Sécurité


Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Hackers | Fabricants | Magazines | Virus / Malware

Schneier

IT Security
Erreur: Il y a un erreur avec ce flux.

TAO Security

    • 20 novembre 2022Best of TaoSecurity Blog Kindle Edition Sale
       I’m running a #BlackFriday #CyberMonday sale on my four newest #Kindle format books. Volumes 1-4 of The Best of TaoSecurity Blog will be half off starting 9 pm PT Tuesday 22 Nov and ending 9 pm PT Tueday 29 Nov. They are here.  There also appears to be a daily deal right now for the paperback of Volume 2, 45% off at $8.96. Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurit …

    • 18 novembre 2022TaoSecurity on Mastodon
      I am now using Mastodon as a replacement for the blue bird. This is my attempt to verify myself via my blog. I am no longer posting to my old bird account.Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com) …

    • 10 août 2022The Humble Hub
       Over the weekend I organized some old computing equipment. I found this beauty in one of my boxes. It’s a Netgear EN104TP hub. I’ve mentioned this device before, in this blog and my books. This sort of device was the last of the true hubs. In an age where cables seem reserved for data centers or industrial facilities, and wireless rules the home and office, this hub is a relic of days gone p …

    • 29 juillet 2021Zeek in Action Videos
      This is a quick note to point blog readers to my Zeek in Action YouTube video series for the Zeek network security monitoring project. Each video addresses a topic that I think might be of interest to people trying to understand their network using Zeek and adjacent tools and approaches, like Suricata, Wireshark, and so on. I am especially pleased with Video 6 on monitoring wireless netw …

    • 13 avril 2021New Book! The Best of TaoSecurity Blog, Volume 4
       I’ve completed the TaoSecurity Blog book series.The new book is The Best of TaoSecurity Blog, Volume 4: Beyond the Blog with Articles, Testimony, and Scholarship. It’s available now for Kindle, and I’m working on the print edition. I’m running a 50% off promo on Volumes 1-3 on Kindle through midnight 20 April. Take advantage before the prices go back up.I described the new tit …

Information Security Buzz
Erreur: Il y a un erreur avec ce flux.

gHacks
Erreur: Il y a un erreur avec ce flux.

SecurityWeek

    • 16 septembre 2020Box Showcases New Offerings for Remote Working Environment
      The primary problem caused by the growth in remote working is a new degree of complexity. The threats remain the same, but the solutions must be new. Box on Wednesday announced additions and enhancements to its range of products designed for the growing remote working environment. read more …

    • 16 septembre 2020U.S. House Passes IoT Cybersecurity Bill
      The U.S. House of Representatives this week passed the IoT Cybersecurity Improvement Act, a bill whose goal is to improve the security of IoT devices. read more …

    • 16 septembre 2020Nozomi Networks Becomes CVE Numbering Authority
      Nozomi Networks, a company that specializes in the security of OT and IoT systems, on Tuesday announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA). read more …

    • 16 septembre 2020NSA Publishes Guidance on UEFI Secure Boot Customization
      The United States National Security Agency (NSA) this week published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature can be customized to fit an organization’s needs. read more …

Help Net Security

    • 5 décembre 2022Engage your employees with better cybersecurity training
      Cybercriminals use a variety of tactics all at once and are constantly innovating. Organizations need to do the same and take a multidimensional approach to cybersecurity because biannual training videos aren’t enough to engage employees or protect your business. Is your cybersecurity strategy disengaging employees? A bad actor stole $540 million from an NFT gaming company in July, an attack that …

    • 5 décembre 2022Top 10 free MITRE ATT&CK tools and resources
      MITRE ATT&CK is a knowledge base of adversary tactics and techniques based on real-world observations. ATT&CK is open and available to any person or organization for use at no charge. Below you can find a collection of MITRE ATT&CK tools and resources available for free. eBook: Getting Started with ATT&CK This free eBook pulls together the content from blog posts on threat inte …

    • 5 décembre 2022The evolution of DevSecOps
      73% of IT decision-makers admit more could be done to improve their DevSecOps practices, with many organizations behind in their goals, according to a survey conducted by Insight Avenue. In this Help Net Security video, Mark Troester, VP of Strategy, Progress, uncovers the true state of DevOps and DevSecOps adoption. Security is the number one driver behind most DevOps and DevSecOps implementation …

    • 5 décembre 2022How companies time data leak disclosures
      Every year the personal data of millions of people, such as passwords, credit card details, or health details, fall into the hands of unauthorized persons through hacking or data processing errors by companies. The consequences for those affected can be devastating, from financial losses to identity theft. To protect their customers, companies in many countries are required by law to report such i …

    • 5 décembre 2022Connected medical devices are the Achilles’ heel of healthcare orgs
      The rising adoption of connected medical devices is accelerating cyberattacks, according to Capterra’s Medical IoT Survey of healthcare IT professionals. The survey also reveals that 67% of healthcare cyberattacks impact patient data and 48% impact patient care, an indication that rising security risks in the industry are leading to severe consequences in patient outcomes and privacy. The medical …

