This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-17T13:25:15+00:00 www.secnews.physaphae.fr CSO - CSO Daily Dashboard Common Vulnerability Scoring System (CVSS) risk to easily analyze whether to patch. The vendor might give a high CVSS risk score to a bug that wouldn't be easily exploited. I am having to dig more into details of a bug to better understand the risk of not applying an update immediately. Vendors are adding obscurity to bug information and making it harder to understand the risk.To read this article in full, please click here]]> 2022-08-24T02:00:00+00:00 https://www.csoonline.com/article/3669902/why-patching-quality-vendor-info-on-vulnerabilities-are-declining.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6499188 False Vulnerability,Patching None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-23T14:51:00+00:00 https://www.csoonline.com/article/3670573/5-signs-the-world-isn-t-paying-enough-attention-to-5g-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6490308 False None None None CSO - CSO Daily Dashboard 2022 Cloud Security Report, 40% of enterprises now run more than half of their workloads in the cloud. And that percentage is expected to increase to nearly 60% by 2024.To read this article in full, please click here]]> 2022-08-23T13:26:00+00:00 https://www.csoonline.com/article/3670555/securing-critical-applications-running-in-the-cloud.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6489497 False None None None CSO - CSO Daily Dashboard in a press release that such programs have had a major impact on the public's view of fraud and cybercrime. “True crime and fraud-related entertainment stories have become widespread and popular. This is having a very real impact on how society views and perceives the prevalence and severity of fraud as a crime,” he said. “As a result, consumers are growing increasingly wary of online interactions, amid concerns over fraudster tactics and the security of their identities.”To read this article in full, please click here]]> 2022-08-23T11:44:00+00:00 https://www.csoonline.com/article/3670736/true-crime-shows-might-be-the-biggest-educational-tool-for-cybercrime-awareness.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6487899 False Tool None None CSO - CSO Daily Dashboard Part 1 of my series on Transport Layer Security (TLS) decryption, I went over a few basics of encryption, discussed TLS 1.2, and concluded by outlining the improvements TLS 1.3 provided. In this second installment, I dive into TLS decryption in versions TLS 1.2 and 1.3.TLS DecryptionTo decrypt TLS sessions, there are a few requirements. One of the options is to be either on the client or on the server. The client and server must be able to decrypt the session at some point to use the information. For some scenarios, this may be all that is needed, but this, unfortunately will not scale well.To read this article in full, please click here]]> 2022-08-23T09:47:00+00:00 https://www.csoonline.com/article/3670753/decryption-is-key-for-enhanced-security-and-monitoring.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6486418 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-22T09:57:00+00:00 https://www.csoonline.com/article/3670791/oracle-sued-over-worldwide-surveillance-machine-by-privacy-rights-activists.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6473816 False None None None CSO - CSO Daily Dashboard In its bulletin, Lloyd's of London wrote that it consistently emphasizes that underwriters need to be clear in their wordings as to the cover they are providing, with clarity surrounding cyberattacks involving state-backed actors of particular importance. “When writing cyberattack risks, underwriters need to take account of the possibility that state-backed attacks may occur outside of a war involving physical force. The damage that these attacks can cause and their ability to spread creates a similar systemic risk to insurers.”To read this article in full, please click here]]> 2022-08-22T06:06:00+00:00 https://www.csoonline.com/article/3670571/lloyd-s-of-london-to-exclude-state-backed-attacks-from-cyber-insurance-policies.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6472552 False None None None CSO - CSO Daily Dashboard identity management vendor Radiant Logic indicates that most companies are suffering from complicated credential and identity issues, but few are taking steps to address it.The issue, according to Radiant Logic, is what it calls “identity sprawl”-businesses require identification and credentialling for an increasingly large number of systems these days, meaning that a given user might have one login for the HR system, another for one set of shared assets on the company network, another still for an official Microsoft account, and so on.To read this article in full, please click here]]> 2022-08-22T03:00:00+00:00 https://www.csoonline.com/article/3670633/identity-management-difficulties-continue-to-plague-it-departments.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6471278 False None None None CSO - CSO Daily Dashboard blue team is trusted with arguably the most critical mission of all: protecting organizations from cybersecurity threats and vulnerabilities.To do this, the blue team must be aware of the organization's business/mission needs, relevant threats, digital footprint, and the associated vulnerabilities. From there, the team can bolster the security posture of the organizations by implementing security controls and mitigations to address the most pressing threats and vulnerabilities.To read this article in full, please click here]]> 2022-08-22T02:00:00+00:00 https://www.csoonline.com/article/3670132/6-best-practices-for-blue-team-success.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6470890 False None None None CSO - CSO Daily Dashboard in an online post. “Don't take this opportunity lightly. You only have one chance to make a first impression.”[ Learn 8 pitfalls that undermine security program success and 12 tips for effectively presenting cybersecurity to the board. | Sign up for CSO newsletters. ] He says critical tasks to handle during onboarding include providing an overview of the security vision, mission, and core values as well as walking new employees through the security strategy and roadmap.To read this article in full, please click here]]> 2022-08-22T02:00:00+00:00 https://www.csoonline.com/article/3669849/7-critical-steps-for-successful-security-onboarding.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6470891 False Guideline None None CSO - CSO Daily Dashboard research from ESG and the Information Systems Security Association (ISSA), 58% of organizations are consolidating or considering consolidating the number of security vendors they do business with.Security technology consolidation is bigger than simply winnowing down vendor count.  Organizations are shifting from traditional best-of-breed security technologies to tightly integrated security technology platforms.  The research illustrates this point: While 24% of respondents say their organization tends to continue to purchase best-of-breed security technologies, 38% say they purchase integrated security technology platforms, while 15% are transitioning purchases from best-of-breed products to security technology platforms (note: the remainder responded “don't know”).To read this article in full, please click here]]> 2022-08-19T02:00:00+00:00 https://www.csoonline.com/article/3669895/five-things-security-pros-want-from-cnapp.