What's new arround internet
Last one

Src Date (GMT) Titre Description Tags Stories Notes
globalsecuritymag.webp 2023-11-20 14:16:55 BeyondTrust présente ses prévisions en matière de cybersécurité pour 2024 et au-delà (lien direct) BeyondTrust présente ses prévisions en matière de cybersécurité pour 2024 et au-delà • Les experts de BeyondTrust anticipent les vecteurs de menace les plus susceptibles d'affecter les organisations du monde entier au cours de la nouvelle année. • Les principales menaces de cybersécurité comprennent l'évolution de la menace de l'IA, la cartographie des exploits pour les ransomwares et la mort des applications dédiées. - Points de Vue Threat Studies Prediction ★★★
globalsecuritymag.webp 2023-11-20 14:08:31 Prédictions 2024 : Trellix identifie une escalade des cyberattaques de plus en plus complexe à détecter (lien direct) Prédictions 2024 : Trellix identifie une escalade des cyberattaques de plus en plus complexe à détecter - Produits Prediction ★★★
globalsecuritymag.webp 2023-11-17 09:32:20 2024 Prédictions de sécurité des données & # 8211;Claude Mandy, systèmes de symétrie
2024 Data Security Predictions – Claude Mandy, Symmetry Systems (lien direct)		 Les prédictions de l'expert ex-gartner et de l'expert en sécurité des données Claude Mandy, chef évangéliste chez Symmetry Systems pour ce qui se trouve à l'horizon pour l'espace de cybersécurité en 2024. Veuillez voir ci-dessous pour les prédictions de Claude ci-dessous. - opinion
The predictions from ex Gartner Analyst & Data security expert Claude Mandy, Chief Evangelist at Symmetry Systems for what is on the horizon for the cybersecurity space in 2024. Please see below for predictions from Claude below. - Opinion		 Prediction ★★★
Dragos.webp 2023-11-16 14:00:00 Dragos Industrial Ransomware Analysis: T1 2023
Dragos Industrial Ransomware Analysis: Q3 2023 (lien direct)		 > Dans une tendance prévisible mais préoccupante, les groupes de ransomwares ont continué d'avoir un impact sur les entités industrielles et les infrastructures critiques au cours du troisième trimestre ... Le post Dragos Industrial Ransomware Analysis: Q3 2023 = "https://www.dragos.com"> dragos .
>In a predictable yet concerning trend, ransomware groups continued to impact industrial entities and critical infrastructure during the third quarter... The post Dragos Industrial Ransomware Analysis: Q3 2023  first appeared on Dragos.		 Ransomware Studies Industrial Prediction ★★★
globalsecuritymag.webp 2023-11-15 20:37:09 2024 Tendances et prédictions de sécurité
2024 Security Trends and Predictions (lien direct)		 2024 Tendances et prédictions de sécurité - opinion
2024 Security Trends and Predictions - Opinion		 Prediction ★★★
RecordedFuture.webp 2023-11-15 20:15:00 Désinformation générée par l'AI-AI une préoccupation majeure pour 2024 élections, a déclaré le secrétaire d'État du Michigan
AI-generated disinformation a top concern for 2024 elections, Michigan secretary of state says (lien direct)		 Le secrétaire d'État du Michigan, Jocelyn Benson, a déclaré mercredi que l'une de ses meilleurs inquiétudes concernant les élections de 2024 découle du potentiel de l'intelligence artificielle pour fomenter ce qu'elle a appelé la dissémination «hyper-localisée» de la désinformation.«Imaginez le jour du scrutin, les informations se déroulent sur les longues lignes [dans un quartier donné] qui appellent à la violence
Michigan Secretary of State Jocelyn Benson said Wednesday that one of her top worries about the 2024 elections stems from the potential for artificial intelligence to foment what she called “hyper-localized” dissemination of mis- and disinformation. “Imagine on election day, information goes out about long lines [in a given precinct] that are calling for violence		 Prediction ★★★
Netskope.webp 2023-11-15 19:16:36 Ce qui est en magasin pour 2024: prédictions sur zéro confiance, AI et au-delà
What\\'s in Store for 2024: Predictions About Zero Trust, AI, and Beyond (lien direct)		 > Avec 2024 à l'horizon, nous avons une fois de plus contacté notre profondeur d'experts ici à Netskope pour leur demander de faire de leur mieux en regardant la boule de cristal et de nous donner une tête sur les tendances et les thèmes qu'ils s'attendent à voir émerger dansla nouvelle année.Nous avons brisé leurs prédictions [& # 8230;]
>With 2024 on the horizon, we have once again reached out to our deep bench of experts here at Netskope to ask them to do their best crystal ball gazing and give us a heads up on the trends and themes that they expect to see emerging in the new year. We\'ve broken their predictions […] 		Prediction ★★★
globalsecuritymag.webp 2023-11-14 18:35:46 2024 Prédictions de cybersécurité des experts en sécurité des données
2024 Cybersecurity Predictions from Data Security Experts (lien direct)		 2024 Prédictions de cybersécurité des experts en sécurité des données Adam Gavish, PDG et co-fondateur, et Tim Davis, VP Solutions Consulting, chez Docontrol - opinion
2024 Cybersecurity Predictions from Data Security Experts Adam Gavish, CEO & Co-founder, and Tim Davis, VP Solutions Consulting, at DoControl - Opinion		 Prediction ★★★
globalsecuritymag.webp 2023-11-14 16:40:49 2024 Prédictions de l'industrie & # 8211;Des dirigeants de Stackhawk
2024 Industry Predictions – Executives from StackHawk (lien direct)		 Alors que 2023 touche à sa fin, je voulais partager certaines prédictions de l'équipe de direction de Stackhawk sur ce qui est à l'horizon pour l'espace de cybersécurité en 2024. Veuillez voir ci-dessous pour les prédictions de Joni Klippert, PDG et fondateurde Stackhawk, Scott Gerlach, CSO et co-fondateur de Stackhawk et Dan Hopkins, vice-président de l'ingénierie à Stackhawk.Le changement de sécurité, de conformité et d'automatisation qui a quitté est parmi les principales tendances que Joni, Scott et Dan s'attendent à secouer le paysage des menaces l'année prochaine. - opinion
As 2023 comes to a close, I wanted to share some predictions from the leadership team at StackHawk about what\'s on the horizon for the cybersecurity space in 2024. Please see below for predictions from Joni Klippert, CEO and Founder of StackHawk, Scott Gerlach, CSO and Co-Founder of StackHawk, and Dan Hopkins, VP of Engineering at StackHawk. Shift left security, compliance, and automation are among the top trends that Joni, Scott and Dan are expecting to shake up the threat landscape next year. - Opinion		 Threat Industrial Prediction ★★★
globalsecuritymag.webp 2023-11-14 13:48:11 Confiance numérique : DigiCert dévoile ses prédictions pour 2024 (lien direct) Confiance numérique : DigiCert dévoile ses prédictions pour 2024 L'onde de choc cybersécuritaire provoquée par l'intelligence artificielle et la cryptographie post-quantique (PQC) au cœur des prédictions 2024 - Points de Vue Prediction ★★★
globalsecuritymag.webp 2023-11-14 13:21:20 Prévisions de cybersécurité pour 2024 - SecurityScorecard (lien direct) Prévisions de cybersécurité pour 2024 - SecurityScorecard par Alex Heid, vice-président de Threat Intelligence et de Steve Cobb, responsable de la sécurité de l'information (RSSI) de SecurityScorecard - Points de Vue Threat Prediction ★★★
SecureList.webp 2023-11-14 10:00:24 Prédictions avancées des menaces pour 2024
Advanced threat predictions for 2024 (lien direct)		 Les chercheurs de Kaspersky examinent les prédictions APT pour 2023 et les tendances actuelles du paysage des menaces avancées et tentent de prédire comment elle se développera en 2024.
