This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:17:37+00:00 www.secnews.physaphae.fr ProofPoint - Cyber Firms 2024-12-17T08:31:31+00:00 https://www.proofpoint.com/us/blog/threat-insight/hidden-plain-sight-ta397s-new-attack-chain-delivers-espionage-rats www.secnews.physaphae.fr/article.php?IdArticle=8626533 False Malware,Tool,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Produits

---

Rubrik lance la fonctionnalité Turbo Threat Hunting Turbo Threat Hunting est capable de scanner près de 75 000 sauvegardes en 60 secondes pour permettre aux organisations d\'identifier des points de récupération sains et réduire les temps d\'arrêt après des cyberattaques. - Produits]]> 2024-12-17T08:30:20+00:00 https://www.globalsecuritymag.fr/rubrik-lance-la-fonctionnalite-turbo-threat-hunting.html www.secnews.physaphae.fr/article.php?IdArticle=8626462 False Threat None 2.0000000000000000 The State of Security - Magazine Américain London is one of the smartest and most interconnected cities in the world. Digital infrastructure plays a role in almost every facet of society, streamlining public transport, improving healthcare provision, boosting sustainability, and more. However, this reliance on technology has left London\'s critical national infrastructure ( CNI) perilously vulnerable to digital attacks. As geopolitical relationships deteriorate and nation-state threats to critical infrastructure increase, the UK can no longer ignore this problem. The Impact of Critical National Infrastructure Failures As a sprawling...]]> 2024-12-17T03:59:36+00:00 https://www.tripwire.com/state-of-security/londons-cni-under-threat www.secnews.physaphae.fr/article.php?IdArticle=8626503 False Threat,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch The sector must prioritize comprehensive data protection strategies to safeguard PII in an aggressive threat environment.]]> 2024-12-16T19:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/education-industry-data-must-be-protected www.secnews.physaphae.fr/article.php?IdArticle=8626177 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-16T18:46:53+00:00 https://community.riskiq.com/article/629f71dc www.secnews.physaphae.fr/article.php?IdArticle=8626198 False Malware,Tool,Vulnerability,Threat,Cloud,Technical None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET ESET Chief Security Evangelist Tony Anscombe looks at some of the report\'s standout findings and their implications for staying secure in 2025]]> 2024-12-16T16:57:45+00:00 https://www.welivesecurity.com/en/videos/eset-threat-report-h2-2024-key-findings/ www.secnews.physaphae.fr/article.php?IdArticle=8648721 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-12-16T15:07:03+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/how-build-sustainable-security-culture-drives-behavior-change www.secnews.physaphae.fr/article.php?IdArticle=8626174 False Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-16T12:50:03+00:00 https://community.riskiq.com/article/8d1747e7 www.secnews.physaphae.fr/article.php?IdArticle=8626055 False Ransomware,Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Industrial,Prediction,Cloud APT C 60 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial New research from Cyfirma identified that the U.K. faces an escalating cyber threat landscape dominated by sophisticated Russian... ]]> 2024-12-16T11:51:29+00:00 https://industrialcyber.co/ransomware/cyfirma-report-uk-faces-intensifying-cyber-threats-from-state-backed-russian-hackers-amid-geopolitical-tensions/ www.secnews.physaphae.fr/article.php?IdArticle=8626009 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A thwarted attack demonstrates that threat actors using yet another delivery method for the malware, which already has been spread using phishing emails, malvertising, hijacking of instant messages, and SEO poisoning.]]> 2024-12-16T10:22:25+00:00 https://www.darkreading.com/cyberattacks-data-breaches/vishing-via-microsoft-teams-spreads-darkgate-rat www.secnews.physaphae.fr/article.php?IdArticle=8626178 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named \'NoviSpy,\' used to spy on activists, journalists, and protestors. [...]]]> 2024-12-16T10:06:16+00:00 https://www.bleepingcomputer.com/news/security/new-android-novispy-spyware-linked-to-qualcomm-zero-day-bugs/ www.secnews.physaphae.fr/article.php?IdArticle=8626085 False Vulnerability,Threat,Mobile None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET A view of the H2 2024 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts]]> 2024-12-16T10:00:00+00:00 https://www.welivesecurity.com/en/eset-research/eset-threat-report-h2-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8648726 False Threat None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite For the latest discoveries in cyber research for the week of 16th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Romanian National Cybersecurity Directorate (DNSC) has disclosed a ransomware attack conducted by Lynx ransomware gang on the country’s energy provider Electrica Group, which provides services to more than 3.8M people across […]

