What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-22 17:22:37 | La vulnérabilité des raccourcis Apple expose les données sensibles, mettez à jour maintenant! Apple Shortcuts Vulnerability Exposes Sensitive Data, Update Now! (lien direct) |
> Par waqas
Un autre jour, une autre vulnérabilité de sécurité Apple!
Ceci est un article de HackRead.com Lire le post original: La vulnérabilité des raccourcis Apple expose les données sensibles, mise à jour maintenant!
>By Waqas Another day, another Apple Security Vulnerability! This is a post from HackRead.com Read the original post: Apple Shortcuts Vulnerability Exposes Sensitive Data, Update Now! |
Vulnerability | ★★ | |
 |
2024-02-22 13:34:58 | Nouveau Screenconnect RCE Flaw exploité dans les attaques de ransomwares New ScreenConnect RCE flaw exploited in ransomware attacks (lien direct) |
Les attaquants exploitent une vulnérabilité de contournement d'authentification de gravité maximale pour violer les serveurs ScreenConnect non corrigées et déployer des charges utiles de ransomware de verrouillage sur les réseaux compromis.[...]
Attackers are exploiting a maximum severity authentication bypass vulnerability to breach unpatched ScreenConnect servers and deploy LockBit ransomware payloads on compromised networks. [...] |
Ransomware Vulnerability | ★★★ | |
 |
2024-02-22 11:00:00 | L'importance de la cybersécurité dans les services bancaires en ligne The importance of Cybersecurity in online banking (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In our digitized world, online banking has become an integral part of managing your finances, offering unparalleled convenience. However, with this convenience comes an increasing need for robust cybersecurity measures. As you embrace the ease of handling your financial affairs online, understanding the importance of cybersecurity becomes paramount. This article delves into the critical role of cybersecurity in safeguarding your financial assets and personal information from the evolving risks associated with online banking. Risks associated with online banking Engaging in online banking exposes you to various risks that demand your vigilance. Financial data breaches, where cybercriminals exploit vulnerabilities to gain unauthorized access to sensitive information, pose a significant threat. Phishing attacks, disguised as legitimate communications, aim to trick you into disclosing personal details. Additionally, identity theft, a direct consequence of these breaches, can lead to severe financial implications. Recognizing these risks is the first step in fortifying your online banking experience and ensuring the protection of your valuable information. Beyond individual concerns, these risks reverberate through financial institutions, impacting their reputation. Financial losses and unauthorized activities not only harm individuals but also erode the trust customers place in their banks and reputational damage becomes a looming threat for financial institutions, highlighting the critical need for comprehensive cybersecurity measures. Offshore banking risks Offshore banking, while offering financial privacy and potential tax advantages, poses certain risks that individuals should be aware of. One significant concern is the potential for increased susceptibility to financial fraud and money laundering due to the less stringent regulations in some offshore jurisdictions. Additionally, the lack of transparency in offshore banking systems may create challenges in recovering funds in the event of disputes or legal issues. It\'s crucial for individuals engaging in offshore banking to carefully evaluate the regulatory environment, conduct thorough due diligence on financial institutions, and be aware of the potential risks associated with this financial strategy. The impact of cyber-attacks on individuals and financial institutions The fallout from cyber-attacks extends far beyond individual victims, leaving lasting effects on financial institutions. Instances of financial losses and unauthorized activities not only harm individuals but also erode the trust customers place in their banks. The repercussions of cyber-attacks reverberate through the broader financial landscape, extending well beyond the immediate impact on individual victims. It is sobering to consider that when a financial institution falls victim to a cyber-attack, the consequences are felt on a systemic level. Instances of financial losses and unauthorized activities create a ripple effect, compromising the overall integrity of the affected institution. The fallout includes not only the immediate financial implications | Vulnerability Threat | ★★ | |
 |
2024-02-22 09:45:00 | AVERTISSEMENT RANSOMWARE comme le bug CVSS 10.0 Screenconnect est exploité Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited (lien direct) |
Les chercheurs mettent en garde contre un «ransomware gratuit pour tout» après l'exploitation de la vulnérabilité de Screenconnect
Researchers warn of a “ransomware free-for-all” after ScreenConnect vulnerability is exploited |
Ransomware Vulnerability | ★★ | |
 |
2024-02-22 03:03:14 | Personnalisation de la sécurité avec la gestion de la configuration de la sécurité (SCM) Customizing Security with Security Configuration Management (SCM) (lien direct) |
De nombreuses violations des dix dernières années ont profité des paramètres de sécurité faibles ou inexistants.À l'inverse, par exemple, les entreprises qui ont configuré leur application Docker aux paramètres de sécurité recommandés par CIS pour les utilisateurs de conteneurs et les privilèges n'étaient pas aussi vulnérables aux exploits d'évasion des conteneurs.On peut dire qu'un changement de configuration a empêché de nombreuses violations.La gestion de la configuration de sécurité peut faire une énorme différence dans la réduction de la vulnérabilité d'une organisation.Comme indiqué dans un article précédent: «En tant que sujet à multiples facettes, le durcissement peut submerger les organisations lors de la conception ou de la modification ...
Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a configuration change prevented many breaches. Security configuration management can make a huge difference in reducing an organization\'s vulnerability. As stated in a previous post : “As a multi-faceted topic, hardening may overwhelm organizations when designing or amending... |
Vulnerability | ★★ | |
 |
2024-02-22 02:00:00 | PAN-SA-2024-0002 Impact des vulnérabilités des navires qui fuites (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652 et CVE-2024-23653) (gravité: aucun) PAN-SA-2024-0002 Impact of Leaky Vessels Vulnerabilities (CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-2024-23653) (Severity: NONE) (lien direct) |
De nombreuses violations des dix dernières années ont profité des paramètres de sécurité faibles ou inexistants.À l'inverse, par exemple, les entreprises qui ont configuré leur application Docker aux paramètres de sécurité recommandés par CIS pour les utilisateurs de conteneurs et les privilèges n'étaient pas aussi vulnérables aux exploits d'évasion des conteneurs.On peut dire qu'un changement de configuration a empêché de nombreuses violations.La gestion de la configuration de sécurité peut faire une énorme différence dans la réduction de la vulnérabilité d'une organisation.Comme indiqué dans un article précédent: «En tant que sujet à multiples facettes, le durcissement peut submerger les organisations lors de la conception ou de la modification ...
Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a configuration change prevented many breaches. Security configuration management can make a huge difference in reducing an organization\'s vulnerability. As stated in a previous post : “As a multi-faceted topic, hardening may overwhelm organizations when designing or amending... |
Vulnerability | ||
 |
2024-02-21 21:46:00 | Les nouvelles vulnérabilités Wi-Fi exposent les appareils Android et Linux aux pirates New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers (lien direct) |
Les chercheurs en cybersécurité ont identifié deux défauts de contournement d'authentification dans le logiciel Wi-Fi open source trouvé dans les appareils Android, Linux et Chromeos qui pourraient inciter les utilisateurs à rejoindre un clone malveillant d'un réseau légitime ou permettre à un attaquant de rejoindre un réseau de confiance sans un mot de passe.
Les vulnérabilités, suivies sous le nom de CVE-2023-52160 et CVE-2023-52161, ont été découvertes à la suite d'un
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a |
Vulnerability Mobile | ★★ | |
 |
2024-02-21 15:22:14 | La vulnérabilité critique dans le plug-in VMware vSphere permet un détournement de session Critical Vulnerability in VMware vSphere Plug-in Allows Session Hijacking (lien direct) |
Les administrateurs sont invités à supprimer le plug-in d'authentification amélioré vulnérable de VSphere \\, qui a été abandonné il y a près de trois ans mais est toujours largement utilisé.
Admins are urged to remove vSphere\'s vulnerable Enhanced Authentication Plug-in, which was discontinued nearly three years ago but is still widely in use. |
Vulnerability | ★★★ | |
 |
2024-02-21 13:46:06 | Comprendre la loi UE AI: implications pour les agents de conformité des communications Understanding the EU AI Act: Implications for Communications Compliance Officers (lien direct) |
The European Union\'s Artificial Intelligence Act (EU AI Act) is set to reshape the landscape of AI regulation in Europe-with profound implications. The European Council and Parliament recently agreed on a deal to harmonize AI rules and will soon bring forward the final text. The parliament will then pass the EU AI Act into law. After that, the law is expected to become fully effective in 2026. The EU AI Act is part of the EU\'s digital strategy. When the act goes into effect, it will be the first legislation of its kind. And it is destined to become the “gold standard” for other countries in the same way that the EU\'s General Data Protection Regulation (GDPR) became the gold standard for privacy legislation. Compliance and IT executives will be responsible for the AI models that their firms develop and deploy. And they will need to be very clear about the risks these models present as well as the governance and the oversight that they will apply to these models when they are operated. In this blog post, we\'ll provide an overview of the EU AI Act and how it may impact your communications practices in the future. The scope and purpose of the EU AI Act The EU AI Act establishes a harmonized framework for the development, deployment and oversight of AI systems across the EU. Any AI that is in use in the EU falls under the scope of the act. The phrase “in use in the EU” does not limit the law to models that are physically executed within the EU. The model and the servers that it operates on could be located anywhere. What matters is where the human who interacts with the AI is located. The EU AI Act\'s primary goal is to ensure that AI used in the EU market is safe and respects the fundamental rights and values of the EU and its citizens. That includes privacy, transparency and ethical considerations. The legislation will use a “risk-based” approach to regulate AI, which considers a given AI system\'s ability to cause harm. The higher the risk, the stricter the legislation. For example, certain AI activities, such as profiling, are prohibited. The act also lays out governance expectations, particularly for high-risk or systemic-risk systems. As all machine learning (ML) is a subset of AI, any ML activity will need to be evaluated from a risk perspective as well. The EU AI Act also aims to foster AI investment and innovation in the EU by providing unified operational guidance across the EU. There are exemptions for: Research and innovation purposes Those using AI for non-professional reasons Systems whose purpose is linked to national security, military, defense and policing The EU AI Act places a strong emphasis on ethical AI development. Companies must consider the societal impacts of their AI systems, including potential discrimination and bias. And their compliance officers will need to satisfy regulators (and themselves) that the AI models have been produced and operate within the Act\'s guidelines. To achieve this, businesses will need to engage with their technology partners and understand the models those partners have produced. They will also need to confirm that they are satisfied with how those models are created and how they operate. What\'s more, compliance officers should collaborate with data scientists and developers to implement ethical guidelines in AI development projects within their company. Requirements of the EU AI Act The EU AI Act categorizes AI systems into four risk levels: Unacceptable risk High risk Limited risk Minimal risk Particular attention must be paid to AI systems that fall into the “high-risk” category. These systems are subject to the most stringent requirements and scrutiny. Some will need to be registered in the EU database for high-risk AI systems as well. Systems that fall into the “unacceptable risk” category will be prohibited. In the case of general AI and foundation models, the regulations focus on the transparency of models and the data used and avoiding the introduction of system | Vulnerability Threat Legislation | ★★ | |
|
2024-02-21 12:18:14 | Screenconnect Critical Bug maintenant attaqué à mesure que le code d'exploit émerge ScreenConnect critical bug now under attack as exploit code emerges (lien direct) |
Les détails techniques et les exploits de preuve de concept sont disponibles pour les deux vulnérabilités que Connectwise a divulguées plus tôt cette semaine pour Screenconnect, son bureau à distance et son logiciel d'accès.[...]
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. [...] |
Vulnerability Threat Technical | ★★★ | |
|
2024-02-21 11:04:00 | Alerte VMware: désinstaller EAP Now - Critical Flaw met Active Directory en danger VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk (lien direct) |
VMware exhorte les utilisateurs à désinstaller le plugin d'authentification amélioré décrété (EAP) après la découverte d'un défaut de sécurité critique.
Suivi en AS & NBSP; CVE-2024-22245 & NBSP; (CVSS Score: 9.6), la vulnérabilité a été décrite comme un bogue de relais d'authentification arbitraire.
