What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-06-24 18:16:43 | Wireless Penetration Testing: PMKID Attack (lien direct) | Introduction PMKID attack was developed by Team Hashcat. Unlike the traditional handshake capture method (4- way handshake), this method does not wait for a client to re-authenticate. PMKID is directly captured in these attacks and then cracked. This attack works on WPA and WPA2 protocols and recent studies have shown | Studies | ||
 |
2021-06-16 11:00:00 | The Challenge of Covid-19 Vaccines for the Immunosuppressed (lien direct) | Recent studies find transplant patients and immune-suppressed people who get the shot don't make many antibodies. But that research is just beginning. | Studies | ||
 |
2021-06-09 14:40:54 | Ransomware is Not the Problem (lien direct) | There’s an infinite number of studies of ransomware lately, all breathlessly talking about how to fight this dangerous threat. They’re all dangerously wrong. Ransomware is not the problem. I’m being intentionally provocative in my latest Dark Reading Column | Ransomware Studies | ||
 |
2021-05-31 10:30:17 | Building a better edible (lien direct) | Scientists are scouring existing studies and research to learn how edibles interact with the body. | Studies | ||
|
2021-05-24 12:00:00 | The Drug Trial That Could Actually Produce Covid Treatments (lien direct) | Some studies are too small. Some are too pharma. But a bigger, bolder approach could (finally!) figure out which drugs work against the virus-and which don't. | Studies | ||
 |
2021-05-20 13:00:00 | Fraudsters employ Amazon \'vishing\' attacks in fake order scams (lien direct) | Case studies highlight how scam artists are using voice messages to dupe their victims into handing over credentials or cash. | Studies | ||
 |
2021-05-20 11:00:00 | Threat Source newsletter (May 20, 2021) (lien direct) | Newsletter compiled by Jon Munshaw.
Good afternoon, Talos readers.
We know a lot of you may be tired of "content" after RSA week. But we have some more for you!
And specifically related to RSA, Cisco Talos Incident Response has new case studies out detailing a few recent engagements...
[[ This is only the beginning! Please visit the blog for the complete entry ]] |
Studies | ★★★★ | |
 |
2021-05-19 10:00:00 | Stalkerware: What is being done to protect victims as the number of cases rises (lien direct) | This blog was written by an independent guest blogger. People are increasingly becoming aware of the threats posed by hackers who infiltrate devices using viruses, spyware and malware. However, it may be time to shine the spotlight on “stalkerware”, a completely different type of cyber security threat that nevertheless has lasting negative repercussions. In this article, we will talk about this malicious software, which allows a remote user to surveil all activities on another user’s device. We’ll specifically focus on the implications of this particular type of cybercrime and how it ties in to domestic violence, stalking and harassment. We’ll also talk about how agencies are working together to end the use of stalkerware and how we can all be more informed and improve protection and detection of this type of malicious software. What is stalkerware? Recent studies by the Kaspersky Institute have revealed the United States, along with Russia and Brazil, are among the top countries affected by “stalkerware” last year. Especially of note is the corresponding increase in victims of spyware coinciding with coronavirus lockdowns and remote work, indicating that opportunists and cyber criminals are taking advantage of an increasingly technologically connected society. Having the ability to stay connected with friends and family through technology is a gift, but it also opens up a door for receiving unwanted attention. We live in a society where most people save their most precious moments, intimate interactions and heavily guarded secrets on their phones, tablets and laptops in the form of photos, text messages, notes and more. Because of this, we are seeing an increase in software that enables other users to spy on people through their digital devices. All of this surveillance occurs without the other person even realizing it is happening, making this software even more powerful. This is the reason why the cyber security industry has rapidly expanded over the past few years, as their importance in the lives of companies and individuals has grown. In computing, an application programming interface (API) is an interface that defines interactions between multiple software applications. “APIs tend to expose endpoints that handle object identifiers, creating a wide attack surface Level Access Control issue,” according to the security analysts at Cloud Defense. “Object level authorization checks should be considered in every function that accesses a data source using an input from the user.” Cyber criminals can use APIs to intercept events in targeted apps, thus surveilling the affected user. Unfortunately, “stalkerware” is available to anyone who has access to the internet and the intent to seek it out. The Coalition Against Stalkerware seeks to raise awareness about this new cyber security threat and the ways in which it poses serious concerns for those who fall victim to it. According to the Coalition, stalkerware is most commonly used in situations of domestic violence or stalking. How is stalkerware applied? Fortunately, there is some good news when it comes to stalkerware. Physical access to the device being monitored is required to install stalkerware on a vi | Threat Studies | ||
