What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-05-09 14:12:29 | Le package NPM de l'outil de grattage populaire \\ compromis dans l'attaque de la chaîne d'approvisionnement Popular Scraping Tool\\'s NPM Package Compromised in Supply Chain Attack (lien direct) |
Attaque de la chaîne d'approvisionnement compromet le package NPM Rand-User-Agent populaire pour déployer et activer une porte dérobée.
Supply chain attack compromises the popular rand-user-agent NPM package to deploy and activate a backdoor. |
Tool | ★★ | |
|
2025-04-17 10:40:00 | Mises à jour chinoises de Mustang Panda, élargit l'arsenal Chinese APT Mustang Panda Updates, Expands Arsenal (lien direct) |
> Le groupe chinois parrainé par l'État Mustang Panda a utilisé de nouveaux outils malveillants à jour dans une récente attaque.
>The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack. |
Tool | ★★★ | |
|
2025-04-09 17:49:35 | Google cible la surcharge SOC avec des outils d'analyse automatisés d'alerte AI et de logiciels malveillants Google Targets SOC Overload With Automated AI Alert and Malware Analysis Tools (lien direct) |
> Google prévoit de libérer des agents d'IA automatisés dans des SOC sur-surlagées pour réduire la charge de travail manuelle pour les enquêteurs de cybersécurité.
>Google plans to unleash automated AI agents into overtaxed SOCs to reduce the manual workload for cybersecurity investigators. |
Malware Tool | ★★★ | |
|
2025-03-27 12:31:53 | Les groupes de ransomwares adoptent de plus en plus les outils EDR Killer Ransomware Groups Increasingly Adopting EDR Killer Tools (lien direct) |
> ESET découvre un lien entre RansomHub, Play, Medusa et Bianlian Ransomware Gangs car de plus en plus de groupes adoptent des outils pour désactiver le logiciel EDR.
>ESET uncovers a link between RansomHub, Play, Medusa, and BianLian ransomware gangs as more groups adopt tools to disable EDR software. |
Ransomware Tool | ★★★ | |
|
2025-03-18 11:45:18 | Western Alliance Bank révèle la violation des données liée à Cleo Hack Western Alliance Bank Discloses Data Breach Linked to Cleo Hack (lien direct) |
> Les informations personnelles de 22 000 clients de la Western Alliance Bank ont été volées dans une violation de données liée au piratage de l'outil de transfert de fichiers CLEO. par CL0P.
>The personal information of 22,000 Western Alliance Bank customers was stolen in a data breach linked to Cl0p\'s hacking of the Cleo file transfer tool. |
Data Breach Hack Tool | ★★ | |
|
2025-03-12 15:18:03 | Un guide des investissements en sécurité: l'anatomie d'une cyberattaque A Guide to Security Investments: The Anatomy of a Cyberattack (lien direct) |
> Les organisations doivent reconnaître que la sécurité ne concerne pas le nombre d'outils déployés, il s'agit de garantir que ces outils perturbent efficacement la chaîne d'attaque à chaque étape.
>Organizations must recognize that security is not about the number of tools deployed, it is about ensuring those tools effectively disrupt the attack chain at every stage. |
Tool | ★★ | |
|
2025-02-28 20:20:54 | Amnesty révèle l'exploit Android Cellebrite Zero-Day sur un militant étudiant serbe Amnesty Reveals Cellebrite Zero-Day Android Exploit on Serbian Student Activist (lien direct) |
> Amnesty International publie des détails techniques sur les vulnérabilités zéro jour exploitées par les outils médico-légaux mobiles de Cellebrite \\ pour espionner un militant étudiant serbe.
>Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite\'s mobile forensic tools to spy on a Serbian student activist. |
Tool Vulnerability Threat Mobile Technical | ★★★ | |
|
2025-02-19 12:00:00 | Free Diagram Tool Aids Management of Complex ICS/OT Cybersecurity Decisions (lien direct) | >Admeritia has launched Cyber Decision Diagrams, a free tool designed to help organizations manage complex decisions related to ICS/OT cybersecurity.