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6409220 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-18T12:29:00+00:00 https://www.csoonline.com/article/3670730/staging-a-cyberattack-can-be-as-easy-as-using-ddos-for-hire-services.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6398134 False Threat None None CSO - CSO Daily Dashboard DDoS attack to date after a Cloud Armor customer was targeted by a series of attacks that peaked at 46 million requests per second (rps). Google stated the attack, which occurred on June 1, was at least 76% larger than the previously reported HTTPS DDoS record and showed characteristics that link it to the Mēris attack family.The tech giant said Cloud Armor Adaptive Protection was able to detect and analyze the traffic early in the customer's attack lifecycle, blocking the attack while ensuring the customer's service stayed online. The attack comes amid increasing DDoS activity targeting organizations as attackers employ ever more infrastructure and diversity in campaigns.To read this article in full, please click here]]> 2022-08-18T09:01:00+00:00 https://www.csoonline.com/article/3670748/google-cloud-blocks-largest-https-ddos-attack-ever.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6395800 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-18T04:44:00+00:00 https://www.csoonline.com/article/3670554/zscaler-security-service-edge-why-it-just-works.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6398136 False Threat None None CSO - CSO Daily Dashboard a request for information, asking commenters to answer questions about bringing the CSF up-to-speed on some emerging developments that were only partially covered in the first two versions or not referenced at all. Comments submitted to NIST reflected a wide range of considerations, encouraging NIST to make several improvements including a greater emphasis on measurements and metrics related to the CSF, beefing up supply chain security sections, and offering more implementation guidance on how to adopt the framework. Overall, commenters praised the effort as valid and valuable.To read this article in full, please click here]]> 2022-08-18T04:07:00+00:00 https://www.csoonline.com/article/3670629/nist-csf-2-0-workshop-emphasizes-global-appeal-metrics-and-assessment.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6391923 False None None None CSO - CSO Daily Dashboard what it takes to build a zero trust network. | Sign up for CSO newsletters. ] “I do believe everyone wants to do a good job, but there wasn't a program. There were pieces of a program, they just weren't tied together; it wasn't holistic,” she says.To read this article in full, please click here]]> 2022-08-18T02:00:00+00:00 https://www.csoonline.com/article/3669874/how-abm-built-a-cohesive-security-program-around-zero-trust.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6390443 False None None None CSO - CSO Daily Dashboard endpoint and application protection software to managed security service providers (MSSPs), the company announced Wednesday.The Stratosphere program was initially announced in April, and designed as a simplified channel program that focuses on expected partner margins, instead of set discounts on the product. Volume-based recognition and “medallion tiers” for sales are out. Instead, the company is offering “loyalty points” for achieving a range of different sales-related goals-like creating leads, getting customers certified, or completing business plans.To read this article in full, please click here]]> 2022-08-17T12:10:00+00:00 https://www.csoonline.com/article/3669903/new-deep-instinct-partner-program-targets-mssps-fighting-ransomware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6378538 False Ransomware,Guideline None None CSO - CSO Daily Dashboard universal database of agentless devices currently being used on enterprise networks has been announced by DeviceTotal. The new repository allows the company's customers to identify the accurate security posture for each device in their organization, according to the maker of a security platform for connected devices."It's difficult to get information on agentless devices because every vendor publishes their data the way they want to do it," explains DeviceTotal founder and CEO Carmit Yadin. "There's no standardization. There's no one place you can go today and identify the risk of a device on your network or that you want to purchase. That's why we created this repository."To read this article in full, please click here]]> 2022-08-17T12:09:00+00:00 https://www.csoonline.com/article/3670448/universal-database-of-device-vulnerability-information-launched.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6378539 False Vulnerability None None CSO - CSO Daily Dashboard MDR).Chronicle's new curated detection feature leverages the threat intelligence that Google gains from protecting its own user base into an automated detection service that covers everything from ransomware, infostealers and data theft to simple misconfigured systems and remote access tools.To read this article in full, please click here]]> 2022-08-17T05:00:00+00:00 https://www.csoonline.com/article/3669859/google-updates-chronicle-to-climb-on-managed-detection-and-response-train.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6372535 False Threat None None CSO - CSO Daily Dashboard ransomware, infostealers and data theft to simple misconfigured systems and remote access tools.The new product will integrate authoritative data sources like MITRE ATT&CK to help organizations contextualize and better understand potential threats, as well as providing constantly updated threat information from Google's own security team.To read this article in full, please click here]]> 2022-08-17T05:00:00+00:00 https://www.csoonline.com/article/3669859/google-updates-chronicle-with-enhanced-threat-detection.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6397359 True Threat None None CSO - CSO Daily Dashboard Knowledge Complexity of Interactive Proof Systems, which appeared in a few editions during the 1980's.  As the name implies, the paper undertakes to get an understanding of how knowledge behaves in proving statements between interacting systems. To read this article in full, please click here]]> 2022-08-17T02:00:00+00:00 https://www.csoonline.com/article/3669908/what-is-zk-snark.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6369992 False None None None CSO - CSO Daily Dashboard “Blueprint for Ransomware Defense.” The guide includes recommendations of defensive actions for small- and medium-sized businesses (SMBs) to protect against and respond to ransomware and other common cyberattacks. It focuses on the identify, protect, respond, and recover format that aligns with the National Institute of Standards and Technology (NIST) Cybersecurity Framework. IST's guidelines do not include one item from the NIST framework: the detect function. The authors recommends that SMBs should work with a cybersecurity services provider for that function.To read this article in full, please click here]]> 2022-08-17T02:00:00+00:00 https://www.csoonline.com/article/3669855/ransomware-safeguards-for-small-to-medium-sized-businesses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6369993 False Ransomware None None CSO - CSO Daily Dashboard a new paper released over the weekend, researchers from industrial control systems (ICS) cybersecurity firm Claroty documented proof-of-concept "Evil PLC Attacks" against engineering software from seven ICS manufacturers: Rockwell Automation, Schneider Electric, GE, B&R, Xinje, OVARRO, and Emerson.To read this article in full, please click here]]> 2022-08-16T14:11:00+00:00 https://www.csoonline.com/article/3669914/evil-plc-attack-weaponizes-plcs-to-infect-engineering-workstations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6359408 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-16T05:30:00+00:00 https://www.csoonline.com/article/3669896/safe-security-debuts-two-free-risk-assessment-tools-for-businesses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6352397 False Vulnerability None None CSO - CSO Daily Dashboard DLP, CASB, SSL, IPS, ATP, CIEM, ZTNA, CSPM, ML, SWG, and many others, the alphabet soup can become too much to consume. However, each acronym typically corresponds to technologies or frameworks that address unique challenges that must be solved if an enterprise is to maintain a robust security posture. Therefore, when a new phrase is coined, IT teams need to understand what it refers to, why (or perhaps if) it matters, and whether they need to change the way they go about security.To read this article in full, please click here]]> 2022-08-16T04:15:00+00:00 https://www.csoonline.com/article/3670091/cybersecurity-alphabet-soup-sase-vs-sse.