Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 20:14:00 |
40% of Global ICS Systems Attacked With Malware in 2022 (lien direct) |
Led by growth in Russia, more than 40% of global ICS systems faced malicious activity in the second half of 2022. |
Malware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 17:31:00 |
Russian Influence Duo Targets Politicians, CEOs for Embarrassing Video Calls (lien direct) |
A state-backed threat actor impersonates political figures, tricking a prime minister, a former US president, and several European mayors and MPs into video calls later used in an anti-Ukraine influence campaign. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 16:50:40 |
AI-Powered \'BlackMamba\' Keylogging Attack Evades Modern EDR Security (lien direct) |
Researchers warn that polymorphic malware created with ChatGPT and other LLMs will force a reinvention of security automation. |
Malware
|
ChatGPT
ChatGPT
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 15:30:00 |
Lacework Launches Secured by Women Initiative (lien direct) |
For International Women's Month, new ongoing initiative is aimed at celebrating women and bringing visibility to those making cybersecurity history. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 15:10:00 |
Surge in Cloud Adoption Means a Greater Data Attack Surface for Healthcare and Financial Services (lien direct) |
Organizations in both industries are falling short when addressing new challenges to protect data in the cloud, finds Blancco report. |
Cloud
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 15:00:00 |
Rising Public Cloud Adoption Is Accelerating Shadow Data Risks (lien direct) |
Using a risk-based approach to deal with policy violations and continuous compliance monitoring will help avoid data exposures and fines. |
Cloud
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-08 01:00:00 |
Tech Giants Go Cloud-Native Shopping (lien direct) |
Cisco's acquisition of cloud-native firewall provider Valtix and HPE's deal to buy SSE provider Axis Security fill gaps in their existing portfolios. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 21:48:00 |
Akamai Technologies Releases New Service and Tools to Stop Advanced Threats and Drive Zero Trust Adoption (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 20:40:24 |
Hiatus Campaign Infects DrayTek Gear for Cyber Espionage, Proxy Control (lien direct) |
Two novel malware binaries, including "HiatusRAT," offer unique capabilities that point to the need for better security for companies' router infrastructure. |
Malware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 20:18:00 |
Acer Confirms Data Offered Up for Sale Was Stolen (lien direct) |
An Acer statement confirms that a document server for repair techs was compromised, but says customer data doesn't appear to be part of the leak. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 19:50:00 |
Hacker Cracks Toyota Customer Search Tool (lien direct) |
Flaw in Toyota's C360 customer relationship management tool exposed personal data of unknown number of customers in Mexico, a disclosure says. |
Tool
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 18:37:00 |
Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears (lien direct) |
More than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. |
|
ChatGPT
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 18:00:00 |
Scams Security Pros Almost Fell For (lien direct) |
By working together as an industry, we can develop the technologies needed to account for human error. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 17:54:00 |
(Déjà vu) 99% of Cybersecurity Leaders Are Stressed About Email Security (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 17:38:00 |
Palo Alto Survey Reveals 90% of Organizations Cannot Resolve Cyberthreats Within an Hour (lien direct) |
Third annual report identifies top security gaps and challenges for organizations operating in the cloud. |
Studies
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 16:07:22 |
Remcos RAT Spyware Scurries Into Machines via Cloud Servers (lien direct) |
Attackers use phishing emails that appear to come from reputable organizations, dropping the payload using public cloud servers and an old Windows UAC bypass technique. |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 16:00:00 |
Delinea Adds New features for its Privilege Manager and DevOps Secrets Vault (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 15:46:00 |
Key Proposals in Biden\'s Cybersecurity Strategy Face Congressional Challenges (lien direct) |
The strategy document does nothing to change things on the ground in the near term; legislation, regulation, and follow-up executive action are all going to be key to moving forward the administration's agenda. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 15:00:00 |
Ransomware\'s Favorite Target: Critical Infrastructure and Its Industrial Control Systems (lien direct) |
The health, manufacturing, and energy sectors are the most vulnerable to ransomware. |
Industrial
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 14:57:00 |
Optiv Launches Full Suite of Operational Technology Services (lien direct) |
Pas de details / No more details |
General Information
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 14:40:00 |
Cyber Security Works to Rebrand As Securin Inc. (lien direct) |
Securin Inc. will provide tech-enabled security solutions, vulnerability
intelligence and deep domain expertise. |
General Information
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-07 00:46:00 |
Machine Learning Improves Prediction of Exploited Vulnerabilities (lien direct) |
The third iteration of the Exploit Prediction Scoring System (EPSS) performs 82% better than previous versions, giving companies a better tool for evaluating vulnerabilities and prioritizing patching. |
Tool
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-06 21:30:00 |
Shein Shopping App Glitch Copies Android Clipboard Contents (lien direct) |
The Android app unnecessarily accessed clipboard device contents, which often includes passwords and other sensitive data. |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-06 19:25:00 |
Police Raid Rounds Up Core Members of DoppelPaymer Ransomware Gang (lien direct) |
This is the latest in a line of law-enforcement actions busting up the ransomware scene. |
Ransomware
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-06 18:40:00 |
NIST\'s Quantum-Proof Algorithm Has a Bug, Analysts Say (lien direct) |
A team has found that the Crystals-Kyber encryption algorithm is open to side-channel attacks, under certain implementations. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-06 18:10:00 |
SANS Institute Partners With Google to Launch Cloud Diversity Academy (lien direct) |
