What's new arround internet

Last one

Src Date (GMT) Titre Description Tags Stories Notes
securityintelligence.webp 2021-10-19 13:00:00 Passwordless Authentication Is Here: What Do You Need to Know? (lien direct) Passwords are becoming a dying breed. In a recent article from Microsoft, they announced that they are putting aside their decades-old practice of forcing users to sign in with a password to use the business and personal applications suite — one of the most popular software packages on earth. Passwordless authentication is becoming the new […]
securityintelligence.webp 2021-10-18 16:00:00 A Journey in Organizational Resilience: Training and Testing (lien direct) We are far from a breach-free world. After all, even cybercriminals have shown their own form of resilience. For example, after a short hiatus, the ransomware group REvil came back in September 2021. Until the day we can leave our ‘cyber front door’ unlocked, any organizational resilience framework you employ needs to include a healthy […] Ransomware
securityintelligence.webp 2021-10-18 13:00:00 Cybersecurity Careers: Awareness, Opportunities and Retention (lien direct) This week, Cybersecurity Awareness Month focuses on cybersecurity careers and jobs in the industry, with a simple tagline: Explore. Experience. Share. Check out NIST’s workshops and toolkits for Career Week. For cybersecurity and IT workers, if you want to position yourself well, do some exploring. Get to know new territory outside of cybersecurity. The reason? […]
securityintelligence.webp 2021-10-15 16:00:00 What Happens to Information After a Data Breach? (lien direct) We’ve grown accustomed to it by now — a few million accounts broken into here, another hundred million there. After a company data breach, what happens to all the data? Where does it go? And how does this impact your vulnerability analysis? In June 2020, stolen Facebook user data suddenly popped up for sale on […] Vulnerability
securityintelligence.webp 2021-10-15 13:00:00 When Is an Attack not an Attack? The Story of Red Team Versus Blue Team (lien direct) Cybersecurity experts fill our days with terminology from warfare, including jargon such as red team versus blue team. The concept of ‘red team’ has its origin in wargaming. The red team plays an opposing force and attempts to bypass the barriers of the defending or blue team.   These exercises are not about winning or […]
securityintelligence.webp 2021-10-14 16:00:00 How to Report Scam Calls and Phishing Attacks (lien direct) With incidents such as the Colonial Pipeline infection and the Kaseya supply chain attack making so many headlines these days, it can be easy to forget that malicious actors are still preying on individual users. They’re not using ransomware to do that so much anymore, though. Not since the rise of big game hunting, anyway. […] Ransomware
securityintelligence.webp 2021-10-14 13:00:00 Roundup: Customer Data and Retail Security in the News (lien direct) More people are shopping online than ever before due to the pandemic. Therefore, businesses had to take extra steps to protect customer data, combat fraud and implement the latest in online safety. In 2020, e-commerce retail sales jumped from 16% to 19%, according to data from United Nations trade and development experts from UNCTAD.  In the […]
securityintelligence.webp 2021-10-13 13:00:00 What Is the True Cost of a Health Care Data Breach? (lien direct) The health care industry has remained the top data breach target for eleven years in a row. Highly sensitive and personally identifiable information (PII) held by health care systems is an attractive target. After all, it contains all the information used for identity theft. In addition, that data may be stored on less secure networks […] Data Breach
securityintelligence.webp 2021-10-13 10:00:00 Trickbot Rising - Gang Doubles Down on Infection Efforts to Amass Network Footholds (lien direct) IBM X-Force has been tracking the activity of ITG23, a prominent cybercrime gang also known as the TrickBot Gang and Wizard Spider. Researchers are seeing an aggressive expansion of the gang’s malware distribution channels, infecting enterprise users with Trickbot and BazarLoader. This move is leading to more ransomware attacks — particularly ones using the Conti […] Ransomware Malware Guideline
securityintelligence.webp 2021-10-12 13:00:00 CISA Names 3 \'Exceptionally Dangerous\' Behaviors to Avoid (lien direct) In terms of database security, any bad practice is dangerous. Still, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently deemed some behavior as “exceptionally risky.” Are your teams engaged in these high-risk practices? What can you do to mitigate the risk of a data breach? As per CISA, “The presence of these Bad Practices […]
