What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-07-08 22:00:00 | FortiGate-as-a-Service Combines the Flexibility and Scalability of the Cloud with the Power of Fortinet\'s Purpose-built ASICs (lien direct) | Fortinet announces FortiGate-as-a-Service, an innovative solution that combines the power of our proprietary ASIC technology with the flexibility and scalability of cloud services. Learn more. | |||
 |
2024-07-08 20:38:00 | Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites (lien direct) | An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proof-of-concept (PoC) report published last week. " | |||
|
2024-07-08 18:45:00 | Nouveau Ransomware-as-a-Service \\ 'Eldorado \\' cible Windows et Linux Systems New Ransomware-as-a-Service \\'Eldorado\\' Targets Windows and Linux Systems (lien direct) |
Une opération émergente Ransomware-as-a-Service (RAAS) appelée Eldorado est livrée avec des variantes de casier pour chiffrer les fichiers sur les systèmes Windows et Linux.
Eldorado est apparu pour la première fois le 16 mars 2024, lorsqu'une publicité pour le programme d'affiliation a été publiée sur la rampe du forum Ransomware, a déclaré le groupe de Singapour.
La société de cybersécurité, qui a infiltré le groupe de ransomwares, a noté que son
An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said. The cybersecurity firm, which infiltrated the ransomware group, noted that its |
Ransomware | ||
|
2024-07-08 16:30:00 | 5 questions clés Les CISO doivent se poser des questions sur leur stratégie de cybersécurité 5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy (lien direct) |
Des événements comme la récente attaque de ransomware CDK massive & # 8211;qui ont fermé des concessionnaires automobiles aux États-Unis fin juin 2024 & # 8211;soulever à peine les sourcils publics. & nbsp;
Pourtant, les entreprises et les personnes qui les dirigent, sont à juste titre nerveuses.Chaque CISO sait que la cybersécurité est un sujet de plus en plus chaud pour les dirigeants et les membres du conseil d'administration.Et quand l'inévitable briefing CISO / Board
Events like the recent massive CDK ransomware attack – which shuttered car dealerships across the U.S. in late June 2024 – barely raise public eyebrows anymore. Yet businesses, and the people that lead them, are justifiably jittery. Every CISO knows that cybersecurity is an increasingly hot topic for executives and board members alike. And when the inevitable CISO/Board briefing rolls |
Ransomware | ||
 |
2024-07-08 16:00:00 | New APT CloudSorcerer Malware Hits Russian Targets (lien direct) | The malware issues commands via a hardcoded charcode table and Microsoft COM object interfaces | |||
 |
2024-07-08 15:41:25 | Trustwave commits to CISA\'s Secure by Design pledge (lien direct) | >Trustwave recently announced that it has signed the U.S. Cybersecurity and Infrastructure Security Agency (CISA) Secure by Design... | |||
|
2024-07-08 15:37:26 | Chatham House report highlights evolving cyber threats, vulnerabilities in civil nuclear sector (lien direct) | A new research paper by Chatham House takes into consideration the evolving cyber threats that the civil nuclear... | |||
|
2024-07-08 15:32:13 | Cyviation announces Eliran Almog as new CEO, poised for innovative growth (lien direct) | >Cyviation, a vendor in cybersecurity solutions for the aviation industry, announced on Monday the appointment of Eliran Almog... | |||
|
2024-07-08 15:30:00 | Mekotio Trojan Targets Latin American Banking Credentials (lien direct) | Trend Micro said the trojan has been observed masquerading as communications from tax agencies | |||
|
2024-07-08 15:23:00 | Les experts mettent en garde contre le cheval de Troie bancaire Mekotio ciblant les pays d'Amérique latine Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries (lien direct) |
Les institutions financières en Amérique latine sont menacées par un troyen bancaire appelé Mekotio (alias Melcoz).
Cela \\ est selon les résultats de Trend Micro, qui a déclaré avoir récemment observé une vague de cyberattaques distribuant le malware Windows.
