Vous êtes ici :   Accueil » RSS - net-security.org
 
Prévisualiser...  Imprimer...  Imprimer la page...
!Introduction
Technique
Outils
Base de connaissances
Visites

 1684130 visiteurs

 2 visiteurs en ligne

Contact

Notre site
griessenconsulting-Tag-Qrcode.png

info@griessenconsulting.ch

ch.linkedin.com/in/thierrygriessenCISA

Neuchâtel, Suisse


Mes coordonées
griessenconsulting-Tag-Vcard-OK.png

Crée votre Code

RSS - net-security.org

Help Net Security


Daily information security news with a focus on enterprise security.


Facebook open-sources a static analyzer for Python code  Voir?

Need a tool to check your Python-based applications for security issues? Facebook has open-sourced Pysa (Python Static Analyzer), a tool that looks at how data flows through the code and helps developers prevent data flowing into places it shouldn’t. How the Python Static Analyzer works Pysa is a security-focused tool built on top of Pyre, Facebook’s performant type checker for Python. “Pysa tracks flows of data through a program. The user defines sources (places where … More

The post Facebook open-sources a static analyzer for Python code appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 14:16)

Critical ManageEngine ADSelfService Plus RCE flaw patched  Voir?

A critical vulnerability (CVE-2020-11552) in ManageEngine ADSelfService Plus, an Active Directory password-reset solution, could allow attackers to remotely execute commands with system level privileges on the target Windows host. About ManageEngine ADSelfService Plus ManageEngine ADSelfService Plus is developed by ManageEngine, a division of Zoho Corporation, a software development company that focuses on web-based business tools and information technology. “ADSelfService Plus supports self-service password reset for WFH and remote users by enabling users to reset Windows … More

The post Critical ManageEngine ADSelfService Plus RCE flaw patched appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 11:15)

The precision of security undermined by a failure to correlate  Voir?

If Paul Newman’s Cool Hand Luke character were to address the security industry, his opening line would likely be: “What we have here is a failure to correlate.” Today, one of the major deficiencies affecting security is not a lack of data or even an aggregation of data, but the central problem is one of correlating data and connecting the dots to find otherwise hidden traces of attack activity. While many organizations have a SIEM, … More

The post The precision of security undermined by a failure to correlate appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 07:00)

Internal investigations are changing in the age of COVID-19  Voir?

Internal investigations in corporations are typically conducted by the human resources (HR) department, internal compliance teams, and/or the IT department. Some cases may also require the involvement of outside third parties like forensic experts, consultants, law or accounting firms, or security experts. These are often complex matters from a legal, process and technical perspective. Depending on the nature and extent of the potential misconduct, the stakes can be very high, with risks that include legal … More

The post Internal investigations are changing in the age of COVID-19 appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 06:30)

Why the rapid transition to cloud demands that DevOps shift left  Voir?

To accommodate remote work policies amid COVID-19, companies have increasingly adopted the public cloud to support off-site business continuity. A MarketsandMarkets analysis found that due to the impact of the current crisis, the cloud market is expected to grow from $233 billion in 2019 to $295 billion by 2021. The transition to remote work by organizations across the globe is not temporary. Companies are realizing that employees are just as productive working from home or … More

The post Why the rapid transition to cloud demands that DevOps shift left appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 06:00)

6,600 organizations bombarded with 100,000+ BEC attacks  Voir?

Cybercriminals are increasingly registering accounts with legitimate services, such as Gmail and AOL, to use them in impersonation and BEC attacks, according to Barracuda Networks. BEC attacks impact thousands of organizations In their most recent threat spotlight report, Barracuda researchers observed that 6,170 malicious accounts that have used Gmail, AOL and other email services, have been responsible for over 100,000 BEC attacks which have impacted nearly 6,600 organizations. What’s more, since April 1, these ‘malicious … More

The post 6,600 organizations bombarded with 100,000+ BEC attacks appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 05:30)

DevOps is transforming database development in the healthcare sector  Voir?

As IT teams across the country struggle with smaller budgets and staffing shortages, every industry has seen a rising demand for standardized process and automation to quickly address pressing needs, according to Redgate. Increasing need for DevOps in healthcare In the healthcare sector, the pandemic has forced IT to work under pressure to quickly develop and deliver effective telehealth services, while also facilitating access to electronic health records and other sensitive patient data to ensure … More

The post DevOps is transforming database development in the healthcare sector appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 05:00)

Datadog has acquired Undefined Labs, a testing and observability company for developer workflows  Voir?

Datadog has acquired Undefined Labs, a testing and observability company for developer workflows. This acquisition extends Datadog’s existing platform into development environments and will provide organizations with better tooling and monitoring in continuous integration and deployment (CI/CD) workflows. “In modern distributed systems, even small changes can have a big impact on applications’ performance and availability,” said Ilan Rabinovitch, Vice President, Product and Community at Datadog. “By enabling observability early in the development cycle, we can … More

The post Datadog has acquired Undefined Labs, a testing and observability company for developer workflows appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 01:00)

Avaya updated its branding to align its portfolio under the Avaya OneCloud name  Voir?

Avaya updated its branding architecture to align its portfolio under the Avaya OneCloud name. The evolved branding reflects the company’s multi-cloud application ecosystem, and its acceleration in bringing new solutions to market delivering the future of customer and employee experiences. Avaya OneCloud encompasses the entire Avaya portfolio, offering rich capabilities across contact center, unified communications, collaboration and CPaaS. Solutions and products are now categorized into three focus areas: Avaya OneCloud CCaaS, Avaya OneCloud UCaaS and … More

The post Avaya updated its branding to align its portfolio under the Avaya OneCloud name appeared first on Help Net Security.

... / ... Lire la suite

(10/08/2020 @ 00:30)

Week in review: Free security tools, TeamViewer flaw, Patch Tuesday forecast  Voir?

Here’s an overview of some of last week’s most interesting news and articles: August 2020 Patch Tuesday forecast: Planning for the end? There doesn’t seem to be an end in sight to the COVID-19 crisis, but there are some important end-of-life/end-of-support dates we should be aware of when it comes to software. Researchers flag two zero-days in Windows Print Spooler Researchers found a way to bypass the patch for CVE-2020-1048 and re-exploit the vulnerability on … More

The post Week in review: Free security tools, TeamViewer flaw, Patch Tuesday forecast appeared first on Help Net Security.

... / ... Lire la suite

(09/08/2020 @ 09:00)

Dernière mise à jour : 10/08/2020 @ 18:01