What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-10-04 11:47:00 | Tenable aims to unify your cybersecurity with exposure management platform (lien direct) | Tenable today announced the general availability of Tenable One, a unified exposure management platform designed to meet the changing needs of the modern cybersecurity professional by offering a holistic view of both on-premises and cloud-based attack surfaces.The modern cybersecurity attack surface is complex, fast-changing, and involves a panoply of different target systems and users that are all interconnected in a range of ways. Modern cybersecurity measures, on the other hand, are, all too often, architected just as they have been in the past, leading to major challenges in combating threats, according to a white paper Tenable released along with its new product.To read this article in full, please click here | Guideline | ||
|
2022-10-04 08:04:00 | Dell launches new cybersecurity resources to enhance zero-trust adoption, cyber resilience (lien direct) | Dell Technologies has announced a raft of new cybersecurity resources to help customers simplify zero-trust adoption and improve their cyber resiliency. These include a new Zero Trust Center of Excellence for validating a zero-trust architecture for commercial enterprises, as well as new security advisory/vulnerability management services and products designed to enhance cybersecurity across hardware, firmware, software, and object storage.To read this article in full, please click here | |||
|
2022-10-04 02:00:00 | 8 strange ways employees can (accidently) expose data (lien direct) | Employees are often warned about the data exposure risks associated with the likes of phishing emails, credential theft, and using weak passwords. However, they can risk leaking or exposing sensitive information about themselves, the work they do, or their organization without even realizing. This risk frequently goes unexplored in cybersecurity awareness training, leaving employees oblivious to the risks they can pose to the security of data which, if exposed, could be exploited both directly and indirectly to target workers and businesses for malicious gain.Here are eight unusual, unexpected, and relatively strange ways employees can accidently expose data, along with advice for addressing and mitigating the risks associated with them.To read this article in full, please click here | |||
|
2022-10-04 02:00:00 | New US DHS grant program can boost local governments\' cybersecurity strength (lien direct) | Local governments continue to grapple with ransomware and other cyberattacks that have crippled their school systems and halted other civic functions. The latest crisis in a long string of local government cyber incidents involves the Los Angeles Unified School District. After refusing to give in to ransomware syndicate Vice Society's demands for payment, it is forced to watch as the cybercriminal gang releases publicly the stolen, sensitive data in a double-extortion attack.To read this article in full, please click here | Ransomware | ||
|
2022-10-03 11:45:00 | Microsoft mitigation for new Exchange Server zero-day exploits can be bypassed (lien direct) | Attackers are currently exploiting two unpatched vulnerabilities to remotely compromise on-premises Microsoft Exchange servers. Microsoft confirmed the flaws late last week and published mitigation advice until a complete patch can be developed, but according to reports, the proposed mitigation can be easily bypassed.The new vulnerabilities were discovered in early August by a Vietnamese security company called GTSC while performing security monitoring and incident response for a customer whose servers were attacked. Initially, the GTSC researchers thought they might be dealing with a ProxyShell exploit based on the malicious requests seen in the server logs which looked similar. ProxyShell is an attack that chains three Exchange vulnerabilities and was patched last year.To read this article in full, please click here | |||
|
2022-10-03 11:41:00 | BrandPost: The Cyberthreat Minute: The Scale and Scope of Worldwide Cybercrime in 60 Seconds (lien direct) | By Steve Ginty, Principal Program Manager, Microsoft Defender Threat Intelligence (MDTI)Cybercrime is big and growing bigger. So much so that it can often be difficult to fully understand the impact online attacks have driven over the past decades. To better illustrate the scale and scope of worldwide cybercrime, we've used data from across Microsoft-owned properties and a mix of external sources to create the Cyberthreat Minute, a comprehensive report on malicious activity that is happening within any given 60-second window across the world.To read this article in full, please click here | Threat | ||
|
2022-10-03 08:42:00 | LiveAction adds new SOC-focused features to ThreatEye NDR platform (lien direct) | End-to-end network security and performance visibility vendor LiveAction has announced new security operations center (SOC) focused updates to its Network Detection and Response (NDR) platform, ThreatEye. In a press release, the firm stated that the platform features a new user interface (UI) designed to enhance the ability of SOC analysts to correlate findings and policy violations to track incidents.The platform offers enhanced predicative threat intelligence capabilities that allow SOC analysts to identify and track domains and IP addresses not yet active but registered by threat actors and associated malware campaigns. It also includes packet-based behavioral fingerprinting to identify behavior in encrypted traffic streams and host-based behavioral analysis, LiveAction added.To read this article in full, please click here | Malware Threat | ||
