This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T18:07:49+00:00 www.secnews.physaphae.fr SecurityWeek - Security News La CISA avertit les organisations que les acteurs de menace exploitent une vulnérabilité de la sévérité critique dans le constructeur d'IA à faible code Langflow.

---

>CISA warns organizations that threat actors are exploiting a critical-severity vulnerability in low-code AI builder Langflow. ]]> 2025-05-06T11:21:22+00:00 https://www.securityweek.com/critical-vulnerability-in-ai-builder-langflow-under-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8672255 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News La mise à jour de la sécurité d'Android \\ est en mai 2025 comprend des correctifs pour une vulnérabilité exploitée dans le moteur de rendu open source Freetype.

---

>Android\'s May 2025 security update includes patches for an exploited vulnerability in the FreeType open source rendering engine. ]]> 2025-05-06T08:54:44+00:00 https://www.securityweek.com/android-update-patches-freetype-vulnerability-exploited-as-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8672186 False Vulnerability,Threat,Mobile None 3.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui auraient pu glisser sous le radar: le code source du voleur nullpoint divulgué, le chercheur gagne 17 500 $ à Apple pour la vulnérabilité, BreachForums après l'exploitation zéro-jour par la police.

---

>Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. ]]> 2025-05-02T12:19:16+00:00 https://www.securityweek.com/in-other-news-nullpoint-source-code-leak-17500-for-iphone-flaw-breachforums-down/ www.secnews.physaphae.fr/article.php?IdArticle=8670569 False Vulnerability,Threat,Legislation,Mobile None 3.0000000000000000 SecurityWeek - Security News Commvault fournit des indicateurs de compromis et de directives d'atténuation après un exploit zéro-jour ciblant son environnement azure territoires dans le catalogue Kev de CISA \\.

---

>Commvault provides indicators of compromise and mitigation guidance after a zero-day exploit targeting its Azure environment lands in CISA\'s KEV catalog. ]]> 2025-05-01T11:49:45+00:00 https://www.securityweek.com/more-details-come-to-light-on-commvault-vulnerability-exploitation/ www.secnews.physaphae.fr/article.php?IdArticle=8670123 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Avec plus de 12 000 violations analysées, le DBIR de cette année révèle un paysage façonné non seulement des menaces individuelles, mais par des économies entières de compromis.

---

>With over 12,000 breaches analyzed, this year\'s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise. ]]> 2025-04-25T12:43:37+00:00 https://www.securityweek.com/inside-the-verizon-2025-dbir-five-trends-that-signal-a-shift-in-the-cyber-threat-economy/ www.secnews.physaphae.fr/article.php?IdArticle=8667654 False Threat None 2.0000000000000000 SecurityWeek - Security News Combiné avec l'IA, les e-mails de phishing polymorphe sont devenus très sophistiqués, créant des messages plus personnalisés et évasifs qui entraînent des taux de réussite d'attaque plus élevés.

---

>Combined with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates. ]]> 2025-04-24T11:00:00+00:00 https://www.securityweek.com/ai-powered-polymorphic-phishing-is-changing-the-threat-landscape/ www.secnews.physaphae.fr/article.php?IdArticle=8667105 False Threat None 3.0000000000000000 SecurityWeek - Security News DeepMind found that current AI frameworks are ad hoc, not systematic, and fail to provide defenders with useful insights. ]]> 2025-04-02T13:43:02+00:00 https://www.securityweek.com/google-deepmind-unveils-framework-to-exploit-ais-cyber-weaknesses/ www.secnews.physaphae.fr/article.php?IdArticle=8659839 False Threat None 3.0000000000000000 SecurityWeek - Security News SUCURI a découvert plusieurs familles de logiciels malveillants déployés dans le répertoire WordPress Mu-Plugins pour échapper aux vérifications de sécurité de routine.

---

>Sucuri has discovered multiple malware families deployed in the WordPress mu-plugins directory to evade routine security checks. ]]> 2025-03-31T15:05:43+00:00 https://www.securityweek.com/threat-actors-deploy-wordpress-malware-in-mu-plugins-directory/ www.secnews.physaphae.fr/article.php?IdArticle=8659402 False Malware,Threat None 3.0000000000000000 SecurityWeek - Security News CISA a publié son analyse de Resurge, une variante de logiciels malveillants SpawnChimera utilisés dans les attaques ciblant une récente connexion Ivanti Secure Zero-Day.

---

>CISA has published its analysis of Resurge, a SpawnChimera malware variant used in attacks targeting a recent Ivanti Connect Secure zero-day. ]]> 2025-03-31T10:29:38+00:00 https://www.securityweek.com/cisa-analyzes-malware-used-in-ivanti-connect-secure-zero-day-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8659363 False Malware,Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Les attaques impliquant des logiciels espions en graphite de Paragon \\ impliquaient un jour zero-jour qui pourrait être exploité sans aucune interaction utilisateur.

---

>Attacks involving Paragon\'s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. ]]> 2025-03-20T10:00:00+00:00 https://www.securityweek.com/paragon-spyware-attacks-exploited-whatsapp-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8656882 False Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News Amnesty International publie des détails techniques sur les vulnérabilités zéro jour exploitées par les outils médico-légaux mobiles de Cellebrite \\ pour espionner un militant étudiant serbe.

---

>Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite\'s mobile forensic tools to spy on a Serbian student activist. ]]> 2025-02-28T20:20:54+00:00 https://www.securityweek.com/amnesty-reveals-cellebrite-zero-day-android-exploit-on-serbian-student-activist/ www.secnews.physaphae.fr/article.php?IdArticle=8652085 False Tool,Vulnerability,Threat,Mobile,Technical None 3.0000000000000000 SecurityWeek - Security News ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda. 

---

>ClearSky Cyber Security says it has seen a new Windows zero-day being exploited by a Chinese APT named Mustang Panda.  ]]> 2025-02-14T11:40:00+00:00 https://www.securityweek.com/new-windows-zero-day-exploited-by-chinese-apt-security-firm/ www.secnews.physaphae.fr/article.php?IdArticle=8648467 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware.

