Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-04-19 21:40:00 |
Russian Fancy Bear APT a exploité les routeurs de Cisco non corrigés pour nous pirater, UE Gov \\ 't agences Russian Fancy Bear APT Exploited Unpatched Cisco Routers to Hack US, EU Gov\\'t Agencies (lien direct) |
Le groupe de menaces de scène nationale a déployé des logiciels malveillants personnalisés sur les versions archaïques du système d'exploitation du routeur de Cisco \\.Les experts préviennent que de telles attaques ciblant les infrastructures du réseau sont en augmentation.
The nation-stage threat group deployed custom malware on archaic versions of Cisco\'s router operating system. Experts warn that such attacks targeting network infrastructure are on the rise. |
Malware
Hack
Threat
|
APT 28
|
★★
|
|
2023-04-19 14:36:15 |
3 défauts, 1 Guerre a dominé le paysage cyber-menace en 2022 3 Flaws, 1 War Dominated Cyber-Threat Landscape in 2022 (lien direct) |
Les attaquants ont continué de favoriser les exploits de logiciels, le phishing et les références volées en tant que méthodes d'accès initial l'année dernière, alors que Log4J et le cyber-conflit Russie-Ukraine ont changé le paysage des menaces.
Attackers continued to favor software exploits, phishing, and stolen credentials as initial-access methods last year, as Log4j and the Russia-Ukraine cyber conflict changed the threat landscape. |
Threat
|
|
★★
|
|
2023-04-14 21:14:00 |
Les coupables de Solarwinds russes lancent un barrage frais de cyberattaques d'espionnage Russian SolarWinds Culprits Launch Fresh Barrage of Espionage Cyberattacks (lien direct) |
Le groupe de menaces derrière les attaques de la chaîne d'approvisionnement de Solarwinds est de retour avec de nouveaux outils pour espionner des responsables des pays de l'OTAN et de l'Afrique.
The threat group behind the SolarWinds supply-chain attacks is back with new tools for spying on officials in NATO countries and Africa. |
Threat
|
|
★★
|
|
2023-04-13 18:49:00 |
Spécialiste du super-yacht l & uuml; rssen dans un quai sèche après une attaque de ransomware Super-Yacht Specialist Lürssen in Dry Dock After Ransomware Attack (lien direct) |
L'attaque des ransomwares prouve que même les plus riches ne peuvent pas acheter leur immunité auprès des acteurs de la menace.
The ransomware attack proves that even the wealthiest cannot buy their immunity from threat actors. |
Ransomware
Threat
|
|
★★
|
|
2023-04-12 21:41:00 |
Lazarus Group \\ 'S \\' Deathnote \\ 'Cluster Pivots to Defense secteur Lazarus Group\\'s \\'DeathNote\\' Cluster Pivots to Defense Sector (lien direct) |
Habituellement axé sur les organisations de crypto-monnaie, l'acteur de menace a commencé à cibler les entreprises de défense dans le monde.
Usually focused on going after cryptocurrency organizations, the threat actor has begun targeting defense companies around the world. |
Threat
|
APT 38
|
★★
|
|
2023-04-12 18:33:00 |
Microsoft: acteur \\ 'quadream \\' de type NSO vendant des logiciels espions mobiles aux gouvernements Microsoft: NSO Group-Like \\'QuaDream\\' Actor Selling Mobile Spyware to Governments (lien direct) |
Des chercheurs de Microsoft ont découvert des liens entre un groupe de menaces suivis en tant que Dev-0196 et une société israélienne du secteur privé, Quadream, qui vend une plate-forme pour exfiltration de données des appareils mobiles.
Researchers at Microsoft have discovered links between a threat group tracked as DEV-0196 and an Israeli private-sector company, QuaDream, that sells a platform for exfiltrating data from mobile devices. |
Threat
|
|
★★
|
|
2023-04-11 22:09:00 |
Microsoft Patches 97 CVES, y compris les bogues zéro-jour et verbalables Microsoft Patches 97 CVEs, Including Zero-Day & Wormable Bugs (lien direct) |
La mise à jour de la sécurité du patch avril 2023 incluait également une réédition d'un correctif pour un bug de 10 ans qu'un acteur de menace a récemment exploité lors de l'attaque de la chaîne d'approvisionnement sur 3CX.
