What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2019-05-01 06:32:00 | (Déjà vu) 9 types of malware and how to recognize them (lien direct) | People tend to play fast and loose with security terminology. However, it's important to get your malware classifications straight because knowing how various types of malware spread is vital to containing and removing them.This concise malware bestiary will help you get your malware terms right when you hang out with geeks. [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-05-01 04:54:00 | Why local governments are a hot target for cyberattacks (lien direct) | Over the course of the past few weeks, a seemingly stepped-up wave of malware and ransomware infections has struck a number of municipalities across the U.S. On April 10, the city of Greenville, North Carolina, had to disconnect most city-owned computers from the Internet due to what officials said was a RobinHood ransomware infection, a duplicitous piece of malware that pretends to raise awareness and funds for the people of Yemen. On April 13, Imperial County, California was hit with Ryuk ransomware, which is designed to target enterprise environments, forcing its website to go dark and causing some city systems to malfunction, including a number of departments' phone lines. On the same day Imperial County was infected, the city of Stuart, Florida, was hit by Ryuk ransomware, forcing system shut-downs affecting payroll, utilities and other vital functions, including police and fire departments. On April 18, an unspecified piece of malware, likely ransomware, crippled the city's computer network in Augusta, Maine. On April 21, the municipally owned airport in Cleveland, Ohio, Cleveland Hopkins International airport, was struck by still-unspecified malware, causing the airport's flight and baggage information boards to go dark, an outage that lasted at least five days. [ Find out how 4 deception tools deliver truer network security. | Get the latest from CSO by signing up for our newsletters. ] | Ransomware Malware | ||
|
2019-04-29 03:00:00 | How a data-driven approach to security helps a small healthcare team embrace automation (lien direct) | The healthcare industry is an inviting and lucrative target for threat actors. It holds lots of valuable personal, health and finance data living in environments that often depend on legacy technology that is hard to patch and is defended by small teams with limited resources. Worse, the cost for data breaches at healthcare organizations is high. Not only does the healthcare industry have the highest cost per record breached according to the 2018 Ponemon Cost of a Data Breach study ($408, nearly double the next-highest industry), but research published last year suggested healthcare data breaches may cause as many as 2,100 deaths per year in the United States. | Data Breach Threat | ||
|
2019-04-29 03:00:00 | How to evaluate SOC-as-a-service providers (lien direct) | If you don't currently have your own security operations center (SOC), you are probably thinking of ways you can obtain one without building it from scratch. The on-premises version can be pricey, more so once you factor in the staffing costs to man it 24/7. In the past few years, managed security service providers (MSSPs) have come up with cloud-based SOCs that they use to monitor your networks and computing infrastructure and provide a wide range of services such as patching and malware remediation. Let's look at how this SOC-as-a-service (SOCaaS) industry has grown up, what they offer and how to pick the right supplier for your particular needs. | Malware Patching | ||
|
2019-04-25 12:31:00 | The growing demand for managed detection and response (MDR) (lien direct) | According to ESG research, 82% of cybersecurity professionals agree that improving threat detection and response (i.e. mean-time to detect (MTTD), mean-time to respond (MTTR), etc.) is a high priority at their organization. Furthermore, 77% of cybersecurity professionals surveyed say business managers are pressuring the cybersecurity team to improve threat detection and response. (Note: I am an ESG employee.)So, what's the problem? Threat detection and response ain't easy. In fact, 76% of those surveyed claim that threat detection and response is either much more difficult or somewhat more difficult than it was two years ago. Why? Cybersecurity professionals point to issues such as an upsurge in the volume and sophistication of threats, an increasing cybersecurity workload, and a growing attack surface. Oh, and let's not forget the impact of the cybersecurity skills shortage. Many firms lack the right staff and skills to make a significant dent in this area. | Threat | ||
|
2019-04-18 03:00:00 | Assume breach is for losers: These steps will stop data breaches (lien direct) | “Assume breach” is the popular computer defense strategy based on the idea that your company is either already breached or could easily be breached by a dedicated attacker. There is a lot of validity to this approach. Most companies and organizations are super easy to hack and compromise. However, it doesn't have to be this way. | Hack | ||
