What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-10 10:14:00 | BrandPost: What is Top of Mind for CISOs Right Now (lien direct) | Every quarter, we interview CISOs and ask them what is top of mind and what trends or challenges they are experiencing in the threat landscape. From this, we create the CISO Insider - an actionable report that explores the top three issues that are most relevant in today's threat landscape. This quarter, we're exploring rising ransomware rates, the need for increased automation and better tools to empower security teams to do more with limited resources, and the opportunity for extended detection and response (XDR) to help rapidly address emergent threats.Keep reading to learn what steps CISOs are taking to protect against these threats and how you can apply that guidance to your own operations. For even more information, download the full CISO Insider report.To read this article in full, please click here | Ransomware Threat | ||
|
2022-11-10 02:00:00 | PCI DSS 4.0 is coming: how to prepare for the looming changes to credit card payment rules (lien direct) | For enterprises that handle credit card data, which means just about every consumer-facing company, payment processing is a mission-critical system that requires the highest levels of security.The volume of transactions conducted with general purpose credit cards (American Express, Discover, Mastercard, Visa, UnionPay in China, and JCB in Japan) totaled $581 billion in 2021, up 24.5% year-over-year, according to the Nilson Report.However, credit card issuers, merchants, banks, and third-party transaction processors lost $28.58 billion to credit card fraud in 2020, which comes to nearly 7 cents per $100 in purchase volume. And the Nilson Report projects credit card losses will exceed $400 billion over the next 10 years.To read this article in full, please click here | |||
|
2022-11-09 13:40:00 | Okta streamlines IAM portfolio with consumer identity management cloud (lien direct) | Potential access management customers got a new option from Okta Wednesday, as the identity and access management (IAM) provider announced a newly streamlined Consumer Identity Cloud system designed to simplify the deployment and use of its various products.Okta said that the new cloud program is split into two main components-those aimed at providing identity validation services for consumers, and those aimed at enterprise customers. The former is focused on providing high-security options for online transactions, support for passkeys (instead of passwords, which are thought to be less secure), and providing an all-in-one security center monitoring system for quick response to suspicious activity.To read this article in full, please click here | |||
|
2022-11-09 09:35:00 | GitHub releases new SDLC security features including private vulnerability reporting (lien direct) | GitHub has announced new security features across its platform to help protect the software development lifecycle (SDLC). These include private vulnerability reporting, CodeQL vulnerability scanning support for the Ruby programming language, and two new security overview options. The world's leading development platform said these updates make securing the SDLC end-to-end easier and more seamless for developers. The releases come as SDLC cybersecurity remains high on the agenda with research revealing an increase of almost 800% in software supply chain attacks.To read this article in full, please click here | Vulnerability Guideline | ||
|
2022-11-09 03:00:00 | Rezilion expands SBOM to support Windows environments (lien direct) | Software security platform Rezilion has expanded its Dynamic Software Bill of Materials (SBOM) capability to support Windows environments. The firm said the move will provide organizations with the tools to efficiently manage software vulnerabilities and meet new regulatory standards, addressing functionality gaps of traditional vulnerability management tools primarily designed for use with Linux OS. Features include the ability to search and pinpoint vulnerable components, view Windows and Linux risk side by side in one UI, and tackle legacy vulnerability backlogs. The expansion comes as Microsoft vulnerabilities continue to plague organizations across the globe.To read this article in full, please click here | Vulnerability | ||
|
2022-11-09 02:00:00 | Why it\'s time to review your Microsoft patch management options (lien direct) | You have several options to manage patching on Microsoft networks: let machines independently update or use a third-party patching tool, Windows Software Update Services (WSUS), or another Microsoft management product. If you are still using WSUS as your key patching tool, you may want to review your options. Microsoft is developing additional patching tools that will allow you to better manage systems and control administrative access.Is WSUS on the way out? Microsoft has long kept the status quo for WSUS, its on-premises patching product. It still supports WSUS, but Microsoft does not appear to be making new investments in the platform. Case in point, if your WSUS server fails on syncing, disable the Windows category of “Windows Insider Dev Channel.” Selecting this category creates an error message during synchronization. Microsoft is aware of the issue but has not given any estimated time for a fix. WSUS has not been updated in years. If you are considering using WSUS as your go-to patching platform, budget for a subscription to WSUS Automated Maintenance, which includes scripts and routines to optimize WSUS.To read this article in full, please click here | Patching | ||
|
