Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2024-06-06 15:35:00 |
Le pirate éthique publie un outil pour exploiter Microsoft \\'s Rappel Ai, dit que ce n'est pas \\ 'Rocket Science \\' Ethical hacker releases tool to exploit Microsoft\\'s Recall AI, says it\\'s not \\'rocket science\\' (lien direct) |
Rappel AI n'a pas encore été lancé mais c'est déjà une cible.
Recall AI hasn\'t launched yet but it\'s already a target. |
Tool
Threat
|
|
★★
|
|
2024-05-16 15:23:29 |
Google corrige un autre exploit zéro-jour dans Chrome - et celui-ci affecte également le bord Google patches another zero-day exploit in Chrome - and this one affects Edge too (lien direct) |
Voici ce que les utilisateurs de Chrome et Edge doivent savoir - et faire - maintenant.
Here\'s what Chrome and Edge users need to know - and do - now. |
Vulnerability
Threat
|
|
★★
|
|
2024-05-10 16:17:00 |
Mettez à jour votre navigateur Chrome dès que possible.Google a confirmé un jour zéro exploité dans la nature Update your Chrome browser ASAP. Google has confirmed a zero-day exploited in the wild (lien direct) |
Un nouveau trou de sécurité Chrome JavaScript est méchant, alors ne perdez pas de temps à corriger vos systèmes.
A new Chrome JavaScript security hole is nasty, so don\'t waste any time patching your systems. |
Vulnerability
Threat
Patching
|
|
★★★
|
|
2024-05-10 08:13:00 |
Singapour met à jour le droit de la cybersécurité pour étendre la surveillance réglementaire Singapore updates cybersecurity law to expand regulatory oversight (lien direct) |
Les modifications du projet de loi sur la cybersécurité du pays visent à renforcer son administration au milieu des changements dans le paysage des menaces.
Amendments to the country\'s cybersecurity bill aim to bolster its administration amid changes in the threat landscape. |
Threat
|
|
★★
|
|
2024-05-07 18:26:23 |
Les chercheurs en sécurité disent que cet exploit effrayant pourrait rendre tous les VPN inutiles Security researchers say this scary exploit could render all VPNs useless (lien direct) |
Les VPN ne sont plus sûrs si ces chercheurs en sécurité ont raison.
VPNs are no longer safe if these security researchers are right. |
Threat
|
|
★★★
|
|
2024-02-08 00:46:00 |
3 millions de brosses à dents intelligentes n'ont pas été utilisées dans une attaque DDOS après tout, mais cela pourrait arriver 3 million smart toothbrushes were not used in a DDoS attack after all, but it could happen (lien direct) |
[MISE À JOUR] QUELLE \\ est Suivant, le fil dentaire infecté par les logiciels malveillants?Mais sérieusement: c'est un rappel que même les plus petits appareils de maison intelligente peuvent être une menace.Voici comment vous protéger.
[UPDATED] What\'s next, malware-infected dental floss? But seriously: It\'s a reminder that even the smallest smart home devices can be a threat. Here\'s how to protect yourself. |
Threat
|
|
★★★
|
|
2022-06-06 16:01:02 |
IBM acquires Randori to streamline threat detection, bolster XDR offerings (lien direct) |
The tech giant's latest purchase builds on the acquisition of ReaQta. |
Threat
|
|
|
|
2022-04-04 11:23:00 |
Borat RAT malware: a \'unique\' triple threat that is far from funny (lien direct) |
The malware combines remote access, spyware, and ransomware into one nasty package. |
Ransomware
Malware
Threat
|
|
|
|
2022-02-28 14:01:00 |
Ukraine security agencies warn of Ghostwriter threat activity, phishing campaigns (lien direct) |
CERT-UA warns of misinformation, phishing, and active assaults against Ukrainian organizations. |
Threat
|
|
|
|
2022-02-17 10:45:56 |
Microsoft warns of emerging \'ice phishing\' threat on blockchain, DeFi networks (lien direct) |
The firm says that the introduction of web3 may also bring with it unique forms of phishing. |
Threat
|
|
|
|
2022-02-02 13:00:01 |
Arid Viper hackers strike Palestine with political lures - and Trojans (lien direct) |
The threat group is suspected of being located in Gaza. |
Threat
|
APT-C-23
|
|
|
2022-01-19 17:00:02 |
Deloitte launches new SaaS cyber threat detection and response platform (lien direct) |
AWS, CrowdStrike, Exabeam, and Google Cloud Chronicle are operationalizing the new platform. |
Threat
|
Deloitte
|
|
|
2021-11-10 22:00:02 |
North Korean hackers target the South\'s think tanks through blog posts (lien direct) |
Responsibility for new attacks has been laid at the feet of the Kimsuky threat group. |
