What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2025-04-28 14:20:12 | IA, Automation et Dark Web Fuel évoluant un paysage de menace AI, Automation, and Dark Web Fuel Evolving Threat Landscape (lien direct) |
Les attaquants tirent parti des avantages des nouvelles technologies et de la disponibilité des outils de matières premières, des informations d'identification et d'autres ressources pour développer des attaques sophistiquées plus rapidement que jamais, mettant les défenseurs sur leurs talons.
Attackers are leveraging the benefits of new technology and the availability of commodity tools, credentials, and other resources to develop sophisticated attacks more quickly than ever, putting defenders on their heels. |
Tool Threat | ★★ | |
|
2025-04-18 17:26:09 | Chinese APT Mustang Panda fait ses débuts 4 nouveaux outils d'attaque Chinese APT Mustang Panda Debuts 4 New Attack Tools (lien direct) |
L'acteur de menace notoire soutenu par l'État-nation a ajouté deux nouveaux keyloggers, un outil de mouvement latéral et un pilote d'évasion de détection et de réponse (EDR) à son arsenal.
The notorious nation-state-backed threat actor has added two new keyloggers, a lateral movement tool, and an endpoint detection and response (EDR) evasion driver to its arsenal. |
Tool Threat | ★★ | |
|
2025-04-17 13:49:43 | Cybersécurité par conception: lorsque les humains rencontrent la technologie Cybersecurity by Design: When Humans Meet Technology (lien direct) |
Si les outils de sécurité sont difficiles à utiliser, les gens chercheront des solutions de contournement pour contourner les restrictions.
If security tools are challenging to use, people will look for workarounds to get around the restrictions. |
Tool | ★★★ | |
|
2025-04-16 16:33:58 | Patch maintenant: les défauts NVDIA exposent les modèles d'IA, l'infrastructure critique Patch Now: NVDIA Flaws Expose AI Models, Critical Infrastructure (lien direct) |
Une solution pour une faille critique dans un outil permettant aux organisations d'exécuter des conteneurs accélérés par le GPU publiés l'année dernière n'a pas pleinement atténué le problème, stimulant la nécessité de corriger un défaut secondaire pour protéger les organisations qui s'appuient sur les processeurs NVIDIA pour les charges de travail de l'IA.
A fix for a critical flaw in a tool allowing organizations to run GPU-accelerated containers released last year did not fully mitigate the issue, spurring the need to patch a secondary flaw to protect organizations that rely on NVIDIA processors for AI workloads. |
Tool | ★★★ | |
|
2025-04-15 20:01:22 | Outil de présentation alimenté par l'IA exploité dans les attaques de phishing AI-Powered Presentation Tool Leveraged in Phishing Attacks (lien direct) |
Des chercheurs de sécurité anormale ont déclaré que les acteurs de la menace utilisent un outil de présentation et de conception graphique légitime nommé "gamma" dans les attaques de phishing.
Researchers at Abnormal Security said threat actors are using a legitimate presentation and graphic design tool named "Gamma" in phishing attacks. |
Tool Threat | ★★★ | |
|
2025-04-15 14:00:00 | Acteur de menace soutenu par la Chine \\ 'unc5174 \\' en utilisant des outils open source dans des attaques furtives China-Backed Threat Actor \\'UNC5174\\' Using Open Source Tools in Stealthy Attacks (lien direct) |
Les chercheurs de Sysdig ont détaillé une campagne en cours de l'acteur de menace soutenu par la Chine UNC5174, qui utilise des outils de piratage open source pour rester sous le radar.
Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar. |
Tool Threat | ★★★ | |
|
2025-04-14 21:19:29 | Outils de code AI AI Code Tools Widely Hallucinate Packages (lien direct) |
Le problème d'hallucination n'est pas seulement omniprésent, il est également persistant, selon de nouvelles recherches.
The hallucination problem is not just pervasive, it is persistent as well, according to new research. |
Tool | ★★★ | |
|
2025-04-02 21:45:46 | SolarWinds ajoute l'outil de gestion des incidents de Squadcast SolarWinds Adds Incident Management Tool From Squadcast (lien direct) |
La société de gestion et d'observabilité des services informatiques a acquis la société en squadcast le mois dernier et ajoute la plate-forme de réponse aux incidents automatisée au portefeuille Solarwinds.