|
2022-10-03 02:00:00 | 11 old software bugs that took way too long to squash (lien direct) | In 2021, a vulnerability was revealed in a system that lay at the foundation of modern computing. An attacker could force the system to execute arbitrary code. Shockingly, the vulnerable code was almost 54 years old-and there was no patch available, and no expectation that one would be forthcoming.Fortunately, that's because the system in question was Marvin Minsky's 1967 implementation of a Universal Turing Machine, which, despite its momentous theoretical importance for the field of computer science, had never actually been built into a real-world computer. But in the decade or so after Minsky's design, the earliest versions of Unix and DOS came into use, and their descendants are still with us today in the 21st century. Some of those systems have had bugs lurking beneath the surface for years or even decades.To read this article in full, please click here | Vulnerability | ||
|
2022-09-30 13:12:00 | Cyberespionage group developed backdoors tailored for VMware ESXi hypervisors (lien direct) | Researchers have identified a new malware family that was designed to backdoor and create persistence on VMware ESXi servers by leveraging legitimate functionality the hypervisor software supports. According to researchers from Mandiant who found and analyzed the backdoors, they were packaged and deployed on infected servers as vSphere Installation Bundles (VIBs). VIBs are software packages used to distribute components that extend VMware ESXi functionality. The malicious VIBs provided hackers with remote command execution and persistence capabilities on the servers and the ability to execute commands on the guest virtual machines running on the servers.To read this article in full, please click here | Malware | ||
|
2022-09-30 08:54:00 | Enterprises embrace devsecops practices against supply chain attacks (lien direct) | For enterprise security professionals alarmed about the rising number of supply chain attacks, a report released this week by Google and supply chain security firm Chainguard has good news: Devsecops best practices are becoming more and more common.The recent prevalence of supply chain attacks-most notably the SolarWinds attack, which affected numerous large companies in 2021-has brought the topic into prominence. The Google-Chainguard report, though, found that many supply chain security practices recommended by the major frameworks are already in place among software developers, based on an ongoing “snowball” survey of 33,000 such developers over the past eight years.To read this article in full, please click here | |||
|
2022-09-29 13:14:00 | Malware builder uses fresh tactics to hit victims with Agent Tesla RAT (lien direct) | A recently discovered malware builder sold on the dark web, Quantum Builder, is being used in a new campaign featuring fresh tactics to deliver the Agent Tesla .NET-based keylogger and remote access trojan (RAT), according to an alert issued by the ThreatLabz research unit of cybersecurity company Zscaler.To read this article in full, please click here | |||
|
2022-09-29 11:46:00 | Most hackers need 5 hours or less to break into enterprise environments (lien direct) | Around 40% of ethical hackers recently surveyed by the SANS Institute said they can break into most environments they test, if not all. Nearly 60% said they need five hours or less to break into a corporate environment once they identify a weakness.The SANS ethical hacking survey, done in partnership with security firm Bishop Fox, is the first of its kind and collected responses from over 300 ethical hackers working in different roles inside organizations, with different levels of experience and specializations in different areas of information security. The survey revealed that on average, hackers would need five hours for each step of an attack chain: reconnaissance, exploitation, privilege escalation and data exfiltration, with an end-to-end attack taking less than 24 hours.To read this article in full, please click here | |||
|
2022-09-29 07:43:00 | BrandPost: You can\'t have zero trust without visibility (lien direct) | Words of wisdom from Sun Tzu: “If you know the enemy and know yourself, you need not fear the result of a hundred battles.”One of those battles is defending the network against cyberattacks, and it's constant. The military general and strategist was wise millennia beyond his time. He knew the power of complete visibility against an enemy who relies on evasive maneuvers.Network security has not fundamentally changed over the course of the last several decades. While we've seen new architectures emerge, if you take a step back, you'll see that the security industry has simply shifted the same detection and prevention techniques to new locations (on-prem, public cloud, as-a-service from cloud, cloud-native).To read this article in full, please click here | |||
