www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2019-06-18T23:52:38+02:00 www.secnews.physaphae.fr Zataz - Magazine Francais de secu Cybersécurité : Réserver pour les vacances via Internet Réserver ses vacances à la dernière minute est facilité par Internet. Sites et bons plans pullulent. Prudence aux fausses promesses et locations. Dans ma chronique TV dédiée à la cybersécurité proposée le lundi à 18h45 sur Wéo Tv, je suis revenu cette semaine sur les réservations vacances. L’é...

Cet article Cybersécurité : Réserver pour les vacances via Internet est apparu en premier sur ZATAZ.

]]
2019-06-18T20:54:00+02:00 https://www.zataz.com/cybersecurite-reserver-pour-les-vacances-via-internet/ www.secnews.physaphae.fr/article.php?IdArticle=1162798 False None None None
Wired Threat Level - Security News Companies Don\'t Need Conventions Like E3. They Should Go Anyway 2019-06-18T20:49:04+02:00 https://www.wired.com/story/e3-sony-skipping-convention www.secnews.physaphae.fr/article.php?IdArticle=1162835 False None None None InformationSecurityBuzzNews - Site de News Securite Hackers Behind \'Triton\' Malware Target Electric Utilities In US It has been reported that Xenotime, the threat actor behind the 2017 Trisis/Triton malware attack, is now targeting - in addition to oil and gas organizations - electric utilities in the United States and the Asia-Pacific (APAC) region. Xenotime initially appeared to target only the oil and gas sector in the Middle East, but Dragos reported in May 2018 …

The ISBuzz Post: This Post Hackers Behind ‘Triton’ Malware Target Electric Utilities In US appeared first on Information Security Buzz.

]]
2019-06-18T20:35:00+02:00 https://www.informationsecuritybuzz.com/expert-comments/hackers-behind-triton-malware-target-electric-utilities-in-us/ www.secnews.physaphae.fr/article.php?IdArticle=1162825 False None None None
Wired Threat Level - Security News Weather Forecasts Will Soon Use Weird, Bendy GPS Signals 2019-06-18T20:33:01+02:00 https://www.wired.com/story/weather-satellites-gps-radio-occultation www.secnews.physaphae.fr/article.php?IdArticle=1162836 False None None None We Live Security - Editeur Logiciel Antivirus ESET Instagram tests new ways to recover hacked accounts Locked out and out of luck? The photo-sharing platform is trialing new methods to reunite you with your lost account

The post Instagram tests new ways to recover hacked accounts appeared first on WeLiveSecurity

]]
2019-06-18T20:16:00+02:00 https://www.welivesecurity.com/2019/06/18/instagram-new-ways-account-recovery/ www.secnews.physaphae.fr/article.php?IdArticle=1162790 False None None None
ZD Net - Magazine Info Mozilla patches Firefox zero-day abused in the wild 2019-06-18T19:29:01+02:00 https://www.zdnet.com/article/mozilla-patches-firefox-zero-day-abused-in-the-wild/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1162739 False None None None InformationSecurityBuzzNews - Site de News Securite Okta Research Shows Workers Are Ready To Go Passwordless This Year  Okta\'s Passwordless Future Report finds:  78% of all respondents admit to using insecure methods to help them remember passwords  69% of UK workers feel stressed or annoyed as a result of forgetting a password, a worrisome statistic considering the importance of mental health in the workplace  More than three in five workers say they would benefit from biometrics in the workplace, but 86% …

The ISBuzz Post: This Post Okta Research Shows Workers Are Ready To Go Passwordless This Year appeared first on Information Security Buzz.

]]
2019-06-18T18:34:04+02:00 https://www.informationsecuritybuzz.com/study-research/okta-research-shows-workers-are-ready-to-go-passwordless-this-year/ www.secnews.physaphae.fr/article.php?IdArticle=1162711 False None None None
ZD Net - Magazine Info FBI warning: Foreign spies using social media to target government contractors 2019-06-18T18:25:05+02:00 https://www.zdnet.com/article/fbi-warning-foreign-spies-using-social-media-to-target-government-contractors/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1162670 False None None None Zataz - Magazine Francais de secu Cloner une voix en temps réel, en moins de 5 secondes Un ingénieur en informatique réalise un outil capable de cloner une voix et de produire un discours arbitraire en temps réel… en 5 secondes ! Cloner une voix, une image, un son … rien de plus simple avec l’informatique. Cloner une image et un son pour leur faire dire n’import...

Cet article Cloner une voix en temps réel, en moins de 5 secondes est apparu en premier sur ZATAZ.

]]
2019-06-18T18:14:01+02:00 https://www.zataz.com/clonage-cloner-voix-temps-reel/ www.secnews.physaphae.fr/article.php?IdArticle=1162657 False None None None
Hacking Articles - Blog de Raj Chandel Happycorp:1 Vulnhub Walkthrough This is another post on vulnhub CTF “named as “HAPPYCORP:1” by Zayotic. It is designed for VMware platform, and it is a boot to root challenge where you have to find flags to finish the task assigned by the author. You can download it from here: https://www.vulnhub.com/entry/happycorp-1,296/ Penetrating Methodologies Scanning Netdiscover Nmap Enumeration NFS-Share Mount... Continue reading

The post Happycorp:1 Vulnhub Walkthrough appeared first on Hacking Articles.

]]
2019-06-18T17:17:02+02:00 https://www.hackingarticles.in/happycorp1-vulnhub-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=1162538 False None None None
Malwarebytes Labs - MalwarebytesLabs Smart cities, difficult choices: privacy and security on the grid We take a look at Google\'s Sidewalk Labs woes with a planned smart city build in Toronto, and explore some of the general concerns about making our living spaces 24/7 Internet wonderlands.

Categories:

Privacy

Tags:

(Read more...)

The post Smart cities, difficult choices: privacy and security on the grid appeared first on Malwarebytes Labs.