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6351693 False None None 4.0000000000000000 CSO - CSO Daily Dashboard blog posting detailing Cyble's findings, organizations that expose VNCs over the internet by failing to enable authentication broaden the scope for attackers and increase the likelihood of cyber incidents. It detected more than 8,000 exposed VNC instances with authentication disabled. Cyble also found that exposed assets connected via VNCs are frequently sold, bought, and distributed on cybercrime forums and market.To read this article in full, please click here]]> 2022-08-16T03:52:00+00:00 https://www.csoonline.com/article/3670113/exposed-vnc-threatens-critical-infrastructure-as-attacks-spike.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6351009 False Threat None None CSO - CSO Daily Dashboard data breaches since 2019 suggest that regulators are getting more serious about organizations that don't properly protect consumer data. Marriott was hit with a $124 million fine, later reduced, while Equifax agreed to pay a minimum of $575 million for its 2017 breach. Now, the Equifax fine has been eclipsed by the $1.19 billion fine levied against the Chinese firm Didi Global for violating that nation's data protection laws, and by the $877 million fine against Amazon last year for running afoul of the General Data Protection Regulation (GDPR) in Europe.To read this article in full, please click here]]> 2022-08-16T02:00:00+00:00 https://www.csoonline.com/article/3410278/the-biggest-data-breach-fines-penalties-and-settlements-so-far.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6349701 False Data Breach Equifax,Equifax None CSO - CSO Daily Dashboard SolarWinds cybersecurity incident, coupled with Cybersecurity Executive Order (EO) put the topic of software supply chain security, and by association, software bills of material (SBOM) center stage in the security dialog. Coupled with the Log4j vulnerability and impact that left countless organizations scrambling to determine the impact, SBOMs are now a critical component of modern cybersecurity vulnerability programs. To read this article in full, please click here]]> 2022-08-16T02:00:00+00:00 https://www.csoonline.com/article/3669810/vulnerability-exploitability-exchange-explained-how-vex-makes-sboms-actionable.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6349700 False Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-15T02:00:00+00:00 https://www.csoonline.com/article/3670078/top-5-security-risks-of-open-ran.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6338643 False None None None CSO - CSO Daily Dashboard Buzzfeed published a report saying that data of some American users had been repeatedly accessed from China.TikTok's parent company, Beijing-based ByteDance, denied that it shared information with the Chinese government and announced that it had migrated its U.S. user traffic to servers operated by Oracle. Still, it was not enough to clear the air, and security and privacy experts continued to be worried.To read this article in full, please click here]]> 2022-08-15T02:00:00+00:00 https://www.csoonline.com/article/3670110/3-ways-chinas-access-to-tiktok-data-is-a-security-risk.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6338642 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-12T13:00:00+00:00 https://www.csoonline.com/article/3669876/new-exploits-can-bypass-secure-boot-and-modern-uefi-security-protections.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6276545 False None None None CSO - CSO Daily Dashboard Zero trust security management, extended detection and response (XDR), and a host of other threat and vulnerability management offerings were among the top products and services launched at Black Hat USA 2022 this week in Las Vegas.Black Hat is an annual global conference of security professionals, enthusiasts and vendors, serving as a stage for innovation in the cybersecurity field. The exhibition and conference is conducted annually in locations in the US, Europe, Asia and the Middle East, with Las Vegas typically being the biggest event. Here below are some of the more interesting product announcements that took place at the show this week.To read this article in full, please click here]]> 2022-08-11T14:17:00+00:00 https://www.csoonline.com/article/3670073/top-cybersecurity-products-unveiled-at-black-hat-2022.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6257223 False Vulnerability,Threat None None CSO - CSO Daily Dashboard raises the specter of law enforcement weaponization of widely available digitized content against American citizens.To read this article in full, please click here]]> 2022-08-11T13:25:00+00:00 https://www.csoonline.com/article/3670072/ftc-begins-sweeping-commercial-surveillance-and-lax-data-security-rulemaking-process.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6256348 False None None None CSO - CSO Daily Dashboard makes it difficult to anticipate the exponential nature of technological progress, and that holds us back as change accelerates.Futurists frequently apply Moore's Law - which suggests that processing power doubles every two years - to technological advancements. For example, in April 2020, Zscaler announced that the cloud-based Zscaler Zero Trust Exchange was processing more than 100 billion daily transactions. Eighteen months later, the Zscaler Zero Trust Exchange is processing more than 200 billion transactions daily. (Thanks, Gordon!) For context, it's estimated that there are between 7 to 10 billion Google searches and around 5 billion YouTube videos viewed daily. So 200 billion for Zscaler is truly remarkable.To read this article in full, please click here]]> 2022-08-11T11:25:00+00:00 https://www.csoonline.com/article/3670108/security-service-edge-sse-coming-in-hot.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6254605 False None None None CSO - CSO Daily Dashboard research by Titania based on a survey of 160 senior cybersecurity decision makers across a broad array of government and industrial verticals also warned that misconfigurations that leave a business vulnerable to cyberattacks could be sitting on networks for months or years because of infrequent audits of connected devices.To read this article in full, please click here]]> 2022-08-11T10:58:00+00:00 https://www.csoonline.com/article/3670071/network-mistakes-misconfigurations-cost-companies-millions.