>Admeritia has launched Cyber Decision Diagrams, a free tool designed to help organizations manage complex decisions related to ICS/OT cybersecurity. |
Tool Industrial | ★★ | |
|
2025-02-14 13:02:32 | In Other News: $10,000 YouTube Flaw, Cybereason CEO Sues Investors, New OT Security Tool (lien direct) | >Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool.
>Noteworthy stories that might have slipped under the radar: Google pays $10,000 bug bounty for YouTube vulnerability, Cybereason CEO sues two investors, Otorio launches new OT security tool. |
Tool Vulnerability Industrial | ★★★ | |
|
2025-02-04 11:00:00 | Vulnerability Patched in Android Possibly Exploited by Forensic Tools (lien direct) | >The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.
>The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. |
Tool Vulnerability Mobile | ★★★ | |
|
2024-09-13 17:45:39 | Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor accès au noyau Windows Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel (lien direct) |
> Microsoft réorganise la façon dont les outils anti-malware interagissent avec le noyau Windows pour éviter une autre catastrophe de mise à jour défectueuse.
>Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. |
Tool | ★★ | |
|
2024-09-10 13:12:52 | L'étude trouve une utilisation excessive d'outils d'accès à distance dans des environnements OT Study Finds Excessive Use of Remote Access Tools in OT Environments (lien direct) |
> L'utilisation excessive d'outils d'accès à distance dans les environnements OT peut augmenter la surface d'attaque, compliquer la gestion de l'identité et entraver la visibilité.
>The excessive use of remote access tools in OT environments can increase the attack surface, complicate identity management, and hinder visibility. |
Tool Studies Industrial | ★★★ | |
|
2024-06-20 15:15:55 | Cyber Assaut de décennie sur les télécommunications asiatiques a été retracée aux pirates d'État chinois Decade-Long Cyber Assault on Asian Telecoms Traced to Chinese State Hackers (lien direct) |
> Une campagne d'espionnage de plusieurs années a ciblé les entreprises de télécommunications en Asie avec des outils associés aux groupes chinois.
>A years-long espionage campaign has targeted telecoms companies in Asia with tools associated with Chinese groups. |
Tool | ★★★ | |
|
2024-06-13 13:00:00 | Vulnérabilités critiques facilement exploitantes trouvées dans les outils d'IA / ML open source Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools (lien direct) |
> Protéger les avertissements d'IA d'une douzaine de vulnérabilités critiques dans les outils d'IA / ML open source signalés via son programme de primes de bogue.
>Protect AI warns of a dozen critical vulnerabilities in open source AI/ML tools reported via its bug bounty program. |
Tool Vulnerability | ★★★ | |
|
2024-06-06 11:37:41 | Interpol et le FBI rompent un programme cyber en Moldavie pour obtenir l'asile pour les criminels recherchés Interpol and FBI Break Up a Cyber Scheme in Moldova to Get Asylum for Wanted Criminals (lien direct) |
> Une opération multinationale par Interpol et le FBI ont réprimé les tentatives de Moldavie pour saboter l'un des outils clés de l'agence de police internationale, le système de préavis rouge.
>A multinational operation by Interpol and the FBI cracked down on attempts in Moldova to sabotage one of the international police agency\'s key tools, the Red Notice system. |
Tool Legislation | ★★★ | |
|
2024-06-03 07:35:37 | Secrets exposés dans un piratage de visage étreint Secrets Exposed in Hugging Face Hack (lien direct) |
> La plate-forme de développement d'outils AI Hugging Face a détecté un piratage d'espaces qui a entraîné l'exposition de secrets.
>AI tool development platform Hugging Face has detected a Spaces hack that resulted in the exposure of secrets. |
Hack Tool | ★★ | |
|
2024-05-22 13:24:31 | Aux États-Unis pour investir 50 millions de dollars dans la sécurisation des hôpitaux contre les cybermenaces US to Invest $50 Million in Securing Hospitals Against Cyber Threats (lien direct) |
> ARPA-H a annoncé un investissement de 50 millions de dollars dans des outils pour aider les équipes informatiques à mieux sécuriser les environnements hospitaliers.
