What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2020-08-03 10:25:00 | Build a Roadmap for Cyber Resilience (lien direct) | The current information security landscape is rapidly evolving. According to the latest research from IBM Security and the Ponemon Institute’s 2020 Cyber Resilient Organization Report, 67% of organizations reported that the volume of attacks had significantly increased over the past 12 months. It’s not just the amount of attacks that grew; 64% of organizations also […] | |||
|
2020-07-30 20:46:45 | DDoS Attacks Increase in Size, Frequency and Duration (lien direct) | Distributed denial of service (DDoS) attacks are increasing in size, frequency and duration. Kaspersky Lab reported a doubling of DDoS attacks in the first quarter of 2020 compared with the fourth quarter of 2019, plus an 80% jump compared with the same quarter last year. Kaspersky also found that DDoS cyberattacks are increasing in duration. […] | ★★★★★ | ||
|
2020-07-30 16:16:07 | Enhance Integrated Risk Management Solutions With Modern Technologies (lien direct) | Many business leaders struggle to efficiently respond to risk and compliance needs because of the complex regulatory landscape, ever-evolving risk scenarios and inconsistent internal processes. It’s only been more recently that organizations have embraced enterprise integrated risk management (IRM) tools to overcome a siloed approach of managing risk and compliance data. The advent of these […] | Guideline | ||
|
2020-07-29 17:15:56 | How and Why to Take a Holistic Approach to Threat Modeling (lien direct) | By taking a broader, more expansive view of threat modeling, organizations can consider the whole picture of their security strategy and improve efficiency. Threat modeling is a systematic approach to finding, prioritizing and fixing security threats, but it can be much more. It invites an exercise in systematic collaborative thinking, and as such its benefits […] | Threat | ||
|
2020-07-28 19:59:36 | What\'s New in the 2020 Cost of a Data Breach Report (lien direct) | In a world of uncertainty and change, it’s a comfort that some things are consistent year after year. Now in its 15th year, the annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by IBM Security, continues to provide a detailed view of the financial impacts security incidents can […] | Data Breach | ||
|
2020-07-28 15:08:25 | Darknet Cybersecurity: How Finance Institutions Can Defend Themselves (lien direct) | Financial firms continue to move to digital-first deployments, as retail branches close, and people shift to remote work. This shift makes understanding and preventing even common darknet, or dark web, threats a priority. Financial cybersecurity investment institutions need to understand what the dark web is, provide their security teams with the tools to explore it […] | |||
|
2020-07-28 14:07:32 | Aviation Can Anticipate an Increase in State-Sponsored Activity (lien direct) | The combination of lockdown measures, travel restrictions and stalling demand brought on by COVID-19 has caused an unprecedented collapse in the global air transport industry. Facing a projected loss of $84.3 billion in revenue and 32 million aviation-related jobs worldwide, nations are scrambling to provide much-needed financial support to sustain domestic airlines. As countries independently […] | |||
|
2020-07-28 13:52:49 | How to Use Best-in-Suite MSSPs to Streamline Security Operations (lien direct) | Managed security service providers (MSSPs) can speed up detection and response capabilities in complex, distributed security environments. However, many traditional managed security providers simply act as alert factories that collect log data and spit out low-value alerts. These increase the workload on their clients’ security teams rather than offloading work and enhancing their security posture. […] | ★★★★ | ||
|
2020-07-24 11:25:00 | Leveraging Open Source Can be Powerful for Cybersecurity (lien direct) | Security vendors and end users have access to the same technology and resources, if not more, than the threat actor community. However, the area where cybersecurity falls short as an industry is teamwork. Vendors and end users rarely talk to each other as a broader force. Thus, while innovation may happen for individual products, that […] | Threat | ||
|
2020-07-24 11:15:00 | 5 Core Tenets for Effective Multicloud Security (lien direct) | For a growing number of organizations adopting cloud-based deployment models, the cloud security challenge is clear. For example, how do I rapidly transform my business in a way that is also secure and compliant? Business leaders have an opportunity to rethink securing their enterprise during the sea-change shift toward cloud models. For instance, leaders should not […] | Guideline | ||