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6253737 False None None None CSO - CSO Daily Dashboard CSO Germany website on July 29.]Claire Tills, senior research engineer at Tenable, describes the methods of the hacking group Lapsus$ as bold, illogical and poorly thought out. The criminals attacked renowned companies such as Microsoft, Samsung, Nvidia, Vodafone, Ubisoft and Okta. They stole data and sometimes used ransomware to extort their victims.To read this article in full, please click here]]> 2022-08-11T07:48:00+00:00 https://www.csoonline.com/article/3669869/what-happened-to-the-lapsus-hackers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6251267 False Ransomware None None CSO - CSO Daily Dashboard the company said. Cisco claimed it took immediate action to contain and eradicate the bad actor, which it has linked to notorious threat group LAPSUS$. It also said that it has taken the decision to publicly announce the incident now as it was previously actively collecting information about the bad actor to help protect the security community.To read this article in full, please click here]]> 2022-08-11T03:53:00+00:00 https://www.csoonline.com/article/3670068/cisco-admits-hack-on-it-network-links-attacker-to-lapsus-threat-group.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6248126 False Hack,Threat None None CSO - CSO Daily Dashboard Meltdown and Spectre that defeated the fundamental OS security boundaries separating kernel and user space memory. The flaws stemmed from a performance feature of modern CPUs known as speculative execution and mitigating them required one of the biggest patch coordination efforts in history, involving CPU makers, device manufacturers and operating system vendors.Meltdown and Spectre were certainly not the first vulnerabilities to result from a hardware design decision, but their widespread impact sparked the interest of the security research community into such flaws. Since then, many researchers, both from academia and the private sector, have been studying the low-level operation of CPUs and other hardware components and have been uncovering more and more issues.To read this article in full, please click here]]> 2022-08-11T02:00:00+00:00 https://www.csoonline.com/article/3410046/hardware-and-firmware-vulnerabilities-a-guide-to-the-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6246590 False None None None CSO - CSO Daily Dashboard report addressing the rise of state-sponsored disinformation that looked at not only Russian influence campaigns but also Chinese, Iranian and North Korean disinformation efforts. According to the report, a growing number of nation-states, in pursuing geopolitical ends, “are leveraging digital tools and social media networks to spread narratives, distortions, and falsehoods to shape public perceptions and undermine trust in the truth."To read this article in full, please click here]]> 2022-08-11T02:00:00+00:00 https://www.csoonline.com/article/3669392/how-a-venezuelan-disinformation-campaign-swayed-voters-in-colombia.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6247357 False None None None CSO - CSO Daily Dashboard Conti gang.To read this article in full, please click here]]> 2022-08-11T02:00:00+00:00 https://www.csoonline.com/article/3669256/black-basta-new-ransomware-threat-aiming-for-the-big-league.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6247358 False Ransomware,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-10T13:10:00+00:00 https://www.csoonline.com/article/3669808/sensitive-data-in-the-cloud-gets-new-automated-remediation-tool-from-bigid.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6236076 False Tool None None CSO - CSO Daily Dashboard 2022-08-10T07:37:00+00:00 https://www.computerworld.com/article/3669434/microsoft-urges-windows-users-to-run-patch-for-dogwalk-zero-day-exploit.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6231080 False Vulnerability None None CSO - CSO Daily Dashboard In a press release, CrowdStrike stated that Falcon now allows organizations to find emerging attack techniques with IoAs created by AI models trained on real-world adversary behavior and rich threat intelligence. Brian Trombley vice president product management, endpoint security at CrowdStrike, tells CSO that the AI-powered IoAs leverage intelligence from the CrowdStrike Security Cloud, where the firm collects over one trillion security events per day from its customer base.To read this article in full, please click here]]> 2022-08-10T05:00:00+00:00 https://www.csoonline.com/article/3669418/crowdstrike-adds-ai-powered-indicators-of-attack-to-falcon-platform.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6229447 False Threat None None CSO - CSO Daily Dashboard a report. "An analysis of information obtained while investigating the incidents indicates that cyberespionage was the goal of this series of attacks."To read this article in full, please click here]]> 2022-08-10T04:58:00+00:00 https://www.csoonline.com/article/3669236/chinese-apt-group-uses-multiple-backdoors-in-attacks-on-military-and-research-organizations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6229448 False None None None CSO - CSO Daily Dashboard new malware analysis capabilities for IT and operational technology (OT). Revealed at the Black Hat USA 2022 Conference, enhancements include OPSWAT Sandbox for OT with detection of malicious communications on OT network protocols and support for open-source third-party tools in OPSWAT's MetaDefender Malware Analyzer platform, the firm stated. The release comes amid increasing cyberthreats surrounding OT networks in industrial control systems (ICS).To read this article in full, please click here]]> 2022-08-10T04:08:00+00:00 https://www.csoonline.com/article/3669292/opswat-launches-new-malware-analysis-capabilities-for-ics-ot-networks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6228627 False Malware None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-10T02:00:00+00:00 https://www.csoonline.com/article/3669233/8-tips-to-secure-printers-on-your-network.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6226212 False None None None CSO - CSO Daily Dashboard Politico ran a story detailing how the U.S. Department of Justice was investigating a recent data breach of the federal court system, which dated back to early 2020. The chair of the House Judiciary Committee, Jerrold Nadler (D-NY), described the breach as a “system security failure of the U.S. Courts' document management system.”On the same day, July 28, 2022, the U.S. Government Accountability Office (GAO) published the report GAO-22-105068 “U.S. Courts: Action Needed to Improve IT Management and Establish a Chief Information Officer.” The GAO report described systemic shortcomings in the administration of the U.S. court system, including the lack of a CIO, to oversee the substantive infrastructure.To read this article in full, please click here]]> 2022-08-10T02:00:00+00:00 https://www.csoonline.com/article/3669390/u-s-federal-court-breach-reveals-it-and-security-maturation-issues.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6226210 False Data Breach None None CSO - CSO Daily Dashboard experiment conducted at Baylor University found evidence that phishing tests can harm relationships between a company and its employees, causing feelings of betrayal and making them view cybersecurity as harmful.To read this article in full, please click here]]> 2022-08-10T02:00:00+00:00 https://www.csoonline.com/article/3669264/how-harm-reduction-can-more-effectively-reduce-employee-risky-behavior.