Naked Security – Sophos

SearchSecurity

CSO | Security News

Graham Cluley

Cybersecurity Insiders

    • 5 décembre 2022Google transits to Memory Safety Languages for added Mobile Security
      Google’s transition to more safe memory languages has brought down the security vulnerability count on Android from 223 in 2019 to just 83 in the current year. And the business unit of Alphabet Inc’s subsidiary last week made the announcement, as it achieved 65% success in surpassing memory safety flaws. As the drop in vulnerabilities is going in parallel with a shift in programming language, secu …

    • 5 décembre 2022Cyber Attacks on AIIMS India state Chinese Involvement
      A few days ago, the All-India Institute of Medical Sciences (AIIMS) based in Delhi was hit by a cyber attack of ransomware variant and sources report that the hackers are demanding Rs 200 Crores to return the stolen information belonging to millions of patients that would be otherwise sold on the dark web. According to a probe conducted by CERT-IN, Chinese involvement is suspected behind the incid …

    • 4 décembre 2022Real Talk with CCSPs an Interview with Matt Lee, CCSP
      What do you get when you cross a teacher with an entrepreneur who also has a passion for cybersecurity? You get Matt Lee. Matt is the Senior Director of Security and Compliance at Pax8, where he is a force multiplier in the mission to empower Managed Service Providers (MSP) to continue to grow in their security knowledge and operability. We recently had a chance to speak with Matt about his experi …

    • 4 décembre 2022Are Deepfakes Really a Security Threat? – Member Recap from (ISC)² Security Congress 2022
      A member recap of Dr. Thomas Scanlon’s session at (ISC)² Security Congress 2022 by Angus Chen, CISSP, CCSP, MBA, PMP. Dr. Scanlon started his talk by showing images of women and posing a question to the audience: Can you spot the fake person? See the image to left. To my surprise, none of them are a real person! These images are generated by an AI algorithm, generative adversarial network (GAN), …

    • 3 décembre 2022Achieving Data Security and Analytics with AI – Member Recap from (ISC)² Security Congress 2022
      A member recap of “Achieving Data Security and Analytics with AI” presented by Glendon Schmitz at (ISC)² Security Congress 2022. By Angus Chen, CISSP, CCSP, PMP, MBA Although “data is the new oil”, there are many problems with working on production data directly.  Organizations encounter regulations to protect privacy such as General Data Protection Regulation (GDPR). The fine for violating G …

The CyberWire
Erreur: Il y a un erreur avec ce flux.

IT Security Guru

    • 2 décembre 2022Predatory loan apps on Apple App Store and Google Play extorting victims
      Threat researchers at Lookout have discovered more than 300 loan apps that exhibit predatory behavior, such as exfiltrating excessive user data and harassing borrowers for payment in both Google Play and the Apple App Store. The apps, which were found across countries in Africa, Southeast Asia and South America, including India, Colombia, Nigeria and Mexico, purportedly offer quick, fully-digital …

    • 2 décembre 2022Cybersecurity fears are just the tip of the iceberg for CTOS
      That CTOs should be concerned about cybersecurity and data breaches is perhaps not the biggest surprise. 2022 has seen more data breaches than ever before, and it feels like the impact of a breach is increasing too. Damage to the brand, paying ransomware costs, time and resources to address the breach, data privacy law penalties – these are all implications that contribute to cybersecurity fears b …

    • 2 décembre 2022KnowBe4 and Netskope Collaborate for New SecurityCoach Integration
      KnowBe4 has announced that its new SecurityCoach product now integrates with Netskope. The two security organisations have collaborated together to help reduce risky behaviour with product integration to support real-time security coaching of users. SecurityCoach helps IT/security professionals to develop a strong security culture by enabling real-time security coaching of their users in response …

    • 1 décembre 2022Cybersecurity awareness: Train your employees and reduce cyber threats
      As our digital world evolves, cybersecurity has never been more important and critical. During the last few years, we have all become witnesses to intense cybercrime and sophisticated cyberattacks. This upward trend is further fuelled by a shift in working conditions like working remotely. The impact of cyberattacks is profound, resulting in security breaches, enterprises’ revenue and reputation l …

    • 30 novembre 2022Can you trust the US Government with your data?
      Since 2014, the US government has suffered 822 breaches affecting nearly 175 million records. Based on the average cost per breached record (as reported by IBM each year), Comparitech estimate these breaches have cost government entities over $26 billion from 2014 to October 2022. In 2018 and 2019, the number of government breaches hit an all-time high with 116 and 118 breaches respectively. In 20 …

