What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-10-03 17:18:00 | Protéger votre infrastructure informatique avec l'évaluation de la configuration de la sécurité (SCA) Protecting your IT infrastructure with Security Configuration Assessment (SCA) (lien direct) |
L'évaluation de la configuration de la sécurité (SCA) est essentielle à la stratégie de cybersécurité de l'organisation.SCA vise à découvrir les vulnérabilités et les erreurs de configuration que les acteurs malveillants exploitent pour obtenir un accès non autorisé aux systèmes et aux données.Les évaluations régulières de la configuration de la sécurité sont essentielles pour maintenir un environnement sécurisé et conforme, car cela minimise le risque de cyberattaques.Le
Security Configuration Assessment (SCA) is critical to an organization\'s cybersecurity strategy. SCA aims to discover vulnerabilities and misconfigurations that malicious actors exploit to gain unauthorized access to systems and data. Regular security configuration assessments are essential in maintaining a secure and compliant environment, as this minimizes the risk of cyber attacks. The |
Vulnerability Guideline | ★★★ | |
|
2023-09-26 17:20:00 | Guide essentiel de la conformité à la cybersécurité Essential Guide to Cybersecurity Compliance (lien direct) |
SOC 2, ISO, HIPAA, Cyber Essentials & # 8211;Tous les cadres de sécurité et certifications aujourd'hui sont une soupe d'acronyme qui peut même faire un rotation de tête de conformité.Si vous vous lancez dans votre parcours de conformité, lisez la suite pour découvrir les différences entre les normes, ce qui est le mieux pour votre entreprise et comment la gestion de la vulnérabilité peut faciliter la conformité.
Qu'est-ce que la conformité à la cybersécurité?
SOC 2, ISO, HIPAA, Cyber Essentials – all the security frameworks and certifications today are an acronym soup that can make even a compliance expert\'s head spin. If you\'re embarking on your compliance journey, read on to discover the differences between standards, which is best for your business, and how vulnerability management can aid compliance. What is cybersecurity compliance? |
Vulnerability General Information Legislation Guideline | ★★★ | |
|
2023-09-11 16:41:00 | Comment prévenir les violations de l'API: un guide pour une sécurité robuste How to Prevent API Breaches: A Guide to Robust Security (lien direct) |
Avec la dépendance croissante à l'égard des applications Web et des plateformes numériques, l'utilisation des interfaces de programmation d'applications (API) est devenue de plus en plus populaire.Si vous ne connaissez pas le terme, les API permettent aux applications de communiquer entre elles et elles jouent un rôle vital dans le développement de logiciels modernes.
Cependant, la montée de l'utilisation de l'API a également entraîné une augmentation du nombre de violations d'API.
With the growing reliance on web applications and digital platforms, the use of application programming interfaces (APIs) has become increasingly popular. If you aren\'t familiar with the term, APIs allow applications to communicate with each other and they play a vital role in modern software development. However, the rise of API use has also led to an increase in the number of API breaches. |
Guideline | ★★★ | |
|
2023-07-19 17:20:00 | La CISA et la NSA émettent de nouvelles directives pour renforcer la découpage du réseau 5G contre les menaces CISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against Threats (lien direct) |
Les agences de cybersécurité et de renseignement des États-Unis ont publié un ensemble de recommandations pour répondre aux problèmes de sécurité avec le réseau autonome de 5G et les durcir contre les menaces possibles.
"Le paysage des menaces en 5G est dynamique;
U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats. "The threat landscape in 5G is dynamic; due to this, advanced monitoring, auditing, and other analytical capabilities are required to meet certain levels of network slicing service level requirements over |
Threat Guideline | ★★★ | |
|
2023-07-17 16:26:00 | Ces 6 questions vous aideront à choisir la meilleure plate-forme de gestion de surface d'attaque These 6 Questions Will Help You Choose the Best Attack Surface Management Platform (lien direct) |
Le battage médiatique autour de différentes catégories de sécurité peut rendre difficile la discernement des fonctionnalités et des capacités du biais lors de la recherche de nouvelles plateformes.Vous souhaitez faire avancer vos mesures de sécurité, mais quelles étapes ont réellement du sens pour votre entreprise?