---

>For the latest discoveries in cyber research for the week of 16th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Romanian National Cybersecurity Directorate (DNSC) has disclosed a ransomware attack conducted by Lynx ransomware gang on the country’s energy provider Electrica Group, which provides services to more than 3.8M people across […] ]]> 2024-12-16T07:36:47+00:00 https://research.checkpoint.com/2024/16th-december-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8625910 False Ransomware,Threat None 2.0000000000000000 ProjectZero - Blog de recherche Google here. Thanks to both Amnesty International and Google\'s Threat Analysis Group for providing the artifacts and collaborating on the subsequent technical analysis!IntroductionEarlier this year, Google\'s TAG received some kernel panic logs generated by an In-the-Wild (ITW) exploit. Those logs kicked off a bug hunt that led to the discovery of 6 vulnerabilities in one Qualcomm driver over the course of 2.5 months, including one issue that TAG reported as ITW. This blog post covers the details of the original artifacts, each of the bugs discovered, and the hypothesized ITW exploit strategy gleaned from the logs.ArtifactsUsually when successfully reverse-engineering an ITW exploit, Project Zero/TAG have had access to the exploit sample itself, making determining what vulnerability was exploited primarily a matter of time and effort. However, in this particular case, we received several kernel panic logs but unfortunately not the exploit sample. This meant we could not directly reproduce crashes or reverse engineer what bug was being exploited.Accurately determining what vulnerability an exploit uses working only off of crash logs and without the exploit itself can range in difficulty from highly plausible to impossible. I decided to give it a try and see what I could learn. Out of the 6 panics we received, 4 panics in particular contained potentially useful information:Log 1:[   47.223480] adsprpc: fastrpc_init_process: untrusted app trying to attach to privileged DSP PD[   47.254494] adsprpc: mapping not found to unmap fd 0xffffffff, va ]]> 2024-12-15T22:11:23+00:00 https://googleprojectzero.blogspot.com/2024/12/qualcomm-dsp-driver-unexpectedly-excavating-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8625888 False Vulnerability,Threat,Mobile,Technical None 3.0000000000000000 Bleeping Computer - Magazine Américain The Clop ransomware gang has confirmed to BleepingComputer that they are behind the recent Cleo data-theft attacks, utilizing zero-day exploits to breach corporate networks and steal data. [...]]]> 2024-12-15T15:15:00+00:00 https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-cleo-data-theft-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8625694 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thai government officials have emerged as the target of a new campaign that leverages a technique called DLL side-loading to deliver a previously undocumented backdoor dubbed Yokai. "The target of the threat actors were Thailand officials based on the nature of the lures," Nikhil Hegde, senior engineer for Netskope\'s Security Efficacy team, told The Hacker News. "The Yokai backdoor itself is not]]> 2024-12-14T15:46:00+00:00 https://thehackernews.com/2024/12/thai-officials-targeted-in-yokai.html www.secnews.physaphae.fr/article.php?IdArticle=8625027 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker. [...]]]> 2024-12-14T10:17:27+00:00 https://www.bleepingcomputer.com/news/security/390-000-wordpress-accounts-stolen-from-hackers-in-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8625209 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-removed GitHub repository that advertised a WordPress tool to publish posts to the online content management system (CMS) is estimated to have enabled the exfiltration of over 390,000 credentials. The malicious activity is part of a broader attack campaign undertaken by a threat actor, dubbed MUT-1244 (where MUT refers to "mysterious unattributed threat") by Datadog Security Labs, that]]> 2024-12-14T01:30:00+00:00 https://thehackernews.com/2024/12/390000-wordpress-credentials-stolen-via.html www.secnews.physaphae.fr/article.php?IdArticle=8624742 False Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-13T23:31:38+00:00 https://community.riskiq.com/article/d1e1ee65 www.secnews.physaphae.fr/article.php?IdArticle=8624829 True Ransomware,Malware,Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Defenders running the Cleo managed file transfer are urged to be on the lookout for the Cleopatra backdoor and other indicators of an ongoing ransomware campaign, as patching details remain foggy, and no CVE has been issued.]]> 2024-12-13T21:56:35+00:00 https://www.darkreading.com/application-security/cleo-mft-zero-day-exploits-escalate-analysts-warn www.secnews.physaphae.fr/article.php?IdArticle=8624790 False Ransomware,Vulnerability,Threat,Patching None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-13T20:57:31+00:00 https://community.riskiq.com/article/b522b6ae www.secnews.physaphae.fr/article.php?IdArticle=8624759 False Ransomware,Spam,Malware,Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-13T18:00:57+00:00 https://community.riskiq.com/article/a16902ac www.secnews.physaphae.fr/article.php?IdArticle=8624715 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iran-affiliated threat actors have been linked to a new custom malware that\'s geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras, routers, programmable]]> 2024-12-13T17:14:00+00:00 https://thehackernews.com/2024/12/iran-linked-iocontrol-malware-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8624551 False Malware,Threat,Industrial None 4.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-13T16:08:38+00:00 https://community.riskiq.com/article/3a647a38 www.secnews.physaphae.fr/article.php?IdArticle=8624668 False Malware,Tool,Threat,Legislation None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Summary DLL side-loading is a popular technique used by threat actors to execute malicious payloads under the umbrella of a benign, usually legitimate, executable. This allows the threat actor to exploit whitelists in security products that exclude trusted executables from detection. Among others, this technique has been leveraged by APT41 to deploy DUSTTRAP and Daggerfly […]

---

>Summary DLL side-loading is a popular technique used by threat actors to execute malicious payloads under the umbrella of a benign, usually legitimate, executable. This allows the threat actor to exploit whitelists in security products that exclude trusted executables from detection. Among others, this technique has been leveraged by APT41 to deploy DUSTTRAP and Daggerfly […] ]]> 2024-12-13T15:00:00+00:00 https://www.netskope.com/blog/new-yokai-side-loaded-backdoor-targets-thai-officials www.secnews.physaphae.fr/article.php?IdArticle=8624596 False Threat APT 41 3.0000000000000000 Checkpoint - Fabricant Materiel Securite In the cyber security world, malware analysis is crucial for identifying and neutralizing threats. Attackers constantly evolve their methods, and defenders must stay ahead with advanced tools. One such tool is sandboxing, a controlled environment where suspicious files are executed and observed safely. At Check Point, our Threat Emulation blade\'s new feature “In-Context Emulation”, improves malware detection by replicating real-world environments, addressing some of the toughest detection challenges. What is In-Context Emulation? Traditional sandboxing runs files in isolation, which helps identify basic malicious behavior. However, modern malware often requires specific files, interactions, or system configurations to activate fully. This is […]

