What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-01 11:00:00 | New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs (lien direct) | A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack Reference (OSC&R) initiative, led by OX Security, evaluates software supply chain security threats, covering a wide range of attack vectors including vulnerabilities in third-party libraries and components, supply chain attacks on build and deployment systems, and compromised or malicious software updates. Cybersecurity professionals among the matrix's founding consortium include representatives from GitLab as well as former leaders from Microsoft, Google Cloud, Check Point Technologies, and OWASP.To read this article in full, please click here | Guideline | ★★★ | |
|
2023-02-01 05:00:00 | Misconfiguration and vulnerabilities biggest risks in cloud security: Report (lien direct) | The two biggest cloud security risks continue to be misconfigurations and vulnerabilities, which are being introduced in greater numbers through software supply chains, according to a report by Sysdig. While zero trust is a top priority, data showed that least privilege access rights, an underpinning of zero trust architecture, are not properly enforced. Almost 90% of granted permissions are not used, which leaves many opportunities for attackers who steal credentials, the report noted. To read this article in full, please click here | ★★★ | ||
|
2023-02-01 02:00:00 | US DOJ applies carrot-and-stick approach to Foreign Corrupt Practices Act policy (lien direct) | The US Department of Justice (DOJ) has taken a carrot-and-stick approach to its corporate enforcement policy in regard to the Foreign Corrupt Practices Act (FCPA) in an effort to entice companies to self-report when in violation of the FCPA. Assistant Attorney General Kenneth A. Polite, Jr., shared the 2022 success of the Criminal Division of the DOJ in its pursuit of corrupt and criminal activities within corporations that “threaten the public safety and national security, [and] wrongfully divert money into the pockets of criminal actors” at a mid-January event at Georgetown University's Law Center.To read this article in full, please click here | ★★ | ||
|
2023-02-01 02:00:00 | Why you might not be done with your January Microsoft security patches (lien direct) | The January patching window for your firm has probably come and gone. But has it? While January included a huge release of patches, several releases in other months have provided more than one headache for the patch management community. These are the patches and updates you need to evaluate if you haven't already done so.BitLocker Security Feature Bypass Vulnerability In January, additional information came out about CVE-2022-41099, the BitLocker Security Feature Bypass Vulnerability. If you've already deployed the November or later security updates to your network and have done nothing else, you aren't done with the evaluation of this update.To read this article in full, please click here | Patching | ★★★ | |
|
2023-01-31 08:04:00 | BrandPost: Is Your Organization Security Resilient? Here\'s How to Get There (lien direct) | Security resilience is top of mind for the vast majority of executives; 96% say its highly important to their business, according to the Cisco Security Outcomes Report, Volume 3.And with good reason: data breaches, ransomware, and other cyberattacks continue to plague organizations. In fact, the Cisco report found that 62% of organizations have experienced a security event that affected their resilience, including: 52% experienced a network or data breach 51% suffered a network or system outage 47% were affected by a ransomware event 46% reported a DDoS attack All these incidents are a big deal, many with negative impact: interrupted IT/communications, disrupted supply chain, impaired internal operations, lasting brand damage, loss of competitive advantage, and much more.To read this article in full, please click here | Ransomware | ★ | |
|
2023-01-31 08:00:00 | IoT, connected devices biggest contributors to expanding application attack surface (lien direct) | The growth of the internet of things (IoT) and connected devices are the biggest contributing factors to organizations' expanding attack surfaces. That's according to a new report from Cisco AppDynamics, which revealed that 89% of global IT professionals believe their organization has experienced an expansion in its attack surface over the last two years. The Shift to a Security Approach for the Full Application Stack report surveyed 1,150 IT professionals in organizations across a range of sectors and international markets to outline the current application security challenges impacting IT departments.To read this article in full, please click here | ★★★ | ||
|
2023-01-31 07:41:00 | Guardz debuts with cybersecurity-as-a-service for small businesses (lien direct) | Guardz, a Tel Aviv-based startup promising a broad range of out-of-the-box cybersecurity solutions for small and medium-size businesses (SMBs), has announced both a successful $10 million round of seed funding and the broad availability of its flagship product.The premise of the company's main offering is tight API integration with Microsoft 365 and Google Workspace. Guardz automatically enrolls all user accounts upon activation, and monitors risk posture, performs threat detection on all monitored accounts and devices, and offers one-click remediation for some threats.To read this article in full, please click here | Threat | ★★ | |