|
2021-04-26 12:00:00 | 35 Years Later, Studies Show a Silver Lining From Chernobyl (lien direct) | One new study found that radiation exposure didn't genetically harm future generations, while another offers insights into how radiation causes thyroid cancer. | Studies | ||
|
2021-04-13 11:00:00 | New Book! The Best of TaoSecurity Blog, Volume 4 (lien direct) |  I've completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It's available now for Kindle, and I'm working on the print edition. I'm running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up. I described the new title thus:Go beyond TaoSecurity Blog with this new volume from author Richard Bejtlich.In the first three volumes of the series, Mr. Bejtlich selected and republished the very best entries from 18 years of writing and over 18 million blog views, along with commentaries and additional material. In this title, Mr. Bejtlich collects material that has not been published elsewhere, including articles that are no longer available or are stored in assorted digital or physical archives.Volume 4 offers early white papers that Mr. Bejtlich wrote as a network defender, either for technical or policy audiences. It features posts from other blogs or news outlets, as well as some of his written testimony from eleven Congressional hearings. For the first time, Mr. Bejtlich publishes documents that he wrote as part of his abandoned war studies PhD program. This last batch of content was only available to his advisor, Dr. Thomas Rid, and his review committee at King's College London.Read how the security industry, defensive methodologies, and strategies to improve national security have evolved in this new book, written by one of the authors who has seen it all and survived to blog about it.This will likely be my final collection of writings. I've discovered some documents that may be of interest to historians, so I may contribute those to a national security archive like my friend Jay Healey did a few years ago.The only other work I might do for these four volumes is to record Audible editions. That would take a while, but I'm thinking about it.Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com) |
Studies | ||
 |
2021-04-13 08:45:00 | M-Trends 2021: une vue depuis les lignes de front M-Trends 2021: A View From the Front Lines (lien direct) |
Nous sommes ravis de lancer M-Trends 2021 , le 12 Th édition de notre publication annuelle Fireeye Mandiant.L'année dernière a été unique, car nous avons été témoins d'une combinaison sans précédent d'événements mondiaux.Les opérations commerciales se sont déplacées en réponse aux acteurs mondiaux de pandémie et de menace ont continué à dégénérer la sophistication et l'agressivité de leurs attaques, tandis que des événements mondiaux inattendus se sont mis à profit parallèles à leur avantage.
Nous discutons de tout cela et bien plus encore dans le rapport complet, qui est Disponible au téléchargement aujourd'hui .Mais d'abord, voici un aperçu des M-Trends les plus populaires
We are thrilled to launch M-Trends 2021, the 12th edition of our annual FireEye Mandiant publication. The past year has been unique, as we witnessed an unprecedented combination of global events. Business operations shifted in response to the worldwide pandemic and threat actors continued to escalate the sophistication and aggressiveness of their attacks, while in parallel leveraged unexpected global events to their advantage. We discuss all of this and much more in the full report, which is available for download today. But first, here is a sneak preview of the most popular M-Trends metric |
Threat Studies | ★★★★ | |
 |
2021-04-13 05:24:29 | New NAME:WRECK Vulnerabilities Impact Nearly 100 Million IoT Devices (lien direct) | Security researchers have uncovered nine vulnerabilities affecting four TCP/IP stacks impacting more than 100 million consumer and enterprise devices that could be exploited by an attacker to take control of a vulnerable system.
Dubbed "NAME:WRECK" by Forescout and JSOF, the flaws are the latest in series of studies undertaken as part of an initiative called Project Memoria to study the security |
Studies | ||
|
2021-04-12 11:00:00 | Pandemic Lockdowns Did Cut Air Pollution-but With a Catch (lien direct) | Studies from all over the globe show short-term improvements in urban air quality, but experts are skeptical about how long they'll last. | Studies | ||
|
2021-03-01 12:00:00 | Sherry Turkle Talks Going Remote, Loneliness, and Her Memoir (lien direct) | In The Empathy Diaries, the pioneering computer researcher finally studies her own life. She tells WIRED why now was the right time. | Studies | ||
 |
2021-02-26 21:43:00 | The hidden business costs of working remotely (lien direct) | The benefits of working remotely are numerous, but studies are finding there are significant hidden costs that need to be factored in. | Studies | ||
|
2021-02-25 21:10:18 | We Still Don\'t Know How Well Covid Vaccines Stop Transmission (lien direct) | Two new studies are being hailed as proof that vaccinated people can doff masks and pod-hop worry-free. But not so fast. | Studies | ||
 |
2021-02-25 13:05:37 | Announcing the First-Ever Veracode Hacker Games (lien direct) |  ???Destroying things is much easier than making them.??? This quote from The Hunger Games rings true in software; developers spend months perfecting their innovative applications only to see it all crumble at the nimble fingers of a speedy cyberattacker. So how do you beat them? Improve your secure coding know-how early on and keep it sharp. ツ?