|
2020-07-22 14:11:19 | Securing Travel and Transportation Operations (lien direct) | Transportation networks are foundational to our modern way of life. The current restrictions on global movement and the corresponding reduction in demand for travel and transportation services, while profound, are temporary. Forecasting future demand and capacity requirements is nearly impossible. But, the travel and transportation industries are part of the country's critical infrastructure. They will return […] | |||
|
2020-07-22 11:00:00 | 4 Steps to Help You Plan a Cyber Resilience Roadmap (lien direct) | What is cyber resilience? According to IBM Security’s 2020 Cyber Resilient Organization Report, a cyber resilient organization is one that “more effectively prevents, detects, contains and responds to a myriad of serious threats against data, applications and IT infrastructure.” In a more colloquial sense, the “further along in the game” the organization is, the better positioned […] | |||
|
2020-07-20 11:00:00 | Why Cyber Ranges Are Effective To Train Your Teams (lien direct) | Cyber ranges may be one of the most effective ways to train IT professionals in defending against cyber attacks. The virtual environments deliver simulated real-world attacks that test multiple dimensions and stakeholders within diverse environments. Cybersecurity teams can use cyber ranges to practice defending against simulated threats in immersive training scenarios, essentially preparing and rehearsing […] | |||
|
2020-07-17 11:00:00 | Mitigating Containers Risk Requires a Comprehensive Approach (lien direct) | Containers have become a staple among large banks and financial services firms, which have used the technology in production. It has captured the attention of the broader market, that hopes to achieve the same technology benefits of improved application delivery and run-time efficiencies. This modular plug-and-play architecture is more scalable and can deliver more power […] | |||
|
2020-07-16 11:00:00 | Deciphering Between Incident Management and Crisis Management (lien direct) | Cyber threats come in many forms and can severely impact business operations, brand reputation, financial standing and even lead to a lawsuit. Organizations must prepare to respond and manage cyber events at different organizational levels to limit their damage and accelerate recovery. Most businesses focus on incident management or crisis management to react to cyber […] | Guideline | ||
|
2020-07-16 09:00:00 | New Research Exposes Iranian Threat Group\'s Operations (lien direct) | IBM X-Force Incident Response Intelligence Services (IRIS) has uncovered rare details on the operations of the suspected Iranian threat group ITG18, which overlaps with Charming Kitten and Phosphorous. In the past few weeks, ITG18 has been associated with targeting of pharmaceutical companies and the U.S. presidential campaigns. Now, due to operational errors-a basic misconfiguration-by suspected […] | Threat Conference | APT 35 | |
|
2020-07-15 12:00:00 | Zero Trust in 2020: More Important Than Ever Before (lien direct) | In a perfect world, all organizations would implement Zero Trust for its inherent security benefits. In today’s uncertain environment, every security strategy that mitigates risk is critical, and the role of Zero Trust is even more relevant in the work-from-home era. By nature, employees' home environments are more vulnerable with a higher likelihood of compromise. […] | |||
|
2020-07-15 12:00:00 | Focusing on the Fundamentals of Network Security (lien direct) | IBM X-Force has reported a huge increase in COVID-19-related spam. Malicious domains have also rapidly expanded during the first quarter of 2020. Focus on Security Fundamentals One of the key fundamental approaches for security is to ensure your security team can identify, investigate and respond to threats. We recommend mining network data to help identify potential […] | |||
|
2020-07-15 11:35:00 | A Quick Guide to Using the ONG-C2M2 Model (lien direct) | The Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model (ONG-C2M2) can help oil and natural gas (ONG) organizations evaluate their cybersecurity programs and make improvements. These tools allow owners and operators in the electricity and ONG sectors to assess their cybersecurity capabilities. Additionally, the tool can inform individuals on how to address their needs […] | Tool | ||
|
2020-07-14 12:00:00 | Securing Your Environment While Working Remotely (lien direct) | Before the coronavirus pandemic hit, working from home used to be a novelty for many employees. According to a June 2020 IBM Security and Morning Consult “Work From Home Survey,” 80% of respondents say they worked from home either rarely or not at all prior to the pandemic. In-office work allowed employers and information technology […] | |||
