What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-07-10 03:28:00 | La ligne mince entre l'analyse comportementale des utilisateurs et la violation de la confidentialité The Thin Line Between User Behavioral Analytics and Privacy Violation (lien direct) |
La technologie a suralimenté le marketing.Les vastes données de l'élimination des spécialistes du marketing donnent un aperçu inégalé de ce que les clients veulent, pourquoi ils le souhaitent et comment ils utilisent des produits et des services.L'analyse comportementale profite aux entreprises et aux consommateurs;Il permet aux entreprises de stimuler les ventes et d'augmenter les taux de conversion tout en fournissant aux clients des services adaptés à leurs désirs et besoins.L'analyse comportementale est également une ressource de cybersécurité inestimable;Les outils d'intelligence artificielle (IA) et d'apprentissage automatique (ML) analysent les données pour permettre aux équipes de sécurité d'identifier les modèles de comportement suspects qui pourraient ...
Technology has supercharged marketing. The vast data at marketers\' disposal provides unparalleled insight into what customers want, why they want it, and how they use products and services. Behavioral analytics benefits businesses and consumers; it allows companies to drive sales and increase conversion rates while providing customers services tailored to their wants and needs. Behavioral analytics is also an invaluable cybersecurity resource; artificial intelligence (AI) and machine learning (ML) tools analyze data to allow security teams to identify suspicious behavior patterns that could... |
Threat Legislation | ★★★★ | |
 |
2023-07-08 08:01:00 | L'acteur de menace RomCom soupçonné d'avoir ciblé les pourparlers d'adhésion à l'Ukraine \\ de l'OTAN au sommet de l'OTAN RomCom Threat Actor Suspected of Targeting Ukraine\\'s NATO Membership Talks at the NATO Summit (lien direct) |
L'équipe de recherche et de renseignement sur les menaces de Blackberry a découvert des leurres malveillants ciblant les invités du prochain sommet de l'OTAN qui pourrait apporter un soutien à l'Ukraine.Notre analyse nous amène à croire que l'acteur de menace connue sous le nom de RomCom est probablement à l'origine de cette opération.
The BlackBerry Threat Research and Intelligence team has uncovered malicious lures targeting guests of the upcoming NATO Summit who may be providing support to Ukraine. Our analysis leads us to believe that that the threat actor known as RomCom is likely behind this operation. |
Threat | ★★ | |
 |
2023-07-07 16:07:00 | Des écarts de sécurité approfondis avec une gestion continue de l'exposition aux menaces Close Security Gaps with Continuous Threat Exposure Management (lien direct) |
Les CISO, les dirigeants de la sécurité et les équipes SOC luttent souvent avec une visibilité limitée à toutes les connexions établies avec leurs actifs et réseaux appartenant à leur entreprise.Ils sont entravés par un manque d'intelligence open source et une technologie puissante requise pour la découverte et la protection proactives, continues et efficaces de leurs systèmes, données et actifs.
Comme les acteurs de la menace avancée recherchent constamment facilement
CISOs, security leaders, and SOC teams often struggle with limited visibility into all connections made to their company-owned assets and networks. They are hindered by a lack of open-source intelligence and powerful technology required for proactive, continuous, and effective discovery and protection of their systems, data, and assets. As advanced threat actors constantly search for easily |
Threat | ★★★ | |
 |
2023-07-07 15:00:00 | Smartwatch non sollicité gratuit dans le courrier et je suis dans l'armée?Qu'est ce qui pourrait aller mal??? Free Unsolicited Smartwatch in the Mail and I\\'m in the Military? What Could Possibly Go Wrong??? (lien direct) |
Threat | ★★ | ||
 |
2023-07-07 13:54:51 | Meredith Whittaker de Signal \\: briser le cryptage tout en préservant la vie privée est \\ 'pensée magique \\' Signal\\'s Meredith Whittaker: Breaking encryption while preserving privacy is \\'magical thinking\\' (lien direct) |
Le président du signal a parlé avec Cyberscoop de l'IA, du chiffrement et de la menace croissante pour la vie privée.
The Signal president spoke with CyberScoop about AI, encryption and the growing threat to privacy. |
Threat | ★★★ | |
|
2023-07-07 10:42:00 | Les agences de cybersécurité saignent l'alarme sur l'augmentation des attaques de logiciels malveillants de l'augmentation de TrueBot Cybersecurity Agencies Sound Alarm on Rising TrueBot Malware Attacks (lien direct) |
Les agences de cybersécurité ont mis en garde contre l'émergence de nouvelles variantes des logiciels malveillants TrueBot.Cette menace améliorée vise désormais les entreprises aux États-Unis et au Canada dans le but d'extraire des données confidentielles des systèmes infiltrés.
Ces attaques sophistiquées exploitent une vulnérabilité critique (CVE-2022-31199) dans le serveur Auditeur NetWrix largement utilisé et ses agents associés.
Ce
Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems. These sophisticated attacks exploit a critical vulnerability (CVE-2022-31199) in the widely used Netwrix Auditor server and its associated agents. This |
Malware Vulnerability Threat | ★★ | |
 |
2023-07-07 10:00:00 | Qu'est-ce qu'un plan de réponse aux incidents (IRP) et quelle est l'efficacité de votre posture de réponse aux incidents? What is an incident response plan (IRP) and how effective is your incident response posture? (lien direct) |
As everyone looks about, sirens begin to sound, creating a sense of urgency; they only have a split second to determine what to do next. The announcer repeats himself over the loudspeaker in short bursts... This is not a drill; report to your individual formations and proceed to the allocated zone by following the numbers on your squad leader\'s red cap. I take a breather and contemplate whether this is an evacuation. What underlying danger is entering our daily activities? 1…2….3…. Let\'s get this party started!
When I come to… I find that the blue and red lights only exist in the security operations center. Intruders are attempting to infiltrate our defenses in real time; therefore, we are on high alert. The time has come to rely on incident response plans, disaster recovery procedures, and business continuity plans. We serve as security posture guardians and incident response strategy executors as organizational security leaders. It is vital to respond to and mitigate cyber incidents, as well as to reduce security, financial, legal, and organizational risks in an efficient and effective manner.
