This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T14:00:23+00:00 www.secnews.physaphae.fr CSO - CSO Daily Dashboard Business Email Compromise (BEC) attacks on companies worldwide. The first group, Midnight Hedgehog, engages in payment fraud, while the second group, Mandarin Capybara, executes payroll diversion attacks. Both groups have launched BEC campaigns in at least 13 different languages, including Danish, Dutch, Estonian, French, German, Hungarian, Italian, Norwegian, Polish, Portuguese, Spanish, and Swedish, the researchers noted.While attacking targets across various regions and using multiple languages is not new, in the past, these attacks were perpetrated mainly by sophisticated organizations with bigger budgets and more advanced resources, Crane Hassold, director of Threat Intelligence at Abnormal Security, wrote in his research. To read this article in full, please click here]]> 2023-02-16T03:08:00+00:00 https://www.csoonline.com/article/3688429/bec-groups-are-using-google-translate-to-target-high-value-victims.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8310812 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-14T09:36:00+00:00 https://www.csoonline.com/article/3687678/a-faster-better-way-to-detect-network-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8310135 False Tool,Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-14T09:36:00+00:00 https://www.csoonline.com/article/3687678/protection-groups-within-netscouts-omnis-cyber-intelligence-secure-your-most-valuable-assets.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8310894 True Tool,Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard notice of the data breach with the Attorney General of Montana on February 10 after discovering that a threat actor had accessed confidential information of certain current and former employees. “As a precautionary measure, we are writing to make you aware of an incident that may affect the security of some of your personal information,” the company wrote in its incident report. It said that as of now it is not aware of any kind of identity theft or fraud involving the leaked personal data. To read this article in full, please click here]]> 2023-02-14T04:04:00+00:00 https://www.csoonline.com/article/3687741/pepsi-bottling-ventures-suffers-data-breach.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8310003 False Data Breach,Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-09T13:24:00+00:00 https://www.csoonline.com/article/3687729/security-trends-to-watch-in-2023.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8308686 False Threat,Prediction None 1.00000000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-09T02:00:00+00:00 https://www.csoonline.com/article/3687222/yes-cisos-should-be-concerned-about-the-types-of-data-spy-balloons-can-intercept.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8308507 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-08T11:13:00+00:00 https://www.csoonline.com/article/3687628/threat-group-targets-over-1-000-companies-with-screenshotting-and-infostealing-malware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8308349 False Malware,Threat None 3.0000000000000000 CSO - CSO Daily Dashboard Microsoft Digital Defense Report aggregates security data from organizations and consumers across the cloud, endpoints, and the intelligent edge to create a high-level overview of our threat landscape. With insights derived from 43 trillion daily security signals, companies can use this report to strengthen their cyber defenses against the most pressing threats.This year, the report is divided into five sections covering trends in cybercrime, nation-state threats, devices and infrastructure, cyber-influence operations, and cyber resiliency. Keep reading for an inside look at section five of the report on cyber resiliency.To read this article in full, please click here]]> 2023-02-06T12:53:00+00:00 https://www.csoonline.com/article/3687218/building-the-path-to-cyber-resilience-exploring-the-microsoft-digital-defense-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8309803 False Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard Microsoft Digital Defense Report. Organizations can use this tool to understand their most pressing cyber threats and strengthen their cyber defenses to withstand an evolving digital threat landscape.Comprised of security data from organizations and consumers across the cloud, endpoints, and the intelligent edge, the Microsoft Digital Defense Report covers key insights across cybercrime, nation-state threats, devices and infrastructure, cyber-influence operations, and cyber resiliency. Keep reading to explore section four of the report: cyber-influence operations.To read this article in full, please click here]]> 2023-02-06T06:43:00+00:00 https://www.csoonline.com/article/3687215/tackling-cyber-influence-operations-exploring-the-microsoft-digital-defense-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8307550 False Tool,Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard CVEs) in 2023, a 13% increase over 2022.The predictions are a part of the company's Cyber Threat Index, which was compiled using data gathered by the company's active risk management and reduction technology, combining data from underwriting and claims, internet scans, its global network of honeypot sensors, and scanning over 5.2 billion IP addresses.To read this article in full, please click here]]> 2023-02-06T05:27:00+00:00 https://www.csoonline.com/article/3687137/vulnerabilities-and-exposures-to-rise-to-1-900-a-month-in-2023-coalition.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8307537 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard In January, the group claimed to have obtained the personal information of more than 200,000 Charlie Hebdo customers after access to a database, which Microsoft believes was in response to a cartoon contest conducted by the magazine. The information included a spreadsheet detailing the full names, telephone numbers, and home and email addresses of accounts that had subscribed to, or purchased merchandise from, the publication.To read this article in full, please click here]]> 2023-02-06T04:39:00+00:00 https://www.csoonline.com/article/3687214/microsoft-attributes-charlie-hebdo-attacks-to-iranian-nation-state-threat-group.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8307523 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-02-02T01:00:00+00:00 https://www.csoonline.com/article/3686580/apt-groups-use-ransomware-ttps-as-cover-for-intelligence-gathering-and-sabotage.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8306508 False Ransomware,Threat,Medical APT 38 2.0000000000000000 CSO - CSO Daily Dashboard Microsoft Digital Defense Report. This year's report focuses on five key topics: cybercrime, nation-state threats, devices and infrastructure, cyber-influence operations, and cyber resiliency. With intelligence from 43 trillion daily security signals, organizations can leverage the findings presented in this report to strengthen their cyber defenses.To read this article in full, please click here]]> 2023-02-01T15:21:00+00:00 https://www.csoonline.com/article/3687028/nation-state-threats-and-the-rise-of-cyber-mercenaries-exploring-the-microsoft-digital-defense-repo.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8306412 False Threat None 1.00000000000000000000 CSO - CSO Daily Dashboard API integration with Microsoft 365 and Google Workspace. Guardz automatically enrolls all user accounts upon activation, and monitors risk posture, performs threat detection on all monitored accounts and devices, and offers one-click remediation for some threats.To read this article in full, please click here]]> 2023-01-31T07:41:00+00:00 https://www.csoonline.com/article/3686534/guardz-debuts-with-cybersecurity-as-a-service-for-small-businesses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8305920 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard blog on the company's website, threat actors satisfied Microsoft's requirements for third-party OAuth apps by abusing the Microsoft “verified publisher” status, employing brand abuse, app impersonation and other social engineering tactics to lure users into authorizing malicious apps.To read this article in full, please click here]]> 2023-01-31T04:02:00+00:00 https://www.csoonline.com/article/3686573/threat-actors-abuse-microsoft-s-verified-publisher-status-to-exploit-oauth-privileges.