What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-24 16:11:26 | Piratage rapide, GPT privé, exploits et Deepfakes de profondeur zéro: le rapport révèle l'impact de l'IA sur le paysage de la cybersécurité Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape (lien direct) |
Un nouveau rapport de la société de cybersécurité Radware identifie les quatre principaux impacts de l'IA sur le paysage des menaces émergeant cette année.
A new report by cyber security firm Radware identifies the four main impacts of AI on the threat landscape emerging this year. |
Vulnerability Threat | ★★★ | |
|
2024-04-08 18:47:15 | XZ Utils Supply Chain Attack: Un acteur de menace a passé deux ans pour mettre en œuvre une porte dérobée Linux XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor (lien direct) |
Parlez d'une attaque de chaîne d'approvisionnement qui implique XZ Utils, un compresseur de données largement utilisé dans les systèmes Linux et apprenez à protéger de cette menace.
Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat. |
Threat | ★★ | |
|
2024-03-26 13:00:38 | La nouvelle vulnérabilité GoFetch dans les puces M d'Apple \\ permet une fuite de clés secrètes sur des ordinateurs compromis New GoFetch Vulnerability in Apple\\'s M Chips Allows Secret Keys Leak on Compromised Computers (lien direct) |
La vulnérabilité GoFetch, qui affecte la série de puces M d'Apple \\, permet à un attaquant de voler des clés secrètes du Mac dans certaines conditions.Lisez des conseils sur l'atténuation de la menace de sécurité de GoFetch.
The GoFetch vulnerability, which affects Apple\'s M series of chips, allows an attacker to steal secret keys from the Mac under certain conditions. Read tips on mitigating the GoFetch security threat. |
Vulnerability Threat | ★★ | |
|
2024-02-22 14:52:59 | Tenable: les professionnels de la cybersécurité devraient s'inquiéter des cyberattaques parrainées par l'État Tenable: Cyber Security Pros Should Worry About State-Sponsored Cyber Attacks (lien direct) |
La sortie de l'acteur de menace soutenu par la Chine Volt Typhoon et du compromis de Microsoft \\ par la blizzard de minuit soutenue par la Russie fournissent d'importantes leçons de stratégie de cybersécurité pour l'Australie, explique Tenable.
The outing of China-backed threat actor Volt Typhoon and Microsoft\'s compromise by Russia-backed Midnight Blizzard provide important cyber security strategy lessons for Australia, says Tenable. |
Threat | Guam | ★★★ |
|
2024-02-14 18:39:21 | Recherche d'espionnage de Google \\'s Menace Analysis Group \\: comment les appareils et applications cibles CSVS Google\\'s Threat Analysis Group\\'s Spyware Research: How CSVs Target Devices and Applications (lien direct) |
En savoir plus sur la menace des fournisseurs de surveillance commerciale et son écosystème et apprendre à en protéger.
Read more about the commercial surveillance vendors threat and its ecosystem and learn how to protect from it. |
Threat Commercial | ★★ | |
|
2024-02-09 14:00:23 | InfoBlox dit que les pros manquent cette méga-menace des cybercriminels mondiaux organisés Infoblox says IT Pros Are Missing This Mega-Threat From Organised Global Cyber Criminals (lien direct) |
L'acteur des menaces de cybersécurité Vextrio vole sous le radar pour la plupart des professionnels de la cybersécurité de la région de l'APAC, car il s'agit d'un homme intermédiaire de distribution du trafic Web plutôt que d'une source de logiciels malveillants.
Cyber security threat actor VexTrio is flying under the radar for most APAC region cyber security professionals because it is a web traffic distribution middle man rather than an endpoint source of malware. |
Malware Threat | ★★★ | |
|
2024-02-06 17:51:33 | Top 7 des outils de chasse au cybermenace pour 2024 Top 7 Cyber Threat Hunting Tools for 2024 (lien direct) |
Voici les principaux outils de chasse à la cyber-menace qui peuvent améliorer les défenses de cybersécurité de votre organisation.Apprenez comment leurs fonctionnalités se comparent.