---

>In the cyber security world, malware analysis is crucial for identifying and neutralizing threats. Attackers constantly evolve their methods, and defenders must stay ahead with advanced tools. One such tool is sandboxing, a controlled environment where suspicious files are executed and observed safely. At Check Point, our Threat Emulation blade\'s new feature “In-Context Emulation”, improves malware detection by replicating real-world environments, addressing some of the toughest detection challenges. What is In-Context Emulation? Traditional sandboxing runs files in isolation, which helps identify basic malicious behavior. However, modern malware often requires specific files, interactions, or system configurations to activate fully. This is […] ]]> 2024-12-13T13:00:19+00:00 https://blog.checkpoint.com/security/unlocking-the-power-of-in-context-emulation-in-malware-sandboxing/ www.secnews.physaphae.fr/article.php?IdArticle=8624550 False Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-13T12:29:31+00:00 https://community.riskiq.com/article/34cc78dd www.secnews.physaphae.fr/article.php?IdArticle=8624570 False Malware,Tool,Threat,Legislation,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Special Reports

---

CSIS Threat Matrix Report highlights challenges and shifts in the cyber threat landscape A new report from CSIS Security Group reveals a significant rise in nation-state attacks, hacktivism and advanced cyber attacks, and offers actionable insights to help organisations strengthen their defences CSIS reports over one billion compromised credentials circulating on the dark web every month - Special Reports]]> 2024-12-13T10:52:09+00:00 https://www.globalsecuritymag.fr/csis-threat-matrix-report-highlights-challenges-and-shifts-in-the-cyber-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8624510 False Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite The holidays are a time for joy, connection, and giving, but amidst the festive cheer lies a growing cyber threat that\'s anything but jolly. As we fill our online shopping carts with gifts for loved ones, scammers are busy crafting their own presents-persuasive, GenAI-generated phishing emails and ads designed to steal your personal information, financial [...]]]> 2024-12-13T06:01:37+00:00 https://informationsecuritybuzz.com/avoiding-cyber-scams-holiday-season/ www.secnews.physaphae.fr/article.php?IdArticle=8624403 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-12T22:03:04+00:00 https://community.riskiq.com/article/c893da4a www.secnews.physaphae.fr/article.php?IdArticle=8624288 False Malware,Tool,Threat,Industrial None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-12T21:33:09+00:00 https://community.riskiq.com/article/007c9fe8 www.secnews.physaphae.fr/article.php?IdArticle=8624261 False Ransomware,Malware,Tool,Vulnerability,Threat,Medical,Cloud,Commercial None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-12T20:36:12+00:00 https://community.riskiq.com/article/2b3cb06d www.secnews.physaphae.fr/article.php?IdArticle=8624235 False Malware,Tool,Threat,Legislation,Mobile APT 15 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-12T20:10:48+00:00 https://community.riskiq.com/article/0ff2f831 www.secnews.physaphae.fr/article.php?IdArticle=8624236 False Malware,Tool,Vulnerability,Threat APT C 60 3.0000000000000000 HackRead - Chercher Cyber SUMMARY The United States has taken strong action against a Chinese cybersecurity company, Sichuan Silence Information Technology, for…]]> 2024-12-12T19:33:38+00:00 https://hackread.com/us-sanctions-chinese-cybersecurityfirm-firewall-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8624190 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked state-sponsored threat actor tracked as Gamaredon has been attributed to two new Android spyware tools called BoneSpy and PlainGnome, marking the first time the adversary has been discovered using mobile-only malware families in its attack campaigns. "BoneSpy and PlainGnome target former Soviet states and focus on Russian-speaking victims," Lookout said in an analysis. "Both]]> 2024-12-12T19:05:00+00:00 https://thehackernews.com/2024/12/gamaredon-deploys-android-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8624074 False Malware,Tool,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched security vulnerability in Apple\'s iOS and macOS that, if successfully exploited, could sidestep the Transparency, Consent, and Control (TCC) framework and result in unauthorized access to sensitive information. The flaw, tracked as CVE-2024-44131 (CVSS score: 5.3), resides in the FileProvider component, per Apple, and has been addressed with improved]]> 2024-12-12T18:05:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-symlink-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8624016 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. [...]]]> 2024-12-12T15:46:32+00:00 https://www.bleepingcomputer.com/news/security/new-iocontrol-malware-used-in-critical-infrastructure-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8624213 False Malware,Threat,Industrial None 3.0000000000000000 Global Security Mag - Site de news francais Special Reports

---

Cequence Security Research Reveals £2M Per Hour at Risk to Cybercrime During Holiday Shopping Season Cequence\'s CQ Prime threat research highlights the alarming financial toll of malicious automated attacks, with e-commerce businesses worldwide facing potential losses of over a billion in December. - Special Reports]]> 2024-12-12T14:13:45+00:00 https://www.globalsecuritymag.fr/cequence-security-research-reveals-l2m-per-hour-at-risk-to-cybercrime-during.html www.secnews.physaphae.fr/article.php?IdArticle=8624075 False Threat None 3.0000000000000000 HackRead - Chercher Cyber BforeAI has discovered a surge in phishing attacks targeting the Dubai Police, a government-run entity. Learn how cybercriminals are exploiting the Dubai Police name to steal personal information and money.]]> 2024-12-12T13:10:09+00:00 https://hackread.com/scammers-fake-domains-dubai-police-phishing-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8624046 False Threat,Legislation None 3.0000000000000000 Sekoia - Cyber Firms Since launching in 2017, Sekoia.io has made a name for itself with its groundbreaking vision in threat detection, leveraging advanced analytics and smart machine learning. But the journey does not end there! Sekoia.io is always growing and improving its services to stay ahead of new cyber threats. The story behind Sekoia.io Custom Integrations is a […] La publication suivante The story behind Sekoia.io Custom Integrations est un article de Sekoia.io Blog.