>ARPA-H has announced a $50 million investment in tools to help IT teams better secure hospital environments. |
Tool | ★★ | |
|
2024-04-23 12:50:57 | Les cyberespaces russes livrent \\ 'gooseegg \\' malware aux organisations gouvernementales Russian Cyberspies Deliver \\'GooseEgg\\' Malware to Government Organizations (lien direct) |
APT28, lié à la Russie, déploie l'outil post-exploitation d'OeEEGG contre de nombreuses organisations américaines et européennes.
Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. |
Malware Tool | APT 28 | ★★★ |
|
2024-04-22 13:34:47 | La recherche montre comment les attaquants peuvent abuser des produits de sécurité EDR Research Shows How Attackers Can Abuse EDR Security Products (lien direct) |
> Les vulnérabilités dans les réseaux Palo Alto Cortex XDR ont permis à un chercheur en sécurité de le transformer en un outil offensif malveillant.
>Vulnerabilities in Palo Alto Networks Cortex XDR allowed a security researcher to turn it into a malicious offensive tool. |
Tool | ★★ | |
|
2024-04-11 15:17:48 | La violation des données SISENSE déclenche une alerte CISA et des appels urgents pour les réinitialités des informations d'identification Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets (lien direct) |
> Le gouvernement américain émet une alerte rouge pour ce qui semble être une violation massive de la chaîne d'approvisionnement à Sissen, une entreprise qui vend des outils d'analyse de grosses données.
>The US government issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics tools. |
Data Breach Tool | ★★ | |
|
2024-03-25 11:43:55 | Les meilleurs développeurs Python piratés dans une attaque de chaîne d'approvisionnement sophistiquée Top Python Developers Hacked in Sophisticated Supply Chain Attack (lien direct) |
> Plusieurs développeurs Python sont infectés après le téléchargement du clone de malveillance de l'outil populaire Colorama.
>Multiple Python developers get infected after downloading malware-packed clone of the popular tool Colorama. |
Tool | ★★★ | |
|
2024-01-18 13:47:14 | Département de l'énergie à investir 30 millions de dollars dans des solutions de cybersécurité à l'énergie propre Energy Department to Invest $30 Million in Clean Energy Cybersecurity Solutions (lien direct) |
> Les organisations peuvent gagner jusqu'à 3 millions de dollars en financement fédéral pour les cyber outils qui garantissent l'infrastructure d'énergie propre.
>Organizations can earn up to $3 million in federal funding for cyber tools securing the clean energy infrastructure. |
Tool | ★★★ | |
|
2023-11-09 14:06:34 | \\ 'BLAZESTEALER \\' MALWORED INDUCTE \\'BlazeStealer\\' Malware Delivered to Python Developers Looking for Obfuscation Tools (lien direct) |
CheckMarx découvre une campagne malveillante ciblant les développeurs Python avec des logiciels malveillants qui prennent le contrôle de leurs systèmes.
Checkmarx uncovers a malicious campaign targeting Python developers with malware that takes over their systems. |
Malware Tool | ★★ | |
|
2023-10-27 14:12:11 | Advanced \\ 'stripedfly \\' malware avec 1 million d'infections montrent des similitudes avec les outils liés à la NSA Advanced \\'StripedFly\\' Malware With 1 Million Infections Shows Similarities to NSA-Linked Tools (lien direct) |
Le malware Stripedfly a des capacités de type APT, mais est resté inaperçu pendant cinq ans, se faisant passer pour un mineur de crypto-monnaie.
The StripedFly malware has APT-like capabilities, but remained unnoticed for five years, posing as a cryptocurrency miner. |
Malware Tool | ★★ | |
|
2023-09-05 14:23:42 | MITER et CISA publient un outil open source pour l'émulation d'attaque OT MITRE and CISA Release Open Source Tool for OT Attack Emulation (lien direct) |
> Mitre et CISA introduisent Caldera pour OT, une nouvelle extension pour aider les équipes de sécurité à imiter les attaques ciblant les systèmes de technologie opérationnelle.
>MITRE and CISA introduce Caldera for OT, a new extension to help security teams emulate attacks targeting operational technology systems. |
Tool Industrial | ★★★★ | |
|
2023-08-29 20:29:46 | Opération \\'Duck Hunt\\' : le logiciel malveillant Qakbot perturbé et 8,6 millions de dollars de crypto-monnaie saisis Operation \\'Duck Hunt\\': Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized (lien direct) |
>États-Unisles forces de l'ordre annoncent l'interruption de la célèbre opération de cybercriminalité Qakbot et la mise à disposition d'un outil de désinfection automatique pour 700 000 machines infectées.