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8305875 False Threat None 3.0000000000000000 CSO - CSO Daily Dashboard threat actor DragonSpark. The threat actor was observed using open source tool SparkRAT for its attacks, according to a report by SentinelOne. SparkRAT is multi-platform, feature-rich, and frequently updated with new features, making the Remote Access Trojan (RAT) attractive to threat actors.To read this article in full, please click here]]> 2023-01-25T04:31:00+00:00 https://www.csoonline.com/article/3686275/chinese-threat-actor-dragonspark-targets-east-asian-businesses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303954 False Tool,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard CSI's annual survey of the financial sector. It received responses from 228 banking executives, 171 of them at vice-president level or above. To read this article in full, please click here]]> 2023-01-24T07:36:00+00:00 https://www.csoonline.com/article/3686033/p-to-p-fraud-most-concerning-cyber-threat-in-2023-csi.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303733 False Ransomware,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2023-01-24T07:21:00+00:00 https://www.csoonline.com/article/3686271/3-critical-firewall-attributes-for-today-s-network.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303734 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard Synthesis platform is being released on a “freemium” basis-the base version is available at no cost, but supplement features can be purchased.Skyhawk claims the platform improves upon products focused on identifying numerous static cloud security misconfigurations by employing machine learning (ML) to find correlated sequences of high-priority runtime events and identify paths of least resistance that are exploited to compromise cloud infrastructure.To read this article in full, please click here]]> 2023-01-24T02:00:00+00:00 https://www.csoonline.com/article/3686268/skyhawk-launches-platform-to-provide-threat-detection-and-response-across-multi-cloud-environments.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8303653 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard report. We gathered insight from dozens of subject matter experts all throughout Cisco to tell a data-driven story about the major security events Cisco responded to, trends in the threat landscape, and what it all means for 2023.As we reviewed the major events from this year, one throughline seemed particularly clear: adversaries are adapting to shifts in the geopolitical landscape, actions from law enforcement, and the efforts of defenders. Organizations, IT leaders, and security professionals will need to track and address these shifts in behavior to maintain resilience.To read this article in full, please click here]]> 2023-01-19T07:59:00+00:00 https://www.csoonline.com/article/3686091/not-if-but-when-maintaining-resilience-as-threat-actors-adapt.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302594 False Threat,Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard Palo Alto Networks report. The Chinese threat actor also known as APT15, KeChang, NICKEL, BackdoorDiplomacy, and Vixen Panda, was observed attempting to connect government domains to malware infrastructure previously associated with the APT group, according to the report.“Playful Taurus continues to evolve their tactics and their tooling. Recent upgrades to the Turian backdoor and new C2 infrastructure suggest that these actors continue to see success during their cyber espionage campaigns,” Palo Alto Networks said in a blog. To read this article in full, please click here]]> 2023-01-19T04:27:00+00:00 https://www.csoonline.com/article/3686088/chinese-hackers-targeted-iranian-government-entities-for-months-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302529 False Malware,Threat APT 25,APT 15 3.0000000000000000 CSO - CSO Daily Dashboard Microsoft Digital Defense Report, which was first released in 2020. This latest edition explores the most pressing cyber threats while also providing insight and guidance on how organizations can strengthen their cyber defenses.To read this article in full, please click here]]> 2023-01-18T12:27:00+00:00 https://www.csoonline.com/article/3685929/the-state-of-cybercrime-in-2022-exploring-the-microsoft-digital-defense-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302355 False Threat None 4.0000000000000000 CSO - CSO Daily Dashboard In a press release, Trustwave stated that its security teams regularly perform advanced threat hunting to study the tactics, techniques, and procedures (TTPs) of sophisticated threat actors. Trustwave's new intellectual property (IP) goes beyond indicators of compromise (IoC) to uncover new or unknown threats by hunting for indicators of behavior (IoB) associated with specific attackers.To read this article in full, please click here]]> 2023-01-18T06:00:00+00:00 https://www.csoonline.com/article/3685575/trustwave-relaunches-advanced-continual-threat-hunting-with-human-led-methodology.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302265 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard the firm stated.Help desk, customer service teams key attack targets In organizations, help desk and customer support staff often have access to workstations, mobile devices, routers, and servers, as well as the complete digital workplace system and the data associated with it. They also typically communicate regularly with people outside of the organization. These factors make them attractive attack targets and particularly vulnerable to external threats originating from malicious content. Content uploaded externally can potentially be used as a vehicle for cyberattacks, allowing malicious payloads to enter an organization's system, Perception Point noted in its announcement.To read this article in full, please click here]]> 2023-01-18T06:00:00+00:00 https://www.csoonline.com/article/3685383/perception-point-launches-advanced-threat-protection-for-zendesk.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8302266 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard 2022 IBM Cost of a Data Breach Report, the global average cost of a data breach is $4.35 million. Data breaches in the US are even more costly, averaging over $9 million. However, it isn't just the big players caught in the line of fire. IBM's report also found that 83% of companies will experience a data breach soon, meaning financial institutions of all sizes - from local credit unions to Fortune 500s - are at risk. While ransomware attacks get the most time in the financial headlines, most breaches aren't caused by external factors or threat actors. The majority of system availability problems actually occur due to a lack of staff knowledge and protective protocols, software issues and limited security visibility across the institution. However, “more visibility” is not synonymous with “seeing more alerts.” In fact, the opposite is true. Keep reading to see how Devo SOAR helped a leading US bank streamline its SOC.To read this article in full, please click here]]> 2023-01-12T10:00:00+00:00 https://www.csoonline.com/article/3685191/how-financial-institutions-can-soar-to-success-with-devo-soar.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8300630 False Ransomware,Data Breach,Threat,Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard projected to reach $2.36 billion by 2027, and small to mid-size enterprises are leading the way.To read this article in full, please click here]]> 2023-01-10T09:48:00+00:00 https://www.csoonline.com/article/3685230/the-converging-future-of-xdr-and-threat-hunting.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8299608 False Threat,Guideline None 1.00000000000000000000 CSO - CSO Daily Dashboard the Sophos' 2023 Threat Report, which details how the cyberthreat landscape has changed due to an easier barrier of entry for criminal hopefuls.Threat researchers with Sophos say the expansion is due to the commoditization of “malware-as-a-service” and the sale of stolen credentials and other sensitive data. Today, nearly every aspect of the cybercrime toolkit - from initial infection to ways to avoid detection - is available for purchase on the dark web, say researchers. This thriving business selling what once would have been considered “advanced persistent threat” tools and tactics means any would-be criminal can buy their way into exploitation for profit.To read this article in full, please click here]]> 2023-01-10T08:14:00+00:00 https://www.csoonline.com/article/3685069/cybercrime-as-a-service-ransomware-still-on-the-rise.