---

>Since launching in 2017, Sekoia.io has made a name for itself with its groundbreaking vision in threat detection, leveraging advanced analytics and smart machine learning. But the journey does not end there! Sekoia.io is always growing and improving its services to stay ahead of new cyber threats. The story behind Sekoia.io Custom Integrations is a […] La publication suivante The story behind Sekoia.io Custom Integrations est un article de Sekoia.io Blog.]]> 2024-12-12T08:15:43+00:00 https://blog.sekoia.io/the-story-behind-sekoia-io-custom-integrations/ www.secnews.physaphae.fr/article.php?IdArticle=8623931 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-12T02:01:48+00:00 https://community.riskiq.com/article/15cfbc2f www.secnews.physaphae.fr/article.php?IdArticle=8623800 False Spam,Malware,Vulnerability,Threat,Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Trend threat intelligence and training were crucial to the success of two major policing operations in 2024]]> 2024-12-12T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/l/interpol-cybercrime.html www.secnews.physaphae.fr/article.php?IdArticle=8623743 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russian nation-state actor tracked as Secret Blizzard has been observed leveraging malware associated with other threat actors to deploy a known backdoor called Kazuar on target devices located in Ukraine. The new findings come from the Microsoft threat intelligence team, which said it observed the adversary leveraging the Amadey bot malware to download custom malware onto "specifically]]> 2024-12-11T23:32:00+00:00 https://thehackernews.com/2024/12/secret-blizzard-deploys-kazuar-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8623598 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The US State Department has offered a $10 million reward for Guan Tianfeng, who has been accused of developing and testing a critical SQL injection flaw with a CVSS score of 9.8 used in Sophos attacks.]]> 2024-12-11T22:47:17+00:00 https://www.darkreading.com/cyberattacks-data-breaches/chinese-hacker-pwns-81k-sophos-devices-with-zero-day-bug www.secnews.physaphae.fr/article.php?IdArticle=8623692 False Vulnerability,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-11T22:38:07+00:00 https://community.riskiq.com/article/9dd28182 www.secnews.physaphae.fr/article.php?IdArticle=8623712 False Malware,Tool,Threat,Cloud APT 41 3.0000000000000000 Dark Reading - Informationweek Branch Threat actors punch holes in the company\'s online ordering systems, tripping up doughnut deliveries across the US after a late November breach.]]> 2024-12-11T22:13:51+00:00 https://www.darkreading.com/cyberattacks-data-breaches/krispy-kreme-doughnut-delivery-cooked-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8623693 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers at Cavero have created a correlating numbers mechanism, adding a layer of privacy that even threat actors can\'t gain enough information to breach.]]> 2024-12-11T21:09:31+00:00 https://www.darkreading.com/cyber-risk/symmetrical-cryptography-post-quantum-era www.secnews.physaphae.fr/article.php?IdArticle=8623668 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly devised technique leverages a Windows accessibility framework called UI Automation (UIA) to perform a wide range of malicious activities without tipping off endpoint detection and response (EDR) solutions. "To exploit this technique, a user must be convinced to run a program that uses UI Automation," Akamai security researcher Tomer Peled said in a report shared with The Hacker News. "]]> 2024-12-11T20:43:00+00:00 https://thehackernews.com/2024/12/new-malware-technique-could-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8623520 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. "Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an interactive shell]]> 2024-12-11T19:37:00+00:00 https://thehackernews.com/2024/12/zloader-malware-returns-with-dns.html www.secnews.physaphae.fr/article.php?IdArticle=8623490 False Malware,Tool,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Microsoft detailed how Russian espionage group Secret Blizzard is leveraging infrastructure of other threat actors to target the Ukrainian military with custom malware]]> 2024-12-11T17:00:00+00:00 https://www.infosecurity-magazine.com/news/secret-blizzard-ukrainian-military/ www.secnews.physaphae.fr/article.php?IdArticle=8623550 False Malware,Threat None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed. This clandestine approach, which is the second time in as many weeks that Microsoft has highlighted the group\'s effort, shows how Turla uses a wide range of attack […]

---

>A Russian nation-state threat actor has been observed leveraging tools from other cybercriminal groups to compromise targets in Ukraine, a recent report by Microsoft Threat Intelligence disclosed. This clandestine approach, which is the second time in as many weeks that Microsoft has highlighted the group\'s effort, shows how Turla uses a wide range of attack […] ]]> 2024-12-11T17:00:00+00:00 https://cyberscoop.com/turla-leverage-cybercriminal-tools-target-ukraine-microsoft/ www.secnews.physaphae.fr/article.php?IdArticle=8623548 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat Hunter Team]]> 2024-12-11T16:30:00+00:00 https://thehackernews.com/2024/12/researchers-uncover-espionage-tactics.html www.secnews.physaphae.fr/article.php?IdArticle=8623431 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Special Reports

