SEC News

What's new arround internet

Last one

Src	Date (GMT)	Titre	Description	Tags	Stories	Notes
	2023-10-06 07:52:00	IBM s'appuie sur l'IA pour les services de sécurité gérés IBM leans into AI for managed security services (lien direct)	IBM déploie les services gérés basés sur l'IA qui promettent d'aider les équipes de réseau et d'opérations de sécurité plus rapidement et efficacement à répondre aux cyber-menaces d'entreprise. Géré par le groupe IBM Consulting, la détection et la réponse des menaces(TDR) Les services offrant des promesses promettent une surveillance, une enquête et une correction automatisées des alertes de sécurité des outils de sécurité existants ainsi que du cloud, des systèmes de technologie sur site et de la technologie opérationnelle en utilisant le réseau d'entreprise.Les Services peuvent intégrer des informations de plus de 15 outils de gestion de la sécurité et de gestion des incidents (SIEM) et plusieurs packages de détection et de réponse de la détection et de réponse de réseau tiers, par exemple. Pour lire cet article en entier, veuillez cliquer ici IBM is rolling out AI-based managed services that promise to help network and security operations teams more quickly and effectively respond to enterprise cyber threats.Managed by the IBM Consulting group, the Threat Detection and Response (TDR) Services offering promises 24x7 monitoring, investigation, and automated remediation of security alerts from existing security tools as well as cloud, on-premises, and operational technology systems utilizing the enterprise network. The services can integrate information from more than 15 security event and incident management (SIEM) tools and multiple third-party endpoint and network detection and response packages, for example.To read this article in full, please click here	Tool Threat		★★
	2023-09-15 08:36:00	IBM X-FORCE: L'utilisation des informations d'identification compromises assombrit l'image de sécurité du nuage IBM X-Force: Use of compromised credentials darkens cloud security picture (lien direct)	À mesure que la connectivité aux ressources basées sur le cloud augmente, les cybercriminels utilisent des informations d'identification valides et compromises pour accéder aux ressources d'entreprise à un rythme alarmant. = "https://www.ibm.com/downloads/cas/qwbxvapl" rel = "nofollow"> IBM X-Force Cloud Threat Landscape Report , qui a également trouvé une augmentation de 200% (environ 3 900 vulnérabilités) enLes vulnérabilités et les expositions communes axées sur le cloud (CVE) au cours de la dernière année. «Plus de 35% des incidents de sécurité du cloud se sont produits par les attaquants \\ 'Utilisation des références valides et compromises», a écrit Chris Caridi, cyber-cyber-cyberAnalyste de menace avec IBM X-Force, dans un blog À propos du rapport.«Comprenant près de 90% des actifs à vendre sur les marchés Web Dark, les informations d'identification \\ 'parmi les cybercriminels sont apparentes, une moyenne de 10 $ par inscription & # 8211;ou l'équivalent d'une douzaine de beignets. " Pour lire cet article en entier, veuillez cliquer ici As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That\'s one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers\' use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials\' popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here	Vulnerability Threat Studies Cloud		★★★
	2023-08-23 10:00:00	Versa améliore le package SASE avec des outils de sécurité basés sur l'IA Versa enhances SASE package with AI-based security tools (lien direct)	Versa renforce les fonctionnalités de gestion de la sécurité de l'IA de son package intégré Secure Access Service Edge (SASE) pour inclure une amélioration de la détection de logiciels malveillants pour la protection avancée des menaces, la microsegmentation du réseau et la protection génératrice de l'IA pour aider les clients à mieux détecter et atténuer rapidement les menaces à leur réseauService et applications. Le fournisseur prend en charge AI dans son intégré Package Versa Sase qui inclut SD WAN, un pare-feu de nouvelle génération et d'application Web, la prévention des intrusions, le support zéro fiducie et la prévention de la perte de données. Pour lire cet article en entier, veuillez cliquer ici Versa is bolstering the AI security management features of its integrated Secure Access Service Edge (SASE) package to include improved malware detection for Advanced Threat Protection, network microsegmention and generative AI protection to help customers better detect and quickly mitigate threats to their networked service and applications.The vendor supports AI in its integrated Versa SASE package that includes SD WAN, a next-generation and web application firewall, intrusion prevention, zero trust support and data loss prevention.To read this article in full, please click here	Malware Tool Threat		★★
