What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-12-20 02:00:00 | BugCrowd annonce des cotes de vulnérabilité pour les LLM Bugcrowd Announces Vulnerability Ratings for LLMs (lien direct) |
La mise à jour de la taxonomie de notation de la vulnérabilité de la société offre aux chercheurs de vulnérabilité un cadre pour évaluer et hiérarchiser les vulnérabilités dans les modèles de grande langue.
The update to the company\'s Vulnerability Rating Taxonomy offers vulnerability researchers a framework for assessing and prioritizing vulnerabilities in large language models. |
Vulnerability | ★★ | |
|
2023-12-19 20:55:00 | Flaws de sécurité Microsoft Outlook Zero-Click déclenché par un fichier son Microsoft Outlook Zero-Click Security Flaws Triggered by Sound File (lien direct) |
Les attaquants peuvent enchaîner les vulnérabilités pour obtenir une exécution complète du code distant.
Attackers can chain the vulnerabilities to gain full remote code execution. |
Vulnerability | ★★ | |
 |
2023-12-19 17:35:09 | SSH protège les réseaux les plus sensibles du monde.Ça devient beaucoup plus faible SSH protects the world\\'s most sensitive networks. It just got a lot weaker (lien direct) |
La nouvelle attaque de Terrapin utilise la troncature préfixe pour rétrograder la sécurité des canaux SSH.
Novel Terrapin attack uses prefix truncation to downgrade the security of SSH channels. |
Vulnerability | ★★★★ | |
 |
2023-12-19 15:00:00 | 2023 Cyber Madenats: 26 000+ Vulnérabilités, 97 au-delà de la liste des CISA 2023 Cyber Threats: 26,000+ Vulnerabilities, 97 Beyond CISA List (lien direct) |
Le rapport Quality a également montré que plus de 7 000 vulnérabilités avaient un code d'exploitation de preuve de concept
The Qualys report also showed over 7000 vulnerabilities had proof-of-concept exploit code |
Vulnerability Threat | ★★★ | |
 |
2023-12-19 14:30:00 | 36 millions de personnes touchées par la violation de données à Xfinity 36 million people affected by data breach at Xfinity (lien direct) |
Le fournisseur de services de télévision par câble et d'Internet Xfinity indique qu'une violation liée à une vulnérabilité généralisée dans la technologie Citrix a exposé des données de près de 36 millions de personnes à la mi-octobre.L'intrusion s'est produite entre le 16 et le 19 octobre, après que Citrix ait annoncé le bogue, mais avant que Xfinity ne répare ses systèmes, a déclaré la société basée à Philadelphie dans un notification déposée lundi
Cable TV and internet service provider Xfinity says a breach linked to a widespread vulnerability in Citrix technology exposed data of about nearly 36 million people in mid-October. The intrusion happened between October 16-19, after Citrix had announced the bug but before Xfinity patched its systems, the Philadelphia-based company said in a notification filed Monday |
Data Breach Vulnerability | ★★ | |
 |
2023-12-19 12:28:00 | 8220 gang exploitant Oracle Weblogic Server Vulnérabilité à la propagation de logiciels malveillants 8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware (lien direct) |
Les acteurs de menace associés à la & nbsp; 8220 gang & nbsp; ont été observés exploitant un défaut de haute sévérité dans le serveur Oracle Weblogic pour propager leurs logiciels malveillants.
La lacune de sécurité est & nbsp; CVE-2020-14883 & nbsp; (Score CVSS: 7.2), un bug d'exécution de code distant qui pourrait être exploité par des attaquants authentifiés pour prendre les serveurs sensibles.
"Cette vulnérabilité permet à la distance authentifiée
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. "This vulnerability allows remote authenticated |
Malware Vulnerability Threat | ★★ | |
 |
2023-12-19 12:03:18 | Les attaques Terrapin peuvent rétrograder la sécurité des connexions OpenSSH Terrapin attacks can downgrade security of OpenSSH connections (lien direct) |
Les chercheurs universitaires ont développé une nouvelle attaque appelée Terrapin qui manipule les numéros de séquence pendant le processus de poignée de main pour briser l'intégrité du canal SSH lorsque certains modes de chiffrement largement utilisés sont utilisés.[...]
Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used. [...] |
Vulnerability | ★★★ | |
 |
2023-12-19 11:48:41 | Alertes Microsoft des vulnérabilités RCE et DOS dans Perforce Server: CVE-2023-45849, CVE-2023-35767, CVE-2023-45319, CVE-2023-5759 Microsoft Alerts of RCE and DoS Vulnerabilities in Perforce Server: CVE-2023-45849, CVE-2023-35767, CVE-2023-45319, CVE-2023-5759 (lien direct) |
Lors d'une revue de sécurité de ses studios de développement de jeux, Microsoft a trouvé quatre vulnérabilités à Perforce ...
During a security review of its game development studios, Microsoft found four vulnerabilities in Perforce... |
Vulnerability | ★★ | |
 |
2023-12-19 11:30:00 | Les données des clients XFINITY sont compromises dans l'attaque exploitant la vulnérabilité agricole Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability (lien direct) |
> La Xfinity de Comcast \\ affirme que les données des clients, y compris les informations d'identification, ont été compromises dans une attaque exploitant la vulnérabilité agricole
>Comcast\'s Xfinity says customer data, including credentials, were compromised in an attack exploiting the CitrixBleed vulnerability |
Vulnerability | ★★ | |
 |
2023-12-19 11:00:00 | La meilleure conférence de cybersécurité dont vous n'avez jamais entendu parler The best Cybersecurity conference you never heard of (lien direct) |
For the past 12 years in Austin, TX, the last week of October has been reserved for the Lonestar Application Security Conference (LASCON). Unequivocally, LASCON is the best cybersecurity conference you have never heard of!
LASCON is the annual confab of the Austin, TX OWASP (the Open Worldwide Application Security Project) chapter. OWASP is a volunteer organization that is a treasure trove of application security information with things such as standards, discussion groups, documentation, and more. The organization tracks the annual OWASP Top 10 web application security risks and is the proverbial north star for developers seeking more secure coding practices.
LASCON 2023 talks are recorded and available.
