www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T11:33:44+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates chinois exploitent le code Visual Studio dans les cyberattaques d'Asie du Sud-Est Chinese Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks The China-linked advanced persistent threat (APT) group known as Mustang Panda has been observed weaponizing Visual Studio Code software as part of espionage operations targeting government entities in Southeast Asia. "This threat actor used Visual Studio Code\'s embedded reverse shell feature to gain a foothold in target networks," Palo Alto Networks Unit 42 researcher Tom Fakterman said in a]]> 2024-09-09T17:46:00+00:00 https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html www.secnews.physaphae.fr/article.php?IdArticle=8573267 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Les pirates chinois utilisent de nouveaux logiciels malveillants de vol de données dans les attaques gouvernementales Chinese hackers use new data theft malware in govt attacks New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. [...]]]> 2024-09-09T15:19:21+00:00 https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8573461 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les nouveaux logiciels malveillants Android Spyagent utilisent l'OCR pour voler les touches de récupération de portefeuille cryptographiques New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K. The campaign makes use]]> 2024-09-09T14:20:00+00:00 https://thehackernews.com/2024/09/new-android-spyagent-malware-uses-ocr.html www.secnews.physaphae.fr/article.php?IdArticle=8573130 False Malware,Threat,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Comment les stratégies de ransomware des forces de l'ordre évoluent How Law Enforcement\\'s Ransomware Strategies Are Evolving The threat of ransomware hasn\'t gone away. But law enforcement has struck a blow by adjusting its tactics and taking out some of the biggest adversaries in the ransomware scene.]]> 2024-09-09T14:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/how-law-enforcement-ransomware-strategies-are-evolving www.secnews.physaphae.fr/article.php?IdArticle=8574618 False Ransomware,Threat,Legislation None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite 9 septembre & # 8211;Rapport de renseignement sur les menaces 9th September – Threat Intelligence Report Pour les dernières découvertes en cyberLes meilleures attaques et violation de l'agence allemande de contrôle du trafic aérien, Deutsche Flugsicherung, ont confirmé une cyberattaque qui a eu un impact sur son infrastructure informatique administrative.L'étendue des données accessibles est toujours à l'étude et les opérations de vol ne sont pas affectées.[& # 8230;]

>For the latest discoveries in cyber research for the week of 9th September, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The German air traffic control agency, Deutsche Flugsicherung, has confirmed a cyberattack that impacted its administrative IT infrastructure. The extent of data accessed is still under investigation, and flight operations remained unaffected. […] ]]> 2024-09-09T13:55:43+00:00 https://research.checkpoint.com/2024/9th-september-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8573262 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Les rendements de l'infrastructure des logiciels espions prédateurs après l'exposition et les sanctions Predator Spyware Infrastructure Returns Following Exposure and Sanctions 2024-09-09T11:07:09+00:00 https://community.riskiq.com/article/b0990b13 www.secnews.physaphae.fr/article.php?IdArticle=8573204 False Vulnerability,Threat,Mobile,Commercial None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires OSINT, 9 septembre 2024 Weekly OSINT Highlights, 9 September 2024 2024-09-09T11:04:46+00:00 https://community.riskiq.com/article/563312a4 www.secnews.physaphae.fr/article.php?IdArticle=8573205 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction,Medical,Commercial APT 38,APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tidrone Espionage Group cible les fabricants de drones de Taiwan dans Cyber Campaign TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the focus on military-related industry chains. The exact initial access vector used]]> 2024-09-09T11:00:00+00:00 https://thehackernews.com/2024/09/tidrone-espionage-group-targets-taiwan.html www.secnews.physaphae.fr/article.php?IdArticle=8573055 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Comment se défendre contre les attaques de pulvérisation brute et de mot de passe How to defend against brute force and password spray attacks While not very sophisticated, brute force password attacks pose a significant threat to an organization\'s security. Learn more from Specops Software about these types of attacks and how to defend against them. [...]]]> 2024-09-09T10:02:27+00:00 https://www.bleepingcomputer.com/news/security/how-to-defend-against-brute-force-and-password-spray-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8573259 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Checkmarx lance Container Security Produits]]> 2024-09-09T09:50:31+00:00 https://www.globalsecuritymag.fr/checkmarx-lance-container-security.html www.secnews.physaphae.fr/article.php?IdArticle=8573153 False Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Resurfaces spyware du prédateur: menaces renouvelées et implications mondiales Predator Spyware Resurfaces: Renewed Threats and Global Implications Intellexa\'s Predator spyware is back. After facing sanctions and exposure by the US government, the scourge appeared to decline. However, recent findings from Insikt Group, the threat research arm of cyber security company Recorded Future, reveal that Predator\'s infrastructure is active again. However, it has come back with modifications designed to evade detection and anonymize [...]]]> 2024-09-09T05:33:11+00:00 https://informationsecuritybuzz.com/predator-spyware-resur-renewed-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8573054 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Alertes de vulnérabilité de vigilance - NetApp Snapcenter: fuite de mot de passe, analysé le 08/07/2024 Vigilance Vulnerability Alerts - NetApp SnapCenter: password leak, analyzed on 08/07/2024 vulnérabilité de sécurité

An attacker can exploit an unknown vulnerability of NetApp SnapCenter, in order to get password-like secrets. - Security Vulnerability]]> 2024-09-08T12:04:06+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-netapp-snapcenter-password-leak-analyzed-on-08.html www.secnews.physaphae.fr/article.php?IdArticle=8572568 False Vulnerability,Threat None 2.0000000000000000 Contagio - Site d infos ransomware 2024-08-30 échantillon de ransomware ESXi Cicada 2024-08-30 Cicada ESXi Ransomware Sample

