What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-02-03 23:01:49 | EMEA CISOs Plan 2025 Cloud Security Investment (lien direct) | Pas de details / No more details | Cloud | ★★ | |
|
2025-02-03 22:54:51 | Interactive Online Training for Cybersecurity Professionals; Earn CPE Credits (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-02-03 22:13:26 | \\'Constitutional Classifiers\\' Technique Mitigates GenAI Jailbreaks (lien direct) | Anthropic says its Constitutional Classifiers approach offers a practical way to make it harder for bad actors to try and coerce an AI model off its guardrails.
Anthropic says its Constitutional Classifiers approach offers a practical way to make it harder for bad actors to try and coerce an AI model off its guardrails. |
★★★ | ||
|
2025-02-03 22:10:32 | Name That Edge Toon: In the Cloud (lien direct) | Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card. |
Cloud | ★★ | |
|
2025-02-03 21:50:13 | Microsoft Sets End Date for Defender VPN (lien direct) | Though Windows, iOS, and macOS users won\'t need to make any changes, Android users are advised to remove their Defender VPN profiles.
Though Windows, iOS, and macOS users won\'t need to make any changes, Android users are advised to remove their Defender VPN profiles. |
Mobile | ★★★ | |
|
2025-02-03 21:50:03 | AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi (lien direct) | Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them.
Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them. |
Malware | ★★★ | |
|
2025-02-03 21:20:47 | Ransomware Groups Weathered Raids, Profited in 2024 (lien direct) | Cybercriminals posted nearly 6,000 breaches to data-leak sites last year - and despite significant takedowns, they continued to thrive in a record-breaking year for ransomware.
Cybercriminals posted nearly 6,000 breaches to data-leak sites last year - and despite significant takedowns, they continued to thrive in a record-breaking year for ransomware. |
Ransomware | ★★★ | |
|
2025-02-03 20:17:16 | Why Cybersecurity Needs Probability - Not Predictions (lien direct) | While probabilities may be based on subjective information, when used in an objective framework, they demonstrate an effective way to improve the value of hard decisions.
While probabilities may be based on subjective information, when used in an objective framework, they demonstrate an effective way to improve the value of hard decisions. |
★★★ | ||
|
2025-02-03 15:45:46 | 1-Click Phishing Campaign Targets High-Profile X Accounts (lien direct) | In an attack vector that\'s been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims.
In an attack vector that\'s been used before, threat actors aim to commit crypto fraud by hijacking highly followed users, thus reaching a broad audience of secondary victims. |
Threat | ★★★ | |
|
2025-02-03 15:43:00 | Black Hat USA (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-02-03 15:00:00 | Proactive Vulnerability Management for Engineering Success (lien direct) | By integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software.
By integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software. |
Tool Vulnerability | ★★★ | |
|
2025-01-31 22:49:05 | DeepSeek Jailbreak Reveals Its Entire System Prompt (lien direct) | Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI.
Now we know exactly how DeepSeek was designed to work, and we may even have a clue toward its highly publicized scandal with OpenAI. |
★★ | ||
|
2025-01-31 22:33:05 | Black Hat USA 2024 Highlights (lien direct) | Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas.
Visit our Flickr page for the event photos: https://www.flickr.com/photos/blackhatevents/albums/72177720319399624
#cybersecurity #infosec #blackhat
Check out all the highlights from Black Hat USA 2024 at the Mandalay Bay in Las Vegas. Visit our Flickr page for the event photos: https://www.flickr.com/photos/blackhatevents/albums/72177720319399624 #cybersecurity #infosec #blackhat |
★★ | ||
|
2025-01-31 21:53:14 | Community Health Center Data Breach Affects 1M Patients (lien direct) | The CHC remains operational, but a host of personal data is now in the hands of a "skilled cybercriminal," it said.