|
2020-07-13 11:00:00 | Securing Data in a Multicloud Environment (lien direct) | The multicloud environment is becoming the standard for businesses, with 93% of organizations using this approach, according to a Flexera 2020 State of the Cloud report. The public cloud services used in the multicloud strategy are gaining in popularity, with Gartner predicting revenue in 2020 will reach more than $266 billion. “Adoption of next-generation solutions […] | |||
|
2020-07-09 15:23:29 | Overcoming Data Security Challenges in a Hybrid, Multicloud World (lien direct) | Cloud computing is evolving at a rapid pace. Today, there’s a range of choices for moving applications and data to cloud that includes various deployment models from public and private to hybrid cloud service types. Organizations are seeking ways to utilize multiple clouds as part of a broader digital strategy. With a multicloud approach, companies can […] | |||
|
2020-07-09 13:00:00 | Updating Legacy Systems Amid Growing Cybersecurity Concerns (lien direct) | Over the past few months, a shift to remote working has raised many security questions for businesses trying to protect their data. And, ensuring that legacy systems are secure is a key priority. Keeping legacy systems up to date in a world of increasing cyber threats has been a concern the past few years, but […] | |||
|
2020-07-08 12:00:00 | Video Conferencing Security Tips You May Have Overlooked (lien direct) | Video conferencing applications grew substantially following the outbreak of the coronavirus (COVID-19) global pandemic. According to Research and Markets article “Video Conferencing Demand Rises due to Social-Distancing,” video conferencing software experienced 62 million downloads in March 2020. This increase in use resulted from businesses adopting video conferencing platforms as a means to facilitate their transition […] | |||
|
2020-07-08 12:00:00 | Future-Proofing Data With a Data Encryption Plan (lien direct) | Data volume storage needs are growing exponentially across hybrid multicloud environments. Meanwhile, companies are being faced with a greater number of regulations to follow, as well as increased exposure to data ransomware, theft and misuse. Many regulations, such as the General Data Protection Regulation, highlight encryption as an example of appropriate technical and organizational measures. While not […] | |||
|
2020-07-07 12:29:02 | COVID-19 Cybercrime Capitalizing on Brazil\'s Government Assistance Program (lien direct) | IBM X-Force Incident Response and Intelligence Services (IRIS) has been tracking cybercrime capitalizing on the coronavirus pandemic since January, and has observed the geographical areas of this activity shift over time. In February, cybercriminals were focusing on Asia, and we observed threat actors targeting potential victims in Japan with coronavirus-related phishing lures. In mid-March and […] | Threat | ★★★ | |
|
2020-07-07 11:00:00 | Fix Shadow IT In Your Organization (lien direct) | Shadow IT can be potentially harmful to a company’s security protection, because it exists outside a company’s typical software and service approval and audit workflows. Shadow IT refers to information technology projects, applications and software used and managed outside of-and without the knowledge of-an IT department. Employees unfamiliar with the way software works can easily […] | |||
|
2020-07-02 15:53:14 | Why Zero-Click Cyberthreats Should Be on Your Radar (lien direct) | For years, the statistics have told us that human error is the greatest contributor to cyberattacks. We’ve stressed the importance of training, training and more training to prevent the almost inevitable from happening. We’ve been convinced that the key to defending against cyberthreats is to keep the unsuspecting from clicking on phishing emails and infecting […] | |||
|
2020-07-01 13:37:21 | How Growing Businesses Should Tackle Cybersecurity Challenges (lien direct) | When we think about the most public cyber attacks and data breaches, we generally associate them with large enterprises. The truth is cyber attacks are not limited by company size. A significant cyber attack can happen to any company, in any industry and of any size. According to the 2019 Cost of a Data Breach […] | Data Breach | ||
|
2020-06-30 11:00:00 | The Modern Workplace: Keeping Remote Workers Productive and Secure (lien direct) | Results from the March 30, 2020, Gartner CFO Survey indicate that 74% of businesses intend to shift some employees to permanent remote work following their initial experience responding to current global conditions. Regardless of recent world events, many workers already spend time on the job, while physically separated from the corporate campus. Sometimes they will […] | |||