]]
2019-06-18T17:17:00+02:00 https://blog.malwarebytes.com/privacy-2/2019/06/smart-cities-difficult-choices-privacy-and-security-on-the-grid/ www.secnews.physaphae.fr/article.php?IdArticle=1162632 False None None None
Wired Threat Level - Security News The YouTubers Who Changed the Landscape for #NaturalHair 2019-06-18T17:03:04+02:00 https://www.wired.com/story/youtube-natural-hair www.secnews.physaphae.fr/article.php?IdArticle=1162601 False None None None ZD Net - Magazine Info Google launches Chrome extension for flagging bad URLs to the Safe Browsing team 2019-06-18T17:00:00+02:00 https://www.zdnet.com/article/google-launches-chrome-extension-for-flagging-bad-urls-to-the-safe-browsing-team/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1162562 False None None None Wired Threat Level - Security News The Midwest\'s Farms Face an Intense, Crop-Killing Future 2019-06-18T16:59:04+02:00 https://www.wired.com/story/midwest-farms-face-an-intense-crop-killing-future www.secnews.physaphae.fr/article.php?IdArticle=1162602 False None None None InformationSecurityBuzzNews - Site de News Securite Expert Comment: Russia & US Power Grid Cyberwar The US and Russia are currently locked in a series of escalating cyber-attacks, with the US reportedly attacking Russia\'s power grids and the Kremlin responding with a warning of potential cyberwar.  CHILD: "What started the cyber wars, daddy?" FATHER: "…..A New York Times article." https://t.co/4X9bIkDGoO — Greg Otto (@gregotto) June 17, 2019 Expert Comments:  Dr Darren Williams, …

The ISBuzz Post: This Post Expert Comment: Russia & US Power Grid Cyberwar appeared first on Information Security Buzz.

]]
2019-06-18T16:45:00+02:00 https://www.informationsecuritybuzz.com/expert-comments/expert-comment-russia-us-power-grid-cyberwar/ www.secnews.physaphae.fr/article.php?IdArticle=1162488 False None None None
TechRepublic - Security News US How to install the latest version of NGINX on Ubuntu Server 18.04 2019-06-18T16:30:00+02:00 https://www.techrepublic.com/article/how-to-install-the-latest-version-of-nginx-on-ubuntu-server-18-04/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162445 False None None None Data Security Breach - Site de news Francais 6 professionnels sur 10 voleraient des données en cas de départ de leur entreprise   Une étude en dit beaucoup sur la gestion des accès et des identités au sein des entreprises : les confessions de professionnels mais aussi les difficultés rencontrées pour mettre en place des solutions IAM (Identity and Access Management) et PAM (Privileged Access Management) adaptées. One Identity, une société spécialisée dans la gestion des identités et […]

L\'article 6 professionnels sur 10 voleraient des données en cas de départ de leur entreprise   est apparu en premier sur Data Security Breach.

]]
2019-06-18T16:28:03+02:00 https://www.datasecuritybreach.fr/6-professionnels-sur-10-voleraient-des-donnees-en-cas-de-depart-de-leur-entreprise/ www.secnews.physaphae.fr/article.php?IdArticle=1162434 False None None None
Wired Threat Level - Security News MTV\'s \'Most Meme-Able Moment\' Honors Internet Culture-Barely 2019-06-18T16:18:03+02:00 https://www.wired.com/story/mtv-meme-able-moment www.secnews.physaphae.fr/article.php?IdArticle=1162498 False None None None UnderNews - Site de news "pirate" francais L\'Industrie 4.0, cible privilégiée des pirates La transformation numérique du secteur industriel permet une augmentation de la productivité, tout en réalisant des économies d\'échelle ; elle ouvre cependant la voie à de nouveaux défis en matière de sécurité.]] 2019-06-18T16:00:00+02:00 https://www.undernews.fr/reseau-securite/lindustrie-4-0-cible-privilegiee-des-pirates.html www.secnews.physaphae.fr/article.php?IdArticle=1162355 False None None None Bleeping Computer - Magazine Américain Mozilla Firefox 67.0.3 Patches Actively Exploited Zero-Day 2019-06-18T15:58:02+02:00 https://www.bleepingcomputer.com/news/security/mozilla-firefox-6703-patches-actively-exploited-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=1162759 False None None None Zataz - Magazine Francais de secu Atteintes à la protection des données des clients Aux Etats-Unis, les fuites de données ont coûté 654 milliards de dollars en 2018, 2,8 milliards de dossiers de consommateurs exposés. Et France ? ZATAZ a déjà pu repérer plus de 460 millions de données volées/diffusées ! La société ForgeRock divulgue un rapport sur les atteintes à la protection des ...

Cet article Atteintes à la protection des données des clients est apparu en premier sur ZATAZ.

]]
2019-06-18T15:49:03+02:00 https://www.zataz.com/atteintes-a-la-protection-des-donnees-clients/ www.secnews.physaphae.fr/article.php?IdArticle=1162323 False None None None
Wired Threat Level - Security News How Not To Prevent a Cyberwar With Russia 2019-06-18T15:30:02+02:00 https://www.wired.com/story/russia-cyberwar-escalation-power-grid www.secnews.physaphae.fr/article.php?IdArticle=1162393 False None None None TechRepublic - Security News US How HackerOne open sources security--one hacker at a time 2019-06-18T15:30:00+02:00 https://www.techrepublic.com/article/how-hackerone-open-sources-security-one-hacker-at-a-time/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162334 False None None None Zataz - Magazine Francais de secu Santé – Une faille critique dans des pompes à perfusion médicales Santé – Une vulnérabilité considérée comme critique découverte dans des pompes dédiées aux perfusions médicales. Un pirate pourrait modifier le fonctionnement du matériel, à distance ! Cyber sécurité et santé ! Des chercheurs de la société CyberMDX ont identifié deux vulnérabilités dans des st...