|
2019-04-17 08:12:00 | Wipro breach highlights third-party risk from large IT services providers (lien direct) | IT services outsourcing giant Wipro has been breached and some of its customers have been targeted by attackers as a result. Revealed by cybersecurity journalist Brian Krebs and later confirmed by the company, the attack was what Wipro described as advanced and persistent phishing emails involving “zero-day malware”. [ Check out these 11 phishing prevention tips for best technology practices, employee education and social media smarts. | Get the latest from CSO by signing up for our newsletters. ] | |||
|
2019-04-17 03:00:00 | What is a side channel attack? How these end-runs around encryption put everyone at risk (lien direct) | Side channel attack definition | |||
|
2019-04-17 03:00:00 | How to protect yourself from PC hardware and hardware driver vulnerabilities (lien direct) | PC manufacturer Asus recently announced that from June to November 2018, attackers used its Asus Live Update app, which comes preinstalled on ASUS notebook computers, to install backdoors on targeted computers. Kaspersky indicated that about 57,000 systems installed the backdoored live update software. Asus has acknowledged the introduction of malware into its update process and provided a tool to test your system to see if it has the malicious software installed. | Malware | ||
|
2019-04-16 03:00:00 | How OneLogin responded to its breach and regained customer trust (lien direct) | Data breaches have become ubiquitous in today's businesses. In a world where companies of all shapes and sizes can become cyber attack victims, how you handle a data breach becomes critically important. | Data Breach | ||
|
2019-04-15 03:00:00 | Outside-the-box malware is getting more common, security researchers warn (lien direct) | Most malware authors have become lazy in the past few years, copying code and techniques from each other. A few, however, “have invested in really fresh ideas,” building tools that are often difficult to detect by antivirus software and pose challenges to human researchers," Aleksandra Doniec, malware intelligence analyst at Malwarebytes, tells CSO. | Malware | ||
|
2019-04-12 03:00:00 | What is Emotet? And how to guard against this persistent Trojan malware (lien direct) | Emotet is a banking Trojan that started out stealing information from individuals, like credit card details. It has been lurking around since 2014 and has evolved tremendously over the years, becoming major threat that infiltrates corporate networks and spreads other strains of malware.The U.S. Department of Homeland Security published an alert on Emotet in July 2018, describing it as “an advanced, modular banking Trojan that primarily functions as a downloader or dropper of other banking Trojans,” and warning that it's very difficult to combat, capable of evading typical signature-based detection, and determined to spread itself. The alert explains that “Emotet infections have cost SLTT (state, local, tribal, and territorial) governments up to $1 million per incident to remediate.” | Malware Threat | ||
|
2019-04-10 16:59:00 | Group behind TRITON industrial sabotage malware made more victims (lien direct) | Security researchers have uncovered additional attacks attributed to the group behind the TRITON malware framework, one of the few threats found to date that was specifically designed to sabotage industrial equipment. TRITON was first uncovered in 2017 after hitting the systems of a petrochemical plant in Saudi Arabia with the possible goal of causing an explosion. That attack failed because an error made by the attackers triggered an emergency shutdown of critical systems.[ Learn what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ] The TRITON malware is capable of reprogramming Triconex safety instrumented system (SIS) controllers made by Schneider Electric. These controllers are part of the last line of defense for avoiding critical failures and possible disasters in industrial facilities. They are designed to automatically shut down equipment and processes if they exceed safe operating parameters. | Malware | ||
|
2019-04-10 12:33:00 | (Déjà vu) You Can Now Get This Award-Winning VPN For Just $1/month (lien direct) | If you use the internet (which you clearly do), you likely know how important it is to protect your data in an increasingly dangerous cyber environment. But like other essential tasks that tend to be tedious (like filing taxes early and brushing your teeth for the full two minutes), most installing and running a VPN can sound unappealing to many: sure, they encrypt your internet traffic and hide your location - but they can also run frustratingly slowly, delaying the way you'd usually use the internet for entertainment and work. That's where Ivacy VPN is different: not only will the speedy service let you browse and stream lag-free, it also offers real-time threat detection technology, removing malware and viruses at the server level. It ensures that all your downloads and devices stay totally secure, so you can stay safe online without being inconvenienced. | Malware Threat | ||
