What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-11-29 08:46:30 | RSE : quel positionnement pour les DSI ? (lien direct) | Crédit Agricole, Docaposte et Enedis sont quelques-unes des entreprises que le Cigref met en lumière dans un rapport " RSE et IT ". | General Information | APT 15 | ★★★ |
 |
2022-11-28 18:04:17 | Cleansoft (lien direct) | Contact : J MAZET / B DEBRUYNE Année de création : 1999 Activités : Maintenance et travaux neufs d'infrastructures critiques Type de services ou produits : Réhabilitation et maintenance de planchers techniques surélevés Installation (travaux neufs) de planchers, cloisons et plafonds techniques Entretien et nettoyage technique (micro dépoussiérage) de locaux critiques Description du produit ou service phare pour 2023 : Audit d'installations critiques, proposition et mise en œuvre de solutions (...) - FOURNISSEURS D'EQUIPEMENTS | General Information | ★ | |
|
2022-11-28 14:17:13 | DevOps : 5 ESN et start-up qui innovent (lien direct) | Dagger.io et Meritis font partie des acteurs qui alimentent les processus DevOps d'intégration et de déploiement continus. | General Information | ★★★★ | |
 |
2022-11-24 16:24:40 | European Parliament Suffered By Cyber Attack After Vote On Russia (lien direct) | The European Parliament suffered a cyberattack on Wednesday morning, shortly after the institution. Voted to strengthen economic sanctions against Russia for its involvement in eastern Ukraine and annexation of Crimea earlier this year. The new sanctions are expected to be implemented as early as Thursday. In response, Russian officials have threatened retaliation. But have not […] | General Information | ★★★ | |
|
2022-11-24 15:50:23 | Nouvelle recherche Trellix : La coupe du monde au Qatar attire les acteurs malveillants (lien direct) | Suite à la nouvelle recherche du Advanced Research Center de Trellix, sur les tactiques utilisées par les cyberattaquantes à l'occasion de la coupe du monde au Qatar, les chercheurs ont découvert des nouveaux emails de phishing de la part des acteurs malveillants. - Malware Update | General Information | ★★ | |
|
2022-11-24 10:24:16 | SPIE choisie par la région Grand Est pour son dispositif de cybersécurité dans le cadre du plan France Relance (lien direct) | SPIE choisie par la région Grand Est pour son dispositif de cybersécurité dans le cadre du plan France Relance - Marchés | General Information | ★★★ | |
|
2022-11-24 00:00:00 | Atos déploie avec succès Mon Espace Santé (lien direct) | Atos déploie avec succès Mon Espace Santé Mon Espace Santé permet à 65 millions d'assurés d'accéder à des services numériques de santé dans un cadre souverain et sécurisé - Marchés | General Information | ★★★ | |
 |
2022-11-23 21:11:26 | Elon Musk wants encrypted messaging for Twitter. It might not be that simple. (lien direct) | Experts say Elon Musk needs to build trust for encryption to work. | General Information | ★★ | |
 |
2022-11-23 19:01:00 | UK police arrest 120 in largest-ever cyber fraud crackdown (lien direct) | Experts say Elon Musk needs to build trust for encryption to work. | General Information | ★★★ | |
 |
2022-11-21 19:35:03 | Framing the Modern Conversation Around Digital Transformation and Digital Risk (lien direct) | >Following my recent AISA session about security transformation in October, I am digging further into the value that can come from both security and digital transformation, applying security service edge capabilities and zero trust principles as part of the broader digital transformation strategy.. In the first part of this three-part blog series, I am going […] | General Information | ★★★ | |
 |
2022-11-17 15:00:07 | Solving The Cybersecurity Talent Crisis Demands Public-Private Sector Collaboration (lien direct) | >Following my recent AISA session about security transformation in October, I am digging further into the value that can come from both security and digital transformation, applying security service edge capabilities and zero trust principles as part of the broader digital transformation strategy.. In the first part of this three-part blog series, I am going […] | General Information | ★★★ | |
 |
2022-11-11 11:00:00 | The blockchain & data privacy (GDPR) (lien direct) | The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Blockchain has been outlined as a digital, decentralized ledger that keeps a record of all transactions that present itself across a peer-to-peer network. It permits the secure transfer of assets while not being an associate mediator. It conjointly provides a record of transactions that's absolutely clear and displayed in time period for the good thing about participants. GDPR is a law that protects data/Information security, promotes a lot of management over a person’s individual data and information on digital platforms. Blockchain, on the opposite hand, is a technology that develops unvarying rransaction ledgers. The interaction between GDPR’s data privacy rights and therefore the idea of blockchain serving as a decentralized, incorrupt digital junction have led to varied takes on classic philosophical conflicts. What is GDPR? GDPR is a General information Protection Regulation that was adopted as a law in the EU. The purpose of the law is to cater to the requirements of information