The IT service management and observability tools company acquired Squadcast last month and is adding the automated incident response platform to the SolarWinds portfolio. |
Tool | ★★ | |
|
2025-03-31 20:55:57 | Les logiciels malveillants de Coffeeloder sont empilés de tours d'évasion vicieux CoffeeLoader Malware Is Stacked With Vicious Evasion Tricks (lien direct) |
Les logiciels malveillants de niveau supérieur représentent une nouvelle ère de code malveillant développé spécifiquement pour contourner les logiciels de sécurité modernes comme Digital Forensics Tools et EDR, avertissent de nouvelles recherches.
Next-level malware represents a new era of malicious code developed specifically to get around modern security software like digital forensics tools and EDR, new research warns. |
Malware Tool | ★★★ | |
|
2025-03-31 15:40:30 | Tendance micro ouverts Sources AI Tool Cybertron Trend Micro Open Sources AI Tool Cybertron (lien direct) |
Le modèle et l'agent de l'intelligence artificielle de la cybersécurité (AI) aideront les organisations à améliorer la détection des menaces et la réponse aux incidents.
The cybersecurity artificial intelligence (AI) model and agent will help organizations improve threat detection and incident response. |
Tool Threat Prediction | ★★★ | |
|
2025-03-28 20:15:41 | L'outil Evilginx (toujours) contourne le MFA Evilginx Tool (Still) Bypasses MFA (lien direct) |
Sur la base du serveur Web Open Source Nginx, l'outil malveillant permet aux acteurs de la menace de voler des informations d'identification et des jetons de session.
Based on the open source NGINX Web server, the malicious tool allows threat actors to steal user credentials and session tokens. |
Tool Threat | ★★★ | |
|
2025-03-24 19:36:04 | Le FBI met en garde contre les outils de convertisseur de documents dus à la hausse des escroqueries FBI Warns of Document Converter Tools Due to Uptick in Scams (lien direct) |
Le bureau de terrain de Denver du FBI \\ indique que les outils convertiront des documents tout en supprimant les logiciels malveillants et en grattant les systèmes des utilisateurs \\ 'pour des données sensibles.
The FBI\'s Denver field office says the tools will convert documents while also dropping malware and scraping users\' systems for sensitive data. |
Malware Tool | ★★ | |
|
2025-03-14 19:38:38 | Les vulns de l'homme au milieu offrent de nouvelles opportunités de recherche pour la sécurité des voitures Man-in-the-Middle Vulns Provide New Research Opportunities for Car Security (lien direct) |
Une paire de chercheurs prévoient de détailler des outils efficaces pour creuser dans l'efficacité de la cybersécurité des véhicules sans se ruiner.
A pair of researchers plan on detailing effective tools to dig into the effectiveness of vehicle cybersecurity without breaking the bank. |
Tool | ★★ | |
|
2025-03-07 19:01:18 | Cybercrime \\'s Cobalt Strike Use chute 80% dans le monde Cybercrime\\'s Cobalt Strike Use Plummets 80% Worldwide (lien direct) |
Fortra, Microsoft et Health-ISAC ont combiné les forces pour récupérer l'un des pirates d'outils d'attaque les plus précieux, avec des démontages massifs.
Fortra, Microsoft, and Health-ISAC have combined forces to claw back one of hackers\' most prized attack tools, with massive takedowns. |
Tool | ★★★ | |
|
2025-03-06 04:16:10 | L'avenir de la cybersécurité est une question de gouvernance, pas de plus d'outils Cybersecurity\\'s Future Is All About Governance, Not More Tools (lien direct) |
Alors que les CISO prennent place à la table de la salle de conférence, l'accent passe de l'empilement des outils de sécurité à la responsabilité, à l'efficacité et à la gestion des risques stratégiques.
As CISOs take a seat at the boardroom table, the focus shifts from stacking security tools to driving accountability, efficiency, and strategic risk management. |
Tool | ★★★ | |
|
2025-03-05 21:15:32 | Le typhon APT du Typhoon de la Chine se déplace vers la chaîne d'approvisionnement des attaques de chaîne d'approvisionnement China\\'s Silk Typhoon APT Shifts to IT Supply Chain Attacks (lien direct) |
Selon Microsoft, le groupe de menaces nationales a violé les fournisseurs d'outils de gestion à distance, les fournisseurs de gestion de l'identité et d'autres sociétés informatiques pour accéder aux réseaux d'entités ciblées.