securityintelligence.webp 2021-10-11 20:00:00 How to Fight Phishing: Don\'t Get Fugu\'ed! (lien direct) Threat actors who deploy phishing and other attacks have an advantage: they don’t operate within any space of decent norms or legal jurisdiction. Accept that, and you quickly understand why the cybersecurity battle feels like fighting a tire fire with a garden hose.  Attackers are coming up with new and smart ways to infect our […]
securityintelligence.webp 2021-10-11 16:00:00 A Journey in Organizational Resiliency: Governance (lien direct) From governance comes everything else. It would be reasonable if this journey in organizational resilience started with the governance theme. In fact, many important standards or cybersecurity frameworks begin with policy development. For example:  NIST SP 800-34: The first step in contingency planning is policy development. NIST Cybersecurity Framework: Part of the first step, Identify, […]
securityintelligence.webp 2021-10-11 13:00:00 Cybersecurity Awareness: How Much Data Can An Attacker Get From an Employee ID? (lien direct) Cyber awareness may seem fairly obvious, but it’s not always. For example, you would never post a photo of your driver’s license on Facebook, right? How about your company ID card? Then there’s that selfie you took at the office. Were you wearing your work badge? Not a good idea. Part of cybersecurity awareness is […]
securityintelligence.webp 2021-10-08 19:00:00 What Is Data Protection and Why Does it Matter? (lien direct) Data is at the center of business. For many organizations, digital adoption drives strategy. Data is essential to meeting customer needs, responding to sudden market shifts and unforeseen events. That’s why data protection should be on your mind. Enterprises generate large amounts of data from multiple sources. The sheer volume and detail of enterprise data […]
securityintelligence.webp 2021-10-08 13:00:00 The Case for Cybersecurity Education for Engineers (lien direct) Engineering and cybersecurity are two distinct disciplines, each demanding its own rigorous education and training. But should there be crossover? Should engineers or engineering students invest in cybersecurity education as well? What are the opportunities for engineers to gain expertise in protecting against threat actors in the software realm?  As the world becomes more complex […] Threat
securityintelligence.webp 2021-10-07 19:00:00 What You Need to Know About Data Security Heading into 2022 (lien direct) Every business needs an effective data security strategy. Over the past year alone, 64% of companies worldwide faced some form of cyber attack, with an average cost of $4.24 million per breach — the highest ever recorded.  Modern enterprises must ensure that their systems can resist unauthorized access, stop data breaches and remain secure (while […]
securityintelligence.webp 2021-10-07 13:00:00 The Real Cost of Ransomware (lien direct) Ransomware is an expensive cybercrime and getting more so all the time. Payouts have risen massively in the past few years. But while ransomware payment amounts make headlines, the real costs go far beyond what’s paid to the attackers.  How Ransomware Works Now Ransomware has always been a problem. But in recent years, attackers have […] Ransomware
securityintelligence.webp 2021-10-06 19:30:00 Phishing Attacks Are Top Cyber Crime Threat, Easier Than Ever to Create and Deploy (lien direct) Why is one of cyber crime’s oldest threats still going strong? The Anti-Phishing Working Group (APWG) reports that January 2021 marked an unprecedented high in the APWG’s records, with over 245,771 phishing attacks in one month. IBM X-Force’s 2021 Threat Intelligence Index found that phishing led to 33% of cyber attacks organizations had to deal […] Threat ★★
securityintelligence.webp 2021-10-06 13:00:00 Banking and Finance Data Breaches: Costs, Risks and More To Know (lien direct) As each year passes, cybersecurity becomes more important for businesses and agencies of every size, in nearly every industry. In 2020, ransomware cases grew by 150%, and every 39 seconds, a new attack is launched somewhere on the web. A data breach also causes rising costs in banking and finance. What Happens in a Banking […] Ransomware Data Breach
securityintelligence.webp 2021-10-05 19:00:00 What Happens to Victims When a Ransomware Gang Vanishes? (lien direct) Not long after launching a major supply chain attack in July 2021, the REvil ransomware gang went offline. The group’s infrastructure, including its surface and dark web portals used for ransom negotiations and data leaks, shut down on July 12, according to Bleeping Computer. Russian digital crime forum XSS banned Unknown, a user believed to […] Ransomware
