Cyber attack prevention
Expert recommends: forget C and C++ for greater securityCyber security: the challenge of the modern era between obsolete languages and innovationUS experts warn of security risks in the C and C++ programming languages, which leave memory management to developers. More secure languages such as Rust or Go are recommended.
PayPal works on anti-fraud method for CookiesRevolutionary technology for recognizing and defending against fraudulent online intrusionsPayPal is developing new technology to defend super-cookies from hackers, using encryption to detect illicit access and increase online security.
Record investments in cybersecurity in ItalySurge in IT security investments in response to advanced digital threatsIn Italy, spending on cybersecurity is growing, but we are still last in the G7. We need more training on AI and security. Criminals use AI for attacks, but companies are starting to adopt it to defend themselves.
IT security: fundamental pillars in the digital ageThe advanced defense against digital threats in the corporate structureThe cybersecurity specialist protects company data from attacks such as malware. Uses firewall and antivirus software, stays current on threats and technologies, holds certifications such as CISSP, and responds to security incidents.
North Korea: new strategies in cryptoasset launderingAdvanced concealment strategies for illicit funds in the cryptocurrency industryNorth Korean hacking groups are using new crypto mixing techniques to hide the origin of stolen funds, increasing attacks on exchange platforms. These methods threaten the security of the crypto industry, but the IT community struggles to counter them.
Microsoft intervenes on software vulnerabilities with new fixesCritical security update for Windows operating systemsMicrosoft has released an update to fix 73 security vulnerabilities in Windows, including a previously exploited critical Zero-Day. It is critical for IT professionals to install these patches now.
CISA alert: vulnerability in Roundcube exploited by attackersMeasures immediately necessary to mitigate the exploitation of a critical bug in RoundcubeCISA has warned of a security vulnerability in Roundcube, which can lead to data leakage through XSS attacks. Various past attacks have exploited these flaws. It is recommended to update Roundcube for security.
Strengthen IT security with multi-factor authentication, or MFAStrategies and benefits of using MFA to defend against unauthorized intrusionsMulti-factor authentication (MFA) strengthens security by requiring multiple proofs of identity, such as passwords plus tokens or biometrics, to protect against cyber attacks.
Strategies to identify and neutralize phishingAdvanced methodologies for defense against the pitfalls of online fraudPhishing is a tactic to steal sensitive data by creating fake emails or sites that look real. To avoid this, we need to educate ourselves on how to recognize suspicious signals, use security tools and update systems.
The hidden threat: what are ransomware attacks?The rise of cyber-seizure: defenses and strategies against malicious encryptionThe article discusses ransomware attacks, which encrypt files and demand a ransom. It suggests preventive measures and how to act in case of an attack, advising against paying the ransom.
Effective strategies against cyber threatsProtective measures and best practices in the era of digitalisationCyber attacks such as ransomware and phishing are on the rise. To prevent them, it is crucial to have defenses such as firewalls and employee training, as well as security protocols and rapid response plans.
Kaspersky educational initiative for young peopleDigital education for the new generation: how Kaspersky wants to protect digital nativesKaspersky has launched an educational initiative to teach children about cybersecurity with games and stories. It also trains teachers with specific guides to spread best practices online.
Cyber security: combating bank data theftThe growing threat of infostealers in the banking sectorInfostealers are malware that steal sensitive data, such as banking credentials. Banks must use advanced security systems and teach customers to avoid risks. In the event of attacks, rapid reaction plans limit the damage.
Security alert: critical issues detected in GNU C libraryA serious bug discovered in the C standard library: the alert involves multiple Linux distributionsA serious flaw (CVE-2023-6246) has been discovered in the GNU C Library (glibc) affecting many versions of Linux, allowing potential attacks to gain root privileges.
Cybersecurity and the promise of NeuralinkInnovation and data protection challenges in the neural chip eraElon Musk's Neuralink is developing brain chips that allow you to control devices with your mind. There is excitement about the possible benefits but also concern about cybersecurity.
FBI alert: couriers are a tool for new fraudsExploitation of delivery services for financial scams: the modus operandi of cyber criminalsThe FBI warns that scammers are posing as tech support workers or officials to convince people, often elderly people, to give them valuable assets such as gold, using couriers.
Analysis of critical issues in biometric authentication systemsBiometric security integrity challenges and solutionsA study by Altroconsumo has revealed vulnerabilities in smartphone facial recognition systems. Recommend using more secure methods such as fingerprints or pins to protect data. Juniper Research predicts an increase in the use of biometrics in payments.
Global investigation reveals security weaknesses in Windows assetsCritical discoveries in Windows infrastructures highlight the urgency for robust security strategiesAnalysis of 2.5 million vulnerabilities reveals that half of the most serious ones affect Windows 10. Critical threats are reduced and construction manages cybersecurity better than mining. Penetration testing is key.