2022-11-08 12:49:00 | Fortanix unveils free DSM Explorer edition for managed data security (lien direct) | Fortanix is offering a free tier for its data security manager software, aiming squarely at attracting new small- and medium-size businesses into its customer ranks.The Explorer tier, announced Tuesday, offers five separate solutions for businesses to try or implement long-term, as long as they stay within the various usage caps. Those solutions include tokenization and Google Cloud external key management, which are limited to one application or 10,000 operations per month, Google Workspace client-side encryption, which is limited to one key and 10 users, and bring-your-own-key offerings for both AWS and Azure, which are limited to one cloud account.To read this article in full, please click here | |||
|
2022-11-08 07:46:00 | BrandPost: 4 Reasons SMBs Should Consider an MSP for Threat Hunting (lien direct) | In today's complex, ever-changing cybersecurity landscape, organizations need a strong, layered defense that spans everything from endpoints to the network core. Sometimes, however, that's not enough. Cybercriminals continuously evolve their strategies and tactics and can evade detection by even well-constructed defenses. But if attackers have already penetrated your network, how can you find them?Threat hunting is a human-led activity that supplements your existing defensive measures. Put simply, threat hunters start by assuming your network has already been breached. By monitoring everyday activities across your network and investigating possible anomalies, threat hunters seek to find any yet-to-be-discovered malicious activities that could lead to a full-blown breach or uncover unaddressed vulnerabilities in your security posture.To read this article in full, please click here | Threat Guideline | ||
|
2022-11-08 02:00:00 | The 15 biggest data breaches of the 21st century (lien direct) | In today's data-driven world, data breaches can affect hundreds of millions or even billions of people at a time. Digital transformation has increased the supply of data moving, and data breaches have scaled up with it as attackers exploit the data-dependencies of daily life. How large cyberattacks of the future might become remains speculation, but as this list of the biggest data breaches of the 21st Century indicates, they have already reached enormous magnitudes. [ Learn the The 5 types of cyberattack you're most likely to face. | Get the latest from CSO by signing up for our newsletters. ]To read this article in full, please click here | |||
|
2022-11-07 09:57:00 | BrandPost: Managed Security Services Can Relieve the Cybersecurity Skills Gap (lien direct) | The skills gap facing cybersecurity is an ongoing issue that has plagued the industry for years. Recent research from (ISC)2 finds the global cybersecurity workforce needs to grow 65% to effectively defend organizations' critical assets, requiring a massive influx of 2.7 million professionals to meet demand. The (ISC)2's Cybersecurity Workforce Study also found the workforce gap remains the #1 barrier to meeting security needs, and 60% of participants feel that a cybersecurity staffing shortage is placing their organizations at risk. And research from the Information Systems Security Association (ISSA) and analyst firm Enterprise Strategy Group (ESG) reveals 44% of cyber professionals say the skills gap has only gotten worse over the past few years.To read this article in full, please click here | |||
|
2022-11-07 02:00:00 | How to prepare for a SOC 2 audit – it\'s a big deal, so you\'d better get ready (lien direct) | Organizations that want to prove to others – and to themselves – that they have a solid cybersecurity and data privacy program will undergo a SOC 2 audit. As such, a SOC 2 audit is a big deal, and it's demanding, and it requires some serious preparation.SOC audits were created by the American Institute of CPAs (AICPA) under several evaluation and reporting frameworks comprising the System and Organization Controls headers SOC 1, SOC 2, and SOC 3.Although each of those holds value, many organizations ask their vendors and business partners – and are themselves asked – specifically to provide the results of a SOC 2 Type 2 audit. For that type, auditors evaluate organizations against the SOC 2 framework and the AICPA's five Trust Service Criteria – security, availability, processing integrity, confidentiality, and privacy. Organizations use SOC 2 audit reports as a trusted standard that informs others in detail about how well they're protecting data in each of those five areas.To read this article in full, please click here | |||
|
2022-11-04 13:45:00 | Qualys previews TotalCloud FlexScan for multicloud security management (lien direct) | Vulnerability management vendor Qualys this week announced the trial availability of its TotalCloud with FlexScan offering, an agentless, cloud-native vulnerability detection and response platform designed for use in multicloud and hybrid environments.The software is designed to provide a holistic overview of an organization's cloud-based workloads and identify known vulnerabilities. The system also scans workloads to check whether they've opened network ports, and monitors a host of other factors to offer a detailed picture of a business' overall vulnerability status, tracking publicly exposed VMs (virtual machines), databases, user accounts and exploitable vulnerabilities in public-facing assets.To read this article in full, please click here | Vulnerability | ||
|
