This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:22:53+00:00 www.secnews.physaphae.fr InfoSecurity Mag - InfoSecurity Magazine watchTowr has found a flaw in Citrix\'s Session Recording Manager that can be exploited to enable unauthenticated RCE against Citrix Virtual Apps and Desktops]]> 2024-11-12T14:00:00+00:00 https://www.infosecurity-magazine.com/news/new-citrix-zeroday-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8609813 False Vulnerability,Threat None 3.0000000000000000 BlackBerry - Fabricant Matériel et Logiciels The threat actor behind LightSpy has expanded their toolset with the introduction of DeepData, a modular Windows-based surveillance framework that significantly broadens their espionage capabilities.]]> 2024-11-12T09:01:00+00:00 https://blogs.blackberry.com/en/2024/11/lightspy-apt41-deploys-advanced-deepdata-framework-in-targeted-southern-asia-espionage-campaign www.secnews.physaphae.fr/article.php?IdArticle=8610605 False Threat APT 41 3.0000000000000000 The State of Security - Magazine Américain Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. In July, the UK\'s new Labour Government announced that it was limiting who was eligible for assistance with their winter fuel bills by making eligibility means-tested. The controversial decision appears to have inspired fraudsters to launch a campaign designed to steal sensitive information from low-income senior citizens and leave them even more out of pocket. Many people have reported receiving scam text...]]> 2024-11-12T04:21:20+00:00 https://www.tripwire.com/state-of-security/winter-fuel-payment-scam-targets-uk-citizens-sms www.secnews.physaphae.fr/article.php?IdArticle=8609746 False Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Fortinet\'s FortiGuard Labs has uncovered a sophisticated phishing campaign distributing a new variant of the Remcos Remote Access Trojan (RAT). The campaign begins with a phishing email containing a malicious Excel document designed to exploit vulnerabilities and deliver the Remcos malware onto victims’ devices. Remcos is a commercial remote administration tool (RAT) readily available for [...]]]> 2024-11-12T04:01:26+00:00 https://informationsecuritybuzz.com/phishing-campaign-remcos-rat-variant/ www.secnews.physaphae.fr/article.php?IdArticle=8609621 False Malware,Tool,Vulnerability,Threat,Commercial None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-11T23:53:46+00:00 https://community.riskiq.com/article/5f3b842c www.secnews.physaphae.fr/article.php?IdArticle=8609569 True Ransomware,Spam,Malware,Tool,Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Though its third-quarter earnings report confirms that the company remains on track, it\\\\\\\\\\\\'s unclear how that will be affected if the threat actors commit further damage.]]> 2024-11-11T21:31:13+00:00 https://www.darkreading.com/cybersecurity-operations/halliburton-optimistic-35m-data-breach-losses www.secnews.physaphae.fr/article.php?IdArticle=8609518 False Data Breach,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-11T21:00:54+00:00 https://community.riskiq.com/article/500d1bb8 www.secnews.physaphae.fr/article.php?IdArticle=8609535 True Ransomware,Spam,Malware,Tool,Threat,Legislation,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-11T18:57:29+00:00 https://community.riskiq.com/article/048b77c8 www.secnews.physaphae.fr/article.php?IdArticle=8609479 False Ransomware,Malware,Tool,Threat,Prediction,Medical,Cloud APT 45 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-11T18:49:52+00:00 https://community.riskiq.com/article/0a45faad www.secnews.physaphae.fr/article.php?IdArticle=8609480 False Ransomware,Spam,Malware,Tool,Threat,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-11T18:08:06+00:00 https://community.riskiq.com/article/f87ebe16 www.secnews.physaphae.fr/article.php?IdArticle=8609481 False Ransomware,Malware,Tool,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ⚠️ Imagine this: the very tools you trust to protect you online-your two-factor authentication, your car\\\\\\\\\\\\'s tech system, even your security software-turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn\\\\\\\\\\\\'t fiction; it\\\\\\\\\\\\'s the new cyber reality. Today\\\\\\\\\\\\'s attackers have become so sophisticated that they\\\\\\\\\\\\'re using our trusted tools as secret pathways,]]> 2024-11-11T17:27:00+00:00 https://thehackernews.com/2024/11/thn-recap-top-cybersecurity-threats_11.html www.secnews.physaphae.fr/article.php?IdArticle=8609329 False Tool,Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Vérifier les logiciels de point de point \\\\\\\\\\\\\ \ \ \ index des menaces de l'as Tactiques utilisées par les cybercriminels à travers le monde. Le point de vérification \\\\\\\\\\\\\’s Global Menage Index pour octobre 2024 révèle une tendance préoccupante dans le paysage de la cybersécurité: la montée des infostelleurs et la sophistication croissante des méthodes d’attaque employées par les cybercriminels. Le mois dernier, les chercheurs ont découvert une chaîne d'infection où de fausses pages CAPTCHA sont utilisées pour distribuer du malware Lumma Stealer, qui a atteint la 4e place dans le classement des logiciels malveillants mensuels. […]

---

>Check Point Software\\\\\\\\\\\\'s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cyber criminals across the globe. Check Point\\\\\\\\\\\\'s Global Threat Index for October 2024 reveals a concerning trend in the cyber security landscape: the rise of infostealers and the increasing sophistication of attack methods employed by cyber criminals. Last month researchers discovered an infection chain where fake CAPTCHA pages are being utilized to distribute Lumma Stealer malware, which has climbed to 4th place in the Monthly Top Malware rankings. […] ]]> 2024-11-11T13:03:03+00:00 https://blog.checkpoint.com/security/october-2024s-most-wanted-malware-infostealers-surge-as-cyber-criminals-leverage-innovative-attack-vectors/ www.secnews.physaphae.fr/article.php?IdArticle=8609322 False Malware,Threat,Mobile,Prediction None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyber Les meilleurs attaques et violations Memorial Hospital and Manor à Bainbridge, en Géorgie, ont été victimes d'une attaque de ransomware qui a entraîné la perte d'accès à son système de dossier de santé électronique. The Embargo Ransomware Gang […]

