This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T11:39:03+00:00 www.secnews.physaphae.fr Global Security Mag - Site de news francais Produits]]> 2024-11-04T10:30:00+00:00 https://www.globalsecuritymag.fr/sophos-ajoute-de-nouveaux-pare-feux-de-bureau-a-sa-serie-xgs-et-met-a-jour-son.html www.secnews.physaphae.fr/article.php?IdArticle=8605883 False Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite The need for robust cybersecurity measures has never been greater in a time when cyber threats are evolving rapidly, and breaches have become an inevitability for businesses in every sector. Managing this complex threat landscape requires advanced solutions and skilled experts who understand modern threats and the malefactors behind them. However, despite the growing awareness of cyber [...]]]> 2024-11-04T06:42:08+00:00 https://informationsecuritybuzz.com/bridge-the-cybersecurity-talent-gap/ www.secnews.physaphae.fr/article.php?IdArticle=8605812 False Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Mobile security company Zimperium\'s zLabs team has uncovered an advanced variant of the FakeCall malware that employs “Vishing” (voice phishing) to deceive mobile users into sharing sensitive information, such as login credentials and banking details. This sophisticated malware campaign highlights an evolving threat landscape where malicious actors exploit mobile-specific features to conduct increasingly deceptive phishing [...]]]> 2024-11-04T06:24:46+00:00 https://informationsecuritybuzz.com/fakecall-malware-targets-mobile-users/ www.secnews.physaphae.fr/article.php?IdArticle=8605813 False Malware,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Cisco says that non-public files recently downloaded by a threat actor from a misconfigured public-facing DevHub portal don\'t contain information that could be exploited in future breaches of the company\'s systems. [...]]]> 2024-11-04T04:14:37+00:00 https://www.bleepingcomputer.com/news/security/cisco-says-devhub-site-leak-wont-enable-future-breaches/ www.secnews.physaphae.fr/article.php?IdArticle=8605867 False Threat None 3.0000000000000000 The State of Security - Magazine Américain The industrial Internet of Things (IIoT) is growing rapidly. While that\'s good news for businesses in terms of productivity and cost savings, these devices carry unique cybersecurity risks that demand attention. Amid such rising concerns, IIoT threat detection is a must. Why Organizations Need IIoT Threat Detection IIoT endpoints are inherently risky because of the potential for lateral movement. Breaching a connected operational technology (OT) system is often easier than an IT one. As a result, attackers can use IoT devices as entryways into a network and move to sensitive systems and data...]]> 2024-11-04T04:02:42+00:00 https://www.tripwire.com/state-of-security/strategies-implementing-effective-threat-detection-iiot www.secnews.physaphae.fr/article.php?IdArticle=8605865 False Threat,Industrial None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-01T19:56:31+00:00 https://community.riskiq.com/article/bde746e5 www.secnews.physaphae.fr/article.php?IdArticle=8604791 False Ransomware,Vulnerability,Threat,Industrial,Medical None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-11-01T19:39:00+00:00 https://cybersecurity.att.com/blogs/labs-research/ngioweb-remains-active-7-years-later www.secnews.physaphae.fr/article.php?IdArticle=8604836 False Malware,Vulnerability,Threat,Mobile,Technical APT 28 3.0000000000000000 Dark Reading - Informationweek Branch As organizations centralize IT security, the risk of espionage is silently becoming a more profitable threat.]]> 2024-11-01T17:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/it-security-centralization-industrial-spies-profitable www.secnews.physaphae.fr/article.php?IdArticle=8604712 False Threat,Industrial None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-11-01T16:56:15+00:00 https://community.riskiq.com/article/82b49ffd www.secnews.physaphae.fr/article.php?IdArticle=8604731 True Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that a Chinese threat actor it tracks as Storm-0940 is leveraging a botnet called Quad7 to orchestrate highly evasive password spray attacks. The tech giant has given the botnet the name CovertNetwork-1658, stating the password spray operations are used to steal credentials from multiple Microsoft customers. "Active since at least 2021, Storm-0940 obtains initial access]]> 2024-11-01T15:18:00+00:00 https://thehackernews.com/2024/11/microsoft-warns-of-chinese-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8604581 False Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite 2024-11-01T13:00:39+00:00 https://blog.checkpoint.com/research/ransomwares-evolving-threat-the-rise-of-ransomhub-decline-of-lockbit-and-the-new-era-of-data-extortion/ www.secnews.physaphae.fr/article.php?IdArticle=8604651 False Ransomware,Threat,Industrial,Medical None 3.0000000000000000 Security Intelligence - Site de news Américain The volume of Common Vulnerabilities and Exposures (CVEs) has reached staggering levels, placing immense pressure on organizations’ cyber defenses. According to SecurityScorecard, there were 29,000 vulnerabilities recorded in 2023, and by mid-2024, nearly 27,500 had already been identified. Meanwhile, Coalition’s 2024 Cyber Threat Index forecasts that the total number of CVEs for 2024 will hit […] ]]> 2024-11-01T13:00:00+00:00 https://securityintelligence.com/articles/whats-behind-unchecked-cve-proliferation-what-to-do/ www.secnews.physaphae.fr/article.php?IdArticle=8604650 False Vulnerability,Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial LevelBlue, un fournisseur de services de sécurité de réseau gérés, de détection et de réponse gérés, de conseil stratégique et de renseignement sur les menaces, publié ...