Innovative detection method of spyware on iOSDiscover the new frontier of mobile security: iShutdown and the fight against spyware attacks on iPhoneThe Kaspersky laboratory created iShutdown, a method to discover Pegasus spyware on iPhone by analyzing the Shutdown.log system file. It offers non-invasive diagnosis and helps protect against advanced malware.
What is IP Spoofing and the threats it posesAddress sophisticated network security threatsIP spoofing is a cyber attack where the IP address is spoofed to hide the hacker's identity and fool security systems. It is used to steal data or cause disruptions.
Online integrity and performance: Cloudflare defending the webCloudflare as a bulwark against threats and a web performance acceleratorCloudflare offers a reverse proxy service that protects websites from attacks and improves their performance. However, there are tools like CloakQuest3r that can discover the real IP addresses of protected servers.
Rogueware: the deceptive veil of fake antivirusesStrategies and tips for defending against fake security softwareRogueware is malware that looks like legitimate antivirus and tricks users with false security alerts into paying for a "full" version. It is essential to inform and update security defenses to prevent them.
Transatlantic dynamics in cybersecurityResponse strategies and cooperation between the EU and the US in the context of digital securityThe article compares cybersecurity strategies in the US and EU, highlighting their focus on resilience and cooperation against cyber threats, with ENISA supporting Europe in analyzing and managing cyber challenges.
Alert for a serious vulnerability in SharePointThe invisible threat: a security flaw to monitor carefullyA serious vulnerability in Microsoft SharePoint, code CVE-2023-29357, could be exploited for ransomware attacks. It is urgent to install the released updates to prevent possible security breaches.
Cybersecurity emergency: Google cookies in the sights of hackersSecurity experts alert: Google session data vulnerability under hacker attackA report indicates that there is malware stealing Google session cookies to access user accounts. Even changing your password doesn't stop the attack. Google is working to fix the problem.
Quantum computing: the next frontiers of 2024Advances and challenges of quantum computing in the new yearQuantum computing is advancing, with new security standards coming in 2024. It will combine with artificial intelligence to improve performance, and advances in quantum hardware are expected.
Discovery of a sophisticated malware attack against iPhonesExploited 4 zero-day vulnerabilities in a multi-faceted deadly malware attack on Apple devicesThe recent “Triangulation” hacker attack targeted iPhone users using undocumented vulnerabilities. The “backdooring” method was used to gain unauthorized access to systems and spread malware via iMessage by exploiting four zero-day vulnerabilities. Analysis revealed that the attacks were successful by expl...
Yahoo data breaches: Food for thought on cybersecurityThe implications of the Yahoo data breach and the need for greater cybersecurityThe article discusses cyber breaches suffered by Yahoo in 2013 and 2014 that exposed data of billions of users. The attack was facilitated by phishing techniques and outdated encryption. Yahoo's secrecy and poor data security management led to serious consequences, including a hefty fine. After the incident,...
Cyber security in space: the latest trendsChallenges and innovative approaches to protecting space operationsThe growing interest in the commercialization of space has highlighted the importance of cyber security. In particular, artificial intelligence and data analytics technologies used in space tourism and small satellite networks are attractive targets for cybercrime. Faced with this threat, NASA has published...
India's request to Apple: ease security warningsBetween transparency to customers and diplomatic pressure: the difficult balance of tech companiesThe Indian government has asked Apple to moderate the impact of security warnings sent to iPhone users about possible attacks by state entities. This request highlights the challenges tech companies face in balancing digital security and geopolitical dynamics.
NASA issues guidance on space cybersecurityA proactive response to growing security threats in the aerospace industryNASA has released a manual for cybersecurity in space, designed to protect against growing vulnerabilities in the aerospace sector. The guidelines recommend continuous risk monitoring, application of domain separation and least privilege principles, as well as rigorous authentication of personnel and...
The EU Commission launches incentives for cybersecurityCybersecurity development: from AI enhancement to post-quantum cryptography, EU incentivesThe European Commission will invest 84 million euros in six calls to strengthen cybersecurity. These funds are intended to promote artificial intelligence in security operations, strengthen the cyber resistance of SMEs, and facilitate the migration towards encryption systems resistant to quantum...
McAfee and projections on the future of cybersecurity in 2024Deepfake, AI and the new face of online fraud: the cyber security landscape according to McAfeeDigital security firm McAfee warns of future risks related to artificial intelligence: sophisticated attacks called deepfakes, online fraud on social media and a rise in malware and voice fraud. The importance of user training and dynamic security solutions is highlighted.
Play ransomware alert: 300 entities affected, including critical infrastructureThe modus operandi of the Play cybercriminal group and advice for countering its attacksThe FBI, CISA and ASD's ACSC warn against the activities of the Play ransomware cybercriminal group, responsible for cyber breaches globally. The group uses data stolen before the attack as a threat to demand ransom. Agencies recommend implementing multi-factor authentication, software updates, and recovery...
