What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-01-17 14:51:00 | Remote.it takes steps toward zero trust with \'single line of code\' provisioning (lien direct) | Network management company Remote.it today announced new features for its core SaaS-based service, including support for the Okta user identification platform and Docker containers, and what it's describing as “programmatic deployment" of zero trust networks.Essentially, the company said, the idea is to provide automated provisioning and deployment of network access to managed assetts - using a small, 80KB daemon designed to run on almost any hardware to hook into the TCP/IP stack and create a connection with Remote.it's systems. The company's own cloud then automatically configures the connection, without any requirement of input from IT staff.To read this article in full, please click here | ★★ | ||
|
2023-01-17 13:53:00 | How attackers might use GitHub Codespaces to hide malware delivery (lien direct) | Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub's servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality that can be abused to distribute malware payloads in a stealthy way."If the application port is shared privately, browser cookies are used and required for authentication," researchers from security firm Trend Micro said in a new report. "However, if ports are shared with the public (that is, without authentication or authentication context), attackers can abuse this feature to host malicious content such as scripts and malware samples."To read this article in full, please click here | Malware Prediction | ★ | |
|
2023-01-17 10:14:00 | BrandPost: Optimize Your Security Investments with the Right MDR Provider (lien direct) | Traditionally, Managed Detection and Response (MDR) providers deliver MDR in one of two ways. The first is to use the customer's existing technology with select and heavily curated third-party technology integrations.“They are what we call 'bring your own technology' providers,” says Eric Kokonas, Global Head of Analyst Relations with Sophos. “Those providers take advantage of a customer's existing tool set. They say, you've made investments in security tools. We're going to provide the people and processes, and we're going to help you leverage those tools to detect and respond to advanced threats.”To read this article in full, please click here | Tool | ★ | |
|
2023-01-17 07:58:00 | BrandPost: Key Considerations for Alleviating MFA Push Fatigue (lien direct) | Security awareness training - combined with the right technologies - have done a great job of alerting employees to the risks of phishing scams and clicking on suspicious links.But criminals are relentless and brutally crafty. They will continue to target end-users, as people are cheaper and easier to exploit than systems. “Anyone who has been in security long enough recognizes that every time we make a taller wall or a stronger door, someone comes up with a taller ladder or a better battering ram,” says said J. Wolfgang Goerlich, Advisory CISO at Cisco.Their latest tactic involves creating multifactor authentication (MFA) fatigue. This occurs when the attacker “sends a user multiple push notifications in the hopes that they will click and approve a request - either out of muscle memory, thinking they must have logged into an application, or simply out of hope that they will stop getting these notifications,” says Goerlich.To read this article in full, please click here | ★ | ||
|
2023-01-17 07:03:00 | BrandPost: Truly unified security includes distributed and remote operations (lien direct) | The concept of the network perimeter has expanded dramatically in recent years. Today, many organizations operate in a distributed model, with branch offices and endpoints deployed outside of a physical office. But anything connecting to the corporate network is a potential vector for attackers, who can make their way into the network core (and potentially gain access to an organization's “crown jewels”) by first compromising a branch office or an endpoint. As a result, truly unified security must be comprehensive, with equally robust protection for all devices and endpoints no matter where they are, along with centralized management and visibility.To read this article in full, please click here | ★★ | ||
|
2023-01-17 05:00:00 | DigiCert releases Trust Lifecycle Manager to unify certificate management, PKI services (lien direct) | Digital security certificate company DigiCert has announced the launch of DigiCert Trust Lifecycle Manager – a new solution designed to unify certificate authority-agnostic certificate management and public key infrastructure (PKI) services. Available now as part of the DigiCert ONE platform, Trust Lifecycle Manager aims to set a new standard for managing trust within an organization's digital footprint and reduce their attack surface to help prevent data breaches, the firm said.Solution built to address three key security certificate management challenges In a press release, DigiCert stated that Trust Lifecycle Manager tightly integrates with its “best-in-class” public trust issuance for a full-stack solution governing seamless management of corporate digital trust infrastructure. Brian Trzupek, SVP of product at DigiCert, tells CSO that the solution has been built to address three key digital security certificate management challenges posing risks to organizations amid expanding networks. “These are year-on-year certificate growth, frequent rogue certificate encounters, and disparate certificate oversight across business departments,” he says.To read this article in full, please click here | ★★★ | ||
|
