What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-12-05 14:00:00 | Did Brazil DSL Modem Attacks Change Device Security? (lien direct) | >From 2011 to 2012, millions of Internet users in Brazil fell victim to a massive attack against vulnerable DSL modems. By configuring the modems remotely, attackers could redirect users to malicious domain name system (DNS) servers. Victims trying to visit popular websites (Google, Facebook) were instead directed to imposter sites. These rogue sites then installed […] | ★★ | ||
|
2022-11-28 14:00:00 | Worms of Wisdom: How WannaCry Shapes Cybersecurity Today (lien direct) | >WannaCry wasn’t a particularly complex or innovative ransomware attack. What made it unique, however, was its rapid spread. Using the EternalBlue exploit, malware could quickly move from device to device, leveraging a flaw in the Microsoft Windows Server Message Block (SMB) protocol. As a result, when the WannaCry “ransomworm” hit networks in 2017, it expanded […] | Ransomware Malware | Wannacry Wannacry | ★★ |
|
2022-11-22 17:00:00 | RansomExx Upgrades to Rust (lien direct) | >IBM Security X-Force Threat Researchers have discovered a new variant of the RansomExx ransomware that has been rewritten in the Rust programming language, joining a growing trend of ransomware developers switching to the language. Malware written in Rust often benefits from lower AV detection rates (compared to those written in more common languages) and this […] | Ransomware Malware Threat | ★★★★ | |
|
2022-11-16 21:00:00 | Moving at the Speed of Business - Challenging Our Assumptions About Cybersecurity (lien direct) | >The traditional narrative for cybersecurity has been about limited visibility and operational constraints — not business opportunities. These conversations are grounded in various assumptions, such as limited budgets, scarce resources, skills being at a premium, the attack surface growing, and increased complexity. For years, conventional thinking has been that cybersecurity costs a lot, takes a […] | |||
|
2022-11-15 14:00:00 | Effectively Enforce a Least Privilege Strategy (lien direct) | >Every security officer wants to minimize their attack surface. One of the best ways to do this is by implementing a least privilege strategy. One report revealed that data breaches from insiders could cost as much as 20% of annual revenue. Also, at least one in three reported data breaches involve an insider. Over 78% […] | ★★ | ||
|
2022-11-10 14:00:00 | Reporting Healthcare Cyber Incidents Under New CIRCIA Rules (lien direct) | >Numerous high-profile cybersecurity events in recent years, such as the Colonial Pipeline and SolarWinds attacks, spurred the US government to implement new legislation. In response to the growing threat, President Biden signed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) in March 2022. While the law has passed, many healthcare organizations remain […] | |||
|
2022-11-08 17:15:00 | Defending Education from Cyber Threat Attackers (lien direct) | >Threat actors — and particularly ransomware attackers — have education institutions in their crosshairs. From Vice Society’s September attack on schools in California to Snach’s late October assault on schools in Wisconsin, threat actors are not holding back when it comes to preying on schools. K-12 schools are the most vulnerable within the education industry, […] | Ransomware Threat | ||
|
2022-11-08 14:00:00 | Millions Lost in Minutes - Mitigating Public-Facing Attacks (lien direct) | >In recent years, many high-profile companies have suffered destructive cybersecurity breaches. These public-facing assaults cost organizations millions of dollars in minutes, from stock prices to media partnerships. Fast Company, Rockstar, Uber, Apple and more have all been victims of these costly and embarrassing attacks. The total average cost of a data breach has increased by […] | Data Breach | Uber | |
|
2022-11-07 17:29:50 | How the Mac OS X Trojan Flashback Changed Cybersecurity (lien direct) | >Not so long ago, the Mac was thought to be impervious to viruses. In fact, Apple once stated on its website that “it doesn’t get PC viruses”. But that was before the Mac OS X Trojan Flashback malware appeared in 2012. Since then, Mac and iPhone security issues have changed dramatically — and so has […] | Malware | ||
|
2022-11-03 13:00:00 | Overcoming Distrust in Information Sharing: What More is There to Do? (lien direct) | >As cyber threats increase in frequency and intensity worldwide, it has never been more crucial for governments and private organizations to work together to identify, analyze and combat attacks. Yet while the federal government has strongly supported this model of private-public information sharing, the reality is less than impressive. Many companies feel that intel sharing […] | |||