Threat
|
|
|
|
2021-11-08 07:58:13 |
Cybersecurity firms provide threat intel for Clop ransomware group arrests (lien direct) |
The crackdown was codenamed Operation Cyclone. |
Ransomware
Threat
|
|
|
|
2021-10-27 11:30:00 |
Meet Balikbayan Foxes: a threat group impersonating the Philippine gov\'t (lien direct) |
The gang is also taking advantage of COVID-19 to propagate Trojan malware. |
Threat
|
|
|
|
2021-09-17 09:06:46 |
Cyberattacks against the aviation industry linked to Nigerian threat actor (lien direct) |
The investigation began after a Microsoft tweet concerning AsyncRAT. |
Threat
|
|
|
|
2021-08-02 10:00:02 |
Ransomware operators love them: Key trends in the Initial Access Broker space (lien direct) |
In a threat actor's mind, take out the legwork, reap the proceeds of blackmail. |
Threat
|
|
|
|
2021-07-16 11:01:02 |
Toddler mobile banking malware surges across Europe (lien direct) |
The Android malware is a new and persistent threat to European citizens and banks alike. |
Malware
Threat
|
|
|
|
2021-06-29 12:00:00 |
IBM Kestrel threat hunting language granted to Open Cybersecurity Alliance (lien direct) |
The contribution is aimed at giving cybersecurity experts more time to conduct forensic activities. |
Threat
|
|
|
|
2021-06-24 10:00:00 |
One-click account takeover vulnerabilities in Atlassian domains patched (lien direct) |
Research was conducted in light of the increasing threat of supply-chain attacks. |
Threat
|
|
|
|
2021-05-25 11:00:00 |
Iranian hacking group Agrius pretends to encrypt files for a ransom, destroys it instead (lien direct) |
The relatively new threat group has been connected to attacks against Israeli targets. |
Threat
|
|
|
|
2021-05-19 09:00:03 |
This is how the Cobalt Strike penetration testing tool is being abused by cybercriminals (lien direct) |
Cobalt Strike is a popular tool with cybersecurity professionals. Unfortunately, it's also utilized by threat actors. |
Tool
Threat
|
|
|
|
2021-05-04 14:00:03 |
Three new malware families found in global finance phishing campaign (lien direct) |
Doubledrag, Doubledrop, and Doubleback are the work of “experienced” threat actors. |
Malware
Threat
|
|
|
|
2021-04-28 09:11:00 |
Microsoft mulls over tweaks to threat data, code-sharing scheme following Exchange Server debacle (lien direct) |
It has been suspected that exploit code used in the wave of attacks may have been sourced from the program. |
Threat
|
|
|
|
2021-04-27 08:54:35 |
Adobe releases open source \'one-stop shop\' for security threat, data anomaly detection (lien direct) |
The project is focused on data processing efficiency and improving threat log data analysis. |
Threat
|
|
|
|
2021-03-30 11:11:00 |
Department of Homeland Security email accounts exposed in SolarWinds hack (lien direct) |
Reports suggest Russian threat groups accessed DHS emails during the SolarWinds fiasco. |
Hack
Threat
|
|
|
|
2021-03-25 13:00:04 |
Cloudflare launches Page Shield to thwart Magecart card skimming attacks (lien direct) |
Magecart attacks remain a prolific threat to the security of our financial data. |
Threat
|
|
|
|
2021-03-24 10:05:30 |
Microsoft: 92% of vulnerable exchange servers are now patched, mitigated (lien direct) |
The latest telemetry suggests IT admins are taking the threat seriously. |
Threat
|
|
|
|
2021-03-08 14:00:05 |
Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks (lien direct) |
SolarWinds servers are being exploited to deploy the malicious .NET web shell. |
Malware
Threat
|
|
|
|
2021-02-11 11:00:04 |
Android spyware strains linked to state-sponsored Confucius threat group (lien direct) |
Hornbill and SunBird are being used to stalk and steal the data of Pakistani nationals. |
Threat
|
|
|
|
2021-02-10 05:40:02 |
Microsoft warns enterprises of new \'dependency confusion\' attack technique (lien direct) |
New "dependency confusion" technique, also known as a "substitution attack," allows threat actors to sneak malicious code inside private code repositories by registering internal library names on public package indexes. |
Threat
|
|
|
|
2021-02-08 11:01:52 |
Domestic Kitten hacking group strikes local citizens considered a threat to Iranian regime (lien direct) |
FurBall spyware pretends to be everything from a security app to screen wallpapers. |
Threat
|
|
|
|
2021-01-28 13:10:20 |