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8299592 False Ransomware,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard security incident and event management (SIEM), endpoint detection and response (EDR), and even security orchestration and response (SOAR). In fact, some XDR platforms listed here are the fusion of existing tools the vendor has offered for some time.To read this article in full, please click here]]> 2023-01-09T02:00:00+00:00 https://www.csoonline.com/article/3684850/11-top-xdr-tools-and-how-to-evaluate-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8299129 False Tool,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard Log4Shell, officially tracked as CVE-2021-44228, was discovered in December 2021 in Log4j, a widely popular open-source Java library that's used for logging. Initially disclosed as a zero-day, the project's developers quickly created a patch, but getting that patch widely adopted and deployed proved challenging because it relies on developers who used this component in their software to release their own updates.To read this article in full, please click here]]> 2022-12-28T02:00:00+00:00 https://www.csoonline.com/article/3684108/log4shell-remains-a-big-threat-and-a-common-cause-for-security-breaches.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8295482 False Vulnerability,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-12-20T07:32:00+00:00 https://www.csoonline.com/article/3683888/managing-risk-would-be-easier-if-it-weren-t-for-people.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8293086 False Threat,Guideline None 1.00000000000000000000 CSO - CSO Daily Dashboard a new report about the incident. "In recent attacks, some threat actors have turned to the use of Windows drivers to disable security products."To read this article in full, please click here]]> 2022-12-14T14:07:00+00:00 https://www.csoonline.com/article/3683288/cuba-ransomware-group-used-microsoft-developer-accounts-to-sign-malicious-drivers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8291350 False Ransomware,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard DDoS Threat Intelligence Report from NETSCOUT. These include adaptive distributed denial-of-service (DDoS), direct-path TCP-based DDoS, proliferation of botnets, sociopolitical fallout, and collateral damage. The thing these trends all have in common is they are designed to evade common DDoS defense measures and cause maximum harm to targets and others in their proximity. DDoS always attempts to disrupt, destabilize, and deny availability and often succeeds. The only thing that can prevent its success is a well-designed network with intelligent DDoS mitigation systems (IDMSs). For many organizations, common myths can lead to poor choices and overconfidence when it comes to properly architecting a solution.To read this article in full, please click here]]> 2022-12-13T15:57:00+00:00 https://www.csoonline.com/article/3682658/3-common-ddos-myths.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8291034 False Threat,Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard ransomware and business email compromise as the most common attacks faced by businesses worldwide, with supply chain threats, malicious insiders and DDoS attacks rounding out the top five. Over the course of the past year, 96% of respondents to the company's executive survey said that they'd experienced at least one security breach, and over half said that they'd experienced three or more. Fully 84% said that they pin the responsibility for increased security incidents in the past year on the growing prevalence of remote work.To read this article in full, please click here]]> 2022-12-13T12:37:00+00:00 https://www.csoonline.com/article/3682754/palo-alto-networks-flags-top-cyberthreats-offers-new-zero-day-protections.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8290921 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard right technologies can undoubtedly go a long way in protecting organizations against cybercrime. Still, the reality is that employees are an organization's first line of defense when it comes to halting bad actors. Cybersecurity is everyone's job, not just the responsibility of the security and IT teams.To read this article in full, please click here]]> 2022-12-13T11:30:00+00:00 https://www.csoonline.com/article/3682753/staying-cyber-safe-this-holiday-season-with-security-awareness-training.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8290902 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard claim that the global skills shortage creates additional cyber risks for their organization, including 80% who reported experiencing at least one breach during the last 12 months that they attributed to the cybersecurity skills gap.The always-changing threat landscape, with fewer skilled people makes it nearly impossible to keep ahead of threats. That's why it's time to talk about the human element – specifically your Security Operations Center (SOC) analysts – and their role in your cybersecurity framework.To read this article in full, please click here]]> 2022-12-08T05:35:00+00:00 https://www.csoonline.com/article/3682078/want-to-help-your-analysts-embrace-automation-and-outsourcing.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8289345 False Threat,Guideline None 2.0000000000000000 CSO - CSO Daily Dashboard In an announcement, Action1 stated that the new enhancement helps ensure that any attempt at misuse of its remote management platform is identified and terminated before cybercriminals accomplish their goals. “It scans user activity for suspicious patterns of behavior, automatically suspends potentially malicious accounts, and alerts Action1's dedicated security team to investigate the issue,” it added.To read this article in full, please click here]]> 2022-12-06T06:00:00+00:00 https://www.csoonline.com/article/3681933/action1-launches-threat-actor-filtering-to-block-remote-management-platform-abuse.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8288271 False Ransomware,Tool,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard MITRE ATT&CK framework has been of interest to security operations professionals. In the early years, the security operations center (SOC) team used MITRE as a reference architecture, comparing alerts and threat intelligence nuggets with the taxonomy's breakdown of adversary tactics and techniques. Based on ESG research, MITRE ATT&CK usage has reached an inflection point. Security teams not only recognize its value as a security operations foundation but also want to build upon this foundation with more use cases and greater benefits.To read this article in full, please click here]]> 2022-12-06T02:00:00+00:00 https://www.csoonline.com/article/3681990/the-changing-role-of-the-mitre-att-ck-framework.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8288163 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard Elevate Health, praises the instincts that stopped the attacks from causing financial or reputational damage. Yet, he contends that expecting users to be the frontline defense against rampant phishing, pharming, whaling, and other credential-based attacks increasingly taking place over out-of-band channels is a recipe for disaster.To read this article in full, please click here]]> 2022-12-05T02:00:00+00:00 https://www.csoonline.com/article/3681328/when-blaming-the-user-for-a-security-breach-is-unfair-or-just-wrong.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8287760 False Threat,Guideline None 3.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-11-28T13:58:00+00:00 https://www.csoonline.com/article/3681095/threat-notification-isn-t-the-solution-it-s-a-starting-point.