|
2022-10-25 10:00:00 | A Day in the Life: Working in Cyber Incident Response (lien direct) | >As a cybersecurity incident responder, your life can go from zero to 100 in a heartbeat. One moment you are sipping a beverage reading the latest threat intelligence or getting the kids ready for bed; the next, you may be lunging for your “go bag” because you cannot remote in to the breached system. It’s […] | Threat | ||
|
2022-10-20 15:30:00 | How to Keep Your Secrets Safe: A Password Primer (lien direct) | >There are two kinds of companies in the world: those that have been breached by unethical hackers, and those that have been breached and don’t know it yet. Hackers are relentless. Today’s cyberattacks have evolved into high-level espionage perpetrated by robust criminal organizations or nation-states. In the era of software as a service (SaaS), enterprise […] | |||
|
2022-10-18 13:00:00 | Threat Management and Unified Endpoint Management (lien direct) | >The worst of the pandemic may be behind us, but we continue to be impacted by it. School-aged kids are trying to catch up academically and socially after two years of disruption. Air travel is a mess. And all businesses have seen a spike in cyberattacks. Cyber threats increased by 81% while COVID-19 was at […] | |||
|
2022-10-17 13:00:00 | 3 Ways EDR Can Stop Ransomware Attacks (lien direct) | >Ransomware attacks are on the rise. While these activities are low-risk and high-reward for criminal groups, their consequences can devastate their target organizations. According to the 2022 Cost of a Data Breach report, the average cost of a ransomware attack is $4.54 million, without including the cost of the ransom itself. Ransomware breaches also took […] | Ransomware Data Breach | ||
|
2022-10-13 13:00:00 | How Do Data Breaches Impact Economic Instability? (lien direct) | >Geopolitical conflict, inflation, job market pressure, rising debt — we’ve been hearing about economic headwinds for a while now. Could data breaches have anything to do with this? According to a recent IBM report, the average cost of a data breach has reached an all-time high. Like any other business liability, these costs must be […] | Data Breach | ||
|
2022-10-11 13:00:00 | How the US Government is Fighting Back Against Ransomware (lien direct) | >As ransomware-related payments surged toward $600 million in the first half of 2021, the U.S. government knew it needed to do more to fight back against cyber criminals. For many years, the Treasury’s Office of Foreign Assets Control (OFAC) had a Specially Designated Nationals and Blocked Persons List (SDN List for people or organizations acting […] | Ransomware | ||
|
2022-10-05 10:00:00 | What Experts Had To Say About the 2022 Cost of a Data Breach Report (lien direct) | >The 2022 Cost of a Data Breach report was eagerly anticipated by cybersecurity professionals and the technology industry as a whole. Following two years of increased remote work and other changes due to the pandemic, the report was an important benchmark on the lasting impact and future trends of data breaches. Not surprisingly, this year’s […] | Data Breach | ★★★★★ | |
|
2022-09-27 12:00:00 | 3 Keys to an Effective Enterprise IT Risk Management Strategy (lien direct) | >The average cost of a data breach hit a record high of $4.35 million, a 13% increase in the last two years, according to the 2022 Cost of a Data Breach report. In addition, laws are holding board members personally liable for IT security breaches and ineffective security controls, so it’s easy to see why […] | Data Breach | ★★ | |
|
2022-09-26 13:00:00 | Making the Leap: The Risks and Benefits of Passwordless Authentication (lien direct) | >The password isn’t going anywhere. Passwordless authentication is gaining momentum, though. It appears to be winning the battle of how companies are choosing to log in. Like it or not, the security industry must contend with both in the future. But for some businesses and agencies, going passwordless is the clear strategy. Microsoft, for instance, […] | ★★★ | ||
|
2022-09-22 13:00:00 | Does Follina Mean It\'s Time to Abandon Microsoft Office? (lien direct) | As a freelance writer, I spend most of my day working in Microsoft Word. Then, I send drafts to clients and companies across the globe. So, news of the newly discovered Microsoft Office vulnerability made me concerned about the possibility of accidentally spreading malware to my clients. I take extra precautions to ensure that I’m […] | Malware Vulnerability | ||