Mekotio, connu pour être activement utilisé depuis 2015, est connu pour cibler les pays d'Amérique latine comme le Brésil, le Chili, le Mexique, l'Espagne, le Pérou et le Portugal
Financial institutions in Latin America are being threatened by a banking trojan called Mekotio (aka Melcoz). That\'s according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015, is known to target Latin American countries like Brazil, Chile, Mexico, Spain, Peru, and Portugal |
Malware Prediction | ||
 |
2024-07-08 15:15:34 | Less than 50% of attacks reported: Why and how to train in cyber security (lien direct) | Less than 50% of attacks reported: Why and how to train in cyber security - Special Reports / affiche | |||
 |
2024-07-08 15:06:59 | Weekly OSINT Highlights, 8 July 2024 (lien direct) | ## Snapshot Last week's OSINT reporting highlights a range of sophisticated cyber attacks led by state-aligned APT groups and financially motivated cybercriminals, exploiting vulnerabilities like [CVE-2021-40444](https://sip.security.microsoft.com/intel-profiles/CVE-2021-40444) and [CVE-2023-1389](https://sip.security.microsoft.com/intel-explorer/cves/CVE-2023-1389/) to deploy spyware and botnets. State-sponsored actors such as North Korea's Kimsuky and Pakistan's Transparent Tribe focused on espionage, targeting academia and military personnel with malware like TRANSLATEXT and CapraRAT. Meanwhile, financially motivated groups like Unfurling Hemlock conducted extensive malware campaigns. Social media and phone-based threats were also prominent, with attacks leveraging Android apps, SMS phishing, and AI-generated content on platforms like YouTube. ## Description 1. **[Exploitation of CVE-2021-40444 in Recent Attacks](https://sip.security.microsoft.com/intel-explorer/articles/15df6ab5)**: FortiGuard Labs identified attacks exploiting the CVE-2021-40444 vulnerability in Microsoft Office to deploy the MerkSpy spyware. The initial vector is a malicious Word document that, upon opening, triggers the download of an HTML file containing embedded shellcode to load MerkSpy into system processes. 2. **[CopyCop Influence Network Targets 2024 US Elections](https://sip.security.microsoft.com/intel-explorer/articles/fc24601e)**: Recorded Future reports that the Russian-linked CopyCop network is using generative AI to create fake websites and personas to influence the 2024 US elections. This network employs deepfakes and AI-generated content to target political leaders in the EU and Ukraine, leveraging conservative-leaning outlets and US-based hosts to obscure its origins. 3. **[Unfurling Hemlock's Extensive Malware Distribution Campaign](https://sip.security.microsoft.com/intel-explorer/articles/7b39eb7e)**: KrakenLabs discovered a large-scale campaign by Unfurling Hemlock, distributing malware like Redline and Amadey through nested compressed files. This financially motivated group used sophisticated obfuscation techniques and targeted organizations worldwide, with significant activity traced back to Eastern Europe. 4. **[Kimsuky's New Chrome Extension Targets South Korean Academia](https://sip.security.microsoft.com/intel-explorer/articles/c58faf92)**: Zscaler ThreatLabz identified the North Korean APT group Kimsuky (Emerald Sleet) using a new Chrome extension, TRANSLATEXT, to steal data from South Korean academics. The malware, distributed through a decoy file, gathers sensitive information and communicates with a C2 server, targeting researchers focused on North Korea. 5. **[Transparent Tribe's CapraRAT Campaign Updates](https://sip.security.microsoft.com/intel-explorer/articles/d62a3110)**: SentinelLabs found new CapraRAT Android packages linked to the Pakistan-aligned Transparent Tribe, targeting Indian government and military personnel. The updated APKs, disguised as video browsing apps, have increased compatibility with newer Android devices and continue the group's focus on surveillance and data collection. 