This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T04:19:01+00:00 www.secnews.physaphae.fr CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-27T03:55:00+00:00 https://www.csoonline.com/article/3668172/sophisticated-uefi-rootkit-of-chinese-origin-shows-up-again-in-the-wild-after-3-years.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5967265 False Malware None None CSO - CSO Daily Dashboard Hiscox Cyber Readiness Report 2022, almost half (48%) of organizations across the U.S. and Europe experienced a cyberattack in the past 12 months. Even more alarming is that these attacks are happening despite businesses doubling down on their cybersecurity spend.Cybersecurity is at a critical inflection point where five megatrends are making the threat landscape riskier, more complicated, and costlier to manage than previously reported. To better understand the evolution of this threat landscape, let's examine these trends in more detail.To read this article in full, please click here]]> 2022-07-27T02:00:00+00:00 https://www.csoonline.com/article/3667442/5-trends-making-cybersecurity-threats-riskier-and-more-expensive.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5966461 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-27T02:00:00+00:00 https://www.csoonline.com/article/3667995/best-practices-for-recovering-a-microsoft-network-after-an-incident.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5966460 False Ransomware None None CSO - CSO Daily Dashboard spear phishing attacks to gain access to Facebook Business accounts.The company said that it has “high confidence” that a Vietnamese threat actor is behind the attacks, which aim malicious messages at LinkedIn users who are likely to have admin access to their companies' Facebook accounts. The threat actor also targets email addresses of potential victims directly.What makes the attack unique, according to WithSecure, is the infostealer malware component, which is designed specifically to gain access to Facebook Business accounts. Previous attacks targeting Facebook did not target Facebook Business accounts in particular.  If a victim can be induced to open a malicious link, the malware scans the infected computer for browsers and extracts cookies that indicate authenticated Facebook sessions for use in gaining access to those accounts. Command and control is handled via the Telegram messaging service, using the Telegram Bot system, and private data is also sent back to the hacker in this way.To read this article in full, please click here]]> 2022-07-26T13:16:00+00:00 https://www.csoonline.com/article/3668002/new-facebook-malware-targets-business-accounts.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5956020 False Malware,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-26T11:20:00+00:00 https://www.csoonline.com/article/3668196/the-cis-benchmarks-what-they-are-and-how-to-use-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078572 False None None None CSO - CSO Daily Dashboard CIS WHY should you add a cybersecurity plan to your budget? Don't wait until there is a problem to start thinking about a cybersecurity plan. A company may not consider cybersecurity in their budgeting. When there is an attack, the costs – both to the bottom line and to your reputation – can be substantial. When creating a budget, consider allowing for investments in strengthening your cybersecurity. It could be for outside support, tools and services, or upgrades to hardware. In the long run, it may be less expensive to consider these preventative measures now than to deal with the fallout of a costly attack later.To read this article in full, please click here]]> 2022-07-26T11:12:00+00:00 https://www.csoonline.com/article/3668071/five-questions-to-ask-when-creating-a-cybersecurity-plan.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6078573 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-26T07:26:00+00:00 https://www.csoonline.com/article/3668170/crowdstrike-adds-container-visibility-and-threat-hunting-capabilities.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5951464 False Threat None None CSO - CSO Daily Dashboard How an unqualified sex worker allegedly infiltrated a top Air Force lab” and our eyes immediately rolled as we read the bizarre case of Dr. James Gord. He maneuvered a 32-year-old sex worker into a position of trust within Spectral Energies, a government contractor associated with the U.S. Air Force Research Laboratory located at Wright Paterson Air Force Base. His motivation? He wished to keep his sexual liaison sub rosa.Stuff right out of Ripley's Believe It or Not. While we sit and smirk at the ridiculousness of the situation, a deeper dive gives CISOs and their organizations food for thought as we dissect how Gord was able to manipulate his business partner and others to successfully place an individual within his company who had no business being there. Specifically, it underscores the value of background checks on individuals being placed into sensitive roles.To read this article in full, please click here]]> 2022-07-26T02:00:00+00:00 https://www.csoonline.com/article/3668131/how-a-sex-worker-became-a-defense-contractor-employee-and-an-insider-threat.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5948149 False Threat Yahoo None CSO - CSO Daily Dashboard what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ] ISACs were established under a presidential directive in 1998 to enable critical infrastructure owners and operators to share cyber threat information and best practices. Besides being sector specific, most ISACs are comprised of large companies with a different set of priorities and challenges than a vast majority of smaller organizations and entities, according to Michael Echols, CEO of the International Association of Certified ISAO's (IACI) at the Kennedy Space Center.To read this article in full, please click here]]> 2022-07-26T02:00:00+00:00 https://www.csoonline.com/article/3406505/what-is-an-isac-or-isao-how-these-cyber-threat-information-sharing-organizations-improve-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5948150 False Threat None None CSO - CSO Daily Dashboard ransomware and other types of cyberattacks.The service starts work before attacks happen, however-part of the offering is expert review and remediation of cyberattack preparedness, ensuring that organizations aren't making easy targets of themselves. If an attack does occur, Kyndryl can provide live expert advice, either virtually or physically at the client's facilities, to help ensure that critical data can be recovered and systems brought back online with a minimum of fuss.To read this article in full, please click here]]> 2022-07-25T14:16:00+00:00 https://www.csoonline.com/article/3668135/kyndryl-launches-recovery-retainer-service-for-cyberattack-response.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5943292 False None None None CSO - CSO Daily Dashboard Phishing, in which an attacker sends a deceptive email tricks the recipient into giving up information or downloading a file, is a decades-old practice that still is responsible for innumerable IT headaches. Phishing is the first step for all kinds of attacks, from stealing passwords to downloading malware that can provide a backdoor into a corporate network.The fight against phishing is a frustrating one, and it falls squarely onto IT's shoulders.To read this article in full, please click here]]> 2022-07-25T02:00:00+00:00 https://www.csoonline.com/article/2132618/9-tips-to-prevent-phishing.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5937541 False None None None CSO - CSO Daily Dashboard SolarWinds software supply chain attack, the ongoing Log4j vulnerability, and the npm maintainer protest code gone wrong have made it clear that we must clean up our software supply chain. That's impossible to do with proprietary software since its creators won't let you know what's inside a program. But with open-source programs, this can be done with a software bill of materials (SBOM), pronounced “s-bomb”.To read this article in full, please click here]]> 2022-07-25T02:00:00+00:00 https://www.csoonline.com/article/3667483/8-top-sbom-tools-to-consider.