As a conference, LASCON rolls up its metaphorical sleeves and puts on a fabulous show. The uniqueness of LASCON:
Delivers exceptional content focused on application security
Offers every attendee the opportunity to challenge themselves and gain new life skills
Provides physical and cerebral entertainment
Exceptional content
LASCON is wholly committed to discussing, exploring, and showcasing application security. Check out the 2023 agenda here to see the extensive programming focused on application security.
Why is application security so important? In the world of cybersecurity, the subset of application security is the last mile and the area the adversaries know may be less security-aware.
Software is malleable and widely shared. In many cases software developers live in an environment of “just ship it” only to find that unintentional vulnerabilities crept into a production release.
The push to “DevSecOps” or “SecDevOps” means security disciplines are being incorporated from the beginning to alleviate many of the problems that stem from a “just ship it” environment.
LASCON tackles the what, why, and how of application security. In 2023, there was plenty of focus on the needs and benefits of automation, how development teams need to communicate to different audiences, and of course what generative-AI means for application security. In other words, something for everyone.
Many of the LASCON sessions were recorded and the replays will be available in the next few months. I highly recommend viewing this topical content.
New life skills
Similar to other conferences, LASCON has an expo hall where sponsor-vendors showcase their technology and give away swag.
But…LASCON goes a step further and brings in the Longhorn Lock Picking Club to set up Lock Pick Village in one end of the expo hall. Lock Pick Village focuses on locksport. This skill uses logical thinking, involves manual dexterity, and brings out the physical aspect of security.
Lock Pick Village is a favorite among attendees and creates a bonding opportunity at LASCON. The mayor of Lock Pick Village runs various contests throughout the two days of the conference with winners walking away with bragging rights.
Entertainment
LASCON has something for everyone!
Each year, the LASCON organizing team hosts “speed debates”. These debates are sarcastic, outlandish, and just plain funny. A moderator hosts two teams who take on cybersecurity topics of the day and present heartfelt pro or con arguments. Topics are far-ranging and incl |
Vulnerability Conference | ★★★ | |
 |
2023-12-19 02:45:07 | L'histoire du patch mardi: en regardant les 20 premières années The History of Patch Tuesday: Looking back at the first 20 years (lien direct) |
L'un des aspects les plus critiques de la cybersécurité est de s'assurer que tous les logiciels sont tenus à jour avec les derniers correctifs.Ceci est nécessaire pour couvrir toutes les vulnérabilités dont les cybercriminels pourraient profiter afin d'infiltrer une organisation et de lancer une attaque.Avec le volume de mises à jour et les efforts nécessaires pour les installer et les configurer, il est bon de savoir précisément lorsque les correctifs seront publiés."Patch Mardi", un événement mensuel où Microsoft publie des correctifs logiciels, a commencé il y a 20 ans et se déroule toujours aujourd'hui.Depuis lors, il y a eu un changement considérable dans la façon dont ...
One of the most critical aspects of cybersecurity is ensuring that all software is kept up to date with the latest patches. This is necessary to cover any vulnerabilities that cybercriminals could take advantage of in order to infiltrate an organization and launch an attack. With the volume of updates and the effort needed to install and configure them, it is good to know precisely when patches will be released. “Patch Tuesday”, a monthly event where Microsoft releases software patches, started 20 years ago and is still going strong today. Since then, there has been a considerable shift in how... |
Vulnerability | ★★★★ | |
 |
2023-12-19 01:22:36 | La vulnérabilité Apache ActiveMQ (CVE-2023-46604) étant en permanence exploitée dans les attaques Apache ActiveMQ Vulnerability (CVE-2023-46604) Continuously Being Exploited in Attacks (lien direct) |
En novembre 2023, Ahnlab Security Emergency Response Center (ASEC) a publié un article de blog intitulé & # 8220;Circonstances du groupe Andariel exploitant une vulnérabilité Apache ActiveMQ (CVE-2023-46604) & # 8221;[1] qui a couvert les cas du groupe de menaces Andariel exploitant la vulnérabilité CVE-2023-46604 pour installer des logiciels malveillants.Ce message a non seulement couvert les cas d'attaque du groupe Andariel, mais aussi ceux de Hellokitty Ransomware, de Cobalt Strike et Metasploit Meterpreter.Depuis lors, la vulnérabilité Apache ActiveMQ (CVE-2023-46604) a continué à être exploitée par divers acteurs de menace.Ce ...
In November 2023, AhnLab Security Emergency response Center (ASEC) published a blog post titled “Circumstances of the Andariel Group Exploiting an Apache ActiveMQ Vulnerability (CVE-2023-46604)” [1] which covered cases of the Andariel threat group exploiting the CVE-2023-46604 vulnerability to install malware. This post not only covered attack cases of the Andariel group but also those of HelloKitty Ransomware, Cobalt Strike, and Metasploit Meterpreter. Since then, the Apache ActiveMQ vulnerability (CVE-2023-46604) has continued to be exploited by various threat actors. This... |
Ransomware Malware Vulnerability Threat | ★★★ | |
|
2023-12-18 22:51:00 | Dans les coulisses: la frappe coordonnée de Jaskago \\ sur macOS et Windows Behind the Scenes: JaskaGO\\'s Coordinated Strike on macOS and Windows (lien direct) |
Executive summary
In recent developments, a sophisticated malware stealer strain crafted in the Go programming language has been discovered by AT&T Alien Labs, posing a severe threat to both Windows and macOS operating systems.
As of the time of publishing of this article, traditional antivirus solutions have low or even non-existent detection rates, making it a stealthy and formidable adversary.
Key takeaways:
The malware is equipped with an extensive array of commands from its Command and Control (C&C) server.
JaskaGO can persist in different methods in infected system.
Users face a heightened risk of data compromise as the malware excels at exfiltrating valuable information, ranging from browser credentials to cryptocurrency wallet details and other sensitive user files.
Background
JaskaGO contributes to a growing trend in malware development leveraging the Go programming language. Go, also known as Golang, is recognized for its simplicity, efficiency, and cross-platform capabilities. Its ease of use has made it an attractive choice for malware authors seeking to create versatile and sophisticated threats.
While macOS is often perceived as a secure operating system, there exists a prevalent misconception among users that it is impervious to malware. Historically, this misbelief has stemmed from the relative scarcity of macOS-targeted threats compared to other platforms. However, JaskaGO serves as a stark reminder that both Windows and macOS users are constantly at risk of malware attacks.
