Patch Now: Oracle's Fusion Middleware Has Critical RCE Flaw
Gouvernance & RégulationDark Readingil y a 9 jours
Attackers can execute arbitrary code without authentication if Oracle's Identity or Web Services Managers are exposed to the Web.
Flux RSS
— Sources secondaires363articles RSS
ReinitialiserCyber OpSec Fail: Beast Gang Exposes Ransomware Server
Malware & RansomwareDark Readingil y a 9 jours
Files on a central cloud server used by the ransomware group highlight a systematic, aggressive attack on network backups as a key TTP.
Interlock Ransomware Targets Cisco Enterprise Firewalls
Vulnérabilités & PatchesDark Readingil y a 9 jours
The ransomware gang, known for double-extortion attacks, had access to a critical Cisco firewall vulnerability weeks before it was publicly disclosed.
Proton Mail Shared User Information with the Police
GénéralSchneier on Securityil y a 10 jours
404 Media has a story about Proton Mail giving subscriber data to the Swiss government, who passed the information to the FBI. It’s metadata—payment information related to a particular account—but still important knowledge. This sort of thing happens, even to privacy-centric companies like Proton Mail.
Hackers Exploit Critical Langflow Bug in Just 20 Hours
Gouvernance & RégulationInfosecurity Magazineil y a 10 jours
Sysdig details how threat actors exploited a critical CVE in Langflow in less than a day
NCA Boss Warns That Teens Are Being “Radicalized” Into Cybercrime Online
GénéralInfosecurity Magazineil y a 10 jours
The National Crime Agency’s director general warns that technology is rapidly reshaping crime
Development of the banks' financial situation over the last years
GénéralCSSF Publicationsil y a 10 jours
Situation as at 31 December 2025
Warning concerning persons misusing the name of the Chair of the CSSF Board
Gouvernance & RégulationCSSF Publicationsil y a 10 jours
(first publication: 30 October 2024)
Development of the bank's balance sheet total
GénéralCSSF Publicationsil y a 10 jours
Situation as at 31 December 2025
Quarterly development of employment in banks
GénéralCSSF Publicationsil y a 10 jours
Situation as at 31 December 2025
List of members of the Investment Fund Managers Committee (Updated)
GénéralCSSF Publicationsil y a 10 jours
Register of EU/EEA Mortgage Credit Intermediaries operating in Luxembourg under the freedom to provide services in accordance with the Mortgage Credit Directive 2014/17/EU (Updated)
Gouvernance & RégulationCSSF Publicationsil y a 10 jours
AI Conundrum: Why MCP Security Can't Be Patched Away
Vulnérabilités & PatchesDark Readingil y a 10 jours
RSAC Conference Preview: MCP introduces security risks into LLM environments that are architectural and not easily fixable, researcher says.
With Government's Role Uncertain, Businesses Unite to Combat Fraud
GénéralDark Readingil y a 10 jours
Major industry leaders agree to share information and collaborate to boost defenses in the wake of distressing online scams.
Native Launches With Security Control Plane for Multicloud
Vulnérabilités & PatchesDark Readingil y a 10 jours
The cloud security startup's platform translates and enforces security policies across AWS, Azure, Google Cloud, and Oracle using provider-native controls.
Post-Quantum Web Could be Safer, Faster
Threat IntelligenceDark Readingil y a 10 jours
Major providers are testing a quantum-safe version of HTTPS that shrinks certificates to one-tenth their previous size, decreasing latency and adding transparency.
Ransomware Affiliate Exposes Details of 'The Gentlemen' Operation
Gouvernance & RégulationInfosecurity Magazineil y a 10 jours
Hastalamuerte leaks The Gentlemen RaaS ops: FortiGate exploits, BYOVD evasion, Qilin split tactics
Communication regarding management notifications and de-notifications with a European passport for Luxembourg-domiciled IFMs
GénéralCSSF Publicationsil y a 10 jours
Financial Brands Targeted in Global Mobile Banking Malware Surge
Malware & RansomwareInfosecurity Magazineil y a 10 jours
Mobile banking malware targets over 1200 financial apps globally, shifting fraud to user devices
FCA Updates Cyber Incident and Third-Party Reporting Rules
Outils & RechercheInfosecurity Magazineil y a 11 jours
The UK’s financial regulator has issued new rules to make incident and third-party reporting clearer