What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-13 14:00:00 | Digital Transformation: Balancing Speed, Security and Innovation (lien direct) | Today, digital transformation (DX) is happening in every industry. Organizations operating in sectors that typically eschew technology are moving to the cloud, leveraging IoT and using analytics. Digital transformation plays a critical role for any company to stay competitive and resilient. But what does digital transformation look like for most companies, and more importantly, how […] | |||
|
2022-01-12 14:00:00 | Arming CISOs With the Skills to Combat Disinformation (lien direct) | As if chief information security officers (CISOs) did not have enough to deal with, add one more issue to their plates: information warfare. These operations now target private and non-governmental entities almost as often as they involve world powers. That’s why it’s more important than ever to know the difference between misinformation and disinformation — […] | |||
|
2022-01-11 14:00:00 | Cloud Security Trends: What Is Cybersecurity Mesh? (lien direct) | Have you heard of cybersecurity mesh? Some are calling it one of the more notable trends for cloud security and today’s other cyber concerns. So, what is it, and how does it work? The technology stack is breaking down as more people use architectures based on microservices. They’re also using blockchain and other trust models […] | |||
|
2022-01-10 17:00:00 | Small Business Cybersecurity: What to Fix, What to Manage and What to Outsource (lien direct) | The risk posture of small and medium-sized businesses has changed a lot over the last few years. Bluntly: small businesses inherited a series of digital risks. Many of these risks, such as supply chain and cloud-related risks, can wound and devastate a small business. Meanwhile, the enterprise, armed with more resources, could sustain the shock. […] | |||
|
2022-01-10 14:00:00 | Omnichannel E-commerce Growth Increases API Security Risk (lien direct) | Today, a lot of the digital innovation we see is largely thanks to the application programming interface (API). Without APIs, rapid development would be nearly impossible. After all, the API is the link between computers, software and computer programs. But wherever there’s a link, a potential data security weakness exists. Essential for modern mobile, SaaS […] | |||
|
2022-01-07 17:00:00 | 5 Things New with Bug Bounty Programs (lien direct) | On September 29, HackerOne announced the latest version of its Internet Bug Bounty (IBB) program. This initiative helped to coordinate the discovery of more than 1,000 security weaknesses in open-source software between 2013 and 2021. HackerOne’s latest version aims to expand the reach of the program even further by pooling defenses from existing bug bounties, […] | |||
|
2022-01-07 14:00:00 | The Most Important Security Takeaway from the October Facebook Outage (lien direct) | The massive October 4th Facebook outage was not due to a breach and was not classified as a security issue. But the fact that it went down — and was inaccessible for an extended period — is itself a security concern that the enterprise must address. That security concern is business continuity. According to […] | |||
|
2022-01-06 14:00:00 | Cyber Awareness 2022: Consider Deepfakes, NFTs and More (lien direct) | From deepfakes to crypto crime to in-flight drone-based data theft, cyber awareness in 2022 will look a bit different. Good cyber awareness means knowing these risks, even if some of them sound stranger than science fiction. Cyber Awareness and Deepfake Crime What if you got a phone call from a trusted friend or colleague to […] | |||
|
2022-01-05 14:00:00 | The 5 Most Hotly Contested Security Trends and Questions (lien direct) | The worst thing that organizations can do is take a hard stance with their cybersecurity efforts. The digital threat landscape is constantly evolving. If organizations settle into a viewpoint, they could elevate one source of risk into something unrealistic—all while missing other digital threats. This reflects just how much assumptions drive cybersecurity-related decisions. Forbes put […] | Threat | ||
|
2022-01-04 14:00:00 | Protecting Your Data From a Unique Threat: Misinformation (lien direct) | It’s the target for attackers. It drives unique insights and innovation. Data is the most valuable asset your organization has. Now, more than ever before, your company’s information faces a unique threat — one for which many cybersecurity teams aren’t prepared — misinformation. The value of data isn’t lost on most cybersecurity leaders, but data […] | Threat Guideline | ||