|
2019-04-10 03:00:00 | (Déjà vu) How and why deepfake videos work - and what is at risk (lien direct) | Deepfake definition Deepfakes are fake videos or audio recordings that look and sound just like the real thing. Once the bailiwick of Hollywood special effects studios and intelligence agencies producing propaganda, like the CIA or GCHQ's JTRIG directorate, today anyone can download deepfake software and create convincing fake videos in their spare time.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] So far, deepfakes have been limited to amateur hobbyists putting celebrities' faces on porn stars' bodies and making politicians say funny things. However, it would be just as easy to create a deepfake of an emergency alert warning an attack was imminent, or destroy someone's marriage with a fake sex video, or disrupt a close election by dropping a fake video or audio recording of one of the candidates days before voting starts. | |||
|
2019-04-08 03:00:00 | Inside the 2014 hack of a Saudi embassy (lien direct) | An attacker claiming to be ISIS took control of the official email account of the Saudi Embassy in the Netherlands in August, 2014 and sent emails to more than a dozen embassies at The Hague demanding $50 million for ISIS, or they would blow up a major diplomatic reception, documents seen by CSO reveal. | Hack | ||
|
2019-04-05 08:47:00 | The case for continuous automated security validation (lien direct) | Chinese military strategist Sun Tzu is quoted as saying, “if you know the enemy and you know yourself, you need not fear the results of a hundred battles.” In cybersecurity terms, that means knowing the cyber-adversaries and associated tactics, techniques, and procedures (TTPs) they use to attack your organization.Additionally, Sun Tzu's quote extends to an organizational reflection where you must know everything about your technical, human, and even physical vulnerabilities in order to apply the best protection for critical assets. [ Read also: What makes a good application pen test? Metrics | Get the latest from CSO: Sign up for our newsletters ] | |||
|
2019-04-04 03:00:00 | Security technologies that provide the most savings (lien direct) | Security costs are on the increase Image by NicoElNino / Getty ImagesIDC estimates that worldwide Spending on Security Solutions will reach $103.1 Billion in 2019. Security budgets average around $9 million per year per enterprise, according to Kaspersky. While the average cost of a data breach according to IBM and Ponemon is $3.86 million. |
Data Breach | ||
|
2019-03-28 09:11:00 | APT group Elfin switches from data destruction to data stealing via WinRAR vulnerability (lien direct) | Elfin (aka APT33), a hacker group affiliated with the Iranian government, is described by Symantec as “one of the most active groups currently operating in the Middle East.” They have been linked with a string of attacks on U.S. and Saudi Arabian companies, particularly in the aerospace and energy sectors. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach Vulnerability | APT33 APT 33 | |
|
2019-03-27 06:33:00 | BrandPost: IoT Widens the Security Gap. Now What? (lien direct) |
In a previous blog, I explored why 802.11ax means more IoT. 802.11ax, now known as Wi-Fi 6, makes the WLAN even more IoT-friendly given the support for dense concentrations of clients in environments such as buildings with smart lighting, environmental controls, and meeting room technology. Wi-Fi 6 introduces some terrific new security features, but the IoT security risk is rising fast. The security surrounding IoT devices has lagged behind hackers' ability to penetrate these devices. Criminals can remotely control smart devices, in turn creating traffic jams on highways, disrupting the power grid, or interrupting industrial robots. A compromised IoT device can also serve as a springboard for an attacker to spread through the network and steal or destroy sensitive information. |
|||
|
2019-03-26 04:11:00 | ASUS users fall victim to supply chain attack through backdoored update (lien direct) | Over a million users might have downloaded and installed a backdoored version of an ASUS application that was served from the company's official update servers. The incident is the latest in a string of software supply chain attacks that have come to light over the past couple of years and highlights the need for companies to better vet the applications and updates they deploy on their systems. | |||
|
2019-03-26 03:00:00 | How to report a data breach under GDPR (lien direct) | The General Data Protection Regulation (GDPR) is a broad set of regulations that dictate how a company handles the personal data of citizens within the European Union. Articles 33 and 34 of the GDPR outlines the requirements to notify both a supervisory authority and affected data subjects in the event of a data breach. | Data Breach | ||
|