More than half of organizations in North America provide developers with some level of security training annually, or less often. A lack of consistent, accessible, and meaningful developer training can easily cause roadblocks as you???re asked to shift security left and write more secure code earlier in your workflow.
And as most coders graduate from college without foundational secure coding knowledge, it???s increasingly important that developers (and developers-in-training) can access effective educational platforms throughout their careers to keep up with changes in vulnerabilities and coding best practices.
That???s why, to inspire the next generation of coders, we???re excited to announce the Veracode Hacker Games!
 ???
The newly-launched competition from Veracode brings together students from top universities in the U.S. and the U.K. over the course of two weeks to test their secure coding skills. Packed with real-world challenges, the games will be hosted using Veracode Security Labs, and will challenge the teams to quickly solve as many labs as possible to rack up points for their teams.
Over the course of two weeks, contestants will explore vulnerabilities and threats that they???ll face on the job, learning how a cyberattacker might exploit an application and then discovering how to fix and prevent those flaws in the future. It???s practical training and valuable experience that they can take with them through their studies and beyond.
Because it???s no easy feat to beat a serious flaw, we didn???t skimp on the prizes. We???re giving away over $15,000 overall, including a $10,000 donation to the first-place school and a $5,000 donation to the second-place school. We???re also offering generous monetary prizes for individual contestants, and complimentary Veracode scanning software for participating universities so that students can continue refining their skills even after the games are over.ツ?
Which schools are in? Here???s a list of the universities participating in the inaugural Veracode Hacker Games:
University of Virginia
Stonehill College
Queen???s University Belfast
Northeastern University
University of Warwick
Tufts University
Indiana University
University of Birmingham
While winning students might not get to take a lap around Victor???s Village like in The Hunger Games, they???ll walk away with bragging rights and some fresh secure coding skills to take with them into their careers.
If you missed the signup for this competition, don???t worry! You can reach out to us here and let us know that you???re interested in getting your school involved. Start practicing early in the complimentary version of Veracode Security Labs.
You can also track progress during the challenge by |
Studies Guideline | ||
 |
2021-02-11 12:02:00 | Political Bias and Impulsive Behavior Open Door to Misinformation (lien direct) | New studies illuminate debate on social media echo chambers | Studies | ||
 |
2021-02-10 16:34:00 | Probable Iranian Cyber Actors, Static Kitten, Conducting Cyberespionage Campaign Targeting UAE and Kuwait Government Agencies (lien direct) | ScreenConnect Remote Access Tool Utilizing Ministry of Foreign Affairs-Themed EXEs and URLs Authored by: Gage Mele, Winston Marydasan, and Yury Polozov Key Findings Anomali Threat Research identified a campaign targeting government agencies in the United Arab Emirates (UAE) and likely the broader Middle East. We assess that Iran-nexus cyberespionage group Static Kitten, due to Israeli geopolitical-themed lures, Ministry of Foreign Affairs (MOFA) references, and the use of file-storage service Onehub that was attributed to their previous campaign known as Operation Quicksand.[1] The objective of this activity is to install a remote management tool called ScreenConnect (acquired by ConnectWise 2015) with unique launch parameters that have custom properties. Malicious executables and URLs used in this campaign are masquerading as the Ministry of Foreign Affairs (MOFA) of Kuwait (mofa.gov[.]kw). Another sample, including only MOFA (mfa.gov), could be used for broader government targeting. Overview Anomali Threat Research has uncovered malicious activity very likely attributed to the Iran-nexus cyberespionage group, Static Kitten (Seedworm, MERCURY, Temp.Zagros, POWERSTATS, NTSTATS, MuddyWater), which is known to target numerous sectors primarily located in the Middle East.[2] This new campaign, which uses tactics, techniques, and procedures (TTPs) consistent with previous Static Kitten activity, uses ScreenConnect launch parameters designed to target any MOFA with mfa[.]gov as part of the custom field. We found samples specifically masquerading as the Kuwaiti government and the UAE National Council respectively, based on references in the malicious samples. In mid-2020, the UAE and Israel began the process of normalizing relations. Since then, tensions have further escalated in the region, as reported by numerous sources. The targeting of Kuwait could be tied to multiple factors, including Kuwait’s MOFA making a public statement that they were willing to lead mediation between Iran and Saudi Arabia.[3] Furthermore, in October 2020, trade numbers for a peace deal between Israel and UAE included an estimate for the creation of 15,000 jobs and $2 billion in revenue on each side.