Toute l'actualité de la Cybersécurité


Fake Meta Ads Hijacking Facebook Accounts to Spread SYS01 Infostealer

2024-10-30 21:30:07
A malvertising campaign is exploiting Meta’s platform to spread SYS01 infostealer, targeting men 45+ via fake ads for…

Lire la suite »

The evolution of open source risk: Persistent challenges in software security

2024-10-30 20:57:31
As organizations increasingly rely on open source software, associated security risks grow, demanding more robust and proactive risk management.

Lire la suite »

15 Leading Technology and Service Providers Achieve SASE Certification

2024-10-30 20:19:15

Lire la suite »

Investigating a SharePoint Compromise: IR Tales from the Field

2024-10-30 20:19:14
Our investigation uncovered an attacker who accessed a server without authorization and moved laterally across the network, compromising the entire domain.

Lire la suite »

Ex-Disney Employee Charged With Hacking Menu Database

2024-10-30 19:44:56
In a vengeful move against the happiest place on Earth, the former employee allegedly used his old credentials to make potentially deadly changes.

Lire la suite »

Zenity Raises M Series B Funding Round to Secure Agentic AI

2024-10-30 19:36:26

Lire la suite »

Norton Report Reveals Nearly Half of US Consumers Were Targeted by a Scam While Online Shopping

2024-10-30 19:27:27

Lire la suite »

Russia-linked Midnight Blizzard APT targeted 100+ organizations with a spear-phishing campaign using RDP files

2024-10-30 19:20:51
Microsoft warns of a new phishing campaign by Russia-linked APT Midnight Blizzard targeting hundreds of organizations. Microsoft warns of a large-scale spear-phishing campaign by Russia-linked APT Midnight...

Lire la suite »

Microsoft Entra "security defaults" to make MFA setup mandatory

2024-10-30 19:18:17
​Microsoft says it will improve security across Entra tenants where security defaults are enabled by making multifactor authentication (MFA) registration mandatory. [...]

Lire la suite »

The Open Source Initiative Announces Open Source AI Definition

2024-10-30 19:13:57

Lire la suite »

Business Email Compromise (BEC) Impersonation: The Weapon of Choice of Cybercriminals

2024-10-30 19:09:19

Lire la suite »

Casap Secures .5M in Funding

2024-10-30 18:59:49

Lire la suite »

Russian Cozy Bear Hackers Phish Critical Sectors with Microsoft, AWS Lures

2024-10-30 18:26:32
Russian state-sponsored hackers Cozy Bear are targeting over 100 organizations globally with a new phishing campaign. This sophisticated…

Lire la suite »

QNAP patches second zero-day exploited at Pwn2Own to get root

2024-10-30 17:36:27
QNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS device. [...]

Lire la suite »

Cybersecurity Training Resources Often Limited to Developers

2024-10-30 16:50:32
With a lack of cybersecurity awareness training resources for all employees, organizations are more susceptible to being breached or falling short when it comes to preventing threats.

Lire la suite »

Vishing, Mishing Go Next-Level With FakeCall Android Malware

2024-10-30 16:29:36
A new variant of the sophisticated attacker tool gives cybercriminals even more control over victim devices to conduct various malicious activities, including fraud and cyber espionage.

Lire la suite »

ATPC Cyber Forum to Focus on Next Generation Cybersecurity and Artificial Intelligence Issues

2024-10-30 16:12:33
Atlanta, Georgia, 30th October 2024, CyberNewsWire

Lire la suite »

Why Did Snowflake Have a Target on It? Handling Data Warehouse Security Risks

2024-10-30 16:09:41
In early June, the Ticketmaster breach brought widespread attention to the fact that Snowflake accounts did not require multi-factor authentication (MFA) and some were compromised as a result. If only... The...

Lire la suite »

North Korean govt hackers linked to Play ransomware attack

2024-10-30 15:55:32
The North Korean state-sponsored hacking group tracked as 'Andariel' has been linked to the Play ransomware operation, using the RaaS to work behind the scenes and evade sanctions. [...]

Lire la suite »

Avec Gencore AI, Securiti renforce la protection de la GenAI

2024-10-30 15:48:47
La sécurité des systèmes d’IA génératives, des copilotes ou des agents IA monte en puissance. Pour répondre (...)

Lire la suite »

North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack

2024-10-30 15:44:00
Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May...