Kaspersky researchers review APT predictions for 2023 and current trends in the advanced threat landscape, and try to predict how it will develop in 2024.		 Threat Prediction ★★★
ProofPoint.webp 2023-11-13 07:14:17 Informations exploitables: comprenez votre profil de risque global avec le rapport de résumé exécutif
Actionable Insights: Understand Your Overall Risk Profile with the Executive Summary Report (lien direct)		 In this blog series we cover how to improve your company\'s security posture with actionable insights. Actionable insights are a critical tool to help you improve your security posture and stop initial compromise in the attack chain. You can use them to identify and respond to potential risks, enhance your incident response capabilities, and make more informed security decisions.  In previous actionable insights blog posts, we covered these topics:  People risk  Origin risk  Business email compromise (BEC) risk  Ensuring proper risk context  Risk efficacy  Telephone-oriented attack delivery (TOAD) risk  Threat intelligence  In this post, we introduce the new TAP Executive Summary Report-which is available to all Proofpoint Targeted Attack Protection (TAP) customers who use the Proofpoint Aegis threat protection platform. We\'ll show you why the Executive Summary Report is so useful so you can use it effectively to enhance your company\'s security posture.     Unlock powerful insights with the Executive Summary Report  Email security is more crucial than ever in today\'s fast-evolving threat landscape. To protect your business and users from emerging threats, you need the right tools-like the TAP Dashboard Executive Summary Report.   We designed this new report specifically to meet the high-level reporting needs of executives and other decision-makers. It empowers these users by providing quick, easy-to-consume insights on their email security, which helps to accelerate their decision-making. You can find it in the Reports section of the TAP Dashboard as the new first tab.  Let\'s explore how this new feature can help your business.  Insights: What you can learn from the Executive Summary  This report gives you a comprehensive overview of your business\'s email threat landscape. It equips your teams and executives with actionable intelligence.   End-to-end threat protection insights  Integrating data from the Proofpoint email gateway, the Executive Summary Report offers a holistic view of your company\'s inbound email threat protection effectiveness. This end-to-end visibility helps you understand how your security measures perform across your email stack.   Inbound email protection breakdown  This new visualization in the TAP Threat Insight Dashboard provides an at-a-glance breakdown of the total number of messages received through your email protection stack. It reveals how and when Proofpoint identified and blocked malicious messages. With this detailed insight, you can identify threats and detect anomalies-and make data-driven decisions to enhance your email security.  The inbound email protection breakdown.  Exposure insights  The Executive Summary Report also provides insight into potentially exposed messages. With drilldowns and actionable items, you can address these threats quickly to minimize the risk of a breach.    Exposure insights in the Executive Summary Report.  Messages protected  This chart offers a trended view of messages protected by advanced threat detection capabilities in Proofpoint TAP. The information presented is broken down by threat type or category. It lets you see the evolving nature of threats over time, so you can conduct a more in-depth analysis of your company\'s email security.  The messages protected trend chart-by threat type.  Efficacy metrics  There are two charts that report on Proofpoint TAP\'s efficacy. The first is the “threat landscape effectiveness” chart. It provides you with a clear understanding of where the most significant threats exist within your email landscape. It displays top objectives, malware families and threat actors by total message volume.    The threat landscape effectiveness chart with a breakdown of threat objectives.  The second chart is “inbound protection overview.” This donut-style chart combines traditional email security and advanced threat detection (TAP) metrics. This single statistic reflects the overall effectiveness of your Proofpoint inbound email prote Malware Tool Threat Prediction ★★
Blog.webp 2023-11-13 01:42:44 2023 Sep & # 8211;Rapport de tendance des menaces sur les groupes APT
2023 Sep – Threat Trend Report on APT Groups (lien direct)		 Dans ce rapport, nous couvrons des groupes de menaces dirigés par la nation présumés de mener du cyber-espionnage ou du sabotage sous le soutien du soutiendes gouvernements de certains pays, appelés groupes de menace persistante avancés (APT) & # 8221;Pour des raisons pratiques.Par conséquent, ce rapport ne contient pas d'informations sur les groupes de cybercrimins visant à obtenir des bénéfices financiers.Nous avons organisé des analyses liées aux groupes APT divulgués par des sociétés de sécurité et des institutions, notamment AHNLAB au cours du mois précédent;Cependant, le contenu de certains groupes APT peut ne pas ...
In this report, we cover nation-led threat groups presumed to conduct cyber espionage or sabotage under the support of the governments of certain countries, referred to as “Advanced Persistent Threat (APT) groups” for the sake of convenience. Therefore, this report does not contain information on cybercriminal groups aiming to gain financial profits. We organized analyses related to APT groups disclosed by security companies and institutions including AhnLab during the previous month; however, the content of some APT groups may not... 		Threat Prediction ★★
Blog.webp 2023-11-13 01:42:17 2023 Sep & # 8211;Rapport de tendance des menaces sur les statistiques des ransomwares et les problèmes majeurs
2023 Sep – Threat Trend Report on Ransomware Statistics and Major Issues (lien direct)		 Ce rapport fournit des statistiques sur le nombre de nouveaux échantillons de ransomware, des systèmes ciblés et des entreprises ciblées en septembre 2023, ainsi que des problèmes de ransomware notables en Corée et dans d'autres pays.Tendances clés 1) diminution nette des entreprises ciblées liées aux ransomwares de CloP et à Moveit 2) Ransomware de Noescape et ses imitations 3) Ransomware Group utilisant le RGPD comme bluff (GDPR GAMBIT) 4) Autres SEP_Trente Rapport sur les statistiques de rançon et les principaux problèmes
This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in September 2023, as well as notable ransomware issues in Korea and other countries. Key Trends 1) Sharp Decrease in Targeted Businesses Related to CLOP Ransomware and MOVEit 2) NoEscape Ransomware and Its Imitations 3) Ransomware Group Using GDPR as a Bluff (GDPR Gambit) 4) Others Sep_Threat Trend Report on Ransomware Statistics and Major Issues 		Ransomware Threat Prediction ★★★
Blog.webp 2023-11-13 01:41:52 2023 Sep & # 8211;Rapport de tendance des menaces sur le groupe Kimsuky
2023 Sep – Threat Trend Report on Kimsuky Group (lien direct)		 Les activités de Kimsuky Group & # 8217; en septembre 2023 ont montré une augmentation notable du type RandomQuery, tandis que, tandis que, tandis que, tandis queLes activités d'autres types étaient relativement faibles ou inexistantes.& # 160;SEP_TRÉTERAT TREND RAPPORT SUR KIMSUKY GROUP
The Kimsuky group’s activities in September 2023 showed a notable surge in the RandomQuery type, while the activities of other types were relatively low or non-existent.   Sep_Threat Trend Report on Kimsuky Group 		Threat Prediction ★★★
Blog.webp 2023-11-13 01:41:34 2023 Sep & # 8211;Rapport sur la tendance des menaces du Web Deep et Dark
2023 Sep – Deep Web and Dark Web Threat Trend Report (lien direct)		 Ce rapport de tendance sur le Web Deep et le Web Dark de septembre 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteurs de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.Ransomware & # 8211;Akira & # 8211;Alphv (Blackcat) & # 8211;Lockbit & # 8211;Forum Ransomedvc & # 38;Marché noir & # 8211;Violation de données affectant 7 millions d'utilisateurs & # 8211;Les informations personnelles des policiers ont divulgué l'acteur de menace & # 8211;Poursuite des individus associés au ...