|
2022-01-03 17:00:00 | Data Protection: What Needs to Be Protected? (lien direct) | Where is your organization’s data? From global data centers to PCs to mobile apps, data is strewn all over the place. So how do you protect it all? You can’t encrypt everything, right? It’s too expensive and time-consuming. Even the most stringent regulations don’t demand that level of data protection. For example, GDPR focuses primarily […] | |||
|
2022-01-03 14:00:00 | Everything You Need To Know About Ransomware Attacks and Gangs In 2022 (lien direct) | Ransomware is a lucrative business for criminals. It is paying off, and it is working. According to a recent Trend Micro report, a staggering 84% of US organizations experienced either a phishing or ransomware attack in the last year. The average ransomware payment was over $500,000. Bad actors want to keep cashing in. So they’re […] | Ransomware | ||
|
2021-12-30 14:00:00 | Intelligent Adversary Engagement: Deceiving the Attacker (lien direct) | Traditional security isn’t always enough to keep attackers at bay. When it comes to sneaking into networks, detection will often only come after malicious traffic reaches systems such as next-generation firewalls and intrusion detection and prevention systems. Meanwhile, threat actors have free range. But if you can trick the attacker attempting to trick you, it’s […] | Threat | ||
|
2021-12-28 17:30:00 | Changing the Conversation with Risk Quantification (lien direct) | “Quantitative risk analysis is the single most effective way to align security with business priorities and establish credibility with teams.” — U.S.-based CISO As organizations continue to leverage the latest technologies and move toward even greater interconnectivity in the pursuit of growth, business strategy and cybersecurity continue to converge. Cybersecurity concerns now extend beyond the […] | |||
|
2021-12-28 14:00:00 | 2021 Zero Trust Security Intelligence Roundup (lien direct) | A zero trust approach to security has been steadily gaining steam for the last several years. This year, the importance of this approach reached a new level with the May 2021 White House executive order requiring federal agencies to shift to this architecture by fall 2024. Even beyond the executive order, zero trust continues to […] | |||
|
2021-12-27 14:00:00 | 2021 Manufacturing and Supply Chain Security Roundup (lien direct) | In 2020, ransomware actors demanded $17 million from a laptop maker and $34 million from a Taiwanese electronics contract company. The past two years have also delivered major disruptions for supply chains. The pandemic pushed supply chain attack issues front-and-center, with disruptions up 67% in 2020 and problems expected to persist as global markets adjust to the ‘new […] | Ransomware | ||
|
2021-12-23 14:00:00 | Ransomware Attackers\' New Tactic: Double Extortion (lien direct) | Need another reason to defend against ransomware instead of ending up having to find a solution other than paying it? Double extortion may be it. So, what is double extortion? When did it start? With this tactic, ransomware actors steal a victim’s data before their malware strain activates its encryption routine. They then have the […] | Ransomware Malware | ||
|
2021-12-22 14:00:00 | Cyber Warfare: What To Expect in 2022 (lien direct) | Cyberwarfare is not a future threat—it’s a clear and present danger. While the concept of cyber terrorism might sound like something from a fictional movie, our interconnected world is riddled with security flaws that make it an unfortunate reality. Digital transformation has brought great convenience to consumers with mobile apps and e-commerce. And the evolution […] | |||
|
2021-12-21 17:00:00 | Why CISOs Shouldn\'t Report to CIOs in the C-Suite (lien direct) | Cybersecurity plays a critical role in enterprises today. It has evolved from playing a fringe role to one that impacts every person in every business developed over the past 15 years. This shift will continue as we see not only more frequent attacks but also more devastating effects from cyber breaches. A critical change in […] | |||
|
2021-12-21 14:00:00 | What Cybersecurity Professionals Are Wishing for This Holiday Season (lien direct) | After another tough year in the cybersecurity trenches, security professionals deserve a well-earned holiday, along with some powerful gifts to help them cope with the new year’s daunting threat landscape and the security challenges to come. Here’s our rundown of what cybersecurity professionals are wishing for this holiday season. 1. An Artificial Intelligence Ethical Hacking […] | Threat | ||