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5937540 False None None None CSO - CSO Daily Dashboard report released Thursday by HP Wolf Security in collaboration with Forensic Pathways. Cybercriminals are now operating on a professional footing with easy-to-launch malware and ransomware attacks being offered on a software-as-a-service (SaaS) basis, allowing people with even rudimentary IT skills to launch cyberattacks at targets of their choosing, the report notes.It found that competition in the underground has driven down the price of malicious tools, making them affordable to anyone. In an analysis of 174 exploits advertised on the dark web, HP Wolf researchers found an overwhelming number (91%) were selling for less than $10. A look at 1,653 malware ads revealed more than three quarters (76%) selling for under $10. And on average, information stealers were selling for $5, remote access Trojans (RATs) for $3, exploits for $2.23, and crypters for $1.To read this article in full, please click here]]> 2022-07-22T11:20:00+00:00 https://www.csoonline.com/article/3668033/cybercrime-escalates-as-barriers-to-entry-crumble.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5882913 False Ransomware,Malware None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-21T14:28:00+00:00 https://www.csoonline.com/article/3667474/identity-first-security-how-to-keep-your-security-team-strategic.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5862662 False Threat None None CSO - CSO Daily Dashboard ransomware attacks for the second quarter of 2022 totaled 574, representing a 34% slowdown compared to the first quarter of the year, according to a report released Thursday by GuidePoint Research.The most impacted industries were manufacturing and construction, GuidePoint's report said, accounting for 18.3% of all claimed attacks during the quarter. The tech sector was also heavily targeted, as were government agencies. The US was the most-attacked country, according to the report, representing nearly a quarter of all global ransomware victims.To read this article in full, please click here]]> 2022-07-21T13:39:00+00:00 https://www.csoonline.com/article/3668188/ransomware-attacks-slowing-as-2022-wears-on.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5861709 False Ransomware None None CSO - CSO Daily Dashboard Forrester Total Economic Impact (TEI) study and examine the potential return on investment (ROI) enterprises may realize by deploying Netscout's Omnis Arbor Edge Defense (AED). The purpose of this study was to provide readers with a framework for evaluating the potential financial impact of Omnis AED on their organizations. To read this article in full, please click here]]> 2022-07-21T12:06:00+00:00 https://www.csoonline.com/article/3667649/why-proactive-ddos-defense-makes-sense.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5860754 False None None None CSO - CSO Daily Dashboard Managed Extended Detection and Response platform. The upgrade boosts the platform's capabilities to collect intelligence, hunt for threats, and secure mobile devices. Among the new modules added to Deloitte's MXDR offering: Cyber Security Intelligence, which adds to Deloitte's tools and proprietary sources intelligence from CrowdStrike Falcon X. The combination will provide users with actionable indicators of compromise (IoCs), threat notifications, threat actor profiles, industry landscapes, automated sandbox analysis, and threat briefing requests for information. "CSI allows us to be much more proactive in our detection, prevention, and understanding of threats so we can be more proactive in planning with our clients," says Deloitte MXDR leader Curt Aubley. Dynamic Adversary Intelligence, which provides clients with "over-the-horizon" adversary investigations. DAI uses passive intelligence collection methods, including global telemetry, industry-leading application programming interface integrations, refined tradecraft, proprietary analytics of publicly available information, and proprietary sources via Splunk. "DAI gives clients an inside-out view of attackers," Aubley explains. "It can also give a client the information they need to give to authorities to track down adversaries." Digital Risk Protection, which lets a client follow their digital footprint online. "We can fingerprint a client's intellectual property," Aubley says. "Using that information, along with data like domain names, email addresses, and others, we can look on the open web, deep web, and dark web and see if that information has gotten into the hands of an adversary. Then we can let a client know how to best manage any potential crisis that might arise from that leak. We can also look inside their environment to determine how the leak happened." Active Hunt and Response, which includes the use of a "dissolvable agent" that can be planted in the memory of an endpoint and collect data about an attacker while remaining invisible to them. In addition, a new Mobile Prevent, Detection, and Response module has been added to the MXDR platform. It has expanded hunting capabilities and is fully integrated with CrowdStrike Falcon for Mobile Endpoint Detection and Response and CrowdStrike's mobile threat defense.To read this article in full, please click here]]> 2022-07-21T11:38:00+00:00 https://www.csoonline.com/article/3668129/deloitte-expands-its-managed-xdr-platform.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5859804 False Threat,Guideline Deloitte,Deloitte None CSO - CSO Daily Dashboard U.S. government blacklisting the company, effectively drying up a great percentage of their clients to the point where bankruptcy was seen on the horizon.White House nixes L3Harris interest in NSO Then, according to a recent New York Times expose, U.S. defense contractor/supplier L3Harris allegedly attempted a Phoenix-like save and raise the charred NSO from the ashes, with the sub rosa assistance of the U.S. intelligence community. Apparently, L3Harris had its eye on the “zero-click” exploit provided by NSO's Pegasus for resale or exploitation by the U.S. To those not well versed in the government supply and contract world, L3Harris has expertise in the exploitation of cellphones.To read this article in full, please click here]]> 2022-07-21T05:10:00+00:00 https://www.csoonline.com/article/3668030/nso-group-s-pegasus-crashes-as-apple-initiates-dignity-and-justice-fund.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5854214 False Guideline None None CSO - CSO Daily Dashboard CSO 50 award for security innovation.To read this article in full, please click here]]> 2022-07-21T02:00:00+00:00 https://www.csoonline.com/article/3666054/mitre-engage-a-framework-for-deception.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5851426 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-21T02:00:00+00:00 https://www.csoonline.com/article/3667490/cybersecurity-is-a-constant-fire-drill-that-s-not-just-bad-it-s-dangerous.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5851425 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-20T14:58:00+00:00 https://www.csoonline.com/article/3667948/sophos-unifies-threat-analysis-and-response-units-into-x-ops-team.