What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-09-19 02:00:00 | International cooperation is key to fighting threat actors and cybercrime (lien direct) | In this era of cybersecurity, when nation-state digital attacks and cybercrime quickly cut across country borders and create global crises, international cooperation has become an urgent priority. The need for global collaboration to cope with various pressing threats, from electronic espionage to ransomware attacks on critical infrastructure, is imperative to prevent economic and social disasters, top cybersecurity professionals and government officials say.At this year's Billington Cybersecurity Summit, leaders from across the globe gathered to discuss the importance of international partnerships in managing the persistent threats governments must address. The near-total digitalization of every aspect of society that exposes virtually all public and private sector services to escalating cyber threats dictates a more robust, collective defense. Moreover, as cyber risks intensify and multiply, governments worldwide are stepping up their own independent efforts to protect against the rising tide of digital threats.To read this article in full, please click here | Ransomware Threat Guideline | ||
|
2022-09-19 02:00:00 | Collaboration is key to balance customer experience with security, privacy (lien direct) | The way Yaron Cohen sees it, companies today must do in the digital world what came naturally to neighborhood merchants who saw their customers every day. “In the old world, when people used to go to the corner store and meet the same shopkeeper every day, he'd know their tastes and what they'd buy and would personalize the experience for them,” says Cohen, a user experience researcher focused on digital strategy.“But now we're in a place where everything is mechanical. In the world of e-commerce there's no human connection, and so to understand that customer, you have to collect data. This is where privacy problems start.”Organizations of all sizes and stripes are collecting increasing amounts of data on individuals as they seek to create better customer experiences and deliver personalized services. A study of 1,000 executives from Skynova, which offers online invoicing for small businesses, found that 86% of the 1,000 business owners and executives it surveyed gathered data from its customers. It found 75% of businesses with fewer than ten employees did so, compared to 93% of those at organizations with 100-plus workers. The study also showed that 64% collected data on their customers from their social media sites.To read this article in full, please click here | |||
|
2022-09-16 12:45:00 | API security-and even visibility-isn\'t getting handled by enterprises (lien direct) | A report released this week by OpinionMatters and commissioned by Noname Security found that more than three out of four senior cybersecurity professionals in the US and UK said that their organization had experienced at least one API-related security incident within the last 12 months.A similar number, 74%, said that they had not completed a full inventory of all APIs in their systems, or have full knowledge of which ones could return sensitive data. The most common security gaps identified were dormant APIs-APIs that have been ostensibly replaced but remain in operation-authorization vulnerabilities, and web application firewalls.To read this article in full, please click here | |||
|
2022-09-16 06:00:00 | BrandPost: Tips for Improving Security Visibility (lien direct) | One of today's biggest security gaps is visibility into your data - knowing what's happening before it's too late. Bad actors rely on staying hidden in the noise of logs, systems, tools, teams, processes and silos. Improving visibility is vital for security practitioners to ensure they aren't missing things that could prove crucial to the security of their organization.According to a recent industry survey, 80% of organizations that lack visibility into their assets report roughly three times as many cybersecurity incidents. And when asked to identify the biggest cause of SOC ineffectiveness, 65% of leaders cited “visibility into the attack surface.”To read this article in full, please click here | Guideline | ||
|
2022-09-16 03:46:00 | Uber responding to “cybersecurity incident” following reports of significant data breach (lien direct) | Ride-hailing giant Uber has confirmed that it is responding to a cybersecurity incident as reports emerge that the firm has suffered a significant network data breach forcing it to shut down several internal communications and engineering systems.Attacker announces Uber breach through compromised Slack account In a statement on Twitter, Uber wrote “We are currently responding to a cybersecurity incident. We are in touch with law enforcement and will post additional updates here as they become available.” While details from the company are currently sparse, a report by the New York Times on Thursday claimed that a hacker was able to compromise an employee's Slack account and used it to send a message to Uber employees announcing that the company had suffered a data breach.To read this article in full, please click here | Data Breach | Uber Uber | |
|
