Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 19:54:00 |
Hydrochasma Threat Group Bombards Targets with Slew of Commodity Malware, Tools (lien direct) |
A previously unidentified threat group uses open source malware and phishing to conduct cyber-espionage on shipping and medical labs associated with COVID-19 treatments and vaccines. |
Malware
Threat
Medical
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 19:30:07 |
Unanswered Questions Cloud the Recent Targeting of an Asian Research Org (lien direct) |
A novel threat group, utilizing new malware, is out in the wild. But the who, what, where, and why are yet to be determined, and there's evidence of a false-flag operation. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 18:50:35 |
Wiper Malware Surges Ahead, Spiking 53% in 3 Months (lien direct) |
Cybercriminals and hacktivists have joined state-backed actors in using sabotage-bent malware in destructive attacks, new report shows. |
Malware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 18:30:00 |
Vault Vision Launches One Click Passwordless Logins With Passkey User Authentication (lien direct) |
Eliminate passwords in user authentication workflow with Vault Vision's passkey features like facial recognition, fingerprint and pin verification on all modern devices. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 18:30:00 |
Cris Thomas: Space Rogue, From L0pht Hacker to IBM Security Influencer (lien direct) |
Security Pro File: The old-school hacker traces a path from young hardware tinkerer to senior cybersecurity executive. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 18:09:00 |
Metomic Raises $20 Million to Protect Sensitive Data in SaaS Applications (lien direct) |
As a data security solution focused solely on SaaS ecosystems, Metomic will use the Series A funding round to expand into the U.S. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 18:00:00 |
Why Are My Employees Integrating With So Many Unsanctioned SaaS Apps? (lien direct) |
Before adopting SaaS apps, companies should set security guardrails to vet new vendors and check security integration for misconfiguration risks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 17:47:00 |
Rezilion Research Discovers Hidden Vulnerabilities in Hundreds of Docker Container Images (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 17:33:00 |
(ISC)² Opens Security Congress 2023 Call for Presentations (lien direct) |
(ISC)2 members and cybersecurity professionals worldwide are encouraged to share their expertise, best practices and experiences with their peers and career hopefuls. |
Industrial
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 17:00:00 |
Top Takeaways From CloudNativeSecurityCon 2023 (lien direct) |
CloudNativeSecurityCon North America 2023 was a vendor-neutral cloud-native security conference. Here's why it was important. |
Cloud
|
|
★★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-23 15:00:00 |
This Will Be the Year of the SBOM, for Better or for Worse (lien direct) |
Sharing attestations on software supply chain data that are formed into a policy will give us a framework to interpret risk and develop compliance directives. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 22:10:00 |
UL Solutions Advances Automotive Safety and Security (lien direct) |
A combined team of UL Solutions safety science experts will address automotive cybersecurity, functional safety, automated driving and software development processes to help customers bring safer, more secure innovations to market. |
Industrial
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 21:55:00 |
Scammers Mimic ChatGPT to Steal Business Credentials (lien direct) |
Hackers will take anything newsworthy and turn it against you, including the world's most advanced AI-enabled chatbot. |
|
ChatGPT
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 20:40:00 |
Half of Apps Have High-Risk Vulnerabilities Due to Open Source (lien direct) |
Open source software dependencies are affecting the software security of different industries in different ways, with mature industries becoming more selective in their open source usage. |
Studies
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 20:30:00 |
Entitle Brings Fine-Grained Cloud Permissions Management Out of Stealth (lien direct) |
The platform uses no-code policy workflows to automate the provisioning and revoking of permissions. |
General Information
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 19:59:11 |
1 in 4 CISOs Wants to Say Sayonara to Security (lien direct) |
Thanks to burnout and stress, Gartner predicts churn and even departure from profession among half of today's security leaders by 2025. |
Studies
Guideline
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 19:25:00 |
US Military Emails Exposed via Cloud Account (lien direct) |
A DoD email server hosted in the cloud (and now secured) had no password protection in place for at least two weeks. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 18:00:00 |
Headwinds Don\'t Have to Be a Drag on Your Security Effectiveness (lien direct) |
Despite increased threats, an uncertain economy, and increasing automation, your organization can still thrive. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 17:55:45 |
Phishing Fears Ramp Up on Email, Collaboration Platforms (lien direct) |
It's a banner year for attacks coming through traditional email as well as newer collaboration technologies, such as Slack and Microsoft Teams. What's next? |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 17:50:00 |
Google Delivers Record-Breaking $12M in Bug Bounties (lien direct) |
Google's Android and Chrome Vulnerability Reward Programs (VRPs) in particular saw hundreds of valid reports and payouts for security vulnerabilities discovered by ethical hackers. |
Vulnerability
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 17:16:00 |
Xcitium Brings \'Zero Dwell\' Capability to Legacy EDR Platforms (lien direct) |
Pas de details / No more details |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 16:25:00 |
Trend Micro Acquires SOC Technology Expert Anlyz (lien direct) |
Technology tuck-in enhances industry's broadest XDR security platform. |
Prediction
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 15:42:00 |
Exploit Code Released for Critical Fortinet RCE Bug (lien direct) |
Organizations are urged to update to the latest versions of FortiNAC to patch a flaw that allows unauthenticated attackers to write arbitrary files on the system. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 15:00:00 |
4 Tips to Guard Against DDoS Attacks (lien direct) |
Attackers are now using multiple types of distributed denial-of-service (DDoS) attacks to take down sites. Here are some ways to defend and protect. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 15:00:00 |
7 Tips for Mitigating Cyber-Risks to Your Corporate Social Media (lien direct) |