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5839827 False Threat None None CSO - CSO Daily Dashboard Roe v. Wade, which will expose pregnant people in over half of U.S. states to a digital law enforcement surveillance environment, the Biden administration and Congress have kicked into gear to address a spate of privacy and digital protection threats that substantially broaden the scope of privacy and data security protections.To read this article in full, please click here]]> 2022-07-20T12:15:00+00:00 https://www.csoonline.com/article/3667868/spate-of-pending-u-s-privacy-initiatives-could-significantly-impact-businesses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5837886 False None None None CSO - CSO Daily Dashboard company announced Tuesday. The new feature expands the platform's ability to detect, investigate, and respond to in-progress attacks."What we're adding with the CDR capability is the ability to have full visibility for governance of the cloud environment from workload scanning to non-workload related incidents," says Orca CEO and co-founder Avi Shua. "What we're seeing more frequently is that many attacks these days don't involve workloads at all so putting endpoint protection on them is not going to protect an organization."To read this article in full, please click here]]> 2022-07-20T10:58:00+00:00 https://www.csoonline.com/article/3667848/orca-adds-detection-and-response-capabilities-to-its-agentless-cloud-security-solution.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5836920 False None None None CSO - CSO Daily Dashboard 2H 2021 Threat Intelligence Report, which highlights several examples where threat actors have improved the efficacy of long-established attack methods via new modifications and strategies. Such is the case for botnets, which have been around since the 1980s.Innovation throughout historyIndeed, a quick history of botnets illustrates how attackers have modified their strategies for using them over the course of 20 years. The first botnets were deployed on server-class computers. Later, attackers began building distributed denial-of-service (DDoS)-capable botnets by compromising personal computers (PCs) – and attackers continue using compromised PCs to create botnets for launching DDoS attacks today.To read this article in full, please click here]]> 2022-07-20T08:41:00+00:00 https://www.csoonline.com/article/3667320/the-changing-use-of-botnets-will-impact-networks-around-the-world.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5834121 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-20T06:00:00+00:00 https://www.csoonline.com/article/3667497/perception-point-launches-managed-security-service-to-help-eliminate-web-browser-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5832306 False Malware None None CSO - CSO Daily Dashboard study by In-Q-Tel researchers shows a rapid rise in software supply chain attacks starting around 2016, going from almost none in 2015 to about 1,500 in 2020. The Cloud Native Computing Foundation's (CNCF's) catalog of software supply chain attacks also supports a rise in this attack vector.To read this article in full, please click here]]> 2022-07-20T02:00:00+00:00 https://www.csoonline.com/article/3666742/breaking-down-ciss-new-software-supply-chain-security-guidance.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5828670 False Guideline None None CSO - CSO Daily Dashboard decision to block downloaded Excel files containing macros by default. They have said they will push this change out again in the future. If you were caught flat-footed by this decision and suddenly couldn't figure out how to unblock your Excel files that you relied upon, you need to act before Microsoft rolls this out again. Evaluate now why you are allowing such risky behavior and how you can better protect your firm.While Microsoft pulled back from this decision, I urge you to look for additional ways to protect users from phishing lures and attack vectors that include malicious Office files. Because many of these attacks come via email, but not necessarily as email attachments, evaluate whether your phishing protection and user education are appropriate. I've seen many a phishing lure come in via web links, pretend cloud services, and other techniques that bypass traditional antivirus and file filtering.To read this article in full, please click here]]> 2022-07-20T02:00:00+00:00 https://www.csoonline.com/article/3667430/how-to-manage-microsofts-excel-and-office-macro-blocking.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5828669 False None None None CSO - CSO Daily Dashboard Tabletop exercises give your organization an opportunity to practice incident response plans. They are both an opportunity to rehearse and revise existing plans and a training opportunity for new employees.Done well, tabletop exercises “allow for the discovery of ways to reduce your threat surface,” says Stephen Jensen, senior director of operations at the Center for Internet Security (CIS). “When you rehearse in a tabletop format, your written policies go from just being plain policies to becoming well-written policies and procedures.”To read this article in full, please click here]]> 2022-07-20T02:00:00+00:00 https://www.csoonline.com/article/3041383/how-to-conduct-a-tabletop-exercise.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5827769 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T14:00:00+00:00 https://www.csoonline.com/article/3667309/what-is-an-sbom-software-bill-of-materials-explained.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5827770 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T13:30:00+00:00 https://www.csoonline.com/article/3667438/how-csps-can-future-proof-5g-mobile-networks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5827771 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T12:09:00+00:00 https://www.csoonline.com/article/3667318/security-service-edge-sse-reflects-rapidly-changing-security-requirements-here-is-what-you-need-to.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5837895 False None None None CSO - CSO Daily Dashboard SASE (secure access service edge) provider Cato Networks has announced a security service edge (SSE) offering, Cato SSE 360, that includes Cato DLP, a capability for data loss protection across business applications that allows for customizable rules.Along with SSE 360, Cato is also offering a new expert certification for the SSE  architecture."Traditional SSE architectures are mostly proxy-based solutions which have limited visibility and control over WAN traffic as they only take into account the traffic from users to the internet," says Boaz Avigad, director of product marketing at Cato Networks. "However, at some point they'll need to cover data centers, on-prem and cloud. Cato SSE 360 does that."To read this article in full, please click here]]> 2022-07-19T11:20:00+00:00 https://www.csoonline.com/article/3667484/cato-networks-launches-sse-system-with-customizable-dlp-capabilities.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5827772 False None None None CSO - CSO Daily Dashboard a report. "For example, an attacker could exploit some of the vulnerabilities to cut fuel to an entire fleet of commercial or emergency vehicles. Or the attacker could leverage GPS information to monitor and abruptly stop vehicles on dangerous highways. Attackers could choose to surreptitiously track individuals or demand ransom payments to return disabled vehicles to working condition. There are many possible scenarios which could result in loss of life, property damage, privacy intrusions, and threaten national security."To read this article in full, please click here]]> 2022-07-19T08:28:00+00:00 https://www.csoonline.com/article/3667316/gps-trackers-used-for-vehicle-fleet-management-can-be-hijacked-by-hackers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5826462 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T03:34:00+00:00 https://www.csoonline.com/article/3667279/unauthorized-access-jumped-4x-in-2021.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5824194 False Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T02:00:00+00:00 https://www.csoonline.com/article/3667432/10-industry-defining-security-incidents-from-the-last-decade.