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8274284 False Tool,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard released a list of YARA detection rules for malicious variants of the legitimate Cobalt Strike penetration testing framework that are being used by hackers in the wild. Cobalt Strike is a commercial attack framework designed for red teams that has also been adopted by many threat actors, from APT groups to ransomware gangs and other cybercriminals.Living off the land is a common tactic The abuse by attackers of system administration, forensic, or security tools that are either already installed on systems or can be easily deployed without raising suspicion has become extremely common. The use of this tactic, known as living off the land (LOTL), used to be a telltale sign of sophisticated cyberespionage groups who moved laterally through environments using manual hacking and placed great value on stealth.To read this article in full, please click here]]> 2022-11-28T02:00:00+00:00 https://www.csoonline.com/article/3681333/here-is-why-you-should-have-cobalt-strike-detection-in-place.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8269413 False Ransomware,Threat None 4.0000000000000000 CSO - CSO Daily Dashboard MITRE Engage, a cyber adversary engagement framework.To read this article in full, please click here]]> 2022-11-22T02:00:00+00:00 https://www.csoonline.com/article/3680371/know-thy-enemy-thinking-like-a-hacker-can-boost-cybersecurity-strategy.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8159077 False Hack,Threat,Guideline None 3.0000000000000000 CSO - CSO Daily Dashboard Unit 42 wrote in a blog posting. Actors linked to the Conti ransomware group had success with this type of attack with the BazarCall campaign, which focused on tricking victims into downloading the BazarLoader malware. This malware element is synonymous with traditional callback phishing attacks. Interestingly, in this campaign, Luna Moth does away with the malware portion of the attack, instead using legitimate and trusted systems management tools to interact directly with a victim's computer to manually exfiltrate data for extortion. “As these tools are not malicious, they're not likely to be flagged by traditional antivirus products,” the researchers wrote.To read this article in full, please click here]]> 2022-11-21T07:02:00+00:00 https://www.csoonline.com/article/3680369/luna-moth-callback-phishing-campaign-leverages-extortion-without-malware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8149728 False Ransomware,Malware,Threat None None CSO - CSO Daily Dashboard security releases from Palo Alto in 2022.To read this article in full, please click here]]> 2022-11-16T05:15:00+00:00 https://www.csoonline.com/article/3680288/palo-alto-releases-pan-os-11-0-nova-with-new-evasive-malware-injection-attack-protection.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8047561 False Malware,Threat None None CSO - CSO Daily Dashboard Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains. This document sparked a new wave of thinking about digital adversaries, specifically, nation-state advanced persistent threat groups (APTs).The authors of the paper argued that by leveraging the knowledge of how these adversaries operate, cyber defenders “can create an intelligence feedback loop, enabling defenders to establish a state of information superiority which decreases the adversary's likelihood of success with each subsequent intrusion attempt.” This so-called kill chain model could “describe phases of intrusions, mapping adversary kill chain indicators to defender courses of action, identifying patterns that link individual intrusions into broader campaigns, and understanding the iterative nature of intelligence gathering form the basis of intelligence-driven computer network defense.”To read this article in full, please click here]]> 2022-11-15T03:53:00+00:00 https://www.csoonline.com/article/3680149/meta-s-new-kill-chain-model-tackles-online-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8026238 False Threat None 2.0000000000000000 CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-11-14T12:16:00+00:00 https://www.csoonline.com/article/3679695/cybersecurity-as-a-service-what-is-it-and-is-it-right-for-your-business.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8014354 False Threat None None CSO - CSO Daily Dashboard CISO Insider report.To read this article in full, please click here]]> 2022-11-10T10:14:00+00:00 https://www.csoonline.com/article/3679869/what-is-top-of-mind-for-cisos-right-now.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7930689 False Ransomware,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-11-08T07:46:00+00:00 https://www.csoonline.com/article/3679430/4-reasons-smbs-should-consider-an-msp-for-threat-hunting.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7890718 False Threat,Guideline None None CSO - CSO Daily Dashboard hacktivist activity in the past year, with state-sponsored threat actors targeting 128 governmental organizations in 42 countries that support Ukraine, according to the European Union Agency for Cybersecurity (ENISA).In addition, some threat actors targeted Ukrainian and Russian entities during the early days of the conflict, likely for the collection of intelligence, according to the 10th edition of the ENISA threat landscape report. The report-this year titled Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape-notes that in general, geopolitical situations continue to have a high impact on cybersecurity.To read this article in full, please click here]]> 2022-11-04T09:56:00+00:00 https://www.csoonline.com/article/3678771/geopolitics-plays-major-role-in-cyberattacks-says-eu-cybersecurity-agency.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7826671 False Threat None None CSO - CSO Daily Dashboard convened its Second International Counter Ransomware Initiative Summit (CRI), bringing together leaders from 36 countries and the European Union in person to build on the work of its first ransomware summit in 2021. At a press briefing before the Summit, a White House spokesperson said, "While the United States is facilitating this meeting, we don't view this solely as a US initiative. It's an international partnership that spans most of the world's time zones, and it really reflects the threat that criminals and cyberattacks bring.”To read this article in full, please click here]]> 2022-11-03T04:22:00+00:00 https://www.csoonline.com/article/3678948/white-house-ransomware-summit-highlights-need-for-borderless-solutions.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7800875 False Ransomware,Threat,Guideline None None CSO - CSO Daily Dashboard ESG research, 52% of organizations believe that security operations are more difficult today than they were two years ago, due to factors such as the dangerous threat landscape, growing attack surface, and the volume/complexity of security alerts. In analyzing this data, I see a common theme: scale. Security teams must be able to scale operations to deal with the increasing volume of everything coming at them. Faced with a global cybersecurity skills shortage, CISOs need alternatives to hiring their way out of this quagmire.To read this article in full, please click here]]> 2022-11-03T02:00:00+00:00 https://www.csoonline.com/article/3678355/making-the-case-for-security-operation-automation.