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6226211 False None None None CSO - CSO Daily Dashboard [1] Companies are the same when it comes to security. Cybercrime is predicted to cost the world $10.5 trillion annually by 2025, up from $3 trillion a decade ago and $6 trillion in 2021.[2] There are 921 password attacks every second - almost double what we saw a year ago. There is one simple action businesses can take to protect against 98% of attacks, but 38% of large companies and 62% of small to mid-size companies don't do it.[3] In fact, across industries, only 22% of customers using Microsoft Azure Active Directory (Azure AD), Microsoft's Cloud Identity Solution, had implemented strong identity authentication protection as of December 2021.To read this article in full, please click here]]> 2022-08-09T11:50:00+00:00 https://www.csoonline.com/article/3669415/is-mfa-the-vegetable-of-cybersecurity.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6215068 False None None None CSO - CSO Daily Dashboard SSE) blog series. Our first blog explores SSE as a platform, and the second looks at the top use cases. In this article, we'll explore what features you should be looking for when selecting an SSE platform.To read this article in full, please click here]]> 2022-08-09T06:00:00+00:00 https://www.csoonline.com/article/3668636/choosing-the-right-security-service-edge-platform.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6211533 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-09T02:00:00+00:00 https://www.csoonline.com/article/3669473/7-best-reasons-to-be-a-ciso.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6209137 False None None None CSO - CSO Daily Dashboard objectives and key results (OKRs) and tracking progress against them.He says they had worked for him in the past, and he believed that introducing their use to the state's security program could be equally useful.“It was a good way for the security team to stay focused. It helps give me and the teams priorities, it gives alignment between the teams, and we get the tracking and accountability,” says Gregg, who was named the state's CISO in late 2021 after working in the position as an interim and prior to that as director of state cyber operations.To read this article in full, please click here]]> 2022-08-09T02:00:00+00:00 https://www.csoonline.com/article/3669409/how-okrs-keep-security-programs-on-track.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6209138 False Guideline None None CSO - CSO Daily Dashboard ransomware and business email compromise (BEC) are leading causes of security incidents for businesses, geopolitics and deepfakes are playing an increasing role, according to reports from two leading cybersecurity companies.VMware's 2022 Global Incident Threat Response Report shows a steady rise in  extortionary ransomware attacks and BEC, alongside fresh jumps in deepfakes and zero-day exploits.To read this article in full, please click here]]> 2022-08-08T10:05:00+00:00 https://www.csoonline.com/article/3669476/ransomware-email-compromise-are-top-security-threats-but-deepfakes-increase.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6204546 False Ransomware,Threat,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-08T06:22:00+00:00 https://www.csoonline.com/article/3669474/transforming-digital-healthcare-through-video-vital-sign-analysis.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6202361 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-08T02:00:00+00:00 https://www.csoonline.com/article/3621608/aws-google-cloud-platform-and-azure-how-their-security-features-compare.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6199850 False None None None CSO - CSO Daily Dashboard Software bills of materials (SBOMs) are becoming a critical component of vulnerability management. Many organizations, however, are still wrestling with understanding fundamental topics in the SBOM discussion, such as the differences among the SBOM formats.What are SBOM formats? SBOM formats are standards for defining a unified structure for generating SBOMs and sharing them with end users or customers. They describe the composition of software in a common format that other tools can understand.The leading SBOM formats are Software Package Data Exchange (SPDX), Software Identification (SWID) Tagging, and CycloneDX. Only SPDX and CycloneDX are being adopted for security use cases. SWID is primarily focused on licensing and is therefore out of scope for this discussion. As the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and others have stated, we will have multiple SBOM formats for some time.To read this article in full, please click here]]> 2022-08-08T02:00:00+00:00 https://www.csoonline.com/article/3668530/sbom-formats-spdx-and-cyclonedx-compared.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6199849 False Vulnerability,Guideline None None CSO - CSO Daily Dashboard MDR), a service providing on-call cybersecurity specialists to track and respond to security threats in real time.The idea is to back Palo Alto's existing automated Cortex extended detection and response (XDR) platform with human expertise, dedicating members of the company's threat response team and others to minimizing unnecessary alerts and prioritizing those from serious threats. It's a response, the company said in a statement, to an increasingly advanced and complicated threat environment-as well as an in-house security landscape that, in many cases, hasn't matured to match.To read this article in full, please click here]]> 2022-08-04T14:35:00+00:00 https://www.csoonline.com/article/3669430/palo-alto-debuts-unit-42-team-for-on-demand-cybersecurity.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6130415 False Threat None None CSO - CSO Daily Dashboard MDR), a service providing on-call cybersecurity specialists to track and respond to security threats in real time.The idea is to back Palo Alto's existing automated Cortex extended detection and response (XDR) platform with human expertise, dedicating members of the company's threat response team and others to minimizing unnecessary alerts and prioritizing those from serious threats. It's a response, the company said in a statement, to an increasingly advanced and complicated threat environment-as well as an in-house security landscape that, in many cases, hasn't matured to match.To read this article in full, please click here]]> 2022-08-04T14:35:00+00:00 https://www.csoonline.com/article/3669430/palo-alto-debuts-unit-42-team-for-managed-detection-and-response.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6131178 True Threat None None CSO - CSO Daily Dashboard ERP systems to its Sentinel SIEM (security information and event management) product.Combining intelligence from the security research team at RiskIQ with existing in-house security findings, Microsoft has developed Microsoft Defender Threat Intelligence, a standalone library of raw adversary data. Microsoft says it is offering the library for free, accessible directly by all users, or from within its existing Defender family of security products, according to a blog post from Vasu Jakkal, a Microsoft vice president for security, compliance, identity, and management.To read this article in full, please click here]]> 2022-08-04T08:39:00+00:00 https://www.csoonline.com/article/3669312/microsoft-bolsters-threat-intelligence-security-portfolio-with-two-new-products.