2022-09-16 02:00:00 | US OMB releases guidance on federal agency software security requirements (lien direct) | Earlier this week, Chris DeRusha, federal CISO and deputy national cyber director in the White House, announced the release of Office of Management and Budget (OMB) guidance to ensure federal agencies rely only on software that has been built following standard cybersecurity practices. This software security requirement applies to all civilian federal agencies and software security vendors who do business with them.The software security guidance was developed under President Biden's wide-ranging cybersecurity executive order (EO) issued in May 2021. The impetus for the software security mandates contained in the order was the massive SolarWinds software breach that occurred in late 2020 and awakened the industry to the significant potential for damaging vulnerabilities in software and the software supply chain.To read this article in full, please click here | |||
|
2022-09-15 06:16:00 | BrandPost: How SSE Became a Critical Component of the New Jersey Judiciary\'s Strategic Roadmap (lien direct) | The New Jersey Judiciary (NJJ), or justice system, encompasses the New Jersey Supreme Court, 21 county courts, and 535 municipal and other courts. When the COVID-19 pandemic hit, the NJJ transformed court systems to operate virtually while remaining secure. By implementing the Zscaler Zero Trust Exchange, which provides a comprehensive security service edge (SSE) platform, the organization enabled its 10,000 employees to work securely from anywhere and increased the number of virtual courtrooms from 40 to 400 - in just six days.To read this article in full, please click here | |||
|
2022-09-15 05:20:00 | US government indicts Iranian nationals for ransomware and other cybercrimes (lien direct) | The US Department of Justice (DOJ) unsealed an indictment that charged three Iranian cybercriminals with orchestrating a series of attacks from October 2020 to the present, that resulted in the three being able to access the computer networks of multiple US entities. The three, Mansour Ahmadi, a.k.a. Mansur Ahmadi, 34; Ahmad Khatibi Aghda, a.k.a. Ahmad Khatibi, 45; and Amir Hossein Nickaein Ravari, a.k.a. Amir Hossein Nikaeen, a.k.a. Amir Hossein Nickaein, a.k.a. Amir Nikayin, 30, not only attacked hundreds of victims in the United States, but also entities in Israel, the United Kingdom, Russia, and Iran itself.To read this article in full, please click here | Ransomware | ||
|
2022-09-15 02:00:00 | Russia\'s cyber future connected at the waist to Soviet military industrial complex (lien direct) | The Center for European Policy Analysis (CEPA) recently published a 38-page study, Russian Cyberwarfare: Unpacking the Kremlin's Capabilities by two esteemed researchers, Irina Borogan and Andrei Soldatov. The opening premise is that Russia has not demonstrated its cyber warfare adroitness in support of its invasion of Ukraine. Whether the Russians tried, and their efforts failed due to the capabilities of Ukraine's cyber defenders or because leadership meddling disrupted the execution strategies of the professional cyber warriors, hasn't yet been revealed. What is evident is that the Ukraine example has called into question the Russian playbook being technologically focused and suggests that the political quotient is much more in play than perhaps previously suggested.To read this article in full, please click here | Guideline | ★★★★ | |
|
2022-09-14 14:52:00 | (Déjà vu) Excess privilege in the cloud is a universal security problem, IBM says (lien direct) | Excess privilege granted to cloud identities is a key component in 99% of all security tests performed by IBM's X-Force Red penetration testing team, according to a report released Wednesday by the company.Both human users and service accounts were consistently found to have more access rights and privileges than they generally need, which makes exploiting a successful breach in a cloud system much easier than it would otherwise be, the report said.“This setup enabled attackers who managed to get a foothold in the environment to pivot and move laterally to exploit additional cloud components or assets,” according to the report.That's bad news for the cloud sector, which also saw a 200% increase in the number of compromised accounts being sold on the dark web, and an increase in the average severity score of vulnerabilities found in cloud systems, IBM said. That severity score, which is based on CVSS, rose to an average of 18 in the latest report, up from 15 ten years ago.To read this article in full, please click here | |||
|
2022-09-14 14:52:00 | Excess privilege in the cloud is a universal problem, IBM says (lien direct) | Excess privilege granted to cloud identities is a key component in 99% of all security tests performed by IBM's X-Force Red penetration testing team, according to a report released Wednesday by the company.Both human users and service accounts were consistently found to have more access rights and privileges than they generally need, which makes exploiting a successful breach in a cloud system much easier than it would otherwise be, the report said.“This setup enabled attackers who managed to get a foothold in the environment to pivot and move laterally to exploit additional cloud components or assets,” according to the report.That's bad news for the cloud sector, which also saw a 200% increase in the number of compromised accounts being sold on the dark web, and an increase in the average severity score of vulnerabilities found in cloud systems, IBM said. That severity score, which is based on CVSS, rose to an average of 18 in the latest report, up from 15 ten years ago.To read this article in full, please click here | |||
|