As the malware use of file names resembling well-known applications (such as “Capcut_Installer_Intel_M1.dmg”, “Anyconnect.exe”) suggest a common strategy of malware deployment under the guise of legitimate software in pirated application web pages.
The first JaskaGo sample was observed in July 2023, initially targeting Mac users. Following this opening assault, dozens of new samples have been identified as the threat evolved its capabilities and developed in both macOS and to Windows versions; its low detection rate is evident by its recent sample by anti-virus engines. (Figure 1)
 .
Figure 1. As captured by Alien Labs: Anti-virus detection for recent JaskaGO samples within VirusTotal.
Analysis
Upon initial execution, the malware cunningly presents a deceptive message box, displaying a fake error message, claiming a missing file. This is strategically designed to mislead the user into believing that the malicious code failed to run. (Figure 2)
Figure 2. As captured by Alien Labs: Fake error message.
Anti-VM
The malware conducts thorough checks to determine if it is operating within a virtual machine (VM). This process begins with the examination of general machine information, where specific criteria such as the number of processors, system up-time, available system memory, and MAC addresses are checked. The presence of MAC addresses associated with well-known VM software, such as VMware or VirtualBox, is a key indicator. (Figure 3)
Figure 3. As captured by Alien Labs: Looking for VM related MAC addresses.
Additionally, the malware\'s Windows version searches for VM-related traces in both the registry and the file system. (Figure 4)
|
Malware Vulnerability Threat Prediction Technical | ★★★ | |
|
2023-12-18 21:13:00 | Attention: les experts révèlent de nouveaux détails sur les exploits Outlook RCE sur zéro clique Beware: Experts Reveal New Details on Zero-Click Outlook RCE Exploits (lien direct) |
Des détails techniques ont émergé environ deux défauts de sécurité désormais paralysés dans Microsoft Windows qui pourraient être enchaînés par les acteurs de la menace pour réaliser l'exécution de code distant sur le service de messagerie Email Outlook sans toute interaction utilisateur.
"Un attaquant sur Internet peut enchaîner les vulnérabilités pour créer un exploit complet de code distant (RCE) à zéro cliquez sur des clients d'Outlook", akamai la sécurité
Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security |
Vulnerability Threat Technical | ★★★ | |
|
2023-12-18 19:00:00 | La mise en place d'une valeur en dollars sur les vulnérabilités aidera-t-elle à les prioriser? Will Putting a Dollar Value on Vulnerabilities Help Prioritize Them? (lien direct) |
Le système de notation de l'impact de la vulnérabilité de Zoom calcule l'impact d'une vulnérabilité pour attribuer un paiement en espèces pour les bogues, ce qui a conduit les pirates à hiérarchiser les défauts plus graves.Peut-il faire de même pour les entreprises?
Zoom\'s Vulnerability Impact Scoring System calculates the impact of a vulnerability to assign a cash payout for bugs, leading hackers to prioritize more severe flaws. Can it do the same for companies? |
Vulnerability | ★★ | |
|
2023-12-18 17:00:00 | Moveit Vulnérabilité Hits Delta Dental: 7 millions d'enregistrements exposés MOVEit Vulnerability Hits Delta Dental: 7 Million Records Exposed (lien direct) |
Les acteurs non autorisés ont violé les données de santé, y compris les détails liés aux procédures dentaires et aux réclamations
Unauthorized actors breached health data, including details related to dental procedures and claims |
Vulnerability | ★★ | |
|
2023-12-18 13:05:33 | Nouveau service DDOS, Vulnérabilité Microsoft Defender, Accès au réseau à la banque indienne, fuite de données de l'Université de Princeton New DDoS Service, Microsoft Defender Vulnerability, Network Access to Indian Bank, Princeton University Data Leak (lien direct) |
La semaine dernière, l'équipe Web sombre de Socradar a découvert des développements critiques, y compris un nouveau DDOS ...
In the last week, SOCRadar’s Dark Web Team uncovered critical developments, including a new DDoS... |
Vulnerability | ★★ | |
|
2023-12-18 11:00:00 | Dévoiler le Web Dark: un guide professionnel de l'exploration éthique Unveiling the dark web: A professional\\'s guide to ethical exploration (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The dark web, often shrouded in mystery and intrigue, is a realm of the internet that exists beyond the reach of traditional search engines. While the Dark Web does harbor a certain notoriety for hosting illegal activities, it also contains valuable information and resources that can be beneficial for professionals involved in cybersecurity, threat intelligence, and investigations. This article will provide a comprehensive guide on how to search the dark web for information gathering in a professional and ethical manner. Understanding the dark web Before delving into the intricacies of searching on the dark web, it\'s crucial to comprehend its structure. The internet comprises three layers: the surface web, the deep web, and the dark web. Surface web: This is the portion of the internet indexed by search engines like Google and accessible to the general public. Deep web: The Deep Web includes websites and databases not indexed by search engines. These are often password-protected or behind paywalls, such as online banking or email accounts. Dark web: The dark web is a hidden network of websites that can only be accessed using specialized software, such as Tor. It\'s intentionally designed to conceal the identity of users and hosts. While it has a reputation for illegal markets, it also includes legitimate websites and forums. Ethical considerations Searching the dark web requires a strong commitment to ethical conduct. It\'s essential to respect both legal and moral boundaries. Here are some critical ethical considerations: Legal compliance: Ensure that your activities are within the bounds of the law. Engaging in any illegal activities, such as purchasing illicit goods, is strictly prohibited. Use encryption: When accessing the dark web, always use encryption tools like the Tor browser to protect your identity and maintain anonymity. Verification: Verify the legitimacy of the information you find. Misinformation and scams are prevalent on the dark web. Searching the Dark Web Get the right tools: Start by downloading the Tor browser, a free and open-source software that allows you to access the dark web while concealing your IP address. Consider using a virtual private network (VPN) in combination with the Tor browser for an additional layer of security. Deep web vs. dark web: Distinguish between the deep web and the dark web. Remember that the deep web consists of web pages not indexed by search engines but is not inherently hidden. The dark web, on the other hand, is intentionally concealed. Search engines: Dark web search engines like DuckDuckGo, Torch and notEvil can be used to find specific websites and content. These search engines access .onion domains, which are unique to the dark web. Directories: Dark web directories are like Yellow Pages for hidden services. They list websites and their categories, making it easier to find what you\'re looking for. Notable directories include The Hidden Wiki and TorLinks. Forums and communities: The dark web hosts numerous forums, discussion boards, and communities that cover a wide range of topics. Some of these can be valuable sources of information. However, exercise caution as many forums are associated with illegal activities. File sharing: File-sharing services on the dark web may contain a wealth of data, including documents, reports, and archives. Some of these files may be of intere | Tool Vulnerability Threat | ★★ | |
 |
2023-12-18 09:05:52 | CISA rapporte l'évaluation des risques de santé et de la vulnérabilité, offre des recommandations de cybersécurité CISA reports on healthcare risk and vulnerability assessment, offers cybersecurity recommendations (lien direct) |
L'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) a publié vendredi un rapport sur les conclusions d'un ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released on Friday a report on the findings of a... |
Vulnerability | ★★ | |
|
2023-12-16 11:17:34 | La vulnérabilité NVR VIOSTOR NAPTOR activement exploitée par malware botnet QNAP VioStor NVR vulnerability actively exploited by malware botnet (lien direct) |
Un botnet basé à Mirai nommé \\ 'InfectedSlurs \' exploite une vulnérabilité d'exécution de code distant (RCE) dans QNAP VIOSTORDispositifs NVR (enregistreur vidéo réseau) à détourner et les faire faire partie de son essaim DDOS (déni de service distribué).[...]