[4] In that same month, Static Kitten reportedly conducted Operation Quicksand, which targeted prominent Israeli organizations and included the use of file-storage service OneHub.[5] Details We identified two lure ZIP files being used by Static Kitten designed to trick users into downloading a purported report on relations between Arab countries and Israel, or a file relating to scholarships. The URLs distributed through these phishing emails direct recipients to the intended file storage location on Onehub, a legitimate service known to be used by Static Kitten for nefarious purposes.[6] Anomali Threat Research has identified that Static Kitten is continuing to use Onehub to host a file containing ScreenConnect. The delivery URLs found to be part of this campaign are: ws.onehub[.]com/files/7w1372el ws.onehub[.]com/files/94otjyvd File names in this campaign include: تحليل ودراسة تطبيع العلاقات الدول العربية واسرائيل httpsmod[.]gov.kw.ZIP تحليل ودراسة تطبيع العلاقات الدول العربية واسرائيل httpsmod[.]gov.kw.exe الدرا | Ransomware Malware Tool Threat Studies Guideline | ||
|
2021-01-28 09:40:00 | #DataPrivacyDay: Leaks and Breaches Soared 93% in 2020 (lien direct) | Data Privacy Day studies remind organizations of their responsibilities | Studies | ||
|
2021-01-25 12:00:00 | Stop Ignoring the Evidence on Covid-19 Treatments (lien direct) | The studies are in, and for many patients convalescent plasma should be out. So why do doctors having such a hard time letting go? | Studies | ||
|
2021-01-21 17:30:00 | Transformers de formation pour les tâches de cybersécurité: une étude de cas sur la prédiction de l'URL malveillante Training Transformers for Cyber Security Tasks: A Case Study on Malicious URL Prediction (lien direct) |
Fait saillie
Effectuez une étude de cas sur l'utilisation de modèles de transformateurs pour résoudre les problèmes de cybersécurité
Former un modèle de transformateur pour détecter les URL malveillantes sous plusieurs régimes de formation
Comparez notre modèle avec d'autres méthodes d'apprentissage en profondeur et montrez qu'elle fonctionne sur la page avec d'autres modèles de premier plan
Identifiez les problèmes de l'application de la pré-formation générative à la détection de l'URL malveillante, qui est une pierre angulaire de la formation des transformateurs dans les tâches de traitement du langage naturel (PNL)
Introduire une nouvelle fonction de perte qui équilibre la classification et la perte générative pour obtenir des performances améliorées sur le
Highlights Perform a case study on using Transformer models to solve cyber security problems Train a Transformer model to detect malicious URLs under multiple training regimes Compare our model against other deep learning methods, and show it performs on-par with other top-scoring models Identify issues with applying generative pre-training to malicious URL detection, which is a cornerstone of Transformer training in natural language processing (NLP) tasks Introduce novel loss function that balances classification and generative loss to achieve improved performance on the |
Studies | ★★★ | |
|
2021-01-20 14:53:54 | The persistence of memory in B cells: Hints of stability in COVID immunity (lien direct) | Studies are small so far, but they're pointing to decent long-term immune responses. | Studies | ||
 |
2021-01-14 17:42:31 | Upcoming Speaking Engagements (lien direct) | This is a current list of where and when I am scheduled to speak: I’m speaking (online) as part of Western Washington University’s Internet Studies Lecture Series on January 20, 2021. I’m speaking at ITY Denmark on February 2, 2021. Details to come. I’m being interviewed by Keith Cronin as part of The Center for Innovation, Security, and New Technology’s CSINT Conversations series, February 10, 2021 from 11:00 AM – 11:30 AM CST. I'll be speaking at an Informa event on February 28, 2021. Details to come. The list is maintained on this page... | Studies | ||
|
2020-12-22 11:00:00 | \'Tis the season for session hijacking - Here\'s how to stop it (lien direct) | This blog was written by an independent guest blogger. The air is getting colder, leaves are falling from the trees, and people everywhere are settling in for the holiday season. Which means one thing - increased cybersecurity vulnerability. With more aspects of the winter holidays relegated to online platforms this year, people everywhere are more susceptible to cyberattacks. Luckily, there are plenty of simple steps you can take to protect yourself from digital threats and online scams. But there is one particularly nefarious type of cyberattack that you might not be aware of. This is session hijacking. In this article, we will take a look at what session hijacking is, how the holidays make you extra vulnerable to this type of attack, and how to prevent it from happening to you. What is Session Hijacking? Let’s start with the terms. A session is the period of time when a user is actively accessing an application, website, or other online service. Each user session begins when you log into a website or app and ends when you log out of it. For example, when you type your username and password into a banking application, that begins your session on that online application. When