Cet article Santé – Une faille critique dans des pompes à perfusion médicales est apparu en premier sur ZATAZ.

]]
2019-06-18T15:18:01+02:00 https://www.zataz.com/sante-une-faille-critique-dans-des-pompes-a-perfusion-medicales/ www.secnews.physaphae.fr/article.php?IdArticle=1162324 False None None None
TechRepublic - Security News US How to back up to your Google Drive cloud account with Déjà Dup 2019-06-18T15:16:01+02:00 https://www.techrepublic.com/article/how-to-back-up-to-your-google-drive-cloud-account-with-deja-dup/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162335 False None None None TechRepublic - Security News US How small businesses can deal with getting regulated 2019-06-18T15:08:04+02:00 https://www.techrepublic.com/article/how-small-businesses-can-deal-with-getting-regulated/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162336 False None None None Wired Threat Level - Security News YouTube\'s \'Shitty Robot\' Queen Made Her Own Tesla Pickup Truck 2019-06-18T15:00:00+02:00 https://www.wired.com/story/simone-giertz-tesla-pickup-model-3-truckla www.secnews.physaphae.fr/article.php?IdArticle=1162394 False None None None TechRepublic - Security News US Security breaches: 4 business impacts 2019-06-18T14:59:01+02:00 https://www.techrepublic.com/article/security-breaches-4-business-impacts/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162337 False None None None Bleeping Computer - Magazine Américain Open Source Clones Unofficially Sold on the Microsoft Store 2019-06-18T14:35:05+02:00 https://www.bleepingcomputer.com/news/microsoft/open-source-clones-unofficially-sold-on-the-microsoft-store/ www.secnews.physaphae.fr/article.php?IdArticle=1162691 False None None None Security Affairs - Blog Secu Android Apps uses a novel technique to by-pass 2FA and steal Bitcoin Expert discovered a new technique bypassing SMS-based two-factor authentication while circumventing Google\'s recent SMS permissions restrictions The popular security expert Lukas Stefanko from ESET discovered some apps (namedBTCTurk Pro Beta and BtcTurk Pro Beta) impersonating the Turkish cryptocurrency exchange, BtcTurk, in the attempt of stealing login credentials. In order to steal the 2FA OTPs the […]

The post Android Apps uses a novel technique to by-pass 2FA and steal Bitcoin appeared first on Security Affairs.

]]
2019-06-18T14:29:03+02:00 https://securityaffairs.co/wordpress/87274/hacking/2fa-bypass-technique-bitcoin.html www.secnews.physaphae.fr/article.php?IdArticle=1162264 False None None None
Data Security Breach - Site de news Francais Le coût moyen des attaques DNS a augmenté de 49% en 2018 et s\'élève à près d\'un million d\'Euros Une étude d\'EfficientIP, en partenariat avec IDC, pointe que le nombre d\'attaques – au niveau mondial – a augmenté de 34 % en 2018. En France, elles augmentent également pour un montant estimé à 937 000 euros par attaque. EfficientIP, pépite française leader dans l\'automatisation et la sécurité réseau qui assurent la continuité du service, […]

L\'article Le coût moyen des attaques DNS a augmenté de 49% en 2018 et s\'élève à près d\'un million d\'Euros est apparu en premier sur Data Security Breach.

]]
2019-06-18T14:27:05+02:00 https://www.datasecuritybreach.fr/le-cout-moyen-des-attaques-dns-a-augmente-de-49-en-2018-et-seleve-a-pres-dun-million-deuros/ www.secnews.physaphae.fr/article.php?IdArticle=1162239 False None None None
IT Security Guru - Blog Sécurité 89% Of UK Organisational Cybersecurity Risks Are Internal. The biggest risk to a British company\'s cybersecurity is not, as often believed, external hackers and overseas-based virus attacks, but an organisation\'s own employees. Whether unknowingly or intentional, the actions of those within an organisation have been shown to be the biggest threat to the digital security of a company, according to new research by […]

The post 89% Of UK Organisational Cybersecurity Risks Are Internal. appeared first on IT Security Guru.

]]
2019-06-18T14:24:04+02:00 https://www.itsecurityguru.org/2019/06/18/89-of-uk-organisational-cybersecurity-risks-are-internal/ www.secnews.physaphae.fr/article.php?IdArticle=1162244 False None None None
TechRepublic - Security News US Is unlimited PTO good for employees? 2019-06-18T14:09:05+02:00 https://www.techrepublic.com/article/is-unlimited-pto-good-for-employees/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162274 False None None None Korben - Bloger francais Webosaures spécial récupération de données Suite]] 2019-06-18T14:07:04+02:00 https://korben.info/webosaures-special-recuperation-de-donnees.html www.secnews.physaphae.fr/article.php?IdArticle=1162528 False None None None Checkpoint - Fabricant Materiel Securite Introducing Malware DNA: Gaining Deep Insights into Malware Ancestry A single drop of blood contains billions of strands of DNA, carrying genetic instructions for the development, functioning, growth, and reproduction of all known organisms. DNA holds the building blocks of life.   Similarly, the lines of malware code make up the building blocks of cyber threats. Sophisticated cyberattacks threaten enterprises constantly putting sensitive data, privacy, and business operations at…

The post Introducing Malware DNA: Gaining Deep Insights into Malware Ancestry appeared first on Check Point Software.