|
2023-01-31 06:29:00 | Privacera connects to Dremio\'s data lakehouse to aid data governance (lien direct) | The integration of open-source based Privacera into Dremio's data lakehouse is designed to allow joint customer enterprises to manage and organize secure data access. | ★★ | ||
|
2023-01-31 05:00:00 | Trulioo launches end-to-end identity platform (lien direct) | Identity verification firm Trulioo on Tuesday launched a new global identity platform for “person” and “business” verification. Trulioo so far sold multiple identity products, each operating in their own silos. Their products and services range from person and business verification, to no-code workflow building, low-code integrations, and anti-fraud measures. The new platform combines all these solutions into a single contract for clients who can use the platform to access information matching, identity document verification, proof of address through utility data, in-depth business verification, and watchlist screening with ongoing monitoring.To read this article in full, please click here | ★★★ | ||
|
2023-01-31 04:02:00 | Threat actors abuse Microsoft\'s “verified publisher” status to exploit OAuth privileges (lien direct) | Researchers from cybersecurity firm Proofpoint claim to have discovered a new threat campaign involving malicious third-party OAuth apps that are used to infiltrate organizations' cloud environments. According to a blog on the company's website, threat actors satisfied Microsoft's requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.To read this article in full, please click here | Threat | ★★★ | |
|
2023-01-31 02:00:00 | New UN cybercrime convention has a long way to go in a tight timeframe (lien direct) | Cybercrime is a growing scourge that transcends borders, spreading across the boundaries of virtually all the world's nearly 200 nation-states. From ransomware attacks to rampant cryptocurrency theft, criminal exploitation of borderless digital systems threatens global economic security and the political welfare of all countries.Now, the United Nations has a major initiative to develop a new and more inclusive approach to addressing cybercrime that would replace a two-decades-old international cybercrime convention. This revised global approach could spark new laws worldwide to battle cybercrime more effectively. However, concerns over the scope of the emerging international convention and its possible threats to free speech, privacy, and cybersecurity research, among other issues, have emerged following the recent release of early drafts of the new convention.To read this article in full, please click here | ★★ | ||
|
2023-01-30 11:00:00 | BrandPost: What\'s Next in Securing Healthcare (lien direct) | Over the last decade, healthcare has offered new lines of services such as telehealth and remote patient monitoring, expanded accessibility and ease for both patients and healthcare professionals, and supported innovations that measurably improve patient outcomes. It's a profound digital transformation.Today's digital healthcare organizations rely on data and IT in ways they never have before. Healthcare delivery has expanded beyond the four walls of a traditional acute care setting to ambulatory to the nascent hospital-at-home settings. IT continues to play a pivotal role in this ever-expanding healthcare delivery model and is tasked to not only drive successful business outcomes but also do so in a secure manner whereby patient privacy and data security are not compromised.To read this article in full, please click here | ★ | ||
|
2023-01-30 02:00:00 | Economic headwinds could deepen the cybersecurity skills shortage (lien direct) | According to the most recent research report from ESG and the Information System Security Association International (ISSA), 57% of organizations claim that they've been impacted by the global cybersecurity skills shortage, while 44% of organizations believe the skills shortage has gotten worse over the past few years. The result? Increasing workloads on existing cybersecurity staff, job requisitions open for weeks or months, and high burnout rates and attrition for cybersecurity professionals. (ESG and ISSA will update and present their latest research at this year's RSA conference.)To read this article in full, please click here | ★★★ | ||
|
2023-01-30 02:00:00 | How to survive below the cybersecurity poverty line (lien direct) | The security poverty line broadly defines a divide between the organizations that have the means and resources to achieve and maintain mature security postures to protect data, and those that do not. It was first coined by cybersecurity expert Wendy Nather in 2011, and the concept is just as relevant today as it was then (if not more so). It has widely become the benchmark for acceptable cybersecurity, often associated with factors such as company size, sector and disposable income, but also know-how and appetite for recognizing and addressing security inadequacies.Generally (but not always), those “above” the security poverty line are larger, private-sector businesses with the money, talent pool, and durability required to meet basic but highly important cybersecurity standards. Below it are typically small, young businesses or those that operate in cash- and resource-strapped sectors (though this is not a universal fact).To read this article in full, please click here | ★★★ | ||
