This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-19T16:27:55+00:00 www.secnews.physaphae.fr LogPoint - Blog Secu En bref :Le chargement latéral de DLL (Dynamic Link Library) est une technique permettant d'exécuter des charges virales malveillantes dans une DLL masquée en exploitant le processus d'exécution d'une application légitime.Des groupes de malware, tels que les groupes APT chinois et les malwares Darkgate, exploitent sur le terrain une vulnérabilité de chargement latéral de DLL Zero-Day [...] ]]> 2024-04-30T08:33:11+00:00 https://www.logpoint.com/fr/blog/decouvrez-le-cote-obscur-des-dll-dynamic-link-library/ www.secnews.physaphae.fr/article.php?IdArticle=8492987 False Malware,Vulnerability,Threat None 3.0000000000000000 LogPoint - Blog Secu By Nilaa MaharjanContentsKey FindingsWhich Products and Versions are Affected?Making a BOLD statementBoldly going where no malware has gone beforeDetecting BOLDMOVE using LogpointInvestigation and response with LogpointRemediation and mitigation best practicesFinal ThoughtsTL;DRFortinet disclosed a zero-day vulnerability in its FortiOS SSL-VPN products in December 2022, which was discovered to have been exploited by ransomware gangs.The vulnerability, a [...] ]]> 2023-02-06T09:04:22+00:00 https://www.logpoint.com/fr/blog/boldmove-exploiting-fortinet-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8307506 False Ransomware,Malware,Vulnerability None 2.0000000000000000 LogPoint - Blog Secu -Anish Bogati & Nilaa Maharjan; Security Research Index Remnant of Log4Shell? PoC of CVE-2022-42889 Detecting Text4shell using Logpoint Apply mitigations without delay On Oct. 13, 2022, the Apache Software Foundation released a security advisory for a critical zero-day vulnerability in Apache Common Text from version 1.5 to 1.9. Labeled CVE-2022-42899, Text4shell has a 9.8 severity [...] ]]> 2022-11-17T12:36:54+00:00 https://www.logpoint.com/fr/blog/text4shell-detecting-exploitation-of-cve-2022-42889/ www.secnews.physaphae.fr/article.php?IdArticle=8066702 False Vulnerability None None LogPoint - Blog Secu by Bhabesh Raj Rai, Security ResearchOn June 2, 2022, Atlassian released a security advisory for a critical zero-day vulnerability (CVE-2022-26134) that hackers are exploiting in Confluence Server and Data Center. The flaw allows an unauthenticated attacker to execute arbitrary code on a vulnerable Confluence Server or Data Center instance.The advisory stated that all supported versions [...] ]]> 2022-06-08T12:15:16+00:00 https://www.logpoint.com/fr/blog/detecting-atlassian-confluence-remote-code-execution-vulnerability-cve-2022-26134-in-logpoint/ www.secnews.physaphae.fr/article.php?IdArticle=5039841 False Vulnerability None None LogPoint - Blog Secu by Bhabesh Raj Rai, Security Research In this month's patch Tuesday, Microsoft fixed a high severity privilege escalation vulnerability (CVE-2022-26923) in AD domain services having a CVSS score of 8.8 which is close to critical. This vulnerability allows a lowprivilege authenticated user to acquire a certificate of privileged accounts such as domain controllers from AD [...] ]]> 2022-05-27T12:42:36+00:00 https://www.logpoint.com/fr/blog/detecting-high-severity-ad-privilege-escalation-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=4838273 False Vulnerability None None LogPoint - Blog Secu 2020-11-04T09:42:42+00:00 https://www.logpoint.com/fr/blog/oracle-weblogic-server-rce-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=2014981 False Vulnerability None None LogPoint - Blog Secu 2020-10-07T10:16:15+00:00 https://www.logpoint.com/fr/blog/microsoft-exchange-server-rce-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=1961359 False Vulnerability None None LogPoint - Blog Secu 2020-09-21T09:46:04+00:00 https://www.logpoint.com/fr/blog/detecting-the-zerologon-vulnerability-in-logpoint/ www.secnews.physaphae.fr/article.php?IdArticle=1929900 False Vulnerability None None LogPoint - Blog Secu 2020-07-18T10:38:08+00:00 https://www.logpoint.com/fr/blog/detecting-exim-exploitation-by-sandworm-apt-with-logpoint/ www.secnews.physaphae.fr/article.php?IdArticle=1853663 False Vulnerability,Threat None None LogPoint - Blog Secu 2020-07-17T07:47:49+00:00 https://www.logpoint.com/fr/blog/detection-of-wormable-rce-vulnerability-in-windows-dns-server/ www.secnews.physaphae.fr/article.php?IdArticle=1809337 False Vulnerability None None LogPoint - Blog Secu 2020-07-08T07:19:23+00:00 https://www.logpoint.com/fr/blog/detecting-the-cve-2020-5902-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=1796363 True Vulnerability None None LogPoint - Blog Secu 2020-07-08T07:19:23+00:00 https://www.logpoint.com/fr/blog/detecter-la-vulnerabilite-cve-2020-5902-avec-logpoint/ www.secnews.physaphae.fr/article.php?IdArticle=1809338 True Vulnerability None None LogPoint - Blog Secu 2020-01-21T14:27:55+00:00 https://www.logpoint.com/fr/blog/cve-20200601-chainoffools-curveball-attack/ www.secnews.physaphae.fr/article.php?IdArticle=1502847 False Vulnerability None None LogPoint - Blog Secu 2019-05-17T12:53:04+00:00 https://www.logpoint.com/fr/blog/may-2019-patch-tuesday/ www.secnews.physaphae.fr/article.php?IdArticle=1112210 False Vulnerability None None LogPoint - Blog Secu 2019-02-15T08:20:05+00:00 https://www.logpoint.com/fr/blog/abusing-exchange-one-api-call-away-from-domain-admin/ www.secnews.physaphae.fr/article.php?IdArticle=1080689 False Vulnerability,Guideline None None