Sicurezza – News ENG
News da fonti internazionali (DARK Reading, The Hacker News, Threatpost)
- Distributing Security Responsibilities (Responsibly)by Lenny Zeltser (darkreading) on 26 Luglio 2024 at 2:00 pm
Outlining the wider organization’s proactive role in fortifying the security program allows the security team to focus on the most pressing issues that only they can solve.
- Could Intel Have Fixed Spectre & Meltdown Bugs Earlier?by Agam Shah, Contributing Writer (darkreading) on 26 Luglio 2024 at 1:43 pm
Intel works closely with academic researchers on hardware flaws and coordinates efforts with other vendors to roll out fixes for emerging vulnerabilities. That wasn’t always the case.
- Mimecast Joins Human Risk Management Fray With Code42 Dealby Jeffrey Schwartz, Contributing Writer (darkreading) on 25 Luglio 2024 at 9:24 pm
Mimecast’s acquisition of Code42 helps the company move into insider risk management, joining key rival Proofpoint and others in the space.
- CrowdStrike ‘Updates’ Deliver Malware & More as Attacks Snowballby Nate Nelson, Contributing Writer (darkreading) on 25 Luglio 2024 at 8:51 pm
The fake updates are part of a phishing and fraud surge that is both more voluminous and more targeted that the usual activity around national news stories.
- Feds Warn of North Korean Cyberattacks on US Critical Infrastructureby Jai Vijayan, Contributing Writer (darkreading) on 25 Luglio 2024 at 8:38 pm
The Andariel group is targeting critical defense, aerospace, nuclear, and engineering companies for data theft, the FBI, NSA, and others said.
- Microsoft’s Internet Explorer Gets Revived to Lure in Windows Victimsby Dark Reading Staff (darkreading) on 25 Luglio 2024 at 7:46 pm
Though IE was officially retired in June 2022, the vulnerability ramped up in January 2023 and has been going strong since.
- Unexpected Lessons Learned From the CrowdStrike Eventby Chip Stewart (darkreading) on 25 Luglio 2024 at 6:35 pm
How your organization can leverage the disruptive CrowdStrike update to become more resilient.
- Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4by Elizabeth Montalbano, Contributing Writer (darkreading) on 25 Luglio 2024 at 3:32 pm
A software engineer hired for an internal IT AI team immediately became an insider threat by loading malware onto his workstation.
- Is Our Water Safe to Drink? Securing Our Critical Infrastructureby Christopher Walcutt (darkreading) on 25 Luglio 2024 at 2:00 pm
Our critical systems can be protected from looming threats by embracing a proactive approach, investing in education, and fostering collaboration between IT and OT professionals.
- Pro-Palestinian Actor Levels 6-Day DDoS Attack on UAE Bankby Robert Lemos, Contributing Writer (darkreading) on 25 Luglio 2024 at 5:00 am
DDoS cyberattack campaign averaged 4.5 million requests per second, putting the bank under attack 70% of the time.
- Google Will Not Remove Third-Party Cookies From Chromeby Dark Reading Staff (darkreading) on 24 Luglio 2024 at 10:13 pm
Cookies aren’t going away, after all. After years of saying it will do so, Google has decided to not remove third-party cookies from Chrome.
- Small Businesses Need Default Security in Products Nowby Robert Lemos, Contributing Writer (darkreading) on 24 Luglio 2024 at 10:01 pm
Small businesses are increasingly being targeted by cyberattackers. Why, then, are security features priced at a premium?
- Fighting Third-Party Risk With Threat Intelligenceby George V. Hulme, Contributing Writer (darkreading) on 24 Luglio 2024 at 9:48 pm
With every new third-party provider and partner, an organization’s attack surface grows. How, then, do enterprises use threat intelligence to enhance their third-party risk management efforts?
- Zest Security Aims to Resolve Cloud Risksby Dark Reading Staff (darkreading) on 24 Luglio 2024 at 9:25 pm
Cybersecurity startup Zest Security emerged from stealth with an AI-powered cloud risk resolution platform to reduce time from discovery to remediation.