Stakeholder community
CISOs, as security leaders, must develop incident response teams to combat cybercrime, data theft, and service failures, which jeopardize daily operations and prevent consumers from receiving world-class service. To maintain operations pace, alert the on-the-ground, first-line-of-defense engagement teams, and stimulate real-time decision-making, Incident Response Plan (IRP) protocols must include end-to-end, diverse communication channels.
Stakeholder Types
What does an incident response plan (IRP) do?
That\'s an excellent question. The incident response plan gives a structure or guideline to follow to reduce, mitigate, and recover from a data breach or attack. Such attacks have the potential to cause chaos by impacting customers, stealing sensitive data or intellectual property, and damaging brand value. The important steps of the incident response process, according to the National Institute of Standards and Technology (NIST), are preparation, detection and analysis, containment, eradication, and recovery, and post-incident activity that focuses on a continual learning and improvement cycle.
Lifecycle of Incident Response
Many company leaders confront a bottleneck when it comes to assigning a severity rating that determines the impact of the incident and establishes the framework for resolution strategies and external messaging. For some firms, being able to inspect the damage and appropriately assign a priority level and impact rating can be stressful and terrifying.
Rating events can help prioritize limited resources. The incident\'s business impact is calculated by combining the functional effect on the organization\'s systems and the impact on the organization\'s information. The recoverability of the situation dictates the possible answers that the team may take while dealing with the issue. A high functional impact occurrence with a low recovery effort is suited for fast team action.
The heart beat
Companies should follow industry standards that have been tried and tested by fire departments to improve overall incident response effectiveness. This includes:
Current contact lists, on-cal |
Data Breach Vulnerability Threat Cloud | ★★ | |
 |
2023-07-07 09:30:00 | Les autorités américaines et canadiennes mettent en garde contre l'augmentation de l'activité TrueBot US and Canadian Authorities Warn of Increased Truebot Activity (lien direct) |
L'avis conjoint révèle que les acteurs de la menace tirent parti de nouvelles techniques pour livrer le botnet
The joint advisory reveals that threat actors are leveraging new techniques to deliver the botnet |
Threat | ★★ | |
 |
2023-07-07 02:33:56 | Rapport sur la tendance des menaces Web Deep & Dark & # 8211;Mai 2023 Deep Web & Dark Web Threat Trend Report – May 2023 (lien direct) |
Ce rapport de tendance sur le Web Deep et le Web Dark de mai 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteur de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.Ransomware & # 8211;Alphv (Blackcat) & # 8211;Akira & # 8211;Bianlian & # 8211;RA Groupe & # 8211;Royal Forum & # 38;Marché noir & # 8211;Les criminels liés à la drogue ont appréhendé les informations collectées à la suite de la fermeture du marché du monopole & # 8211;RAIDFORUMS & # 8217; s Base de données a divulgué l'acteur de menace & # 8211;...
This trend report on the deep web and dark web of May 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actor. We would like to state beforehand that some of the content has yet to be confirmed to be true. Ransomware – ALPHV (BlackCat) – Akira – BianLian – RA Group – Royal Forum & Black Market – Drug-related Criminals Apprehended Through Information Collected Following the Shutdown of Monopoly Market – RaidForums’s Database Leaked Threat Actor – ... |
Ransomware Threat Prediction | ★★ | |
|
2023-07-07 02:33:29 | Rapport de tendance des menaces sur les groupes APT & # 8211;Mai 2023 Threat Trend Report on APT Groups – May 2023 (lien direct) |
Les cas de grands groupes APT pour le mai 2023 réunis à partir de documents rendus publics par des sociétés de sécurité et des institutions sont comme commesuit.& # 8211;Agrius & # 8211;Andariel & # 8211;APT28 & # 8211;APT29 & # 8211;APT-C-36 (Blind Eagle) & # 8211;Camaro Dragon & # 8211;CloudWizard & # 8211;Earth Longzhi (APT41) & # 8211;Goldenjackal & # 8211;Kimsuky & # 8211;Lazarus & # 8211;Lancefly & # 8211;Oilalpha & # 8211;Red Eyes (Apt37, Scarcruft) & # 8211;Sidecopy & # 8211;Sidewinder & # 8211;Tribu transparente (APT36) & # 8211;Volt Typhoon (Silhouette de bronze) ATIP_2023_MAY_TRADEAT Rapport sur les groupes APT_20230609
The cases of major APT groups for May 2023 gathered from materials made public by security companies and institutions are as follows. – Agrius – Andariel – APT28 – APT29 – APT-C-36 (Blind Eagle) – Camaro Dragon – CloudWizard – Earth Longzhi (APT41) – GoldenJackal – Kimsuky – Lazarus – Lancefly – OilAlpha – Red Eyes (APT37, ScarCruft) – SideCopy – SideWinder – Transparent Tribe (APT36) – Volt Typhoon (Bronze Silhouette) ATIP_2023_May_Threat Trend Report on APT Groups_20230609 |
Threat Prediction | APT 41 APT 38 APT 37 APT 37 APT 29 APT 29 APT 28 APT 28 APT 36 APT 36 Guam Guam APT-C-17 APT-C-17 GoldenJackal GoldenJackal APT-C-36 | ★★★ |
|
2023-07-07 02:32:40 | Rapport de tendance des menaces sur les ransomwares & # 8211;Mai 2023 Threat Trend Report on Ransomware – May 2023 (lien direct) |
Ce rapport fournit des statistiques sur de nouveaux échantillons de ransomware, des systèmes attaqués et des entreprises ciblées en mai 2023, ainsi queEn tant que problèmes de ransomware notables en Corée et dans d'autres pays.D'autres problèmes et statistiques majeurs pour les ransomwares qui ne sont pas mentionnés dans le rapport peuvent être trouvés en recherchant les mots clés suivants ou via le menu Statistiques de la plate-forme AHNLAB Threat Intelligence (ATIP).& # 8211;Ransomware & # 8211;Les statistiques par type le nombre d'échantillons de ransomware et de systèmes ciblés sont basés sur la détection ...