privacy of an individual. The law offers rights to the users, that include: The right to be forgotten The right to data/information portability Right to access information associated with you The right to edit/correct/change the data/information related to you Legality of blockchain and privacy: The governance parties can decide with certain conditions that the specific transaction will occur in blockchain or not. As blockchain technology evolves, it'll become a lot more powerful thanks to choosing the organization to use transactions on the blockchain. For an emptor, it's useful if the suppliers conjointly comply with including the blockchain transactions. For a decentralized platform, it's difficult to use blockchain laws because the info is distributed round the globe. Although blockchain is taken into account extremely securely, it poses some regulation barriers to data privacy such as the California Client Privacy Act of 2018 (“CCPA”) and also the EU’s GDPR. Both GDPR and CCPA require that private data is to be removed under any circumstances. CRUD vs. CRAB In order to fully understand the blockchain & data privacy (GDPR), one needs to understand the difference between CRUD & CRAB. Many tech professionals call the process CRAB (An alternative of the term CRUD) - CRUD (For traditional databases) stands for Create, Read, Update & Delete. The term CRAB stands for Create, Retrieve, Append & Burn. The burn is the method of deleting encryption keys. Keeping private data/information “off the chain, instead of on the chain” is the one obvious solution. As the blockchain info is “on the chain", deleting & redaction info is sort of not possible. Developing a closed blockchain is another solution. In a closed (permission-based) blockchain, information is stored on local devices or rented cloud storage. So it is relatively easier to delete personal data on an individual's request using the process called forking. Now, because there is no definition in GDPR of “erasure of data” at this point for blockchain, you probably need to interpret this as meaning that throwing away your encryption keys for blockchain technology, isn't acceptable as ‘erasure of data’ in line with GDPR. Solution: Storing private data on a | General Information | ||
 |
2022-10-04 00:00:00 | Sécuriser les outils des développeurs: une nouvelle attaque en chaîne d'approvisionnement sur PHP Securing Developer Tools: A New Supply Chain Attack on PHP (lien direct) |
Quel est votre pire cauchemar de chaîne d'approvisionnement et pourquoi est-ce quelqu'un qui pourrait reprendre tous les forfaits PHP à la fois?Laissez \\ une plongée profonde dans la façon dont nous pourrions le démontrer!
What is your worst supply chain nightmare and why is it somebody that could take over all the PHP packages at once? Let\'s deep dive into how we could demonstrate it! |
Threat General Information | ★★★ | |
 |
2021-10-15 12:40:00 | Topic-specific policy 4/11: information transfer (lien direct) |  "Information transfer" is another ambiguous, potentially misleading title for a policy, even if it includes "information security". Depending on the context and the reader's understanding, it might mean or imply a security policy concerning:Any passage of information between any two or more end points - network datacommunications, for instance, sending someone a letter, speaking to them or drawing them a picture, body language, discussing business or personal matters, voyeurism, surveillance and spying etc.One way flows or a mutual, bilateral or multilateral exchange of information.Formal business reporting between the organisation and some third party, such as the external auditors, stockholders, banks or authorities.Discrete batch-mode data transfers (e.g. sending backup or archival tapes to a safe store, or updating secret keys in distributed hardware security modules), routine/regular/frequent transfers (e.g. strings of network packets), sporadic/exceptional/one-off transfers (e.g. subject access requests for personal information) or whatever. Transmission of information through broadcasting, training and awareness activities, reporting, policies, documentation, seminars, publications, blogs etc., plus its reception and comprehension. Internal communications within the organisation, for example between different business units, departments, teams and/or individuals, or between layers in the management hierarchy."Official"/mandatory, formalised disclosures to authorities or other third parties.Informal/unintended or formal/intentional communications that reveal or disclose sensitive information (raising confidentiality concerns) or critical information (with integrity and availability aspects). Formal provision of valuable information, for instance when a client discusses a case with a lawyer, accountant, auditor or some other professional. Legal transfer of information ownership, copyright etc. between parties, for example when a company takes over another or licenses its intellectual property.Again there are contextual ramifications. The nature and importance of information transfers differ between, say, hospitals and health service providers, consultants and their clients, social media companies and their customers, and battalion HQ with operating units out in the field. There is a common factor, however, namely information risk. The in |