2022-09-14 12:08:00 | Cybersecurity startup launches mobile app to protect against phishing attacks (lien direct) | Cybersecurity startup novoShield has launched an enterprise-grade mobile security application, designed to protect users from mobile phishing threats.Released this week for iPhones via the US and Israeli Apple app stores, novoShield's namesake app detects malicious websites in real time and blocks users from accessing them. The software also provides users with live on-screen indicators to inform them when a website is safe to browse.To read this article in full, please click here | |||
|
2022-09-14 08:26:00 | AutoRabit launches devsecops tool for Salesforce environments (lien direct) | Devsecops firm AutoRabit is trying to address security issues arising from policy changes and misconfigurations in Salesforce environments with a new offering, CodeScan Shield.CodeScan Shield is the next iteration of AutoRabit's static code analysis tool, CodeScan, and elevates the capabilities of CodeScan with the help of a new module called OrgScan. The new module governs organizational policies by enforcing the security and compliance rules mandated for Salesforce environments.With OrgScan, a dashboard is created at the end of each scan and identifies any areas of concern. This puts the control back in an organization's hands, saving time and money, the company said.To read this article in full, please click here | Tool | ||
|
2022-09-14 06:20:00 | Most enterprises looking to consolidate security vendors (lien direct) | A total 75% of organizations across North America, Asia Pacific and EMEA plan to consolidate the number of security vendors they use, a Gartner survey of 418 respondents found. That percentage has increased significantly, as only 29% were looking to consolidate vendors in 2020. The main reasons are an increase in dissatisfaction with operational inefficiencies and lack of integration of a heterogenous security stack, the survey found.Companies look to reduce the number of vendors they work with in key areas like secure access service edge (SASE) and extended detection and response (XDR). The survey found that 57% of organizations are working with fewer than ten vendors for their security needs.To read this article in full, please click here | |||
|
2022-09-14 06:11:00 | New Sysdig cloud security software prioritizes risk, cuts remediation time (lien direct) | Unified container and cloud security firm Sysdig on Wednesday launched its cloud security posture management (CSPM) offering, which aggregates security findings by root cause and prioritizes remediation based on impact. The new offering consists of ToDo, an actionable checklist showing prioritized risks, and Remediation Guru, which offers guided remediation at the source. “We consistently hear from prospects that the cloud security tools they are familiar with inundate teams with alerts and findings. Compounding the issue is cutting through the noise to know where to devote resources,” said Maya Levine, product manager at Sysdig. To read this article in full, please click here | |||
|
2022-09-14 06:00:00 | One in 10 employees leaks sensitive company data every 6 months: report (lien direct) | Insider threats are an ongoing menace that enterprise security teams need to handle. It's a global problem but especially acute in the US-with 47 million Americans quitting their jobs in 2021, the threat of ex-employees taking sensitive information to competitors, selling it to criminals in exchange for cash, and leaking files to media is making data exfiltration a growing concern. About 1.4 million people who handle sensitive information in their organization globally were tracked over the period from January to June 30 this year by cybersecurity firm Cyberhaven to find out when, how and who is involved in data exfiltration.On average, 2.5% of employees exfiltrate sensitive information in a month, but over a six-month period, nearly one in 10, or 9.4% of employees, do so, Cyberhaven noted in its report. Data exfiltration incident occurs when data is transferred outside the organization in unapproved ways.To read this article in full, please click here | Threat | ||
|
2022-09-14 05:09:00 | Iranian cyberspies use multi-persona impersonation in phishing threads (lien direct) | One of the most prolific state-sponsored Iranian cyber espionage groups is targeting researchers from different fields by setting up sophisticated spear-phishing lures in which they use multiple fake personas inside the same email thread for increased credibility.Security firm Proofpoint tracks the group as TA453, but it overlaps with activity that other companies have attributed to Charming Kitten, PHOSPHORUS and APT42. Incident response company Mandiant recently reported with medium confidence that APT42 operates on behalf of the Islamic Revolutionary Guard Corps (IRGC)'s Intelligence Organization (IRGC-IO) and specializes in highly targeted social engineering.To read this article in full, please click here | Conference | APT 35 APT 42 | |
|
2022-09-14 02:00:00 | Recommended security resources for Microsoft Active Directory (lien direct) | Many firms are still firmly in an Active Directory (AD) world. They may have moved some applications to the cloud, but key line-of-business applications still use AD. Do you remember the last time you reviewed your Active Directory security posture? Microsoft has not kept up to date with its Best practices for Securing Active Directory web page, as parts of it have warnings that it hasn't been updated since 2013. Fortunately, other resources are available for those in need of guidance in protecting and hardening AD. Here are some of the sites that I follow and provide excellent guidance:To read this article in full, please click here | |||
|