This report provides statistics on new ransomware samples, attacked systems, and targeted businesses in May 2023, as well as notable ransomware issues in Korea and other countries. Other major issues and statistics for ransomware that are not mentioned in the report can be found by searching for the following keywords or via the Statistics menu at AhnLab Threat Intelligence Platform (ATIP). – Ransomware – Statistics by Type The number of ransomware samples and targeted systems are based on the detection... |
Ransomware Threat Prediction | ★★ | |
|
2023-07-07 02:32:15 | Rapport de tendance des menaces sur Kimsuky & # 8211;Mai 2023 Threat Trend Report on Kimsuky – May 2023 (lien direct) |
Les activités du groupe Kimsuk ont augmenté légèrement par rapport à leurs activités en avril en avril.De plus, de nouveaux domaines de niveau supérieur (TLD) ont commencé à être détectés, et il y a eu de petits changements dans les codes.Figure 1. Statistiques FQDN par type d'attaque au cours des 3 derniers mois (unité: chacun) ATIP_2023_MAY_TRADEAT Rapport de tendance sur le groupe Kimsuk
The Kimsuky group’s activities in May 2023 had increased slightly in comparison to their activities in April. Also, new top-level domains (TLDs) have begun to be detected, and there were small changes to the codes. Figure 1. FQDN statistics by attack type in the last 3 months (Unit: each) ATIP_2023_May_Threat Trend Report on Kimsuky Group |
Threat Prediction | ★★ | |
|
2023-07-06 23:15:00 | Distribution du malware netsupport à l'aide de courriel Distribution of NetSupport Malware Using Email (lien direct) |
netsupport rat est utilisé par divers acteurs de menace.Ceux-ci sont distribués par des e-mails de spam et des pages de phishing déguisées en documents tels que des factures, des documents d'expédition et des commandes d'achat).La distribution via des pages de phishing a été couverte sur ce blog dans le passé.[1] Ahnlab Security Emergency Response Center (ASEC) a découvert que le rat Netsupport était distribué via un e-mail de phishing de lance qui a récemment été en circulation.Ce message couvrira le flux d'action de sa distribution via des e-mails de phishing et son ...
NetSupport RAT is being used by various threat actors. These are distributed through spam emails and phishing pages disguised as documents such as Invoices, shipment documents, and PO (purchase orders). Distribution via phishing pages has been covered on this Blog in the past. [1] AhnLab Security Emergency response Center(ASEC) discovered NetSupport RAT being distributed via a spear phishing email that has recently been in circulation. This post will cover the action flow from its distribution via phishing emails and its... |
Spam Malware Threat | ★★ | |
|
2023-07-06 23:00:00 | Groupe de menaces Kimsuky explorant Chrome Remote Desktop Kimsuky Threat Group Exploting Chrome Remote Desktop (lien direct) |
Ahnlab Security Emergency Response Center (ASEC) a récemment découvert le groupe de menaces Kimsuky exploitant Chrome Remote Desktop.Le groupe de menaces Kimsuky utilise non seulement leurs logiciels malveillants applicables développés en privé, mais également des logiciels malveillants à distance tels que Meterpreter pour prendre le contrôle des systèmes infectés.[1] Les journaux du groupe à l'aide de VNC personnalisés ou exploitant des outils de télécommande tels que le wrapper RDP continuent également d'être détectés.[2] Ce message résumera les cas récemment identifiés d'exploitation de bureau à distance Chrome.Le kimsuky ...
AhnLab Security Emergency response Center (ASEC) has recently discovered the Kimsuky threat group exploiting Chrome Remote Desktop. The Kimsuky threat group uses not only their privately developed AppleSeed malware, but also remote control malware such as Meterpreter to gain control over infected systems. [1] Logs of the group using customized VNC or exploiting remote control tools such as RDP Wrapper also continue to be detected. [2] This post will summarize recently identified cases of Chrome Remote Desktop exploitation. The Kimsuky... |
Malware Threat | ★★ | |
 |
2023-07-06 17:29:00 | Les cyber-agences avertissent les nouvelles variantes de logiciels malveillants TrueBot qui nous ciblent et les entreprises canadiennes Cyber agencies warn of new TrueBot malware variants targeting US and Canadian firms (lien direct) |
Les agences de cybersécurité aux États-Unis et au Canada ont averti jeudi que les acteurs de la menace utilisent de nouvelles variantes de logiciels malveillants TrueBot pour voler des données aux victimes.Dans un Advisory co-écrit par l'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA), le FBI, le centre de partage et d'analyse multi-états (MS-ISAC) et le Centre canadien de cybersécurité (CCCS), le
Cybersecurity agencies in the U.S. and Canada warned Thursday that threat actors are using new TrueBot malware variants to steal data from victims. In an advisory co-written by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS), the |
Malware Threat | ★★ | |
|
2023-07-06 16:52:00 | Survivre à la tempête de 800 Gbps: Gardez les informations des statistiques d'attaque DDOS de GCORE \\'s 2023 Surviving the 800 Gbps Storm: Gain Insights from Gcore\\'s 2023 DDoS Attack Statistics (lien direct) |
GCORE RADAR est un rapport trimestriel préparé par GCORE qui donne un aperçu de l'état actuel du marché de la protection DDOS et des tendances de la cybersécurité.Ce rapport vous offre une compréhension de l'évolution du paysage des menaces et met en évidence les mesures nécessaires pour protéger efficacement les attaques.Il sert de perspicacité aux entreprises et aux particuliers qui cherchent à rester informés sur le
Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the |
Threat | ★★ | |
 |
2023-07-06 14:31:19 | Juin 2023 \\'s Mostware le plus recherché: QBOT Les logiciels malveillants le plus répandus en première moitié de 2023 et le Trojan Spinok mobile fait ses débuts June 2023\\'s Most Wanted Malware: Qbot Most Prevalent Malware in First Half of 2023 and Mobile Trojan SpinOk Makes its Debut (lien direct) |
> La recherche sur les points de vérification a rapporté que le trojan QBOT polyvalent a été le malware le plus répandu jusqu'à présent en 2023. Pendant ce temps, Spinok Mobile Trojan a pris la première place en juin pour la première fois et le ransomware était rigoureux après la vulnérabilité Zero-Day Moveit Notre dernier monde mondialL'indice des menaces pour juin 2023 a vu les chercheurs signalent que Trojan QBOT a été le malware le plus répandu jusqu'à présent en 2023, se classant en premier sur cinq des six mois à ce jour.Pendant ce temps, Mobile Trojan Spinok a fait son chemin vers le haut de la liste des logiciels malveillants pour la première fois, après avoir été détecté le mois dernier, et le ransomware a frappé [& # 8230;]
>Check Point Research reported that multipurpose Trojan Qbot has been the most prevalent malware so far in 2023. Meanwhile, SpinOk mobile Trojan took top spot in June for the first time and ransomware was rife following MOVEit zero-day vulnerability Our latest Global Threat Index for June 2023 saw researchers report that Trojan Qbot has been the most prevalent malware so far in 2023, ranking first in five out of the six months to date. Meanwhile, mobile Trojan SpinOk made its way to the top of the malware list for the first time, after being detected last month, and ransomware hit […] |
Ransomware Malware Vulnerability Threat | ★★ | |
 |
2023-07-06 12:45:07 | Commentaire d'experts: ENISA publie son premier rapport de paysage de cyber-menace du secteur de la santé Expert Comment: ENISA releases their first health sector specific cyber threat landscape report (lien direct) |
Tendre la main comme vous l'avez peut-être vu dans les nouvelles que l'Agence européenne de l'Union pour la cybersécurité (EISA) a publié son premier rapport de paysage de cyber-menace sur le secteur de la santé.