Quishing: defense strategies against QR Code scamsThe growing threat of Quishing: how to protect yourself and navigate safelyThe article addresses the phenomenon of "quishing", online scams using QR Codes. These are scams that induce users to share sensitive data or download malicious software. The FTC suggests precautions for users and experts underline the importance of conscious use of QR Codes.
How to recover and protect a compromised social accountKey steps to recovering a hacked social account and security strategies to prevent future intrusionsThis article provides advice on how to protect your social network account in case of intrusions. We recommend that you immediately change your password, activate multi-factor authentication and contact the social network's support service. In case of impossible access, interact with the platform's technical...
Interview with Google CISO, Phil VenablesThe critical role of ethical hackers in addressing global security threatsGoogle Cloud expert Phil Venables argues that despite the advent of AI and automation, ethical hackers play a crucial role in identifying new ways to exploit system vulnerabilities. Programs involving ethical hackers can help prevent costly security incidents.
IBM partners with NATO to strengthen cybersecurityStrengthening cyber resilience: IBM's innovative management service for NATONATO has signed a contract with IBM to improve its cybersecurity services. IBM will create a unified system that will allow you to manage information on vulnerabilities and patches, increasing visibility into any risks. This service aims to maintain, update and protect IT assets from the growing cyber...
Generative AI: a new frontier of cybercrimeDouble challenge: the ambivalent role of generative artificial intelligence in cybersecurityThe article explores the risks and opportunities of GAIA (generative artificial intelligence) in cybersecurity. While AI can enhance defense against cyber attacks, it can also arm cybercriminals with more sophisticated tools. Therefore, defense strategies must include sound human training and international...
Bluetooth: the new threat to device securityMalicious people can connect via Bluetooth without your consentCybersecurity research has identified a critical Bluetooth vulnerability affecting various Android, Linux, iOS and macOS devices. Attackers can connect via Bluetooth without the user's consent, thus being able to control the device. Software companies are rolling out corrective patches. To prevent such...
End-to-end encryption on Facebook MessengerSecurity and privacy enhanced but new ethical concerns raisedMeta announced that end-to-end encryption will become the norm on Facebook and Messenger, ensuring the privacy of conversations between sender and recipient. The path towards this greater security was long and complex. However, the adoption of this technology raises concerns about its potential use for...
Security update for Chrome 120Summary of the issues resolved and details on the implications of the memory leaksGoogle has updated Chrome to version 120, fixing 10 security vulnerabilities. The most serious are related to 'use-after-free' issues, potentially dangerous because they can allow the execution of arbitrary code. In the update, Google awarded rewards totaling $15,000 to researchers for reporting such...
Critical vulnerability discovered in NFT open-source librarySecurity gap detected in smart contract library: exploit risk for non-fungible tokens (NFTs)Tech company Thirdweb has revealed a vulnerability in an open-source library used to develop smart contracts for NFTs. This bug may affect many contracts in the Web3 industry. While there are no active exploits, Thirdweb has warned developers to take preventative measures. The company has also strengthened...
Bluffs: the alarm of the Italian researcher on bluetooth securityBluffs vulnerability revealed: how it risks your privacy through bluetoothThe new Bluetooth system vulnerability, called "Bluffs", was discovered by Italian researcher Daniele Antonioli. This flaw could compromise the security of various devices manufactured since 2014. It relies on the generation of weak security keys, threatening user privacy. Antonioli presented his research...
Apple responds to zero-day vulnerabilities with hotfixesApple has taken urgent action to fix two critical security flawsApple has released an urgent update to fix two zero-day vulnerabilities affecting iPhone, iPad and Mac devices. The flaws, located in the WebKit rendering engine, allowed attacks via malicious web pages that could lead to unauthorized memory reading and corruption. code execution. The security updates...
Rising trend for outsourcing in cybersecurity strategiesCyber security increasingly relies on external expertsA Kaspersky study shows an increase in cybersecurity outsourcing, with 40% of companies relying on external services to strengthen security due to limited internal resources and expertise. We also invest in automation.
Cyber security: the importance of white hatsGuardians of the web: the impact and strategies of experts in defending the webEthical hackers help protect computer systems and networks by discovering vulnerabilities and teaching how to defend against hacker attacks, collaborating on data security.
Cybersecurity strategies compared between Taiwan and JapanStrengthening digital defenses in the information ageTaiwan and Japan strengthen cybersecurity against attacks and disinformation, Taiwan educates about digital, Japan uses AI in defenses.
Breach in biometric verification on PCsSecurity vulnerabilities in fingerprint recognition sensorsRecent research highlights vulnerabilities in the fingerprint sensors of some laptops, which allow unauthorized access. The use of secure protocols such as SDCP is recommended.
Microsoft launches security rewards programEncourage the search for flaws in the security of defender productsMicrosoft has launched the "Microsoft Defender Bounty Program" which rewards up to $20,000 to those who find and report serious errors in its Defender products.