This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T01:52:29+00:00 www.secnews.physaphae.fr ProofPoint - Cyber Firms 2024-05-13T07:18:13+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-millions-messages-distribute-lockbit-black-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8498980 False Ransomware,Malware,Threat None None ProofPoint - Cyber Firms 2024-05-09T06:00:11+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/tycoon-2fa-phishing-kit-mfa-bypass www.secnews.physaphae.fr/article.php?IdArticle=8496584 False Tool,Threat,Prediction,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-05-08T06:00:27+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/spoofed-email-greater-impersonation-risk www.secnews.physaphae.fr/article.php?IdArticle=8495932 False Ransomware,Malware,Tool,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-05-07T13:42:04+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/qr-code-phishing-simulation www.secnews.physaphae.fr/article.php?IdArticle=8495238 False Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-05-06T17:05:52+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/malicious-links-stop-url-based-attacks-before-they-start www.secnews.physaphae.fr/article.php?IdArticle=8494490 False Ransomware,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-05-06T07:54:03+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/genai-powering-latest-surge-modern-email-threats www.secnews.physaphae.fr/article.php?IdArticle=8494488 False Ransomware,Data Breach,Tool,Vulnerability,Threat ChatGPT 3.0000000000000000 ProofPoint - Cyber Firms 2024-05-06T05:52:32+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/email-security-now-redefined-adaptive-threat-protection-capabilities www.secnews.physaphae.fr/article.php?IdArticle=8494489 False Ransomware,Malware,Threat,Conference None 3.0000000000000000 ProofPoint - Cyber Firms 2024-05-01T05:12:14+00:00 https://www.proofpoint.com/us/blog/information-protection/whats-best-way-stop-genai-data-loss-take-human-centric-approach www.secnews.physaphae.fr/article.php?IdArticle=8491708 False Tool,Medical,Cloud ChatGPT 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-24T10:25:39+00:00 https://www.proofpoint.com/us/blog/corporate-news/proofpoint-celebrates-q1-results-amidst-strong-market-demand-human-centric www.secnews.physaphae.fr/article.php?IdArticle=8488117 False Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-18T06:00:36+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/faqs-2024-state-phish-report-part-2-user-behaviors-and-attitudes www.secnews.physaphae.fr/article.php?IdArticle=8484715 False Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-17T18:00:31+00:00 https://www.proofpoint.com/us/blog/engineering-insights/exploding-prompts-available-open-source www.secnews.physaphae.fr/article.php?IdArticle=8484113 False Malware,Tool,Threat,Studies,Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-16T06:00:54+00:00 https://www.proofpoint.com/us/blog/threat-insight/social-engineering-dmarc-abuse-ta427s-art-information-gathering www.secnews.physaphae.fr/article.php?IdArticle=8483299 False Malware,Tool,Threat,Conference APT 43,APT 37 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-15T06:00:31+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/safeguard-business-with-impersonation-protection www.secnews.physaphae.fr/article.php?IdArticle=8482707 False Threat,Industrial,Prediction,Commercial None 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-12T06:00:03+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/defeating-malicious-application-creation-attacks www.secnews.physaphae.fr/article.php?IdArticle=8480713 False Spam,Malware,Tool,Threat,Cloud APT 29 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-11T13:27:54+00:00 https://www.proofpoint.com/us/blog/cloud-security/revisiting-mact-malicious-applications-credible-cloud-tenants www.secnews.physaphae.fr/article.php?IdArticle=8480061 False Malware,Threat,Prediction,Cloud APT 29 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-11T06:23:43+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/faqs-2024-state-phish-report-part-1-threat-landscape www.secnews.physaphae.fr/article.php?IdArticle=8480017 False Ransomware,Malware,Tool,Threat,Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-10T10:12:47+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta547-targets-german-organizations-rhadamanthys-stealer www.secnews.physaphae.fr/article.php?IdArticle=8479187 False Malware,Tool,Threat ChatGPT 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-09T06:00:39+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/securing-human-risk-objectivity-phishing-simulation www.secnews.physaphae.fr/article.php?IdArticle=8478668 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-08T16:24:08+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/evolving-threat-landscape-deep-dive-multichannel-attacks-targeting