>U.S. law enforcement announce the disruption of the notorious Qakbot cybercrime operation and the release of an auto-disinfection tool to 700,000 infected machines. |
Malware Tool | ★★ | |
|
2023-08-04 13:20:47 | Les acteurs de la menace abusent du tunnel Cloudflare pour un accès persistant, vol de données Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft (lien direct) |
> Les acteurs de menace ont été observés abusant de l'outil de tunnel de nuage de nuage open source.
>Threat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems. |
Tool Threat | ★★ | |
|
2023-05-18 11:44:32 | L'outil POC exploite la vulnérabilité Keepass non corrigée pour récupérer les mots de passe maîtres PoC Tool Exploits Unpatched KeePass Vulnerability to Retrieve Master Passwords (lien direct) |
Le chercheur publie un outil POC qui exploite la vulnérabilité Keepass non corrigée pour récupérer le mot de passe maître à partir de la mémoire.
Researcher publishes PoC tool that exploits unpatched KeePass vulnerability to retrieve the master password from memory. |
Tool Vulnerability | ★★★ | |
|
2023-04-25 13:41:53 | Apiiro lance l'outil d'exploration de surface d'attaque d'application Apiiro Launches Application Attack Surface Exploration Tool (lien direct) |
Explorateur de graphiques à risque APIIRO \\ aide les équipes de sécurité à comprendre la surface d'attaque de leur application.
Apiiro\'s Risk Graph Explorer helps security teams to understand their application attack surface. |
Tool | ★★ | |
|
2023-02-23 12:59:09 | Russian Accused of Developing NLBrute Malware Extradited to US (lien direct) | >A Russian malware developer behind the NLBrute brute-forcing tool has been extradited to the United States from Georgia. | Malware Tool | ★★ | |
|
2023-02-09 11:00:00 | ESXiArgs Ransomware Hits Over 3,800 Servers as Hackers Continue Improving Malware (lien direct) | >There have been some new developments in the case of the ESXiArgs ransomware attacks, including related to the encryption method used by the malware, victims, and the vulnerability exploited by the hackers. After the US Cybersecurity and Infrastructure Security Agency (CISA) announced the availability of an open source tool designed to help some victims of […] | Ransomware Malware Tool Vulnerability | ★★★ | |
|
2023-01-31 15:30:00 | Cyber Insights 2023: Artificial Intelligence (lien direct) | >The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool for beneficial improvement is still unknown. | Tool | ★★★ | |
|
2022-09-14 14:35:30 | Bishop Fox Releases Open Source Cloud Hacking Tool \'CloudFox\' (lien direct) | Cybersecurity firm Bishop Fox has announced the release of CloudFox, an open source tool designed to help find exploitable attack paths in cloud infrastructure. The command line tool has been created for penetration testers and other offensive security professionals. | Tool | ||
|
2022-08-25 10:16:06 | Microsoft Details New Post-Compromise Malware Used by Russian Cyberspies (lien direct) | Microsoft this week published technical details on 'MagicWeb', a new post-exploitation tool used by Russia-linked cyberespionage group APT29. | Malware Tool | APT 29 | |
|
2022-07-07 09:47:33 | Hackers Using \'Brute Ratel C4\' Red-Teaming Tool to Evade Detection (lien direct) | The Brute Ratel C4 (BRc4) red-teaming and adversarial attack simulation tool has been used by nation-state attackers to evade detection, according to security researchers at Palo Alto Networks. | Tool | ||
|
2022-06-23 20:31:01 | Apple, Android Phones Targeted by Italian Spyware: Google (lien direct) | An Italy-based firm's hacking tools were used to spy on Apple and Android smartphones in Italy and Kazakhstan, Google said Thursday, casting a light on a "flourishing" spyware industry. | Tool | ||
|
2022-06-23 14:27:35 | Security Orchestration: Beware of the Hidden Financial Costs (lien direct) | Among the many improvements in cybersecurity technology and tools we've seen over the last few years, one of the most significant has been the inclusion of security automation and orchestration capabilities in solution categories beyond SOAR platforms. SIEM providers acquired stand-alone SOAR platforms, and endpoint detection and response (EDR) solutions broadened to include automation and orchestration capabilities to accelerate threat detection and response. | Tool Threat | ★★★★★ | |