---

>For the latest discoveries in cyber research for the week of 11th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Memorial Hospital and Manor in Bainbridge, Georgia, has been a victim of a ransomware attack that resulted in the loss of access to its electronic health record system. The Embargo ransomware gang […] ]]> 2024-11-11T13:01:32+00:00 https://research.checkpoint.com/2024/11th-november-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8609320 False Ransomware,Threat,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-11T12:45:44+00:00 https://community.riskiq.com/article/3b100c61 www.secnews.physaphae.fr/article.php?IdArticle=8609345 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud APT 37 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortinet FortiGuard Labs researcher Xiaopeng Zhang said in an analysis published last week. "However, threat actors have]]> 2024-11-11T11:43:00+00:00 https://thehackernews.com/2024/11/cybercriminals-use-excel-exploit-to.html www.secnews.physaphae.fr/article.php?IdArticle=8609206 False Malware,Threat,Commercial None 3.0000000000000000 HackRead - Chercher Cyber With cybersecurity threats continuously evolving, having a strong incident response (IR) plan is crucial for businesses of all…]]> 2024-11-11T00:02:57+00:00 https://hackread.com/the-importance-of-effective-incident-response/ www.secnews.physaphae.fr/article.php?IdArticle=8609091 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said. "At this time, we do not know the specifics of the]]> 2024-11-09T11:42:00+00:00 https://thehackernews.com/2024/11/palo-alto-advises-securing-pan-os.html www.secnews.physaphae.fr/article.php?IdArticle=8608466 False Vulnerability,Threat None 3.0000000000000000 Data Security Breach - Site de news Francais 2024-11-09T10:20:54+00:00 https://www.datasecuritybreach.fr/filtrage-web-2/ www.secnews.physaphae.fr/article.php?IdArticle=8608516 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-08T21:43:02+00:00 https://community.riskiq.com/article/d36e3ff1 www.secnews.physaphae.fr/article.php?IdArticle=8608312 True Malware,Vulnerability,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot SecureList by K]]> 2024-11-08T21:31:05+00:00 https://community.riskiq.com/article/792a6266 www.secnews.physaphae.fr/article.php?IdArticle=8608313 False Malware,Tool,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the AndroxGh0st malware are now exploiting a broader set of security flaws impacting various internet-facing applications, while also deploying the Mozi botnet malware. "This botnet utilizes remote code execution and credential-stealing methods to maintain persistent access, leveraging unpatched vulnerabilities to infiltrate critical infrastructures," CloudSEK said in a]]> 2024-11-08T19:32:00+00:00 https://thehackernews.com/2024/11/androxgh0st-malware-integrates-mozi.html www.secnews.physaphae.fr/article.php?IdArticle=8608143 False Malware,Vulnerability,Threat,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-08T18:01:58+00:00 https://community.riskiq.com/article/b46fb0a6 www.secnews.physaphae.fr/article.php?IdArticle=8608254 True Malware,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) High-profile entities in India have become the target of malicious campaigns orchestrated by the Pakistan-based Transparent Tribe threat actor and a previously unknown China-nexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point]]> 2024-11-08T17:53:00+00:00 https://thehackernews.com/2024/11/icepeony-and-transparent-tribe-target.html www.secnews.physaphae.fr/article.php?IdArticle=8608093 False Malware,Tool,Threat APT 36 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with open-source stealer malware such as Skuld and Blank-Grabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available]]> 2024-11-08T17:23:00+00:00 https://thehackernews.com/2024/11/malicious-npm-packages-target-roblox.html www.secnews.physaphae.fr/article.php?IdArticle=8608094 False Malware,Threat None 3.0000000000000000 HackRead - Chercher Cyber Hackers can exploit critical vulnerabilities in Mazda\'s infotainment system, including one that enables code execution via USB, compromising…]]> 2024-11-08T17:13:26+00:00 https://hackread.com/hackers-mazda-vehicle-controls-system-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8608211 False Vulnerability,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-08T15:29:17+00:00 https://community.riskiq.com/article/aea544a9 www.secnews.physaphae.fr/article.php?IdArticle=8608186 True Malware,Threat None 3.0000000000000000 Fortinet - Fabricant Materiel Securite See how threat actors have abused Remcos to collect sensitive information from victims and remotely control their computers to perform further malicious acts.]]> 2024-11-08T14:00:00+00:00 https://www.fortinet.com/blog/threat-research/new-campaign-uses-remcos-rat-to-exploit-victims www.secnews.physaphae.fr/article.php?IdArticle=8608142 False Threat None 3.0000000000000000 Cisco - Security Firm Blog

---

Cisco Secure Firewall is a comprehensive offering that simplifies threat protection by enforcing consistent security policies across environments.]]> 2024-11-08T13:00:44+00:00 https://feedpress.me/link/23535/16879868/converge-your-wan-and-security-with-cisco-firewall www.secnews.physaphae.fr/article.php?IdArticle=8608089 False Threat None 3.0000000000000000 Cisco - Security Firm Blog

