What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-05-07 16:26:00 | Réévaluation des SSE: une analyse technique de l'écart de la protection du dernier mile Reevaluating SSEs: A Technical Gap Analysis of Last-Mile Protection (lien direct) |
Les plates-formes de SECTION Service Edge (SSE) sont devenues l'architecture incontournable pour sécuriser les travaux hybrides et l'accès SaaS. Ils promettent une application centralisée, une connectivité simplifiée et un contrôle de stratégie cohérent entre les utilisateurs et les appareils.
Mais il y a un problème: ils s'arrêtent à l'endroit où l'activité utilisateur la plus sensible se produit réellement - le navigateur.
Ce n'est pas une petite omission. C'est une structure
Security Service Edge (SSE) platforms have become the go-to architecture for securing hybrid work and SaaS access. They promise centralized enforcement, simplified connectivity, and consistent policy control across users and devices. But there\'s a problem: they stop short of where the most sensitive user activity actually happens-the browser. This isn\'t a small omission. It\'s a structural |
Legislation Cloud Technical | ★★★ | |
|
2025-05-06 16:35:00 | Microsoft avertit que les graphiques de barre par défaut pourraient laisser les applications Kubernetes exposées aux fuites de données Microsoft Warns Default Helm Charts Could Leave Kubernetes Apps Exposed to Data Leaks (lien direct) |
Microsoft a averti que l'utilisation de modèles préfabriqués, tels que des graphiques de barre prêts à l'emploi, pendant les déploiements de Kubernetes pourrait ouvrir la porte aux erreurs de configuration et fuir des données précieuses.
"Alors que ces options \\ 'plug-and-play \' simplifient considérablement le processus de configuration, ils hiérarchisent souvent la facilité d'utilisation par rapport à la sécurité", Michael Katchinskiy et Yossi Weizman du Microsoft Defender for Cloud Research Team
Microsoft has warned that using pre-made templates, such as out-of-the-box Helm charts, during Kubernetes deployments could open the door to misconfigurations and leak valuable data. "While these \'plug-and-play\' options greatly simplify the setup process, they often prioritize ease of use over security," Michael Katchinskiy and Yossi Weizman from the Microsoft Defender for Cloud Research team |
Cloud | ★★★ | |
|
2025-05-06 15:30:00 | Protection des données de l'identification ENTRA: essentielle ou exagérée? Entra ID Data Protection: Essential or Overkill? (lien direct) |
Microsoft Entra ID (anciennement Azure Active Directory) est l'épine dorsale de la gestion de l'identité moderne, permettant un accès sécurisé aux applications, aux données et aux services sur lesquels votre entreprise s'appuie. À mesure que le travail hybride et l'adoption du cloud s'accélèrent, l'id ENTRA joue un rôle encore plus central - gérer l'authentification, appliquer la politique et connecter les utilisateurs dans des environnements distribués.
Cette importance aussi
Microsoft Entra ID (formerly Azure Active Directory) is the backbone of modern identity management, enabling secure access to the applications, data, and services your business relies on. As hybrid work and cloud adoption accelerate, Entra ID plays an even more central role - managing authentication, enforcing policy, and connecting users across distributed environments. That prominence also |
Cloud | ★★★ | |
|
2025-04-28 14:37:00 | Earth Kurma cible l'Asie du Sud-Est avec des rootkits et des outils de vol de données basés sur le cloud Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools (lien direct) |
Les secteurs du gouvernement et des télécommunications en Asie du Sud-Est sont devenus la cible d'une campagne "sophistiquée" entreprise par un nouveau groupe avancé de menace persistante (APT) appelée Earth Kurma depuis juin 2024.
Les attaques, par tendance Micro, ont des services de logiciels malveillants personnalisés, de rootkits et de stockage cloud personnalisés pour l'exfiltration de données. Les Philippines, le Vietnam, la Thaïlande et la Malaisie sont parmi les
Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024. The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the |
Malware Tool Threat Prediction Cloud | ★★ | |
|
2025-04-27 10:32:00 | Storm-1977 frappe les nuages d'éducation avec AzureChecker, déploie plus de 200 conteneurs d'extraction de crypto Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers (lien direct) |
Microsoft a révélé qu'un acteur de menace qu'il suit, car Storm-1977 a mené des mots de passe à pulvériser des attaques contre les locataires du cloud dans le secteur de l'éducation au cours de la dernière année.
"L'attaque implique l'utilisation d'AzureChecker.exe, un outil d'interface de ligne de commande (CLI) qui est utilisé par un large éventail d'acteurs de menace", a déclaré l'équipe Microsoft Threat Intelligence dans une analyse.
