Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices

Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. « Out-of-bounds write in libsaped.so prior to SMR Dec-2024 Release 1 allows remote

Hands-On Walkthrough: Microsegmentation For all Users, Workloads and Devices by Elisity

Network segmentation remains a critical security requirement, yet organizations struggle with traditional approaches that demand extensive hardware investments, complex policy management, and disruptive network changes. Healthcare and manufacturing sectors face particular challenges as they integrate diverse endpoints – from legacy medical devices to IoT sensors – onto their production networks.

La convention sur la cybercriminalité adoptée par l’onu

La Convention sur la cybercriminalité, approuvée par l’Assemblée générale des Nations unies après cinq années de négociations, marque un tournant majeur dans la coopération internationale. Adoptée par consensus, elle vise à mieux coordonner la lutte contre les délits informatiques. Désormais, les 193 États membres devront ratifier ce texte pour le rendre pleinement effectif. Cette Convention, […]

2025 : évolutions réglementaires européennes en matière de lutte contre la criminalité financière

2025 marquera une étape majeure dans l’évolution des réglementations européennes sur la criminalité financière, l’identité numérique et la résilience opérationnelle. Ces changements exigeront une planification minutieuse de la part des institutions financières, tant au sein de l’Union européenne qu’ailleurs, pour se conformer aux nouvelles exigences.

Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers

Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. « Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as […]

Fabrice Bru est le nouveau Président du Cesin

Fabrice Bru, directeur cybersécurité et architecture de la STIME – Groupement Les Mousquetaires, prend la Présidence du Cesin, le Club des Experts de la Sécurité de l’Information et du Numérique.

New Banshee Stealer Variant Bypasses Antivirus with Apple’s XProtect-Inspired Encryption

Cybersecurity researchers have uncovered a new, stealthier version of a macOS-focused information-stealing malware called Banshee Stealer. « Once thought dormant after its source code leak in late 2024, this new iteration introduces advanced string encryption inspired by Apple’s XProtect, » Check Point Research said in a new analysis shared with The Hacker News. « This development allows it […]

Product Review: How Reco Discovers Shadow AI in SaaS

As SaaS providers race to integrate AI into their product offerings to stay competitive and relevant, a new challenge has emerged in the world of AI: shadow AI.  Shadow AI refers to the unauthorized use of AI tools and copilots at organizations. For example, a developer using ChatGPT to assist with writing code, a salesperson […]

Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

Ransomware isn’t slowing down—it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom in […]

MirrorFace Leverages ANEL and NOOPDOOR in Multi-Year Cyberattacks on Japan

Japan’s National Police Agency (NPA) and National Center of Incident Readiness and Strategy for Cybersecurity (NCSC) accused a China-linked threat actor named MirrorFace of orchestrating a persistent attack campaign targeting organizations, businesses, and individuals in the country since 2019. The primary objective of the attack campaign is to steal information related to Japan’s national