What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-11-29 20:15:00 | Google Patches Another Chrome Zero-Day as Browser Attacks Mount (lien direct) | The vulnerability is among a rapidly growing number of zero-day bugs that major browser vendors have reported recently. | |||
|
2023-11-29 19:31:00 | Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw (lien direct) | A vulnerability in the file server and collaboration platform earned a 10 in severity on the CVSS, allowing access to admin passwords, mail server credentials, and license keys. | |||
|
2023-11-29 18:00:00 | Thought GDPR Compliance Was Hard? Buckle Up (lien direct) | The days of a one-size-fits-all consent strategy are gone. Consider a two-pronged approach and use smart consent management technology to adapt to differing regulations. | |||
|
2023-11-29 16:57:00 | Why Ransomware Could Surge in the Middle East & Africa (lien direct) | Organizations from the Middle East and Africa have typically escaped public ransoms, but that's changing amid heightened geopolitical conflicts and digitalization initiatives. | ★★ | ||
|
2023-11-29 16:15:00 | Ringleader of Prolific Ransomware Gang Arrested in Ukraine (lien direct) | In a rare instance of an overseas arrest of ransomware perpetrators, four other high-profile gang members were also seized. | ★★ | ||
|
2023-11-28 22:00:00 | CISA to Congress: US Under Threat of Chemical Attacks (lien direct) | Dropping the ball on chemical security has precipitated "a national security gap too great to ignore," CISA warns. | ★★★ | ||
|
2023-11-28 21:55:00 | Critical Vulns Found in Ray Open Source Framework for AI/ML Workloads (lien direct) | Anyscale has dismissed the vulnerabilities as non-issues, according to researchers who reported the bugs to the company. | ★★ | ||
|
2023-11-28 20:35:00 | Dark Reading Debuts Fresh New Site Design (lien direct) | Check out our new look - it's crisp, fast, and more reader-friendly. | |||
|
2023-11-28 20:21:00 | Slovenian Electrical Utility HSE Suffers Ransomware Attack (lien direct) | The company's power production remains in operation, and authorities have been notified of the attack. | ★★★ | ||
|
2023-11-28 19:57:00 | Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds (lien direct) | Joe Sullivan, spared prison time, weighs in on the lessons learned from the 2016 Uber breach and the import of the SolarWinds CISO case. | |||
|
2023-11-28 19:00:00 | Fight or Flight: How to Keep Cyberattacks From Taking Off (lien direct) | As industries around the world act to mitigate the increase in cyber threats, the aviation sector should be leading the cybersecurity uprising, explains William "Hutch" Hutchison, CEO of SimSpace. | |||
|
2023-11-28 18:13:00 | Cyber Monday Kicks Off Holiday Shopping Season With E-Commerce Security Risks (lien direct) | Online shopping websites often lack basic security protections when it comes to PII, allowing malicious actors to capitalize on consumer data or perpetuate retail and hospitality scams. | |||
|
2023-11-28 18:00:00 | Name That Toon: Slam Dunk (lien direct) | Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. | |||
|
2023-11-28 17:55:00 | Attacks Against South African ICS and IoT Systems Steadily Decrease (lien direct) | All African nations saw a reduced number of cyberattacks on industrial and IoT systems in the third quarter of 2023 compared with earlier this year. | |||
|
2023-11-28 17:30:00 | macOS Malware Mix & Match: North Korean APTs Stir Up Fresh Attacks (lien direct) | Lazarus and its cohorts are switching loaders and other code between RustBucket and KandyKorn macOS malware to fool victims and researchers. | |||
|
2023-11-28 17:20:00 | Egyptian E-Payment Vendor Recovering From LockBit Ransomware Attack (lien direct) | Fawry confirms addresses, phone numbers, and dates of birth, leaked online. | |||
|
2023-11-28 15:05:00 | Researchers Claim Design Flaw in Google Workspace Puts Organizations at Risk (lien direct) | Google says the issue has to do with organizations ensuring they implement least-privilege principles. | Vulnerability | ★★ | |
|
2023-11-27 23:16:00 | Cyber Threats to Watch Out for in 2024 (lien direct) | As cyber threats evolve in 2024, organizations must prepare for deepfakes, extortion, cloud targeting, supply chain compromises, and zero day exploits. Robust security capabilities, employee training, and incident response plans are key. | ★★ | ||
|
2023-11-27 22:54:00 | CISA, NCSC Offer a Road Map, Not Rules, in New Secure AI Guidelines (lien direct) | US and UK authorities issued new recommendations for companies that build and rely on AI, but they stop short of laying down the law. | ★★ | ||
|
2023-11-27 22:00:00 | The Role of the CISO in Digital Transformation (lien direct) | A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are designed and implemented appropriately, and changes are properly managed, with security in mind from the very start. | ★★ | ||
|
2023-11-27 21:35:00 | Ardent Health Hospitals Disrupted After Ransomware Attack (lien direct) | More than two dozen hospitals have been impacted by the breach and are diverting emergency care for patients to other healthcare facilities. | Medical | ★★★ | |
|
2023-11-27 20:55:00 | General Electric, DARPA Hack Claims Raise National Security Concerns (lien direct) | Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies. | ★★ | ||
|
2023-11-27 17:44:00 | Hamas-Linked APT Wields New SysJoker Backdoor Against Israel (lien direct) | Gaza Cybergang is using a version of the malware rewritten in the Rust programming language. | ★★ | ||
|
2023-11-27 15:00:00 | Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity (lien direct) | Companies must do a delicate dance between consumer privacy protection, upholding their product's efficacy, and de-risking cyber breaches to run the business. | ★★ | ||
|
2023-11-27 08:00:00 | Équilibrer la simplicité et la sécurité dans l'expérience numérique Balancing Simplicity and Security in the Digital Experience (lien direct) |
De nouvelles données montrent que les préférences des consommateurs pour la sécurité dans les expériences numériques et indiquent les moyens des entreprises peuvent mieux protéger l'identité numérique dans le monde numérique d'aujourd'hui.
