Sécurité


Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Warning: Creating default object from empty value in /home/cyberbu/public_html/wp/wp-content/plugins/rss-import/rssimport.php on line 490

Hackers | Fabricants | Magazines | Virus / Malware

Schneier

IT Security
Erreur: Il y a un erreur avec ce flux.

TAO Security

    • 25 juin 2023My Last Email with W. Richard Stevens
       In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book TCP/IP Illustrated, Volume 1: The Protocols by W. Richard Stevens. About a year later I exchanged emails with Mr. Stevens. Here is the last exchange, as forwarded from my AFCERT email address to my home email.From « Capt Richard Bejtlich – Real Time Chief » Mon Sep  6 18:27:35 1999X-Mozilla-Keys:  …

    • 25 juin 2023Bejtlich Skills and Interest Radar from July 2005
      This is unusual. I found this « skills and interest radar » diagram I created in July 2005. It looks like my attempt to capture and prioritize technical interests. At the time I was about to start consulting on my own, IIRC.Copyright 2003-2020 Richard Bejtlich and TaoSecurity (taosecurity.blogspot.com and www.taosecurity.com) …

    • 25 juin 2023Key Network Questions
       I wrote this on 7 December 2018 but never published it until today. The following are the « key network questions » which « would answer many key questions about [a] network, without having to access a third party log repository. This data is derived from mining Zeek log data as it is created, rather than storing and querying Zeek logs in a third party repository. »This is how I was thinking abo …

    • 25 juin 2023 Cybersecurity Is a Social, Policy, and Wicked Problem
      Cybersecurity is a social and policy problem, not a scientific or technical problem. Cybersecurity is also a wicked problem. In a landmark 1973 article, Dilemmas in a General Theory of Planning, urban planners Horst W. J. Rittel and Melvin M. Webber described wicked problems in these terms:“The search for scientific bases for confronting problems of social policy is bound to fail, because of the n …

    • 25 juin 2023Core Writing Word and Page Counts
      I want to make a note of the numbers of words and pages in my core security writings.The Tao of Network Security Monitoring / 236k words / 833 pagesExtrusion Detection / 113k words / 417 pagesThe Practice of Network Security Monitoring / 97k words / 380 pagesThe Best of TaoSecurity Blog, Vol 1 / 84k words / 357 pagesThe Best of TaoSecurity Blog, Vol 2 / 96k words / 429 pagesThe Best of TaoSecurity …

Information Security Buzz
Erreur: Il y a un erreur avec ce flux.

gHacks

    • 19 avril 2024Windows 10: Sign in to your Microsoft account messages roll out
      Windows 10 users who sign in using local accounts may see Sign in to your Microsoft account nags when they open the Settings app. The functionality is rolling out in release preview builds of Windows 10. Soon, it will be released as part of a stable update, likely the May 2024 security update for the operating system. Microsoft announced the feature on the Windows Insider blog. There, Microsoft wr …

    • 18 avril 2024Brave Search: Answer with AI takes over, but you can turn it off
      Brave Search’s new Answer with AI feature is now available. The feature replaces AI Summarizer, which was used on Brave Search previously to provide summaries based on user queries. In a nutshell: Answer with AI works like an instant answers feature. It returns information to the user using multiple sources, including Brave Search’s index. A search for « how difficult is Japanese to learn » returns …

    • 18 avril 2024Delta emulator is now available on the iOS App Store, but not for EU users
      The popular retro-Nintendo emulator, Delta, is now officially available on the App Store. In case you missed it, Apple recently announced that the App Store now allows game emulators for retro game consoles. The emulators have to follow certain rules, such as not distributing games directly. The news was followed by a couple of emulators launching on the App Store, but they disappeared for differe …

    • 17 avril 2024Dear Microsoft, why cannot I uninstall Microsoft Edge on Windows?
      It is April 2024. The deadline for compliance with the Digital Markets Act was in March 2024. Still, even with all the latest updates installed, I cannot uninstall Microsoft Edge from any of my devices. I tried on one Windows 10 system and three Windows 11 PCs. I even fired up a virtual machine just to see if it would make a difference. Nada. According to Microsoft, customers from the European Eco …

    • 16 avril 2024Mozilla Firefox 125 brings text highlighting in PDFs, URL Paste Suggestion
      Mozilla is set to release Firefox 125 to the stable channel today. The update brings a handful of improvements, including support for text highlighting in PDFs, Tab Indicators in Firefox View. Update: Mozilla skipped Firefox 125.0 and has released Firefox 125.0.1 instead. The new browser version is now available. End Highlight Text in PDFs Firefox’s built-in PDF viewer allows users to highlight te …

SecurityWeek

    • 16 septembre 2020Box Showcases New Offerings for Remote Working Environment
      The primary problem caused by the growth in remote working is a new degree of complexity. The threats remain the same, but the solutions must be new. Box on Wednesday announced additions and enhancements to its range of products designed for the growing remote working environment. read more …