Pirated themes and plugins are the most widespread threat to WordPress sites (lien direct) |
Wordfence says it found malware originating from a pirated WordPress theme or plugin on 206,000 sites, accounting for over 17% of all infected sites. |
Malware
Threat
|
|
|
|
2021-01-26 14:00:48 |
Cybercriminals use deceased staff accounts to spread Nemty ransomware (lien direct) |
Researchers explore how 'ghost' accounts can become targets for threat actors. |
Ransomware
Threat
|
|
★★
|
|
2021-01-12 10:30:03 |
Colombian energy, metal firms under fire in new Trojan attack wave (lien direct) |
Threat actors have selected three different Trojans to conduct cyberespionage. |
Threat
|
|
|
|
2021-01-08 21:36:00 |
CISA: SolarWinds hackers also used password guessing to breach targets (lien direct) |
CISA says the threat actor behind the SolarWinds hack also used password guessing and password spraying to breach targets, not just trojanized updates. |
Hack
Threat
|
|
|
|
2020-12-18 17:30:09 |
FBI & Interpol disrupt Joker\'s Stash, the internet\'s largest carding marketplace (lien direct) |
Four threat intel firms, Digital Shadows, Intel 471, Gemini Advisory, and Kela, said the disruption was temporary. |
Threat
|
|
|
|
2020-11-21 08:00:03 |
Botnets have been silently mass-scanning the internet for unsecured ENV files (lien direct) |
Threat actors are looking for API tokens, passwords, and database logins usually stored in ENV files. |
Threat
|
|
|
|
2020-11-11 18:32:18 |
Recent ransomware wave targeting Israel linked to Iranian threat actors (lien direct) |
Israeli companies have seen an uptick in attacks and successful infections with the Pay2Key and WannaScream ransomware. |
Ransomware
Threat
|
|
|
|
2020-11-03 10:17:28 |
FireEye releases ThreatPursuit, a Windows VM for threat intel analysts (lien direct) |
ThreatPursuit VM comes packed with more than 50 tools threat intelligence analysts use to hunt adversaries. |
Threat
|
|
|
|
2020-10-21 05:00:05 |
MobileIron enterprise MDM servers under attack from DDoS gangs, nation-states (lien direct) |
Threat actors range from DDoS botnets to Chinese state-sponsored hacking groups. |
Threat
|
|
|
|
2020-10-07 06:55:03 |
ZeroFOX acquires Cyveillance threat intelligence business from LookingGlass (lien direct) |
The deal focuses on improving threat intelligence features on the ZeroFOX platform. |
Threat
|
|
|
|
2020-10-06 12:00:03 |
FireEye\'s Mandiant debuts new SaaS threat intelligence suite (lien direct) |
The threat intelligence solution is the first of many planned to augment global security teams. |
Threat
|
|
|
|
2020-09-22 15:00:00 |
Microsoft renames and unifies more products under Microsoft Defender brand (lien direct) |
Microsoft Threat Protection, Defender ATP, Azure Security Center, and others brought under the Microsoft Defender umbrella brand. |
Threat
|
|
|
|
2020-09-21 12:02:22 |
Code execution, defense evasion are top tactics used in critical attacks against corporate endpoints (lien direct) |
Cisco examines MITRE ATT&CK data to suggest the threat vectors enterprise security staff should focus their efforts on. |
Threat
|
|
|
|
2020-09-15 15:33:25 |
MITRE releases emulation plan for FIN6 hacking group, more to follow (lien direct) |
New MITRE project to provide free emulation plans that mimic major threat actors in order to train and help defenders. |
Threat
|
|
|
|
2020-09-07 01:12:00 |
Most cyber-security reports only focus on the cool threats (lien direct) |
Academics: Only 82 of the 629 commercial cyber-security reports (13%) published in the last decade discuss a threat to civil society, with the rest focusing on cybercrime, nation-state hackers, economic espionage. |
Threat
|
|
|
|
2020-09-02 09:30:08 |
New KryptoCibule Windows malware is a triple threat for cryptocurrency users (lien direct) |
The malware has been active since late 2018 and has targeted users in the Czech Republic and Slovakia primarily (for now). |
Malware
Threat
|
|
|
|
2020-08-05 17:26:55 |
Black Hat: How your pacemaker could become an insider threat to national security (lien direct) |
Implanted medical devices are an overlooked security challenge that is only going to increase over time. |
Threat
|
|
|
|
2020-07-04 20:20:00 |
Hackers are trying to steal admin passwords from F5 BIG-IP devices (lien direct) |
Threat actors have already started exploiting the F5 BIG-IP mega-bug, three days after it was disclosed. |
Threat
|
|
|