2023-01-17 04:47:00 | European data protection authorities issue record €2.92 billion in GDPR fines (lien direct) | European data regulators issued a record €2.92 billion in fines last year, a 168% increase from 2021. That's according to the latest GDPR and Data Breach survey from international law firm DLA Piper, which covers all 27 Member States of the European Union, plus the UK, Norway, Iceland, and Liechtenstein. This year's biggest fine of €405 million was imposed by the Irish Data Protection Commissioner (DPC) against Meta Platforms Ireland Limited relating to Instagram for alleged failures to protect children's personal data. The Irish DPC also fined Meta €265 million for failing to comply with the GDPR obligation for Data Protection by Design and Default. Both fines are currently under appeal.To read this article in full, please click here | Data Breach | ★★★ | |
|
2023-01-17 04:21:00 | US Maritime Administrator to study port crane cybersecurity concerns (lien direct) | The 2023 National Defense Authorization Act (NDAA) passed by Congress and signed by President Biden in late December 2022 was filled with a host of military-related cybersecurity provisions. One little-noticed provision in the bill called for a study of cybersecurity and national security threats posed by foreign-manufactured cranes at United States ports.Under this provision, the Maritime Administrator, working with Homeland Security, the Pentagon, and the Cybersecurity and Infrastructure Security Agency (CISA), is required to conduct a study to assess whether foreign manufactured cranes at United States ports pose cybersecurity or national security threats. It must be completed by late December 2023 and submitted to the Senate Commerce and Armed Services committees and House Transportation and Armed Services committees.To read this article in full, please click here | ★★ | ||
|
2023-01-16 02:00:00 | How AI chatbot ChatGPT changes the phishing game (lien direct) | ChatGPT, OpenAI's free chatbot based on GPT-3.5, was released on 30 November 2022 and racked up a million users in five days. It is capable of writing emails, essays, code and phishing emails, if the user knows how to ask.By comparison, it took Twitter two years to reach a million users. Facebook took ten months, Dropbox seven months, Spotify five months, Instagram six weeks. Pokemon Go took ten hours, so don't break out the champagne bottles, but still, five days is pretty impressive for a web-based tool that didn't have any built-in name recognition.To read this article in full, please click here | Tool | ChatGPT | ★★ |
|
2023-01-13 12:01:00 | Attackers deploy sophisticated Linux implant on Fortinet network security devices (lien direct) | In December network security vendor Fortinet disclosed that a critical vulnerability in its FortiOS operating system was being exploited by attackers in the wild. This week, after additional analysis, the company released more details about a sophisticated malware implant that those attackers deployed through the flaw.Based on currently available information, the original zero-day attack was highly targeted to government-related entities. However, since the vulnerability has been known for over a month, all customers should patch it as soon as possible as more attackers could start using it.Remote code execution in FortiOS SSL-VPN The vulnerability, tracked as CVE-2022-42475, is in the SSL-VPN functionality of FortiOS and can be exploited by remote attackers without authentication. Successful exploitation can result in the execution of arbitrary code and commands.To read this article in full, please click here | Malware Vulnerability | ★★★ | |
|
2023-01-13 10:39:00 | BrandPost: Looking for a Warranty from an MDR Provider? Ask These Key Questions (lien direct) | Managed Detection and Response (MDR) helps ensure organizations are protected against advanced cyberattacks. That protection often comes with a warranty to back up those services.Warranties provide financial protection for organizations if they are the victim of an attack or breach. The policies often cover the costs associated with responding to and recovering from a cybersecurity incident.“The MDR provider will incur costs you would have incurred,” says Sally Adam, Senior Director at Sophos. “The warranty extends a further peace of mind.”But how reliable is the assurance these policies claim to provide? Not all warranties are created equal. How should security leaders who are looking at MDR service warranties evaluate these offerings?To read this article in full, please click here | Guideline | ★★ | |
|
2023-01-13 04:00:00 | Royal ransomware group actively exploiting Citrix vulnerability (lien direct) | The Royal ransomware group is believed to be actively exploiting a critical security flaw affecting Citrix systems, according to the cyber research team at cyber insurance provider At-Bay. Announced by Citrix on November 8, 2022, the vulnerability, identified as CVE-2022-27510, allows for the potential bypass of authentication measures on two Citrix products: the Application Delivery Controller (ADC) and Gateway.To read this article in full, please click here | Ransomware Vulnerability | ★★ | |
|
2023-01-12 10:00:00 | BrandPost: How Financial Institutions Can SOAR to Success with Devo SOAR (lien direct) | According to the 2022 IBM Cost of a Data Breach Report, the global average cost of a data breach is $4.35 million. Data breaches in the US are even more costly, averaging over $9 million. However, it isn't just the big players caught in the line of fire. IBM's report also found that 83% of companies will experience a data breach soon, meaning financial institutions of all sizes - from local credit unions to Fortune 500s - are at risk. While ransomware attacks get the most time in the financial headlines, most breaches aren't caused by external factors or threat actors. The majority of system availability problems actually occur due to a lack of staff knowledge and protective protocols, software issues and limited security visibility across the institution. However, “more visibility” is not synonymous with “seeing more alerts.” In fact, the opposite is true. Keep reading to see how Devo SOAR helped a leading US bank streamline its SOC.To read this article in full, please click here | Ransomware Data Breach Threat Guideline | ★★ | |