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5823849 False Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-19T00:01:00+00:00 https://www.csoonline.com/article/3667494/darktrace-launches-new-prevent-ai-security-products-to-pre-empt-cyberthreats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5823203 False Vulnerability None None CSO - CSO Daily Dashboard has announced what it's calling a modern upgrade to passwords. The cloud-based solution addresses four common problems with passwords that create security risks and account friction. Password reuse. When someone tries to access an account covered by the Stytch solution, the password is automatically vetted at HaveIBeenPwnd, a dataset of 12 billion compromised passwords. A password reset is automatically triggered if the password is in the dataset. Strength assessment. When someone creates a password, its strength is automatically assessed using Dropbox's zxcvbn password strength estimator and a suggestion made that a stronger password should be chosen. Account de-duplicating. Users might forget what authentication method they used to access their account. Did they use Facebook or Google? Did they use an email address? Choosing the wrong method can result in creating a duplicate account. Stytch prevents that by permitting an email login that allows an account to be accessed regardless of the original authentication method. Better reset. Someone wants to access their account, but their password isn't immediately available. Rather than reset their password to access their account, Stytch offers an email alternative that allows a user to access an account without a password reset. Enthusiasm, hesitancy for passwordless authentication Stytch co-founder and CEO Reed McGinley-Stempel explains that his company was started with a negative view of passwords. "We still have a negative view of traditional password systems and a lot of the assumptions baked into them," he says, "but if you're a passwordless company that wants to drive passwordless adoption, you can't ignore password innovation."To read this article in full, please click here]]> 2022-07-18T12:34:00+00:00 https://www.csoonline.com/article/3667477/passwordless-company-claims-to-offer-better-password-security-solution.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5819325 False None None None CSO - CSO Daily Dashboard security analyst-that workhorse of security operations-could get even harder.Demand for the position is expected to grow, with the U.S. Bureau of Labor Statistics predicting organizations to add tens of thousands of positions through the decade, with employment for security analysts expected to grow by 33% from 2020 to 2030-much faster than the average for all occupations.To read this article in full, please click here]]> 2022-07-18T02:00:00+00:00 https://www.csoonline.com/article/3666428/6-security-analyst-job-description-red-flags-that-make-hiring-harder.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5815145 False None None None CSO - CSO Daily Dashboard news this morning that Roland Cloutier is stepping away from the TikTok Global CSO role may or may not be surprising.   After all, Roland joined TikTok a couple of years ago, around the same time that TikTok was dragged into some US political maneuverings.  At the time, it wasn't clear if Roland was going to be their CSO-for-life, or if his role was to guide TikTok through a transition and build an excellent foundation for its security future (I guess we know now).To read this article in full, please click here]]> 2022-07-15T08:45:00+00:00 https://www.csoonline.com/article/3667274/tiktok-resets-the-clock-on-security-leadership.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5748353 False Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-15T02:00:00+00:00 https://www.csoonline.com/article/3666737/johnson-and-johnson-ciso-marene-allison-you-can-t-sit-on-today-s-technology.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5741822 False None None None CSO - CSO Daily Dashboard CSO) or chief information security officer (CISO) for the first time to support a deeper commitment to information security.Follow this column to keep up with new appointments to senior-level security roles and perhaps gain a little insight into hiring trends. If you have an announcement of your own that you would like us to include here, contact Amy Bennett, executive editor.To read this article in full, please click here]]> 2022-07-15T02:00:00+00:00 https://www.csoonline.com/article/3204008/new-ciso-appointments.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5741823 False Threat,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-15T02:00:00+00:00 https://www.csoonline.com/article/3155500/the-cso-guide-to-top-security-conferences.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5741824 False Tool None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-14T16:38:00+00:00 https://www.csoonline.com/article/3667311/let-s-talk-about-cloud-threat-hunting.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5730876 False Threat None None CSO - CSO Daily Dashboard personally identifiable information (PII) manages to get a look at it, that can have dire consequences both for the individual and for the organization that stored the data and was supposed to keep it safe. To read this article in full, please click here]]> 2022-07-14T16:00:00+00:00 https://www.csoonline.com/article/3666958/data-breaches-explained-types-examples-and-impact.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5729781 False Data Breach None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-14T13:41:00+00:00 https://www.csoonline.com/article/3667469/cyberespionage-groups-increasingly-target-journalists-and-media-organizations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5727628 False Threat None None CSO - CSO Daily Dashboard first report of the Cyber Safety Review Board (CSRB), formed in February as directed under President Biden's May 2021 cybersecurity executive order. The public-private board comprises top cybersecurity personnel in the federal government and selected private sector information security professionals.To read this article in full, please click here]]> 2022-07-14T12:35:00+00:00 https://www.csoonline.com/article/3667488/cyber-safety-review-board-warns-that-log4j-event-is-an-endemic-vulnerability.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5726558 False None None None CSO - CSO Daily Dashboard recent survey on UC&C, revealed the vast majority of respondents (93%) say collaboration tools are important to their hybrid work policy. This has put enormous pressure on IT professionals to ensure the quality and availability of these vital services. To read this article in full, please click here]]> 2022-07-14T11:22:00+00:00 https://www.csoonline.com/article/3667468/why-maintaining-the-quality-and-availability-of-collaboration-tools-is-key.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5725487 False None None None CSO - CSO Daily Dashboard dubbed Retbleed by researchers from Swiss university ETH Zurich, works against both Intel and AMD CPUs. On Intel it's tracked as CVE-2022-29901 and impacts CPU generations 6, 7 and 8 although to different extents and depending on the mitigations used by the operating system. On AMD it's tracked as CVE-2022-29900 and impacts AMD Zen 1, Zen 1+ and Zen 2 CPUs.To read this article in full, please click here]]> 2022-07-14T03:50:00+00:00 https://www.csoonline.com/article/3667271/new-speculative-execution-attack-retbleed-impacts-intel-and-amd-cpus.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5717217 False None None None CSO - CSO Daily Dashboard Automate, the platform aims to lower the barriers typically associated with security automation."Automation solutions can be great, but oftentimes they require a team of engineers or developers, sometimes both," explains Flashpoint Executive Director of Automation Robert D'Aveta.As everyone in the tech industry knows, engineers and developers can be tough to find. "Unless your organization has a staff of unicorns that can do automation work, that leaves it to ordinary people," D'Aveta says. "That's a barrier to entry for typical automation solutions that low-code automation can help solve."To read this article in full, please click here]]> 2022-07-14T03:27:00+00:00 https://www.csoonline.com/article/3667270/new-flashpoint-offering-automates-incident-response-workflows.