What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-05-01 13:00:31 | Adobe ajoute Firefly et AI Watermarking to Bug Bounty Program Adobe Adds Firefly and AI Watermarking to Bug Bounty Program (lien direct) |
Les chercheurs peuvent gagner jusqu'à 10 000 $ pour des vulnérabilités critiques dans les produits générateurs de l'IA.
Researchers can earn up to $10,000 for critical vulnerabilities in the generative AI products. |
Vulnerability | ||
|
2024-04-24 16:11:26 | Piratage rapide, GPT privé, exploits et Deepfakes de profondeur zéro: le rapport révèle l'impact de l'IA sur le paysage de la cybersécurité Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape (lien direct) |
Un nouveau rapport de la société de cybersécurité Radware identifie les quatre principaux impacts de l'IA sur le paysage des menaces émergeant cette année.
A new report by cyber security firm Radware identifies the four main impacts of AI on the threat landscape emerging this year. |
Vulnerability Threat | ★★★ | |
|
2024-03-26 13:00:38 | La nouvelle vulnérabilité GoFetch dans les puces M d'Apple \\ permet une fuite de clés secrètes sur des ordinateurs compromis New GoFetch Vulnerability in Apple\\'s M Chips Allows Secret Keys Leak on Compromised Computers (lien direct) |
La vulnérabilité GoFetch, qui affecte la série de puces M d'Apple \\, permet à un attaquant de voler des clés secrètes du Mac dans certaines conditions.Lisez des conseils sur l'atténuation de la menace de sécurité de GoFetch.
The GoFetch vulnerability, which affects Apple\'s M series of chips, allows an attacker to steal secret keys from the Mac under certain conditions. Read tips on mitigating the GoFetch security threat. |
Vulnerability Threat | ★★ | |
|
2023-12-07 21:36:55 | Les vulnérabilités Windows et Linux répandues pourraient permettre aux attaquants de se faufiler dans un code malveillant avant de démarrer Widespread Windows and Linux Vulnerabilities Could Let Attackers Sneak in Malicious Code Before Boot (lien direct) |
Lenovo, Ami et Insyde ont publié des correctifs pour Logofail, une attaque d'empoisonnement de la bibliothèque d'images.
Lenovo, AMI and Insyde have released patches for LogoFAIL, an image library poisoning attack. |
Vulnerability | ★★ | |
|
2023-11-10 20:18:57 | Microsoft et Sysaid trouver la vulnérabilité des logiciels malveillants Clop Microsoft and SysAid Find Clop Malware Vulnerability (lien direct) |
SYSAID a corrigé une vulnérabilité zéro-jour qui pourrait permettre aux attaquants d'exfiltrer les données et de lancer des ransomwares.
SysAid has patched a zero-day vulnerability that could allow attackers to exfiltrate data and launch ransomware. |
Ransomware Malware Vulnerability | ★★★ | |
|
2023-10-18 09:15:43 | Le CISO dirigeant veut plus de proactivité de sécurité dans les entreprises australiennes pour éviter les attaques \\ 'surprises \\' Leading CISO Wants More Security Proactivity in Australian Businesses to Avoid Attack \\'Surprises\\' (lien direct) |
Jaya Baloo de Rapid7 \\ affirme qu'un déficit dans la compréhension des actifs et de la vulnérabilité de l'organisation australienne et de la vulnérabilité aide les acteurs à menacer, et cela est exacerbé par une croissance rapide dans les environnements multicloud.
Rapid7\'s Jaya Baloo says a deficit in Australian organisational IT asset and vulnerability understanding is helping threat actors, and this is being exacerbated by fast growth in multicloud environments. |
Vulnerability Threat | ★★ | |
|
2023-10-11 13:40:12 | La nouvelle attaque DDOS est une rupture de disques: HTTP / 2 Réinitialisation rapide zéro-jour rapporté par Google, AWS & Cloudflare New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare (lien direct) |
Une vulnérabilité dans le protocole de réseau HTTP / 2 est actuellement en cours d'exploiter, ce qui entraîne la plus grande attaque DDOS de l'histoire.Découvrez ce que les équipes de sécurité devraient faire maintenant et écoutez ce que le PDG de CloudFlare \\ a à dire à propos de ce DDOS.