This trend report on the deep web and dark web of September 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actors. We would like to state beforehand that some of the content has yet to be confirmed to be true. Ransomware – Akira – ALPHV (BlackCat) – LockBit – RansomedVC Forum & Black Market – Data Breach Affecting 7 Million Users – Personal Information of Police Officers Leaked Threat Actor – Prosecution of Individuals Associated with the... 		Ransomware Data Breach Threat Prediction ★★★
knowbe4.webp 2023-11-12 15:12:07 Désinformation de l'IA exposée: un faux "Tom Cruise" attaque les Jeux olympiques
AI Disinformation Exposed: A Fake "Tom Cruise" Attacks the Olympics (lien direct)		 Ai Disinformation Exposed: Un faux En utilisant une page directement hors du livre de jeu KGB, une nouvelle attaque de désinformation dirigée par AI a été déchaînée.La dernière victime de cette tendance inquiétante n'est autre que le Comité international olympique (CIO).Voici plus sur la façon dont l'IA a été mal utilisée pour créer une fausse campagne de nouvelles ciblant l'un des corps sportifs les plus connus du monde. Une série "documentaire", fabriquée à l'aide d'une IA avancée,A présenté la star de la voix de Hollywood, Tom Cruise.Cependant, c'était une illusion.La voix, les allégations, le prétendu documentaire intitulé «Les Jeux olympiques ont diminué» & # 8211;Rien de tout cela n'était réel.Cette série a allégué une corruption au cœur du CIO, une affirmation qui a depuis été démystifiée mais pas avant de provoquer des ondulations importantes. Ce qui rend cet incident particulièrement alarmant, c'est l'utilisation sophistiquée de l'IA pour cloner les voix de célébrités.Il ne s'agit pas seulement du CIO ou des Jeux olympiques;C'est un exemple flagrant des défis éthiques et juridiques posés par l'IA.L'utilisation abusive des voix de célébrités comme Tom Cruise, Tom Hanks et Scarlett Johansson montre une responsabilité de l'industrie du divertissement & # 8211;L'utilisation non autorisée et contraire à l'éthique de l'IA pour Génie social . L'attaquea fait une mise en évidence avec la suspension du Comité olympique national de Russie sur les tensions géopolitiques, en particulier la reconnaissance des organisations sportives régionales dans les territoires ukrainiens contestés.Le moment de cette campagne de désinformation est un effort orchestré pour tirer parti des événements mondiaux à enjeux élevés pour influencer l'opinion publique. & Nbsp; Le CIO, en réponse, a été proactif En dénonçant ces Deepfakes générés par l'AI et a conseillé aux représentants des médias de confirmer l'authenticité d'un tel contenuavec leur bureau de presse.Malgré leurs efforts pour supprimer le contenu des plateformes comme YouTube, il a trouvé un paradis sur un canal télégramme, montrant qu'il est très difficile de contrôler la désinformation de la propagation sur Internet. Cet incident sert deUn rappel brutal de la nature à double tranchant de l'IA.Alors que l'IA a le potentiel de révolutionner notre monde de manière positive, son utilisation abusive peut entraîner des conséquences importantes.Pour des organisations comme le CIO, c'est un réveil aux menaces du nouvel âge auxquelles ils sont confrontés & # 8211;où le champ de bataille n'est pas seulement physique mais de plus en plus numérique.
AI Disinformation Exposed: A Fake Using a page straight out of the KGB playbook, a new AI-driven disinformation attack has been unleashed. The latest victim of this disturbing trend is none other than the International Olym		 Prediction ★★
ProofPoint.webp 2023-11-10 08:04:20 2023 Prédictions de l'escroquerie de vacances, si ce que vous devez savoir
2023 Holiday Scam Predictions-Here\\'s What You Should Know (lien direct)		 \'Tis the season for cyberscams. As the holiday season nears, adversaries will try to take advantage of people\'s generosity and holiday spirit. That\'s why it\'s critical to be alert.   While it\'s still early to detect and analyze seasonal trends, we anticipate to see several new and emerging techniques in attackers\' creativity and lures, along with tried-and-true tactics from previous holiday seasons.   From generative AI that helps telephone-oriented attack delivery (TOAD) to multifactor authentication (MFA) bypass that leans on shipping alerts, here\'s a look at five holiday scam predictions. These are the tricks and trends that you might see evolve in this year\'s winter threat landscape.  1: Generative AI will make threat detection trickier   What\'s blown up since last holiday season? A little thing called generative AI. This emerging technology might change the game of crafting emails that include those too-good-to-be-true offers. Phony shipping emails are always favorites for attackers, and they always become more frequent during the holidays. Nobody wants a problem with merchandise they\'ve ordered or packages they\'ve shipped.  Last year, many holiday season shipping phishing attempts featured standard red flags, like grammatical errors and non-native language structure. These are easily detectable at a quick glance. But this year, we expect to see many attackers using generative AI to write their emails and texts, potentially reducing easy detection.   So go a level deeper when you\'re trying to determine whether a holiday season shipping email is a scam. Take a closer look these emails and ask these questions:  Is the message generic or personalized?  Are you being asked for unnecessary sensitive information?  Does the sender display name match the email address? (This is a safety checklist item that people learn in security awareness training.)  Are you being asked to pay a fee to receive a package? (Note: In this case, it\'s best to refuse the delivery until you can confirm the shipment is legitimate.)  2: TOAD scams might get an AI boost   TOAD has become part of the threat toolkit, as attackers push victims to take unsafe actions over the phone. Writing with generative AI could increase the believability of TOAD attacks that use a holiday playbook.   Need to stop an expensive gift purchase on your credit card or accept a heavily discounted travel offer? Then, contact this (fake) call center! If an AI-generated email successfully imitates a legitimate company, it\'s more likely that the victim will dial the phone number they\'re directed to.  Generative AI could also provide opportunities to expand holiday scams globally. For instance, every Christmas and New Year, we see English-language vacation scams that target a Western audience. But there is also a huge volume of travel and celebration for Lunar New Year in China, South Korea, Vietnam and Hong Kong. If attackers previously lacked cultural knowledge or language skills to target these populations, they might now use freely available AI tools to quickly research what experiences might feel meaningful and create holiday lures that are localized and enticing.   Luckily, generative AI is unlikely to improve interaction with the fraudulent call center. If you call the TOAD number, red flags should still be detectable. For instance, be wary if the “operator” is:  Clearly following a script.  Pressuring you to take an action.  Speaking in a regional accent that your security awareness training has taught you is where call center fraud often originates.   3: MFA bypass could surface more often   MFA bypass surged in popularity last year, and we continue to see an increase in the number of lures that use this technique. The attacker steals account credentials in real time by intercepting the MFA short code when the victim types it into an account login page that is fake or compromised.   Since MFA bypass is an ongoing threat trend, we expect to see the techniques applied this year to holiday- Tool Threat Prediction FedEx ★★★
TechRepublic.webp 2023-11-09 15:52:19 Les tendances de cybersécurité de Google Cloud \\ à regarder en 2024 incluent des attaques génératives basées sur l'IA
Google Cloud\\'s Cybersecurity Trends to Watch in 2024 Include Generative AI-Based Attacks (lien direct)		 Un rapport de novembre de Google Cloud détaille les tactiques de logiciels malveillants possibles de l'État national en 2024 et de nouveaux angles de cyberattaques.
A November report from Google Cloud details possible nation-state malware tactics in 2024 and new angles of cyberattacks.		 Malware Prediction Cloud ★★★
globalsecuritymag.webp 2023-11-09 14:25:07 Perspectives pour 2024 : avec l\'IA et le CaaS, les cybercriminels s\'offrent de nouveaux leviers d\'attaque plus simples (lien direct) Perspectives pour 2024 : avec l'IA et le CaaS, les cybercriminels s'offrent de nouveaux leviers d'attaque plus simples. estime Fortinet - Points de Vue Prediction ★★★
Fortinet.webp 2023-11-09 14:00:00 Prédictions de menace pour 2024: les opérations d'IA et de CAAS enchaînées donnent aux attaquants plus «faciles» que jamais
Threat Predictions for 2024: Chained AI and CaaS Operations Give Attackers More “Easy” Buttons Than Ever (lien direct)		 Lisez Fortiguard Labs \\ 'Dernières prédictions de menace Regardez les dernières tactiques d'attaque et techniques que les organisations pourraient voir en 2024 et au-delà.