The nation-state threat group has been breaching providers of remote management tools, identity management providers, and other IT companies to access networks of targeted entities, according to Microsoft. |
Tool Threat | ★★ | |
|
2025-03-04 21:26:07 | Acteur de menace \\ 'javaghost \\' cible les environnements AWS dans le schéma de phishing Threat Actor \\'JavaGhost\\' Targets AWS Environments in Phishing Scheme (lien direct) |
Palo Alto Networks \\ 'Unit 42 détaille comment un acteur de menace esquive la détection avec un ciblage minutieux et l'utilisation d'outils de messagerie natif d'Amazon \\.
Palo Alto Networks\' Unit 42 details how a threat actor is dodging detection with careful targeting and the use of Amazon\'s native email tools. |
Tool Threat | ★★★ | |
|
2025-02-27 20:46:38 | Nakivo corrige l'outil de sauvegarde et de réplication critique Nakivo Fixes Critical Flaw in Backup & Replication Tool (lien direct) |
Les produits du vendeur se situent dans une catégorie que les opérateurs de ransomwares aiment cibler pour contourner les victimes \\ 'la capacité de se remettre d'une attaque réussie.
The vendor\'s products fall in a category that ransomware operators like to target to circumvent victims\' ability to recover from a successful attack. |
Ransomware Tool | ★★ | |
|
2025-02-27 13:59:50 | Les pirates peuvent craquer les caméras de voiture en quelques minutes à plat Hackers Can Crack Into Car Cameras in Minutes Flat (lien direct) |
Il est choquant de façon choquante de transformer une caméra de dash de voiture en un puissant outil de reconnaissance pour rassembler les données quotidiennes de routine et de localisation, avertissent les chercheurs.
It\'s shockingly simple to turn a car dashcam into a powerful reconnaissance tool for gathering everyday routine and location data, researchers warn. |
Tool | ★★★ | |
|
2025-02-26 15:00:00 | Machine désapprentissage: la lobotomisation des LLM Machine Unlearning: The Lobotomization of LLMs (lien direct) |
En fin de compte, la question n'est pas de savoir si les modèles de grande langue oublieront - c'est comment nous développerons les outils et les systèmes pour le faire efficacement et éthiquement.
In the end, the question isn\'t whether large language models will ever forget - it\'s how we\'ll develop the tools and systems to do so effectively and ethically. |
Tool | ★★★ | |
|
2025-02-26 06:03:27 | \\ 'Silver Fox \\' APT JURTS Windows Bloclist dans BYOVD Attaque \\'Silver Fox\\' APT Skirts Windows Blocklist in BYOVD Attack (lien direct) |
Il y a un univers inexploité de conducteurs exploitables dans la nature aujourd'hui. En exploitant un seul d'entre eux, les attaquants ont pu vaincre les outils de sécurité et infecter les citoyens asiatiques avec GH0Strat.
There\'s an untapped universe of exploitable drivers in the wild today. By exploiting just one of them, attackers were able to defeat security tools and infect Asian citizens with Gh0stRAT. |
Tool | ★★★ | |
|
2025-02-25 21:42:48 | Gravité maximale rce vuln dans toutes les versions de mitre Caldera Max Severity RCE Vuln in All Versions of MITRE Caldera (lien direct) |
Entre de mauvaises mains, l'outil populaire d'équipe rouge peut être fait pour accéder aux réseaux, augmenter les privilèges, réaliser la reconnaissance et masquer l'activité malveillante comme un exercice simulé.
In the wrong hands, the popular red-teaming tool can be made to access networks, escalate privileges, conduct reconnaissance, and disguise malicious activity as a simulated exercise. |
Tool | ★★★ | |
|
2025-02-13 21:32:35 | Chinese APT \\'Emperor Dragonfly\\' Moonlights With Ransomware (lien direct) | Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim.
Pivoting from prior cyber espionage, the threat group deployed its backdoor tool set to ultimately push out RA World malware, demanding $2 million from its victim. |
Ransomware Malware Tool Threat | ★★★ | |
|
2025-02-12 20:27:51 | Content Credentials Technology Verifies Image, Video Authenticity (lien direct) | The open technology tackles disinformation by verifying whether the image is real or has been modified. The standard, created to document the provenance of photos and other media, has gained steam in the past year, surpassing 500 corporate members and releasing open-source tools for developers.
The open technology tackles disinformation by verifying whether the image is real or has been modified. The standard, created to document the provenance of photos and other media, has gained steam in the past year, surpassing 500 corporate members and releasing open-source tools for developers. |
Tool | ★★★ | |
|
2025-02-10 15:19:00 | Magecart Attackers Abuse Google Ad Tool to Steal Data (lien direct) | Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool.