Le géant de la technologie a noté que
Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors," the Microsoft Threat Intelligence team said in an analysis. The tech giant noted that |
Tool Threat Cloud | ★★★ | |
|
2025-04-22 19:36:00 | Le bug du compositeur de cloud GCP Laisse les attaquants élever l'accès via des packages PYPI malveillants GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages (lien direct) |
Les chercheurs en cybersécurité ont détaillé une vulnérabilité désormais réglée dans Google Cloud Platform (GCP) qui aurait pu permettre à un attaquant d'élever ses privilèges dans le service d'orchestration de flux de travail Cloud Composer qui \\ est basé sur le flux d'air Apache.
"Cette vulnérabilité permet aux attaquants avec des autorisations d'édition dans Cloud Composer à intensifier leur accès au compte de service Cloud Build par défaut, qui
Cybersecurity researchers have detailed a now-patched vulnerability in Google Cloud Platform (GCP) that could have enabled an attacker to elevate their privileges in the Cloud Composer workflow orchestration service that\'s based on Apache Airflow. "This vulnerability lets attackers with edit permissions in Cloud Composer to escalate their access to the default Cloud Build service account, which |
Vulnerability Cloud | ★★★ | |
|
2025-04-22 16:30:00 | 5 préoccupations majeures avec les employés utilisant le navigateur 5 Major Concerns With Employees Using The Browser (lien direct) |
Alors que le travail SaaS et le travail natif du cloud remodèle l'entreprise, le navigateur Web est devenu le nouveau point de terminaison. Cependant, contrairement aux points de terminaison, les navigateurs restent principalement sans surveillance, bien qu'ils soient responsables de plus de 70% des attaques de logiciels malveillants modernes.
Rapport sur la sécurité de State of Browser de Keep Aware \\ met en évidence les principales préoccupations de la sécurité auxquelles les employés utilisent le navigateur Web pour la majeure partie de leur travail.
As SaaS and cloud-native work reshape the enterprise, the web browser has emerged as the new endpoint. However, unlike endpoints, browsers remain mostly unmonitored, despite being responsible for more than 70% of modern malware attacks. Keep Aware\'s recent State of Browser Security report highlights major concerns security leaders face with employees using the web browser for most of their work. |
Malware Cloud | ★★ | |
|
2025-04-18 15:15:00 | [Webinaire] L'IA est déjà à l'intérieur de votre pile SaaS - Apprenez à empêcher la prochaine brèche silencieuse [Webinar] AI Is Already Inside Your SaaS Stack - Learn How to Prevent the Next Silent Breach (lien direct) |
Vos employés ne signifiaient pas d'exposer des données sensibles. Ils voulaient juste se déplacer plus vite. Ils ont donc utilisé Chatgpt pour résumer un accord. Téléchargé une feuille de calcul sur un outil amélioré en AI. A intégré un chatbot dans Salesforce. Pas grand-chose jusqu'à ce que ce soit.
Si cela semble familier, vous n'êtes pas seul. La plupart des équipes de sécurité sont déjà en retard dans la détection de la façon dont les outils d'IA remodèlent tranquillement leurs environnements SaaS. Et
Your employees didn\'t mean to expose sensitive data. They just wanted to move faster. So they used ChatGPT to summarize a deal. Uploaded a spreadsheet to an AI-enhanced tool. Integrated a chatbot into Salesforce. No big deal-until it is. If this sounds familiar, you\'re not alone. Most security teams are already behind in detecting how AI tools are quietly reshaping their SaaS environments. And |
Tool Cloud | ChatGPT | ★★★ |
|
2025-04-16 16:00:00 | Procédure pas à pas du produit: un regard à l'intérieur de la défense de l'identité SaaS en couches de Wing Security \\ Product Walkthrough: A Look Inside Wing Security\\'s Layered SaaS Identity Defense (lien direct) |
Intro: Pourquoi pirater quand vous pouvez vous connecter?