Joseph Carson, de la chariot, a commenté la menace des ransomwares pour le secteur et la nécessité de cette première analyse du paysage cyber-menace pour aider le secteur de la santé à devenir cyber-résiliente.
-
opinion
Reaching out as you may have seen in the news that the European Union Agency for Cybersecurity (ENISA) released their first cyber threat landscape report on the health sector. Joseph Carson from Delinea has commented on the ransomware threat to the sector and the need for this first cyber threat landscape analysis to aid the health sector in becoming cyber resilient. - Opinion |
Ransomware Threat | ★★ | |
|
2023-07-06 12:29:20 | Prévision des menaces d'été 2023 Summer Threat Forecast 2023 (lien direct) |
Prévision des menaces d'été 2023 Compte tenu de la portée des cyber-menaces tout au long de la première moitié de 2023, il est plus important que jamais pour les entreprises de prendre des mesures proactives pour se protéger.Dans cet article, nous explorons les menaces de cybersécurité prévues qui ont un impact sur cet été, sur la base des menaces observées au cours des 6 derniers mois, et fournissons des informations précieuses pour aider les organisations à améliorer leurs défenses de cybersécurité.
-
rapports spéciaux
/ /
affiche
Summer Threat Forecast 2023 Given the scope of cyber threats throughout the first half of 2023, it is more important than ever for businesses to take proactive measures to protect themselves. In this article, we explore the predicted cybersecurity threats impacting this Summer, based off the threats seen throughout the last 6 months, and provide valuable insights to help organizations improve their cyber security defences. - Special Reports / affiche |
Threat | ★★ | |
 |
2023-07-06 12:02:49 | Ingénierie de détection hebdomadaire # 30 - Va vos lacs de données, je suis tout à fait sur des lagunes de données Detection Engineering Weekly #30 - Screw your data lakes, I\\'m all in on data lagoons (lien direct) |
Nous avons des boissons fruitées et arrosées sur nos chasses sur les menaces
We have fruity & boozy drinks on our threat hunts |
Threat | ★★★ | |
|
2023-07-06 12:00:00 | Nerve Center: Protégez votre réseau contre les nouvelles souches de ransomware avec notre dernière mise à jour RANSIM Nerve Center: Protect Your Network Against New Ransomware Strains with Our Latest RanSim Update (lien direct) |
ransomware continue d'être une menace majeure pour toutes les organisations et, selon le Verizon 2023 Data Breach Investigations Report , est toujours présent dans 24% des violations.
Ransomware continues to be a major threat for all organizations and, according to the Verizon 2023 Data Breach Investigations Report, is still present in 24% of breaches. |
Ransomware Data Breach Threat | ★★ | |
 |
2023-07-06 00:10:00 | Risque atténuant avec l'intelligence des menaces Mitigating Risk With Threat Intelligence (lien direct) |
La dernière publication de Dark Reading \\ examine un ingrédient manquant, mais nécessaire, à une gestion efficace des risques tiers.
Dark Reading\'s latest publication looks at a missing, but necessary, ingredient to effective third-party risk management. |
Threat | ★★ | |
 |
2023-07-05 21:15:09 | CVE-2023-35939 (lien direct) | GLPI est un progiciel gratuit et logiciel de gestion informatique.À partir de la version 9.5.0 et avant la version 10.0.8, une vérification des droits incorrects sur un fichier accessible par un utilisateur authentifié (ou non pour certaines actions), permet à un acteur de menace d'interagir, de modifier ou de voir les données du tableau de bord.La version 10.0.8 contient un correctif pour ce problème.
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a on a file accessible by an authenticated user (or not for certain actions), allows a threat actor to interact, modify, or see Dashboard data. Version 10.0.8 contains a patch for this issue. |
Threat | ||
|
2023-07-05 21:12:00 | 83% des applications de messagerie de la demande Brits restent privées, avant la menace de la facture de sécurité en ligne 83% of Brits Demand Messaging Apps Remain Private, Ahead of Threat From Online Safety Bill (lien direct) |
70% pensent que les criminels passeront de WhatsApp, etc. aux applications non réglementées, post OSB.
70% think criminals will move from WhatsApp etc to non-regulated apps, post OSB. |
Threat | ★★★ | |
|
2023-07-05 19:40:00 | Sceau de redénergie en tant que menace de ransomware ciblant les secteurs de l'énergie et des télécommunications RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors (lien direct) |
Une menace sophistiquée de voleur en tant que ransomware baptisé de redénergie a été repérée dans les secteurs sauvages des services publics d'énergie, du pétrole, du gaz, des télécommunications et des machines au Brésil et aux Philippines à travers leurs pages LinkedIn.
