What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-11-27 13:37:44 | News Desk 2024: The Rise of Cybersecurity Platforms (lien direct) | Enterprise cybersecurity teams tell Omdia\'s Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model - but they are finding that tricky to pull off.
Enterprise cybersecurity teams tell Omdia\'s Maxine Holt that they want to dig out from underneath mounting tech and pivot to a simpler platform model - but they are finding that tricky to pull off. |
★★ | ||
|
2024-11-27 13:10:10 | News Desk 2024: Can GenAI Write Secure Code? (lien direct) | GenAI\'s 30%-50% coding productivity boost comes with a downside - it\'s also generating vulnerabilities. Veracode\'s Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA.
GenAI\'s 30%-50% coding productivity boost comes with a downside - it\'s also generating vulnerabilities. Veracode\'s Chris Wysopal talks about what he finds out in this News Desk interview during Black Hat USA. |
Vulnerability | ★★★★ | |
|
2024-11-27 13:06:15 | Microsoft Finally Releases Recall as Part of Windows Insider Preview (lien direct) | The original version of Recall lacked basic encryption and other data protection measures. The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.
The original version of Recall lacked basic encryption and other data protection measures. The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello. |
★★★ | ||
|
2024-11-27 07:00:00 | Israel Defies VC Downturn With More Cybersecurity Investments (lien direct) | With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe.
With a focus on creating technologies for other markets, Israel continues to be a valued destination for venture capital in cybersecurity outside the US and Europe. |
★★ | ||
|
2024-11-26 21:38:00 | 8 Tips for Hiring and Training Neurodivergent Talent (lien direct) | Neurodivergent talent can add so much to a cybersecurity team. How can companies ensure they have the right hiring and onboarding practices in place to ensure their success?
Neurodivergent talent can add so much to a cybersecurity team. How can companies ensure they have the right hiring and onboarding practices in place to ensure their success? |
★★★ | ||
|
2024-11-26 21:36:42 | \\'RomCom\\' APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor (lien direct) | The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit.
The innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit. |
Vulnerability Threat | ★★★ | |
|
2024-11-26 21:12:58 | Geico, Travelers Fined $11.3M for Lax Data Security (lien direct) | New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic.
New York state regulators punish insurers after cybercriminals illegally access customer info they then used to file scam unemployment claims during the COVID-19 pandemic. |
★★★ | ||
|
2024-11-26 20:13:20 | Salt Typhoon Builds Out Malware Arsenal With GhostSpider (lien direct) | The APT, aka Earth Estries, is one of China\'s most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected.
The APT, aka Earth Estries, is one of China\'s most effective threat actors, performing espionage for sometimes years on end against telcos, ISPs, and governments before being detected. |
Malware Threat | ★★★ | |
|
2024-11-26 19:02:53 | AWS Rolls Out Updates to Amazon Cognito (lien direct) | Amazon Web Services made updates to its identity and access management platform to help developers implement secure, scalable, and customizable authentication solutions for their applications.
Amazon Web Services made updates to its identity and access management platform to help developers implement secure, scalable, and customizable authentication solutions for their applications. |
★★★ | ||
|
2024-11-26 18:53:30 | OpenSea Phishers Aim to Drain Crypto Wallets of NFT Enthusiasts (lien direct) | Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site.
Cyberattackers have been targeting the online NFT marketplace with emails claiming to make an offer to a targeted user; in reality, clicking on a malicious link takes victims to a crypto-draining site. |
★★ | ||
|
2024-11-26 16:19:35 | CyberRatings.org Announces Test Results for Cloud Service Provider Native Firewalls (lien direct) | Protection ranged from 0.38% to 50.57% for security effectiveness.
Protection ranged from 0.38% to 50.57% for security effectiveness. |
Cloud | ★★★ | |
|
2024-11-26 16:11:46 | CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce (lien direct) | Findings reveal growing cybersecurity risks in ecommerce, exposing vulnerabilities in PII handling and lack of basic security protections like HTTPS and WAFs
Findings reveal growing cybersecurity risks in ecommerce, exposing vulnerabilities in PII handling and lack of basic security protections like HTTPS and WAFs |
Vulnerability | ★★ | |
|
2024-11-26 15:00:00 | My Car Knows My Secrets, and I\\'m (Mostly) OK With That (lien direct) | Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision.