|
2022-09-29 02:00:00 | 22 notable government cybersecurity initiatives in 2022 (lien direct) | Cybersecurity continues to be high on the agenda of governments across the globe, with both national and local levels increasingly working to counter cybersecurity threats. Much like last year, 2022 has seen significant, government-led initiatives launched to help to address diverse security issues.Here are 22 notable cybersecurity initiatives introduced around the world in 2022.February Israel commits to IDB cybersecurity initiative in Latin America, Caribbean The Israeli government announced that it will join the Inter-American Development Bank (IDB) to establish a new cybersecurity initiative, committing $2 million USD to help strengthen cybersecurity capabilities in Latin America and the Caribbean (LAC). Israel's funding would aid in building cyber capacity across the region by giving officials and policymakers access to forefront practices and world-leading knowledge and expertise, the government stated. “The cybersecurity initiative is paving the way for the safe and secure digitalization of Latin America and the Caribbean, one of the key elements for growth in the post-COVID era,” said Matan Lev-Ari, Israel's representative on the IDB's Board.To read this article in full, please click here | Guideline | ||
|
2022-09-29 02:00:00 | Recent cases highlight need for insider threat awareness and action (lien direct) | On September 1, a crew of US government offices launched the fourth-annual National Insider Threat Awareness Month (NITAM). The goal of the month-long event is to educate the government and industry about the dangers posed by insider threats and the role of insider threat programs. This year's campaign focuses on the importance of critical thinking to help workforces guard against risk in digital spaces.The NITAM launch announcement cited recent examples of insider threats in the digital space:To read this article in full, please click here | Threat | ||
|
2022-09-28 14:13:00 | Cryptojacking, DDoS attacks increase in container-based cloud systems (lien direct) | Cryptojacking is the most common form of attack against container-based systems running in the cloud, while geopolitical motivations-mainly related to Russia's war against Ukraine-factored into a fourfold increase in DDoS (distributed denial-of-service) attacks this year, according to a new report from cybersecurity company Sysdig.To read this article in full, please click here | |||
|
2022-09-28 13:42:00 | 16 Wall Street firms fined $1.8B for using private text apps, lying about it (lien direct) | The banks and brokerages were fined because employees were messaging and texting with clients without recording the communications, as required. And some of the firms' execs lied about it and deleted messages. | |||
|
2022-09-28 13:00:00 | BrandPost: Moving Security Technologies to the Cloud? 4 Tips for CISOs (lien direct) | As organizations increasingly migrate their data and applications to the cloud, it's more important than ever to understand how to protect this highly sensitive business information. Preventing leaks and data theft is critical for maintaining customer trust. And the cost of a single data breach can reach millions of dollars for many companies.While cloud computing may initially introduce some security complexity, it's worth it in the end. The cloud provides a more secure environment than you could ever hope for with on-premises servers. The challenge? How do you shift to the cloud without disrupting your business.Here are four steps CISOs can take to ensure a smooth transition:To read this article in full, please click here | Data Breach | ||
|
2022-09-28 08:03:00 | UK organizations, Ukraine\'s allies warned of potential "massive" cyberattacks by Russia (lien direct) | The head of the UK National Cyber Security Centre (NCSC) Lindy Cameron has given an update on Russia's cyber activity amid its war with Ukraine. Her speech at Chatham House today comes just a few days after Ukraine's military intelligence agency issued a warning that Russia was “preparing massive cyberattacks on the critical infrastructure of Ukraine and its allies.” This coincides with a new Forrester report that reveals the extent to which the cyber impact of the Russia-Ukraine conflict has expanded beyond the conflict zone with malware attacks propagating into European entities.UK NCSC CEO urges UK businesses to prepare for elevated alert Addressing Russian cyber activity this year, Cameron stated that, while we have not seen the “cyber-Armageddon” some predicted, there has been a “very significant conflict in cyberspace – probably the most sustained and intensive cyber campaign on record – with the Russian State launching a series of major cyberattacks in support of their illegal invasion in February.”To read this article in full, please click here | Malware | ||
|