Les applications SaaS sont l'épine dorsale des organisations modernes, alimentaient la productivité et l'efficacité opérationnelle. Mais chaque nouvelle application présente des risques de sécurité critiques via les intégrations d'applications et plusieurs utilisateurs, créant des points d'accès faciles pour les acteurs de la menace. En conséquence, les violations SaaS ont augmenté et, selon un rapport cyber xm de mai 2024, l'identité et
Intro: Why hack in when you can log in? SaaS applications are the backbone of modern organizations, powering productivity and operational efficiency. But every new app introduces critical security risks through app integrations and multiple users, creating easy access points for threat actors. As a result, SaaS breaches have increased, and according to a May 2024 XM Cyber report, identity and |
Hack Threat Cloud | ★★★ | |
|
2025-04-07 16:55:00 | ⚡ Recap hebdomadaire: exploits VPN, violation silencieuse d'Oracle \\, retour de clics et plus encore ⚡ Weekly Recap: VPN Exploits, Oracle\\'s Silent Breach, ClickFix Comeback and More (lien direct) |
Aujourd'hui, chaque système non corrigé, mot de passe divulgué et plugin négligé est une porte pour les attaquants. Les chaînes d'approvisionnement s'étendent profondément dans le code en qui nous avons confiance, et les logiciels malveillants se cachent non seulement dans les applications ombragées - mais dans les offres de travail, le matériel et les services cloud sur lesquels nous comptons chaque jour.
Les pirates n'ont plus besoin d'exploits sophistiqués. Parfois, vos informations d'identification et un peu d'ingénierie sociale suffisent.
Cette semaine,
Today, every unpatched system, leaked password, and overlooked plugin is a doorway for attackers. Supply chains stretch deep into the code we trust, and malware hides not just in shady apps - but in job offers, hardware, and cloud services we rely on every day. Hackers don\'t need sophisticated exploits anymore. Sometimes, your credentials and a little social engineering are enough. This week, |
Malware Cloud | ★★★ | |
|
2025-04-02 19:18:00 | Google Fixed Cloud Run Vulnérabilité permettant un accès à l'image non autorisé via IAM Utilisation abusive Google Fixed Cloud Run Vulnerability Allowing Unauthorized Image Access via IAM Misuse (lien direct) |
Les chercheurs en cybersécurité ont divulgué les détails d'une vulnérabilité d'escalade de privilèges désormais réglée dans la gamme de cloud (GCP) de la plate-forme de Google Cloud (GCP) qui aurait pu permettre à un acteur malveillant d'accéder aux images de conteneurs et même d'injecter du code malveillant.
"La vulnérabilité aurait pu permettre à une telle identité d'abuser de ses autorisations Google Cloud Run Revision Modifier afin de retirer le privé Google Artefact
Cybersecurity researchers have disclosed details of a now-patched privilege escalation vulnerability in Google Cloud Platform (GCP) Cloud Run that could have allowed a malicious actor to access container images and even inject malicious code. "The vulnerability could have allowed such an identity to abuse its Google Cloud Run revision edit permissions in order to pull private Google Artifact |
Vulnerability Cloud | ★★★ | |
|
2025-03-31 16:55:00 | ⚡ Recaps hebdomadaire: chrome 0-jour, cauchemar de pénétration, bugs solaires, tactiques DNS, et plus encore ⚡ Weekly Recap: Chrome 0-Day, IngressNightmare, Solar Bugs, DNS Tactics, and More (lien direct) |
Chaque semaine, quelqu'un quelque part se glisse vers le haut et menace les acteurs. Mais que se passe-t-il lorsque les chasseurs deviennent chassés? Ou quand les vieux logiciels malveillants relancent avec de nouvelles astuces?
Marchez derrière le rideau avec nous cette semaine alors que nous explorons les violations nées des oublis de routine - et l'inattendu
Every week, someone somewhere slips up-and threat actors slip in. A misconfigured setting, an overlooked vulnerability, or a too-convenient cloud tool becomes the perfect entry point. But what happens when the hunters become the hunted? Or when old malware resurfaces with new tricks? Step behind the curtain with us this week as we explore breaches born from routine oversights-and the unexpected |
Malware Tool Vulnerability Threat Cloud | ★★★ | |
|
2025-03-31 16:30:00 | 5 vulnérabilités AWS percutantes dont vous êtes responsable 5 Impactful AWS Vulnerabilities You\\'re Responsible For (lien direct) |
Si vous utilisez AWS, il est facile de supposer que votre sécurité de cloud est gérée - mais c'est une idée fausse dangereuse. AWS sécurise sa propre infrastructure, mais la sécurité dans un environnement cloud reste la responsabilité du client.
