What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-09-15 08:36:00 | IBM X-FORCE: L'utilisation des informations d'identification compromises assombrit l'image de sécurité du nuage IBM X-Force: Use of compromised credentials darkens cloud security picture (lien direct) |
À mesure que la connectivité aux ressources basées sur le cloud augmente, les cybercriminels utilisent des informations d'identification valides et compromises pour accéder aux ressources d'entreprise à un rythme alarmant. = "https://www.ibm.com/downloads/cas/qwbxvapl" rel = "nofollow"> IBM X-Force Cloud Threat Landscape Report , qui a également trouvé une augmentation de 200% (environ 3 900 vulnérabilités) enLes vulnérabilités et les expositions communes axées sur le cloud (CVE) au cours de la dernière année. «Plus de 35% des incidents de sécurité du cloud se sont produits par les attaquants \\ 'Utilisation des références valides et compromises», a écrit Chris Caridi, cyber-cyber-cyberAnalyste de menace avec IBM X-Force, dans un blog À propos du rapport.«Comprenant près de 90% des actifs à vendre sur les marchés Web Dark, les informations d'identification \\ 'parmi les cybercriminels sont apparentes, une moyenne de 10 $ par inscription & # 8211;ou l'équivalent d'une douzaine de beignets. " Pour lire cet article en entier, veuillez cliquer ici
As connectivity to cloud-based resources grows, cybercriminals are using valid, compromised credentials to access enterprise resources at an alarming rate.That\'s one of the chief findings of the IBM X-Force Cloud Threat Landscape Report, which also found a 200% increase (about 3,900 vulnerabilities) in cloud-oriented Common Vulnerabilities and Exposures (CVE) in the last year.“Over 35% of cloud security incidents occurred from attackers\' use of valid, compromised credentials,” wrote Chris Caridi, strategic cyber threat analyst with IBM X-Force, in a blog about the report. “Making up nearly 90% of assets for sale on dark web marketplaces, credentials\' popularity among cybercriminals is apparent, averaging $10 per listing – or the equivalent of a dozen doughnuts.”To read this article in full, please click here |
Vulnerability Threat Studies Cloud | ★★★ | |
|
2023-04-18 16:26:00 | Cisco met en garde contre les attaques contre les routeurs de réseau, les pare-feu Cisco warns of attacks on network routers, firewalls (lien direct) |
Le groupe de renseignement de la sécurité de Cisco \\ de Cisco \\ a publié aujourd'hui un avertissement d'une augmentation des attaques très sophistiquées contre les infrastructures de réseau, y compris des routeurs et des pare-feu. Le Cisco Avertissement Piggybacks Un avertissement conjoint similaire émis aujourd'hui à partir de Le National Cyber Security Center du Royaume-Uni (NCSC), l'Agence américaine de sécurité nationale (NSA), l'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) et le Federal Bureau of Investigation (FBI) qui a noté une augmentation des menaces dansen partie utilisant un exploit qui a été révélé pour la première fois en 2017. Cet exploit a ciblé une vulnérabilité SNMP dans les routeurs Cisco qui Le fournisseur patché en 2017 . Pour lire cet article en entier, veuillez cliquer ici
Cisco\'s Talos security intelligence group issued a warning today about an uptick in highly sophisticated attacks on network infrastructure including routers and firewalls.The Cisco warning piggybacks a similar joint warning issued today from The UK National Cyber Security Centre (NCSC), the US National Security Agency (NSA), US Cybersecurity and Infrastructure Security Agency (CISA) and US Federal Bureau of Investigation (FBI) that noted an uptick in threats in part utilizing an exploit that first came to light in 2017. That exploit targeted an SNMP vulnerability in Cisco routers that the vendor patched in 2017. To read this article in full, please click here |
Vulnerability | APT 28 | ★★ |
|
2022-05-05 11:06:00 | Cisco warns of critical vulnerability in virtualized network software (lien direct) | Multiple vulnerabilities have been discovered in Cisco's Enterprise NFV Infrastructure Software (NFVIS). The worst of the vulnerabilities could let an attacker escape from the guest virtual machine (VM) to the host machine, Cisco disclosed. The other two problems involve letting a bad actor inject commands that execute at the root level and allowing a remote attacker to leak system data from the host to the VM.NFVIS is Linux-based infrastructure software designed to help enterprises and service providers to deploy virtualized network functions, such as a virtual router, firewall and WAN acceleration, Cisco stated.To read this article in full, please click here | Vulnerability | ||
|
2019-05-17 10:56:00 | Microsoft issues fixes for non-supported versions of Windows Server (lien direct) | Microsoft took the rare step of issuing security fixes for both the server and desktop versions of Windows that are long out of support, so you know this is serious.The vulnerability (CVE-2019-0708) is in the Remote Desktop Services component built into all versions of Windows. RDP, formerly known as Terminal Services, itself is not vulnerable. CVE-2019-0708 is pre-authentication and requires no user interaction, meaning any future malware could self-propagate from one vulnerable machine to another.CVE-2019-0708 affects Windows XP, Windows 7, Windows Server 2003, Windows Server 2008 R2, and Windows Server 2008. It does not impact Microsoft's newest operating systems; Windows 8 through 10 and Windows Server 2012 through 2019 are not affected. | Malware Vulnerability | ★★★★★ | |
|
2019-05-16 03:00:00 | WhatsApp attacked by spyware | TECH(feed) (lien direct) | WhatsApp's recent spyware hack took advantage of a security vulnerability and allowed attackers to access private, digital communication. In this episode of TECH(feed), Juliet walks through the hack, who was affected and how you can secure your devices ASAP. | Hack Vulnerability | ||
|
2019-02-19 15:03:00 | Edge security: There\'s lots of attack surfaces to worry about (lien direct) | The problem of edge security isn't unique – many of the issues being dealt with are the same ones that have been facing the general IT sector for decades.But the edge adds its own wrinkles to those problems, making them, in many cases, more difficult to address. Yet, by applying basic information security precautions, most edge deployments can be substantially safer. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The most common IoT vulnerability occurs because many sensors and edge computing devices are running some kind of built-in web server to allow for remote access and management. This is an issue because many end-users don't – or, in some cases, can't – change default login and password information, nor are they able to seal them off from the Internet at large. There are dedicated gray-market search sites out there to help bad actors find these unsecured web servers, and they can even be found with a little creative Googling, although Joan Pepin, CISO at security and authentication vendor Auth0, said that the search giant has taken steps recently to make that process more difficult. | Vulnerability |
1
We have: 6 articles.
We have: 6 articles.
To see everything:
Our RSS (filtrered)