2022-09-13 13:30:00 | (Déjà vu) BrandPost: How to Improve Security with a Zero Trust Approach (lien direct) | The National Institute of Standards and Technology (NIST) zero-trust security framework presents a new way of solving an age-old problem of securing networks and information, and organizations of all sizes are rethinking their security architecture, processes, and procedures to adopt zero-trust principles.According to the NIST, “Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan industrial and enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location or based on asset ownership ... Zero trust focuses on protecting resources, not network segments, as the network location is no longer seen as the prime component to the security posture of the resource.”To read this article in full, please click here | |||
|
2022-09-13 12:45:00 | BrandPost: Architecting the Zero Trust Enterprise: The Benefits of Adopting a Holistic Approach to Zero Trust (lien direct) | Zero Trust is a strategic approach to cybersecurity that secures an organization by eliminating implicit trust and continuously validating every stage of digital interaction.The Zero Trust Model has become increasingly top of mind for executives who need to keep up with digital transformation and adapt to the ever-changing security landscape. Unfortunately, many organizations are still struggling with a poorly integrated, loose assembly of point products that do not align with the strategic approach expected by board members and C-level executives.To read this article in full, please click here | |||
|
2022-09-13 11:02:00 | Q-Scout aims for smartphone security without the intrusiveness (lien direct) | Mobile security firm Quokka-which earlier this week rebranded from its previous name, Kryptowire-is launching a new smartphone protection product called Q-Scout, designed to offer deep insight into applications on Android and iOS devices without being intrusive to end users.Q-Scout has two primary functions. First, it checks through individual applications on an end-user's device to detect apps with known security flaws. Second, it analyzes the interaction and permission sets granted to installed apps to detect any potentially dangerous interactions. One example would be an app that has permission to access the camera and another with access to the internet-if those two apps are able to communicate freely with one another, it could create the opportunity to exfiltrate photos from the device.To read this article in full, please click here | |||
|
2022-09-13 10:20:00 | BrandPost: Cloud Lateral Movement: Breaking in Through a Vulnerable Container (lien direct) | Lateral movement is a growing concern with cloud security. That is, once a piece of your cloud infrastructure is compromised, how far can an attacker reach?What often happens in famous attacks to Cloud environments is a vulnerable application that is publicly available can serve as an entry point. From there, attackers can try to move inside the cloud environment, trying to exfiltrate sensitive data or use the account for their own purpose, like crypto mining.In this article, we'll introduce a staged, but real-world scenario to showcase how it would be possible for an attacker to get full access to a cloud account. We'll also cover how to detect and mitigate this kind of attack by using Sysdig Cloud Connector.To read this article in full, please click here | |||
|
2022-09-13 07:35:00 | One-third of enterprises don\'t encrypt sensitive data in the cloud (lien direct) | While most organizations list cloud security as one of their top IT priorities, they continue to ignore basic security hygiene when it comes to data in the cloud, according to Orca's latest public cloud security report. The report revealed that 36% of organizations have unencrypted sensitive data such as company secrets and personally identifiable information in their cloud assets. The global pandemic accelerated the shift to cloud computing, as the sudden and massive move to remote work forced companies to provide employees with access to business systems from anywhere.Gartner predicts that worldwide spending on public cloud computing services will rise 20.4% to a total of $494.7 billion this year and expects it to reach nearly $600 billion in 2023. To read this article in full, please click here | |||
|
2022-09-13 07:13:00 | BrandPost: How to Stop Ransomware (lien direct) | Security Service Edge (SSE) is a relatively new category. Depending on how you look at it, it's either a consolidation of three existing security categories - Secure Web Gateway (SWG), Zero Trust Network Architecture (ZTNA), and Cloud Access Security Broker (CASB) - or, it's a deconstruction of SASE that separates security capabilities from network plumbing.Either way, SSE is not just an arbitrary addition to the security industry's alphabet soup: it's a highly relevant evolution of enterprise security that recognizes what organizations need to protect their distributed users, applications, and workloads against today's ever-evolving threats.To read this article in full, please click here | Ransomware | ||
|
2022-09-13 02:00:00 | CNAPP buyers guide: Top tools compared (lien direct) | Cloud security continues to be a vexing situation, and the tool set continues to become more complex, riddled with acronyms representing possible solutions. Now there's another: the cloud native application protection platform, or CNAPP. This tool combines the coverage of four separate products: A cloud infrastructure entitlements manager (CIEM) that manages overall access controls and risk management tasks A cloud workload protection platform (CWPP) that secures code across all kinds of cloud-based repositories and provides runtime protection across the entire development environment and code pipelines A cloud access security broker (CASB) that handles authentication and encryption tasks A cloud security posture manager (CSPM) that combines threat intelligence and remediation IT and security managers are looking for a few basic elements from these products, including more accurate threat detection, support for all workloads across multiple cloud deployments, and ways to implement preventable controls.To read this article in full, please click here | Tool Threat | ||