---

You can use public Cisco Talos blogs and third-party threat intelligence data with Cisco Secure Network Analytics to build custom security events.]]> 2024-11-08T13:00:41+00:00 https://feedpress.me/link/23535/16879869/leveraging-threat-intelligence-in-cisco-secure-network-analytics-part-2 www.secnews.physaphae.fr/article.php?IdArticle=8608090 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Attackers could exploit several vulnerabilities in the Mazda Connect infotainment unit, present in multiple car models including Mazda 3 (2014-2021), to execute arbitrary code with root permission. [...]]]> 2024-11-08T12:48:19+00:00 https://www.bleepingcomputer.com/news/security/unpatched-mazda-connect-bugs-let-hackers-install-persistent-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8608212 False Malware,Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Revues de produits

---

FortiAI now spans seven unique Fortinet products with new GenAI integrations for FortiNDR Cloud to accelerate threat coverage analysis and Lacework FortiCNAPP to streamline investigation - Product Reviews]]> 2024-11-07T23:34:32+00:00 https://www.globalsecuritymag.fr/fortinet-continues-to-expand-generative-ai-across-its-portfolio-with-two-new.html www.secnews.physaphae.fr/article.php?IdArticle=8607801 False Threat,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-07T22:07:45+00:00 https://community.riskiq.com/article/1f9908a1 www.secnews.physaphae.fr/article.php?IdArticle=8607796 False Ransomware,Malware,Tool,Threat,Cloud,Technical None 2.0000000000000000 Dark Reading - Informationweek Branch It\'s unclear what the threat actors have against this particular breed of cat, but it\'s taking down the kitty\'s enthusiasts with SEO-poisoned links and malware payloads.]]> 2024-11-07T22:00:02+00:00 https://www.darkreading.com/cyberattacks-data-breaches/gootloader-cyberattackers-bengal-cat-aficionados-oz www.secnews.physaphae.fr/article.php?IdArticle=8608192 False Malware,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-07T21:47:54+00:00 https://community.riskiq.com/article/fd1c0c96 www.secnews.physaphae.fr/article.php?IdArticle=8607767 False Malware,Threat,Cloud APT 37 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-07T21:35:51+00:00 https://community.riskiq.com/article/a11d08f6 www.secnews.physaphae.fr/article.php?IdArticle=8607768 True Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-07T21:28:49+00:00 https://community.riskiq.com/article/0661f634 www.secnews.physaphae.fr/article.php?IdArticle=8607769 True Ransomware,Spam,Malware,Tool,Threat,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-07T18:55:11+00:00 https://community.riskiq.com/article/2f001d21 www.secnews.physaphae.fr/article.php?IdArticle=8607701 False Malware,Tool,Vulnerability,Threat,Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor with ties to the Democratic People\'s Republic of Korea (DPRK) has been observed targeting cryptocurrency-related businesses with a multi-stage malware capable of infecting Apple macOS devices. Cybersecurity company SentinelOne, which dubbed the campaign Hidden Risk, attributed it with high confidence to BlueNoroff, which has been previously linked to malware families such as]]> 2024-11-07T18:10:00+00:00 https://thehackernews.com/2024/11/north-korean-hackers-target-crypto.html www.secnews.physaphae.fr/article.php?IdArticle=8607535 False Malware,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain North Korean threat actor BlueNoroff has been targeting crypto-related businesses with a new multi-stage malware for macOS systems. [...]]]> 2024-11-07T17:15:24+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-use-new-macos-malware-against-crypto-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8607772 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the first time the hacking crew has targeted an organization in the region. "During this attack, the threat actor used as a lure the upcoming World Expo, which will be held in 2025 in Osaka, Japan," ESET said in its APT Activity Report for the period April to]]> 2024-11-07T15:10:00+00:00 https://thehackernews.com/2024/11/china-aligned-mirrorface-hackers-target.html www.secnews.physaphae.fr/article.php?IdArticle=8607509 False Threat None 3.0000000000000000 Security Intelligence - Site de news Américain Alors que les violations de la cybersécurité continuent d'augmenter à l'échelle mondiale, les institutions gantant les informations sensibles sont particulièrement vulnérables.En 2024, le coût moyen d'une violation de données dans le secteur financier a atteint 6,08 millions de dollars, ce qui en fait le deuxième coup le plus difficile après les soins de santé, selon le coût en 2024 de l'IBM en 2024 d'un rapport de violation de données.Cela souligne la nécessité de la robuste [& # 8230;]

---

>As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM’s 2024 Cost of a Data Breach report. This underscores the need for robust IT […] ]]> 2024-11-07T14:00:00+00:00 https://securityintelligence.com/posts/exploring-dora-how-to-manage-ict-incidents/ www.secnews.physaphae.fr/article.php?IdArticle=8607584 False Data Breach,Threat,Medical None 3.0000000000000000 LogPoint - Blog Secu Face à la multiplication des cyberattaques, le partage de renseignements sur les menaces sous forme d\'informations à forte valeur, de tendances et d\'échantillons est crucial pour lutter efficacement contre les nouvelles et les anciennes menaces. Des chercheurs en sécurité indépendants du monde entier contribuent aux efforts en matière de défense via différents référentiels, qui jouent [...] ]]> 2024-11-07T13:28:53+00:00 https://www.logpoint.com/fr/blog/malware-loki-art-subtil-obfuscation/ www.secnews.physaphae.fr/article.php?IdArticle=8614782 False Malware,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Mise à jour malware