---

New Study from Kong Highlights Rising Threat of AI-Enhanced Security Attacks 25% of respondents have already experienced an AI-enhanced security incident, according to new report - Special Reports]]> 2024-12-11T14:14:27+00:00 https://www.globalsecuritymag.fr/new-study-from-kong-highlights-rising-threat-of-ai-enhanced-security-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8623493 False Threat,Studies None 3.0000000000000000 RedCanary - Red Canary Over the last decade, we\'ve built Red Canary\'s threat hunting framework to be deliberate, proactive, and iterative]]> 2024-12-11T13:27:27+00:00 https://redcanary.com/blog/threat-detection/threat-hunting-guidance/ www.secnews.physaphae.fr/article.php?IdArticle=8623457 False Threat None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-12-11T12:00:00+00:00 https://levelblue.com/blogs/security-essentials/levelblue-soc-analysts-see-sharp-rise-in-cyber-threats-stay-vigilant www.secnews.physaphae.fr/article.php?IdArticle=8623455 False Ransomware,Malware,Tool,Vulnerability,Threat,Patching,Medical,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain Russian cyber-espionage group Turla, aka "Secret Blizzard," is utilizing other threat actors\' infrastructure to target Ukrainian military devices connected via Starlink. [...]]]> 2024-12-11T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/russian-cyber-spies-hide-behind-other-hackers-to-target-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=8623643 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit wire fraud. Guan has been]]> 2024-12-11T11:59:00+00:00 https://thehackernews.com/2024/12/us-charges-chinese-hacker-for.html www.secnews.physaphae.fr/article.php?IdArticle=8623270 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Points de Vue

---

Les tendances Tech à suivre en 2025 selon Ivanti. Le secteur de la cybersécurité évolue à une vitesse fulgurante, sous l\'impulsion de menaces toujours plus sophistiquées et d\'un paysage technologique en constante mutation. Dans ce contexte, les entreprises doivent non seulement s\'adapter rapidement, mais aussi anticiper les tendances à venir. En tant qu\'expert du secteur, Ivanti présente six évolutions stratégiques qui façonneront la cybersécurité en 2025. - Points de Vue]]> 2024-12-11T11:21:06+00:00 https://www.globalsecuritymag.fr/les-tendances-tech-a-suivre-en-2025-selon-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8623408 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Microsoft has patched dozens of vulnerabilities in December, including one zero-day being exploited in the wild]]> 2024-12-11T10:15:00+00:00 https://www.infosecurity-magazine.com/news/microsoft-71-cves-actively/ www.secnews.physaphae.fr/article.php?IdArticle=8623375 False Vulnerability,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A zero-day vulnerability in Cleo file transfer software is being exploited in data theft attacks]]> 2024-12-11T09:30:00+00:00 https://www.infosecurity-magazine.com/news/zero-day-cleo-file-transfer/ www.secnews.physaphae.fr/article.php?IdArticle=8623344 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Investigations

---

Les lacunes en matière de cybersécurité fragilisent les entreprises face aux menaces alimentées par l\'IA par Kaspersky - Investigations]]> 2024-12-11T09:26:11+00:00 https://www.globalsecuritymag.fr/les-lacunes-en-matiere-de-cybersecurite-fragilisent-les-entreprises-face-aux.html www.secnews.physaphae.fr/article.php?IdArticle=8623346 False Threat None 3.0000000000000000 McAfee Labs - Editeur Logiciel Authored By Sakshi Jaiswal, Anuradha M In Q3 2024, McAfee Labs identified a sharp rise in the Remcos RAT threat....

---

> Authored By Sakshi Jaiswal, Anuradha M In Q3 2024, McAfee Labs identified a sharp rise in the Remcos RAT threat.... ]]> 2024-12-11T08:38:14+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/the-stealthy-stalker-remcos-rat/ www.secnews.physaphae.fr/article.php?IdArticle=8623312 False Threat None 3.0000000000000000 The Register - Site journalistique Anglais Also sanctions his employer – an outfit called Sichuan Silence linked to Ragnarok ransomware The US Departments of Treasury and Justice have named a Chinese business and one of its employees as the actors behind the 2020 exploit of a zero-day flaw in Sophos firewalls…]]> 2024-12-11T05:02:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/12/11/sichuan_silence_sophos_zeroday_sanctions/ www.secnews.physaphae.fr/article.php?IdArticle=8623226 False Vulnerability,Threat None 3.0000000000000000 Krebs on Security - Chercheur Américain Read More »

---

Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that is already being exploited in active attacks. The zero-day seeing exploitation involves CVE-2024-49138, a security weakness in the Windows Common… Read More »]]> 2024-12-11T01:53:13+00:00 https://krebsonsecurity.com/2024/12/patch-tuesday-december-2024-edition/ www.secnews.physaphae.fr/article.php?IdArticle=8623159 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.]]> 2024-12-10T22:21:02+00:00 https://www.darkreading.com/application-security/microsoft-zero-day-critical-rces-patch-tuesday www.secnews.physaphae.fr/article.php?IdArticle=8623098 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts Cleo\'s LexiCom,]]> 2024-12-10T21:27:00+00:00 https://thehackernews.com/2024/12/cleo-file-transfer-vulnerability-under.html www.secnews.physaphae.fr/article.php?IdArticle=8622950 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actor group recently took credit for a similar attack on Blue Yonder that affected multiple organizations, including Starbucks.]]> 2024-12-10T21:03:08+00:00 https://www.darkreading.com/cyberattacks-data-breaches/termite-ransomware-behind-cleo-zero-day-attacks www.secnews.physaphae.fr/article.php?IdArticle=8623056 False Ransomware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementation. Automated internal and external network pentesting is a game-changing solution, empowering organizations to stay]]> 2024-12-10T17:20:00+00:00 https://thehackernews.com/2024/12/the-future-of-network-security.html www.secnews.physaphae.fr/article.php?IdArticle=8622853 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Malware Update

---

Operation Digital Eye - Chinese APT compromises critical digital infrastructure via Visual Studio Code tunnels Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. - Malware Update]]> 2024-12-10T17:02:10+00:00 https://www.globalsecuritymag.fr/operation-digital-eye-chinese-apt-compromises-critical-digital-infrastructure.html www.secnews.physaphae.fr/article.php?IdArticle=8622953 True Threat None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The department\'s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls.