|
2022-09-13 02:00:00 | U.S. government offensive cybersecurity actions tied to defensive demands (lien direct) | Offensive cyber operations are best known as acts of digital harm, mainly in the context of cyber “warfare,” with nation-states, particularly intelligence organizations, serving as the primary actors. But, as experts and officials speaking at the Billington Cybersecurity Summit this year attest, “offensive cyber” is also a term increasingly applied to the growing use of digital tools and methods deployed by various arms of the federal government, often in partnership with private sector parties, to snuff out threats or help victims of ransomware actors proactively.To read this article in full, please click here | Ransomware | ||
|
2022-09-13 00:00:00 | Hands-on cyberattacks jump 50%, CrowdStrike reports (lien direct) | Enterprises monitored by CrowdStrike's Falcon OverWatch threat hunters faced 77,000 attempts of hands-on, interactive intrusions, or approximately one potential intrusion every seven minutes, between July 1, 2021, and June 30, 2022-a 50% year-over-year increase, according to a new report from the cybersecurity company.Breakout time, or the time an adversary takes to move laterally from an initially compromised host to another host within the victim's environment, fell to one hour and 24 minutes compared to one hour and 38 minutes during the year-earlier period, demonstrating that adversaries continue to sharpen their tradecraft, according to CrowdStrike. To read this article in full, please click here | Threat | ||
|
2022-09-12 05:44:00 | CISA launches incident, ransomware reporting rulemaking RFI (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released its request for information (RFI) on upcoming reporting requirements that will mandate organizations report significant cybersecurity incidents within 72 hours and ransomware payments 24 hours after payments are made. The RFI follows the March passage of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), which requires CISA to pursue a regulatory rulemaking path for collecting the incident and ransomware payment data.To read this article in full, please click here | Ransomware | ||
|
2022-09-12 02:00:00 | 8 notable open-source security initiatives of 2022 (lien direct) | Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development. Vendors, tech firms, collectives and governments have contributed to helping raise the open-source security bar amid organizations' increasing use of and reliance upon open-source resources, along with the complex security risks and challenges that come with it.“2022 has intensified the necessary focus on the important topics of open-source security, including supply chain security. It has also accelerated efforts to identify what was left to do, and then start doing it. In sum: things are just getting started, but progress has been made,” David A. Wheeler, director of open-source supply chain security at the Linux Foundation, tells CSO.To read this article in full, please click here | |||
|
2022-09-09 07:40:00 | Medical device vulnerability could let hackers steal Wi-Fi credentials (lien direct) | A vulnerability found in an interaction between a Wi-Fi-enabled battery system and an infusion pump for the delivery of medication could provide bad actors with a method for stealing access to Wi-Fi networks used by healthcare organizations, according to Boston-based security firm Rapid7.The most serious issue involves Baxter International's SIGMA Spectrum infusion pump and its associated Wi-Fi battery system, Rapid7 reported this week. The attack requires physical access to the infusion pump. The root of the problem is that the Spectrum battery units store Wi-Fi credential information on the device in non-volatile memory, which means that a bad actor could simply purchase a battery unit, connect it to the infusion pump, and quicky turn it on and off again to force the infusion pump to write Wi-Fi credentials to the battery's memory.To read this article in full, please click here | Vulnerability | ||
|
2022-09-08 18:25:00 | BrandPost: You Can\'t Manage What You Can\'t See (lien direct) | The last two years have been a wild ride.From a work perspective, we have gone nearly overnight from commuting to the office to working remotely. And now, a hybrid model of work is taking hold, with a mix of at-home and at-office work. It seems this current state of affairs is the new normal. In fact, the majority of the US workforce seems to be in favor of this model. A recent Gallup poll found that 53% of companies are using a hybrid work model, while 59% of employees prefer such an arrangement.With this hybrid model comes immense network complexity. As a result, IT professionals are faced with the gargantuan challenge of maintaining business continuity and ensuring flawless performance of networks, applications, and services. However, troubleshooting any problems that arise in such dispersed infrastructures is difficult at best.To read this article in full, please click here | |||
|