Attackers are smuggling payment card-skimming malicious code into checkout pages on Magento-based e-commerce sites by abusing the Google Tag Manager ad tool. |
Tool | ★★★ | |
|
2025-02-10 15:00:00 | Analyst Burnout Is an Advanced Persistent Threat (lien direct) | For too long, we\'ve treated our analysts as mere cogs in a machine, expecting them to conform to the limitations of our tools and processes. It\'s time to revolutionize security operations.
For too long, we\'ve treated our analysts as mere cogs in a machine, expecting them to conform to the limitations of our tools and processes. It\'s time to revolutionize security operations. |
Tool Threat | ★★★ | |
|
2025-02-03 15:00:00 | Proactive Vulnerability Management for Engineering Success (lien direct) | By integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software.
By integrating security into CI/CD, applying automated policies, and supporting developers with the right processes and tools, infosec teams can increase efficiency and build secure software. |
Tool Vulnerability | ★★★ | |
|
2025-01-31 18:34:19 | Tenable to Acquire Vulcan Cyber to Boost Exposure Management Focus (lien direct) | The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms.
The deal, expected to close this quarter, will give Tenable One Exposure Management much-needed integration with over 100 third-party security tools and platforms. |
Tool | ★★ | |
|
2025-01-31 18:19:25 | Code-Scanning Tool\\'s License at Heart of Security Breakup (lien direct) | Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness.
Nine application security toolmakers band together to fork the popular Semgrep code-scanning project, touching off a controversy over access to features and fairness. |
Tool | ★★ | |
|
2025-01-30 15:00:00 | Automated Pen Testing Is Improving - Slowly (lien direct) | The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications.
The rate of evolution has been glacial, but tools now understand cloud environments and can target Web applications. |
Tool Cloud | ★★ | |
|
2025-01-24 15:00:00 | Strengthening Our National Security in the AI Era (lien direct) | For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well - consistently and cost-effectively.
For the first time in a long while, the federal government and the software sector alike finally have the tools and resources needed to do security well - consistently and cost-effectively. |
Tool | ★★★ | |
|
2025-01-16 23:52:14 | Biden\\'s Cybersecurity EO Leaves Trump a Comprehensive Blueprint for Defense (lien direct) | New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks - but will the Trump administration follow through?
New order mandates securing the federal software supply chain and communications networks, as well as deploying AI tools to protect critical infrastructure from cyberattacks - but will the Trump administration follow through? |
Tool | ★★★ | |
|
2025-01-16 14:29:59 | Risk, Reputational Scores Enjoy Mixed Success as Security Tools (lien direct) | Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best - and better than nothing for most organizations and insurers.
Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best - and better than nothing for most organizations and insurers. |
Tool | ★★★ | |
|
2025-01-13 21:34:29 | Microsoft Cracks Down on Malicious Copilot AI Use (lien direct) | According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services.
According to the tech giant, it has observed a threat group seeking out vulnerable customer accounts using generative AI, then creating tools to abuse these services. |
Tool Threat | ★★★ | |
|
2024-12-31 14:00:00 | 6 AI-Related Security Trends to Watch in 2025 (lien direct) | AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks.
AI tools will enable significant productivity and efficiency benefits for organizations in the coming year, but they also will exacerbate privacy, governance, and security risks. |
Tool | ★★ | |
|
2024-12-30 01:00:00 | Deepfakes, Quantum Attacks Loom Over APAC in 2025 (lien direct) | Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases.
Organizations in the region should expect to see threat actors accelerate their use of AI tools and mount ongoing "harvest now, decrypt later" attacks for various malicious use cases. |
Tool Threat | ★★ | |
|
2024-12-18 14:17:28 | Midnight Blizzard Taps Phishing Emails, Rogue RDP Nets (lien direct) | The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity.
The Russian-based attack group uses legitimate red-team tools, 200 domain names, and 34 back-end RDP servers, making it harder to identify and block malicious activity. |
Tool | ★★ | |
|
2024-12-16 20:08:54 | Citizen Development Moves Too Fast for Its Own Good (lien direct) | While low-code/no-code tools can speed up application development, sometimes it\'s worth taking a slower approach for a safer product.
While low-code/no-code tools can speed up application development, sometimes it\'s worth taking a slower approach for a safer product. |
Tool | ★★★ | |
|
2024-12-13 21:44:17 | Generative AI Security Tools Go Open Source (lien direct) | Businesses deploying large language models and other GenAI systems have a growing collection of open source tools for testing AI security.