The CHC remains operational, but a host of personal data is now in the hands of a "skilled cybercriminal," it said. |
Data Breach | ★★ | |
|
2025-01-31 21:15:09 | DoJ Shutters Cybercrime Forums Behind Attacks on 17M Americans (lien direct) | The "Cracked" and "Nulled" Dark Web sites are now offline, along with the Pakistani "Saim Raza" network of underground forums (aka HeartSender).
The "Cracked" and "Nulled" Dark Web sites are now offline, along with the Pakistani "Saim Raza" network of underground forums (aka HeartSender). |
★★ | ||
|
2025-01-31 19:16:52 | State Data Privacy Regulators Are Coming. What Story Will You Tell Them? (lien direct) | Regulators are ready to enforce new state data privacy laws. Here\'s how experts say organizations can stay compliant and avoid penalties.
Regulators are ready to enforce new state data privacy laws. Here\'s how experts say organizations can stay compliant and avoid penalties. |
★★ | ||
|
2025-01-31 18:34:19 | Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus (lien direct) | The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.
The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms. |
Tool | ★★ | |
|
2025-01-31 18:19:25 | Code-Scanning Tool\\'s License at Heart of Security Breakup (lien direct) | Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.
Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness. |
Tool | ★★ | |
|
2025-01-31 15:00:00 | Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence? (lien direct) | The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn\'t enough.
The Cyber Trust Mark has the potential to change how we define and measure security at the endpoint level. But potential isn\'t enough. |
★★ | ||
|
2025-01-30 22:51:23 | Healthcare Sector Charts 2 More Ransomware Attacks (lien direct) | No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen.
No ransomware groups have yet to claim responsibility for either attack, and both institutions have yet to reveal what may have been stolen. |
Ransomware Medical | ★★ | |
|
2025-01-30 16:00:00 | New Jailbreaks Allow Users to Manipulate GitHub Copilot (lien direct) | Whether by intercepting its traffic or just giving it a little nudge, GitHub\'s AI assistant can be made to do malicious things it isn\'t supposed to.
Whether by intercepting its traffic or just giving it a little nudge, GitHub\'s AI assistant can be made to do malicious things it isn\'t supposed to. |
★★★ | ||
|
2025-01-30 15:00:00 | Automated Pen Testing Is Improving - Slowly (lien direct) | The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.
The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications. |
Tool Cloud | ★★ | |
|
2025-01-30 13:17:58 | Exposure Management Provider CYE Acquires Solvo (lien direct) | The addition of Solvo CSPM to CYE Hyver aims to address need for multicloud vulnerability monitoring and risk assessment.
The addition of Solvo CSPM to CYE Hyver aims to address need for multicloud vulnerability monitoring and risk assessment. |
Vulnerability | ★★★ | |
|
2025-01-30 07:00:00 | Fake Videos of Former First Lady Scam Namibians (lien direct) | Amateurish financial scams are common across Africa, and Namibia\'s influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages.
Amateurish financial scams are common across Africa, and Namibia\'s influential former first lady, Monica Geingos, has emerged as a particularly effective host body for these messages. |
★★★ | ||
|
2025-01-29 22:10:29 | PrintNightmare Aftermath: Windows Print Spooler is Better. What\\'s Next? (lien direct) | While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore.
While Microsoft has boosted the security of Windows Print Spooler in the three years since the disclosure of the PrintNightmare vulnerability, the service remains a spooky threat that organizations cannot afford to ignore. |
Vulnerability Threat | ★★★ | |
|
2025-01-29 21:39:00 | Researchers Uncover Lazarus Group Admin Layer for C2 Servers (lien direct) | The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command and control servers from Pyongyang.
The threat actor is using a sophisticated network of VPNs and proxies to centrally manage command and control servers from Pyongyang. |
Threat | APT 38 | ★★★ |
|
2025-01-29 19:54:26 | Unpatched Zyxel CPE Zero-Day Pummeled by Cyberattackers (lien direct) | VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats.
