Actualités – Page 148 – Guillaume BEAUPELLET

Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries

Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that’s believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets, Bitdefender said in a report shared with The Hacker News. « The investigation revealed a troubling

Bulletin d’actualité CERTFR-2024-ACT-022 (21 mai 2024)

Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…

SIEM : 6 fournisseurs dominent un marché qui se densifie

À un an et demi d’intervalle, les positions évoluent peu chez les « leaders » du Magic Quadrant du SIEM. Le reste du marché gagne en densité.

Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats

Rockwell Automation is urging its customers to disconnect all industrial control systems (ICSs) not meant to be connected to the public-facing internet to mitigate unauthorized or malicious cyber activity. The company said it’s issuing the advisory due to « heightened geopolitical tensions and adversarial cyber activity globally. » To that end, customers are required to take immediate

GitHub, là où les secrets zombies sont autant de points d’accès pour les hackers

Un zombie est créé lorsqu’un secret est exposé mais non révoqué, restant ainsi un vecteur d’attaque potentiel. Le seul moyen de supprimer le risque inhérent à la fuite d’un secret est de supprimer toutes les autorisations qui y sont associées.

The Ultimate SaaS Security Posture Management Checklist, 2025 Edition

Since the first edition of The Ultimate SaaS Security Posture Management (SSPM) Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the hundreds, spread across departmental stacks, complicating the job of security teams to protect organizations […]

GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack

Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what’s called a Bring Your Own Vulnerable Driver (BYOVD) attack. Elastic Security Labs is tracking the campaign under the name REF4578 and the primary payload as GHOSTENGINE. Previous research from Chinese

Cybersécurité : Cyberark rachète Venafi

Le spécialiste israëlien de la gestion des identités Cyberark rachète Venafi, éditeur de solutions de protection de l’identité des machines, propriété du fonds d’investissement Thoma Bravo.

MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks

An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in attacks targeting entities in Africa and the Middle East. Russian cybersecurity firm Positive Technologies said it identified over 30 victims spanning government agencies, banks, IT companies, and educational institutions. The first-ever compromise dates back to 2021. […]

Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Zoom Phone and Zoom Rooms coming in the future. « As adversarial threats become more sophisticated, so does the need to safeguard user data, » the company said in a statement. « With the launch of post-quantum E2EE, we are […]