Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed CosmicSting. Tracked as CVE-2024-34102 (CVSS score: 9.8), the critical flaw relates to an improper restriction of XML external entity reference (XXE) vulnerability that could result in remote code execution. The […]
Alert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New Vulnerabilities
A little over a dozen new security vulnerabilities have been discovered in residential and enterprise routers manufactured by DrayTek that could be exploited to take over susceptible devices. « These vulnerabilities could enable attackers to take control of a router by injecting malicious code, allowing them to persist on the device and use it as a […]
Microsoft Office 2024 est disponible en achat unique
Microsoft a publié cette semaine une nouvelle version d’Office, tout spécialement dédiée aux utilisateurs qui ne veulent pas s’abonner à Microsoft 365. Une version autonome de Microsoft Office 2024 est désormais disponible pour les particuliers et les PME, donnant accès à Word, Excel, PowerPoint, OneNote et Outlook sur Mac et PC.
Le projet de MacBook tout en verre se précise
Alors que nous sommes nombreux à attendre la prochaine Keynote pour découvrir les nouveaux MacBook équipés d’une puce M4, on apprend aujourd’hui qu’Apple continue à avancer sur son projet de MacBook intégralement en verre. Voici ce qui pourrait confirmer cette hypothèse.
Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. Organizations
Three different organizations in the U.S. were targeted in August 2024 by a North Korean state-sponsored threat actor called Andariel as part of a likely financially motivated attack. « While the attackers didn’t succeed in deploying ransomware on the networks of any of the organizations affected, it is likely that the attacks were financially motivated, » Symantec, […]
How to Create a Secure FTP Server with ProFTPD on Ubuntu/Debian
The post How to Create a Secure FTP Server with ProFTPD on Ubuntu/Debian first appeared on Tecmint: Linux Howtos, Tutorials & Guides . FTP servers are the piece of software that allows you to create an FTP connection between your local computer and The post How to Create a Secure FTP Server with ProFTPD on […]
Zenity: A Guide to Creating GTK+ Dialogs in Linux Command Line
The post Zenity: A Guide to Creating GTK+ Dialogs in Linux Command Line first appeared on Tecmint: Linux Howtos, Tutorials & Guides . Zenity is a tool that allows you to create graphical dialog boxes in Linux using the command line. It uses The post Zenity: A Guide to Creating GTK+ Dialogs in Linux Command […]
PyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User Data
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. « The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in […]
Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra’s postjournal service that could enable unauthenticated attackers to
C’est parti pour la grosse mise à jour de Windows 11 : nom de code 24H2
Il s’agit de la 3ème mise à jour annuelle de Windows 11, la plus importante de ces deux dernières années, nom de code 24H2. L’article C’est parti pour la grosse mise à jour de Windows 11 : nom de code 24H2 est apparu en premier sur Toms Guide.