2022-09-28 02:00:00 | How cybercriminals use public online and offline data to target employees (lien direct) | We post our daily lives to social media and think nothing of making key details about our lives public. We need to reconsider what we share online and how attackers can use this information to target businesses. Your firm's security may be one text message away from a breach.How and why attackers target new employees For example, a firm onboards a new intern and provides them with keys to the office building, logins to the network, and an email address. It's normal for employees to also have personal email and cellphones. Depending on the size of the firm, if you use multifactor authentication, you also deploy two-factor tokens or applications to their cellphones or provide them with a work phone. The first few days on the job can be hectic, with a lot of new technology to deal with. It can be overwhelming as well as stressful as the eager new hire wants to settle into the job and be accommodating.To read this article in full, please click here | |||
|
2022-09-27 02:00:00 | What are the new Windows 11 22H2 security features? (lien direct) | Windows 11 2022 (22H2 release) is now out, and Microsoft has once again placed a heavy emphasis on security. The good news for this release is that even Windows Home versions can receive some of the key security features with no additional Windows or Microsoft 365 licensing. Review the Windows 11 22H2 security baseline documents and begin to test these features.Windows 11 release cadence First, a reminder: With Windows 11 feature releases now only come out once a year. Major security changes occurred in the first release of Windows 11 (21H2) as well as this release of 22H2. Between each major feature release will be small incremental changes called “moment” releases. For example, expected future moment updates will be features such as tabs and a new sidebar to File Explorer.To read this article in full, please click here | |||
|
2022-09-26 16:51:00 | BrandPost: Extortion Economics: Ransomware\'s New Business Model (lien direct) | Did you know that over 80% of ransomware attacks can be traced to common configuration errors in software and devices? This ease of access is one of many reasons why cybercriminals have become emboldened by the underground ransomware economy.And yet, many threat actors are working within a limited pool of ransomware groups. Although ransomware is a headline-grabbing topic, it's ultimately being driven forward by a relatively small and interconnected ecosystem of players. The specialization and consolidation of the cybercrime economy has fueled ransomware as a service (RaaS) to become a dominant business model - enabling a wider range of criminals to deploy ransomware regardless of their technical expertise. This, in turn, has forced all of us to become cybersecurity defenders.To read this article in full, please click here | Ransomware Threat | ||
|
2022-09-26 13:59:00 | Zoho ManageEngine flaw is actively exploited, CISA warns (lien direct) | A remote code execution vulnerability in Zoho's ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) added the flaw to its catalog of known exploited vulnerabilities last week, highlighting an immediate threat for organizations that haven't yet patched their vulnerable deployments.The vulnerability, tracked as CVE-2022-3540, was privately reported to Zoho in June by a security researcher identified as Vinicius and was fixed later that same month. The researcher posted a more detailed writeup at the beginning of this month and, according to him, it's a Java deserialization flaw inherited from an outdated version of Apache OFBiz, an open-source enterprise resource planning system, where it was patched in 2020 (CVE-2020-9496). This means that the Zoho ManageEngine products were vulnerable for two years due a failure to update a third-party component.To read this article in full, please click here | Vulnerability Threat | ||
|
2022-09-26 08:43:00 | US CISA/NSA release new OT/ICS security guidance, reveal 5 steps threat actors take to compromise assets (lien direct) | The US Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have published a new Cybersecurity Advisory (CSA) for protecting operational technology (OT) and industrial control systems (ICS). The CSA outlines the Tactics, Techniques and Procedures (TTPs) malicious actors use to compromise OT/ICS assets and recommends security mitigations that owners and operators should implement to defend systems. The new advisory builds on previous NSA/CISA guidance on stopping malicious ICS activity and reducing OT exposure, and comes as the cybersecurity risks surrounding OT and ICS continue to threaten to safety of data and critical systems.To read this article in full, please click here | Threat | ||
|
2022-09-26 08:23:00 | Jamf buys ZecOps to bring high-end security to Apple enterprise (lien direct) | ZecOps protects world-leading enterprises, governments, and individuals; Jamf has acquired it to help secure the enterprise. | Guideline | ||
|
2022-09-26 07:42:00 | 97% of enterprises say VPNs are prone to cyberattacks: Study (lien direct) | Reliance on VPNs for remote access is putting enterprises at significant risk as social engineering, ransomware, and malware attacks continue to advance, exposing businesses to greater risk, according to a new report by cloud security company Zscaler.To read this article in full, please click here | |||
|