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5717218 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-14T02:00:00+00:00 https://www.csoonline.com/article/3666517/mobile-apps-are-a-privacy-nightmare-the-roe-decision-put-them-center-stage.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5716197 False None None 3.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-14T02:00:00+00:00 https://www.csoonline.com/article/3666495/5-key-considerations-for-your-2023-cybersecurity-budget-planning.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5716198 False Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard Cybersecurity Maturity Model Certification (CMMC) 2.0. The latest version of the CMMC requires businesses throughout the U.S. Defense Industrial Base (DIB) to comply with the certification as soon as May 2023 to participate in subsequent Department of Defense (DoD) contract solicitations, with any member of the DIB that stores or handles controlled unclassified information (CUI) required to meet the 110 practices defined at CMMC Maturity Level 2.To read this article in full, please click here]]> 2022-07-13T09:01:00+00:00 https://www.csoonline.com/article/3666832/exostar-launches-new-microsoft-365-cmmc-2-0-solutions-for-smbs.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5698175 False None None None CSO - CSO Daily Dashboard software supply chain attacks, which increased 650% from July 2019 to May 2020 alone.Likewise, data from Netscout's 2H 2021 Threat Intelligence Report shows that hackers remain laser-focused on attacking the digital supply chain. Specifically, there was a 606% increase in attacks against software publishers from 1H 2021, as well as a 162% increase in attacks on computer manufacturers and a 263% increase against computer storage manufacturing. To read this article in full, please click here]]> 2022-07-13T08:13:00+00:00 https://www.csoonline.com/article/3666954/why-hackers-are-increasingly-targeting-digital-supply-chains.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5697144 False Hack,Threat None None CSO - CSO Daily Dashboard Zero Trust security model.On Tuesday, Deloitte unveiled its Zero Trust Access managed service, which is heavily influenced by its recent acquisition of TransientX. Then, on Wednesday, HCL announced a collaboration with Palo Alto Networks to offer managed SASE, cloud security, and threat detection and response for its customers.To read this article in full, please click here]]> 2022-07-13T02:09:00+00:00 https://www.csoonline.com/article/3666594/consulting-firms-jump-on-the-zero-trust-bandwagon.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5688342 False Threat Deloitte,Deloitte None CSO - CSO Daily Dashboard Remote Desktop Protocol (RDP) access and use brute-force attacks like credential stuffing. They know that people tend to reuse credentials that the attackers obtain from stolen databases to attempt to gain access in your network.To read this article in full, please click here]]> 2022-07-13T02:00:00+00:00 https://www.csoonline.com/article/3666692/10-tasks-for-a-mid-year-microsoft-network-security-review.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5687371 False Ransomware,Threat None None CSO - CSO Daily Dashboard BEC attacks have led to over $43 billion in losses between June 2016 and December 2021.To read this article in full, please click here]]> 2022-07-12T14:20:00+00:00 https://www.csoonline.com/article/3666697/office-365-phishing-campaign-that-can-bypass-mfa-targets-10-000-organizations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5676476 False None None None CSO - CSO Daily Dashboard its version of the National Defense Authorization Act (NDAA) for the Fiscal Year 2023 with a $37 billion funding increase over what President Joe Biden requested. This week the whole House will debate the must-pass funding legislation.The NDAA, enacted every year to fund the U.S. military, has in previous years been a vehicle through which a wide swath of cybersecurity legislation has passed, given the struggles that standalone cybersecurity bills experienced. According to the nonprofit research organization Third Way, from 2017 to 2021, Members of Congress included 290 cyber-related provisions in the NDAAs, with the latter two NDAAs accounting for 60% of those provisions.To read this article in full, please click here]]> 2022-07-12T13:51:00+00:00 https://www.csoonline.com/article/3666526/u-s-ndaa-heads-into-the-home-stretch-with-significant-cybersecurity-amendments-pending.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5675564 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-12T12:06:00+00:00 https://www.csoonline.com/article/3666520/enterprises-need-more-protection-against-ddos-attacks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5674663 False Threat None None CSO - CSO Daily Dashboard In a press release, Concentric stated that Eclipse packages are available to all users in three different tiers:To read this article in full, please click here]]> 2022-07-12T08:32:00+00:00 https://www.csoonline.com/article/3666696/concentric-launches-new-data-privacy-and-cybersecurity-solution-eclipse.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5671218 False None None None CSO - CSO Daily Dashboard The State of Industrial Security in 2022 report surveyed 800 senior IT and security officers responsible for these industrial systems.“In the current threat landscape, critical infrastructure is an attractive target for cybercriminals, but unfortunately IIoT/OT security projects often take a backseat to other security initiatives or fail due to cost or complexity, leaving organizations at risk,” said Tim Jefferson, senior vice president for data protection, network, and application security at Barracuda said in a statement accompanying the report.To read this article in full, please click here]]> 2022-07-12T07:06:00+00:00 https://www.csoonline.com/article/3666523/barracuda-report-almost-everyone-faced-an-industrial-attack-in-the-last-year.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5670487 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-12T05:00:00+00:00 https://www.csoonline.com/article/3666813/catalogic-software-adds-newer-detection-and-backup-capabilities.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5669078 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-12T02:00:00+00:00 https://www.csoonline.com/article/3665760/locked-in-how-long-is-too-long-for-security-vendor-contracts.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5667393 False Vulnerability,Guideline None None CSO - CSO Daily Dashboard Devo SOC Performance Report™, are often overwhelmed by the never-ending number of alerts that hit their screens each day. Alert fatigue has become an industry-wide cause of analyst burnout.To read this article in full, please click here]]> 2022-07-11T06:00:00+00:00 https://www.csoonline.com/article/3665658/the-top-3-ai-myths-in-cybersecurity.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5661226 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-11T02:00:00+00:00 https://www.csoonline.com/article/3666052/how-code42-automates-insider-risk-response.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5659316 False None None None CSO - CSO Daily Dashboard estimates that roughly 83% of internet traffic is API-based. Other studies such as those from Salt Security state that API attacks increased over 600% from 2021 to 2022, and Gartner predicts that 90% of web-enabled applications will have broader attack surfaces due to exposed API's. The latest study from Imperva claims that vulnerable APIs are costing organizations between $40 and $70 billion annually.To read this article in full, please click here]]> 2022-07-11T02:00:00+00:00 https://www.csoonline.com/article/3666689/understanding-your-api-attack-surface-how-to-get-started.