---

>Trimble Cityworks is affected by a zero-day vulnerability that has been exploited in attacks involving the delivery of malware. ]]> 2025-02-07T09:55:00+00:00 https://www.securityweek.com/trimble-cityworks-customers-warned-of-zero-day-exploitation/ www.secnews.physaphae.fr/article.php?IdArticle=8647385 False Malware,Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.

---

>Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications. ]]> 2025-02-06T18:19:36+00:00 https://www.securityweek.com/1000-apps-used-in-malicious-campaign-targeting-android-users-in-india/ www.secnews.physaphae.fr/article.php?IdArticle=8647272 False Threat,Mobile None 2.0000000000000000 SecurityWeek - Security News 2025 is an important year – it is probably our last chance to start our migration to post quantum cryptography before we are all undone by cryptographically relevant quantum computers.

---

>2025 is an important year – it is probably our last chance to start our migration to post quantum cryptography before we are all undone by cryptographically relevant quantum computers. ]]> 2025-02-03T14:52:05+00:00 https://www.securityweek.com/cyber-insights-2025-quantum-and-the-threat-to-encryption/ www.secnews.physaphae.fr/article.php?IdArticle=8646555 False Threat None 3.0000000000000000 SecurityWeek - Security News Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals.

---

>Insurance firm Globe Life says a threat actor may have compromised the personal information of roughly 850,000 individuals. ]]> 2025-02-03T11:10:48+00:00 https://www.securityweek.com/insurance-company-globe-life-notifying-850000-people-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8646475 False Data Breach,Threat None 3.0000000000000000 SecurityWeek - Security News GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available.

---

>GreyNoise reports active exploitation of a newly discovered zero-day vulnerability in Zyxel CPE devices. There are no patches available. ]]> 2025-01-29T16:13:27+00:00 https://www.securityweek.com/new-zyxel-zero-day-under-attack-no-patch-available/ www.secnews.physaphae.fr/article.php?IdArticle=8644376 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it.

---

>UK telecoms firm TalkTalk has confirmed falling victim to a data breach after a threat actor boasted about hacking it. ]]> 2025-01-27T16:50:26+00:00 https://www.securityweek.com/talktalk-confirms-data-breach-downplays-impact/ www.secnews.physaphae.fr/article.php?IdArticle=8643402 False Data Breach,Threat None 3.0000000000000000 SecurityWeek - Security News Le Lazarus APT a créé un site Web trompeur qui a exploité un chrome zéro-jour pour installer des logiciels malveillants et voler la crypto-monnaie.

---

>The Lazarus APT created a deceptive website that exploited a Chrome zero-day to install malware and steal cryptocurrency. ]]> 2024-10-24T13:02:10+00:00 https://www.securityweek.com/north-korean-hackers-exploited-chrome-zero-day-for-cryptocurrency-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8601542 False Malware,Vulnerability,Threat APT 38 2.0000000000000000 SecurityWeek - Security News Un APT aligné par Pyongyang a été surpris à exploiter un récent zéro-jour dans Internet Explorer dans une attaque de chaîne d'approvisionnement.

---

>A Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack. ]]> 2024-10-18T11:18:15+00:00 https://www.securityweek.com/north-korean-apt-exploited-ie-zero-day-in-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8599693 False Vulnerability,Threat None 4.0000000000000000 SecurityWeek - Security News Le nouveau rapport de menace montre que le potentiel de perturbation du jour scolaire de novembre est grave et que la menace est réelle.

---

>New threat report shows that the potential for disruption to November\'s Election Day is severe, and the threat is real. ]]> 2024-10-15T19:01:40+00:00 https://www.securityweek.com/election-day-is-close-the-threat-of-cyber-disruption-is-real/ www.secnews.physaphae.fr/article.php?IdArticle=8598305 False Threat None 2.0000000000000000 SecurityWeek - Security News Une brèche à Rackspace expose la fragilité de la chaîne d'approvisionnement du logiciel, déclenchant un jeu de blâme parmi les fournisseurs sur un jour zéro exploité.

---

>A breach at Rackspace exposes the fragility of the software supply chain, triggering a blame game among vendors over an exploited zero-day. ]]> 2024-10-02T17:29:25+00:00 https://www.securityweek.com/zero-day-breach-at-rackspace-sparks-vendor-blame-game/ www.secnews.physaphae.fr/article.php?IdArticle=8590636 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Deloitte dit qu'aucune donnée sensible exposée après qu'un pirate notoire a divulgué ce qu'il prétendait être des communications internes.

---

>Deloitte says no sensitive data exposed after a notorious hacker leaked what he claimed to be internal communications.  ]]> 2024-09-24T08:51:08+00:00 https://www.securityweek.com/deloitte-says-no-threat-to-sensitive-data-after-hacker-claims-server-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8583649 False Threat Deloitte 2.0000000000000000 SecurityWeek - Security News Au milieu de l'exploitation de Typhoon Zero-Day, Censys trouve des centaines de serveurs exposés présentant une surface d'attaque mûre pour les attaquants.

---

>Amidst Volt Typhoon zero-day exploitation, Censys finds hundreds of exposed servers presenting ripe attack surface for attackers. ]]> 2024-08-28T15:08:42+00:00 https://www.securityweek.com/censys-finds-hundreds-of-exposed-servers-as-volt-typhoon-apt-targets-isps-msps/ www.secnews.physaphae.fr/article.php?IdArticle=8565501 False Vulnerability,Threat Guam 3.0000000000000000 SecurityWeek - Security News Check Point indique que l'acquisition améliorera ses propres capacités de SOC et élargira ses offres de renseignement sur les menaces gérées.

---

>Check Point says the acquisition will enhance its own SOC capabilities and expand its managed threat intelligence offerings. ]]> 2024-08-28T12:39:55+00:00 https://www.securityweek.com/check-point-to-acquire-external-cyber-risk-management-firm-cyberint/ www.secnews.physaphae.fr/article.php?IdArticle=8565403 False Threat None 3.0000000000000000 SecurityWeek - Security News Hackers gained access to the switch using valid administrator credentials, and then \'jailbroke\' from the application level into the OS level. ]]> 2024-08-22T15:47:13+00:00 https://www.securityweek.com/china-linked-velvet-ant-hackers-exploited-zero-day-to-deploy-malware-on-cisco-nexus-switches/ www.secnews.physaphae.fr/article.php?IdArticle=8562070 False Malware,Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News La vulnérabilité, suivie en CVE-2024-38193 et ​​marquée comme \\ 'activement exploitée \' par Microsoft, permet des privilèges système sur les derniers systèmes d'exploitation Windows.