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7798492 False Threat None None CSO - CSO Daily Dashboard Business Logic Intelligence Service (BLIS) designed to give customers actionable insight to help them tackle malicious bot activity and security threats. The firm said that the tiered, fee-based service will provide organizations with bot threat intelligence based on research including analysis of dark web forums and marketplaces. Earlier this year, the 2022 Imperva Bad Bot Report revealed an uptick in malicious bot activity driving online fraud and cyberattacks with bots becoming more sophisticated and better equipped to evade detection.To read this article in full, please click here]]> 2022-11-02T02:00:00+00:00 https://www.csoonline.com/article/3678298/netacea-launches-malicious-bot-intelligence-service-to-help-customers-tackle-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7779384 False Threat None None CSO - CSO Daily Dashboard threat landscape is constantly evolving, with cybercriminals finding new ways to trick unsuspecting victims and infiltrate networks. For example, according to the 1H 2022 FortiGuard Labs Threat Report, ransomware is rampant, showing no signs of slowing its pace. These attacks are becoming more sophisticated and aggressive, with attackers introducing new strains and updating, enhancing, and reusing old ones. What's especially concerning as we look back at the first half of 2022 is that we observed 10,666 ransomware variants, compared to just 5,400 in the previous six months. That's nearly 100% growth in ransomware variants in half a year.To read this article in full, please click here]]> 2022-10-31T11:09:00+00:00 https://www.csoonline.com/article/3678353/phishing-attacks-are-on-the-rise-and-cyber-awareness-is-one-of-your-best-defenses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7756476 False Ransomware,Threat None None CSO - CSO Daily Dashboard phishing emails in the third quarter this year increased by more than 31% quarter on quarter, with the number of emails containing malware in the first three quarters surpassing the 2021 level by 55.8 million.Malware emails in the third quarter of 2022 alone increased by 217% compared to same period in 2021. Malware email volume peaked in July, reaching 19.2 million, before month-over-month declines in August and September, with numbers dropping to 16.8 million and 16.5 million respectively.To read this article in full, please click here]]> 2022-10-28T10:01:00+00:00 https://www.csoonline.com/article/3678311/phishing-attacks-increase-by-over-31-in-third-quarter-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7718793 False Malware,Threat None 4.0000000000000000 CSO - CSO Daily Dashboard partial patch on October 11, 2022. Teams are urged to patch systems and monitor suspicious activity to mitigate security risks which include event log crashing and remote denial-of-service (DoS) attacks.To read this article in full, please click here]]> 2022-10-26T08:23:00+00:00 https://www.csoonline.com/article/3677576/microsoft-event-log-vulnerabilities-threaten-some-windows-operating-systems.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7687706 False Threat None None CSO - CSO Daily Dashboard drivers approved and co-designed through the Windows Hardware Compatibility Program in order to gain access to our machines. Ensuring that these malicious drivers are blocked is a key method for protecting systems.Microsoft has long touted a means to update this master listing on our systems and, in theory, the idea was valid: using settings and security hardware on the computer, enabling hypervisor-protected code integrity (HVCI) was supposed to protect systems from malicious drivers. Attackers have used such attacks in the past ranging from RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, to campaigns by the threat actor STRONTIUM. As a Microsoft blog in 2020 pointed out, if a computer had HVCI enabled, it would be able to defend itself against vulnerable and malicious drivers. In the blog post, it was noted that “Microsoft threat research teams continuously monitor the threat ecosystem and update the list of drivers that in the Microsoft-supplied blocklist. This blocklist is pushed down to devices via Windows update.”To read this article in full, please click here]]> 2022-10-26T02:00:00+00:00 https://www.csoonline.com/article/3677856/how-to-update-your-windows-driver-blocklist-to-keep-malicious-drivers-away.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7683787 False Threat APT 28 None CSO - CSO Daily Dashboard FortiGuard Labs shows that the number of new ransomware variants identified increased by nearly 100% compared to the previous six-month period.To read this article in full, please click here]]> 2022-10-24T11:05:00+00:00 https://www.csoonline.com/article/3677769/cybersecurity-executives-say-these-are-the-most-pressing-challenges-they-face.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7668058 False Ransomware,Threat None None CSO - CSO Daily Dashboard Cameron spoke during Singapore International Cyber Week, calling for swift ongoing action to ensure connected devices are designed, built, deployed, and managed securely to prevent malicious actors, improve national resilience, and reap the benefits of emerging technologies.Growth of IoT giving rise to increased security threats The scale of consumer-, enterprise-, and city-level IoT has exploded in the last decade, Cameron said, and the magnitude of changes coupled with growing dependency on connected technology has introduced significant security risks. “That is why now is the time to make sure we're designing and building them properly,” she added. “We all know that connected places are an evolving ecosystem, comprising a range of systems that exchange, process and store sensitive data, as well as controlling critical operational technology. Unfortunately, this makes these systems an attractive target for a range of threat actors. The threat posed by nation states is particularly acute.”To read this article in full, please click here]]> 2022-10-24T07:43:00+00:00 https://www.csoonline.com/article/3677850/security-by-design-vital-to-protecting-iot-smart-cities-around-the-world-says-ceo-of-uk-ncsc.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7666384 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-10-20T15:49:00+00:00 https://www.csoonline.com/article/3677589/ddos-threat-intelligence-report-reveals-troubling-attacker-behavior.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7592647 False Threat None None CSO - CSO Daily Dashboard counted 455 attacks from 27 ransomware variants, with LockBit 3.0 being responsible for 192 of them (42%). Meanwhile, security firm Digital Shadows tracked around 600 ransomware victims over the same time period, with LockBit accounting for 35% of them.To read this article in full, please click here]]> 2022-10-20T10:28:00+00:00 https://www.csoonline.com/article/3677488/with-conti-gone-lockbit-takes-lead-of-the-ransomware-threat-landscape.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7588209 False Ransomware,Threat,Guideline None None CSO - CSO Daily Dashboard a new report.To read this article in full, please click here]]> 2022-10-20T06:00:00+00:00 https://www.csoonline.com/article/3677448/attackers-switch-to-self-extracting-password-protected-archives-to-distribute-email-malware.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7584664 False Spam,Malware,Threat None None CSO - CSO Daily Dashboard an advisory update jointly issued by the US Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). The latest update lists CVEs currently being exploited based on a new Malware Analysis Report, MAR-10398871.r1.v2 and warns that threat actors may be targeting unpatched ZCS instances in both government and private sector networks.To read this article in full, please click here]]> 2022-10-20T04:23:00+00:00 https://www.csoonline.com/article/3677449/high-medium-severity-vulnerabilities-impacting-zimbra-collaboration-suite.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7582917 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-10-18T13:25:00+00:00 https://www.csoonline.com/article/3676837/2022-cloud-native-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7546702 False Threat None None CSO - CSO Daily Dashboard a new report. “A similar ready-to-go C2 framework called 'Manjusaka' was recently disclosed by Talos.”To read this article in full, please click here]]> 2022-10-13T10:52:00+00:00 https://www.csoonline.com/article/3676690/new-chinese-attack-framework-alchimist-serves-windows-linux-and-macos-implants.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7438088 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-10-12T08:41:00+00:00 https://www.csoonline.com/article/3676151/gain-full-visibility-for-threat-detection-and-response-with-deep-packet-inspection.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7414761 False Threat None None CSO - CSO Daily Dashboard China Cyber Threat Report outlines Beijing's chief motivations for carrying out cyberattacks or espionage, the key tactics it employs, and provides strategies for CISOs to help their organizations to better identify and prepare for PRC cyber campaigns.Security, sovereignty, development: key PRC cyberattack motivators The report identifies three “core interests” over which China is willing to authorize offensive cyber operations if threatened, related to the nation's political system, territory, and economy:To read this article in full, please click here]]> 2022-10-12T02:00:00+00:00 https://www.csoonline.com/article/3676075/china-s-attack-motivations-tactics-and-how-cisos-can-mitigate-threats.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7408401 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-10-06T10:34:00+00:00 https://www.csoonline.com/article/3675957/overcoming-cybersecurity-implementation-challenges.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7321561 False Tool,Threat None None CSO - CSO Daily Dashboard Dark Web Insights tool “continuously scans” more than 20 billion records attached to hacks or data breaches on the dark web, providing users with a bespoke breakdown of compromised passwords across their organization. Dark Web Insights also provides admins the ability to scan their organization for incidences of breached credentials and invite non-Dashlane using, breached employees to begin using Dashlane through built-in seat provisioning. The firm said that, by pairing this alert function with the ability to generate new, random, and unique passwords, admins can take action quickly once alerted about compromised credentials.To read this article in full, please click here]]> 2022-10-06T05:00:00+00:00 https://www.csoonline.com/article/3675559/dashlane-launches-new-dark-web-insights-tool-mfa-authenticator-app-small-biz-starter-plan.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7318910 False Tool,Threat None 3.0000000000000000 CSO - CSO Daily Dashboard research reveals that 52% of security professionals believe security operations are more difficult today than they were two years ago. Why? Security operations center (SOC) teams point to issues such as: A rapidly evolving and changing threat landscape: Forty-one percent of security professionals find it difficult to understand and counteract modern threats like ransomware or supply chain attacks and then build this knowledge into a comprehensive security operations program. Most react to threats and indicators of compromise (IoCs) rather than study cyber-adversaries and plan ahead. A growing attack surface: This issue came up with 39% of respondents, but attack surface challenges are no surprise. Other ESG research indicates that the attack surface is growing at two-thirds (67%) of organizations, driven by third-party IT connections, support for remote workers, increased public cloud usage, and adoption of SaaS applications. A growing attack surface means more work, vulnerabilities, and blind spots for SOC teams. Little wonder then why 69% of organizations admit to a cyber-incident emanating from an unknown, unmanaged, or poorly managed internet-facing asset. The volume and complexity of security alerts: We've all heard about “alert storms” and “alert fatigue.” Based on the ESG data, these conditions aren't just marketing hype, as 37% of SOC teams say that alert volume and complexity is making security operations more difficult. It's easy to understand this one: Imagine viewing, triaging, prioritizing, and investigating a constant barrage of amorphous security alerts from a variety of different detection tools and you'll get the picture. Seems overwhelming but that's the reality for level 1 SOC analysts at many organizations. Public cloud usage: Beyond just expanding the attack surface, more than one-third (34%) say that security operations are more difficult as a direct result of growing use of the public cloud. This is not just a numbers game. Securing cloud workloads is difficult due to multi-cloud deployment, ephemeral cloud instances, and developer use of new cloud services that security teams may be unfamiliar with. Chasing cloud evolution and associated software developer whims has become part of the job. Keeping up with the care and feeding of security technologies: More than half (54%) of organizations use more than 26 different commercial, homegrown, or open-source tools for security operations. The burden of managing and maintaining all these disparate technologies alone can be difficult. This is one reason why many firms are replacing on-site security tools with cloud-based alternatives. Growing scale complicates security operations In analyzing this data, it's easy to see a common theme across these different responses – scale. Everything is growing – threats, IT, alerts, tools, everything. The research illustrates the fact that we don't have the people, processes, or technologies to keep up with these scaling needs.To read this article in full, please click here]]> 2022-10-06T02:00:00+00:00 https://www.csoonline.com/article/3675551/5-reasons-why-security-operations-are-getting-harder.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7317314 False Ransomware,Threat None None CSO - CSO Daily Dashboard identity and access management (IAM), and it refers to the policies that define who has permission to do what in a cloud environment. A fundamental best practice for policies like this is to apply least privilege access – ensuring that each user or group has the minimum access required to perform necessary functions. This helps minimize the damage an attacker can do in the event of a compromise as the attacker will only gain access to the limited information and capabilities of that one compromised cloud resource.To read this article in full, please click here]]> 2022-10-05T13:02:00+00:00 https://www.csoonline.com/article/3675951/executive-briefing-unit-42-cloud-threat-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7310078 False Threat None None CSO - CSO Daily Dashboard Cyberthreat Minute, a comprehensive report on malicious activity that is happening within any given 60-second window across the world.To read this article in full, please click here]]> 2022-10-03T11:41:00+00:00 https://www.csoonline.com/article/3675543/the-cyberthreat-minute-the-scale-and-scope-of-worldwide-cybercrime-in-60-seconds.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7290016 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-10-03T08:42:00+00:00 https://www.csoonline.com/article/3675539/liveaction-adds-new-soc-focused-features-to-threateye-ndr-platform.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7288626 False Malware,Threat None None CSO - CSO Daily Dashboard launched the fourth-annual National Insider Threat Awareness Month (NITAM). The goal of the month-long event is to educate the government and industry about the dangers posed by insider threats and the role of insider threat programs. This year's campaign focuses on the importance of critical thinking to help workforces guard against risk in digital spaces.The NITAM launch announcement cited recent examples of insider threats in the digital space:To read this article in full, please click here]]> 2022-09-29T02:00:00+00:00 https://www.csoonline.com/article/3675348/recent-cases-highlight-need-for-insider-threat-awareness-and-action.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7198305 False Threat None None CSO - CSO Daily Dashboard over 80% of ransomware attacks can be traced to common configuration errors in software and devices? This ease of access is one of many reasons why cybercriminals have become emboldened by the underground ransomware economy.And yet, many threat actors are working within a limited pool of ransomware groups. Although ransomware is a headline-grabbing topic, it's ultimately being driven forward by a relatively small and interconnected ecosystem of players. The specialization and consolidation of the cybercrime economy has fueled ransomware as a service (RaaS) to become a dominant business model - enabling a wider range of criminals to deploy ransomware regardless of their technical expertise. This, in turn, has forced all of us to become cybersecurity defenders.To read this article in full, please click here]]> 2022-09-26T16:51:00+00:00 https://www.csoonline.com/article/3674773/extortion-economics-ransomware-s-new-business-model.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7155298 False Ransomware,Threat None None CSO - CSO Daily Dashboard catalog of known exploited vulnerabilities last week, highlighting an immediate threat for organizations that haven't yet patched their vulnerable deployments.The vulnerability, tracked as CVE-2022-3540, was privately reported to Zoho in June by a security researcher identified as Vinicius and was fixed later that same month. The researcher posted a more detailed writeup at the beginning of this month and, according to him, it's a Java deserialization flaw inherited from an outdated version of Apache OFBiz, an open-source enterprise resource planning system, where it was patched in 2020 (CVE-2020-9496). This means that the Zoho ManageEngine products were vulnerable for two years due a failure to update a third-party component.To read this article in full, please click here]]> 2022-09-26T13:59:00+00:00 https://www.csoonline.com/article/3674856/zoho-manageengine-flaw-is-actively-exploited-cisa-warns.