What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-07-22 12:05:47 | Authlogics announces enhancements to its Password Security Management Product (lien direct) | Authlogics has announced the latest enhancements to its dynamic Password Security Management (PSM) product. The new features will help enterprises 'level up' their password policies in order to ensure heightened security. Instead of traditional costly policies which encourage users to change their passwords at regular intervals, PSM will bridge the gap between a fixed expiry date […] | |||
|
2021-07-21 14:46:43 | Back to work: Onslaught of personal devices could pose serious cybersecurity risk (lien direct) | A nationwide survey of 2,000 UK employees conducted by Censuswide on behalf of Armis, the unified asset visibility and security platform provider, analyses the new working culture and security of personal devices before the inevitable return to the office. The results demonstrate a heightened cybersecurity threat as the majority of the UK workforce (61%) intend […] | Threat | ||
|
2021-07-20 10:56:48 | Armis: Top Performer in Asset Visibility and Real-Time Detection in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) (lien direct) | Armis has announced its official participation in MITRE Engenuity's initial round of ATT&CK® Evaluations for industrial control systems (ICS). In these tests, MITRE Engenuity used the MITRE ATT&CK® knowledge base to emulate the tactics and techniques used in the TRITON malware attack against a petrochemical facility in Saudi Arabia. This malware was used to interact […] | Malware | ||
|
2021-07-19 14:33:08 | Netflix password crackdown: why users should be arguing for stronger measures (lien direct) | It was long overdue, but Netflix has finally started to explore ways to address its password problem. By prompting viewers to prove that they live with the holder of that account by receiving a code, sent via text or email, they are hoping to weed out password freeloaders who, let's face it, are probably costing […] | ★★ | ||
|
2021-07-19 14:25:39 | Combatting ransomware: a holistic approach (lien direct) | Although cybercrime as a whole has seen a rise during the pandemic, arguably ransomware has been one of the more successful and lucrative attack types. According to the World Economic Forum 2020 Global Risk Report, ransomware was the third most common, and second most damaging type of malware attack recorded last year, with payouts averaging […] | Ransomware Malware | ★★★★★ | |
|
2021-07-19 14:20:20 | The new ransomware threat: triple extortion (lien direct) | By the time you have finished reading this sentence, an organisation somewhere in the world will have fallen victim to a ransomware attack and had at least some of its corporate data encrypted. Globally, on average, the criminals behind ransomware attacks hit a new organisation every 10 seconds, but less than five years ago, it […] | Ransomware | ★★★★★ | |
|
2021-07-19 13:59:17 | Preparing for the ever-growing threat of ransomware (lien direct) | Ransomware is a growing threat to every organisation on the planet; it seems we can't go a day without seeing another high-profile ransomware attack being detailed in mainstream media. Cyber-criminals are innovating at a phenomenal pace in this growing 'industry', because they have the funds to do so. In fact, many cyber-criminal groups have more […] | Ransomware Threat | ||
|
2021-07-19 13:49:38 | It\'s time to get ahead of weaponised vulnerabilities (lien direct) | It comes as no surprise that the Covid-19 pandemic has resulted in an increase in security gaps. The global crisis revealed a multitude of nascent cyber-security shortcomings, including a lack of agility to support homeworking and an overreliance on on-premise security. It also created a whole host of new challenges, from scam Covid-related domains to […] | |||
|
2021-07-16 10:08:19 | OneLogin Eases Adoption of Zero Trust Framework with Delegated Administration (lien direct) | OneLogin has announced the launch of its Delegated Administration offering, which enables organizations to adopt the Zero Trust principle of least privilege access. By empowering IT administrators to easily delegate access on a granular level, organizations can balance productivity requirements with the need to aggressively protect their organization against security threats. OneLogin's Delegated Administration tool […] | Tool | ||
|
2021-07-14 16:22:30 | Security and HR phishing scams are luring employees, KnowBe4 report finds (lien direct) | KnowBe4, the provider of the world's largest security awareness training and simulated phishing platform, has revealed the results of its Q2 2021 top-clicked phishing report. There has been a significant rise in phishing email attacks related to HR topics, particularly regarding new policies that would affect all employees throughout organisations. Real phishing emails that were […] | ★★★★ | ||