2022-09-08 14:14:00 | North Korean state-sponsored hacker group Lazarus adds new RAT to its malware toolset (lien direct) | Security researchers have discovered a new remote access Trojan (RAT) being used in attack campaigns this year by Lazarus, a threat actor tied to the North Korean government. The new RAT has been used alongside other malware implants attributed to Lazarus and it's mainly used in the first stages of an attack.Dubbed MagicRAT, the new Lazarus malware program was developed using Qt, a framework commonly used to develop graphical user interfaces for cross-platform applications. Since the Trojan doesn't have a GUI, researchers from Cisco Talos believe the reason for using Qt was to make detection harder.To read this article in full, please click here | Malware Threat | APT 38 | |
|
2022-09-08 11:02:00 | Ransomware attacks on retailers rose 75% in 2021 (lien direct) | Retailers are fast becoming the favorite targets for ransomware criminals, with two out of three companies in the sector being attacked last year, according to a new report from cybersecurity firm Sophos. Attackers were able to successfully encrypt files in more than half of the attacks.Of 422 retail IT professionals surveyed internationally, 77% said their organizations were hit by ransomware attacks in 2021. This is a 75% rise from 2020, the Sophos report noted.“Retailers continue to suffer one of the highest rates of ransomware attacks of any industry. With more than three in four suffering an attack in 2021, it certainly brings a ransomware incident into the category of when, not if,” said Chester Wisniewski, principal research scientist at Sophos, in a statement accompanying the report. To read this article in full, please click here | Ransomware | ||
|
2022-09-08 02:00:00 | How posting personal and business photos can be a security risk (lien direct) | Marketers in every industry enjoy evidencing their reach to their superiors and providing tangible examples of their width and breadth of influence via social networks, media, and other means of engagement. Photos of both customers and employees engaging at hosted social events, trade shows, conferences, and direct one-on-one encounters are often viewed as gold. Couple this with the individual employee's or customer's photos working their way onto social network platforms for others to see and admire, and the value of that gold increases, success being quantified by impressions, views and individual engagements.Harvesting photo data for competitive intelligence, targeting attacks The value of that gold doubles when not only does the company harvest data and call it a success, but their competitors also analyze such photos capturing a plethora of useful data points, including geotagged data, metadata of the photo, and identity of the individuals caught in the frame. They, too, call it a success. Yes, the digital engagement involving location data and or location hints within photos is a double-edged sword.To read this article in full, please click here | |||
|
2022-09-08 02:00:00 | Intro to crypto wallet authentication (lien direct) | Modern application development has wrestled with numerous shortcomings in the security paradigm. Blockchain can mitigate several of those shortcomings, but it requires devising means to integrate with conventional applications. Mainstream cyber security businesses are already working on this, accelerating the blockchain-enabled security landscape.This article will give you an understanding of how crypto wallets work and the role they play in authentication.What is a crypto wallet? A crypto wallet is, at its heart, a software client that manages cryptographic keys. In asymmetric cryptography, which blockchain is built on, two keys are generated that are known as a key pair. The public key is able to create encrypted cipher text that only the private key can decrypt. The pair can also be used to sign data, proving the sender holds the private keys (without revealing the private key).To read this article in full, please click here | |||
|
2022-09-07 14:50:00 | BrandPost: How Modern Companies Stop Data Breaches (lien direct) | In this three-part series, we are detailing how digital transformation necessitates security transformation and how security service edge (SSE) offerings are the ideal solution for modernizing enterprise cybersecurity. Our previous topic revolved around securing hybrid work.This post is focused on stopping data breaches with SSE. This subject is critical because legacy data protection strategies and technologies no longer suffice in the modern business world.To read this article in full, please click here | |||
|
2022-09-07 10:36:00 | Global companies say supply chain partners expose them to ransomware (lien direct) | Global organizations say they are increasingly at risk of ransomware compromise via their extensive supply chains. Out of 2,958 IT decision makers across 26 countries in North and South America, Europe, and APAC, 79% believe their partners and customers are making their organization a more attractive ransomware target, according to the latest research by Trend Micro. Fifty-two percent of the global organizations surveyed say they have a supply chain partner that has been hit by ransomware. Supply chain and other partners include providers of IT hardware, software and services, open-source code repositories, and non-digital suppliers ranging from law firms and accountants to building maintenance providers. They make for a web of interdependent organizations. To read this article in full, please click here | Ransomware | ||
|
