What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-16 10:10:00 | BEC Volumes Double on Phishing Surge (lien direct) | Business email compromise overtakes ransomware | Ransomware Studies | ★★ | |
 |
2023-03-15 17:27:46 | Troisième édition de l\'étude " ransomware " Cybereason : Les SOC modernes face aux attaques par ransomwares (lien direct) | Troisième édition de l'étude " ransomware " Cybereason : Les SOC modernes face aux attaques par ransomwares. La nouvelle étude de Cybereason révèle que les attaques par ransomwares et la pénurie de main-d'œuvre sont des leviers pour l'évolution des SOC (centres d'opérations de sécurité) - Investigations | Ransomware Studies | ★★★ | |
|
2023-03-15 17:17:57 | Rapport Ivanti : 70 % des fonctionnaires travaillent à distance au moins une partie du temps : les organisations gouvernementales ne sont pas assez préparées aux effets du travail hybride et à la nouvelle frontière des vulnérabilités (lien direct) | Selon le dernier rapport Ivanti, 70 % des fonctionnaires travaillent à distance au moins une partie du temps : les organisations gouvernementales ne sont pas assez préparées aux effets du travail hybride et à la nouvelle frontière des vulnérabilités. Ce rapport révèle aussi que les fonctionnaires de la génération Z et les Millennials sont deux fois plus susceptibles d'avoir une cyber-hygiène insuffisante que les générations précédentes. - Investigations | Studies | ★★★ | |
 |
2023-03-15 10:00:35 | Business on the dark web: deals and regulatory mechanisms (lien direct) | How deals and arrangements are made on the dark web, what parties are involved, what escrow services and arbitration are and how these affect the security of deals. | Studies | ★★ | |
 |
2023-03-13 14:28:45 | Nine In 10 £5m+ Businesses Hit By Cyber Attacks (lien direct) | Almost nine in 10 UK businesses turning over more than £5 million annually have experienced a cyberattack, according to new research from Forbes Advisor. The study questioned senior decision makers across a range of UK small and medium-sized enterprises (SMEs), finding that more than half (57%) had suffered an online attack. However, firms with an annual […] | Studies | ★★ | |
|
2023-03-13 10:00:00 | Investment Fraud is Now Biggest Cybercrime Earner (lien direct) | Category surged 127% year-on-year, says FBI | Studies | ★★★ | |
|
2023-03-09 13:46:44 | Etude Kaspersky : malgré une légère baisse en 2022, le problème des stalkerwares reste un phénomène mondial (lien direct) | Etude Kaspersky : malgré une légère baisse en 2022, le problème des stalkerwares reste un phénomène mondial - Investigations | Studies | ★★★ | |
|
2023-03-09 10:12:05 | New Ivanti Report Finds That With 70% of Government Employees Working Virtually At Least Some of the Time, Government Organizations Underprepared for Effects of Hybrid Work and the New Frontier of Vulnerabilities (lien direct) | New Ivanti Report Finds That With 70% of Government Employees Working Virtually At Least Some of the Time, Government Organizations Underprepared for Effects of Hybrid Work and the New Frontier of Vulnerabilities Report also found Gen Z and Millennial Government Workers Twice as Likely to Have Poor Cyber Hygiene When Compared to Older Generations - Special Reports | Studies | ★★★ | |
|
2023-03-09 09:30:00 | Fifth of Government Workers Don\'t Care if Employer is Hacked (lien direct) | Ivanti warns of "human-sized" security gaps | Studies | ★★★ | |
 |
2023-03-09 00:00:00 | Examining Ransomware Payments From a Data-Science Lens (lien direct) | In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” | Ransomware Studies | ★★★ | |
|
2023-03-08 14:16:44 | Research Reveals \'Password\' Still the Most Common Term Used by Hackers to Breach Enterprise Networks (lien direct) | Password management and user authentication solutions provider Specops Software has today announced the release of its annual Weak Password Report which analysed over 800 million breached passwords and suggests that passwords continue to be a weak spot in an organisation’s network. The study found 88% of passwords used in successful attacks consisted of 12 characters […] | Studies | ★★★ | |
 |
2023-03-07 17:38:00 | Palo Alto Survey Reveals 90% of Organizations Cannot Resolve Cyberthreats Within an Hour (lien direct) | Third annual report identifies top security gaps and challenges for organizations operating in the cloud. | Studies | ★★★★ | |