Pensez à la sécurité AWS comme la protection d'un bâtiment: AWS fournit des murs forts et un toit solide, mais il est à la hauteur du client pour gérer les serrures, installer les systèmes d'alarme,
If you\'re using AWS, it\'s easy to assume your cloud security is handled - but that\'s a dangerous misconception. AWS secures its own infrastructure, but security within a cloud environment remains the customer\'s responsibility. Think of AWS security like protecting a building: AWS provides strong walls and a solid roof, but it\'s up to the customer to handle the locks, install the alarm systems, |
Vulnerability Cloud | ★★★ | |
|
2025-03-27 16:55:00 | Le nouveau rapport explique pourquoi les solutions CASB ne parviennent pas à s'adresser à Shadow SaaS et comment le réparer New Report Explains Why CASB Solutions Fail to Address Shadow SaaS and How to Fix It (lien direct) |
Qu'il s'agisse de CRMS, d'outils de gestion de projet, de processeurs de paiement ou d'outils de gestion de plomb - votre main-d'œuvre utilise les applications SaaS par la livre. Les organisations s'appuient souvent sur des solutions CASB traditionnelles pour protéger contre l'accès malveillant et l'exfiltration des données, mais ceux-ci ne sont pas à la protection contre le SaaS de l'ombre, les dommages causés par les données, etc.
Un nouveau rapport, Comprendre les risques de sécurité SaaS: pourquoi
Whether it\'s CRMs, project management tools, payment processors, or lead management tools - your workforce is using SaaS applications by the pound. Organizations often rely on traditional CASB solutions for protecting against malicious access and data exfiltration, but these fall short for protecting against shadow SaaS, data damage, and more. A new report, Understanding SaaS Security Risks: Why |
Tool Cloud | ★★★ | |
|
2025-03-25 16:30:00 | Sécurité SaaS alimentée par AI: suivre le rythme d'une surface d'attaque en expansion AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface (lien direct) |
Les organisations utilisent désormais une moyenne de 112 applications SaaS - un nombre qui continue de croître. Dans une étude en 2024, 49% des 644 répondants qui utilisaient fréquemment Microsoft 365 pensaient qu'ils avaient moins de 10 applications connectées à la plate-forme, malgré le fait que les données agrégées indiquaient plus de 1 000 connexions Microsoft 365 SaaS-SAAS en moyenne par déploiement. Et ce n'est qu'un seul fournisseur de saas majeur.
Organizations now use an average of 112 SaaS applications-a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that\'s just one major SaaS provider. |
Studies Cloud | ★★ | |
|
2025-03-20 16:55:00 | Comment protéger votre entreprise des cyber-menaces: maîtriser le modèle de responsabilité partagée How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model (lien direct) |
La cybersécurité n'est pas juste une autre case à cocher sur votre programme commercial. C'est un pilier fondamental de survie. À mesure que les organisations migrent de plus en plus leurs opérations vers le cloud, comprendre comment protéger vos actifs numériques devient cruciale. Le modèle de responsabilité partagé, illustré par l'approche de Microsoft 365 \\, offre un cadre pour comprendre et mettre en œuvre une cybersécurité efficace
Cybersecurity isn\'t just another checkbox on your business agenda. It\'s a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365\'s approach, offers a framework for comprehending and implementing effective cybersecurity |
Cloud | ★★★ | |
|
2025-03-19 16:00:00 | 5 Détection et réponse des menaces d'identité incontournables pour la sécurité du super saaS 5 Identity Threat Detection & Response Must-Haves for Super SaaS Security (lien direct) |
Les attaques basées sur l'identité sont en augmentation. Les attaquants ciblent des identités avec des références compromises, des méthodes d'authentification détournées et des privilèges mal utilisés. Bien que de nombreuses solutions de détection de menaces se concentrent sur les menaces de cloud, de point final et de réseau, elles négligent les risques uniques posés par les écosystèmes d'identité SaaS. Cet angle mort fait des ravages sur des organisations très chères du SaaS, grandes et petites
Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small |
Threat Cloud | ★★ | |
|
2025-03-18 19:30:00 | Google acquiert Wiz pour 32 milliards de dollars dans sa plus grande transaction pour stimuler la sécurité du cloud Google Acquires Wiz for $32 Billion in Its Biggest Deal Ever to Boost Cloud Security (lien direct) |
Google fait la plus grande acquisition de son historique en achetant une société de sécurité cloud Wiz dans un accord de tous les cas d'une valeur de 32 milliards de dollars.
"Cette acquisition représente un investissement de Google Cloud pour accélérer deux grandes tendances croissantes à l'ère de l'IA: une meilleure sécurité du cloud et la possibilité d'utiliser plusieurs nuages (Multicloud)", a déclaré le géant de la technologie aujourd'hui.