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5659315 False Studies,Guideline None None CSO - CSO Daily Dashboard cybersecurity advisory about the ransomware known as Maui has been issued by the FBI, CISA and U.S. Treasury Department. The agencies assert that North Korean state-sponsored cyber actors have used the malware since at least May 2021 to target healthcare and public health sector organizations.The FBI surmises that the threat actors are targeting healthcare organizations because those entities are critical to human life and health, so they're more likely to pay ransoms rather than risk disruption to their services. For that reason, the FBI and other agencies issuing the advisory maintain the state-sponsored actors will continue to target healthcare organizations.To read this article in full, please click here]]> 2022-07-08T13:08:00+00:00 https://www.csoonline.com/article/3666516/feds-wave-red-flag-over-maui-ransomware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5616868 False Ransomware,Malware,Threat None None CSO - CSO Daily Dashboard According to the NIST, “Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan industrial and enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location or based on asset ownership ... Zero trust focuses on protecting resources, not network segments, as the network location is no longer seen as the prime component to the security posture of the resource.”To read this article in full, please click here]]> 2022-07-07T15:39:00+00:00 https://www.csoonline.com/article/3666493/the-zero-trust-pillars-of-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5600548 False None None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-07T14:49:00+00:00 https://www.csoonline.com/article/3666512/how-blocking-and-controlling-traffic-can-stop-ddos-attacks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5599866 False None None None CSO - CSO Daily Dashboard cloudvulndb.org, that provides a centralized cloud vulnerabilities database for public access. While the database fills gaps left by MITRE's CVE vulnerability system and the current shared-responsibility model for cloud security issues, it will require additional, widespread industry support in order to be successful, according to security experts.The new vulnerability database is a continuation of Wiz's efforts to streamline the detection and management of cloud vulnerabilities which, it says, often tend to fall between the cracks among current systems.To read this article in full, please click here]]> 2022-07-07T14:39:00+00:00 https://www.csoonline.com/article/3666511/wiz-offers-cve-like-cloud-vulnerability-registry-but-will-it-gain-traction.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5599867 False Vulnerability None None CSO - CSO Daily Dashboard announced a partnership Wednesday that promises to make troubleshooting security problems on endpoints easier. Under the deal, the pair will integrate Splashtop's secure remote access software with Acronis's Cyber Protect Cloud, a backup and cybersecurity platform. Through Splashtop, technicians can take control of computers and resolve issues without leaving the Acronis console.The new arrangement should be especially attractive to managed services providers (MSPs), who use Acronis's platform to allow their support staff to access clients' devices for faster remediation of incidents and more efficient technical support. Splashtop can also be used to provide on-demand help desk support to any computer or mobile device, regardless of device type or operating system, as well as be enabled to allow users to access their work computers remotely.To read this article in full, please click here]]> 2022-07-07T10:00:00+00:00 https://www.csoonline.com/article/3666690/splashtop-teams-with-acronis-for-remote-security-support.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5597211 False None None None CSO - CSO Daily Dashboard SOAR) company Revelstoke has announced enhancements to its CASE management capabilities for provisioning the replication of redundant tasks by security analysts.Revelstoke's Case Automation Security Execution (CASE) management platform will use the company's in-house unified data layer (UDL) to develop and deploy automated, logic-based, sub-workflows for replication, the company said in a statement."This CASE functionality furthers Revelstoke's mission of putting sophisticated security automation in the hands of the security analysts that desperately need it to free them from the manual, repetitive tasks that bog them down," said Josh McCarthy, chief product officer and co-founder at Revelstoke. "This functionality allows them to have powerful blocks of reusable actions that they can apply to any and all cases that come into the system."To read this article in full, please click here]]> 2022-07-07T08:19:00+00:00 https://www.csoonline.com/article/3666728/revelstokes-soar-to-improve-case-management-with-replicable-sub-workflows.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5595917 False None None None CSO - CSO Daily Dashboard 2022-07-07T06:17:00+00:00 https://www.computerworld.com/article/3666688/apple-slaps-hard-against-mercenary-surveillance-as-a-service-industry.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5594638 False None None None CSO - CSO Daily Dashboard Safeguarding Our Future” bulletin. “Protecting Government and Business Leaders at the U.S. State and Local Level from People's Republic of China (PRC) Influence Operations” differs from previous warnings on China's use of social networks, pseudo-state-sponsored hackers, etc. The NSCS highlights how the Chinese intelligence apparatus uses the whole-of-government approach as they work to acquire information in support of the Communist Party of China (CCP) directives.To read this article in full, please click here]]> 2022-07-07T04:26:00+00:00 https://www.csoonline.com/article/3666490/u-s-and-uk-warn-local-governments-businesses-of-chinas-influence-operations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5593384 False Threat,Guideline None None CSO - CSO Daily Dashboard research from ESG and the Information Systems Security Association (ISSA) 58% of organizations are consolidating or considering consolidating the number of security vendors they do business with. It's simply too hard to manage an army of disconnected security point tools, each requiring its own training, implementation, administration, and ongoing support.To read this article in full, please click here]]> 2022-07-07T02:00:00+00:00 https://www.csoonline.com/article/3665913/5-things-security-pros-want-from-xdr-platforms.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5592130 False None None None CSO - CSO Daily Dashboard short supply, and specialized cybersecurity skills are even harder to find. Take, for example, identity and access management skills, for which employers are paying an average 17% premium over base pay, according to the most recent statistics from the Foote Partners IT skills and pay index.Fortunately, for the US Department of Homeland Security (DHS), Amanda Conley is not one to shy away from resourcing rare and specialized skills. In her first staffing role after college, she found and staffed skills to support the design, manufacture and service of aircraft engines and auxiliary power units. “That's when I realized that having the right skills is a competitive advantage for my organization,” she explains. After that, she worked for the public sector, recruiting, hiring and developing skills for a variety of agencies.To read this article in full, please click here]]> 2022-07-07T02:00:00+00:00 https://www.csoonline.com/article/3665653/how-the-u-s-dhs-develops-hard-to-find-cybersecurity-skills.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5592131 False None None None CSO - CSO Daily Dashboard a new report analyzing several recent samples. "Yet more alarming is the effectiveness of BRc4 at defeating modern defensive EDR and AV detection capabilities."To read this article in full, please click here]]> 2022-07-06T16:17:00+00:00 https://www.csoonline.com/article/3666508/attacker-groups-adopt-new-penetration-testing-tool-brute-ratel.