2024 -08 -30 truesec : disséquant la cigale (ransomware ) & nbsp; ESXi ransomware cicada3301, un groupe de ransomware d'abord d'aborddétecté en juin 2024, semble être une version rebaptisée ou dérivée du groupe Ransomware AlphV, utilisant un modèle Ransomware-as-a-Service (RAAS).Le ransomware, écrit en rouille, cible les environnements Windows et Linux / Esxi, en utilisant Chacha20 pour le cryptage.L'analyse technique révèle plusieurs similitudes clés avec AlPHV: les deux utilisent des structures de commande presque identiques pour arrêter les machines virtuelles et supprimer des instantanés, et partager une convention de dénomination de fichiers similaire.Le binaire de Ransomware \\ est un fichier ELF, avec son origine de rouille confirmée par des références de chaîne et une enquête de la section .comment. Les paramètres clés incluent Sleep , qui retarde l'exécution de Ransomware \\, et ui , qui affiche la progression du chiffrement à l'écran.Le paramètre clé est crucial pour le déchiffrement;S'il n'est pas fourni ou incorrect, le ransomware cessera de fonctionner.La fonction principale, linux_enc , démarre le processus de chiffrement en générant une clé aléatoire à l'aide de osrng .Les fichiers supérieurs à 100 Mo sont chiffrés en pièces, tandis que les fichiers plus petits sont chiffrés entièrement à l'aide de Chacha20.La clé chacha20 est ensuite sécurisée avec une clé publique RSA et ajoutée, ainsi qu'une extension de fichier spécifique, à la fin du fichier crypté. L'accès initial semble être facilité par le botnet Brutus, avec des acteurs de menace utilisant des informations d'identification volées ou forcées pour accéder via ScreenConnect.L'adresse IP associée à cette attaque est liée au botnet Brutus, ce qui augmente la possibilité d'une connexion directe entre les opérateurs de botnet et CICADA3301.Le ransomware dispose également d'une routine de vérification de décryptage, où une note de ransomware codée et cryptée stockée dans le binaire est décryptée à l'aide de la clé fournie, validant le décryptage correct. Télécharger Télécharger.(Envoyez-moi un e-mail si vous avez besoin du schéma de mot de passe) ]]> 2024-09-07T17:31:39+00:00 https://contagiodump.blogspot.com/2024/09/2024-08-30-cicada-esxi-ransomware-sample.html www.secnews.physaphae.fr/article.php?IdArticle=8572211 False Ransomware,Threat,Technical APT 10 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les acteurs de la menace nord-coréenne déploient des logiciels malveillants à la couverture via des escroqueries de l'emploi LinkedIn North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Google-owned Mandiant said in a new report about threats faced by the Web3 sector. "After an initial chat conversation, the attacker sent a ZIP file that contained]]> 2024-09-07T12:58:00+00:00 https://thehackernews.com/2024/09/north-korean-threat-actors-deploy.html www.secnews.physaphae.fr/article.php?IdArticle=8571823 False Malware,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Blindagle cible le secteur des assurances colombien avec Botchyquasar BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar 2024-09-06T22:15:34+00:00 https://community.riskiq.com/article/ed65488f www.secnews.physaphae.fr/article.php?IdArticle=8571595 True Ransomware,Spam,Malware,Tool,Threat,Prediction APT-C-36 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) APT Lazarus: castors cryptographiques avides, appels vidéo et jeux APT Lazarus: Eager Crypto Beavers, Video calls and Games 2024-09-06T20:50:58+00:00 https://community.riskiq.com/article/2d5ffbad www.secnews.physaphae.fr/article.php?IdArticle=8571535 True Ransomware,Malware,Tool,Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub Actions Vulnérable à la typosquat, exposant les développeurs à un code malveillant caché GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com). Adversaries targeting open-source repositories across]]> 2024-09-06T20:33:00+00:00 https://thehackernews.com/2024/09/github-actions-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8571336 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) La campagne complexe de rat de Babylon cible les politiciens malaisiens, le gouvernement The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government 2024-09-06T18:14:35+00:00 https://community.riskiq.com/article/1966a7cd www.secnews.physaphae.fr/article.php?IdArticle=8571438 True Ransomware,Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Les acteurs de menace utilisant MacRopack pour déployer des charges utiles Brute Ratel, Havoc et Phantomcore Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads ## Snapshot Researchers at Cisco Talos discovered a series of malicious Microsoft Office documents uploaded to VirusTotal between May and July 2024. These documents were created using "MacroPack," a tool designed for Red Team exercises but also exploited by malicious actors. ## Description The documents deployed various payloads, including the Havoc and [Brute Ratel](https://security.microsoft.com/intel-profiles/a09b8112881d2dead66c1b277c92ac586d9791e60b3b284ef303439a18d91786) frameworks, and a new version of the PhantomCore remote access trojan (also called PhanomRAT). Despite similarities in techniques, Talos could not link these activities to a single actor. The documents featured different themed lures: generic documents in Chinese and English instructing users to enable content, military-themed documents from Pakistan, and empty Excel workbooks from Russia. MacroPack-generated documents utilized obfuscated VBA macros and included non-malicious code to evade detection. Some samples appeared linked to Red Team exercises, adding complexity to attribution efforts. The professional version of MacroPack offers advanced features, such as anti-malware evasion and more resilient payloads, making it a versatile yet potentially dangerous tool. Despite the presence of benign code to reduce detection, MacroPa]]> 2024-09-06T15:22:05+00:00 https://community.riskiq.com/article/cd8dec3b www.secnews.physaphae.fr/article.php?IdArticle=8571370 False Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Tropic Trooper spies on government entities in the Middle East 2024-09-06T14:59:38+00:00 https://community.riskiq.com/article/818f5bec www.secnews.physaphae.fr/article.php?IdArticle=8571332 False Malware,Tool,Vulnerability,Threat,Studies,Medical,Conference None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Mallox ransomware: in-depth analysis and evolution 2024-09-06T14:17:23+00:00 https://community.riskiq.com/article/4d09890d www.secnews.physaphae.fr/article.php?IdArticle=8571333 False Ransomware,Malware,Tool,Threat,Technical None 2.0000000000000000 DarkTrace - DarkTrace: AI bases detection Compromis par courrier électronique d'entreprise (BEC) à l'ère de l'IA Business Email Compromise (BEC) in the Age of AI Generative AI tools have increased the risk of BEC, and traditional cybersecurity defenses struggle to stay ahead of the growing speed, scale, and sophistication of attacks. Only multilayered, defense-in-depth strategies can counter the AI-powered BEC threat.]]> 2024-09-06T13:35:00+00:00 https://darktrace.com/blog/business-email-compromise-bec-in-the-age-of-ai www.secnews.physaphae.fr/article.php?IdArticle=8588888 False Tool,Threat None 2.0000000000000000 Zataz - Magazine Francais de secu Rapport " Gamers et influenceurs : quelles menaces et comment mieux les protéger ? " 2024-09-06T10:41:14+00:00 https://www.zataz.com/rapport-gamers-et-influenceurs-quelles-menaces-et-comment-mieux-les-proteger/ www.secnews.physaphae.fr/article.php?IdArticle=8571178 False Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Tropic Trooper développe le ciblage: entité du gouvernement du Moyen-Orient frappé en cyberattaque stratégique Tropic Trooper Expands Targeting: Middle East Government Entity Hit in Strategic Cyber Attack Kaspersky has discovered that an advanced persistent threat (APT) group, Tropic Trooper, also known as KeyBoy and Pirate Panda, has been linked to a series of targeted attacks on a government entity in the Middle East. This is a strategic expansion for the group, which has historically focused on sectors like government, healthcare, transportation, and [...]]]> 2024-09-06T07:02:16+00:00 https://informationsecuritybuzz.com/tropic-trooper-target-middle-east-govt/ www.secnews.physaphae.fr/article.php?IdArticle=8571055 False Threat,Medical None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite La nouvelle technique d'attaque de la chaîne d'approvisionnement PYPI met 22 000 packages en danger New PyPI Supply Chain Attack Technique Puts 22,000 Packages at Risk A newly discovered PyPI hijack technique called “Revival Hijack” has been exploited in the wild, posing a significant threat to thousands of Python packages. Identified by JFrog’s security research team, the method takes advantage of a loophole in the PyPI software registry that allows attackers to re-register package names that have been removed by their [...]]]> 2024-09-06T06:21:43+00:00 https://informationsecuritybuzz.com/pypi-supply-chain-attack-packages-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8571056 False Threat None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Tidrone cible les industries militaires et satellites à Taiwan TIDRONE Targets Military and Satellite Industries in Taiwan Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones.]]> 2024-09-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/i/tidrone-targets-military-and-satellite-industries-in-taiwan.html www.secnews.physaphae.fr/article.php?IdArticle=8571117 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le groupe de pirates de langue chinois cible les études sur les droits de l'homme au Moyen-Orient Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East Unnamed government entities in the Middle East and Malaysia are the target of a persistent cyber campaign orchestrated by a threat actor known as Tropic Trooper since June 2023. "Sighting this group\'s [Tactics, Techniques, and Procedures] in critical governmental entities in the Middle East, particularly those related to human rights studies, marks a new strategic move for them," Kaspersky]]> 2024-09-05T21:49:00+00:00 https://thehackernews.com/2024/09/chinese-speaking-hacker-group-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8570621 False Threat,Studies None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Analyse du Trojan Mekotio Analyzing the Mekotio Trojan 2024-09-05T16:44:40+00:00 https://community.riskiq.com/article/0fb07b36 www.secnews.physaphae.fr/article.php?IdArticle=8570653 True Ransomware,Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Analysis of two arbitrary code execution vulnerabilities affecting WPS Office ## Snapshot ESET researchers identified and analyzed two zero-day arbitrary code execution vulnerabilities in Kingsoft WPS Office for Windows: [CVE-2024-7262](https://security.microsoft.com/intel-explorer/cves/CVE-2024-7262/), improper path validation in promecefpluginhost.exe, and [CVE-2024-7263](https://security.microsoft.com/intel-explorer/cves/CVE-2024-7263/), an additonal parameter for CVE-2024-7262. ## Description CVE-2024-7262 was exploited by the "APT-C-60" cyberespionage group, which targeted East Asian countries using a weaponized WPS Office spreadsheet document. This vulnerability involved the exploitation of a custom protocol handler called ksoqing, which allowed attackers to execute arbitrary libraries via a specially crafted hyperlink. The malicious document, disguised as a regular spreadsheet, was an MHTML file containing an embedded hyperlink that triggered remote code execution. This attack leveraged the control flow of the WPS O]]> 2024-09-05T15:34:14+00:00 https://community.riskiq.com/article/f897577d www.secnews.physaphae.fr/article.php?IdArticle=8570618 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les attaquants de logiciels malveillants utilisant Macropack pour livrer des ravages, Brute Ratel et Phantomcore Malware Attackers Using MacroPack to Deliver Havoc, Brute Ratel, and PhantomCore Threat actors are likely employing a tool designated for red teaming exercises to serve malware, according to new findings from Cisco Talos. The program in question is a payload generation framework called MacroPack, which is used to generate Office documents, Visual Basic scripts, Windows shortcuts, and other formats for penetration testing and social engineering assessments. It was developed]]> 2024-09-05T13:15:00+00:00 https://thehackernews.com/2024/09/malware-attackers-using-macropack-to.html www.secnews.physaphae.fr/article.php?IdArticle=8570308 False Malware,Tool,Threat None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Les acteurs de la menace exploitent la vulnérabilité GeoServer CVE-2024-36401 Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 When the GeoServer vulnerability CVE-2024-36401 emerged, the FortiGuard Labs gathered related intelligence. This blog highlights the threat actors and how they exploit and use the vulnerability.]]> 2024-09-05T13:00:00+00:00 https://www.fortinet.com/blog/threat-research/threat-actors-exploit-geoserver-vulnerability-cve-2024-36401 www.secnews.physaphae.fr/article.php?IdArticle=8570509 False Vulnerability,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le chercheur trouve impédensable mais difficile d'exploiter la faille dans Yubikeys Researcher Finds Unfixable Yet Tricky to Exploit Flaw in Yubikeys A security flaw exploiting side channel attacks means some Yubikeys can be cloned]]> 2024-09-05T11:15:00+00:00 https://www.infosecurity-magazine.com/news/researcher-vulnerability-yubikeys/ www.secnews.physaphae.fr/article.php?IdArticle=8570414 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle kilkware multiplateforme Ktlvdoor découverte lors de l'attaque contre la société de négociation chinoise New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The previously unreported malware is written in Golang, and thus is a cross-platform weapon capable of targeting both Microsoft Windows and Linux systems. "KTLVdoor is a highly obfuscated malware that]]> 2024-09-05T10:33:00+00:00 https://thehackernews.com/2024/09/new-cross-platform-malware-ktlvdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8570243 False Malware,Threat None 2.0000000000000000 SlashNext - Cyber Firm Project Phantom: révolutionnaire Zero-Cust Virtual Stealth Browser URL Analyse qui change le jeu en cybersécurité Project Phantom: Revolutionary Zero-Trust Virtual Stealth Browser URL Analysis that\\'s Changing the Game in Cybersecurity Dans le paysage en constante évolution de la cybersécurité, le jeu de chat et de souris entre les défenseurs et les attaquants ne se termine jamais.Chez Slashnext, nous avons été à l'avant-garde de cette bataille, innovant constamment pour rester en avance sur des menaces sophistiquées.Aujourd'hui, nous sommes ravis d'annoncer un développement révolutionnaire qui, selon nous, révolutionnera la détection des menaces, la dernière itération de notre virtuel virtuel à zéro [& # 8230;] Le post Project Phantom: révolutionnaire zéro-trust virtuel du navigateur à la dureLa cybersécurité est apparue pour la première fois sur slashnext .