2022-11-04 09:56:00 | Geopolitics plays major role in cyberattacks, says EU cybersecurity agency (lien direct) | The ongoing Russia-Ukraine conflict has resulted in an increase in hacktivist activity in the past year, with state-sponsored threat actors targeting 128 governmental organizations in 42 countries that support Ukraine, according to the European Union Agency for Cybersecurity (ENISA).In addition, some threat actors targeted Ukrainian and Russian entities during the early days of the conflict, likely for the collection of intelligence, according to the 10th edition of the ENISA threat landscape report. The report-this year titled Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape-notes that in general, geopolitical situations continue to have a high impact on cybersecurity.To read this article in full, please click here | Threat | ||
|
2022-11-04 06:41:00 | BrandPost: Why to Rely on an MSP for Security - and How to Pick the Right One (lien direct) | Organizations struggle to keep up with the increasingly complex and evolving cybersecurity landscape. The latest edition of the World Economic Forum's (WEF) Global Risks Report again highlights cyber threats as one of the most significant risks worldwide: 19.5% of respondents identified cybersecurity failure as a "critical short-term threat" to the world. This, coupled with a huge shortfall of qualified cybersecurity professionals, is driving organizations to seek the help of managed service providers (MSPs). According to recent research, 88% of organizations outsource their cybersecurity processes or tools, and the most common outsourcing agreement selected is through MSPs (55%).To read this article in full, please click here | |||
|
2022-11-03 10:41:00 | Mondelez and Zurich\'s NotPetya cyber-attack insurance settlement leaves behind no legal precedent (lien direct) | Multinational food and beverage company Mondelez International and Zurich American Insurance have settled their multiyear litigation surrounding the cyberattack coverage – or lack of such coverage – following the NotPetya malware attack that damaged the Mondelez network and infrastructure. The specifics of the settlement are unknown, but that it would come mid-trial has caught everyone's attention.The pain was felt on June 27, 2017, when NotPetya wiped out 24,000 laptops and 1,700 servers within the Mondelez network. The malware, designed to destroy, did just that. Mondelez estimated damages would approach $100 million USD.To read this article in full, please click here | Malware | NotPetya NotPetya | ★★★★ |
|
2022-11-03 07:39:00 | Espionage campaign loads VPN spyware on Android devices via social media (lien direct) | A new espionage campaign, dubbed SandStrike, has been detected using malicious VPN apps to load spyware on Android devices, cybersecurity company Kaspersky reports. It's an example of how APT (advanced persistent threat) actors are constantly updating old attack tools and creating new ones to launch new malicious campaigns, particularly against mobile devices.“In their attacks, they use cunning and unexpected methods: SandStrike, attacking users via a VPN service, where victims tried to find protection and security, is an excellent example,” Victor Chebyshev, the lead security researcher at Kaspersky's (Global Research & Analysis Team (GReAT), said in a blog post.To read this article in full, please click here | Guideline | ||
|
2022-11-03 06:27:00 | BrandPost: #BeCyberSmart All Year Round With Educational Resources from Microsoft (lien direct) | Did you know that October was Cybersecurity Awareness Month? At Microsoft, we pride ourselves on educating everyone - not just security teams - on best practices and the latest attack vectors. After all, when our customers know better, they can do better. Comprehensive cybersecurity education is an important part of strengthening cyber defenses for corporate IT professionals, small businesses, and everyday consumers alike. That's why Microsoft's mission is to provide actionable, engaging resources to level up cybersecurity practices for all.To read this article in full, please click here | |||
|
2022-11-03 06:00:00 | BrandPost: New SOC Performance Report: Security Analysts Are Overworked and Under Resourced (lien direct) | The SOC is the engine that protects organizations worldwide today. Its core mission remains to help the enterprise manage cyber risk. The new Devo SOC Performance Report shows that security professionals behind the scenes are feeling the pain due to too much work and not enough resources.That means that SOC leaders today have a real balancing act when it comes to retaining analysts amid immense talent shortages and turnover. Respondents reported that average time to fill a SOC position is seven months. And 71% of SOC professionals said they're likely to quit their job, with the top reasons being information and work overload, followed by lack of tool integration, and alert fatigue.To read this article in full, please click here | Tool Guideline | ||
|
2022-11-03 06:00:00 | BrandPost: New Report Finds SOC Leaders and Staff Still Not Aligned (lien direct) | A new SOC Performance Report shows familiar challenges facing staff and leaders since the start of the global pandemic continue to affect SOC performance, including talent shortage and turnover. Based on an independent survey of more than 1,000 global cybersecurity professionals, the report examines current SOC trends and challenges.The report shows that despite agreement on the importance of the SOC to the cyber strategy – lines are drawn between SOC staff and leaders regarding SOC effectiveness. Recognition is Key To read this article in full, please click here | Guideline | ||
|