|
2023-01-12 09:58:00 | BrandPost: The Unrelenting Rise of Botnet Threats (lien direct) | As the world has moved to scalable online services for everything from video streaming to gaming to messaging, it's really no surprise that malware has followed close behind. Specifically, threats such as botnets are evolving and scaling at such speeds that it's more important than ever to proactively manage potential security threats. Botnets, a portmanteau or blend of the phrase robot networks, are collections of malware-infected computing resources that can be used to attack any connected target system. They're a growing risk for every organization, enabling cyber criminals to steal passwords and gain access to corporate systems, deploy disruptive attacks that shut down entire network, or even hijack corporate data with ransomware.To read this article in full, please click here | Malware | ★★★ | |
|
2023-01-12 03:57:00 | CloudSek launches free security tool that helps users win bug bounty (lien direct) | Cybersecurity firm CloudSek has launched BeVigil, a tool that can tell users how safe the apps installed on their phone are, and helps users and developers win bug bounty by helping them identify and report bugs in the code.BeVigil scans all the apps installed on a user's phone and rates them as dangerous, risky, or safe. Running as a web application for the past one year, BeVigil has already scanned over a million apps and rated them. The tool also alerts software companies and app developers about vulnerabilities found through the app, and helps users and developers win bug bounty contests from various software companies by giving them access to the code of apps running on their phone and reporting bugs.To read this article in full, please click here | Tool | ★★ | |
|
2023-01-12 02:00:00 | Cybersecurity spending and economic headwinds in 2023 (lien direct) | Now that everyone, their brother, sister, and dog have chimed in on cybersecurity predictions for 2023, here are a few observations based on some recent ESG research.First the numbers: 53% of organizations will increase IT spending in 2023, 30% say IT spending will remain flat in 2023, and 18% forecast a decrease in IT spending. As for cybersecurity, 65% of organizations plan to increase cybersecurity spending in 2023.These numbers mean that some organizations with flat or decreasing IT budgets will still increase spending on cybersecurity. This trend is further supported by the fact that 40% of survey respondents claim that improving cybersecurity is the most important justification for IT investments in 2023. This research was conducted in late 2022 when respondents were well aware of the economic headwinds and built appropriate assumptions into their budget planning.To read this article in full, please click here | Prediction | ★★ | |
|
2023-01-11 15:37:00 | Cybercriminals bypass Windows security with driver-vulnerability exploit (lien direct) | The Scattered Spider cybercrime group has recently been observed attempting to deploy a malicious kernel driver using a tactic called bring your own vulnerable driver (BYOVD) - a warning to security professionals that the technique, which exploits longstanding deficiencies in Windows kernel protections, is still being employed by cybercriminals, according to cybersecurity company CrowdStrike.In this latest BYOVD attack, which was observed and stopped by CrowdStrike's Falcon security system, Scattered Spider attempted to deploy a malicious kernel driver via a vulnerability - CVE-2015-2291 in MITRE's Common Vulnerability and Exposures program - in the Intel Ethernet diagnostics driver for Windows (iqvw64.sys).To read this article in full, please click here | Vulnerability | ★★ | |
|
2023-01-11 10:36:00 | Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams (lien direct) | Security researchers have used the GPT-3 natural language generation model and the ChatGPT chatbot based on it to show how such deep learning models can be used to make social engineering attacks such as phishing or business email compromise scams harder to detect and easier to pull off.The study, by researchers with security firm WithSecure, demonstrates that not only can attackers generate unique variations of the same phishing lure with grammatically correct and human-like written text, but they can build entire email chains to make their emails more convincing and can even generate messages using the writing style of real people based on provided samples of their communications.To read this article in full, please click here | ChatGPT | ★★ | |
|
2023-01-11 02:00:00 | Timeline of the latest LastPass data breaches (lien direct) | On November 30, 2022, password manager LastPass informed customers of a cybersecurity incident following unusual activity within a third-party cloud storage service. While LastPass claims that users' passwords remain safely encrypted, it admitted that certain elements of customers' information have been exposed. The security incident was the latest to affect the service in recent times in the wake of unauthorized access to its development environment in August last year, serious vulnerabilities in 2017, a phishing attack in 2016, and a data breach in 2015.To read this article in full, please click here | LastPass | ★★★ | |
|
2023-01-10 15:44:00 | BrandPost: Adaptive DDoS Suppression for a Safer, More Resilient Internet (lien direct) | Network operators have been working overtime for the past few years to meet the skyrocketing demand for bandwidth and throughput driven by remote work, greater investment in digital initiatives, and a rapidly expanding Internet of Things (IoT) landscape with billions of devices. From rolling out upgraded infrastructure to accelerating 5G and other high-access timelines, network operators have dramatically delivered when it comes to faster, high-volume connectivity.Unfortunately, although these network upgrades help businesses and individuals connect and succeed in many new ways, they also open the door to something else-the opportunity for massive security vulnerabilities.To read this article in full, please click here | ★ | ||