securityintelligence.webp 2021-10-05 13:00:00 Harassment and the Skills Gap: Improving Retention in the Security Community (lien direct) Everyone wants to work with people who respect them. With the cybersecurity talent gap growing, employers need to show they truly value employees in order to keep them. Along with pay and benefits, a key way to do that is to show respect. That includes work policies that prevent harassment in the company culture.  The skills […]
securityintelligence.webp 2021-10-04 16:00:00 A Journey in Organizational Resilience: Crisis Management (lien direct) So far in this organizational resilience journey, we have focused mainly on the planning phase, or, as some call it, ‘left of the boom’. For a moment, let’s look at a ‘right of the boom’ (post-incident) theme: crisis management (CM), an important component of your cyber resilience planning. A good CM plan will be part of […]
securityintelligence.webp 2021-10-04 13:00:00 Cybersecurity Awareness: The Basics Are the Foundation (lien direct)   It’s Cybersecurity Awareness Month and the Cybersecurity & Infrastructure Security Agency (CISA) put out their 2021 #BeCyberSmart message kit: Be Cyber Smart Fight the Phish! Explore. Experience. Share. Cybersecurity First.  What do these mean for your business? Let’s start off with the basics. Cybersecurity Awareness Tips: Stop Throwing Good Money After Bad More than […]
securityintelligence.webp 2021-10-01 16:05:00 Deploying Proven Data Security Tools to Combat the Rising Cost of a Data Breach (lien direct) It can be hard to navigate which solutions really protect you from the effects of a data breach. Take a look at defending against data breaches by the numbers. That way, you can focus on the modern data security approaches that make next year’s results more promising. According to the annual Cost of a Data […] Data Breach
securityintelligence.webp 2021-10-01 13:00:00 Cybersecurity Awareness Month: It\'s Time to Ditch the Fear (lien direct)   Cybersecurity awareness month is here. Each year, it’s important to explore any new tactics the industry can leverage to raise awareness. The threat landscape is evolving and expanding too quickly for us to keep up. So, we can’t afford to rely on the same awareness gambits year after year.  For as long as the […] Threat
securityintelligence.webp 2021-09-30 19:00:00 What Is Zero Trust? A Complete Guide for Security Professionals (lien direct) Trust, for anyone or anything inside a secured network, should be hard to come by. The global shift to cloud environments has changed online security protocols. Therefore, strict verification (of everyone and everything) is now essential. The zero trust model isn’t overkill — it’s now a crucial tenet of network protection. The pandemic helped push […]
securityintelligence.webp 2021-09-30 16:00:00 Using Vendor Management to Defend Against Supply Chain Attacks (lien direct) Supply chain attacks are growing more common. According to the Identity Theft Resource Center (ITRC), there were just 19 supply chain attacks in the final quarter of 2020. In the following quarter, that volume grew to 27 attacks — an increase of 42%. Those incidents in Q1 2021 affected 137 U.S. groups and a total […]
securityintelligence.webp 2021-09-30 13:00:00 Roundup: Health Care Data Breaches and Defenses in the News (lien direct) Health care data continues to be a prime target for cyber attacks. Cybersecurity Ventures predicts the health care industry will fall victim to two to three times more cyber attacks in 2021 than other industries. Successful cyber attacks compromise both patient safety and the public’s trust. But why, exactly, is health care such an attractive […]
securityintelligence.webp 2021-09-29 19:00:00 Enterprise Management Associates: A Survey on Modern Data Security in a Multicloud World (lien direct) Securing and protecting enterprise data is at the center of the modern security plan. There are many considerations for organizations that aim to move critical workloads and data stores to the cloud, and understanding how business-critical data will be accessed, stored and secured is a paramount concern. Organizations are also facing significant increases in regulations […]
securityintelligence.webp 2021-09-29 18:15:00 Know the Four Pillars of Cloud Security That Reduce Data Breach Risk (lien direct) Can having a mature, comprehensive cloud security strategy reduce the impact of data breaches on your organization? Results from the latest Cost of a Data Breach Report indicate that taking this approach might produce potential savings for your business. Among other findings, the report noted that the mature use of security analytics was associated with […] Data Breach