Here are the top cyber threat hunting tools that can enhance your organization\'s cybersecurity defenses. Learn how their features compare. |
Tool Threat | ★★★ | |
|
2024-01-31 19:51:29 | Qu'est-ce que la chasse à la cyber-menace?(Définition et comment cela fonctionne) What Is Cyber Threat Hunting? (Definition & How it Works) (lien direct) |
La chasse au cybermenace est le processus proactif de recherche et de détection des menaces potentielles ou des activités malveillantes au sein d'un réseau ou d'un système.
Cyber threat hunting is the proactive process of searching for and detecting potential threats or malicious activities within a network or system. |
Threat | ★★★ | |
|
2024-01-24 20:38:38 | Étude du National Cyber Security Center: L'IA générative peut augmenter la menace mondiale des ransomwares National Cyber Security Centre Study: Generative AI May Increase Global Ransomware Threat (lien direct) |
Voir les prédictions de NCSC \\ pour l'IA générative pour la cyberattaque et la défense jusqu'en 2025.
See NCSC\'s predictions for generative AI for cyber attack and defense through 2025. |
Ransomware Threat Studies | ★★★ | |
|
2024-01-18 18:44:20 | AndroxGH0st malware botnet vole AWS, les informations d'identification Microsoft et plus Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More (lien direct) |
Le botnet malware AndroxGH0st est utilisé pour l'identification et l'exploitation des victimes dans les réseaux ciblés, ainsi que pour la collecte des informations d'identification.Lisez les conseils du FBI / CISA \\ pour protéger contre cette menace malveillante.
The Androxgh0st malware botnet is used for victim identification and exploitation in targeted networks, as well as credentials collection. Read the FBI/CISA\'s tips for protecting against this malware threat. |
Malware Threat | ★★ | |
|
2023-12-22 22:47:44 | Rapport de menace ESET: abus de nom de chatppt, Lumma Steal Maleware augmente, la prévalence de Spyware \\ Android Spinok SDK \\ ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware\\'s Prevalence (lien direct) |
Des conseils d'atténuation des risques sont fournis pour chacune de ces menaces de cybersécurité.
Risk mitigation tips are provided for each of these cybersecurity threats. |
Malware Threat Mobile | ChatGPT | ★★★ |
|
2023-12-12 19:00:56 | ProofPoint expose une attaque sophistiquée d'ingénierie sociale contre les recruteurs qui infecte leurs ordinateurs par des logiciels malveillants Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware (lien direct) |
Les recruteurs et toute autre personne impliquée dans les processus d'embauche devraient être bien informés sur cette menace d'attaque d'ingénierie sociale.
Recruiters and anyone else involved in hiring processes should be knowledgeable about this social engineering attack threat. |
Malware Threat | ★★ | |
|
2023-11-22 16:41:22 | Sekoia: Dernier paysage cyber-menace du secteur financier Sekoia: Latest in the Financial Sector Cyber Threat Landscape (lien direct) |
Le phishing, les logiciels malveillants, les ransomwares, les attaques de chaîne d'approvisionnement, les violations de données et les attaques liées à la crypto figurent parmi les menaces les plus évolutives du secteur financier, explique Sekoia.
Phishing, infostealer malware, ransomware, supply chain attacks, data breaches and crypto-related attacks are among the top evolving threats in the financial sector, says Sekoia. |
Ransomware Malware Threat Studies | ★★★ | |
|
2023-10-18 09:15:43 | Le CISO dirigeant veut plus de proactivité de sécurité dans les entreprises australiennes pour éviter les attaques \\ 'surprises \\' Leading CISO Wants More Security Proactivity in Australian Businesses to Avoid Attack \\'Surprises\\' (lien direct) |
Jaya Baloo de Rapid7 \\ affirme qu'un déficit dans la compréhension des actifs et de la vulnérabilité de l'organisation australienne et de la vulnérabilité aide les acteurs à menacer, et cela est exacerbé par une croissance rapide dans les environnements multicloud.
