Toute l'actualité de la Cybersécurité


Transfert de fichiers : les logiciels de Cleo vulnérables à une faille zero day

2024-12-11 15:31:41
Les failles au sein de MoveIT de Progress Software ou GoAnywhere ont fortement perturbés les activités des entreprises en 2023. Le spectre (...)

Lire la suite »

APT-C-60 Hackers Penetrate Org's Network Using a Weapanized Google Drive link

2024-12-11 14:19:56
The Japan Computer Emergency Response Team Coordination Center (JPCERT/CC) has confirmed an advanced cyber attack against organizations in Japan, believed to have been conducted by the cyber espionage...

Lire la suite »

Docaposte et Lefebvre Dalloz ouvrent des formations IA pour le service public

2024-12-11 14:07:00
Aux côtés des entreprises du secteur privé, les administrations sont elles aussi confrontées à une demande croissante (...)

Lire la suite »

On holiday: Most important policies for reduced staff

2024-12-11 14:00:00
On Christmas Eve, 2023, the Ohio State Lottery had to shut down some of its systems because of a cyberattack. Around the same time, the Dark Web had a “Leaksmas” event, where cyber criminals...

Lire la suite »

USN-7150-1: Tornado vulnerabilities

2024-12-11 13:57:06
It was discovered that Tornado incorrectly handled a certain redirect. A remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having...

Lire la suite »

Abusing AD-DACL: WriteOwner

2024-12-11 13:52:24
In this post, we will explore the exploitation of Discretionary Access Control Lists (DACL) using the WriteOwner permission in Active Directory environments. The WriteOwner permission The post Abusing...

Lire la suite »

Comment simplifier la gestion sur site pour Microsoft 365 MFA

2024-12-11 13:40:08
Il y a de nombreuses raisons pour lesquelles les organisations basées sur site cherchent à gérer une solution d'authentification multifacteur (MFA) sur site unique à travers Windows MFA et Microsoft...

Lire la suite »

Spectacular Cybersecurity Growth Stock to Buy, According to Wall Street

2024-12-11 13:39:52
This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in The Motley Fool Sausalito, Calif. – Dec. 11, 2024 Cybercrime is on track to cause .5 trillion worth...

Lire la suite »

Avec DeviceTrust et Stong Network, Citrix se renforce sur le zero trust

2024-12-11 13:29:48
En cette fin d’année, Citrix a décidé de faire des emplettes dans le domaine de la sécurité. La filiale de Cloud (...)

Lire la suite »

A Cloud Reality Check for Federal Agencies

2024-12-11 13:00:46
The move to cloud is not slowing down – spending by Federal civilian agencies on cloud computing could reach .3 billion in Fiscal Year (FY) 2025. But despite years of guidance (from... The post...

Lire la suite »

Global Ongoing Phishing Campaign Targets Employees Across 12 Industries

2024-12-11 13:00:24
SUMMARY Cybersecurity researchers at Group-IB have exposed an ongoing phishing operation that has been targeting employees and associates from…

Lire la suite »

Opération PowerOFF : nouvelle réponse mondiale aux cyberattaques DDoS avant Noël

2024-12-11 12:40:39
Une opération internationale, baptisée PowerOFF, perturbe les activités des cybercriminels en saisissant 27 plateformes utilisées pour orchestrer des attaques DDoS....

Lire la suite »

Operation Digital Eye: China-linked relies on Visual Studio Code Remote Tunnels to spy on Europen entities

2024-12-11 12:17:43
An alleged China-linked APT group targeted large business-to-business IT service providers in Southern Europe as part of Operation Digital Eye campaign. Between late June and mid-July 2024, a China-linked...

Lire la suite »

Patch tuesday décembre 2024 : 72 failles corrigées dont une zero day

2024-12-11 12:06:21
Ce mois-ci, Microsoft a publié 72 bulletins de sécurité concernant de nombreux produits et services du fournisseur : Windows et ses (...)

Lire la suite »

Windows RDP Service Flaw let Hackers Execute Remote Code

2024-12-11 11:50:29
A critical security vulnerability (CVE-2024-49115) in Windows Remote Desktop Services (RDS) has been disclosed, potentially allowing hackers to execute arbitrary remote code via the network. The flaw,...

Lire la suite »

Faux sites de livraison : ZATAZ détecte des dizaines d'URL frauduleuses

2024-12-11 11:36:11
ZATAZ identifie des dizaines centaine de faux sites imitant des entreprises de livraison, notamment Mondial Relay, pour des tentatives de phishing visant vos données personnelles et bancaires....

Lire la suite »

Une fuite de données d'Eurostar déraille dans le darknet

2024-12-11 10:35:38
Piratage de données personnelles pour Eurostar. Une intrusion révélée et oubliée… jusqu'à aujourd'hui !...

Lire la suite »

New DCOM Attack Exploits Windows Installer for Backdoor Access

2024-12-11 10:28:08
SUMMARY Cybersecurity researchers at Deep Instinct have uncovered a novel and powerful Distributed Component Object Model (DCOM) based…

Lire la suite »

Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access

2024-12-11 10:21:43
 Ivanti has issued critical software updates to address several severe vulnerabilities in its Cloud Services Application (CSA). These vulnerabilities tracked as CVE-2024-11639, CVE-2024-11772, and CVE-2024-11773,...

