Blog

18Avr 2025 by Webmaster

Funding Expires for Key Cyber Vulnerability Database (Krebs on Security)

Sécurité
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking down. The federally funded, non-profit research and development organization MITRE warned today that its contract to maintain the Common Vulnerabilities and Exposures (CVE) program — which is traditionally funded each year by the Department of Homeland Security — expires on April 16. A letter from MITRE vice president Yosry Barsoum, warning that the funding for the CVE program will expire on April 16, 2025. Tens of thousands of security flaws in software are found and reported every year, and these vulnerabilities are eventually assigned their own unique CVE tracking number (e.g. CVE-2024-43573, which is a Microsoft Windows bug that Redmond patched last year). There are…
Read More
17Avr 2025 by Webmaster

Mustang Panda Targets Myanmar With StarProxy, EDR Bypass, and TONESHELL Updates

Actualités
The China-linked threat actor known as Mustang Panda has been attributed to a cyber attack targeting an unspecified organization in Myanmar with previously unreported tooling, highlighting continued effort by the threat actors to increase the sophistication and effectiveness of their malware. This includes updated versions of a known backdoor called TONESHELL, as well as a new lateral movement
Read More
17Avr 2025 by Webmaster

Artificial Intelligence – What’s all the fuss?

Actualités
Talking about AI: Definitions Artificial Intelligence (AI) — AI refers to the simulation of human intelligence in machines, enabling them to perform tasks that typically require human intelligence, such as decision-making and problem-solving. AI is the broadest concept in this field, encompassing various technologies and methodologies, including Machine Learning (ML) and Deep Learning. Machine
Read More
17Avr 2025 by Webmaster

State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns

Actualités
Multiple state-sponsored hacking groups from Iran, North Korea, and Russia have been found leveraging the increasingly popular ClickFix social engineering tactic to deploy malware over a three-month period from late 2024 through the beginning of 2025. The phishing campaigns adopting the strategy have been attributed to clusters tracked as TA427 (aka Kimsuky), TA450 (aka MuddyWater,
Read More
17Avr 2025 by Webmaster

Blockchain Offers Security Benefits – But Don’t Neglect Your Passwords

Actualités
Blockchain is best known for its use in cryptocurrencies like Bitcoin, but it also holds significant applications for online authentication. As businesses in varying sectors increasingly embrace blockchain-based security tools, could the technology one day replace passwords? How blockchain works  Blockchain is a secure way to maintain, encrypt, and exchange digital records of transactions.
Read More
17Avr 2025 by Webmaster

Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers

Actualités
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration. The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like Binance or
Read More