Lire la suite »

Meet Cropler, Connectech & DoubleShift: HackerNoon Startups of the Week

2024-10-30 15:30:14
Welcome to HackerNoon Startups of the Week! Each week, the HackerNoon team showcases a list of startups from our Startups of The Year database. All these startups have been nominated as one of the best...

Lire la suite »

Pour enrôler ses victimes, les cyberpirates de Black Basta passent par Teams

2024-10-30 15:13:53
Avec le développement des outils collaboratifs en entreprise, les cybercriminels ont trouvé un moyen de dialoguer en direct avec des salariés (...)

Lire la suite »

How SkyCastle is Solving the Problem in the Movie 'Her'

2024-10-30 15:00:19
SkyCastle aims to solve the authenticity issue in AI relationships, creating unique virtual companions for emotional support, using blockchain for individuality.

Lire la suite »

Last Call: One Month Left to Win Your Share of ,500 in the #bitcoin Writing Contest

2024-10-30 14:58:53
Over 150 #bitcoin stories have been published, drawing more than 300,000 pageviews. Ten winners have been awarded cash prizes for their standout entries, so far. The final round of the #bitcoin writing...

Lire la suite »

New “Scary” FakeCall Malware Captures Photos and OTPs on Android

2024-10-30 14:58:51
A new, more sophisticated variant of the FakeCall malware is targeting Android devices. Learn about the advanced features…

Lire la suite »

Protégez vos communications : comment garantir l'authenticité de vos emails ?

2024-10-30 14:56:57
Si vous envoyez régulièrement des emails, vous avez sûrement déjà été confronté à des problèmes comme vos messages qui finissent dans les spams, ou pire, des tentatives d'usurpation de votre...

Lire la suite »

Blast Royale to Launch $NOOB Low FDV Community Offering (LCO) For First Gaming x Meme Token

2024-10-30 14:56:40
ROAD TOWN, British Virgin Islands, October 30th, 2024, Chainwire/-- Blast Royale has announced the upcoming pre-sale of its Low FDV Community Offering (LCO) for the $NOOB token, scheduled for November...

Lire la suite »

Patch now! New Chrome update for two critical vulnerabilities

2024-10-30 14:55:54
Chrome issued a security update that patches two critical vulnerabilities. One of which was reported by Apple

Lire la suite »

Morph Announces Mainnet Launch On Ethereum, Paving The Way For Consumer Blockchain Adoption

2024-10-30 14:51:05
NEW YORK, NY, October 30th, 2024/Chainwire/--Morph, a global consumer layer for driving blockchain adoption, today announced its mainnet launch on Ethereum. The mainnet launch marks a significant milestone...

Lire la suite »

Android malware "FakeCall" now reroutes bank calls to attackers

2024-10-30 14:50:50
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them to the attacker's phone number instead. [...]

Lire la suite »

IA générative, utilisation détournée d'outils de cybersécurité, exploitation d'environnements clouds mal configurés : un rapport met en lumière les nouvelles cybermenaces qui pèsent sur les entreprises

2024-10-30 14:46:12
Les outils de sécurité offensive disponibles dans le commerce et les environnements cloud mal configurés amplifient la surface d’attaque des organisations. Tribune – Elastic, l'entreprise...

Lire la suite »

Xsolla To Launch Xsolla ZK, Advancing Web3 Adoption For Video Games

2024-10-30 14:44:31
LOS ANGELES, United States, October 30th, 2024/Chainwire/--Xsolla,a global video game commerce company, announces plans to launch Xsolla ZK and introduce a digital backpack of virtual items on the blockchain....

Lire la suite »

DWF Labs Announces Leadership Transition In Business Development

2024-10-30 14:39:13
Lingling Jiang will be taking over the roles and responsibilities necessary to support and expand our work with valued partners and collaborators. Lingling brings a wealth of experience to her new role,...

Lire la suite »

Avec La Tech pour Toutes, l'école 42 sensibilise des femmes à l'IT

2024-10-30 14:37:49
En France, les initiatives se poursuivent pour réduire les inégalités de genre qui persistent dans les professions scientifiques. (...)

Lire la suite »

80 % des RSSI du secteur de la santé se considèrent comme des facilitateurs d'affaires dont l'appétence pour le risque ne cesse de croître

2024-10-30 14:35:50
L'appétence pour le risque des RSSI de ce secteur est supérieure à celle de tous les autres secteurs. Tribune – Netskope, un leader sur le marché du SASE, annonce la publication d'une nouvelle...