Read FortiGuard Labs\' latest threat predictions look at the latest attack tactics and techniques organizations might see in 2024 and beyond.		 Threat Prediction ★★★
globalsecuritymag.webp 2023-11-08 14:29:47 Digicert dévoile les prédictions du PDG pour la confiance numérique en 2024
DigiCert Unveils CEO Predictions for Digital Trust in 2024 (lien direct)		 Digicert dévoile les prédictions du PDG pour la confiance numérique en 2024 Les principales prédictions se concentrent sur l'impact sismique de l'intelligence artificielle et de la cryptographie post-quantum sur le paysage de la cybersécurité - opinion
DigiCert Unveils CEO Predictions for Digital Trust in 2024 Top predictions center on seismic impact of artificial intelligence and post-quantum cryptography on cybersecurity landscape - Opinion		 Prediction ★★
RecordedFuture.webp 2023-11-08 13:00:00 Un package python désagréable continue une tendance à cibler les développeurs
A nasty Python package continues a trend of targeting developers (lien direct)		 Parfois, lorsque des pirates malveillants se mêlent d'un développement de logiciels open source, la cible n'est pas le logiciel - c'est les développeurs eux-mêmes.Les chercheurs de la société de cybersécurité CheckMarx disent qu'ils ont suivi des logiciels malveillants destinés à infecter les ordinateurs des développeurs qui travaillent avec la langue Python populaire et ont besoin d'obscurcir leur code, ou de le faire
Sometimes when malicious hackers meddle with open-source software development, the target isn\'t the software - it\'s the developers themselves. Researchers at cybersecurity firm Checkmarx say they have been tracking malware intended to infect the computers of developers who work with the popular Python language and have a need to obfuscate their code, or make it		 Malware Prediction ★★
GoogleSec.webp 2023-11-08 09:03:58 Évolution de l'App Defence Alliance
Evolving the App Defense Alliance (lien direct)		 Publié par Nataliya Stanetsky, Android Security and Privacy Team L'App Defence Alliance (ADA), une collaboration à la tête de l'industrie Lancé Par Google en 2019, dédié à garantir la sécurité de l'écosystème de l'application, fait un pas en avant majeur.Nous sommes fiers de Annonce que l'App Defence Alliance se déplace sous l'égide de la Fondation Linux, avec Meta, Microsoft et Google en tant que membres de la direction fondatrice. Cette migration stratégique représente un moment central dans le parcours de l'Alliance \\, ce qui signifie un engagement partagé par les membres pour renforcer la sécurité des applications et les normes connexes entre les écosystèmes.Cette évolution de l'App Defence Alliance nous permettra de favoriser une mise en œuvre plus collaborative des normes de l'industrie pour la sécurité des applications. Uniter pour la sécurité des applications Le paysage numérique évolue continuellement, tout comme les menaces pour la sécurité des utilisateurs.Avec la complexité toujours croissante des applications mobiles et l'importance croissante de la protection des données, c'est le moment idéal pour cette transition.La Fondation Linux est réputée pour son dévouement à favoriser des projets open source qui stimulent l'innovation, la sécurité et la durabilité.En combinant des forces avec des membres supplémentaires sous la Fondation Linux, nous pouvons nous adapter et répondre plus efficacement aux défis émergents. L'engagement de la nouvelle application de défense de la Defence Alliance \\ est des membres de la direction & # 8211;Meta, Microsoft et Google & # 8211;est essentiel pour faire de cette transition une réalité.Avec une communauté membre couvrant 16 membres généraux et contributeurs supplémentaires, l'alliance soutiendra l'adoption à l'échelle de l'industrie des meilleures pratiques et directives de la sécurité des applications, ainsi que des contre-mesures contre les risques de sécurité émergents. Poursuivant le programme d'atténuation des logiciels malveillants L'App Defence Alliance a été formée avec la mission de réduire le risque de logiciels malveillants basés sur l'application et de mieux protéger les utilisateurs d'Android.La défense malveillante reste un objectif important pour Google et Android, et nous continuerons de nous associer étroitement avec les membres du programme d'atténuation des logiciels malveillants & # 8211;ESET, Lookout, McAfee, Trend Micro, Zimperium & # 8211;sur le partage direct du signal.La migration de l'ADA sous la Fondation Linux permettra un partage plus large de l'intelligence des menaces à travers les principaux partenaires et chercheurs écosystémiques. en regardant vers l'avenir et en se connectant avec l'ADA Nous vous invitons à rester connecté avec la nouvelle Alliance de défense de l'application sous l'égide de la Fondation Linux.Rejoignez la conversation pour aider à rendre les applications plus sécurisées.Avec le comité directeur, Alliance Partners et l'écosystème plus large, nous sommes impatients de créer des écosystèmes d'applications plus sûrs et dignes de confiance.
Posted by Nataliya Stanetsky, Android Security and Privacy Team The App Defense Alliance (ADA), an industry-leading collaboration launched by Google in 2019 dedicated to ensuring the safety of the app ecosystem, is taking a major step forward. We are proud to 		Malware Threat Mobile Prediction ★★
RiskIQ.webp 2023-11-02 20:07:38 Dévoiler le côté obscur: une plongée profonde dans les familles de ransomwares actifs
Unveiling the Dark Side: A Deep Dive into Active Ransomware Families  (lien direct)		 #### Description Dans le paysage en constante évolution de la cybersécurité, une tendance constante observée ces dernières années est l'augmentation troublante des attaques de ransomwares.Le groupe NCC partage TTP \\ déployé par quatre familles de ransomwares récemment observées lors des engagements de réponse aux incidents du NCC Group \\.Les familles de ransomwares qui seront explorées sont: - Blackcat & # 8211;Il est également connu sous le nom d'ALPHV, observé pour la première fois en 2021, un ransomware en tant que service (RAAS) utilisant souvent la méthode d'extorsion à double extorsion pour le gain monétaire. - Donut & # 8211; Le groupe d'extorsion D0nut a été signalé pour la première fois en août 2022 pour avoir violé les réseaux et exigeant des rançons en échange de ne pas fuiser des données volées.Quelques mois plus tard, les rapports du groupe utilisant le cryptage ainsi que l'exfiltration de données ont été publiés avec des spéculations selon lesquelles le ransomware déployé par le groupe a été lié à des ransomwares Helloxd.Il existe également des liens soupçonnés entre les affiliés D0nut et les opérations de ransomware de casier Hive et Ragnar. - Medusa & # 8211;À ne pas confondre avec Medusalocker, Medusa a été observée pour la première fois en 2021, est un ransomware en tant que service (RAAS) utilisant souvent la méthode d'extorsion à double extorsion pour le gain monétaire.En 2023, l'activité des groupes \\ 'a augmenté avec le lancement du blog \' Medusa \\ '.Cette plate-forme sert d'outil pour divulguer des données appartenant aux victimes. - NoEscape & # 8211;Fin mai 2023, un Ransomware nouvellement émergé en tant que service (RAAS) a été observé sur un forum de cybercriminalité nommé NoeScape. #### URL de référence (s) 1. https://research.nccgroup.com/2023/10/31/unveiling-the-dark-side-a-plongée profonde-inactive-ransomware-families / #### Date de publication 31 octobre 2023 #### Auteurs) Alex Jessop @Thissisfinechief Molly Dewis
#### Description In the ever-evolving cybersecurity landscape, one consistent trend witnessed in recent years is the unsettling rise in ransomware attacks. NCC Group shares TTP\'s deployed by four ransomware families recently observed during NCC Group\'s incident response engagements. The ransomware families that will be explored are: - BlackCat – Also known as ALPHV, first observed in 2021, is a Ransomware-as-a-Service (Raas) often using the double extortion method for monetary gain. - Donut –The D0nut extortion group was first reported in August 2022 for breaching networks and demanding ransoms in return for not leaking stolen data. A few months later, reports of the group utilizing encryption as well as data exfiltration were released with speculation that the ransomware deployed by the group was linked to HelloXD ransomware. There is also suspected links between D0nut affiliates and both Hive and Ragnar Locker ransomware operations. - Medusa – Not to be confused with MedusaLocker, Medusa was first observed in 2021, is a Ransomware-as-a-Service (RaaS) often using the double extortion method for monetary gain. In 2023 the groups\' activity increased with the launch of the \'Medusa Blog\'. This platform serves as a tool for leaking data belonging to victims. - NoEscape – At the end of May 2023, a newly emerged Ransomware-as-a-Service (RaaS) was observed on a cybercrime forum named NoEscape. #### Reference URL(s) 1. https://research.nccgroup.com/2023/10/31/unveiling-the-dark-side-a-deep-dive-into-active-ransomware-families/ #### Publication Date October 31, 2023 #### Author(s) Alex Jessop @ThisIsFineChief Molly Dewis 		Ransomware Tool Prediction ★★
globalsecuritymag.webp 2023-10-31 15:08:46 Prévisions Forrester sur la cybersécurité, les risques et la confidentialité pour 2024 (lien direct) Forrester vient de dévoiler ses prévisions pour 2024 dans les domaines de la cybersécurité, du risque, de la confidentialité des données et de la confiance. - Points de Vue Prediction ★★★
CVE.webp 2023-10-30 17:15:51 CVE-2023-21366 (lien direct) Dans Scudo, il existe un moyen possible pour un attaquant de prédire les modèles d'allocation de tas en raison de la mise en œuvre / de la conception non sécurisée.Cela pourrait entraîner une divulgation d'informations locales sans aucun privilège d'exécution supplémentaire nécessaire.L'interaction utilisateur n'est pas nécessaire pour l'exploitation.