"Un acteur malveillant pourrait tromper un utilisateur de domaine cible avec EAP installé dans son navigateur Web pour demander et relayer
VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying |
Vulnerability | ★★ | |
|
2024-02-21 11:00:00 | Le SoC moderne de Next Gen propulsé par l'IA The modern next gen SOC powered by AI (lien direct) |
AI is among the most disruptive technologies of our time. While AI/ML has been around for decades, it has become a hot topic with continued innovations in generative AI (GenAI) from start-up OpenAI to tech giants like Microsoft, Google, and Meta. When large language models (LLMs) combined with big data and behavior analytics, AI/ML can supercharge productivity and scale operations across every sector from healthcare to manufacturing, transportation, retail, finance, government & defense, telecommunications, media, entertainment, and more. Within the cybersecurity industry, SentinelOne, Palo Alto Networks, Cisco, Fortinet and others are pioneering AI in Cybersecurity. In a research report of the global markets by Allied Market Research, AI in Cybersecurity is estimated to surge to $154.8 billion in 2032 from $19.2 billion in 2022, rising at a CAGR of 23.6%. Challenges of the traditional SOC SIEM One of the challenges with the traditional Security Operations Center (SOC) is SOC analysts are overwhelmed by the sheer number of alerts that come from Security Information Event Management (SIEM). Security teams are bombarded with low fidelity alerts and spend considerable time separating them from high fidelity alerts. The alerts come from almost any sources across the enterprise and is further compounded with too many point solutions and with multi-vendor environment. The numerous tools and lack of integration across multiple vendor product solutions often require a great deal of manual investigation and analysis. The pressure that comes with having to keep up with vendor training and correlate data and logs into meaningful insights becomes burdensome. While multi-vendor, multi-source, and multi-layered security solutions provides a lot of data, without ML and security analytics, it also creates a lot of noise and a disparate view of the threat landscape with insufficient context. SOAR Traditional Security Orchestration and Automation Response (SOAR) platforms used by mature security operations teams to develop run playbooks that automate action responses from a library of APIs for an ecosystem of security solution is complex and expensive to implement, manage, and maintain. Often SOCs are playing catch up on coding and funding development cost for run playbooks making it challenging to maintain and scale the operations to respond to new attacks quickly and efficiently. XDR Extended Detection and Response (XDR) solves a lot of these challenges with siloed security solutions by providing a unified view with more visibility and better context from a single holistic data lake across the entire ecosystem. XDR provides prevention as well as detection and response with integration and automation capabilities across endpoint, cloud, and network. Its automation capabilities can incorporate basic common SOAR like functions to API connected security tools. It collects enriched data from multiple sources and applies big data and ML based analysis to enable response of policy enforcement using security controls throughout the infrastructure. AI in the modern next gen SOC The use of AI and ML are increasingly essential to cyber operations to proactively identify anomalies and defend against cyber threats in a hyperconnected digital world. Canalys research estimates suggest that more than 7 | Ransomware Malware Tool Vulnerability Threat Prediction Cloud | ★★ | |
 |
2024-02-21 07:52:27 | (Déjà vu) 2024 \\'s Cyber Battleground Fouileled: Escalating Ransomware Epidemic, The Evolution of Cyber Warfare Tactics and Strategic Use of IA in Defense & # 8211;Insignes du dernier rapport de sécurité de Check Point \\ 2024\\'s Cyber Battleground Unveiled: Escalating Ransomware Epidemic, the Evolution of Cyber Warfare Tactics and strategic use of AI in defense – Insights from Check Point\\'s Latest Security Report (lien direct) |
 clés à emporter: & middot;Menaces croissantes: le paysage de la cybersécurité fait face à une augmentation sans précédent des attaques de ransomwares, avec 1 organisations sur 10 visées à l'échelle mondiale en 2023. & Middot;Évolution des tactiques: les adversaires exploitent les vulnérabilités de jour zéro, utilisent des essuie-glaces perturbateurs, des tactiques RAAS (ransomwares en tant que service) et des dispositifs de bord cible, amplifiant la complexité des cybermenaces.& Middot;Défense alimentée par l'IA: l'intelligence artificielle apparaît comme un formidable défenseur, remodelant la façon dont nous empêchons, détectons et répondons aux cyberattaques.Obtenez le rapport de cybersécurité en 2024 dans le paysage tumultueux de la cybersécurité, où les menaces sont importantes et les adversaires deviennent de plus en plus sophistiqués, garder une longueur d'avance sur la courbe est primordial.Comme [& # 8230;]
 Key Takeaways: · Rising Threats: Cybersecurity landscape faces an unprecedented surge in ransomware attacks, with 1 in every 10 organizations globally being targeted in 2023. · Evolution of Tactics: Adversaries exploit zero-day vulnerabilities, employ disruptive wipers, utlise emerging RaaS (Ransomware-as-a-Service) tactics and target edge devices, amplifying the complexity of cyber threats. · AI-Powered Defense: Artificial intelligence emerges as a formidable defender, reshaping how we prevent, detect, and respond to cyber attacks. Get the 2024 Cyber Security Report In the tumultuous landscape of cybersecurity, where threats loom large and adversaries grow increasingly sophisticated, staying ahead of the curve is paramount. As […]
|
Ransomware Vulnerability Threat | ★ | |
|
2024-02-21 07:49:18 | 2024\'s Cyber Battleground Unveiled: Escalating Ransomware Epidemic, the Evolution of Cyber Warfare Tactics and strategic use of AI in defense – Insights from Check Point\'s Latest Security Report (lien direct) | Takeaways clés: & middot; & # 160; & # 160; & # 160; & # 160; & # 160; & # 160; & # 160;Rising Menaces: Cybersecurity Landscape fait face à une augmentation sans précédent des attaques de ransomwares, avec 1 organisations sur 10 étant ciblées dans le monde en 2023. & Middot; & # 160; & # 160; & # 160; & # 160; & # 160; & # 160;; & # 160;Évolution des tactiques: les adversaires exploitent les vulnérabilités de jour zéro, utilisent des essuie-glaces perturbateurs, des tactiques RAAS (ransomwares en tant que service) et des dispositifs de bord cible, amplifiant la complexité des cybermenaces.& middot; & # 160; & # 160; & # 160; & # 160; & # 160; & # 160; & # 160;Défense alimentée par AI: artificiel [& # 8230;]
Key Takeaways: · Rising Threats: Cybersecurity landscape faces an unprecedented surge in ransomware attacks, with 1 in every 10 organizations globally being targeted in 2023. · Evolution of Tactics: Adversaries exploit zero-day vulnerabilities, employ disruptive wipers, utlise emerging RaaS (Ransomware-as-a-Service) tactics and target edge devices, amplifying the complexity of cyber threats. · AI-Powered Defense: Artificial […] |
Ransomware Vulnerability Threat Studies | ★★★★ | |
|
2024-02-20 18:16:24 | \\ 'keytrap \\' dns bogue menace des pannes Internet généralisées \\'KeyTrap\\' DNS Bug Threatens Widespread Internet Outages (lien direct) |
Grâce à une vulnérabilité de sécurité de 24 ans suivie sous le nom de CVE-2023-50387, les attaquants pourraient bloquer les serveurs DNS avec un seul paquet malveillant, éliminant efficacement de larges étendues d'Internet.