www.secnews.physaphae.fr/article.php?IdArticle=8478123 False Tool,Threat,Mobile,Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-05T06:00:25+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/deception-technology-better-for-threat-detection-response-than-honeypots www.secnews.physaphae.fr/article.php?IdArticle=8476507 False Ransomware,Malware,Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-04-04T11:47:34+00:00 https://www.proofpoint.com/us/blog/threat-insight/latrodectus-spider-bytes-ice www.secnews.physaphae.fr/article.php?IdArticle=8475749 False Ransomware,Malware,Tool,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-03T06:00:40+00:00 https://www.proofpoint.com/us/blog/threat-insight/threat-actors-deliver-malware-youtube-video-game-cracks www.secnews.physaphae.fr/article.php?IdArticle=8475099 False Malware,Tool,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-02T09:34:09+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/proofpoint-leader-kuppingercole-leadership-compass-email-security www.secnews.physaphae.fr/article.php?IdArticle=8474609 False Data Breach,Malware,Threat,Mobile,Commercial None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-29T06:00:11+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/cybersecurity-efficiency-healthcare-attack-surface-insights www.secnews.physaphae.fr/article.php?IdArticle=8472554 False Threat,Medical None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-28T10:21:02+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/security-awareness-program-enhancements-winter-release www.secnews.physaphae.fr/article.php?IdArticle=8471991 False Vulnerability,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-26T06:00:09+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/ta577-attack-ntlm www.secnews.physaphae.fr/article.php?IdArticle=8471384 False Malware,Threat,Patching None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-26T06:00:09+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/ta577-attack-ntlm-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=8470829 False Malware,Threat,Patching None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-25T06:00:56+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/dangling-dns-mitigating-impersonation-risk www.secnews.physaphae.fr/article.php?IdArticle=8470148 False Malware,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-22T06:00:42+00:00 https://www.proofpoint.com/us/blog/information-protection/defend-data-with-human-centric-solution www.secnews.physaphae.fr/article.php?IdArticle=8468465 False Tool,Vulnerability,Threat,Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-21T07:53:21+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta450-uses-embedded-links-pdf-attachments-latest-campaign www.secnews.physaphae.fr/article.php?IdArticle=8467970 False Malware,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-19T05:00:28+00:00 https://www.proofpoint.com/us/blog/information-protection/2024-data-loss-landscape-report-dlp www.secnews.physaphae.fr/article.php?IdArticle=8466553 False Tool,Threat,Legislation,Cloud ChatGPT 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-18T12:03:01+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/fbis-ic3-report-losses-cybercrime-surpass-125-billion-new-record www.secnews.physaphae.fr/article.php?IdArticle=8466192 False Ransomware,Threat,Medical None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-14T06:00:19+00:00 https://www.proofpoint.com/us/blog/engineering-insights/copilot-ai-assistant-to-increase-developer-productivity www.secnews.physaphae.fr/article.php?IdArticle=8463763 False Tool,Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-12T07:03:40+00:00 https://www.proofpoint.com/us/blog/compliance-and-archiving/if-youre-using-veritas-archiving-whats-your-next-step www.secnews.physaphae.fr/article.php?IdArticle=8462674 False Tool,Studies,Cloud,Technical None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-11T06:00:16+00:00 https://www.proofpoint.com/us/blog/insider-threat-management/helping-federal-agencies-defend-against-insider-threats www.secnews.physaphae.fr/article.php?IdArticle=8462595 False Ransomware,Vulnerability,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-07T07:11:54+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/malicious-qr-code-attack www.secnews.physaphae.fr/article.php?IdArticle=8460375 False Tool,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-06T13:55:16+00:00 https://www.proofpoint.com/us/blog/threat-insight/ta4903-actor-spoofs-us-government-small-businesses-phishing-bec-bids www.secnews.physaphae.fr/article.php?IdArticle=8459757 False Tool,Threat,Medical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-04T06:00:36+00:00 https://www.proofpoint.com/us/blog/threat-insight/ta577s-unusual-attack-chain-leads-ntlm-data-theft