A Mirai-based botnet named \'InfectedSlurs\' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm. [...] |
Malware Vulnerability | ★★★ | |
|
2023-12-15 19:00:00 | Établir des critères de récompense pour la déclaration des bogues dans les produits de l'IA Establishing Reward Criteria for Reporting Bugs in AI Products (lien direct) |
Les programmes de chasseurs de bogues peuvent aider les organisations à favoriser la découverte de tiers et le rapport sur les problèmes et les vulnérabilités spécifiques aux systèmes d'IA.
Bug hunter programs can help organizations foster third-party discovery and reporting of issues and vulnerabilities specific to AI systems. |
Vulnerability | ★★ | |
|
2023-12-15 18:35:05 | Delta Dental Hit avec 7 millions de violation de données utilisateur dans l'attaque liée à Moveit Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack (lien direct) |
> Par waqas
Depuis son émergence en mai 2023, la vulnérabilité Moveit a été exploitée par le gang de ransomware CL0P lié à la Russie, & # 8230;
Ceci est un article de HackRead.com Lire le post original: Delta Dental Hit avec 7 millions de violation de données utilisateur dans l'attaque liée à Moveit
>By Waqas Since its emergence in May 2023, the MOVEit vulnerability has been exploited by the Russian-linked Cl0p ransomware gang,… This is a post from HackRead.com Read the original post: Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack |
Ransomware Data Breach Vulnerability | ★★ | |
|
2023-12-15 16:38:00 | Bug ou fonctionnalité?Vulnérabilités d'application Web cachées découvertes Bug or Feature? Hidden Web Application Vulnerabilities Uncovered (lien direct) |
La sécurité des applications Web se compose d'une myriade de contrôles de sécurité qui garantissent une application Web:
Fonctions comme prévu.
Ne peut pas être exploité pour fonctionner hors limites.
Ne peut pas lancer des opérations qu'elle n'est pas censée faire.
Les applications Web sont devenues omniprésentes après l'expansion de Web 2.0, que les plateformes de médias sociaux, les sites Web de commerce électronique et les clients de messagerie saturant Internet
Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations that it is not supposed to do. Web Applications have become ubiquitous after the expansion of Web 2.0, which Social Media Platforms, E-Commerce websites, and email clients saturating the internet |
Vulnerability | ★★★ | |
|
2023-12-15 16:32:00 | Nouvelles vulnérabilités de sécurité découvertes dans le logiciel de pare-feu PFSense - Patch maintenant New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now (lien direct) |
Plusieurs vulnérabilités de sécurité ont été découvertes dans la solution de pare-feu PfSense open source appelée pfSense qui pourrait être enchaînée par un attaquant pour exécuter des commandes arbitraires sur des appareils susceptibles.
Les problèmes concernent deux bugs de script inter-sites reflétés (XSS) et un défaut d'injection de commande, selon de nouvelles résultats de Sonar.
"La sécurité à l'intérieur d'un réseau local est souvent
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The issues relate to two reflected cross-site scripting (XSS) bugs and one command injection flaw, according to new findings from Sonar. "Security inside a local network is often |
Vulnerability | ★★ | |
|
2023-12-15 13:36:12 | De nouvelles données sur le grain continue d'observer l'exploitation du groupe de ransomwares de vulnérabilités viables New GRIT data continues to observe ransomware group exploitation of viable vulnerabilities (lien direct) |
> Le rapport sur les ransomwares de la recherche et de l'intelligence de GuidePoint (Grit) a révélé que novembre a clôturé avec une augmentation de la publication ...
>The GuidePoint Research and Intelligence Team (GRIT) Ransomware Report disclosed that November closed with an increase in posted... |
Ransomware Vulnerability | ★★★ | |
 |
2023-12-15 13:31:44 | GCP-2023-048 (lien direct) | Publié: 2023-12-15 Description Description Gravité notes Les vulnérabilités suivantes ont été découvertes dans le noyau Linux qui peut conduire à une escalade de privilège sur le système d'exploitation optimisé par le conteneur et les nœuds Ubuntu. CVE-2023-3390 Pour les instructions et plus de détails, consultez les bulletins suivants: Bulletin de sécurité GKE GKE sur le bulletin de sécurité VMware gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur GKE sur le bulletin de sécurité Bare Metal High CVE-2023-3390 Published: 2023-12-15Description Description Severity Notes The following vulnerabilities were discovered in the Linux kernel that can lead to a privilege escalation on Container-Optimized OS and Ubuntu nodes.CVE-2023-3390 For instructions and more details, see the following bulletins: GKE security bulletin GKE on VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GKE on Bare Metal security bulletin High CVE-2023-3390 | Vulnerability Cloud | ||
|
2023-12-15 12:49:23 | Fortiguard publie des mises à jour de sécurité pour les vulnérabilités critiques dans plusieurs produits Introduction aux vulnérabilités FortiGuard Releases Security Updates for Critical Vulnerabilities in Multiple Products Introduction to the Vulnerabilities (lien direct) |
Le 12 décembre 2023, Fortiguard a annoncé la publication des mises à jour de sécurité pour aborder plusieurs critiques ...