you log into an online application, the server typically generates a temporary session cookie in your browser. This cookie tells your browser that you are logged in and have been authenticated on the server. Each temporary session cookie is marked by a unique session ID, or key. If a hacker is able to access your unique session ID, they can access your session. Session hijacking, also called “cookie hijacking”, can follow several patterns. One method, cross-site scripting, or XSS, essentially works like this. An attacker implants a script into the web server the victim is trying to access. The victim then authenticates their presence on the tampered-with server, creating a unique session ID that includes the attacker’s script. The server returns the page code with the attacker’s script to the victim, whose own browser enacts the script, sending the victim’s unique session cookie to the attacker. The attacker is then granted access to the user’s session, meaning they can witness any interaction taking place there and steal any sensitive information revealed in the session. Malvertising is another current “hot” technique that induces a victim to click on an ad infected with malicious code that snags the session ID, thus granting the hacker access to the victim’s unique session key. Here again, the victim is authenticated on the server and the hacker can hijack the victim’s session. All the attacker has to do is input the victim’s session ID on their own browser, tricking the server into reading the hacker’s browser connection as the victim’s already authenticated session. Holidays under threat The coronavirus pandemic has had many wide-ranging effects on all of us. One result of this global situation is the massive increase in cybersecurity vulnerability. Studies have shown precipitous rises in spam attempts, as opportunistic hackers seek to prey on widespread uncertainty. But the pandemic places cybersecurity at risk on another level as well. This year, the holidays have gone digital to an extent never seen bef | Spam Studies | ||
 |
2020-12-21 16:37:54 | The Hidden Costs of Cybercrime on Government (lien direct) | 
Organizations across the country – from the private sector to the federal government – have become more digital, especially following the shift to remote work this year. It's no surprise that cybercriminals around the world have taken notice. According to a new report by McAfee and the Center for Strategic and International Studies (CSIS), cybercrime is now […]
|
Studies | ||
 |
2020-12-16 14:00:00 | E-Commerce Skimming is the New POS Malware (lien direct) | As the holiday shopping season shifts into high gear, the COVID-19 pandemic is accelerating an ongoing trend: shoppers are opting to buy online. Rather than flooding brick-and-mortar stores — and point-of-sale (POS) machines — with sales, studies suggest a high percentage of shoppers in 2020 will be using online options and e-commerce checkout pages. And, those checkout […] | Malware Studies | ||
 |
2020-12-08 20:31:32 | In the Name of Psychology (lien direct) | In This Issue, "In the Name of Psychology." Studies have shown that uncommon names can have a negative effect. Are they right? Maxie Reynolds, Technical Team Lead for Social-Engineer, LLC, takes a look. | Studies Guideline | ||
 |
2020-11-17 00:00:00 | CRIMZONâ¢: The Data Behind the FrameworkA report that highlights a subset of the empirical validation for the CRIMZON⢠framework.Read More (lien direct) | âAbstract The CRIMZON⢠framework defines the minimal elements needed to provide a view of accumulated cyber risk. For natural catastrophe risk, individual policy exposures can be aggregated within geographic zones.Similarly, cyber exposures can be aggregated using CRIMZONâ¢. Location also holds importance when assessing cyber catastrophe risk, however, two additional elements must be taken into account to properly assess cyber risk accumulation: industry and company size. Insured companies with common characteristics related to location, industry, and entity size tend to be exposed to similar types of cyber events because these elements also correspond to technologies or service providers used. Based on an analysis of millions of cyber events in the last 20 years, Kovrr conducted extensive research, to serve as the core empirical validation for the CRIMZON framework. Below is a subset of the research, in which a study group of 120 CRIMZON was determined by selecting CRIMZON with the highest relevance to the cyber insurance market(he research group was compiled according to criteria detailed in (Appendix A) The total number of unique companies in the study group is 20,000, with an average number of 152 companies within a CRIMZON, and a median of 86 companies. The research criteria focused on companiesâ location industry, entity size, and the hosting and mail technology and service providers used by companies. The results showed a concentration of technologies and services when grouping by location, and further concentration when adding the additional elements of the CRIMZON, entity size and industry to the analysis. The research shows that companies within the same CRIMZON have the tendency to use the same service providers and technologies, and that different compositions of