www.secnews.physaphae.fr/article.php?IdArticle=8458761 False Ransomware,Malware,Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-29T06:00:13+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/causes-data-loss-insight-into-incidents www.secnews.physaphae.fr/article.php?IdArticle=8456975 False Tool,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-28T06:00:52+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/detect-lateral-movement-attacks www.secnews.physaphae.fr/article.php?IdArticle=8456440 False Tool,Vulnerability,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-27T05:00:31+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/2024-state-of-phish-report www.secnews.physaphae.fr/article.php?IdArticle=8455788 False Ransomware,Tool,Vulnerability,Threat,Studies,Technical None 4.0000000000000000 ProofPoint - Cyber Firms 2024-02-26T05:03:36+00:00 https://www.proofpoint.com/us/blog/information-protection/privacy-by-design-information-protection www.secnews.physaphae.fr/article.php?IdArticle=8455395 False Data Breach,Tool,Threat,Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-21T13:46:06+00:00 https://www.proofpoint.com/us/blog/compliance-and-archiving/eu-ai-act-requirements-implications www.secnews.physaphae.fr/article.php?IdArticle=8453202 False Vulnerability,Threat,Legislation None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-20T08:45:00+00:00 https://www.proofpoint.com/us/corporate-blog/post/five-ways-prevent-social-engineering-attacks www.secnews.physaphae.fr/article.php?IdArticle=8452767 False Tool,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-16T06:00:45+00:00 https://www.proofpoint.com/us/blog/information-protection/data-privacy-laws-regulations www.secnews.physaphae.fr/article.php?IdArticle=8450922 False Data Breach,Malware,Tool,Threat,Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-14T06:00:59+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/meet-cmmc-compliance-requirements-with-psat www.secnews.physaphae.fr/article.php?IdArticle=8450002 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-13T07:32:08+00:00 https://www.proofpoint.com/us/blog/threat-insight/bumblebee-buzzes-back-black www.secnews.physaphae.fr/article.php?IdArticle=8449524 False Ransomware,Malware,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-12T08:02:39+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/vendor-email-compromise www.secnews.physaphae.fr/article.php?IdArticle=8449329 False Ransomware,Data Breach,Malware,Tool,Threat,Studies,Prediction,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-12T07:37:05+00:00 https://www.proofpoint.com/us/blog/cloud-security/community-alert-ongoing-malicious-campaign-impacting-azure-cloud-environments www.secnews.physaphae.fr/article.php?IdArticle=8449195 False Malware,Tool,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-09T06:00:24+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/defensive-and-offensive-security www.secnews.physaphae.fr/article.php?IdArticle=8448383 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-07T05:00:39+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/cybersecurity-stop-month-preventing-supply-chain-compromise www.secnews.physaphae.fr/article.php?IdArticle=8447654 False Tool,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-07T05:00:33+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/identity-blast-radius www.secnews.physaphae.fr/article.php?IdArticle=8447703 False Tool,Vulnerability,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-06T05:00:20+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/lateral-movement-attacks www.secnews.physaphae.fr/article.php?IdArticle=8447284 False Ransomware,Malware,Tool,Vulnerability,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-06T05:00:18+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/elon-musk-wants-send-you-to-mars-recent-odd-lures www.secnews.physaphae.fr/article.php?IdArticle=8447229 False Malware,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-02-05T11:41:18+00:00 https://www.proofpoint.com/us/blog/information-protection/prevent-data-theft www.secnews.physaphae.fr/article.php?IdArticle=8446956 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-02T05:00:40+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/webinar-recap-break-the-attack-chain-opening-gambit www.secnews.physaphae.fr/article.php?IdArticle=8445999 False Ransomware,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-02T05:00:36+00:00 https://www.proofpoint.com/us/blog/engineering-insights/domain-relationship-policy-framework www.secnews.physaphae.fr/article.php?IdArticle=8446027 False Tool,Prediction,Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-02-01T06:00:12+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/security-awareness-training-effectiveness www.secnews.physaphae.fr/article.php?IdArticle=8445586 False