The April 2023 Patch Tuesday security update also included a reissue of a fix for a 10-year-old bug that a threat actor recently exploited in the supply chain attack on 3CX. |
Threat
|
|
★★★
|
|
2023-04-11 15:04:00 |
Les attaquants cachent Redline Stealer derrière Chatgpt, Google Bard Facebook Ads Attackers Hide RedLine Stealer Behind ChatGPT, Google Bard Facebook Ads (lien direct) |
La campagne lance l'infosteller de marchandises dans les fichiers OpenAI dans une pièce qui vise à profiter de l'intérêt public croissant pour les chatbots basés sur l'IA.
The campaign shrouds the commodity infostealer in OpenAI files in a play that aims to take advantage of the growing public interest in AI-based chatbots. |
Threat
|
ChatGPT
|
★★
|
|
2023-04-07 14:50:00 |
Les imprimantes représentent une menace persistante mais négligée Printers Pose Persistent Yet Overlooked Threat (lien direct) |
Les vulnérabilités dans le firmware et les pilotes de l'appareil soulignent comment les imprimantes ne peuvent pas être une technologie définie et obligées et doivent être gérées.
Vulnerabilities in the device firmware and drivers underscore how printers cannot be set-and-forget technology and need to be managed. |
Threat
|
|
★★
|
|
2023-04-04 05:27:00 |
\\ 'proxyjacking \\' Les cybercriminels exploitent log4j dans les attaques de nuages émergentes et lucratives \\'Proxyjacking\\' Cybercriminals Exploit Log4J in Emerging, Lucrative Cloud Attacks (lien direct) |
Le proxyjacking est une attaque émergente, à faible effort et à forte récompense pour les acteurs de la menace, avec un potentiel d'implications de grande envergure.
Proxyjacking is an emerging, low-effort and high-reward attack for threat actors, with the potential for far-reaching implications. |
Threat
Cloud
|
|
★★
|
|
2023-04-03 15:15:00 |
Quelle est la qualité de votre gestion avancée des menaces? How Good Is Your Advanced Threat Management? (lien direct) |
Qu'il s'agisse de protéger une institution financière ou un hôpital, tout le monde a besoin d'une stratégie efficace pour repousser les menaces glissantes comme celles qui se cachent en mémoire.
Whether protecting a financial institution or a hospital, everyone needs an effective strategy for fending off slippery threats like those that hide in memory. |
Threat
|
|
★★
|
|
2023-03-31 15:22:00 |
La fuite de livre de jeu Vulkan expose les plans de la Russie pour le cyber -war mondial [Vulkan Playbook Leak Exposes Russia\\'s Plans for Worldwide Cyberwar] (lien direct) |
Les services de renseignement russes, ainsi qu'une société informatique basée à Moscou, prévoient des opérations de piratage mondial qui permettront également des attaques contre des installations d'infrastructure critiques.
Russian intelligence services, together with a Moscow-based IT company, are planning worldwide hacking operations that will also enable attacks on critical infrastructure facilities. |
Threat
General Information
|
|
★★★
|
|
2023-03-30 20:15:00 |
Les fraudeurs BEC se développent pour arracher les produits du monde réel dans les produits de base [BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist] (lien direct) |
Les escroqueries par courrier électronique d'entreprise vont au-delà du simple vol d'argent, certains acteurs de menace trompant les entreprises pour envoyer des marchandises et du matériel à crédit, puis en sautant le paiement.
Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment. |
Threat
|
|
★★
|
|
2023-03-30 00:00:00 |
Spira vise la gestion de la posture de sécurité de l'identité [Spira Takes Aim at Identity Security Posture Management] (lien direct) |
L'ISPM est une combinaison de la gestion de la surface d'attaque d'identité et de la réduction des risques, ainsi que de la prévention, de la détection et de la réponse des menaces d'identité.
ISPM is a combination of identity attack surface management, and risk reduction, as well as identity threat prevention, detection, and response. |
Threat
|
|
★★
|
|
2023-03-29 21:24:00 |
Le talent de la technologie supérieure met en garde contre la menace de l'AI \\ pour l'existence humaine dans une lettre ouverte [Top Tech Talent Warns on AI\\'s Threat to Human Existence in Open Letter] (lien direct) |
Musk, Wozniak et Yang sont parmi plus d'un millier de chefs de technologie pour demander du temps pour établir des paramètres de sécurité humaine autour de l'IA.