2022-09-26 02:00:00 | The deepfake danger: When it wasn\'t you on that Zoom call (lien direct) | In August, Patrick Hillman, chief communications officer of blockchain ecosystem Binance, knew something was off when he was scrolling through his full inbox and found six messages from clients about recent video calls with investors in which he had allegedly participated. “Thanks for the investment opportunity,” one of them said. “I have some concerns about your investment advice,” another wrote. Others complained the video quality wasn't very good, and one even asked outright: “Can you confirm the Zoom call we had on Thursday was you?”With a sinking feeling in his stomach, Hillman realized that someone had deepfaked his image and voice well enough to hold 20-minute “investment” Zoom calls trying to convince his company's clients to turn over their Bitcoin for scammy investments. “The clients I was able to connect with shared with me links to faked LinkedIn and Telegram profiles claiming to be me inviting them to various meetings to talk about different listing opportunities. Then the criminals used a convincing-looking holograph of me in Zoom calls to try and scam several representatives of legitimate cryptocurrency projects,” he says.To read this article in full, please click here | |||
|
2022-09-23 13:42:00 | SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware (lien direct) | Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for specific terms that are relevant to their work. Clicking on the malicious search results, which are artificially pushed higher in ranking, lead visitors to a known JavaScript malware downloader."Our findings suggest the campaign may have foreign intelligence service influence through analysis of the blog post subjects," researchers from security firm Deepwatch said in a new report. "The threat actors used blog post titles that an individual would search for whose organization may be of interest to a foreign intelligence service e.g., 'Confidentiality Agreement for Interpreters.' The Threat Intel Team discovered the threat actors highly likely created 192 blog posts on one site."To read this article in full, please click here | Malware Threat Guideline | ||
|
2022-09-22 23:37:00 | A third of Australian population likely affected in Optus cyberattack (lien direct) | Australia's second largest telecommunications provider, Optus, revealed it suffered a cyberattack where data from customers have possibly been accessed. However, the company claims the attack has not affected the platforms and services supporting wholesale, satellite and enterprise customers, and that of enterprise customers. Mobile and home internet services have also not been affected.Suspicious activity was noticed on Wednesday with Optus issuing a media statement on Thursday afternoon, which was a nation-wide public holiday.What Optus knows about the breach The 9.8 million number of “possibly” affected customers circulating is the worst-case scenario, said Optus CEO Kelly Bayer Rosmarin at a media conference on Friday. That is the equivalent to about 37% of the Australian population. In its most recent financial report, Optus revealed it had over 10 million mobile customers as of 31 March 2022.To read this article in full, please click here | |||
|
2022-09-22 15:39:00 | BrandPost: What\'s Missing in Most CISO\'s Security Risk Management Strategies (lien direct) | At the foundation of cybersecurity is the need to understand your risks and how to minimize them. Individuals and organizations often think about risk in terms of what they're trying to protect. When talking about risk in the IT world, we mainly talk about data, with terms like data privacy, data leakage and data loss. But there is more to cybersecurity risk than just protecting data. So, what should our security risk management strategies consider? Protecting data and blocking known vulnerabilities are good tactics for cybersecurity, but those activities are not the only components of what CISOs should be considering and doing. What's often missing is a comprehensive approach to risk management and a strategy that considers more than just data.To read this article in full, please click here | |||
|
2022-09-22 13:55:00 | Ransomware operators might be dropping file encryption in favor of corrupting files (lien direct) | Ransomware started out many years as scams where users were being tricked into paying fictitious fines for allegedly engaging in illegal online behavior or, in more serious cases, were blackmailed with compromising videos taken through their webcams by malware. The threat has since come a long way, moving from consumers to enterprises, adding data leak threats on the side and sometimes distributed denial-of-service (DDoS) blackmail.The attacks have become so widespread that they now impact all types of organizations and even entire national governments. The cybercriminal groups behind them are well organized, sophisticated, and even innovative, always coming up with new extortion techniques that could earn them more money. But sometimes, the best way to achieve something is not to complexity but to simplify and this seems to be the case in new attacks seen by researchers from security firms Stairwell and Cyderes where known ransomware actors opted to destroy files instead of encrypting them.To read this article in full, please click here | Ransomware Threat | ||
|