]]
2019-06-18T14:00:04+02:00 https://blog.checkpoint.com/2019/06/18/malware-dna-threat-intelligence-insights-genetic-security-ancestry/ www.secnews.physaphae.fr/article.php?IdArticle=1162461 False None None None
Bleeping Computer - Magazine Américain Google Adds Deceptive URL Alerts To Chrome, Unsafe URL Report Add-on 2019-06-18T13:49:01+02:00 https://www.bleepingcomputer.com/news/google/google-adds-deceptive-url-alerts-to-chrome-unsafe-url-report-add-on/ www.secnews.physaphae.fr/article.php?IdArticle=1162584 False None None None TechRepublic - Security News US Top 5 cities in the world for innovation 2019-06-18T13:48:03+02:00 https://www.techrepublic.com/article/top-5-cities-in-the-world-for-innovation/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162162 False None None None TechRepublic - Security News US 6 AI technologies changing project management 2019-06-18T13:40:04+02:00 https://www.techrepublic.com/article/6-ai-technologies-changing-project-management/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162163 False None None None Data Security Breach - Site de news Francais Amende CNIL pour vidéosurveillance excessive Mardi 18 juin 2019, la CNIL annonce une amende à l’encontre d’une entreprise. Motif : vidéosurveillance excessive des salariés. La formation restreinte de la CNIL a prononcé en ce mois de juin 2019 une sanction de 20 000 euros à l\'encontre de la société UNIONTRAD COMPANY. Motif ? L’entreprise a mis en place un dispositif […]

L\'article Amende CNIL pour vidéosurveillance excessive est apparu en premier sur Data Security Breach.

]]
2019-06-18T13:34:05+02:00 https://www.datasecuritybreach.fr/amende-cnil-pour-videosurveillance-excessive/ www.secnews.physaphae.fr/article.php?IdArticle=1162157 False None None None
Zataz - Magazine Francais de secu Cybersécurité – Nom de domaine et commerce en ligne L’enregistrement d’un nom de domaine est d\'une facilité déconcertante : une simple connexion Internet suffit. Je vous racontais, il y a peu, des différentes possibilités permettant de prendre la main sur un nom de domaine par un malveillant. Retour sur l’étude de Proofpoint qui dém...

Cet article Cybersécurité – Nom de domaine et commerce en ligne est apparu en premier sur ZATAZ.

]]
2019-06-18T13:22:02+02:00 https://www.zataz.com/cybersecurite-nom-de-domaine-et-commerce-en-ligne/ www.secnews.physaphae.fr/article.php?IdArticle=1162187 False None None None
UnderNews - Site de news "pirate" francais 6 professionnels sur 10 voleraient des données en cas de départ de leur entreprise L\'étude réalisée par One Identity de manière anonyme en dit beaucoup sur la gestion des accès et des identités au sein des entreprises : les confessions de professionnels mais aussi les difficultés rencontrées pour mettre en place des solutions IAM (Identity and Access Management) et PAM (Privileged Access Management) adaptées.]] 2019-06-18T13:08:05+02:00 https://www.undernews.fr/hacking-hacktivisme/6-professionnels-sur-10-voleraient-des-donnees-en-cas-de-depart-de-leur-entreprise.html www.secnews.physaphae.fr/article.php?IdArticle=1162208 False None None None TechRepublic - Security News US How Salesforce builds loyalty by investing in the success of its developers, admins, and customers 2019-06-18T13:07:01+02:00 https://www.techrepublic.com/article/how-salesforce-builds-loyalty-by-investing-in-the-success-of-its-developers-admins-and-customers/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162164 False None None None UnderNews - Site de news "pirate" francais IoT et cybersécurité : 40 % des ménages dans le monde possèdent au moins un objet connecté Le spécialiste de la cybersécurité et la prestigieuse université américaine dévoilent les résultats de la plus grande étude jamais menée sur l\'état des appareils IoT dans le monde.]] 2019-06-18T13:05:00+02:00 https://www.undernews.fr/reseau-securite/iot-et-cybersecurite-40-des-menages-dans-le-monde-possedent-au-moins-un-objet-connecte.html www.secnews.physaphae.fr/article.php?IdArticle=1162209 False None None None Security Affairs - Blog Secu Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders A zero-day vulnerability affects multiple models of TP-Link Wi-Fi extenders, it could be exploited to remotely execute code. Security expert Grzegorz Wypych from IBM X-Force found a zero-day flaw that affects multiple models of TP-Link Wi-Fi extenders. The Wi-Fi extenders capture the Wi-Fi signal from the main network device and rebroadcast it to areas where […]

The post Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders appeared first on Security Affairs.

]]
2019-06-18T13:02:04+02:00 https://securityaffairs.co/wordpress/87263/iot/zero-day-tp-link-wi-fi-extenders.html www.secnews.physaphae.fr/article.php?IdArticle=1162197 False None None None
TechRepublic - Security News US How organizations can better defend against DNS attacks 2019-06-18T13:00:01+02:00 https://www.techrepublic.com/article/how-organizations-can-better-defend-against-dns-attacks/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162165 False None None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC SOAR with AT&T Cybersecurity and Dark Reading SOAR - security orchestration automation

Watch the full video on our site. If you prefer reading, here’s the full transcript 😊

Terry Sweeney - Contributing Editor, Dark Reading

Sanjay Ramnath - Associate Vice President, Product Marketing, AT&T Cybersecurity

Terry Sweeney: Welcome back to the Dark Reading News Desk. We’re here at the RSA Conference in San Francisco. I’m Terry Sweeney, contributing editor at Dark Reading and I’m delighted today to be joined by Sanjay Ramnath, vice president of product marketing at AT&T Cybersecurity. Sanjay, thanks so much for joining us today.

Sanjay Ramnath: Thanks so much for having me.

Terry Sweeney: This trend of SOAR, security orchestration automation and response is generating lots of buzz both here at RSA and among InfoSec professionals as well. Kick us off by explaining what SOAR is and how the companies that use it benefit from it.

Sanjay Ramnath: SOAR is a term that was coined by Gartner. SOAR is really a collection of technologies and processes that aim to solve three problems.

