Vue normale

Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
Aujourd’hui — 16 juillet 2025Securité

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of a campaign designed to drop a backdoor called OVERSTEP. The malicious activity, dating back to at least October 2024, has been attributed by the Google Threat Intelligence Group (GTIG) to a group it tracks as UNC6148. The tech giant assessed with

AWS, Google Drive, Dropbox : quand le cloud est détourné pour espionner des gouvernements

16 juillet 2025 à 12:30

Depuis fin 2024, une campagne d’espionnage d’une sophistication inédite vise les gouvernements d’Asie du Sud-Est. L’outil au cœur de cette opération : HazyBeacon, un logiciel malveillant capable de se dissimuler dans le trafic légitime des services cloud d’Amazon, afin de collecter des informations sensibles sur des sujets aussi stratégiques que les différends commerciaux internationaux

Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access

Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows Server 2025. "The flaw can result in high-impact attacks, enabling cross-domain lateral movement and persistent access to all managed service accounts and their resources across Active Directory indefinitely," Semperis said in a report shared with

AI Agents Act Like Employees With Root Access—Here's How to Regain Control

The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app, but it behaves more like a junior employee with root access and no manager. From Hype to High Stakes Generative AI has moved beyond the hype cycle. Enterprises are: Deploying LLM copilots to accelerate software development Automating customer

Cybersécurité IoT : Keyfactor liste les 10 étapes clés pour anticiper les menaces et se conformer aux nouvelles exigences réglementaires

Par : UnderNews
16 juillet 2025 à 10:35

Alors que les cybermenaces ciblant les objets connectés ne cessent d’augmenter et face à l’arrivée de nouvelles réglementations obligatoires comme le Cyber Resilience Act (CRA), la sécurisation du cycle de vie des appareils (dès leur conception) est au cœur des préoccupations des entreprises. Dans un contexte, où 48 % des OEM[1] estiment que les fabricants […]

The post Cybersécurité IoT : Keyfactor liste les 10 étapes clés pour anticiper les menaces et se conformer aux nouvelles exigences réglementaires first appeared on UnderNews.

Deepfakes. Fake Recruiters. Cloned CFOs — Learn How to Stop AI-Driven Attacks in Real Time

Social engineering attacks have entered a new era—and they’re coming fast, smart, and deeply personalized. It’s no longer just suspicious emails in your spam folder. Today’s attackers use generative AI, stolen branding assets, and deepfake tools to mimic your executives, hijack your social channels, and create convincing fakes of your website, emails, and even voice. They don’t just spoof—they

Urgent: Google Releases Critical Chrome Update for CVE-2025-6558 Exploit Active in the Wild

Google on Tuesday rolled out fixes for six security issues in its Chrome web browser, including one that it said has been exploited in the wild. The high-severity vulnerability in question is CVE-2025-6558 (CVSS score: 8.8), which has been described as an incorrect validation of untrusted input in the browser's ANGLE and GPU components. "Insufficient validation of untrusted input in ANGLE and

New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin technique to enable ad fraud. The sneaky approach essentially involves a scenario wherein two variants of an application share the same package name: A benign "decoy" app that's hosted on the Google Play Store and its evil twin, which is

Google AI "Big Sleep" Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act

Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild. The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big Sleep, an

Vol, IA, scandale, rétropédalage : à quoi joue Wetransfer avec nos fichiers ?

15 juillet 2025 à 17:38

Le 15 juillet 2025, de nombreux utilisateurs de WeTransfer se sont inquiétés d’une nouvelle clause dans les conditions générales d’utilisation (CGU) du service. Censée entrer en vigueur le 8 août 2025, la clause 6.3 semblait accorder à WeTransfer des droits très larges sur les fichiers transférés, notamment leur exploitation pour entraîner des modèles d’intelligence artificielle. L'entreprise néerlandaise a depuis modifié le texte et parle de confusion.

Hyper-Volumetric DDoS Attacks Reach Record 7.3 Tbps, Targeting Key Global Sectors

Cloudflare on Tuesday said it mitigated 7.3 million distributed denial-of-service (DDoS) attacks in the second quarter of 2025, a significant drop from 20.5 million DDoS attacks it fended off the previous quarter. "Overall, in Q2 2025, hyper-volumetric DDoS attacks skyrocketed," Omer Yoachimik and Jorge Pacheco said. "Cloudflare blocked over 6,500 hyper-volumetric DDoS attacks, an average of 71

Newly Emerged GLOBAL GROUP RaaS Expands Operations with AI-Driven Negotiation Tools

Cybersecurity researchers have shed light on a new ransomware-as-a-service (RaaS) operation called GLOBAL GROUP that has targeted a wide range of sectors in Australia, Brazil, Europe, and the United States since its emergence in early June 2025. GLOBAL GROUP was "promoted on the Ramp4u forum by the threat actor known as '$$$,'" EclecticIQ researcher Arda Büyükkaya said. "The same actor controls

❌
❌