>In the ever-evolving landscape of cybersecurity, the cat-and-mouse game between defenders and attackers never ends. At SlashNext, we’ve been at the forefront of this battle, constantly innovating to stay ahead of sophisticated threats. Today, we’re excited to announce a groundbreaking development that we believe will revolutionize threat detection, the latest iteration of our zero-trust virtual […] The post Project Phantom: Revolutionary Zero-Trust Virtual Stealth Browser URL Analysis that\'s Changing the Game in Cybersecurity first appeared on SlashNext.]]> 2024-09-05T08:59:17+00:00 https://slashnext.com/blog/project-phantom-virtual-stealth-browser/ www.secnews.physaphae.fr/article.php?IdArticle=8570518 False Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Le phishing reste la cyber-menace supérieure malgré la baisse des incidents Phishing Remains Top Cyber Threat Despite Drop in Incidents Phishing remains the most common cyber threat, representing 37% of incidents in Q3 2024. However, incidents of credential exposure have increased to almost 89%, raising concerns about data security risks across industries, according to the latest report by ReliaQuest on quarterly attacker trends analysis. Between May 1 and July 31, 2024, ReliaQuest analyzed customer incident [...]]]> 2024-09-05T06:09:45+00:00 https://informationsecuritybuzz.com/phishing-top-cyber-threat-despite-drop/ www.secnews.physaphae.fr/article.php?IdArticle=8570239 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Trap hacker: faux outils unique des cybercriminaux outils uniquement, vole des mots de passe Hacker trap: Fake OnlyFans tool backstabs cybercriminals, steals passwords Hackers are targeting other hackers with a fake OnlyFans tool that claims to help steal accounts but instead infects threat actors with the Lumma stealer information-stealing malware. [...]]]> 2024-09-05T05:15:20+00:00 https://www.bleepingcomputer.com/news/security/hacker-trap-fake-onlyfans-tool-backstabs-cybercriminals-steals-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=8570586 False Malware,Tool,Threat None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GCP-2024-050 Bulletin de sécurité gke logiciel GDC pour VMware Security Bulletin gke sur le bulletin de sécurité AWS gke sur le bulletin de sécurité azur logiciel GDC pour le bulletin de sécurité Bare Metal Aucun CVE-2024-38063

Published: 2024-09-04Description Description Severity Notes A new remote code execution vulnerability (CVE-2024-38063) has been discovered in Windows. An attacker could remotely exploit this vulnerability by sending specially crafted IPv6 packets to a host. For instructions and more details, see the following bulletins: GKE security bulletin GDC software for VMware security bulletin GKE on AWS security bulletin GKE on Azure security bulletin GDC software for bare metal security bulletin None CVE-2024-38063 ]]> 2024-09-04T21:54:58+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-050 www.secnews.physaphae.fr/article.php?IdArticle=8570015 False Vulnerability,Threat,Cloud None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates nord-coréens ciblent les demandeurs d'emploi avec une fausse application de freeconference North Korean Hackers Targets Job Seekers with Fake FreeConference App North Korean threat actors have leveraged a fake Windows video conferencing application impersonating FreeConference.com to backdoor developer systems as part of an ongoing financially-driven campaign dubbed Contagious Interview. The new attack wave, spotted by Singaporean company Group-IB in mid-August 2024, is yet another indication that the activity is also leveraging native installers for]]> 2024-09-04T21:22:00+00:00 https://thehackernews.com/2024/09/north-korean-hackers-targets-job.html www.secnews.physaphae.fr/article.php?IdArticle=8569815 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion 2024-09-04T20:38:54+00:00 https://community.riskiq.com/article/222628fc www.secnews.physaphae.fr/article.php?IdArticle=8570004 True Ransomware,Malware,Tool,Threat,Prediction APT 27 3.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido Alerte de nouvelles: AI Spera atteint la certification PCI DSS pour sa solution de moteur de recherche \\ 'Criminal IP \\' News alert: AI SPERA attains PCI DSS certification for its search engine solution \\'Criminal IP\\' Torrance, Californie, 4 septembre 2024, CyberNewswire & # 8212; AI Spera , une entreprise de renseignement de cyber-menace (CTI), a obtenu la certification PCI DSS v4.0 pour son produit phareSolution de moteur de recherche, IP criminel Cette réalisation s'appuie sur la réalisation de l'année dernière de PCI & # 8230; (plus…) Le post Alerte de nouvelles: AI Spera atteint la certification PCI DSS pour sa solution de moteur de recherche \\ 'Criminal ip \' est apparu pour la première fois sur The Last Watchdog.