I think the first problem that the SOAR framework aims to solve is: How do you stay ahead of this constantly evolving threat landscape? How do you stay ahead of a rapidly changing network while the modern attack surface continues to expand and network parameters vanish? You have hybrid environments with on-premises and cloud assets. So one of the core tenants of SOAR is aggregating data, aggregating both threat data and intelligence and network visibility on a single platform so all the downstream operational decisions around security can be fed with this stream of intelligence and data.

The second problem that SOAR addresses is complexity in the security ecosystem and infrastructure itself. When you have a really large number of point solutions and products that protect specific threat vectors you have two issues. One is you have a management problem: how do you constantly switch contexts across these different solutions? You also have a problem of too much data and what is called alert fatigue. The SOAR approach attempts to solve this by automating some of the more mundane resource intensive, human intensive, tasks like data analysis and correlation so the security operations teams can be a lot more effective and they don’t get distracted by the noise. They actually focus on what’s important.

The third thing that SOAR addresses is incident response. What do you do when an incident happens? What do you do when your network is intruded upon? Do you have the right processes? Do you have the right workflows in place? Do you have the right data for investigations? SOAR brings all of these together. So SOAR is not a single technology or a single product, it’s really a concept or a framework that brings detection, automation, response, orchestration, intelligence and all of that all together under a common set of terminologies.  

Terry Sweeney: That’s really helpful and I’m glad you mention automation. It seems like given the volumes of information that have to be analyzed; this is an essential piece of SOAR. Talk a bit more about why it’s critical to have in combating today’s security issues.

Sanjay Ramnath: You’re never going to have enough resources, bandwidth, and skills in security to stay ahead of the cyber criminals and threat landscape. So I think applying automation where it makes sense really helps streamline security operation. As I mentioned earlier, applying automation in terms of taking this really vast amount of data, threat data and converting that into actionable, tactical threat intell]] 2019-06-18T13:00:00+02:00 https://feeds.feedblitz.com/~/603218922/0/alienvault-blogs~SOAR-with-ATampT-Cybersecurity-and-Dark-Reading www.secnews.physaphae.fr/article.php?IdArticle=1162182 False None None None Wired Threat Level - Security News Are E-Bikes and Scooters Doomed? 2019-06-18T13:00:00+02:00 https://www.wired.com/story/is-micromobility-a-bust www.secnews.physaphae.fr/article.php?IdArticle=1162117 False None None None Wired Threat Level - Security News A Plan to Stop Breaches With Dead Simple Database Encryption 2019-06-18T13:00:00+02:00 https://www.wired.com/story/field-level-encryption-databases-mongobd www.secnews.physaphae.fr/article.php?IdArticle=1162116 False None None None Bleeping Computer - Magazine Américain Microsoft Azure Bastion Preview: Remote VM Access via Azure Portal 2019-06-18T12:44:05+02:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-azure-bastion-preview-remote-vm-access-via-azure-portal/ www.secnews.physaphae.fr/article.php?IdArticle=1162467 False None None None TechRepublic - Security News US 7 tech companies that hire the most data scientists 2019-06-18T12:43:01+02:00 https://www.techrepublic.com/article/7-tech-companies-that-hire-the-most-data-scientists/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1162088 False None None None Wired Threat Level - Security News Review: Gocycle\'s GX Is a Fast, Foldable, and Spendy Ride 2019-06-18T12:00:00+02:00 https://www.wired.com/review/gocycle-gx-folding-e-bike www.secnews.physaphae.fr/article.php?IdArticle=1162119 False None None None Wired Threat Level - Security News Roli Lumi Keyboard: Price, Specs, Release Date 2019-06-18T12:00:00+02:00 https://www.wired.com/story/roli-lumi-keyboard www.secnews.physaphae.fr/article.php?IdArticle=1162120 False None None None Wired Threat Level - Security News What Adam Savage Needs to Know to Fly an Iron Man Suit 2019-06-18T12:00:00+02:00 https://www.wired.com/story/the-physics-of-actually-flying-around-in-an-iron-man-suit www.secnews.physaphae.fr/article.php?IdArticle=1162118 False None None None Graham Cluley - Blog Security Bella Thorne releases her own topless photos after hacker threats Actress refuses to play into hacker’s hands, and publishes topless images of herself.

]]
2019-06-18T11:32:02+02:00 https://www.grahamcluley.com/bella-thorne-releases-her-own-topless-photos-after-hacker-threats/ www.secnews.physaphae.fr/article.php?IdArticle=1162027 False None None None
Bleeping Computer - Magazine Américain Threat Actors Use Older Cobalt Strike Versions to Blend In 2019-06-18T11:26:02+02:00 https://www.bleepingcomputer.com/news/security/threat-actors-use-older-cobalt-strike-versions-to-blend-in/ www.secnews.physaphae.fr/article.php?IdArticle=1162369 False None None None Security Affairs - Blog Secu Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API Researcher leaked online a dataset containing over 7,000,000 transactions scraped from the Venmo public API Venmo is a digital wallet app owned by PayPal that lets you make and share payments with friends. In August 2016, security expert Martin Vigo devised a method to abuse an optional SMS-based feature that allowed users to authorize payments […]

The post Researcher leaked a dataset of over 7,000,000 transactions scraped from the Venmo public API appeared first on Security Affairs.

