Catégorie : Cybersecurity
[Cybersécurité] AI-Driven Cyberattack on Mexico Couldn’t Breach OT Systems
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
[Cybersécurité] It’s Patch Tuesday for Microsoft & Not a Zero-Day In Sight
It’s the first time in two years with no zero-days. But with 137 flaws to patch, including nine critical ones, admins still have plenty of work to do.
[Cybersécurité] Foxconn Attack Highlights Manufacturing’s Cyber Crisis
A Nitrogen ransomware attack on Foxconn’s North American facilities is one of 600 hits on manufacturers this year, as gangs increasingly target the sector for its low tolerance for downtime.
[Cybersécurité] Trellix Source Code Breach Highlights Growing Supply Chain Threats
Info is scant, but such breaches can reveal where a security product’s controls are located and how detections are designed, giving attackers a leg up.
Russian Script Kiddie Assembles Massive DDoS Botnet
Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices — and enterprise servers.
Microsoft Finally Releases Recall as Part of Windows Insider Preview
The preview version now includes multiple security-focused additions Microsoft had promised to include, such as SecureBoot, BitLocker, and Windows Hello.
Attackers Breach IT-Based Networks Before Jumping to ICS/OT Systems
SANS recently published its 2024 State of ICS.OT Cybersecurity report, highlighting the skills of cyber professionals working in critical infrastructure, budget estimates, and emerging technologies. The report also looked at the most common types of attack vectors used against ICT/OT networks.
Jen Easterly, CISA Director, to Step Down on Inauguration Day
Other Biden administration appointees at CISA will also submit their resignations on Jan. 20, as the cyberdefense agency prepares for President-elect Trump’s new DHS director.
Critical WordPress Plug-in Flaw Exposes 4M Sites to Takeover
A vulnerability found in the Really Simple Security plug-in allows an attacker to remotely gain access to any account on an affected website, including the administrator, when 2FA is enabled.
China’s ‘Liminal Panda’ APT Attacks Telcos, Steals Phone Data
In US Senate testimony, a CrowdStrike exec explained how this advanced persistent threat penetrated telcos in Asia and Africa, gathering SMS messages, unique identifiers, and other metadata along the way.
![[Cybersécurité] AI-Driven Cyberattack on Mexico Couldn’t Breach OT Systems](https://cyber.kiminox.net/wp-content/uploads/2024/10/cybersecurity_img2-100x100.png)