2019-03-25 13:56:00 | Get a two-year subscription to Ivacy VPN for only $2.03/mo (lien direct) | If you use the internet (which you clearly do), you likely know how important it is to protect your data in an increasingly dangerous cyber environment. But like other essential tasks that tend to be tedious (like filing taxes early and brushing your teeth for the full two minutes), most installing and running a VPN can sound unappealing to many: sure, they encrypt your internet traffic and hide your location - but they can also run frustratingly slowly, delaying the way you'd usually use the internet for entertainment and work. That's where Ivacy VPN is different: not only will the speedy service let you browse and stream lag-free, it also offers real-time threat detection technology, removing malware and viruses at the server level. It ensures that all your downloads and devices stay totally secure, so you can stay safe online without being inconvenienced. | Malware Threat | ||
|
2019-03-22 05:27:00 | IDG Contributor Network: Facebook stashing plain text passwords is a wake-up call to improve GRC (lien direct) | As details emerged of how Facebook captured hundreds of millions of plain text passwords and stored them on internal company servers, my entire IT career flashed before my eyes. While it is criminal that there is apparently no adult supervision or oversight on what developers at Facebook can do with a user's credentials when logging into their apps, they are certainly not alone in their handling of plain text passwords.During my time as CEO at VeriClouds (a provider of identity threat intelligence that uses analytics on top a data lake of more than 10 billion compromised credentials) I was in a meeting with an executive of Twitter when he admitted to using a competitor's service whereby his team received “dumps” of compromised credentials – yes ladies and gentlemen, in plain text. I can understand that being a normal and accepted practice a decade ago before the President of the United States started using his service. I am bewildered as to why any security officer worth his title would allow a practice to occur, let alone continue at a massive social media site such as Twitter. | Threat | ||
|
2019-03-22 03:00:00 | Magecart payment card skimmer gang returns stronger than ever (lien direct) | Hackers are using increasingly sophisticated techniques to hide malicious code on e-commerce websites with the goal of stealing payment card details. Known as web skimmers, these malicious scripts have led to major breaches at online retailers over the past year and will very likely continue to cause problems for some time to come. [ How much does a cyber attack really cost? Take a look at the numbers.. | Get the latest from CSO by signing up for our newsletters. ] | |||
|
2019-03-20 08:03:00 | (Déjà vu) Best Android antivirus? The top 11 tools (lien direct) | The following are the 11 best antivirus tools for Android, according to AV-TEST's November 2018 evaluations of 18 Android security apps. (The AV-TEST Institute is a Germany-based independent service provider of IT security and antivirus research.)AV-TEST rates each tool for three areas: protection (six point max), usability (six points max) and features (one point max). Ten of the 11 Android antivirus software apps listed below received perfect protection and usability scores of 6.0. The other, F-Secure Mobile Security, lost a half point on the usability score. The apps are in alphabetical order. | Tool | ||
|
2019-03-20 03:00:00 | How to audit Windows Task Scheduler for cyber-attack activity (lien direct) | Recently Google announced two zero-days that impacted both the Chrome browser and Windows 7 operating system. Google released an update to Chrome to protect users from the issue, and Microsoft patched the Windows 7 zero-day with the March 12 updates. At this time the attack is only seen on Windows 7, and Google believes that Windows 10 is not vulnerable to the attack due to its sandbox technologies. | |||
|
2019-03-20 03:00:00 | What is malvertising? And how to protect against it (lien direct) | Malvertising definition Malvertising, a word that blends malware with advertising, refers to a technique cybercriminals use to target people covertly. Typically, they buy ad space on trustworthy websites, and although their ads appear legitimate, they have malicious code hidden inside them. Bad ads can redirect users to malicious websites or install malware on their computers or mobile devices. [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-03-19 10:09:00 | Does GDPR compliance reduce breach risk? (lien direct) | Compliance can be costly and often feels more like red tape and a barrier to business than anything that provides a benefit. A report by EY and the International Association of Privacy Professionals (IAPP) estimates that organizations have spend an average of $3 million to achieve compliance with the European Union's General Data Protection Regulation (GDPR), a sweeping piece of legislation that affects any company that stores or processes data on European Union (EU) citizens. | |||