	2023-07-18 09:38:00	Fortinet dévoile les pare-feu du centre de données avec support de l'IA Fortinet unveils data center firewalls with AI support (lien direct)	Fortinet a publié deux nouveaux pare-feu à haute vitesse et de prochaine génération conçus pour protéger les actifs du centre de données. La série de 387 Gbps 3200F et la prise en charge des fonctionnalités de la série de 164 Gbps 900G pour la sécurité de la fournisseur \\ AI du fournisseur AI du fournisseurServices, qui mélangent les technologies d'IA et d'apprentissage automatique pour sensibiliser les clients aux cybermenaces et agir sur la protection des ressources beaucoup plus rapidement, selon Nirav Shah, vice-président des produits et solutions de Fortinet. Fortiguard AI-Les services de sécurité alimentés utilisent des données en temps réel des chercheurs de menace de Fortinet à Fortiguard Lab pour surveiller les nouveaux dangers.«Nous regardons chaque jour des terrabilits de données, et c'est là que nous exécutons notre IA et notre apprentissage automatique pour voir différentes choses & # 8211;Que nous ayons besoin d'activer les services alimentés par l'IA avec des IPS ou d'utiliser des technologies de bac à sable pour les atténuer », a déclaré Shah.«Si vous regardez l'industrie de la cybersécurité et la quantité de données que nous voyons, et les modèles et autres choses que nous devons reconnaître pour trouver les menaces & # 8211;[It] est extrêmement difficile si vous le faites manuellement. » Pour lire cet article en entier, veuillez cliquer ici Fortinet has released two new high-speed, next generation firewalls designed to protect data center assets.The 387Gbps 3200F series and 164Gbps 900G series feature support for the vendor\'s AI-Powered Security Services, which blend AI and machine-learning technologies to make customers aware of cyber threats and act on protecting resources much more quickly, according to Nirav Shah, vice president of products and solutions at Fortinet.FortiGuard AI-Powered Security Services use real-time data from Fortinet\'s threat researchers at FortiGuard Lab to monitor for new dangers. “We look at terabytes of data every day, and that\'s where we run our AI and machine learning to see different things – whether we need to enable AI-powered services with IPS, or utilize sandbox technologies to mitigate them,” Shah said. “If you look at the cybersecurity industry, and the amount of data that we see, and the patterns and other things that we need to recognize to find the threats – [it] is extremely tough if you do it manually.”To read this article in full, please click here	Threat		★★
	2023-05-31 16:34:00	Cisco vise la sécurité de l'IA-First avec Armorblox Acheter Cisco aims for AI-first security with Armorblox buy (lien direct)	Cisco prévoit d'acheter Armorblox, un fournisseur d'IA de six ans, pour aider à créer «un cloud de sécurité Ai-First».Dans notre portefeuille, nous changerons la façon dont nos clients comprennent et interagissent avec leurs points de contrôle de la sécurité », a écrit Raj Chopra vice-président principal et chef de produit pour Cisco Security dans un blog annonçant l'acquérir en pente . Bien que la sécurisation des e-mails était la première application par Armorblox \\ de ses techniques d'IA, ils pourraient également être appliqués à la prédiction d'attaque, à une détection rapide des menaces et à l'application efficace des politiques, a écrit Chopra."Grâce à cette acquisition, nous voyons de nombreux cas d'utilisation et possibilités d'utilisation de sécurité passionnants à déverrouiller." Pour lire cet article en entier, veuillez cliquer ici Cisco plans to buy Armorblox, a six-year-old AI vendor, to help create “an AI-first Security Cloud.”“Leveraging Armorblox\'s use of predictive and Generative AI across our portfolio, we will change the way our customers understand and interact with their security control points,” wrote Raj Chopra senior vice president and chief product officer for Cisco Security in a blog announcing the pending acquistion.While securing email was Armorblox\'s first application of its AI techniques, they might also be applied to attack prediction, rapid threat detection, and efficient policy enforcement, Chopra wrote. “Through this acquisition though, we see many exciting broad security use cases and possibilities to unlock.”To read this article in full, please click here	Threat		★★
	2022-11-16 08:52:00	Palo Alto targets zero-day threats with new firewall software (lien direct)	Palo Alto Networks has released next-generation firewall (NGFW) software that includes some 50 new features aimed at helping enterprise organizations battle zero-day threats and advanced malware attacks.The new features are built into the latest version of Palo Alto's firewall operating system – PAN 11.0 Nova – and include upgraded malware sandboxing for the company's WildFire malware-analysis service, advanced threat prevention (ATP), and a new cloud access security broker (CASB).WildFire is Palo Alto's on-prem or cloud-based malware sandbox that is closely integrated with Palo Alto's firewalls. When a firewall detects anomalies, it sends data to WildFire for analysis. WildFire uses machine learning, static analysis, and other analytics to discover threats, malware and zero-day threats, according to the vendor.To read this article in full, please click here	Malware Threat
	2022-05-19 06:10:00	CISA issues emergency warning over two new VMware vulnerabilities (lien direct)	The U.S. Cybersecurity and Infrastructure Agency issues emergency security directive over VMware vulnerabilities CVE-2022-22972 and CVE-2022-22973, which threat actors are likely to exploit.	Threat