>Torrance, Calif., Sept. 4, 2024, CyberNewsWire — AI SPERA, a leading Cyber Threat Intelligence (CTI) company, has achieved PCI DSS v4.0 certification for its flagship search engine solution, Criminal IP. This accomplishment builds on last year’s attainment of PCI … (more…) The post News alert: AI SPERA attains PCI DSS certification for its search engine solution \'Criminal IP\' first appeared on The Last Watchdog.]]> 2024-09-04T19:59:53+00:00 https://www.lastwatchdog.com/news-alert-ai-spera-wins-pci-dss-certification-for-its-search-engine-solution-criminal-ip/ www.secnews.physaphae.fr/article.php?IdArticle=8569940 False Threat None 3.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido ALERTE NOUVELLE: INE Sécurité publie un guide de stratégies pour la préparation aux cybermenaces, Capacités de réponse News alert: INE Security releases a strategies guide for cyber threat preparedness, response capabilities Cary, NC, 4 septembre 2024, CyberNewswire & # 8212;Dans une réponse proactive au paysage en évolution rapide des cyber-menaces, INE Sécurité , un leader mondial de la formation de la cybersécurité et du réseau, a dévoilé aujourd'hui une initiative cruciale destinée à fortifier les défenses de l'entreprise & # 8230 & # 8230 & # 8230 & # 8230; (Plus…) Le post News Alert: INE Security publie un guide de stratégies pour la préparation à la cyber-menace, les capacités de réponse sont apparues pour la première fois sur le dernier chien de garde .

>Cary, NC, Sept. 4, 2024, CyberNewsWire — In a proactive response to the rapidly evolving landscape of cyber threats, INE Security, a global leader in cybersecurity and network training, today unveiled a crucial initiative aimed at fortifying corporate defenses … (more…) The post News alert: INE Security releases a strategies guide for cyber threat preparedness, response capabilities first appeared on The Last Watchdog.]]> 2024-09-04T19:47:27+00:00 https://www.lastwatchdog.com/news-alert-ine-security-releases-a-strategies-guide-for-cyber-threat-preparedness-response-capabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8569941 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Fake Palo Alto GlobalProtect used as lure to backdoor enterprises 2024-09-04T18:51:15+00:00 https://community.riskiq.com/article/22951902 www.secnews.physaphae.fr/article.php?IdArticle=8569939 False Malware,Tool,Threat,Prediction APT 34 2.0000000000000000 TechRepublic - Security News US Iran Cyber Attack: Fox Kitten facilite les ransomwares aux États-Unis Iran Cyber Attack: Fox Kitten Facilitates Ransomware in US Read more about an attack campaign led by Iran-based cyberespionage threat actor Fox Kitten, and learn how to protect your company from this threat.]]> 2024-09-04T17:01:18+00:00 https://www.techrepublic.com/article/iran-cyber-attack-fox-kitten/ www.secnews.physaphae.fr/article.php?IdArticle=8569849 False Ransomware,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch FBI: acteurs nord-coréens qui préparent une vague de cyberattaques agressive FBI: North Korean Actors Readying Aggressive Cyberattack Wave Sophisticated social engineering is expected to accompany threat campaigns that are highly targeted and aimed at stealing crypto and deploying malware.]]> 2024-09-04T16:57:40+00:00 https://www.darkreading.com/threat-intelligence/fbi-north-korean-actors-aggressive-cyberattack-wave www.secnews.physaphae.fr/article.php?IdArticle=8569850 False Malware,Threat None 3.0000000000000000 UnderNews - Site de news "pirate" francais Cybersécurité : quand les hackers éthiques se mettent au service des entreprises Les cybermenaces ont évolué, passant de malware et de systèmes de phishing de base à des attaques ciblées et sophistiquées, souvent orchestrées par des États-nations ou des groupes criminels organisés. Tribune par Blandine Delaporte, Senior Solution Engineer Director chez SentinelOne. Les entreprises sont désormais confrontées à des menaces persistantes avancées (APT), à des ransomwares avec […] The post Cybersécurité : quand les hackers éthiques se mettent au service des entreprises first appeared on UnderNews.]]> 2024-09-04T16:41:06+00:00 https://www.undernews.fr/hacking-hacktivisme/cybersecurite-quand-les-hackers-ethiques-se-mettent-au-service-des-entreprises.html www.secnews.physaphae.fr/article.php?IdArticle=8569848 False Malware,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Le chercheur à menace de la Global Cybersecurity Company réagit à la cyberattaque TFL Threat researcher at global cybersecurity company reacts to TfL cyberattack opinion

Threat researcher at global cybersecurity company reacts to TfL cyberattack - Opinion]]> 2024-09-04T15:47:16+00:00 https://www.globalsecuritymag.fr/threat-researcher-at-global-cybersecurity-company-reacts-to-tfl-cyberattack.html www.secnews.physaphae.fr/article.php?IdArticle=8569818 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain New Eucleak Attack permet aux acteurs de menacer les acteurs Yubikey Fido Keys New Eucleak attack lets threat actors clone YubiKey FIDO keys A new "EUCLEAK" flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico\'s YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm (ECDSA) secret keys and clone the FIDO device. [...]]]> 2024-09-04T13:48:12+00:00 https://www.bleepingcomputer.com/news/security/new-eucleak-attack-lets-threat-actors-clone-yubikey-fido-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8569880 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Netskope Threat Labs : avec une hausse de l\'utilisation de l\'IA dans l\'industrie manufacturière, les cyberattaquants diversifient les méthodes utilisées contre ce secteur Produits]]> 2024-09-04T13:17:55+00:00 https://www.globalsecuritymag.fr/netskope-threat-labs-avec-une-hausse-de-l-utilisation-de-l-ia-dans-l-industrie.html www.secnews.physaphae.fr/article.php?IdArticle=8569744 False Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Outil d'équipe rouge maltraité pour le déploiement de logiciels malveillants Red Teaming Tool Abused for Malware Deployment Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware]]> 2024-09-04T13:00:00+00:00 https://www.infosecurity-magazine.com/news/red-teaming-tool-abused-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8569712 False Malware,Tool,Threat None 3.0000000000000000 Cisco - Security Firm Blog Tirer parti de l'intelligence des menaces dans Cisco Secure Network Analytics Leveraging Threat Intelligence in Cisco Secure Network Analytics