|
2023-01-27 12:06:00 | BrandPost: Understanding Device and Infrastructure Attacks: Exploring the Microsoft Digital Defense Report 2022 (lien direct) | The Microsoft Digital Defense Report explores the most pressing cyber threats as they relate to cybercrime, nation-state threats, devices and infrastructure, cyber-influence operations, and cyber resiliency. Based on intelligence from 43 trillion security signals daily, this report offers insight and guidance on how organizations can help strengthen their cyber defenses.In this post, we will take a deeper look at section two of the report. Keep reading for our findings, and download the full Microsoft Digital Defense Report for even more insights.To read this article in full, please click here | ★ | ||
|
2023-01-27 06:55:00 | Hackers abuse legitimate remote monitoring and management tools in attacks (lien direct) | Security researchers warn that an increasing number of attackers are using legitimate remote monitoring and management (RMM) tools in their attacks to achieve remote access and control over systems. These tools are commonly used by managed service providers (MSPs) and IT help desks so their presence on an organization's network and systems might not raise suspicion.Researchers from Cisco Talos reported this week that one particular commercial RMM tool called Syncro was observed in a third of the incident response cases the company was engaged in during the fourth quarter of 2022. However, this wasn't the only such tool used.To read this article in full, please click here | Tool | ★★★ | |
|
2023-01-27 03:16:00 | FBI takes down Hive ransomware group in an undercover operation (lien direct) | The US Department of Justice (DOJ) along with international partners have taken down the Hive ransomware group. The operation that began in July 2022 resulted in the FBI penetrating Hive's computer networks, capturing its decryption keys, and offering them to victims worldwide, preventing victims from having to pay the $130 million in ransom demanded, DOJ said in a release on Thursday. “Last night, the Justice Department dismantled an international ransomware network responsible for extorting and attempting to extort hundreds of millions of dollars from victims in the United States and around the world,” Attorney General Merrick B. Garland said in the release. To read this article in full, please click here | Ransomware | ★★ | |
|
2023-01-26 09:41:00 | BrandPost: 3 Best Practices for Building Security Resilience (lien direct) | Only 37% of organizations responding to a recent Cisco survey said they're confident they can remain resilient in the event of a worst-case security incident.That's not surprising, given the rapidly increasing volume of endpoints distributed across complex IT architectures. Hybrid workforces combined with diverse IT infrastructures continue to make security resilience a daunting task.“We don't secure everything, everywhere, or otherwise business wouldn't get done,” said Helen Patton, CISO, Cisco Security Business Group. “But security resilience will allow you to focus your security resources on the pieces of the business that add the most value to an organization and ensure that value is protected.”To read this article in full, please click here | ★★★ | ||
|
2023-01-26 02:00:00 | 9 API security tools on the frontlines of cybersecurity (lien direct) | Application programming interfaces (APIs) have become a critical part of networking, programs, applications, devices, and nearly everything else in the computing landscape. This is especially true for cloud and mobile computing, neither of which could probably exist in its current form without APIs holding everything together or managing much of backend functionality.Because of their reliability and simplicity, APIs have become ubiquitous across the computing landscape. Most organizations probably don't even know how many APIs are operating within their networks, especially within their clouds. There are likely thousands APIs working within larger companies and even smaller organizations probably rely on more APIs than they realize.To read this article in full, please click here | ★★ | ||
|
2023-01-26 02:00:00 | Recent legal developments bode well for security researchers, but challenges remain (lien direct) | Despite the hoodie-wearing bad guy image, most hackers are bona fide security researchers protecting users by probing and testing the security configurations of digital networks and assets. Yet the law has often failed to distinguish between malicious hackers and good-faith security researchers.This failure to distinguish between the two hacker camps has, however, improved over the past two years, according to Harley Geiger, an attorney with Venable LLP, who serves as counsel in the Privacy and Data Security group. Speaking at Shmoocon 2023, Geiger pointed to three changes in hacker law in 2021 and 2022 that minimize security researchers' risks.To read this article in full, please click here | ★★ | ||
|