---

>The vulnerability, tracked as CVE-2024-38193 and marked as \'actively exploited\' by Microsoft, allows SYSTEM privileges on the latest Windows operating systems. ]]> 2024-08-19T15:35:53+00:00 https://www.securityweek.com/windows-zero-day-attack-linked-to-north-koreas-lazarus-apt/ www.secnews.physaphae.fr/article.php?IdArticle=8560350 False Vulnerability,Threat APT 38 2.0000000000000000 SecurityWeek - Security News SecurityWeek s'est entretenu avec Mike Britton, CISO à la sécurité anormale, pour comprendre ce que l'entreprise a appris sur les attaques actuelles d'ingénierie sociale et de phishing.

---

>SecurityWeek spoke with Mike Britton, CISO at Abnormal Security, to understand what the company has learned about current social engineering and phishing attacks. ]]> 2024-08-14T14:02:42+00:00 https://www.securityweek.com/unlocking-the-front-door-phishing-emails-remain-a-top-cyber-threat-despite-mfa/ www.secnews.physaphae.fr/article.php?IdArticle=8557651 False Threat None 3.0000000000000000 SecurityWeek - Security News Maksim Silnikau a été extradé vers les États-Unis pour faire face à des accusations pour des rôles dans la distribution du kit d'exploitation de pêcheur, des logiciels malveillants et du ransomware du cartel de rançon.

---

>Maksim Silnikau was extradited to the US to face charges for roles in the distribution of the Angler exploit kit, malware, and the Ransom Cartel ransomware. ]]> 2024-08-13T14:39:03+00:00 https://www.securityweek.com/us-unseals-charges-against-3-eastern-europeans-over-ransomware-malvertising/ www.secnews.physaphae.fr/article.php?IdArticle=8557083 False Ransomware,Malware,Threat None 3.0000000000000000 SecurityWeek - Security News La vulnérabilité de l'ultervideo zéro-jour dans le télégramme pour Android a permis aux acteurs de menace d'envoyer des fichiers malveillants déguisés en vidéos.

---

>The EvilVideo zero-day vulnerability in Telegram for Android allowed threat actors to send malicious files disguised as videos. ]]> 2024-07-23T10:40:35+00:00 https://www.securityweek.com/telegram-zero-day-enabled-malware-delivery/ www.secnews.physaphae.fr/article.php?IdArticle=8542712 False Malware,Vulnerability,Threat,Mobile None 3.0000000000000000 SecurityWeek - Security News La grande panne informatique causée par CrowdStrike est en cours de mise à profit par les acteurs de la menace pour le phishing, les escroqueries et la livraison de logiciels malveillants.

---

>The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. ]]> 2024-07-22T09:03:39+00:00 https://www.securityweek.com/crowdstrike-incident-leveraged-for-malware-delivery-phishing-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8541958 False Malware,Threat None 3.0000000000000000 SecurityWeek - Security News Le risque de subir une attaque de ransomware est élevé et les organisations doivent prendre des mesures proactives pour se protéger et minimiser l'impact d'une violation potentielle.

---

>The risk of suffering a ransomware attack is high and organizations must take proactive steps to protect themselves and minimize the impact of a potential breach. ]]> 2024-07-18T19:31:44+00:00 https://www.securityweek.com/using-threat-intelligence-to-predict-potential-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8539763 False Ransomware,Threat,Prediction None 3.0000000000000000 SecurityWeek - Security News Les chercheurs montrent comment la technique de l'ombre du port contre les VPN peut permettre des attaques MITM, permettant aux acteurs de menace d'intercepter et de rediriger le trafic.

---

>Researchers show how the Port Shadow technique against VPNs can allow MitM attacks, enabling threat actors to intercept and redirect traffic.  ]]> 2024-07-18T11:46:33+00:00 https://www.securityweek.com/port-shadow-attack-allows-vpn-traffic-interception-redirection/ www.secnews.physaphae.fr/article.php?IdArticle=8539551 False Threat None 3.0000000000000000 SecurityWeek - Security News Un acteur de menace ciblant les victimes de langue chinoise a utilisé le chargeur de logiciels malveillants Squidloader dans les attaques récentes.

---

>A threat actor targeting Chinese-speaking victims has been using the SquidLoader malware loader in recent attacks. ]]> 2024-06-20T11:24:25+00:00 https://www.securityweek.com/highly-evasive-squidloader-malware-targets-china/ www.secnews.physaphae.fr/article.php?IdArticle=8521860 False Malware,Threat None 3.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui pourraient avoir glissé sous le radar: Tiktok Patchs Compte Rijacking Zero-Day, 300 millions de dollars DMM Bitcoin Hack, Applications VPN Android gratuites analysées.

---

>Noteworthy stories that might have slipped under the radar: TikTok patches account hijacking zero-day, $300 million DMM Bitcoin hack, free Android VPN apps analyzed. ]]> 2024-06-07T14:33:48+00:00 https://www.securityweek.com/in-other-news-tiktok-zero-day-dmm-bitcoin-hack-free-vpn-app-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8514761 False Hack,Vulnerability,Threat,Mobile None 3.0000000000000000 SecurityWeek - Security News Mozilla a annoncé un programme de primes de bug de 0 jour d'investigation (0Din) pour les LLM et autres technologies d'apprentissage en profondeur.

---

>Mozilla has announced a 0Day Investigative Network (0Din) bug bounty program for LLMs and other deep learning tech. ]]> 2024-06-07T12:34:45+00:00 https://www.securityweek.com/mozilla-launches-0din-gen-ai-bug-bounty-program/ www.secnews.physaphae.fr/article.php?IdArticle=8514699 False Threat None 2.0000000000000000 SecurityWeek - Security News Google et Microsoft mettent en garde contre les risques élevés de cyber-menaces auxquelles sont confrontés les Jeux olympiques de Paris 2024, en particulier des acteurs de la menace russe.