2022-09-22 12:53:00 | BrandPost: 5G Deployments, Wireless Hotspots Are Likely Culprits for Increased Attacks (lien direct) | Wireless operators continued to ramp up 5G deployments in 2021. 5G networks not only expanded to include 13 additional countries during that time, but the overall number of connections doubled from 2020 to reach more than 540 million people by the close of 2021.To read this article in full, please click here | |||
|
2022-09-22 02:00:00 | Multi-factor authentication fatigue attacks are on the rise: How to defend against them (lien direct) | Credential compromise has been one of the top causes for network security breaches for a long time, which has prompted more organizations to adopt multi-factor authentication (MFA) as a defense. While enabling MFA for all accounts is highly encouraged and a best practice, the implementation details matter because attackers are finding ways around it.One of the most popular ways is spamming an employee whose credentials have been compromised with MFA authorization requests until they become annoyed and approve the request through their authenticators app. It's a simple yet effective technique that has become known as MFA fatigue and was also used in the recent Uber breach.To read this article in full, please click here | Uber Uber | ||
|
2022-09-22 02:00:00 | D&O insurance not yet a priority despite criminal trial of Uber\'s former CISO (lien direct) | The trial of former Uber CISO Joe Sullivan marks the first time a cybersecurity chief has faced potential criminal liability. Sullivan is charged with trying to conceal from federal investigators the details of a 2016 hack at Uber that exposed the email addresses and phone numbers of 57 million drivers and passengers. The two charges against Sullivan, obstruction of justice and failure to report a crime, carry potential jail time of five and three years, respectively, in a watershed case that has drawn the attention of security professionals.To read this article in full, please click here | Hack | Uber Uber | |
|
2022-09-21 11:59:00 | BrandPost: Managing Cloud Risks with Cloud-Native Protection (lien direct) | The pandemic generated quite a bit of demand in the cloud, thanks primarily to organizations scrambling over night to transform their IT architectures and implement more of a hybrid model. This allowed businesses to more quickly adapt to the work from anywhere environment and still maintain normal business operations.Too many security solutions, weakened securityThe rush to the cloud added to the burden of security and operations teams because cloud environments are both varied and complex. As a result, standard security solutions are unable to respond to these new dangers in a sufficient manner. Organizations will continue to invest in innovative security solutions in the fast-changing IT world to address emerging risks.To read this article in full, please click here | |||
|
2022-09-21 11:55:00 | BrandPost: Great Cyber Hygiene Starts with a Culture of Security Awareness (lien direct) | With October fast approaching, we are reminded by Cybersecurity Awareness Month that cybersecurity affects everyone and is everyone's responsibility. This is why organizations are focusing more and more on implementing cybersecurity awareness training to improve cyber hygiene and behaviors across their entire workforce. Having the right cybersecurity solutions is critical, but if an organization's workforce doesn't utilize the security tools in place or doesn't know what to avoid in their day-to-day activities, they're putting themselves at risk and, ultimately, their organizations at risk of being breached. Every person at an organization-regardless of their role-must be on top of their game to defend the enterprise against threat actors.To read this article in full, please click here | Threat | ||
|
2022-09-21 10:47:00 | Former Broadcom engineer gets eight months in prison for trade secrets theft (lien direct) | Peter Kisang Kim admitted to stealing Broadcom data related to its Trident family of network switching and cloud networking chipsets, while working for a Chinese startup. | |||
|
2022-09-21 08:18:00 | Report: The state of secure identity 2022 (lien direct) | A new report from Okta has found that credential stuffing as a means of breaching Customer Identity and Access Management (CIAM) services is accelerating, fuelled by password reuse coupled with malicious bots and other automated tools.The State of Secure Identity 2022 report, which is based on self-reported data from customers of Okta's AuthO access management platform across the globe, found that 34% of all traffic across Auth0 network consists of credential stuffing attempts-amounting to nearly 10 billion attempts. In the first quarter of 2022, the Auth0 network tracked two of the largest credential stuffing spikes ever on the platform, with more than 300 million attempts per day.To read this article in full, please click here | ★★★ | ||
|
2022-09-21 07:52:00 | BrandPost: Will the Cloud Kill Security Agents? (lien direct) | The “agents or no agents” debate is ancient and eternal. Every decade or so, we go through another round of “agents are terrible, let's end them” and “we need more visibility and control to secure the system, maybe we'll call it a 'sensor' this time.” We ultimately always land on the same conclusion. There are no silver bullets. Today, the debate is alive and well because cloud is the new frontier, so surely agents are dead this time? We don't think so.Agentless is great to get you started in cloud security. If you're not willing to accept blind spots, you'll need agents and other approaches too.To read this article in full, please click here | |||