Le malware "possède la capacité de voler des informations à divers navigateurs, permettant l'exfiltration de données sensibles, tout en incorporant différents modules pour
A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines through their LinkedIn pages. The malware "possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for |
Malware Threat | ★★★ | |
|
2023-07-05 18:00:00 | Quelle est la différence entre la réponse des incidents et l'ampli;Chasse à la menace? What is the difference between incident response & threat hunting? (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. When it comes to protecting data in an evolving threat landscape, two common strategies are at the forefront: incident response and threat hunting. While both processes can safeguard an organization\'s data, their approaches, objectives, and execution differ significantly. Understanding the differences between the two strategies is critical for organizations aiming to: develop a comprehensive cybersecurity approach, effectively manage incidents, proactively detect threats, and build a skilled cybersecurity workforce. Incident response vs. threat hunting: The basics Incident response is a reactive process that typically begins when a security breach occurs. It involves a set of processes and procedures used to manage and respond to a cyberattack. The goal is to identify and respond to any unanticipated, disruptive event and limit its impact on the business, minimizing damage and recovery time. Examples of cyberattacks include network attacks such as denial of service (DoS), malware, or system intrusion, to more internal incidents like accidents, mistakes, or system or process failures. Robust incident response requires the right team, a well-developed plan, and excellent communication. According to the National Institute of Standards and Technology, the four crucial elements of a robust Incident Response Plan (IRP) should include: Preparation Detection and analysis Containment and eradication Post-incident recovery approach Threat hunting, on the other hand, is about being more proactive. It systematically analyzes an organization\'s security posture to identify potential threats before they become active. Threat hunting typically involves looking for threats within your environment and resources that are either compromised or have the potential to be compromised. Risks run the gamut from vulnerabilities with outdated software, insecure access control, or misconfiguration. In most organizations, threat hunting is conducted by traditional IT security teams and even Incident Response teams. Organizations that have a security operations center (SOC) will often have that team on the frontlines. Organizations without a SOC or dedicated security team may not be capable of performing threat hunting, but in today’s evolving threat landscape, someone needs to be responsible. The interplay between incident response and threat hunting First things first: incident response and threat hunting are not mutually exclusive. In fact, they complement each other as crucial elements of a well-rounded cybersecurity strategy. Threat hunting can significantly enhance incident response. What this means is that by proactively identifying potential threats, organizations can prevent incidents from occurring in the first place. When incidents do occur, the insights gained from threat hunting can help incident response teams understand the nature of the threat faster and respond more effectively. So it only makes sense then that incident response can boost threat hunting efforts. By analyzing incidents after they occu | Vulnerability Threat Cloud | ★★ | |
|
2023-07-05 14:30:00 | Les utilisateurs de Node.js se méfient: manifeste l'attaque de confusion ouvre la porte aux logiciels malveillants Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware (lien direct) |
Le registre NPM de l'environnement d'exécution JavaScript Node.js est sensible à ce que \\ est appelé une attaque de confusion manifeste qui pourrait potentiellement permettre aux acteurs de menace de cacher des logiciels malveillants dans les dépendances de projet ou d'effectuer une exécution de script arbitraire pendant l'installation.
"Un package NPM \'s Manifest est publié indépendamment de son tarball", a déclaré Darcy Clarke, ancien directeur de GitHub et NPM Engineering
The npm registry for the Node.js JavaScript runtime environment is susceptible to what\'s called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package\'s manifest is published independently from its tarball," Darcy Clarke, a former GitHub and npm engineering manager |
Malware Threat | ★★ | |
|
2023-07-05 14:08:00 | Alternative Twitter d'Instagram \\'s Twitter \\ 'lancent \\' Honted en Europe pour des problèmes de confidentialité Instagram\\'s Twitter Alternative \\'Threads\\' Launch Halted in Europe Over Privacy Concerns (lien direct) |
Instagram Threads, le prochain concurrent Twitter de Meta, ne sera pas lancé dans l'Union européenne en raison de problèmes de confidentialité, selon la Commission de protection des données de l'Irlande (DPC).
Le développement a été signalé par l'Irish Independent, qui a déclaré que le chien de garde était en contact avec le géant des médias sociaux au sujet du nouveau produit et a confirmé que le communiqué n'a pas étendu à l'UE."à ceci
Instagram Threads, the upcoming Twitter competitor from Meta, will not be launched in the European Union due to privacy concerns, according to Ireland\'s Data Protection Commission (DPC). The development was reported by the Irish Independent, which said the watchdog has been in contact with the social media giant about the new product and confirmed the release won\'t extend to the E.U. "at this |
Threat General Information Legislation | ★★ | |
|
2023-07-05 13:00:00 | Cyberheistnews Vol 13 # 27 [tête haute] La campagne de phishing d'identité massive imite plus de 100 marques et des milliers de domaines CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains (lien direct) |
CyberheistNews Vol 13 #27 | July 5th, 2023
[Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains
A year-long phishing campaign has been uncovered that impersonates 100+ popular clothing, footwear, and apparel brands using at least 10 fake domains impersonating each brand.
We\'ve seen plenty of attacks that impersonated a single brand along with a few domains used to ensure victims can be taken to a website that seeks to harvest credentials or steal personal information. But I don\'t think an attack of such magnitude as the one identified by security researchers at Internet security monitoring vendor Bolster.
According to Bolster, the 13-month long campaign used over 3000 live domains (and another 3000+ domains that are no longer in use) to impersonate over 100 well-known brands. We\'re talking about brands like Nike, Guess, Fossil, Tommy Hilfiger, Skechers, and many more. Some of the domains have even existed long enough to be displayed at the top of natural search results.
And these sites are very well made; so much so that they mimic their legitimate counterparts enough that visitors are completing online shopping visits, providing credit card and other payment details.
The impersonation seen in this widespread attack can just as easily be used to target corporate users with brands utilized by employees; all that\'s needed is to put the time and effort into building out a legitimate enough looking impersonated website and create a means to get the right users to visit said site (something most often accomplished through phishing attacks).
This latest impersonation campaign makes the case for ensuring users are vigilant when interacting with the web – something accomplished through continual Security Awareness Training.