|
2023-01-10 15:31:00 | Data leak exposes information of 10,000 French social security beneficiaries (lien direct) | [Editor's note: This article originally appeared on the Le Monde Informatique website.]More than 10,000 beneficiaries of a local branch of the French social security agency CAF, or Family Allowance Fund, saw their data exposed for about 18 months, after a file containing personal information was sent to a service provider.The mistake, discovered by France Info - Radio France's news and investigation service - just before the year-end holidays, could hit the CAF hard. The investigation found that the CAF in Gironde (Nouvelle-Aquitaine) sent a file containing sensitive and personal information of 10,204 beneficiaries to a service provider responsible for training the organization's statisticians.To read this article in full, please click here | ★★★ | ||
|
2023-01-10 10:01:00 | Intel boosts VM security, guards against stack attacks in new Xeon release (lien direct) | Intel today announced the rollout of the fourth generation of its Xeon family of server chipsets, detailing several new features under the company's confidential computing umbrella of security features. Improvements to Intel's trusted execution environment and a new technique for combatting jump- and return-oriented programming attacks were the most notable upgrades.Xeon's fourth generation introduces a number of new features across the board, including marked improvements to energy efficiency, AI processing, and edge workload handling, but the security side's highlights are virtual machine (VM) isolation technology and control flow enforcement. The former technique provides hardware-level VM isolation, without the need for hypervisor oversight - instead of a single app living inside of a trusted environment, a whole VM can live there.To read this article in full, please click here | ★★★ | ||
|
2023-01-10 09:48:00 | BrandPost: The converging future of XDR and Threat Hunting (lien direct) | The cybersecurity challenge for organizations of all sizes continues to get more difficult. Complex threats and a growing cybersecurity skills gap is making life harder for often overworked IT teams. Without automation, they find it difficult to process and act on a steadily increasing flow of data and security alerts from across the network. As a result, many organizations are considering extended detection and response (XDR) tools to make better sense of incoming threat information. The market is projected to reach $2.36 billion by 2027, and small to mid-size enterprises are leading the way.To read this article in full, please click here | Threat Guideline | ★ | |
|
2023-01-10 08:14:00 | BrandPost: Cybercrime-as-a-Service, Ransomware Still on the Rise (lien direct) | Today, cybercrime-as-a-service is a lucrative and growing business model among criminals. Ransomware is still a massive threat to organizations. Demand for stolen credentials continues to grow. These are among the findings of the Sophos' 2023 Threat Report, which details how the cyberthreat landscape has changed due to an easier barrier of entry for criminal hopefuls.Threat researchers with Sophos say the expansion is due to the commoditization of “malware-as-a-service” and the sale of stolen credentials and other sensitive data. Today, nearly every aspect of the cybercrime toolkit - from initial infection to ways to avoid detection - is available for purchase on the dark web, say researchers. This thriving business selling what once would have been considered “advanced persistent threat” tools and tactics means any would-be criminal can buy their way into exploitation for profit.To read this article in full, please click here | Ransomware Threat | ★★ | |
|
2023-01-09 15:05:00 | BrandPost: TCP Floods Are Again the Leading DDoS Attack Vector (lien direct) | My personal and professional objectives, like those of many other people, are centered around improving on how I get things done. Or, more importantly, about how to do things more efficiently. One of my favorite things to watch on the attention-sucking platform of TikTok or YouTube Shorts are life hacks. Life hacks are supposed to make tasks easier or more efficient to accomplish but, in many cases are simply more complicated.This passion to improve how things are done more efficiently is not isolated to individuals; it spills over into all aspects of our community, including government, retail, service organizations, and the like. And although many of these attempts to be more efficient may help other people, there are also people out there striving to be more efficient in malicious activities.To read this article in full, please click here | Guideline | ★ | |
|
2023-01-09 02:00:00 | If governments are banning TikTok, why is it still on your corporate devices? (lien direct) | TikTok, the viral app resident on millions of devices, was recently banned from executive branch devices in the United States, as set out in in the recent Omnibus Bill signed by President Joe Biden.The Omnibus Bill, as detailed in CSO Online's overview, highlighted that the “legislation required the Office of Management and Budget in consultation with the administrator of general services, the director of CISA, the director of national intelligence, and the secretary of defense, to develop within two months standards and guidelines for executive agencies requiring the app's removal.” Duly noted was the action taken by the House of Representatives, which immediately voted to ban the app from the phones of House members and staff amid protestations from TikTok, owned by China-based ByteDance.To read this article in full, please click here | ★★ | ||
