Avez-vous commandé un iPad mini 7 ?
Hier soir, Apple a -discrètement- dévoilé l’iPad mini 7 doté d’une puce A17 Pro et d’Apple Intelligence, et ce, en dehors de toute keynote et préférant un simple communiqué de presse avec une mise à jour de son site dans la foulée. Les premiers exemplaires commandés arriveront le 23 octobre prochain, le moment idéal de […]
Hackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious Activity
Threat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected « threat actors attempting to integrate EDRSilencer in their attacks, repurposing it as a means of evading detection. » EDRSilencer, inspired by the NightHawk FireBlock tool […]
FIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different Platforms
The FIDO Alliance said it’s working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that end, the alliance said it has published a draft for a new set of specifications […]
La France est le cinquième pays européen le plus ciblé par des cybercriminels affiliés à un État
600 millions : c’est le nombre d’attaques provenant de cybercriminels ou de groupes étatiques auxquelles sont confrontés les clients de…
North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware
The North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in the Scripting Engine that could result in remote code execution when […]
From Misuse to Abuse: AI Risks and Attacks
AI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who […]
5 Techniques for Collecting Cyber Threat Intelligence
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’s consider five that can greatly improve your threat investigations. Pivoting on С2 IP […]
{ Tribune Expert } – Cyber resilience Act : que doivent mettre en place les OEM et fabricants pour être en conformité et garantir la sécurité numérique d’un produit ?
L’objectif majeur de cette législation est d’être honnête et transparent avec les clients et utilisateurs en matière de cybersécurité mais également de protéger les droits fondamentaux des utilisateurs (droit à la vie privée, protection des données personnelles,…) d’harmoniser les exigences de cybersécurité au sein de l’UE et de renforcer la résilience globale.
Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack
A new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. « The spear-phishing campaign’s impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected, » Trend Micro said in a new analysis. […]
Intel et AMD s’allient pour défendre l’architecture x86 face aux velléités de Qualcomm
C’est une alliance qui aurait pu sembler impossible il y a encore quelques années. Intel et AMD ont constitué un groupe consultatif pour…