---

BlueNoroff Hidden Risk - Threat actor targets Macs with fake crypto news and novel persistence SentinelLabs has observed a suspected North Korean threat actor targeting crypto-related businesses with novel multi-stage malware. - Malware Update]]> 2024-11-07T11:55:25+00:00 https://www.globalsecuritymag.fr/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and.html www.secnews.physaphae.fr/article.php?IdArticle=8607512 True Malware,Threat None 3.0000000000000000 SentinelOne (APT) - Cyber Firms SentinelLabs has observed a suspected DPRK threat actor targeting Crypto-related businesses with novel multi-stage malware.]]> 2024-11-07T10:55:47+00:00 https://www.sentinelone.com/labs/bluenoroff-hidden-risk-threat-actor-targets-macs-with-fake-crypto-news-and-novel-persistence/ www.secnews.physaphae.fr/article.php?IdArticle=8607482 False Malware,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The UK\'s National Cyber Security Centre has released malvertising guidance for brands and their ad partners]]> 2024-11-07T10:30:00+00:00 https://www.infosecurity-magazine.com/news/ncsc-publishes-tips-tackle/ www.secnews.physaphae.fr/article.php?IdArticle=8607487 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Ci-Isac Australia, une organisation à but non lucratif dédiée à la cybersécurité et opérant sur un modèle d'adhésion, a accueilli Hayley Van ...

---

>CI-ISAC Australia, a not-for-profit organization dedicated to cybersecurity and operating on a membership model, has welcomed Hayley van... ]]> 2024-11-07T08:06:31+00:00 https://industrialcyber.co/news/ci-isac-australia-adds-hayley-van-loon-as-founding-member-of-cyber-threat-intelligence-ambassador-cadre/ www.secnews.physaphae.fr/article.php?IdArticle=8607405 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-11-07T07:18:44+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/preventing-vendor-email-compromise-advanced-phishing www.secnews.physaphae.fr/article.php?IdArticle=8607558 False Data Breach,Malware,Tool,Threat,Medical,Cloud None 2.0000000000000000 The State of Security - Magazine Américain Understanding the threats we face is crucial to protecting against them. Industry research and reports are invaluable to this understanding, providing insights to inform mitigation efforts. Few cybersecurity reports are as valuable or comprehensive as the annual ENISA Threat Landscape Report (ETL). Now in its 20th year and published by the European Union Agency for Cybersecurity (ENISA), the ETL covers data from June 2023 to July 2024, revealing the key trends shaping the cyber threat landscape in Europe and beyond. So, without further ado, let\'s dive in. Geopolitics Drives Cyber Threats...]]> 2024-11-07T02:47:51+00:00 https://www.tripwire.com/state-of-security/snapshot-cyber-threats-highlights-enisa-threat-landscape-report www.secnews.physaphae.fr/article.php?IdArticle=8607427 False Threat None 4.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-07T00:27:22+00:00 https://community.riskiq.com/article/a0d061f0 www.secnews.physaphae.fr/article.php?IdArticle=8607279 True Malware,Threat,Mobile,Prediction None 3.0000000000000000 CompromisingPositions - Podcast Cyber méchant au-delà de la croyance (Celui que j'ai dit à tort était helter skelter) un article sur Données auto-souverain À propos de Tim Hatton Tim Hatton travaille dans le numérique depuis avant qu'il ne s'appelle numérique. & NBSP;Au cours de sa carrière, il a travaillé sur des projets de données et de transformation numérique pour certaines des plus grandes entreprises au monde. Il a rejoint et numérique en 2016 et est actuellement responsable des données. & NBSP;À et il a travaillé sur des projets de stratégie de données pour des clients des industries, notamment la finance, les voyages, l'édition et le commerce de détail ainsi que pour plusieurs services gouvernementaux. Tim a rejoint et de Accenture Digital, et avant cela Tim a ]]> 2024-11-07T00:00:00+00:00 https://www.compromisingpositions.co.uk/podcast/episode-53-data-mesh www.secnews.physaphae.fr/article.php?IdArticle=8607235 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. "Leveraging Microsoft SaaS services - including Teams, SharePoint, Quick Assist, and OneDrive - the attacker exploited the trusted infrastructures of previously compromised organizations to]]> 2024-11-06T23:22:00+00:00 https://thehackernews.com/2024/11/veildrive-attack-exploits-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8607121 False Malware,Threat,Cloud None 3.0000000000000000 TechRepublic - Security News US AI-enhanced malicious attacks are a top concern for 80% of executives, and for good reason, as there is a lot of evidence that bad actors are exploiting the technology.]]> 2024-11-06T22:18:49+00:00 https://www.techrepublic.com/article/ai-cyber-attacks-gartner/ www.secnews.physaphae.fr/article.php?IdArticle=8607238 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-06T22:17:45+00:00 https://community.riskiq.com/article/d2caadf2 www.secnews.physaphae.fr/article.php?IdArticle=8607234 False Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 TechRepublic - Security News US Read more about DNS hijacking and how organizations can prevent it.]]> 2024-11-06T21:56:04+00:00 https://www.techrepublic.com/article/dns-hijacking-growing-cyber-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8607211 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot QNAP has patched a critical zero-day vulnerability, CVE-2024-50388, which was exploited during the Pwn2Own Ireland 2024 competition. ## Description The vulnerability, an OS command injection flaw, was found in HBS 3 Hybrid Backup Sync version 25.1.x, a disaster recovery and data backup solution. The exploit allowed remote attackers to execute arbitrary commands and was used by researchers to gain admin privileges on a TS-464 NAS device. The security issue has been resolved in HBS 3 Hybrid Backup Sync 25.1.1.673 and later versions. This zero-day was addressed five days after it was used in the competition, which is notably quicker than the usual 90-day period vendors are given before Trend Micro\'s Zero Day Initiative publishes details on vulnerabilities disclosed during such contests. QNAP devices have historically been targets for ransomware gangs due to the sensitive personal files they store, with previous incidents involving Qlocker and eCh0raix ransomware exploiting various vulnerabilities and weak passwords. ## Microsoft Analysis and Additional OSINT Context QNAP released security advisories for HBS 3 Hybrid Backup Sync after the vulnerabi]]> 2024-11-06T20:48:30+00:00 https://community.riskiq.com/article/319d4835 www.secnews.physaphae.fr/article.php?IdArticle=8607188 False Ransomware,Vulnerability,Threat,Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot Researchers at Midnight Blue have identified CVE-2024-10443, a critical zero-day vulnerability, affecting Synology DiskStation and BeeStation Network Attached Storage (NAS) devices. ## Description This vulnerability also known as Risk:Station exists within the SynologyPhotos component and can all]]> 2024-11-06T19:33:58+00:00 https://community.riskiq.com/article/c887dadb www.secnews.physaphae.fr/article.php?IdArticle=8607166 False Vulnerability,Threat,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-06T18:31:13+00:00 https://community.riskiq.com/article/b00418a9 www.secnews.physaphae.fr/article.php?IdArticle=8607144 False Malware,Tool,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux

---

77% of MSPs Juggle as Many as 10 Cybersecurity Point Solutions to Protect their SMB Customers, Guardz Survey Finds 47% of MSPs are drowning in large volumes of security data and 42% are challenged by implementing advanced threat detection technologies as they strive to keep up with ever-evolving cybersecurity threats - Special Reports]]> 2024-11-06T14:19:19+00:00 https://www.globalsecuritymag.fr/77-of-msps-juggle-as-many-as-10-cybersecurity-point-solutions-to-protect-their.html www.secnews.physaphae.fr/article.php?IdArticle=8607023 False Threat None 3.0000000000000000 Palo Alto Network - Site Constructeur Découvrez comment les SOC Ai-Native révolutionnent la cybersécurité, réduisant la fatigue alerte et améliorant la détection des menaces.Transformez vos opérations de sécurité avec l'IA.

---

>Discover how AI-native SOCs revolutionize cybersecurity, reducing alert fatigue and improving threat detection. Transform your security operations with AI. ]]> 2024-11-06T14:00:59+00:00 https://www.paloaltonetworks.com/blog/2024/11/power-of-ai-native-socs/ www.secnews.physaphae.fr/article.php?IdArticle=8606991 False Threat None 3.0000000000000000 Fortinet - Fabricant Materiel Securite FortiGuard Labs reveals a threat actor spreads Winos4.0, infiltrating gaming apps and targeting the education sector. Learn more.]]> 2024-11-06T14:00:00+00:00 https://www.fortinet.com/blog/threat-research/threat-campaign-spreads-winos4-through-game-application www.secnews.physaphae.fr/article.php?IdArticle=8607021 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-11-06T12:19:03+00:00 https://www.proofpoint.com/us/blog/information-protection/endpoint-agent-avoids-it-security-outages www.secnews.physaphae.fr/article.php?IdArticle=8606990 False Tool,Threat,Cloud None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain AVERTISSEMENT Utilisateurs de cloud Azure qu'un botnet contrôlé chinois s'engage dans & # 8220; très évasif & # 8221;pulvérisation de mot de passe.Je ne suis pas sûr du & # 8220; très évasif & # 8221;partie;Les techniques semblent essentiellement ce que vous obtenez dans une attaque de dégagement de mot de passe distribué: & # 8220; Tout acteur de menace utilisant l'infrastructure CoverTnetwork-1658 pourrait mener des campagnes de pulvérisation de mot de passe à plus grande échelle et augmenter considérablement la probabilité de compromis pour les informations d'identification et d'accès initial à plusieurs organisations en peu de temps,& # 8221;Les responsables de Microsoft ont écrit.& # 8220; Cette échelle, combinée à un chiffre d'affaires opérationnel rapide des informations d'identification compromises entre les acteurs CovertNetwork-1658 et Chinese, permet aux compromis de compromis sur plusieurs secteurs et régions géographiques. & # 8221; ...