VulnCheck initially disclosed the critical command-injection vulnerability (CVE-2024-40891) six months ago, but Zyxel has yet to mention its existence or offer users a patch to mitigate threats. |
Vulnerability Threat | ★★★ | |
|
2025-01-29 18:03:01 | Mirai Variant \\'Aquabot\\' Exploits Mitel Device Flaws (lien direct) | Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.
Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model. |
Vulnerability Threat | ★★★ | |
|
2025-01-29 15:00:00 | The Old Ways of Vendor Risk Management Are No Longer Good Enough (lien direct) | Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance.
Managing third-party risk in the SaaS era demands a proactive, data-driven approach beyond checkbox compliance. |
Cloud | ★★★ | |
|
2025-01-28 23:15:59 | 7 Tips for Strategically Saying "No" in Cybersecurity (lien direct) | Cybersecurity can\'t always be "Department of No," but saying yes all the time is not the answer. Here is how to enable innovation gracefully without adding risk to the organization.
Cybersecurity can\'t always be "Department of No," but saying yes all the time is not the answer. Here is how to enable innovation gracefully without adding risk to the organization. |
★★★ | ||
|
2025-01-28 22:57:51 | CrowdStrike Highlights Magnitude of Insider Risk (lien direct) | The impetus for CrowdStrike\'s new professional services came from last year\'s Famous Chollima threat actors, which used fake IT workers to infiltrate organizations and steal data.
The impetus for CrowdStrike\'s new professional services came from last year\'s Famous Chollima threat actors, which used fake IT workers to infiltrate organizations and steal data. |
Threat | ★★★ | |
|
2025-01-28 22:45:38 | Lynx Ransomware Group \\'Industrializes\\' Cybercrime With Affiliates (lien direct) | The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals.
The ransomware group provides everything an affiliate could want to breach and attack victims, including a quality controlled recruitment system to engage even more criminals. |
Ransomware | ★★ | |
|
2025-01-28 22:07:14 | OAuth Flaw Exposed Millions of Airline Users to Account Takeovers (lien direct) | The now-fixed vulnerability involved a major travel services company that\'s integrated with dozens of airline websites worldwide.
The now-fixed vulnerability involved a major travel services company that\'s integrated with dozens of airline websites worldwide. |
Vulnerability | ★★ | |
|
2025-01-28 21:32:44 | Phishing Campaign Baits Hook With Malicious Amazon PDFs (lien direct) | In their discovery, researchers found 31 PDF files linking to these phishing websites, none of which have been yet submitted to VirusTotal.
In their discovery, researchers found 31 PDF files linking to these phishing websites, none of which have been yet submitted to VirusTotal. |
★★★ | ||
|
2025-01-28 20:32:44 | Super Bowl LIX Could Be a Magnet for Cyberattacks (lien direct) | Concerns include everything from ransomware, malware, and phishing attacks on the game\'s infrastructure to those targeting event sponsors and fans.
Concerns include everything from ransomware, malware, and phishing attacks on the game\'s infrastructure to those targeting event sponsors and fans. |
Ransomware Malware | ★★★ | |
|
2025-01-28 15:53:11 | Reporting a Breach or Vuln? Be Sure Your Lawyer\\'s on Call (lien direct) | Globally, security researchers and whistleblowers face increasingly hostile laws and judiciaries that are ready to levy fines and prison sentences.
Globally, security researchers and whistleblowers face increasingly hostile laws and judiciaries that are ready to levy fines and prison sentences. |
Legislation | ★★ | |
|
2025-01-28 15:00:00 | Cryptographic Agility\\'s Legislative Possibilities & Business Benefits (lien direct) | Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare.
Quantum computing will bring new security risks. Both professionals and legislators need to use this time to prepare. |
★★ | ||
|
2025-01-28 14:41:40 | Data Privacy Day 2025: Time for Data Destruction to Become Standard Business Practice (lien direct) | Compliance standards are mandating better data security. There are several ways to do this, but most organizations would admit that erasure is not one of them.