Pour toute personne prête à trouver un vendeur de gestion de la surface d'attaque (ASM), passez en revue ces six questions avant de commencer à comprendre les principales fonctionnalités de
The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack surface management (ASM) vendor, review these six questions before getting started to understand the key features to |
Guideline | ★★★ | |
|
2023-04-03 16:50:00 | "C'est les comptes de service, stupides": pourquoi les déploiements PAM prennent-ils (presque) pour toujours à terminer "It\\'s The Service Accounts, Stupid": Why Do PAM Deployments Take (almost) Forever To Complete (lien direct) |
Les solutions de gestion de l'accès privilégié (PAM) sont considérées comme la pratique courante pour prévenir les menaces d'identité pour les comptes administratifs.En théorie, le concept PAM a un sens absolu: placer les informations d'identification de l'administrateur dans un coffre-fort, faire pivoter leurs mots de passe et surveiller étroitement leurs sessions.Cependant, la dure réalité est que la grande majorité des projets PAM deviennent un projet de plusieurs années, ou même
Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory, the PAM concept makes absolute sense: place admin credentials in a vault, rotate their passwords, and closely monitor their sessions. However, the harsh reality is that the vast majority of PAM projects either become a years-long project, or even |
General Information Guideline | ★★ | |
|
2023-03-28 09:11:00 | Apple émet une mise à jour de sécurité urgente pour les modèles iOS et iPados plus anciens [Apple Issues Urgent Security Update for Older iOS and iPadOS Models] (lien direct) | Apple lundi, les correctifs ont été en retard pour un défaut de sécurité activement exploité aux anciens modèles iPhone et iPad.
Le problème, suivi comme CVE-2023-23529, concerne un bug de confusion de type dans le moteur de navigateur WebKit qui pourrait conduire à une exécution de code arbitraire.
Il a été initialement abordé par le géant de la technologie avec des chèques améliorés dans le cadre des mises à jour publiées le 13 février 2023. Un chercheur anonyme a été
Apple on Monday backported fixes for an actively exploited security flaw to older iPhone and iPad models. The issue, tracked as CVE-2023-23529, concerns a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution. It was originally addressed by the tech giant with improved checks as part of updates released on February 13, 2023. An anonymous researcher has been |
Guideline | ★★★ | |
|
2023-03-22 16:50:00 | Prévenir les menaces d'initiés dans votre répertoire actif [Preventing Insider Threats in Your Active Directory] (lien direct) | Active Directory (AD) est un puissant service d'authentification et de répertoire utilisé par les organisations du monde entier.Avec cette omniprésence et cette puissance, il vient du potentiel d'abus.Les menaces d'initiés offrent certains des plus potentiels de destruction.De nombreux utilisateurs internes ont un accès et une visibilité trop fournis dans le réseau interne.