2022-11-03 04:22:00 | White House ransomware summit highlights need for borderless solutions (lien direct) | The US White House this week convened its Second International Counter Ransomware Initiative Summit (CRI), bringing together leaders from 36 countries and the European Union in person to build on the work of its first ransomware summit in 2021. At a press briefing before the Summit, a White House spokesperson said, "While the United States is facilitating this meeting, we don't view this solely as a US initiative. It's an international partnership that spans most of the world's time zones, and it really reflects the threat that criminals and cyberattacks bring.”To read this article in full, please click here | Ransomware Threat Guideline | ||
|
2022-11-03 02:00:00 | Making the case for security operation automation (lien direct) | According to ESG research, 52% of organizations believe that security operations are more difficult today than they were two years ago, due to factors such as the dangerous threat landscape, growing attack surface, and the volume/complexity of security alerts. In analyzing this data, I see a common theme: scale. Security teams must be able to scale operations to deal with the increasing volume of everything coming at them. Faced with a global cybersecurity skills shortage, CISOs need alternatives to hiring their way out of this quagmire.To read this article in full, please click here | Threat | ||
|
2022-11-02 04:00:00 | Azul detects Java vulnerabilities in production apps (lien direct) | Azul Vulnerability Detection promises to eliminate false positives without impacting performance, by drawing on monitoring and detection capabilities inside the Azul JVM. | Vulnerability | ||
|
2022-11-02 02:00:00 | How to securely manage LAPS on a Windows network (lien direct) | Passwords have always been a pain point in securing computing infrastructure. Complexity and length are key components of a strong password, but both make it inherently difficult for a human to remember. Additionally, passwords should be changed periodically, fine when you're working with a handful of devices, but when your network is distributed geographically with hundreds, or thousands of computers things get more complex. Fortunately, Microsoft has had a solution to this problem in the form of Local Administrator Password Solution (LAPS), though it's certainly not marketed as heavily as other Microsoft solutions. LAPS is a utility that enables local administrator passwords to be set programmatically based on a provided schedule using the complexity parameters you define.To read this article in full, please click here | |||
|
2022-11-02 02:00:00 | Netacea launches malicious bot intelligence service to help customers tackle threats (lien direct) | Cybersecurity vendor Netacea has announced the launch of a new Business Logic Intelligence Service (BLIS) designed to give customers actionable insight to help them tackle malicious bot activity and security threats. The firm said that the tiered, fee-based service will provide organizations with bot threat intelligence based on research including analysis of dark web forums and marketplaces. Earlier this year, the 2022 Imperva Bad Bot Report revealed an uptick in malicious bot activity driving online fraud and cyberattacks with bots becoming more sophisticated and better equipped to evade detection.To read this article in full, please click here | Threat | ||
|
2022-11-02 02:00:00 | GAO report: government departments need dedicated leaders to oversee privacy goals (lien direct) | The US Government Accountability Office (GAO) released a comprehensive report in late September 2022 that discussed the need for dedicated privacy leadership within the departments and agencies of the executive branch of government if goals surrounding privacy are to be achieved. The report highlighted how this void in leadership was in essence putting at risk well-intentioned plans and procedures for protecting the personal identifiable information (PII) held within those entities.The GAO recommended that Congress consider legislation that would require a dedicated senior-level privacy official be named within these organizations and sent along more than 60 individual recommendations to enhance privacy programs.To read this article in full, please click here | Guideline | ||
|
2022-11-01 12:46:00 | OpenSSL project patches two vulnerabilities but downgrades severity (lien direct) | The OpenSSL project released a patch for two high severity vulnerabilities in the world's most widely used cryptographic library. The project's maintainers warned users since last week to prepare for a critical patch on November 1, but the severity has since been downgraded following additional testing.Organizations should still determine which of their applications and servers are impacted and deploy the patches as soon as possible. The vulnerabilities affect all versions of OpenSSL 3.0, which has been available since last year.Buffer overflows in X.509 certificate verification The two vulnerabilities, tracked as CVE-2022-3786 and CVE-2022-3602, are buffer overflow conditions in the punycode decoding functionality that was first introduced in OpenSSL 3.0.0 in September 2021. Punycode is a system for representing Unicode characters as ASCII and is used for example to represent internationalized domain names in the DNS system. In OpenSSL the vulnerable code is used for processing email address name constraints in X.509 certificates, also commonly known as SSL/TLS certificates.To read this article in full, please click here | |||
|