General Information Guideline | APT 17 | |
 |
2020-12-18 16:00:13 | Insider Threats: What Are They, Really? (lien direct) | "Insider threat" or "human error" shows up a lot as the major cause of data breaches across all types of reports out there. But often it's not defined, or it's not clearly defined, so people conjure up their own definition. | General Information | ||
 |
2020-12-15 19:51:36 | Apple\'s best moments of 2020 (lien direct) | Although 2020 presented unique challenges, Apple refused to be derailed and collected multiple wins. Here are Apple's best moments of the year. | General Information | ||
|
2018-03-18 22:26:09 | NBlog March 18 - building a sausage machine (lien direct) |  We've been engaged to write a series of awareness materials on a variety of information security topics - a specific type of awareness product that we haven't produced before. So the initial part of the assignment is to clarify what the client wants, come up with and talk through our options, and draft the first one. That's my weekend spoken for!Once the first one is discussed, revised and agreed, stage two will be to refine the production process so future products will be easier and quicker to generate, better for the client and better for us.Like sausages. We're building a sausage machine. We'll plug in a topic, turn the handle and extrude a perfectly-formed sausage every time.Sounds fine in theory but on past experience that's not quite how it will work out, for two key reasons:Since the topics vary, the content of the awareness product will vary, naturally ... but so too may the structure and perhaps the writing style. Awareness content on, say, viruses or passwords is conceptually and practically a bit different to that on, say, privacy or cybersecurity. The breadth and depth of cover affects how we write, so the machine needs some 'give'. It can't be too rigid.As the string of sausages gets ever longer, we will continually refine the machine and think up new wrinkles ... which may even mean going back and reforming some of the early products. It's possible an entirely new approach may emerge as we progress, but more likely it will evolve and mature gradually. What starts out producing a string of plain beef sausages may end up churning out Moroccan lamb and mint - still definitely sausages but different flavours. Knowing that, now, the sausage machine has to be capable of being modified to some extent in the future, within certain constraints since the customer expects a reasonably consistent product. Some features being designed into the process today will remain in a month or three, while others will evaporate to be replaced by others and we're cool with that. Hopefully the client will be too!In more practical terms, the sausage machine itself consists of |
General Information | ||
 |
2018-03-18 13:01:01 | Dr. Cole Is in the House at IBM Think (lien direct) | When it comes to cybersecurity, companies today have so much to do and so much to focus on that they often do not have time to stop think about the longterm consquences of their policies. | General Information | ||
|
2018-03-13 21:27:39 | NBlog March 13 - normal service ... (lien direct) |  ... will be resumed, soon. We've been slaving away on a side project, putting things in place, setting things up, trying things out. It's not quite ready to release yet - more tweaking required, more polishing, lots more standing back and admiring from a distance - but it's close. |
General Information | ||
 |
2018-03-13 12:11:05 | Three Pressing Cyber Threats for IoT in 2018 (lien direct) | By Kristofer Mansson, CEO of Silobreaker Every year we see new pressing cyber threats, from new targets for hackers to new issues cropping up in the cybersecurity space. 2018 will be no different. One area that has recently got a lot of attention is IoT devices, as the use of such devices has increased in ... | General Information | ||
|
2018-03-13 12:02:01 | Cybersecurity Is About More Than Reacting to Attacks (lien direct) | Reacting quickly to cyberattacks is a vital aspect of cybersecurity. A prompt response can be the difference between minimal damage and catastrophic data loss. Additionally, cybersecurity experts value the importance of preventive and offensive measures, whose presence is as important, if not more so, for cybersecurity professionals to master as a quick response. A quick, ... | General Information | ||
|
2018-03-13 12:01:01 | Bringing Digital Transformation to Insurance (lien direct) | Insurance providers can build trust - and win over crucial market segments - by embracing digital transformation. | General Information | ||
|
2018-03-13 11:50:03 | When Complacency Breeds Security Risks (lien direct) | Mike Simmonds, managing director, Axial Systems believes employee attitude is as important as technology when securing data Despite the glaring headlines about data breaches and the loss of confidential information, the more we use technology, the more careless we become about security. Yet, when things do go wrong, we tend to blame the technology itself. ... | General Information | ||
 |