Insiders \\ 'Le niveau d'accès et de confiance dans un réseau mène à
Active Directory (AD) is a powerful authentication and directory service used by organizations worldwide. With this ubiquity and power comes the potential for abuse. Insider threats offer some of the most potentials for destruction. Many internal users have over-provisioned access and visibility into the internal network. Insiders\' level of access and trust in a network leads to unique |
Guideline | ★★ | |
|
2023-03-08 22:00:00 | Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks (lien direct) | A pair of severe security vulnerabilities have been disclosed in the Jenkins open source automation server that could lead to code execution on targeted systems. The flaws, tracked as CVE-2023-27898 and CVE-2023-27905, impact the Jenkins server and Update Center, and have been collectively christened CorePlague by cloud security firm Aqua. All versions of Jenkins versions prior to 2.319.2 are | Guideline Cloud | ★★ | |
|
2023-03-03 15:48:00 | New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices (lien direct) | A pair of serious security defects has been disclosed in the Trusted Platform Module (TPM) 2.0 reference library specification that could potentially lead to information disclosure or privilege escalation. One of the vulnerabilities, CVE-2023-1017, concerns an out-of-bounds write, while the other, CVE-2023-1018, is described as an out-of-bounds read. Credited with discovering and reporting the | Threat Guideline | ★★★ | |
|
2023-03-02 16:51:00 | Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI (lien direct) | A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind. "The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to an | Malware Threat Guideline | ★★ | |
|
2023-02-24 14:30:00 | Majority of Android Apps on Google Play Store Provide Misleading Data Safety Labels (lien direct) | An investigation into data safety labels for Android apps available on the Google Play Store has uncovered "serious loopholes" that allow apps to provide misleading or outright false information. The study, conducted by the Mozilla Foundation as part of its *Privacy Not Included initiative, compared the privacy policies and labels of the 20 most popular paid apps and the 20 most popular free | Guideline | ★★★ | |
|
2023-02-17 11:16:00 | Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software (lien direct) | Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, and | Vulnerability Guideline | ★★★★ | |
|
2023-02-11 11:15:00 | CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the highest privileges. Details | Guideline | ★★ | |
|
2023-02-09 18:41:00 | THN Webinar – Learn How to Comply with New Cyber Insurance Identity Security Requirements (lien direct) | The Hacker News is thrilled to announce the launch of our new educational webinar series, in collaboration with the leading cybersecurity companies in the industry! Get ready to dive into the world of enterprise-level security with expert guests who will share their vast knowledge and provide you with valuable insights and information on various security topics. Whether you're a seasoned | Guideline | ★ | |
|
2023-02-08 15:09:00 | Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware (lien direct) | A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 before he was extradited from the Netherlands in August 2022. He is awaiting sentencing on April 11, 2023. "Between at least | Ransomware Guideline | ★★ | |
|
2023-02-03 12:56:00 | New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products (lien direct) | F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution. The issue is rooted in the iControl Simple Object Access Protocol (SOAP) interface and affects the following versions of BIG-IP - 13.1.5 14.1.4.6 - 14.1.5 15.1.5.1 - 15.1.8 16.1.2.2 - 16.1.3, and 17.0.0 "A format string vulnerability exists in iControl SOAP | Vulnerability Guideline | ★★ | |
|
2023-02-02 15:34:00 | Cybersecurity budgets are going up. So why aren\'t breaches going down? (lien direct) | Over the past few years, cybersecurity has become a major concern for businesses around the globe. With the total cost of cybercrime in 2023 forecasted to reach $8 Trillion – with a T, not a B – it's no wonder that cybersecurity is top of mind for leaders across all industries and regions. However, despite growing attention and budgets for cybersecurity in recent years, attacks have only become | Guideline | ★★ | |
|
2023-02-02 01:29:00 | Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility (lien direct) | Cybersecurity researchers have disclosed details of two security flaws in the open source ImageMagick software that could potentially lead to a denial-of-service (DoS) and information disclosure. The two issues, which were identified by Latin American cybersecurity firm Metabase Q in version 7.1.0-49, were addressed in ImageMagick version 7.1.0-52, released in November 2022. A | Guideline | ★★★ | |