Cisco Secure Network Analytics provides pervasive network visibility and security analytics for advanced protection across the extended network and cloud. The purpose of this blog is to review two methods of using threat intelligence in Secure Network Analytics. First, we will cover the threat intelligence feed, and then we will look at using your own […]]]> 2024-09-04T12:00:47+00:00 https://feedpress.me/link/23535/16792788/leveraging-threat-intelligence-in-cisco-secure-network-analytics www.secnews.physaphae.fr/article.php?IdArticle=8569670 False Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms ProofPoint est le leader global du marché dans le Frost Radar ™: Sécurité des e-mails, 2024 Rapport Proofpoint Is the Overall Market Leader in the Frost Radar™: Email Security, 2024 Report 2024-09-04T11:42:52+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/proofpoint-overall-market-leader-frost-radar-email-security-2024 www.secnews.physaphae.fr/article.php?IdArticle=8569705 False Tool,Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain IP criminel obtient la certification PCI DSS V4.0 pour la sécurité de haut niveau Criminal IP Earns PCI DSS v4.0 Certification for Top-Level Security AI Spera has achieved PCI DSS v4.0 certification for its threat intel search engine solution, Criminal IP. Learn more from the Criminal IP cyber threat intelligence search engine. [...]]]> 2024-09-04T10:02:37+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-earns-pci-dss-v40-certification-for-top-level-security/ www.secnews.physaphae.fr/article.php?IdArticle=8569740 False Threat None 1.00000000000000000000 Bleeping Computer - Magazine Américain REVIVAL HIJACK L'attaque de la chaîne d'approvisionnement menace 22 000 forfaits PYPI Revival Hijack supply-chain attack threatens 22,000 PyPI packages Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks. [...]]]> 2024-09-04T09:43:03+00:00 https://www.bleepingcomputer.com/news/security/revival-hijack-supply-chain-attack-threatens-22-000-pypi-packages/ www.secnews.physaphae.fr/article.php?IdArticle=8569741 False Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Chaque entreprise peut-elle se permettre d'être une cible? Can Every Business Afford to Be a Target? As malicious actors increasingly create cybercriminal business models, small and medium-sized businesses (SMBs) face a changing cyber threat landscape. Today, being a cybercriminal no longer requires advanced technical skills, expanding the number of attackers and their attack capabilities. Unlike larger corporations, SMBs often lack the financial and staffing resources necessary to implement robust security programs [...]]]> 2024-09-04T07:55:17+00:00 https://informationsecuritybuzz.com/can-every-business-afford-to-be-target/ www.secnews.physaphae.fr/article.php?IdArticle=8569531 False Threat,Technical None 3.0000000000000000 The State of Security - Magazine Américain Stratégies de formation de sensibilisation à la cybersécurité des employés pour les attaques améliorées de l'IA Employee Cybersecurity Awareness Training Strategies for AI-Enhanced Attacks With the adoption of AI in almost every sphere of our lives and its unending advancement, cyberattacks are rapidly increasing. Threat actors with malicious intent use AI tools to create phishing emails and other AI-generated content to bypass traditional security measures. On the bright side, the security capabilities of AI are limitless. AI-enhanced attacks refer to cybersecurity events that use artificial intelligence to compromise individuals\' and organizations\' safety. AI tools can generate any form of content, either written or video. The authenticity of this content is hard to determine...]]> 2024-09-04T03:10:59+00:00 https://www.tripwire.com/state-of-security/employee-cybersecurity-awareness-training-strategies-ai-enhanced-attacks www.secnews.physaphae.fr/article.php?IdArticle=8569534 False Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Les attaquants soutenus par l'État et les vendeurs de surveillance commerciale utilisent à plusieurs reprises les mêmes exploits State-backed attackers and commercial surveillance vendors repeatedly use the same exploits 2024-09-04T02:45:48+00:00 https://community.riskiq.com/article/12b5ac31 www.secnews.physaphae.fr/article.php?IdArticle=8569431 False Malware,Tool,Vulnerability,Threat,Legislation,Mobile,Commercial APT 29 2.0000000000000000 TrendMicro - Security Firm Blog Earth Lusca utilise la porte dérobée KTLVDOOOR pour l'intrusion multiplateforme Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion While monitoring Earth Lusca, we discovered the threat group\'s use of KTLVdoor, a highly obfuscated multiplatform backdoor, as part of a large-scale attack campaign.]]> 2024-09-04T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/i/earth-lusca-ktlvdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8569530 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) La dynamique émergente des campagnes d'escroquerie DeepFake sur le Web The Emerging Dynamics of Deepfake Scam Campaigns on the Web ## Snapshot Researchers at Palo Alto Networks have discovered numerous scam campaigns using deepfake videos featuring public figures like CEOs, news anchors, and government officials. ## Description These scams target different countries and are conducted in multiple languages, including English, Spanish, French, and Russian. The campaigns appear to be orchestrated by a single threat actor group as they all leverage similar deepfake techniques, have like "calls to action," and host videos on a few shared domains that do not appear to be used for any other purpose. In these campaigns, the deepfakes are used to promote fake investment schemes and government-sponsored giveaways. The investigation revealed hundreds of domains used to host these scams, each with significant global traffic. The "Quantum AI" scam was identified as one of the primary campaigns, where attackers use newly registered domains to host videos featuring AI-generated audio over genuine videos, altered to match lip movements. Celebrities like Elon Musk and high-profile figures from different countries are commonly impersonated. ## References [The Emerging Dynamics of Deepfake Scam Campaigns on the Web](https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/). Palo Alto Networks (accessed 2024-09-03) ## Copyright **© Microsoft 2024**. All rights reserved. Reproduction or distribution of the content of this site, or any part thereof, without written permission of Microsoft is prohibited.]]> 2024-09-03T22:46:15+00:00 https://community.riskiq.com/article/6c6367c7 www.secnews.physaphae.fr/article.php?IdArticle=8569346 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle ransomware à base de rouille CICADA3301 cible Windows et Linux Systems New Rust-Based Ransomware Cicada3301 Targets Windows and Linux Systems Cybersecurity researchers have unpacked the inner workings of a new ransomware variant called Cicada3301 that shares similarities with the now-defunct BlackCat (aka ALPHV) operation. "It appears that Cicada3301 ransomware primarily targets small to medium-sized businesses (SMBs), likely through opportunistic attacks that exploit vulnerabilities as the initial access vector," cybersecurity]]> 2024-09-03T18:46:00+00:00 https://thehackernews.com/2024/09/new-rust-based-ransomware-cicada3301.html www.secnews.physaphae.fr/article.php?IdArticle=8569102 False Ransomware,Vulnerability,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Emansrepo Stealer: Multi-Vector Attack Chains 2024-09-03T17:29:50+00:00 https://community.riskiq.com/article/94d41800 www.secnews.physaphae.fr/article.php?IdArticle=8569233 False Ransomware,Spam,Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Le malware qui ne doit pas être nommé: la campagne d'espionnage présumée livre Voldemort The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers Voldemort 2024-09-03T16:34:56+00:00 https://community.riskiq.com/article/3cc65ab7 www.secnews.physaphae.fr/article.php?IdArticle=8569206 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Soulever le brouillard: l'étude de Darktrace \\ sur les ransomwares de brouillard Lifting the Fog: Darktrace\\'s Investigation into Fog Ransomware In early May 2024, Fog ransomware was first observed in the wild, seemingly targeting US-based educational organizations. Read on to find out about Darktrace\'s investigation into this novel ransomware threat.]]> 2024-09-03T15:43:00+00:00 https://darktrace.com/blog/lifting-the-fog-darktraces-investigation-into-fog-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8583959 False Ransomware,Threat None 3.0000000000000000 Team Cymru - Equipe de Threat Intelligence L'évolution de la chasse aux menaces The Evolution of Threat Hunting According to Nearly 300 Security Practitioners One of the best ways to proactively protect your organization is through threat hunting....]]> 2024-09-03T14:11:08+00:00 https://www.team-cymru.com/post/the-evolution-of-threat-hunting www.secnews.physaphae.fr/article.php?IdArticle=8569208 False Threat None 2.0000000000000000 Mandiant - Blog Sécu de Mandiant ATTENTIONS DÉFÉRENCES - Examiner les cambriolages Web3 DeFied Expectations - Examining Web3 Heists Where money goes, crime follows. The rapid growth of Web3 has presented new opportunities for threat actors, especially in decentralized finance (DeFi), where the heists are larger and more numerous than anything seen in the traditional finance sector. Mandiant has a long history of investigating bank heists. In 2016, Mandiant investigated the world\'s largest bank heist that occurred at the Bank of Bangladesh and resulted in the theft of $81 million by North Korea\'s APT38. While the group\'s operations were quite innovative and made for an entertaining 10-episode podcast by the BBC, it pales in comparison to Web3 heists. In 2022, the largest DeFi heist occurred on Sky Mavis\' Ronin Blockchain, which resulted in the theft of over $600 million by North Korean threat actors. While North Korea is arguably the world\'s leading cyber criminal enterprise, they are not the only player. Since 2020, there have been hundreds of Web3 heists reported, which has resulted in over $12 billion in stolen digital assets