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6125980 False Threat None None CSO - CSO Daily Dashboard ERP systems to its Sentinel SIEM (security information and event management) product.Combining intelligence from the security research team at RiskIQ with existing in-house security findings, Microsoft has developed Microsoft Defender Threat Intelligence, a standalone library of raw adversary data. Microsoft says it is offering the library for free, accessible directly by all users, or from within its existing Defender family of security products, according to a blog post from Vasu Jakkal, a Microsoft vice president for security, compliance, identity, and management.To read this article in full, please click here]]> 2022-08-04T08:39:00+00:00 https://www.csoonline.com/article/3669312/microsoft-boosts-threat-intelligence-with-new-defender-programs.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6131179 True Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-04T07:43:00+00:00 https://www.csoonline.com/article/3669429/the-secret-service-s-missing-text-messages-lessons-for-it-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6125243 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-04T06:46:00+00:00 https://www.csoonline.com/article/3669310/deep-instinct-s-prevention-for-applications-detects-malicious-files-in-transit.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6124518 False Threat None None CSO - CSO Daily Dashboard SSE). Our first blog explored what SSE is as a platform, and the third installment explains what features you should be looking for when selecting an SSE platform.To read this article in full, please click here]]> 2022-08-04T04:04:00+00:00 https://www.csoonline.com/article/3668597/real-world-applications-of-security-service-edge.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6125245 True None None None CSO - CSO Daily Dashboard CNN's exclusive report on the FBI's investigation into how Huawei's equipment could be used to disrupt and listen to U.S. nuclear arsenal communications should not have come as a surprise.To read this article in full, please click here]]> 2022-08-04T02:00:00+00:00 https://www.csoonline.com/article/3669249/china-huawei-and-the-eavesdropping-threat.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6121631 False Threat None 3.0000000000000000 CSO - CSO Daily Dashboard penetration testing (pentesting), taking the vulnerability scan one step farther from guessing a vulnerability could be exploited to proving exactly how it can be. Red team programs are often, incorrectly, synonymously associated with pentesting, but it is a very different function.To read this article in full, please click here]]> 2022-08-04T02:00:00+00:00 https://www.csoonline.com/article/3668536/11-stakeholder-strategies-for-red-team-success-from-a-red-teamer.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6121632 False Vulnerability,Threat None None CSO - CSO Daily Dashboard IAM (identity and access management) firm Ping for a total sale price of $2.8 billion.Ping Identity's flagship product is its PingOne Cloud Platform, which acts as an underlying framework to orchestrate the company's own security products for each step of the identity management process, as well as a way to centrally manage third-party identity solutions.Thoma Bravo partner Seth Boro said in the announcement that Ping's products make it well-suited to address the fast-changing needs of companies using identity management technology.To read this article in full, please click here]]> 2022-08-03T13:16:00+00:00 https://www.csoonline.com/article/3669250/thoma-bravo-snares-ping-identity-in-2-8-billion-go-private-deal.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6112160 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-03T07:19:00+00:00 https://www.csoonline.com/article/3668915/qualys-adds-external-attack-management-capability-to-cloud-security-platform.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6107799 False Tool,Threat None None CSO - CSO Daily Dashboard TSGrinder. It would first review a network for Terminal Services traffic on port 3389. Then attackers would use tools to guess the password to gain network access. They would go after administrator accounts first. Even if we changed the administrator account name or moved the Terminal Services protocol to another port, attackers would often sniff the TCP/IP traffic and identify where it was moved to.To read this article in full, please click here]]> 2022-08-03T02:00:00+00:00 https://www.csoonline.com/article/3668151/tips-to-prevent-rdp-and-other-remote-attacks-on-microsoft-networks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6104285 False Ransomware,Tool None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-03T02:00:00+00:00 https://www.csoonline.com/article/3667324/5-best-practices-for-secure-collaboration.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6104286 False None None None CSO - CSO Daily Dashboard zero trust, has announced a set of new features on Atmos ZTNA (zero trust network access), the software-defined network access module within its cloud-native SSE (security service edge) platform, Atmos.Additionally, the company has revealed a suite of tools to help companies migrate from traditional ZTNA to Atmos' ZTNA service.To read this article in full, please click here]]> 2022-08-02T09:58:00+00:00 https://www.csoonline.com/article/3668596/axis-adds-automation-onboarding-features-to-atmos-ztna-network-access-software.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6092849 False None None 5.0000000000000000 CSO - CSO Daily Dashboard download private data stored on the platform.To read this article in full, please click here]]> 2022-08-02T07:05:00+00:00 https://www.csoonline.com/article/3668571/opsera-gitcustodian-detects-vulnerable-data-in-source-code.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6090796 False None None 5.0000000000000000 CSO - CSO Daily Dashboard survey of more than 500 security professionals. Based on the responses we received, we developed five steps organizations can take to improve their cyber resilience in the process. Keep reading to uncover our insights.To read this article in full, please click here]]> 2022-08-02T06:03:00+00:00 https://www.csoonline.com/article/3668555/security-leaders-share-5-steps-to-strengthening-cyber-resilience.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6090150 False Threat,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-02T02:00:00+00:00 https://www.csoonline.com/article/3668568/why-uniondigital-bank-invests-in-an-ai-driven-approach-to-cybersecurity.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6087746 False None None 4.0000000000000000 CSO - CSO Daily Dashboard software is eating the world” by Marc Andreessen from over a decade ago. Software powers and touches nearly every aspect of modern society, both personally and professionally, and is critical to the modern economy and national security.It can also be said that open-source software (OSS) has eaten the software industry. The Linux Foundation and other groups have estimated that free and open-source software (FOSS) constitutes 70% to 90% of any modern software product. Not only is modern software largely composed of OSS components, but IT leaders are more likely to work with vendors who also contribute to the OSS community.To read this article in full, please click here]]> 2022-08-02T02:00:00+00:00 https://www.csoonline.com/article/3668192/how-openssf-scorecards-can-help-to-evaluate-open-source-software-risks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6087747 False Guideline None 5.0000000000000000 CSO - CSO Daily Dashboard eBPF is a technology that makes it possible to run special programs deep inside the Linux operating system in an isolated way.A variant of BPF, it has become a universal in-kernel virtual machine that allows teams to collect data from Linux applications and network resources more easily and efficiently. By adding eBPF data to its platform, Traceable AI said it is helping CISOs, DevSecOps, and DevOps teams improve API security postures without the need to change kernel source code or add instrumentation.To read this article in full, please click here]]> 2022-08-01T21:01:00+00:00 https://www.csoonline.com/article/3668908/traceable-ai-adds-ebpf-to-security-platform-for-deeper-api-observability-and-visibility.