]]
2019-06-18T11:03:01+02:00 https://securityaffairs.co/wordpress/87259/digital-id/venmo-privacy-transactions.html www.secnews.physaphae.fr/article.php?IdArticle=1161990 False None None None
Wired Threat Level - Security News US to Russia on Nuke Experiments: Do as We Say, Not as We Do 2019-06-18T11:00:00+02:00 https://www.wired.com/story/us-to-russia-on-nuke-experiments-do-as-we-say-not-as-we-do www.secnews.physaphae.fr/article.php?IdArticle=1161949 False None None None ZD Net - Magazine Info EatStreet food ordering service discloses security breach 2019-06-18T10:53:00+02:00 https://www.zdnet.com/article/eatstreet-food-ordering-service-discloses-security-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1162006 False None None None BBC - BBC News - Technology US and Russia clash over power grid \'hack attacks\' 2019-06-18T10:20:02+02:00 https://www.bbc.co.uk/news/technology-48675203 www.secnews.physaphae.fr/article.php?IdArticle=1161943 False None None None Infosec Island - Security Magazine Influence Operation Uses Old News of New Purposes 2019-06-18T10:11:05+02:00 https://www.infosecisland.com/blogview/25202-Influence-Operation-Uses-Old-News-of-New-Purposes.html www.secnews.physaphae.fr/article.php?IdArticle=1162389 False None None None Bleeping Computer - Magazine Américain Hacker Steals Customer Payment Info in EatStreet Data Breach 2019-06-18T10:11:01+02:00 https://www.bleepingcomputer.com/news/security/hacker-steals-customer-payment-info-in-eatstreet-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=1162291 False None None None Wired Threat Level - Security News Inside Backpage.com\'s Vicious Battle With the Feds 2019-06-18T10:00:00+02:00 https://www.wired.com/story/inside-backpage-vicious-battle-feds www.secnews.physaphae.fr/article.php?IdArticle=1161950 False None None None ZD Net - Magazine Info Critical remote execution flaw lurks in TP-Link Wi-Fi Extenders 2019-06-18T10:00:00+02:00 https://www.zdnet.com/article/critical-remote-execution-flaw-lurks-in-tp-link-wi-fi-extenders/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1161903 False None None None ZD Net - Magazine Info Info stealing Android apps can grab one time passwords to evade 2FA protections 2019-06-18T09:46:05+02:00 https://www.zdnet.com/article/info-stealing-android-apps-can-now-access-passwords-to-avoid-2fa-protections/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1161904 False None None None IT Security Guru - Blog Sécurité Patients hit by NHS email privacy breach. The email addresses of almost 40 people who have HIV have been made public by mistake. It is understood the 37 patients in the Highlands were able to see their own and the others people’s addresses in an email from NHS Highland. Source: BBC

The post Patients hit by NHS email privacy breach. appeared first on IT Security Guru.

]]
2019-06-18T09:26:04+02:00 https://www.itsecurityguru.org/2019/06/18/patients-hit-by-nhs-email-privacy-breach/ www.secnews.physaphae.fr/article.php?IdArticle=1161800 False None None None
IT Security Guru - Blog Sécurité Russia warns of \'cyberwar\'. Russia, responding to a report in the New York Times about increasingly aggressive digital incursions from the US, has warned of the possibility of a fully blown \'cyberwar\'. Source: Silicon Republic

The post Russia warns of \'cyberwar\'. appeared first on IT Security Guru.

]]
2019-06-18T09:26:00+02:00 https://www.itsecurityguru.org/2019/06/18/russia-warns-of-cyberwar/ www.secnews.physaphae.fr/article.php?IdArticle=1161801 False None None None
IT Security Guru - Blog Sécurité One year of GDPR: Europeans know their digital rights. Europeans are relatively well aware of the new data protection rules, their rights and the existence of national data protection authorities, to whom they can turn for help when their rights are violated, according to the European Commission. Source: Help Net Security

The post One year of GDPR: Europeans know their digital rights. appeared first on IT Security Guru.

]]
2019-06-18T09:25:03+02:00 https://www.itsecurityguru.org/2019/06/18/one-year-of-gdpr-europeans-know-their-digital-rights/ www.secnews.physaphae.fr/article.php?IdArticle=1161802 False None None None
IT Security Guru - Blog Sécurité Businesses Failing on Cybersecurity Fundamentals. Each year, ISACA tracks the state of cybersecurity by surveying practitioners and leaders across the globe about emerging trends, issues and solutions. The results of this annual information-collection effort are then released in a report called, State of Cybersecurity 2019. Source: Infosecurity Magazine

The post Businesses Failing on Cybersecurity Fundamentals. appeared first on IT Security Guru.

]]
2019-06-18T09:25:00+02:00 https://www.itsecurityguru.org/2019/06/18/businesses-failing-on-cybersecurity-fundamentals/ www.secnews.physaphae.fr/article.php?IdArticle=1161803 False None None None
IT Security Guru - Blog Sécurité US Gov shares \'Critical\' Warning for Windows Users. The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has gone public with a warning to Microsoft Windows users regarding a critical security vulnerability. By issuing the “update now” warning, CISA has joined the likes of Microsoft itself and the National Security Agency (NSA) in warning Windows users of the danger […]

The post US Gov shares ‘Critical’ Warning for Windows Users. appeared first on IT Security Guru.

]]
2019-06-18T09:24:04+02:00 https://www.itsecurityguru.org/2019/06/18/us-gov-shares-critical-warning-for-windows-users/ www.secnews.physaphae.fr/article.php?IdArticle=1161804 False None None None
Wired Threat Level - Security News The Ambitious Plan Behind Facebook\'s Cryptocurrency, Libra 2019-06-18T09:00:00+02:00 https://www.wired.com/story/ambitious-plan-behind-facebooks-cryptocurrency-libra www.secnews.physaphae.fr/article.php?IdArticle=1161857 False None None None Security Affairs - Blog Secu DHS also issued an alert for the Windows BlueKeep flaw The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). After Microsoft and the US NSA, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. DHS on Monday issued an alert for the BlueKeep Windows flaw (CVE-2019-0708). Experts at the CISA Agency successfully […]

The post DHS also issued an alert for the Windows BlueKeep flaw appeared first on Security Affairs.