New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today\'s digital world. |
★★ | ||
|
2023-11-22 20:30:00 | Hack The Box Launches 5th Annual University CTF Competition (lien direct) | De nouvelles données montrent que les préférences des consommateurs pour la sécurité dans les expériences numériques et indiquent les moyens des entreprises peuvent mieux protéger l'identité numérique dans le monde numérique d'aujourd'hui.
New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today\'s digital world. |
★★ | ||
|
2023-11-22 20:30:00 | Hack the Box lance le 5e concours annuel de CTF universitaire Hack The Box Launches 5th Annual University CTF Competition (lien direct) |
De nouvelles données montrent que les préférences des consommateurs pour la sécurité dans les expériences numériques et indiquent les moyens des entreprises peuvent mieux protéger l'identité numérique dans le monde numérique d'aujourd'hui.
New data shows consumer preferences for security in digital experiences and indicates ways businesses can best protect digital identity in today\'s digital world. |
Hack | ★★ | |
|
2023-11-22 20:27:00 | Fake Browser Updates Targeting Mac Systems With Infostealer (lien direct) | A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn. | ★★ | ||
|
2023-11-22 20:27:00 | Les fausses mises à jour du navigateur ciblant les systèmes Mac avec Infoster Fake Browser Updates Targeting Mac Systems With Infostealer (lien direct) |
Une campagne omniprésente de Clearfake ciblant les systèmes Windows avec un voleur atomique a élargi ses escroqueries en ingénierie sociale aux utilisateurs de MacOS, préviennent les analystes.
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn. |
★★ | ||
|
2023-11-22 20:26:00 | Kiteworks \\ 'acquisition de Maytech réaffirme l'engagement envers le marché britannique Kiteworks\\' Maytech Acquisition Reaffirms Commitment to UK Market (lien direct) |
Une campagne omniprésente de Clearfake ciblant les systèmes Windows avec un voleur atomique a élargi ses escroqueries en ingénierie sociale aux utilisateurs de MacOS, préviennent les analystes.
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn. |
★★ | ||
|
2023-11-22 20:00:00 | Generative AI Takes on SIEM (lien direct) | IBM joins Crowdstrike and Microsoft is releasing AI models to cloud-native SIEM platforms. | ★★★ | ||
|
2023-11-22 20:00:00 | L'IA générative prend SIEM Generative AI Takes on SIEM (lien direct) |
IBM rejoint Crowdsstrike et Microsoft publie des modèles AI sur les plates-formes SIEM-SIEM.
IBM joins Crowdstrike and Microsoft is releasing AI models to cloud-native SIEM platforms. |
★★ | ||
|
2023-11-22 19:52:00 | Web Shells Gain Sophistication for Stealth, Persistence (lien direct) | A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal. | ★★ | ||
|
2023-11-22 19:52:00 | Les obus Web acquièrent une sophistication pour la furtivité, la persistance Web Shells Gain Sophistication for Stealth, Persistence (lien direct) |
Un outil de post-exploitation préféré continue de gagner une sophistication, avec un exemple récent ajoutant des pages de connexion déguisées, du vol d'identification et de la collecte d'informations via des services tels que Virustotal.
A favorite post-exploitation tool continues to gain sophistication, with one recent example adding disguised log-in pages, credential stealing, and information gathering via services such as VirusTotal. |
Tool | ★★★ | |
|
2023-11-22 19:41:00 | Qatar Cyber Agency Runs National Cyber Drills (lien direct) | Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes. | ★★★ | ||
|
2023-11-22 19:41:00 | Le Qatar Cyber Agency gère des cyber-forets nationaux Qatar Cyber Agency Runs National Cyber Drills (lien direct) |
Les organisations qatariennes participent à des exercices de cybersécurité pour perfectionner leurs plans et processus de réponse aux incidents.