|
2023-01-31 18:16:00 | You Don\'t Know Where Your Secrets Are (lien direct) | Do you know where your secrets are? If not, I can tell you: you are not alone. Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don't know either. No matter the organization's size, the certifications, tools, people, and processes: secrets are not visible in 99% of cases. It might sound ridiculous at first: keeping secrets is an obvious first thought when | Guideline | ★★★ | |
|
2023-01-31 09:36:00 | QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates (lien direct) | Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 and QuTS hero h5.0.1. "If exploited, this vulnerability allows remote attackers to inject | Vulnerability Guideline | ★★ | |
|
2023-01-28 13:25:00 | ISC Releases Security Patches for New BIND DNS Software Vulnerabilities (lien direct) | The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could lead to a denial-of-service (DoS) condition. "A remote attacker could exploit these vulnerabilities to potentially cause denial-of-service conditions and system failures," the U.S. Cybersecurity | Guideline | ★★★ | |
|
2023-01-20 18:27:00 | WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws (lien direct) | The Irish Data Protection Commission (DPC) on Thursday imposed fresh fines of €5.5 million against Meta's WhatsApp for violating data protection laws when processing users' personal information. At the heart of the ruling is an update to the messaging platform's Terms of Service that was enforced in the days leading to the enforcement of the General Data Protection Regulation (GDPR) in May 2018, | Guideline | ★ | |
|
2023-01-18 11:26:00 | CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published four Industrial Control Systems (ICS) advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that could lead to remote code execution via a path traversal flaw (CVE-2022-45092, CVSS score: 9.9) | Guideline Industrial | ★★★ | |
|
2023-01-16 17:52:00 | A Secure User Authentication Method – Planning is More Important than Ever (lien direct) | When considering authentication providers, many organizations consider the ease of configuration, ubiquity of usage, and technical stability. Organizations cannot always be judged on those metrics alone. There is an increasing need to evaluate company ownership, policies and the stability, or instability, that it brings. How Leadership Change Affects Stability In recent months, a salient example | Guideline | ★★★ | |
|
2023-01-10 14:24:00 | Critical Security Flaw Found in "jsonwebtoken" Library Used by 22,000+ Projects (lien direct) | A high-severity security flaw has been disclosed in the open source jsonwebtoken (JWT) library that, if successfully exploited, could lead to remote code execution on a target server. "By exploiting this vulnerability, attackers could achieve remote code execution (RCE) on a server verifying a maliciously crafted JSON web token (JWT) request," Palo Alto Networks Unit 42 researcher Artur Oleyarsh | Guideline | ★★ | |
|
2023-01-05 13:22:00 | Fortinet and Zoho Urge Customers to Patch Enterprise Software Vulnerabilities (lien direct) | Fortinet has warned of a high-severity flaw affecting multiple versions of FortiADC application delivery controller that could lead to the execution of arbitrary code. "An improper neutralization of special elements used in an OS command vulnerability in FortiADC may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP | Vulnerability Guideline | ★★★ | |
|
2022-12-14 18:00:00 | Why PCI DSS 4.0 Should Be on Your Radar in 2023 (lien direct) | Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard (PCI DSS), created by leading credit card companies, establishes best practices for protecting consumers' information. By adhering to these standards, businesses can ensure that their customer's personal and financial information is secure. The PCI DSS | Guideline | ★★★ | |
|
2022-12-14 09:14:00 | New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products (lien direct) | Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. Tracked as CVE-2022-42856, the issue has been described by the tech giant as a type confusion issue in the WebKit browser engine that could be triggered when processing specially crafted content, leading to | Vulnerability Guideline | ★★ | |
|
2022-12-05 19:32:00 | New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers (lien direct) | Three different security flaws have been disclosed in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software that could lead to remote code execution on vulnerable servers. "The impact of exploiting these vulnerabilities include remote control of compromised servers, remote deployment of malware, ransomware and firmware implants, and server physical damage (bricking)," | Ransomware Guideline | ★★ | |
