Les news de la curation sur des nouveautés et l’humour

Unpatched Critical Flaw Disclosed in Zoom Software for Windows 7 or Earlier

A zero-day vulnerability has been discovered in Zoom video conferencing software for Windows that could allow an attacker to execute arbitrary code on a victim’s computer running Microsoft Windows 7 or older. To successfully exploit the zoom vulnerability, all an attacker needs to do is tricking a Zoom user into performing some typical action like opening a received document file. No security
Source de l’article sur The Hacker News

Kubernetes Authentication

There are three steps that Kubernetes uses to enforce security access and permissions — Authentication, Authorization and Admission. In this article we are going to consider Authentication first.

              The Authentication, Authorization and Admission Control Process

The first thing in Authentication is Identity.

Source de l’article sur DZONE

Cybersécurité & IoT : une montre connectée pour seniors peut mener à la surdose médicamenteuse

La société de sécurité britannique Pen Test Partners vient de découvrir qu’une vulnérabilité de certaines montres destinées principalement aux personnes souffrant de graves problèmes de mémoire, pouvait permettre à un pirate informatique d’envoyer sur les montres le rappel « prenez vos pilules » aussi souvent qu’il le voulait.
Source de l’article sur UNDERNEWS

K-Means and SOM: Introduction to Popular Clustering Algorithms

K-means and Kohonen SOM are two of the most widely applied data clustering algorithms.  

Although K-means is a simple vector quantization method and Kohonen SOM is a neural network model, they’re remarkably similar. 

Source de l’article sur DZONE

Joker Malware Apps Once Again Bypass Google’s Security to Spread via Play Store

Cybersecurity researchers took the wraps off yet another instance of Android malware hidden under the guise of legitimate applications to stealthily subscribe unsuspecting users for premium services without their knowledge. In a report published by Check Point research today, the malware — infamously called Joker (or Bread) — has found another trick to bypass Google’s Play Store protections:
Source de l’article sur The Hacker News

Low-code Limits Customization Flexibility: Myth or Reality?

It’s not controversial to say that low-code has become a trend in the development of turnkey solutions for business. However, low-code is not traditionally the first choice for developing systems that handle complex business tasks. One of the main drawbacks associated with low-code development is the limited functionality of applications created. Often platforms do not provide an easy way to add custom code.

In this article, we will discuss if a low-code platform could be flexible enough to describe the logic of really sophisticated business processes.

Source de l’article sur DZONE

L’utilisation d’applications d’espionnage et de harcèlement en ligne a augmenté de 51 % pendant le confinement

Alors que les cas de violence domestique ont progressé pendant la période de confinement, le Threat Labs d’Avast constate que les menaces numériques pesant sur la vie privée et la sécurité des personnes ont également pris de l’ampleur depuis la mise en place des mesures.
Source de l’article sur UNDERNEWS

The Incident Response Challenge 2020 — Results and Solutions Announced

In April 2020, Cynet launched the world’s first Incident Response Challenge to test and reward the skills of Incident Response professionals. The Challenge consisted of 25 incidents, in increasing difficulty, all inspired by real-life scenarios that required participants to go beyond the textbook solution and think outside of the box. Over 2,500 IR professionals competed to be recognized as
Source de l’article sur The Hacker News

Building a Mission-Critical Open Source Java Platform – Installing WildFly

In the previous article in this series introduced our thoughts on setting up a mission-critical open source Java platform using high availability in our Web layer. In this article we’ll continue by installing WildFly and configure our platforms topology.


Note: the terminology in this article, where possible, has been adjusted from the traditional master / slave descriptions to master / subordinate. Some of the images displayed have not yet been updated and show the older terminology. 

Source de l’article sur DZONE

Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service

Microsoft has announced a new free-to-use initiative aimed at uncovering forensic evidence of sabotage on Linux systems, including rootkits and intrusive malware that may otherwise go undetected. The cloud offering, dubbed Project Freta, is a snapshot-based memory forensic mechanism that aims to provide automated full-system volatile memory inspection of virtual machine (VM) snapshots, with
Source de l’article sur The Hacker News