This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-23T18:41:37+00:00 www.secnews.physaphae.fr CybeReason - Vendor blog Cybearason Problèmes de menace Alertes pour informer les clients de l'émergence des menaces impactantes, y compris les vulnérabilités critiques.Les alertes de menaces de cyberéasie résument ces menaces et fournissent des recommandations pratiques pour se protéger contre elles.

---

Cybereason issues Threat Alerts to inform customers of emerging impacting threats, including critical vulnerabilities. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them.]]> 2024-03-26T14:39:15+00:00 https://www.cybereason.com/blog/threat-alert-the-anydesk-breach-aftermath www.secnews.physaphae.fr/article.php?IdArticle=8470864 False Threat,Vulnerability None 3.0000000000000000 CybeReason - Vendor blog Cybearason Security Services Problème des rapports d'analyse des menaces pour informer sur l'impact des menaces.Les rapports d'analyse des menaces étudient ces menaces et fournissent des recommandations pratiques pour se protéger contre eux.

---

Cybereason Security Services issues Threat Analysis reports to inform on impacting threats. The Threat Analysis reports investigate these threats and provide practical recommendations for protecting against them.]]> 2024-03-13T14:50:52+00:00 https://www.cybereason.com/blog/beware-of-the-messengers-exploiting-activemq-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=8463286 False Threat,Vulnerability None 2.0000000000000000 CybeReason - Vendor blog Cybereason Issues Menace Alertes pour informer les clients de l'émergence des menaces impactantes, y compris des vulnérabilités critiques telles que l'exploitation Ivanti Secure VPN Zero-Day.Les alertes de menaces de cyberéasie résument ces menaces et fournissent des recommandations pratiques pour se protéger contre elles.