|
2020-06-29 21:13:56 | The 2020 Cyber Resilient Organization: Preparation and Technology Differentiate High Performers (lien direct) | The Ponemon Institute just released its annual “The Cyber Resilient Organization” report, sponsored by IBM Security. In its fifth year, this study takes an in-depth look at organizations' ability to prevent, detect, contain and respond to cyberattacks. The report examines changes in cyber resilience and identifies approaches and best practices organizations took to improve their […] | |||
|
2020-06-29 09:00:06 | These Cybersecurity Trends Could Get a Boost in 2020 (lien direct) | The events of early 2020 have prompted organizations to shift priorities across the board, and security processes are no exception. While the current working environment has presented numerous short-term challenges, it has also caused security leaders to take a fresh look at what really matters to their businesses. The cybersecurity trends that emerge could ultimately […] | Guideline | ||
|
2020-06-26 11:00:21 | The Security Risks of Contactless Payment (lien direct) | Contactless payment first arrived in the 1990s and is now having its moment. Both companies and consumers are looking for ways to conduct business with as little physical interaction as possible during in-person transactions. We’ve been building to this moment, if you think about it. Organizations have been steadily increasing reliance on digital options and […] | |||
|
2020-06-25 10:00:00 | Vulnerable Powerline Extenders Underline Lax IoT Security (lien direct) | Multiple vulnerabilities have been found in Tenda PA6 Wi-Fi Powerline extender, version 1.0.1.21. This device is part of Tenda's PH5 Powerline Extender Kit and extends the wireless network through home’s existing electrical circuitry. The kit, in collaboration with X-Force Red, IBM Security's team of hackers, aligns with the HomePlug AV2 technology and provides wired speeds […] | |||
|
2020-06-24 12:00:00 | Three Approaches to Cybersecurity Planning for Post-Pandemic Cloud Adoption (lien direct) | The global pandemic has been dictating how the whole world is reforming, businesses included. Different forums and analyst reports are increasingly calling out the future of businesses as they are moving their workloads to the cloud gradually. IDC “expects 2021 to be the year of multi-cloud” as the global COVID-19 pandemic reinforces the need for […] | |||
|
2020-06-24 11:30:00 | Visibility and Threat Detection in a Remote Working World (lien direct) | At the outset of the COVID-19 pandemic, when governments around the world put stay-at-home orders in place, it was hard to imagine the state of work would permanently change. Yet, as organizations rapidly adopted and expanded systems to enable a remote workforce - which doubled in size in just three weeks - company cultures began […] | Threat | ||
|
2020-06-24 11:00:00 | An Apple a Day: Treating BYOD Pains with Apple User Enrollment (lien direct) | Even with workers returning to the office-it might be a trickle or a flood depending on the organization-the shift towards remote work is moving from just a short-term necessity to a long-term reality. That shift has changed the face of business worldwide. This change makes it more important than ever for IT and Security teams to […] | |||
|
2020-06-23 11:00:00 | A Game of Chess: Entropy and Patterns in Threat Intelligence (lien direct) | During a brainstorming discussion with a colleague on the value of entropy in machine learning models, specifically the models used in threat intelligence work, I mentioned that many of the threat intelligence models in use today seem to overemphasize the pattern recognition aspect of threat intelligence through the egregious use of algorithms. By contrast, they […] | Threat | ||
|
2020-06-18 11:00:00 | Best Practices for Managing Data Privacy & Responding to Privacy Breaches (lien direct) | A constantly changing regulatory environment has become the “new normal” for data privacy, and 2020 is no exception. The California Consumer Privacy Act (CCPA) went into effect in January and introduced one of the most sweeping requirements the U.S. has seen at a state level. In addition, the global health crisis has seen concerns around […] | |||
|
2020-06-18 11:00:00 | Ginp Malware Operations are on the Rise, Aiming to Expand in Turkey (lien direct) | The Ginp mobile banking malware, which emerged in late 2019, is one of the top most prevalent Android banking malware families today. It started as a SMS stealer and rapidly evolved into one of the most advanced actors in the financial fraud landscape. Ginp has primarily targeted Spanish banks, but recent evidence suggests the malware […] | Malware | ||
|
