Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2018-11-16 02:53:03 |
Dridex/Locky Operators Unleash New Malware in Recent Attack (lien direct) |
The threat actor(s) behind many Dridex and Locky campaigns have been using a new Remote Access Trojan (RAT), Proofpoint security researchers warn.
|
Malware
Threat
|
|
|
|
2018-11-15 14:47:02 |
GreatHorn Expands Email Security Platform (lien direct) |
Waltham, MA-based GreatHorn has expanded its machine-learning phishing protection system into a complete email security platform. "This major new expansion of the Company's flagship solution," it announced on November 14, "addresses every potential stage of a phishing attack with integrated threat detection, protection, defense, and incident response."
|
Threat
|
|
|
|
2018-11-14 17:06:00 |
Chinese Hackers Target UK Engineering Company: Report (lien direct) |
Recent attacks on an engineering company in the United Kingdom were attributed to a China-related cyber-espionage group despite the use of techniques usually associated with Russian threat actors.
|
Threat
|
|
|
|
2018-11-14 07:14:01 |
(Déjà vu) APT Group Uses Windows Zero-Day in Middle East Attacks (lien direct) |
A Windows zero-day vulnerability addressed this week by Microsoft with its November 2018 Patch Tuesday updates has been exploited by an advanced persistent threat (APT) group in attacks aimed at entities in the Middle East.
|
Threat
|
|
|
|
2018-11-13 16:24:01 |
Sophisticated Cyberattack Targets Pakistani Military (lien direct) |
A previously undisclosed threat actor is targeting nuclear-armed government and military in Pakistan as part of a new, unusually complex espionage campaign, Cylance security researchers warn.
|
Threat
|
|
|
|
2018-11-09 06:16:04 |
Adobe ColdFusion Vulnerability Exploited in the Wild (lien direct) |
A recently patched remote code execution vulnerability affecting the Adobe ColdFusion web application development platform has been exploited in the wild by one or more threat groups, Volexity warned on Thursday.
|
Vulnerability
Threat
|
|
|
|
2018-11-05 10:35:05 |
ICS Devices Vulnerable to Side-Channel Attacks: Researcher (lien direct) |
Side-channel attacks can pose a serious threat to industrial control systems (ICS), a researcher warned last month at SecurityWeek's ICS Cyber Security Conference in Atlanta, GA.
|
Threat
|
|
|
|
2018-10-23 19:22:00 |
Fortinet Tackles Insider Threats with ZoneFox Acquisition (lien direct) |
Cybersecurity solutions provider Fortinet today announced that it has completed the acquisition of insider threat detection and response company ZoneFox.
|
Threat
|
|
|
|
2018-10-16 08:58:03 |
Russia-Linked Hackers Target Diplomatic Entities in Central Asia (lien direct) |
Cybersecurity companies have been monitoring the activities of a threat group that focuses on espionage campaigns aimed at diplomatic entities in Central Asia.
|
Threat
|
|
|
|
2018-10-15 12:52:04 |
Collection Strategies: The Key Differentiator Among Threat Intelligence Vendors (lien direct) |
The outcome of an intelligence operation depends largely on the data that fuels it. Even the most sophisticated operation will fail to produce intelligence of value of its data is not also of value. This concept highlights the biggest differentiator and most important factor to consider when choosing a threat intelligence vendor: data source coverage and, more specifically, collection strategy.
|
Threat
|
|
|
|
2018-10-11 19:09:05 |
Hackers Exploit Drupalgeddon2 to Install Backdoor (lien direct) |
A threat actor was observed targeting Drupal vulnerabilities patched earlier this year to install a backdoor on compromised servers, IBM reports.
|
Threat
|
|
★★
|
|
2018-10-10 18:06:02 |
MuddyWater Threat Actor Expands Targets List (lien direct) |
The MuddyWater cyber-espionage campaign was observed using spear-phishing emails to target entities in more countries, Kaspersky Lab reports.
|
Threat
|
|
|
|
2018-10-10 06:50:03 |
Windows Zero-Day Exploited in Attacks Aimed at Middle East (lien direct) |
One of the vulnerabilities patched by Microsoft with its latest Patch Tuesday updates is a Windows zero-day exploited by an advanced persistent threat (APT) group in attacks aimed at entities in the Middle East.
