Fortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active Exploitation
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild. The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands. « A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via […]
Warning: New Ivanti Auth Bypass Flaw Affects Connect Secure and ZTA Gateways
Ivanti has alerted customers of yet another high-severity security flaw in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication. The issue, tracked as CVE-2024-22024, is rated 8.3 out of 10 on the CVSS scoring system. « An XML external entity or XXE vulnerability in the SAML component of Ivanti […]
Tiers payant : qui hébergeait les données exposées ?
À quels hébergeurs Almerys et Viamedis avaient-ils confié leurs données de tiers payant ? Sur ce sujet, chacun a son historique.
Chinese Hackers Operate Undetected in U.S. Critical Infrastructure for Half a Decade
The U.S. government on Wednesday said the Chinese state-sponsored hacking group known as Volt Typhoon had been embedded into some critical infrastructure networks in the country for at least five years. Targets of the threat actor include communications, energy, transportation, and water and wastewater systems sectors in the U.S. and Guam. « Volt Typhoon’s choice of targets and […]
Unified Identity – look for the meaning behind the hype!
If you’ve listened to software vendors in the identity space lately, you will have noticed that “unified” has quickly become the buzzword that everyone is adopting to describe their portfolio. And this is great! Unified identity has some amazing benefits! However (there is always a however, right?) not every “unified” “identity” “security” “platform” is made […]
HijackLoader Evolves: Researchers Decode the Latest Evasion Methods
The threat actors behind a loader malware called HijackLoader have added new techniques for defense evasion, as the malware continues to be increasingly used by other threat actors to deliver additional payloads and tooling. « The malware developer used a standard process hollowing technique coupled with an additional trigger that was activated by the parent process writing to […]
Cybersécurité : Neverhack acquiert Expert Line
L’objectif affiché du rapprochement de Neverhack et Expert Line est de se positionner comme un « one stop shop » pour répondre aux principaux enjeux cyber des entreprises : protection, résilience et défense.
Tiers payant : le point sur cette cyberattaque à 33 millions de victimes
Les cyberattaques survenues la semaine passée contre des gestionnaires du tiers payant auraient exposé les données de 33 millions de personnes.
Google Starts Blocking Sideloading of Potentially Dangerous Android Apps in Singapore
Google has unveiled a new pilot program in Singapore that aims to prevent users from sideloading certain apps that abuse Android app permissions to read one-time passwords and gather sensitive data. « This enhanced fraud protection will analyze and automatically block the installation of apps that may use sensitive runtime permissions frequently abused for financial fraud […]
Kimsuky’s New Golang Stealer ‘Troll’ and ‘GoBear’ Backdoor Target South Korea
The North Korea-linked nation-state actor known as Kimsuky is suspected of using a previously undocumented Golang-based information stealer called Troll Stealer. The malware steals « SSH, FileZilla, C drive files/directories, browsers, system information, [and] screen captures » from infected systems, South Korean cybersecurity company S2W said in a new technical report. Troll