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6085284 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T10:00:00+00:00 https://www.csoonline.com/article/3668794/three-pillars-of-the-autonomous-soc.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6080969 False Threat,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T07:44:00+00:00 https://www.csoonline.com/article/3668655/average-cost-of-data-breaches-hits-record-high-of-435-million-ibm.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6080970 True None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T07:44:00+00:00 https://www.csoonline.com/article/3668655/global-cost-of-data-breach-reaches-record-high-of-435-million-ibm.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6079444 False Data Breach None None CSO - CSO Daily Dashboard CIS Critical Security Controls (CIS Controls) are a prioritized set of actions that mitigate the most common cyber attacks. They translate cyber threat information into action. The CIS Benchmarks are secure configuration recommendations designed to safeguard systems against today's evolving cyber threats. Both CIS best practices provide organizations of all sizes with specific and actionable recommendations to enhance cyber defenses. Both are also mapped to or referenced by a number of industry standards and frameworks like NIST, HIPAA, PCI DSS, and more.To read this article in full, please click here]]> 2022-08-01T05:07:00+00:00 https://www.csoonline.com/article/3668529/solving-the-challenges-of-remediating-configuration-settings.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078545 False Data Breach,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T05:04:00+00:00 https://www.csoonline.com/article/3668154/the-key-to-regularly-performing-configuration-assessments.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078546 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T02:00:00+00:00 https://www.csoonline.com/article/3668200/data-privacy-collect-what-you-need-protect-what-you-collect.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6076006 False None None 3.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-01T02:00:00+00:00 https://www.csoonline.com/article/3668134/5-ways-to-unite-security-and-compliance.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6076007 False Guideline None 5.0000000000000000 CSO - CSO Daily Dashboard a report this week. "During remote support, CISA confirmed the organization was compromised by malicious cyber actors who exploited Log4Shell in a VMware Horizon server that did not have patches or workarounds applied."To read this article in full, please click here]]> 2022-07-29T11:25:00+00:00 https://www.csoonline.com/article/3668652/cisa-releases-iocs-for-attacks-exploiting-log4shell-in-vmware-horizon-and-uag.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6017111 False Vulnerability None None CSO - CSO Daily Dashboard MITRE CVE (Common Vulnerabilities and Exposures) database.The report, "State of Vulnerability Intelligence," includes disclosures-security vulnerabilities in hardware and software products reported by vendors and cybersecurity experts-collected by Flashpoint's in-house vulnerability intelligence database, VulnDB.Flashpoint said that there were huge discrepancies in the severity and classification of vulnerabilities reported by VulnDB, and those recorded in MITRE's CVE database and the NVD database maintained by NIST (the US National Institute of Standards and Technology). NIST and MITRE coordinate their finding and report similar vulnerabilities. Flashpoint cautioned organizations to depend on more comprehensive and specific sources for a clear underatanding of the vulnerability landscape.To read this article in full, please click here]]> 2022-07-29T09:15:00+00:00 https://www.csoonline.com/article/3668692/flashpoint-says-its-vulndb-records-vulnerabilities-that-mitre-cve-missed.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6015276 False Vulnerability None None CSO - CSO Daily Dashboard Zscaler ThreatLabz and Pradeo reveal that malware-laden Android apps in Google's app store-Google Play-continue to be a problem. The latest findings point to multiple instances of apps with the Joker, Facestealer, and Coper malware families in the marketplace. To read this article in full, please click here]]> 2022-07-29T02:00:00+00:00 https://www.csoonline.com/article/3668070/july-was-a-hot-month-for-cybersecurity-research.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6008889 False Malware None None CSO - CSO Daily Dashboard SSE). The second entry highlights the top use cases of SSE, and the third explains what features you should look for when selecting an SSE platform.To read this article in full, please click here]]> 2022-07-28T17:52:00+00:00 https://www.csoonline.com/article/3668691/understanding-sse-components-process-and-advantages.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6011633 False None None None CSO - CSO Daily Dashboard complex web of in-person, online, and hybrid work scenarios while also juggling cloud migration to support their diversified workforce. There's also the increase in the sheer volume of cyber attacks to contend with; between July 2020 and June 2021, there was a 1,070% increase in ransomware attacks alone.[1]For Chief Information Security Officers (CISOs), this has created a variety of new challenges to contend with. Based on our conversations with security leaders, Microsoft has identified the top three focus areas that CISOs are prioritizing today so you can understand what steps your organization should take to guard against ongoing cybersecurity threats.To read this article in full, please click here]]> 2022-07-28T15:04:00+00:00 https://www.csoonline.com/article/3668534/cisos-are-focused-on-these-3-trends-are-you.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5998856 False Ransomware,Guideline None None CSO - CSO Daily Dashboard blog posted today, the company noted its researchers have found that the use of macro-enabled attachments by threat actors has decreased approximately 66% between October 2021 and June 2022."We've seen them switch their tactics away from leveraging malicious macros into other kinds of attacks like LNK files," says Proofpoint Vice President for Threat Research and Detection Sherrod DeGrippo. "We've seen a 1,600% increase over the past ten months or so around using other tactics aside from malicious Office macros. The threat actors got the message that this is coming and are stifling their use of macros against individuals and organizations."To read this article in full, please click here]]> 2022-07-28T10:08:00+00:00 https://www.csoonline.com/article/3668532/attacks-using-office-macros-decline-in-wake-of-microsoft-action.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5993450 False Threat None None CSO - CSO Daily Dashboard most impersonated company in 2021, followed close behind in the second spot, with 10,448 phishing URLs, according to Vade, which offers an email filtering service for phishing, malware, spear phishing, and spam.To read this article in full, please click here]]> 2022-07-28T06:44:00+00:00 https://www.csoonline.com/article/3668790/microsoft-takes-top-spot-as-most-impersonated-brand-in-phishing.