6. **[Botnets Exploiting Linux Cloud Servers](https://sip.security.microsoft.com/intel-explorer/articles/36146b72)**: FortiGuard Labs observed botnets like UNSTABLE and Condi exploiting vulnerabilities in Linux cloud servers for DDoS attacks and malware distribution. These botnets use various techniques, including brute force attacks and sophisticated evasion methods, to control and utilize infected servers for malicious operations. 7. **[Resurgence of Medusa Banking Trojan](https://sip.security.microsoft.com/intel-explorer/articles/48480abe)**: Cleafy's threat intelligence team reported a resurgence of the Medusa banking trojan, targeting countries such as France, Italy, and the US. The new compact variants, distributed through SMS phishing campaigns, feature enhanced capabilities for On-Device Fraud (ODF) and utilize public social media profiles to fetch C2 server URLs dynamically. | |||
 |
2024-07-08 15:02:49 | Industrial Cyber Security Basics Can Help Protect APAC Operational Technology Operators: Dragos (lien direct) | Operational technology users face challenges including communication between process engineering and cyber security teams, a growth in malware and ransomware, and insiders making basic technology mistakes. | |||
 |
2024-07-08 15:02:04 | 8 juillet & # 8211;Rapport de renseignement sur les menaces 8th July – Threat Intelligence Report (lien direct) |
> Pour les dernières découvertes en cyberLes meilleures attaques et les violations FIA, l'organe directeur de la Formule 1, ont révélé une violation de données résultant d'une attaque de phishing sur leurs comptes de messagerie.L'attaque a conduit à un accès non autorisé aux données personnelles et à l'incident [& # 8230;]
>For the latest discoveries in cyber research for the week of 8th July, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES FIA, the governing body for Formula 1, disclosed a data breach stemming from a phishing attack on their email accounts. The attack led to unauthorized access to personal data, and the incident […] |
Data Breach Threat | ||
 |
2024-07-08 14:56:49 | Apple supprime les applications VPN de l'App Store russe à mesure que la censure se resserre Apple Removes VPN Apps from Russian App Store as Censorship Tightens (lien direct) |
Apple supprime les VPN populaires de l'App Store de la Russie après la pression du gouvernement.Cette décision limite l'accès à Free et & # 8230;
Apple removes popular VPNs from Russia’s App Store following government pressure. This move restricts access to free and… |
|||
 |
2024-07-08 14:38:13 | \\ 'Attaque de pirate sérieuse \\' force l'Université de Francfort à fermer les systèmes informatiques \\'Serious hacker attack\\' forces Frankfurt university to shut down IT systems (lien direct) |
Pas de details / No more details | |||
|
2024-07-08 14:30:00 | Cisco avertit la vulnérabilité régressive sur plusieurs produits Cisco Warns regreSSHion Vulnerability Impacts Multiple Products (lien direct) |
Cisco a déclaré aux clients que 42 de ses produits sont affectés par la vulnérabilité OpenSSH Regresshion, avec 51 autres produits étudiés
Cisco has told customers that 42 of its products are impacted by the OpenSSH regreSSHion vulnerability, with a further 51 products being investigated |
Vulnerability | ||
|
2024-07-08 14:00:41 | AI Spera s'associe à Devcons pour étendre \\ 'IP criminel \\' sur le marché du Moyen-Orient AI SPERA Partners with Devcons to Expand \\'Criminal IP\\' into the Middle Eastern Market (lien direct) |
Torrance, États-Unis / Californie, 8 juillet 2024, CyberNewswire
Torrance, United States / California, 8th July 2024, CyberNewsWire |
|||
 |
2024-07-08 14:00:00 | 5 façons d'exécuter la sécurité en tant que méritocratie 5 Ways to Run Security as a Meritocracy (lien direct) |
L'action a plus de poids que les mots.Voici cinq conseils pour encourager une culture de sécurité basée sur les réalisations.
Actions speak louder than words. Here are five tips for encouraging a security culture based on achievements. |
|||
|
2024-07-08 14:00:00 | Déconstruire les hypothèses de sécurité pour assurer la résilience future Deconstructing Security Assumptions to Ensure Future Resilience (lien direct) |
En décomposant les hypothèses fondamentales, nous pouvons planifier de manière proactive et commencer à réaliser la résilience future.