Ransomware,Tool,Vulnerability,Threat,Studies None 3.0000000000000000 ProofPoint - Cyber Firms Réponse cible> Réponse de l'acteur avec web.app URL> Redirection> zip> lnk> syncappvpublishingServer.vbs lolbas> PowerShell> mshta exécute HTA à partir de l'URL> PowerShell cryptée> Obfuscated PowerShell> Télécharger et exécuter l'exe exe Les campagnes de 2024 de TA576 \\ sont notables car il s'agit du premier point de preuve a observé que l'acteur livrant Parallax Rat.De plus, la chaîne d'attaque de l'acteur \\ à l'aide de techniques LOLBAS et de plusieurs scripts PowerShell est nettement différente des campagnes précédemment observées qui ont utilisé des URL pour zipper les charges utiles JavaScript ou des documents Microsoft Word en macro. Attribution TA576 est un acteur de menace cybercriminale.ProofPoint a suivi TA576 depuis 2018 via des techniques de création de courriels de spam, une utilisation des logiciels malveillants, des techniques de livraison de logiciels malveillants et d'autres caractéristiques.Cet acteur utilise des leurres d'impôt contenant des caractéristiques et des thèmes similaires pendant la saison fiscale américaine pour livrer et installer des rats.Les objectifs de suivi de Ta576 \\ sont inconnus.Bien que les secteurs les plus fréquemment observés ciblés incluent les entités comptables et financières, Proof Point a également observé le ciblage des industries connexes telles que le légal. Pourquoi est-ce important Les campagnes annuelles sur le thème de l'impôt de TA576 \\ servent de rappel récurrent que les acteurs des menaces de cybercri]]> 2024-01-30T05:00:16+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-tis-season-tax-hax www.secnews.physaphae.fr/article.php?IdArticle=8444774 False Spam,Malware,Threat,Prediction None 2.0000000000000000 ProofPoint - Cyber Firms 2024-01-29T14:42:02+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/tap-itd-integration-improve-security-posture www.secnews.physaphae.fr/article.php?IdArticle=8444460 False Tool,Vulnerability,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-24T06:00:39+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/privilege-escalation-attack www.secnews.physaphae.fr/article.php?IdArticle=8443584 False Tool,Vulnerability,Threat,Commercial None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-24T06:00:39+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense//privilege-escalation-attack www.secnews.physaphae.fr/article.php?IdArticle=8442590 True Tool,Vulnerability,Threat,Commercial None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-23T15:29:37+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/more-one-quarter-global-2000-are-not-ready-upcoming-stringent-email www.secnews.physaphae.fr/article.php?IdArticle=8442630 False Spam,Tool,Threat,Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-23T12:51:12+00:00 https://www.proofpoint.com/us/blog/threat-insight/threat-landscape-always-changing-what-expect-2024 www.secnews.physaphae.fr/article.php?IdArticle=8442151 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-22T06:00:26+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/types-identity-threats-attacks www.secnews.physaphae.fr/article.php?IdArticle=8441709 False Malware,Vulnerability,Threat,Patching,Technical None 2.0000000000000000 ProofPoint - Cyber Firms PDF > OneDrive URL > JavaScript > MSI / VBS (WasabiSeed) > MSI (Screenshotter). The attack chain was similar to the last documented email campaign using this custom toolset observed by Proofpoint on March 20, 2023. The similarities helped with attribution. Specifically, TA571 spam service was similarly used, the WasabiSeed downloader remained almost the same, and the Screenshotter scripts and components remained almost the same. (Analyst Note: While Proofpoint did not initially associate the delivery TTPs with TA571 in our first publication on TA866, subsequent analysis attributed the malspam delivery of the 2023 campaigns to TA571, and subsequent post-exploitation activity to TA866.)  One of the biggest changes in this campaign from the last observed activity was the use of a PDF attachment containing a OneDrive link, which was completely new. Previous campaigns used macro-enabled Publisher attachments or 404 TDS URLs directly in the email body.  Screenshot of “TermServ.vbs” WasabiSeed script whose purpose is to execute an infinite loop, reaching out to C2 server and attempting to download and run an MSI file (empty lines were removed from this script for readability).  Screenshot of “app.js”, one of the components of Screenshotter. This file runs “snap.exe”, a copy of legitimate IrfanView executable, (also included inside the MSI) to save a desktop screenshot as “gs.jpg”.  Screenshot of “index.js”, another Screenshotter component. This code is responsible for uploading the desktop screenshot ”gs.jpg” to the C2 server.  