2022-11-01 02:00:00 | The OSPO – the front line for secure open-source software supply chain governance (lien direct) | Organizations of every shape, size, and sector have embraced open-source software (OSS). The financial, medical, and manufacturing industries – and even national security – now use OSS to power their most critical applications and activities. However, this widespread adoption comes with pitfalls: a corresponding increase of almost 800% in software supply chain attacks according to the State of the Software Supply Chain from Sonatype.With the rapid growth of OSS adoption, organizations have begun to stand up Open Source Program Offices (OSPOs) to help codify strategies around OSS use and contribution and to foster collaboration with the broader OSS community. These OSPO's often have key responsibilities such as cultivating an OSS strategy, leading its execution, and facilitating the use of OSS products and services across an enterprise.To read this article in full, please click here | Guideline | ||
|
2022-10-31 11:09:00 | BrandPost: Phishing Attacks are on the Rise, and Cyber Awareness is One of Your Best Defenses (lien direct) | Cybersecurity Awareness Month has come to an end, yet security should be a top priority all year round for organizations of all shapes and sizes.The threat landscape is constantly evolving, with cybercriminals finding new ways to trick unsuspecting victims and infiltrate networks. For example, according to the 1H 2022 FortiGuard Labs Threat Report, ransomware is rampant, showing no signs of slowing its pace. These attacks are becoming more sophisticated and aggressive, with attackers introducing new strains and updating, enhancing, and reusing old ones. What's especially concerning as we look back at the first half of 2022 is that we observed 10,666 ransomware variants, compared to just 5,400 in the previous six months. That's nearly 100% growth in ransomware variants in half a year.To read this article in full, please click here | Ransomware Threat | ||
|
2022-10-31 10:31:00 | Engineering workstation attacks on industrial control systems double: Report (lien direct) | Engineering workstation compromises were the initial attack vector in 35% of all operational technology (OT) and industrial control system breaches in companies surveyed globally this year, doubling from the year earlier, according to research conducted by the SANS Institute and sponsored by Nozomi Networks.While the number of respondents who said they had experienced a breach in their OT/ICS systems during the last 12 months dropped to 10.5% (down from 15% in 2021), one third of all the respondents said they did not know whether their systems had been breached or not.For the 2022 SANS ICS/OT survey, 332 responses were received, representing verticals from the energy, chemical, critical manufacturing, nuclear, water management, and other industries.To read this article in full, please click here | |||
|
2022-10-31 10:01:00 | CISA releases cybersecurity performance goals to reduce risk and impact of adversarial threats (lien direct) | Last week, the US Cybersecurity and Infrastructure Security Agency (CISA) released voluntary cross-sector Cybersecurity Performance Goals (CPGs). CISA was required to produce the CPGs under a national security memo on improving cybersecurity for critical infrastructure control systems issued by President Biden in July 2021. Working in coordination with the National Institute of Standards and Technology (NIST) and the interagency community, CISA developed “baseline cybersecurity performance goals that are consistent across all critical infrastructure sectors.”To read this article in full, please click here | |||
|
2022-10-31 02:00:00 | Data capture by border agencies can and will happen – are your on-the-road employees prepared? (lien direct) | Does your company have a travel policy that instructs and supports employees traveling internationally for business with direction regarding comportment and cooperation? This isn't a trick question. To have a travel program that provides employees with anticipated scenarios, and to provide them with unique devices for international travel, is a significant investment of resources both physical and monetary.The revelation that U.S. Customs and Border Protection (CBP) routinely downloads the content of devices of individuals who are entering the United States should attract the eyes and attention of every CISO. The fact that the CBP routinely captures device contents is not new; indeed, several lawsuits over the years have challenged the CBP's authority, which has always been upheld as lawful.To read this article in full, please click here | |||
|
2022-10-28 10:01:00 | Phishing attacks increase by over 31% in third quarter: Report (lien direct) | Email security and threat detection company Vade has found that phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the 2021 level by 55.8 million.Malware emails in the third quarter of 2022 alone increased by 217% compared to same period in 2021. Malware email volume peaked in July, reaching 19.2 million, before month-over-month declines in August and September, with numbers dropping to 16.8 million and 16.5 million respectively.To read this article in full, please click here | Malware Threat | ★★★★ | |
|
2022-10-28 08:22:00 | BrandPost: An Intelligent Way to Monitor and Manage Your Cyber Risks (lien direct) | Cyber risks, especially those emanating from third and fourth parties, are escalating. Successful breaches via the supply chain increased from 44% in 2020 to 61% in 2021, according to Accenture.Yet gaining a clear picture of these risks is much more complex given interwoven ecosystem dependencies, data sitting in silos, and many organizations' lack of a security mindset.“We are so much more digitally dependent today,” said Mike Wilkes, SecurityScorecard advisor. “Even if you have built a fault-tolerant platform and your third parties have built strong cybersecurity programs, maybe one of those third parties is relying on a vendor that hasn't taken the same precautions. All it takes is one major security event to demonstrate just how fragile our modern, digitally dependent society is.”To read this article in full, please click here | |||