|
Threat
|
|
|
|
2018-10-09 20:07:00 |
Microsoft Patches Windows Zero-Day Exploited by \'FruityArmor\' Group (lien direct) |
Microsoft's Patch Tuesday updates for October 2018 resolve nearly 50 vulnerabilities, including a Windows zero-day flaw exploited by an advanced persistent threat (APT) actor known as FruityArmor.
|
Threat
|
|
|
|
2018-10-04 15:08:01 |
Improving Security Operations Through Collaboration (lien direct) |
Many CISOs I speak with are growing weary of searching for the next “silver bullet” security technology or another threat feed to improve their security posture. Clearly, this approach hasn't worked.
|
Threat
|
|
|
|
2018-10-04 14:45:01 |
DHS Warns of Attacks on Managed Service Providers (lien direct) |
The United States Department of Homeland Security (DHS) this week issued an alert on ongoing activity from an advanced persistent threat (APT) actor targeting global managed service providers (MSPs).
|
Threat
|
|
|
|
2018-10-04 09:06:05 |
UK, Australia Blame Russia for Bad Rabbit, Other Attacks (lien direct) |
The United Kingdom and Australia have officially blamed Russia for several high profile attacks, including the Bad Rabbit ransomware campaign.
A statement published by the U.K. government on Wednesday reveals that the country's National Cyber Security Centre (NCSC) has linked several cyber threat actors to Russia's GRU military intelligence service.
|
Ransomware
Threat
|
|
|
|
2018-10-03 19:42:00 |
North Korean Attacks on Banks Attributed to \'APT38\' Group (lien direct) |
A report published on Wednesday by FireEye details the activities of a financially motivated threat actor believed to be operating on behalf of the North Korean government.
|
Threat
|
APT 38
|
|
|
2018-09-19 15:13:00 |
Click2Gov Attacks on U.S. Cities Attributed to Previously Unknown Group (lien direct) |
A previously unknown financially motivated threat group is believed to be behind a series of attacks whose goal was to obtain payment card data from U.S. cities relying on Click2Gov software for utility bill payments.
|
Threat
|
|
|
|
2018-09-18 19:55:04 |
Fidelis Cybersecurity Raises $25 Million (lien direct) |
Fidelis Cybersecurity, a Bethesda, MD-based company that provides automated threat detection and response solutions, on Tuesday announced that it secured a $25 million growth capital investment.
|
Threat
|
|
|
|
2018-09-14 17:23:01 |
China-linked APT10 Hackers Update Attack Techniques (lien direct) |
Recently attacks launched by the China-linked threat actor APT10 against the Japanese media sector revealed the use of updated tactics, techniques and procedures (TTPs), FireEye says.
|
Threat
|
APT 10
|
|
|
2018-09-13 17:39:01 |
Breach Trends and Tips From Visa Threat Intelligence Exec Glen Jones (lien direct) |
Macy's, Adidas, Panera Bread and Chili's. These are just a few of the retailers and merchants who made headline news in the last few months when they became victims of cyberattacks that put payment card data and other personally identifiable information (PII) at risk for thousands of customers.
|
Threat
|
|
|
|
2018-09-13 15:52:02 |
Barrage of Mobile Fraud Attacks Will Increase (lien direct) |
Mobile, as a financial fraud threat vector, is growing dramatically. Fifty-eight percent of digital transactions now originate from mobile devices, and one-third of attacks are via mobile.
|
Threat
|
|
|
|
2018-09-11 19:55:00 |
Microsoft Patches Windows Zero-Day Disclosed via Twitter (lien direct) |
Microsoft's Patch Tuesday updates for September 2018 address over 60 vulnerabilities, including a zero-day disclosed by a researcher and exploited shortly after by a threat actor.
|
Threat
|
|
|
|
2018-09-07 09:00:01 |
Opsec Mistakes Allowed U.S. to Link North Korean Man to Hacks (lien direct) |
A 34-year-old North Korean national has been charged by U.S. authorities over his alleged involvement in the cyberattacks carried out by the Lazarus Group. An affidavit filed by an FBI special agent reveals how investigators linked the man to the notorious threat actor.