Blog post with links:https://blog.knowbe4.com/massive-impersonation-phishing-campaign
[Live Demo] Ridiculously Easy Security Awareness Training and Phishing
Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.
Join us Wednesday, July 12, @ 2:00 PM (ET), for a live demonstra |
Malware Hack Threat Cloud | ★★ | |
|
2023-07-05 10:00:00 | Naviguer dans le paysage de la cyber-assurance en tant que citoyen numérique de la génération Z Navigating the Cyber Insurance landscape as a Gen Z digital citizen (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In the modern world, cybersecurity and cyber insurance go hand in hand. As we head into the future and the presence of AI in every part of your life grows, so will the responsibilities that need to be taken to ensure security and peace of mind regarding your data and personally identifiable information. As the relatively new cyber insurance industry gets on its feet, it will become more accessible to everyday life, and that trend is already emerging. Teens already are involved in many insurance policies (car, life, health, etc.), so why not add cyber to that and bring the extra reassurance that you are protected against any new threats that could come up? Insurance is put in place to mitigate your risk against external factors that could cause harm to you, your business, or other entities. Cyber insurance is a sub-industry of this and helps reduce risks from ransomware, data breaches, lawsuits, and more. As more industry gears towards individual cyber insurance, we will likely see policies shifting towards protecting against individual data loss and possible foul play. Cyber insurance is a crucial tool for managing risks in a modern environment. With it, customers can expect to mitigate risks in extortion, identity theft, cybercrimes, and data breaches. For example, if you were sent a phishing email asking for banking information, you click on it, enter your details, and fall victim to a common scam. You get a wire confirmation not long after. If your policy included wire fraud coverage, you would receive adequate compensation for these problems. This same experience can apply to many other situations and problems. It could range from general cybercrime to identity theft, the commonality being that you would be covered and reimbursed for any associated losses. However, because this insurance genre is so new, every policy is tailored to the individual buyer, so each problem has certain exceptions. To get the best coverage and risk mitigation, you must understand the most important thing for you and your family in an ever-evolving world. What is Cybersecurity Insurance? Cyber insurance is a policy that protects you and your personal information online. It\'s a way to recover if you\'re hacked or experience a data breach. Cyber insurance could cover the cost of repairing your computer, restoring data, and defending yourself if attacked. Cyber insurance is vital because cyber-attacks are becoming increasingly common. How does it work? Cyber insurance is like any other type of insurance policy where you pay a monthly or yearly premium to a company, and in return, they cover damages that may occur. In the case of cyber insurance, the policies can vary depending on what you need to be covered. Coverage could include cybercrime, extortion, online identity theft, and data breaches. There are different levels of coverage, such as liability and loss of reputation, when companies suffer data breaches that compromise their customers\' personal information. Overall, cyber insurance is an essential safeguard against cyber threats. A cyber-attack can happen to anyone, and the costs can be staggering. Victims will have to contend with the financial burden without cyber insurance. AI in the modern era and Cyber Insurance As technology advances, the threat of AI-driven attacks looms over businesses and consumers alike, making cyber insurance a vital consideration for anyone looking to protect themselves from the consequences of an attack. We, as students, wanted to get an industry experts view on this topic as well, so we sat down with Eric Wistrand, CTO of Couch Braunsdorf Insurance Agency, to discuss the increasing relevance of cyber insurance in modern-day markets as AI ramps up and cybercrime becomes more prevalent. &nbs | Malware Tool Threat Prediction | ★★ | |
 |
2023-07-05 07:41:00 | Comment les Socaas peuvent réduire le coût de la détection et de la réponse des menaces How SOCaaS Can Lower the Cost of Threat Detection and Response (lien direct) |
Obtenez une compréhension des Socaas, de la décision entre l'inhumation ou d'externaliser les services de sécurité, et ce qu'il faut rechercher dans le fournisseur SOCAAS.
Get an understanding of SOCaaS, deciding between inhouse or to outsource security services, and what to look for in SOCaaS provider. |
Threat | ★★ | |
|
2023-07-04 16:14:00 | L'outil d'attaque DDOSIA évolue avec le cryptage, ciblant plusieurs secteurs DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors (lien direct) |
Les acteurs de la menace derrière l'outil d'attaque DDOSIA ont proposé une nouvelle version qui intègre un nouveau mécanisme pour récupérer la liste des cibles à bombarder de demandes HTTP indésirables pour tenter de les faire tomber.
La variante mise à jour, écrite en Golang, "met en œuvre un mécanisme de sécurité supplémentaire pour cacher la liste des cibles, qui est transmise de la [commande et contrôle] à la
The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down. The updated variant, written in Golang, "implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the |
Tool Threat | ★★ | |
|
2023-07-04 02:53:59 | 5 choses que tout le monde doit savoir sur GRC 5 Things Everyone Needs to Know About GRC (lien direct) |
Au cours des années suivantes, les coûts associés à la cybercriminalité, projetés à 10,5 billions de dollars par an d'ici 2025, dépasseront les dépenses de cybersécurité mondiales estimées - 267,3 milliards de dollars par an d'ici 2026.Faites correspondre les pertes subies.La gestion des cyber-risques en tant que facilitateur d'entreprise, la cyber-économie est dominée par les acteurs de la menace qui profitent des surfaces d'attaque croissantes des organisations et des vulnérabilités qui découlent de notre dépendance à l'égard des services connectés.Beaucoup de cybercriminels ...
Over the following years, the costs associated with cybercrime, projected at $10.5 trillion annually by 2025, will exceed the estimated worldwide cybersecurity spending-$267.3 billion annually by 2026. Leadership needs to change its perspective on managing cyber risks instead of just spending more money to match the losses incurred. Cyber risk management as a business enabler The cyber economy is being dominated by threat actors who take advantage of the growing attack surfaces of organizations and the vulnerabilities that arise from our dependence on connected services. Many cybercriminals... |
Threat | ★★ | |
|
2023-07-03 20:00:00 | Les chercheurs développent un code d'exploitation pour le bogue VPN de Fortinet critique Researchers Develop Exploit Code for Critical Fortinet VPN Bug (lien direct) |
Quelque 340 000 appareils VPN SSL FortiGate restent exposés à la menace plus de trois semaines après que Fortinet a publié des mises à jour du micrologiciel pour résoudre le problème.
Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue. |
Threat | ★★ | |
|
2023-07-03 16:00:00 | Les acteurs de la menace chinoise ciblent l'Europe dans la campagne Smugx Chinese Threat Actors Target Europe in SmugX Campaign (lien direct) |
Les attaques reposent sur de nouvelles méthodes de livraison pour déployer une variante de Plugx
The attacks rely on novel delivery methods to deploy a variant of PlugX |
Threat | ★★ | |
|
2023-07-03 15:30:00 | Meduza Stealer cible les utilisateurs de Windows avec des tactiques avancées Meduza Stealer Targets Windows Users With Advanced Tactics (lien direct) |
Les meurtards ont découvert la nouvelle menace tout en surveillant les forums Web Dark et les canaux télégrammes
Uptycs discovered the new threat while monitoring dark web forums and Telegram channels |
Threat | ★★ | |
|
2023-07-03 12:04:52 | 3 juillet & # 8211;Rapport de renseignement sur les menaces 3rd July – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes de cyber-recherche pour la semaine du 3 juillet, veuillez télécharger nos principales attaques de menace_ingence et violation du groupe de ransomware de lockbit a récemment revendiqué la responsabilité de pirater la Taiwan Semiconductor Manufacturing Company (TSMC), le plus grand fabricant de puces de contrat à l'échelle mondiale,Servant des géants de la technologie tels que Apple et Qualcomm.TSMC l'a nié [& # 8230;]
>For the latest discoveries in cyber research for the week of 3rd July, please download our Threat_Intelligence Bulletin TOP ATTACKS AND BREACHES The LockBit ransomware group has recently claimed responsibility for hacking the Taiwan Semiconductor Manufacturing Company (TSMC), the largest contract chip manufacturer globally, serving tech giants such as Apple and Qualcomm. TSMC denied it […] |
Ransomware Threat | ★★ | |
|
2023-07-03 10:16:00 | Opérateurs BlackCat distribuant des ransomwares déguisés en winSCP via malvertising BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising (lien direct) |
Les acteurs de menace associés au ransomware BlackCat ont été observés en utilisant des astuces de malvertising pour distribuer des installateurs voyous de l'application de transfert de fichiers WinSCP.
"Les acteurs malveillants ont utilisé le malvertising pour distribuer un élément de malware via des pages Web clonées d'organisations légitimes", a déclaré Trend Micro Researchers dans une analyse publiée la semaine dernière."Dans ce cas, la distribution
Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Trend Micro researchers said in an analysis published last week. "In this case, the distribution |
Ransomware Malware Threat Prediction | ★★★ | |
|
2023-07-03 09:46:57 | Acteurs de menace chinoise ciblant l'Europe dans la campagne Smugx Chinese Threat Actors Targeting Europe in SmugX Campaign (lien direct) |
> Introduction Au cours des deux derniers mois, Check Point Research (RCR) a suivi l'activité d'un acteur de menace chinois ciblant les ministères et les ambassades des affaires étrangères en Europe.Combiné avec d'autres activités chinoises précédemment rapportées par Check Point Research, cela représente une tendance plus large dans l'écosystème chinois, pointant un passage au ciblage [& # 8230;]
>Introduction In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting Foreign Affairs ministries and embassies in Europe. Combined with other Chinese activity previously reported by Check Point Research, this represents a larger trend within the Chinese ecosystem, pointing to a shift to targeting […] |
Threat Prediction | ★★ | |
|
2023-07-03 09:42:16 | Smugx: dévoiler une opération APT chinoise ciblant les entités gouvernementales européennes: la recherche sur le point de contrôle expose une tendance changeante SmugX: Unveiling a Chinese-Based APT Operation Targeting European Governmental Entities: Check Point Research Exposes a Shifting Trend (lien direct) |
> Faits saillants: Check Point Research découvre une campagne ciblée menée par un acteur de menace chinoise ciblant les politiques étrangères et nationales - des entités gouvernementales axées, surnommé Smugx, se chevauche avec l'activité précédemment signalée par les acteurs chinois APT Reddelta et Mustang Panda Executive Résumé Au cours des deux derniers mois, Check Point Research (RCR) a également suivi l'activité d'un acteur de menace chinois ciblant également les entités de politique étrangère et nationale égalementcomme ambassades en Europe.Combiné avec d'autres activités de groupe basées sur le chinois auparavant [& # 8230;]
>Highlights: Check Point Research uncovers a targeted campaign carried out by a Chinese threat actor targeting foreign and domestic policies- focused government entities in Europe The campaign leverages HTML Smuggling, a technique in which attackers hide malicious payloads inside HTML documents The campaign, dubbed SmugX, overlaps with previously reported activity by Chinese APT actors RedDelta and Mustang Panda Executive summary In the last couple of months, Check Point Research (CPR) has been tracking the activity of a Chinese threat actor targeting foreign and domestic policy entities as well as embassies in Europe. Combined with other Chinese based group\'s activity previously […] |
Threat Prediction | ★★ | |
|
2023-07-03 00:00:00 | Acteur de Crysis Threat Installation des ransomwares de Vénus via RDP Crysis Threat Actor Installing Venus Ransomware Through RDP (lien direct) |
Ahnlab Security Emergency Response Center (ASEC) a récemment découvert que l'acteur de menace de Crysyutilise également les ransomwares de Vénus dans les attaques.Crysis et Vénus sont tous deux des types de ransomwares majeurs connus pour cibler les services de bureau à distance exposés externes. & # 160; [1] Les journaux réels de l'infrastructure AHNLAB Smart Defense (ASD) montrent également des attaques en cours de lancement via RDP.Mis à part Crysis et Vénus, l'acteur de menace a également installé une variété d'autres outils tels que le scanner de port et Mimikatz.Si l'infecté ...