Il a ajouté l'acquisition, qui est
Google is making the biggest ever acquisition in its history by purchasing cloud security company Wiz in an all-cash deal worth $32 billion. "This acquisition represents an investment by Google Cloud to accelerate two large and growing trends in the AI era: improved cloud security and the ability to use multiple clouds (multicloud)," the tech giant said today. It added the acquisition, which is |
Cloud | ★★★ | |
|
2025-03-17 16:30:00 | SANS Institute met en garde contre les nouvelles attaques de ransomwares natifs du nuage SANS Institute Warns of Novel Cloud-Native Ransomware Attacks (lien direct) |
Le dernier rapport Palo Alto Networks Unit 42 Cloud Mense Rapport a révélé que les données sensibles se trouvent dans 66% des seaux de stockage cloud. Ces données sont vulnérables aux attaques de ransomwares. Le SANS Institute a récemment rapporté que ces attaques peuvent être effectuées en abusant des contrôles de sécurité de stockage du fournisseur de cloud \\ et des paramètres par défaut.
«Au cours des derniers mois, j'ai assisté à deux méthodes différentes pour
The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider\'s storage security controls and default settings. “In just the past few months, I have witnessed two different methods for |
Ransomware Threat Cloud | ★★★ | |
|
2025-03-15 11:25:00 | Les packages PYPI malveillants ont volé des jetons de nuage - sur 14 100 téléchargements avant le retrait Malicious PyPI Packages Stole Cloud Tokens-Over 14,100 Downloads Before Removal (lien direct) |
Les chercheurs en cybersécurité ont mis en garde contre une campagne malveillante ciblant les utilisateurs du référentiel Python Package Index (PYPI) avec des bibliothèques fausses déguisées comme des utilitaires liés à "temps", mais en hébergeant des fonctionnalités cachées pour voler des données sensibles telles que les jetons d'accès cloud.
La société de sécurité de la chaîne d'approvisionnement des logiciels REVERSINGLABS a déclaré avoir découvert deux ensembles de packages totalisant 20 d'entre eux. Les packages
Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packages |
Cloud | ★★ | |
|
2025-03-13 16:30:00 | Continuité des activités à l'épreuve du futur: Tendances et défis du BCDR pour 2025 Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025 (lien direct) |
Au fur et à mesure que les environnements deviennent plus complexes, les professionnels de l'informatique sont confrontés à une pression sans précédent pour sécuriser les données critiques. Avec le travail hybride, la nouvelle adoption standard et le cloud en augmentation, les données sont de plus en plus distribuées dans différents environnements, fournisseurs et emplacements, élargissant la surface d'attaque pour les cybermentures émergentes. Tandis que la nécessité d'une solide stratégie de protection des données est devenue
As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become |
Cloud | ★★ | |
|
2025-03-10 15:16:00 | ⚡ Recaps hebdomadaire thn: nouvelles attaques, anciens astuces, plus grand impact ⚡ THN Weekly Recap: New Attacks, Old Tricks, Bigger Impact (lien direct) |
Les cyber-menaces aujourd'hui n'évoluent pas - ils mutent rapidement, testant la résilience de tout, des systèmes financiers mondiaux aux infrastructures critiques. Alors que la cybersécurité est confrontée à de nouveaux champs de bataille allant de l'espionnage et des ransomwares à l'État-nation à des chatbots d'IA manipulés - le paysage devient de plus en plus complexe, ce qui rend les questions vitales: quelle est la sécurité de nos environnements cloud? Peut notre
Cyber threats today don\'t just evolve-they mutate rapidly, testing the resilience of everything from global financial systems to critical infrastructure. As cybersecurity confronts new battlegrounds-ranging from nation-state espionage and ransomware to manipulated AI chatbots-the landscape becomes increasingly complex, prompting vital questions: How secure are our cloud environments? Can our |
Ransomware Cloud | ★★★ | |
|
2025-03-07 11:10:00 | Safe {Wallet} confirme les pirates nord-coréens de TraderTraitor Safe{Wallet} Confirms North Korean TraderTraitor Hackers Stole $1.5 Billion in Bybit Heist (lien direct) |
Safe {Wallet} a révélé que l'incident de cybersécurité qui a conduit à l'attaque de crypto de 1,5 milliard de dollars est une "attaque très sophistiquée et parrainée par l'État", déclarant les acteurs de la menace nord-coréenne derrière le piratage ont pris des mesures pour effacer les traces de l'activité malveillante dans un effort pour entraver les efforts d'enquête.