|
Threat
Medical
|
APT 38
|
|
|
2018-09-06 14:28:05 |
Preventing the Other Kind of Hack Back (lien direct) |
There has been endless discussion among security professionals about the ethics, propriety, legality, and effectiveness of corporations “hacking back” against attackers. On the other hand, there is no hesitation on the part of attackers to hack back against threat intelligence researchers who are investigating them.
|
Hack
Threat
|
|
|
|
2018-09-05 15:08:02 |
Windows Zero-Day Exploited in Targeted Attacks by \'PowerPool\' Group (lien direct) |
A threat group tracked by security firm ESET as “PowerPool” has been exploiting a Windows zero-day vulnerability to elevate the privileges of a backdoor in targeted attacks.
|
Vulnerability
Threat
|
|
|
|
2018-09-05 02:18:02 |
GOBLIN PANDA Targets Vietnam Again (lien direct) |
CrowdStrike security researchers have observed renewed activity associated with GOBLIN PANDA, a threat actor mainly targeting entities in Southeast Asia.
|
Threat
|
|
|
|
2018-09-04 14:38:01 |
Automating in Security With Intelligence (lien direct) |
No Automated Tool is Capable of Providing the Full Context in Which a Threat Was Developed and Deployed
|
Tool
Threat
|
|
|
|
2018-08-31 12:34:04 |
Researchers Draw Connections Between APTs (lien direct) |
A newly discovered threat group shares similarities with three advanced persistent threats (APTs), Trend Micro security researchers have discovered.
|
Threat
|
|
|
|
2018-08-28 14:07:03 |
Critical Apache Struts Vulnerability Exploited in Live Attacks (lien direct) |
A Critical remote code execution vulnerability in Apache Struts 2 that was patched last week is already being abused in malicious attacks, threat intelligence firm Volexity warns.
|
Vulnerability
Threat
|
|
★★
|
|
2018-08-27 15:54:02 |
NIST\'s New Advice on Medical IoT Devices (lien direct) |
Medical infusion pumps, which deliver medications to patients, are archetypal examples of the expanding threat surface being delivered by connected devices. Connecting these pumps to clinical systems can improve healthcare delivery, but if not properly secured could endanger the patient and expose the health delivery organization (HDO) infrastructure to intrusion.
|
Threat
|
|
|
|
2018-08-27 15:04:05 |
"Evil Internet Minute" Report Shows Scale of Malicious Online Activity (lien direct) |
Every day, cyber threat intelligence firm RiskIQ hoovers up terabytes of internet data. It concentrates on the internet infrastructure and how it functions, gathering up domains, IP addresses, email addresses and web page materials. It does this on behalf of its customers.
|
Threat
|
|
|
|
2018-08-16 20:20:00 |
ESET Launches New Enterprise Security Tools (lien direct) |
ESET on Thursday announced the general availability of a new line of enterprise security solutions that include endpoint detection and response (EDR), forensic investigation, threat monitoring, sandbox, and management tools.
|
Threat
|
|
|
|
2018-08-16 10:26:04 |
Profile of a Threat Hunter (lien direct) |
"The history of the bow and arrow is the history of mankind." – Fred Bear
|
Threat
|
|
|
|
2018-08-09 19:34:03 |
Researchers Say Code Reuse Links North Korea\'s Malware (lien direct) |
Following trails of reused code, security researchers at Intezer and McAfee have uncovered new links between malware families attributed to North Korean threat groups and tracked most of the samples to the infamous |
Malware
Threat
|
APT 38
|
|
|
2018-08-09 13:39:00 |
Flaws in Siemens Tool Put ICS Environments at Risk (lien direct) |
Serious vulnerabilities discovered by researchers in Siemens' TIA Portal for SIMATIC STEP7 and SIMATIC WinCC can be exploited by threat actors for lateral movement and other purposes in ICS environments.
|
Tool
Threat
|
|
★★★
|
|
2018-08-09 02:58:00 |
DarkHydrus Uses Open Source Phishery Tool in Middle-East Attacks (lien direct) |
The recently detailed DarkHydrus threat group is leveraging the open-source Phishery tool to create malicious documents used in attacks on government entities in the Middle East, Palo Alto Networks warns.
