Des entreprises tardent à corriger la vulnérabilité GoAnywhere MFT même après les attaques du rançongiciel Cl0p
Des dizaines d’organisations sont toujours exposées à des cyberattaques via une vulnérabilité largement exploitée dans GoAnywhere MFT, un outil Web qui aide les organisations à transférer des fichiers.
Fleckpe, le nouveau malware Android au 600 000 victimes
Un nouveau logiciel malveillant du nom de FleckPe aurait déjà infiltré plus de 620 000 appareils Android.
La directive NIS 2, bientôt dans vos écrans
Octobre 2024, les pays membres de l’Union Européenne auront voté leur loi respective se calant sur la Directive NIS 2, la Network and Information Security.
L’indice mondial de risque cybernétique a connu une amélioration
Pas de quoi faire la fête, mais il semble que les entreprises se préparent mieux aux cyber attaques.
MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web
The threat actors behind the ransomware attack on Taiwanese PC maker MSI last month have leaked the company’s private code signing keys on their dark website. « Confirmed, Intel OEM private key leaked, causing an impact on the entire ecosystem, » Alex Matrosov, founder and CEO of firmware security firm Binarly, said in a tweet over the weekend. « It […]
Western Digital Confirms Customer Data Stolen by Hackers in March Breach
Digital storage giant Western Digital confirmed that an « unauthorized third party » gained access to its systems and stole personal information belonging to the company’s online store customers. « This information included customer names, billing and shipping addresses, email addresses and telephone numbers, » the San Jose-based company said in a disclosure last week. « In addition, the database
Join Our Webinar: Learn How to Defeat Ransomware with Identity-Focused Protection
Are you concerned about ransomware attacks? You’re not alone. In recent years, these attacks have become increasingly common and can cause significant damage to organizations of all sizes. But there’s good news – with the right security measures in place, such as real-time MFA and service account protection, you can effectively protect yourself against these […]
SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations
The suspected Pakistan-aligned threat actor known as SideCopy has been observed leveraging themes related to the Indian military research organization as part of an ongoing phishing campaign. This involves using a ZIP archive lure pertaining to India’s Defence Research and Development Organization (DRDO) to deliver a malicious payload capable of harvesting sensitive information, Fortinet
How to Set Up a Threat Hunting and Threat Intelligence Program
Threat hunting is an essential component of your cybersecurity strategy. Whether you’re getting started or in an advanced state, this article will help you ramp up your threat intelligence program. What is Threat Hunting? The cybersecurity industry is shifting from a reactive to a proactive approach. Instead of waiting for cybersecurity alerts and then addressing […]
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine
An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is a polyglot file containing a decoy […]