service providers and technologies can be found across CRIMZON. When trying to estimate accumulations of potential losses from cyber, insurance and reinsurance companies face two main challenges: identifying which policies are exposed to the same cyber events and determining how many policies will be affected at the same time. The former is related to the problem of enumerating all technologies and service providers each insured relies upon, the latter is equivalent to estimating the footprint of a cyber event. Analyzing accumulations by CRIMZON enables risk professionals to make sense of the size and extent of potential losses from cyber, without necessarily needing to collect detailed information about technologies and service providers for each insured. The framework is completely agnostic to the line of business, therefore unlocking a full range of possible applications across both silent and affirmative cyber coverages. Among these applications is the development of aggregate models. This research shows it is possible to estimate the two key ingredients needed for the development of industry loss curves, the hazard and the exposure, using the CRIMZON as the atomic unit of aggregation. By identifying the correlation across CRIMZON, an aggregate model can then be developed.âIntroduction - What are CRIMZONâ¢? The Cyber Risk Accumulation Zones (CRIMZONâ¢) framework defines the minimal elements needed to provide a view of aggregated cyber exposure. Kovrr launched CRIMZON during participation in the fourth cohort of the Lloydâs Lab, the insurance technology accelerator operated by Lloydâs of London. CRIMZON is an open framework created to facilitate better communication across players in the cyber insurance value chain. The framework allows users to overlay their data pertaining to loss, cyber attack frequency, as well as additional data onto the CRIMZON for additional insights of risk per zone and to detect correlations between different zones. The framework was created to support efforts for setting a standard for data collection for cyber risk management.The CRIMZON are composed of the following three elements:Location - country-level worldwide a | Vulnerability Studies Cloud | ★★★ | |
|
2020-11-05 12:00:00 | Best data security practices when offboarding employees (lien direct) | This blog was written by an independent guest blogger. In times long gone, disgruntled former employees could only do so much damage to your company, and relatively little at all to your data security. In the fast-moving world of the 21st century, however, it’s a different story. Costly data breaches and devastating thefts have been undertaken in recent years by dissatisfied staff members released from their job duties. In fact, major data breaches caused by angry ex-employees even prompted an FBI report on the matter, with the risks posed by former staff members on an incline which has left CEOs feeling worried, vulnerable, and searching for reliable solutions. Make no mistake, offboarding employees is currently a situation which presents a considerable data security risk. If you’re wondering what to do when it comes to releasing a staff member who has access to sensitive material, or are concerned that former staff members still have access to your data, you’re far from alone. In this article, we’re going to look at the nature of this major issue, as well as presenting some essential best practices for avoiding the potential catastrophes this situation can create. Offboarding employees: Where does the data security risk lie? Most of us are aware of the risks associated with hackers and bad agents from the outside trying to access your data. We’re familiar with best practices for password security, and how to avoid the kind of common pitfalls that come with handling sensitive data on a daily basis. With the rise of pandemic-inspired remote work, a major data exposure risk now comes from improper vetting of outsourced hires. This used to be a smaller problem, but as outsourcing has increased exponentially, so has the potential to suffer a breach from the “outside” inside workforce. Dealing with these employees turned threats (or at least potential threats) who still possess passcodes, knowledge, and have recently added the potential motive to do harm is a scenario most companies find themselves relatively unprepared to deal with. The greatest risk? Quite simply, the loss or theft of the most sensitive corporate data stored in your systems. Dissatisfied or angry ex-employees often have the motivation to steal this kind of data and use it to blackmail your organization or sell it to the highest bidder on the Dark Web. If you think this would never happen in your company, think again. A Cyber-Ark survey found that no less than 88% of IT employees would consider stealing sensitive data if they were fired - which should be a worrying statistic to business owners and managers who care about data security! All of this makes one thing abundantly clear. An effective, thorough, and formal offboarding process is essential for avoiding this eventuality. Studies have shown that nearly 90% of employees are | Threat Studies Guideline | ||
|