2023-01-25 11:06:00 | Attackers move away from Office macros to LNK files for malware delivery (lien direct) | For years attackers have used Office documents with malicious macros as one of the primary methods of infecting computers with malware. Microsoft finally took steps to disable such scripts by default in documents downloaded from the internet, forcing many groups to change tactics and increasingly choose LNK (shortcut) files as a delivery mechanism.This trend has led to the creation of paid tools and services dedicated to building malicious LNK files. Some of these builders include MLNK Builder, Quantum Builder, Macropack, LNKUp, Lnk2pwn, SharPersist, and RustLnkBuilder, but their use can provide opportunities for easier detection by security products.To read this article in full, please click here | Malware Prediction | ★ | |
|
2023-01-25 04:31:00 | Chinese threat actor DragonSpark targets East Asian businesses (lien direct) | Organizations in Taiwan, HongKong, Singapore and China have been recently facing attacks from a Chinese threat actor DragonSpark. The threat actor was observed using open source tool SparkRAT for its attacks, according to a report by SentinelOne. SparkRAT is multi-platform, feature-rich, and frequently updated with new features, making the Remote Access Trojan (RAT) attractive to threat actors.To read this article in full, please click here | Tool Threat | ★★ | |
|
2023-01-25 02:00:00 | Veterans bring high-value, real-life experience as potential cybersecurity employees (lien direct) | Johanna Wood was an armored crewman with Lord Strathcona's Horse, a Canadian Army regiment. At first glance, Wood's military role may seem incompatible with civilian work; there's not a lot of call for tank operators in private companies. But Wood believes her experience working in tanks gives her a significant edge as she enters the cybersecurity profession.“I was trained in reconnaissance, so I'm already trained to look for threats, I'm already trained to look for something that's unusual and that shouldn't be there. And it's that reconnaissance mindset, looking for things that don't belong, that I find myself drawing on [in cybersecurity work],” she says.To read this article in full, please click here | ★★ | ||
|
2023-01-24 13:02:00 | CYGNVS exits stealth, trumpeting its cyberattack recovery platform (lien direct) | Cyber recovery startup CYGNVS announced its emergence from stealth today, having raised $55 million in series A funding and created a highly functional “cyber crisis” platform which promises to help organizations recover from major breaches.The company's product is in its name – CYGNVS says it's an acronym for Cyber GuidaNce Virtual Space. It's effectively an all-in-one disaster recovery system for cyberattacks. It provides out-of-band communications between key team members, since corporate networks may become compromised by attackers, easy access to external experts, and pre-built, interactive “playbooks” to guide teams through the recovery process. It also offers the ability to run simulations in order to practice cyber incident response, auditing and compliance tools to sooth regulatory concerns, and fast onboarding with mobile apps and browsers alike.To read this article in full, please click here | ★★ | ||
|
2023-01-24 07:36:00 | P-to-P fraud most concerning cyber threat in 2023: CSI (lien direct) | US financial institutions see peer-to-peer fraud and other digital fraud as the biggest cybersecurity concern in 2023.It was cited by 29% of respondents in a survey by Computer Systems Inc. (CSI), followed by data breaches (23%), ransomware (20%) and a breach at a third party (15%). Industry respondents also expressed concerns over identity theft at 4%, unavailable or unaffordable cyber insurance at 4%, geopolitical risks at 3%, DDoS attacks at 2% and website defacement at 0.9%, according to CSI's annual survey of the financial sector. It received responses from 228 banking executives, 171 of them at vice-president level or above. To read this article in full, please click here | Ransomware Threat | ★★ | |
|
2023-01-24 07:21:00 | BrandPost: 3 Critical Firewall Attributes for Today\'s Network (lien direct) | Corporate networks have become increasingly complex with the adoption of public and private clouds, as well as edge deployments. This complexity has been intensified now that employees are working both onsite and remotely; network teams must pay greater attention to securing data and application traffic while also ensuring a consistent user experience.In addition to complex IT environments and hybrid workforces, many organizations are dealing with a heightened cybersecurity threat landscape that requires constant vigilance, as well as management to keep up with evolving security-related regulations. In response to massive global attacks, businesses have rightly ramped up security protections such as using greater encryption controls - which can inadvertently slow network traffic.To read this article in full, please click here | Threat | ★★ | |
|