|
2019-03-18 03:31:00 | Ransomware attack drives city to seek greater network visibility (lien direct) | Local governments have been under siege from ransomware attacks in recent years. Colorado announced a state of emergency and called in the National Guard's cyber team to help after its Department of Transportation was hit with SamSam ransomware in February 2018. March 2018 saw the City of Atlanta crippled by SamSam in an attack that cost an estimated $2.6 million to fix (against an original ransom of $52,000). In January 2019, the website for Dublin's Luas tram system also fell victim to an extortion attack. | Ransomware | ||
|
2019-03-14 03:00:00 | My two favorite companies from RSA Conference 2019 (lien direct) | I've got a confession to make. I've never attended an RSA Conference before last week. For RSAC 2019, however, I had the honor of giving one of my favorite presentations, 12 Ways to Hack 2FA. The crowd filled the presentation room and a spill-over room to hear it. I was a little under the weather, but I think it went well enough. | Hack | ||
|
2019-03-11 07:07:00 | Hackers use Slack to hide malware communications (lien direct) | A group of hackers is using a previously undocumented backdoor program designed to interact with attackers over Slack. While abusing legitimate services for malware command-and-control purposes is not a new development, this is the first time researchers have seen Slack, a popular enterprise collaboration tool, being used in this way.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] The backdoor was detected by security firm Trend Micro in a targeted attack launched from the compromised website of an organization called the Korean American National Coordinating Council that posts articles related to North and South Korean politics. The technique of infecting websites that are of interest to a particular group of individuals or organizations is known as a "watering hole" attack. | Malware | ||
|
2019-03-07 03:00:00 | How to hack a smartcard to gain privileged access (lien direct) | I can change an email address and steal your most privileged credentials. | Hack | ||
|
2019-03-06 03:00:00 | How to protect against poor Windows password practices (lien direct) | Hardly a day that goes by before some website reports a credential-stuffing attack where harvested usernames and passwords are used to gain access to sensitive information. Lately it was tax software site TurboTax where attackers accessed users' tax information. | |||
|
2019-03-04 06:41:00 | BrandPost: Leveraging UEBA to Address Insider Threats (lien direct) | The rapid adoption of new digital networking strategies has utterly transformed how and where we conduct business. Digital Transformation (DX) is expanding the attack surface, and one of the biggest challenges is extending security to all the places and devices where applications, workflows, and critical data need to travel to protect digital assets. The other challenge is that even though this change is happening at unprecedented speeds, the CEO and board are impatient with the time it takes to bring DX business opportunities to market. And of course, this requires top notch security for DX initiatives.DX is non-negotiable-but so is security. They are tied at the hip. The trick is to enable DX business initiatives without overwhelming the limited resources available to the security team. Because high-profile breaches are almost constantly in the news, those limited resources tend to be focused on keeping the bad guys out. Which is why job number one for most organizations involves deploying and managing security solutions across their expanding attack surface, including IoT, multi-cloud solutions, and SD-WAN deployments. | |||
|
2019-03-01 11:17:00 | Qbot malware resurfaces in new attack against businesses (lien direct) | The decade-old Qbot financial malware has resurfaced with an improved version in a new attack against businesses that has infected thousands of systems so far. Researchers from data security solutions provider Varonis have uncovered the attack after a customer alerted them about suspicious activity on a computer. The culprit turned out to be an infection with a new strain of Qbot, also known as Qakbot, that was trying to spread to other systems on the network. [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ] | Malware | ||
|
2019-02-27 10:23:00 | What is ethical hacking? How to get paid to break into computers (lien direct) | What is ethical hacking? Ethical hacking, also known as penetration testing or pen testing, is legally breaking into computers and devices to test an organization's defenses. It's among the most exciting IT jobs any person can be involved in. You are literally getting paid to keep up with the latest technology and get to break into computers without the threat of being arrested. Companies engage ethical hackers to identify vulnerabilities in their systems. From the penetration tester's point of view, there is no downside: If you hack in past the current defenses, you've given the client a chance to close the hole before an attacker discovers it. If you don't find anything, your client is even happier because they now get to declare their systems “secure enough that even paid hackers couldn't break into it.” Win-win! | Hack Threat | ||