 |
2023-03-06 09:36:00 | Highlights from the 2023 Work-From-Anywhere Global Study (lien direct) | Fortinet has commissioned a global research study to better understand existing work-from-home (WFH) policies and how those tie in with cybersecurity concerns and priorities across organizations. | Studies | ★★★ | |
|
2023-03-02 14:28:29 | Kaspersky : Les entreprises font appel à des experts externes afin de gérer les solutions de cybersécurité plus efficacement (lien direct) | Le rapport annuel de Kaspersky sur l'économie de la sécurité informatique a révélé que la complexité des solutions de cybersécurité obligeait les entreprises à externaliser certaines fonctions vers des fournisseurs de services de sécurité informatique, car ces derniers disposent d'une plus grande expertise pour gérer les technologies plus efficacement que les employés de l'entreprise. Une solution de cybersécurité complexe ne garantira pas la meilleure protection si elle n'est pas mise en œuvre par un (...) - Investigations | Studies | ★★★ | |
|
2023-03-02 09:58:00 | Fortinet is Named a Visionary in the Gartner® Magic Quadrant™ for Endpoint Protection Platforms (lien direct) | Fortinet's recognition is in part due to our commitment to continuous innovation of Fortinet's behavior-based endpoint protection and extended detection and response (XDR) solutions. Read more. | Studies | ★★ | |
|
2023-02-27 18:00:00 | Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers (lien direct) | Kaspersky said the figures are more than double what the team observed in 2021 | Studies | ★★ | |
|
2023-02-27 16:02:59 | Only 2 in 10 organisations are fully confident that their cyber insurance will cover their cyber risk in 2023, research study by CSI Ltd finds (lien direct) | Only 2 in 10 organisations are fully confident that their cyber insurance will cover their cyber risk in 2023, research study by CSI Ltd finds - Special Reports | Studies | ★★★ | |
 |
2023-02-24 19:51:23 | Who\'s Behind the Botnet-Based Service BHProxies? (lien direct) | A security firm has discovered that a five-year-old crafty botnet known as Mylobot appears to be powering a residential proxy service called BHProxies, which offers paying customers the ability to route their web traffic anonymously through compromised computers. Here's a closer look at Mylobot, and a deep dive into who may be responsible for operating the BHProxies service. | Studies | ★★★ | |
|
2023-02-24 12:34:49 | Putting Undetectable Backdoors in Machine Learning Models (lien direct) | This is really interesting research from a few months ago: Abstract: Given the computational cost and technical expertise required to train machine learning models, users may delegate the task of learning to a service provider. Delegation of learning has clear benefits, and at the same time raises serious concerns of trust. This work studies possible abuses of power by untrusted learners.We show how a malicious learner can plant an undetectable backdoor into a classifier. On the surface, such a backdoored classifier behaves normally, but in reality, the learner maintains a mechanism for changing the classification of any input, with only a slight perturbation. Importantly, without the appropriate “backdoor key,” the mechanism is hidden and cannot be detected by any computationally-bounded observer. We demonstrate two frameworks for planting undetectable backdoors, with incomparable guarantees... | Studies | ★★ | |
|
2023-02-24 10:15:00 | Investment Scams Drive $9bn in Fraud in 2022 (lien direct) | FTC says consumer fraud is up 30% on the previous year | Studies | ★★★ | |
|
2023-02-24 00:03:00 | 87% of Container Images in Production Have Critical or High-Severity Vulnerabilities (lien direct) | At the inaugural CloudNativeSecurityCon, DevSecOps practitioners discussed how to shore up the software supply chain. | Studies | ★★ | |
 |
2023-02-23 21:33:59 | New Studies Paint Bleak Picture of Future SOC Effectiveness (lien direct) |
|
Studies | ★★★ | |
 |
2023-02-23 19:31:29 | Mozilla: Nearly 80% of Google Play Store apps have discrepancies in privacy reporting (lien direct) |  What apps actually do with user data often differs from what companies tell Google Play Store about their policies, a Mozilla study says |
Studies | ★★★★ | |
 |
2023-02-23 16:27:44 | 28% of Users Open BEC Emails as BEC Attack Volume Skyrockets by 178% (lien direct) |