2023-01-24 05:55:00 | (Déjà vu) ServiceNow to detect open source security vulnerabilities with Snyk integration (lien direct) | ServiceNow Vulnerability Response users will now have access to Snyk Open Source. This will represent the Israeli-US vendor's advanced software composition analysis (SCA) backed by Snyk's security intelligence-a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.ServiceNow Vulnerability Response is part of ServiceNow Security Operations and connects the workflow and automation capabilities of the ServiceNow platform with vulnerability scan data from other vendors which now includes Snyk's intelligence.To read this article in full, please click here | Vulnerability | ★★ | |
|
2023-01-24 05:55:00 | ServiceNow to detect open source security vulnerabilities with Synk integration (lien direct) | ServiceNow Vulnerability Response users will now have access to Snyk Open Source. This will represent the Israeli-US vendor's advanced software composition analysis (SCA) backed by Snyk's security intelligence-a combination of public sources, data from the developer community, proprietary expert research, machine learning, and human-in-the-loop AI.ServiceNow Vulnerability Response is part of ServiceNow Security Operations and connects the workflow and automation capabilities of the ServiceNow platform with vulnerability scan data from other vendors which now includes Snyk's intelligence.To read this article in full, please click here | Vulnerability | ★★ | |
|
2023-01-24 02:00:00 | Skyhawk launches platform to provide threat detection and response across multi-cloud environments (lien direct) | Cloud threat detection vendor Skyhawk Security has released a platform designed to address alert fatigue that provides cloud detection and response (CDR) across multi-cloud environments, the company said Tuesday in a statement. The company says the Synthesis platform is being released on a “freemium” basis-the base version is available at no cost, but supplement features can be purchased.Skyhawk claims the platform improves upon products focused on identifying numerous static cloud security misconfigurations by employing machine learning (ML) to find correlated sequences of high-priority runtime events and identify paths of least resistance that are exploited to compromise cloud infrastructure.To read this article in full, please click here | Threat | ★★ | |
|
2023-01-24 02:00:00 | How passkeys are changing authentication (lien direct) | Passwords are a central aspect of security infrastructure and practice, but they are also a principal weakness involved in 81% of all hacking breaches. Inherent useability problems make passwords difficult for users to manage safely. These security and useability shortcomings have driven the search for alternative approaches known generally as passwordless authentication.Passkeys are a kind of passwordless authentication that is seeing increasing focus and adoption. They are set to become a key part of security in the coming years. Passkeys represent a more secure foundation for enterprise security. Although they are not foolproof (they can be synced to a device running an insecure OS, for example), they are far more secure than passwords for customers, employees, and partners alike.To read this article in full, please click here | ★★★ | ||
|
2023-01-23 21:22:00 | Australia fronts International Counter Ransomware Taskforce (lien direct) | The International Counter Ransomware Taskforce (ICRTF), envisioned by the International Counter Ransomware Initiative (CRI), kicked off its operations on Monday with Australia as its inaugural chair and coordinator.The CRI was first brought together in October 2021 with a virtual meeting of 30 countries, facilitated by the US White House National Security Council.In November 2022, a second meeting took place where the following was established by the 37 participating member:To read this article in full, please click here | Ransomware | ★★ | |
|
2023-01-23 13:58:00 | Nvidia targets insider attacks with digital fingerprinting technology (lien direct) | Nvidia today announced that a digital lab playground for its latest security offering is now available, letting users try out an AI-powered system designed to monitor individual user accounts for potentially hazardous behavior.The idea, according to the company, is to leverage the large amounts of data that many organizations compile anyway about login and data access events on their systems, and use that to train an AI that watches for user accounts to diverge from their usual patterns. The system moves security teams from a scenario in which they have to comb through potentially millions of events a week to identify a problem to a small handful of “high risk” events identified by the system.To read this article in full, please click here | ★★ | ||
|
2023-01-23 13:30:00 | Attackers exploiting critical flaw in many Zoho ManageEngine products (lien direct) | Users of on-premises deployments of Zoho ManageEngine products should make sure they have patches applied for a critical remote code execution vulnerability that attackers have now started exploiting in the wild. Technical details about the flaw along with a proof-of-concept exploit was released late last week, which will allow more attackers to add this exploit to their arsenal."The vulnerability is easy to exploit and a good candidate for attackers to 'spray and pray' across the Internet," researchers with penetration testing firm Horizon3.ai said in a blog post. "This vulnerability allows for remote code execution as NT AUTHORITY\SYSTEM, essentially giving an attacker complete control over the system. If a user determines they have been compromised, additional investigation is required to determine any damage an attacker has done."To read this article in full, please click here | Vulnerability | ★★ | |