	2022-05-10 03:00:00	Cohesity launches FortKnox to protect data from ransomware attacks (lien direct)	Data management specialist Cohesity is launching a new data isolation and recovery tool called FortKnox, in a bid to help customers protect their data from ransomware attacks.FortKnox provides an additional layer of off-site protection for customers by keeping data in a secure 'vault,' with physical separation, network and management isolation to keep threat actors from accessing sensitive data.An object lock requires a minimum of two or more people to approve critical actions, such as changes of vault policy, and access can be managed using granular role-based access control, multi-factor authentication, and encryption both in-flight and at rest.To read this article in full, please click here	Ransomware Tool Threat
	2022-04-14 07:13:00	US security agencies warn of threats to industrial, utility control networks (lien direct)	Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.The alert did not identify which groups were making the threats, but it did recognize Dragos, Mandiant, Microsoft, Palo Alto Networks and Schneider Electric for helping put together the warning. Dragos has posted a paper about part of the threat.To read this article in full, please click here	Threat
	2022-03-30 08:55:00	CISA warns of attacks against internet-connected UPS devices (lien direct)	Threat actors have targeted power supplies whose control interfaces are connected to the internet, and CISA says that they should be disconnected immediately.	Threat
	2019-08-22 12:53:00	Texas ransomware attacks: to pay or not to pay? \| TECH(feed) (lien direct)	Nearly two dozen cities in Texas have been hit by a ransomware attack executed by a single threat actor. These attacks beg the question: Is it ever worth it to pay a cyber attacker's ransom? In this episode of TECH(feed), Juliet discusses the pattern of ransomware attacks on local governments, how municipalities have responded and how to prevent a ransomware attack in the first place.	Ransomware Threat
	2019-04-24 11:06:00	Cisco: DNSpionage attack adds new tools, morphs tactics (lien direct)	The group behind the Domain Name System attacks known as DNSpionage have upped their dark actions with new tools and malware to focus their attacks and better hide their activities. Cisco Talos security researchers, who discovered DNSpionage in November, this week warned of new exploits and capabilities of the nefarious campaign. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key “The threat actor's ongoing development of DNSpionage malware shows that the attacker continues to find new ways to avoid detection. DNS tunneling is a popular method of exfiltration for some actors and recent examples of DNSpionage show that we must ensure DNS is monitored as closely as an organization's normal proxy or weblogs,” Talos wrote. “DNS is essentially the phonebook of the internet, and when it is tampered with, it becomes difficult for anyone to discern whether what they are seeing online is legitimate.”	Malware Threat
	2019-04-17 08:11:00	Cisco Talos details exceptionally dangerous DNS hijacking attack (lien direct)	Security experts at Cisco Talos have released a report detailing what it calls the “first known case of a domain name registry organization that was compromised for cyber espionage operations.”Talos calls ongoing cyber threat campaign “Sea Turtle” and said that state-sponsored attackers are abusing DNS to harvest credentials to gain access to sensitive networks and systems in a way that victims are unable to detect, which displays unique knowledge on how to manipulate DNS, Talos stated. More about DNS: DNS in the cloud: Why and why not DNS over HTTPS seeks to make internet use more private How to protect your infrastructure from DNS cache poisoning ICANN housecleaning revokes old DNS security key By obtaining control of victims' DNS, the attackers can change or falsify any data on the Internet, illicitly modify DNS name records to point users to actor-controlled servers; users visiting those sites would never know, Talos reported.	Threat
	2019-02-27 07:39:00	Protecting the IoT: 3 things you must include in an IoT security plan (lien direct)	With many IT projects, security is often an afterthought, but that approach puts the business at significant risk. The rise of IoT adds orders of magnitude more devices to a network, which creates many more entry points for threat actors to breach. A bigger problem is that many IoT devices are easier to hack than traditional IT devices, making them the endpoint of choice for the bad guys.IoT is widely deployed in a few industries, but it is in the early innings still for most businesses. For those just starting out, IT and security leaders should be laying out their security plans for their implementations now. However, the landscape of security is wide and confusing so how to secure an IoT deployment may not be obvious. Below are three things you must consider when creating an IoT security plan.	Hack Threat Guideline

Last update at: 2024-04-28 21:08:13
See our sources.

To see everything: Our RSS (filtrered)