Lire la suite »

STCC : la montée en puissance d'un service de look-up à l'échelle industrielle

2024-12-11 10:18:33
Le service pirate STCC propose des capacités de look-up industriel avancées, gagnant en popularité sur les forums cybercriminels....

Lire la suite »

Chinese national charged for hacking thousands of Sophos firewalls

2024-12-11 10:16:14
The U.S. has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. The U.S. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking...

Lire la suite »

Les lacunes en matière de cybersécurité fragilisent les entreprises face aux menaces alimentées par l'IA

2024-12-11 10:08:59
L'IA redessine le paysage des menaces et de la cybersécurité. Tandis que la technologie permet le développement d'attaques de plus en plus sophistiquées, les entreprises doivent redoubler d'efforts...

Lire la suite »

Audit de maturité cyber, à ce jour, commodité ou exception ?

2024-12-11 10:07:02
Sécuriser son organisation est un sujet qui devrait aujourd'hui être une évidence pour l'ensemble des entreprises et structures publiques. En effet, de plus en plus exposées aux risques cyber,...

Lire la suite »

Les crawlers IA accaparent une partie du trafic Internet mondial

2024-12-11 09:10:17
Chaque année Cloudflare, spécialiste du CDN, publié son rapport sur les tendances Internet. Ce document regorge d’informations (...)

Lire la suite »

DePIN On Ethereum: Redefining Coordination Systems

2024-12-11 09:04:35
DePIN brings the global coordination of Ethereum to the physical world. Learn how protocols build real-world networks to solve problems across energy, telecom, compute, and more.

Lire la suite »

Chrome Security Update, Patch For Multiple Vulnerabilities

2024-12-11 07:47:16
Google has released a new update on the Stable channel for its Chrome browser, addressing a series of security vulnerabilities. The update has been rolled out as version 131.0.6778.139/.140 for Windows...

Lire la suite »

The TechBeat: Step-by-Step: Building a REST API That Talks to Hugging Face Models (12/11/2024)

2024-12-11 07:10:57
How are you, hacker? 🪐Want to know what's trending right now?: The Techbeat by HackerNoon has got you covered with fresh content from our trending stories of the day! Set email preference here. ...

Lire la suite »

Governments, Telcos Ward Off China's Hacking Typhoons

2024-12-11 07:00:00
Infiltrating other nations' telecom networks is a cornerstone of China's geopolitical strategy, and it's having the unintended consequence of driving the uptake of encrypted communications.

Lire la suite »

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE – Smishing Triad in Action

2024-12-11 06:37:41
Resecurity uncovered a large-scale fraud campaign in the UAE where scammers impersonate law enforcement to target consumers. Resecurity has identified a wide-scale fraudulent campaign targeting consumers...

Lire la suite »

WPForms Vulnerability Let Users Issues Subscription Payments

2024-12-11 06:21:59
A critical security vulnerability, tracked as CVE-2024-11205, was recently discovered in the popular WordPress plugin, WPForms, which boasts over 6 million active installations globally. This flaw, identified...

Lire la suite »

The Hidden Surprises of AI: When Language Models Develop Unexpected Abilities

2024-12-11 03:08:34
Large language models are showing unexpected abilities that emerge spontaneously at certain scale thresholds - from solving complex math problems to writing code - without being explicitly programmed...

Lire la suite »

Tips For Managing Terraform Variables

2024-12-11 02:53:18
Managing variables in Terraform doesn't have to be complicated. With the right practices, you can make your code cleaner, easier to understand, and more adaptable. In this guide, we'll go through...

Lire la suite »

From Shopping Malls to Living Arcades: A Full-Circle Journey Into Modern Arcadism

2024-12-11 02:43:16
Shopping malls, once icons of leisure and capitalism, are being reimagined as residential communities. From Lafayette Square Mall's planned apartments to The Arcade Providence's micro-apartments, this...

Lire la suite »

Strengthening Cybersecurity: Breaking Down inDrive's Bug Bounty Program

2024-12-11 02:33:30
InDrive's bug bounty program strengthens cybersecurity by collaborating with white hat hackers to detect vulnerabilities and optimize security processes. We use automatic integration with Slack and...

Lire la suite »

Patch Tuesday, December 2024 Edition

2024-12-11 01:53:13
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing...

Lire la suite »

Learn A New Language With Advanced AI

2024-12-11 01:05:11
Artificial intelligence can help people learn a new language. Users can now have a live, real-time discussion with a computer avatar. AI-driven chatbots provide realistic conversations that help build...

Lire la suite »

Code Smell 283 - Unresolved Meta Tags

2024-12-11 01:00:54
Incomplete or null meta tags break functionality and user experience.

Lire la suite »

U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog

2024-12-11 00:35:02
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Common Log File System (CLFS) driver flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and...

Lire la suite »

USN-7149-1: Intel Microcode vulnerabilities

2024-12-11 00:14:40
Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel(R) Xeon(R) processors did not properly restrict access to the memory controller when using Intel(R) SGX. This may allow a local privileged attacker...

Lire la suite »