Imagine your car gossiping to insurance companies about your lead foot, or data brokers peddling your daily coffee run. Welcome to the world of connected cars, where convenience and privacy are locked in a head-on collision. |
★★★ | ||
|
2024-11-25 21:59:50 | Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets (lien direct) | The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%.
The incident is typical of the heightened threats organizations face during the holidays, when most companies reduce their security operations staff by around 50%. |
Ransomware | ★★ | |
|
2024-11-25 21:40:27 | Phishing Prevention Framework Reduces Incidents by Half (lien direct) | The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups.
The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate that intelligence across business groups. |
★★★ | ||
|
2024-11-25 21:25:35 | BlackBasta Ransomware Brand Picks Up Where Conti Left Off (lien direct) | New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren\'t so sure the brand means that much.
New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren\'t so sure the brand means that much. |
Ransomware Legislation | ★★ | |
|
2024-11-25 18:18:12 | Fancy Bear \\'Nearest Neighbor\\' Attack Uses Nearby Wi-Fi Network (lien direct) | In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers.
In a "new class of attack," the Russian APT breached a target in Washington, DC, by credential-stuffing wireless networks in close proximity to it and daisy-chaining a vector together in a resourceful and creative way, according to researchers. |
APT 28 | ★★ | |
|
2024-11-25 15:00:00 | Closing the Cybersecurity Career Diversity Gap (lien direct) | Diversity isn\'t just an issue of fairness - it\'s about operational excellence and ensuring we have the best possible teams defending our national security.
Diversity isn\'t just an issue of fairness - it\'s about operational excellence and ensuring we have the best possible teams defending our national security. |
★★ | ||
|
2024-11-22 21:40:27 | Faux ChatGPT, Claude API Packages Deliver JarkaStealer (lien direct) | Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice.
Attackers are betting that the hype around generative AI (GenAI) is attracting less technical, less cautious developers who might be more inclined to download an open source Python code package for free access, without vetting it or thinking twice. |
Technical | ChatGPT | ★★ |
|
2024-11-22 19:43:26 | Yakuza Victim Data Leaked in Japanese Agency Attack (lien direct) | A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences.
A local government resource for helping Japanese citizens cut ties with organized crime was successfully phished in a tech support scam, and could have dangerous consequences. |
★★ | ||
|
2024-11-22 19:05:01 | What Talent Gap? Hiring Practices Are the Real Problem (lien direct) | While the need for cybersecurity talent still exists, the budget may not. Here\'s how to maximize security staff despite hiring freezes.
While the need for cybersecurity talent still exists, the budget may not. Here\'s how to maximize security staff despite hiring freezes. |
★★ | ||
|
2024-11-22 16:48:01 | Leaky Cybersecurity Holes Put Water Systems at Risk (lien direct) | At least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens.
At least 97 major water systems in the US have serious cybersecurity vulnerabilities and compliance issues, raising concerns that cyberattacks could disrupt businesses, industry, and the lives of millions of citizens. |
Vulnerability | ★★ | |
|
2024-11-22 15:00:00 | Going Beyond Secure by Demand (lien direct) | Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they\'re not blindly trusting a provider\'s software.
Secure by Demand offers a starting point for third-party risk management teams, but they need to take the essential step of using a mature software supply chain security solution to ensure they\'re not blindly trusting a provider\'s software. |
★★ | ||
|
2024-11-22 14:36:42 | China\\'s Cyber Offensives Built in Lockstep With Private Firms, Academia (lien direct) | The scale of Beijing\'s systematic tapping of private industry and universities to build up its formidable hacking and cyber-warfare capabilities is larger than previously understood.