---

>LevelBlue, a provider of managed network security services, managed detection and response, strategic consulting, and threat intelligence, released... ]]> 2024-11-01T12:47:39+00:00 https://industrialcyber.co/news/levelblue-2024-futures-report-focuses-on-cyber-resilience-challenges-opportunities-in-energy-and-utilities/ www.secnews.physaphae.fr/article.php?IdArticle=8604629 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine US and Israeli government agencies have warned that the Iranian state-sponsored threat actor Cotton Sandstorm is deploying new tradecraft to expand its operations]]> 2024-11-01T11:00:00+00:00 https://www.infosecurity-magazine.com/news/us-israel-iran-new-tradecraft/ www.secnews.physaphae.fr/article.php?IdArticle=8604579 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Did you know that advanced threat actors can infiltrate the identity systems of major organizations and extract sensitive data within days? It\'s a chilling reality, becoming more common and concerning by the day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised identities to move laterally within networks, causing widespread damage. Cybersecurity and IT]]> 2024-11-01T09:57:00+00:00 https://thehackernews.com/2024/11/stop-lucr-3-attacks-learn-key-identity.html www.secnews.physaphae.fr/article.php?IdArticle=8604475 False Vulnerability,Threat,Cloud None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite VIPRE Security Group\'s Q3 2024 Email Threat Trends Report reveals the increasing sophistication of email-based threats, particularly business email compromise (BEC) and malspam campaigns, which have intensified across industries. Analyzing 1.8 billion emails globally, of which 208 million were identified as malicious. As email security advances, cybercriminals are using more sophisticated tactics to evade detection. [...]]]> 2024-11-01T05:06:31+00:00 https://informationsecuritybuzz.com/redline-stealer-vipre-q3-2024-report/ www.secnews.physaphae.fr/article.php?IdArticle=8604493 False Malware,Threat None 2.0000000000000000 HackRead - Chercher Cyber Stay ahead of cybercrime with proactive threat hunting. Learn how threat hunters identify hidden threats, protect critical systems,…]]> 2024-11-01T00:32:10+00:00 https://hackread.com/a-step-by-step-guide-to-how-threat-hunting-works/ www.secnews.physaphae.fr/article.php?IdArticle=8604414 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-31T22:29:13+00:00 https://community.riskiq.com/article/d94c18b0 www.secnews.physaphae.fr/article.php?IdArticle=8604398 False Malware,Threat,Mobile,Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-31T21:16:49+00:00 https://community.riskiq.com/article/dfee0ab5 www.secnews.physaphae.fr/article.php?IdArticle=8604382 False Threat,Technical None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actors deceive their victims by impersonating the legal teams of companies, well-known Web stores, and manufacturers.]]> 2024-10-31T21:09:33+00:00 https://www.darkreading.com/cyberattacks-data-breaches/facebook-businesses-targeted-infostealer-phishing-campaign www.secnews.physaphae.fr/article.php?IdArticle=8604366 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-31T20:29:50+00:00 https://community.riskiq.com/article/798c0fdb www.secnews.physaphae.fr/article.php?IdArticle=8604363 False Malware,Tool,Vulnerability,Threat,Legislation,Cloud APT 41,APT 31 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-31T19:07:37+00:00 https://community.riskiq.com/article/393b61a9 www.secnews.physaphae.fr/article.php?IdArticle=8604347 False Ransomware,Malware,Tool,Threat,Prediction APT 45 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-31T17:18:14+00:00 https://community.riskiq.com/article/df45dcc1 www.secnews.physaphae.fr/article.php?IdArticle=8604310 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Prediction,Cloud,Technical None 3.0000000000000000 Dark Reading - Informationweek Branch Chinese APTs lurked in Canadian government networks for five years - and that\'s just one among a whole host of threats from Chinese bad actors.]]> 2024-10-31T16:59:38+00:00 https://www.darkreading.com/cyberattacks-data-breaches/canada-prc-backed-threat-actors www.secnews.physaphae.fr/article.php?IdArticle=8604293 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft warns that Chinese threat actors use the Quad7 botnet, compromised of hacked SOHO routers, to steal credentials in password-spray attacks. [...]]]> 2024-10-31T16:03:43+00:00 https://www.bleepingcomputer.com/news/security/microsoft-chinese-hackers-use-quad7-botnet-to-steal-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8604329 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the modern, browser-centric workplace, the corporate identity acts as the frontline defense for organizations. Often referred to as “the new perimeter”, the identity stands between safe data management and potential breaches. However, a new report reveals how enterprises are often unaware of how their identities are being used across various platforms. This leaves them vulnerable to data]]> 2024-10-31T16:00:00+00:00 https://thehackernews.com/2024/10/enterprise-identity-threat-report-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8604134 False Threat,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could allow an unauthenticated threat actor to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), has been addressed in version 6.5.2 of the plugin. "The plugin suffers from an unauthenticated privilege escalation vulnerability]]> 2024-10-31T15:54:00+00:00 https://thehackernews.com/2024/10/litespeed-cache-plugin-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8604135 False Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The prominent state-sponsored advanced persistent threat (APT), aka Jumpy Pisces, appears to be moving away from its primary cyber-espionage motives and toward wreaking widespread disruption and damage.]]> 2024-10-31T15:28:56+00:00 https://www.darkreading.com/endpoint-security/north-korea-andariel-play-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8604255 False Ransomware,Threat APT 45 2.0000000000000000 Dark Reading - Informationweek Branch Application security teams from Fortune 500 companies are already using Noma\'s life cycle platform, which offers organizations data and AI supply chain security, AI security posture management, and AI threat detection and response.]]> 2024-10-31T14:03:08+00:00 https://www.darkreading.com/application-security/noma-launches-secure-data-ai-lifecycle www.secnews.physaphae.fr/article.php?IdArticle=8604229 False Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A report by the Canadian Centre for Cyber Security described China as the most sophisticated cyber threat to Canada, also identified India as an emerging threat]]> 2024-10-31T14:00:00+00:00 https://www.infosecurity-magazine.com/news/canadian-government-data-chinese/ www.secnews.physaphae.fr/article.php?IdArticle=8604201 False Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Halloween est un moment pour les maisons hantées, les costumes effrayants et les tours ou le traitement, mais dans le paysage numérique d'aujourd'hui, il y a des choses plus effrayantes qui se cachent juste sous la surface.L'augmentation des cyber-menaces mondiales peindra des attaques d'image d'image effrayantes ont augmenté par un alarmante 75% dans le monde au cours du troisième trimestre 2024. Cette augmentation de l'activité malveillante n'est pas juste une peur saisonnière;Cela fait partie d'une augmentation soutenue des menaces ciblant les individus et les organisations.Les cyber-criminels utilisent des technologies avancées pour exploiter les vulnérabilités personnelles et d'entreprise, créant une histoire d'horreur moderne qui affecte des millions dans le monde.Ici \\ est un regard plus approfondi sur les «hantises» numériques de [& # 8230;]