Qatari organizations participate in cybersecurity exercises to hone their incident response plans and processes. |
★★ | ||
|
2023-11-22 19:30:00 | Researchers Undermine \'Windows Hello\' on Lenovo, Dell, Surface Pro PCs (lien direct) | Biometric security on PCs isn't quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with. | ★★★ | ||
|
2023-11-22 19:30:00 | Les chercheurs sapent \\ 'Windows Hello \\' sur Lenovo, Dell, Surface Pro PCS Researchers Undermine \\'Windows Hello\\' on Lenovo, Dell, Surface Pro PCs (lien direct) |
La sécurité biométrique sur les PC n'est pas aussi à l'épreuve des balles que vous pourriez le penser, car la ligne entre les capteurs et les ordinateurs hôtes peut être falsifiée.
Biometric security on PCs isn\'t quite as bulletproof as you might think, as the line between sensors and host computers can be tampered with. |
★★★ | ||
|
2023-11-22 17:49:00 | Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions (lien direct) | The Israel-Gaza conflict could expose the region's oil and gas operations to renewed cyberattacks, with global ramifications. | ★★ | ||
|
2023-11-22 17:49:00 | Les installations de pétrole et de gaz du Moyen-Orient pourraient faire face à des perturbations énergétiques liées au cyber Mideast Oil & Gas Facilities Could Face Cyber-Related Energy Disruptions (lien direct) |
Le conflit d'Israël-Gaza pourrait exposer les opérations pétrolières et gazières de la région à des cyberattaques renouvelées, avec des ramifications mondiales.
The Israel-Gaza conflict could expose the region\'s oil and gas operations to renewed cyberattacks, with global ramifications. |
Industrial | ★★★ | |
|
2023-11-22 17:00:00 | 3 Ways to Stop Unauthorized Code From Running in Your Network (lien direct) | As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code. | ★★ | ||
|
2023-11-22 17:00:00 | 3 façons d'empêcher le code non autorisé de s'exécuter dans votre réseau 3 Ways to Stop Unauthorized Code From Running in Your Network (lien direct) |
Comme les organisations comptent de plus en plus sur le code développé par l'IA, ils doivent mettre en place des garde-corps pour empêcher les principaux risques de cybersécurité liés à un code malveillant.
As organizations increasingly rely on AI-developed code, they must put guardrails in place to prevent major cybersecurity risks related to malicious code. |
★★★ | ||
|
2023-11-22 16:53:00 | Idaho National Nuclear Lab Targeted in Major Data Breach (lien direct) | The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy. | ★★ | ||
|
2023-11-22 16:53:00 | Idaho National Nuclear Lab ciblé dans une violation de données majeure Idaho National Nuclear Lab Targeted in Major Data Breach (lien direct) |
Le laboratoire exploite un réacteur d'essai majeur, teste des concepts avancés de l'énergie nucléaire et mène des recherches impliquant la production d'hydrogène et la bioénergie.
The laboratory operates a major test reactor, tests advanced nuclear energy concepts, and conducts research involving hydrogen production and bioenergy. |
Data Breach Industrial | ★★★★ | |
|
2023-11-22 16:44:00 | Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack (lien direct) | The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more. | ★★ | ||
|
2023-11-22 16:44:00 | Spider Spider saute agilement du nuage à sur site dans une attaque complexe Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack (lien direct) |
L'acteur derrière l'incident de MGM de haut niveau saute à travers les segmentations en moins d'une heure, dans une attaque de ransomware couvrant Okta, Citrix, Azure, SharePoint, etc.
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more. |
Ransomware Cloud | ★★ | |
|
2023-11-22 16:15:25 | Rootkit Turns Kubernetes from Orchestration to Subversion (lien direct) | Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. | ★★ | ||
|
2023-11-22 16:15:25 | Rootkit transforme les kubernetes de l'orchestration à la subversion Rootkit Turns Kubernetes From Orchestration to Subversion (lien direct) |
Les compromis Kubernetes ont généralement conduit les attaquants à créer des conteneurs de cryptomiminage, mais les résultats pourraient être bien pires, disent les chercheurs se présentant à la conférence Black Hat Europe.
Kubernetes compromises have usually led to attackers creating cryptomining containers, but the outcomes could be much worse, say researchers presenting at the Black Hat Europe conference. |
Conference | ★★ | |
|
2023-11-22 15:00:00 | The Persian Gulf\'s March to the Cloud Presents Global Opportunities (lien direct) | Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027. | ★★ | ||
|
2023-11-22 15:00:00 | La marche du golfe Persique vers le cloud présente des opportunités mondiales The Persian Gulf\\'s March to the Cloud Presents Global Opportunities (lien direct) |
Le relâchement des attitudes à l'égard de la sécurité du cloud devrait créer un marché du cloud public de près de 10 milliards de dollars au Moyen-Orient d'ici 2027.
Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East by 2027. |
Cloud | ★★ |
To see everything:
Our RSS (filtrered)