By breaking down fundamental assumptions, we can proactively plan for, and begin to achieve, future resilience. |
|||
 |
2024-07-08 14:00:00 | Enhardi et évolutif: un instantané des cyber-menaces auxquelles l'OTAN est confrontée à l'OTAN Emboldened and Evolving: A Snapshot of Cyber Threats Facing NATO (lien direct) |
Written by: John Hultquist
As North Atlantic Treaty Organization (NATO) members and partners gather for a historic summit, it is important to take stock of one of its most pressing challenges-the cyber threat. The Alliance faces a barrage of malicious cyber activity from all over the globe, carried out by emboldened state-sponsored actors, hacktivists, and criminals who are willing to cross lines and carry out activity that was previously considered unlikely or inconceivable. In addition to military targets, NATO must consider the risks that hybrid threats like malicious cyber activity pose to hospitals, civil society, and other targets, which could impact resilience in a contingency. The war in Ukraine is undoubtedly linked to escalating cyber threat activity, but many of these threats will continue to grow separately and in parallel. NATO must contend with covert, aggressive malicious cyber actors that are seeking to gather intelligence, preparing to or currently attacking critical infrastructure, and working to undermine the Alliance with elaborate disinformation schemes. In order to protect its customers and clients, Google is closely tracking cyber threats, including those highlighted in this report; however, this is just a glimpse at a much larger and evolving landscape. Cyber Espionage NATO\'s adversaries have long sought to leverage cyber espionage to develop insight into the political, diplomatic, and military disposition of the Alliance and to steal its defense technologies and economic secrets. However, intelligence on the Alliance in the coming months will be of heightened importance. This year\'s summit is a transition period, with the appointment of Mark Rutte as the new Secretary General and a number of adaptations expected to be rolled out to shore up the Alliance\'s defense posture and its long-term support for Ukraine. Successful cyber espionage from threat actors could potentially undermine the Alliance\'s strategic advantage and inform adversary leadership on how to anticipate and counteract NATO\'s initiatives and investments. NATO is targeted by cyber espionage activity from actors around the world with varying capabilities. Many still rely on technically simple but operationally effective methods, like social engineering. Others have evolved and elevated their tradecraft to levels that distinguish themselves as formidable adversaries for even the most experienced defenders. APT29 (ICECAP) Publicly attributed to the Russian Foreign Intelligence Services (SVR) by several governments, APT29 is heavily focused on diplomatic and political intelligence collection, principally targeting Europe and NATO member states. APT29 has been involved in multiple high-profile breaches of technology firms that were designed to provide access to the public sector. In the past year, Mandiant has observed APT29 targeting technology companies and IT service providers in NATO member countries to facilitate third-party and software supply chain compromises of government and poli |
Ransomware Malware Tool Vulnerability Threat Legislation Medical Cloud Technical | APT 29 APT 28 | |
|
2024-07-08 13:45:00 | La Russie bloque les services VPN dans la répression des informations Russia Blocks VPN Services in Information Crackdown (lien direct) |
L'interdiction provient du chien de garde de la communication russe Roskomnadzor, probablement dans le but de contrôler le flux d'informations vers les citoyens russes
The ban comes from Russian communication watchdog Roskomnadzor, likely in a bid to control the flow of information to Russian citizens |
|||
 |
2024-07-08 13:34:57 | Arrêter une attaque des ransomwares hospitaliers Halting a hospital ransomware attack (lien direct) |
Red Canary a empêché un hôpital d'être violé.Voyez comment nous avons empêché les ransomwares de permettre à un événement catastrophique.