|
Tool
Threat
|
|
|
|
2018-07-31 12:23:04 |
Mimecast Acquires Threat Detection Startup Solebit for $88 Million (lien direct) |
Email and data security firm Mimecast (NASDAQ: MIME) announced on Tuesday that it has acquired threat detection firm Solebit for approximately $88 million net of cash acquired.
|
Threat
|
|
|
|
2018-07-30 12:52:05 |
DMARC Fully Implemented by Half of U.S. Government Agencies (lien direct) |
More than half of U.S. government agencies have fully implemented the DMARC email security standard in response to a binding operational directive from the Department of Homeland Security, according to email threat protection company Agari.
|
Threat
|
|
|
|
2018-07-20 13:55:02 |
DOJ Cybersecurity Task Force Outlines Plans for Protecting Elections (lien direct) |
The U.S. Justice Department's Cyber-Digital Task Force made public its first report on Thursday, covering the threat to elections, cybercrime schemes, and various other topics.
|
Threat
|
|
|
|
2018-07-11 16:15:02 |
AT&T to Acquire Threat Management Firm AlienVault (lien direct) |
AT&T on Tuesday said it would acquire San Mateo, Calif.-based threat management and intelligence firm AlienVault for an undisclosed sum.
|
Threat
|
|
|
|
2018-07-09 19:55:03 |
New Attacks on Palestine Linked to \'Gaza Cybergang\' (lien direct) |
The Gaza Cybergang, an advanced persistent threat (APT) group linked to the Palestinian terrorist organization Hamas, apparently continues to target organizations in the Middle East, researchers at Check Point revealed last week.
|
Threat
|
|
|
|
2018-07-02 11:46:04 |
Insider Threat: Common Myths and Misconceptions (lien direct) |
Insider threat is a growing area of concern and confusion among security practitioners. Typically accustomed to concentrating their resources on combating external threats, many security teams are eager yet unsure of how to combat threats that arise internally. This uncertainty, unfortunately, is often exacerbated by numerous common myths and misconceptions about insider threat, some of which include:
|
Threat
|
|
|
|
2018-06-28 14:27:00 |
Threat Detection Firm Cynet Raises $13 Million (lien direct) |
Threat detection and response company Cynet on Wednesday announced that it raised $13 million in a Series B funding round, which brings the total raised to date to $20 million.
|
Threat
|
|
|
|
2018-06-28 12:56:02 |
Identity-based Threat Detection Preempt Raises $17.5 Million (lien direct) |
San Francisco, Calif (HQ) and Ramat Gan, Israel (R&D) threat prevention firm Preempt has raised $17.5 million in a Series B funding round supported by ClearSky, Blackstone, Intel Capital and General Catalyst. The total raised by Preempt now stands at $27.5 million, having raised $2 million as seed funding in 2014, and $8 million in a Series A round in 2016.
|
Threat
|
|
|
|
2018-06-27 17:08:01 |
Cyber-Espionage Campaigns Target Tibetan Community in India (lien direct) |
Two cyberespionage campaigns targeting the Tibetan community based in India appear to be the work of Chinese threat actors, a new Recorded Future report reveals.
|
Threat
|
|
|
|
2018-06-27 04:50:05 |
Cisco ASA Flaw Exploited in DoS Attacks (lien direct) |
Cisco has informed users that a recently patched vulnerability affecting its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software has been exploited in denial-of-service (DoS) attacks.
|
Vulnerability
Threat
|
|
|
|
2018-06-26 06:00:02 |
FireEye Denies Hacking Back Against Chinese Cyberspies (lien direct) |
In his latest book, New York Times correspondent David Sanger describes how cybersecurity firm Mandiant hacked into the devices of Chinese cyberspies during its investigation into the threat group known as APT1.
|
Threat
|
|
|
|
2018-06-22 14:38:05 |
How to Shed the Security Operations Doldrums (lien direct) |
Automating Threat Intelligence Prioritization Allows You to Proactively Deploy Appropriate Intelligence to the Right Tools
|
Threat
|
|
|