2022-09-07 02:00:00 | 4 strategy game-changers for finding cybersecurity talent (lien direct) | Dave Stirling, CISO of Zions Bancorporation, isn't waiting for a shakeup in the talent pool or some big shift in the job market to solve the cybersecurity skills gap. Instead, he's making his own luck. How? By changing up his own staffing strategy, “by trying different things and seeing what sticks.”That approach has Stirling recruiting candidates from the bank's IT and operations staff, working with local colleges, investing more in training and rethinking how he posts open jobs. He acknowledges that such moves, even when taken all together, aren't a silver bullet to the well-publicized challenges in finding, hiring and keeping staff. However, he says they're making incremental improvements in his ability to recruit and retain hard-to-find cybersecurity talent.To read this article in full, please click here | |||
|
2022-09-06 13:17:00 | Instagram faces $402 million fine for alleged mishandling of children\'s data (lien direct) | The Irish Data Protection Commissioner will fine Instagram $402 million for allegedly mishandling the personal data of children, specifically through default settings that left phone numbers and email addresses for users between the ages of 13 and 17 exposed via Instagram business accounts, according to published reports.It's the second-largest fine ever handed out by EU-based regulators, behind only the $739 million that Luxembourg authorities levied against Amazon last year. A spokesperson for the Irish DPC said that full details on the decision will be published next week, according to the reports.The decision stems from a 2019 study by data protection scientist David Stier, who found that a large part of the 60 million Instagram users who were under 18 at the time changed their personal accounts into business accounts, in order to gain insight into view numbers for particular posts and numbers of personal profile views, according to the Washington Post.To read this article in full, please click here | |||
|
2022-09-06 12:56:00 | BrandPost: Calling Women to Join the Cybersecurity Field (lien direct) | As the cybersecurity skills gap persists, it is imperative to create access to training, career pathways, and opportunities in order to encourage more people to pursue careers in cybersecurity. By providing access to and possibilities for cyber jobs for everyone, including women, students, veterans, and others, Fortinet is working to encourage greater representation within cybersecurity. Fortinet offers training, certifications, and career tools in an effort to narrow the cyber skills gap.To read this article in full, please click here | |||
|
2022-09-06 10:09:00 | Transparency and policy shapes Cloudflare\'s Kiwi Farms decisions (lien direct) | Cloudflare percolated back into the news cycle last week when the company, which provides security services to websites, blocked Kiwi Farms as a client. Kiwi Farms has a reputation as being the worst trolling site on the internet, where individuals meet to collate and create action plans targeting individuals for both online and physical harassment including doxing and swatting (taking action that results in a police SWAT team arriving at a given address to neutralize the reported threat to life).Social networks were aflame with calls for Cloudflare to cease providing their services to Kiwi Farms. Indeed, a recent Vice article highlighted the case of Clara Sorrenti, also known as Keffals, an online streamer who has been doxed multiple times and was arrested on August 5 amidst a raid on her home as a result of swatting, highlighted how there have been at least three cases of individuals committing suicide as a result of the targeted harassment received as a result of the actions taking place on Kiwifarms.To read this article in full, please click here | Threat | ||
|
2022-09-06 09:32:00 | TikTok denies breach after hackers claim billions of user records stolen (lien direct) | TikTok is denying claims that a hacking group has breached an Alibaba cloud database containing 2.05 billion records that include data on TikTok and WeChat users.The hacking group, which goes by the name AgainstTheWest, on Friday posted screenshots-which they say were taken from the hacked database-on a hacking forum.The Alibaba server that was breached contains 2.05 billion records in a 790GB database with user data, platform statistics, source code, cookies, auth tokens, server info, and other information, the hacking group said. The hackers also claimed they are yet to decide if they want to sell the data or release it to the public. To read this article in full, please click here | |||
|
2022-09-06 03:00:00 | BrandPost: How Leading Companies Secure a Hybrid Workforce (lien direct) | This is the first in a three-part series that details using security service edge (SSE) to modernize enterprise cybersecurity. In this article, we focus on how SSE can secure a hybrid workforce in which users connect from both the office and remote locations while accessing applications that reside either in the data center or the cloud. SSE is a new framework that breaks network configuration from security capabilities. Under the security capabilities, three key solutions - ZTNA, CASB, and SWG - are consolidated into one offering, now named SSE.To read this article in full, please click here | Guideline | ||
|