Red Canary prevented a hospital from being breached. See how we stopped ransomware from enabling a catastrophic event. |
Ransomware | ||
|
2024-07-08 13:13:46 | Explorer l'utilisation de JavaScript V8 compilée dans les logiciels malveillants Exploring Compiled V8 JavaScript Usage in Malware (lien direct) |
> Auteur: Moshe Marelus Introduction Au cours des derniers mois, la RCR a enquêté sur l'utilisation de V8 JavaScript compilé par des auteurs de logiciels malveillants.Le V8 JavaScript compilé est une fonctionnalité moins connue du moteur JavaScript de Google \\, qui permet la compilation de JavaScript en bytecode de bas niveau.Cette technique aide les attaquants à échapper aux détections statiques et à cacher leur code source d'origine, [& # 8230;]
>Author: Moshe Marelus Introduction In recent months, CPR has been investigating the usage of compiled V8 JavaScript by malware authors. Compiled V8 JavaScript is a lesser-known feature in V8, Google\'s JavaScript engine, that enables the compilation of JavaScript into low-level bytecode. This technique assists attackers in evading static detections and hiding their original source code, […] |
Malware | ||
|
2024-07-08 13:00:24 | Point de contrôle & # 8211;Partenariat ISC2 traverse les 4 000 heures de jalon de formation Check Point – ISC2 Partnership Cross the 4,000 Hours of Training Milestone (lien direct) |
> L'éducation et la collaboration sont des piliers importants de l'avancement et de la résilience dans la cybersécurité.Reflétant sur le parcours depuis 2020, le partenariat entre Check Point Mind et ISC2 dans le cadre du programme Ciso Academy, qui fait partie des services mondiaux Infinity de Check Point \\ (ou «IG»), a atteint une étape importante pour équiper les professionnels de la cybersécurité avec des professionnels de la cybersécurité avecLes outils et les connaissances nécessaires pour naviguer et sécuriser leur environnement numérique.Jusqu'à présent, le voyage que notre collaboration a commencé par une vision pour transcender les obstacles d'apprentissage traditionnels dans l'éducation à la cybersécurité.En incorporant les certifications CISSP et CCSP estimées par ISC2 \\ dans nos offres éducatives, nous avons commencé notre mission pour élever [& # 8230;]
>Education and collaboration are important pillars of advancement and resilience in cybersecurity. Reflecting on the journey since 2020, the partnership between Check Point MIND and ISC2 under the CISO Academy program, part of Check Point\'s Infinity Global Services (or “IGS”), has achieved a significant milestone in equipping cyber security professionals with the tools and knowledge needed to navigate and secure their digital environment. The Journey So Far Our collaboration began with a vision to transcend traditional learning barriers in cyber security education. By incorporating ISC2\'s esteemed CISSP and CCSP certifications into our educational offerings, we began our mission to elevate […] |
Tool | ||
 |
2024-07-08 12:56:52 | Ai ne peut pas être notre seule défense contre les cyber-menaces générées par l'AI-AI AI Can\\'t Be Our Only Defense Against AI-Generated Cyber Threats (lien direct) |
> Cette semaine en cybersécurité des éditeurs du magazine Cybercrime & # 8211;Lisez l'histoire complète dans Sécurité Boulevard Sausalito, Californie & # 8211;Le 8 juillet 2024 des utilisateurs occasionnels aux sociétés internationales, les gens affluent vers des outils d'intelligence artificielle pour stimuler leur productivité.Mais ils ne sont pas les
>This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story in Security Boulevard Sausalito, Calif. – Jul. 8, 2024 From casual users to international corporations, people are flocking to artificial intelligence tools to boost their productivity. But they\'re not the |
Tool | ||
 |
2024-07-08 12:47:52 | La décision de la Cour suprême menace le cadre du règlement de la cybersécurité Supreme Court Ruling Threatens the Framework of Cybersecurity Regulation (lien direct) |
> La réduction de la Doctrine de la Cour suprême aura un effet majeur sur la détermination et l'application de la cyber réglementation aux États-Unis.
>The Supreme Court\'s striking down of the Chevron Doctrine will have a major effect on the determination and enforcement of cyber regulation in the US. |
Legislation | ||
|
2024-07-08 12:25:00 | Flaws non corrigées divulguées dans le service GIT Open-source populaire GOGS Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service (lien direct) |
Quatre défauts de sécurité non corrigées, dont trois critiques, ont été divulgués dans le service GIT d'Open-source GOGS qui pourrait permettre à un attaquant authentifié de violer les instances sensibles, de voler ou d'essuyer le code source et même de planter des délais.
Les vulnérabilités, selon les chercheurs de Sonarsource, Thomas Chauchefoin et Paul Gerste, sont répertoriées ci-dessous -
CVE-2024-39930 (CVSS
Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below - CVE-2024-39930 (CVSS |
Vulnerability | ||
|
2024-07-08 12:07:56 | L'ancien employé de Nuance arrêté après la violation de données de Geisinger a exposé 1,2 million de dossiers Former Nuance Employee Arrested After Geisinger Data Breach Exposed 1.2 Million Records (lien direct) |
> Un recours collectif a été intenté contre Geisinger pour avoir omis de sécuriser correctement les patients \\ 'Informations personnelles et de santé.
