21 avril 2024 | International, Sécurité

Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack

A critical vulnerability (CVE-2024-3400) in Palo Alto Networks PAN-OS is being actively exploited by threat actors.

https://thehackernews.com/2024/04/palo-alto-networks-discloses-more.html

Sur le même sujet

  • French Air Force introduces new UAV pilot training scheme

    24 mai 2019 | International, Aérospatial

    French Air Force introduces new UAV pilot training scheme

    Frédéric Lert, Bordeaux - Jane's Defence Weekly The French Air Force is ramping up the recruitment and training of unmanned aerial vehicle (UAV) crews to cope with the service's expanding air vehicle inventory. While the 1/33 Belfort UAV squadron currently flies five GA-ASI MQ-9 Reaper medium-altitude long-endurance (MALE) UAVs using 20 qualified crews (with each crew consisting of a pilot, sensor operator, tactical co-ordinator and image analyst), the plan is to have 24 MALE UAVs operational by 2030, generating a requirement for 80 to 100 crews. The greatest urgency is to train the pilots to cope with this expansion, so the air force is introducing a new course into its flying schools alongside those already existing for fighters, transport aircraft and helicopters. The first phase of training will fall under the responsibility of the Centre d'excellence drone (CED) in Salon de Provence, southern France. The CED, which until now was more oriented towards research, thus sees its mission considerably evolve. During this phase the students will fly Cirrus light aircraft and receive some specific training, especially in relation to instrument flight rules (IFR). The second phase will then take the student pilots to the air force flying school in Cognac, where they will improve their piloting skills on the Grob 120 basic trainer. They will then move on to the UAV Operational Conversion Squadron (Escadron de Transformation Opérationnelle Drone - ETOD) and the 1/33 Belfort to acquire the particular tactical know-how required to operate the Reapers. https://www.janes.com/article/88729/french-air-force-introduces-new-uav-pilot-training-scheme

  • China is driving use of armed drones in Mideast, says British think tank

    18 décembre 2018 | International, Aérospatial

    China is driving use of armed drones in Mideast, says British think tank

    By: Zeina Karam, The Associated Press BEIRUT — The use of armed drones in the Middle East, driven largely by sales from China, has grown significantly in the past few years with an increasing number of countries and other parties using them in regional conflicts to lethal effects, a new report said Monday. The report by the Royal United Services Institute, or RUSI, found that more and more Mideast countries have acquired armed drones, either by importing them, such as Jordan, Iraq, Saudi Arabia and the United Arab Emirates, or by building them domestically like Israel, Iran and Turkey. China has won sales in the Middle East and elsewhere by offering UAVs at lower prices and without the political conditions attached by the United States. The Associated Press reported earlier this year that countries across the Middle East locked out of purchasing American-made drones are being wooed by Chinese arms dealers, helping expand Chinese influence across a region vital to American security interest. It noted the use of Chinese armed drones across Mideast battlefields, including in the war on Yemen, employed by the Emirati Air Force. Iran has also violated Israeli airspace with armed UAVs from bases in Syria, provoking armed Israeli response on the suspected bases. The RUSI report, titled “Armed Drones in the Middle East: Proliferation and Norms in the Region,” said that by capitalizing on the gap in the market over the past few years, Beijing has supplied armed drones to several countries that are not authorized to purchase them from the U.S., and at a dramatically cheaper price. "China, a no-questions-asked exporter of drones, has played and is likely to continue playing a key role as a supplier of armed UAVs to the Middle East," it said. The report explored where and how each of the states have used their armed drones and whether they have changed the way these countries approach air power. It found that Iran, the UAE and Turkey all changed the way they employ air power after they acquired armed drones. For Turkey and the UAE, armed drones enabled them to conduct strikes in situations where they would not have risked using conventional aircraft, it said. Iran developed armed drones from the outset specifically to project power beyond the reach of its air force, which is hamstrung by obsolete aircraft and sanctions, the report added. The report said it remains to be seen whether and how the loosening of restrictions on the export of armed drones by the Trump administration will alter dynamics in the region. The administration in April permitted U.S. manufacturers to directly market and sell drones, including armed versions, although the government must still approve and license the sales. Aniseh Bassiri Tabrizi, who authored the report along with Justin Bronk, said proliferation of armed drones in the Middle East is unlikely to stop and could accelerate despite changes introduced by the U.S. administration. “Over the past two years the sales have increased massively and they are likely to increase even more,” she said. “This kind of collaboration is just going to grow especially in cases where countries don't have the capacity to build them themselves.” https://www.defensenews.com/unmanned/2018/12/17/china-is-driving-use-of-armed-drones-in-mideast-says-british-think-tank