In Scudo, there is a possible way for an attacker to predict heap allocation patterns due to insecure implementation/design. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.		 Prediction
globalsecuritymag.webp 2023-10-30 10:03:14 Trend Micro annonce Trend Vision One (lien direct) #Cybersecurité #Cloud #ContainerSecurity. Trend Micro annonce Trend Vision One – Container Security et poursuit la consolidation de sa plateforme unifiée de cybersécurité : Trend Vision One™. • L'offre de sécurité des containers vient enrichir la plateforme unifiée de Trend, conçue pour simplifier les opérations de sécurité sur une console unique. • Trend Container Security permet aux entreprises de réduire les risques liés à la sécurité du cloud et aux équipes SOC de gagner jusqu'à deux semaines d'effort par incident. - Produits Prediction Cloud ★★
Trend.webp 2023-10-30 00:00:00 Trend Micro reconnue comme un favori des clients
Trend Micro Recognized as a Customer Favorite (lien direct)		 Les commentaires des clients valident le leadership de la tendance \\ dans XDR, la sécurité de terminaison, le cloud hybride
Customer feedback validates Trend\'s leadership in in XDR, endpoint security, hybrid Cloud		 Prediction Cloud ★★
DarkReading.webp 2023-10-28 00:08:00 10 conseils pour une formation de sensibilisation à la sécurité qui atteint la cible
10 Tips for Security Awareness Training That Hits the Target (lien direct)		 Essayez ces astuces pour concevoir un programme d'éducation qui fait investir les employés - et reste avec eux une fois la formation terminée.
Try these tricks for devising an education program that gets employees invested - and stays with them after the training is over.		 Guideline Prediction ★★
DarkReading.webp 2023-10-26 19:56:00 Verve buy de Rockwell \\ Enlivens Critical Infrastructure Security
Rockwell\\'s Verve Buy Enlivens Critical Infrastructure Security (lien direct)		 Le géant de l'automatisation industrielle accepte d'acheter une protection industrielle de Verve, se joignant à une tendance ICS à apporter des capacités de cybersécurité en interne pour suivre les attaquants.
The industrial automation giant agrees to buy Verve Industrial Protection, joining in an ICS trend of bringing cybersecurity capabilities in-house to keep up with attackers.		 Industrial Prediction ★★★
globalsecuritymag.webp 2023-10-26 13:55:43 Une année 2024 chargée pour les DPO et les RSSI (lien direct) Une année 2024 chargée pour les DPO et les RSSI. Le président de l\'AFCDP, l\'Association française des correspondants à la protection des données à caractère personnel, Paul-Olivier Gibert confirme que la mise en œuvre de la directive NIS 2 (Network and Information Security), cinq ans après le RGPD, occupera l\'agenda des DPO et celui des RSSI en 2024. - Investigations
Une année 2024 chargée pour les DPO et les RSSI. Le président de l\'AFCDP, l\'Association française des correspondants à la protection des données à caractère personnel, Paul-Olivier Gibert confirme que la mise en œuvre de la directive NIS 2 (Network and Information Security), cinq ans après le RGPD, occupera l\'agenda des DPO et celui des RSSI en 2024. - Investigations		 Prediction ★★
Checkpoint.webp 2023-10-26 13:00:35 The Financial Implications of Cyber Security: How Catch Rates Impact Organizational Risk (lien direct) >Despite its countless benefits, the internet can be a hostile place for business. As organizations continue to expand their digital footprints, moving workloads into the cloud and growing their network of devices, they leave themselves vulnerable to a rapidly evolving cyber threat landscape. Gartner\'s number one cybersecurity trend of 2022 was “attack surface expansion” – organizations increasing their digital presence to leverage new technologies and facilitate remote and hybrid working. As of 2023, almost 13% of full-time employees work from home, with over 28% working a hybrid model. At the same time, Check Point recorded a 38% uplift in global […]
>Despite its countless benefits, the internet can be a hostile place for business. As organizations continue to expand their digital footprints, moving workloads into the cloud and growing their network of devices, they leave themselves vulnerable to a rapidly evolving cyber threat landscape. Gartner\'s number one cybersecurity trend of 2022 was “attack surface expansion” – organizations increasing their digital presence to leverage new technologies and facilitate remote and hybrid working. As of 2023, almost 13% of full-time employees work from home, with over 28% working a hybrid model. At the same time, Check Point recorded a 38% uplift in global […] 		Threat Prediction Cloud ★★
ProofPoint.webp 2023-10-26 06:00:18 Break the Attack Chain with Identity Threat Protection (lien direct) “The attacker only has to be right once. Defenders have to get it right every time.” This well-known saying has shaped countless cybersecurity strategies. The belief is that a single compromise of our defenses can lead to a catastrophic outcome.   As new risks emerge and attackers develop tactics to evade controls, defenders face the daunting task of protecting an ever-expanding array of connected identities. Many companies now embrace resilience strategies, accepting that an incident is inevitable - “It\'s not a matter of if, but when.” That\'s because defenders have been fixated on the impossible task of protecting everything within the business.   But a new industry approach to cyber defense in recent years has emerged that points the path towards a better way. Instead of protecting everything, defenders should aim to neutralize attackers\' tactics, techniques and procedures (TTPs), which are hard to replace. This disrupts the completion of the attack chain.   What is the attack chain? And how does identity threat protection disrupt it? That\'s what we\'re here to discuss.   The enduring relevance of the attack chain  No other concept has captured the essence of successful cyber attacks like the attack chain (aka the “cyber kill chain”), which was developed by Lockheed Martin in 2011. Even 12 years later, the attack chain remains relevant, while defenders struggle to prevent the most impactful incidents.   While cyber criminals don\'t follow the same steps every time, the basic phases of an attack are pretty much always the same:  Steps in the cyber attack chain.  The challenge of initial compromise   The first phase in the attack chain is the initial compromise. Modern cyber criminals use an array of tactics to infiltrate companies and wreak havoc on their systems, from BEC attacks to cloud account takeovers and ransomware incidents.   One trend is to exploit trusted third-party relationships to compromise companies through their suppliers. What seems like an innocuous initial email can escalate into a full-scale compromise with great speed. Once attackers gain unrestricted access to a company\'s domain, they can infiltrate email accounts to commit fraudulent activities.   One alarming twist to credential phishing emails is that they can evade detection. They leave behind no traces of compromise or malware. Even with the rise of multifactor authentication (MFA), these attacks continue to surge.   Once accounts are compromised through a credential phishing email or a vulnerable remote desktop session, businesses face the next phase of the attack chain: privileged escalation and lateral movement within their networks.   Next phase: privilege escalation and lateral movement   This is the middle of the attack chain. And it\'s where threat actors try to breach a company\'s defenses. Often, they do this by compromising the identities of employees, contractors, service providers or edge devices. Their main goal is to use this initial access to elevate their privileges, typically targeting Active Directory (AD).   AD, which many businesses around the world use, is susceptible to compromise. It can provide attackers with unparalleled control over a company\'s computing infrastructure. With this access, they can engage in lateral movement and spread malware across the business, causing more harm.   Finally, the risk of data loss   Attackers don\'t rely on a single stroke of luck. Their success hinges on a series of precise maneuvers. Monetary gains through data exfiltration are often their objective. And once they have navigated the intricate web of identities, they can target valuable data and orchestrate data theft operations.   Defenders must disrupt this chain of events to prevent the loss of sensitive data, like intellectual property or customer identifiable data. Then, they can gain the upper hand and steer the course of cybersecurity in their favor.   The three best opportunities to break the attack chain.  Building a map of your organizat Ransomware Malware Tool Threat Prediction Cloud ★★
The_State_of_Security.webp 2023-10-25 03:03:28 Sécurité dans l'industrie immobilière: défis et comment éviter les attaques
Security in the Property Industry: Challenges and How to Avoid Attacks (lien direct)		 Ces dernières années, il y a eu une tendance majeure en cours vers une plus grande infrastructure numérique et une dépendance accrue à l'égard de la technologie dans une grande variété de secteurs.Dans l'industrie immobilière, cela s'est manifesté fortement dans la croissance du marché de la technologie immobilière (Proptech).Ces développements ont eu un impact sérieux sur le secteur, permettant des progrès qui améliorent les processus existants et ajoutent de nouvelles fonctionnalités aux transactions immobilières.Malheureusement, l'omniprésence de la technologie numérique dans l'industrie immobilière en fait également une cible primordiale pour les cybercriminels, laissant les organisations et ...
In recent years, there has been a major ongoing trend toward more digital infrastructure and an increased dependence on technology across a wide variety of sectors. In the property industry, this has manifested heavily in the growth of the property technology (PropTech) market. These developments have had a serious impact on the sector, enabling advances that both improve existing processes and add new features to real estate transactions. Unfortunately, the ubiquity of digital technology in the property industry also makes it a prime target for cybercriminals, leaving organizations and...		 Prediction ★★
Checkpoint.webp 2023-10-23 13:00:45 Dans le cyber-abîme: les prédictions de Riveting 2024 de Check Point \\ révèlent une tempête de l'IA, du hacktivisme et des fasks profonds armés
Into the Cyber Abyss: Check Point\\'s Riveting 2024 Predictions Reveal a Storm of AI, Hacktivism, and Weaponized Deepfakes (lien direct)		 Les activités criminelles ont bondi au premier semestre, avec des recherches sur le point de contrôle (RCR) signalant une augmentation de 8% des cyberattaques hebdomadaires mondiales au deuxième trimestre, marquant le volume le plus élevé en deux ans.Les menaces familières telles que le ransomware et le hacktivisme ont évolué, les gangs criminels modifiant leurs méthodes et outils pour infecter et affecter les organisations du monde entier.Même les technologies héritées telles que les périphériques de stockage USB ont repris la popularité en tant que véhicule pour répandre les logiciels malveillants.L'un des développements les plus importants de cette année a été l'évolution du paysage des ransomwares.Les données dérivées de plus de 120 «sites de honte» ransomwares ont révélé que dans le premier [& # 8230;]
Criminal activities surged in the first half of the year, with Check Point Research (CPR) reporting an 8% increase in global weekly cyberattacks in the second quarter, marking the highest volume in two years. Familiar threats such as ransomware and hacktivism have evolved, with criminal gangs modifying their methods and tools to infect and affect organizations worldwide. Even legacy technology such as USB storage devices regained popularity as a vehicle to spread malware. One of the most significant developments this year was the evolution of the ransomware landscape. Data derived from over 120 ransomware “shame-sites” revealed that in the first […] 		Ransomware Tool Prediction ★★★
Blog.webp 2023-10-23 02:24:33 2023 août & # 8211;Rapport de tendance des menaces sur les statistiques des ransomwares et les problèmes majeurs
2023 Aug – Threat Trend Report on Ransomware Statistics and Major Issues (lien direct)		 Ce rapport fournit des statistiques sur le nombre de nouveaux échantillons de ransomware, des systèmes ciblés et des entreprises ciblées en août 2023, ainsi que des problèmes de ransomware notables en Corée et dans d'autres pays.Tendances clés 1) Tactiques de pression élargies des ransomwares sur les entreprises ciblées 2) Rhysida Ransomware Connection avec la vice Society 3) Monti Ransomware a introduit une nouvelle technique de chiffrement Linux Aug_Thereat Trend Rapport sur les statistiques des ransomwares et les principaux problèmes
This report provides statistics on the number of new ransomware samples, targeted systems, and targeted businesses in August 2023, as well as notable ransomware issues in Korea and other countries. Key Trends 1) CLOP ransomware expanded pressure tactics on targeted businesses 2) Rhysida ransomware connection with Vice Society 3) Monti ransomware introduced new Linux encryption technique Aug_Threat Trend Report on Ransomware Statistics and Major Issues 		Ransomware Threat Prediction ★★
Blog.webp 2023-10-23 02:22:46 2023 Jul & # 8211;Rapport sur la tendance des menaces du Web Deep et Dark
2023 Jul – Deep Web and Dark Web Threat Trend Report (lien direct)		 Ce rapport de tendance sur le Web Deep et le Web sombre d'août 2023 est sectionné en ransomware, forums & # & #38;Marchés noirs et acteurs de menace.Nous tenons à dire à l'avance qu'une partie du contenu n'a pas encore été confirmée comme vraie.1) Ransomware (1) Alphv (Blackcat) (2) Lockbit (3) NoEscape (4) Metaencryptor (5) Rhysida 2) Forum & # 38;Black Market (1) Le retour du voleur de raton laveur (2) Anonfiles a fermé (3) violation de données du site Web d'apprentissage des langues étrangères 3) ...
