Le passwordless : une sécurité renforcée ?
’authentification passwordless ne représente qu’une pièce du puzzle de la sécurité de l’entreprise. Il convient de compléter cette mesure avec d’autres capacités de gestion des identités (IAM) afin de répondre aux besoins actuels et futurs en matière de sécurité des identités des organisations.
Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures
Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That’s according to findings from Orange Cyberdefense, which said it observed the exploitation of CVE-2024-21893 within hours of the public release of the proof-the-concept (PoC) code.
Alert: CISA Warns of Active ‘Roundcube’ Email Attacks – Patch Now
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of
CERTFR-2024-ACT-008 : Bulletin d’actualité CERTFR-2024-ACT-008 (12 février 2024)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Rhysida Ransomware Cracked, Free Decryption Tool Released
Cybersecurity researchers have uncovered an « implementation vulnerability » that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea Internet and Security Agency (KISA). « Through a comprehensive analysis of Rhysida Ransomware, we identified an
SOC-as-a-Service : solution miracle pour une sécurité efficace ?
Le SOC-as-a-Service offre une approche pleine d’avenir pour renforcer la sécurité des Systèmes d’Information. Il n’est, toutefois, pas une solution « miracle » sans inconvénients. Les entreprises doivent s’interroger soigneusement, sur les avantages et les défis potentiels, avant de prendre une décision.
CISA and OpenSSF Release Framework for Package Repository Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it’s partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the Principles for Package Repository Security, the framework aims to establish a set of foundational rules for package
Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?
Incident response (IR) is a race against time. You engage your internal or external team because there’s enough evidence that something bad is happening, but you’re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability to discover malicious files […]
4 Ways Hackers use Social Engineering to Bypass MFA
When it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it’s important to remember that MFA isn’t foolproof. It can be bypassed, and it often is. If a password is compromised, […]
Tiers payant, CH Armentières… La situation au 12 février
Tandis que la PJ a ouvert une enquête sur le hack du tiers payant, l’hôpital d’Armentière a été touché par un ransomware. Bilan d’étape.