---

>Halloween is a time for haunted houses, spooky costumes, and trick-or-treating, but in today\'s digital landscape, there are scarier things lurking just beneath the surface. The rise in global cyber threats paints a chilling picture-cyber attacks have surged by an alarming 75% worldwide as of Q3 2024. This spike in malicious activity isn\'t just a seasonal scare; it\'s part of a sustained increase in threats targeting individuals and organizations alike. Cyber criminals are using advanced technologies to exploit personal and corporate vulnerabilities, creating a modern horror story that affects millions globally. Here\'s a closer look at the digital “hauntings” of […] ]]> 2024-10-31T13:00:35+00:00 https://blog.checkpoint.com/security/halloween-frights-of-the-digital-age-cyber-threats-haunting-us-in-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8604198 False Vulnerability,Threat None 2.0000000000000000 The Register - Site journalistique Anglais 2024-10-31T11:55:17+00:00 https://go.theregister.com/feed/www.theregister.com/2024/10/31/lottiefiles_supply_chain_attack/ www.secnews.physaphae.fr/article.php?IdArticle=8604157 False Threat None 2.0000000000000000 The State of Security - Magazine Américain As the United States of America enters the final days of the race for the White House, the FBI has warned that fraudsters are using the presidential election campaign to scam citizens out of their savings and personal data. According to a public service announcement published by the Internet Crime Complaint Center (IC3), scammers who have previously exploited state and local elections are targeting victims across the United States in the run-up to the general election vote on November 5, 2024. Using the images, names, logos and slogans of candidates, fraudsters are scamming the unwary into...]]> 2024-10-31T09:32:49+00:00 https://www.tripwire.com/state-of-security/fraudsters-exploit-us-general-election-fever-fbi-warns www.secnews.physaphae.fr/article.php?IdArticle=8604223 False Threat None 2.0000000000000000 Nextron - Blog Secu 2024-10-31T08:11:10+00:00 https://www.nextron-systems.com/2024/10/31/introducing-nextronresearch-a-new-channel-for-threat-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=8604089 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The National Security Memorandum on Artificial Intelligence tasks various federal agencies with securing the AI supply chain from potential cyberattacks and disseminating timely threat information about such attacks.]]> 2024-10-30T22:54:12+00:00 https://www.darkreading.com/cyber-risk/white-house-outlines-ai-role-national-security www.secnews.physaphae.fr/article.php?IdArticle=8603963 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-30T22:28:21+00:00 https://community.riskiq.com/article/df4d5fe6 www.secnews.physaphae.fr/article.php?IdArticle=8603945 True Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le directeur fédéral de la sécurité de l'information fédérale par intérim a énoncé quelques éléments de l'ordre du jour 2025 pour les fédéraux de Cybertalks.

---

>The interim Federal Chief Information Security Officer spelled out some 2025 agenda items for feds at CyberTalks. ]]> 2024-10-30T21:30:28+00:00 https://cyberscoop.com/federal-cyber-priorities-threat-awareness-cloud-security-quantum-computing/ www.secnews.physaphae.fr/article.php?IdArticle=8603910 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play, underscoring their financial motivations. The activity, observed between May and September 2024, has been attributed to a threat actor tracked as Jumpy Pisces, which is also known as Andariel, APT45, DarkSeoul, Nickel Hyatt, Onyx Sleet (formerly Plutonium), Operation Troy,]]> 2024-10-30T21:14:00+00:00 https://thehackernews.com/2024/10/north-korean-group-collaborates-with.html www.secnews.physaphae.fr/article.php?IdArticle=8603784 False Ransomware,Threat APT 15,APT 45 3.0000000000000000 Recorded Future - FLux Recorded Future In its latest biennial threat assessment, Canada\'s cybersecurity agency tallied up known intrusions by Chinese government-backed hackers into government networks.]]> 2024-10-30T18:53:30+00:00 https://therecord.media/canada-20-government-agencies-hacked-china-last-four-years www.secnews.physaphae.fr/article.php?IdArticle=8603846 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-30T18:25:16+00:00 https://community.riskiq.com/article/3c757860 www.secnews.physaphae.fr/article.php?IdArticle=8603864 True Ransomware,Malware,Tool,Vulnerability,Threat APT 31 2.0000000000000000 Bleeping Computer - Magazine Américain ​Interbank, one of Peru\'s leading financial institutions, has confirmed a data breach after a threat actor who hacked into its systems leaked stolen data online. [...]]]> 2024-10-30T18:22:27+00:00 https://www.bleepingcomputer.com/news/security/interbank-confirms-data-breach-following-failed-extortion-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8603927 False Data Breach,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-30T15:00:44+00:00 https://community.riskiq.com/article/54ec28c9 www.secnews.physaphae.fr/article.php?IdArticle=8603803 True Ransomware,Malware,Tool,Vulnerability,Threat,Prediction,Technical None 3.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux

---

Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attacks, and Generative AI Increase Risks 57% of Organizations Suffer API-related Breaches; Fraud, Bot Attacks, and Generative AI Applications Exploit API Vulnerabilities as Traditional Defenses Fail - Special Reports]]> 2024-10-30T14:29:02+00:00 https://www.globalsecuritymag.fr/traceable-releases-2025-state-of-api-security-report-api-breaches-persist-as.html www.secnews.physaphae.fr/article.php?IdArticle=8603765 False Vulnerability,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-10-30T14:16:09+00:00 https://www.globalsecuritymag.fr/ia-generative-utilisation-detournee-d-outils-de-cybersecurite-exploitation-d.html www.secnews.physaphae.fr/article.php?IdArticle=8603767 False Tool,Threat,Cloud None 2.0000000000000000 ProofPoint - Cyber Firms 2024-10-30T14:01:17+00:00 https://www.proofpoint.com/us/blog/information-protection/comparing-proofpoint-dlp-with-microsoft-purview www.secnews.physaphae.fr/article.php?IdArticle=8603944 False Tool,Threat,Cloud ChatGPT 2.0000000000000000 Global Security Mag - Site de news francais Revues de produits

---

TRM Labs and Flashpoint Join Forces to Enhance Visibility into Cyberattacks Involving Cryptocurrencies New strategic partnership will enhance cybersecurity investigations by integrating Flashpoint\'s leading threat intelligence into TRM Labs\' blockchain intelligence platform - Product Reviews]]> 2024-10-30T14:00:28+00:00 https://www.globalsecuritymag.fr/trm-labs-and-flashpoint-join-forces-to-enhance-visibility-into-cyberattacks.html www.secnews.physaphae.fr/article.php?IdArticle=8603735 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Using a malicious Chrome extension, researchers showed how an attacker could inject custom code into a victim\'s Opera browser to exploit special and powerful APIs, used by developers and typically saved for only the most trusted sites.]]> 2024-10-30T13:13:27+00:00 https://www.darkreading.com/vulnerabilities-threats/crossbarking-attack-secret-apis-expose-opera-browser-users www.secnews.physaphae.fr/article.php?IdArticle=8603733 False Threat None 2.0000000000000000 Zimperium - cyber risk firms for mobile Dans ce billet de blog, nous partageons la protection de Zimperium \\ contre la campagne de phission de lance Makara. .

---

>In this blog post we share Zimperium\'s Zero-Day Protection against the Water Makara Spear-Phishing campaign. ]]> 2024-10-30T13:00:00+00:00 https://www.zimperium.com/blog/mishing-in-motion-uncovering-the-evolving-functionality-of-fakecall-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8603711 False Malware,Vulnerability,Threat None 2.0000000000000000 SecureMac - Security focused on MAC également connu sous le nom de heur: trojan-ransom.osx.agent.f Type: Ransomware Plateforme: Mac OS 9 Dernière mise à jour: 30/10/24 19:32 PM Niveau de menace: High Description notlockbit est un ransomware qui est écrit en Go et tente de tromper les utilisateurs pour éviter les messages d'avertissement à exécuter pour crypter les fichiers de l'utilisateur pour Ransom. Notlockbit Menace Removal MacScan peut détecter et supprimer les ransomwares notlockbit de votre système, ainsi que la protection contre d'autres menaces de sécurité et de confidentialité.Un essai de 30 jours est disponible pour scanner votre système pour cette menace. Télécharger macScan

---

>also known as HEUR:Trojan-Ransom.OSX.Agent.f Type: Ransomware Platform: Mac OS 9 Last updated: 10/30/24 7:32 pm Threat Level: High Description NotLockBit is ransomware that is written in Go and attempts to trick users to avoid warning messages to execute to encrypt the user’s files for ransom. NotLockBit Threat Removal MacScan can detect and remove NotLockBit Ransomware from your system, as well as provide protection against other security and privacy threats. A 30-day trial is available to scan your system for this threat. Download MacScan ]]> 2024-10-30T12:46:59+00:00 https://www.securemac.com/definitions/NotLockBit www.secnews.physaphae.fr/article.php?IdArticle=8603865 False Ransomware,Threat None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Censys, une plate-forme de renseignement sur Internet pour la chasse aux menaces et l'attaque de la gestion de la surface, annonce mardi que la société ...