Musk, Wozniak, and Yang are among more than a thousand tech leaders asking for time to establish human safety parameters around AI. |
Threat
|
|
★★
|
|
2023-03-29 19:05:00 |
Le phishing envoie un énorme 569% en 2022 [Phishing Emails Up a Whopping 569% in 2022] (lien direct) |
Les e-mails de phishing d'identification sont le favori clair des acteurs de la menace, avec un pic de 478% l'année dernière, selon de nouvelles recherches.
Credential phishing emails are the clear favorite of threat actors, with a 478% spike last year, new research shows. |
Threat
|
|
★★
|
|
2023-03-29 16:53:00 |
Google: des logiciels espions commerciaux utilisés par les gouvernements chargés d'exploits zéro-jours [Google: Commercial Spyware Used by Governments Laden With Zero-Day Exploits] (lien direct) |
Les chercheurs de Google Tag révèlent deux campagnes contre iOS, Android et les utilisateurs de Chrome qui démontrent comment le marché de la surveillance commerciale prospère malgré les limites imposées par le gouvernement.
Google TAG researchers reveal two campaigns against iOS, Android, and Chrome users that demonstrate how the commercial surveillance market is thriving despite government-imposed limits. |
Threat
Studies
|
|
★★
|
|
2023-03-28 21:00:00 |
MacStealer Malware Plucks Bushels of Data From Apple Users (lien direct) |
A novel cyber threat against macOS users is being sold for $100 a pop on the Dark Web, and activity is ramping up.
A novel cyber threat against macOS users is being sold for $100 a pop on the Dark Web, and activity is ramping up. |
Malware
Threat
|
|
★★
|
|
2023-03-28 17:05:00 |
Kimsuky de la Corée du Nord évolue en APT à part entière et prolifique [North Korea\\'s Kimsuky Evolves into Full-Fledged, Prolific APT] (lien direct) |
Dans les cyberattaques contre les États-Unis, la Corée du Sud et le Japon, le groupe (alias APT43 ou Thallium) utilise des tactiques avancées d'ingénierie sociale et de cryptomiminage qui le distinguent des autres acteurs de la menace.
In cyberattacks against the US, South Korea, and Japan, the group (aka APT43 or Thallium) is using advanced social engineering and cryptomining tactics that set it apart from other threat actors. |
Threat
Cloud
|
APT 37
APT 43
|
★★★★
|
|
2023-03-27 18:05:00 |
7 femmes menant la charge dans la recherche et l'analyse en cybersécurité [7 Women Leading the Charge in Cybersecurity Research & Analysis] (lien direct) |
Des étoiles montantes aux anciens combattants à la tête des équipes de recherche, consultez nos profils de femmes ayant un grand impact sur la cyber-défense à mesure que le paysage des menaces se développe.
From rising stars to veterans heading up research teams, check out our profiles of women making a big impact in cyber defense as the threat landscape expands. |
Threat
|
|
★★
|
|
2023-03-24 19:39:00 |
Zoom Zoom: \\ 'Dark Power \\' Ransomware extorque 10 cibles en moins d'un mois [Zoom Zoom: \\'Dark Power\\' Ransomware Extorts 10 Targets in Less Than a Month] (lien direct) |
Un nouvel acteur de menace accumule les victimes et fait preuve d'une agilité inhabituelle.Une partie de son succès pourrait provenir de l'utilisation du langage de programmation NIM.
A new threat actor is racking up victims and showing unusual agility. Part of its success could spring from the use of the Nim programming language. |
Ransomware
Threat
|
|
★★
|
|
2023-03-23 15:18:39 |
La méthode post-exploitation OKTA expose les mots de passe utilisateur [Okta Post-Exploitation Method Exposes User Passwords] (lien direct) |
La saisie accidentelle d'un mot de passe dans le champ de nom d'utilisateur de la plate-forme les économise pour auditer les journaux, auxquels les acteurs de menace peuvent accéder et utiliser pour compromettre les services d'entreprise.