Rapid7\'s Jaya Baloo says a deficit in Australian organisational IT asset and vulnerability understanding is helping threat actors, and this is being exacerbated by fast growth in multicloud environments. |
Vulnerability Threat | ★★ | |
|
2023-09-29 14:15:55 | Zenrat Malware cible les utilisateurs de Windows via un faux package d'installation de mot de passe Bitwarden ZenRAT Malware Targets Windows Users Via Fake Bitwarden Password Manager Installation Package (lien direct) |
Nous avons parlé aux chercheurs à preuve Point de cette nouvelle menace de logiciels malveillants et de la façon dont il infecte les systèmes Windows pour voler des informations.
We talked to Proofpoint researchers about this new malware threat and how it infects Windows systems to steal information. |
Malware Threat | ★★★ | |
|
2023-09-12 16:49:51 | Point de contrôle: les pirates abandonnant les entraînements USB physiques aux trous d'arrosage Check Point: Hackers Dropping Physical USB Drives at Watering Holes (lien direct) |
Le CISO mondial de Check Point \\ discute de l'intelligence des menaces de la société 2023, y compris de nouveaux acteurs de malveillance et de menace d'IA, répartissant les logiciels malveillants en supprimant les lecteurs flash.
Check Point\'s Global CISO discusses the firm\'s 2023 threat intelligence, including new AI malice and threat actors spreading malware by dropping flash drives. |
Malware Threat | ★★★ | |
|
2023-08-18 19:26:51 | Environ 2000 Netcalers Citrix ont été compromis dans des campagnes d'attaque massives About 2000 Citrix NetScalers Were Compromised in Massive Attack Campaigns (lien direct) |
Environ 2 000 Netcalers Citrix ont été compromis dans des campagnes d'attaque massives automatisées.En savoir plus sur les acteurs de la menace et comment les protéger.
About 2,000 Citrix NetScalers were compromised in automated massive attack campaigns. Find out more about the threat actors and how to protect from them. |
Threat | ★★ | |
|
2023-06-13 14:18:37 | Menaces et défense du DDOS: comment certaines hypothèses peuvent conduire à une attaque DDoS threats and defense: How certain assumptions can lead to an attack (lien direct) |
> Les hypothèses d'une entreprise ne devraient pas faire sur ses défenses DDOS et les mesures qu'elle devrait prendre maintenant pour réduire sa probabilité d'attaque.
>The assumptions a business shouldn\'t make about its DDoS defenses and the steps it should take now to reduce its likelihood of attack. |
Threat General Information Guideline | ★★ | |
|
2023-06-07 18:57:41 | La nouvelle menace zéro-clic cible les iPhones et les iPad New zero-click threat targets iPhones and iPads (lien direct) |
> Un récent rapport de Kaspersky a révélé une méthode d'attaque zéro-clic qui ne nécessite aucune action des victimes pour infecter les appareils iOS.
>A recent report from Kaspersky revealed a zero-click attack method that requires no action from victims to infect iOS devices. |
Threat | ★★★★ | |
|
2023-04-28 16:36:57 | L'acteur de menace APT28 cible les routeurs Cisco avec une vieille vulnérabilité Threat actor APT28 targets Cisco routers with an old vulnerability (lien direct) |
> Les États-Unis, l'Europe et l'Ukraine seraient des cibles dans cette menace malveillante.Apprenez à protéger les routeurs Cisco affectés.
>The U.S., Europe and Ukraine are reportedly targets in this malware threat. Learn how to protect affected Cisco routers. |
Malware Vulnerability Threat | APT 28 APT 28 | ★★ |
|
2023-04-26 22:37:26 | IBM lance Qradar Security Suite pour une détection et une réponse à la menace accélérée IBM launches QRadar Security Suite for accelerated threat detection and response (lien direct) |
> IBM a déclaré que la nouvelle plate-forme de cybersécurité est une interface unifiée qui rationalise la réponse des analystes tout au long du cycle de vie d'attaque et comprend des capacités d'IA et d'automatisation montrées pour accélérer le triage d'alerte de 55%.