---

Cybereason issues Threat Alerts to inform customers of emerging impacting threats, including critical vulnerabilities such as the Ivanti Connect Secure VPN Zero-Day exploitation. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them.]]> 2024-02-06T04:35:35+00:00 https://www.cybereason.com/blog/threat-alert-ivanti-connect-secure-vpn-zero-day-exploitation www.secnews.physaphae.fr/article.php?IdArticle=8447166 False Threat,Vulnerability None 2.0000000000000000 CybeReason - Vendor blog ]]> 2022-06-22T13:04:57+00:00 https://www.cybereason.com/blog/threat-alert-follina/msdt-microsoft-office-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=5326865 False Vulnerability None None CybeReason - Vendor blog The issues created by the recently disclosed Log4j vulnerability are bigger than you might expect and will have long-lasting implications. So, what was the Log4j vulnerability really, what can be done to reduce the risk it poses to organizations, and how can we better prepare for the next Log4j-level event? Benny Lakunishok, co-founder and CEO of Zero Networks, takes us deeper - check it out...]]> 2022-02-24T13:51:14+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-understanding-and-preparing-for-the-next-log4j www.secnews.physaphae.fr/article.php?IdArticle=4177569 False Vulnerability None None CybeReason - Vendor blog A digital 'vaccine' was released to address Log4Shell, which has been called “the single biggest, most critical vulnerability ever.” Nate Nelson talks to Yonatan Striem-Amit, CTO & Co-Founder of Cybereason about the Log4j vulnerability and about the unusual vaccine dubbed Logout4Shell that uses the Log4j exploit to close the vulnerability - check it out…]]> 2021-12-27T12:00:00+00:00 http://www.cybereason.com/blog/malicious-life-podcast-logout4shell-a-digital-vaccine-for-log4shell www.secnews.physaphae.fr/article.php?IdArticle=3889897 False Vulnerability None None CybeReason - Vendor blog It has been a uniquely amazing week for me and for Cybereason. We started the week by sharing LogOut4Shell-a free vaccine we developed to prevent the Log4Shell vulnerability from being exploited. Then we hosted DefenderCon '21 and launched Cybereason XDR powered by Google Chronicle. ]]> 2021-12-17T23:09:51+00:00 https://www.cybereason.com/blog/the-first-true-xdr-solution www.secnews.physaphae.fr/article.php?IdArticle=3817978 False Vulnerability None None CybeReason - Vendor blog UPDATE 12/17/21: The Logout4Shell Vaccine has been updated to add a persistent option in addition to the existing one which reverted upon server restart. The previous version of the Vaccine used the Log4Shell vulnerability to remove the JNDI interpolator entirely from all logger contexts to prevent the vulnerability from being exploited in the running JVM (server process). This update not only fixes the vulnerability, but also edits the jar file on disk to remove the JndiLookup class to permanently mitigate the Log4Shell vulnerability on a running server. It also performs additional changes on the plugin registry.  Due to the nature of the permanent solution, there is nominal risk involved, so the Vaccine offers the option to execute the completely safe but temporary solution, or the slightly more risky but permanent solution. The documentation has been updated to reflect that we now support both options.  The Log4shell vulnerability still requires patching. This updated Logout4Shell mitigation option can provide security teams the time required to roll out patches while reducing the risk from exploits targeting the Log4j vulnerability. The latest version is pushed to our github at https://github.com/Cybereason/Logout4Shell   UPDATE 12/15/21: Our initial vaccine approach was to set the formatMsgLookup flag to "true" and reconfigured the Log4j logger, which supported versions >= 2.10.0. In this updated Vaccine technique, in order to support older versions < 2.10.0, the "flag" no longer exists and instead it removes the JNDI interpolator entirely from all logger contexts. The update also pushes an additional fix to make this removal behavior the "default" even in cases where the "flag" is still supported. We still highly recommend upgrading to 2.16.0, or removing the JNDI class entirely from each server if upgrading to the latest patched version is not possible for your organization at this time. This updated Vaccine version also mitigates the most recent lower severity vulnerability disclosure (CVE-2021-45046) which was patched in log4j version 2.16.0. This vulnerability showed that in certain scenarios, for example, where attackers can control a thread-context variable that gets logged, even the flag log4j2.formatMsgNoLookups is insufficient to mitigate Log4shell. The text below has been updated to reflect the latest guidance and changes to the temporary workaround Vaccine developed by Cybereason. ============================================================= Cybereason researchers have developed and released a “vaccine” for the Apache Log4Shell vulnerabilities (CVE-2021-44228) and (CVE-2021-4504]]> 2021-12-17T15:00:00+00:00 http://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228 www.secnews.physaphae.fr/article.php?IdArticle=3889904 False Vulnerability None None CybeReason - Vendor blog Log4Shell is a vulnerability (CVE-2021-44228) impacting Apache Log4j which was disclosed on the project's GitHub on December 9, 2021. The flaw has the highest possible severity rating of 10 and is pervasive. ]]> 2021-12-15T17:56:17+00:00 https://www.cybereason.com/blog/how-cybereason-prevents-and-detects-exploits-leveraging-log4shell-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=3801443 False Vulnerability None None CybeReason - Vendor blog Cybereason researchers have developed and release a “vaccine” for the Apache Log4Shell vulnerability (CVE-2021-44228). The vaccine is now freely available on GitHub. It is a relatively simple fix that requires only basic Java skills to implement and is freely available to any organization. Cybereason previously announced that none of the company's products or services were impacted by the vulnerability.]]