Attribution  There are two threat actors involved in the observed campaign. Proofpoint tracks the distribution service used to deliver the malicious PDF as belonging to a threat actor known as TA571. TA571 is a spam distributor, and this actor sends high volume spam email campaigns to deliver and install a variety malware for their cybercriminal customers.  Proofpoint tracks the post-exploitation tools, specifically the JavaScript, MSI with WasabiSeed components, and MSI with Screenshotter components as belonging to TA866. TA866 is a threat actor previously documented by Proofpoint and colleagues in [1][2] and [3]. TA866 is known to engage in both crimeware and cyberespionage activity. This specific campaign appears financially motivated.  Proofpoint assesses that TA866 is an organized actor able to perform well thought-out attacks at scale based on their availability of custom tools, and ability and connections to purchase tools and services from other actors.  Why it matters  The following are notable characteristics of TA866\'s return to email threat data:  TA866 email campaigns have been missing from the landscape for over nine months (although there are indications that the actor was meanwhile ]]> 2024-01-18T05:00:52+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta866-returns-large-email-campaign www.secnews.physaphae.fr/article.php?IdArticle=8440209 False Spam,Malware,Tool,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-01-17T06:00:02+00:00 https://www.proofpoint.com/us/blog/information-protection/create-insider-threat-management-and-data-loss-prevention-program www.secnews.physaphae.fr/article.php?IdArticle=8439931 False Tool,Threat,Cloud,Technical None 2.0000000000000000 ProofPoint - Cyber Firms 2024-01-16T08:32:19+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/cloud-powered-post-delivery-defense-proofpoints-latest-innovation-email www.secnews.physaphae.fr/article.php?IdArticle=8439673 False Malware,Tool,Threat,Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2024-01-12T06:00:17+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/deterministic-vs-probabilistic-threat-detection www.secnews.physaphae.fr/article.php?IdArticle=8438311 False Malware,Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-01-09T11:57:12+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/rise-in-identity-threats www.secnews.physaphae.fr/article.php?IdArticle=8437188 False Ransomware,Malware,Tool,Threat,Studies Uber 2.0000000000000000 ProofPoint - Cyber Firms 2024-01-08T17:33:02+00:00 https://www.proofpoint.com/us/blog/corporate-news/proofpoint-celebrates-landmark-year www.secnews.physaphae.fr/article.php?IdArticle=8436920 False Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-08T06:00:19+00:00 https://www.proofpoint.com/us/blog/information-protection/2023-gartner-market-guide-insider-risk-management-solutions www.secnews.physaphae.fr/article.php?IdArticle=8436644 False Tool,Threat,Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-05T06:00:31+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/security-training-features-review www.secnews.physaphae.fr/article.php?IdArticle=8435147 False Ransomware,Tool,Vulnerability,Threat,Studies,Prediction,Cloud None 4.0000000000000000 ProofPoint - Cyber Firms 2024-01-04T06:00:10+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/multifactor-authentication-mfa-manipulation www.secnews.physaphae.fr/article.php?IdArticle=8435197 False Malware,Tool,Vulnerability,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2024-01-02T08:41:00+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/6-cybersecurity-insurance-requirements-your-business-should-be-ready www.secnews.physaphae.fr/article.php?IdArticle=8433034 False Ransomware,Data Breach,Tool,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-29T08:35:15+00:00 https://www.proofpoint.com/us/blog/compliance-and-archiving/2023-gartner-market-guide www.secnews.physaphae.fr/article.php?IdArticle=8430864 False Tool,Threat,Commercial None 2.0000000000000000 ProofPoint - Cyber Firms 2023-12-28T14:18:07+00:00 https://www.proofpoint.com/us/blog/engineering-insights/cost-efficient-full-text-indexing-techniques www.secnews.physaphae.fr/article.php?IdArticle=8430359 False Cloud,Technical None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-27T09:19:46+00:00 https://www.proofpoint.com/us/blog/compliance-and-archiving/email-archive-software-comparison-must-haves www.secnews.physaphae.fr/article.php?IdArticle=8429949 False Tool,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 404 TDS > Keitaro TDS > .URL > .VBS > Shell commands > AutoIT / AutoIT script > DarkGate.  Screenshot of an example email from October 2 campaign.  Screenshot of the .URL file involved in the October 2 campaign.  