Thanks to a 24-year-old security vulnerability tracked as CVE-2023-50387, attackers could stall DNS servers with just a single malicious packet, effectively taking out wide swaths of the Internet. |
Vulnerability | ★★★ | |
 |
2024-02-20 17:15:31 | Dragos rapporte une augmentation sans précédent des vulnérabilités OT, les signaux ont besoin d'améliorer les mesures de cybersécurité Dragos reports unprecedented surge in OT vulnerabilities, signals need for improved cybersecurity measures (lien direct) |
> De nouvelles données de recherche de la société de cybersécurité industrielle Dragos ont révélé que les vulnérabilités OT (technologie opérationnelle) se sont accumulées à un ...
>New research data from industrial cybersecurity firm Dragos disclosed that OT (operational technology) vulnerabilities have accumulated at an... |
Vulnerability Industrial | ★★★★ | |
|
2024-02-20 16:08:00 | Flaws critiques trouvés dans ConnectWise ScreenConnect Software - Patch maintenant Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now (lien direct) |
ConnectWise a publié des mises à jour logicielles pour aborder deux défauts de sécurité dans son logiciel de bureau à distance Screenconnect et d'accès, y compris un bogue critique qui pourrait permettre l'exécution de code distant sur les systèmes affectés.
Les vulnérabilités & nbsp; qui manquent actuellement d'identifiants CVE, sont répertoriés ci-dessous -
Contournement d'authentification à l'aide d'un chemin ou d'un canal alternatif (score CVSS: 10.0)
Limitation inappropriée de
ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, are listed below - Authentication bypass using an alternate path or channel (CVSS score: 10.0) Improper limitation of |
Vulnerability | ★★ | |
 |
2024-02-20 16:00:00 | Joomla: plusieurs vulnérabilités XSS Joomla: Multiple XSS Vulnerabilities (lien direct) |
Notre solution de code propre, SonarCloud, nous a conduits à un problème de sécurité sévère dans le système populaire de gestion de contenu Joomla.
Our Clean Code solution, SonarCloud, led us to a severe security issue in the popular Content Management System Joomla. |
Vulnerability | ★★ | |
|
2024-02-20 14:00:00 | Les applications Salesforce personnalisées à tort erronées exposent les données de l'entreprise Misconfigured Custom Salesforce Apps Expose Corporate Data (lien direct) |
Les entreprises utilisent généralement le langage de programmation de type Java pour personnaliser leurs instances Salesforce, mais les attaquants recherchent des vulnérabilités dans les applications.
Enterprises typically use the Java-like programming language to customize their Salesforce instances, but attackers are hunting for vulnerabilities in the apps. |
Vulnerability Threat | ★★ | |
 |
2024-02-20 13:10:33 | Sites Web piratés via la vulnérabilité dans Bricks Builder WordPress Plugin Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin (lien direct) |
> Les attaquants exploitent un défaut d'exécution de code à distance récent dans le plugin WordPress du constructeur de briques pour déployer des logiciels malveillants.
>Attackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware. |
Malware Vulnerability | ★★ | |
|
2024-02-20 11:00:00 | Un guide fondamental pour la sécurité des points finaux A fundamental guide to endpoint security (lien direct) |
Anyone that utilizes technology in their daily lives understands that it is ever-changing, and the sentiment is especially true within the cybersecurity industry. Adversaries continue to evolve with new tactics to bypass defenses, so it is necessary that the methods of detecting and preventing these threats do so at an even more rapid pace.
However, keeping up with all the changes can be quite difficult, even for the most seasoned cybersecurity professional. The way in which we work has changed not just in where but also in how. Today employees conduct business from multiple devices, with some being company-issued and others being privately owned. Sensitive data is being stored across many locations including on these devices, within corporate data centers, and in the cloud. This means that organizations likely need more than one technology to defend their endpoints against security breach or data loss. With cybersecurity vendors marketing a wide range of branded product names for their offers, it may be challenging to determine which are ideal for your particular environment. This article aims to help demystify the various endpoint security technologies you may come across during your research, highlight the primary differences, and explain how they can complement each other. This is not intended to be an exhaustive list and it should be noted that there are some technologies that may fall into more than one category, for example, endpoint and cloud security.
Four key endpoint security technologies
To begin, let’s define exactly what an endpoint is. At the most fundamental level, an endpoint is any device that connects and exchanges data on a network. That could include traditional desktop and laptop computers, tablets, smartphones, printers, and servers. Endpoints also encompass network appliances like routers, switches, or firewalls, and a wide range of IoT devices such as wearables, security cameras, sensors, and connected medical or manufacturing equipment. But we must also think beyond the physical devices and consider virtual machines that host applications and data in public or private clouds.
Although this may seem trivial, it is important to note because they all represent entry points into the network that can be exploited and opportunities for sensitive data loss. As such, they must all be accounted for when building an endpoint security strategy. The following are some of the more common endpoint security technologies you are likely to encounter:
Unified endpoint management (UEM) or mobile device management (MDM): There is a widely accepted concept within the cybersecurity industry that you cannot effectively protect what you can’t see. Therefore, the first step in building a comprehensive endpoint security policy is to inventory all the devices accessing your network, and this can be accomplished with UEM or MDM technologies. The primary difference between the two is that MDM is for iOS and Android operating systems (OS), while UEM includes those OS plus Windows and Mac operating systems--even productivity devices and wearables in some cases. Once the devices are discovered and profiled, administrators will be able to apply consistent security policies across them, regardless of where the endpoint is located.