>A class action lawsuit was filed against Geisinger for failing to properly secure patients\' personal and health information. |
Data Breach | ||
 |
2024-07-08 12:06:12 | Comment empêcher l'usurpation par e-mail avec DMARC How to Prevent Email Spoofing with DMARC (lien direct) |
Email-based attacks are the number one attack vector for cybercriminals. These attacks do not always require a high level of technical sophistication to carry out. And because the human factor is involved, there is almost no doubt they will endure as a favored tactic. One way bad actors can greatly increase their chances of a successful attack is when they can make a recipient believe that they are interacting with a person or a brand that they know or trust. “Email spoofing” plays a critical role in helping to create this illusion. In this blog post, we\'ll explain how email spoofing works, why it causes havoc, and how DMARC can protect your business. How bad actors use email spoofing When an attacker uses email spoofing, they are forging the sending address so that the message appears to come from a legitimate company, institution or person. Bad actors use spoofed domains to initiate attacks like phishing, malware and ransomware, and business email compromise (BEC). Here is a closer look at these strategies. Phishing attacks. A bad actor sends a spoofed email, pretending to be from a legitimate source like a bank, government agency or a known company. Their aim is to get the recipient to reveal sensitive information, like login credentials, financial information or personal data. Malware. Spoofed email can contain malicious attachments or links. When a user clicks on them, they trigger the delivery of viruses, ransomware, spyware or other types of malicious software. These tools help attackers to steal data, disrupt operations or take control of systems. Business email compromise (BEC). Many threat actors use spoofed email to trick employees, partners or customers into transferring money or giving up sensitive information. It can be a lucrative endeavor. Consider a recent report from the FBI\'s Internet Crime Complaint Center, which notes that losses from BEC attacks in 2023 alone were about $2.9 billion. Negative effects of email spoofing When an attacker spoofs legitimate domains and uses them in attacks, the negative repercussions for companies can be significant. Imagine if your best customer believed that they were communicating with you, but instead, they were interacting with an attacker and suffered a significant financial loss. Unfortunately, these scenarios play out daily. And they can lead to the following issues, among others. The loss of trust If attackers succeed in their efforts to spoof a company\'s domain and use it to send phishing emails or other malicious communications, recipients may lose trust in that business. When users receive spoofed emails that appear to come from a brand they trust, they may become wary of future communications from that brand. They will lose confidence in the company\'s ability to protect their information. Damage to brand image As noted earlier, a spoofed domain can tarnish a company\'s brand image and reputation. If recipients fall victim to phishing or other scams that involve spoofed domains, they may associate the business or brand with fraudulent or unethical behavior. Financial losses Spoofed domain attacks can result in financial losses for companies in two main ways. Direct financial losses. Such losses can occur when attackers use spoofed domains to carry out fraudulent activities like the theft of sensitive data or unauthorized transactions. Indirect financial losses. These losses take the form of costs associated with attack mitigation. They can stem from incident investigation, the implementation of security improvements, and efforts designed to help repair the company\'s damaged reputation. Customer dissatisfaction Customers who are victims of spoofed domain attacks may experience frustration and anger. They may be motivated to write negative reviews of a company or issue complaints. Certainly, their level of customer satisfaction will take a hit. Over time, repeated incidents of spoofing attacks | Ransomware Spam Malware Tool Threat Legislation Technical | ||
 |
2024-07-08 12:00:00 | Ce que les fabricants doivent savoir sur le paysage OT Cyber Threat What Manufacturers Need to Know About the OT Cyber Threat Landscape (lien direct) |
> Les environnements de fabrication deviennent de plus en plus des cibles pour les cyber-adversaires.La numérisation des processus de fabrication a brouillé les lignes entre elle ...
Le post ce que les fabricants doivent savoir sur le paysage de l'OT Cyber Threat sur dragos .
>Manufacturing environments are increasingly becoming targets for cyber adversaries. The digitalization of manufacturing processes has blurred the lines between IT... The post What Manufacturers Need to Know About the OT Cyber Threat Landscape first appeared on Dragos. |
Threat Industrial | ||
|
2024-07-08 11:58:00 | Apple supprime les applications VPN de l'App Store russe au milieu de la pression du gouvernement Apple Removes VPN Apps from Russian App Store Amid Government Pressure (lien direct) |
Apple a supprimé un certain nombre d'applications de réseau privé virtuel (VPN) en Russie de son App Store le 4 juillet 2024, à la suite d'une demande de Watchdog des communications de l'État de Russie, Roskomnadzor, a rapporté Russian News Media.