2020-10-26 16:00:36 | There May Be Far More Water on the Moon Than NASA Thought (lien direct) | A new pair of studies reveals that the resource isn't limited to large shadowy craters. That's good news for the upcoming crewed missions. | Studies | ||
 |
2020-10-15 12:00:00 | It\'s October: YES, National Cybersecurity Awareness Month Still Matters (lien direct) |
It's Cybersecurity Awareness Month. Again. And the question comes up as it does every year, as to whether more awareness is needed or is a good thing. For example, studies have shown that after a certain point, there are diminishing returns with the same anti-phishing training. |
Studies | ||
|
2020-09-27 12:00:00 | Is Dark Matter Just Black Holes Made During the Big Bang? (lien direct) | Stephen Hawking once proposed that unseen “primordial” black holes might be the hidden dark matter. A series of new studies shows how it can work. | Studies | ||
|
2020-09-15 12:00:00 | If You\'ve Just Had Covid, Exercise Can Cause Serious Complications, Including Heart Disease (lien direct) | A growing number of studies are raising concerns about the coronavirus' long-term effects on the heart. Athletes especially need to heed the warnings. | Studies | ||
|
2020-09-14 19:29:54 | Antarctic Glaciers Are Growing Unstable Above and Below Water (lien direct) | New studies show fractures on surface ice and warm seawater melting the ice from underneath. That's a harbinger of a coming collapse-and sea level rise. | Studies | ★★★★ | |
|
2020-09-11 11:00:00 | Blood Centers Are Barely Meeting Convalescent Plasma Demand (lien direct) | Despite a lack of scientific studies on its efficacy for Covid-19, interest in the treatment has surged alongside case numbers. | Studies | ||
|
2020-08-31 17:43:00 | IBM RXN: AI combined with robotics to speed molecular studies and chemical research (lien direct) | AI and robotics are working together to find cures for diseases more quickly. Even if you're not in science, you can learn from this project. | Studies | ||
 |
2020-08-26 09:00:00 | Defense in depth: The resurgence of Emotet, as seen in the email and network layers (lien direct) | Darktrace's Immune System has recently detected a resurgence of the Emotet banking malware in the network and email realms of numerous customers around the world. This blog looks at three case studies and explains the benefits of a unified approach to cyber security. | Malware Studies | ||
 |
2020-08-19 23:17:10 | Smashing Security podcast #192: Ritz and robocalls with Rory (lien direct) | A scam involving restaurant bookings at The Ritz is suitably sophisticated, the second wave of UK coronavirus testing apps, and we take a look at one of the biggest studies ever into the scourge of robocalls. All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by BBC technology correspondent Rory Cellan-Jones. | Studies | ||
 |
2020-08-19 19:48:48 | NBlog Aug 19 - IAAC Directors\' Guides (lien direct) |  Some time back I bumped into a handy management guide on information risk - a double-sided leaflet from the Information Assurance Advisory Council. In 2015, it inspired a security awareness briefing explaining that colourful process diagram, which has now morphed into a further 5-page briefing on Information Risk Management, soon to join the SecAware ISMS templates.Googling for the IAAC guide led me to a cluster of FREE Directors' Guides from the IAAC offering useful, relevant guidance for senior management:Why Information Risk is a Board Level Issue - is a backgrounder including this apt and succinct explanation:"Information Risk encompasses all the challenges that result from an organisation's need to control and protect its information."Governance and Structures - describes directors' governance responsibilities relating to information risk:"Directors need to put in place the arrangements and processes by which responsibilities are distributed and significant information risk decisions are to be made and reviewed."Information Risk Management Approach - encourages directors to support the remainder of the organisation in fulfilling their responsibilities for information risk, ensuring strategic alignment between risk management and business objectives.Realising the Benefits - outlines the business benefits of good information risk management in terms of: efficiency; agility; manageability; exploitation of new opportunities (more confidently expanding into new areas of business); customer retention; brand strengthening; cost-efficient compliance; and dealing efficiently with incidents."Good information risk mitigation supports organisational strategies and tactical agil |
Studies Guideline | ||
|