Lire la suite »

Hackers steal 15,000 cloud credentials from exposed Git config files

2024-10-30 14:00:00
A global large-scale dubbed "EmeraldWhale" exploited misconfigured Git configuration files to steal over 15,000 cloud account credentials from thousands of private repositories. [...]

Lire la suite »

When Cybersecurity Tools Backfire

2024-10-30 14:00:00
Outages are inevitable. Our focus should be on minimizing their scope, addressing underlying causes, and understanding that protecting systems is about keeping bad actors out while maintaining stability...

Lire la suite »

FBI: Upcoming U.S. general election fuel multiple fraud schemes

2024-10-30 13:44:04
The Federal Bureau of Investigation (FBI) is warning of multiple schemes taking advantage of the upcoming U.S. general election to scam people out of their money or personal data. [...]

Lire la suite »

Change Healthcare Breach Hits 100M Americans

2024-10-30 13:34:08
Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the...

Lire la suite »

Here's a cybersecurity problem: there just aren't enough young people.

2024-10-30 13:34:03
This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story in TechPolicy.Press Sausalito, Calif. – Oct. 30, 2024 3.5 million. That's how many unfilled jobs there...

Lire la suite »

USN-7085-2: X.Org X Server vulnerability

2024-10-30 13:21:06
USN-7085-1 fixed a vulnerability in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org...

Lire la suite »

'CrossBarking' Attack Targets Secret APIs, Exposes Opera Browser Users

2024-10-30 13:13:27
Using a malicious Chrome extension, researchers showed how an attacker could use a now-fixed bug to inject custom code into a victim's Opera browser to exploit special and powerful APIs, used by developers...

Lire la suite »

Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information

2024-10-30 13:05:00
A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access to private APIs. The attack, codenamed CrossBarking, could have made it...

Lire la suite »

The Karma connection in Chrome Web Store

2024-10-30 13:03:06
Somebody brought to my attention that the Hide YouTube Shorts extension for Chrome changed hands and turned malicious. I looked into it and could confirm that it contained two undisclosed components:...

Lire la suite »

Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware

2024-10-30 13:00:00
Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute information known as SYS01stealer. "The hackers...

Lire la suite »

The Importance of Asset Context in Attack Surface Management.

2024-10-30 13:00:00
This topic covers one of the main drivers for ASM and why companies are investing in it, the context it delivers to inform better security decision making.

Lire la suite »

Cybersecurity Awareness Month: 5 new AI skills cyber pros need

2024-10-30 13:00:00
The rapid integration of artificial intelligence (AI) across industries, including cybersecurity, has sparked a sense of urgency among professionals. As organizations increasingly adopt AI tools to bolster...

Lire la suite »

Ramp Network Integrates Mexico's SPEI for Real-Time Crypto Conversions

2024-10-30 12:07:16
Ramp Network has announced the integration of Mexico's SPEI payment system into its platform. The integration allows users to convert cryptocurrencies to Mexican pesos and receive funds in their local...

Lire la suite »

Google fixed a critical vulnerability in Chrome browser

2024-10-30 12:05:34
Google addressed a critical vulnerability in its Chrome browser, tracked as CVE-2024-10487, which was reported by Apple. Google has patched a critical Chrome vulnerability, tracked as CVE-2024-10487,...

Lire la suite »

USN-7084-2: pip vulnerability

2024-10-30 11:55:54
USN-7084-1 fixed vulnerability in urllib3. This update provides the corresponding update for the urllib3 module bundled into pip. Original advisory details: It was discovered that urllib3 didn't strip...

Lire la suite »

Researchers Uncover Python Package Targeting Crypto Wallets with Malicious Code

2024-10-30 11:00:00
Cybersecurity researchers have discovered a new malicious Python package that masquerades as a cryptocurrency trading tool but harbors functionality designed to steal sensitive data and drain assets from...

Lire la suite »

Embarking on a Compliance Journey? Here's How Intruder Can Help

2024-10-30 10:30:00
Navigating the complexities of compliance frameworks like ISO 27001, SOC 2, or GDPR can be daunting. Luckily, Intruder simplifies the process by helping you address the key vulnerability management criteria...

Lire la suite »

Jumpy Pisces Engages in Play Ransomware

2024-10-30 10:00:29
A first-ever collaboration between DPRK-based Jumpy Pisces and Play ransomware signals a possible shift in tactics. The post Jumpy Pisces Engages in Play Ransomware appeared first on Unit 42.

