Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Microsoft has unveiled Security Copilot, an AI-powered analysis tool that aims to simplify, augment and accelerate security operations (SecOps) professionals’ work. Using Microsoft Security Copilot Security Copilot takes the form of a prompt bar through which security operation center (SOC) analysts ask questions in natural language and receive practical responses. They can ask it to […]
Continue ReadingDe multiples vulnérabilités ont été découvertes dans OpenSSL. Elles permettent à un attaquant de provoquer un contournement de la politique de sécurité.
Continue ReadingUne vulnérabilité a été découverte dans Mozilla Thunderbird. Elle permet à un attaquant de provoquer un déni de service et une exécution de code arbitraire.
Continue ReadingDe multiples vulnérabilités ont été découvertes dans Tenable. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l’intégrité des …
Continue ReadingAn unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French cybersecurity firm ExaTrack, which found three samples of the previously documented malicious software that date back to early 2022, dubbed it Mélofée. One of the artifacts is designed to drop a kernel-mode rootkit that’s based on […]
Continue ReadingMalware analysis is an essential part of security researcher’s work. But working with malicious samples can be dangerous — it requires specialized tools to record their activity, and a secure environment to prevent unintended damage. However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we’ll look […]
Continue ReadingThe emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in the automotive industry. However, this increased reliance on APIs has also made them one of the most common attack vectors. According to Gartner, APIs account for 90% of the web application attack surface areas. With […]
Continue ReadingTrojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper malware designed to siphon cryptocurrencies since September 2022. “Clipboard injectors […] can be silent for years, show no network activity or any other signs of presence until the disastrous day when they replace a crypto wallet address,” […]
Continue ReadingA new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang’s geopolitical interests since 2018. Google-owned Mandiant, which is tracking the activity cluster under the moniker APT43, said the group’s motives are both espionage- and financially-motivated, leveraging techniques like credential
Continue ReadingA New York law firm has agreed to pay $200,000 in penalties to the state because it failed to protect the private and electronic health information of approximately 114,000 patients. How did the data theft happen? Heidell, Pittoni, Murphy and Bach (HPMB) represents New York City area hospitals in litigation and maintains sensitive private information […]
Continue Reading