|
2019-02-27 08:46:00 | Ransomware attacks hit Florida ISP, Australian cardiology group (lien direct) | After Florida ISP Network Tallahassee was hit with a ransomware attack, the broadband provider reportedly paid a $6,000 ransom. Details of the attack – such the type of ransomware and how many customers were affected – were not revealed. We know only that the infection was discovered on Saturday. The Tallahassee Democrat quoted a former cop as saying he could no longer send email on Monday, but he could still receive it.As of Wednesday morning, the afflicted ISP's site is still down, but the company left the following voicemail for customers who called in on Monday: “We have been in contact with the hackers and paid the ransom and have been advised it will be tomorrow, Tuesday, before we get the compiled encrypter tools. If the hackers deliver, it will probably be Wednesday before we are partially back up and running.” | Ransomware | ||
|
2019-02-21 12:01:00 | (Déjà vu) 7 mobile security threats you should take seriously in 2019 (lien direct) | Mobile security is at the top of every company's worry list these days - and for good reason: Nearly all workers now routinely access corporate data from smartphones, and that means keeping sensitive info out of the wrong hands is an increasingly intricate puzzle. The stakes, suffice it to say, are higher than ever: The average cost of a corporate data breach is a whopping $3.86 million, according to a 2018 report by the Ponemon Institute. That's 6.4 percent more than the estimated cost just one year earlier. [ Learn how SandBlast Mobile simplifies mobile security. | Get the latest from CSO by signing up for our newsletters. ] | Data Breach | ||
|
2019-02-20 11:27:00 | DDoS explained: How distributed denial of service attacks are evolving (lien direct) | What is a DDoS attack? A distributed denial of service (DDoS) attack is when an attacker, or attackers, attempt to make it impossible for a service to be delivered. This can be achieved by thwarting access to virtually anything: servers, devices, services, networks, applications, and even specific transactions within applications. In a DoS attack, it's one system that is sending the malicious data or requests; a DDoS attack comes from multiple systems.Generally, these attacks work by drowning a system with requests for data. This could be sending a web server so many requests to serve a page that it crashes under the demand, or it could be a database being hit with a high volume of queries. The result is available internet bandwidth, CPU and RAM capacity becomes overwhelmed. | |||
|
2019-02-20 05:47:00 | BrandPost: Addressing Today\'s Risks Requires Reliable Threat Intelligence (lien direct) | Two of the biggest challenges that CISOs face today are ensuring that security and business strategies are in alignment and that security solutions are focused on solving the right problems. More often than anyone wants to admit, security teams spend significant resources trying to resolve a specific set of security challenges only to find out that they either don't support critical business objectives or that the organization has been compromised by an attack coming from an unrecognized threat vector.Having a sense of urgency but not knowing where the threat is coming from is the equivalent of frantically wading around through flood water carrying a fire extinguisher. As it turns out, getting security right is just as important as having it in place. And ensuring that you have the right tool for the job starts by asking three key questions. | Tool Threat | ||
|
2019-02-20 03:00:00 | How to update Windows 10 for side channel vulnerability fixes (lien direct) | In January 2018, security news media was abuzz over a new class of vulnerability called side channel vulnerabilities. Spectre, Meltdown and Foreshadow are some of the best known. They exploit weaknesses in speculative execution in microprocessors to leak unauthorized information. Side channel vulnerabilities allow attackers to bypass account permissions, virtualization boundaries and protected memory regions. | Vulnerability | ||
|
2019-02-19 03:00:00 | Review: SlashNext is like shooting phish in a barrel (lien direct) | Using social engineering in conjunction with malicious program delivery, a technique known as phishing, remains one of the biggest threats to the cybersecurity landscape. If human users can be tricked into taking an action such as downloading malware, connecting with a compromised website, or even providing their credentials directly to criminals, it often overrides many of the automatic protections that cyber defenses offer. It's become so popular and so successful that the most recent Verizon Data Breach Investigations Report puts phishing and social engineering attacks at the center of 93 percent of breaches in 2018. | Data Breach | ||
