Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 22:40:00 |
Visibility Is as Vital as Zero Trust for Low-Code/No-Code Security (lien direct) |
By authenticating and authorizing every application, and by maintaining data lineage for auditing, enterprises can reduce the chances of data exfiltration. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 22:40:00 |
Forescout Addresses Modern SecOps Challenges With Launch of Forescout XDR (lien direct) |
New eXtended Detection and Response Solution is 450X more efficient than typical SOCs at converting telemetry and logs into actionable alerts. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 22:30:00 |
Fastly Launches Managed Security Service to Protect Enterprises From Rising Web Application Attacks (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 22:25:00 |
Dish Blames Ransomware Attack for Disruptions of Internal Systems, Call Center Services (lien direct) |
The cyberattackers might have potentially accessed customer information, the service provider warns. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 20:40:00 |
Offensive Security Is Now OffSec - Refresh Reflects Future of Cybersecurity Learning and Skills Development (lien direct) |
Updated OffSec™ identity substantiates the company's commitment to expanding its cybersecurity content and resources to prepare infosec professionals for the future. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 19:34:00 |
Linux Support Expands Cyber Spy Group\'s Arsenal (lien direct) |
An infamous Chinese cyber-hacking team has extended its SysUpdate malware framework to target Linux systems. |
Malware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 18:33:26 |
What Happened in That Cyberattack? With Some Cloud Services, You May Never Know (lien direct) |
More cyberattackers are targeting organizations' cloud environments, but some cloud services, such as Google Cloud Platform's storage, fail to create adequate logs for forensics. |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 18:00:00 |
The Importance of Recession-Proofing Security Operations (lien direct) |
Make sure cybersecurity is taken seriously and consistently across the board. Educate the ecosystem beyond your own organization to mitigate security risks for everyone. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 15:30:00 |
CISA: ZK Java Framework RCE Flaw Under Active Exploit (lien direct) |
The flaw, which drew attention in October when it was found in ConnectWise products, could pose a significant risk to the supply chain if not patched immediately. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 15:00:00 |
Without FIDO2, MFA Falls Short (lien direct) |
The open authentication standard addresses existing multifactor authentication security vulnerabilities. |
General Information
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 14:59:02 |
Cyberattackers Double Down on Bypassing MFA (lien direct) |
As companies increasingly adopt MFA (even as companies like Twitter disable it), cybercriminals are developing a variety of strategies to steal credentials and gain access to high-value accounts anyway. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 01:21:00 |
CISOs Share Their 3 Top Challenges for Cybersecurity Management (lien direct) |
The biggest dilemmas in running a modern cybersecurity team are not all about software, said CISOs from HSBC, Citi, and Sepio. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-03-01 00:45:00 |
Google Adds Client-Side Encryption to Gmail, Calendar (lien direct) |
The data protection capability is now available across multiple Workspace applications: Gmail, Calendar, Drive, Docs, Slides, Sheets, and Meet. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 23:09:00 |
(Déjà vu) Hoxhunt Launches Human Risk Management Platform (lien direct) |
Platform uniquely designed to facilitate automated compliance, security behavior change. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 23:02:00 |
Two of The Worst Healthcare Data Breaches in US History Happened Last Year (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 22:32:00 |
LastPass DevOps Engineer Targeted for Cloud Decryption Keys in Latest Breach Revelation (lien direct) |
The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says. |
Cloud
|
LastPass
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 22:04:00 |
Exfiltrator-22: The Newest Post-Exploitation Toolkit Nipping at Cobalt Strike\'s Heels (lien direct) |
The framework-as-a-service signals an intensification of the cat-and-mouse game between defenders detecting lateral movement, and cybercriminals looking to go unnoticed. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 21:20:00 |
US Marshals Ransomware Hit Is \'Major\' Incident (lien direct) |
Unknown attackers made off with a raft of PII, the Justice Department says - but witnesses in the protection program are still safe. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 18:55:00 |
WannaCry Hero & Kronos Malware Author Named Cybrary Fellow (lien direct) |
Marcus Hutchins, who set up a "kill switch" that stopped WannaCry's spread, later pled guilty to creating the infamous Kronos banking malware. |
Malware
|
Wannacry
Wannacry
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 17:43:44 |
Pernicious Permissions: How Kubernetes Cryptomining Became an AWS Cloud Data Heist (lien direct) |
The opportunistic "SCARLETEEL" attack on a firm's Amazon Web Services account turns into targeted data theft after the intruder uses an overpermissioned service to jump into cloud system. |
Cloud
|
Uber
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 16:10:00 |
China\'s BlackFly Targets Materials Sector in \'Relentless\' Quest for IP (lien direct) |
Separate attacks on two subsidiaries of an Asian conglomerate reflect a surge of cyber-espionage activity in the region in the last 12 months. |
|
APT 41
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-28 15:00:00 |
The DoJ Disruption of the Hive Ransomware Group Is a Short-Lived Win (lien direct) |
The war on critical infrastructure demands a better security strategy. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 22:55:00 |
Active Digital Identity Apps to Surpass 4.1B by 2027 (lien direct) |
Pas de details / No more details |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 22:40:00 |
Attackers Were on Network for 2 Years, News Corp Says (lien direct) |
The publisher of the Wall Street Journal, New York Post, and several other publications had last year disclosed a breach it said was the work of a state-backed actor likely working for China. |
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 22:00:00 |
Wiz Reaches $10B Valuation With Consolidated Cloud Security Platform (lien direct) |