|
2022-09-21 10:00:00 | Companies Without Zero Trust Could Lose $1M More During a Data Breach (lien direct) | >In recent years, the mindset for cybersecurity has shifted. It isn’t a matter of if a company has a breach, but rather when a company has a breach. With the increase in cybersecurity incidents, most if not all companies will be victims of a data breach at some point. However, the latest research shows that organizations […] | Data Breach | ★★★★★ | |
|
2022-09-19 13:00:00 | 3 Reasons Why Technology Integration Matters (lien direct) | >As John Donne once wrote, “No man is an island entire of itself.” With digitalization bridging any distance, the same logic could be applied to tech. Threat actors have vast underground forums for sharing their intelligence, while security professionals remain tight-lipped in a lot of data breach cases. Much like the way a vaccine can […] | Data Breach Threat | ||
|
2022-09-08 13:00:00 | Chasing the Cyber 1%: How to Beat the Cybersecurity Poverty Line (lien direct) | >In cybersecurity, there are the haves and have-nots. For the latter, improving their security posture to defend against threats is rarely straightforward. While attackers become more high-tech, the gap between ‘the cyber 1%’ and those companies below the ‘cybersecurity poverty line’ grows wider. That poses a threat to all companies. What is the cyber poverty […] | Threat | ||
|
2022-09-07 10:00:00 | The Cost of a Data Breach for Government Agencies (lien direct) | >What happens when attackers breach local government, police departments or public health services? What would happen if attackers compromised the U.S. Treasury’s network? These types of incidents happen every month and lead to service interruptions at the very least. More serious problems could occur, such as leakage of classified data or damage to critical infrastructure. […] | Data Breach Guideline | ||
|
2022-09-02 23:04:57 | Cyber insurance costs soar amid ransomware attacks (lien direct) | >Ransomware attacks and recurring breaches cause insurers to rethink risk as prices rise and policies get increasingly harder to obtain. That cyberattacks have been on the rise is one fact we unfortunately read every year. The cost of these attacks has also been rising steadily, standing at a global average of $4.35 million, according to […] | Ransomware | ||
|
2022-09-01 16:20:00 | Raspberry Robin and Dridex: Two Birds of a Feather (lien direct) | >IBM Security Managed Detection and Response (MDR) observations coupled with IBM Security X-Force malware research sheds additional light on the mysterious objectives of the operators behind the Raspberry Robin worm. Based on a comparative analysis between a downloaded Raspberry Robin DLL and a Dridex malware loader, the results show that they are similar in structure […] | Malware | ||
|
2022-08-31 10:00:00 | Cost of a Data Breach: Retail Costs, Risks and Prevention Strategies (lien direct) | >Whether it’s online or brick-and-mortar, every new store or website represents a new potential entry point for threat actors. With access to more personally identifiable information (PII) of customers than most industries, bad actors perceive retail as a great way to cash in on their attacks. Plus, attackers can duplicate attack methods more easily since […] | Threat | ||
|
2022-08-30 13:00:00 | How and Why Do Teens Become Cyber Criminals? (lien direct) | >The search to find the mastermind of the attacker group Lapsus$ led to a home outside Oxford, England. The suspected leader was a 16-year-old. He helped take down some of the world’s biggest companies, including Microsoft, from his mother’s house. The BBC reported the teen is alleged to have earned $14 million from his attacks. […] | Guideline | ||
|
2022-08-29 13:00:00 | How Cybersecurity Policy Has Changed Since the SolarWinds Attack (lien direct) | >Major cyberattacks since 2019 jolted the U.S. government and software industry into action. The succeeding years have seen executive orders, new funding, two summits and a newfound resolve. Because of those attacks, the federal government aims to fix the open-source software security threat altogether. But what has really come of these efforts in the last […] | Threat | ||
|