Source: Chainalysis 2024 Crypto Crime Report While social engineering, crypto drainers, rug pulls (scams), and ]]> 2024-09-03T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/examining-web3-heists/ www.secnews.physaphae.fr/article.php?IdArticle=8569124 False Malware,Hack,Vulnerability,Threat,Cloud APT 38 2.0000000000000000 Global Security Mag - Site de news francais Hewlett Packard Enterprise renforce son portefeuille de réseaux alimentés par l\'IA et axés sur la sécurité Produits]]> 2024-09-03T13:22:31+00:00 https://www.globalsecuritymag.fr/hewlett-packard-enterprise-renforce-son-portefeuille-de-reseaux-alimentes-par-l.html www.secnews.physaphae.fr/article.php?IdArticle=8569098 False Threat,Cloud None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Emansrepo Stealer: chaînes d'attaque multi-vecteurs Emansrepo Stealer: Multi-Vector Attack Chains FortiGuard Labs has uncovered a fresh threat - Emansrepo stealer, which is distributed via multiple attack chains for months. Learn more.]]> 2024-09-03T13:00:00+00:00 https://www.fortinet.com/blog/threat-research/emansrepo-stealer-multi-vector-attack-chains www.secnews.physaphae.fr/article.php?IdArticle=8569095 False Threat None 2.0000000000000000 ZoneAlarm - Security Firm Blog La menace en expansion des profondeurs générées par l'IA The Expanding Threat of AI-Generated Deepfakes Dans un monde de plus en plus numérique, la montée en puissance des profondeurs générées de l'AI représente l'une des menaces les plus importantes pour la cybersécurité et l'intégrité de l'information.Ces images, des vidéos et même des voix hyper-réalistes et créées par AI, et même des voix brouillantes entre la réalité et la fiction, posant des risques sans précédent pour les individus, les organisations et la société dans son ensemble.À mesure que la technologie évolue, le & # 8230;

>In an increasingly digital world, the rise of AI-generated deepfakes represents one of the most significant threats to cybersecurity and the integrity of information. These hyper-realistic, AI-created images, videos, and even voices blur the lines between reality and fiction, posing unprecedented risks to individuals, organizations, and society at large. As technology evolves, so do the … ]]> 2024-09-03T12:43:38+00:00 https://blog.zonealarm.com/2024/09/the-expanding-threat-of-ai-generated-deepfakes/ www.secnews.physaphae.fr/article.php?IdArticle=8569069 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial ForeStcout rapporte que les cyber-menaces augmentaient, les pirates parrainés par l'État ciblent les vulnérabilités VPN, les attaques de ransomware augmentent Forescout reports cyber threats surge, state-sponsored hackers target VPN vulnerabilities, ransomware attacks rise Cybersecurity vendor Forescout Technologies has released a new report detailing the current landscape of vulnerabilities, threat actors, and... ]]> 2024-09-03T12:10:53+00:00 https://industrialcyber.co/reports/forescout-reports-cyber-threats-surge-state-sponsored-hackers-target-vpn-vulnerabilities-ransomware-attacks-rise/ www.secnews.physaphae.fr/article.php?IdArticle=8569046 False Ransomware,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms Quelle est l'efficacité de votre programme de risque d'initié? How Effective Is Your Insider Risk Program? 2024-09-03T10:49:27+00:00 https://www.proofpoint.com/us/blog/information-protection/how-effective-your-insider-risk-program www.secnews.physaphae.fr/article.php?IdArticle=8569235 False Threat,Prediction,Technical None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Le facteur humain dans la cybersécurité: informations comportementales et stratégies d'atténuation The Human Factor in Cybersecurity: Behavioral Insights and Mitigation Strategies significant security breaches for organizations of all sizes. These mistakes aren’t inevitable or limited to any one role—they can happen to anyone, from top executives to customer service reps—but they are preventable with the right knowledge and constant vigilance in place. With this in mind, today’s article will examine some real-world examples and some of the most common human errors in cybersecurity to help your organization stay safe and secure. With better awareness and training, organizations can turn their weakest link into a robust first line of defense against cyber threats. The Role of Human Error in Cybersecurity Human error tends to play a fundamental role in many cybersecurity breaches, often being the weakest link in the chain—it\'s not just about hackers exploiting software vulnerabilities; it\'s also about people making mistakes. According to a 2023 Verizon study, a worrying 68% of security breaches have some form of human error involved in them. This staggering statistic directly highlights how essential it is to address the human element in cybersecurity strategies head-on. Studies have shown that employees, regardless of their position, frequently fall victim to phishing scams, use weak passwords, or fail to follow basic security protocols. These common mistakes create entry points for cybercriminals to cause breaches and other security events. To get a better idea of what’s being discussed here, try to consider the everyday actions that can compromise security: ● Clicking on a suspicious link ● Reusing passwords across multiple sites ● Neglecting software updates ● Not being vigilant about security threats. Although each of these errors might seem minor in isolation, together, they contribute significantly to your organization\'s overall risk. Common Psychological and Behavioral Pitfalls When it comes to cybersecurity, it isn’t just technical vulnerabilities that pose a threat—human psychology also plays a significant role here, too. Common cognitive biases, such as overconfidence and the desire for convenience, can often lead to security lapses. For instance, someone might feel overconfident in their ability to spot a phishing email, leading them to lower their guard and inadvertently click on a malicious link. Keep in mind, however, that malicious links are yesterday’s news—but ]]> 2024-09-03T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-human-factor-in-cybersecurity-behavioral-insights-and-mitigation-strategies www.secnews.physaphae.fr/article.php?IdArticle=8568995 False Tool,Vulnerability,Threat,Studies,Mobile,Technical Equifax 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les nouveaux défauts dans les applications Microsoft MacOS pourraient permettre aux pirates de gagner un accès sans restriction New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access Eight vulnerabilities have been uncovered in Microsoft applications for macOS that an adversary could exploit to gain elevated privileges or access sensitive data by circumventing the operating system\'s permissions-based model, which revolves around the Transparency, Consent, and Control (TCC) framework. "If successful, the adversary could gain any privileges already granted to the affected]]> 2024-09-03T09:31:00+00:00 https://thehackernews.com/2024/09/new-flaws-in-microsoft-macos-apps-could.html www.secnews.physaphae.fr/article.php?IdArticle=8568876 False Vulnerability,Threat None 2.0000000000000000 Kaspersky - Kaspersky Research blog Il menace l'évolution au T2 2024. Statistiques non mobiles IT threat evolution in Q2 2024. Non-mobile statistics This report presents statistics on PC threats for Q2 2024, including data on ransomware, miners, threats to macOS and IoT devices.]]> 2024-09-03T08:00:47+00:00 https://securelist.com/it-threat-evolution-q2-2024-pc-statistics/113683/ www.secnews.physaphae.fr/article.php?IdArticle=8568945 False Ransomware,Threat None 2.0000000000000000 Kaspersky - Kaspersky Research blog IT Menace Evolution au T2 2024. Statistiques mobiles IT threat evolution in Q2 2024. Mobile statistics The report gives statistics on mobile malware and unwanted software for Q2 2024, including mobile banking Trojans and ransomware.]]> 2024-09-03T08:00:46+00:00 https://securelist.com/it-threat-evolution-q2-2024-mobile-statistics/113678/ www.secnews.physaphae.fr/article.php?IdArticle=8568946 False Ransomware,Malware,Threat,Mobile None 2.0000000000000000 Kaspersky - Kaspersky Research blog It menace évolution Q2 2024 IT threat evolution Q2 2024 In this report, Kaspersky researchers explore the most significant attacks of Q2 2024 that used a XZ backdoor, the LockBit builder, ShrinkLocker ransomware, etc.]]> 2024-09-03T08:00:08+00:00 https://securelist.com/it-threat-evolution-q2-2024/113669/ www.secnews.physaphae.fr/article.php?IdArticle=8568947 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) L'ancien ingénieur est facturé au Missouri pour une tentative d'extorsion de Bitcoin de 750 000 $ Ex-Engineer Charged in Missouri for Failed $750,000 Bitcoin Extortion Attempt A 57-year-old man from the U.S. state of Missouri has been arrested in connection with a failed data extortion campaign that targeted his former employer. Daniel Rhyne of Kansas City, Missouri, has been charged with one count of extortion in relation to a threat to cause damage to a protected computer, one count of intentional damage to a protected computer, and one count of wire fraud. He was]]> 2024-09-03T07:28:00+00:00 https://thehackernews.com/2024/09/ex-engineer-charged-in-missouri-for.html www.secnews.physaphae.fr/article.php?IdArticle=8568835 False Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite La campagne lente # Tempest cible les utilisateurs chinois avec des tactiques avancées SLOW#TEMPEST Campaign Targets Chinese Users with Advanced Tactics A sophisticated cyber campaign, dubbed SLOW#TEMPEST, has been uncovered by the Securonix Threat Research team, targeting Chinese-speaking users. The attack, characterized by the deployment of Cobalt Strike payloads, managed to evade detection for over two weeks, demonstrating the malicious actors\' ability to establish persistence and move laterally within compromised systems. SLOW#TEMPEST primarily targets victims in [...]]]> 2024-09-03T04:59:00+00:00 https://informationsecuritybuzz.com/slowtempest-campaign-targets-chinese/ www.secnews.physaphae.fr/article.php?IdArticle=8568877 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires OSINT, 2 septembre 2024 Weekly OSINT Highlights, 2 September 2024 2024-09-02T19:54:58+00:00 https://community.riskiq.com/article/161e114f www.secnews.physaphae.fr/article.php?IdArticle=8568711 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud APT 41,APT 32 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le groupe RansomHub Ransomware cible 210 victimes dans les secteurs critiques RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services,]]> 2024-09-02T19:03:00+00:00 https://thehackernews.com/2024/09/ransomhub-ransomware-group-targets-210.html www.secnews.physaphae.fr/article.php?IdArticle=8568551 False Ransomware,Threat,Medical None 2.0000000000000000 Contagio - Site d infos ransomware 2022-2024 Corée du Nord Citrine Citrine Sleet / Lazarus Fudmodule (BYOVD) ROOTKIT Samples 2022-2024 North Korea Citrine Sleet /Lazarus FUDMODULE ( BYOVD ) Rootkit Samples ]]> 2024-09-02T16:43:39+00:00 https://contagiodump.blogspot.com/2024/09/2022-2024-north-korea-citrine-sleet.html www.secnews.physaphae.fr/article.php?IdArticle=8568712 False Vulnerability,Threat,Conference APT 38 2.0000000000000000 Global Security Mag - Site de news francais Nozomi Networks collabore avec Mandiant pour offrir une solution de détection et de réponse aux menaces OT, IT et IoT Produits]]> 2024-09-02T13:45:38+00:00 https://www.globalsecuritymag.fr/nozomi-networks-collabore-avec-mandiant-pour-offrir-une-solution-de-detection.html www.secnews.physaphae.fr/article.php?IdArticle=8568548 False Threat,Industrial None 2.0000000000000000 Contagio - Site d infos ransomware 2024-08-28 Corona Mirai Botnet Spreads via le zéro-jour (CVE-2024-7029) - Vulnérabilité d'injection de commande trouvée dans la fonction de luminosité des échantillons de télévision en circuit fermé AVTech (CCTV) 2024-08-28 CORONA MIRAI Botnet Spreads via Zero-Day (CVE-2024-7029) - command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) Samples - 2024 - 7029) - Vulnérabilité d'injection de commande trouvéeDans la fonction de luminosité d'Avtech fermé ]]> 2024-09-02T13:45:16+00:00 https://contagiodump.blogspot.com/2024/09/2024-08-28-corona-mirai-botnet-spreads.html www.secnews.physaphae.fr/article.php?IdArticle=8568648 False Vulnerability,Threat None 3.0000000000000000 Contagio - Site d infos ransomware 2024-08-29 échantillons d'asyncrat 2024-08-29 ASYNCRAT Samples Exploration de la livraison des plugins asyncrat et infoséaler via des e-mails de phishing