securityintelligence.webp 2021-09-29 13:00:00 What Video Doorbells Have to Teach Us About the Difficulties of IoT Security (lien direct) The Amazon-owned smart home product manufacturer Ring recently announced that it’s strengthening the security of its Internet of Things (IoT) motion-detecting doorbell cameras by offering end-to-end encryption (E2EE) for streaming video footage. There’s a catch, though. Users who opt to turn on E2EE will find that they need to make major tradeoffs. Convenience and usefulness […]
securityintelligence.webp 2021-09-28 19:00:00 Supply Chain Attack: What It Is (and What to Do About It) (lien direct) The past two years have delivered major disruptions for supply chains. The pandemic pushed supply chain attack issues front-and-center, with disruptions up 67% in 2020 and problems expected to persist as global markets adjust to ‘new normal’ operations. Increasing reliance on digital supply solutions, however, has also set the stage for increasing supply chain attacks. […]
securityintelligence.webp 2021-09-28 16:00:00 What Is Customer Identity Access Management (CIAM)? (lien direct) Customer identity access management (CIAM) solutions enable companies to manage more than just customer information. CIAM makes it possible to manage data-sharing consent, self-service customer registration, account management, single sign-on and multi-factor authentication (MFA) across channels (mobile, web, apps, etc.). So, what exactly is it? And how does it work? CIAM is a method of […]
securityintelligence.webp 2021-09-28 13:00:00 What Is SASE and How Does it Connect to Zero Trust? (lien direct) As many workplaces stay in a remote or a hybrid operating model due to COVID-19, businesses and agencies of all sizes and industries face the long-term challenges of keeping data and infrastructure secure. With remote workers, security teams have to secure many more endpoints and a much wider area each day. In response, many groups […]
securityintelligence.webp 2021-09-27 19:00:00 What Is a Botnet Attack? A Guide for Security Professionals (lien direct) What is a botnet attack, and how do you stop one? A botnet (derived from ‘robot network’) is a large group of malware-infected internet-connected devices and computers controlled by a single operator. Attackers use these compromised devices to launch large-scale attacks to disrupt services, steal credentials and gain unauthorized access to critical systems. The botnet […]
securityintelligence.webp 2021-09-27 16:00:00 A Journey in Organizational Cyber Resilience Part 3: Disaster Recovery (lien direct) Moving along our organizational resilience journey, we focus on disaster recovery (DR), the perfect follow-up to business continuity (BC) The two go hand-in-hand, often referenced as BCDR, and both are key to your cyber resilience planning. If you recall from the previous piece, NIST SP 800-34 calls out a separate disaster recovery plan, as it […]
securityintelligence.webp 2021-09-27 13:00:00 DevSecOps: How Engineers Benefit From Cybersecurity Education (lien direct) Digital security incidents involving operational technology (OT) can have big impacts on the physical world. Why are these OT security incidents happening? A lack of understanding of how the different elements of DevSecOps fit together can contribute. This also shows the importance of crossover between engineering and cybersecurity. In March 2021, for instance, Fortinet found […]
securityintelligence.webp 2021-09-24 16:00:00 Zero Trust: Remote Security For Now and the Future (lien direct) This summer, my to-do list was full of stories about cybersecurity issues related to hybrid work. I was hopeful that the path to the end of the pandemic was ahead of us. Many companies announced their plans for keeping fully remote or hybrid workforce models with as much certainty as possible during a global pandemic. […]
securityintelligence.webp 2021-09-24 13:00:00 How Privileged Access Management Fits Into a Layered Security Strategy (lien direct) In its early stages, privileged access management (PAM) involved protecting only the passwords used for privileged accounts. But it evolved beyond that single purpose in the years that followed. Nowadays, it includes other security functions like multifactor authentication (MFA), session monitoring, proxying and user behavior analytics (UBA). Take a look at how these connect for […]
securityintelligence.webp 2021-09-23 19:00:00 What is Web Application Security? A Protective Primer for Security Professionals (lien direct) Evolving threats put applications at risk. Robust web application security can help prevent compromise before it happens. Not sure where to start? Our protective primer has you covered. What Is Web Application Security?  Web application security focuses on the reduction of threats through the identification, analysis and remediation of potential weaknesses or vulnerabilities. While the bulk […]