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7154310 False Vulnerability,Threat None None CSO - CSO Daily Dashboard stopping malicious ICS activity and reducing OT exposure, and comes as the cybersecurity risks surrounding OT and ICS continue to threaten to safety of data and critical systems.To read this article in full, please click here]]> 2022-09-26T08:43:00+00:00 https://www.csoonline.com/article/3674832/us-cisa-nsa-release-new-ot-ics-security-guidance-reveal-5-steps-threat-actors-take-to-compromise-as.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7151217 False Threat None None CSO - CSO Daily Dashboard a new report. "The threat actors used blog post titles that an individual would search for whose organization may be of interest to a foreign intelligence service e.g., 'Confidentiality Agreement for Interpreters.' The Threat Intel Team discovered the threat actors highly likely created 192 blog posts on one site."To read this article in full, please click here]]> 2022-09-23T13:42:00+00:00 https://www.csoonline.com/article/3674791/seo-poisoning-campaign-directs-search-engine-visitors-from-multiple-industries-to-javascript-malwar.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7089429 False Malware,Threat,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-22T13:55:00+00:00 https://www.csoonline.com/article/3674848/ransomware-operators-might-be-dropping-file-encryption-in-favor-of-corrupting-files.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7068473 False Ransomware,Threat None None CSO - CSO Daily Dashboard cybersecurity awareness training to improve cyber hygiene and behaviors across their entire workforce. Having the right cybersecurity solutions is critical, but if an organization's workforce doesn't utilize the security tools in place or doesn't know what to avoid in their day-to-day activities, they're putting themselves at risk and, ultimately, their organizations at risk of being breached. Every person at an organization-regardless of their role-must be on top of their game to defend the enterprise against threat actors.To read this article in full, please click here]]> 2022-09-21T11:55:00+00:00 https://www.csoonline.com/article/3674628/great-cyber-hygiene-starts-with-a-culture-of-security-awareness.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7044079 False Threat None None CSO - CSO Daily Dashboard newly published ESG research, just over half of all organizations (52%) say that security operations are more difficult today than they were two years ago. When asked why, 41% pointed to an evolving and dangerous threat landscape, 38% identified a growing and changing attack surface, 37% said that alert volume and complexity are driving this change, and 34% blamed growing use of public cloud computing services.Now most of these challenges are déjà vu all over again, impacting security teams year after year. There is one exception, however: The growing attack surface. Certainly, the attack surface has been growing steadily since we all started using Mosaic browsers, but things really took off over the past few years. Blame Amazon, COVID, or digital transformation, but organizations are connecting IT systems to third parties, supporting remote workers, developing cloud-native applications, and using SaaS services in record numbers. When you take all these factors into consideration, enterprise organizations typically use tens of thousands of internet-facing assets.To read this article in full, please click here]]> 2022-09-21T02:00:00+00:00 https://www.csoonline.com/article/3673892/top-5-attack-surface-challenges-related-to-security-operations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7035223 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-20T11:51:00+00:00 https://www.csoonline.com/article/3674212/threat-actors-are-launching-more-direct-path-ddos-attacks.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7020376 False Threat None None CSO - CSO Daily Dashboard network data breach that occurred on Thursday, September 15.Attacker gained elevated permissions to tools including G-Suite and Slack In a security update published on Monday, September 19, Uber wrote, “An Uber EXT contractor had their account compromised by an attacker. It is likely that the attacker purchased the contractor's Uber corporate password on the dark web, after the contractor's personal device had been infected with malware, exposing those credentials. The attacker then repeatedly tried to log in to the contractor's Uber account.” Each time, the contractor received a two-factor login approval request, which initially blocked access, it added.To read this article in full, please click here]]> 2022-09-20T04:03:00+00:00 https://www.csoonline.com/article/3674209/uber-links-cyberattack-to-lapsus-says-sensitive-user-data-remains-protected.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7013851 False Threat Uber,Uber None CSO - CSO Daily Dashboard (ISC)2's 2020 Cybersecurity Workforce Study, while the global cybersecurity workforce need stands at 3.1 million, with nearly 400,000 open cybersecurity positions in the U.S. In addition, more than half of survey respondents (56%) say that cybersecurity staff shortages are putting their organizations at risk.“This remains an emerging industry with threats shifting almost on a daily basis, including new threat actors, new technologies and the evolution of 5G,” says Erin Weiss Kaya, a Booz Allen talent strategy expert for cyber organizations. “Yet we're still dealing with an 0% unemployment rate, with far more demand than we have current supply.”To read this article in full, please click here]]> 2022-09-19T05:05:00+00:00 https://www.csoonline.com/article/3674949/5-ways-to-grow-the-cybersecurity-workforce.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7081960 False Threat None None CSO - CSO Daily Dashboard Billington Cybersecurity Summit, leaders from across the globe gathered to discuss the importance of international partnerships in managing the persistent threats governments must address. The near-total digitalization of every aspect of society that exposes virtually all public and private sector services to escalating cyber threats dictates a more robust, collective defense. Moreover, as cyber risks intensify and multiply, governments worldwide are stepping up their own independent efforts to protect against the rising tide of digital threats.To read this article in full, please click here]]> 2022-09-19T02:00:00+00:00 https://www.csoonline.com/article/3673748/international-cooperation-is-key-to-fighting-threat-actors-and-cybercrime.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7000252 False Ransomware,Threat,Guideline None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-14T06:00:00+00:00 https://www.csoonline.com/article/3673260/one-in-10-employees-leaks-sensitive-company-data-every-6-months-report.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6888631 False Threat None None CSO - CSO Daily Dashboard four separate products: A cloud infrastructure entitlements manager (CIEM) that manages overall access controls and risk management tasks A cloud workload protection platform (CWPP) that secures code across all kinds of cloud-based repositories and provides runtime protection across the entire development environment and code pipelines A cloud access security broker (CASB) that handles authentication and encryption tasks A cloud security posture manager (CSPM) that combines threat intelligence and remediation IT and security managers are looking for a few basic elements from these products, including more accurate threat detection, support for all workloads across multiple cloud deployments, and ways to implement preventable controls.To read this article in full, please click here]]> 2022-09-13T02:00:00+00:00 https://www.csoonline.com/article/3673290/cnapp-buyers-guide-top-tools-compared.