L'unité de réponse à la menace de Esesentire (TRU) a découvert une infection asyncratFichier (.wsf) par e-mail.> Ce fichier était en fait une archive zip qui, une fois extraite, a exécuté des scripts supplémentaires pour établir la persistance du système. Regasm.exe Processus en utilisant une DLL pour échapper à la détection davant/> De plus, cette version d'Asyncrat comprenait un plugin d'infostealer conçu pour exfiltrer les données de navigateurs Web populaires comme Chrome et Firefox, ainsi que des extensions de portefeuille de crypto-monnaie telles que Metamask et Coinbase.L'attaque met en évidence l'utilisation de plusieurs étapes et des techniques d'obscurcissement pour maintenir la persistance et voler des informations sensibles au système infecté. Télécharger

Télécharger.Email moi si vous avez besoin du schéma de mot de passe. Informations sur le fichier & nbsp; ├── 29b4af288f1bb75da4df5cbf00033c68df1fee656433cb99726f16de8c2b55f1 uzopuzbkrpcziwca txt & nbsp; ]]> 2024-09-02T13:27:42+00:00 https://contagiodump.blogspot.com/2024/09/2024-08-29-asyncrat-samples.html www.secnews.physaphae.fr/article.php?IdArticle=8568649 False Threat None 3.0000000000000000 Contagio - Site d infos ransomware 2024-08-14 Échantillons d'infosteller OSX Banshee 2024-08-14 OSX BANSHEE infostealer Samples 2024-09-02T12:42:23+00:00 https://contagiodump.blogspot.com/2024/09/2024-08-14-osx-banshee-infostealer.html www.secnews.physaphae.fr/article.php?IdArticle=8568625 False Malware,Threat None 2.0000000000000000 Contagio - Site d infos ransomware 2024-08-21 Moonpeak Malware des échantillons de l'UAT-5394 nord-coréens 2024-08-21 MOONPEAK malware from North Korean UAT-5394 Samples 2024-08-21 Talos Intelligence & nbsp; MoonpeakLes logiciels malveillants des acteurs nord-coréens dévoilent de nouveaux détails sur l'infrastructure de l'attaquant & nbsp; & nbsp; Cisco Talos a identifié une nouvelle famille de rats nommée "Moonpeak", une variante du malware Xenorat open source.Ce rat est actuellement développé par le groupe d'acteurs de menaces parrainé par l'État nord-coréen UAT-5394. & nbsp; UAT-5394 est passé de s'appuyer sur les services cloud àLa mise en place de leur propre infrastructure. Les serveurs identifiés dans cette campagne comprennent le 95.164.86.148, qui a servi de MoonPeak C2 sur le port 9999 et 167.88.173.173, un serveur qui était initialement considéré comme lié au GamaredonAPT mais a ensuite été trouvé sous le contrôle de l'UAT-5394 \\.Ce serveur a été utilisé pour compiler MoonPeak V2 malware et se connecter à d'autres C2s sur les ports 9966 et 8936. Talos ont également découvert plusieurs machines virtuelles de test, y compris 45,87.153.79 et45.95.11.52, utilisé pour valider les infections de lune. & Nbsp;Moonpeak Rat modifie le code source Xenorat d'origine en modifiant l'espace de noms du client de "Xeno Rat Client" en "CMDLINE".Ce changement empêche Moonpeak de se connecter aux serveurs Xenorat C2 prêts à l'emploi et garantit que tous les implants non autorisés ou voyous ne peuvent pas se connecter à leurs serveurs de lune personnalisés. & Nbsp; Télécharger

téléchargement & nbsp;(Vous pouvez m'envoyer un e-mail si vousBesoin du schéma de mot de passe) Informations sur le fichier ├── moonpeak powershell │ & nbsp;& nbsp; ├── gzcompress ps1 27202534cc03a398308475146f6710b790aa31361931d4fe1b495c31c3ed54f7 ps1 & nbsp; │ & nbsp;& n]]> 2024-09-02T12:02:09+00:00 https://contagiodump.blogspot.com/2024/09/2024-08-21-moonpeak-malware-from-north.html www.secnews.physaphae.fr/article.php?IdArticle=8568596 False Malware,Threat,Cloud None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite 2 septembre & # 8211;Rapport de renseignement sur les menaces 2nd September – Threat Intelligence Report Pour les dernières découvertes en cyberLes meilleures attaques et violations Patelco Credit Union, basée en Californie, ont confirmé qu'une violation de données à la suite d'une attaque de ransomwares a entraîné l'exposition d'informations personnelles sensibles à 726k et employés.Les données compromises comprennent des noms, [& # 8230;]