Businesses deploying large language models and other GenAI systems have a growing collection of open source tools for testing AI security. |
Tool | ★★ | |
|
2024-12-12 21:21:31 | Chinese Cops Caught Using Android Spyware to Track Mobile Devices (lien direct) | Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows.
Law enforcement across mainland China have been using EagleMsgSpy surveillance tool to collect mobile device data since at least 2017, new research shows. |
Tool Legislation Mobile | ★★★ | |
|
2024-12-12 15:00:00 | Cultivating a Hacker Mindset in Cybersecurity Defense (lien direct) | Security isn\'t just about tools - it\'s about understanding how the enemy thinks and why they make certain choices.
Security isn\'t just about tools - it\'s about understanding how the enemy thinks and why they make certain choices. |
Tool | ★★★ | |
|
2024-12-09 17:49:35 | Google Launches Open-Source Patch Validation Tool (lien direct) | Vanir automates the process of scanning source code to identify what security patches are missing.
Vanir automates the process of scanning source code to identify what security patches are missing. |
Tool | ★★★ | |
|
2024-12-05 19:59:11 | LLMs Raise Efficiency, Productivity of Cybersecurity Teams (lien direct) | AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle.
AI-powered tools are making cybersecurity tasks easier to solve, as well as easier for the team to handle. |
Tool | ★★ | |
|
2024-12-03 17:50:47 | Cyber-Unsafe Employees Increasingly Put Orgs at Risk (lien direct) | Too much access and privilege, plus a host of unsafe cyber practices, plague most workplaces, and the introduction of tools like GenAI will only make things worse.
Too much access and privilege, plus a host of unsafe cyber practices, plague most workplaces, and the introduction of tools like GenAI will only make things worse. |
Tool | ★★ | |
|
2024-12-03 16:19:13 | Venom Spider Spins Web of New Malware for MaaS Platform (lien direct) | A novel backdoor malware and a loader that customizes payload names for each victim have been added to the threat group\'s cybercriminal tool set.
A novel backdoor malware and a loader that customizes payload names for each victim have been added to the threat group\'s cybercriminal tool set. |
Malware Tool Threat | ★★ | |
|
2024-11-27 14:00:00 | Russian Script Kiddie Assembles Massive DDoS Botnet (lien direct) | Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices - and enterprise servers.
Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices - and enterprise servers. |
Malware Tool Threat | ★★ | |
|
2024-11-18 18:00:00 | To Map Shadow IT, Follow Citizen Developers (lien direct) | The tangle of user-built tools is formidable to manage, but it can lead to a greater understanding of real-world business needs.
The tangle of user-built tools is formidable to manage, but it can lead to a greater understanding of real-world business needs. |
Tool | ★★ | |
|
2024-11-18 17:11:38 | Palo Alto Networks Patches Critical Zero-Day Firewall Bug (lien direct) | The security vendor\'s Expedition firewall appliance\'s PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet.
The security vendor\'s Expedition firewall appliance\'s PAN-OS interface tool has racked up four critical security vulnerabilities under active attack in November, leading tit to advise customers to update immediately or and take them off the Internet. |
Tool Vulnerability Threat | ★★ | |
|
2024-11-12 17:44:24 | \\'GoIssue\\' Cybercrime Tool Targets GitHub Developers En Masse (lien direct) | Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches.
Marketed on a cybercriminal forum, the $700 tool harvests email addresses from public GitHub profiles, priming cyberattackers for further credential theft, malware delivery, OAuth subversion, supply chain attacks, and other corporate breaches. |
Malware Tool | ★★★ | |
|
2024-11-11 21:13:20 | Rat Remcos remanié déployé contre les utilisateurs de Microsoft Windows [Rat Remcos remanié déployé contre les utilisateurs de Microsoft Windows ] (lien direct) | Les utilisateurs de Windows sont à risque de prendre un rachat complet des appareils par une version malveillante émergente de l'outil d'administration à distance Remcos, qui est utilisé dans une campagne en cours exploitant une vulnérabilité connue de code à distance (RCE) dans Microsoft Office et WordPad.
Windows users are at risk for full device takeover by an emerging malicious version of the Remcos remote admin tool, which is being used in an ongoing campaign exploiting a known remote code execution (RCE) vulnerability in Microsoft Office and WordPad. |
Tool Vulnerability | ★★★ |
To see everything:
Our RSS (filtrered)