|
2023-01-09 02:00:00 | 11 top XDR tools and how to evaluate them (lien direct) | Little in the modern IT world lends itself to manual or siloed management, and this is doubly true in the security realm. The scale of modern enterprise computing and modern application stack architecture requires security tools that can bring visibility into the security posture of modern IT components and integrate tightly to bring real-time threat detection, possibly even automating aspects of threat mitigation. This need has given rise to extended detection and response (XDR) tools.What is XDR and what does it do? XDR is a relatively new class of security tool that combines and builds on the strongest elements of security incident and event management (SIEM), endpoint detection and response (EDR), and even security orchestration and response (SOAR). In fact, some XDR platforms listed here are the fusion of existing tools the vendor has offered for some time.To read this article in full, please click here | Tool Threat | ★★ | |
|
2023-01-06 06:51:00 | 14 UK schools suffer cyberattack, highly confidential documents leaked (lien direct) | More than a dozen schools in the UK have suffered a cyberattack which has led to highly confidential documents being leaked online by cybercriminals. That's according to a report from the BBC which claimed that children's SEN information, child passport scans, staff pay scales and contract details have been stolen by notorious cybercrime group Vice Society, known for disproportionately targeting the education sector with ransomware attacks in the UK and other countries.Passport, contract data stolen and posted on dark web Pates Grammar School in Gloucestershire is one of 14 to have been impacted by the data breach, the BBC reported, with Vice Society hackers using generic search terms to steal documents. “One folder marked 'passports' contains passport scans for pupils and parents on school trips going back to 2011, whereas another marked 'contract' contains contractual offers made to staff alongside teaching documents on muscle contractions. Another folder marked 'confidential' contains documents on the headmaster's pay and student bursary fund recipients,” the BBC wrote. The hack at Pates is estimated to have taken place on September 28 before data was published on the dark web. The UK Information Commissioner's Office (ICO) and Gloucestershire Police confirmed they were investigating the alleged breaches in 2022.To read this article in full, please click here | Ransomware Hack | ★★ | |
|
2023-01-06 04:22:00 | Twitter\'s mushrooming data breach crisis could prove costly (lien direct) | Since Elon Musk purchased Twitter in late October, non-stop turmoil and controversy have dogged the company, from massive staff firings and resignations to reputational damage from Musk's careless and often bizarre tweets. Now, mushrooming concern around a possible data breach stemming from a now-fixed Twitter flaw is poised to drive the company further down unless Twitter takes quick action.Even as regulators in Europe begin to probe what appears to be a massive Twitter data breach, Twitter and Elon Musk have failed to comment publicly on the true extent of the breach. Experts say that unless Twitter gets ahead of the curve, informs regulators of the facts, and notifies users of how much of their public and private information has been exposed, the company could suffer serious financial and operating consequences.To read this article in full, please click here | Data Breach | ★★ | |
|
2023-01-05 10:34:00 | Attackers create 130K fake accounts to abuse limited-time cloud computing resources (lien direct) | A group of attackers is running a cryptomining operation that leverages the free or trial-based cloud computing resources and platforms offered by several service providers including GitHub, Heroku, and Togglebox. The operation is highly automated using CI/CD processes and involves the creation of tens of thousands of fake accounts and the use of stolen or fake credit cards to activate time-limited trials.Researchers from Palo Alto Networks' Unit 42 have dubbed the group Automated Libra and believe it's based in South Africa. During the peak of the campaign, dubbed PurpleUrchin, in November, the group was registering between three and five GitHub accounts every minute using automated CAPTCHA defeating processes with the intention to abuse GitHub Actions workflows for mining.To read this article in full, please click here | ★★★★ | ||
|
2023-01-05 04:00:00 | NATO tests AI\'s ability to protect critical infrastructure against cyberattacks (lien direct) | Autonomous intelligence, artificial intelligence (AI) that can act without human intervention, can help identify critical infrastructure cyberattack patterns and network activity, and detect malware to enable enhanced decision-making about defensive responses. That's according to the preliminary findings of an international experiment of AI's ability to secure and defend systems, power grids and other critical assets by cyber experts at the North Atlantic Treaty Organization's (NATO) Cyber Coalition 2022 event late last year.The simulated experiment saw six teams of cyber defenders from NATO allies tasked with setting up computer-based systems and power grids at an imaginary military base and keeping them running during a cyberattack. If hackers interfered with system operations or the power went down for more than 10 minutes, critical systems could go offline. The differentiator was that three of the teams had access to a novel Autonomous Intelligence Cyberdefense Agent (AICA) prototype developed by the US Department of Energy's (DOE) Argonne National Laboratory, while the other three teams did not.To read this article in full, please click here | Malware | ★★★ | |
|