Cela comprend les applications mobiles de 25 fournisseurs de services VPN, notamment ProtonVPN, Red Shield VPN, NORDVPN et LE VPN, selon MediaZona.Il vaut la peine de noter que Nordvpn a précédemment fermé
Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia\'s state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It\'s worth noting that NordVPN previously shut |
Mobile | ||
|
2024-07-08 11:45:18 | ISP majeur accusé d'attaque de logiciels malveillants de masse contre les clients Major ISP Accused of Mass Malware Attack on Customers (lien direct) |
Un important ISP sud-coréen est accusé d'avoir installé des logiciels malveillants sur plus de 600 000 clients \\ 'PCS pour freiner Torrent & # 8230;
A major South Korean ISP is accused of installing malware on over 600,000 customers\' PCs to curb torrent… |
Malware | ||
 |
2024-07-08 11:45:00 | Synnovis attack highlights degraded, outdated state of NHS IT (lien direct) | Pas de details / No more details | |||
|
2024-07-08 11:31:14 | Vigilance Vulnerability Alerts - DNS: overload via DNSBomb Timing Attack, analyzed on 08/05/2024 (lien direct) | An attacker can trigger an overload of DNS, via DNSBomb Timing Attack, in order to trigger a denial of service. - Security Vulnerability | |||
|
2024-07-08 11:31:14 | Vigilance Alertes Vulnérabilités - DNS : surcharge via DNSBomb Timing Attack, analysé le 08/05/2024 (lien direct) | Un attaquant peut provoquer une surcharge de DNS, via DNSBomb Timing Attack, afin de mener un déni de service. - Vulnérabilités | |||
|
2024-07-08 11:02:32 | L\'OTAN s\'enhardit et évolue : Un aperçu des cybermenaces auxquelles l\'OTAN est confrontée (lien direct) | L'OTAN s'enhardit et évolue : Un aperçu des cybermenaces auxquelles l'OTAN est confrontée - Points de Vue | |||
|
2024-07-08 11:00:00 | Les vols de crypto doublent à 1,4 milliard de dollars, trm Labs trouve Crypto Thefts Double to $1.4 Billion, TRM Labs Finds (lien direct) |
Les prix des jetons moyens plus élevés sont la cause probable de la surtension plutôt qu'un changement dans le paysage des menaces cryptographiques
Higher average token prices are the likely cause of the surge rather than a change in the crypto threat landscape |
Threat | ||
 |
2024-07-08 11:00:00 | Comprendre Rafel Rat et son rôle dans les attaques de ransomwares mobiles Understanding Rafel RAT and Its Role in Mobile Ransomware Attacks (lien direct) |
> Rafel Rat est un type de logiciels malveillants qui permet aux attaquants de prendre un contrôle total sur un appareil mobile victime.Une fois installé, Rafel Rat peut effectuer une variété d'activités malveillantes, telles que le vol d'informations sensibles, l'accès aux fonctions de caméra et de microphone, et, de plus en plus, le déploiement de ransomwares. & # 160;Le ransomware mobile est un type de [& # 8230;]
>Rafel RAT is a type of malware that allows attackers to gain complete control over a victim’s mobile device. Once installed, Rafel RAT can perform a variety of malicious activities, such as stealing sensitive information, accessing camera and microphone functions, and, increasingly, deploying ransomware. Mobile ransomware is a type of […] |
Ransomware Malware Mobile | ||
 |
2024-07-08 10:52:52 | IA et développement logiciel : des spécificités françaises (lien direct) | Le principal sondage communautaire de GitLab illustre plusieurs particularités françaises concernant l'IA dans le développement logiciel. | |||
|
2024-07-08 10:07:30 | Fortinet : Profiter d\'un l\'été sportif en toute (cyber)sécurité ! (lien direct) | L'été 2024 s'annonce sportif entre l'Euro de football, le départ du Tour de France, les Jeux Olympiques en juillet et les Jeux Paralympiques en août. Des millions de billets vont être vendus mais également des millions de spectateurs vont faire le déplacement pour assister aux compétitions. Ainsi les arnaques de voyages, de logements, les faux sites de réservation ne sont que quelques exemples des potentielles menaces cyber. Philippe Nault – System Engineering Director chez Fortinet donne quelques (...) - Points de Vue | Threat | ||
 |
2024-07-08 09:56:05 | La violation des données du fournisseur de Roblox expose les informations sur les participants à la conférence Dev Roblox vendor data breach exposes dev conference attendee info (lien direct) |
Roblox a annoncé à la fin de la semaine dernière qu'il avait subi une violation de données ayant un impact sur les participants des participants de la conférence des développeurs 2022, 2023 et 2024.[...]