|
Studies | ★★★ | |
|
2023-02-23 10:02:29 | Les fuites de données imputables aux employés sont plus préoccupantes pour les entreprises européennes que celles causées par des cyberattaques (lien direct) | Les fuites de données imputables aux employés sont plus préoccupantes pour les entreprises européennes que celles causées par des cyberattaques Les fuites de données causées par intrusion dans les systèmes internes d'une entreprise, qu'elles soient le résultat d'une cyberattaque (23 % au global, 17 % en Europe) ou imputable à des employés (22 % au global, 21 % en Europe), constitue le problème de sécurité auquel les entreprises sont le plus fréquemment confrontées, selon les répondants de la dernière enquête Economie de la sécurité informatique de Kaspersky. - Investigations | Studies | ★★★★ | |
 |
2023-02-23 09:57:48 | Attaques BEC, acteurs APT, et Lockbit, les cyber menaces sont en hausse ! (lien direct) | >Trellix, spécialiste de la cybersécurité et pionnier dans la détection et la réponse étendues (XDR), publie aujourd'hui son "Threat Report February 2023" qui se penche sur les tendances en matière de cybersécurité et les méthodes d'attaque utilisées au dernier trimestre 2022. The post Attaques BEC, acteurs APT, et Lockbit, les cyber menaces sont en hausse ! first appeared on UnderNews. | Studies | ★★★ | |
|
2023-02-23 09:36:18 | Cybersécurité : un niveau de menaces encore élevé pour les entreprises en 2022 (lien direct) | En se basant sur le dernier panorama des risques cyber de l'ANSSI, le bilan annuel de la CNIL, ou encore le récent baromètre du CESIN, Oodrive dresse un bilan de la réalité de la cybersécurité au sein des entreprises en France à travers une infographie. - Malwares | Studies | ★★ | |
|
2023-02-22 20:40:00 | Half of Apps Have High-Risk Vulnerabilities Due to Open Source (lien direct) | Open source software dependencies are affecting the software security of different industries in different ways, with mature industries becoming more selective in their open source usage. | Studies | ★★★ | |
|
2023-02-22 19:59:11 | 1 in 4 CISOs Wants to Say Sayonara to Security (lien direct) | Thanks to burnout and stress, Gartner predicts churn and even departure from profession among half of today's security leaders by 2025. | Studies Guideline | ★★★ | |
|
2023-02-07 18:52:22 | Do Not Fall Victim to Cyber Attacks – Find Out What the Latest Hiscox Report Reveals! (lien direct) |
|
Studies | ★★★ | |
|
2023-02-07 09:30:00 | UK Banks Still Failing on Digital Security - Report (lien direct) | Which? study finds many fail to provide basic online protection | Studies | ★★★ | |
|
2023-02-07 08:08:10 | 3e édition de lEtude de l\'Observatoire du digital flow d\'Inetum (lien direct) | Etude de l'Observatoire du digital flow, 3e édition : • Des attentes fortes des actifs sur la cybersécurité • Un levier de performance collective attendu sur les nouvelles technologies par les dirigeants d'entreprises • Une attente commune avec les dirigeants d'entreprises pour un digital green qui favorise les impacts positifs des technologies • Des métiers porteurs et accessibles aussi aux femmes - Investigations | Studies | ★★★ | |
 |
2023-02-07 03:00:11 | Surprise! China\'s top Android phones collect way more info (lien direct) | Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice.… | Studies | ★★★ | |
|
2023-02-06 22:30:00 | Consumer Watchdog Reports: CA Privacy Board OKs Landmark Personal Data Regulations, Some Key Protections Left Out (lien direct) | Best to revisit that plan to bring home a cheap OnePlus, Xiaomi, Oppo, or Realme handset from your holiday Don't buy an Android phone in China, boffins have warned, as they come crammed with preinstalled apps transmitting privacy-sensitive data to third-party domains without consent or notice.… | Studies | ★★★ | |
|
2023-02-06 20:00:00 | Cybercrime Shows No Signs of Slowing Down (lien direct) | Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023. | Studies | ★★★ | |
 |
2023-02-06 19:01:00 | Online banks still riddled with cyber security flaws, report says (lien direct) | Look for recent trends in attacks, strategies, and vulnerabilities to continue gaining steam throughout 2023. | Studies | ★★★ | |
|
2023-02-03 15:00:00 | How the Cloud Is Shifting CISO Priorities (lien direct) | The greatly expanding attack surface created by the cloud needs to be protected. | Studies | ★★★ | |