securityintelligence.webp 2021-09-23 15:00:00 New ZE Loader Targets Online Banking Users (lien direct) IBM Trusteer closely follows developments in the financial cyber crime arena. Recently, we discovered a new remote overlay malware that is more persistent and more sophisticated than most current-day codes. In this post we will dive into the technical details of the sample we worked on and present ZE Loader’s capabilities and features. The parts […] Malware
securityintelligence.webp 2021-09-22 16:00:00 How to Build a Winning Cybersecurity Resume (lien direct) Career advancement is an art form with many facets. One vital tool is your cybersecurity resume, the quality of which can mean the difference between getting an interview for your dream job and not being considered at all.  Following the standard advice on building a resume will give you a standard resume that won’t set […] Tool
securityintelligence.webp 2021-09-22 13:00:00 The CISO and the C-Suite: How to Achieve Better Working Relations (lien direct) As the workforce moved from the cubicle desk to the dining room table in 2020, cybersecurity suddenly became everyone’s concern. Focus turned to the chief information security officer (CISO). It’s their job to keep businesses running and secure. In many companies, that also meant juggling a move to a full digital transformation with effective remote […]
securityintelligence.webp 2021-09-21 19:00:00 12 Benefits of Hiring a Certified Ethical Hacker (lien direct) You’ve probably heard the phrase “you don’t know what you don’t know”. It’s a stage of learning most people find themselves in at one time or another. When it comes to cybersecurity, hackers succeed by finding the security gaps and vulnerabilities you missed. That’s true of malicious attackers. But it’s also true of their equivalent […]
securityintelligence.webp 2021-09-21 16:00:00 Cybersecurity Solutions to Know in 2021: Open Source and Scaling Up (lien direct) Speed is of the essence in digital defense. As the latest Ponemon Institute Cost of a Data Breach Report makes clear, businesses and agencies that are able to respond to and contain an incident rapidly will save millions over their slower peers. The average total cost of a data breach increased by nearly 10%, the largest […] Data Breach
securityintelligence.webp 2021-09-21 13:00:00 Identity Management Beyond the Acronyms: Which Is Best for You? (lien direct) With so many devices and users accessing networks, applications and data, identity access management (IAM) has become a cornerstone of cybersecurity best practices. The short explanation is that you must make sure everyone (and everything) is who they claim they are. You also need to make sure they are allowed to have the access they’re requesting. […]
securityintelligence.webp 2021-09-20 19:00:00 Zero Trust: Follow a Model, Not a Tool (lien direct) The zero trust model is going mainstream, and for good reason. The rise in advanced attacks, plus IT trends that include the move to hybrid cloud and remote work, demand more exacting and granular defenses.  Zero trust ensures verification and authorization for every device, every application and every user gaining access to every resource. This […] Tool
securityintelligence.webp 2021-09-20 16:00:00 A Journey in Organizational Cyber Resilience Part 2: Business Continuity (lien direct) Keeping a business up and running during a problem takes the right people for the job. When it comes to cyber resilience through tough times, many things come down to the human factor. We focused on that in the first piece in this series, but it also makes a big difference to the second topic: […]
securityintelligence.webp 2021-09-20 13:00:00 Health Care Interoperability: What Are the Security Considerations? (lien direct) Anyone who has needed to schedule an appointment with a new doctor or meet with a specialist knows the hassle of making sure everyone in the health care chain has access to your health records. Digital record-keeping has made that a little easier, but that access still isn’t universal. Digital health care interoperability can still […]
securityintelligence.webp 2021-09-17 19:00:00 How to Protect Against Deepfake Attacks and Extortion (lien direct) Cybersecurity professionals are already losing sleep over data breaches and how to best protect their employers from attacks. Now they have another nightmare to stress over — how to spot a deepfake.  Deepfakes are different because attackers can easily use data and images as a weapon. And those using deepfake technology can be someone from […]
Last update at: 2024-03-28 16:12:18
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter