. Sodinbiki ransomware, for example, starts encrypting files in seconds and can complete its job on an entire disk in as little as 5 minutes (depending on disk volume). From there, it can easily spread to network drives as well as throughout the organization. | Ransomware Malware | ||
|
2020-05-18 07:40:00 | Vishing explained: How voice phishing attacks scam victims (lien direct) | What is vishing? Vishing is a form of attack that attempts to trick victims into giving up sensitive personal information over the phone. While that makes it sound like an old-fashioned scam, vishing attacks have high-tech elements: they involve automated voice simulation technology, for instance, or the scammer may use personal information about the victim harvested from earlier cyberattacks to put them at ease.No matter what technology is used, the setup for the attack follows a familiar social engineering script: An attacker creates a scenario to prey on human emotions, commonly greed or fear, and convinces the victim to disclose sensitive information, like credit card numbers or passwords. In that sense, vishing techniques mirror the phishing scams that have been around since the 1990s. But vishing calls exploit the fact that we're more likely to trust a human voice - and may target the elderly and technophobic who are naive and have no experience with these types of scams. | |||
|
2020-05-13 03:00:00 | 9 tips to detect and prevent web shell attacks on Windows networks (lien direct) | One tool that bad guys use to go after your web servers is a web shell. A web shell is a malicious script that masquerades as a legitimate file and provides a backdoor into your server. Recent guidance from the US National Security Agency (NSA) and the Australian Signals Directorate (ASD) offers techniques to detect and prevent web shell malware from affecting web servers. The NSA document describes web shell malware as a long-standing, pervasive threat that continues to evade many security tools. | Malware Tool Threat | ||
|
2020-05-12 12:59:00 | 10 tips for a secure browsing experience (lien direct) | Your browser is one of the easiest ways for malware to penetrate your network. Here are 10 ways to practice safe surfing in Google Chrome, Microsoft Edge and Mozilla Firefox. | Malware | ||
|
2020-05-12 03:00:00 | Ryuk ransomware explained: A targeted, devastatingly effective attack (lien direct) | What is Ryuk ransomware? | Ransomware | ||
|
2020-05-11 03:00:00 | How IoT changes your threat model: 4 key considerations (lien direct) | IoT systems in business and operational environments have increased the attack surface and introduced new risks to the confidentiality, integrity and availability of critical data and systems at many enterprises. [ Find out how 4 deception tools deliver truer network security. | Get the latest from CSO by signing up for our newsletters. ] | Threat | ||
|
2020-05-07 06:00:00 | Attempted cyberattack highlights vulnerability of global water infrastructure (lien direct) | In late April, Israel's National Cyber Directorate received reports about an attempted “major” cyberattack on its water infrastructure. According to a statement issued by the directorate, the attack consisted of “assault attempts on control and control systems of wastewater treatment plants, pumping stations and sewers.”[ Learn what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ] The directorate called on water companies to change their internet passwords, make sure their control system software is updated, and undertake other cyber hygiene measures to tighten security. The attempted attacks were unsuccessful, according to the directorate, and appeared to be coordinated. Of concern was the level of chlorine in the water supply. The directorate asked water companies look for any disruptions, particularly regarding chlorine use in the water supply. | Vulnerability | ||
|
2020-05-04 06:00:00 | COVID-19 attack campaigns target hardest hit regions, research shows (lien direct) | Attackers continue to exploit people's fears about the COVID-19 pandemic to increase the success rate of their malicious campaigns, including in the enterprise space. New research from security companies shows that cybercriminals are focusing their attacks on countries and regions that were hit hardest by the coronavirus and on industry verticals that are under major economic pressure. [ How well do you know these 9 types of malware and how to recognize them. | Sign up for CSO newsletters! ] | Malware | ||
|
2020-04-30 03:00:00 | 7 ways to make your Zoom meetings safer (lien direct) | Zoom was a popular online conferencing application before COVID-19 infected the world, but the pandemic drove usage of the service to astronomical levels. Before the virus spread, the platform garnered about 10 million meeting participants a day. By March, that number was 200 million a day. | |||
|