    • 16 septembre 2020U.S. House Passes IoT Cybersecurity Bill
      The U.S. House of Representatives this week passed the IoT Cybersecurity Improvement Act, a bill whose goal is to improve the security of IoT devices. read more …

    • 16 septembre 2020Nozomi Networks Becomes CVE Numbering Authority
      Nozomi Networks, a company that specializes in the security of OT and IoT systems, on Tuesday announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA). read more …

    • 16 septembre 2020NSA Publishes Guidance on UEFI Secure Boot Customization
      The United States National Security Agency (NSA) this week published guidance on how the Unified Extensible Firmware Interface (UEFI) Secure Boot feature can be customized to fit an organization’s needs. read more …

Help Net Security

    • 21 avril 2024Week in review: Palo Alto firewalls mitigation ineffective, PuTTY client vulnerable to key recovery attack
      Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be possible by disabling the devices’ telemetry, it has now been confirmed that this mitigation is ineffectual. …

    • 19 avril 2024Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
      More organizations hit by ransomware gangs are starting to realize that it doesn’t pay to pay up: “In Q1 2024, the proportion of victims that chose to pay touched a new record low of 28%,” ransomware incident response firm Coveware has found. Victim organizations are increasingly able to withstand an encryption attack and restore operations without the need for a decryption key, …

    • 19 avril 2024LastPass users targeted by vishing attackers
      The CryptoChameleon phishing kit is being leveraged by vishing attackers looking to trick LastPass users into sharing their master password. “Initially, we learned of a new parked domain (help-lastpass[.]com) and immediately marked the website for monitoring should it go live and start serving a phishing site intended to imitate our login page or something similar. Once we identified that th …

    • 19 avril 2024Protobom: Open-source software supply chain tool
      Protobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communities, to read and generate Software Bill of Materials (SBOMs), file data, and translate this data across standard industry SBOM formats. “The Protobom project was born out of a project from CISA and DHS S&T to create an SBOM conversion too …

    • 19 avril 2024The key pillars of domain security
      From branded emails and marketing campaigns to critical protocols, internal portals, and internet traffic, domains are central to digital enterprise operations. They are constantly created for new assets and initiatives. In this Help Net Security video, Mark Flegg, Global Director of Security Services at CSC, discusses how CISOs often don’t view domains as a foundational component in their securit …

Naked Security – Sophos
Aucun contenu.

SearchSecurity

CSO | Security News
Erreur: Il y a un erreur avec ce flux.

Graham Cluley

Cybersecurity Insiders

    • 20 avril 2024Defining and Understanding Trust Assurance
      Trust is perhaps the most foundational principle that shapes how businesses operate. It’s important to customers, partners, employees, and just about any stakeholder you can think of. The process of building, earning, and keeping trust for an organization is quite complex, as it often is between people. No amount of analysis or metrics can calculate just how valuable trust really is. And in today’ …

    • 19 avril 2024PRODUCT REVIEW: Safous Zero Trust Access
      The Safous Zero Trust Access (ZTA) solution emerges as a comprehensive cybersecurity platform, designed to  tackle the growing challenges enterprises face in protecting digital assets in an increasingly interconnected and  dynamic world. With the rise of remote work, BYOD policies, and sophisticated cyber threats, the demand for  robust, flexible security solutions is more critical than ever. Safo …

    • 19 avril 2024FBI says Akira Ransomware group raked $42 million
      The FBI, in collaboration with CISA, Europol European Cybercrime Centre, and the Netherlands NCSC, has issued a stark warning regarding the Akira Ransomware gang, which has amassed a staggering $42 million from approximately 230 companies as of January 24th, 2024. The Akira criminal syndicate, unleashed into the digital realm in February 2023, has shifted its attention to VMware virtual machines, …

    • 19 avril 2024Can Ransomware Gangs Be Neutralized? Exploring Strategies to Combat Cyber Extortion
      In recent years, ransomware attacks have emerged as one of the most pervasive and damaging cyber threats, with criminal gangs employing sophisticated tactics to extort money from individuals, businesses, and even government entities. As the frequency and severity of these at-tacks continue to rise, the question arises: can ransomware gangs be neutralized? While the task may seem daunting, there ar …

    • 19 avril 2024Possible Cyber Attack on 911 of 4 American States
      The 911 emergency services experienced a significant outage in four states—Nebraska, South Dakota, Texas, and Nevada—sending shockwaves through the affected communities. Speculation points to a cyber attack orchestrated by Chinese intelligence, targeting all 50 states. However, only nine states were impacted, with four officially confirming the disruption. Iowa, Wisconsin, Kentucky, Minnesota, and …

The CyberWire
Erreur: Il y a un erreur avec ce flux.

IT Security Guru
Erreur: Il y a un erreur avec ce flux.