On December 12, 2023, FortiGuard announced the release of security updates to address several critical... |
Vulnerability | ★★ | |
|
2023-12-15 12:27:13 | Zoom dévoile le système de notation d'impact de vulnérabilité open source Zoom Unveils Open Source Vulnerability Impact Scoring System (lien direct) |
> Zoom lance un système de notation d'impact de vulnérabilité open source (VISS) testé dans son programme de primes de bogue.
>Zoom launches an open source Vulnerability Impact Scoring System (VISS) tested within its bug bounty program. |
Vulnerability | ★★★ | |
 |
2023-12-15 06:00:41 | Comment empêcher les attaques basées sur l'identité avec ITDR How to Prevent Identity-Based Attacks with ITDR (lien direct) |
Identity-based attacks are on the rise. Research from the Identity Defined Security Alliance found that 84% of businesses experienced an identity-related breach in the past year. While that\'s a huge percentage, it\'s not all that surprising. Just consider how focused attackers have been in recent years on gaining access to your user\'s identities. In the latest Verizon 2023 Data Breach Investigations Report, Verizon found that 40% of all data breaches in 2022 involved the theft of credentials which is up from 31% in 2021. With access to just one privileged account an attacker can move around undetected on a company\'s network and cause havoc. When they look like the right employee, they have the freedom to do almost anything, from stealing sensitive data to launching ransomware attacks. What\'s worse, attackers usually have tools that make it fast and easy to exploit stolen credentials, escalate privilege and move laterally. That makes this type of attack all the more appealing. There are a bevy of cybersecurity tools that are supposed to protect companies from these attacks. So why do they fall short? The simple answer is that it\'s not their job-at least not completely. Take tools used for identity access management (IAM) as an example. Their role is to administer identities and manage their access to applications and resources. They don\'t detect malicious activity after a “legitimate” user has been authenticated and authorized. And tools for anomaly detection, like security information and event management (SIEM) systems, alert on abnormal or malicious user activity. But they are even less capable of flagging attempts at lateral movement and privilege escalation. As a result, these tools tend to generate high levels of false positives, which overwhelm security teams. However, there is a way to address the security gaps these solutions aren\'t well equipped to cover. It\'s called identity threat detection and response, or ITDR for short. What is ITDR? ITDR is an umbrella term coined by Gartner to describe a new category of security tools and best practices that companies can use to detect and respond more effectively to identity-based attacks. ITDR protects the middle of the attack chain-the point where enterprise defenses are usually the weakest. ITDR tools offer robust analytics, integrations and visibility that can help you to: Detect, investigate and respond to active threats Stop privilege escalations Identify and halt lateral movement by attackers Reduce the identity-centric attack surface before the threat actor even arrives When you use ITDR, you\'re not replacing existing tools or systems for IAM and threat detection and response like privileged access management (PAM) or endpoint detection and response (EDR). Instead, you\'re complementing them. Those tools can continue to do what they do best while ITDR addresses the identity security gaps they\'re not designed to cover. How ITDR solutions work-and help to prevent identity-based attacks ITDR tools are designed to continuously monitor user behavior patterns across systems. They scan every endpoint-clients and servers, PAM systems and identity repositories-to look for unmanaged, misconfigured and exposed identities. With a holistic view of identity risks, your security team can remove key attack pathways through Active Directory (AD) that threat actors use to install ransomware and steal data. ITDR tools can help defenders stop identity attacks and proactively get rid of risks. They allow defenders to see exactly how attackers can access and use identities to compromise the business. Essentially, ITDR provides answers to these three critical questions: Whose identity provides an attack path? What is the identity threat blast radius, and the impact to my business? Are there any identity-based attacks in progress? Leading ITDR tools can help you catch adversaries in the act by planting deceptive content, or trip wires, throughout your environment that only attackers would in | Ransomware Data Breach Tool Vulnerability Threat | ★★ | |
 |
2023-12-15 00:00:00 | Décodage CVE-2023-50164: dévoiler l'exploit de téléchargement de fichiers Apache Struts Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit (lien direct) |
Dans cette entrée de blog, nous discutons des détails techniques du CVE-2023-50164, une vulnérabilité critique qui affecte Apache Struts 2 et permet une traversée de chemin non autorisée.
In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal. |
Vulnerability Threat Technical | ★★ | |
 |
2023-12-14 18:34:12 | 10 prédictions de sécurité pour 2024 10 Security Predictions for 2024 (lien direct) |
Dans un contexte de conditions économiques incertaines et de troubles géopolitiques, 2023 approche de sa fin.Mais ce n'est pas toutes de mauvaises nouvelles.Dans la course contre les gangs cyber-criminels et les acteurs de menaces malveillants en 2023, les catastrophes majeures ne se sont pas matérialisées et l'état de cyber-défense est plus fort que jamais.De nouvelles solutions pour l'IoT et la sécurité OT, l'accent mis sur les vulnérabilités open source et les progrès dans la formation de sensibilisation à la sécurité au sein des organisations sont tous des signes de défenses plus fortes.Avec ce (...)