Pas de details / No more details |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-06 15:00:00 |
Name That Edge Toon: Domino Effect (lien direct) |
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-06 15:00:00 |
The Role of Verifiable Credentials In Preventing Account Compromise (lien direct) |
As digital identity verification challenges grow, organizations need to adopt a more advanced and forward-focused approach to preventing hacks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-04 00:20:00 |
Rapid7 Brings Threat Intel Data to USF Cybersecurity Lab (lien direct) |
The Rapid7 Cyber Threat Intelligence Laboratory at the University of South Florida will provide data on real-world threats for faculty and students to use in their research. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 21:02:03 |
EV Charging Infrastructure Offers an Electric Cyberattack Opportunity (lien direct) |
Attackers have already targeted electric vehicle (EV) charging stations, and experts are calling for cybersecurity standards to protect this necessary component of the electrified future. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 20:30:46 |
Indigo Books Refuses LockBit Ransomware Demand (lien direct) |
Canada's largest bookseller rejected the pressure of the ransomware gang's countdown timer, despite data threats. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 19:21:04 |
Polish Politician\'s Phone Patrolled by Pegasus (lien direct) |
A mayor backing Polish opposition elections in parliament has been targeted by special services with Pegasus spyware. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 18:00:00 |
3 Ways Security Teams Can Use IP Data Context (lien direct) |
Innocently or not, residential proxy networks can obscure the actual geolocation of an access point. Here's why that's not great and what you can do about it. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 17:17:00 |
Chick-fil-A Customers Have a Bone to Pick After Account Takeovers (lien direct) |
A two-month-long automated credential-stuffing campaign exposed personal information of Chick-fil-A customers, including birthdays, phone numbers, and membership details. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 15:00:00 |
It\'s Time to Assess the Potential Dangers of an Increasingly Connected World (lien direct) |
With critical infrastructures ever more dependent on the cloud connectivity, the world needs a more stable infrastructure to avoid a crippling cyberattack. |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-03 02:44:00 |
IBM Contributes Supply Chain Security Tools to OWASP (lien direct) |
License Scanner and SBOM Utility will boost the capabilities of OWASP's CycloneDX Software Bill of Materials standard. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 23:26:00 |
Axis Security Acquisition Strengthens Aruba\'s SASE Solutions With Integrated Cloud Security and SD-WAN (lien direct) |
Pas de details / No more details |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 23:06:00 |
CISA, MITRE Look to Take ATT&CK Framework Out of the Weeds (lien direct) |
The Decider tool is designed to make the ATT&CK framework more accessible and usable for security analysts of every level, with an intuitive interface and simplified language. |
Tool
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 22:06:00 |
Biden\'s Cybersecurity Strategy Calls for Software Liability, Tighter Critical Infrastructure Security (lien direct) |
The new White House plan outlines proposed minimum security requirements in critical infrastructure - and for shifting liability for software products to vendors. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 22:00:00 |
BlackLotus Bookit Found Targeting Windows 11 (lien direct) |
Sold for around $5,000 in hacking forums, the BlackLotus UEFI bootkit is capable of targeting even updated systems, researchers find. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 18:24:00 |
What GoDaddy\'s Years-Long Breach Means for Millions of Clients (lien direct) |
The same "sophisticated" threat actor has pummeled the domain host on an ongoing basis since 2020, making off with customer logins, source code, and more. Here's what to do. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 18:00:25 |
Sale of Stolen Credentials and Initial Access Dominate Dark Web Markets (lien direct) |
Access-as-a-service took off in underground markets with more than 775 million credentials for sale and thousands of ads for access-as-a-service. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 18:00:00 |
Everybody Wants Least Privilege, So Why Isn\'t Anyone Achieving It? (lien direct) |
Overcoming the obstacles of this security principle can mitigate the damages of an attack. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 17:00:00 |
New Report: Inside the High Risk of Third-Party SaaS Apps (lien direct) |
A new report from Adaptive Shield looks at the how volume of applications being connected to the SaaS stack and the risk they represent to company data. |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 16:16:00 |
Booking.com\'s OAuth Implementation Allows Full Account Takeover (lien direct) |
Researchers exploited issues in the authentication protocol to force an open redirection from the popular hotel reservations site when users used Facebook to log in to accounts. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 16:10:59 |
Hackers Target Young Gamers: How Your Child Can Cause Business Compromise (lien direct) |
It's 10 p.m. Do you know what your children are playing? In the age of remote work, hackers are actively targeting kids, with implications for enterprises. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-02 15:00:00 |
On Shaky Ground: Why Dependencies Will Be Your Downfall (lien direct) |
There's never enough time or staff to scan code repositories. To avoid dependency confusion attacks, use automated CI/CD tools to make fixes in hard-to-manage software dependencies. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 23:50:00 |
Ermetic Adds Kubernetes Security to CNAPP (lien direct) |
The automated capabilities can discover misconfigurations, compliance violations, and risk or excessive privileges in Kubernetes clusters. |
|
Uber
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 22:58:00 |
Octillo Launches Women\'s Cybersecurity Scholarship in Partnership With the Center for Cyber Safety and Education (lien direct) |
Pas de details / No more details |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 22:50:00 |
(Déjà vu) DoControl\'s 2023 SaaS Security Threat Landscape Report Finds Enterprises and Mid-Market Organizations Have Exposed Public SaaS Assets (lien direct) |
Volume of SaaS assets and events magnifies risks associated with manual management and remediation. |
Threat
Cloud
|
|
★
|