QNAP lance officiellement QTS 5.1.0 : les nouveautés
Un article signé GOODTECH.info Le système d’exploitation des NAS de QNAP se met à jour pour l’été 2023 avec la sortie de la version 5.1. Au menu : le SMB Multichannel, l’administration déléguée, des mises à niveau de File Station ou encore la surveillance des NAS dans la plate-forme de gestion AMIZ Cloud. Résumé. QNAP […]
Les premiers Mac M3 dès octobre ?
Pour ce dimanche à cheval entre orages et canicule, Mark Gurman a ressorti sa boule de cristal de son placard pour y regarder la feuille de route d’Apple !
WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks
With generative artificial intelligence (AI) becoming all the rage these days, it’s perhaps not surprising that the technology has been repurposed by malicious actors to their own advantage, enabling avenues for accelerated cybercrime. According to findings from SlashNext, a new generative AI cybercrime tool called WormGPT has been advertised on underground forums as a way for adversaries […]
Microsoft Bug Allowed Hackers to Breach Over Two Dozen Organizations via Forged Azure AD Tokens
Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. « Storm-0558 acquired an inactive MSA consumer signing key and used it to forge authentication tokens […]
Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services
Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system (DCS) and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion DCS platform allow for « unauthorized remote code execution, which means an attacker would have
Test du Mac Studio M2 Max : mon avis après un mois, usage bureautique et M.A.0
Apple n’a pas oublié les amateurs de Mac de bureau et nous propose une intéressante mise à jour du Mac Studio avec les puces M2 Max et M2 Ultra. Voici mon avis après un mois passé en leur compagnie.
Quels sont les nouveaux émojis à venir avec iOS 17 ?
Hier c’était la journée internationale des émojis, l’occasion de découvrir les nouveautés du côté des petits pictos à envoyer depuis son iPhone, son iPad ou son Mac !
AIOS WordPress Plugin Faces Backlash for Storing User Passwords in Plain Text
All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users’ passwords being added to the database in plaintext format. « A malicious site administrator (i.e. a user already logged into the site as an admin) could then […]
TeamTNT’s Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud
A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that’s focused on Azure and Google Cloud Platform (GCP) services, marking the adversary’s expansion in targeting beyond Amazon Web Services (AWS). The findings come from SentinelOne and Permiso, which said the « campaigns share similarity with tools attributed to the notorious TeamTNT cryptojacking crew, »
Defend Against Insider Threats: Join this Webinar on SaaS Security Posture Management
As security practices continue to evolve, one primary concern persists in the minds of security professionals—the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating from deliberate actions or accidental incidents, pose a significant challenge to safeguarding sensitive data. To effectively address insider risks, organizations must