---

>Censys, an Internet Intelligence Platform for Threat Hunting and Attack Surface Management, announce on Tuesday that the company... ]]> 2024-10-30T10:05:26+00:00 https://industrialcyber.co/news/odni-chooses-censys-to-offer-internet-intelligence-platform-to-us-intelligence-agencies/ www.secnews.physaphae.fr/article.php?IdArticle=8603647 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Microsoft\'s Threat Intelligence team said it has seen a Russian actor it tracks as Midnight Blizzard sending “highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors” since October 22.]]> 2024-10-30T01:25:13+00:00 https://therecord.media/russia-midnight-blizzard-hackers-target-government-sector www.secnews.physaphae.fr/article.php?IdArticle=8603514 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Now a zero-day, the vulnerability enables NTLM hash theft, an issue that Microsoft has already fixed twice before.]]> 2024-10-29T21:58:44+00:00 https://www.darkreading.com/vulnerabilities-threats/recurring-windows-flaw-could-expose-user-credentials www.secnews.physaphae.fr/article.php?IdArticle=8603448 False Vulnerability,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-29T21:50:28+00:00 https://community.riskiq.com/article/ac028333 www.secnews.physaphae.fr/article.php?IdArticle=8603464 True Ransomware,Malware,Tool,Threat,Cloud None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Netskope Threat Labs publie un article de blog de résumé trimestriel des principales menaces que nous suivons sur la plate-forme NetSkope.Cet article vise à fournir une intelligence stratégique et exploitable sur les menaces actives contre les utilisateurs d'entreprise du monde entier.Résumé Les attaquants de livraison de logiciels malveillants cloud tentent de voler sous le radar en livrant du contenu malveillant via des applications cloud populaires.Abuser du nuage [& # 8230;]

---

>Netskope Threat Labs publishes a quarterly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary Cloud Malware Delivery Attackers attempt to fly under the radar by delivering malicious content via popular cloud apps. Abusing cloud […] ]]> 2024-10-29T20:07:01+00:00 https://www.netskope.com/blog/netskope-threat-labs-quarterly-stats-for-oct-2024 www.secnews.physaphae.fr/article.php?IdArticle=8603430 False Malware,Threat,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-29T19:45:53+00:00 https://community.riskiq.com/article/7be08c52 www.secnews.physaphae.fr/article.php?IdArticle=8603429 False Ransomware,Tool,Vulnerability,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-29T17:18:13+00:00 https://community.riskiq.com/article/189ba20d www.secnews.physaphae.fr/article.php?IdArticle=8603396 False Malware,Tool,Threat,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-29T16:30:09+00:00 https://community.riskiq.com/article/056752c9 www.secnews.physaphae.fr/article.php?IdArticle=8603374 True Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The phishing campaign targeted users via texts impersonating Amazon, linked to the threat actor Chenlun]]> 2024-10-29T16:30:00+00:00 https://www.infosecurity-magazine.com/news/chenluns-phishing-tactics-target/ www.secnews.physaphae.fr/article.php?IdArticle=8603355 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. [...]]]> 2024-10-29T13:35:13+00:00 https://www.bleepingcomputer.com/news/security/qnap-fixes-nas-backup-software-zero-day-exploited-at-pwn2own/ www.secnews.physaphae.fr/article.php?IdArticle=8603375 False Hack,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government (USG) has issued new guidance governing the use of the Traffic Light Protocol (TLP) to handle the threat intelligence information shared between the private sector, individual researchers, and Federal Departments and Agencies. "The USG follows TLP markings on cybersecurity information voluntarily shared by an individual, company, or other any organization, when not in]]> 2024-10-29T13:06:00+00:00 https://thehackernews.com/2024/10/us-government-issues-new-tlp-guidance.html www.secnews.physaphae.fr/article.php?IdArticle=8603164 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux / / cybersecurite_home_gaucche

---

Die Ergebnisse im Überblick: Mobilgeräte bleiben weiterhin ein großer Bedrohungsvektor mit 111 Prozent Wachstum an Spyware und 29 Prozent an Banking-Malware Technologie, Bildungswesen und Produktion sind noch immer am anfälligsten für Angriffe Die USA bleiben das Hauptziel für IoT-, OT- und mobile Cybersecurity-Angriffe SAN JOSE, USA. 29. Oktober 2024 - Zscaler, Inc. (NASDAQ: ZS), führender Anbieter von Cloud-Sicherheit, veröffentlicht seinen jährlichen Zscaler ThreatLabz 2024 Mobile, IoT und OT Threat Report mit dem Überblick über die mobile und IoT-/OT-Cyberbedrohungslandschaft von Juni 2023 bis Mai 2024. - Sonderberichte / cybersecurite_home_gauche]]> 2024-10-29T10:02:17+00:00 https://www.globalsecuritymag.fr/zscaler-identifiziert-mehr-als-200-bosartige-apps-im-google-play-store-mit-uber.html www.secnews.physaphae.fr/article.php?IdArticle=8603202 False Threat,Mobile,Industrial None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET You may not always stop your personal information from ending up in the internet\'s dark recesses, but you can take steps to protect yourself from criminals looking to exploit it]]> 2024-10-29T10:00:00+00:00 https://www.welivesecurity.com/en/cybercrime/dont-become-statistic-defending-data-dark-web/ www.secnews.physaphae.fr/article.php?IdArticle=8603610 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Business News

