Rapport du FBI sur la fraude aux cryptomonnaies : alerte face à la montée des délits
En 2023, la fraude aux cryptomonnaies a atteint des niveaux préoccupants, selon le rapport du FBI. Plus de 69 000 plaintes liées aux cryptomonnaies enregistrées.
Exposed Selenium Grid Servers Targeted for Crypto Mining and Proxyjacking
Internet-exposed Selenium Grid instances are being targeted by bad actors for illicit cryptocurrency mining and proxyjacking campaigns. « Selenium Grid is a server that facilitates running test cases in parallel across different browsers and versions, » Cado Security researchers Tara Gould and Nate Bill said in an analysis published today. « However, Selenium Grid’s default configuration lacks
Top 3 Threat Report Insights for Q2 2024
Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024. Key Insights from the Q2 2024 Cato CTRL SASE Threat […]
Iranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware Attack
Iraqi government networks have emerged as the target of an « elaborate » cyber attack campaign orchestrated by an Iran state-sponsored threat actor called OilRig. The attacks singled out Iraqi organizations such as the Prime Minister’s Office and the Ministry of Foreign Affairs, cybersecurity company Check Point said in a new analysis. OilRig, also called APT34, Crambus, […]
Ireland’s Watchdog Launches Inquiry into Google’s AI Data Practices in Europe
The Irish Data Protection Commission (DPC) has announced that it has commenced a « Cross-Border statutory inquiry » into Google’s foundational artificial intelligence (AI) model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal data of European users. « The statutory inquiry concerns the question of whether Google […]
Les cybercriminels de RansomHub utilisent TDSSKiller pour contourner les systèmes de sécurité
Les attaques par ransomware continuent d’évoluer avec l’ingéniosité des cybercriminels, et les méthodes de contournement des systèmes de sécurité se sophistiquent.
NIS 2 : pas de sanctions prévues avant trois ans confirme l’ANSSI
A l’occasion de l’université d’été Hexatrust, le directeur général de l’ANSSI Vincent Strubel a confirmé qu’aucune sanction pour non conformité à NIS 2 ne serait appliquée dans un délai de trois ans après sa transposition en droit français.
Cybersécurité : la menace interne
Alerte sur une menace de plus en plus courante et souvent négligée : la menace interne.
Microsoft a son point d’entrée dans la cryptographie post-quantique
Microsoft a mis à jour sa principale bibliothèque cryptographique pour y ajouter deux algorithmes post-quantiques.
WordPress Mandates Two-Factor Authentication for Plugin and Theme Developers
WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024. « Accounts with commit access can push updates and changes to plugins and themes used by millions of WordPress […]