Unsecured Tunneling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
New research has uncovered security vulnerabilities in multiple tunneling protocols that could allow attackers to perform a wide range of attacks. « Internet hosts that accept tunneling packets without verifying the sender’s identity can be hijacked to perform anonymous attacks and provide access to their networks, » Top10VPN said in a study, as part of a collaboration […]
Bulletin d’actualité CERTFR-2025-ACT-003 (20 janvier 2025)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas l’analyse de l’ensemble des avis et alertes publiés par le CERT-FR dans le cadre d’une analyse de risques pour prioriser l’application des…
Product Walkthrough: How Satori Secures Sensitive Data From Production to AI
Every week seems to bring news of another data breach, and it’s no surprise why: securing sensitive data has become harder than ever. And it’s not just because companies are dealing with orders of magnitude more data. Data flows and user roles are constantly shifting, and data is stored across multiple technologies and cloud environments. […]
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [20 January]
As the digital world becomes more complicated, the lines between national security and cybersecurity are starting to fade. Recent cyber sanctions and intelligence moves show a reality where malware and fake news are used as tools in global politics. Every cyberattack now seems to have deeper political consequences. Governments are facing new, unpredictable threats that […]
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTP
Cybersecurity researchers have identified three sets of malicious packages across the npm and Python Package Index (PyPI) repository that come with capabilities to steal data and even delete sensitive data from infected systems. The list of identified packages is below – @async-mutex/mutex, a typosquat of async-mute (npm) dexscreener, which masquerades as a library for accessing […]
TikTok Goes Dark in the U.S. as Federal Ban Takes Effect January 19, 2025
Popular video-sharing social network TikTok has officially gone dark in the United States, 2025, as a federal ban on the app comes into effect on January 19, 2025. « We regret that a U.S. law banning TikTok will take effect on January 19 and force us to make our services temporarily unavailable, » the company said in […]
U.S. Sanctions Chinese Cybersecurity Firm Over Treasury Hack Tied to Silk Typhoon
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has imposed sanctions against a Chinese cybersecurity company and a Shanghai-based cyber actor for their alleged links to the Salt Typhoon group and the recent compromise of the federal agency. « People’s Republic of China-linked (PRC) malicious cyber actors continue to target U.S. government systems, including […]
{ Tribune Expert } – Comprendre le règlement DORA : ce que les partenaires de distribution doivent savoir de leur conformité
Si le règlement est largement axé sur la cybersécurité, son champ d’application englobe également le partage d’informations et les tests de résilience opérationnelle numérique. De plus, il s’étendra non seulement aux prestataires, mais aussi à leurs fournisseurs et partenaires.
Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation
Cybersecurity researchers have disclosed three security flaws in Planet Technology’s WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices. « These switches are widely used in building and home automation systems for a variety of networking applications, » Claroty’s Tomer Goldschmidt said in a Thursday report. « An attacker
La Commission européenne dévoile son plan cybersécurité pour les hôpitaux
Cette initiative répond à une menace croissante. En 2023, les États membres ont signalé 309 incidents cybersécurité majeurs dans le secteur de la santé, soit plus que dans tout autre secteur critique.