---

>Google and Microsoft warn of elevated risks of cyber threats facing the 2024 Paris Olympics, especially from Russian threat actors. ]]> 2024-06-06T12:51:38+00:00 https://www.securityweek.com/google-microsoft-russian-threat-actors-pose-high-risk-to-2024-paris-olympics/ www.secnews.physaphae.fr/article.php?IdArticle=8514118 False Threat None 3.0000000000000000 SecurityWeek - Security News Plus de 600 000 routeurs SOHO appartenant à un seul FAI et infectés par le chalussier chalubo ont été rendus inopérables.

---

>Over 600,000 SOHO routers belonging to a single ISP and infected with the Chalubo trojan were rendered inoperable. ]]> 2024-05-31T10:28:35+00:00 https://www.securityweek.com/mysterious-threat-actor-uses-chalubo-malware-to-brick-600000-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8510577 False Malware,Threat None 2.0000000000000000 SecurityWeek - Security News Un look dans les piliers traditionnels de la culture communautaire de sécurité et comment ils sont affaiblis et compromis, et même jetant un œil à l'endroit où tout cela pourrait aller dans un monde de fesses profondes et de biais et d'hallucination alimentés par l'IA.

---

>A look int the traditional pillars of security community culture and how they are being weakened and compromised, and even peek at where this all could go in a world of deepfakes and AI-fueled bias and hallucination. ]]> 2024-05-28T13:32:24+00:00 https://www.securityweek.com/social-distortion-the-threat-of-fear-uncertainty-and-deception-in-creating-security-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8508601 False Threat None 3.0000000000000000 SecurityWeek - Security News Le point de contrôle est averti les clients que les acteurs de la menace ciblent les instances de VPN sans sécurité pour l'accès initial aux réseaux d'entreprise.

---

>Check Point is warning customers that threat actors are targeting insecure VPN instances for initial access to enterprise networks.  ]]> 2024-05-28T08:57:31+00:00 https://www.securityweek.com/check-point-vpn-targeted-for-initial-access-in-enterprise-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8508733 False Hack,Threat None 4.0000000000000000 SecurityWeek - Security News Noteworthy stories that might have slipped under the radar: Chinese repair ships might be spying on undersea communications, spyware found at hotel check-ins, UK not ready for China threat. ]]> 2024-05-24T11:30:00+00:00 https://www.securityweek.com/in-other-news-chinas-undersea-spying-hotel-spyware-irans-disruptive-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8506066 False Threat None 3.0000000000000000 SecurityWeek - Security News Les attaquants deviennent plus sophistiqués, mieux armés et plus rapides.Rien dans Rapid7 \'s 2024 Attack Intelligence Report suggère que cela changera.

---

>Attackers are getting more sophisticated, better armed, and faster. Nothing in Rapid7\'s 2024 Attack Intelligence Report suggests that this will change. ]]> 2024-05-23T11:00:00+00:00 https://www.securityweek.com/zero-day-attacks-and-supply-chain-compromises-surge-mfa-remains-underutilized-rapid7-report/ www.secnews.physaphae.fr/article.php?IdArticle=8505399 False Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News Google stimule les protections de fraude et de logiciels malveillants dans Android 15 avec une détection de menace en direct et des paramètres restreints élargis.

---

>Google is boosting fraud and malware protections in Android 15 with live threat detection and expanded restricted settings. ]]> 2024-05-16T11:09:41+00:00 https://www.securityweek.com/android-15-brings-improved-fraud-and-malware-protections/ www.secnews.physaphae.fr/article.php?IdArticle=8500937 False Malware,Threat,Mobile None 3.0000000000000000 SecurityWeek - Security News Cisco avertit que les pirates de pays nationaux exploitent au moins deux vulnérabilités de zéro jour dans ses plates-formes de pare-feu ASA pour planter des logiciels malveillants sur les télécommunications et les réseaux du secteur de l'énergie.

---

>Cisco warns that nation state-backed hackers are exploiting at least two zero-day vulnerabilities in its ASA firewall platforms to plant malware on telecommunications and energy sector networks. ]]> 2024-04-24T17:25:24+00:00 https://www.securityweek.com/cisco-raises-alarm-for-arcanedoor-zero-days-hitting-asa-firewall-platforms/ www.secnews.physaphae.fr/article.php?IdArticle=8488146 False Malware,Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Un acteur de menace lié à la Corée du Nord a détourné le mécanisme de mise à jour de l'antivirus ESCAN pour déployer des délais et des mineurs de crypto-monnaie.

---

>A North Korea-linked threat actor hijacked the update mechanism of eScan antivirus to deploy backdoors and cryptocurrency miners. ]]> 2024-04-24T14:44:17+00:00 https://www.securityweek.com/north-korean-hackers-hijack-antivirus-updates-for-malware-delivery/ www.secnews.physaphae.fr/article.php?IdArticle=8488071 False Malware,Threat None 2.0000000000000000 SecurityWeek - Security News CheckMarx met en garde contre une nouvelle attaque en s'appuyant sur la manipulation de la recherche GitHub pour livrer du code malveillant.

---

>Checkmarx warns of a new attack relying on GitHub search manipulation to deliver malicious code. ]]> 2024-04-12T09:55:57+00:00 https://www.securityweek.com/threat-actors-manipulate-github-search-to-deliver-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8480680 False Malware,Threat None 2.0000000000000000 SecurityWeek - Security News Avec l'intelligence de menace automatisée, détaillée et contextualisée, les organisations peuvent mieux anticiper l'activité malveillante et utiliser l'intelligence pour accélérer la détection autour d'attaques éprouvées.

---

>With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. ]]> 2024-04-11T13:19:09+00:00 https://www.securityweek.com/why-intelligence-sharing-is-vital-to-building-a-robust-collective-cyber-defense-program/ www.secnews.physaphae.fr/article.php?IdArticle=8480026 False Threat None 3.0000000000000000 SecurityWeek - Security News Microsoft Patches CVE-2024-29988 et CVE-2024-26234, deux vulnérabilités de jour zéro exploitées par les acteurs de la menace pour livrer des logiciels malveillants.

---

>Microsoft patches CVE-2024-29988 and CVE-2024-26234, two zero-day vulnerabilities exploited by threat actors to deliver malware. ]]> 2024-04-10T09:33:35+00:00 https://www.securityweek.com/microsoft-patches-two-zero-days-exploited-for-malware-delivery/ www.secnews.physaphae.fr/article.php?IdArticle=8479243 False Malware,Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News Crowdfense a annoncé un programme d'acquisition d'exploit de 30 millions de dollars couvrant Android, iOS, Chrome et Safari Zero-Days.