Proofpoint has identified multiple cybercriminal campaigns exploiting CVE-2023-36025; however, the BattleRoyal cluster exploited this vulnerability more than any other actor observed in Proofpoint threat data. Notably, this activity cluster exploited CVE-2023-36025 before it was published by Microsoft. SmartScreen is a security feature that is designed to prevent people from visiting malicious websites. The vulnerability could allow an actor to bypass the SmartScreen defenses if a user clicked on a specially crafted .URL file or a hyperlink pointing to a .URL file. More specifically, a SmartScreen alert would not be triggered when a .URL points to a SMB or WebDav share as file:// and the malicious payload is inside a ZIP file which is specified in the URL target.    RogueRaticate (fake browser update campaign example)  On October 19, 2023, an external researcher identified and publicly shared details of the RogueRaticate fake update activity cluster using an interesting obfuscation technique first identified in 2020. Proofpoint subsequently identified the activity in Proofpoint data. This campaign delivered fake browser update requests to end users on their web browsers that dropped a DarkGate payload with the “ADS5” GroupID. The threat actor injected a request to a domain they controlled that used .css steganography to conceal the malicious c]]> 2023-12-21T05:00:25+00:00 https://www.proofpoint.com/us/blog/threat-insight/battleroyal-darkgate-cluster-spreads-email-and-fake-browser-updates www.secnews.physaphae.fr/article.php?IdArticle=8426708 False Malware,Tool,Vulnerability,Threat,Prediction None 2.0000000000000000 ProofPoint - Cyber Firms 2023-12-18T06:00:21+00:00 https://www.proofpoint.com/us/blog/compliance-and-archiving/integrated-risk-approach-breaking-legal-and-compliance-attack-chain www.secnews.physaphae.fr/article.php?IdArticle=8425108 False Tool,Threat,Mobile,Prediction,Conference None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-15T06:00:41+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/prevent-identity-based-attacks-with-itdr www.secnews.physaphae.fr/article.php?IdArticle=8423256 False Ransomware,Data Breach,Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2023-12-14T09:44:32+00:00 https://www.proofpoint.com/us/blog/insider-threat-management/insider-threat-mitigation-5-best-practices-reduce-risk www.secnews.physaphae.fr/article.php?IdArticle=8422882 False Data Breach,Tool,Threat,Industrial,Cloud,Technical None 2.0000000000000000 ProofPoint - Cyber Firms 2023-12-14T09:00:56+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/malicious-qr-code-detection-takes-giant-leap-forward www.secnews.physaphae.fr/article.php?IdArticle=8422883 False Malware,Tool,Threat,Mobile,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-14T07:44:10+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/i-broke-my-phone-update-new-developments-conversational-attacks-mobile www.secnews.physaphae.fr/article.php?IdArticle=8422695 False Spam,Threat,Mobile,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-12T05:00:00+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta4557-targets-recruiters-directly-email www.secnews.physaphae.fr/article.php?IdArticle=8421435 False Malware,Tool,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-08T06:00:37+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/how-itdr-complements-edr-and-xdr www.secnews.physaphae.fr/article.php?IdArticle=8420211 False Ransomware,Malware,Tool,Vulnerability,Threat,Studies,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-06T08:01:35+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/security-awareness-and-threat-intelligence-perfect-pairing www.secnews.physaphae.fr/article.php?IdArticle=8419686 False Tool,Threat,Studies,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-05T05:00:40+00:00 https://www.proofpoint.com/us/blog/threat-insight/ta422s-dedicated-exploitation-loop-same-week-after-week www.secnews.physaphae.fr/article.php?IdArticle=8419228 False Malware,Vulnerability,Threat APT 28 3.0000000000000000 ProofPoint - Cyber Firms 2023-12-04T07:10:47+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/using-behavioral-ai-to-quash-payroll-diversion www.secnews.physaphae.fr/article.php?IdArticle=8419043 False Ransomware,Tool,Threat Yahoo 2.0000000000000000 ProofPoint - Cyber Firms In late September 2023, an unattributed business email compromise (BEC) actor sent thousands of highly targeted messages to at least 100 customers across Proofpoint. The attacker targeted individuals who had connections to the U.S. Department of Defense.   