|
2021-12-20 17:00:00 | A Journey in Organizational Resilience: Survive the Disruption and Become Stronger (lien direct) | Our journey through the factors that make up organizational cyber resilience is almost complete. It’s time to put the puzzle pieces together. First, a quick look at the issues we’ve covered so far. The Human Factor Business Continuity Disaster Recovery Crisis Management Governance Testing and Training Privacy Security By Design Supply Chain and Third Parties […] | |||
|
2021-12-20 14:00:00 | What You Need to Know About RDP Security Going Into 2022 (lien direct) | Threat actors put various cloud “tools” — resources like account information and application access — for sale on dark web markets that provide access for conducting follow-up attacks. But none of those utilities compare in popularity to Remote Desktop Protocol (RDP) accounts. They represent more than 70% of cloud resources available for sale on underground […] | |||
|
2021-12-18 05:40:00 | Log4Shell Vulnerability Risks for OT Environments - and How You Can Better Protect Against Them (lien direct) | You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered. The vulnerability was first made public earlier this […] | Vulnerability | ||
|
2021-12-17 17:00:00 | Why We Need To Beat \'Breach Fatigue\' - At Work and at Home (lien direct) | Data breaches come at such a fast pace that the public doesn’t seem to pay attention to the latest incidents, or they’re practically forgotten in a week — just in time for the next breach to make headlines. Instead of cries for better personal data protection, however, consumers seem less concerned even as more companies […] | |||
|
2021-12-17 14:00:00 | It\'s Not Too Soon to Start Talking About 6G (lien direct) | We may be only a short time into 5G deployments, but discussions of the impact 6G technology will have on our lives have already started. In late 2020, the Alliance for Telecommunications Industry Solutions created a new group called the Next G Alliance to “advance North American mobile technology leadership over the next decade through […] | Guideline | ||
|
2021-12-16 20:00:00 | Zero Trust and DNS Security: Better Together (lien direct) | How many times have you heard the popular information security joke: “It’s always DNS”? It means that every time there’s a problem you can’t figure out, you will dig until you reach the conclusion that it’s always DNS. But DNS is also where a lot of issues can be caught early, and it should be […] | |||
|
2021-12-15 14:00:00 | Starting From Scratch: How to Build a Small Business Cybersecurity Program (lien direct) | When you run a small business, outsourcing for services like IT and security makes a lot of sense. While you might not have the budget for a full-time professional on staff to do these jobs, you still need the services. However, while it might be helpful to have a managed service provider handle your software […] | |||
|
2021-12-15 11:00:00 | Nation State Threat Group Targets Airline with Aclip Backdoor (lien direct) | In March 2021, IBM Security X-Force observed an attack on an Asian airline that we assess was likely compromised by a state-sponsored adversary using a new backdoor that utilizes Slack. The adversary leveraged free workspaces on Slack, a legitimate messaging and collaboration application likely to obfuscate operational communications, allowing malicious traffic, or traffic with underlying […] | Threat | ||
|
2021-12-13 17:00:00 | A Journey in Organizational Resilience: Geopolitical and Socio-Economic Trends and Threats (lien direct) | The last stop on our organizational resilience journey touches one of the issues organizations have the least control over: geopolitical and socio-economic trends and threats. However, they can be some of the most impactful on your organization. Today, the ubiquitous use of interconnected information systems to carry commerce exists on a scale that never did […] | |||
|
2021-12-13 14:00:00 | One-Time Password Security Might Fail 80% of the Time. IAM is Better (lien direct) | A one-time password (OTP) is an automatically generated sequence of characters that authenticates a user for a single transaction or login session. OTP is a widely popular security strategy, but does it provide true password safety? This type of password security is certainly better than traditional, static passwords. But recently security analysts discovered that you […] | |||
|