  • DARPA Explores New Computing Architectures to Deliver Verifiable Data Assurances

    17 janvier 2019 | International, C4ISR, Sécurité

    DARPA Explores New Computing Architectures to Deliver Verifiable Data Assurances

    Program seeks to create new software and hardware architectures that provide physically provable assurances around data security and privacy Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. When a user enters information on a phone, for example, it is difficult to provably track that the data remains on the phone or whether it is uploaded to a server beyond the device. The national defense and security communities are similarly left with few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it's loaded to an internet-connected system. “As cloud systems proliferate, most people still have some information that they want to physically track – not just entrust to the ether,” said Walter Weiss, DARPA program manager. “Users should be able to trust their devices to keep their information private and isolated.” Keeping a system completely disconnected from all means of information transfer is an unrealistic security tactic. Modern computing systems must be able to communicate with other systems, including those with different security requirements. Today, commercial and defense organizations often leverage a series of air-gaps, or breaks between systems, to keep the most sensitive computing devices and information secure. However, interfaces to such air-gapped systems are typically added in after the fact and are exceedingly complex, placing undue burden on systems operators as they implement or manage them. To create scalable solutions that provide safe, verifiable methods of tracking information and communications between systems, DARPA launched the Guaranteed Architecture for Physical Security (GAPS) program. The goal of GAPS is to develop hardware and software architectures that can provide physically provable guarantees around high-risk transactions, or where data moves between systems of different security levels. DARPA wants to ensure that these transactions are isolated and that the systems they move across are enabled with the necessary data security assertions. The intended outputs of this program are hardware and software co-design tools that allow data separation requirements to be defined during design, and protections that can be physically enforced at system runtime. GAPS is divided into three research areas that will address: 1) the creation of hardware components and interfaces; 2) the development of software co-design tools; and, 3) the integration of these components and tools, as well as their validation against exemplar Department of Defense (DoD) systems. The new hardware components and interfaces are designed to provide system designers with a library of hardware tools to securely isolate data during transactions. The software co-design tools could someday allow developers to easily employ GAPS hardware components without requiring changes to their existing development processes and frameworks. Finally, the integration and validation of the hardware and software architectures on DoD systems could be used to demonstrate the capability and maturity of the GAPS approach for the kinds of problems DoD system integrators currently face, and expect to see in the future. Commercializing the resulting technologies is also an objective of the program. The verifiable security properties created under GAPS may also help create safer commercial systems that could be used for preserving proprietary information and protecting consumer privacy. GAPS is part of the second phase of DARPA's Electronics Resurgence Initiative (ERI) - a five-year, upwards of $1.5 billion investment in the future of domestic, U.S. government and defense electronics systems. Under ERI Phase II, DARPA is exploring the development of trusted electronics components, including the advancement of electronics that can enforce security and privacy protections. GAPS will help address the DoD's unique requirements for assured electronics while helping to move forward ERI's broader mission of creating a more robust, secure and heavily automated electronics industry. DARPA will hold a Proposers Day on January 23, 2019 from 9:00am to 2:30pm (EST) at the DARPA Conference Center, located at 675 North Randolph Street, Arlington, Virginia 22203, to provide more information about GAPS and answer questions from potential proposers. For details on the event, including registration requirements, please visit: http://www.cvent.com/events/gaps-proposers-day/event-summary-34cbadc0ab2248bb860db3df8223a2f6.aspx. A Broad Agency Announcement that fully describes the GAPS program structure and objectives can be found here: https://www.fbo.gov/index?s=opportunity&mode=form&id=cfecfe762954149924ec59c95ec6a7b8&tab=core&_cview=1. https://www.darpa.mil/news-events/2019-01-16

Toutes les nouvelles