2023-01-05 02:00:00 | The BISO: bringing security to business and business to security (lien direct) | Throughout her career in IT security, Irina Singh has thrived on difficult projects. With a bachelor of science degree in management of information systems and a minor in international business, she now manages a team of business information security liaisons serving four foundational business units at medical device company Medtronic. “One of my slogans is that we bring business to security and security to the business,” she says.Singh calls herself a business information security partner, but the title most commonly employed for this role is business information security officer (BISO). People in these roles are responsible for one or more areas of the business and they usually report to the CISO or CTO, based on job descriptions found online and those laid out by multiple sources interviewed for this article. The people holding these roles also come from diverse educational and experiential backgrounds, at the core of which are strong familiarity with compliance regulations, solid cybersecurity foundations, and business acumen.To read this article in full, please click here | Medical | ★★ | |
|
2023-01-04 15:19:00 | Attackers use stolen banking data as phishing lure to deploy BitRAT (lien direct) | In a case that highlights how attackers can leverage information from data breaches to enhance their attacks, a group of attackers is using customer information stolen from a Colombian bank in phishing attacks with malicious documents, researchers report. The group, which might have been responsible for the data breach in the first place, is distributing an off-the-shelf Trojan program called BitRAT that has been sold on the underground market since February 2021.Stolen data used to add credibility to future attacks Researchers from security firm Qualys spotted the phishing lures that involved Excel documents with malicious documents but appeared to contain information about real people. Looking more into the information, it appeared the data was taken from a Colombian cooperative bank. After looking at the bank's public web infrastructure, researchers found logs that suggested the sqlmap tool was used to perform an SQL injection attack. They also found database dump files that attackers created.To read this article in full, please click here | Data Breach Tool | ★ | |
|
2023-01-04 14:01:00 | BrandPost: The Cloud Is Under Attack: The State of Cloud Security in 2023 (lien direct) | By now, many small and mid-sized organizations have transitioned to the cloud and are running hybrid environments. Not surprisingly, as the adoption of cloud technology grows, it has also become a more attractive target for cybercriminals.To better understand the reality of cloud security for small-to-medium-sized businesses (SMBs), Sophos recently commissioned a survey of 4,984 IT professionals in SMBs across 31 countries whose organizations use Infrastructure as a Service (IaaS).The results of the survey, The Reality of SMB Cloud Security in 2022, show significant changes in IaaS users' experiences of cyberattacks over the past year.To read this article in full, please click here | ★★ | ||
|
2023-01-04 11:22:00 | Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says (lien direct) | The number of attacks targeting the government sector increased by 95% worldwide in the second half of 2022 compared to the same period in 2021, according to a new report by AI-based cybersecurity company CloudSek. The increase in attacks can be attributed to rapid digitization and the shift to remote work during the pandemic, which broadened the attack surface of government entities and paved the way for an increase in cyberwarfare waged by nation-state actors, according to the report.Government agencies collect and store huge amounts of data, which include information about individual citizens that can be sold on the dark web. There is also a risk that national security and military data can be used by terrorist organizations. To read this article in full, please click here | ★★ | ||
|
2023-01-04 09:48:00 | Meta hit with $413 million fine in EU for breaking GDPR rules (lien direct) | Regulatory wrangling results in a huge new fine over Facebook and Instagram data handling, even as Meta vows to appeal and EU data protection groups prepare for a court battle. | ★ | ||
|
2023-01-04 02:00:00 | Why it might be time to consider using FIDO-based authentication devices (lien direct) | Every business needs a secure way to collect, manage, and authenticate passwords. Unfortunately, no method is foolproof. Storing passwords in the browser and sending one-time access codes by SMS or authenticator apps can be bypassed by phishing. Password management products are more secure, but they have vulnerabilities as shown by the recent LastPass breach that exposed an encrypted backup of a database of saved passwords. For organizations with high security requirements, that leaves hardware-based login options such as FIDO devices.To read this article in full, please click here | LastPass | ★★ | |
|
2023-01-03 16:25:00 | BrandPost: Overcoming the Barriers to Digital Transformation (lien direct) | Many businesses have made rapid advancements in their digital transformation strategy and adoption of cloud/hybrid cloud environments. Although every organization is unique and has its own starting point, successful transformation requires network and security team collaboration and compromise.A recent study by Omdia, “Assessing the Role of Packet Intelligence in Securing the Modern Enterprise Network Environment,” breaks down this journey based on a sample of more than 100 participants from both network and security roles, representing enterprises of 5,000+ employees and varied geographical regions.Digital transformation is table stakes, and the only way to truly gain full visibility into these cloud environments is via packet-based data. Study participants identified a variety of benefits to this approach, including the ability to have a deeper view into traffic, allowing for faster investigation and resolution (see Figure 1).To read this article in full, please click here | ★★ | ||