2021-12-11 18:50:00 | Update on Apache Log4j Zero-Day Vulnerability (lien direct) | IBM Security is following a recent disclosure regarding an Apache vulnerability in the Log4j Java library dubbed Log4Shell (or LogJam). X-Force Exchange has further details on the exploit. Millions of applications use the Java-based Log4j library to log activity, including several prominent web services. Apache has issued a patch with an update to the latest […] | Vulnerability | ||
|
2021-12-10 17:00:00 | How to Include Cybersecurity Training in Employee Onboarding (lien direct) | Bringing new employees up to speed on company policies and procedures, or employee onboarding, is standard practice. The process covers topics like what’s expected in daily work, proper communication channels and vacation and sick leave policies. In well-prepared companies, it also includes extensive cybersecurity training. Quality employee cybersecurity training, along with ongoing training for existing […] | |||
|
2021-12-10 14:00:00 | IoT Security: Protecting Food and Agriculture Organizations (lien direct) | Ransomware actors are targeting food and agriculture organizations, potentially disrupting business. Luckily, there are already formal structures in place to boost the IoT security defenses they need. Knowing them keeps the lifeblood of industrial farms and food delivery going. Businesses in the sector could “suffer significant financial loss,” the FBI said. That loss is “resulting […] | ★★★★★ | ||
|
2021-12-09 17:05:00 | IAM OT Security Risks Call for Strategic Defenses (lien direct) | Today’s technology requires today’s identity and access management (IAM). In the past, operational technology (OT) systems were physically and logically separated from a company’s enterprise corporate business environment and the external world. That served as a control to protect them from common cyberattacks. Starting in the 1970s, serial-based analog processes controlled, managed and monitored these […] | |||
|
2021-12-08 17:00:00 | Edge Computing and 5G: Will Security Concerns Outweigh Benefits? (lien direct) | You’re probably hearing a bunch of chatter about edge computing these days and how it, along with 5G, are the latest pieces of technology to redefine how we conduct our business. In fact, you may even be hearing people say that edge computing will replace cloud computing. Let’s separate the facts from the speculation. What […] | |||
|
2021-12-08 14:00:00 | What to Do When a Ransomware Group Disappears (lien direct) | It’s your company’s worst nightmare: attackers managed to sneak ransomware onto your servers. Now, you’re locked out of every file unless you agree to pay whatever price they’re asking. As if the situation couldn’t get any worse, the attackers disappear without a trace and you can’t even pay their ransom to unlock your files. What […] | Ransomware | ||
|
2021-12-07 20:00:00 | Understanding the Cyber Risk Exposures Within the Health Care Industry (lien direct) | The health care industry is one of the most popular and lucrative targets for cyberattacks and malicious activity. Health care organizations always present as an attractive proposition to hackers as they possess high volumes of sensitive information about patients and rely on highly vulnerable medical devices. Advancements in medical procedures and the growth in digital […] | |||
|
2021-12-06 17:00:00 | 7 Holiday Cybersecurity Tips to Try Before The Year Ends (lien direct) | The holiday rush is upon us, and so is the risk of cyberattack. Threat actors often get to work during the holidays. IT staff is heading out for vacation, and everyone is in a hurry. This means we might skimp on security. Still, there are some holiday cybersecurity tips that will help make the season […] | Threat | ||
|
2021-12-06 14:00:00 | Public Wi-Fi Security: Is It Safe to Use for Business? (lien direct) | Let’s say you need to send an urgent email to a client while you’re at the store. Or, you’re traveling and need to take a Zoom call at your hotel. Maybe you need to access sensitive client data or employee information while on public Wi-Fi. You wonder how you should connect to the internet to […] | |||
|
2021-12-03 17:00:00 | What the Internet Bug Bounty Teaches About Open-Source Software Security (lien direct) | The security platform HackerOne recently announced the latest version of their Internet Bug Bounty (IBB) program. The IBB strives to enhance open-source software security by pooling resources and encouraging security experts (they call themselves hackers) to find flaws in open-source software (OSS). Now, the program has introduced a new crowd-funding method. This enables more organizations […] | |||