---

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to multiple organizations in a short amount of time,” Microsoft officials wrote. “This scale, combined with quick operational turnover of compromised credentials between CovertNetwork-1658 and Chinese threat actors, allows for the potential of account compromises across multiple sectors and geographic regions.”...]]> 2024-11-06T12:02:18+00:00 https://www.schneier.com/blog/archives/2024/11/iot-devices-in-password-spraying-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8606939 False Threat,Cloud None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant The Mandiant Red Team recently supported a client to visualize the possible impact of a compromise by an advanced threat actor. During the assessment, Mandiant moved laterally from the customer\'s on-premises environment to their Microsoft Entra ID tenant and obtained privileges to compromise existing Entra ID service principals installed in the tenant.  In this blog post, we will show a novel way of how adversaries can move laterally and elevate privileges within Microsoft Entra ID when organizations use a popular security architecture involving Intune-managed Privileged Access Workstations (PAWs) by abusing Intune permissions (DeviceManagementConfiguration.ReadWrite.All) granted to Entra ID service principals. We also provide remediation steps and recommendations to prevent and detect this type of attack. Pretext The customer had a mature security architecture following Microsoft\'s recommended Enterprise Access model, including: An on-premises environment using Active Directory, following the Tiered Model.  An Entra ID environment, synced to the on-premises environment using Microsoft Entra Connect Sync to synchronize on-premises identities and groups to Entra ID. This environment was administered using PAWs, which were not joined to the on-premises Active Directory environment, but instead were fully cloud-native and managed by Intune Mobile Device Management (MDM). IT administrators used a dedicated, cloud-native (non-synced) administrative account to log in to these systems. Entra ID role assignments (Global Administrator, Privileged Role Administrator, et cetera.) were exclusively assigned to these cloud-native administrative accounts. The separation of administrative accounts, devices and privileges between the on-premises environment and the Entra ID environment provided a strong security boundary: Using separate, cloud-native identities for Entra ID privileged roles ensures a compromise of the on-premises Active Directory cannot be used to compromise the Entra ID environment. This is a Microsoft best practice. Using separate physical workstations for administrative access to on-premises resources and cloud resources effectivel]]> 2024-11-06T05:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/abusing-intune-permissions-entra-id-environments/ www.secnews.physaphae.fr/article.php?IdArticle=8607043 False Threat,Mobile,Cloud None 3.0000000000000000 The State of Security - Magazine Américain Users who do not have the appropriate security awareness training are considered a weak link in the security of an enterprise. These untrained users are easier to exploit than finding a flaw or vulnerability in the equipment that an enterprise uses to secure its network. Attackers could convince unsuspecting users to unintentionally provide access to the enterprise network or expose sensitive information. Proper training should be provided to users in order to decrease the risk of a security incident. Key Takeaways for Control 14 An enterprise should provide users with frequent security...]]> 2024-11-06T03:47:03+00:00 https://www.tripwire.com/state-of-security/cis-control-14 www.secnews.physaphae.fr/article.php?IdArticle=8606888 False Vulnerability,Threat None 2.0000000000000000 Intigrity - Blog The world continues to witness a dramatic transformation in the cybersecurity landscape. The demand for effective, global threat intelligence intensifies as geopolitical and economic shifts create a complex and uncertain world for businesses and consumers alike.  As we move into 2025, most organizations and individuals acknowledge that nobody is immune to cyberattacks. This blo…]]> 2024-11-06T00:00:00+00:00 https://blog.intigriti.com/business-insights/the-cyber-threat-landscape-part-1-enhancing-cybersecurity-strategies www.secnews.physaphae.fr/article.php?IdArticle=8607951 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities. "An Advanced Persistent Threat group allegedly created and deployed malware (CVE-2020-12271) as part of a widespread series of indiscriminate computer intrusions designed]]> 2024-11-05T22:45:00+00:00 https://thehackernews.com/2024/11/fbi-seeks-public-help-to-identify.html www.secnews.physaphae.fr/article.php?IdArticle=8606541 False Malware,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Targeted Geolocations - United States ## Snapshot The U.S. Cybersecurity & Infrastructure Security Agency (CISA), along with the Office of the Director of National Intelligence (ODNI) and the Federal Bureau of Investigation (FBI), have issued warnings about influence operations by Russian and Iranian actors aimed at undermining public trust in the U.S. presidential election. ## Description Russian]]> 2024-11-05T22:00:33+00:00 https://community.riskiq.com/article/9515737c www.secnews.physaphae.fr/article.php?IdArticle=8606675 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-05T20:59:14+00:00 https://community.riskiq.com/article/e92972b6 www.secnews.physaphae.fr/article.php?IdArticle=8606627 False Malware,Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-05T19:49:09+00:00 https://community.riskiq.com/article/326a5728 www.secnews.physaphae.fr/article.php?IdArticle=8606603 False Malware,Threat,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-05T19:25:00+00:00 https://community.riskiq.com/article/bf7bad45 www.secnews.physaphae.fr/article.php?IdArticle=8606604 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Over 1,500 Android devices have been infected by a new strain of Android banking malware called ToxicPanda that allows threat actors to conduct fraudulent banking transactions. "ToxicPanda\'s main goal is to initiate money transfers from compromised devices via account takeover (ATO) using a well-known technique called on-device fraud (ODF)," Cleafy researchers Michele Roviello, Alessandro Strino]]> 2024-11-05T17:46:00+00:00 https://thehackernews.com/2024/11/new-android-banking-malware-toxicpanda.html www.secnews.physaphae.fr/article.php?IdArticle=8606414 False Malware,Threat,Mobile None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Food and Ag-ISAC has released its newest Food and Ag Sector Cyber Threat Report, offering a comprehensive... ]]> 2024-11-05T17:28:40+00:00 https://industrialcyber.co/reports/food-and-ag-isac-publishes-cyber-threat-report-broadens-scope-beyond-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8606540 False Ransomware,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-05T16:48:58+00:00 https://community.riskiq.com/article/928afb44 www.secnews.physaphae.fr/article.php?IdArticle=8606536 False Tool,Vulnerability,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-05T15:34:41+00:00 https://community.riskiq.com/article/44f917c6 www.secnews.physaphae.fr/article.php?IdArticle=8606510 False Spam,Malware,Vulnerability,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese network-attached storage (NAS) appliance maker Synology has addressed a critical security flaw impacting DiskStation and BeePhotos that could lead to remote code execution. Tracked as CVE-2024-10443 and dubbed RISK:STATION by Midnight Blue, the zero-day flaw was demonstrated at the Pwn2Own Ireland 2024 hacking contest by security researcher Rick de Jager. RISK:STATION is an "]]> 2024-11-05T15:04:00+00:00 https://thehackernews.com/2024/11/synology-urges-patch-for-critical-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8606345 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités]]> 2024-11-05T13:50:55+00:00 https://www.globalsecuritymag.fr/recherche-cyberark-les-vulnerabilites-de-l-outil-portainer.html www.secnews.physaphae.fr/article.php?IdArticle=8606443 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future The FBI, CISA and the White House\'s intelligence office said Russia was behind an article and a video intended to falsely cast doubt on integrity of elections - the latest example of their attempts to keep up with disinformation on the eve of Election Day.]]> 2024-11-05T13:44:10+00:00 https://therecord.media/presidential-election-disinformation-article-video-russia-iran www.secnews.physaphae.fr/article.php?IdArticle=8606440 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. [...]]]> 2024-11-05T09:30:58+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-two-android-zero-days-used-in-targeted-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8606468 False Vulnerability,Threat,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2024-11-05T08:42:42+00:00 https://www.globalsecuritymag.fr/beyondtrust-publie-ses-previsions-en-matiere-de-cybersecurite-pour-2025-et-au.html www.secnews.physaphae.fr/article.php?IdArticle=8606325 False Threat,Prediction None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The November security bulletin includes two CVE\'s reportedly exploited in the wild. ]]> 2024-11-04T23:34:04+00:00 https://cyberscoop.com/2024-android-security-bulletin-november-qualcomm-fastrpc-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8606165 False Threat,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch The Pakistan-based advanced persistent threat actor has been carrying on a cyber-espionage campaign targeting organizations on the subcontinent for more than a decade, and it\'s now using a new and improved "ElizaRAT" malware.]]> 2024-11-04T22:39:41+00:00 https://www.darkreading.com/cyberattacks-data-breaches/apt36-refines-tools-attacks-indian-targets www.secnews.physaphae.fr/article.php?IdArticle=8606147 False Malware,Tool,Threat APT 36 3.0000000000000000 Recorded Future - FLux Recorded Future The company has said it didn\'t suffer a breach, but announced a threat actor downloaded data on a public-facing DevHub environment.]]> 2024-11-04T20:56:11+00:00 https://therecord.media/cisco-notifies-limited-set-of-customers-hacker-accessed-non-public-info www.secnews.physaphae.fr/article.php?IdArticle=8606111 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-04T20:26:12+00:00 https://community.riskiq.com/article/d232870d www.secnews.physaphae.fr/article.php?IdArticle=8606127 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-04T19:39:03+00:00 https://community.riskiq.com/article/f01e1d00 www.secnews.physaphae.fr/article.php?IdArticle=8606105 False Ransomware,Malware,Tool,Threat,Mobile,Cloud,Technical APT 36 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-04T19:38:34+00:00 https://community.riskiq.com/article/938fac63 www.secnews.physaphae.fr/article.php?IdArticle=8606106 False Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 MitnickSecurity - Former Hacker Services Lorsque vous testez la préparation de vos employés en ingénierie sociale, vos équipes ont besoin d'attaques simulées qui ont l'impression de venir d'un ingénieur néfaste.Cela signifie tester qui simule directement les processus et les modèles d'attaque d'un acteur de menace.