-
opinion
Against a backdrop of uncertain economic conditions and geopolitical unrest, 2023 nears its end. But it isn\'t all bad news. In the race against cyber criminal gangs and malicious threat actors in 2023, major catastrophes have not materialized, and the state of cyber defense is stronger than ever. New solutions for IoT and OT security, a focus on open source vulnerabilities, and progress in security awareness training within organizations are all signs of stronger defenses. With this (...) - Opinion |
Vulnerability Threat Industrial Prediction | ★★★ | |
|
2023-12-14 15:30:00 | Les pirates d'ours confortables ciblent les serveurs TeamCity JetBrains dans Global Campaign Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign (lien direct) |
Le FBI et la CISA ont détecté que les pirates liés au service de renseignement étranger russe (SVR) visent une vulnérabilité de JetBrains TeamCity depuis septembre 2023
The FBI and CISA detected that hackers linked to the Russian foreign intelligence service (SVR) have been targeting a JetBrains TeamCity vulnerability since September 2023 |
Vulnerability | APT 29 | ★★★ |
 |
2023-12-14 15:00:35 | La Russie rejoint la Corée du Nord pour envoyer des cyber-troupes parrainées par l'État pour choisir les utilisateurs de TeamCity Russia joins North Korea in sending state-sponsored cyber troops to pick on TeamCity users (lien direct) |
Les autorités de la sécurité nationale et de l'INFOSEC se regroupent ensemble pour aider les victimes à renifler des méchants russes furtifs se cachant dans les réseaux mis à jour La cyber-unité offensive liée au service de renseignement étranger de la Russie \\(SVR) exploite la vulnérabilité critique affectant le serveur CI / CD de JetBrains TeamCity, et est depuis septembre, avertit les autorités…
National security and infosec authorities band together to help victims sniff out stealthy Russian baddies hiding in networks Updated The offensive cyber unit linked to Russia\'s Foreign Intelligence Service (SVR) is exploiting the critical vulnerability affecting the JetBrains TeamCity CI/CD server at scale, and has been since September, authorities warn.… |
Vulnerability | ★★★ | |
|
2023-12-14 14:47:06 | Zerocopter lance un marché de sécurité Zerocopter launches a security marketplace (lien direct) |
Le premier marché de la cybersécurité du monde \\ propulsé par des pirates, développé à usage commercial
Zerocopter lance un marché de sécurité accessible et abordable, ouvrant une gamme de produits à des entreprises de toutes bandes, inspirées et motivées par des pirates expérimentés pour rendre la vulnérabilité et la protection des menaces accessibles et disponibles pour tous
-
revues de produits
World\'s First Cybersecurity Marketplace Powered by Hackers, Developed for Commercial Use Zerocopter launches an accessible and affordable security marketplace, opening up a range of products to companies of all stripes, inspired and driven by experienced hackers to make vulnerability and threat protection accessible and available to all - Product Reviews |
Vulnerability Threat Commercial | ★★ | |
 |
2023-12-14 14:00:00 | 2024 Prédictions de sécurité de l'équipe de recherche sur sonar 2024 Security Predictions from the Sonar Research Team (lien direct) |
Réfléchissant sur les changements dans l'industrie au cours de la dernière année, ainsi que les recherches que nous avons publiées, l'équipe de recherche sur la vulnérabilité de Sonar s'est réunie et a compilé nos réflexions sur ce que nous prévoyons pour la cybersécurité en 2024.
Reflecting on changes in the industry over the past year, as well as the research we\'ve published, the Sonar Vulnerability Research team came together and compiled our thoughts on what we foresee for cybersecurity in 2024. |
Vulnerability Prediction | ★★★ | |
|
2023-12-14 14:00:00 | Le système de notation des insectes de Zoom \\ priorise les vulnes les plus risquées pour les cyber équipes Zoom\\'s Bug-Scoring System Prioritizes Riskiest Vulns for Cyber Teams (lien direct) |
Le nouveau système de notation d'impact sur la vulnérabilité vise à aider les cyber-défenseurs à trouver des menaces et à patcher contre les bogues les plus susceptibles de perturber leur environnement.
New vulnerability impact scoring system aims to help cyber defenders find threats and patch against bugs most likely to disrupt their environments. |
Vulnerability | ★★ | |
 |
2023-12-14 13:00:40 | Les équipes des écoles publiques de Birmingham avec un point de contrôle pour construire une cyber-résilience Birmingham Public Schools Teams with Check Point to Build Cyber Resilience (lien direct) |
> Les écoles des États-Unis sont confrontées à une augmentation sans précédent des cyberattaques.En fait, Check Point Research a révélé que le secteur de l'éducation / de la recherche a connu le plus grand nombre d'attaques, avec une moyenne de 2160 attaques par organisation par semaine au cours des trois premiers trimestres de 2023. Nos établissements d'enseignement ne sont plus seulement des centres d'apprentissage;Ils sont devenus des cibles attrayantes pour les acteurs malveillants cherchant à exploiter les vulnérabilités.Les écoles détiennent une multitude de données, y compris les dossiers des étudiants et les informations financières.Ces informations sont très précieuses pour les cybercriminels qui cherchent à voler des identités ou à vendre des données sensibles sur le Web Dark.Au [& # 8230;]
>Schools across the United States are facing an unprecedented surge in cyberattacks. In fact, Check Point Research found that the education/research sector experienced the highest number of attacks, with an average of 2160 attacks per organization per week during the first three quarters of 2023. Our educational institutions are no longer just centers of learning; they have become attractive targets for malicious actors seeking to exploit vulnerabilities. Schools hold a wealth of data, including student records and financial information. This information is highly valuable to cybercriminals looking to steal identities or sell sensitive data on the dark web. At the […] |
Vulnerability Threat | ★★★ | |
 |
2023-12-14 12:07:06 | Ce que nos experts en sécurité ont discuté chez AWS RE: Invent 2023 What Our Security Experts Discussed at AWS re:Invent 2023 (lien direct) |
Le paysage du codage change alors que les développeurs adoptent l'IA, l'automatisation, les microservices et les bibliothèques tierces pour stimuler la productivité.Bien que chaque nouvelle approche améliore l'efficacité, comme une épée à double tranchant, les défauts et les vulnérabilités sont également introduits plus rapidement que les équipes ne peuvent les réparer.Découvrez l'une des dernières innovations qui résolvent cela dans un récapitulatif de ce que nos experts en sécurité ont discuté chez AWS RE: Invent 2023.
Veracode Fix: un changeur de jeu en régime pour les développeurs pour les développeurs
Au cours de leur segment AWS on Air, nos experts, vice-président de la gestion stratégique des produits, Tim Jarrett, et l'architecte des solutions seniors, Eric Kim, ont partagé comment Veracode Fix est un nouvel outil de changement de jeu qui aide les développeurs à réduire le processus de rétablissement des défauts depuis des moisà quelques minutes.
Tirant la puissance de l'IA, l'outil permet aux développeurs de réduire facilement les problèmes de sécurité en générant des correctifs suggérés pour le code existant qui est défectueux et vulnérable.