|
2022-10-27 09:37:00 | BrandPost: 10 Best Practices for a Zero Trust Data Center (lien direct) | Today, there is no such thing as an enterprise network perimeter - the location of applications, users, and their devices are no longer static; BYOD is common; and data is everywhere. With ever-evolving cybersecurity threats and no fixed perimeter, traditional security strategies fail to protect highly distributed networks, users, and applications. Organizations need an innovative approach that is not only simple and promising, but also proven and sustainable. That is why Zero Trust is getting so much attention.What is Zero Trust and why do we need it?Zero Trust is an enterprise security framework based on the principle “never trust; always verify.” In other words, this approach does not trust any user, application, or device unless explicitly allowed by a security policy. By adopting the concepts and architectural components of Zero Trust, organizations can improve visibility and better secure their hybrid environments while meeting compliance requirements and reducing costs over time.To read this article in full, please click here | |||
|
2022-10-27 09:32:00 | BrandPost: Top 5 Regulatory Reasons for Implementing Zero Trust (lien direct) | We are beyond the point of viewing Zero Trust as a simple marketing feature for information technology or cybersecurity companies. It is a floor for any technology vendor who wants to provide high-value solutions to government or commercial customers.Before getting into the details, let's first settle on what we mean by Zero Trust. In 2017, Forrester's Stephanie Balaouras provided what has become a common definition within the industry:“A conceptual and architectural model for how security teams should redesign networks into secure microperimeters, increase data security through obfuscation techniques, limit the risks associated with excessive user privileges, and dramatically improve security detection and response through analytics and automation.”To read this article in full, please click here | |||
|
2022-10-27 09:15:00 | How Cisco\'s Cloud Control Framework helps it comply with multiple security standards (lien direct) | An XKCD comic strip shows two tech workers frustrated that there are 14 competing standards for a variety of use cases. “We need to develop one unified standard that covers everyone's use cases,” they say. The next frame shows that there are now 15 standards instead of one.Brad Arkin, the chief security and trust officer at Cisco, will tell you that this illustration of how standards proliferate hits uncomfortably close to the truth. “Everybody is trying to come up with their own set of security controls that they would like to see SaaS applications adhere to,” Arkin says. Such commendable goals notwithstanding, enthusiasm for being the defining standard for SaaS security compliance instead creates a confusing jungle of competing ones: ISO 27001, SOC, CS in Germany, IRAP in Australia, and ISMAP in Japan, to name just a few.To read this article in full, please click here | |||
|
2022-10-26 14:12:00 | BrandPost: Is It Time to Rethink Your Network and Application Performance Management Strategy? (lien direct) | According to Enterprise Management Associates' latest biannual Network Management Megatrends report, nearly 53% of respondents are investing in network performance management tool upgrades and enhancements. As digital transformations involving software-defined networking (SDN), cloud migrations, co-location additions, and adoption of software-as-a-service (SaaS) and unified communications as a service (UCaaS) applications have increased, the complexity of the networked application environment and the task of troubleshooting end-user problems also have become more challenging. To read this article in full, please click here | |||
|
2022-10-26 08:23:00 | Microsoft Event Log vulnerabilities threaten some Windows operating systems (lien direct) | A pair of newly discovered vulnerabilities have highlighted the ongoing risks posed by Internet Explorer's (IE) deep integration into the Windows ecosystem, despite Microsoft ending support for IE in June 2022.Discovered by the Varonis Threat Labs team, the exploits affect an IE-specific Event Log that is present on all current Windows operating systems up to, but not including, Windows 11. The vulnerabilities, dubbed LogCrusher and OverLog by the researchers, have been reported to Microsoft, which released a partial patch on October 11, 2022. Teams are urged to patch systems and monitor suspicious activity to mitigate security risks which include event log crashing and remote denial-of-service (DoS) attacks.To read this article in full, please click here | Threat | ||
|