|
2022-09-21 07:39:00 | BrandPost: Three Ways Security in the Azure Cloud Just Got Simpler (lien direct) | Organizations' use of the cloud is increasing, but this is contributing to a rise in the volume of cloud security incidents. In the 2022 Cloud Security Report, 98% of organizations told Check Point they use the cloud to host business applications and store data. But more than a quarter (27%) of respondents revealed they had suffered a security incident in their cloud environments in the last year. Of those events, 23% resulted from a cloud misconfiguration.This is why the Center for Internet Security (CIS) continues to partner with cloud service providers (CSPs) like Microsoft Azure to provide security hardening guidelines for cloud-based systems. In this partnership, Azure security and compliance experts join the CIS WorkBench communities to contribute their guidance – alongside the other CIS Community Members – to help in the development and consensus process. CIS facilitates the feedback from the community and contributes our expertise to that process.To read this article in full, please click here | |||
|
2022-09-21 02:00:00 | Top 5 attack surface challenges related to security operations (lien direct) | According to newly published ESG research, just over half of all organizations (52%) say that security operations are more difficult today than they were two years ago. When asked why, 41% pointed to an evolving and dangerous threat landscape, 38% identified a growing and changing attack surface, 37% said that alert volume and complexity are driving this change, and 34% blamed growing use of public cloud computing services.Now most of these challenges are déjà vu all over again, impacting security teams year after year. There is one exception, however: The growing attack surface. Certainly, the attack surface has been growing steadily since we all started using Mosaic browsers, but things really took off over the past few years. Blame Amazon, COVID, or digital transformation, but organizations are connecting IT systems to third parties, supporting remote workers, developing cloud-native applications, and using SaaS services in record numbers. When you take all these factors into consideration, enterprise organizations typically use tens of thousands of internet-facing assets.To read this article in full, please click here | Threat | ||
|
2022-09-20 11:51:00 | BrandPost: Threat Actors Are Launching More Direct-Path DDoS Attacks (lien direct) | Just as the emergence of COVID-19 led to changes in how threat actors launched attacks, the return to work and school that began in the second half of 2021 (before Omicron reared its ugly head in November) resulted in a number of changes on the part of cyber attackers.One of the more noticeable changes has been an increase in attacks that target specific industries. With these direct-path attacks, threat actors target individual organizations rather than indiscriminately targeting customers of communications service providers (CSPs) such as internet service providers (ISPs) and wireless carriers.Specifically, threat actors launched two direct-path packet-flooding attacks of more than 2.5 terabits per second using server-based botnets in 2H 2021. These are the first terabit-class, direct-path distributed denial-of-service (DDoS) attacks that have been identified, and they signal that changes are afoot in attacker strategy.To read this article in full, please click here | Threat | ||
|
2022-09-20 11:31:00 | Ransomware is (slightly) on the decline, cyberinsurance company says (lien direct) | Ransomware attacks began to become both less common and less costly in the first half of 2022, as payments to attackers and the number of attacks that resulted in paid ransoms both shrank, according to new data released today by cyberinsurance company Coalition.After increasing sharply at the outset of the pandemic, the frequency of ransomware claims made by Coalition policyholders shrank sharply during the first six months of the year, dropping from a peak of 0.66% of all policyholders in the second half of last year to 0.41% in early 2022-a figure lower than the initial 0.44% seen in 2020's second half, when the COVID crisis was at its height.To read this article in full, please click here | Ransomware | ||
|
2022-09-20 07:22:00 | (Déjà vu) CrowdStrike adds XDR, other capabilites across 4 key security products (lien direct) | CrowdStrike on Tuesday announced enhancements to four of its security products–Falcon Insight, CrowdStrike Cloud Security, Humio, and Falcon Discover. The new features include XDR (extended detection and response), enhanced zero trust, new log management, and IoT security capabilities.To read this article in full, please click here | |||
|