|
2023-01-23 10:14:00 | US Supreme Court leak investigation highlights weak and ineffective risk management strategy (lien direct) | The Supreme Court of the United States (SCOTUS) has announced that its investigation to find the insider who leaked a draft opinion of the Dobbs v. Jackson Women's Health Org. decision to media outlet Politico has come up empty.In a nutshell, the court's insider risk management program, designed to protect the information the justices handle on a daily basis, failed-and failed miserably. Frankly, based on the findings of the report, the court's insider risk management program-if it existed-was anemic at best.The investigation, detailed in a 23-page report released on January 19, indicates that the court's methodology was judged to be thorough by Michael Chertoff of the Chertoff Group, who was asked to review the marshal of the court's investigative results.To read this article in full, please click here | ★★★★ | ||
|
2023-01-23 02:00:00 | The metaverse brings a new breed of threats to challenge privacy and security gatekeepers (lien direct) | The metaverse is coming; businesses and government agencies are already building virtual worlds to support city services, meetings and conferences, community building, and commerce. They're also rendering spatial apps around travel, car sales, manufacturing, and architecture in what Citi predicts will be a $13-trillion market with 5 billion users by 2030.“Just as the internet, e-commerce, social media, smartphones, and remote computing have in the past two decades changed the ways companies operate and reach their employees and customers, organizations are now experimenting with the metaverse because they are seeing this as an extension of prior transformations,” says Cathy Barrera, founding economist of Prysm Group, which partners with Wharton College in teaching executive education programs on metaverse business and blockchains.To read this article in full, please click here | ★★ | ||
|
2023-01-20 14:09:00 | Wallarm touts API leak protection with new scanning feature (lien direct) | API security company Wallarm announced Frdiay that it had opened a preview period for its newest offering - an active scanning system that checks through public sources of compromised API data, alerts users, and provides automated responses if a compromise is detected.The API Leak Protection feature, which will be deployed via Wallarm's existing End-to-End API Security platform, takes advantage of that platform's inventory of a given organization's APIs. The system checks those APIs against compromised data found in known public sources of leaked API information - Pastebin, public repositories, and even dark web sources. It then revokes all access to requests made with compromised tokens, and blocks future requests from using them.To read this article in full, please click here | ★ | ||
|
2023-01-20 10:06:00 | BrandPost: Assessing MDR Providers with MITRE ATT&CK Steps (lien direct) | Recent results of the first-ever MITRE Engenuity ATT&CK Evaluation of security service providers give potential buyers a deeper look into the capabilities of 15 security services providers, and sheds some light on their skills in detecting, analyzing, and describing adversary behavior.MITRE Engenuity first introduced an ATT&CK Evaluation for managed services five years ago and has since then conducted many independent evaluations of cybersecurity products using an open methodology based on the ATT&CK knowledge base. The evaluations use simulated real-world attacks to evaluate the tactics, techniques, and procedures (TTPs) of relevant advanced persistent threats (APTs). In addition, the vendors must demonstrate their ability to detect, analyze, and describe those activities.To read this article in full, please click here | ★ | ||
|
2023-01-20 09:43:00 | BrandPost: IoT Adoption in Healthcare Brings Security Opportunities (lien direct) | Connected medical devices, also known as the Internet of Medical Things or IoMT, are revolutionizing healthcare, not only from an operational standpoint but related to patient care. In hospital and healthcare settings around the world, connected medical devices support critical patient care delivery and a wide variety of clinical functions, from medical infusion pumps and surgical robots to vital sign monitors, ambulance equipment, and so much more. At the end of the day, it's all about patient outcomes and how to improve the delivery of care, so this kind of IoT adoption in healthcare brings opportunities that can be life-changing, as well as simply being operationally sound.To read this article in full, please click here | Medical | ★ | |
|
2023-01-20 02:11:00 | T-Mobile suffers 8th data breach in less than 5 years (lien direct) | Telecom player T-Mobile US has suffered a cybersecurity incident that resulted in the exposure of personal details of 37 million users, the company reported in a filing to the US Securities and Exchange Commission on Thursday. Customer data such as customer name, billing address, email, phone number, date of birth, T-Mobile account number and information such as the number of lines on the account and plan features were exposed, the company revealed. However, T-Mobile in a statement insisted that customer payment card information (PCI), social security numbers/tax IDs, driver's license or other government ID numbers, passwords/PINs or other financial account information were not exposed, it . To read this article in full, please click here | Data Breach | ★ | |