|
2023-01-03 10:29:00 | PyTorch suffers supply chain attack via dependency confusion (lien direct) | Users who deployed the nightly builds of PyTorch between Christmas and New Year's Eve likely received a rogue package as part of the installation that siphoned off sensitive data from their systems. The incident was the result of an attack called dependency confusion that continues to impact package managers and development environments if hardening steps are not taken."If you installed PyTorch nightly on Linux via pip between December 25, 2022, and December 30, 2022, please uninstall it and torchtriton immediately, and use the latest nightly binaries (newer than December 30, 2022)," the PyTorch maintainers said in a security advisory.To read this article in full, please click here | ★ | ||
|
2023-01-03 06:57:00 | LockBit apologizes for ransomware attack on hospital, offers decryptor (lien direct) | LockBit, a prominent ransomware-as-a-service (RaaS) operation, has apologized for an attack on the Toronto-based Hospital for Sick Children, also known as SickKids, and offered a free decryptor. SickKids, a major pediatric teaching hospital, announced on December 19 that it had called a Code Grey system failure, as it was responding to a cybersecurity incident that was affecting several network systems at the hospital.To read this article in full, please click here | Ransomware | ★★ | |
|
2023-01-02 02:00:00 | Ransomware ecosystem becoming more diverse for 2023 (lien direct) | The ransomware ecosystem has changed significantly in 2022, with attackers shifting from large groups that dominated the landscape toward smaller ransomware-as-a-service (RaaS) operations in search of more flexibility and drawing less attention from law enforcement. This democratization of ransomware is bad news for organizations because it also brought in a diversification of tactics, techniques, and procedures (TTPs), more indicators of compromise (IOCs) to track, and potentially more hurdles to jump through when trying to negotiate or pay ransoms."We can likely date the accelerated landscape changes back to at least mid-2021, when the Colonial Pipeline DarkSide ransomware attack and subsequent law enforcement takedown of REvil led to the dispersal of several ransomware partnerships," researchers from Cisco's Talos group said in their annual report. "Fast forward to this year, when the ransomware scene seems as dynamic as ever, with various groups adapting to increased disruptive efforts by law enforcement and private industry, infighting and insider threats, and a competitive market that has developers and operators shifting their affiliation continuously in search of the most lucrative ransomware operation."To read this article in full, please click here | Ransomware | ★★★ | |
|
2022-12-30 04:09:00 | US Congress funds cybersecurity initiatives in FY2023 spending bill (lien direct) | On December 23, the House and Senate Appropriations Committee agreed to a $1.7 trillion omnibus spending bill that funds government operations through the fiscal year 2023. On December 29, President Biden signed it. The 4,155-page bill reflects an already agreed-upon $858 billion for defense spending and an additional $800 billion for non-defense spending, including several prominent cybersecurity items.US Senator Chris Murphy (D-CT), chair of the Subcommittee on Homeland Security, said, “This bill is a reasonable compromise, and I'm proud of the investments it would make in the responsible management of our border, the protection of our nation from cyber threats, and the protection of our coastlines and airports.”To read this article in full, please click here | ★★ | ||
|
2022-12-28 02:00:00 | Log4Shell remains a big threat and a common cause for security breaches (lien direct) | The Log4Shell critical vulnerability that impacted millions of enterprise applications remains a common cause for security breaches a year after it received patches and widespread attention and is expected to remain a popular target for some time to come. Its long-lasting impact highlights the major risks posed by flaws in transitive software dependencies and the need for enterprises to urgently adopt software composition analysis and secure supply chain management practicesLog4Shell, officially tracked as CVE-2021-44228, was discovered in December 2021 in Log4j, a widely popular open-source Java library that's used for logging. Initially disclosed as a zero-day, the project's developers quickly created a patch, but getting that patch widely adopted and deployed proved challenging because it relies on developers who used this component in their software to release their own updates.To read this article in full, please click here | Vulnerability Threat | ★★ | |
|
2022-12-26 23:00:00 | CPRA explained: New California privacy law ramps up restrictions on data use (lien direct) | On January 1, 2023, 20, the California Privacy Rights Act (CPRA) will go into effect. Approved by ballot measure as Proposition 24 in November 2020, it created a new consumer data privacy agency and put California another step ahead of other states in terms of privacy productions for consumers-and data security requirements for enterprises. California already had a privacy law in place, the California Consumer Privacy Act (CCPA), adopted in 2018. It went into effect in January 2020, and enforcement officially began in July 2020.To read this article in full, please click here | ★ | ||
|
2022-12-26 03:00:00 | The top 12 tech stories of 2022 (lien direct) | The year highlighted how vulnerable the technology sector is to the vagaries of geopolitics and the macroeconomy, as IT giants laid off workers, regulators cracked down on tech rule-breakers, nations negotiated data security regulations, the US-China chip war widened, and the Ukraine war disrupted business as usual. | ★★ | ||