La plate-forme multi-signature (multisig), qui a encadré Google Cloud mandiant à
Safe{Wallet} has revealed that the cybersecurity incident that led to the Bybit $1.5 billion crypto heist is a "highly sophisticated, state-sponsored attack," stating the North Korean threat actors behind the hack took steps to erase traces of the malicious activity in an effort to hamper investigation efforts. The multi-signature (multisig) platform, which has roped in Google Cloud Mandiant to |
Hack Threat Cloud | ★★★ | |
|
2025-03-05 16:30:00 | Identité: le nouveau champ de bataille de cybersécurité Identity: The New Cybersecurity Battleground (lien direct) |
L'adoption rapide des services cloud, les applications SaaS et le passage au travail à distance ont fondamentalement remodelé le fonctionnement des entreprises. Ces avancées technologiques ont créé un monde d'opportunités, mais ont également provoqué des complexités qui représentent des menaces de sécurité importantes. Au cœur de ces vulnérabilités se trouve l'identité - la passerelle vers la sécurité de l'entreprise et le vecteur d'attaque numéro un
The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of these vulnerabilities lies Identity-the gateway to enterprise security and the number one attack vector |
Vulnerability Cloud | ★★★ | |
|
2025-02-25 11:21:00 | Les attaques de phishing fatalrat ciblent les industries APAC en utilisant des services de cloud chinois FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (lien direct) |
Diverses organisations industrielles de la région Asie-Pacifique (APAC) ont été ciblées dans le cadre des attaques de phishing conçues pour fournir un logiciel malveillant connu appelé Fatalrat.
"La menace a été orchestrée par les attaquants en utilisant le réseau de livraison de contenu cloud chinois légitime (CDN) Myqcloud et le service de notes de cloud Youdao dans le cadre de leur infrastructure d'attaque", a déclaré Kaspersky ICS CERT dans un lundi
Various industrial organizations in the Asia-Pacific (APAC) region have been targeted as part of phishing attacks designed to deliver a known malware called FatalRAT. "The threat was orchestrated by attackers using legitimate Chinese cloud content delivery network (CDN) myqcloud and the Youdao Cloud Notes service as part of their attack infrastructure," Kaspersky ICS CERT said in a Monday |
Malware Threat Industrial Cloud | ★★★ | |
|
2025-02-24 16:47:00 | Google Cloud KMS ajoute des signatures numériques à sécurité quantique pour se défendre contre les menaces futures Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats (lien direct) |
Google Cloud a annoncé des signatures numériques en sécurité quantique dans Google Cloud Key Management Service (Cloud KMS) pour les clés logicielles comme moyen de systèmes de chiffrement par balle contre la menace posée par les ordinateurs quantiques pertinents cryptographiquement.
La fonctionnalité, actuellement en avant-première, coexiste avec le National Institute of Standards and Technology \'s (NIST) Post-Quantum Cryptography (PQC)
Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with the National Institute of Standards and Technology\'s (NIST) post-quantum cryptography (PQC) |
Threat Cloud | ★★ | |
|
2025-02-17 14:49:00 | ⚡ THN Weekly Recap: Google Secrets Stolen, Windows Hack, New Crypto Scams and More (lien direct) | Welcome to this week\'s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights.
⚡ Threat of the Week
Russian Threat Actors Leverage Device Code Phishing to Hack
Welcome to this week\'s Cybersecurity News Recap. Discover how cyber attackers are using clever tricks like fake codes and sneaky emails to gain access to sensitive data. We cover everything from device code phishing to cloud exploits, breaking down the technical details into simple, easy-to-follow insights. ⚡ Threat of the Week Russian Threat Actors Leverage Device Code Phishing to Hack |
Hack Threat Cloud Technical | ★★ | |
|
2025-02-12 11:27:00 | Ivanti Patches Critical Flaws in Connect Secure and Policy Secure – Update Now (lien direct) | Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution.
The list of vulnerabilities is below -
CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy
Ivanti has released security updates to address multiple security flaws impacting Connect Secure (ICS), Policy Secure (IPS), and Cloud Services Application (CSA) that could be exploited to achieve arbitrary code execution. The list of vulnerabilities is below - CVE-2024-38657 (CVSS score: 9.1) - External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy |
Vulnerability Cloud | ★★★ | |
|
2025-02-10 17:43:00 | [10 February] (lien direct) | In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket-each one seems minor until it becomes the entry point for an attack.
This week, we\'ve seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system is too small to be targeted. The question
In cybersecurity, the smallest crack can lead to the biggest breaches. A leaked encryption key, an unpatched software bug, or an abandoned cloud storage bucket-each one seems minor until it becomes the entry point for an attack. This week, we\'ve seen cybercriminals turn overlooked weaknesses into major security threats, proving once again that no system is too small to be targeted. The question |
Tool Cloud | ★★★ | |
|
2025-02-04 16:30:00 | Watch Out For These 8 Cloud Security Shifts in 2025 (lien direct) | As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud.