A key feature of both UEM and MDM is that they allow an organization to set standards regarding the security posture of devices accessing the network. For example, rules can be created that a device cannot be jailbroken and must be running on the latest O |
Ransomware Malware Tool Vulnerability Threat Mobile Medical Cloud | ★★ | |
 |
2024-02-19 13:47:28 | Test de sécurité pour les sites Web de commerce électronique et les détaillants Security testing for eCommerce websites and retailers (lien direct) |
> Les tests de sécurité pour les sites Web de commerce électronique sont devenus indispensables pour les détaillants en ligne, car il joue un rôle essentiel dans la sauvegarde des données des clients, des informations financières et la réputation de la marque.Le processus consiste à évaluer et à tester les mesures de sécurité mises en œuvre par les détaillants, visant à identifier les vulnérabilités et les menaces potentielles que les cyberattaquants peuvent exploiter.Dans cet article, nous [& # 8230;]
>Security testing for eCommerce websites has become indispensable for online retailers, as it plays a vital role in safeguarding customer data, financial information, and brand reputation. The process involves evaluating and testing the security measures implemented by retailers, aiming to identify vulnerabilities and potential threats that cyber attackers may exploit. In this article, we […] |
Vulnerability Threat | ★★ | |
|
2024-02-19 10:35:00 | Les pirates liés à la Russie manquent à plus de 80 organisations via des défauts du cube ronde Russian-Linked Hackers Breach 80+ Organizations via Roundcube Flaws (lien direct) |
Des acteurs de menace opérant avec des intérêts alignés sur le Biélorussie et la Russie ont été liés à unNouvelle campagne de cyber-espionnage qui a probablement exploité les vulnérabilités des scripts croisés (XSS) dans les serveurs webmail à cible à ciblerplus de 80 organisations.
Ces entités sont principalement situées en Géorgie, en Pologne et en Ukraine, selon un avenir enregistré, qui a attribué l'ensemble d'intrusion à une menace
Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia, Poland, and Ukraine, according to Recorded Future, which attributed the intrusion set to a threat |
Vulnerability Threat | ★★ | |
|
2024-02-17 11:08:19 | Attaque de KeyTrap: accès Internet perturbé avec un paquet DNS KeyTrap attack: Internet access disrupted with one DNS packet (lien direct) |
Une vulnérabilité sérieuse nommée KeyTrap dans la fonctionnalité d'extensions de sécurité du système de nom de domaine (DNSSEC) pourrait être exploitée pour refuser l'accès Internet aux applications pendant une période prolongée.[...]
A serious vulnerability named KeyTrap in the Domain Name System Security Extensions (DNSSEC) feature could be exploited to deny internet access to applications for an extended period. [...] |
Vulnerability | ★★ | |
 |
2024-02-17 08:00:00 | Des pirates alignés alignés par la Russie ciblent les ambassades européennes et iraniennes dans une nouvelle campagne d'espionnage Russia-aligned hackers target European and Iranian embassies in new espionage campaign (lien direct) |
Un groupe de piratage lié à la Russie exploite un bogue connu dans un serveur de messagerie Web populaire pour espionner les agences gouvernementales et militaires en Europe, ainsi que les ambassades iraniennes en Russie, selon un nouveau rapport.Dans une récente campagne d'espionnage, les pirates ont suivi le TAG-70 ont utilisé une vulnérabilité de script inter-sites (XSS) dans le Web Roundcube
A Russia-linked hacking group is exploiting a known bug in a popular webmail server to spy on government and military agencies in Europe, as well as Iranian embassies in Russia, according to a new report. In a recent espionage campaign, the hackers tracked as TAG-70 used a cross-site scripting (XSS) vulnerability in the Roundcube web-based |
Hack Vulnerability | ★★★ | |
|
2024-02-16 21:12:00 | AVERTISSEMENT CISA: Ransomware Akira exploitant la vulnérabilité Cisco ASA / FTD CISA Warning: Akira Ransomware Exploiting Cisco ASA/FTD Vulnerability (lien direct) |
L'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) jeudi et NBSP; ajouté & nbsp; un défaut de sécurité maintenant paralysé un impact sur le logiciel Cisco Adaptive Security Appliance (ASA) et la défense de la menace de feu (FTD) à son catalogue connu vulnérabilités exploitées (KEV), à la suite de rapports selon lesquellesIl est probablement exploité dans les attaques des ransomwares Akira.
La vulnérabilité en question est & nbsp;
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched security flaw impacting Cisco Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software to its Known Exploited Vulnerabilities (KEV) catalog, following reports that it\'s being likely exploited in Akira ransomware attacks. The vulnerability in question is |
Ransomware Vulnerability Threat | ★★★ | |
|
2024-02-16 15:45:00 | La nouvelle vulnérabilité ivanti observée à mesure que les préoccupations de sécurité généralisées augmentent New Ivanti Vulnerability Observed as Widespread Security Concerns Grow (lien direct) |
Après avoir découvert une nouvelle vulnérabilité ayant un impact sur sa connexion Connect Secure, Policy Secure et ZTA, Ivanti est sous le feu pour de mauvaises pratiques de sécurité
After discovering a new vulnerability impacting its Connect Secure, Policy Secure, and ZTA gateways, Ivanti is under fire for poor security practices |
Vulnerability | ★★ | |
|
2024-02-16 14:30:35 | Groupe Israélien NSO soupçonné d'attaque «MMS Finger Empreinte» sur WhatsApp Israeli NSO Group Suspected of “MMS Fingerprint” Attack on WhatsApp (lien direct) |
par waqas
Le dernier rapport de la société de sécurité des télécommunications suédois Enea fait la lumière sur les vulnérabilités de sécurité au sein de la plate-forme de messagerie largement utilisée, WhatsApp.