This trend report on the deep web and dark web of August 2023 is sectioned into Ransomware, Forums & Black Markets, and Threat Actors. We would like to state beforehand that some of the content has yet to be confirmed to be true. 1) Ransomware (1) ALPHV (BlackCat) (2) LockBit (3) NoEscape (4) MetaEncryptor (5) Rhysida 2) Forum & Black Market (1) The Return of Raccoon Stealer (2) Anonfiles Shut Down (3) Data Breach of Foreign Language Learning Website 3)... 		Ransomware Data Breach Threat Prediction ★★
Blog.webp 2023-10-23 02:22:16 2023 août & # 8211;Rapport de tendance des menaces sur les groupes APT
2023 Aug – Threat Trend Report on APT Groups (lien direct)		 août 2023 Problèmes majeurs sur les groupes de l'APT 1) Andariel 2) APT29 3) APT31 4) amer 5)Bronze Starlight 6) Callisto 7) Cardinbee 8) Typhoon de charbon de bois (Redhotel) 9) Terre estrie 10) Typhon de lin 11) Groundpeony 12) Chisel infâme 13) Kimsuky 14) Lazarus 15)Moustachedbouncher 16) Éléphant mystérieux (APT-K-47) 17) Nobelium (Blizzard de minuit) 18) Red Eyes (APT37) Aug_Thereat Trend Rapport sur les groupes APT
August 2023 Major Issues on APT Groups 1) Andariel 2) APT29 3) APT31 4) Bitter 5) Bronze Starlight 6) Callisto 7) Carderbee 8) Charcoal Typhoon (RedHotel) 9) Earth Estries 10) Flax Typhoon 11) GroundPeony 12) Infamous Chisel 13) Kimsuky 14) Lazarus 15) MoustachedBouncher 16) Mysterious Elephant (APT-K-47) 17) Nobelium (Midnight Blizzard) 18) Red Eyes (APT37) Aug_Threat Trend Report on APT Groups 		Threat Prediction APT 38 APT 38 APT 37 APT 29 APT 31 ★★★
Blog.webp 2023-10-23 02:21:45 2023 août & # 8211;Rapport de tendance des menaces sur le groupe Kimsuky
2023 Aug – Threat Trend Report on Kimsuky Group (lien direct)		 Les activités de Kimsuky Group & # 8217;Les activités d'autres types étaient relativement faibles.De plus, des échantillons de phishing ont été trouvés dans l'infrastructure connue pour la distribution de logiciels malveillants antérieurs (fleurs, randomquery et appleseed), et des échantillons de babyshark ont été découverts dans l'infrastructure RandomQuery.Cela suggère la probabilité de plusieurs types de logiciels malveillants en utilisant une seule infrastructure.Rapport de tendance AUG_TRÉTÉE sur le groupe Kimsuk
The Kimsuky group’s activities in August 2023 showed a notable surge in the BabyShark type, while the activities of other types were relatively low. Also, phishing samples were found in the infrastructure known for distributing previous malware (FlowerPower, RandomQuery, and AppleSeed), and BabyShark samples were discovered in the RandomQuery infrastructure. This suggests the likelihood of multiple types of malware utilizing a single infrastructure. Aug_Threat Trend Report on Kimsuky Group 		Malware Threat Prediction APT 43 ★★★
CVE.webp 2023-10-19 10:15:09 CVE-2022-26943 (lien direct) La série Motorola MTM5000 Firmwares génère des défis d'authentification TETRA en utilisant un PRNG à l'aide d'un registre de comptage de tiques comme seule source d'entropie.Low Boottime Entropy et une réensemence limitée de la piscine rend le défi d'authentification vulnérable à deux attaques.Tout d'abord, en raison de l'entropie limitée du pool de boottime, un adversaire peut dériver le contenu du pool d'entropie par une recherche exhaustive de valeurs possibles, sur la base d'un défi d'authentification observé.Deuxièmement, un adversaire peut utiliser la connaissance du pool d'entropie pour prédire les défis d'authentification.En tant que tel, l'unité est vulnérable au CVE-2022-24400.
The Motorola MTM5000 series firmwares generate TETRA authentication challenges using a PRNG using a tick count register as its sole entropy source. Low boottime entropy and limited re-seeding of the pool renders the authentication challenge vulnerable to two attacks. First, due to the limited boottime pool entropy, an adversary can derive the contents of the entropy pool by an exhaustive search of possible values, based on an observed authentication challenge. Second, an adversary can use knowledge of the entropy pool to predict authentication challenges. As such, the unit is vulnerable to CVE-2022-24400.		 Prediction
CVE.webp 2023-10-19 10:15:08 CVE-2022-24400 (lien direct) Une faille dans la procècure d'authentification Tetra permet à un adversaire MITM qui peut prédire le défi MS Rand2 de définir la clé de session DCK à zéro.
A flaw in the TETRA authentication procecure allows a MITM adversary that can predict the MS challenge RAND2 to set session key DCK to zero.		 Prediction
securityintelligence.webp 2023-10-16 13:00:00 Les coûts de violation des soins de santé montent en flèche nécessitant une nouvelle réflexion pour la sauvegarde des données
Healthcare breach costs soar requiring new thinking for safeguarding data (lien direct)		 > À l'ère numérique, les données sont souvent appelées la nouvelle huile.Sa valeur réside dans les idées qu'elle peut céder, en particulier en ce qui concerne les soins de santé, où les données peuvent aider à détecter les maladies, à prédire les résultats des patients et à aider les professionnels de la santé à personnaliser les traitements.Mais avec la numérisation croissante des informations de santé sensibles, il existe des [& # 8230;] légitimes [& # 8230;]
>In the digital age, data is often referred to as the new oil. Its value lies in the insights it can yield, particularly when it comes to healthcare, where data can help detect diseases, predict patient outcomes and help health professionals personalize treatments. But with the increasing digitization of sensitive health information, there are legitimate […] 		Prediction Medical ★★★
AlienVault.webp 2023-10-16 10:00:00 Renforcement de la cybersécurité: multiplication de force et efficacité de sécurité
Strengthening Cybersecurity: Force multiplication and security efficiency (lien direct)		 In the ever-evolving landscape of cybersecurity, the battle between defenders and attackers has historically been marked by an asymmetrical relationship. Within the cybersecurity realm, asymmetry has characterized the relationship between those safeguarding digital assets and those seeking to exploit vulnerabilities. Even within this context, where attackers are typically at a resource disadvantage, data breaches have continued to rise year after year as cyber threats adapt and evolve and utilize asymmetric tactics to their advantage.  These include technologies and tactics such as artificial intelligence (AI), and advanced social engineering tools. To effectively combat these threats, companies must rethink their security strategies, concentrating their scarce resources more efficiently and effectively through the concept of force multiplication. Asymmetrical threats, in the world of cybersecurity, can be summed up as the inherent disparity between adversaries and the tactics employed by the weaker party to neutralize the strengths of the stronger one. The utilization of AI and similar tools further erodes the perceived advantages that organizations believe they gain through increased spending on sophisticated security measures. Recent data from InfoSecurity Magazine, referencing the 2023 Checkpoint study, reveals a disconcerting trend: global cyberattacks increased by 7% between Q1 2022 and Q1 2023. While not significant at first blush, a deeper analysis reveals a more disturbing trend specifically that of the use of AI.  AI\'s malicious deployment is exemplified in the following quote from their research: "...we have witnessed several sophisticated campaigns from cyber-criminals who are finding ways to weaponize legitimate tools for malicious gains." Furthermore, the report highlights: "Recent examples include using ChatGPT for code generation that can help less-skilled threat actors effortlessly launch cyberattacks." As threat actors continue to employ asymmetrical strategies to render organizations\' substantial and ever-increasing security investments less effective, organizations must adapt to address this evolving threat landscape. Arguably, one of the most effective methods to confront threat adaptation and asymmetric tactics is through the concept of force multiplication, which enhances relative effectiveness with fewer resources consumed thereby increasing the efficiency of the security dollar. Efficiency, in the context of cybersecurity, refers to achieving the greatest cumulative effect of cybersecurity efforts with the lowest possible expenditure of resources, including time, effort, and costs. While the concept of efficiency may seem straightforward, applying complex technological and human resources effectively and in an efficient manner in complex domains like security demands more than mere calculations. This subject has been studied, modeled, and debated within the military community for centuries. Military and combat efficiency, a domain with a long history of analysis, Tool Vulnerability Threat Studies Prediction ChatGPT ★★★
The_Hackers_News.webp 2023-10-13 20:01:00 Nouvelle campagne de cyberattaque de Peapod ciblant les femmes dirigeantes politiques