2022-08-24 10:00:00 | The Ransomware Playbook Mistakes That Can Cost You Millions (lien direct) | >If there is one type of cyberattack that can drain the color from any security leader’s face, it’s ransomware. A crippling, disruptive, and expensive attack to recover from, with final costs rarely being easy to foretell. Already a prevalent threat, the number of ransomware attacks rose during the pandemic and nearly doubled in the year […] | Ransomware Guideline | ||
|
2022-08-19 13:00:00 | How EDR Security Supports Defenders in a Data Breach (lien direct) | >The cost of a data breach has reached an all-time high. It averaged $4.35 million in 2022, according to the newly published IBM Cost of a Data Breach Report. What’s more, 83% of organizations have faced more than one data breach, with just 17% saying this was their first data breach. What can organizations do […] | Data Breach | ||
|
2022-08-18 15:58:00 | From Ramnit To Bumblebee (via NeverQuest): Similarities and Code Overlap Shed Light On Relationships Between Malware Developers (lien direct) | >A comparative analysis performed by IBM Security X-Force uncovered evidence that suggests Bumblebee malware, which first appeared in the wild last year, was likely developed directly from source code associated with the Ramnit banking trojan. This newly discovered connection is particularly interesting as campaign activity has so far linked Bumblebee to affiliates of the threat […] | Malware Threat | ||
|
2022-08-17 16:02:00 | Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High (lien direct) | >IBM Security and the Ponemon institute release an annual report known as one the most significant industry benchmarks. The Cost of a Data Breach analysis examines real-world breaches in great detail, producing insights into the factors that impact the cost of cyber-attacks. In the 2022 report just released, the healthcare sector stands out for extremely […] | Data Breach | ||
|
2022-08-16 13:00:00 | X-Force 2022 Insights: An Expanding OT Threat Landscape (lien direct) | >This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape […] | Threat | ||
|
2022-08-11 13:00:00 | Incident Response for Health Care IT: Differences and Drivers (lien direct) | >Threat actors continue to target the health care industry. IBM’s Threat Intelligence Index for 2022 rates the industry as the sixth most targeted. That puts it close behind the energy and retail and wholesale sectors. Certain regions seem to be more prone to attack as well. The Asia-Pacific region accounted for 39% of all health […] | Threat | ★★★ | |
|
2022-08-10 10:00:00 | Security Automation Can Save You $3.05M in a Data Breach (lien direct) | >When it comes to reducing security breach costs, companies with security artificial intelligence (AI) and automation can save millions, per a new report. According to the most recent IBM Cost of a Data Breach Report, organizations with fully deployed security AI and automation save $3.05 million per data breach compared to those without. That’s a 65.2% […] | Data Breach | ||
|
2022-08-05 13:00:00 | Fishy Business: What Are Spear Phishing, Whaling and Barrel Phishing? (lien direct) | >For threat actors, phishing embodies the holy trinity of goals: easy, effective and profitable. It’s no wonder that the 2022 X-Force Threat Intelligence Index reports that phishing was the top method used by attackers to breach an organization. Of all the attacks that X-Force remediated in 2021, attackers used phishing in 41% of them. Because […] | Threat | ||
|
2022-08-01 13:00:00 | How to Prepare for and Respond to a Data Privacy Breach (lien direct) | >Before I started covering cybersecurity, I thought the term ‘breach’ had a single meaning — that an attacker stole data from a computer system. I also thought all the different versions of the word meant the same thing. However, I’ve since learned the nuances and differences between a breach, a data breach and a data […] | Data Breach | ||
|
2022-07-27 04:01:00 | What\'s New in the 2022 Cost of a Data Breach Report (lien direct) | >The average cost of a data breach reached an all-time high of $4.35 million this year, according to newly published 2022 Cost of a Data Breach Report, an increase of 2.6% from a year ago and 12.7% since 2020. | Data Breach | ||
|
2022-07-25 13:00:00 | U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack (lien direct) | >More than a year ago, a ransomware attack made the news across the nation. The Colonial Pipeline Company announced on May 7, 2021, that the DarkSide Ransomware-as-a-Service group, based in eastern Europe, had hit it. The FBI has since confirmed DarkSide, which has since shut down, as the threat actors. What’s changed about U.S. cyber […] | Ransomware Threat | ||
|