---

>Crowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. ]]> 2024-04-08T11:30:59+00:00 https://www.securityweek.com/company-offering-30-million-for-android-ios-browser-zero-day-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8478101 False Vulnerability,Threat,Mobile None 2.0000000000000000 SecurityWeek - Security News Malgré une augmentation des attaques zéro-jour, les données montrent que les investissements de sécurité dans les expositions d'exploitation du système d'exploitation et des logiciels obligent les attaquants à trouver de nouvelles surfaces d'attaque et des modèles de bogues.

---

>Despite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns. ]]> 2024-03-27T13:50:41+00:00 https://www.securityweek.com/google-report-despite-surge-in-zero-day-attacks-exploit-mitigations-are-working/ www.secnews.physaphae.fr/article.php?IdArticle=8471416 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News L'acteur de menace financièrement motivé Gobelin cible des vulnérabilités d'une journée pour déployer des logiciels malveillants nerbiens sur les systèmes Linux.

---

>The financially motivated threat actor Magnet Goblin is targeting one-day vulnerabilities to deploy Nerbian malware on Linux systems. ]]> 2024-03-11T11:50:56+00:00 https://www.securityweek.com/magnet-goblin-delivers-linux-malware-using-one-day-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8462095 False Malware,Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News À l'ère de l'augmentation des tensions géopolitiques causées par les guerres réelles et la menace d'une action chinoise contre Taïwan, l'OT est une cible qui ne peut être ignorée par les États-nations.

---

>In an age of increasing geopolitical tensions caused by actual wars, and the threat of Chinese action against Taiwan, OT is a target that cannot be ignored by nation states. ]]> 2024-03-06T12:16:22+00:00 https://www.securityweek.com/cyber-insights-2024-ot-ics-and-iiot/ www.secnews.physaphae.fr/article.php?IdArticle=8459839 False Threat,Industrial None 2.0000000000000000 SecurityWeek - Security News Le groupe nord-coréen Lazarus a exploité le conducteur Applocker Zero-Day CVE-2024-21338 pour l'escalade des privilèges dans les attaques impliquant Fudmodule Rootkit.

---

>North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. ]]> 2024-02-29T10:28:36+00:00 https://www.securityweek.com/windows-zero-day-exploited-by-north-korean-hackers-in-rootkit-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8456926 False Vulnerability,Threat APT 38 3.0000000000000000 SecurityWeek - Security News La surface d'attaque de l'API se développe et les vulnérabilités de l'API augmentent.L'IA aidera les attaquants à trouver et à exploiter les vulnérabilités d'API à grande échelle.

---

>The API attack surface is expanding and API vulnerabilities are growing. AI will help attackers find and exploit API vulnerabilities at scale. ]]> 2024-02-28T15:38:05+00:00 https://www.securityweek.com/cyber-insights-2024-apis-a-clear-present-and-future-danger/ www.secnews.physaphae.fr/article.php?IdArticle=8456492 False Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Lors de l'évaluation de XDR, considérez sa valeur en fonction de sa capacité à réduire la complexité et à améliorer la détection des menaces et les temps de réponse.

---

>When evaluating XDR, consider its value based on its ability to reduce complexity and improve threat detection and response times. ]]> 2024-02-28T12:24:15+00:00 https://www.securityweek.com/is-xdr-enough-the-hidden-gaps-in-your-security-net/ www.secnews.physaphae.fr/article.php?IdArticle=8456414 False Threat None 3.0000000000000000 SecurityWeek - Security News Les acteurs de la menace chinoise ciblent les appareils VPN Ivanti avec de nouveaux logiciels malveillants conçus pour persister des mises à niveau du système.

---

>Chinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. ]]> 2024-02-28T12:21:28+00:00 https://www.securityweek.com/chinese-cyberspies-use-new-malware-in-ivanti-vpn-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8456415 False Malware,Threat None 3.0000000000000000 SecurityWeek - Security News UnitedHealth Group blâme un acteur de menace parrainé par l'État pour une cyberattaque perturbatrice sur sa filiale Change Healthcare.

---

>UnitedHealth Group is blaming a state-sponsored threat actor for a disruptive cyberattack on its subsidiary Change Healthcare. ]]> 2024-02-26T14:41:25+00:00 https://www.securityweek.com/state-sponsored-group-blamed-for-change-healthcare-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8455450 False Threat None 2.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui auraient pu glisser sous le radar: le vendeur de logiciels espions Varonis s'arrête, Crowdsstrike Tracks 232 Acteurs de la menace, Meta et Freenom Reach Settlement.

---

>Noteworthy stories that might have slipped under the radar: Spyware vendor Varonis is shutting down, Crowdstrike tracks 232 threat actors, Meta and Freenom reach settlement.  ]]> 2024-02-23T13:11:11+00:00 https://www.securityweek.com/in-other-news-spyware-vendor-shutdown-freenom-meta-settlement-232-threat-groups/ www.secnews.physaphae.fr/article.php?IdArticle=8454153 False Threat None 3.0000000000000000 SecurityWeek - Security News A threat actor employed the administrative credentials of a former employee to hack a US government organization. ]]> 2024-02-16T13:53:42+00:00 https://www.securityweek.com/ex-employees-admin-credentials-used-in-us-gov-agency-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8450957 False Hack,Threat None 3.0000000000000000 SecurityWeek - Security News Les chasseurs de menaces de Microsoft disent que les APT étrangers interagissent avec le chatppt d'Openai \\ pour automatiser la recherche de vulnérabilité malveillante, la reconnaissance cible et les tâches de création de logiciels malveillants.

---

>Microsoft threat hunters say foreign APTs are interacting with OpenAI\'s ChatGPT to automate malicious vulnerability research, target reconnaissance and malware creation tasks. ]]> 2024-02-14T18:25:10+00:00 https://www.securityweek.com/microsoft-catches-apts-using-chatgpt-for-vuln-research-malware-scripting/ www.secnews.physaphae.fr/article.php?IdArticle=8450120 False Malware,Vulnerability,Threat ChatGPT 2.0000000000000000 SecurityWeek - Security News Un acteur de menace nationale a accédé aux systèmes internes de cloudflare à l'aide d'identification volées pendant le piratage d'Okta.

