"Mind Sandstorm," an Iranian cyber espionage group, has targeted experts in Middle Eastern affairs across several countries.

GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction.

Les guides visent à expliciter les enjeux de la remédiation, à en proposer les principaux piliers doctrinaux et à fixer les bases de l’organisation et des actions techniques associées.

CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution.

Le sujet du jour est "cyber sécurité, état de l'art et négligence". Si nous profitions de cette nouvelle année 2024 pour faire un point technique et juridique ?

Ivanti has disclosed two Connect Secure (ICS) and Policy Secure zero-days exploited in the wild that can let remote attackers execute arbitrary commands on targeted gateways.

Plusieurs textes vont prochainement impacter le régime relatif à l'hébergement de données de santé. 

Les responsables de la sécurité informatique doivent surveiller les efforts de cybersécurité et s'assurer qu'ils sont efficaces. Ces 12 mesures et indicateurs clés de performance permettent de savoir ce qui fonctionne et ce qui ne fonctionne pas.

Formation : La base de D�fense de Nancy et Lorraine INP pr�parent la 4e �dition de Cyber Humanum Est, une comp�tition �tudiante de type Capture The Flag/WarGame....

The attack on Kyivstar took out mobile and home internet service for as many as 24 million people in Ukraine.

Orange Spain suffered an internet outage today after a hacker breached the company's RIPE account to misconfigure BGP routing and an RPKI configuration.

Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.

Google Cloud addresses medium-severity security flaw! Attackers with Kubernetes cluster access could escalate privileges.

First American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack.

https://www.cert.ssi.gouv.fr/cti/CERTFR-2023-CTI-010/

https://asset-group.github.io/disclosures/5ghoul/

MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week.

Une attaque d'ampleur massive a actuellement lieu et pourrait concerner toutes les applications décentralisées de l'écosytème.

Les Etats-membres de l'UE et le Parlement européen se sont accordés sur un texte pour encadrer l'utilisation et le développement de l'intelligence artificielle. Une législation inédite à l'échelle mondiale.