---

NTT DATA Partners with Palo Alto Networks to Deliver AI-Driven Cloud-to-Edge Cybersecurity to Enterprise Clients NTT DATA\'s new Managed Detection & Response service powered by Palo Alto Networks Cortex XSIAM combines simplified security analytics and threat intelligence to help enterprises advance cyber resilience - Business News]]> 2024-10-29T08:41:28+00:00 https://www.globalsecuritymag.fr/ntt-data-partners-with-palo-alto-networks.html www.secnews.physaphae.fr/article.php?IdArticle=8603181 False Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Three malicious packages uploaded to the npm registry were discovered to harbor BeaverTail, a JavaScript downloader and information stealer associated with a continuing North Korean campaign known as Contagious Interview. The packages-passports-js, bcrypts-js, and blockscan-api collectively amassed 323 downloads, and have been linked to threat actors from the Democratic People’s Republic of Korea (DPRK), also [...]]]> 2024-10-29T04:49:26+00:00 https://informationsecuritybuzz.com/mal-npm-packages-beavertail-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8603111 False Malware,Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Cyware, a provider of threat intelligence management and cyber fusion solutions, has teamed up with ECS, a player in technology solutions for US public sector and defense organizations, to bolster government cybersecurity through an enhanced Intel Exchange platform. This partnership aims to tailor Cyware\'s threat intelligence offerings for federal agencies, promoting collective defense and safeguarding [...]]]> 2024-10-29T04:35:15+00:00 https://informationsecuritybuzz.com/cyware-and-ecs-partner-threat-intel-ex/ www.secnews.physaphae.fr/article.php?IdArticle=8603112 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T23:31:21+00:00 https://community.riskiq.com/article/bfdf1409 www.secnews.physaphae.fr/article.php?IdArticle=8603045 True Ransomware,Malware,Tool,Threat,Mobile,Cloud,Technical None 3.0000000000000000 Contagio - Site d infos ransomware 2024-10-23 TALOS Threat Spotlight: WarmCookie/BadSpaceSummary: WarmCookie, also known as BadSpace, is a sophisticated malware family that emerged in April 2024, primarily distributed through malspam and malvertising. This malware provides long-term access to compromised environments and facilitates the deployment of additional payloads, such as CSharp-Streamer-RAT and Cobalt Strike. Its infection chains and functionality highlight notable development links to Resident backdoor, indicating possible shared authorship by TA866.WarmCookie\'s infection chain initiates through email lures-typically invoice-related and job agency themes-that direct victims to malicious JavaScript-hosting servers. The obfuscated JavaScript downloader, often delivered as a compressed ZIP, triggers a PowerShell command that uses Bitsadmin to download and execute the WarmCookie DLL, embedding itself in the system with persistence.Persistence: WarmCookie leverages Task Scheduler to achieve persistence, creating scheduled tasks under %ALLUSERSPROFILE% or %ALLDATA%, and re-executing itself after a 60-second delay. The latest version modifies the typical command-line syntax from /p to /u for execution parameters.Command-and-Control (C2) Adaptation: TA866 previously used unique, detectable C2 user-agent strings (e.g., Mozilla/4.0 (compatible; MSIE 6.0…)), which have since been updated to blend with standard strings like Mozilla/5.0… Firefox/115.0.Self-Updating Mechanism: An initial implementation of a self-update command allows WarmCookie to receive updates dynamically from its C2 server, although this feature appears incomplete.C2 Command UpdatesThe latest WarmCookie samples feature new C2 commands:Command 0x8: Receives a DLL from C2, assigns it a temporary filename, and executes it.Command 0xA: Similar to Command 0x8 but adds hardcoded parameters, allowing self-updating.Command 0xB: Moves the malware to a new temporary filename and deletes the scheduled task to disable persistence and terminate the malware process.Code and Function Similarities to Resident BackdoorA code-level comparison between Resident backdoor and WarmCookie shows:RC4 Decryption Consistency: Both use identical RC4 implementations and mutex management, often employing GUID-like strings for mutexes.Startup Logic: Both use similar logic for identifying execution as a DLL or EXE and establishing persistence through scheduled tasks. They both use rundll32.exe for DLL-based execution and task scheduling.Coding Conventions: Functions, parameter passing, and persistence mechanisms align closely, suggesting shared development practices or authorship.Download]]> 2024-10-28T23:22:52+00:00 https://contagiodump.blogspot.com/2024/10/2024-10-23-warmcookiebadspace-apt-ta866.html www.secnews.physaphae.fr/article.php?IdArticle=8603093 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Sophos CEO Joe Levy says $859 million deal to acquire SecureWorks from majority owner Dell Technologies will put the Taegis platform - with network detection and response, vulnerability detection and response, and identity threat detection and response capabilities - at the core.]]