|
2019-02-15 06:17:00 | (Déjà vu) Data breaches exposed 5 billion records in 2018. (lien direct) | The number of publicly known data breaches decreased last year compared to 2017, despite harsher breach notification rules going into effect in Europe. The number of compromised sensitive records also went down by more than a third, from 7.9 billion records to around 5 billion. [ How much does a data breach cost? Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ] According to a new report from security intelligence vendor Risk Based Security (RBS), over 6,500 incidents that resulted in compromised data have been publicly disclosed last year, two-thirds of them originating in the business sector. The government sector accounted for 13.9 percent, the medical sector for 13.4 percent and education for 6.5 percent. | Data Breach | ||
|
2019-02-15 03:00:00 | 10 essential steps to improve your security posture (lien direct) | It has never been easier for cybercriminals to infect your business with malware or ransomware. A vast array of malware tools can be bought on the dark web, complete with helpdesks for hackers, making the barrier to entry low. Most hackers will sit on your network for days, weeks or even months, gathering intelligence to infiltrate your systems and then try to exfiltrate data undetected. | Malware | ||
|
2019-02-14 03:00:00 | Beware of phony or misleading malware rescue web pages (lien direct) | Scammers and adware purveyors have long used the helpful nature of the internet to get more victims. In a world where the top search engines try their best to filter out the chaff, scammers still do their best to encourage victims to install unneeded and sometimes malicious software. They often succeed by using scare tactics and misleading information. My recent experience is an example and can serve as a warning to others. | Malware Guideline | ||
|
2019-02-13 10:45:00 | Disastrous cyber attack on email provider wipes US servers and backups (lien direct) | Some cyber attacks are so disastrous that there's no coming back from them. Email provider VFEmail worried that was the case when it said a hacker caused “catastrophic destruction” on Monday by destroying all data on U.S. servers, as well as the backup systems.On Monday morning, after VFEmail's site, servers, and webmail client went down, VFEmail tweeted: This is not looking good. All externally facing systems, of differing OS's and remote authentication, in multiple data centers are down.- VFEmail.net (@VFEmail) February 11, 2019 [ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters. ] | |||
|
2019-02-13 03:00:00 | What is a man-in-the-middle attack? How MitM attacks work and how to prevent them (lien direct) | A man-in-the-middle (MitM) attack is when an attacker intercepts communications between two parties either to secretly eavesdrop or modify traffic traveling between the two. Attackers might use MitM attacks to steal login credentials or personal information, spy on the victim, or sabotage communications or corrupt data.[ Keep up with 8 hot cyber security trends (and 4 going cold). Give your career a boost with top security certifications: Who they're for, what they cost, and which you need. | Sign up for CSO newsletters. ] “MITM attacks are a tactical means to an end,” says Zeki Turedi, technology strategist, EMEA at CrowdStrike. “The aim could be spying on individuals or groups to redirecting efforts, funds, resources, or attention.” | |||
|
2019-02-13 03:00:00 | How to prevent and recover from an APT attack through a managed service provider (lien direct) | What better way to enter a targeted system than through a firm that already has access to the targeted firm. The tactic is not new. In fact, attacking a target through its weakest link is a tried and true method. For this reason, managed service providers (MSPs), companies that are hired to manage the IT infrastructure of other firms, have become a popular point of attack for entry to a targeted company. Attackers use targeted emails to access the control systems of MSPs. Once in the system, attackers use lateral movement or administrative credentials to gain access into other systems. | |||
|
2019-02-12 12:37:00 | Popular electric scooters can be remotely hacked (lien direct) | Beware, Xiaomi M365 scooters riders, as security researchers say the scooters can be remotely hacked from up to 100 meters away to slam on the brakes or to accelerate.Security researchers from Zimperium's zLabs published a video showing their proof-of-concept (PoC) capable of disabling the scooter. In the PoC, the attacker connects to the scooter via Bluetooth and uses the its anti-theft feature without user consent or authentication. Various attack scenarios listed by Zimperium include locking the scooter via a denial-of-service attack, installing malicious firmware to gain complete control of the scooter, as well as targeted attacks on a specific rider to accelerate or suddenly brake. |
To see everything:
Our RSS (filtrered)