2018-03-13 11:02:03 | Condamnations pour des administrateurs de sites de streaming Français (lien direct) | Deux internautes Français condamnés pour avoir administrés des sites de streaming. Des actions judiciaires contre Griffin TV et Full Moviz orchestrées par la Sacem. La SACEM, la Société des Auteurs, Compositeurs et Éditeurs de Musique vient de signer deux affaires judiciaires, visant des sites de st... Cet article Condamnations pour des administrateurs de sites de streaming Français est apparu en premier sur ZATAZ. | General Information | ||
 |
2018-03-13 10:28:05 | Binance launches $10 million cryptocurrency fund to snare hackers (lien direct) | Information leading to the arrest of those involved in a recent security breach is worth $250,000. | General Information Guideline | ||
|
2018-03-13 09:48:01 | CyberArk acquires cloud security firm Vaultive (lien direct) | CyberArk secured the deal to boost its cloud-based privileged account security solutions portfolio. | General Information | ||
 |
2018-03-13 09:25:02 | Finalement, Fortnite proposera aussi du cross-play sur Xbox (lien direct) | Lors de l'annonce de l'arrivée du jeu sur Android et iOS, le studio expliquait que le cross-play serait possible sur PS4, PC, Mac et iOS, et éventuellement sur Android. La console de Microsoft était donc la grande absente. Ce n'e...Lire la suite | General Information | ||
|
2018-03-13 09:25:02 | myCanal se renforce sur Android TV et iOS, notamment dans le sport (lien direct) | Un an après l'Apple TV, l'OS de Google intègre enfin le mode Expert pour certains matchs de football et de rugby. Sur smartphone et tablette, une autre amélioration est annoncée : « pincez la vidéo pour zoomer...Lire la suite | General Information | ||
|
2018-03-13 03:50:05 | Global Developer Survey Confirms Increased Requirement For DevOps Yet Adoption Falls Behind (lien direct) | The ISBuzz Post: This Post Global Developer Survey Confirms Increased Requirement For DevOps Yet Adoption Falls Behind | General Information | ||
 |
2018-03-13 03:39:00 | Trump Blocks Broadcom\'s Bid to Buy Qualcomm (lien direct) | US President Donald Trump blocked Monday an unsolicited bid by Singapore-based Broadcom to take over smartphone chipmaker Qualcomm, citing national security concerns. | General Information | ||
|
2018-03-12 22:17:04 | Yahoo users can sue over data breaches, judge rules (lien direct) | Verizon, which now owns the web giant, sought to dismiss the case. | General Information | Yahoo | |
 |
2018-03-12 20:16:02 | Former Spy Was Poisoned With “Military-Grade Nerve Agent Developed by Russia,” UK Says (lien direct) | Britain has concluded it is "highly likely" that Russia was responsible for the attack on a former Russian intelligence officer and his daughter. | General Information | ||
 |
2018-03-12 17:36:01 | A week in security (March 05 – March 11) (lien direct) |
A roundup of notable security news from March 5 to 11, including another takedown of GeekHelp tech support scammers, a lame Android app, AI and ML in cybersecurity, Mac malware, and more.
Categories:
Security world
Week in security
Tags: Androidartificial intelligenceencryptioninternational women's daymachine learningrecapweekly blog roundupwomen in tech
(Read more...)
|
General Information | ||
|
2018-03-12 17:15:00 | 10 Ways To Improve Security Compliance With Data Privacy Regulations (lien direct) | The ISBuzz Post: This Post 10 Ways To Improve Security Compliance With Data Privacy Regulations | General Information | ||
 |
2018-03-12 16:40:05 | La confusion règne à l\'approche de l\'application de GDPR : il n\'est pas trop tard pour agir ! (lien direct) |  À moins que vous n'ayez vécu en totale autarcie ces deux dernières années, vous êtes certainement au courant de l'entrée en vigueur du nouveau règlement général sur la protection des données (RGPD ou GDPR) en mai prochain. |
General Information | ||
|
2018-03-12 15:27:04 | IIC Publishes Best Practices for Securing Industrial Endpoints (lien direct) | Industrial Internet Consortium Guidance Aims to Improve IIoT Endpoint Security for Manufacturers and Practitioners | General Information | ||
|
2018-03-12 15:21:04 | Data privacy still being ignored by organisations (lien direct) | It has been found that many organisations are not doing all they can to protect data privacy with there being a lack of transparency in how businesses store personal data, according to PwC's 2018 Global State of Information Security Survey (GSISS). It was found only 51% of respondents have an accurate inventory of where personal ... | General Information | ||
|
2018-03-12 14:31:00 | Comcast \'blocks\' an email service: Yet another reminder why net neutrality matters (lien direct) | Now imagine your favorite websites getting blocked by your internet provider in the name of net neutrality. | General Information | ||
 |
2018-03-12 14:28:02 | Controversial age checks to access online porn delayed in UK (lien direct) |  Just two weeks before the British government was due to introduce a compulsory order that pornographic websites verify their visitors' ages, the controversial regulation has been pulled.
|
General Information | ||
|
2018-03-12 13:56:03 | Join SC Media for their 12th annual cybersecurity conference, RiskSec, in New York! (lien direct) |  Graham Cluley Security News is sponsored this week by the folks at SC Media. Thanks to the great team there for their support!