2022-10-26 02:00:00 | How to update your Windows driver blocklist to keep malicious drivers away (lien direct) | For many years, attackers have used and abused various ways to get on our systems. From phishing to tricking us to click on websites, if an attacker can get their code on our systems they are no longer our systems. Attackers will even invest the time, energy, and expense to get their malicious drivers approved and co-designed through the Windows Hardware Compatibility Program in order to gain access to our machines. Ensuring that these malicious drivers are blocked is a key method for protecting systems.Microsoft has long touted a means to update this master listing on our systems and, in theory, the idea was valid: using settings and security hardware on the computer, enabling hypervisor-protected code integrity (HVCI) was supposed to protect systems from malicious drivers. Attackers have used such attacks in the past ranging from RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, to campaigns by the threat actor STRONTIUM. As a Microsoft blog in 2020 pointed out, if a computer had HVCI enabled, it would be able to defend itself against vulnerable and malicious drivers. In the blog post, it was noted that “Microsoft threat research teams continuously monitor the threat ecosystem and update the list of drivers that in the Microsoft-supplied blocklist. This blocklist is pushed down to devices via Windows update.”To read this article in full, please click here | Threat | APT 28 | |
|
2022-10-25 08:31:00 | BrandPost: How to Bridge the Ransomware Security Gap (lien direct) | It is hard to believe how far ransomware has evolved since its origins in the early 1980s. Today's big game ransomware attacks - which threaten everything from critical infrastructure, major corporations, hospitals, and schools - trace their roots to a UK doctor who shook down AIDS researchers with a bootloader virus (delivered on floppy disks) that locked down their computers and demanded cash. Since then, attacks and targets have only become bigger and more sophisticated.In fact, according to recent reports, ransomware attacks increased by 80% in the first half of 2022 compared to the first half of 2021. Today's attackers are breaking into networks, spending time enumerating and reconning victims, positioning ransomware on as many devices as possible, and then staging it to execute and encrypt all at once. The impacts can be devastating and costly, as illustrated by incidents like the Colonial Pipeline episode.To read this article in full, please click here | Ransomware | ||
|
2022-10-25 03:31:00 | Akamai to boost network-layer DDoS protection with new scrubbing centers (lien direct) | Content delivery network (CDN) provider Akamai said Tuesday that its Prolexic DDoS protection service will become able to handle DDoS attacks of up to 20Tbps, thanks to a new wave of construction of so-called scrubbing centers.The company's announcement said that this will effectively double its current capacity to handle network-level DDoS attacks, with rollouts planned for “all major regions,” which includes US East and West, Canada, Italy, Spain, Switzerland, India, Japan, Hong Kong and the Middle East. The first new centers will come online in the third quarter of this year, and will continue through 2023.To read this article in full, please click here | |||
|
2022-10-25 02:00:00 | Blockchain security companies tackle cryptocurrency theft, ransom tracing (lien direct) | According to data from the Rekt leaderboard, cybercriminals have stolen as much as $3 billion of investor funds through 141 various cryptocurrency exploits since January, putting 2022 on track to top 2021 levels of digital currency malfeasance. Comparitech's cryptocurrency heists tracker indicates that since 2011, hackers have stolen $7.9 billion in cryptocurrency worth about $45.5 billion in today's value.Along with the increased dollar amounts of cryptocurrency thefts, the scams, hacks, and exploits of cryptocurrency, Web3 (a decentralized view of the web that incorporates blockchain technologies and token-based economics), and blockchain-related organizations are growing bolder and more lucrative for malicious hackers even as the value of cryptocurrencies stagnates. This month alone, Binance saw its BNB chain drained of $586 million, close to the all-time most significant cryptocurrency theft of $624 million from the Ronin Network in March 2022.To read this article in full, please click here | Guideline | ||
|
2022-10-25 02:00:00 | 8 hallmarks of a proactive security strategy (lien direct) | CISOs have long been tasked with building response and recovery capabilities, the objective being to have teams that can react to a security incident as quickly as possible and can restore business functions with as little damage as possible.The need for those activities is certainly not going to go away, but many security chiefs are seeking to take more proactive steps to balance out reactive ones.“On the proactive side, you're trying to predict what kind of attack can occur in your environment and find your vulnerabilities before others do, so you reduce risk before it materializes,” says Pierre-Martin Tardif, cybersecurity professor at Université de Sherbrooke and member of the Emerging Trends Working Group with the professional IT governance association ISACA.To read this article in full, please click here | |||
|
2022-10-24 13:26:00 | BrandPost: With Hyperforce, Salesforce Delivers Both Speed and Agility to the Modern Business (lien direct) | It's no secret why enterprises are rapidly moving to SaaS and, in particular, to Salesforce to handle so many mission-critical business functions. There are tremendous benefits, including scalability, availability, security, and compliance, all of which increase the speed of business. It's a significant competitive advantage.Increasingly, our customers want to leverage Salesforce products in a new country in which they are doing business. Until recently, Salesforce customers' instances have been hosted in a Salesforce data center, but now, there's a new innovation that further accelerates the enterprise's speed to business. Hyperforce is a complete re-architecture of Salesforce designed to deliver an even more powerful and scalable platform to support the growth and success of Salesforce's global customer base. Hyperforce will enable Salesforce customers to securely deploy Salesforce apps and services from anywhere, while using the scale and agility of the public cloud.To read this article in full, please click here | |||