> 2024-10-28T23:04:44+00:00 https://www.darkreading.com/identity-access-management-security/sophos-secureworks-deal-focuses-on-building-advanced-mdr-xdr-platform www.secnews.physaphae.fr/article.php?IdArticle=8603029 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A government entity and a religious organization in Taiwan were the target of a China-linked threat actor known as Evasive Panda that infected them with a previously undocumented post-compromise toolset codenamed CloudScout. "The CloudScout toolset is capable of retrieving data from various cloud services by leveraging stolen web session cookies," ESET security researcher Anh Ho said. "Through]]> 2024-10-28T22:56:00+00:00 https://thehackernews.com/2024/10/chinese-hackers-use-cloudscout-toolset.html www.secnews.physaphae.fr/article.php?IdArticle=8602918 False Threat,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T22:05:17+00:00 https://community.riskiq.com/article/f1657bc5 www.secnews.physaphae.fr/article.php?IdArticle=8603028 True Ransomware,Malware,Tool,Threat,Cloud APT 29 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T21:32:18+00:00 https://community.riskiq.com/article/7468eeaa www.secnews.physaphae.fr/article.php?IdArticle=8603011 False Ransomware,Spam,Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Russian hybrid espionage and influence operation has been observed delivering a mix of Windows and Android malware to target the Ukrainian military under the Telegram persona Civil Defense. Google\'s Threat Analysis Group (TAG) and Mandiant are tracking the activity under the name UNC5812. The threat group, which operates a Telegram channel named civildefense_com_ua, was created on]]> 2024-10-28T19:32:00+00:00 https://thehackernews.com/2024/10/russian-espionage-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8602880 False Malware,Threat,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T19:28:24+00:00 https://community.riskiq.com/article/611c1b09 www.secnews.physaphae.fr/article.php?IdArticle=8602974 False Ransomware,Tool,Threat,Prediction None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T18:42:09+00:00 https://community.riskiq.com/article/839e57f8 www.secnews.physaphae.fr/article.php?IdArticle=8602955 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity news can sometimes feel like a never-ending horror movie, can\'t it? Just when you think the villains are locked up, a new threat emerges from the shadows. This week is no exception, with tales of exploited flaws, international espionage, and AI shenanigans that could make your head spin. But don\'t worry, we\'re here to break it all down in plain English and arm you with the]]> 2024-10-28T16:59:00+00:00 https://thehackernews.com/2024/10/thn-cybersecurity-recap-top-threats_28.html www.secnews.physaphae.fr/article.php?IdArticle=8602816 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned of a spike in phishing pages created using a website builder tool called Webflow, as threat actors continue to abuse legitimate services like Cloudflare and Microsoft Sway to their advantage. "The campaigns target sensitive information from different crypto wallets, including Coinbase, MetaMask, Phantom, Trezor, and Bitbuy, as well as login credentials for]]> 2024-10-28T16:40:00+00:00 https://thehackernews.com/2024/10/cybercriminals-use-webflow-to-deceive.html www.secnews.physaphae.fr/article.php?IdArticle=8602788 False Tool,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Google researchers have observed Russian threat actor UNC5812 using a malware campaign via Telegram to access the devices of Ukrainian military recruits]]> 2024-10-28T15:45:00+00:00 https://www.infosecurity-magazine.com/news/russian-malware-ukrainian-recruits/ www.secnews.physaphae.fr/article.php?IdArticle=8602878 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A hybrid espionage/influence campaign conducted by the Russian threat group \'UNC5812\' has been uncovered, targeting Ukrainian military recruits with Windows and Android malware. [...]]]> 2024-10-28T14:36:32+00:00 https://www.bleepingcomputer.com/news/security/russia-targets-ukrainian-conscripts-with-windows-android-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8602938 False Malware,Threat,Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Figure 1: UNC5812\'s "Civil Defense" persona Targeting Users on Telegram UNC5812\'s malware delivery operations are conducted both via an actor-controlled Telegram channel @civildefense_com_ua and website hosted at civildefense[.]com.ua. The associated website was registered in April 2024, but the Telegram channel was not created until early September 2024, which we judge to be when UNC5812\'s campaign became fully operational.  To drive potential victims towards these actor-controlled resources, we assess that UNC5812 is likely purchasing promoted posts in legitimate, established Ukrainian-language Telegram channels.  On September 18th 2024, a legitimate channel with over 80,000 subscribers dedicated to missile alerts was observed promoting the "Civil Defense" Telegram channel and website to its subscribers.  An additional Ukrainian-language news channel promoting Civil Defense\'s posts as recently as October 8th, indicating the campaign is probably still actively seeking new Ukrainian-language communities for targeted engagement. Channels where "Civil Defense" posts have been promoted advertise the ability to reach out to their administrations for sponsorship opportunities. We suspect this is the likely vector that UNC5812 is using to approach the respective legitimate channels to increase the operation\'s reach. ]]> 2024-10-28T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/russian-espionage-influence-ukrainian-military-recruits-anti-mobilization-narratives/ www.secnews.physaphae.fr/article.php?IdArticle=8602806 False Malware,Threat,Mobile None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyber recherche pour la semaine du 28 octobre, veuillez télécharger notre bulletin de renseignement sur les menaces.Les meilleures attaques et violations Grupo Aeroportuario del Centro Norte (OMA), opérateur de 13 aéroports à travers le Mexique, ont été piratées par le gang de ransomware RansomHub, qui a menacé de fuir 3 To de données volées à moins qu'un rançon ne soit payé.[& # 8230;]