|
2023-01-19 12:48:00 | BrandPost: Securing Critical Infrastructure with Zero Trust (lien direct) | Critical infrastructure forms the fabric of our society, providing power for our homes and businesses, fuel for our vehicles, and medical services that preserve human health.With the acceleration of digital transformation spurred by the pandemic, larger and larger volumes of critical infrastructure and services have become increasingly connected. Operational technology (OT) serves a critical role as sensors in power plants, water treatment facilities, and a broad range of industrial environments.Digital transformation has also led to a growing convergence between OT and information technology (IT). All of this connection brings accessibility benefits, but it also introduces a host of potential security risks.To read this article in full, please click here | Industrial Medical | ★ | |
|
2023-01-19 10:01:00 | Many ICS flaws remain unpatched as attacks against critical infrastructure rise (lien direct) | Patching vulnerabilities in industrial environments has always been challenging due to interoperability concerns, strict uptime requirements, and sometimes the age of devices. According to a recent analysis, a third of vulnerabilities don't even have patches or remediations available.Out of 926 CVEs -- unique vulnerability identifiers -- that were included in ICS advisories from the US Cybersecurity and Infrastructure Security Agency (CISA) during the second half of 2022, 35% had no patch or remediation available from the vendor, according to an analysis by SynSaber, a security company that specializes in industrial asset and network monitoring.To read this article in full, please click here | Vulnerability Industrial | ★★★ | |
|
2023-01-19 07:59:00 | BrandPost: Not If, But When: Maintaining Resilience as Threat Actors Adapt (lien direct) | Talos recently published its inaugural 2022 Year-in-Review report. We gathered insight from dozens of subject matter experts all throughout Cisco to tell a data-driven story about the major security events Cisco responded to, trends in the threat landscape, and what it all means for 2023.As we reviewed the major events from this year, one throughline seemed particularly clear: adversaries are adapting to shifts in the geopolitical landscape, actions from law enforcement, and the efforts of defenders. Organizations, IT leaders, and security professionals will need to track and address these shifts in behavior to maintain resilience.To read this article in full, please click here | Threat Guideline | ★★ | |
|
2023-01-19 07:37:00 | Why you don\'t have to fix every vulnerability (lien direct) | The word “vulnerability” typically comes with a “must fix now” response. However, not all vulnerabilities should be treated equally because not all of them pose a risk. It all depends on what the data represents. In fact, some vulnerabilities are OK to deprioritize, depending on associated threats and the value of the asset at risk. For example, a lock on a 20th floor window of a building is not as important as one on the ground level, unless the contents of the room are so valuable that a thief would take the effort to access such an unreachable place. Scans reveal thousands of vulnerabilities across all assets – networks, applications, systems and devices – but they do not show which ones could lead to a damaging compromise if not fixed immediately. It is not about ignoring vulnerabilities; it is about prioritizing how you apply your resources to remediate them. Bay Dynamics provides some examples of vulnerabilities that are OK to put on the back burner.To read this article in full, please click here | Vulnerability Guideline | ★★ | |
|
2023-01-19 04:27:00 | Chinese hackers targeted Iranian government entities for months: Report (lien direct) | Chinese advanced persistent threat actor, Playful Taurus, targeted several Iranian government entities between July and December 2022, according to a Palo Alto Networks report. The Chinese threat actor also known as APT15, KeChang, NICKEL, BackdoorDiplomacy, and Vixen Panda, was observed attempting to connect government domains to malware infrastructure previously associated with the APT group, according to the report.“Playful Taurus continues to evolve their tactics and their tooling. Recent upgrades to the Turian backdoor and new C2 infrastructure suggest that these actors continue to see success during their cyber espionage campaigns,” Palo Alto Networks said in a blog. To read this article in full, please click here | Malware Threat | APT 15 APT 25 | ★★★ |
|