The scale of Beijing\'s systematic tapping of private industry and universities to build up its formidable hacking and cyber-warfare capabilities is larger than previously understood. |
★★ | ||
|
2024-11-22 13:25:42 | Microsoft Highlights Security Exposure Management at Ignite (lien direct) | Building on its broad security portfolio, Microsoft\'s new exposure management is now available in the Microsoft Defender portal, with third-party-connectors on the way.
Building on its broad security portfolio, Microsoft\'s new exposure management is now available in the Microsoft Defender portal, with third-party-connectors on the way. |
★★ | ||
|
2024-11-21 23:22:27 | Cross-Site Scripting Is 2024\\'s Most Dangerous Software Weakness (lien direct) | MITRE and CISA\'s 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to invest in secure code.
MITRE and CISA\'s 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to invest in secure code. |
★★★★ | ||
|
2024-11-21 22:44:31 | Study Finds 76% of Cybersecurity Professionals Believe AI Should Be Heavily Regulated (lien direct) | Pas de details / No more details | Studies | ★★ | |
|
2024-11-21 22:33:56 | Endace Establishes Middle East Regional Headquarters in Saudi Arabia (lien direct) | Pas de details / No more details | ★★ | ||
|
2024-11-21 22:31:36 | Norton Introduces Small Business Premium for Business-Grade Security (lien direct) | Pas de details / No more details | ★★ | ||
|
2024-11-21 22:29:58 | Microsoft Takes Action Against Phishing-as-a-Service Platform (lien direct) | The ONNX infrastructure has been servicing criminal actors as far back as 2017.
The ONNX infrastructure has been servicing criminal actors as far back as 2017. |
★★★ | ||
|
2024-11-21 22:12:55 | Apono Enhances Platform Enabling Permission Revocation and Automated Access (lien direct) | Pas de details / No more details | ★★ | ||
|
2024-11-21 22:07:37 | RSA Conference 2025 Innovation Sandbox Contest Celebrates 20th Anniversary (lien direct) | Starting in 2025, the RSAC Innovation Sandbox Top 10 Finalists will each receive a $5 million investment to drive cybersecurity innovation.
Starting in 2025, the RSAC Innovation Sandbox Top 10 Finalists will each receive a $5 million investment to drive cybersecurity innovation. |
Conference | ★★★ | |
|
2024-11-21 21:47:05 | VISO TRUST Secures $24M to Accelerate Innovation in AI-Powered Third-Party Risk Management (lien direct) | Pas de details / No more details | ★★ | ||
|
2024-11-21 21:01:44 | Cloud Security Startup Wiz to Acquire Dazz in Risk Management Play (lien direct) | Dazz\'s remediation engine will boost risk management in Wiz\'s cloud security portfolio.
Dazz\'s remediation engine will boost risk management in Wiz\'s cloud security portfolio. |
Cloud | ★★ | |
|
2024-11-21 20:02:21 | Chinese APT Gelsemium Deploys \\'Wolfsbane\\' Linux Variant (lien direct) | In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems.
In a sign of the times, a backdoor malware whose ancestors date back to 2005 has morphed to target Linux systems. |
Malware | ★★ | |
|
2024-11-21 18:47:58 | Scattered Spider Cybercrime Members Face Prison Time (lien direct) | Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them.
Four of the arrested individuals of the cybercriminal gang, known for hacking MGM and Caesars, are American, all of whom could face up to 27 years in prison for the charges against them. |
Legislation | ★★★ | |
|
2024-11-21 18:16:08 | How a Mental Health Nonprofit Secures Endpoints for Compassionate Care (lien direct) | Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health.
Consolidating endpoint management boosts cybersecurity while keeping an Oklahoma-based nonprofit focused on community mental health. |
★★ | ||
|
2024-11-21 15:00:00 | Cybersecurity Is Critical, but Breaches Don\\'t Have to Be Disasters (lien direct) | The future of cybersecurity isn\'t about preventing every breach - it\'s about learning and growing stronger with each attack.
The future of cybersecurity isn\'t about preventing every breach - it\'s about learning and growing stronger with each attack. |
★★ | ||
|
2024-11-21 13:12:23 | How Can PR Protect Companies During a Cyberattack? (lien direct) | When a cybersecurity incident occurs, it\'s not just IT systems and data that are at risk - a company\'s reputation is on the line, too.