- ‘Stargazer Goblin’ Amasses Rogue GitHub Accounts to Spread Malwareby Jai Vijayan, Contributing Writer (darkreading) on 24 Luglio 2024 at 8:35 pm
The threat group uses its “Stargazers Ghost Network” to star, fork, and watch malicious repos to make them seem legitimate, all to distribute a variety of notorious information-stealers-as-a-service.
- Cyberattackers Exploit Microsoft SmartScreen Bug in Stealer Campaignby Nate Nelson, Contributing Writer (darkreading) on 24 Luglio 2024 at 6:50 pm
The good news: Only organizations far behind on standard Windows patching have anything to worry about.
- Hamster Kombat Players Threatened by Spyware & Infostealersby Dark Reading Staff (darkreading) on 24 Luglio 2024 at 4:50 pm
Players can only access the game by first joining its Telegram channel, with some going astray in copycat channels with hidden malware.
- CrowdStrike Blames Crash on Buggy Security Content Updateby Elizabeth Montalbano, Contributing Writer (darkreading) on 24 Luglio 2024 at 2:26 pm
CrowdStrike vows to provide customers with greater control over the delivery of future content updates by allowing granular selection of when and where these updates are deployed.
- Navigating the Complex Landscape of Web Browser Securityby Mike Walters (darkreading) on 24 Luglio 2024 at 2:00 pm
The more we use the cloud, the more maintaining browser security becomes crucial.
- Russia Adjusts Cyber Strategy for the Long Haul in War With Ukraineby Dark Reading Staff (darkreading) on 23 Luglio 2024 at 8:29 pm
Russia has cast aside its focus on civilian infrastructures and is instead targeting Ukraine’s military operations in myriad ways.
- China’s ‘Evasive Panda’ APT Spies on Taiwan Targets Across Platformsby Nate Nelson, Contributing Writer (darkreading) on 23 Luglio 2024 at 7:39 pm
The cohort’s variety of individual tools covers just about any operating system it could possibly wish to attack.
- Goodbye? Attackers Can Bypass ‘Windows Hello’ Strong Authenticationby Jeffrey Schwartz, Contributing Writer (darkreading) on 23 Luglio 2024 at 7:16 pm
Accenture researcher undercut WHfB’s default authentication using open source Evilginx adversary-in-the-middle (AitM) reverse-proxy attack framework.
- Sprawling CrowdStrike Incident Mitigation Showcases Resilience Gapsby Jai Vijayan, Contributing Writer (darkreading) on 23 Luglio 2024 at 6:23 pm
A painful recovery from arguably one of the worst IT outages ever continues, and the focus is shifting to what can be done to prevent something similar from happening again.
- Attackers Exploit ‘EvilVideo’ Telegram Zero-Day to Hide Malwareby Elizabeth Montalbano, Contributing Writer (darkreading) on 23 Luglio 2024 at 4:21 pm
An exploit sold on an underground forum requires user action to download an unspecified malicious payload.
- Wanted: An SBOM Standard to Rule Them Allby Eric Braun (darkreading) on 23 Luglio 2024 at 2:00 pm
A unified standard is essential for realizing the full potential of SBOMs in enhancing software supply chain security.
- Shocked, Devastated, Stuck: Cybersecurity Pros Open Up About Their Layoffsby Joan Goodchild (darkreading) on 23 Luglio 2024 at 1:40 pm
Here’s a dose of reality from those on the frontlines and how they’re coping.
- Novel ICS Malware Sabotaged Water-Heating Services in Ukraineby Jai Vijayan, Contributing Writer (darkreading) on 23 Luglio 2024 at 9:00 am
Newly discovered “FrostyGoop” is the first ICS malware that can communicate directly with operational technology systems via the Modbus protocol.
- Linx Security Launches With Identity Management Platformby Dark Reading Staff (darkreading) on 22 Luglio 2024 at 9:34 pm
The Israeli security startup’s technology helps organizations map existing accounts and credentials to existing employees to identify those that should be removed.
- Check Point Research Reports Highest Increase of Global Cyber Attacks Seen in Last Two Yearsby (darkreading) on 22 Luglio 2024 at 8:54 pm
- Two Foreign Nationals Plead Guilty to Participating in LockBit Ransomware Groupby (darkreading) on 22 Luglio 2024 at 8:50 pm