2023-01-19 02:00:00 | How CISOs can manage the cybersecurity of high-level executives (lien direct) | High-level executives, including board members and C-level executives, often have access to sensitive information, making them prime targets for bad actors looking to penetrate corporate defenses. Their personal devices, among other points of entry, are glaring attack vectors for cybercriminals looking to get in on the top floor.As CISOs know, cyber incidents all too often include the human element-and executives are all too human. According to the Verizon 2022 Data Breach Investigations Report, 82% of breaches involved a human element, the bulk of them involving phishing, business email compromise (BEC), and stolen credentials.To read this article in full, please click here | Data Breach | ★★ | |
|
2023-01-18 12:27:00 | BrandPost: The State of Cybercrime In 2022: Exploring the Microsoft Digital Defense Report (lien direct) | Microsoft has worked to illuminate the evolving digital threat landscape with in-depth security reports for more than 15 years. Our mission first began with the Microsoft Security Intelligence Report, which ran from 2005 to 2018. It has since evolved into the Microsoft Digital Defense Report, which was first released in 2020. This latest edition explores the most pressing cyber threats while also providing insight and guidance on how organizations can strengthen their cyber defenses.To read this article in full, please click here | Threat | ★★★★ | |
|
2023-01-18 12:08:00 | QuSecure launches quantum-computing based security for endpoints (lien direct) | QuSecure, a quantum-computing technology company based in Silicon Valley, today announced the latest version of its security platform, called QuEverywhere - designed to allow organizations to extend quantum-safe security all the way to endpoints like laptops and smartphones, the company said in a statement.QuEverywhere, according to the company, is an app- or browser-based method of applying quantum cryptography to connections or transactions on a given platform. It's based largely on the company's proxy server technology, which uses quantum technology housed in QuSecure's Quark Orchestrator to handle encryption, decryption and session management for any system to which it is applied.To read this article in full, please click here | ★★ | ||
|
2023-01-18 06:00:00 | Perception Point launches Advanced Threat Protection for Zendesk (lien direct) | Threat protection company Perception Point has launched Advanced Threat Protection for Zendesk to provide detection and remediation services for Zendesk customers. Perception Point said that customers can now protect customer service software Zendesk a single, consolidated platform alongside their email, web browsers and other cloud collaboration apps. Advanced Threat Protection for Zendesk has been built to help secure vulnerable help desks and customer support teams from external threats such as malicious content within tickets, the firm stated.Help desk, customer service teams key attack targets In organizations, help desk and customer support staff often have access to workstations, mobile devices, routers, and servers, as well as the complete digital workplace system and the data associated with it. They also typically communicate regularly with people outside of the organization. These factors make them attractive attack targets and particularly vulnerable to external threats originating from malicious content. Content uploaded externally can potentially be used as a vehicle for cyberattacks, allowing malicious payloads to enter an organization's system, Perception Point noted in its announcement.To read this article in full, please click here | Threat | ★★ | |
|
2023-01-18 06:00:00 | Trustwave relaunches Advanced Continual Threat Hunting with human-led methodology (lien direct) | Cybersecurity vendor Trustwave has announced the relaunch of its Advanced Continual Threat Hunting platform with new, patent-pending human-led threat hunting methodology. The firm claimed the enhancement will allow its SpiderLabs threat hunting teams to conduct increased human-led threat hunts and discover more behavior-based findings that could go undetected by traditional endpoint detection and response (EDR) tools.New method hunts for behaviors associated with known threat actors In a press release, Trustwave stated that its security teams regularly perform advanced threat hunting to study the tactics, techniques, and procedures (TTPs) of sophisticated threat actors. Trustwave's new intellectual property (IP) goes beyond indicators of compromise (IoC) to uncover new or unknown threats by hunting for indicators of behavior (IoB) associated with specific attackers.To read this article in full, please click here | Threat | ★★ | |
|
2023-01-18 02:00:00 | Why it\'s time to review your on-premises Microsoft Exchange patch status (lien direct) | We start the patching year of 2023 looking at one of the largest releases of vulnerability fixes in Microsoft history. The January 10 Patch Tuesday update patched one actively exploited zero-day vulnerability and 98 security flaws. The update arrives at a time when short- and long-term technology and budget decisions need to be made.This is particularly true for organizations using on-premises Microsoft Exchange Servers. Start off 2023 by reviewing the most basic communication tool you have in your business: your mail server. Is it as protected as it could be from the threats that lie ahead of us in the coming months? The attackers know the answer to that question.To read this article in full, please click here | Tool Vulnerability Patching | ★★ |
To see everything:
Our RSS (filtrered)