2020-04-27 03:00:00 | Android security: Patching improves, but fragmentation challenges remain (lien direct) | Android device makers have improved their patching processes over the past two years according to a new analysis, decreasing the time gap between when security updates become public and their integration into firmware. This is good news for the Android ecosystem, which has historically been considered worse than Apple's iOS when it comes to patch hygiene. However, version fragmentation remains high in the Android world, with significant differences among device manufacturers and even across the same vendor's product lines. This leads to many devices running versions that are no longer supported.[ Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] Berlin-based Security Research Labs (SRLabs) has published the results of its binary analysis of around 10.000 unique firmware builds running on many Android device models from different manufacturers. Most of the data was collected with SnoopSnitch, an application developed by the company to analyze mobile radio data for abnormalities that could indicate user tracking and fake base stations. It can also check if the Android firmware running on a device has the critical vulnerability patches that correspond to its reported security patch level. | Vulnerability Patching Guideline | ||
|
2020-04-24 07:48:00 | BrandPost: Improving Security Outcomes While Balancing the CISO Budget (lien direct) | CISOs must continually do more with limited financial and human capital. This challenge is becoming more difficult as the attack surface expands, and as cost optimization becomes more critical.To this end, a majority of security leaders (61%) report that outcome-based objectives are helping them better allocate security spending, according to the Cisco 2020 CISO Benchmark Report. Use of this method is up 10% from the 2019 survey.What does this mean in practical terms? To achieve sought-after outcomes, organizations should:1) Find investment balance across their security technology portfolio;2) Achieve the visibility necessary to proactively respond to threats and incidents | Guideline | ||
|
2020-04-24 07:40:00 | BrandPost: Breach Alert! 6 Best Practices for Lowering Overall Breach Costs (lien direct) | Voluntary breach disclosures are at an all-time high, according to the Cisco 2020 CISO Benchmark Report. This demonstrates that, although a breach response plan takes considerable effort, the advance work pays off.The study found that 61% of organizations voluntarily disclosed a breach that lasted more than 17 hours. “Respondents are now finding that their credibility rises when they voluntarily disclose a major breach, thus preserving their brand reputation,” the report states.Yet, the work of breach preparation never ends. Cyberattacks will continue and evolve, as bad actors seek to exploit vulnerabilities wherever they exist.To that end, organizations should continually work to build a strong security program. The first step is establishing a risk profile. | |||
|
2020-04-23 13:01:00 | BrandPost: A Q&A with Cisco\'s CISO about Addressing Enterprise-wide Security (lien direct) | CISOs roles have significantly expanded. They're now tasked with securing complex IT infrastructures that expand the attack surface, assessing and mitigating risks, addressing the business' and board's concerns about security - as well as managing people, processes, and technologies on limited budgets.And in light of the recent coronavirus pandemic, all these challenges are further heightened. There has been a 26% increase in cyberattacks, with CISOs expecting COVID-19 to affect their risk-based decisions for years to come, according to a recent survey conducted by CSO. | Guideline | ||
|
2020-04-23 03:00:00 | Pharming explained: How attackers use fake websites to steal data (lien direct) | Pharming definition A pharming attack tries to redirect a website's traffic to a fake website controlled by the attacker, usually for the purpose of collecting sensitive information from victims or installing malware on their machines. Attackers tend to focus on creating look-alike ecommerce and digital banking websites to harvest credentials and payment card information. [ Check out these 11 phishing prevention tips for best technology practices, employee education and social media smarts. | Get the latest from CSO by signing up for our newsletters. ] | |||
|
2020-04-23 03:00:00 | Legions of cybersecurity volunteers rally to protect hospitals during COVID-19 crisis (lien direct) | Last month, some of the usual cast of online scammers and malware miscreants promised to refrain from attacking healthcare organizations or exploiting them during the COVID-19 crisis, showing a sense of honor unexpected from ransomware attackers and cryptocurrency thieves.However, this ceasefire turned out to be a head-fake. Within a week of those vows, malware purveyors and con artists rushed to send out phishing emails while masquerading as healthcare organizations and even launched attacks against hospitals and other critical facilities. Last week, Google alone was blocking 18 million COVID-19 phishing or malware-delivery emails per day. | Malware |
To see everything:
Our RSS (filtrered)