When a cybersecurity incident occurs, it\'s not just IT systems and data that are at risk - a company\'s reputation is on the line, too. |
★★ | ||
|
2024-11-20 21:27:02 | It\\'s Near-Unanimous: AI, ML Make the SOC Better (lien direct) | Efficiency is the name of the game for the security operations center - and 91% of cybersecurity pros say AI and ML are winning that game.
Efficiency is the name of the game for the security operations center - and 91% of cybersecurity pros say AI and ML are winning that game. |
★★ | ||
|
2024-11-20 20:35:09 | China\\'s \\'Liminal Panda\\' APT Attacks Telcos, Steals Phone Data (lien direct) | In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way. |
Threat | ★★★ | |
|
2024-11-20 18:10:48 | Alleged Ford \\'Breach\\' Encompasses Auto Dealer Info (lien direct) | Cybersecurity investigators found the leaked data to be information from a third party, not Ford itself, that is already accessible to the public and not sensitive in nature.
Cybersecurity investigators found the leaked data to be information from a third party, not Ford itself, that is already accessible to the public and not sensitive in nature. |
★★ | ||
|
2024-11-20 15:05:05 | Apple Urgently Patches Actively Exploited Zero-Days (lien direct) | Though the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.
Though the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309. |
Threat | ★★★ | |
|
2024-11-20 15:00:00 | Small US Cyber Agencies Are Underfunded & That\\'s a Problem (lien direct) | If the US wants to maintain its lead in cybersecurity, it needs to make the tough funding decisions that are demanded of it.
If the US wants to maintain its lead in cybersecurity, it needs to make the tough funding decisions that are demanded of it. |
★★★ | ||
|
2024-11-20 14:14:02 | \\'Water Barghest\\' Sells Hijacked IoT Devices for Proxy Botnet Misuse (lien direct) | An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use.
An elusive, sophisticated cybercriminal group has used known and zero-day vulnerabilities to compromise more than 20,000 SOHO routers and other IoT devices so far, and then puts them up for sale on a residential proxy marketplace for state-sponsored cyber-espionage actors and others to use. |
Vulnerability Threat | ★★ | |
|
2024-11-20 08:00:00 | African Reliance on Foreign Suppliers Boosts Insecurity Concerns (lien direct) | Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors.
Recent backdoor implants and cyber-espionage attacks on their supply chains have African organizations looking to diversify beyond Chinese, American tech vendors. |
★★ | ||
|
2024-11-20 05:52:51 | DeepTempo Launches AI-Based Security App for Snowflake (lien direct) | DeepTempo\'s Tempo is a deep learning-based Snowflake native app that allows organizations to detect and respond to evolving threats directly within their Snowflake environment.
DeepTempo\'s Tempo is a deep learning-based Snowflake native app that allows organizations to detect and respond to evolving threats directly within their Snowflake environment. |
★★ | ||
|
2024-11-20 00:50:33 | RIIG Launches With Risk Intelligence Solutions (lien direct) | RIIG is a risk intelligence and cybersecurity solutions provider offering open-source intelligence solutions designed for zero-trust environments.
RIIG is a risk intelligence and cybersecurity solutions provider offering open-source intelligence solutions designed for zero-trust environments. |
★★ | ||
|
2024-11-20 00:33:51 | SWEEPS Educational Initiative Offers Application Security Training (lien direct) | The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California Polytechnic State University-San Luis Obispo; Cosumnes River College; DARK Enterprises; and StrongAuth.
The secure coding curriculum was developed by University of California, Davis; University of Maryland Baltimore County; Worcester Polytechnic Institute; California Polytechnic State University-San Luis Obispo; Cosumnes River College; DARK Enterprises; and StrongAuth. |
★★ | ||
|
2024-11-19 21:48:38 | Linux Variant of Helldown Ransomware Targets VMware ESxi Systems (lien direct) | Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more.
Since surfacing in August, the likely LockBit variant has claimed more than two dozen victims and appears poised to strike many more. |
Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