How to stay safe, even when tech-savvy admins can't tell the difference between a scam and the truth. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 03:30:00 |
How to Stop Attackers That Target Healthcare Imaging Data (lien direct) |
Attribute-based encryption could help keep sensitive metadata off of the Dark Web. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-22 00:07:00 |
Scrut Automation Raises Funding of $7.5M, Led by MassMutual Ventures, Lightspeed, and Endiya Partners (lien direct) |
With the fresh capital, Scrut aims to focus on simplifying risk management and infosec compliance for cloud-native SaaS, Fintech, and Healthtech companies |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 23:57:00 |
Black Hat to Launch Official Certification Program (lien direct) |
Pas de details / No more details |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 23:34:00 |
(Déjà vu) CREST Calls for Greater Equity, Inclusion and Diversity As Part of National Cyber Security Strategy (lien direct) |
Pas de details / No more details |
|
|
★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 23:20:00 |
Malwarebytes Expands Platform With New Application Block Capabilities (lien direct) |
Latest threat prevention module helps resource-strapped security teams block unsafe, untrusted or vulnerable applications. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 23:00:00 |
Analysts Slam Twitter\'s Decision to Disable SMS-Based 2FA (lien direct) |
Making the option available only to paid subscribers - while also claiming SMS authentication is broken - doesn't make sense, some say. Is it a cash grab? |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 18:45:13 |
Cyberthreats, Regulations Mount for Financial Industry (lien direct) |
Nation-state adversaries, new reporting regulations, and a fast-paced threat landscape mean that financial services and technology firms need to bolster their security posture. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 18:45:00 |
(Déjà vu) Name That Toon: Join the Club (lien direct) |
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 18:40:00 |
Coinbase Crypto Exchange Ensnared in \'Oktapus\'-Related Smishing Attack (lien direct) |
Some employees' personal data was leaked, but the company responded swiftly to a socially engineered incident that gained access to legitimate employee login credentials. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 18:35:00 |
Third-Party Providers Create Identity and Access Control Challenges for Fintech Apps (lien direct) |
Fintech has drastically shifted the financial services industry toward digital technologies and, in so doing, has introduced a variety of new risks. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 18:08:30 |
Israel\'s Top Tech University Targeted by DarkBit Ransomware (lien direct) |
An Israeli university is being blackmailed by hackers. However, they aren't just after money but are looking to send a political message - and maybe something more. |
Ransomware
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-21 15:00:00 |
Insider Threats Don\'t Mean Insiders Are Threatening (lien direct) |
By implementing tools that enable internal users to do their jobs efficiently and securely, companies reduce insider threat risk by building insider trust. |
Threat
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-20 15:00:00 |
Modern Software: What\'s Really Inside? (lien direct) |
Open source has changed the software game from build or buy to assemble with care. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-20 14:01:00 |
Despite Breach, LastPass Demonstrates the Power of Password Management (lien direct) |
What's scarier than keeping all of your passwords in one place and having that place raided by hackers? Maybe reusing insecure passwords. |
|
LastPass
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-20 14:00:03 |
Researchers Create an AI Cyber Defender That Reacts to Attackers (lien direct) |
The system based on deep reinforcement learning can adapt to defenders' tactics and stop 95% of simulated attacks, according to its developers. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-20 14:00:00 |
Majority of Ransomware Attacks Last Year Exploited Old Bugs (lien direct) |
New research shows that 57 vulnerabilities that threat actors are currently using in ransomware attacks enable everything from initial access to data theft. |
Ransomware
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 23:05:00 |
Is OWASP at Risk of Irrelevance? (lien direct) |
A growing group of OWASP members and board leaders are calling for the AppSec group to make big changes to stay apace with modern development. |
Guideline
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 21:49:00 |
Check Point Boosts AppSec Focus With CNAPP Enhancements (lien direct) |
Established network security players like Check Point are responding to the shift to cloud-native applications, which have exposed more vulnerabilities in open source software supply chains. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 21:34:51 |
Novel Spy Group Targets Telecoms in \'Precision-Targeted\' Cyberattacks (lien direct) |
The primary victims so far have been employees of telcos in the Middle East, who were hit with custom backdoors via the cloud, in a likely precursor to a broader attack. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 21:00:00 |
Google Translate Helps BEC Groups Scam Companies in Any Language (lien direct) |
BEC gangs Midnight Hedgehog and Mandarin Capybara show how online marketing and translation tools are making it easy for these threat groups to scale internationally. |
Threat
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 19:00:40 |
Inglis Retires as National Cyber Director Ahead of Biden\'s Cybersecurity EO (lien direct) |
The long-time NSA and cyber specialist says he's exiting the public sector. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 18:20:00 |
Not Stoked: Burton Snowboards\' Online Orders Disrupted After Cyberattack (lien direct) |
The snow sports specialist is investigating to see what caused the operations-disrupting "cyber incident." |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 17:35:00 |
Massive GoAnywhere RCE Exploit: Everything You Need to Know (lien direct) |
Weeks after an exploit was first announced in a popular cloud-based file transfer service, could some organizations still be vulnerable? The answer is yes. |
|
|
★★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-17 15:00:00 |
AppSec Threats Deserve Their Own Incident Response Plan (lien direct) |
With a rearranging of priorities and good incident response plans, organizations can be ready to face the future of software attacks. |
|
|
★★
|
![DarkReading.webp](./Ressources/img/DarkReading.webp) |
2023-02-16 22:34:00 |
ESXi Ransomware Update Outfoxes CISA Recovery Script (lien direct) |
New ESXiArgs-ransomware attacks include a workaround for CISA's decryptor, researchers find. |
Ransomware
|
|
★★★
|