New PEAPOD Cyberattack Campaign Targeting Women Political Leaders (lien direct)		 Le personnel militaire de l'Union européenne et les dirigeants politiques travaillant sur les initiatives d'égalité des sexes sont devenus la cible d'une nouvelle campagne qui offre une version mise à jour de RomCom Rat appelé Peapod. La société de cybersécurité Trend Micro a attribué les attaques à un acteur de menace qu'il suit sous le nom de vide Rabisu, également connu sous le nom de Storm-0978, Tropical Scorpius et UNC2596, et qui est également
European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also		 Threat Prediction ★★
globalsecuritymag.webp 2023-10-13 14:03:55 Dans l\'abîme du cyberespace : les prédictions alarmantes de Check Point pour 2024, une tempête d\'IA, d\'hacktivisme et de Deepfakes. (lien direct) Dans l'abîme du cyberespace : les prédictions alarmantes de Check Point pour 2024, une tempête d'IA, d'hacktivisme et de Deepfakes. - Points de Vue Prediction ★★★
silicon.fr.webp 2023-10-12 11:44:24 XDR : quatre offres pour une approche cyber qui décolle (lien direct) Alors que les EDR ont démontré leur efficacité à détecter des attaques passées sous les radars des antivirus classiques, une évolution vers les XDR semble inéluctable. Passage en revue des offres de SentinelOne, Bitdefender, Trend Micro et Sekoia.io. Prediction ★★
ProofPoint.webp 2023-10-12 10:52:45 Une journée dans la vie d'un analyste de cybersécurité
A Day in the Life of a Cybersecurity Analyst (lien direct)		 The day-to-day experience of cybersecurity professionals can vary widely, even though we face similar threats and have many of the same tools at our disposal. In this post, I\'d like to shine a light on what a typical day looks like for a business information security analyst in the world of cybersecurity-a role I know well. Getting started in cybersecurity I\'m a musician-a bagpiper. It\'s a strange one, I know, but that\'s how I started my career. For a couple of years after leaving school, I taught and performed pipe music. But after finishing my music diploma, I knew that there were only so many hours in the week, and only so many people to teach. So, perhaps I should learn another skill, too. It was my dad who suggested cybersecurity. From the outside, it looked interesting and seemed like an industry on the up and up. So I applied for a cybersecurity course at Robert Gordon University in Aberdeen, Scotland. At that time, I didn\'t have much technical knowledge. However, after a chance meeting with the head of the cybersecurity course on a university open day, I felt it was an area I could potentially break into. Within a few weeks, I had signed up for a five-year course with the option of a placement after the second year. Fast-forward to today, and here I am two years into the job, and I\'ve just finished my third year at university. My work placement transitioned into a full-time role, which I still balance with my full-time studies. What does a “normal” day look like for a cybersecurity analyst? No two days are ever the same. It\'s typical for people new to this role to ask, “What are my tasks?” The honest answer is that they\'re hard to define. It depends on what\'s going on in the business at that time, and who you know and work with regularly. While we have great security tools in place to flag suspicious activity, a lot of the time I\'m dealing with situations where I must trust my gut instincts. A task I have grown into managing in my current role is the security training program and phishing simulations across the company. Just yesterday, I issued approvals for a new training campaign that we\'re running for our operations team in Iraq. We aim to carry out targeted team training quarterly in shorter bites, 20 minutes here and there, to try to keep people engaged more than once a year. I\'ll usually spend part of my day managing our external support teams and service providers, too. I manage our security exceptions process, which involves vetting and approving requests from the business. For me, it\'s a case of making sure we have the right information from our users, asking the “Why?” to their wants, and finding out if there are more secure alternatives for providing a solution. Indicator of compromise (IOC) checks are an ongoing task. We\'re part of a service organisation forum, so we often gather and share important information with our industry peers. We have a shared spreadsheet that\'s automatically tracked, and we always receive possible indicators internally from our ever-growing network of security champions. I just need to make sure that our email security and firewall security are ticked off, blocked and managed. Measuring success Being part of the service organisation forum means that we are constantly sharing information with our peers. It allows us to compare the results of our training programs over time to see how we trend against each other. We also look back at how we have performed in these areas internally over the last few years to make sure we\'re always improving. We\'re also passionate about data governance. We want to ensure that our users not only understand risk but also how to appropriately manage company and client data. We want to always use best practices and build an internal security culture from the ground up. There\'s that saying, “You\'re only as good as your weakest player.” When it comes to cybersecurity issues, an organization is like a football team. You have 40,000 employees-and if just one of them doesn\'t know what Tool Prediction ★★★
AlienVault.webp 2023-10-12 10:00:00 L'évolution des attaques de phishing
The evolution of phishing attacks (lien direct)		 A practical guide to phishing and best practices to avoid falling victim. Introduction Over the past several years, remote and hybrid work has quickly gained popularity amongst those seeking a to reduce the amount of time on the road or an improved work/life balance. To accomplish this, users are often working from multiple devices, some of which may be company issued, but others may be privately owned. Cyberattackers have leveraged this trend to bypass traditional security controls using social engineering, with phishing attacks being a favored tactic. In fact, the FBI Internet Crime Report issued in 2022 reported phishing as the top reported internet crime for the past 5 years. Its ability to persuade individuals to divulge sensitive information to seemingly familiar contacts and companies over email and/or SMS text messages has resulted in significant data breaches, both personal and financial, across all industries. Mobile phishing, in particular, is quickly becoming a preferred attack vector among hackers seeking to use them as a jump point to gain access to proprietary data within a company’s network. This article provides an overview of the origins of phishing, its impact on businesses, the types of mobile phishing attacks hackers employ, and ways in which companies can best defend themselves against such attacks. The origins of phishing The belief among many in the cybersecurity industry is that phishing attacks first emerged in the mid-90s when dial-up was the only means of gaining access to the internet. Hackers posing as ISP administrators used fake screen names to establish credibility with the user, enabling them to “phish” for personal log-in data. Once successful, they were able to exploit the victim’s account by sending out phishing emails to other users in their contact list, with the goal of scoring free internet access or other financial gain. Awareness of phishing was still limited until May 2000 when Love Bug entered the picture. Love Bug, a highly effective and contagious virus designed to take advantage of the user’s psyche was unleashed in the Philippines, impacting an estimated 45 million Window PCs globally. Love Bug was sent via email with the subject line reading “ILOVEYOU”. The body of the message simply read “Kindly check the attached LOVELETTER coming from me”. Users who couldn’t resist opening the message unleashed a worm virus infecting and overwriting user’s files with copies of the virus. When the user opened the file, they would reinfect the system. Lovebug elevated phishing to a new level as it demonstrated the ability to target a user’s email mailing list for the purpose of spamming acquaintances thereby incentivizing the reader to open his/her email.  This enabled the lovebug worm to infect computer systems and steal other user’s passwords providing the hacker the opportunity to log-in to other user accounts providing unlimited internet access.  Since Love Bug, the basic concept and primary goal of phishing tactics has remained consistent, but the tactics and vectors have evolved. The window of opportunity has increased significantly for hackers with the increased use of social media (e.g., Linkedin, Twitter, Facebook). This provides more personal data to the hackers enabling them to exploit their targets with more sophisticated phishing tactics while avoiding detection. Phishing’s impact in the marketplace today Phishing attacks present a significant threat for organizations as their ability to capture proprietary business and financial data are both costly and time consuming for IT organizations to detect and remediate. Based on a Ransomware Malware Tool Threat Prediction ★★★
Last update at: 2024-05-16 19:08:33
See our sources.
My email:

To see everything: Our RSS (filtrered) Twitter