 |
2023-02-02 09:13:00 | Introducing the Anomali User Research Group (lien direct) | User research groups contribute significantly to product development through a data-led approach incorporating actual customers’ opinions and ideas. This information ultimately influences a product’s design, capabilities & features. User research groups can also be a source of valuable customer feedback during beta testing and after the product is launched, helping to discover potential problems or areas for improvement. A sense of community and engagement around a product can be fostered via user groups, and this can improve client loyalty and advocacy. Enterprise user research groups are especially crucial to cybersecurity because they allow members to share their knowledge, experiences, and insights while working together to solve common security problems. Introducing the Program At Anomali, we’re always finding ways to improve and build innovative solutions that fit your needs. That’s why we set up the Anomali User Research Group. Whether you’re an Anomali Customer or not, as long as you’re a cybersecurity professional, we want to hear from you. We’re seeking Cyber Security Professionals of all types & roles with hands-on experience working with Enterprise Security Products to share their experiences and help shape the future of Anomali products. But we’re especially interested in people who work in Cyber Threat Intelligence (CTI), Security Operations (SecOps), and Incident Response (IR), to name a few. About the UX Team Anomali’s UX (User Experience) Team is made up of a combination of UX Designers & Researchers who follow the principles of User-Centered Design (UCD). UCD is an iterative design approach that focuses on understanding users and their needs by involving them at various stages of the design process through a range of research methods & techniques (e.g. surveys, interviews, usability studies, card sorts, etc.) to create highly-usable, accessible and intuitive products that meet their needs. Naturally, user research is at the heart of everything we do in the UX department. We’re constantly conducting various types of research across multiple topics to enhance our understanding of users & the problems they face. We actively use this data to help guide design & development decisions, from initial ideas & concepts to published products. Research Methods & Topics To Be Covered The specific research studies we’ll be running throughout 2023 are still being planned, but projects could range from simple survey studies to discovery research using interviews to usability testing new products, features & workflows. All studies are conducted remotely via Zoom with a researcher and a designer, typically lasting between 30 mins to an hour. We’ll handle all the setup and scheduling at a time convenient for you, then after the study is complete, you’ll receive a thank-you gift for your contribution. How to Get Involved Click here to fill out the Sign-Up Form, tell us a bit about yourself and we'll get in touch when we have a study we think you’d be a good fit for. | Threat Studies | ★★ | |
|
2023-02-01 14:00:00 | Almost all Organizations are Working with Recently Breached Vendors (lien direct) | The latest supply chain security report from SecurityScorecard and the Cyentia Institute shows worrying findings | Studies | ★★★★ | |
 |
2023-02-01 12:00:00 | Cyber Insights 2023: Criminal Gangs (lien direct) | >Despite some geopolitical overlaps with state attackers, the majority of cyberattacks still come from simple – or perhaps sophisticated – criminals who are more motivated by money than politics. | Studies | ★★★ | |
 |
2023-01-27 18:26:29 | 5 Tips To Keep in Mind for Data Privacy Day (lien direct) | >No matter what industry you're in, data privacy is an issue that impacts you. And when it comes to being safe online with sensitive data, whether that's your personal data or sensitive data that is important to your organization, being informed is the first step. With that in mind, ahead of Data Privacy Day on […] | Studies | ★★★ | |
 |
2023-01-11 23:00:00 | La recherche sur la vulnérabilité met en évidence 2022 Vulnerability Research Highlights 2022 (lien direct) |
Notre équipe de recherche revient sur une grande année et résume les points forts de leur recherche sur la vulnérabilité en 2022.