|
2022-12-22 02:00:00 | How Marvel\'s Avengers inspire Pinsent Masons CISO to adapt cybersecurity hiring (lien direct) | Cybersecurity's ongoing battle with a “skills shortage” has seen the sector lose its way regarding talent hiring and retention, says Christian Toon, CISO at London-based law firm Pinsent Masons. In an industry crying out for diversity and innovation, this year's number one UK CSO 30 Awards winner says he takes inspiration from the Marvel Comics universe to challenge traditional HR approaches and more effectively recruit and keep security talent.“We have what some describe as a war on talent, because you feel like you are fighting against the next organization for the greater good. I think we've kind of lost our way a little bit, both from a delegate or prospective employee perspective, but also from an employer's perspective,” Toon says, speaking at the UK CSO 30 2022 Awards & Conference. The candidates are out there, he adds, but you have to change the traditional practices for hiring because if you always do what you always did, you'll always get what you've always had.To read this article in full, please click here | ★★★ | ||
|
2022-12-21 08:56:00 | BrandPost: The Next Big Attack Vector: Your Supply Chain (lien direct) | There's an old security adage: a chain is only as strong as its weakest link. The sentiment long predates Information and Communications Technology (ICT), but it's never been more relevant. With modern ICT connecting millions of systems worldwide, there are exponentially more “links” to worry about. That's especially true when we shift our focus from defending against external threats, which organizations have gotten pretty good at, to those originating inside an organization's sphere of trust. Here, we have work to do - starting with the ICT supply chain itself.Today's supply chains are a modern marvel. Vast webs of suppliers, manufacturers, integrators, shipping carriers, and others allow vendors to build ICT products more cost-effectively and to quickly deliver them to customers anywhere. But modern supply chains also increase the number of parties with access to those products - and the number of potential weak links that cybercriminals could seek to exploit. By targeting an organization's hardware or software supply chain, hackers can compromise an ICT product before it's even deployed. And, since that product is coming from a supplier the target implicitly trusts, the compromise may go undetected until it's too late.To read this article in full, please click here | ★ | ||
|
2022-12-21 02:00:00 | Social media use can put companies at risk: Here are some ways to mitigate the danger (lien direct) | We live in a social world, but should our businesses? For many, the answer to that is increasingly no-that's why laws and regulations have recently been put in place restricting access to some social media in certain situations because of the hidden risks of these seemingly innocuous platforms. The United States federal government and some US states, for example, have barred government-issued devices from the use of Chinese-owned TikTok, which allows users to create and share short videos with music, special effects, and other features.The concern is that foreign-owned applications might share the information they collect with government intelligence agencies. That information includes personally identifiable information, keystroke patterns (PII), location information based on SIM card or IP address, app activity, browser and search history, and biometric information.To read this article in full, please click here | ★★★ | ||
|
2022-12-20 13:06:00 | BrandPost: Today\'s workforce wants flexibility. Companies need Zero Trust. (lien direct) | By Microsoft Security & ZscalerCompetitive businesses are aggressively accelerating their cloud transformation through the use of SaaS apps. These apps can help an organization to optimize investments, acquire and retain talent, and maintain continuity – even during turbulent events. To realize the full benefits of cloud investments, workplaces must be modernized to satisfy the demands of today's “anywhere, any time, any device” workforces.Unfortunately, the unfettered access modern workforces require comes with the added risk of a dramatically expanded attack surface. IT staff must protect users, devices, and apps from ransomware attacks, data leaks, and other threats that can hinder a truly modern workplace. The best line of defense is a reliable Zero Trust security framework, natively built on a highly distributed, global architecture.To read this article in full, please click here | Ransomware | ★ | |
|
2022-12-20 07:32:00 | BrandPost: Managing Risk Would be Easier if It Weren\'t for People (lien direct) | Businesses are as much at risk from human error as from threat actors. Typos, configuration errors, and other human errors can lead to disaster on the same scale as any modern cyberthreat. Great technology defenses can only get you so far with managing risk.It is generally agreed upon that Zero Trust principles are a more effective approach to securing your organization than defense in depth (though they aren't mutually exclusive). This approach entails defining exactly what user or application has access to what resource, using a validation identity control, and continually validating that the behavior is acceptable. Nearly every organization has a progressive plan for deploying elements that achieve this depending on where they are on their adoption path. However, the technology side of the equation is discrete and primarily solvable. The challenge lies with the keyboard to monitor interface - the human.To read this article in full, please click here | Threat Guideline | ★ |
To see everything:
Our RSS (filtrered)