---

>A nation-state threat actor accessed internal Cloudflare systems using credentials stolen during the Okta hack. ]]> 2024-02-02T11:15:47+00:00 https://www.securityweek.com/cloudflare-hacked-by-suspected-state-sponsored-attacker/ www.secnews.physaphae.fr/article.php?IdArticle=8445943 False Hack,Threat None 3.0000000000000000 SecurityWeek - Security News Video: Top US cyber officials testify on China\'s cyber threat to U.S. national security and critical infrastrcuture. ]]> 2024-02-01T15:32:30+00:00 https://www.securityweek.com/watch-top-cyber-officials-testify-on-chinas-cyber-threat-to-us/ www.secnews.physaphae.fr/article.php?IdArticle=8445612 False Threat None 3.0000000000000000 SecurityWeek - Security News Les pirates de gouvernement chinois visent activement les usines de traitement de l'eau, le réseau électrique, les systèmes de transport et d'autres infrastructures critiques à l'intérieur des États-Unis, a déclaré le directeur du FBI, Chris Wray, a déclaré aux législateurs.

---

>Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told lawmakers. ]]> 2024-02-01T02:06:29+00:00 https://www.securityweek.com/us-says-it-disrupted-a-china-cyber-threat-but-warns-hackers-could-still-wreak-havoc-for-americans/ www.secnews.physaphae.fr/article.php?IdArticle=8445402 False Threat None 3.0000000000000000 SecurityWeek - Security News Le gouvernement américain aurait désactivé des parties d'une cyber campagne de botnet menée par l'acteur de menace chinoise Volt Typhoon.

---

>US government reportedly disabled parts of a botnet-powered cyber campaign conducted by the Chinese threat actor Volt Typhoon. ]]> 2024-01-30T12:54:27+00:00 https://www.securityweek.com/us-disrupted-chinese-hacking-operation-aimed-at-critical-infrastructure-report/ www.secnews.physaphae.fr/article.php?IdArticle=8444814 False Threat Guam 3.0000000000000000 SecurityWeek - Security News Le groupe de menaces russes Colriver a développé SPICA, un malware qui lui permet de compromettre les systèmes et de voler des informations.

---

>Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information.  ]]> 2024-01-18T14:06:53+00:00 https://www.securityweek.com/russian-apt-known-for-phishing-attacks-is-also-developing-malware-google-warns/ www.secnews.physaphae.fr/article.php?IdArticle=8440306 False Malware,Threat None 3.0000000000000000 SecurityWeek - Security News Les vulnérabilités ivanti zéro-jour surnommées connexion pourraient avoir un impact sur des milliers de systèmes et les cyberspies chinoises se préparent à la libération de patchs.

---

>Ivanti zero-day vulnerabilities dubbed ConnectAround could impact thousands of systems and Chinese cyberspies are preparing for patch release. ]]> 2024-01-12T10:43:03+00:00 https://www.securityweek.com/malware-used-in-ivanti-zero-day-attacks-shows-hackers-preparing-for-patch-rollout/ www.secnews.physaphae.fr/article.php?IdArticle=8438227 False Malware,Vulnerability,Threat None 3.0000000000000000 SecurityWeek - Security News Les pirates chinois ont exploité une journée zéro-jour comme CVE-2023-7102 pour livrer des logiciels malveillants à Barracuda Email Security Gateway (ESG) Appliances.

---

>Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. ]]> 2023-12-27T11:05:30+00:00 https://www.securityweek.com/chinese-hackers-deliver-malware-to-barracuda-email-security-appliances-via-new-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8429763 False Malware,Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News GambleForce utilise des injections SQL pour pirater les sites Web de jeu, de gouvernement, de vente au détail et de voyage pour voler des informations sensibles.

---

>GambleForce uses SQL injections to hack gambling, government, retail, and travel websites to steal sensitive information. ]]> 2023-12-14T15:17:45+00:00 https://www.securityweek.com/new-threat-actor-uses-sql-injection-attacks-to-steal-data-from-apac-companies/ www.secnews.physaphae.fr/article.php?IdArticle=8422731 False Hack,Threat None 2.0000000000000000 SecurityWeek - Security News IVERIFY, une startup au stade de graine sorti de la piste de bits, expédie une plate-forme de chasse aux menaces mobiles pour neutraliser iOS et Android Zero-Days.

---

>iVerify, a seed-stage startup spun out of Trail of Bits, ships a mobile threat hunting platform to neutralize iOS and Android zero-days. ]]> 2023-12-06T15:20:30+00:00 https://www.securityweek.com/trail-of-bits-spinout-iverify-tackles-mercenary-spyware-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8419597 False Threat,Mobile None 2.0000000000000000 SecurityWeek - Security News Radicl, une startup de cybersécurité spécialisée dans la protection des menaces aux PME, a obtenu un financement supplémentaire de 9 millions de dollars supplémentaires, ajoutant à 3 millions de dollars que la société avait collecté auparavant.

---

>RADICL, a cybersecurity startup specializing in providing threat protection to SMBs, secured an additional $9 million in early-stage funding, adding to $3 million that the company had raised previously. ]]> 2023-11-15T11:44:58+00:00 https://www.securityweek.com/radicl-adds-9-million-in-funding-to-fortify-cyber-defenses-of-smbs-in-defense-industrial-base/ www.secnews.physaphae.fr/article.php?IdArticle=8412337 False Threat,Industrial None 2.0000000000000000 SecurityWeek - Security News Denmark\'s SektorCERT association shares details on a coordinated attack against the country\'s energy sector. ]]> 2023-11-14T10:56:17+00:00 https://www.securityweek.com/22-energy-firms-hacked-in-largest-coordinated-attack-on-denmarks-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8411795 False Threat,Industrial None 5.0000000000000000 SecurityWeek - Security News Chatgpt et son API ont connu une panne majeure en raison d'une attaque DDOS apparemment lancée par le Soudan anonyme.