A vulnerability in the HTTP/2 network protocol is currently being exploited, resulting in the largest DDoS attack in history. Find out what security teams should do now, and hear what Cloudflare\'s CEO has to say about this DDoS. |
Vulnerability | ★★★ | |
|
2023-08-11 16:58:44 | La vulnérabilité des chutes affecte des millions de processeurs Intel avec un fort impact de fuite de données Downfall Vulnerability Affects Millions of Intel CPUs With Strong Data Leak Impact (lien direct) |
Apprenez les détails techniques sur cette vulnérabilité de sécurité nouvellement divulguée, ainsi que les recommandations d'atténuation du chercheur Google qui l'ont découvert.
Learn technical details about this newly disclosed security vulnerability, as well as mitigation recommendations from the Google researcher who discovered it. |
Vulnerability | ★★ | |
|
2023-04-28 16:36:57 | L'acteur de menace APT28 cible les routeurs Cisco avec une vieille vulnérabilité Threat actor APT28 targets Cisco routers with an old vulnerability (lien direct) |
> Les États-Unis, l'Europe et l'Ukraine seraient des cibles dans cette menace malveillante.Apprenez à protéger les routeurs Cisco affectés.
>The U.S., Europe and Ukraine are reportedly targets in this malware threat. Learn how to protect affected Cisco routers. |
Malware Vulnerability Threat | APT 28 APT 28 | ★★ |
|
2022-12-22 18:25:13 | Cisco Talos report: Threat actors use known Excel vulnerability (lien direct) | >The use of .XLL Excel files by threat actors to infect computers with malware is growing fast. Learn more about this relatively new technique and how to protect from it. | Malware Vulnerability Threat | ★ | |
|
2022-06-02 15:29:04 | Follina abuses Microsoft Office to execute remote code (lien direct) | >A vulnerability dubbed "Follina" could allow attackers to gain full system control of affected systems. Learn more about it and how to protect yourself from it, | Vulnerability | ||
|
2022-06-02 10:00:59 | Critical flaw found inside the UNISOC smartphone chip (lien direct) | >The vulnerability was discovered by Check Point Research. UNISOC processes 11% of the world's smartphones. | Vulnerability | ||
|
2022-05-17 09:01:22 | Half of global CISOs feel their organization is unprepared to deal with cyberattacks (lien direct) | Human error is considered by IT executives to be the biggest vulnerability for organizations in the year ahead. | Vulnerability | ||
|
2022-04-29 20:54:23 | Survey: Recovery from Log4Shell vulnerability is ongoing with 77% of organizations still in patching mode (lien direct) | New research shows that the weakness shattered confidence in cloud defenses and motivated a new set of cybersecurity priorities. | Vulnerability Patching | ||
|
2022-03-30 14:07:52 | North Korean threat actors target news outlets and fintechs with a Google Chrome vulnerability (lien direct) | A vulnerability affecting Google Chrome allows attackers to execute remote code on targeted users. Two North Korean threat actors are using it to attack news outlets, software vendors and fintechs in the U.S. | Vulnerability Threat | ||
|
2022-03-14 13:00:52 | NFTs: The growing cybercrime risks and how to avoid them (lien direct) | One lesser-known aspect of non-fungible tokens is their vulnerability to cybercrime. Learn how you can protect yourself and your company from the potential risks of NFTs. | Vulnerability | ||
|
2022-03-03 19:12:24 | Log4Shell: Still out there, still dangerous, and how to protect your systems (lien direct) | Barracuda researchers have noticed a steady stream of attacks attempting to exploit the Log4j vulnerability since it was found. What's interesting is where most attacks originate. | Vulnerability | ||
|
2022-03-02 13:15:07 | Get ready for security in the age of the Extended Internet of Things, says Claroty (lien direct) | ICS vulnerability disclosures have grown by 110% since 2018, which Claroty said suggests more types of operational technologies are coming online and presenting soft targets. | Vulnerability | ||
|
2022-03-01 18:46:09 | 100 million Samsung phones affected by encryption weakness (lien direct) | The vulnerability lies in how Samsung implemented a portion of the Android Trusted Execution Environment, leading to devices as new as the S21 being vulnerable to initialization vector reuse attacks. | Vulnerability Guideline | ||
|