2022-09-06 02:00:00 | In-app browser security risks, and what to do about them (lien direct) | In-app browsers can pose significant security risks to businesses, with their tendency to track data a primary concern. This was highlighted in recent research which examined how browsers within apps like Facebook, Instagram and TikTok can be a data privacy risk for iOS users. Researcher Felix Krause detailed how popular in-app browsers inject JavaScript code into third-party websites, granting host apps the ability to track certain interactions, including form inputs like passwords and addresses along with image/link clicks.To read this article in full, please click here | |||
|
2022-09-06 01:00:00 | The Heartbleed bug: How a flaw in OpenSSL caused a security crisis (lien direct) | What is Heartbleed? Heartbleed is a vulnerability in OpenSSL that came to light in April of 2014; it was present on thousands of web servers, including those running major sites like Yahoo.OpenSSL is an open source code library that implements the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. The vulnerability meant that a malicious user could easily trick a vulnerable web server into sending sensitive information, including usernames and passwords.The TLS/SSL standards are crucial for modern web encryption, and while the flaw was in the OpenSSL implementation rather than the standards themselves, OpenSSL is so widely used-when the bug was made public, it affected 17% of all SSL servers-that it precipitated a security crisis.To read this article in full, please click here | Vulnerability | Yahoo | |
|
2022-09-05 05:04:00 | Samsung reports second data breach in 6 months (lien direct) | Samsung has opened up about a data breach it detected on or around August 4, affecting the personal information of some of its customers.“In late July 2022, an unauthorized third party acquired information from some of Samsung's US systems. On or around August 4, 2022, we determined through our ongoing investigation that personal information of certain customers was affected,” Samsung said in a statement. The company said that the issue did not impact social security numbers or credit and debit card numbers, but in some cases, may have affected information such as name, contact and demographic information, date of birth, and product registration information. Affected customers could be impacted at varied levels, the company said. However, Samsung did not reveal how many customers were affected by the incident. To read this article in full, please click here | Data Breach | ||
|
2022-09-05 02:00:00 | Top 12 managed detection and response solutions (lien direct) | Of all foundational elements for information security, logging requires far more care and feeding than its fellow cornerstones such as encryption, authentication or permissions. Log data must be captured, correlated and analyzed to be of any use. Due to typical log volume, software tools to manage log events is a must-have for businesses of any size.Traditionally, log events have been processed and handled using security information and event management (SIEM) tools. SIEM systems at the minimum provide a central repository for log data and tools to analyze, monitor and alert on relevant events. SIEM tools (and data analysis capabilities) have evolved more sophisticated capabilities such as machine learning and the ability to ingest third-party threat data.To read this article in full, please click here | Threat | ||
|
2022-09-05 02:00:00 | How Azure Active Directory opens new authentication risks (lien direct) | It's been common knowledge for years that local Windows Active Directory networks are vulnerable to NTLM relay and pass-the-hash attacks that can allow attackers to move laterally through networks and access additional machines and resources. Since some of these attacks exploit design decisions in the authentication protocols used inside Windows networks, they cannot be simply patched by Microsoft with changes in software. Organizations need to take defense-in-depth measures that involve stricter configurations and additional controls to protect themselves.With the adoption of hybrid networks, where parts of the networks are local and parts are in the cloud, enterprises now rely on services such as Azure Active Directory (Azure AD) to allow its various machines to authenticate to each other. But Azure AD is quite different from local AD as it uses different protocols and has new features that expand the networking possibilities of organizations. However, according to presentations last month at the Black Hat USA security conference, it also offers new possibilities for attackers.To read this article in full, please click here | |||
|
2022-09-02 10:35:00 | OpenSSF releases npm best practices to help developers tackle open-source dependency risks (lien direct) | The Open Source Security Foundation (OpenSSF) has released the npm Best Practices Guide to help JavaScript and TypeScript developers reduce the security risks associated with using open-source dependencies. The guide, a product of the OpenSSF Best Practices Working Group, focuses on dependency management and supply chain security for npm and covers various areas such as how to set up a secure CI configuration, how to avoid dependency confusion, and how to limit the consequences of a hijacked dependency. The release comes as developers increasingly share and use dependencies which, while contributing to faster development and innovation, can also introduce risks.To read this article in full, please click here | |||
|
2022-09-01 16:46:00 | Apple pushes out emergency updates to address zero-day exploits (lien direct) | Apple has encouraged users of older mobile and desktop devices to update their software ASAP, as a vulnerability could allow an attacker to take complete control of older Apple devices. | Vulnerability |
To see everything:
Our RSS (filtrered)