|
2022-11-30 15:11:58 | (Déjà vu) 3 New Vulnerabilities Affect OT Products from German Companies Festo and CODESYS (lien direct) | Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify either an | Guideline | ★★★ | |
|
2022-11-30 12:51:00 | 3 New Vulnerabilities Affect OT Products from German Festo and CODESYS Companies (lien direct) | Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that could lead to source code tampering and denial-of-service (DoS). The vulnerabilities, reported by Forescout Vedere Labs, are the latest in a long list of flaws collectively tracked under the name OT:ICEFALL. "These issues exemplify either an | Guideline | ★★★★ | |
|
2022-11-29 17:00:00 | 7 Cyber Security Tips for SMBs (lien direct) | When the headlines focus on breaches of large enterprises like the Optus breach, it's easy for smaller businesses to think they're not a target for hackers. Surely, they're not worth the time or effort? Unfortunately, when it comes to cyber security, size doesn't matter. Assuming you're not a target leads to lax security practices in many SMBs who lack the knowledge or expertise to put simple | Guideline | ★★★ | |
|
2022-11-24 16:33:00 | Boost Your Security with Europe\'s Leading Bug Bounty Platform (lien direct) | As 2022 comes to an end, now's the time to level up your bug bounty program with Intigriti. Are you experiencing slow bug bounty lead times, gaps in security skills, or low-quality reports from researchers? Intigriti's expert triage team and global community of ethical hackers are enabling businesses to protect themselves against every emerging cybersecurity threat. Join the likes of Intel, | Guideline | ★★★ | |
|
2022-11-24 11:36:00 | Black Basta Ransomware Gang Actively Infiltrating U.S. Companies with Qakbot Malware (lien direct) | Companies based in the U.S. have been at the receiving end of an "aggressive" Qakbot malware campaign that leads to Black Basta ransomware infections on compromised networks. "In this latest campaign, the Black Basta ransomware gang is using QakBot malware to create an initial point of entry and move laterally within an organization's network," Cybereason researchers Joakim Kandefelt and | Ransomware Malware Guideline | ||
|
2022-11-14 18:33:00 | New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders (lien direct) | Entities located in East and Southeast Asia as well as Ukraine have been targeted at least since 2020 by a previously undocumented subgroup of APT41, a prolific Chinese advanced persistent threat (APT). Cybersecurity firm Trend Micro, which christened the espionage crew Earth Longzhi, said the actor's long-running campaign can be split into two based on the toolset deployed to attack its victims | Threat Guideline | APT 41 | ★★ |
|
2022-11-10 13:00:00 | Re-Focusing Cyber Insurance with Security Validation (lien direct) | The rise in the costs of data breaches, ransomware, and other cyber attacks leads to rising cyber insurance premiums and more limited cyber insurance coverage. This cyber insurance situation increases risks for organizations struggling to find coverage or facing steep increases. Some Akin Gump Strauss Hauer & Feld LLP's law firm clients, for example, reported a three-fold increase in insurance | Guideline | ||
|
2022-10-18 15:41:00 | Chinese \'Spyder Loader\' Malware Spotted Targeting Organizations in Hong Kong (lien direct) | The China-aligned espionage-focused actor dubbed Winnti has set its sights on government organizations in Hong Kong as part of an ongoing campaign dubbed Operation CuckooBees. Active since at least 2007, Winnti (aka APT41, Barium, Bronze Atlas, and Wicked Panda) is the name designated to a prolific cyber threat group that carries out Chinese state-sponsored espionage activity, predominantly | Malware Threat Guideline | APT 41 | |
|
2022-10-06 17:50:00 | Details Released for Recently Patched new macOS Archive Utility Vulnerability (lien direct) | Security researchers have shared details about a now-addressed security flaw in Apple's macOS operating system that could be potentially exploited to run malicious applications in a manner that can bypass Apple's security measures. The vulnerability, tracked as CVE-2022-32910, is rooted in the built-in Archive Utility and "could lead to the execution of an unsigned and unnotarized application | Vulnerability Guideline | ||
|
2022-10-05 11:43:00 | Canadian Netwalker Ransomware Affiliate Sentenced to 20 Years in U.S. Prison (lien direct) | A former affiliate of the Netwalker ransomware has been sentenced to 20 years in prison in the U.S., a little over three months after the Canadian national pleaded guilty to his role in the crimes. Sebastien Vachon-Desjardins, 35, has also been ordered to forfeit $21,500,000 that was illicitly obtained from dozens of victims globally, including companies, municipalities, hospitals, law | Ransomware Guideline | ||