|
2021-07-14 11:34:14 | Outpost24 acquires threat intelligence provider Blueliv (lien direct) | Outpost24 has acquired Blueliv, one of the world’s leading cyber threat intelligence companies which will create one of the largest cybersecurity providers in Europe. The objective: to provide the most advanced threat landscape monitoring solution to help businesses identify threats targeting their organizations and dramatically reduce risk exposure. “It has been a difficult 18 months […] | Threat Guideline | ||
|
2021-07-13 16:14:46 | Top 5 features of a secure password reset solution (lien direct) | Passwords are the first line of defense when it comes to digital security. For most businesses, each employee is going to have at least one username and password that they need to remember. In many cases, there will be many. This is, of course, is in addition to all of their personal accounts and passwords which are sometimes used on the same device […] | |||
|
2021-07-13 10:29:49 | Armis discloses critical vulnerability that allows remote takeover of Schneider Electric industrial controllers (lien direct) | Researchers at Armis, the unified asset visibility and security platform provider, have disclosed the discovery of an authentication bypass vulnerability in Schneider Electric's Modicon programmable logic controllers (PLCs) that can lead to remote-code-execution (RCE). The vulnerability, dubbed Modipwn, allows for a complete takeover of impacted devices by leveraging the UMAS protocol, and impacts Modicon M340, M580 […] | Vulnerability Guideline | ||
|
2021-07-09 15:59:17 | Security professionals wish cloud providers would deliver specific security improvements, survey reveals (lien direct) | Of the 73% of security professionals with responsibility for the security of public cloud who operate in a multi-cloud environment, 98% think these more complex environments pose greater security challenges, a survey conducted for Tripwire by Dimensional Research reveals. Organizations have a wide range of reasons for going multi-cloud, including meeting varying business needs, running certain applications, distributing […] | |||
|
2021-07-02 14:45:45 | Nominations open for 6th annual Security Serious Unsung Heroes Awards (lien direct) | The sixth annual Security Serious Unsung Heroes Awards are now open for nominations. This is a chance to celebrate the people working on the frontlines to fight against cyber threats, no matter if they work in the classroom, law enforcement or corporate organisations. This year sees three new categories introduced, which will be for Business […] | |||
|
2021-07-02 13:00:29 | FCA rules Binance won\'t be allowed to conduct regulated activity in the UK (lien direct) | This week, news broke that the Financial Counduct Authority (FCA) has issued a warning to Binance, the world’s biggest cryptocurrency exchange. The ruling stated that firm cannot conduct any “regulated activity” in the UK, while also advising people to be wary of adverts promising high returns on crypto investments. Binance said the FCA notice would […] | |||
|
2021-06-30 13:39:59 | JFrog Acquires Vdoo to bolster Continuous Security from Development to Device (lien direct) | The liquid software company, JFrog has announced its intention to acquire Vdoo Connected Trust Ltd. (“Vdoo”). The company plans to accelerate its efforts to provide an industry-leading security offering to support DevOps users as they respond to the disruption in the market for continuous software delivery. As part of the JFrog Platform, Vdoo will accelerate […] | Guideline | ||
|
2021-06-30 12:59:15 | Access Control: The 5 Single Sign-On Benefits (lien direct) | In March 2020, many people began working from home due to the COVID-19 pandemic. The email to your teammates stating that you were “working from home” instantly had new meaning. Working from home resulted in additional risk management and security challenges for employees, executive leadership, and information technology (IT) teams. Organizations that had not embarked […] | Guideline | ||
|
2021-06-29 14:59:41 | New study from Armis reveals majority of UK workforce think cyberattacks will have major impact on everyday life (lien direct) | Armis, a unified asset visibility and security platform provider, has today released results from a survey that looked at the UK’s attitude towards cyberattacks on critical infrastructure. The study, carried out by Censuswide*, found that nearly 9 in 10 (87%) believe that cyberattacks on critical services, such as oil suppliers, healthcare services, police departments or […] | |||
|
2021-06-25 15:23:56 | REvil strikes Healthcare giant Grupo Fleury (lien direct) | This week, Brazilian healthcare giant Grupo Fleury suffered a ransomware attack. Business operations were impaired up to the point that systems had to be shut down, leaving patients unable to book appointments for labs and other medical examinations online. On the 22nd of June, the Grupo Fleury website began displaying a warning message, alerting to the fact that its […] | |||