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6867102 False Tool,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-13T00:00:00+00:00 https://www.csoonline.com/article/3673312/hands-on-cyberattacks-jump-50-crowdstrike-reports.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6866788 False Threat None None CSO - CSO Daily Dashboard remote access Trojan (RAT) being used in attack campaigns this year by Lazarus, a threat actor tied to the North Korean government. The new RAT has been used alongside other malware implants attributed to Lazarus and it's mainly used in the first stages of an attack.Dubbed MagicRAT, the new Lazarus malware program was developed using Qt, a framework commonly used to develop graphical user interfaces for cross-platform applications. Since the Trojan doesn't have a GUI, researchers from Cisco Talos believe the reason for using Qt was to make detection harder.To read this article in full, please click here]]> 2022-09-08T14:14:00+00:00 https://www.csoonline.com/article/3673094/north-korean-state-sponsored-hacker-group-lazarus-adds-new-rat-to-its-malware-toolset.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6790810 False Malware,Threat APT 38 None CSO - CSO Daily Dashboard Vice article highlighted the case of Clara Sorrenti, also known as Keffals, an online streamer who has been doxed multiple times and was arrested on August 5 amidst a raid on her home as a result of swatting, highlighted how there have been at least three cases of individuals committing suicide as a result of the targeted harassment received as a result of the actions taking place on Kiwifarms.To read this article in full, please click here]]> 2022-09-06T10:09:00+00:00 https://www.csoonline.com/article/3672533/transparency-and-policy-shapes-cloudflare-s-kiwi-farms-decisions.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6752557 False Threat None None CSO - CSO Daily Dashboard security information and event management (SIEM) tools. SIEM systems at the minimum provide a central repository for log data and tools to analyze, monitor and alert on relevant events. SIEM tools (and data analysis capabilities) have evolved more sophisticated capabilities such as machine learning and the ability to ingest third-party threat data.To read this article in full, please click here]]> 2022-09-05T02:00:00+00:00 https://www.csoonline.com/article/3671873/top-12-managed-detection-and-response-solutions.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6738682 False Threat None None CSO - CSO Daily Dashboard a new analysis by researchers from Cybereason, Ragnar Locker is a growing threat that uses layers of encryption to hide instructions in its binary and kills various processes associated with remote login and support.To read this article in full, please click here]]> 2022-09-01T13:30:00+00:00 https://www.csoonline.com/article/3672241/ragnar-locker-continues-trend-of-ransomware-targeting-energy-sector.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6670324 False Ransomware,Threat None None CSO - CSO Daily Dashboard Malwarebytes, rootkits are tools through which cyber threat actors (CTAs) can achieve root (i.e. the highest level) permissions on an infected system for conducting reconnaissance, moving laterally to other network devices, and/or stealing sensitive information. Bootkits are similar to rootkits, noted Positive Technologies, the major difference being that bootkits activate before an operating system (OS) and, by extension, its various security mechanisms finish booting up.To read this article in full, please click here]]> 2022-09-01T06:15:00+00:00 https://www.csoonline.com/article/3671332/cis-hardened-images-built-on-google-cloud-s-shielded-vms.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6665008 False Malware,Threat None 2.0000000000000000 CSO - CSO Daily Dashboard 2022 Verizon Data Breach Investigation Report (DBIR) found that cloud misconfigurations pose an ongoing threat to organizations. Error, especially misconfigured cloud storage, factored in 13% of data breaches analyzed by Verizon this year.To read this article in full, please click here]]> 2022-09-01T06:14:00+00:00 https://www.csoonline.com/article/3671354/how-to-avoid-cloud-misconfigurations.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6665010 False Data Breach,Threat None None CSO - CSO Daily Dashboard application-layer DDoS attacks, as detailed in the 2H 2021 Threat Intelligence Report.To read this article in full, please click here]]> 2022-08-31T11:23:00+00:00 https://www.csoonline.com/article/3672109/attackers-are-launching-successful-application-layer-attacks-using-encryption.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6650028 False Threat None None CSO - CSO Daily Dashboard press release, Palo Alto estimated that the average business now uses more than 115 SaaS applications. With vast amounts of sensitive data typically stored in SaaS apps, security misconfigurations pose serious threats to organizations. Its latest features are therefore partly designed to help customers improve their SaaS security and risk management positions, along with enhancing other key elements of modern cyber resilience.To read this article in full, please click here]]> 2022-08-31T05:15:00+00:00 https://www.csoonline.com/article/3671709/palo-alto-adds-new-saas-compliance-threat-prevention-url-filtering-features-to-prisma-solution.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6645534 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-25T09:24:00+00:00 https://www.csoonline.com/article/3671129/beyond-the-cyber-buzzwords-what-executives-should-know-about-zero-trust.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6523157 False Threat None None CSO - CSO Daily Dashboard faster remediation, reduced risk and an overall stronger security posture.So, what exactly has changed for SOCs? In legacy SOCs, IT security staff are seated shoulder-to-shoulder in close proximity, looking at screens loaded with myriad details, providing views and data from dozens of security tools delivering a never-ending stream of alerts. This traditional SOC model was always about trying to keep up in a race against alerts and resource constraints that could never really be won.To read this article in full, please click here]]> 2022-08-24T22:54:00+00:00 https://www.csoonline.com/article/3671208/doing-more-with-less-the-case-for-soc-consolidation.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6515415 False Threat None None CSO - CSO Daily Dashboard ransomware attacks that spark headlines news, threat actors are sticking to one of the oldest and most effective hacking techniques-business email compromise (BEC).Enterprise security has skewed toward ransomware in recent years, but FBI data highlights that  enterprises in aggregate are losing 51 times more money through BEC attacks. In 2021, BEC attacks in the US caused total losses of $2.4 billion, a 39% increase from 2020. In contrast, at the same time, companies in the US lost only $49.2 million to ransomware.To read this article in full, please click here]]> 2022-08-24T03:00:00+00:00 https://www.csoonline.com/article/3670548/why-business-email-compromise-still-tops-ransomware-for-total-losses.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6499918 False Ransomware,Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-18T12:29:00+00:00 https://www.csoonline.com/article/3670730/staging-a-cyberattack-can-be-as-easy-as-using-ddos-for-hire-services.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6398134 False Threat None None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-08-18T04:44:00+00:00 https://www.csoonline.com/article/3670554/zscaler-security-service-edge-why-it-just-works.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6398136 False Threat None None CSO - CSO Daily Dashboard ransomware, infostealers and data theft to simple misconfigured systems and remote access tools.The new product will integrate authoritative data sources like MITRE ATT&CK to help organizations contextualize and better understand potential threats, as well as providing constantly updated threat information from Google's own security team.To read this article in full, please click here]]> 2022-08-17T05:00:00+00:00 https://www.csoonline.com/article/3669859/google-updates-chronicle-with-enhanced-threat-detection.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6397359 True Threat None None