|
2022-09-28 10:33:00 | Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely (lien direct) | WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 (CVSS score: 9.8), a critical integer overflow vulnerability in WhatsApp that results in the execution of arbitrary code simply by establishing a video call. The issue impacts the WhatsApp and | Hack Vulnerability Guideline | ||
|
2022-09-21 10:54:00 | Critical Remote Hack Flaws Found in Dataprobe\'s Power Distribution Units (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released an industrial control systems (ICS) advisory warning of seven security flaws in Dataprobe's iBoot-PDU power distribution unit product, mostly used in industrial environments and data centers. "Successful exploitation of these vulnerabilities could lead to unauthenticated remote code execution on the Dataprobe | Hack Guideline | ||
|
2022-09-06 10:48:00 | Researchers Find New Android Spyware Campaign Targeting Uyghur Community (lien direct) | A previously undocumented strain of Android spyware with extensive information gathering capabilities has been found disguised as a book likely designed to target the Uyghur community in China. The malware comes under the guise of a book titled "The China Freedom Trap," a biography written by the exiled Uyghur leader Dolkun Isa. "In light of the ongoing conflict between the | Malware Guideline | ||
|
2022-09-01 08:54:00 | Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability (lien direct) | Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The issue, tracked as CVE-2022-32893 (CVSS score: 8.8), is an out-of-bounds write issue affecting WebKit that could lead to arbitrary code execution when processing maliciously crafted web content. The tech | Vulnerability Guideline | ||
|
2022-08-30 12:30:00 | India\'s Newest Airline Akasa Air Found Leaking Passengers\' Personal Information (lien direct) | Akasa Air, India's newest commercial airline, exposed the personal data belonging to its customers that the company blamed on a technical configuration error. According to security researcher Ashutosh Barot, the issue is rooted in the account registration process, leading to the exposure of details such as names, gender, email addresses, and phone numbers. The bug was identified on August 7, | Guideline | ||
|
2022-08-27 01:09:00 | Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center (lien direct) | Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that could lead to the execution of malicious code on vulnerable installations. Tracked as CVE-2022-36804 (CVSS score: 9.9), the issue has been characterized as a command injection vulnerability in multiple endpoints that could be exploited via specially crafted HTTP requests. “An | Vulnerability Guideline | ||
|
2022-08-25 15:55:00 | Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats (lien direct) | The North Korean nation-state group Kimusky has been linked to a new set of malicious activities directed against political and diplomatic entities located in its southern counterpart in early 2022. Russian cybersecurity firm Kaspersky codenamed the cluster GoldDragon, with the infection chains leading to the deployment of Windows malware designed to file lists, user keystrokes, and stored web | Malware Guideline | ||
|
2022-08-24 05:12:00 | Hackers Using Fake DDoS Protection Pages to Distribute Malware (lien direct) | WordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of malware such as NetSupport RAT and Raccoon Stealer. "A recent surge in JavaScript injections targeting WordPress sites has resulted in fake DDoS prevent prompts which lead victims to download remote access trojan malware," Sucuri's Ben Martin said in a write-up published last week | Malware Guideline | ||
|
2022-08-23 23:21:00 | GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software (lien direct) | DevOps platform GitLab this week issued patches to address a critical security flaw in its software that could lead to arbitrary code execution on affected systems. Tracked as CVE-2022-2884, the issue is rated 9.9 on the CVSS vulnerability scoring system and impacts all versions of GitLab Community Edition (CE) and Enterprise Edition (EE) starting from 11.3.4 before 15.1.5, 15.2 before 15.2.3, | Vulnerability Guideline | ||
|
2022-08-18 06:33:50 | China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year (lien direct) | The Chinese advanced persistent threat (APT) actor tracked as Winnti (aka APT41) has targeted at least 13 organizations geographically spanning across the U.S, Taiwan, India, Vietnam, and China against the backdrop of four different campaigns in 2021. "The targeted industries included the public sector, manufacturing, healthcare, logistics, hospitality, education, as well as the media and | Threat Guideline | APT 41 | ★★ |
To see everything:
Our RSS (filtrered)