Ceci est un article de HackRead.com Lire la publication originale: Groupe Israélien NSO soupçonné de & # 8220; MMS Empreinte digitale & # 8221;Attaque sur WhatsApp
By Waqas The latest report from Swedish telecom security firm Enea sheds light on security vulnerabilities within the widely used messaging platform, WhatsApp. This is a post from HackRead.com Read the original post: Israeli NSO Group Suspected of “MMS Fingerprint” Attack on WhatsApp |
Vulnerability | ★★ | |
 |
2024-02-16 14:05:01 | Cyber-assurance et numérisation de vulnérabilité & # 8211;Semaine en sécurité avec Tony Anscombe Cyber-insurance and vulnerability scanning – Week in security with Tony Anscombe (lien direct) |
Voici comment les résultats des analyses de vulnérabilité s'exportent dans les décisions sur la cyber-assurance et la façon dont l'intelligence humaine entre en jeu dans l'évaluation de ces signaux numériques
Here\'s how the results of vulnerability scans factor into decisions on cyber-insurance and how human intelligence comes into play in the assessment of such digital signals |
Vulnerability | ★★ | |
|
2024-02-15 22:57:53 | Les correctifs générés par l'IA pourraient faciliter le développeur, la charge de travail des opérations AI-Generated Patches Could Ease Developer, Operations Workload (lien direct) |
En utilisant des informations d'une technique commune pour trouver des vulnérabilités, les Gémeaux de Google \\ peuvent actuellement produire des correctifs pour 15% de ces bogues.Et ce n'est pas le seul moyen d'aider à automatiser la fixation des bogues.
Using information from a common technique for finding vulnerabilities, Google\'s Gemini can currently produce patches for 15% of such bugs. And it\'s not the only way to help automate bug fixing. |
Vulnerability | ★★ | |
|
2024-02-15 21:33:39 | Les vulnérabilités de logiciels critiques ayant un impact sur les coopératives de crédit découvertes par le chercheur en sécurité LMG Critical Software Vulnerabilities Impacting Credit Unions Discovered by LMG Security Researcher (lien direct) |
En utilisant des informations d'une technique commune pour trouver des vulnérabilités, les Gémeaux de Google \\ peuvent actuellement produire des correctifs pour 15% de ces bogues.Et ce n'est pas le seul moyen d'aider à automatiser la fixation des bogues.
Using information from a common technique for finding vulnerabilities, Google\'s Gemini can currently produce patches for 15% of such bugs. And it\'s not the only way to help automate bug fixing. |
Vulnerability | ★★ | |
|
2024-02-15 21:30:32 | Flaw Microsoft Exchange Server exploité comme un bogue zéro jour Microsoft Exchange Server Flaw Exploited as a Zero-Day Bug (lien direct) |
Microsoft a observé des signes d'exploits actifs ciblant le CVE-2024-2140.
Microsoft has observed signs of active exploits targeting CVE-2024-2140. |
Vulnerability Threat | ★★★ | |
|
2024-02-15 17:00:00 | Comment les acteurs de l'État-nation ciblent votre entreprise: de nouvelles recherches expose les vulnérabilités SaaS majeures How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities (lien direct) |
Avec bon nombre des cyberattaques très médiatisées en 2023 tournant autour d'une ou plusieurs applications SaaS, le SaaS est devenu une cause de véritable préoccupation dans de nombreuses discussions de chambre.Plus que jamais, étant donné que les applications Genai sont, en fait, des applications SaaS.
Wing Security (Wing), une société de sécurité SaaS, a effectué une analyse de 493 sociétés using saas au quatrième trimestre de 2023. & nbsp; leur étude
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS security company, conducted an analysis of 493 SaaS-using companies in Q4 of 2023. Their study |
Vulnerability Studies Cloud | ★★★★ | |
|
2024-02-15 14:52:27 | Le rapport sur les vulnérabilités ICS met en évidence les tendances et l'augmentation du CVE, malgré moins d'avis de la CISA New ICS Vulnerabilities report highlights trends and increases in CVEs, despite fewer CISA advisories (lien direct) |
Le projet consultatif ICS (ICS [AP]) et les travaux de données industrielles ont publié mercredi leur premier rapport annuel de vulnérabilités ICS, qui ...
The ICS Advisory Project (ICS[AP]) and Industrial Data Works published Wednesday their inaugural annual ICS Vulnerabilities report, which... |
Vulnerability Studies Industrial | ★★★★ | |
|
2024-02-15 11:00:00 | 2024: Plan de cyber-action pratique - survivre et prospérer 2024: Practical cyber action plan- Survive and thrive (lien direct) |
\'Cyber insecurity\' is among the most pressing issues facing organizations globally in 2024, according to new research from the World Economic Forum (WEF). In its Global Cybersecurity Outlook 2024 report, the WEF found that more than eight in ten organizations surveyed feel more or as exposed to cyber crime than last year. How can businesses implement proficient cyber capabilities in an era where cyber threats from criminals and hacktivists are escalating in complexity and magnitude? This is crucial for adapting swiftly to the constantly evolving security challenges and confidently pursuing growth through digital innovation in products, services, and organizational transformation. In today\'s rapidly changing cyber threat environment, Chief Information Security Officers (CISOs) and security operations teams must adopt forward-thinking strategies. These strategies should focus on quickly identifying and addressing the most pressing vulnerabilities in their digital environments. Cyber attackers\' increasing sophistication and speed have prompted organizations of various sizes to re-evaluate their legacy systems, governance policies, and overall security stances, aiming to align with the latest industry standards The shift towards digital platforms and the widespread adoption of cloud technologies have expanded the avenues for cyber-attacks, consequently enlarging the attack surface. This growing attack surface includes vulnerable systems, compromised data, and unauthorized assets, highlighting the necessity for a consistent and ongoing security strategy. This strategy should be centered on managing and mitigating threats efficiently and accurately. Security leaders are becoming increasingly aware of the importance of such an approach. Its effectiveness and streamlined methodology significantly enhance cyber resilience by prioritizing the most urgent risks for immediate response and remediation. What is top of mind for the CISO in 2024? How do we build a cyber security ecosystem that can manage the threats and opportunities of the future? How do we ensure future technologies are secure by design, not as an afterthought? How do we anticipate the threat picture will change as new technologies, like AI and quantum computing, develop? Must haves for CISOs in 2024 Protecting privacy Protecting critical assets Mitigating risk Minimizing disruption Maintaining compliance Establishing and maintaining "CRUST" (credibility and trust) Ensuring secure productivity & efficiency At the top of the list of issues driving cybersecurity concerns include: Growing number of hackers/cybercriminals. Evolving threats & advanced skillset of criminals. Privacy concerns handling other\'s data. Generative AI Practical action plan: Proactively understanding your expanding attack surface, prioritizing risk management efforts, and building resilience helps achieve the following: 1) Prevents breaches & minimizes the impact of a potential breach Enhance the effectiveness of the Security Operations Center (SOC) by reducing the volume of security incidents, events, and breaches impacting the SOC over time. Adopt a proactive, preventative approach that bolsters cyber resilience quickly and improves security maturity year-over-year. 2) Reduces cybersecurity risks Real-time risk reduction is often impractical due to business constraints and a backlog of pending security issues. Focus on prioritizing risk reduction actions and optimizing resource allo | Vulnerability Threat Cloud Technical | ★★ | |
|
2024-02-15 10:49:00 | Flaw Critical Exchange Server (CVE-2024-21410) sous exploitation active Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation (lien direct) |
Microsoft a reconnu mercredi qu'un nouvel défaut de sécurité critique nouvellement divulgué dans Exchange Server avait été activement exploité dans la nature, un jour après avoir publié des correctifs pour la vulnérabilité dans le cadre de ses mises à jour de Patch Mardid.