2022-09-20 07:22:00 | CrowdStrike launches enhancements to four key product lines (lien direct) | CrowdStrike on Tuesday announced enhancements to four of its security products–Falcon Insight, CrowdStrike Cloud Security, Humio, and Falcon Discover. The new features include XDR (extended detection and response), enhanced zero trust, new log management, and IoT secuirty capabilities.The first new offering is an extension to Crowdstrike's Falcon Insight by including XDR capabilities. CrowdStrike will now allow all its EDR customers to activate XDR capabilities within Falcon Insight XDR through connector packs that unlock cross-domain detections, investigations and response actions across all key security domains from a unified console. However, customers will have to pay an additional charge for the new features.To read this article in full, please click here | |||
|
2022-09-20 05:15:00 | Palo Alto adds software composition analysis to Prisma Cloud to boost open-source security (lien direct) | Palo Alto Networks has added a new software composition analysis (SCA) solution to Prisma Cloud to help developers safely use open-source software components. The vendor has also introduced a software bill of materials (SBOM) for developers to maintain and reference a codebase inventory of application components used across cloud environments. The updates come as open-source software risks persist with attention steadily turning toward raising the security bar surrounding open-source components.To read this article in full, please click here | |||
|
2022-09-20 04:03:00 | Uber links cyberattack to LAPSUS$, says sensitive user data remains protected (lien direct) | Uber has linked its recent cyberattack to an actor (or actors) affiliated with the notorious LAPSUS$ threat group, responsible for breaching the likes of Microsoft, Cisco, Samsung, Nvidia and Okta this year. The announcement came as the ride-hailing giant continues to investigate a network data breach that occurred on Thursday, September 15.Attacker gained elevated permissions to tools including G-Suite and Slack In a security update published on Monday, September 19, Uber wrote, “An Uber EXT contractor had their account compromised by an attacker. It is likely that the attacker purchased the contractor's Uber corporate password on the dark web, after the contractor's personal device had been infected with malware, exposing those credentials. The attacker then repeatedly tried to log in to the contractor's Uber account.” Each time, the contractor received a two-factor login approval request, which initially blocked access, it added.To read this article in full, please click here | Threat | Uber Uber | |
|
2022-09-20 02:00:00 | Most common SAP vulnerabilities attackers try to exploit (lien direct) | Unpatched vulnerabilities, common misconfigurations and hidden flaws in custom code continue to make enterprise SAP applications a target rich environment for attackers at a time when threats like ransomware and credential theft have emerged as major concerns for organizations.A study that Onapsis conducted last year, in collaboration with SAP, found attackers are continuously targeting vulnerabilities in a wide range of SAP applications including ERP, supply chain management, product life cycle management and customer relationship management. Active scanning for SAP ports has increased since 2020 among attackers looking to exploit known vulnerabilities, particularly a handful of highly critical CVEs.To read this article in full, please click here | Ransomware | ||
|
2022-09-19 06:18:00 | A third of enterprises globally don\'t prioritize digital trust: ISACA (lien direct) | Digital trust is crucial for modern business relationships as increasingly, transactions require sensitive information to be shared online. However, a new report from ISACA-the Information Systems Audit and Control Association certification association -highlights significant gaps between what enterprises are doing now and what they should do to earn customer trust in their digital ecosystems.The report combines insights from 2,755 business and IT professionals worldwide. It defines digital trust as confidence in the integrity of relationships, interactions and transactions among providers and consumers within an associated digital ecosystem.While 85% of respondents said digital trust is extremely or very important to organizations today, and 63% said digital trust is extremely or very relevant to their job role, only 66% said their organization prioritizes digital trust in line with its level of importance. “This will be a growing concern, as four out of five respondents or 82% believe that digital trust will be more important in five years than it is today,” ISACA noted. To read this article in full, please click here | |||
|
2022-09-19 05:05:00 | 5 ways to grow the cybersecurity workforce (lien direct) | The demand for cybersecurity professionals has surged over the past decade. According to (ISC)2's 2020 Cybersecurity Workforce Study, while the global cybersecurity workforce need stands at 3.1 million, with nearly 400,000 open cybersecurity positions in the U.S. In addition, more than half of survey respondents (56%) say that cybersecurity staff shortages are putting their organizations at risk.“This remains an emerging industry with threats shifting almost on a daily basis, including new threat actors, new technologies and the evolution of 5G,” says Erin Weiss Kaya, a Booz Allen talent strategy expert for cyber organizations. “Yet we're still dealing with an 0% unemployment rate, with far more demand than we have current supply.”To read this article in full, please click here | Threat |
To see everything:
Our RSS (filtrered)