---

>The department\'s Office of Foreign Assets Control said Guan Tianfeng used a zero-day exploit to deploy malware on 81,000 firewalls. ]]> 2024-12-10T16:54:59+00:00 https://cyberscoop.com/treasury-sanctions-chinese-cyber-company-2020-firewall-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8622952 False Malware,Vulnerability,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Hackers exploited AWS misconfigurations, leaking 2TB of sensitive data, including customer information, credentials and proprietary source code]]> 2024-12-10T16:30:00+00:00 https://www.infosecurity-magazine.com/news/hackers-exploit-aws/ www.secnews.physaphae.fr/article.php?IdArticle=8622951 False Data Breach,Threat None 3.0000000000000000 ProofPoint - Firm Security 2024-12-10T15:39:28+00:00 https://www.proofpoint.com/us/newsroom/news/how-proofpoint-redefining-cyber-threat-defense-0 www.secnews.physaphae.fr/article.php?IdArticle=8625166 False Threat None 2.0000000000000000 HackRead - Chercher Cyber SUMMARY AppLite banking trojan is a newly discovered stealthy mobile malware threat targeting mobile devices. Learn about its…]]> 2024-12-10T14:57:28+00:00 https://hackread.com/hackers-job-seekers-banking-trojan-fake-job-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8622892 False Malware,Threat,Mobile None 3.0000000000000000 ProofPoint - Cyber Firms We are thrilled to announce that Ben McLaughlin has been appointed as Proofpoint\'s Chief Information Security Officer. Ben is an accomplished cybersecurity executive with an exceptional record of execution and leadership. He has dedicated over 30 years of his career to managing security across large global enterprises, driving risk management, business growth and digital transformation in the SaaS, Cloud Services and Semiconductor sectors. He brings broad exposure from start-ups to Fortune 200 organizations and is skilled at articulating a risk-oriented and holistic view of cybersecurity posture to C-Suite and board-level audiences. Before joining Proofpoint, Ben spent over 17 years at the data storage company, Seagate Technology. From 2014 to 2019, he led the information security efforts across Seagate\'s worldwide manufacturing operations, encompassing 35,000 employees and 55,000 endpoints. In 2019, he transitioned to the role of CISO for Seagate LYVE Cloud, where he established a diverse, global security team and built a comprehensive security program from the ground up, ]]> 2024-12-10T14:51:07+00:00 https://www.proofpoint.com/us/blog/corporate-news/proofpoint-appoints-ben-mclaughlin-chief-information-security-officer www.secnews.physaphae.fr/article.php?IdArticle=8622917 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor called UAC-0185 (aka UNC4221), which has been active since at least 2022. "The phishing emails mimicked official messages]]> 2024-12-10T14:42:00+00:00 https://thehackernews.com/2024/12/cert-ua-warns-of-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8622796 False Threat None 3.0000000000000000 The State of Security - Magazine Américain Today\'s VERT Alert addresses Microsoft\'s December 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1136 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-49138 The only vulnerability that has been publicly disclosed and exploited this month is CVE-2024-49138, a vulnerability in the Windows Common Log File System Driver. Successful exploitation of this privilege escalation vulnerability would grant the attacker SYSTEM level permissions. Microsoft has reported this vulnerability as Exploitation Detected. CVE...]]> 2024-12-10T14:28:40+00:00 https://www.tripwire.com/state-of-security/vert-threat-alert-december-2024-patch-tuesday-analysis www.secnews.physaphae.fr/article.php?IdArticle=8623053 False Vulnerability,Threat None 2.0000000000000000 Palo Alto Network - Site Constructeur Sam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, spoke with Sam Sabin, cybersecurity reporter at Axios, about destructive cyberattacks.

---

>Sam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, spoke with Sam Sabin, cybersecurity reporter at Axios, about destructive cyberattacks. ]]> 2024-12-10T14:00:08+00:00 https://www.paloaltonetworks.com/blog/2024/12/axios-and-unit-42s-sam-rubin-discuss-disruptive-cyberattacks/ www.secnews.physaphae.fr/article.php?IdArticle=8622857 False Threat None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-12-10T13:47:00+00:00 https://levelblue.com/blogs/security-essentials/what-is-a-brute-force-attack www.secnews.physaphae.fr/article.php?IdArticle=8622890 False Tool,Vulnerability,Threat,Cloud None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point Software\'s latest threat index highlights the rise of Androxgh0st, a Mozi-integrated botnet, and ongoing threats from Joker and Anubis, showcasing evolving cyber criminal tactics. Check Point\'s Global Threat Index for November 2024 emphasizing the growing sophistication of cyber criminals. The report highlights the swift ascent of Androxgh0st, now integrated with the Mozi botnet, as it continues to target critical infrastructure worldwide. Critical infrastructure-spanning energy grids, transportation systems, healthcare networks, and more-remains a prime target for cybercriminals due to its indispensable role in daily life and its vulnerabilities. Disrupting these systems can lead to widespread chaos, financial losses, and […]