Compliance standards are mandating better data security. There are several ways to do this, but most organizations would admit that erasure is not one of them. |
★★ | ||
|
2025-01-28 11:46:57 | Actively Exploited Fortinet Zero-Day Gives Attackers Super-Admin Privileges (lien direct) | The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet.
The firewall specialist has patched the security flaw, which was responsible for a series of attacks reported earlier this month that compromised FortiOS and FortiProxy products exposed to the public Internet. |
Vulnerability Threat | ★★★ | |
|
2025-01-27 22:31:11 | For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code (lien direct) | Malware writing is only one of several malicious activities for which the new, uncensored generative AI chatbot can be used.
Malware writing is only one of several malicious activities for which the new, uncensored generative AI chatbot can be used. |
Malware | ★★★ | |
|
2025-01-27 22:30:27 | Apple Patches Actively Exploited Zero-Day Vulnerability (lien direct) | The Apple iOS 18.3 update fixes 28 other vulnerabilities identified by the tech company, though there is little information on them.
The Apple iOS 18.3 update fixes 28 other vulnerabilities identified by the tech company, though there is little information on them. |
Vulnerability Threat | ★★ | |
|
2025-01-27 22:20:22 | IT-Harvest Launches HarvestIQ.ai (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-01-27 22:17:38 | Spectral Capital Files Quantum Cybersecurity Patent (lien direct) | Pas de details / No more details | ★★★ | ||
|
2025-01-27 22:15:23 | Change Healthcare Breach Impact Doubles to 190M People (lien direct) | One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals.
One of the largest data breaches in history was apparently twice as impactful as previously thought, with PII belonging to hundreds of millions of people sitting in the hands of cybercriminals. |
Medical | ★★★ | |
|
2025-01-27 21:53:32 | USPS Impersonators Tap Trust in PDFs in Smishing Attack Wave (lien direct) | Attackers aim to steal people\'s personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries.
Attackers aim to steal people\'s personal and payment-card data in the campaign, which dangles the threat of an undelivered package and has the potential to reach organizations in more than 50 countries. |
Threat | ★★★ | |
|
2025-01-27 21:45:32 | Crisis Simulations: A Top 2025 Concern for CISOs (lien direct) | CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack.
CISOs are planning to adjust their budgets this year to reflect their growing concerns for cybersecurity preparedness in the event of a cyberattack. |
★★★ | ||
|
2025-01-27 15:00:00 | The Case for Proactive, Scalable Data Protection (lien direct) | Whether you\'re facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it\'s time to consider the long-term benefits of transitioning to a cloud-first infrastructure.
Whether you\'re facing growing data demands and increased cyber threats, or simply looking to future-proof your business, it\'s time to consider the long-term benefits of transitioning to a cloud-first infrastructure. |
★★★ | ||
|
2025-01-24 22:45:57 | CISOs Are Gaining C-Suite Swagger, but Has It Come With a Cost? (lien direct) | The number of CISOs who report directly to the CEO is up sharply in recent years, but many still say it\'s not enough to secure adequate resources.
The number of CISOs who report directly to the CEO is up sharply in recent years, but many still say it\'s not enough to secure adequate resources. |
★★ | ||
|
2025-01-24 21:51:44 | DoJ Busts Up Another Multinational DPRK IT Worker Scam (lien direct) | A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants.
A departmentwide initiative has now led to five major law enforcement actions, in an attempt to curb the increasingly common trend of North Korean hackers posing as IT job applicants. |
Legislation Prediction | ★★ | |
|
2025-01-24 19:47:37 | MITRE\\'s Latest ATT&CK Simulations Tackles Cloud Defenses (lien direct) | The MITRE framework\'s applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks.
The MITRE framework\'s applied exercise provides defenders with critical feedback about how to detect and defend against common, but sophisticated, attacks. |
Cloud | ★★ |
To see everything:
Our RSS (filtrered)