Alors que de nombreux outils de codage alimentés par l'IA sont conçus pour aider à écrire…
The landscape of coding is changing as developers embrace AI, automation, microservices, and third-party libraries to boost productivity. While each new approach enhances efficiency, like a double-edged sword, flaws and vulnerabilities are also introduced faster than teams can fix them. Learn about one of the latest innovations solving this in a recap of what our security experts discussed at AWS re:Invent 2023. Veracode Fix: A Game Changer in Flaw Remediation for Developers During their AWS on Air segment, our experts, Vice President of Strategic Product Management, Tim Jarrett, and Senior Solutions Architect, Eric Kim, shared how Veracode Fix is a new game-changing tool that helps developers cut down the flaw remediation process from months to minutes. Leveraging the power of AI, the tool allows developers to easily reduce security issues by generating suggested fixes for existing code that is flawed and vulnerable. While many AI-powered coding tools are designed to help write… |
Tool Vulnerability | ★★★ | |
|
2023-12-14 11:17:05 | États-Unis, agences de sécurité européennes alarme sur les pirates de SVR russes exploitant la vulnérabilité du logiciel TeamCity US, European security agencies sound alarm on Russian SVR hackers exploiting TeamCity software vulnerability (lien direct) |
Les agences de sécurité des États-Unis et de l'Europe ont encore une fois uni leurs forces pour émettre un avertissement à la fois au public ...
Security agencies from the U.S. and Europe joined forces once again to issue a warning to both public... |
Vulnerability | ★★ | |
|
2023-12-14 11:08:28 | La CISA exhorte les organisations à corriger la vulnérabilité critique de Struts RCE, CVE-2023-50164 CISA Urges Organizations to Patch the Critical Apache Struts RCE Vulnerability, CVE-2023-50164 (lien direct) |
Dans une alerte récente, l'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a souligné que l'Apache ...
In a recent alert, the Cybersecurity and Infrastructure Security Agency (CISA) highlighted that the Apache... |
Vulnerability | ★★ | |
|
2023-12-14 10:30:00 | Vulnérabilités désormais les plus importantes d'accès initial pour les ransomwares Vulnerabilities Now Top Initial Access Route For Ransomware (lien direct) |
Plus d'attaques de ransomwares commencent maintenant par l'exploitation de la vulnérabilité que le phishing, explique Corvus Insurance
More ransomware attacks now start with vulnerability exploitation than phishing, says Corvus Insurance |
Ransomware Vulnerability | ★★ | |
 |
2023-12-13 19:34:57 | Opération forgeron: Lazarus cible les organisations du monde Operation Blacksmith: Lazarus Targets Organizations Worldwide Using Novel Telegram-Based Malware Written in DLang (lien direct) |
#### Description
Cisco Talos a découvert une nouvelle campagne menée par le groupe Lazare, appelé "Operation Blacksmith", qui emploie au moins trois nouvelles familles de logiciels malveillants basés sur Dlang, dont deux sont des chevaux de Troie (rats), où l'un d'eux utilise des robots télégrammes etcanaux comme moyen de communications de commandement et de contrôle (C2).
Les rats sont nommés "ninerat" et "dlrat", et le téléchargeur s'appelle "Bottomloader".La campagne consiste en un ciblage opportuniste continu des entreprises à l'échelle mondiale qui hébergent et exposent publiquement leur infrastructure vulnérable à l'exploitation de la vulnérabilité des jours tels que CVE-2021-44228 (log4j).Lazare a ciblé les sociétés de fabrication, d'agriculture et de sécurité physique.Le malware est écrit dans DLANG, indiquant un changement définitif dans les TTP des groupes APT qui relèvent du parapluie de Lazare, l'adoption accrue de logiciels malveillants étant rédigée à l'aide de cadres non traditionnels tels que le framework QT, y compris MagicRat et Quiterat.
#### URL de référence (s)
1. https://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram/
#### Date de publication
11 décembre 2023
#### Auteurs)
Jungsoo an
#### Description Cisco Talos has discovered a new campaign conducted by the Lazarus Group, called "Operation Blacksmith," which employs at least three new DLang-based malware families, two of which are remote access trojans (RATs), where one of these uses Telegram bots and channels as a medium of command and control (C2) communications. The RATs are named "NineRAT" and "DLRAT," and the downloader is called "BottomLoader." The campaign consists of continued opportunistic targeting of enterprises globally that publicly host and expose their vulnerable infrastructure to n-day vulnerability exploitation such as CVE-2021-44228 (Log4j). Lazarus has targeted manufacturing, agricultural, and physical security companies. The malware is written in DLang, indicating a definitive shift in TTPs from APT groups falling under the Lazarus umbrella with the increased adoption of malware being authored using non-traditional frameworks such as the Qt framework, including MagicRAT and QuiteRAT. #### Reference URL(s) 1. https://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram/ #### Publication Date December 11, 2023 #### Author(s) Jungsoo An |
Malware Vulnerability | APT 38 | ★★★ |
|
2023-12-13 18:45:00 | Google en utilisant les désinfeursurs de Clang pour protéger Android contre les vulnérabilités de bande de base cellulaire Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities (lien direct) |
Google met en évidence le rôle joué par & nbsp; Clang Sanitizers & NBSP; en durcissant la sécurité de la bande de base cellulaire dans le & nbsp; Android Operating System & NBSP; et empêchant des types de vulnérabilités spécifiques.
Cela comprend un désinfectant de débordement entier (INTSAN) et BoundsSanitizer (Boundsan), qui font tous deux partie de UndefinedBehaviorsanitizer (UBSAN), un outil conçu pour attraper divers types de
Google is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitizer (BoundSan), both of which are part of UndefinedBehaviorSanitizer (UBSan), a tool designed to catch various kinds of |
Tool Vulnerability Mobile | ★★ | |
|
2023-12-13 18:32:00 | Service de renseignement étranger russe a repéré exploiter la vulnérabilité de Jetbrains Russian foreign intelligence service spotted exploiting JetBrains vulnerability (lien direct) |
Les agences gouvernementales aux États-Unis, en Pologne et au Royaume-Uni ont déclaré mercredi que le Service de renseignement étranger de la Russie (SVR) a exploité une vulnérabilité qui a été exposée plus tôt cette année dans un produit populaire du géant du logiciel tchèque Jetbrains.Les responsables ont déclaré qu'ils avaient découverte
Government agencies in the U.S., Poland and the U.K. said on Wednesday that Russia\'s Foreign Intelligence Service (SVR) has been exploiting a vulnerability that was exposed earlier this year in a popular product from Czech software giant JetBrains. Officials said they have notified dozens of companies across the U.S., Europe, Asia and Australia after discovering |
Vulnerability | ★★★ | |
|
2023-12-13 15:21:27 | Dans quelle mesure devrions-nous nous inquiéter de la fuite d'identification «AutoSpill» dans les gestionnaires de mots de passe Android? How worried should we be about the “AutoSpill” credential leak in Android password managers? (lien direct) |
Cette vulnérabilité nouvellement découverte est réelle, mais elle est plus nuancée que cela.