---

When testing your employees\' social engineering readiness, your teams need simulated attacks that feel as if they\'re coming from a nefarious engineer. This means testing that directly simulates a threat actor\'s processes and attack patterns.]]> 2024-11-04T18:35:43+00:00 https://www.mitnicksecurity.com/blog/investing-in-social-engineering-testing-with-mitnick-security www.secnews.physaphae.fr/article.php?IdArticle=8606084 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German law enforcement authorities have announced the disruption of a criminal service called dstat[.]cc that made it possible for other threat actors to easily mount distributed denial-of-service (DDoS) attacks. "The platform made such DDoS attacks accessible to a wide range of users, even those without any in-depth technical skills of their own," the Federal Criminal Police Office (aka]]> 2024-11-04T17:32:00+00:00 https://thehackernews.com/2024/11/german-police-disrupt-ddos-for-hire.html www.secnews.physaphae.fr/article.php?IdArticle=8605930 False Threat,Legislation,Technical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Cybercriminals are exploiting DocuSign APIs to send fake invoices, bypassing security filters and mimicking well-known brands]]> 2024-11-04T16:30:00+00:00 https://www.infosecurity-magazine.com/news/cybercriminals-exploit-docusign/ www.secnews.physaphae.fr/article.php?IdArticle=8606032 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the holiday season approaches, retail businesses are gearing up for their annual surge in online (and in-store) traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain.  Imperva, a Thales company, recently published its annual holiday shopping cybersecurity guide. Data from the Imperva Threat Research team\'s]]> 2024-11-04T16:30:00+00:00 https://thehackernews.com/2024/11/cyber-threats-that-could-impact-retail.html www.secnews.physaphae.fr/article.php?IdArticle=8605909 False Vulnerability,Threat None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyberLes principales attaques et violations gratuites, la deuxième plus grande entreprise de télécommunications en France, ont été frappées par une cyberattaque entraînant un accès non autorisé aux données personnelles associées à certains comptes d'abonnés.L'incident a fait surface après une tentative de vente [& # 8230;]