Our research team looks back at a great year and summarizes the highlights of their vulnerability research in 2022. |
Vulnerability Studies | ★★★ | |
 |
2023-01-08 10:00:00 | Happy 20th Birthday TaoSecurity Blog (lien direct) |  Happy 20th birthday TaoSecurity Blog, born on 8 January 2003. Thank you BloggerBlogger (now part of Google) has continuously hosted this blog for 20 years, for free. I'd like to thank Blogger and Google for providing this platform for two decades. It's tough to find extant self-hosted security content that was born at the same time, or earlier. Bruce Schneier's Schneier on Security is the main one that comes to mind. If not for the wonderful Internet Archive, many blogs from the early days would be lost.StatisticsIn my 15 year post I included some statistics, so here are a few, current as of the evening of 7 January: I think it's cool to see almost 29 million "all time" views, but that's not the whole story.Here are the so-called "all time" statistics: It turns out that Blogger only started capturing these numbers in January 2011. That means I've had almost 29 million views in the last 12 years. I don't know what happened on 20 April 2022, when I had almost 1.5 million views?Top Ten Posts Since January 2011 |
Ransomware Studies Guideline | Solardwinds | ★★ |
|
2022-12-30 12:18:42 | Recovering Smartphone Voice from the Accelerometer (lien direct) | Yet another smartphone side-channel attack: “EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers“: Abstract: Eavesdropping from the user’s smartphone is a well-known threat to the user’s safety and privacy. Existing studies show that loudspeaker reverberation can inject speech into motion sensor readings, leading to speech eavesdropping. While more devastating attacks on ear speakers, which produce much smaller scale vibrations, were believed impossible to eavesdrop with zero-permission motion sensors. In this work, we revisit this important line of reach. We explore recent trends in smartphone manufacturers that include extra/powerful speakers in place of small ear speakers, and demonstrate the feasibility of using motion sensors to capture such tiny speech vibrations. We investigate the impacts of these new ear speakers on built-in motion sensors and examine the potential to elicit private speech information from the minute vibrations. Our designed system ... | Threat Studies Guideline | ★★★★ | |
|
2022-12-29 15:22:48 | Phishing Activity Rose 130% in the Second Half of 2022, Representing Three-Quarters of All Email-Based Attacks (lien direct) |
|
Studies | ★★ | |
 |
2022-12-22 14:00:00 | What Can We Learn From Recent Cyber History? (lien direct) | >The Center for Strategic and International Studies compiled a list of significant cyber incidents dating back to 2003. Compiling attacks on government agencies, defense and high-tech companies or economic crimes with losses of more than a million dollars, this list reveals broader trends in cybersecurity for the past two decades. And, of course, there are […] | Studies | ★★ | |
 |
2022-12-21 11:41:48 | Malicious PyPI Package Found Posing as SentinelOne SDK in recent Hack Trend (lien direct) | In-depth studies on cybersecurity have just recently uncovered a new malicious package that was hiding out in the Python Package Index (PyPI) repository. This package was participating in a campaign known as SentinelSneak, in which it pretended to be a software development kit (SDK) for SentinelOne, a major company in the field of cybersecurity. The […] | Hack Studies Prediction | ★ | |
 |
2022-12-16 11:43:32 | Cloud souverain : l\'EU Data Boundary de Microsoft, encore loin du compte ? (lien direct) | Sous l'étendard EU Data Boundary, Microsoft poursuit l'intégration de la logique " résidence des données " dans ses services cloud. Où en est-on dans la pratique ? | Studies | ★★★ | |
 |
2022-12-15 03:21:53 | How to deal with cyberattacks this holiday season (lien direct) | The holiday season has arrived, and cyberattacks are expected to increase with the upcoming celebratory events. According to The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) 2022 Holiday Season Threat Trends and summary report, ransomware and phishing attacks are expected to increase in retail. With the FIFA World Cup 2022, many cybersecurity experts have advised heightened caution about online impersonation scams and phishing campaigns. Looking back at 2021, studies show a 30% increase in ransomware attacks, and a 70% increase in attempted ransomware attacks during... | Ransomware Threat Studies | ★★ | |
|
2022-12-14 09:14:34 | Tenable Study: Organizations See Expansion Opportunities, Ignore Security Red Flags and Jump Into the Metaverse (lien direct) | Tenable Study: Organizations See Expansion Opportunities, Ignore Security Red Flags and Jump Into the Metaverse - Special Reports | Studies | ★★★ |
To see everything:
Our RSS (filtrered)