AhnLab Security Emergency response Center (ASEC) has recently discovered that the Crysis ransomware’s threat actor is also using the Venus ransomware in the attacks. Crysis and Venus are both major ransomware types known to target externally exposed remote desktop services. [1] Actual logs from the AhnLab Smart Defense (ASD) infrastructure also show attacks being launched through RDP. Aside from Crysis and Venus, the threat actor also installed a variety of other tools such as Port Scanner and Mimikatz. If the infected... |
Ransomware Threat | ★★ | |
|
2023-06-30 15:30:00 | Le groupe de ransomwares de 8Base apparaît comme une menace majeure 8Base Ransomware Group Emerges as Major Threat (lien direct) |
VMware a expliqué que 8Base utilise une combinaison de tactiques de cryptage et de «nom et honte»
VMware explained that 8Base employs a combination of encryption and “name-and-shame” tactics |
Ransomware Threat | ★★ | |
|
2023-06-30 14:00:04 | Votre cadre IAM n'est pas sûr à moins qu'il ne protège de cette menace inconnue Your IAM Framework is Insecure Unless it Protects from this Unknown Threat (lien direct) |
> Couvrez-vous jamais le lecteur de carte de crédit avec votre main pour que personne ne puisse voir la broche?Bien sûr, vous n'en avez pas;Les non-contacts sont si 2019. Mais si vous l'avez fait, vous le feriez pour empêcher les yeux Prying de visualiser votre code PIN.Dans cette histoire, la gestion de l'identité et de l'accès joue la partie de votre main, protégeant vos informations d'identification et vos données contre les attaques de ransomwares, les violations de données et les cyber-hacks.Le problème est que le risque de la croissance des yeux se développe.Grâce à la montée en puissance du travail hybride et à distance, de nombreuses personnes accèdent à des informations sensibles sur leurs propres appareils, augmentant l'attaque [& # 8230;]
>Do you ever cover the credit card reader with your hand so no one can see the PIN? Of course you don\'t; non-contactless is so 2019. But if you did, you\'d do it to prevent prying eyes from viewing your PIN code. In this story, identity and access management plays the part of your hand, protecting your credentials and data against ransomware attacks, data breaches, and cyber hacks. The problem is the risk of prying eyes is growing. Thanks to the rise of hybrid and remote working, many people are accessing sensitive information on their own devices, increasing the attack […] |
Ransomware Threat | ★★ | |
|
2023-06-29 21:06:00 | Les chercheurs détaillent 4 bugs SAP, y compris la faille dans le noyau ABAP Researchers Detail 4 SAP Bugs, Including Flaw in ABAP Kernel (lien direct) |
Les correctifs sont disponibles pour trois bogues, mais avec les détails techniques et les POC maintenant disponibles, les acteurs de la menace peuvent créer des attaques ciblées.
Patches are available for three bugs, but with technical details and PoCs now available, threat actors can craft targeted attacks. |
Threat | ★★★ | |
|
2023-06-29 19:51:00 | Le rapport WatchGuard Threat Lab révèle de nouvelles tendances d'ingénierie sociale basées sur un navigateur WatchGuard Threat Lab Report Reveals New Browser-Based Social Engineering Trends (lien direct) |
Les principales conclusions de la recherche montrent également que trois des quatre nouvelles menaces de logiciels malveillants sur cette liste des dix premières du trimestre sont originaires de Chine et de Russie, des attaques vivant sur les terres contre la hausse, et plus encore.
Key findings from the research also show three of the four new malware threats on this quarter\'s top-ten list originated in China and Russia, living-off-the-land attacks on the rise, and more. |
Malware Threat | ★★ | |
|
2023-06-29 18:20:00 | Clonage de voix compatible Ai ancres AI-Enabled Voice Cloning Anchors Deepfaked Kidnapping (lien direct) |
L'enlèvement virtuel n'est qu'un des nombreux nouveaux types d'attaques d'intelligence artificielle que les acteurs menacés ont commencé à se déployer, alors que le clonage vocal apparaît comme un nouvel outil d'imposteur puissant.
Virtual kidnapping is just one of many new artificial intelligence attack types that threat actors have begun deploying, as voice cloning emerges as a potent new imposter tool. |
Threat | ★★ | |
|
2023-06-29 17:18:11 | Acteur de menace iranienne Chichette Chichette à l'aide de la campagne de phishing de lance pour distribuer des logiciels malveillants Iranian Threat Actor Charming Kitten Using Spear Phishing Campaign To Distribute Malware (lien direct) |
Malware Threat | APT 35 | ★★ | |
 |
2023-06-29 16:47:27 | Hunting Ducks & # 8211;Un menace que les chasseurs affrontent le voleur en queue-pointes Hunting Ducks – A Threat Hunters Take on Ducktail Stealer (lien direct) |
Pas de details / No more details | Threat | ★★ | |
|
2023-06-29 16:30:00 | Les directives de publication de la NSA et de la CISA pour sécuriser les environnements CI / CD NSA and CISA Release Guidelines to Secure CI/CD Environments (lien direct) |
Les directives mettent en évidence trois scénarios de menace clés et recommande des atténuations pour chaque
The guidelines highlight three key threat scenarios and recommends mitigations for each |
Threat | ★★★ | |
|
2023-06-29 16:26:00 | La bonne façon d'améliorer CTI avec l'IA (indice: c'est les données) The Right Way to Enhance CTI with AI (Hint: It\\'s the Data) (lien direct) |
L'intelligence cyber-menace est une arme efficace dans la bataille en cours pour protéger les actifs et les infrastructures numériques - en particulier lorsqu'ils sont combinés avec l'IA.Mais l'IA est aussi bonne que les données qui les alimentent.L'accès à des sources souterraines uniques est essentielle.
Le renseignement des menaces offre une valeur énorme aux personnes et aux entreprises.Dans le même temps, sa capacité à répondre aux organisations \\ '
Cyber threat intelligence is an effective weapon in the ongoing battle to protect digital assets and infrastructure - especially when combined with AI. But AI is only as good as the data feeding it. Access to unique, underground sources is key. Threat Intelligence offers tremendous value to people and companies. At the same time, its ability to address organizations\' cybersecurity needs and the |
Threat | ★★★ |
To see everything:
Our RSS (filtrered)