But there are other developments that could impact your organizations and drive the need for an even more robust security strategy. Let\'s take a
As cloud security evolves in 2025 and beyond, organizations must adapt to both new and evolving realities, including the increasing reliance on cloud infrastructure for AI-driven workflows and the vast quantities of data being migrated to the cloud. But there are other developments that could impact your organizations and drive the need for an even more robust security strategy. Let\'s take a |
Prediction Cloud | ★★★ | |
|
2025-02-03 16:30:00 | What Is Attack Surface Management? (lien direct) | Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what\'s exposed and where attackers are most likely to strike.
With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker\'s perspective has never been more important.
In this
Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what\'s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker\'s perspective has never been more important. In this |
Cloud | ★★★ | |
|
2025-02-01 12:10:00 | BeyondTrust Zero-Day Breach Exposes 17 SaaS Customers via Compromised API Key (lien direct) | BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company\'s Remote Support SaaS instances by making use of a compromised API key.
The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged
BeyondTrust has revealed it completed an investigation into a recent cybersecurity incident that targeted some of the company\'s Remote Support SaaS instances by making use of a compromised API key. The company said the breach involved 17 Remote Support SaaS customers and that the API key was used to enable unauthorized access by resetting local application passwords. The breach was first flagged |
Vulnerability Threat Cloud | ★★★ | |
|
2025-01-24 16:30:00 | 2025 State of SaaS Backup and Recovery Report (lien direct) | The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this
The modern workplace has undergone a seismic transformation over recent years, with hybrid work becoming the norm and businesses rapidly adopting cloud-based Software-as-a-Service (SaaS) applications to facilitate it. SaaS applications like Microsoft 365 and Google Workspace have now become the backbone of business operations, enabling seamless collaboration and productivity. However, this |
Cloud | ★★★ | |
|
2025-01-23 11:05:00 | TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware (lien direct) | Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks.
"This actor engaged in a variety of threat activity, including cryptocurrency mining operations on hijacked cloud resources and ransomware activity," the tech giant\'s cloud division said in its 11th
Google on Wednesday shed light on a financially motivated threat actor named TRIPLESTRENGTH for its opportunistic targeting of cloud environments for cryptojacking and on-premise ransomware attacks. "This actor engaged in a variety of threat activity, including cryptocurrency mining operations on hijacked cloud resources and ransomware activity," the tech giant\'s cloud division said in its 11th |
Ransomware Threat Cloud | ★★ | |
|
2025-01-22 16:01:00 | Discover Hidden Browsing Threats: Free Risk Assessment for GenAI, Identity, Web, and SaaS Risks (lien direct) | As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they do not always know which risks to prioritize. In some cases, they might have
As GenAI tools and SaaS platforms become a staple component in the employee toolkit, the risks associated with data exposure, identity vulnerabilities, and unmonitored browsing behavior have skyrocketed. Forward-thinking security teams are looking for security controls and strategies to address these risks, but they do not always know which risks to prioritize. In some cases, they might have |
Tool Vulnerability Cloud | ★★ | |
|
2025-01-20 16:40:00 | Product Walkthrough: How Satori Secures Sensitive Data From Production to AI (lien direct) | Every week seems to bring news of another data breach, and it\'s no surprise why: securing sensitive data has become harder than ever. And it\'s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting
Every week seems to bring news of another data breach, and it\'s no surprise why: securing sensitive data has become harder than ever. And it\'s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. Not to mention, compliance requirements are only getting |
Data Breach Cloud | Satori | ★★★ |
|
2025-01-15 17:56:00 | Google Cloud Researchers Uncover Flaws in Rsync File Synchronization Tool (lien direct) | As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client.
"Attackers can take control of a malicious server and read/write arbitrary files of any connected client," the CERT Coordination Center (CERT/CC) said in an advisory. "Sensitive data, such as SSH keys,
As many as six security vulnerabilities have been disclosed in the popular Rsync file-synchronizing tool for Unix systems, some of which could be exploited to execute arbitrary code on a client. "Attackers can take control of a malicious server and read/write arbitrary files of any connected client," the CERT Coordination Center (CERT/CC) said in an advisory. "Sensitive data, such as SSH keys, |
Tool Vulnerability Cloud | ★★ | |
|
2025-01-14 15:38:00 | 4 Reasons Your SaaS Attack Surface Can No Longer be Ignored (lien direct) | What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025.
What do identity risks, data security risks and third-party
What do identity risks, data security risks and third-party risks all have in common? They are all made much worse by SaaS sprawl. Every new SaaS account adds a new identity to secure, a new place where sensitive data can end up, and a new source of third party risk. Learn how you can protect this sprawling attack surface in 2025. What do identity risks, data security risks and third-party |
Cloud | ★★★ | |
|
2025-01-13 19:03:00 | Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners (lien direct) | A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners.