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5585350 False Tool,Threat None None CSO - CSO Daily Dashboard according to a report released last week by Capgemini, a provider of technology and digital transformation consulting services.The report, based on a survey of 950 organizations globally, finds that 80% agreed that cybersecurity is a critical component of a smart factory's operations and while more than half (51%) acknowledge the number of cyberattacks will likely increase over the next 12 months, their current levels of preparedness are low.To read this article in full, please click here]]> 2022-07-06T09:58:00+00:00 https://www.csoonline.com/article/3665875/smart-factories-unprepared-for-cyberattacks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5580575 False None None None CSO - CSO Daily Dashboard Zero Trust, protecting both internal and external attack surfaces becomes an Internet-scale challenge.To read this article in full, please click here]]> 2022-07-06T09:38:00+00:00 https://www.csoonline.com/article/3665762/5-attack-elements-organizations-should-monitor-anatomy-of-an-external-attack-surface.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5580576 False None None None CSO - CSO Daily Dashboard 2022 Cybersecurity Skills Gap research report. The lack of qualified cybersecurity professionals is a massive global problem affecting all types of organizations. Because the cybersecurity workforce is not growing fast enough to keep up with new threats, Fortinet has pledged to do something about it. By 2026, Fortinet is committed to training at least one million people in cybersecurity via our Training Advancement Agenda (TAA) and Training Institute programs.To read this article in full, please click here]]> 2022-07-06T08:33:00+00:00 https://www.csoonline.com/article/3665761/advancing-cybersecurity-skillsets-helps-organizations-against-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5579955 False Threat None None CSO - CSO Daily Dashboard ransomware attack on Colonial Pipeline, the U.S. Transportation Safety Administration (TSA) issued in May 2021 a hastily prepared security directive that required oil and gas pipeline companies to report every security incident to the Cybersecurity and Infrastructure Security Agency (CISA) no later than 12 hours after they identify it. Companies that fail to meet this and other security requirements in the directive are reported to be subject to fines starting at $7,000 per day.To read this article in full, please click here]]> 2022-07-06T03:56:00+00:00 https://www.csoonline.com/article/3666050/an-updated-pipeline-security-directive-is-underway-reflecting-tsa-struggles.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5576928 False None None None CSO - CSO Daily Dashboard Keeping PowerShell: Security Measures to Use and Embrace. This guidance recommends keeping PowerShell in your network rather than blocking but offers the following advice to keep it secure.To read this article in full, please click here]]> 2022-07-06T02:00:00+00:00 https://www.csoonline.com/article/3665629/how-to-keep-attackers-from-using-powershell-against-you.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5576334 False Tool None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-06T02:00:00+00:00 https://www.csoonline.com/article/3665692/what-is-decentralized-identity.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5576333 False None None None CSO - CSO Daily Dashboard U.S. National Institute of Standards and Technology (NIST) announced the algorithms that were chosen in the third round of its competition to create a new post-quantum cryptography (PQC) standard built upon encryption algorithms that can resist the powers of quantum processors.NIST made an announcement with several layers. At the core were the choices for the main algorithms: CRYSTALS-Kyber for establishing a key and CRYSTALS-Dilithium for digital signatures. Both share the same theoretical approach which could make it simpler to implement both concurrently. NIST also announced that the digital signatures algorithms Falcon and SPHINCS+ would be standardized. It will also continue to study several other algorithms and perhaps standardize them during the fourth round of the competition.To read this article in full, please click here]]> 2022-07-06T02:00:00+00:00 https://www.csoonline.com/article/3665695/nist-names-new-post-quantum-cryptography-standards.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5576332 False None None None CSO - CSO Daily Dashboard a recent report.To read this article in full, please click here]]> 2022-07-05T11:52:00+00:00 https://www.csoonline.com/article/3665912/apt-campaign-targeting-soho-routers-highlights-risks-to-remote-workers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5566323 False Threat None None CSO - CSO Daily Dashboard according to a new report by a penetration-testing-as-a-service company.The report by BreachLock, based on 8,000 security tests performed in 2021, organizes its findings based on risk. Critical risk findings pose a very high threat to a company's data. High risks could have a catastrophic effect on an organization's operations, assets or individuals. Medium risks could have an adverse impact on operations, assets or individuals.To read this article in full, please click here]]> 2022-07-05T03:40:00+00:00 https://www.csoonline.com/article/3665911/sql-injection-xss-vulnerabilities-continue-to-plague-organizations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5559519 False Vulnerability,Threat None None CSO - CSO Daily Dashboard ransomware program and its infrastructure to third-party cybercriminals known as affiliates who break into networks and deploy it on systems for a cut of up to 75% of the money paid by victims in ransoms. Like most similar RaaS gangs, LockBit engages in double extortion tactics where its affiliates also exfiltrate data out of victim organizations and threaten to publish it online.To read this article in full, please click here]]> 2022-07-05T02:00:00+00:00 https://www.csoonline.com/article/3665871/lockbit-explained-how-it-has-become-the-most-popular-ransomware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5559107 False Ransomware None None CSO - CSO Daily Dashboard identity and access management (IAM) strategies for decades. "It started with mainframe time sharing, so nothing is new," says Jay Bretzmann, program director for security products at IDC. Despite that long experience, there are still opportunities for mistakes, especially when companies are upgrading their IAM platforms to those that can better deal with modern IT deployments.Here are six ways to tell that a company's IAM strategy is failing.1. Users can't access their applications, but criminals can The primary goal of an IAM platform is to allow legitimate users to access the resources that they need, while keeping out the bad guys. If the opposite is happening, then something is wrong. According to the latest Verizon Data Breach Incident Report, stolen credentials were the most common attack method last year, involved in half of all breaches and in over 80% of web application breaches.To read this article in full, please click here]]> 2022-07-05T02:00:00+00:00 https://www.csoonline.com/article/3665234/6-signs-your-iam-strategy-is-failing-and-how-to-fix-it.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5559108 False Data Breach None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-07-04T05:22:00+00:00 https://www.csoonline.com/article/3666049/asia-could-be-placing-all-the-wrong-cybersecurity-bets.