2022-02-11 17:53:33 | iOS users: Patch now to avoid falling prey to this WebKit vulnerability (lien direct) | iPhones, iPads and the iPod Touch are all at risk, and it doesn't matter what web browser you use: All of them could let an attacker execute arbitrary code on an infected device. | Vulnerability | ||
|
2022-01-28 16:23:44 | Kaspersky stopped more than 30,000 attempts to use the Log4Shell exploit in January (lien direct) | The critical remote code execution vulnerability in Apache's Log4j utility continues to be a popular tactic for cybercriminals. Consider this yet another plea to patch your systems. | Vulnerability | ||
|
2022-01-27 15:51:37 | (Déjà vu) Patch Now: A newly discovered critical Linux vulnerability probably affects your systems (lien direct) | Dubbed PwnKit, it's been sitting in a user policy module used in Linux distros for over a decade and can be used by anyone to gain root privileges. Here's what you can do to protect your systems. | Vulnerability | ||
|
2022-01-27 15:51:09 | Patch now: A newly discovered critical Linux vulnerability probably affects your systems (lien direct) | Dubbed PwnKit, it's been sitting in a user policy module used in Linux distros for over a decade and can be used by anyone to gain root privileges. Here's what you can do to protect your systems. | Vulnerability | ||
|
2022-01-20 17:23:11 | Microsoft RDP vulnerability makes it a breeze for attackers to become men-in-the-middle (lien direct) | The Microsoft RDP vulnerability is a serious problem, but with a few caveats: It's been patched, and experts say it may be less likely to happen than it seems at first glance. | Vulnerability | ||
|
2021-12-22 15:48:00 | Conti ransomware is exploiting the Log4Shell vulnerability to the tune of millions (lien direct) | Log4Shell is a dangerous security concern - and now Conti, a prominent ransomware group, is exploiting it to attack vulnerable servers to extort millions of dollars. | Ransomware Vulnerability | ||
|
2021-12-21 14:10:16 | F-Secure uses flaw in at-home COVID-19 test to fake results (lien direct) | Security researchers used a Bluetooth vulnerability to change negative results to positive. | Vulnerability | ||
|
2021-12-15 19:13:00 | Log4j: How to protect yourself from this security vulnerability (lien direct) | As cybercriminals scan for susceptible servers, there are steps you can take to mitigate the Log4j critical vulnerability. | Vulnerability | ||
|
2021-12-15 09:56:43 | Log4j vulnerability: Why your hot take on it is wrong (lien direct) | Commentary: Those searching for a single cause for the Log4j vulnerability – whether it's open source is not secure, or open source is not sustainable – are getting it wrong. It's a complicated issue. | Vulnerability | ||
|
2021-12-14 16:24:47 | How to test if your Linux server is vulnerable to Log4j (lien direct) | Log4j is a serious vulnerability that has swept across the IT landscape quickly. Here's a single command you can run to test and see if you have any vulnerable packages installed. | Vulnerability | ||
|
2021-12-13 18:35:57 | Critical Log4Shell security flaw lets hackers compromise vulnerable servers (lien direct) | Apache has patched the vulnerability in its Log4j 2 library, but attackers are searching for unprotected servers on which they can remotely execute malicious code. | Vulnerability | ||
|
2021-11-15 19:30:42 | Fake emails exploited FBI email service to warn of phony cyberattacks (lien direct) | A hacker has taken responsibility for the compromise, saying they did it to highlight a vulnerability in the FBI's system. | Vulnerability | ||
|
2021-11-12 21:23:11 | Security researcher: Flaw in Apple Pay, Samsung Pay and Google Pay makes fraud easy for thieves (lien direct) | Positive Technologies expert describes vulnerability linked to apps used to pay for public transit tickets. | Vulnerability | ||
|
2021-10-07 18:46:45 | A holistic approach to vulnerability management solidifies cyberdefenses (lien direct) | Vulnerability scanners are not enough, according to an expert who champions an all-encompassing holistic approach to vulnerability management as a means to eliminate surprises. | Vulnerability | ||
|
2021-10-05 13:37:07 | How to run a basic vulnerability scan on your data center Linux servers with Nessus (lien direct) | Are you certain your Linux servers in your data center are free from vulnerabilities? If not, you need to scan them immediately. Jack Wallen shows you how with Nessus. | Vulnerability | ||
|