2022-07-21 13:00:00 | 20 Years Ago in Cybersecurity: Massive DDoS Attack Hits the Roots of the Internet (lien direct) | >It was considered the “largest ever” internet attack in 2002. This distributed denial of service attack hit seven of the 13 servers at the top of the internet’s domain name system hierarchy. Now, 20 years later, its origins remain mysterious, but its methods and size still make it stand out. It isn’t the largest by […] | |||
|
2022-07-19 13:00:00 | Hospital Ransomware Attack: Here\'s What a Cybersecurity Success Story Sounds Like (lien direct) | Major ransomware attacks are scary, but against hospitals, they are even worse. One notable attack in August 2021 forced Ohio’s Memorial Health System emergency room to shut down (patients were diverted to other hospitals). In all hospital attacks, the health, safety, privacy and lives of patients face risk. But this incident also shows that whether targets […] | Ransomware | ★★★★★ | |
|
2022-07-15 13:00:00 | What Cybersecurity Teams Can Learn From the US Cyber Command\'s \'Hunt Forward\' (lien direct) | After decades of playing defense, the United States government went on the offense in the past few years against global state-sponsored cyber attackers. U.S. Cyber Command conducted “hunt forward” operations recently in 16 countries, including in Ukraine, as part of a policy set in 2018. This policy involves partnering with foreign countries on finding cyber […] | |||
|
2022-07-07 13:00:00 | What Is Endpoint Detection and Response? (lien direct) | >Endpoint Detection and Response: How To Choose the Right EDR Solution A rise in remote work trends has led to a rapid increase and interconnectivity of endpoints and data in recent years. This ‘next normal’ way of working comes with its own set of security challenges – from the rise in sophisticated and automated attacks […] | ★★★ | ||
|
2022-06-30 13:00:00 | Is 2022 the Year of Secure Access Service Edge? (lien direct) | >In 2022, nearly 60% of U.S. workers (whose work can be done remotely) work from home all or most of the time. Remote work coupled with the explosion of apps, APIs, devices and Internet of Things (IoT) shows us no organization can afford to think about the perimeter in yesterday’s terms anymore. SASE (Secure Access […] | |||
|
2022-06-29 16:00:00 | 4 Ways AI Capabilities Transform Security (lien direct) | >Many industries have had to tighten belts in the “new normal”. In cybersecurity, artificial intelligence (AI) can help. Every day of the new normal we learn how the pandemic sped up digital transformation, as reflected in the new opportunities and new risks. For many, organizational complexity and legacy infrastructure and support processes are the leading […] | Guideline | ||
|
2022-06-28 20:00:00 | Five Key Trends on SOC Modernization (lien direct) | >For SOCs looking to improve their ability to detect and respond to threats efficiently and effectively, Extended Detection and Response (XDR) has generated increasing amounts of excitement and discourse in the industry. XDR was one of the hottest topics at RSA 2022, but like with many “hot new trends,” perspectives on what XDR actually is, […] | Threat | ||
|
2022-06-28 13:00:00 | Digital Shadows Weaken Your Attack Surface (lien direct) | >Every tweet, text, bank transaction, Google search and DoorDash order is part of your digital shadow. We all have one, and the contents of your shadow aren’t always private. For example, in April 2021 attackers leaked data containing the personal information of over 533 million Facebook users from 106 countries. Sure, you might want your tweet […] | |||
|
2022-06-23 13:00:00 | Attracting Cybersecurity Talent Takes an Open Mind, Creativity and Honesty (lien direct) | >Retaining cybersecurity talent can be difficult. Along with our previous tips, how can you attract great workers? Difficulties and Positive Changes The recent ISACA State of Cybersecurity 2022 survey provides some key markers: Unfilled positions are on the rise (not good) Existing teams are understaffed (not good) Budgets are (finally) increasing (good) University degree mandates […] | |||
|
2022-06-21 13:00:00 | The C-Suite Is Optimistic About Ransomware. Are They Right? (lien direct) | >The majority of C-suite executives are confident in their organization’s protection against ransomware attacks. At least, that’s what a recent research report from ISC2 shows. In fact, just 15% express a lack of confidence. Does this confidence take into account the nearly 53% rise in double extortion ransomware attacks between January and February? Are the […] | Ransomware |
To see everything:
Our RSS (filtrered)