|
2021-06-25 15:08:28 | PS3 users reportedly banned from their accounts as a result of possible data breach (lien direct) | Sony has reportedly faced a security breach which resulted in millions of PS3 IDs being leaked to the hackers. This is thought to be the reason behind lots of PS3 users reporting in the PSN forums that they were banned for no reason whatsoever, according to reporting from Sportskeeda. While there is not enough evidence […] | Data Breach | ||
|
2021-06-25 14:48:29 | #RansomAware: Coalition forms to fight back on ransomware (lien direct) | A new cybersecurity coalition, which is backed by IT Security Guru, has launched this week in a move to fight back against ransomware. The coalition is part of a new movement headed by managed security service provider Talion, called #RansomAware, which encourages organisations to come clean on ransomware and speak up about the attacks they […] | Ransomware | ||
|
2021-06-24 15:48:52 | AT&T Alien Labs researchers analyse Linux version of Darkside ransomware (lien direct) | Shortly after hitting Colonial Pipeline, Darkside developers announced they would be closing operations. Nevertheless, researchers at AT&T Alien Labs have observed evidence that the group has completed a Linux version of its malware that is targeting ESXi servers hosting VMware virtual machines. To this point, the authors announced the Darkside 2.0 version with Linux capabilities. […] | Ransomware Malware | ||
|
2021-06-24 14:05:24 | Product news: One Identity\'s new next-generation PAM offerings (lien direct) | Safeguard Secure Remote Access provides a frictionless method for employees and contractors to securely access systems with privileged accounts from anywhere Endpoint Privilege Management helps organizations secure privilege on endpoints such as Windows desktops, Linux, and AD/AAD networks and attached systems Safeguard for DevOps enables developers to 'shift left' and build a secure secrets […] | |||
|
2021-06-24 13:17:55 | Comparitech finds 1 in 5 Google Play Apps for kids violates Children\'s Online Privacy Protection Act (lien direct) | Recent research from security and privacy comparison and advice website Comparitech.com, which has looked at children’s apps available through Google Play has found that 1 in 5 breach COPPA rules. Even more worrying is that half of the apps that violate the rules have received a “teacher-approved” badge. COPPA, imposed by the Federal Trade Commission […] | |||
|
2021-06-22 14:55:56 | Lookout expands partnership with Google Cloud to deliver endpoint to cloud security (lien direct) | Mobile security specialists, Lookout Inc. has announced it now has an expanded partnership with Google Cloud to provide endpoint-to-cloud security to organisations around the world. The new partnership will see Lookout deliver BeyondCorp Alliance product integrations and debuted its Lookout Mobile Endpoint Security solution on Google Cloud Marketplace. Lookout will reportedly bring additional choice of […] | |||
|
2021-06-22 10:27:08 | ITHC (IT Health Check) and PSN compliance: an overview and considerations (lien direct) | What is an IT Health Check (ITHC) An ITHC (IT Health Check) is a series of tests to ensure that your organisation is impenetrable to unauthorised persons. Specifically, organisations or individuals conduct an ITHC to confirm that they meet key requirements for PSN compliance. Direct from the ITHC supporting guidance: “Your ITHC should aim to provide assurance […] | |||
|
2021-06-17 10:45:29 | Biden says 16 sectors should be off limits to attack (lien direct) | In a speech on Wednesday, the U.S. President, Joe Biden told the Russian President, that 16 sectors of critical infrastructure should be “off-limits” to attacks, specifically cyberattacks. Unfortunately, analysts believe his efforts to be futile. Robert Golladay, the EMEA and APAC director at Illusive claims that “the fact that one of the leaders of the […] | Guideline | ||
|
2021-06-17 10:08:14 | Over a billion CVS health records exposed (lien direct) | On Thursday, an online database belonging to CVS Health was discovered online. This was the result of another misconfigured cloud service, which can significantly impact security and lead to a massive data leak. The uncovered database was not password-protected and had no security defences in place to prevent access from unauthorised persons. The database was […] | Guideline | ||
|
2021-06-16 14:33:52 | The Legacy of Security Champions (lien direct) | What will the legacy of security leaders be in the years to come? Will they be remembered as the defenders of the cyber realm, heroes or will history view them as annoying barriers who did nothing but slow down innovation? Many security leaders agree that too many times, the security team is viewed as the […] | Guideline | ||
|