---

>Check Point Software\'s latest threat index highlights the rise of Androxgh0st, a Mozi-integrated botnet, and ongoing threats from Joker and Anubis, showcasing evolving cyber criminal tactics. Check Point\'s Global Threat Index for November 2024 emphasizing the growing sophistication of cyber criminals. The report highlights the swift ascent of Androxgh0st, now integrated with the Mozi botnet, as it continues to target critical infrastructure worldwide. Critical infrastructure-spanning energy grids, transportation systems, healthcare networks, and more-remains a prime target for cybercriminals due to its indispensable role in daily life and its vulnerabilities. Disrupting these systems can lead to widespread chaos, financial losses, and […] ]]> 2024-12-10T13:00:39+00:00 https://blog.checkpoint.com/research/november-2024s-most-wanted-malware-androxgh0st-leads-the-pack-targeting-iot-devices-and-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8622883 False Malware,Vulnerability,Threat,Medical None 3.0000000000000000 Dark Reading - Informationweek Branch A Chinese threat actor infiltrated several IT and security companies in a bring-your-own VS code, with an eye to carrying out a supply-chain-based espionage attack.]]> 2024-12-10T11:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/operation-digital-eye-attack-targets-european-it-orgs www.secnews.physaphae.fr/article.php?IdArticle=8622777 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. [...]]]> 2024-12-10T10:09:52+00:00 https://www.bleepingcomputer.com/news/security/new-cleo-zero-day-rce-flaw-exploited-in-data-theft-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8622919 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Recently, Varonis investigated a phishing campaign in which a malicious email enabled a threat actor to access the organization. This blog post will reveal the tactics used to avoid detection and share what was discovered during the investigation. [...]]]> 2024-12-10T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/inside-the-incident-uncovering-an-advanced-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8622920 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. Department of Homeland Security (DHS), in collaboration with the Defense Threat Reduction Agency (DTRA) and U.S.... ]]> 2024-12-10T09:21:05+00:00 https://industrialcyber.co/training/dhs-dtra-lead-maritime-cybersecurity-exercise-in-philippines-boost-indo-pacific-security-efforts/ www.secnews.physaphae.fr/article.php?IdArticle=8622749 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Investigations

---

Rapport ThreatLabz Zscaler : Plus de 87 % des cyber menaces dissimulées dans le trafic chiffré ont été identifiées en 2024 Le nouveau rapport ThreatLabz de Zscaler révèle que les cybercriminels exploitent les canaux chiffrés pour mener des attaques de cryptographie, phishing et autres menaces avancées. - Investigations]]> 2024-12-10T09:00:42+00:00 https://www.globalsecuritymag.fr/rapport-threatlabz-zscaler-plus-de-87-des-cyber-menaces-dissimulees-dans-le.html www.secnews.physaphae.fr/article.php?IdArticle=8622715 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors linked to the Black Basta ransomware have been observed switching up their social engineering tactics, distributing a different set of payloads such as Zbot and DarkGate since early October 2024. "Users within the target environment will be email bombed by the threat actor, which is often achieved by signing up the user\'s email to numerous mailing lists simultaneously," Rapid7]]> 2024-12-09T23:14:00+00:00 https://thehackernews.com/2024/12/black-basta-ransomware-evolves-with.html www.secnews.physaphae.fr/article.php?IdArticle=8622400 False Ransomware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and credential theft. Microsoft has no patch, but released updated NTLM cyberattack mitigation advice.]]> 2024-12-09T22:42:00+00:00 https://www.darkreading.com/application-security/microsoft-ntlm-zero-day-remain-unpatched-april www.secnews.physaphae.fr/article.php?IdArticle=8622494 False Vulnerability,Threat None 3.0000000000000000 HackRead - Chercher Cyber Protect your systems with automated patching and server hardening strategies to defend against vulnerabilities like the NTLM zero-day.…]]> 2024-12-09T21:36:14+00:00 https://hackread.com/windows-zero-day-alert-no-patch-available-for-users/ www.secnews.physaphae.fr/article.php?IdArticle=8622470 False Vulnerability,Threat,Patching None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The compromised ultralytics AI library delivered XMRig miner via GitHub Actions exploit]]> 2024-12-09T16:30:00+00:00 https://www.infosecurity-magazine.com/news/ai-library-delivers-cryptocurrency/ www.secnews.physaphae.fr/article.php?IdArticle=8622367 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious botnet called Socks5Systemz is powering a proxy service called PROXY.AM, according to new findings from Bitsight. "Proxy malware and services enable other types of criminal activity adding uncontrolled layers of anonymity to the threat actors, so they can perform all kinds of malicious activity using chains of victim systems," the company\'s security research team said in an analysis]]> 2024-12-09T16:14:00+00:00 https://thehackernews.com/2024/12/socks5systemz-botnet-powers-illegal.html www.secnews.physaphae.fr/article.php?IdArticle=8622212 False Malware,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-09T15:40:00+00:00 https://community.riskiq.com/article/d84dfe4f www.secnews.physaphae.fr/article.php?IdArticle=8622342 False Malware,Tool,Threat,Industrial,Conference,Technical None 3.0000000000000000 Kovrr - cyber risk management platform 2024-12-09T15:08:31+00:00 https://www.kovrr.com/reports/quantifying-cybersecurity-control-impacts www.secnews.physaphae.fr/article.php?IdArticle=8622318 False Tool,Vulnerability,Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial A recent report from Ordr has revealed the increasing dangers posed by unmanaged, agentless assets. The report emphasizes...