|
2021-12-03 14:00:00 | Technical Problem or Cyber Crime? How to Tell the Difference (lien direct) | As soon as the Oct. 4 Facebook mega outage took place, questions about the cause ran rampant. Was it a cyber crime or a technical glitch?? Who was at fault? The outage reportedly resulted in the loss of some $60 to $100 million dollars of revenue, and Facebook’s stock plunged 4.9% on the same day. […] | |||
|
2021-12-03 11:00:00 | Data Security: Defending Against the Cache Poisoning Vulnerability (lien direct) | Do you trust your cache? To meet the demands of the end-users and speed up content delivery, content caching by web servers and content delivery networks (CDN) has become a vital part of the modern web. To explain how this can create vulnerabilities when it comes to data security requires first asking another question. Namely, […] | Vulnerability | ||
|
2021-12-02 15:15:00 | “Trusted Partner” in Cybersecurity: Cliché or Necessity? (lien direct) | I dislike cliches. I suspect I’m not alone in that, but the truth is I’m guilty of using them on occasion — and I’m probably not alone in that, either. I was reading a tongue-in-cheek article the other day about the worst clichés in the business world. As you might imagine, some of the usual […] | |||
|
2021-12-02 14:00:00 | Why the Future Needs Passwordless Authentication (lien direct) | As of September, Microsoft users no longer have to rely on passwords when logging in to their accounts. The Redmond-based tech giant noted that users could instead use its authenticator app, Windows Hello; a physical security key or a verification code sent via SMS-based text message to sign in to Outlook, OneDrive and other Microsoft […] | |||
|
2021-12-01 19:15:00 | Roundup: Ransomware, the Future of the Cloud and Cyber Careers (lien direct) | Digital threats can have physical consequences. As we’ve seen this year, the United States government is taking the threat of ransomware seriously. That’s especially the case when it comes to physical infrastructure. If your business — like many — lives at the intersection of the Internet of Things and the things that make our world […] | Ransomware Threat | ★★★★ | |
|
2021-12-01 17:00:00 | Treasury Crypto Security Sanction Blocks Exchange Favored by Ransomware Actors (lien direct) | The U.S. government sanctioned the cryptocurrency exchange SUEX for moving money for ransomware actors. In essence, that means U.S. citizens and corporate entities are banned from using it. The statement, released in September, is part of a wider effort to boost crypto security and “disrupt criminal networks and currency exchanges”. The First Crypto Security Sanction […] | Ransomware | ||
|
2021-12-01 14:00:00 | How to Cut Down on Data Breach Stress and Fatigue (lien direct) | If you’re tired of hearing the words ‘data breach’, you’re not alone. It’s looking like 2021 might end up becoming the year with the most ransomware attacks on record. In August, SonicWall reported that the global ransomware attack volume had increased 151% during the first six months of the year compared to H1 2020. The […] | Ransomware Data Breach | ||
|
2021-12-01 08:00:00 | X-Force Threat Intelligence: Monthly Malware Roundup (lien direct) | Today’s reality means that organizations need to be constantly vigilant against security breaches. Having a robust incident response plan in place is vital. IBM Security X-Force is a team dedicated to delivering the latest threat intelligence, research and analysis reports that help you manage risk in your organization. This monthly malware roundup offers a summary […] | Malware Threat | ||
|
2021-11-30 14:00:00 | How Do You Plan to Celebrate National Computer Security Day? (lien direct) | In October 2021, the world marked the 18th Cybersecurity Awareness Month. October might be over, but employers can still talk about awareness of digital threats. We all have another chance before then: National Computer Security Day. The History of National Computer Security Day The origins of National Computer Security Day trace back to 1988 and […] | |||
|
2021-11-30 14:00:00 | Understanding the Adversary: How Ransomware Attacks Happen (lien direct) | IBM Security X-Force Incident Response (IR) has responded to hundreds of ransomware incidents across every geography and industry. As we have taken time to analyze these incidents, a clear pattern has emerged. Although we observe dozens of ransomware groups in operation across the globe, many with multiple affiliate groups working under them, most ransomware actors […] | Ransomware |
To see everything:
Our RSS (filtrered)