Roblox announced late last week that it suffered a data breach impacting attendees of the 2022, 2023, and 2024 Roblox Developer Conference attendees. [...] |
Data Breach Conference | ||
|
2024-07-08 09:43:00 | 10 milliards de mots de passe divulgués sur le forum de piratage 10 Billion Passwords Leaked on Hacking Forum (lien direct) |
Une enquête CyberNews a révélé que près de 10 milliards de mots de passe uniques ont été publiés sur un forum de piratage populaire, ce qui met les utilisateurs du monde entier en danger de compromis de compte
A Cybernews investigation found that nearly 10 billion unique passwords have been posted on a popular hacking forum, putting users worldwide at risk of account compromises |
|||
|
2024-07-08 09:24:04 | OpenAI : ce que l\'on sait du piratage de la messagerie interne (lien direct) | Le New York Times rapporte qu'un hacker s'est infiltré dans la messagerie interne d'OpenAI. Il aurait eu accès au contenu de discussions internes entre chercheurs et autres employés, mais pas au code source des LLM. | |||
|
2024-07-08 08:41:51 | Le service de détection et de réponse gérés de Sophos permet de transformer la transformation de la cybersécurité de GAC \\ Sophos Managed Detection and Response Service Empowers GAC\\'s Cybersecurity Transformation (lien direct) |
Le service de détection et de réponse gérés Sophos permet de transformer la transformation de la cybersécurité de Gac \\
-
nouvelles commerciales
Sophos Managed Detection and Response Service Empowers GAC\'s Cybersecurity Transformation - Business News |
|||
|
2024-07-08 08:34:26 | DSML : la clé dans la complémentarité des plates-formes ? (lien direct) | Gartner aborde le marché des plates-formes DSML sous l'angle de la complémentarité entre offres. Aperçu du paysage concurrentiel. | |||
 |
2024-07-08 08:19:00 | Présentation de la solution pCloud + grosse promo d\'été (lien direct) | — Article en partenariat avec pCloud — Salut les amis ! Aujourd’hui, on plonge dans l’univers du stockage en ligne avec pCloud, une alternative européenne aux géants comme Dropbox et Google Drive. Créé en Suisse en 2013, pCloud propose une solution de stockage en ligne simple, économique et sécurisée. Solution qui est, en … Suite | |||
|
2024-07-08 08:00:00 | Fortinet Named a Gartner Peer Insights™ Customers\' Choice for Endpoint Protection Platforms for the Second Year in a Row (lien direct) | Fortinet is again named a Gartner Peer Insights Customers' Choice. Learn more and hear what our customers have to say. | |||
 |
2024-07-08 07:00:33 | Cloudsorcerer & # 8211;Un nouvel apt ciblant les entités gouvernementales russes CloudSorcerer – A new APT targeting Russian government entities (lien direct) |
Kaspersky a découvert un nouveau nuageur approprié ciblant les entités gouvernementales russes et en utilisant les services cloud comme C2, tout comme l'acteur de CloudWizard.
Kaspersky discovered a new APT CloudSorcerer targeting Russian government entities and using cloud services as C2, just like the CloudWizard actor. |
Cloud | ||
|
2024-07-08 07:00:00 | Rallly ou comment planifier vos réunions facilement (lien direct) | Découvrez Rallly, un outil open source pour planifier efficacement vos réunions. Hébergez votre propre instance avec Docker et profitez de fonctionnalités avancées pour trouver le meilleur créneau pour tous les participants. |
To see everything:
