This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-16T13:14:10+00:00 www.secnews.physaphae.fr CybeReason - Vendor blog MITRE's Adversarial Tactics, Techniques, and Common Knowledge (MITRE ATT&CK) is a critical tool for security practitioners seeking to understand how attackers move, operate, and conduct their attacks. Designed to look at attacks from the attacker's perspective, it catalogs the attack lifecycle of different adversaries and the platforms they choose to target, all based on real-world observations.]]> 2023-01-09T18:47:58+00:00 https://www.cybereason.com/blog/mitre-attck-and-the-art-of-building-better-defenses www.secnews.physaphae.fr/article.php?IdArticle=8299313 False Tool None 2.0000000000000000 CybeReason - Vendor blog The challenges faced by Security Operations Centers (SOCs) around the world-workforce shortages, lack of visibility and automation, tool sprawl, and alert overload-continue to have a negative impact on SOC effectiveness and will likely result in increasing adoption of Managed Detection and Response (MDR) services and Extended Detection and Response (XDR) solutions.]]> 2022-06-02T16:35:43+00:00 https://www.cybereason.com/blog/latest-soc-survey-anticipates-shift-toward-mdr-and-xdr www.secnews.physaphae.fr/article.php?IdArticle=4935734 False Tool None None CybeReason - Vendor blog Over the years, security departments acquire tool after tool, sometimes integrated, and many times under-utilized. Kevin Richards, President at Secure Systems Innovation, walks through a very creative method for getting the budget you need, and explains how to leverage the current environment to “find” new sources of funding for the right cybersecurity investments - check it out...]]> 2022-02-10T10:00:00+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-creating-security-budget-where-there-is-no-budget www.secnews.physaphae.fr/article.php?IdArticle=4124980 False Tool None None CybeReason - Vendor blog The Cybereason Global Security Operations Center (GSOC) issues Cybereason Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them. ]]> 2021-12-16T17:48:04+00:00 https://www.cybereason.com/blog/threat-analysis-report-inside-the-lockbit-arsenal-the-stealbit-exfiltration-tool www.secnews.physaphae.fr/article.php?IdArticle=3808681 True Tool,Threat None None CybeReason - Vendor blog The Cybereason Nocturnus Team has been tracking recent developments in the RoyalRoad weaponizer, also known as the 8.t Dropper/RTF exploit builder. Over the years, this tool has become a part of the arsenal of several Chinese-related threat actors such as Tick, Tonto Team and TA428, all of which  employ RoyalRoad regularly for spear-phishing in targeted attacks against high-value targets. ]]> 2021-04-30T12:11:34+00:00 https://www.cybereason.com/blog/portdoor-new-chinese-apt-backdoor-attack-targets-russian-defense-sector www.secnews.physaphae.fr/article.php?IdArticle=2721691 False Tool,Threat None None CybeReason - Vendor blog We're still learning the full extent of the SolarWinds supply chain attacks. On January 11, for instance, researchers published a technical breakdown of a malicious tool detected as SUNSPOT that was employed as part of the infection chain involving the IT management software provider's Orion platform. ]]> 2021-01-21T14:08:16+00:00 https://www.cybereason.com/blog/solarwinds-attacks-highlight-importance-of-operation-centric-approach www.secnews.physaphae.fr/article.php?IdArticle=2225390 False Tool Solardwinds,Solardwinds None