---

>ChatGPT and its API have experienced a major outage due to a DDoS attack apparently launched by Anonymous Sudan. ]]> 2023-11-09T13:28:03+00:00 https://www.securityweek.com/major-chatgpt-outage-caused-by-ddos-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8408540 False Threat ChatGPT 3.0000000000000000 SecurityWeek - Security News Le FBI avertit que les opérateurs de ransomwares continuent de maltraiter des fournisseurs et des services tiers en tant que vecteur d'attaque.

---

>FBI warns that ransomware operators continue to abuse third-party vendors and services as an attack vector. ]]> 2023-11-08T11:27:06+00:00 https://www.securityweek.com/fbi-highlights-emerging-initial-access-methods-used-by-ransomware-groups/ www.secnews.physaphae.fr/article.php?IdArticle=8407815 False Ransomware,Threat,Studies None 4.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui auraient pu glisser sous le radar: ex-NSA Employee Esping for Russia, UE Threat Landscape Report, Cyber Education Funding

---

>Noteworthy stories that might have slipped under the radar: Ex-NSA employee spying for Russia, EU threat landscape report, cyber education funding ]]> 2023-10-27T14:31:14+00:00 https://www.securityweek.com/in-other-news-ex-nsa-employee-spying-for-russia-eu-threat-landscape-cyber-education-funding/ www.secnews.physaphae.fr/article.php?IdArticle=8401468 False Threat None 2.0000000000000000 SecurityWeek - Security News Il existe des étapes clés que chaque organisation devrait prendre pour tirer parti des données de menace et d'événements tout au long du cycle de vie d'un cyber-incident.

---

>There are key steps every organization should take to leverage threat and event data across the lifecycle of a cyber incident. ]]> 2023-10-26T15:59:16+00:00 https://www.securityweek.com/key-learnings-from-big-game-ransomware-campaigns/ www.secnews.physaphae.fr/article.php?IdArticle=8400946 False Ransomware,Threat None 2.0000000000000000 SecurityWeek - Security News Un acteur de menace cible les Israéliens avec des logiciels espions se faisant passer pour une application Android pour recevoir des alertes de fusée.

---

>A threat actor targets Israelis with spyware masquerading as an Android application for receiving rocket alerts. ]]> 2023-10-16T09:55:21+00:00 https://www.securityweek.com/spyware-caught-masquerading-as-israeli-rocket-alerting-applications/ www.secnews.physaphae.fr/article.php?IdArticle=8396112 False Threat None 2.0000000000000000 SecurityWeek - Security News US, Ukraine, and Israel remain the most heavily attacked by cyberespionage and cybercrime threat actors, Microsoft says. ]]> 2023-10-06T12:33:22+00:00 https://www.securityweek.com/microsoft-releases-new-report-on-cybercrime-state-sponsored-cyber-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8392230 False Threat None 2.0000000000000000 SecurityWeek - Security News Russian zero-day acquisition firm Operation Zero is now offering $20 million for full Android and iOS exploit chains. ]]> 2023-09-28T11:25:36+00:00 https://www.securityweek.com/russian-zero-day-acquisition-firm-offers-20-million-for-android-ios-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8389040 False Threat,Mobile None 4.0000000000000000 SecurityWeek - Security News Chinese state-sponsored threat groups have targeted telecoms, financial and government organizations in Africa as part of soft power efforts. ]]> 2023-09-22T12:48:31+00:00 https://www.securityweek.com/chinas-offensive-cyber-operations-in-africa-support-soft-power-efforts/ www.secnews.physaphae.fr/article.php?IdArticle=8386722 False Threat None 3.0000000000000000 SecurityWeek - Security News Les acteurs chinois exploitant les appliances Barracuda ESG ont déployé des mécanismes de persistance en préparation des efforts de remédiation.

---

>Chinese threat actor exploiting Barracuda ESG appliances deployed persistence mechanisms in preparation for remediation efforts. ]]> 2023-08-29T13:00:43+00:00 https://www.securityweek.com/chinese-apt-was-prepared-for-remediation-efforts-in-barracuda-esg-zero-day-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8376269 False Threat None 2.0000000000000000 SecurityWeek - Security News L'acteur de menace derrière Hiatusrat a été vu en reconnaissance de la reconnaissance contre un système d'approvisionnement militaire américain en juin 2023.

---

>The threat actor behind HiatusRAT was seen performing reconnaissance against a US military procurement system in June 2023. ]]> 2023-08-22T13:11:22+00:00 https://www.securityweek.com/us-military-targeted-in-recent-hiatusrat-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8373107 False Threat None 2.0000000000000000 SecurityWeek - Security News Les acteurs de menace ont été observés abusant de l'outil de tunnel de nuage de nuage open source.

---

>Threat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems. ]]> 2023-08-04T13:20:47+00:00 https://www.securityweek.com/threat-actors-abuse-cloudflare-tunnel-for-persistent-access-data-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8365692 False Tool,Threat None 2.0000000000000000 SecurityWeek - Security News Virustotal a apporté des clarifications sur la récente fuite de données qui a entraîné l'exposition d'informations sur 5 600 des clients du Service d'analyse des menaces.

---

>VirusTotal has provided clarifications on the recent data leak that resulted in the exposure of information on 5,600 of the threat analysis service\'s customers. ]]> 2023-07-21T11:45:21+00:00 https://www.securityweek.com/virustotal-provides-clarifications-on-data-leak-affecting-premium-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8359716 False Threat None 2.0000000000000000 SecurityWeek - Security News A threat actor\'s real identity was uncovered after they infected their own computer with an information stealer. ]]> 2023-07-18T13:51:53+00:00 https://www.securityweek.com/black-hat-hacker-exposes-real-identity-after-infecting-own-computer-with-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8358302 False Malware,Threat None 1.00000000000000000000 SecurityWeek - Security News La nouvelle cyber-coupe de la sécurité nationale aidera les États-Unis à perturber et à poursuivre les acteurs de la menace nationale et les cybercriminels parrainés par l'État.

---

>New National Security Cyber Section will help the US disrupt and prosecute nation-state threat actors and state-sponsored cybercriminals. ]]> 2023-06-21T12:32:23+00:00 https://www.securityweek.com/doj-launches-cyber-unit-to-prosecute-nation-state-threat-actors/ www.secnews.physaphae.fr/article.php?IdArticle=8347690 False Threat None 2.0000000000000000 SecurityWeek - Security News Le malware ICS lié à la Russie nommé Cosmicenergy ne constitue pas une menace directe pour les systèmes OT car il contient des erreurs et manque de maturité.