|
2022-06-22 13:17:05 | Aqua Security Ships Open-Source Tool for Auditing Software Supply Chain (lien direct) | Cloud security startup Aqua Security has partnered with the Center for Internet Security (CIS) to create guidelines for software supply chain security and followed up by shipping an open-source auditing tool to ensure compliance with the new benchmark. | Tool | ||
|
2022-05-24 13:59:51 | LimaCharlie Banks $5.45 Million in Seed Funding (lien direct) | LimaCharlie, a California company supplying tools to run an MSSP or SOC on a pay-as-you-use model, has attracted $5.45 million in seed round financing. | Tool | ||
|
2022-05-16 17:21:06 | Researchers Devise New Type of Bluetooth LE Relay Attacks (lien direct) | Security researchers at NCC Group have created a new tool capable of launching a new type of Bluetooth Low Energy (BLE) relay attack that bypasses existing protections and mitigations. | Tool | ||
|
2022-04-12 16:35:29 | OpenSSH Moves to Prevent \'Capture Now, Decrypt Later\' Attacks (lien direct) | OpenSSH has joined the high-stakes fight to protect data from quantum computers. The latest version of the widely used encryption and connectivity tool has been fitted with new features to prevent "capture now, decrypt later" attacks linked to advancements in quantum computing. | Tool | ||
|
2022-04-11 10:11:53 | Snap-on Tools Hit by Cyberattack Claimed by Conti Ransomware Gang (lien direct) | Conti ransomware gang claimed responsibility for cyberattack on Wisconsin-based tool maker | Ransomware Tool | ||
|
2022-04-07 12:09:29 | BlackCat Ransomware Targets Industrial Companies (lien direct) | A data theft tool used by the ransomware group tracked as BlackCat, ALPHV and Noberus suggests that the cybercriminals are increasingly interested in targeting industrial organizations. | Ransomware Tool | ||
|
2022-03-17 16:48:08 | Microsoft Releases Open Source Tool for Securing MikroTik Routers (lien direct) | Microsoft this week released an open source tool that can be used to secure MikroTik routers and check for signs of abuse associated with the Trickbot malware. | Tool | ||
|
2022-03-08 15:01:20 | U.S. State Governments Targeted by Chinese Hackers via Zero-Day in Agriculture Tool (lien direct) | A threat group believed to be sponsored by the Chinese government has breached the networks of U.S. state governments, including through the exploitation of a zero-day vulnerability. | Tool Threat | ||
|
2022-02-23 12:38:05 | CISA Warns of Attacks Exploiting Recent Vulnerabilities in Zabbix Monitoring Tool (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week expanded its Known Exploited Vulnerabilities Catalog with two critical flaws in the Zabbix enterprise monitoring solution. | Tool | ||
|
2022-02-07 22:01:44 | Google Cloud Gets Virtual Machine Threat Detection (lien direct) | Google on Monday announced the public preview of a new tool to help identify threats within virtual machines (VMs) running on its Google Cloud infrastructure. | Tool Threat | ||
|
2022-02-04 11:42:27 | Target Open Sources Web Skimmer Detection Tool (lien direct) | Retail giant Target this week announced the open source availability of an internal tool designed for the detection of web skimming attacks. | Tool | ||
|
2022-02-03 02:58:35 | FBI Confirms It Bought Spyware From Israel\'s NSO Group (lien direct) | The FBI has confirmed purchasing NSO Group's powerful spyware tool Pegasus, whose chronic abuse to surveil journalists, dissidents and human rights activists has long been established. It suggested its motivation was to “stay abreast of emerging technologies and tradecraft.” | Tool | ||
|
2022-01-31 13:03:41 | The Third Building Block for the SOC of the Future: Balanced Automation (lien direct) | When automation is balanced between humans and machines, we can ensure teams always have the best tool for the job | Tool |
To see everything:
Our RSS (filtrered)