> 2021-12-10T23:55:00+00:00 https://www.cybereason.com/blog/cybereason-releases-vaccine-to-prevent-exploitation-of-apache-log4shell-vulnerability-cve-2021-44228 www.secnews.physaphae.fr/article.php?IdArticle=3777527 False Vulnerability None None CybeReason - Vendor blog A newly revealed vulnerability impacting Apache Log4j 2 versions 2.0 to 2.14.1 was disclosed on the project's GitHub on December 9, 2021, and designated as CVE-2021-44228 with the highest severity rating of 10. ]]> 2021-12-10T21:08:07+00:00 https://www.cybereason.com/blog/cybereason-solutions-are-not-impacted-by-apache-log4j-vulnerability-cve-2021-44228 www.secnews.physaphae.fr/article.php?IdArticle=3776856 False Vulnerability None 2.0000000000000000 CybeReason - Vendor blog The Microsoft Threat Intelligence Center (MSTIC) shared a report warning that NOBELIUM-the threat actor behind the SolarWinds attacks-is targeting delegated administrative privileges as part of a larger malicious campaign. Microsoft cautions that attackers are attempting to gain access to downstream customers of multiple cloud providers, managed service providers (MSPs), and IT services organizations in what at first glance appears to be a standard threat intelligence report, but upon examination more closely resembles a technical vulnerability disclosure. ]]> 2021-10-26T15:21:56+00:00 https://www.cybereason.com/blog/microsoft-publishes-veiled-mea-culpa-disguised-as-research www.secnews.physaphae.fr/article.php?IdArticle=3567535 False Threat,Vulnerability None None CybeReason - Vendor blog Vulnerabilities are a fact of life. I started my career in cybersecurity finding and exploiting those vulnerabilities to conduct nation-state offensive operations. I understand the simple reality that there is no such thing as perfect code, and that even the most secure application can be compromised given enough time. But that is not an excuse for writing bad code or failing to address known issues. ]]> 2021-09-24T12:33:29+00:00 https://www.cybereason.com/blog/1460-day-old-known-vulnerability-catches-microsoft-off-guard www.secnews.physaphae.fr/article.php?IdArticle=3423099 False Vulnerability None None CybeReason - Vendor blog Apple issued an emergency update yesterday for a critical vulnerability discovered in its iPhones, Apple Watches, and Mac computers. Researchers at Citizen Lab discovered a no-click zero-day exploit that works on all Apple devices that do not have the latest update. ]]> 2021-09-14T20:07:22+00:00 https://www.cybereason.com/blog/update-your-apple-devices-to-guard-against-pegasus-spyware-attacks www.secnews.physaphae.fr/article.php?IdArticle=3370466 False Vulnerability None None CybeReason - Vendor blog It's been a busy couple weeks for Microsoft-and not in a good way. Following the news that a configuration error left Azure cloud customer data exposed to potential compromise, and a security alert from Microsoft about an active exploit targeting a zero-day vulnerability in MSHTML, now there are reports of a critical security vulnerability that can allow attackers to compromise containers in Azure as well. ]]> 2021-09-13T12:56:00+00:00 https://www.cybereason.com/blog/azurescape-vulnerability-more-evidence-that-microsoft-should-leave-security-to-the-experts www.secnews.physaphae.fr/article.php?IdArticle=3368199 False Vulnerability Uber None CybeReason - Vendor blog The Cybereason Global Security Operations Center (SOC) issues Cybereason Threat Alerts to inform customers of emerging impacting threats. The Alerts summarize these threats and provide practical recommendations for protecting against them.]]> 2021-09-10T16:00:00+00:00 https://www.cybereason.com/blog/threat-alert-microsoft-mshtml-remote-code-execution-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=3368203 False Threat,Vulnerability None None CybeReason - Vendor blog Rachel Tobac, CEO of SocialProof Security, delves into the inner-workings of social engineering exploits where she leverages her background in neuroscience and behavioral psychology to exploit the unpatchable vulnerability that is human nature - check it out...]]> 2021-09-09T12:46:23+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-the-unpatchable-vulnerability-that-is-human-nature www.secnews.physaphae.fr/article.php?IdArticle=3357899 False Vulnerability None None CybeReason - Vendor blog I can't deny that Microsoft competes with Cybereason, but the truth is, I owe a lot of the success of Cybereason to Microsoft. After all, the lion's share of what we do as defenders is protect against exploits targeting vulnerable Microsoft platforms and applications. ]]> 2021-09-02T21:22:38+00:00 https://www.cybereason.com/blog/microsoft-vulnerability-exposes-thousands-to-risk-again www.secnews.physaphae.fr/article.php?IdArticle=3327804 False Vulnerability None None CybeReason - Vendor blog BlackBerry revealed that its QNX operating system is vulnerable to the BadAlloc flaw revealed earlier this year. QNX is an embedded systems operating system that can be found in hundreds of millions of cars, as well as everything from critical infrastructure, to hospital devices, to equipment on the International Space Station. The disclosure highlights a lurking issue illustrating the much larger challenge we face when it comes to securing internet-of-things (IoT) and embedded systems like QNX.]]> 2021-08-18T16:43:59+00:00 https://www.cybereason.com/blog/blackberry-qnx-vulnerability-highlights-lurking-issues-with-iot-security www.secnews.physaphae.fr/article.php?IdArticle=3249876 False Vulnerability None None CybeReason - Vendor blog Never in history has the cyber defender had access to so many technologies and tools to defend our companies. This has created a “Fog of More,” making the choices difficult to manage. This week's guest is Tony Sager, a 35-year NSA software vulnerability analyst and executive, and the innovator of community-based controls sharing. Sager discusses how the CIS Controls can be used effectively to manage your environment - check it out...]]> 2021-04-15T13:13:18+00:00 https://www.cybereason.com/blog/ciso-stories-podcast-is-there-a-magic-security-control-list www.secnews.physaphae.fr/article.php?IdArticle=2646015 False Vulnerability None None CybeReason - Vendor blog An exploit attack occurs when a malicious actor takes advantage of a software vulnerability to penetrate and then damage or steal information from a computer system. One feature that Cybereason provides to protect users from exploit attacks is our Exploit Protection. The following is a quick rundown of some of the key terms for understanding exploit attacks.]]> 2021-02-04T14:00:00+00:00 https://www.cybereason.com/blog/the-security-value-of-exploit-protection www.secnews.physaphae.fr/article.php?IdArticle=2293977 False Vulnerability None None