>IBM said the new cybersecurity platform is a unified interface that streamlines analyst response across the full attack lifecycle and includes AI and automation capabilities shown to speed alert triage by 55%. |
Threat | ★★ | |
|
2023-04-14 11:55:01 | Pour les méfaits cybercrimins, il est sombre de la toile For cybercriminal mischief, it\\'s dark web vs deep web (lien direct) |
> Un nouveau rapport de la société de renseignement CyberThered Cybersixgill voit des acteurs de menace grouper aux bazars numériques pour collaborer, acheter et vendre des logiciels malveillants et des informations d'identification.
>A new report from cyberthreat intelligence company Cybersixgill sees threat actors swarming to digital bazaars to collaborate, buy and sell malware and credentials. |
Malware Threat | ★★ | |
|
2023-03-28 16:13:21 | Comment prévenir les bombes à fourche sur vos serveurs de développement Linux [How to prevent fork bombs on your Linux development servers] (lien direct) | > Apprenez à protéger votre serveur Linux de l'attaque du déni de service de la bombe de fourche avec ce tutoriel vidéo de Jack Wallen.
>Learn how to protect your Linux server from the fork bomb denial-of-service attack with this video tutorial by Jack Wallen. |
Threat General Information Guideline | ★★★ | |
|
2023-03-07 16:51:12 | CrowdStrike: Attackers focusing on cloud exploits, data theft (lien direct) | >CrowdStrike's new threat report sees a big increase in data theft activity, as attackers move away from ransomware and other malware attacks, as defense gets better, and the value of data increases. | Ransomware Malware Threat Cloud | ★★ | |
|
2023-02-01 20:32:11 | New cybersecurity BEC attack mimics vendors (lien direct) | >A new business email attack threat actor is using a stealth tactic to avoid giveaways of typical social engineering attacks. Learn the best defense for protecting your company. | Threat | ★★ | |
|
2022-12-22 18:25:13 | Cisco Talos report: Threat actors use known Excel vulnerability (lien direct) | >The use of .XLL Excel files by threat actors to infect computers with malware is growing fast. Learn more about this relatively new technique and how to protect from it. | Malware Vulnerability Threat | ★ | |
|
2022-12-09 16:15:03 | Apple unveils new iMessage, Apple ID and iCloud security for high-value targets (lien direct) | >Tech firm aims to strengthen security for users and meet modern cyber threat challenges with new cybersecurity technology and end-to-end cloud encryption. | Threat | ★★★ | |
|
2022-12-09 15:40:56 | McAfee 2023 Threat Predictions (lien direct) | >2022 is almost over, and the threats seen during the year have built the foundations for 2023's threat landscape, according to McAfee. Cyber criminals will benefit from new technologies such as AI or Web3. | Threat | ★ | |
|
2022-10-28 19:07:57 | Cranefly uses new communication technique in attack campaigns (lien direct) | >A threat actor dubbed "Cranefly" uses a new technique for its communications on infected targets. | Threat | ||
|
2022-10-27 17:46:44 | 2022 cyber threat report details growing trends (lien direct) | >SonicWall's mid-year report update has been released with new information on malware, ransomware, cryptojacking and more. | Threat | ||
|
2022-10-05 18:38:39 | Software supply chains at risk: The account takeover threat (lien direct) | >This kind of attack is very difficult to detect and might lead to full compromise of systems, leading to cyberespionage or financial crime. | Threat Guideline | ||
|
2022-08-16 17:11:43 | BazarCall attack increasingly used by ransomware threat actors (lien direct) | Already three independent threat groups are using it to heavily target companies. | Ransomware Threat | ||
|
2022-07-28 09:00:41 | How attackers are adapting to a post-macro world (lien direct) | >Since Microsoft's shutdown of macros in Office apps, attackers are using container file types to deliver malware in one of the largest threat landscape shifts in recent history. | Malware Threat | ||
|
2022-07-01 17:57:34 | The business of hackers-for-hire threat actors (lien direct) | >Hackers-for-hire specialize in compromising email boxes. Learn more about these cyber criminals and the threat they represent. | Threat | ||
|
2022-06-28 10:00:44 | New Bumblebee malware loader increasingly adopted by cyber threat groups (lien direct) | >Conti, Quantum and Mountlocker were all linked to having used the new piece of software to inject systems with ransomware. | Malware Threat | ||
|
