Le métier de SSIAP : rôle et missions essentielles de la sécurité incendie
La sécurité des personnes et des biens, dont l’environnement informatique, en cas d’incendie ou d’incidents majeurs, est au cœur des préoccupations des agents SSIAP, chargés de veiller, prévenir et intervenir.
5 BCDR Oversights That Leave You Exposed to Ransomware
Ransomware isn’t just a buzzword; it’s one of the most dreaded challenges businesses face in this increasingly digitized world. Ransomware attacks are not only increasing in frequency but also in sophistication, with new ransomware groups constantly emerging. Their attack methods are evolving rapidly, becoming more dangerous and damaging than ever. Almost all respondents (99.8%) in […]
TikTok Pixel Privacy Nightmare: A New Case Study
Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers with ads on the popular […]
{ Tribune Expert } – L’IA : notre plus grande alliée ou notre pire ennemie dans la lutte contre les cybermenaces ?
75 % des professionnels de la cybersécurité ont signalé une augmentation des attaques alimentées par l’IA en 2023, 85 % d’entre eux l’attribuant à l’armement délibéré de l’IA par les cybercriminels. Alors, votre organisation a-t-elle déjà adapté sa stratégie de cybersécurité pour garder une longueur d’avance sur ces menaces basées sur l’IA ?
New RustyAttr Malware Targets macOS Through Extended Attribute Abuse
Threat actors have been found leveraging a new technique that abuses extended attributes for macOS files to smuggle a new malware called RustyAttr. The Singaporean cybersecurity company has attributed the novel activity with moderate confidence to the infamous North Korea-linked Lazarus Group, citing infrastructure and tactical overlaps observed in connection with prior campaigns, including
Cybersécurité : l’UE cherche à harmoniser la certification des services managés
L’UE arrive au terme d’une procédure législative visant à inclure les services managés dans le périmètre des schémas européens de certification cyber.
Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails
A newly patched security flaw impacting Windows NT LAN Manager (NTLM) was exploited as a zero-day by a suspected Russia-linked actor as part of cyber attacks targeting Ukraine. The vulnerability in question, CVE-2024-43451 (CVSS score: 6.5), refers to an NTLM hash disclosure spoofing vulnerability that could be exploited to steal a user’s NTLMv2 hash. It […]
Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel
A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said in an analysis. « The [Israel-Hamas] conflict has not […]
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims
Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker’s inner workings, allowing the researchers to discover a « specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted
Comprehensive Guide to Building a Strong Browser Security Program
The rise of SaaS and cloud-based work environments has fundamentally altered the cyber risk landscape. With more than 90% of organizational network traffic flowing through browsers and web applications, companies are facing new and serious cybersecurity threats. These include phishing attacks, data leakage, and malicious extensions. As a result, the browser also becomes a vulnerability […]