The Security Ledger

    • 30 novembre 2022Spotlight: SIEMs suck. Panther is out to change that. 
      I interview Jack Naglieri, CEO of Panther about the failures of the current SIEM technology and the need for what Naglieri terms “detection engineers. » The post Spotlight: SIEMs suck. Panther is out to change that.  appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesEpisode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hypp …

    • 29 novembre 2022The Future of IoT Security Standards
      When it comes to measuring the security level of a device, a checklist of security ‘low hanging fruit’ is a good place to start. But more is needed, says Mike Sheward of Particle.io The post The Future of IoT Security Standards appeared first on The Security Ledger with Paul F. Roberts. Related StoriesEpisode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?Episode 238: R …

    • 20 novembre 2022Episode 246: SOARing out of Lockdown with Revelstoke Security
      Getting a start-up off the ground isn’t easy in the best of times. Now imagine doing it just as a global pandemic is shutting down society…and the economy. Our guest this week, Josh McCarthy of Revelstoke Security, did it and lived to tell the tale. The post Episode 246: SOARing out of Lockdown with Revelstoke Security appeared first on The…Read the whole entry… » Click the icon b …

    • 11 novembre 2022Report: Digital Supply Chain Breaches Impact 98% of Organizations
      Results from a survey of 2,000 enterprises found an increasing supply chain risk, with 98% of respondents reported having been « negatively impacted » by a breach in their supply chain The post Report: Digital Supply Chain Breaches Impact 98% of Organizations appeared first on The Security Ledger with Paul F. Roberts. Related StoriesEpisode 237: Jacked on the Beanstalk – DeFi’s Security Debt R …

    • 1 novembre 2022Episode 245: How AI is remaking knowledge-based authentication
      Six decades in, password use has tipped into the absurd, while two-factor authentication is showing its limits. We talk with Matt Salisbury of Honeybadger HQ, which is using AI and machine learning to re-imagine knowledge-based authentication. The post Episode 245: How AI is remaking knowledge-based authentication appeared first on The Security…Read the whole entry… » Click the icon …

GovInfoSecurity.com

    • New Zealand Health Insurer Investigates IT Provider Hack
      Accuro Says Claims Processing Affected, No Evidence of Data BreachNew Zealand private health insurer Accuro says an investigation into a cyber incident at a third party IT infrastructure provider so far has not revealed evidence of a data breach affecting its 34,000 customers. Customers should expect delayed service in claims processing. …

    • Cuba Ransomware Targeting Critical Infrastructure, Feds Warn
      Digital Extortion Nets Criminial Gang $60 MillionThe U.S. federal government says the Cuba ransomware gang actively targets critical infrastructure and that its criminal efforts have netted it $60 million so far. The group has recently modified its techniques, says an alert from the FBI and the Cybersecurity and Infrastructure Agency. …

    • Pediatric EMR Vendor Hack Affects 2.2 Million
      Incident Spotlights Multiple Common But Serious Data and Vendor ConcernsA hacking incident at a cloud-based electronic health records software vendor affects dozens of the company’s pediatric practice clients and more than 2.2 million of their patients and other individuals. The breach spotlights several common but serious risks. …

    • Tories: Firms Should Pay More for Cybersecurity Regulation
      UK Government Presses Ahead With Proposal to Charge for RegulationThe Conservative U.K. government said it will propose updates to the country’s main cybersecurity regulation, including a requirement for the private sector to reimburse the public sector for enforcement activities. The government downplayed concerns that it could create perverse incentives. …

Infosec Island 
Erreur: Il y a un erreur avec ce flux.

The K-12 Cybersecurity Resource Center

    • 1 juillet 2022How to Get a Handle on Patch Management
      Patch management advice misses the mark when it assumes IT capacity that simply doesn’t exist in most school districts. Continue reading How to Get a Handle on Patch Management at The K-12 Cybersecurity Resource Center. …

    • 1 juillet 2022Deploying MFA for Staff in a K-12 Environment
      Insights into how a large large district deployed MFA (multifactor authentication) to all staff. Continue reading Deploying MFA for Staff in a K-12 Environment at The K-12 Cybersecurity Resource Center. …

    • 17 décembre 2021K12 SIX Releases K12-Specific Log4j Collaboration Resource
      The K12 Security Information Exchange (K12 SIX) is crowdsourcing the Log4j vulnerability status of commonly used K12 software. Continue reading K12 SIX Releases K12-Specific Log4j Collaboration Resource at The K-12 Cybersecurity Resource Center. …

    • 19 août 2021National Cybersecurity Standards for School Districts
      K12 SIX has released the first in a series of guidance and best practice resources designed to establish baseline cybersecurity standards for school districts. Continue reading National Cybersecurity Standards for School Districts at The K-12 Cybersecurity Resource Center. …

Iain Fraser Journalist

InfoSec News
Erreur: Il y a un erreur avec ce flux.

Internet Storm Center | SANS 
Erreur: Il y a un erreur avec ce flux.

Security Gladiators | Internet Security News
Aucun contenu.