2021-09-30 19:05:12 | How to install the Nessus vulnerability scanner on Rocky Linux (lien direct) | If you're looking for one of the best vulnerability scanners on the market, Nessus might be the ticket. Jack Wallen shows you how to install this platform on Rocky Linux. | Vulnerability | ||
|
2021-09-30 17:49:32 | Dell announces new ProSupport Suite and AI-powered Trusted Device capabilities (lien direct) | Both could help businesses struggling to secure remote workforces and protect ever-increasing vulnerability footprints. | Vulnerability | ||
|
2021-09-29 17:22:00 | Why organizations are slow to patch even high-profile vulnerabilities (lien direct) | Not all organizations have a team or even staffers who can focus solely on vulnerability management, says Trustwave. | Vulnerability | ||
|
2021-09-08 15:40:01 | Microsoft warns of attacks targeting Office documents (lien direct) | Affecting Windows desktops and servers, the attacks exploit an MSHTML vulnerability by using specially crafted Microsoft Office documents. | Vulnerability | ||
|
2021-08-18 17:19:46 | ICS vulnerability reports are increasing in number and severity, and exploit complexity is dropping (lien direct) | 71% of vulnerabilities found in the first half of 2021 are classified as high or critical, and 90% are of low complexity, meaning an attacker can expect repeated success under a variety of conditions, says Claroty. | Vulnerability | ||
|
2021-07-22 14:29:08 | Systemd can\'t seem to catch a break: New vulnerability found (lien direct) | A dangerous vulnerability was found in the Linux systemd stack. Find out what it is and how to upgrade your Linux distributions. | Vulnerability | ||
|
2021-07-13 04:01:03 | Vulnerability in Schneider Electric PLCs allows for undetectable remote takeover (lien direct) | Dubbed Modipwn, the vulnerability affects a wide variety of Modicon programmable logic controllers used in manufacturing, utilities, automation and other roles. | Vulnerability | ||
|
2021-04-22 19:11:16 | Parrot OS Security edition is a Linux desktop distribution geared for security admins (lien direct) | Security professionals would be well-served with this Linux distribution that offers a wide range of penetration and vulnerability testing tools. | Vulnerability | ||
|
2021-02-25 16:29:36 | VMWare patches bug that put many large networks at risk (lien direct) | The now-patched vulnerability could have allowed attackers to scan a company's internal network and gain access to sensitive data, says Positive Technologies. | Vulnerability | ||
|
2021-01-07 20:27:19 | (Déjà vu) Homebrew: How to install vulnerability tools on macOS (lien direct) | We'll guide you through the process of using Homebrew package manager to install security tools on macOS to assess vulnerabilities and the security posture of the devices on your network. | Vulnerability | ||
|
2020-12-14 16:57:21 | US government agencies compromised by foreign nation-state (lien direct) | Stretching back for months, the breaches were pulled off by exploiting a vulnerability in network monitoring software from SolarWinds, according to security firm FireEye. | Vulnerability | ||
|
2020-10-07 13:06:45 | Security firm: WarezTheRemote flaw could turn a Comcast remote into a listening device (lien direct) | Could your cable TV device spy on you? Vulnerability found and patched in Comcast TV remote. | Vulnerability | ||
|
2020-09-28 19:31:53 | Cybersecurity: How to properly perform vulnerability assessments in your organization (lien direct) | Assessing the security posture of devices is an important part of securing data and communications. Follow these steps to make sure you do it correctly. | Vulnerability | ||
|
2020-09-21 12:04:26 | Windows Server: Patch this critical flaw now says Homeland Security in emergency warning (lien direct) | Government agencies in the US have until today to patch a Windows Server vulnerability that could give hackers control over federal networks. | Vulnerability | ||
|
2020-08-19 15:56:03 | IBM finds vulnerability in IoT chips present in billions of devices (lien direct) | Manufactured by Thales, the EHS8 module family has security flaws that could allow attackers to take total control over internet-connected industrial machines. | Vulnerability | ||
|
2020-06-08 14:25:23 | How open source software vulnerabilities create risk for organizations (lien direct) | Security flaws in open source software have increased and can take a long time to be added to the National Vulnerability Database, says RiskSense. | Vulnerability |
To see everything:
Our RSS (filtrered)