The intended victims of th]]> 2023-12-01T09:48:42+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/us-federal-psat-threat-intel-case-study www.secnews.physaphae.fr/article.php?IdArticle=8418369 False Threat None 3.0000000000000000 ProofPoint - Cyber Firms Proofpoint has made more investments in our Aegis threat protection platform this year that can help support our federal agency customer]]> 2023-11-30T07:23:34+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/enhancements-federal-solutions www.secnews.physaphae.fr/article.php?IdArticle=8418095 False Ransomware,Spam,Malware,Vulnerability,Threat,Industrial,Cloud,Commercial None 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-30T06:00:38+00:00 https://www.proofpoint.com/us/blog/compliance-and-archiving/future-of-compliance-and-changing-landscape www.secnews.physaphae.fr/article.php?IdArticle=8418096 False Tool,Legislation None 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-28T23:05:04+00:00 https://www.proofpoint.com/us/blog/ciso-perspectives/proofpoints-2024-predictions-brace-impact www.secnews.physaphae.fr/article.php?IdArticle=8417740 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Prediction,Prediction ChatGPT,ChatGPT 3.0000000000000000 ProofPoint - Cyber Firms We are delighted to announce that Sumit Dhawan has been appointed as Proofpoint\'s chief executive officer, effective immediately. Rémi Thomas, Proofpoint\'s chief financial officer who has been acting as Proofpoint\'s interim CEO since October 25th, will continue to serve as the company\'s CFO. Sumit is a highly respected and seasoned technology leader with a proven track record of building market-leading security, cloud and end-user computing businesses. In his most recent role as president of VMware, Sumit was responsible for driving over $13B of revenue and led the company\'s go-to-market functions including worldwide sales, customer success and experience, strategic ecosystem, industry solutions, marketing, and communications. Before VMware, he was chief executive officer of Instart, a cybersecurity business delivering innovative web application security services. Having held senior executive and general management roles at both VMware and Citrix, Sumit brings over 25 years of experience building category-leading businesses at scale.  Commenting on his appointment, Sumit said: “Over the years, Proofpoint has built an exceptional company and is trusted by some of the world\'s leading organizations as their cybersecurity partner of choice. I\'m honored to join a leader at the forefront of cybersecurity innovation and to shepherd its continuing and unwavering commitment to helping organizations across the globe protect people and defend data.” Seth Boro, managing partner at ]]> 2023-11-28T06:05:24+00:00 https://www.proofpoint.com/us/blog/corporate-news/proofpoint-appoints-sumit-dhawan-chief-executive-officer www.secnews.physaphae.fr/article.php?IdArticle=8417511 False Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-27T09:26:51+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/cybersecurity-topics-to-include-in-your-program www.secnews.physaphae.fr/article.php?IdArticle=8417272 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud Uber,Uber 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-21T08:35:02+00:00 https://www.proofpoint.com/us/blog/information-protection/preventing-mfa-fatigue-attacks www.secnews.physaphae.fr/article.php?IdArticle=8415409 False Ransomware,Data Breach,Malware,Tool,Threat,Technical Uber 3.0000000000000000 ProofPoint - Cyber Firms 2023-11-17T12:01:12+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/demystifying-ai-and-ml-six-critical-questions-ask-your-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8413357 False Malware,Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-16T14:15:19+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/actionable-insights-simplifying-threat-explainability-condemnation www.secnews.physaphae.fr/article.php?IdArticle=8412833 False Tool,Threat,Technical None 3.0000000000000000 ProofPoint - Cyber Firms We are thrilled to welcome Patrick Joyce, a veritable industry leader, who will serve as Proofpoint\'s Global Resident Chief Information Security Officer (RCISO). In this role, Patrick will act as a strategic advisor to the greater CISO community and spearhead Proofpoint\'s Customer Advisory Board (CAB). While some cybersecurity companies offer resources and additional value to their customers through an internal CISO, the goal is typically to sell their company\'s products. At Proofpoint, our RCISO acts as a liaison, colleague, mentor and resource to the greater CISO community, focused solely on the security needs of customer CISOs by delivering unbiased advice, knowledge and training to help CISOs stay ahead of t]]> 2023-11-16T07:00:00+00:00 https://www.proofpoint.com/us/blog/corporate-news/patrick-joyce-joins-proofpoint-global-resident-ciso www.secnews.physaphae.fr/article.php?IdArticle=8412933 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2023-11-14T05:00:49+00:00 https://www.proofpoint.com/us/blog/threat-insight/ta402-uses-complex-ironwind-infection-chains-target-middle-east-based-government www.secnews.physaphae.fr/article.php?IdArticle=8411685 False Malware,Threat,Cloud None 2.0000000000000000