SC Media's 12th annual security conference, RiskSec (previously branded as SC Congress) will be held May 31 in New York City. This event will provide insights from thought leaders across various industries, focusing on the most significant issues that CISOs and other security professionals face every day.
Features include:
Interactive learning sessions
Demos from 25 prominent tech companies
30+ industry-leading speakers
Ability to earn up to 9 CPE credits
Breakfast and lunch from executive chef
Cocktail reception
In 2017, there was a record number of massive data breaches that compromised millions of users' data and cost senior-level executives their jobs. This event is a great opportunity to collaborate and continue to improve defense techniques.
Use discount code CLULEY for $100 off admission.
RiskSec is a selective event for senior security professionals. Space is limited and the event will sell out.
If you're interested in sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here. |
General Information Guideline | ★★ | |
|
2018-03-12 13:10:00 | Behavioral Biometrics Firm BioCatch Raises $30 Million (lien direct) | New York and Tel Aviv-based behavioral biometric authentication firm BioCatch has raised $30 million in new growth financing led by Maverick Ventures, and including American Express Ventures, NexStar Partners, Kreos Capital, CreditEase, OurCrowd, JANVEST Capital and other existing investors. | General Information | ||
|
2018-03-12 13:00:02 | Why Some Companies Are Embracing Blockchain (lien direct) | The ISBuzz Post: This Post Why Some Companies Are Embracing Blockchain | General Information | ||
 |
2018-03-12 12:43:04 | MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data (lien direct) | The team of security researchers-who last month demonstrated how attackers could steal data from air-gapped computers protected inside a Faraday cage-are back with its new research showing how two (or more) air-gapped PCs placed in the same room can covertly exchange data via ultrasonic waves.
Air-gapped computers are believed to be the most secure setup wherein the systems remain isolated
|
General Information | ||
|
2018-03-08 10:37:08 | NBlog March 8 - brainstorming awareness ideas (lien direct) |  At this early stage of the month, although we have some ideas in mind for the content of the next awareness module, they are unstructured. We need to clarify the scope and purpose of the module, developing themes to pull things together and 'tell the story'.Mind mapping is our favourite technique for that: we sketch out the topic area on a single sheet starting from a central topic word ("Assurance" this month) and arranging a few major themes around it, connecting the words to show their relationships. On paper, it starts out simply like this with 3 key themes: Then we expand on those initial themes with further details ... ... and keep going until we run short of inspiration and decide to move ahead to the next stage ... |
General Information | ★★ | |
|
2018-03-08 01:01:00 | Seize the Day: Celebrating Women in Security (lien direct) | International Women's Day is March 8, and IBM is joining the #PressforProgress by asking six inspiring women in security their thoughts on the industry and the next generation of security workers. | General Information | ||
|
2018-03-07 21:20:00 | Homeland Security\'s own IT security is a hot mess, watchdog finds (lien direct) | An inspector general audit found dozens of computers across the agency's networks were running old and outdated software, and in some cases, computers hadn't received security patches for five years. | General Information | ★★★ | |
|
2018-03-07 20:28:01 | Exploiting the User PII Held in Everyone\'s Web Browser (lien direct) | Browsers are the single most used application today. Everyone uses at least one browser, whether in the office or at home. But not everyone realizes just how much personal data is left hanging around inside their browsers; nor how easy it is for third-parties to extract it. | General Information | ★★★ | |
|
2018-03-07 17:31:03 | Qualcomm Requests National Security Review of Broadcom Bid (lien direct) | US chipmaker Qualcomm postponed its annual shareholders' meeting after secretly requesting a national security review of Broadcom's bid to take over the company, the Singapore-based Broadcom announced Monday. | General Information | ★★★ | |
|
2018-03-07 15:54:05 | Client Free ? Voici comment regarder les chaînes du groupe TF1 malgré la coupure ! (lien direct) |  Comme vous le savez surement, le groupe TF1 est en très mauvaise posture et en conflit généralisé face aux opérateurs. Free a déjà pris la décision de couper le service. Comment regarder TF1 malgré le blocage ? |
General Information | ||
 |
2018-03-07 15:20:00 | Group-IB Helps Suspend Ukrainian DDoS Attack Group (lien direct) | This case marks the first successful prosecution of cybercriminals in Ukraine, the organization reports. | General Information |
To see everything:
Our RSS (filtrered)