Cloud security vendor Wiz has raised $900 million since its founding in 2020. |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 20:58:00 |
Vouched Raises $6.3M to Expand AI Identity Verification Offering to Telemedicine and Healthcare (lien direct) |
Vouched now covers more than 85% of the global population, as demand accelerates for its platform to securely automate KYC and KYP compliance to better serve patients and drive revenue. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 19:30:00 |
How to Reduce Code Risk Using Pipelineless Security (lien direct) |
The exposure and exploitation of hardcoded secrets continues to drive software supply chain attacks. One solution: zero new hardcoded secrets. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 19:25:00 |
All CVEs Are Not Created Equal (lien direct) |
Vulnerabilities impact each industry differently, so each sector needs to think about its defenses and vulnerability management differently. |
Vulnerability
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 19:02:00 |
Palo Alto Announces Zero-Trust Security Solution for OT (lien direct) |
New Zero Trust OT Security solution secures critical infrastructure without additional sensors. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 18:30:46 |
Mobile Banking Trojans Surge, Doubling in Volume (lien direct) |
Mobile malware developers were busy bees in 2022, flooding the cybercrime landscape with twice the number of banking trojans than the year before. |
Malware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 17:55:00 |
ThreatHunter.ai Launches "More Eyes" Program to Help Large Organizations Mitigate Cyber Threats (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 17:45:00 |
Edgio Strengthens Security Offering With WAAP Enhancements and DDoS Scrubbing Solution (lien direct) |
Upgrades boost Edgio's ability to mitigate sophisticated threats and safeguard applications and data. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 16:46:07 |
How the Ukraine War Opened a Fault Line in Cybercrime, Possibly Forever (lien direct) |
Infighting, conscription, emigration. The war in Ukraine has pitted cybercriminals against one another like no other event before it. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-27 15:00:00 |
As Social Engineering Attacks Skyrocket, Evaluate Your Security Education Plan (lien direct) |
Build a playbook for employees on how to handle suspicious communications, use mail filters, and screen and verify unfamiliar calls to bolster a defensive social engineering security strategy. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 21:19:00 |
Tackling Software Supply Chain Issues With CNAPP (lien direct) |
The cloud-native application protection platform market is expanding as security teams look to protect their applications and the software supply chain. |
Cloud
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 20:50:00 |
Canadian Telecom Firm Telus Reportedly Investigating Breach (lien direct) |
A threat actor has leaked data - purportedly, samples of Telus employee payroll data and source code - on a hacker site. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 20:20:00 |
CISA: Beware of DDoS, Web Defacements on Anniversary of Russian Invasion of Ukraine (lien direct) |
The Cybersecurity and Infrastructure Security Agency advises US and European nations to prepare for possible website attacks marking the Feb. 24 invasion of Ukraine by Russia. |
Prediction
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 19:41:05 |
\'New Class of Bugs\' in Apple Devices Opens the Door to Complete Takeover (lien direct) |
With the right kind of exploit, there's hardly any function, app, or bit of data an attacker couldn't access on your Mac, iPad, or iPhone. |
Vulnerability
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 19:11:00 |
Evaluating the Cyber War Set Off by Russian Invasion of Ukraine (lien direct) |
Preparation and cooperation helped to mitigate the worst of the digital damage, amid cyber sorties from all sides. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 16:45:00 |
TikTok Ban Hits EU Commission Phones as Cybersecurity Worries Mount (lien direct) |
Employees of the EU Commission are no longer allowed to use the TikTok app thanks to concerns over data security. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 15:00:00 |
To Safeguard Critical Infrastructure, Go Back to Basics (lien direct) |
CISA's recently released cybersecurity performance goals can help lower risk and thwart the impact of cyberattacks. |
Guideline
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-24 00:03:00 |
87% of Container Images in Production Have Critical or High-Severity Vulnerabilities (lien direct) |
At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain. |
Studies
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 22:33:00 |
Student Medical Records Exposed After LAUSD Breach (lien direct) |
"Hundreds" of special education students' psych records have turned up on the Dark Web. School records like these are covered by FERPA, not HIPAA, so parents have little recourse. |
Medical
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 21:54:44 |
Pirated Final Cut Pro for macOS Offers Stealth Malware Delivery (lien direct) |
The number of people who have made the weaponized software available for sharing via torrent suggests that many unsuspecting victims may have downloaded the XMRig coin miner. |
Malware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 21:45:00 |
AUVSI Launches Green UAS Cybersecurity Certification Program For Commercial Drones (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 21:38:00 |
Forsage Founders Indicted in $340M DeFi Crypto Scheme (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 20:40:00 |
Cyberattack on Dole Causes Temporary Salad Shortage (lien direct) |
The produce company said it suffered a ransomware attack earlier this month. |
Ransomware
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 20:25:00 |
Linux Foundation Europe Announces Formation of OpenWallet Foundation (lien direct) |
Diverse ecosystem of global technology, finance, and university leaders join as first OpenWallet Foundation Members, many more expected. |
Guideline
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 20:00:00 |
Generative AI Changes Everything We Know About Cyberattacks (lien direct) |
Generative AI is heating up everywhere and fundamentally changing everything we know about how cybercriminals develop and deploy attacks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 20:00:00 |
UL Solutions Issues Automotive Cybersecurity Assurance Program Certificate to LG Innotek (lien direct) |
Through its Cybersecurity Assurance Program, UL Solutions is helping the automotive industry advance cybersecurity management systems for connected vehicle technologies. |
|
|
★★
|