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services. |
Hack
Threat
|
|
★★
|
|
2023-03-21 14:30:50 |
Personnalisé \\ 'napListener \\' malware un cauchemar pour la détection basée sur le réseau [Custom \\'Naplistener\\' Malware a Nightmare for Network-Based Detection] (lien direct) |
Les acteurs de la menace utilisent des actifs réseau légitimes et du code open source pour voler sous le radar dans les attaques de vol de données en utilisant un ensemble de logiciels malveillants personnalisés inclinés dans l'évasion.
Threat actors are using legitimate network assets and open source code to fly under the radar in data-stealing attacks using a set of custom malware bent on evasion. |
Malware
Threat
|
|
★★
|
|
2023-03-17 20:15:57 |
Microsoft Azure Warns on Killnet\'s Growing DDoS Onslaught Against Healthcare (lien direct) |
DDoS cyberattack campaigns from the pro-Russian group have spiked significantly. |
Threat
|
|
★★★
|
|
2023-03-17 13:41:55 |
Meta Proposes Revamped Approach to Online Kill Chain Frameworks (lien direct) |
A more holistic model beyond MITRE et al is needed to help defenders better identify and understand commonalities in different online threat campaigns, the Facebook parent company says. |
Threat
General Information
|
|
★★
|
|
2023-03-16 15:00:00 |
Rapid7 Acquires Minerva Labs to Extend Leading Managed Detection and Response Service (lien direct) |
Minerva's robust technology and talented engineering team extend Rapid7's end-to-end managed threat detection and orchestration capabilities from the endpoint to the cloud. |
Threat
|
|
★★
|
|
2023-03-15 19:37:00 |
Telerik Bug Exploited to Steal Federal Agency Data, CISA Warns (lien direct) |
An unpatched Microsoft Web server allowed multiple cybersecurity threat groups to steal data from a federal civilian executive branch. |
Data Breach
Threat
|
|
★★★
|
|
2023-03-13 19:56:00 |
Brand Names in Finance, Telecom, Tech Lead Successful Phishing Lures (lien direct) |
AT&T, PayPal, and Microsoft top the list of domains that victims visit following a link in a phishing email, as firms fight to prevent fraud and credential harvesting. |
Threat
|
|
★★★
|
|
2023-03-13 19:53:21 |
Hackers Lure Cybersecurity Researchers With Fake LinkedIn Recruiter Profiles (lien direct) |
Campaign demonstrates the DPRK-backed cyberattackers are gaining tools to avoid EDR tools. |
Threat
|
|
★★★
|
|
2023-03-10 21:49:07 |
Pig Butchering & Investment Scams: The $3B Cybercrime Threat Overtaking BEC (lien direct) |
A novel take on investment scams mixes romance and the lure of crypto riches to con targets out of "the whole hog" of their assets. |
Threat
|
|
★★★
|
|
2023-03-09 22:26:00 |
Forrester Study Reveals Businesses Are Insufficiently Prepared to Manage Enterprise Risks (lien direct) |
Study underscores the clear and pressing need for real-time physical and cyber threat alerts for effective enterprise risk management and business resilience. |
Threat
|
|
★★
|
|
2023-03-09 21:01:00 |
US Lawmakers Face Cyberattacks, Potential Physical Harm After DC Health Link Breach (lien direct) |
The threat actor who posted the data for sale has claimed credit for multiple other breaches, including one at grocery platform Weee! that exposed data on more than 1.1 million customers. |
Threat
|
|
★★
|
|
2023-03-09 16:56:00 |
Iranian APT Targets Female Activists With Mahsa Amini Protest Lures (lien direct) |
A top Iranian, state-sponsored threat is a spear-phishing campaign that uses a fake Twitter persona to target women interested in Iranian political affairs and human rights. |
Threat
|
|
★★
|
|
2023-03-08 22:14:00 |
Emotet Resurfaces Yet Again After 3-Month Hiatus (lien direct) |
More than two years after a major takedown by law enforcement, the threat group is once again proving just how impervious it is against disruption attempts. |
Threat
|
|
★★★
|
|
2023-03-08 17:31:00 |
Russian Influence Duo Targets Politicians, CEOs for Embarrassing Video Calls (lien direct) |
A state-backed threat actor impersonates political figures, tricking a prime minister, a former US president, and several European mayors and MPs into video calls later used in an anti-Ukraine influence campaign. |