---

>For the latest discoveries in cyber research for the week of 4th November, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Free, the second-largest telecom company in France, has been hit by a cyberattack resulting in unauthorized access to personal data associated with certain subscriber accounts. The incident surfaced following an attempted sale […] ]]> 2024-11-04T15:36:48+00:00 https://research.checkpoint.com/2024/4th-november-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8606005 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding]]> 2024-11-04T15:34:00+00:00 https://thehackernews.com/2024/11/googles-ai-tool-big-sleep-finds-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8605910 False Tool,Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company\'s JIRA server. [...]]]> 2024-11-04T14:22:36+00:00 https://www.bleepingcomputer.com/news/security/schneider-electric-confirms-dev-platform-breach-after-hacker-steals-data/ www.secnews.physaphae.fr/article.php?IdArticle=8606086 False Threat None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Introduction APT36, également connue sous le nom de Tribe Transparent, est un acteur de menace basé au Pakistan notoire pour cibler constamment les organisations gouvernementales indiennes, le personnel diplomatique et les installations militaires.APT36 a mené de nombreuses campagnes de cyber-espionnage contre Windows, Linux et Android Systems.Dans les campagnes récentes, l'APT36 a utilisé un rat Windows particulièrement insidieux connu sous le nom d'Elizarat.Découvert pour la première fois en 2023, Elizarat a significativement [& # 8230;]

---

>Introduction APT36, also known as Transparent Tribe, is a Pakistan-based threat actor notorious for persistently targeting Indian government organizations, diplomatic personnel, and military facilities. APT36 has conducted numerous cyber-espionage campaigns against Windows, Linux, and Android systems. In recent campaigns, APT36 utilized a particularly insidious Windows RAT known as ElizaRAT. First discovered in 2023, ElizaRAT has significantly […] ]]> 2024-11-04T13:33:15+00:00 https://research.checkpoint.com/2024/the-evolution-of-transparent-tribes-new-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8605953 False Threat,Mobile APT 36 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Résumé exécutif: Dans les cyberattaques récentes, la tribu transparente ou l'APT36, a utilisé un malware de plus en plus sophistiqué appelé Elizarat.Vérifier les recherches sur le point de contrôle a suivi l'évolution d'Elizarat \\, en découvrant ses méthodes d'exécution améliorées, son évasion de détection et sa communication de commandement et de contrôle depuis sa divulgation publique en septembre 2023. Les campagnes Elizarat ont d'abord exécuté la même fonction pour vérifier que le système a été mis en IndeTemps standard, indiquant que les campagnes ont ciblé les systèmes indiens.La tribu transparente, autrement connue sous le nom d'APT36, est un acteur de menace affilié au Pakistan qui cible notoirement les entités associées aux Indiens.Le principal objectif du groupe de menaces est le cyber-espionnage, qui a auparavant ciblé les organisations gouvernementales, diplomatique [& # 8230;]

---

>Executive Summary: In recent cyber attacks, Transparent Tribe, or APT36, has utilized an increasingly sophisticated malware called ElizaRAT. Check Point Research tracked ElizaRAT\'s evolution, uncovering its improved execution methods, detection evasion, and Command and Control communication since its public disclosure in September 2023. The ElizaRAT campaigns first executed the same function to verify that the system was set to India Standard Time, indicating that the campaigns targeted Indian systems. Transparent Tribe, otherwise known as APT36, is a Pakistan-affiliated threat actor that notoriously targets Indian-associated entities. The threat group\'s main objective is cyber espionage, which has previously targeted governmental organizations, diplomatic […] ]]> 2024-11-04T13:00:51+00:00 https://blog.checkpoint.com/research/the-evolution-of-transparent-tribes-new-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8605928 False Malware,Threat APT 36 3.0000000000000000 Bleeping Computer - Magazine Américain UK\'s National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named "Pigmy Goat" created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. [...]]]> 2024-11-04T12:46:34+00:00 https://www.bleepingcomputer.com/news/security/custom-pygmy-goat-malware-used-in-sophos-firewall-hack-on-govt-network/ www.secnews.physaphae.fr/article.php?IdArticle=8606049 False Malware,Hack,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-04T12:25:16+00:00 https://community.riskiq.com/article/d6da7f0d www.secnews.physaphae.fr/article.php?IdArticle=8605948 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Prediction,Medical,Cloud,Technical APT 41,APT 28,APT 31,Guam 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-11-04T10:30:00+00:00 https://www.globalsecuritymag.fr/sophos-ajoute-de-nouveaux-pare-feux-de-bureau-a-sa-serie-xgs-et-met-a-jour-son.html www.secnews.physaphae.fr/article.php?IdArticle=8605883 False Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite The need for robust cybersecurity measures has never been greater in a time when cyber threats are evolving rapidly, and breaches have become an inevitability for businesses in every sector. Managing this complex threat landscape requires advanced solutions and skilled experts who understand modern threats and the malefactors behind them. However, despite the growing awareness of cyber [...]]]> 2024-11-04T06:42:08+00:00 https://informationsecuritybuzz.com/bridge-the-cybersecurity-talent-gap/ www.secnews.physaphae.fr/article.php?IdArticle=8605812 False Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Mobile security company Zimperium\'s zLabs team has uncovered an advanced variant of the FakeCall malware that employs “Vishing” (voice phishing) to deceive mobile users into sharing sensitive information, such as login credentials and banking details. This sophisticated malware campaign highlights an evolving threat landscape where malicious actors exploit mobile-specific features to conduct increasingly deceptive phishing [...]]]> 2024-11-04T06:24:46+00:00 https://informationsecuritybuzz.com/fakecall-malware-targets-mobile-users/ www.secnews.physaphae.fr/article.php?IdArticle=8605813 False Malware,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don\'t contain information that could be exploited in future breaches of the company\'s systems. [...]]]> 2024-11-04T04:14:37+00:00 https://www.bleepingcomputer.com/news/security/cisco-says-devhub-site-leak-wont-enable-future-breaches/ www.secnews.physaphae.fr/article.php?IdArticle=8605867 False Threat None 3.0000000000000000