2020-06-17 11:00:00 | The Importance of People and Culture within the Security Operations Center (lien direct) | Security operations centers (SOCs) have changed dramatically over the last decade. Gartner predicts that by 2022, 50 percent of all SOCs will transform into modern centers with integrated incident response, threat intelligence and threat hunting capabilities, up from less than 10 percent in 2015. Organizations are investing heavily in tooling for detection and response as the number of […] | Threat | ||
|
2020-06-17 11:00:00 | Chaos Engineering and Security: Upgrading Simulation Exercises For More Dynamic Threat Environments (lien direct) | As the recent pandemic has swept the globe, malicious hackers have quickly pivoted to leverage the confusion to their benefit in carrying out cyberattacks. On April 8, 2020, the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom's National Cyber Security Centre (NCSC) jointly released an alert […] | Threat | ||
|
2020-06-17 11:00:00 | Introducing Collaborative Automated Course of Action Operations (CACAO): An Emerging Cybersecurity Standard to Quickly Define and Share Playbooks (lien direct) | A common challenge security teams face is ensuring their organization can continue to operate despite cyber attacks - in other words, to demonstrate their cyber resilience. Research from the Ponemon Institute acknowledges that the volume and severity of cyber attacks continues to rise, but suggests that organizations can improve their cyber resilience by a combination of process and […] | |||
|
2020-06-15 13:47:25 | The Latest Mobile Security Threats and How to Prevent Them (lien direct) | For many of us, the last few months have drastically increased our reliance on mobile capabilities. Through the increased use of corporate mobile apps, virtual private networks (VPNs), hot spots and more, mobile communications are more ubiquitous than ever. Because of this enhanced, unprecedented and sudden dependence on mobile capabilities, mobile security should be at […] | |||
|
2020-06-11 12:48:41 | Multifactor Authentication: The Next Battleground (lien direct) | X-Force Incident Response and Intelligence Services (IRIS) has responded to multiple security incidents where multifactor authentication (MFA) was not implemented-but where implementing MFA might have significantly reduced the impact of the incident. Such incidents have even included destructive malware attacks, resulting in millions of dollars in losses and the irreversible destruction of thousands of machines on the network. […] | Malware | ||
|
2020-06-10 13:00:00 | The Journey to Simplicity: User Experience in Security (lien direct) | Keeping an organization secure is no easy task, especially with the explosion in cloud adoption and digital transformation against a backdrop of increasingly dangerous threats and threat actors. We can all recite the challenges that security teams struggle with - too many solutions, not enough people, not enough visibility. With the average organization deploying 25 […] | Threat | ||
|
2020-06-10 12:30:03 | How Threat Actors Are Adapting to the Cloud (lien direct) | With organizations increasingly moving to cloud environments, cloud security is more critical than ever. Cloud environments often hold large troves of valuable and sensitive data that can put organizations and their customers at risk if they are breached. At the same time, many organizations are still discovering best practices surrounding cloud security and incident response. […] | Threat | ||
|
2020-06-09 13:19:09 | Three Key Pillars of Smart Identity (lien direct) | For years, identity and access management (IAM) was that painful necessity that businesses knew they had to spend time and resources on, but it was always done kind of grudgingly. Oh, how times have changed! CIOs and CISOs alike have recognized the critical role that identity plays in an overall digital transformation and security program centered […] | |||
|
2020-06-08 09:00:09 | German Task Force for COVID-19 Medical Equipment Targeted in Ongoing Phishing Campaign (lien direct) | During the course of ongoing research on coronavirus-related cyber activity, IBM X-Force Incident Response and Intelligence Services (IRIS) uncovered a COVID-19 related phishing campaign targeting a German multinational corporation (MNC), associated with a German government-private sector task force to procure personal protective equipment (Task Force Schutzausrüstung). The group has been commissioned to use their international […] | |||
|
2020-06-04 13:00:42 | Shift Your Cybersecurity Mindset to Maintain Cyber Resilience (lien direct) | As the business world navigates the ups and downs of today's economy, a mindset shift will be required to maintain cyber resilience. |
To see everything:
Our RSS (filtrered)