Threat
|
|
★★★
|
|
2023-03-04 00:20:00 |
Rapid7 Brings Threat Intel Data to USF Cybersecurity Lab (lien direct) |
The Rapid7 Cyber Threat Intelligence Laboratory at the University of South Florida will provide data on real-world threats for faculty and students to use in their research. |
Threat
|
|
★★★
|
|
2023-03-02 18:24:00 |
What GoDaddy\'s Years-Long Breach Means for Millions of Clients (lien direct) |
The same "sophisticated" threat actor has pummeled the domain host on an ongoing basis since 2020, making off with customer logins, source code, and more. Here's what to do. |
Threat
|
|
★★★
|
|
2023-03-01 22:50:00 |
(Déjà vu) DoControl\'s 2023 SaaS Security Threat Landscape Report Finds Enterprises and Mid-Market Organizations Have Exposed Public SaaS Assets (lien direct) |
Volume of SaaS assets and events magnifies risks associated with manual management and remediation. |
Threat
Cloud
|
|
★
|
|
2023-02-24 20:50:00 |
Canadian Telecom Firm Telus Reportedly Investigating Breach (lien direct) |
A threat actor has leaked data - purportedly, samples of Telus employee payroll data and source code - on a hacker site. |
Threat
|
|
★★★
|
|
2023-02-23 19:54:00 |
Hydrochasma Threat Group Bombards Targets with Slew of Commodity Malware, Tools (lien direct) |
A previously unidentified threat group uses open source malware and phishing to conduct cyber-espionage on shipping and medical labs associated with COVID-19 treatments and vaccines. |
Malware
Threat
Medical
|
|
★★★
|
|
2023-02-23 19:30:07 |
Unanswered Questions Cloud the Recent Targeting of an Asian Research Org (lien direct) |
A novel threat group, utilizing new malware, is out in the wild. But the who, what, where, and why are yet to be determined, and there's evidence of a false-flag operation. |
Threat
|
|
★★★
|
|
2023-02-21 23:20:00 |
Malwarebytes Expands Platform With New Application Block Capabilities (lien direct) |
Latest threat prevention module helps resource-strapped security teams block unsafe, untrusted or vulnerable applications. |
Threat
|
|
★★★
|
|
2023-02-21 18:45:13 |
Cyberthreats, Regulations Mount for Financial Industry (lien direct) |
Nation-state adversaries, new reporting regulations, and a fast-paced threat landscape mean that financial services and technology firms need to bolster their security posture. |
Threat
|
|
★★
|
|
2023-02-21 15:00:00 |
Insider Threats Don\'t Mean Insiders Are Threatening (lien direct) |
By implementing tools that enable internal users to do their jobs efficiently and securely, companies reduce insider threat risk by building insider trust. |
Threat
|
|
★★
|
|
2023-02-20 14:00:00 |
Majority of Ransomware Attacks Last Year Exploited Old Bugs (lien direct) |
New research shows that 57 vulnerabilities that threat actors are currently using in ransomware attacks enable everything from initial access to data theft. |
Ransomware
Threat
|
|
★★★
|
|
2023-02-17 21:00:00 |
Google Translate Helps BEC Groups Scam Companies in Any Language (lien direct) |
BEC gangs Midnight Hedgehog and Mandarin Capybara show how online marketing and translation tools are making it easy for these threat groups to scale internationally. |
Threat
|
|
★★★
|
|
2023-02-16 22:10:00 |
Atlassian: Leaked Data Stolen via Third-Party App (lien direct) |
SiegedSec threat group leaked data that Atlassian says was taken from app used to coordinate in-office resources. |
Threat
|
|
★★★
|
|
2023-02-16 16:41:00 |
SideWinder APT Spotted Stealing Crypto (lien direct) |
The nation-state threat group has been attacking a wider range of victims and regions than previously thought. |
Threat
|
APT-C-17
|
★★
|
|
2023-02-14 15:27:00 |
ThreatConnect Closes 2022 with Accelerated Growth in Threat Intelligence Operations (TI Ops) (lien direct) |
The nation-state threat group has been attacking a wider range of victims and regions than previously thought. |
Threat
|
|
★★
|
|
2023-02-13 21:30:00 |
Accenture Acquires Morphus, Brazil-Based Cybersecurity Company (lien direct) |
Morphus's deep cybersecurity research expertise, cyber defense and threat intelligence services widen Accenture's cybersecurity footprint in Latin America. |
Threat
|
|
★★
|