]]
2019-06-18T08:45:03+02:00 https://securityaffairs.co/wordpress/87253/security/dhs-cisa-bluekeep-alert.html www.secnews.physaphae.fr/article.php?IdArticle=1161722 False None None None
UnderNews - Site de news "pirate" francais Les cybercriminels copient les sites web des marques pour piéger les internautes L\'enregistrement d\'un nom de domaine est d\'une facilité déconcertante : une simple connexion Internet suffit. Récemment, des utilisateurs ont reçu un e-mail qui semblait venir de Chronopost, leur annonçant l\'arrivée de leur colis accompagné d\'un lien.]] 2019-06-18T08:20:03+02:00 https://www.undernews.fr/hacking-hacktivisme/les-cybercriminels-copient-les-sites-web-des-marques-pour-pieger-les-internautes.html www.secnews.physaphae.fr/article.php?IdArticle=1161768 False None None None UnderNews - Site de news "pirate" francais Etude sur le coût des attaques DNS Le coût moyen des attaques DNS a augmenté de 49% en 2018 et s\'élève à près d\'un million d\'Euros.]] 2019-06-18T08:04:00+02:00 https://www.undernews.fr/reseau-securite/etude-sur-le-cout-des-attaques-dns.html www.secnews.physaphae.fr/article.php?IdArticle=1161769 False None None None Security Affairs - Blog Secu Multiple DoS vulnerabilities affect Linux and FreeBSD Netflix researcher has identified several TCP networking vulnerabilities in FreeBSD and Linux kernels that could trigger a DoS condition. Jonathan Looney, a security expert at Netflix, found three Linux DoS vulnerabilities, two of them related to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities, and one related only to MSS. The most severe […]

The post Multiple DoS vulnerabilities affect Linux and FreeBSD appeared first on Security Affairs.

]]
2019-06-18T07:49:00+02:00 https://securityaffairs.co/wordpress/87244/security/dos-flaws-linux-freebsd.html www.secnews.physaphae.fr/article.php?IdArticle=1161670 False None None None
Korben - Bloger francais Le premier habitat pour MARS imprimé en 3D ressemblera peut-être à cela Suite]] 2019-06-18T07:47:01+02:00 https://korben.info/le-premier-habitat-pour-mars-imprime-en-3d-ressemblera-peut-etre-a-cela.html www.secnews.physaphae.fr/article.php?IdArticle=1162051 False None None None Korben - Bloger francais Victime de Ransomware ? Lisez ça. [rappel] Suite]] 2019-06-18T07:26:04+02:00 https://korben.info/victime-de-ransomware-lisez-ca-rappel.html www.secnews.physaphae.fr/article.php?IdArticle=1162052 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 5 Keys to Improve Your Cybersecurity ]] 2019-06-18T05:24:03+02:00 https://thehackernews.com/2019/06/improve-your-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=1162071 False None None None TechRepublic - Security News US How fraudulent domain names are powering phishing attacks 2019-06-18T04:00:01+02:00 https://www.techrepublic.com/article/how-fraudulent-domain-names-are-powering-phishing-attacks/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1161471 False None None None Bleeping Computer - Magazine Américain Docker Desktop for Windows 10 Will Soon Switch to WSL 2 2019-06-18T03:30:00+02:00 https://www.bleepingcomputer.com/news/security/docker-desktop-for-windows-10-will-soon-switch-to-wsl-2/ www.secnews.physaphae.fr/article.php?IdArticle=1162292 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GandCrab Ransomware Decryption Tool [All Versions] - Recover Files for Free ]] 2019-06-18T02:04:00+02:00 https://thehackernews.com/2019/06/gandcrab-ransomware-decryption-tool.html www.secnews.physaphae.fr/article.php?IdArticle=1161810 False None None None TechRepublic - Security News US Techies, don\'t be too proud to learn new things 2019-06-18T01:54:01+02:00 https://www.techrepublic.com/article/techies-dont-be-too-proud-to-learn-new-things/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1161361 False None None None Wired Threat Level - Security News Nuro\'s Pizza Robot Will Bring You a Domino\'s Pie 2019-06-18T00:24:02+02:00 https://www.wired.com/story/nuro-dominos-pizza-delivery-self-driving-robot-houston www.secnews.physaphae.fr/article.php?IdArticle=1161255 False None None None ZD Net - Magazine Info Disgruntled security firm discloses zero-days in Facebook\'s WordPress plugins 2019-06-17T23:54:04+02:00 https://www.zdnet.com/article/disgruntled-security-firm-discloses-zero-days-in-facebooks-wordpress-plugins/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1161213 False None None None Wired Threat Level - Security News Huawei Says US Sanctions Will Reduce Revenue by $30 Billion 2019-06-17T23:01:05+02:00 https://www.wired.com/story/huawei-says-us-sanctions-reduce-revenue-dollar30-billion www.secnews.physaphae.fr/article.php?IdArticle=1161141 False None None None Wired Threat Level - Security News Your Google Calendar Isn\'t Safe, an Eye-Controlled TV, and More News 2019-06-17T22:09:05+02:00 https://www.wired.com/story/google-calendar-phishing-comcast-eye-control-remote www.secnews.physaphae.fr/article.php?IdArticle=1161064 False None None None Wired Threat Level - Security News Lawyers in a Murder Trial Clash Over a DNA Forensics Method 2019-06-17T21:34:05+02:00 https://www.wired.com/story/lawyers-in-a-murder-trial-clash-over-a-dna-forensics-method www.secnews.physaphae.fr/article.php?IdArticle=1160968 False None None None ZD Net - Magazine Info Cloudflare launches decentralized service for generating random numbers 2019-06-17T21:34:04+02:00 https://www.zdnet.com/article/cloudflare-launches-decentralized-service-for-generating-random-numbers/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1161019 False None None None InformationSecurityBuzzNews - Site de News Securite New Echobot Malware Spreads Via 26 Different Exploits According to this link, https://www.zdnet.com/article/new-echobot-malware-is-a-smorgasbord-of-vulnerabilities/, security researchers have found a new Mirai variant called Echobot that targets a wide range of IoT devices and enterprise apps.  Echobot is based on Mirai malware, like hundreds of other botnets that emerged once the source code became publicly available  Uses 26 exploits to propagate  The targets of the latest Echobot variant include network-attached storage …

The ISBuzz Post: This Post New Echobot Malware Spreads Via 26 Different Exploits appeared first on Information Security Buzz.