Suivi en AS & NBSP; CVE-2024-21410 & NBSP; (Score CVSS: 9.8), le problème a été décrit comme un cas d'escalade de privilège impactant le serveur Exchange.
"Un attaquant
Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS score: 9.8), the issue has been described as a case of privilege escalation impacting the Exchange Server. "An attacker |
Vulnerability | ★★ | |
|
2024-02-15 09:18:45 | Rhysida ransomware a fissuré!Outil de décryptage gratuit publié Rhysida ransomware cracked! Free decryption tool released (lien direct) |
Bonne nouvelle pour les organisations qui ont été victimes du célèbre ransomware de Rhysida.Un groupe de chercheurs sud-coréens en matière de sécurité a découvert une vulnérabilité dans le tristement célèbre ransomware.Cette vulnérabilité offre un moyen pour que les fichiers cryptés soient non recueillis.Des chercheurs de l'Université de Kookmin décrivent comment ils ont exploité un défaut de mise en œuvre dans le code de Rhysida \\ pour régénérer sa clé de cryptage dans un document technique sur leurs résultats."Rhysida Ransomware a utilisé un générateur de nombres aléatoires sécurisé pour générer la clé de chiffrement et crypter ensuite les données. Cependant, un ...
Good news for organisations who have fallen victim to the notorious Rhysida ransomware . A group of South Korean security researchers have uncovered a vulnerability in the infamous ransomware. This vulnerability provides a way for encrypted files to be unscrambled. Researchers from Kookmin University describe how they exploited an implementation flaw in Rhysida\'s code to regenerate its encryption key in a technical paper about their findings. "Rhysida ransomware employed a secure random number generator to generate the encryption key and subsequently encrypt the data. However, an... |
Ransomware Tool Vulnerability Technical | ★★★ | |
|
2024-02-14 18:35:15 | Les cyberattaques continuent de frapper des infrastructures critiques, exposant des vulnérabilités dans les secteurs du pétrole, de l'eau, des soins de santé Cyber attacks continue to hit critical infrastructure, exposing vulnerabilities in oil, water, healthcare sectors (lien direct) |
Les cyberattaques récentes ciblant les installations d'infrastructures critiques ont entraîné des violations de données importantes, ce qui a un impact sur les opérations d'un Canadien ...
Recent cyber attacks targeting critical infrastructure facilities have resulted in significant data breaches, impacting operations at a Canadian... |
Vulnerability Industrial | ★★★ | |
|
2024-02-14 18:25:10 | Microsoft attrape des apts utilisant le chatppt pour la recherche vuln, les scripts de logiciels malveillants Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting (lien direct) |
> Les chasseurs de menaces de Microsoft disent que les APT étrangers interagissent avec le chatppt d'Openai \\ pour automatiser la recherche de vulnérabilité malveillante, la reconnaissance cible et les tâches de création de logiciels malveillants.
>Microsoft threat hunters say foreign APTs are interacting with OpenAI\'s ChatGPT to automate malicious vulnerability research, target reconnaissance and malware creation tasks. |
Malware Vulnerability Threat | ChatGPT | ★★ |
|
2024-02-14 17:15:00 | La chaîne d'attaque zéro-jour de Water Hydra \\ cible les commerçants financiers Water Hydra\\'s Zero-Day Attack Chain Targets Financial Traders (lien direct) |
Le CVE-2024-21412 a été utilisé pour échapper à Microsoft Defender SmartScreen et des victimes d'implants avec DarkMe
CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe |
Vulnerability Threat | ★★ | |
|
2024-02-14 17:00:00 | CVE-2024-0007 PAN-OS: Vulnérabilité des scripts croisés (XSS) stockés dans l'interface Web Panorama (Gravité: Moyen) CVE-2024-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface (Severity: MEDIUM) (lien direct) |
Le CVE-2024-21412 a été utilisé pour échapper à Microsoft Defender SmartScreen et des victimes d'implants avec DarkMe
CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe |
Vulnerability | ||
|
2024-02-14 17:00:00 | CVE-2024-0010 PAN-OS: Vulnérabilité des scripts croisés (XSS) réfléchis dans le portail GlobalProtect (Gravité: milieu) CVE-2024-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Portal (Severity: MEDIUM) (lien direct) |
Le CVE-2024-21412 a été utilisé pour échapper à Microsoft Defender SmartScreen et des victimes d'implants avec DarkMe
CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe |
Vulnerability | ||
|
2024-02-14 17:00:00 | CVE-2024-0008 PAN-OS: Vulnérabilité insuffisante de l'expiration de session dans l'interface Web (gravité: médium) CVE-2024-0008 PAN-OS: Insufficient Session Expiration Vulnerability in the Web Interface (Severity: MEDIUM) (lien direct) |
Le CVE-2024-21412 a été utilisé pour échapper à Microsoft Defender SmartScreen et des victimes d'implants avec DarkMe
CVE-2024-21412 was used to evade Microsoft Defender SmartScreen and implant victims with DarkMe |
Vulnerability | ||
|
2024-02-14 15:44:04 | Vérifier la recherche sur le point dévoile la vulnérabilité critique #MonikerLink dans Microsoft Outlook avec un score de gravité de 9,8 CVSS Check Point Research Unveils Critical #MonikerLink Vulnerability in Microsoft Outlook with a 9.8 CVSS Severity Score (lien direct) |