---

>For the latest discoveries in cyber research for the week of 28th October, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grupo Aeroportuario del Centro Norte (OMA), operator of 13 airports across Mexico, was hacked by the RansomHub ransomware gang, who threatened to leak 3TB of stolen data unless a ransom is paid. […] ]]> 2024-10-28T13:54:38+00:00 https://research.checkpoint.com/2024/28th-october-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8602840 False Ransomware,Threat None 2.0000000000000000 Wired Threat Level - Security News A report distributed by the US Department of Homeland Security warned that financially motivated cybercriminals are more likely to attack US election infrastructure than state-backed hackers.]]> 2024-10-28T13:00:00+00:00 https://www.wired.com/story/cybercriminals-disruptive-hacking-us-elections-dhs-report/ www.secnews.physaphae.fr/article.php?IdArticle=8602812 False Threat None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le groupe d'analyse des menaces de Google et Mandiant ont déclaré qu'un groupe est à l'origine de la campagne hybride qui vise à la fois les recrues et les efforts de recrutement plus larges.

---

>Google\'s Threat Analysis Group and Mandiant said one group is behind the hybrid campaign that takes aim at both recruits and broader recruiting efforts. ]]> 2024-10-28T13:00:00+00:00 https://cyberscoop.com/suspected-russian-hacking-influence-operations-take-aim-at-ukrainian-military-recruiting/ www.secnews.physaphae.fr/article.php?IdArticle=8602809 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T12:22:25+00:00 https://community.riskiq.com/article/524cfa51 www.secnews.physaphae.fr/article.php?IdArticle=8602832 False Ransomware,Tool,Vulnerability,Threat APT 28 4.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-28T11:27:40+00:00 https://community.riskiq.com/article/fa5a55d5 www.secnews.physaphae.fr/article.php?IdArticle=8602805 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Prediction,Medical,Cloud,Technical APT 38,Guam 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Trend Micro\'s Zero Day Initiative hands out over $1m in awards for Pwn2Own competitors, who found more than 70 zero-day flaws]]> 2024-10-28T10:15:00+00:00 https://www.infosecurity-magazine.com/news/researchers-70-zeroday-bugspwn/ www.secnews.physaphae.fr/article.php?IdArticle=8602770 False Vulnerability,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 2024-10-28T08:26:44+00:00 https://www.proofpoint.com/us/blog/threat-insight/pig-butchers-join-gig-economy-cryptocurrency-scammers-target-job-seekers www.secnews.physaphae.fr/article.php?IdArticle=8602748 False Threat,Mobile None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Malware‘s rise presents a rigorous challenge for organizations, meaning their security teams must remain ever-vigilant. Unfortunately, business email compromise (BEC), which takes advantage of communication channel vulnerabilities, has become a significant attack vector that has impacted many organizations. For example, unlike phishing, BEC enables full-scale account takeovers so threat actors can access sensitive data, financial [...]]]> 2024-10-28T04:48:33+00:00 https://informationsecuritybuzz.com/enhancing-email-security-role-of-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8602665 False Vulnerability,Threat None 3.0000000000000000 Silicon - Site de News Francais 2024-10-28T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/Filigran-specialiste-du-Cyber-Threat-Management-leve-35-millions-464573.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8602768 False Threat None 2.0000000000000000 HackRead - Chercher Cyber SafeBreach Labs unveils ‘Windows Downdate,’ a new attack method which compromises Windows 11 by downgrading system components, and…]]> 2024-10-26T12:00:38+00:00 https://hackread.com/hackers-downgrade-windows-exploit-patched-flaws/ www.secnews.physaphae.fr/article.php?IdArticle=8602029 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Cisco has added new security features that significantly mitigate brute-force and password spray attacks on Cisco ASA and Firepower Threat Defense (FTD), helping protect the network from breaches and reducing resource utilization on devices. [...]]]> 2024-10-26T10:31:41+00:00 https://www.bleepingcomputer.com/news/security/new-cisco-asa-and-ftd-features-block-vpn-brute-force-password-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8602122 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has detailed a new malicious email campaign targeting government agencies, enterprises, and military entities. "The messages exploit the appeal of integrating popular services like Amazon or Microsoft and implementing a zero-trust architecture," CERT-UA said. "These emails contain attachments in the form of Remote Desktop Protocol (\'.rdp\']]> 2024-10-26T09:36:00+00:00 https://thehackernews.com/2024/10/cert-ua-identifies-malicious-rdp-files.html www.secnews.physaphae.fr/article.php?IdArticle=8601914 False Threat None 3.0000000000000000 Korben - Bloger francais MasterParser. C’est un outil qui a été conçu par Eilay Yosfan, qui bosse chez Security Joes en tant que Threat Researcher. Ce que fait son outil, c’est qu’il prend vos logs Linux et il les analyse pour en extraire toutes les infos utiles d’un point de vue sécurité. C’est hyper pratique pour les investigations forensic et la réponse aux incidents.]]> 2024-10-26T09:00:00+00:00 https://korben.info/masterparser-outil-dfir-analyse-logs-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8601981 False Tool,Threat None 4.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-25T20:26:33+00:00 https://community.riskiq.com/article/b7f0fd7b www.secnews.physaphae.fr/article.php?IdArticle=8601778 True Ransomware,Spam,Malware,Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-25T20:03:35+00:00 https://community.riskiq.com/article/b231776f www.secnews.physaphae.fr/article.php?IdArticle=8601779 False Ransomware,Spam,Malware,Tool,Threat,Prediction None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-25T19:35:23+00:00 https://community.riskiq.com/article/2f35a4ca www.secnews.physaphae.fr/article.php?IdArticle=8601766 False Ransomware,Vulnerability,Threat,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot *AhnLab Security Intelligence Center (ASEC) has discovered that malware is being distributed under the guise of gambling games such as badugi, 2-player go-stop, and hold\'em.* The malware itself appears to have been created by the]]> 2024-10-25T19:24:44+00:00 https://community.riskiq.com/article/118a2c8f www.secnews.physaphae.fr/article.php?IdArticle=8601767 False Malware,Tool,Threat,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-25T19:15:07+00:00 https://community.riskiq.com/article/ce9f9a25 www.secnews.physaphae.fr/article.php?IdArticle=8601768 True Malware,Tool,Threat,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Targeted Geoloca]]> 2024-10-25T19:04:16+00:00 https://community.riskiq.com/article/36dd5c0a www.secnews.physaphae.fr/article.php?IdArticle=8601769 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-25T17:22:14+00:00 https://community.riskiq.com/article/cef0b618 www.secnews.physaphae.fr/article.php?IdArticle=8601746 True Ransomware,Malware,Tool,Threat,Industrial,Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-10-25T16:50:12+00:00 https://community.riskiq.com/article/dd4f6f9d www.secnews.physaphae.fr/article.php?IdArticle=8601738 False Malware,Vulnerability,Threat,Patching,Prediction None 2.0000000000000000