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5990823 False None None None CSO - CSO Daily Dashboard endpoint security software and intrusion detection systems (IDS) to spot any attacker who manages to slip past that firewall. The intention isn't to deploy different tools to face different specific threats: rather, a defense in depth strategy assumes that an attacker manages to defeat or bypass one tool, then other tools will pick up the slack and fight back in a different way.To read this article in full, please click here]]> 2022-07-28T02:00:00+00:00 https://www.csoonline.com/article/3667476/defense-in-depth-explained-layering-tools-and-processes-for-better-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5986468 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-27T12:57:00+00:00 https://www.csoonline.com/article/3668592/how-a-cybersecurity-program-can-counter-configuration-drift.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078558 False Tool,Guideline None None CSO - CSO Daily Dashboard Identity Theft Resource Center (ITRC), configuration mistakes were responsible for a third of data breaches that resulted from human error in 2021. Some of these incidents involved misconfigured firewalls that allowed access to internal systems. Others involved unauthorized access to corporate cloud systems and servers.Misconfigurations and state-sponsored attacks Looking ahead, misconfigurations won't likely diminish in prevalence. In fact, Gartner predicted that 99% of cloud security incidents "will be the customer's fault" as a result of misconfigurations by 2023. Threat actors are just too familiar with misconfigurations to give them up as an attack vector. This holds true even for nation-state actors like those in Russia.To read this article in full, please click here]]> 2022-07-27T12:49:00+00:00 https://www.csoonline.com/article/3668648/how-to-minimize-misconfigurations-across-your-systems.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078559 False Threat None None CSO - CSO Daily Dashboard CIS This list contains just a few of the 350+ configuration recommendations for Microsoft Windows Server 2019. Want the full list for this technology? Download the CIS Benchmark for Microsoft Windows Server. Security configuration 1: Disconnect after hours Your organization's workforce probably adheres to a specific work schedule. Even though operating cloud-based systems means you can theoretically work from anywhere (and at any time), it's unlikely most employees would need to log on at 2:00 A.M.To read this article in full, please click here]]> 2022-07-27T12:24:00+00:00 https://www.csoonline.com/article/3668590/5-tips-for-hardening-your-operating-systems.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078560 False None None None CSO - CSO Daily Dashboard CIS Controls and CIS Benchmarks Communities, enabling greater collaboration among experts. Discussions range from the most detailed technical configuration settings to broader cybersecurity policies. Integrating these groups on the same platform provides everyone with greater insight into key initiatives, such as how the content in the CIS Benchmarks map to Safeguards within the CIS Controls.To read this article in full, please click here]]> 2022-07-27T12:15:00+00:00 https://www.csoonline.com/article/3668589/using-security-best-practices-via-a-centralized-resource-hub.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078561 False None None None CSO - CSO Daily Dashboard regulatory frameworks. But the primary responsibility for cybersecurity professionals is to keep their organization's assets and data safe from an attack. A truly efficient approach protects the organization while also meeting compliance requirements. This is where the CIS Critical Security Controls (CIS Controls) and CIS Benchmarks can help.To read this article in full, please click here]]> 2022-07-27T10:10:00+00:00 https://www.csoonline.com/article/3668528/map-your-cybersecurity-program-to-security-best-practices.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078562 False None None None CSO - CSO Daily Dashboard essential cyber hygiene as Implementation Group 1 (IG1) of the CIS Critical Security Controls (CIS Controls).The CIS Controls are a prescriptive, prioritized, and simplified set of cybersecurity best practices. They are used and developed by thousands of cybersecurity experts around the world. The Safeguards included in IG1 represent essential cyber hygiene for any organization and can help protect organizations from all five of the top attack vectors identified in the CIS Community Defense Model (CIS CDM).To read this article in full, please click here]]> 2022-07-27T10:06:00+00:00 https://www.csoonline.com/article/3668155/how-to-improve-your-organizations-cyber-hygiene.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078563 False None None None CSO - CSO Daily Dashboard good cyber hygiene can be especially acute for small- and medium-sized businesses with fully remote or hybrid work environments. Add to the mix limited resources and limited talent focused on cybersecurity, and the challenges can seem overwhelming.Considering this, we've simplified things down to three key elements of a strong cybersecurity program. You need to know how to assess, remediate, and implement security best practices at scale. In more detail, this means: To read this article in full, please click here]]> 2022-07-27T10:01:00+00:00 https://www.csoonline.com/article/3668201/three-key-elements-of-a-strong-cybersecurity-program.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078564 False None None None CSO - CSO Daily Dashboard zero trust access management applications, has announced the latest version of its unified access plane, Teleport 10, which features passwordless access as a single sign-on (SSO) infrastructure access solution.Teleport's unified access plane is an open source identity-based infrastructure access platform that unifies secure access to servers, Kubernetes clusters, applications and databases.To read this article in full, please click here]]> 2022-07-27T06:09:00+00:00 https://www.csoonline.com/article/3668036/teleport-features-passwordless-access-with-new-access-plane-update.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5969701 False None Uber None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-27T05:00:00+00:00 https://www.csoonline.com/article/3668193/gitguardian-launches-ggcanary-project-to-help-detect-open-source-software-risks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5968883 False Guideline None None CSO - CSO Daily Dashboard rare open public hearing today to discuss the proliferating and increasingly troublesome threats from foreign spyware. Despite the mounting evidence that invasive spyware apps such as NSO Group's Pegasus software are used somewhat indiscriminately by despotic regimes against political foes, the U.S. government has done little to address this crisis.The evidence is increasingly hard to ignore, which has prompted the Biden administration and Congress to take limited steps to curtail the abuses of foreign spyware.To read this article in full, please click here]]> 2022-07-27T04:18:00+00:00 https://www.csoonline.com/article/3668152/spyware-infections-continue-as-the-u-s-federal-government-takes-notice.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5968074 False None None None