Lire la suite »

Kaspersky découvre une campagne malveillante sur Telegram visant les entreprises de la fintech

2024-10-30 09:44:35
L'équipe GReAT (Global Research and Analysis team) de Kaspersky a débusqué une campagne cybercriminelle menée par des hackers utilisant Telegram pour diffuser un logiciel espion de type Trojan à...

Lire la suite »

New PySilon RAT Abusing Discord Platform to Maintain Persistence

2024-10-30 09:02:35
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits the popular social platform Discord to maintain persistence on infected systems. Discord, known...

Lire la suite »

Introducing Rootstock Genesis Countdown: User Guide

2024-10-30 09:00:14
The Rootstock Genesis Countdown, starting October 30, invites users to join 16 quests across Rootstock's ecosystem with rewards, raffles, and big prizes. Complete all quests by January 3 for a chance...

Lire la suite »

NTT s'adosse à Palo Alto pour son service géré de détection des menaces

2024-10-30 09:00:03
Grâce à ce partenariat avec Palo Alto Networks, le fournisseur mondial de services IT, NTT Data, peut offrir un service de sécurité (...)

Lire la suite »

USN-7085-1: X.Org X Server vulnerability

2024-10-30 08:52:22
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations in the X Keyboard Extension. An attacker could use this issue to cause the X Server to crash, leading to...

Lire la suite »

QNAP fixed NAS backup zero-day demonstrated at Pwn2Own Ireland 2024

2024-10-30 08:12:36
QNAP fixed critical zero-day CVE-2024-50388 which was demonstrated against a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. QNAP addressed a critical zero-day vulnerability, tracked as...

Lire la suite »

Konni APT Hackers Attacking Organizations with New Spear-Phishing Tactics

2024-10-30 08:05:20
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations using sophisticated spear-phishing tactics. Known for its stealth and precision, Konni has...

Lire la suite »

VimeWorld - 3,118,964 breached accounts

2024-10-30 07:02:43
In October 2018, the Russian Minecraft service VimeWorld suffered a data breach that was later redistributed as part of a larger corpus of data. The data included 3.1M records of usernames, email and...

Lire la suite »

The TechBeat: Cross-Platform Design Wrapped Part 3: UI Polish and Interaction Design (10/30/2024)

2024-10-30 06:11:06
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

Google Chrome Security, Critical Vulnerabilities Patched

2024-10-30 06:05:17
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions of users worldwide. The latest Stable channel update, version 130.0.6723.91/.92 for Windows...

Lire la suite »

Using GTM Strategies for Digital Tech Startups: My Guide from Launching 7x Businesses

2024-10-30 04:04:28
This guide explores GTM strategies for digital tech startups, highlighting lead generation methods, market dynamics, and the evolution from outbound to inbound marketing, based on personal experiences...

Lire la suite »

The Algorithm for Inserting Sequences into Sequences

2024-10-30 01:35:33
Maintaining the correct order in data sequences becomes complex when inserting, deleting, or rearranging elements using traditional numbering systems. Common solutions like shifting sequence numbers or...

Lire la suite »

Metabase Information Disclosure Vulnerability (CVE-2021-41277)

2024-10-30 01:02:27
What is the attack?FortiGuard Labs observes widespread attack attempts targeting a three-year-old Metabase vulnerability (CVE-2021-41277) detected by more than 30,000 sensors. Successful exploitation...

Lire la suite »

List of 13 new domains

2024-10-30 00:00:00
.fr assurance-vital[.fr] (registrar: AMEN / Agence des Médias Numériques) connexion-sante-france[.fr] (registrar: EPAG Domainservices GmbH) controleroutier[.fr] (registrar: EPAG Domainservices GmbH) dossier-renouvellements[.fr]...

Lire la suite »

Multiples vulnérabilités dans Google Chrome (30 octobre 2024)

30/10/2024
De multiples vulnérabilités ont été découvertes dans Google Chrome. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.

Lire la suite »

Multiples vulnérabilités dans les produits Apple (30 octobre 2024)

30/10/2024
De multiples vulnérabilités ont été découvertes dans les produits Apple. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité...

Lire la suite »

Multiples vulnérabilités dans les produits Qnap (30 octobre 2024)

30/10/2024
De multiples vulnérabilités ont été découvertes dans les produits Qnap. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un problème de sécurité non...

Lire la suite »

Multiples vulnérabilités dans les produits Mozilla (30 octobre 2024)

30/10/2024
De multiples vulnérabilités ont été découvertes dans les produits Mozilla. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni...

Lire la suite »