Cloud security firm Wiz said it\'s currently responding to "multiple incidents" involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it\'s currently responding to "multiple incidents" involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in |
Vulnerability Threat Cloud | ★★★ | |
|
2025-01-09 17:25:00 | Product Review: How Reco Discovers Shadow AI in SaaS (lien direct) | As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.
Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a
As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI. Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson downloading an AI-powered meeting transcription tool, or a |
Tool Cloud | ChatGPT | ★★★ |
|
2025-01-06 17:00:00 | From $22M in Ransom to +100M Stolen Records: 2025\\'s All-Star SaaS Threat Actors to Watch (lien direct) | In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)-a 75% increase from last year-and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout
In 2024, cyber threats targeting SaaS surged, with 7,000 password attacks blocked per second (just in Entra ID)-a 75% increase from last year-and phishing attempts up by 58%, causing $3.5 billion in losses (source: Microsoft Digital Defense Report 2024). SaaS attacks are increasing, with hackers often evading detection through legitimate usage patterns. The cyber threat arena saw standout |
Threat Cloud | ★★★ | |
|
2025-01-02 16:23:00 | Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them (lien direct) | In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS
In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS |
Threat Cloud | ★★ | |
|
2024-12-27 16:40:00 | Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia (lien direct) | The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024.
"Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code," Kaspersky researcher Oleg
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code," Kaspersky researcher Oleg |
Malware Vulnerability Threat Cloud | ★★ | |
|
2024-12-25 19:15:00 | Ruijie Networks\\' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks (lien direct) | Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances.
"These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices," Claroty researchers Noam Moshe and Tomer Goldschmidt said in a recent analysis. "The vulnerabilities, if
Cybersecurity researchers have discovered several security flaws in the cloud management platform developed by Ruijie Networks that could permit an attacker to take control of the network appliances. "These vulnerabilities affect both the Reyee platform, as well as Reyee OS network devices," Claroty researchers Noam Moshe and Tomer Goldschmidt said in a recent analysis. "The vulnerabilities, if |
Vulnerability Cloud | ★★ | |
|
2024-12-19 15:30:00 | CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01 (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines.
"Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls,
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines. "Recent cybersecurity incidents highlight the significant risks posed by misconfigurations and weak security controls, |
Cloud | ★★ | |
|
2024-12-18 19:40:00 | HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft (lien direct) | Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims\' Microsoft Azure cloud infrastructure.
The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to the abuse of HubSpot tools in the attack chain. Targets include at least 20,000 automotive, chemical,
Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims\' Microsoft Azure cloud infrastructure. The campaign has been codenamed HubPhish by Palo Alto Networks Unit 42 owing to the abuse of HubSpot tools in the attack chain. Targets include at least 20,000 automotive, chemical, |
Tool Cloud | ★★★ | |
|
2024-12-18 14:45:00 | BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (lien direct) | BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access (PRA) and Remote Support (RS) products that could potentially lead to the execution of arbitrary commands.
Privileged Remote Access controls, manages, and audits privileged accounts and credentials, offering zero trust access to on-premises and cloud resources by internal, external, and third-party users.
BeyondTrust has disclosed details of a critical security flaw in Privileged Remote Access (PRA) and Remote Support (RS) products that could potentially lead to the execution of arbitrary commands. Privileged Remote Access controls, manages, and audits privileged accounts and credentials, offering zero trust access to on-premises and cloud resources by internal, external, and third-party users. |
Vulnerability Cloud | ★★ | |
|
2024-12-12 17:00:00 | SaaS Budget Planning Guide for IT Professionals (lien direct) | SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it\'s no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect both the bottom line and employee productivity.
In this article, we\'ll break down this topic
SaaS services are one of the biggest drivers of OpEx (operating expenses) for modern businesses. With Gartner projecting $247.2 billion in global SaaS spending this year, it\'s no wonder SaaS budgets are a big deal in the world of finance and IT. Efficient SaaS utilization can significantly affect both the bottom line and employee productivity. In this article, we\'ll break down this topic |
Cloud | ★★★ | |
|
2024-12-11 08:29:00 | Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (lien direct) | Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution.
The list of vulnerabilities is as follows -
CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows - CVE-2024-11639 (CVSS score: 10.0) - An authentication bypass vulnerability in the admin web console of Ivanti CSA before 5.0.3 that allows a remote |
Vulnerability Cloud | ★★ | |
|
2024-12-04 17:20:00 | 7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments (lien direct) | Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud\'s flexibility, scalability, and efficiency come with significant risk - an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud\'s flexibility, scalability, and efficiency come with significant risk - an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and |
Cloud | ★★★ |
To see everything:
Our RSS (filtrered)