|
2022-10-24 11:05:00 | BrandPost: Cybersecurity Executives Say These are the Most Pressing Challenges They Face (lien direct) | Most cybersecurity teams grapple with similar issues, from defending against the ever-changing threat landscape to finding time for training and upskilling opportunities. I recently had the chance to speak with numerous security executives and industry experts at the Fortinet Security Summit, held in conjunction with the second annual PGA Fortinet Championship in Napa Valley, to discuss some of these challenges, insights, and potential solutions for addressing them.Challenge #1: The Proliferation of New Threat Vectors If the first half of 2022 was any indication, security teams are in for an interesting ride as we look ahead. In just the first six months, data from FortiGuard Labs shows that the number of new ransomware variants identified increased by nearly 100% compared to the previous six-month period.To read this article in full, please click here | Ransomware Threat | ||
|
2022-10-24 11:01:00 | BrandPost: How a Zero Trust Platform Approach Takes Security to the Next Level (lien direct) | Even though many organizations have a goal of achieving zero trust, this goal may not always be realizable in the solutions they are implementing. In fact, a recent survey found that while most responding organizations said they had implemented or were implementing a zero trust strategy, more than half of them didn't have the ability to authenticate users and devices on an ongoing basis. Giving too much trust could have disastrous – and costly – results. IBM estimates that the worldwide average cost of a data breach is currently a staggering $4.24 million.To read this article in full, please click here | Data Breach | ||
|
2022-10-24 07:43:00 | Security by design vital to protecting IoT, smart cities around the world, says CEO of UK NCSC (lien direct) | A secure by design approach is vital to protecting the internet of things (IoT) and smart cities, according to Lindy Cameron, CEO of the UK National Cyber Security Centre (NCSC). Cameron spoke during Singapore International Cyber Week, calling for swift ongoing action to ensure connected devices are designed, built, deployed, and managed securely to prevent malicious actors, improve national resilience, and reap the benefits of emerging technologies.Growth of IoT giving rise to increased security threats The scale of consumer-, enterprise-, and city-level IoT has exploded in the last decade, Cameron said, and the magnitude of changes coupled with growing dependency on connected technology has introduced significant security risks. “That is why now is the time to make sure we're designing and building them properly,” she added. “We all know that connected places are an evolving ecosystem, comprising a range of systems that exchange, process and store sensitive data, as well as controlling critical operational technology. Unfortunately, this makes these systems an attractive target for a range of threat actors. The threat posed by nation states is particularly acute.”To read this article in full, please click here | Threat | ||
|
2022-10-24 07:16:00 | Iran\'s nuclear energy agency confirms email server hacked (lien direct) | The Atomic Energy Organization of Iran on Sunday confirmed that an email server at its Bushehr Nuclear Power Plant was hacked. The organization blamed a foreign country, but an Iranian hacking group that goes by the name Black Reward has claimed responsibility for the breach.The Atomic Energy Organization said that the IT group serving the Bushehr plant has examined and issued a report on the breach, and denied any sensitive information being exposed. The energy agency said the hack was intended to gain the attention of the public and media."It should be noted that the content in users' emails contains technical messages and common and current daily exchanges," according to a statement on the organization's website. "It is obvious that the purpose of such illegal efforts, which are carried out of desperation, is to attract public attention."To read this article in full, please click here | Hack | ||
|
2022-10-24 02:00:00 | When CISOs are doomed to fail, and how to improve your chances of success (lien direct) | There's a joke cryptographer Jon Callas likes to tell: CISO stands for Chief Intrusion Scapegoat Officer, "because CISOs are often thrown into a position where they can't succeed." Callas, who is the director of public interest tech at the Electronic Frontier Foundation, says that security officers are often "simultaneously in charge and powerless." They know what they should do to mitigate risks, but they can't get enough support.This predicament threatens to overwhelm them. Almost 90% of CISOs consider themselves under moderate or high stress, and many change jobs often. According to the Heidrick & Struggles 2022 global survey, almost a quarter of CISOs have held their previous position for less than two years and 62% have been in their current role for less than a year.To read this article in full, please click here | |||
|
2022-10-21 03:00:00 | It\'s time to prioritize SaaS security (lien direct) | Did our focus on IaaS security come at the expense of SaaS security? Know what to guard against, especially excessive user permissions and misconfigured UIs, APIs, and integrations. |
To see everything:
Our RSS (filtrered)