>For the latest discoveries in cyber research for the week of 26th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES California-based Patelco Credit Union has confirmed a data breach following a ransomware attack resulted in the exposure of sensitive personal information belongs to 726K clients and employees. The compromised data includes names, […] ]]> 2024-09-02T10:58:51+00:00 https://research.checkpoint.com/2024/2nd-september-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8568479 False Ransomware,Data Breach,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Packages NPM malveillants imitant \\ 'noblox.js \\' compromiser les développeurs Roblox \\ ' Malicious npm Packages Mimicking \\'noblox.js\\' Compromise Roblox Developers\\' Systems Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular \'noblox.js\' library, attackers have published dozens of packages designed to steal sensitive data and compromise systems," Checkmarx]]> 2024-09-02T09:06:00+00:00 https://thehackernews.com/2024/09/malicious-npm-packages-mimicking.html www.secnews.physaphae.fr/article.php?IdArticle=8568330 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates nord-coréens déploient Fudmodule Rootkit via Chrome Zero-Day Exploit North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.]]> 2024-08-31T21:05:00+00:00 https://thehackernews.com/2024/08/north-korean-hackers-deploy-fudmodule.html www.secnews.physaphae.fr/article.php?IdArticle=8567555 False Vulnerability,Threat None 2.0000000000000000 UnderNews - Site de news "pirate" francais Journée internationale des femmes dans la cyber – 1er septembre A l’occasion de la Journée internationale des femmes dans le cyberespace, le 1er septembre, voici ci-dessous les commentaires de Mandy Andress, RSSI d'Elastic : " Avec la prolifération des menaces et l'apparition de nouvelles tactiques, le secteur a besoin de perspectives différentes pour adopter une approche à la fois diversifiée et nuancée en matière de […] The post Journée internationale des femmes dans la cyber – 1er septembre first appeared on UnderNews.]]> 2024-08-31T16:32:06+00:00 https://www.undernews.fr/culture-web-emploi/evenements/journee-internationale-des-femmes-dans-la-cyber-1er-septembre.html www.secnews.physaphae.fr/article.php?IdArticle=8567580 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Vérifier le point, Cisco boost les investissements AI avec les dernières offres Check Point, Cisco Boost AI Investments With Latest Deals Cisco\'s deal to acquire Robust Intelligence will make it possible to use red-team algorithms to assess risk in AI models and applications, while Check Point\'s acquisition of Cyberint will add threat intelligence to its SOC platform.]]> 2024-08-30T22:11:11+00:00 https://www.darkreading.com/cyber-risk/check-point-cisco-boost-ai-investments-with-latest-deals www.secnews.physaphae.fr/article.php?IdArticle=8566820 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) BlackByte mélange les métiers éprouvés avec des vulnérabilités nouvellement divulguées pour soutenir les attaques en cours BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks 2024-08-30T21:42:07+00:00 https://community.riskiq.com/article/e86776e6 www.secnews.physaphae.fr/article.php?IdArticle=8567143 False Ransomware,Malware,Tool,Vulnerability,Threat,Commercial None 2.0000000000000000 Recorded Future - FLux Recorded Future Des pirates nord-coréens présumés ont ciblé l'industrie cryptographique avec Chromium Zero-Day Suspected North Korean hackers targeted crypto industry with Chromium zero-day 2024-08-30T19:36:48+00:00 https://therecord.media/suspected-north-korean-hackers-crypto-chromium-zero-day www.secnews.physaphae.fr/article.php?IdArticle=8567065 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les cyberattaques exploitent les feuilles de Google pour le contrôle des logiciels malveillants dans la campagne d'espionnage mondiale Cyberattackers Exploit Google Sheets for Malware Control in Global Espionage Campaign Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that\'s equipped to]]> 2024-08-30T18:34:00+00:00 https://thehackernews.com/2024/08/cyberattackers-exploit-google-sheets.html www.secnews.physaphae.fr/article.php?IdArticle=8566881 False Malware,Tool,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) La mise à jour de l'outil d'attaque altère les ordinateurs Windows Attack tool update impairs Windows computers 2024-08-30T17:29:23+00:00 https://community.riskiq.com/article/659b9ae2 www.secnews.physaphae.fr/article.php?IdArticle=8567036 False Ransomware,Malware,Tool,Threat,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates iraniens ont mis en place un nouveau réseau pour cibler les campagnes politiques américaines Iranian Hackers Set Up New Network to Target U.S. Political Campaigns Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future\'s Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly]]> 2024-08-30T16:45:00+00:00 https://thehackernews.com/2024/08/iranian-hackers-set-up-new-network-to.html www.secnews.physaphae.fr/article.php?IdArticle=8566822 False Threat APT 35,APT 42 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Infrastructure critique sous attaque, comme les agences américaines sont une alarme contre la cyber-menace des groupes liés à l'Iran Critical infrastructure under attack, as US agencies sound alarm on cyber threat from Iranian-linked groups U.S.Les agences ont publié un conseil en cybersécurité alertant les organisations d'infrastructures critiques sur les cyber-acteurs, identifiées dans le secteur privé ...

>U.S. agencies issued a cybersecurity advisory alerting critical infrastructure organizations about cyber actors, identified in the private sector... ]]> 2024-08-30T16:40:04+00:00 https://industrialcyber.co/cisa/critical-infrastructure-under-attack-as-us-agencies-sound-alarm-on-cyber-threat-from-iranian-linked-groups/ www.secnews.physaphae.fr/article.php?IdArticle=8566973 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial CISA, FBI, Partners publie un avis conjoint sur RansomHub Ransomware menace pour les secteurs d'infrastructure critiques CISA, FBI, partners issue joint advisory on RansomHub ransomware threat to critical infrastructure sectors L'Agence américaine de sécurité de cybersécurité et d'infrastructure (CISA), en partenariat avec le Federal Bureau of Investigation (FBI), multi-États ...

>The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the Federal Bureau of Investigation (FBI), Multi-State... ]]> 2024-08-30T16:31:56+00:00 https://industrialcyber.co/ransomware/cisa-fbi-partners-issue-joint-advisory-on-ransomhub-ransomware-threat-to-critical-infrastructure-sectors/ www.secnews.physaphae.fr/article.php?IdArticle=8566975 False Ransomware,Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les nouveaux logiciels malveillants se sont masqués comme Palo Alto VPN ciblant les utilisateurs du Moyen-Orient New Malware Masquerades as Palo Alto VPN Targeting Middle East Users Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool. "The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to]]> 2024-08-30T15:50:00+00:00 https://thehackernews.com/2024/08/new-malware-masquerades-as-palo-alto.html www.secnews.physaphae.fr/article.php?IdArticle=8566793 False Malware,Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Microsoft Sway a maltraité dans une campagne de phishing du code QR massive Microsoft Sway abused in massive QR code phishing campaign 2024-08-30T15:23:59+00:00 https://community.riskiq.com/article/d4255ad5 www.secnews.physaphae.fr/article.php?IdArticle=8566972 False Threat,Mobile,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Débartière AD CS Vulnérabilités: Aperçu des professionnels de l'INFOSEC Breaking Down AD CS Vulnerabilities: Insights for InfoSec Professionals The most dangerous vulnerability you\'ve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of]]> 2024-08-30T15:09:00+00:00 https://thehackernews.com/2024/08/breaking-down-ad-cs-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8566762 False Vulnerability,Threat None 3.0000000000000000 HackRead - Chercher Cyber APT29 russe à l'aide d'exploits de style groupe NSO dans les attaques, Google Russian APT29 Using NSO Group-Style Exploits in Attacks, Google Google\'s Threat Analysis Group (TAG) has exposed a new campaign by Russian state-backed APT29, also known as Cozy…]]> 2024-08-30T13:26:41+00:00 https://hackread.com/google-russian-apt29-nso-group-exploits-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8566880 False Threat APT 29 2.0000000000000000