2020-08-19 11:00:00 | How to check the effectiveness of phishing (lien direct) | This blog was written by an independent guest blogger. You can install the latest generation of security software to protect against evil hackers, but what is the use of it if your employees continue to follow phishing links? Several security companies conduct social and technical research of real-life phishing attacks aimed at different businesses and are impressed with the scale of the problem. The purpose of such studies is not only to understand how hackers deceive the staff and which hooks do they use but also to draw the right conclusions about what type of security awareness training to use and how often it is needed. One of the security companies I work with sent more than 15 thousand “phishing” emails to corporate mailboxes in 2019. Let’s see their results. What is inside the phishing email? According to statistics, last year, phishing became the most popular tool for penetrating the companies’ infrastructure. Attackers used this method in 70% of attacks. The second place took RDP hacking. Globally, all phishing emails are trying to provoke a user to one of two actions - click on a phishing link or open a malicious attachment. During pentest projects, depending on the final task, researchers send employees several letters with a link to a web form for entering account credentials or Microsoft Office documents with malicious macros. Most messages use harmless files that allow researchers to track only the fact of following the links or opening attachments. But sometimes, researchers send documents that contain macros that allow them to get remote access to workstations. Using such messages, researchers can check not only the vigilance of employees but also the reliability of the means of protection. The main task of each such project is to make the “phishing” email to look as realistic as possible. Researchers try to craft letters and build the overall logic of the attack in the way a real cybercriminal would do it, assuming, for example, that the goal of the attacker is to gain access to the correspondence of the company’s top management personnel. Usually, attackers start with harvesting information about the company using open sources. In one of the cases, our “attackers” discovered Outlook Web App, as well as news about the presence of a 0-day vulnerability in a browser used by this company. An attacker, preparing for an attack, considers all possible ways to achieve the desired goal and selects the most suitable and effective way. What was found? From our experience, users are more likely to open file attachments rather than provide their data via a web form. In each of the companies that were tested, several employees open attachments without any delay. Among email topics used, corporate bonus programs (employee discounts, corporate offers from partner companies) turned out to be the most effective. About 33% of addressees reacted to such letters. The second place took letters that asked employees to read the new corporate rules or other important corporate documents. Especially successful are attacks that have to do with current events. For example, in December, it is highly effective to offer the victims to check the work schedule for the upcoming holidays or find out about discounts on holiday events. This spring, the hottest topic, of course, was COVID-19. 15% of the | Malware Tool Studies | ||
|
2020-07-27 11:00:00 | Some Countries Reopened Schools. What Did They Learn About Kids and Covid? (lien direct) | Studies from around the world suggest that success depends on class size, distancing, the age of the students, and how prevalent the virus is locally. | Studies | ||
|
2020-07-16 21:52:39 | Hydroxychloroquine Still Doesn\'t Do Anything, New Data Shows (lien direct) | Two more studies prove that the much-hyped antimalarial doesn't treat Covid-19. | Studies | ||
|
2020-07-06 19:18:53 | Seattle\'s Uber and Lyft Drivers Make $23.25 an Hour-or $9.73 (lien direct) | Two studies reach very different conclusions about ride-hail earnings, as city officials consider setting a minimum wage. | Studies | Uber | |
|
2020-07-02 11:10:56 | Experts on Password “123456” (lien direct) | The computer engineering student Ata Hakçıl analyzed username and password combinations used in data breaches at various companies found out that one in 142 passwords leaked in data breaches is “123456.”. In one of the biggest password re-use studies of its kind, an analysis of more than one billion leaked credentials has discovered that one … The ISBuzz Post: This Post Experts on Password “123456” | Studies | ||
|
2020-07-01 15:09:11 | One out of every 142 passwords is \'123456\' (lien direct) | The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind. | Studies | ||
|
2020-06-10 11:00:00 | IBM\'s Withdrawal Won\'t Mean the End of Facial Recognition (lien direct) | Many other companies continue to offer similar services, which studies show are less accurate for women and people of color. | Studies | ||
|
2020-06-04 19:21:55 | Permanent remote work may also mean a pay cut (lien direct) | Studies show that many employees would be amenable to a cost-of-living adjustment and that the benefits may offset the decrease. | Studies | ||
|
2020-06-02 20:14:11 | Protests Renew Scrutiny of Tech\'s Ties to Law Enforcement (lien direct) | Amazon executives tweeted support for protesters. But the company sells a surveillance tool to police that studies say misidentifies darker skinned people. | Tool Studies | ||
 |
2020-06-01 15:13:22 | What Do the Customers Think? (lien direct) | IT Security solution providers know how hard it is to get customers to talk on the record about the solutions they use. Case studies and customer feedback, however, are the only way in which cybersecurity solution providers can tailor their product to the needs of their buyers. They are also a valuable source of insight […] | Studies |
To see everything:
Our RSS (filtrered)