The Security Ledger

    • 28 mars 2024Episode 257: Securing Software on Wheels with Dennis Kengo Oka of Synopsys
      In this episode of The Security Ledger Podcast (#257) Paul speaks with Dennis Kengo Oka, a senior principal automotive security strategist at the firm Synopsys about the growing cyber risks to automobiles as connected vehicle features proliferate in the absence of strong cybersecurity protections. The post Episode 257: Securing Software on Wheels…Read the whole entry… » Click the ic …

    • 12 mars 2024Malicious Python Packages Target Crypto Wallet Recovery Passwords
      A newly discovered campaign pushing malicious open source software packages is designed to steal mnemonic phrases used to recover lost or destroyed crypto wallets, according to a report by ReversingLabs. The post Malicious Python Packages Target Crypto Wallet Recovery Passwords appeared first on The Security Ledger with Paul F. Roberts. Related StoriesBitCoins To Bombs: North Korea Funds Military …

    • 21 février 2024Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity
      Paul speaks with Gary McGraw of the Berryville Institute of Machine Learning (BIML), about the risks facing large language model machine learning and artificial intelligence, and how organizations looking to leverage artificial intelligence and LLMs can insulate themselves from those risks. The post Episode 256: Recursive Pollution? Data…Read the whole entry… » Click the icon below …

    • 13 février 2024China Calls Out U.S. For Hacking. The Proof? TBD!
      The Chinese government is taking an aggressive approach to countering stories of Chinese cyber offensive campaigns: promoting tales of US hacks on Chinese organizations, but without the data to back them up. The post China Calls Out U.S. For Hacking. The Proof? TBD! appeared first on The Security Ledger with Paul F. Roberts. Related StoriesBitCoins To Bombs: North Korea Funds Military With Billion …

    • 23 janvier 2024Episode 255: EDM, Meet CDM – Cyber Dance Music with Niels Provos
      In this episode of The Security Ledger Podcast (#255) host Paul Roberts interviews Niels Provos of Lacework about his mission to use EDM to teach people about cybersecurity. The post Episode 255: EDM, Meet CDM – Cyber Dance Music with Niels Provos appeared first on The Security Ledger with Paul F. Roberts. Click the icon below to listen. Related StoriesChina Calls Out U.S. For Hacking. The P …

GovInfoSecurity.com

    • UK ICO Weighs Role of 'Accuracy' in Generative AI
      But Accurate Data Doesn’t Always Result In Accurate OutcomesThe U.K. data protection agency says generative artificial intelligence developers should take steps to filter out inaccurate training data so long as their models disseminate information about people. How accurate a model must be depends on its use, the Information Commissioner’s Office said. …

    • Hacker Threatens to Expose Sensitive World-Check Database
      ‘GhostR’ Claims to Have 5.3 Million Records from Major Screening DatabaseA seemingly financially-driven hacker known as GhostR claimed to have stolen millions of highly-sensitive records from a « know-your-customer » database used by the London Stock Exchange Group to combat financial crimes and enforce global sanctions. …

    • CEO Andre Durand on Why Ping, ForgeRock Are Better Together
      How Ping-ForgeRock Merger Provides Enhanced Deployment Flexibility, More ServicesPing Identity CEO Andre Durand elaborated on the merger with ForgeRock, highlighting the synergy between the two companies. Durand noted the enhanced deployment options and service capabilities now available to global enterprises, which he said is unique in the market. …

    • Mitre Says Hackers Breached Unclassified R&D Network
      Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in CyberattackA nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday. …

Infosec Island 
Erreur: Il y a un erreur avec ce flux.

The K-12 Cybersecurity Resource Center

    • 1 juillet 2022How to Get a Handle on Patch Management
      Patch management advice misses the mark when it assumes IT capacity that simply doesn’t exist in most school districts. Continue reading How to Get a Handle on Patch Management at The K-12 Cybersecurity Resource Center. …

    • 1 juillet 2022Deploying MFA for Staff in a K-12 Environment
      Insights into how a large large district deployed MFA (multifactor authentication) to all staff. Continue reading Deploying MFA for Staff in a K-12 Environment at The K-12 Cybersecurity Resource Center. …

    • 17 décembre 2021K12 SIX Releases K12-Specific Log4j Collaboration Resource
      The K12 Security Information Exchange (K12 SIX) is crowdsourcing the Log4j vulnerability status of commonly used K12 software. Continue reading K12 SIX Releases K12-Specific Log4j Collaboration Resource at The K-12 Cybersecurity Resource Center. …

    • 19 août 2021National Cybersecurity Standards for School Districts
      K12 SIX has released the first in a series of guidance and best practice resources designed to establish baseline cybersecurity standards for school districts. Continue reading National Cybersecurity Standards for School Districts at The K-12 Cybersecurity Resource Center. …

Iain Fraser Journalist
Erreur: Il y a un erreur avec ce flux.

InfoSec News
Erreur: Il y a un erreur avec ce flux.

Internet Storm Center | SANS 
Erreur: Il y a un erreur avec ce flux.

Security Gladiators | Internet Security News
Aucun contenu.