]]
2019-06-17T21:00:02+02:00 https://www.informationsecuritybuzz.com/expert-comments/new-echobot-malware-spreads-via-26-different-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=1160958 False None None None
Security Affairs - Blog Secu A free Decryptor tool for GandCrab Ransomware released Good news for the victims of the latest variants of the GandCrab ransomware, NoMoreRansomware released a free decryption tool. Victims of the latest variants of the GandCrab ransomware can now decrypt their files for free using a free decryptor tool released on the the NoMoreRansom website. The tool works with versions 5 to 5.2 of the ransomware, […]

The post A free Decryptor tool for GandCrab Ransomware released appeared first on Security Affairs.

]]
2019-06-17T20:58:04+02:00 https://securityaffairs.co/wordpress/87235/malware/gandcrab-ransomware-decryptor-tool.html www.secnews.physaphae.fr/article.php?IdArticle=1160809 False None None None
Wired Threat Level - Security News Stunning Photographs Created With a Flashlight Lightsaber 2019-06-17T20:43:02+02:00 https://www.wired.com/story/lightsaber-photography www.secnews.physaphae.fr/article.php?IdArticle=1160871 False None None None SecurityWeek - Security News Mirai Offspring "Echobot" Uses 26 Different Exploits A recently discovered variant of the Mirai Internet of Things (IoT) malware uses a total of 26 different exploits for the infection phase, Akamai reports. 

read more

]]
2019-06-17T20:14:00+02:00 https://www.securityweek.com/mirai-offspring-echobot-uses-26-different-exploits www.secnews.physaphae.fr/article.php?IdArticle=1161172 False None None None
SecurityWeek - Security News Android Apps Target Bitcoin, By-Passing 2FA Last week researchers reported on apps abusing the Android push notifications feature to deliver spam. Now other researchers have described apps using a similar but more advanced approach to by-pass two-factor authentication.

read more

]]
2019-06-17T19:58:03+02:00 https://www.securityweek.com/android-apps-target-bitcoin-passing-2fa www.secnews.physaphae.fr/article.php?IdArticle=1161173 False None None None
InformationSecurityBuzzNews - Site de News Securite Disinformation Effort Targeted At EU Parliament Elections According to Reuters and The FT, who have both seen the report, Russian sources mounted a disinformation effort in order to \'suppress turnout and influence voter references\' at the elections. Alongside this, both outlets have confirmed that the report calls for social media companies to do better, claiming they fell short in their efforts to tackle malicious …

The ISBuzz Post: This Post Disinformation Effort Targeted At EU Parliament Elections appeared first on Information Security Buzz.

]]
2019-06-17T18:50:05+02:00 https://www.informationsecuritybuzz.com/expert-comments/disinformation-effort-targeted-at-eu-parliament-elections/ www.secnews.physaphae.fr/article.php?IdArticle=1160687 False None None None
TechRepublic - Security News US How to create an administrator IAM user and group in AWS 2019-06-17T18:27:04+02:00 https://www.techrepublic.com/article/how-to-create-an-administrator-iam-user-and-group-in-aws/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1160647 False None None None SecurityWeek - Security News Researcher Scrapes and Posts 7 Million Venmo Transactions Venmo is a peer-to-peer mobile app designed to make it easy to send and receive payments from friends. It is owned by PayPal -- and it is no stranger to security issues.

read more

]]
2019-06-17T18:24:00+02:00 https://www.securityweek.com/researcher-scrapes-and-posts-7-million-venmo-transactions www.secnews.physaphae.fr/article.php?IdArticle=1161174 False None None None
TechRepublic - Security News US 4 tips on preparing your IT team for a recession 2019-06-17T18:12:02+02:00 https://www.techrepublic.com/article/4-tips-on-preparing-your-it-team-for-a-recession/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1160648 False None None None Wired Threat Level - Security News Pete Buttigieg Enlists a Silicon Valley Vet to Bring in the Money 2019-06-17T18:07:04+02:00 https://www.wired.com/story/pete-buttigieg-swati-mylavarapu-campaign-investment-chair www.secnews.physaphae.fr/article.php?IdArticle=1160697 False None None None SecurityWeek - Security News DHS Issues Alert for Windows \'BlueKeep\' Vulnerability The Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. Department of Homeland Security (DHS) on Monday issued an alert for the Windows vulnerability tracked as BlueKeep and CVE-2019-0708.

read more

]]
2019-06-17T18:07:04+02:00 https://www.securityweek.com/dhs-issues-alert-windows-bluekeep-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=1161175 False None None None
ZD Net - Magazine Info A quarter of major CMSs use outdated MD5 as the default password hashing scheme 2019-06-17T17:48:00+02:00 https://www.zdnet.com/article/a-quarter-of-major-cmss-use-outdated-md5-as-the-default-password-hashing-scheme/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1160748 False None None None Tech Worm - Desc Cellebrite claims that it can unlock any iPhone or iPad for police Cellebrite says that it can unlock any iOS and high-end Android devices for law enforcement agencies Cellebrite recently announced on Twitter that the newest version of its product called Universal Forensic Extraction Device (UFED) has the capability to “unlock and extract crucial mobile phone evidence from all iOS and high-end Android devices.” For those unfamiliar, […]

The post Cellebrite claims that it can unlock any iPhone or iPad for police appeared first on TechWorm.

]]
2019-06-17T17:44:04+02:00 https://www.techworm.net/2019/06/cellebrite-unlock-iphone-ipad.html www.secnews.physaphae.fr/article.php?IdArticle=1160587 False None None None