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5568407 False Ransomware,Guideline None None CSO - CSO Daily Dashboard Top Threats to Cloud Computing: The Pandemic 11 report released earlier this month. "Data breaches and data loss were the top concerns last year," says CSA Global Vice President of Research John Yeoh. "This year, they weren't even in the top 11.""What that tells me is the cloud customer is getting a lot smarter," Yeoh continues. "They're getting away from worrying about end results-a data breach or loss is an end result-and looking at the causes of those results (data access, misconfigurations, insecure applications) and taking control of them."To read this article in full, please click here]]> 2022-07-04T02:00:00+00:00 https://www.csoonline.com/article/3043030/top-cloud-security-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5548896 False Data Breach,Threat None None CSO - CSO Daily Dashboard API security is getting a facelift, the company announced Thursday- a new Advanced API Security framework will help users identify potential threats, weed out bot traffic and identify data breaches caused by API misconfigurations or attacks.Advanced API Security is an outgrowth of the company's 2016 acquisition of Apigee, which became part of Google in a $625 million deal. According to Google, the new system allows users to dig more deeply into API traffic to detect unusual patterns, which may be signs of an exploit in progress.To read this article in full, please click here]]> 2022-06-30T09:51:00+00:00 https://www.csoonline.com/article/3665909/google-cloud-previews-advanced-new-api-security-features.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486414 False None None None CSO - CSO Daily Dashboard are using upwards of 200 different SaaS offerings, compared to two or three IaaS providers, and only about 30% of organizations have any sort of SaaS security solutions in place.Despite the pervasive use of SaaS, it is overwhelmingly ungoverned with little insight into use, data storage or access control. That's why the Cloud Security Alliance (CSA) created the SaaS Governance Best Practices for Cloud Customers whitepaper, for which I was honored to serve as its co-lead. These are some of the key security takeaways from the SaaS governance best practices guidance.To read this article in full, please click here]]> 2022-06-30T02:00:00+00:00 https://www.csoonline.com/article/3664935/key-takeaways-from-csa-s-saas-governance-best-practices-guide.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486416 False Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-06-30T02:00:00+00:00 https://www.csoonline.com/article/3664937/how-you-handle-independent-contractors-may-determine-your-insider-threat-risk.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486415 False Threat None None CSO - CSO Daily Dashboard has introduced new software development practices and technology to strengthen the integrity of its build environment. It includes what SolarWinds says is the first-of-its-kind “parallel build” process, where the software development takes place through multiple highly secure duplicate paths to establish a basis for integrity checks.To read this article in full, please click here]]> 2022-06-29T16:25:00+00:00 https://www.csoonline.com/article/3665650/solarwinds-creates-new-software-build-system-in-wake-of-sunburst-attack.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5459968 False Threat Solardwinds None CSO - CSO Daily Dashboard MITRE ATT&CK threat classification and response framework and baked-in protection against DDoS attacks.Cloud Armor is Google's brand name for its DDoS mitigation and web application firewall service. It replicates many of the techniques used in traditionally structured DDoS protection systems, including per-client rate limiting, captchas to help weed out bot requests, and machine learning to counteract Layer 7 attacks. MITRE inclusion allows users to map Google Cloud's built-in security controls onto the MITRE ATT&CK rubric of threat classification and response planning, letting users automate certain types of security response.To read this article in full, please click here]]> 2022-06-29T12:52:00+00:00 https://www.csoonline.com/article/3665649/google-cloud-gets-new-built-in-security-features.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486418 False Threat None None CSO - CSO Daily Dashboard container attacks at runtime.Drift Control will function as part of Sysdig Secure, built to detect vulnerabilities in containers. Sysdig Secure is a component in Sysdig's container intelligence platform, which includes several container-oriented security applications.Aiming to detect, prevent and speed incident response for containers that were modified in production, also known as container drifts, Drift Control offers the ability to close "dangerous security gaps" created due to deviations from the trusted original container.To read this article in full, please click here]]> 2022-06-29T12:36:00+00:00 https://www.csoonline.com/article/3665648/sysdig-secure-update-adds-ability-to-stop-container-attacks-at-runtime.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5456608 False None None None CSO - CSO Daily Dashboard operational technology (OT) attacks and their impact on organizations. Fortinet recently released its 2022 State of Operational Technology and Cybersecurity Report revealing that 93% of OT organizations experienced one intrusion in the past year and 78% of them experienced more than three intrusions. The survey also found that CISOs and business leaders consider OT security a top concern. Outlined below are steps leaders can take to improve their OT security posture to decrease the risk of threats and keep up with bad actors.To read this article in full, please click here]]> 2022-06-29T08:42:00+00:00 https://www.csoonline.com/article/3665236/four-key-ways-cisos-can-strengthen-ot-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5453364 False Threat,Guideline None None CSO - CSO Daily Dashboard zero-days exploited in the wild has been high over the past year and a half, with different kinds of actors using them. These vulnerabilities, which are unknown to the software maker, are leveraged by both state-sponsored groups and ransomware gangs.During the first half of this year, Google Project Zero counted almost 20 zero-days, most of which target products built by Microsoft, Apple and Google, with browsers and operating systems taking up large chunks. In addition, a critical remote code execution vulnerability was found in Atlassian's Confluence Server, which continues to be exploited. But in 2021, the number of in-the-wild zero-days was even higher. Project Zero found 58 vulnerabilities, while Mandiant detected 80--more than double compared to 2020.To read this article in full, please click here]]> 2022-06-29T02:00:00+00:00 https://www.csoonline.com/article/3665131/why-more-zero-day-vulnerabilities-are-being-found-in-the-wild.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486421 False Ransomware,Vulnerability None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-06-29T02:00:00+00:00 https://www.csoonline.com/article/3665051/how-and-why-threat-actors-target-microsoft-active-directory.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5486422 False Threat None None CSO - CSO Daily Dashboard blog post confirms that Killnet warned about the attacks on the Telegram channel, highlighting the cloud-based instant messaging platform's use as a popular communication channel for threat actors.To read this article in full, please click here]]> 2022-06-28T08:47:00+00:00 https://www.csoonline.com/article/3664859/russian-ddos-attack-on-lithuania-was-planned-on-telegram-flashpoint-says.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5432850 False Threat None None CSO - CSO Daily Dashboard in-depth examination of the early cyber lessons learned from the war in Ukraine, offering fresh insight into the scope of Russia's malicious digital activities and new details about the sophisticated and widespread Russian foreign influence operations surrounding the war. Microsoft has been uniquely positioned to observe the digital landscape in Ukraine since Russia invaded on February 24 and even before then.To read this article in full, please click here]]> 2022-06-28T05:00:00+00:00 https://www.csoonline.com/article/3664858/microsofts-defending-ukraine-report-offers-fresh-details-on-digital-conflict-and-disinformation.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=5485604 False None None None