Sécurité du cloud : l’ENISA questionne la responsabilité partagée
L’agence européenne suggère, chiffres à l’appui, le décalage d’interprétation de la notion de responsabilité partagée entre fournisseurs et clients.
CERTFR-2023-ACT-021 : Bulletin d’actualité CERTFR-2023-ACT-021 (15 mai 2023)
Ce bulletin d’actualité du CERT-FR revient sur les vulnérabilités significatives de la semaine passée pour souligner leurs criticités. Il ne remplace pas …
Voici comment télécharger et sauvegarder toutes vos photos iCloud sur Mac
La photothèque iCloud est très pratique afin de conserver dans le cloud une copie de l’ensemble de vos clichés. Cela n’est toutefois pas une solution de sauvegarde infaillible et il peut être intéressant de savoir comment télécharger l’intégralité de vos photos afin de les stocker sur un support externe. Voici comment faire sur un Mac […]
Darkroom synchronise toutes ses photos sur iCloud
Bergen Co. vient de dévoiler une mise à jour de son app Darkroom, avec une belle évolution du côté de la synchronisation iCloud.
AlmaLinux 9.2 : les nouveautés (alternative à CentOS)
AlmaLinux OS veut combler le vide laissé par l’abandon de la version stable de CentOS Linux. La Fondation qui entoure son développement vient de publier la version 9.2 (basée sur RHEL 9.2) dont le nom de code est Turquoise Kodkod et dont voici les principales nouveautés. En dehors de RockyLinux, lancé par Gregory Kurtzer (fondateur […]
Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose OT Networks
Several security vulnerabilities have been disclosed in cloud management platforms associated with three industrial cellular router vendors that could expose operational technology (OT) networks to external attacks. The findings were presented by Israeli industrial cybersecurity firm OTORIO at the Black Hat Asia 2023 conference last week. The 11 vulnerabilities allow « remote code execution and
New Ransomware Gang RA Group Hits U.S. and South Korean Organizations
A new ransomware group known as RA Group has become the latest threat actor to leverage the leaked Babuk ransomware source code to spawn its own locker variant. The cybercriminal gang, which is said to have been operating since at least April 22, 2023, is rapidly expanding its operations, according to cybersecurity firm Cisco Talos. « To date, […]
Why High Tech Companies Struggle with SaaS Security
It’s easy to think high-tech companies have a security advantage over other older, more mature industries. Most are unburdened by 40 years of legacy systems and software. They draw some of the world’s youngest, brightest digital natives to their ranks, all of whom consider cybersecurity issues their entire lives. Perhaps it is due to their […]
Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign
Government, aviation, education, and telecom sectors located in South and Southeast Asia have come under the radar of a new hacking group as part of a highly-targeted campaign that commenced in mid-2022 and continued into the first quarter of 2023. Symantec, by Broadcom Software, is tracking the activity under its insect-themed moniker Lancefly, with the attacks […]
New ‘MichaelKors’ Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems
A new ransomware-as-service (RaaS) operation called MichaelKors has become the latest file-encrypting malware to target Linux and VMware ESXi systems as of April 2023. The development points to cybercriminal actors increasingly setting their eyes on the ESXi, cybersecurity firm CrowdStrike said in a report shared with The Hacker News. « This trend is especially noteworthy given the fact […]