This newly discovered vulnerability is real, but it\'s more nuanced than that. |
Vulnerability Mobile | ★★ | |
|
2023-12-13 11:14:19 | Le correctif de décembre 2023 de Microsoft \\ est de mardi 36 vulnérabilités, 3 critiques et un jour zéro non microsoft Microsoft\\'s December 2023 Patch Tuesday Tackles 36 Vulnerabilities, 3 Critical, and a Non-Microsoft Zero-Day (lien direct) |
Microsoft a publié son correctif de décembre 2023 mardi, adressant un total de 36 vulnérabilités de sécurité ....
Microsoft has released its December 2023 Patch Tuesday, addressing a total of 36 security vulnerabilities.... |
Vulnerability Threat | ★★★ | |
|
2023-12-13 11:00:00 | Qu'est-ce que la sécurité centrée sur les données? What is data-centric security? (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Data is the lifeblood of organizations. It drives decision-making, fosters innovation, and underpins business operations. However, this wealth of data is scattered across multiple cloud platforms, making it an attractive target for cybercriminals, and rendering traditional approaches to data protection obsolete. This is where data-centric security comes into play. This article will explore the concept of data-centric security, why businesses need it, and the benefits it offers. Understanding data-centric security Data-centric security is a comprehensive approach to safeguarding sensitive data by focusing on the data itself rather than the network or perimeter. It revolves around protecting data throughout its lifecycle, ensuring that even if security perimeters are breached, the data remains secure. Data-centric security comprises several key components and principles, including: Data discovery and classification: Identifying and categorizing data based on its sensitivity is the first step in protecting it. By knowing what data is most critical, you can allocate resources and protection measures accordingly. Access controls and permissions: Fine-grained access controls and role-based permissions are essential to restrict data access to authorized users and roles, reducing the risk of data exposure. Encryption: Encrypting data at rest and in transit adds an extra layer of protection, making data inaccessible to unauthorized individuals. Activity monitoring: Real-time activity monitoring and auditing capabilities help detect unusual data access or transfer patterns, allowing for immediate response to potential security incidents. Incident response and mitigation: Effective incident response is crucial in case of a breach or unauthorized access, enabling quick identification of the issue and mitigating any damage. Why businesses need data-centric security The amount of data being used by organizations for day-to-day operations is increasing rapidly. The importance of adopting a data-centric approach to data protection can be summarized into three main reasons: 1. Traditional security is insufficient. Businesses leverage multiple cloud environments, and sensitive data, such as personal information or intellectual property, are migrated and sprawled across these platforms, expanding the attack surface. Data vulnerabilities become increasingly common when network perimeters are hard to define in a hybrid work environment. Applying safeguards directly to data is needed to create more barriers that repel unauthorized data distribution. Data-centric security protects data from all kinds of threats, such as external attackers or negligent employees. 2. Apply granular access controls. Data-centric security is a vital approach to protect your data dynamically. It enables you to have more flexibility in managing your systems and networks by providing fine-grained access controls, which are more effective than traditional access controls. This framework is particularly critical in scenarios where not every user should have access to the entire data within their department. 3. Integrate with existing tech stack. Data-centric security is an effective way to protect a company\'s data from cyber threats. It can be added to existing infrastructure without disrupting normal operations or requiring drastic changes. This allows companies to gradually improve their security measures while freeing up resources for other purposes. Benefits of data-centric security As data becomes increasingly valuable as a competitive advantage, organizations have | Data Breach Tool Vulnerability Cloud | ★★ | |
|
2023-12-13 10:30:00 | Microsoft corrige 34 CVE et un jour zéro en décembre mardi Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday (lien direct) |
Microsoft a publié des mises à jour pour des dizaines de vulnérabilités, y compris une faille zéro jour
Microsoft has released updates for dozens of vulnerabilities including one zero-day flaw |
Vulnerability Threat | ★★★ | |
|
2023-12-12 23:14:00 | Microsoft donne aux administrateurs un sursis avec une mise à jour de correctif plus légère que d'habitude Microsoft Gives Admins a Reprieve With Lighter-Than-Usual Patch Update (lien direct) |
La version finale du correctif de la société pour 2023 contenait des correctifs pour un total de 36 vulnérabilités - aucune, pour un changement, n'a été nulle.
The company\'s final patch release for 2023 contained fixes for a total of just 36 vulnerabilities - none of which, for a change, were zero-days. |
Vulnerability | ★★★ | |
 |
2023-12-12 22:21:00 | Microsoft Patch Mardi, décembre 2023 Édition Microsoft Patch Tuesday, December 2023 Edition (lien direct) |
Le dernier correctif mardi de 2023 est à nos portes, avec Microsoft Corp. aujourd'hui libérant des correctifs pour un nombre relativement petit de trous de sécurité dans ses systèmes d'exploitation Windows et d'autres logiciels.Encore plus inhabituel, il n'y a pas de menaces connues "zéro jour" ciblant aucune des vulnérabilités du lot de patch de décembre.Pourtant, quatre des mises à jour poussées aujourd'hui abordent les vulnérabilités "critiques" qui, selon Microsoft, peuvent être exploitées par malware ou malcontents pour saisir un contrôle complet sur un appareil Windows vulnérable avec peu ou pas d'aide des utilisateurs.
The final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known "zero-day" threats targeting any of the vulnerabilities in December\'s patch batch. Still, four of the updates pushed out today address "critical" vulnerabilities that Microsoft says can be exploited by malware or malcontents to seize complete control over a vulnerable Windows device with little or no help from users. |
Malware Vulnerability | ★★ |
To see everything:
Our RSS (filtrered)