---

>The Russia-linked ICS malware named CosmicEnergy does not pose a direct threat to OT systems as it contains errors and lacks maturity. ]]> 2023-06-13T15:30:40+00:00 https://www.securityweek.com/cosmicenergy-ics-malware-poses-no-immediate-threat-but-should-not-be-ignored/ www.secnews.physaphae.fr/article.php?IdArticle=8344880 False Malware,Threat CosmicEnergy ,CosmicEnergy 3.0000000000000000 SecurityWeek - Security News Le fournisseur européen de renseignement XDR et de menace Sekoia.io a levé et euro; 35 millions (37,5 millions de dollars) en série A.

---

>European XDR and threat intelligence provider Sekoia.io has raised €35 million ($37.5 million) in Series A funding. ]]> 2023-05-25T11:17:14+00:00 https://www.securityweek.com/european-cybersecurity-firm-sekoia-io-raises-37-5-million/ www.secnews.physaphae.fr/article.php?IdArticle=8339343 False Threat None 2.0000000000000000 SecurityWeek - Security News A threat actor tracked as Lemon Group has control over millions of smartphones distributed worldwide thanks to preinstalled Guerrilla malware. ]]> 2023-05-18T10:53:43+00:00 https://www.securityweek.com/millions-of-smartphones-distributed-worldwide-with-preinstalled-guerrilla-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8337636 False Malware,Threat None 1.00000000000000000000 SecurityWeek - Security News New Domino backdoor brings together former members of the Conti group and the FIN7 threat actors. ]]> 2023-04-18T16:01:51+00:00 https://www.securityweek.com/new-domino-malware-linked-to-fin7-group-ex-conti-members/ www.secnews.physaphae.fr/article.php?IdArticle=8328973 False Malware,Threat None 2.0000000000000000 SecurityWeek - Security News La société de gestion de la surface des renseignements et des attaques Cyfirma a levé 6 millions de dollars dans un tour de financement avant la série B.

---

>Threat intelligence and attack surface management company Cyfirma has raised $6 million in a pre-Series B funding round. ]]> 2023-04-13T13:00:00+00:00 https://www.securityweek.com/cyfirma-raises-6-million-for-threat-management-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8327445 False Threat None 2.0000000000000000 SecurityWeek - Security News Latitude Financial said it had recently received a ransom threat from the group behind the cyberattack, which it was ignoring in line with government advice. ]]> 2023-04-11T01:59:25+00:00 https://www.securityweek.com/australian-finance-company-refuses-hackers-ransom-demand/ www.secnews.physaphae.fr/article.php?IdArticle=8326491 False Threat None 1.00000000000000000000 SecurityWeek - Security News New \'Hack the Pentagon\' website helps DoD organizations launch bug bounty programs and recruit security researchers. ]]> 2023-04-03T11:51:26+00:00 https://www.securityweek.com/us-defense-department-launches-hack-the-pentagon-website/ www.secnews.physaphae.fr/article.php?IdArticle=8324349 False Threat,General Information None 2.0000000000000000 SecurityWeek - Security News L'équipe de renseignement sur la menace Crowdsstrike met en garde contre l'activité malveillante inattendue d'une version légitime et signée du 3CXDESKTOPAPP.

---

>CrowdStrike threat intelligence team warns about unexpected malicious activity from a legitimate, signed version of the 3CXDesktopApp. ]]> 2023-03-29T20:20:28+00:00 https://www.securityweek.com/malware-hunters-spot-supply-chain-attack-hitting-3cx-desktop-app/ www.secnews.physaphae.fr/article.php?IdArticle=8323244 False Malware,Threat None 2.0000000000000000 SecurityWeek - Security News Profitez de cette session pendant que nous parcourons trois cas d'utilisation récents où une nouvelle menace a pris des organisations hors garde.

---

>Enjoy this session as we walk through three recent use cases where a new threat caught organizations off-guard. ]]> 2023-03-28T18:34:14+00:00 https://www.securityweek.com/video-how-to-build-resilience-against-emerging-cyber-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8322610 False Threat None 2.0000000000000000 SecurityWeek - Security News Join us for this webinar as we walk through three recent use cases where a new threat caught organizations off-guard. ]]> 2023-03-16T13:46:09+00:00 https://www.securityweek.com/webinar-today-how-to-build-resilience-against-emerging-cyber-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8319139 False Threat None 2.0000000000000000 SecurityWeek - Security News News Corp says a threat group, previously linked to the Chinese government, had access to its systems for two years before the breach was discovered. ]]> 2023-02-27T10:42:19+00:00 https://www.securityweek.com/media-giant-news-corp-discloses-new-details-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8313661 False Data Breach,Threat None 2.0000000000000000 SecurityWeek - Security News GoDaddy recently discovered a hacker attack where a sophisticated threat group infected websites and servers with malware. ]]> 2023-02-20T10:09:07+00:00 https://www.securityweek.com/godaddy-says-recent-hack-part-of-multi-year-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8311849 False Hack,Threat None 1.00000000000000000000 SecurityWeek - Security News Top state election and cybersecurity officials warned about threats posed by Russia and other foreign adversaries ahead of the 2024 elections ]]> 2023-02-17T14:04:41+00:00 https://www.securityweek.com/security-experts-warn-of-foreign-cyber-threat-to-2024-voting/ www.secnews.physaphae.fr/article.php?IdArticle=8311263 False Threat None 2.0000000000000000 SecurityWeek - Security News Cybereason GootLoader as a 'severe' threat, as the malware uses a combination of evasion and living off the land techniques, making its presence difficult to dectec. ]]> 2023-02-08T11:57:08+00:00 https://www.securityweek.com/a-deep-dive-into-the-growing-gootloader-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8308224 False Malware,Threat None 2.0000000000000000 SecurityWeek - Security News The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be remediated. ]]> 2023-02-02T12:00:00+00:00 https://www.securityweek.com/cyber-insights-2023-supply-chain-security/ www.secnews.physaphae.fr/article.php?IdArticle=8306561 False Threat None 2.0000000000000000