> Résultats de clés: & # 8211;Gestion de l'hyperlien dans Outlook: La recherche démontre que & # 8220; fichier: // & # 8221;Les hyperliens peuvent être manipulés d'une certaine manière, ce qui entraîne une contournement des mesures de sécurité des perspectives telles que la vue protégée.& # 8211;L'impact de la vulnérabilité: le bogue #monikerlink permet un impact large et sérieux, variant de la fuite des informations d'identification NTLM locales à l'exécution de code arbitraire.Cela est dû à l'utilisation abusive du modèle d'objet composant (COM) sur Windows, où Outlook analyse incorrectement un hyperlien spécialement conçu pour accéder aux objets com.Ce processus peut contourner le point de vue protégé par le bureau, augmentant considérablement le risque d'exploitation [& # 8230;]
>Key Findings: – Hyperlink Handling in Outlook: The research demonstrates that “file://” hyperlinks can be manipulated in a certain way which results in a bypass of the Outlook’s security measures such as Protected View. – The Vulnerability’s Impact: The #MonikerLink bug allows for a wide and serious impact, varying from leaking of local NTLM credential information to arbitrary code execution. This is due to the misuse of the Component Object Model (COM) on Windows, where Outlook incorrectly parses a specially crafted hyperlink to access COM objects. This process can bypass the Office Protected View, significantly increasing the risk of exploitation […] |
Vulnerability | ★★★ | |
 |
2024-02-14 15:29:42 | CrowdStrike a nommé le seul client \\ 'Choice: 2024 Gartner & Reg;«Voix du client» pour l'évaluation de la vulnérabilité CrowdStrike Named the Only Customers\\' Choice: 2024 Gartner® “Voice of the Customer” for Vulnerability Assessment (lien direct) |
C'est un refrain courant dans les cercles de sécurité qui & # 8220; personne n'aime leur outil de gestion de vulnérabilité. & # 8221;Crowdsstrike a peut-être été l'exception.Nous sommes fiers d'annoncer que CrowdStrike est le seul fournisseur nommé un choix de clients dans le rapport 2024 Gartner «Voice of the Client» pour l'évaluation de la vulnérabilité.Dans ce rapport, Crowdsstrike [& # 8230;]
It is a common refrain in security circles that “nobody loves their vulnerability management tool.” CrowdStrike may have just proved to be the exception. We are proud to announce that CrowdStrike is the only vendor named a Customers\' Choice in the 2024 Gartner “Voice of the Customer” Report for Vulnerability Assessment. In this report, CrowdStrike […] |
Tool Vulnerability | ★★ | |
|
2024-02-14 13:03:00 | DarkMe Malware cible les traders DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability (lien direct) |
Une faille de sécurité nouvellement divulguée dans le Microsoft Defender SmartScreen a été exploitée comme un jour zéro par un acteur avancé de menace persistante appelée & nbsp; Water Hydra & nbsp; (aka darkcasino) ciblant les commerçants de marchés financiers.
Trend Micro, qui a commencé à suivre la campagne fin décembre 2023, a déclaré qu'elle impliquait l'exploitation de CVE-2024-21412, une vulnérabilité de contournement de sécurité liée à Internet
A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an advanced persistent threat actor called Water Hydra (aka DarkCasino) targeting financial market traders. Trend Micro, which began tracking the campaign in late December 2023, said it entails the exploitation of CVE-2024-21412, a security bypass vulnerability related to Internet |
Malware Vulnerability Threat | ★★ | |
|
2024-02-14 12:53:28 | L'attaque DNS de KeyTrap pourrait désactiver de grandes parties d'Internet: les chercheurs KeyTrap DNS Attack Could Disable Large Parts of Internet: Researchers (lien direct) |
> Patches publiées pour une nouvelle vulnérabilité DNSSEC nommée KeyTrap, décrite comme la pire attaque DNS jamais découverte.
>Patches released for a new DNSSEC vulnerability named KeyTrap, described as the worst DNS attack ever discovered. |
Vulnerability | ★★★★ | |
|
2024-02-14 11:00:14 | Ubuntu \\ 'Command-Not-Found \\' L'outil peut être maltraité pour répandre les logiciels malveillants Ubuntu \\'command-not-found\\' tool can be abused to spread malware (lien direct) |
Un défaut logique entre le système de suggestions de package Ubuntu \\ 'S \' Command-Not-Found et le référentiel de package SNAP pourrait permettre aux attaquants de promouvoir des packages Linux malveillants aux utilisateurs sans méfiance.[...]
A logic flaw between Ubuntu\'s \'command-not-found\' package suggestion system and the snap package repository could enable attackers to promote malicious Linux packages to unsuspecting users. [...] |
Malware Tool Vulnerability | ★★★ | |
|
2024-02-14 10:50:42 | Zero-day dans QNAP QTS affecte les appareils NAS à l'échelle mondiale Zero-Day in QNAP QTS Affects NAS Devices Globally (lien direct) |
> Par deeba ahmed
QNAP a publié des correctifs pour la vulnérabilité du jour zéro, il est donc important de les installer immédiatement.
Ceci est un article de HackRead.com Lire la publication originale: Zero-day dans QNAP QTS affecte les appareils NAS dans le monde
>By Deeba Ahmed QNAP has released fixes for the zero-day vulnerability, so it\'s important to install them immediately. This is a post from HackRead.com Read the original post: Zero-Day in QNAP QTS Affects NAS Devices Globally |
Vulnerability Threat | ★★★ | |
|
2024-02-14 10:31:00 | Microsoft déploie des correctifs pour 73 défauts, dont 2 Windows Zero-Days Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days (lien direct) |
Microsoft a publié des correctifs pour aborder & nbsp; 73 Security Flaws & nbsp; couvrant sa gamme logicielle dans le cadre de ses mises à jour de patch mardi pour février 2024, y compris deux jours zéro qui ont subi une exploitation active.
Sur les 73 vulnérabilités, 5 sont évalués, 65 sont notés importants et trois et notés de gravité modérée.Ceci s'ajoute à & nbsp; 24 défauts et nbsp; qui ont été fixés
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed |
Vulnerability | ★★★ |
To see everything:
Our RSS (filtrered)