2022-06-24 13:40:44 | This new malware diverts cryptocurrency payments to attacker-controlled wallets (lien direct) | >A new malware dubbed Keona Clipper aims to steal cryptocurrencies from infected computers and uses Telegram to increase its stealth. Learn more about what the Clipper malware threat is and how to protect from it. | Malware Threat | ||
|
2022-06-23 13:50:50 | Avos ransomware threat actor updates its attack arsenal (lien direct) | >The Avos ransomware threat actor has recently updated its tooling, not only using malicious software but also commercial products. | Ransomware Threat | ||
|
2022-06-22 09:00:40 | Proofpoint dispels commonly held threat actor assumptions in new report (lien direct) | The company found that Google-related URLs were the most frequently abused last year. | Threat | ||
|
2022-06-13 13:34:10 | State-sponsored Chinese threat actors compromise telecommunications and network services providers (lien direct) | >Threat actors originating from the People's Republic of China are exploiting known vulnerabilities to build a broad network infrastructure of compromised machines worldwide. Learn more about how to protect yourself from this threat. | Threat | ||
|
2022-06-03 15:22:04 | Conti reforms into several smaller groups, are they now more dangerous than ever? (lien direct) | The cybercrime group has disbanded, but still may pose a severe threat to a number of businesses in a different way. | Threat | ||
|
2022-05-25 13:40:44 | How to develop competency in cyber threat intelligence capabilities (lien direct) | >Starting from scratch or maturing a cyber threat intelligence capability is a task that needs several different people with very different skills and competencies. Read more on what competencies can build and make CTI capability a success. | Threat | ||
|
2022-05-23 14:04:24 | New phishing technique lures users with fake chatbot (lien direct) | >Cybercriminals are finding new ways to trick users into providing their credit card data. A new technique makes use of a fake chatbot to build trust with victims. Learn more about this threat and how to protect yourself from it. | Threat | ||
|
2022-05-18 20:25:30 | CrowdStrike vs McAfee: EDR software comparison (lien direct) | >Endpoint detection and response software protects against a variety of threats and attacks. Learn about two of the most popular EDR options, CrowdStrike and McAfee, and how to protect your network. | Threat | ||
|
2022-05-12 18:30:55 | Ransomware: How executives should prepare given the current threat landscape (lien direct) | As the number of ransomware attacks continue to increase, the response at C-level must be swift and decisive. | Ransomware Threat | ★★★ | |
|
2022-05-10 13:46:18 | Credit card skimming services make it easy for low-level cybercriminals to join the game (lien direct) | Credit card skimming just became much easier for cybercriminals, who can now buy ready-to-go skimming services online. Read more about this threat and how to detect it on merchant sites. | Threat | ★★★ | |
|
2022-05-06 13:41:50 | Cyberespionage: New Mustang Panda campaign targets Europe (lien direct) | A cyberespionage threat actor dubbed Mustang Panda hits Europe with a new attack campaign. Read more about it and how to protect yourself from it. | Threat | ★★★★ | |
|
2022-05-05 13:53:58 | UNC3524: The nearly invisible cyberespionage threat sitting on network appliances (lien direct) | A stealthy cybercriminal operation targeting companies involved in mergers and acquisitions has been discovered, and it's run by a threat actor who is particularly cautious about not being detected. Read more about this threat and how to protect yourself. | Threat | ||
|
2022-05-03 13:38:03 | TA410: The 3-headed cyberespionage threat actor (lien direct) | There's a new cyberespionage threat that targets U.S. utilities and diplomatic organizations in Africa and Middle East. Initially thought to be a single group, it appears it is built of three teams. | Threat | ||
|
2022-04-29 19:37:59 | Top advanced threat protection tools and solutions 2022 (lien direct) | Cybersecurity providers have improved defenses by adding AI and machine learning tech into endpoint protection apps and strategies. Here's how leading advanced threat protection tools compare. | Threat Guideline | ||
|
2022-04-28 19:06:15 | Okta vs Ping: IAM software comparison (lien direct) | This review compares the features of IAM software Okta and Ping. Features include multifactor authentication, threat detection and dashboards. | Threat |
To see everything:
Our RSS (filtrered)