---

>A recent report from Ordr has revealed the increasing dangers posed by unmanaged, agentless assets. The report emphasizes... ]]> 2024-12-09T14:01:21+00:00 https://industrialcyber.co/reports/new-ordr-report-reveals-rising-threat-of-unmanaged-iot-and-ot-devices-endangers-enterprises/ www.secnews.physaphae.fr/article.php?IdArticle=8622266 False Threat,Industrial None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite For the latest discoveries in cyber research for the week of 9th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Romania’s Constitutional Court annulled the first round of its presidential election after declassified intelligence revealed Russian interference favoring right wing candidate Călin Georgescu. The interference involved a sophisticated social media campaign on […]

---

>For the latest discoveries in cyber research for the week of 9th December, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Romania’s Constitutional Court annulled the first round of its presidential election after declassified intelligence revealed Russian interference favoring right wing candidate Călin Georgescu. The interference involved a sophisticated social media campaign on […] ]]> 2024-12-09T13:53:55+00:00 https://research.checkpoint.com/2024/9th-december-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8622264 False Threat None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC the adage "patch or perish" encapsulates a stark reality. The timely application of software patches is not just a best practice—it is a necessity. The vulnerabilities that lurk in unpatched software can serve as gateways for cybercriminals, leading to severe breaches, operational disruptions, and substantial financial losses. The imperative to keep software up-to-date has never been more pressing, yet patch management often takes a backseat in organizations. It\'s not merely a technical oversight; it\'s a question of diligence and prioritization. The virtue of diligence—the proactive, methodical maintenance of systems—has been lost amid the rapid pace of technological growth. This article takes a deeper look at why diligence in patching is a crucial, yet often overlooked, cornerstone of cybersecurity. The Imperative of Patching Software patches are more than mere updates; they are crucial security mechanisms designed to address vulnerabilities, fix bugs, and even add functionality to software. They serve as a frontline defense against a spectrum of threats that grow more sophisticated each day. Neglecting patches doesn\'t just put one system at risk; it can compromise the entire network, potentially creating a cascading effect of vulnerabilities. Cybercriminals often exploit known vulnerabilities for which patches already exist. These are known as “n-day vulnerabilities,” and their exploitation is rampant simply because organizations fail to apply fixes that are readily available. The importance of patching should be viewed not only as a matter of hygiene but also as a competitive edge. In the current threat landscape, attackers are quick, but defenders must be quicker. Consequences of Neglect The repercussions of inadequate patching are well-documented yet continue to be ignored. Unpatched systems become a fertile hunting ground for cybercriminals looking for easy prey. The result can be data breaches that compromise sensitive information, financial losses that are often uninsurable, and reputational damage that can take years to mend. Take, for example, the infamous WannaCry ransomware attack. WannaCry leveraged a known vulnerability in Microsoft Windows, a vulnerability for which a patch had been released months earlier. Due to lax patch management, over 200,000 systems in 150 countries were compromised, causing disruptions to healthcare, manufacturing, and finance industries. The cost? Billions of dollars in damages, not to mention the incalculable impact on people\'s lives due to healthcare system disruptions. These scenarios are not isolated—they illustrate the risks inherent in ignoring patching protocols. For organizations that fail to take patch management seriously, it’s not a question of "if" they will be compromised, but "when." Challenges in Patch Management Despite its importance, patch management remains fraught with challenges. It’s essential to recognize these hurdles to develop effective mitigation strategies: Resource limitations: Smaller organizations often lack the IT resources required for consistent patch management. Even larger enterprises might struggle to dedicate the necessary manpower, given the constant barrage of patches released by software vendors. System complexity: Modern IT ecosystems are incredibly complex, with a multitude of interdependent software applications and legacy systems. Applying a patch without testing could cause unforeseen issues, from compatibility problems to outright system failures. Downtime concerns: Many organization]]> 2024-12-09T13:49:00+00:00 https://levelblue.com/blogs/security-essentials/patch-or-perish-the-forgotten-virtue-of-diligence-in-digital-security www.secnews.physaphae.fr/article.php?IdArticle=8622293 False Ransomware,Tool,Vulnerability,Threat,Patching,Medical,Technical Wannacry 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-09T12:58:56+00:00 https://community.riskiq.com/article/db266374 www.secnews.physaphae.fr/article.php?IdArticle=8622259 False Vulnerability,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine This new ransomware group is likely a new variant of Babuk, said Cyble threat intelligence analysts]]> 2024-12-09T12:35:00+00:00 https://www.infosecurity-magazine.com/news/termite-ransomware-blue-yonder/ www.secnews.physaphae.fr/article.php?IdArticle=8622241 False Ransomware,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-12-09T12:22:03+00:00 https://community.riskiq.com/article/86d339a0 www.secnews.physaphae.fr/article.php?IdArticle=8622260 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Industrial,Prediction APT 45 3.0000000000000000 Silicon - Site de News Francais Les capacités de détection des menaces sur les identités se développent dans les solutions autonomes de gestion des accès. Qui se distingue sur ce marché ?]]> 2024-12-09T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/Gestion-des-acces-des-offres-plus-englobantes-sur-les-identites-465732.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8622743 False Threat None 3.0000000000000000 Microsoft - Microsoft Security Response Center Introduction In February 2024, we released an update to Exchange Server which contained a security improvement referenced by CVE-2024-21410 that enabled Extended Protection for Authentication (EPA) by default for new and existing installs of Exchange 2019. While we\'re currently unaware of any active threat campaigns involving NTLM relaying attacks against Exchange, we have observed threat actors exploiting this vector in the past.]]> 2024-12-09T00:00:00+00:00 https://msrc.microsoft.com/blog/2024/12/mitigating-ntlm-relay-attacks-by-default/ www.secnews.physaphae.fr/article.php?IdArticle=8622420 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned of a new scam campaign that leverages fake video conferencing apps to deliver an information stealer called Realst targeting people working in Web3 under the guise of fake business meetings. "The threat actors behind the malware have set up fake companies using AI to make them increase legitimacy," Cado Security researcher Tara Gould said. "The company]]> 2024-12-07T13:48:00+00:00 https://thehackernews.com/2024/12/hackers-using-fake-video-conferencing.html www.secnews.physaphae.fr/article.php?IdArticle=8621106 False Malware,Threat None 3.0000000000000000