Rebranded Knight Ransomware Targeting Healthcare and Businesses Worldwide
An analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double extortion tactics to steal and encrypt victims’ data for financial gain. It’s […]
Unpacking 2024’s SaaS Threat Predictions
Early in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunately, SaaS Security Posture Management (SSPM) solutions have prioritized mitigation capabilities to address many […]
Chinese State-Backed Cyber Espionage Targets Southeast Asian Government
An unnamed high-profile government organization in Southeast Asia emerged as the target of a « complex, long-running » Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. « The overall goal behind the campaign was to maintain access to the target network for cyberespionage in support of Chinese state interests, » Sophos researchers Paul Jaramillo, Morgan Demboski, Sean
De NTLM à Kerberos : sacré chantier pour Microsoft
NTLM est désormais officiellement obsolète chez Microsoft. De là à lui substituer pleinement Kerberos, il y a encore du chemin.
A Beginner’s Guide to Installing Arch Linux on UEFI Machines
The post A Beginner’s Guide to Installing Arch Linux on UEFI Machines first appeared on Tecmint: Linux Howtos, Tutorials & Guides . Arch Linux is one of the most versatile GNU Linux distributions due to its simplicity and cutting-edge software packages due The post A Beginner’s Guide to Installing Arch Linux on UEFI Machines first […]
Celebrity TikTok Accounts Compromised Using Zero-Click Attack via DMs
Popular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campaign that allows malware propagated via direct messages to compromise brand and celebrity accounts without […]
Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models
Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating system (OS) commands and arbitrary code on affected installations. Impacted models include NAS326
L’App d’écriture Ulysses s’améliore encore ! Quelles sont les nouveautés ?
L’application d’écriture Ulysses propose aujourd’hui une mise à jour avec à la clé d’intéressantes nouveautés conçues pour simplifier la vie des utilisateurs et répondre à leurs demandes.
Mais qui a acheté l’app Bartender ?
L’utilitaire Bartender est bien connu des macusers, car il permet de personnaliser et d’ajouter de nouvelles fonctions à la barre de menus macOS. Cependant, l’application de Surtees Studios vient d’être acquise par de nouveaux développeurs dont le nom n’est pas encore connu pour le moment.
Une nouvelle norme ISO pour ITS Integra en cybersécurité
Un article signé GOODTECH.info ITS Integra annonce que son RSSI s’est vu décerner la certification ISO 22301 Senior Lead Implementer. Quel intérêt pour les clients de l’entreprise et pour la cybersécurité ? ITS Integra est un opérateur et infogérant multi-Cloud avec une certaine expertise dans la gestion de Systèmes d’Information hybrides. La norme ISO 22301, […]