2021-06-16 10:47:10 | Business security remains resilient in the wake of coronavirus (lien direct) | The coronavirus pandemic has put cybersecurity under a renewed spotlight. New ways of working and a fragmented workforce has challenged CISOs and their security teams; as the threat landscape has grown, nefarious actors have jumped at the chance to exploit the ever-fluid situation. We have seen attacks grow in frequency and sophistication; Telstra's Agility Report, […] | Threat | ||
|
2021-06-16 10:35:30 | Armis welcomes Crowdstrike\'s Michael Carpenter to company Board (lien direct) | Armis, the unified asset visibility and security platform provider, has announced the appointment of Michael Carpenter to Armis' Board of Directors. As the President of Global Sales and Field Operations at Crowdstrike, he was instrumental in expanding the sales organisation worldwide and generating business growth at incredible scale. This led to its IPO in 2019 […] | |||
|
2021-06-15 15:26:41 | CyberSmart Disrupts SME Cybersecurity with $10 million Series A Funding (lien direct) | CyberSmart has today announced the completion of a successful over-subscribed Series A funding round, bringing the total raised to over $10 million. Alongside deeptech fund IQ Capital and with the additional support of InsurTech specialist, Eos Venture Partners, and data science focused Winton Ventures, CyberSmart is set to further disrupt the cybersecurity market. The funding […] | |||
|
2021-06-11 15:56:08 | Ransomware will cost its victims more around $265 billion (USD) annually by 2031, Cybersecurity Ventures predicts (lien direct) | According to a report published by Cybersecurity Ventures, ransomware payments are predicted to cost victims over $265 billion by 2031. This isn’t difficult to imagine, given the recent streak of high-profile attacks, some of which caused a ripple effect that reflected on consumers finding themselves having to pay more for gas and finding heftier price […] | Ransomware | ||
|
2021-06-11 10:54:22 | One Identity Strengthens Executive Team (lien direct) | One Identity, the identity-centric security company, today announced the appointment of four executives that bring a wealth of software-as-a-service (SaaS) expertise to the organisation. The appointment of Rima Pawar as Vice President of Product Management, Joe Garber as Vice President of Marketing, Teri Robb as Vice President of North American Sales and Chris Wood as […] | |||
|
2021-06-10 10:42:59 | European Cybersecurity Blogger Awards 2021– Winners Announced! (lien direct) | Yet another year has passed, and so too has another evening celebrating the industry's best bloggers, podcasters, and social media personalities! Unfortunately, we've had to skip the pub again and opt for a virtual awards ceremony but as usual, we remain consistent with the alcohol supply. Thanks to our sponsors Qualys and KnowBe4, cocktail kits were delivered for free to all […] | |||
|
2021-06-08 16:13:19 | Software Giant Expands its Capabilities with Acquisition of Code Dx (lien direct) | Synopsys, Inc. has just recently announced that it has acquired Code Dx, provider of an award-winning application security risk management solution that automates and accelerates the discovery, prioritisation, and remediation of software vulnerabilities. This move by the software giant will allow customers to receive consolidated risk reporting and prioritisation across correlated software vulnerability data produced […] | Vulnerability | ||
|
2021-06-08 12:43:23 | Synopsys discovers denial of service vulnerabilities in RabbitMQ, EMQ X, and VerneMQ (lien direct) | The Synopsys Cybersecurity Research Center (CyRC) has exposed three separate denial of service vulnerabilities in open source message broker applications. Message brokers are used in software systems to enable multiple independent components to reliably and robustly exchange information. RabbitMQ, EMQ X, and VerneMQ are three open source message brokers. In each, CyRC research uncovered input that causes […] | |||
|
2021-06-07 14:59:37 | EVENT: OMICRON presents online conference on securing critical infrastructure (lien direct) | Due to the introduction of the EU Directive on Security of Network and Information Systems in 2016, cybersecurity measures are becoming increasingly important, especially for critical infrastructure such as electricity or water supply, or for large industrial companies. Our concise online conference will explore the ongoing technical challenges faced in securing critical infrastructure against potential […] | ★★★★ | ||
|
2021-06-07 11:49:31 | New AT&T Cybersecurity USM Anywhere Advisors Service Helps to Establish and Maintain Threat Detection and Response Effectiveness (lien direct) | AT&T Cybersecurity has announced its AT&T USM Anywhere platform will now offer on-demand advisory service for new and existing customers to tackle threat detection and response faster. The company recognises that security teams are often overwhelmed and understaffed. Therefore, the ability to confidently respond to threats is limited by the maturity of their cybersecurity technologies to react quickly to alerts. Also, […] | Threat | ||
|
2021-06-03 10:51:47 | White House contacts Russia following JBS ransomware attack (lien direct) | The White House has been in contact with Russia following a ransomware attack on JBS, the world’s largest meatpacking company. The attack which took place earlier this week resulted in the shutdown of operations in Australia and America. The White House has offered JBS assistance from the Department of Agriculture. JBS has been working alongside […] | Ransomware | ||
|
2021-06-03 10:22:56 | New York\'s subway breached by hackers (lien direct) | The Metropolitan Transportation Authority (M.T.A) was victim to a cyberattack in April when a hacking group accessed the authorities computer systems. The hacking group who are thought to have ties with China breached three M.T.A's computer systems. The breach took place over 2 days in April but was left unchecked for several days until it […] | |||
|
2021-06-02 14:46:33 | DOJ seized two domains used by NOBELIUM to impersonate USAID (lien direct) | The US Department of Justice (DOJ) has seized two Internet domains following a phishing campaign that impersonated the U.S. Agency for International Development (USAID) in order to distribute malware. The attacks were disclosed by Microsoft last Thursday. Microsoft stated that the campaign was conducted by NOBELIUM, a Russian state-affiliated hacking group also known as The […] | ★★★★ | ||
|
2021-06-02 14:08:09 | XSS Vulnerability found in WordPress Plugin (lien direct) | A security researcher has discovered an XSS vulnerability in the ReDi Restaurant Reservation WordPress plugin. Bastijn Ouwendijk has publically shared his findings of the popular WordPress plugin which is used to manage reservations for online businesses. The ReDi Restaurant Reservation plug-in currently has more than 1000+ live installations. Ouwendijk stated in his poster that attackers […] | Vulnerability | ||
|
2021-06-02 13:14:04 | Six million players\' profiles leaked following cloud misconfiguration (lien direct) | AMT Games has accidentally exposed almost six million players profiles due to a misconfigured cloud database. The Chinese game developer produces a number of titles, which have millions of downloads. Players of the popular Battle for the Galaxy title have been affected by the data leak, which has seen 1.5TB of data exposed from an […] | |||
|
2021-05-28 08:15:29 | FBI warns of Fortinet vulnerabilities (lien direct) | FBI has issued a warning about vulnerabilities in Fortinet after an APT group hacked a local government office. According to ZDnet, the FBI release did not say which government office had been attacked through a Fortigate appliance. The flash alert was issued on Thursday after it discovered that a local government office was attacked through […] | ★★★★ | ||
|
2021-05-28 08:09:09 | Army sends memo to remote workers reminding them of IoT security risks in-home (lien direct) | GCN has reported that the Army has reminded remote workers in-home IoT devices pose security risks. The Army wants to be sure remote workers aren't allowing smart devices in their home to listen in on any government-related conversations. In a memo dated 25th May, Army CIO Raj G. Iyer described mandatory procedures teleworkers must use […] | ★★★★★ | ||
|
2021-05-27 08:03:28 | Crypto fraud on social media is rife (lien direct) | Computer Weekly has reported that millions of pounds are lost to crypto fraud on social media. According to Action Fraud, more than £63m has been lost nationally by victims of investment fraud via a social media platform. British citizens have lost this huge sum of money in the past year to investment fraud conducted via […] | ★★★★★ | ||
|
2021-05-27 07:56:55 | Which? gives banks deadline on disclosing fraud refund rates (lien direct) | Banks have been urged by Which? to disclose fraud refund rates, according to Money Expert. It reported that the consumer advocacy agency has told banks they should reveal how often they reimburse customers who fall victim to bank transfer scams and has given financial institutions until Friday to disclose their reimbursement rates. This comes after […] | ★★★ | ||
|
2021-05-27 07:48:30 | VSCode Extension vulnerabilities could lead to cyberattacks on the supply chain (lien direct) | The Hacker News has reported that newly discovered bugs in VSCode Extensions could lead to supply chain attacks. The severe security flaws uncovered in the popular Visual Studio Code extensions could enable attackers to compromise local machines and build/deployment systems through a developer’s integrated development environment (IDE). The vulnerable extensions can also be exploited to […] | Guideline |
To see everything:
Our RSS (filtrered)
