This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T06:46:12+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What happens when cybercriminals no longer need deep skills to breach your defenses? Today\'s attackers are armed with powerful tools that do the heavy lifting - from AI-powered phishing kits to large botnets ready to strike. And they\'re not just after big corporations. Anyone can be a target when fake identities, hijacked infrastructure, and insider tricks are used to slip past security]]> 2025-04-28T17:48:00+00:00 https://thehackernews.com/2025/04/weekly-recap-critical-sap-exploit-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8669011 False Tool,Threat None 2.0000000000000000 HackRead - Chercher Cyber BreachForums posts a PGP-signed message explaining the sudden April 2025 shutdown. Admins cite MyBB 0day vulnerability impacting the…]]> 2025-04-28T17:47:14+00:00 https://hackread.com/breachforums-displays-message-shutdown-mybb-0day-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8669101 False Vulnerability,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur L'unité de réponse aux menaces de l'Esentire (TRU) début mars 2025, une cyberattaque sophistiquée tirant parti des logiciels malveillants socgholis, également connus sous le nom de FakeUpdates, a été découvert de ciblage des réseaux d'entreprise. Cette attaque, orchestrée par des affiliés du groupe RansomHub-A Ransomware-As-A-Service (RAAS) émergeant en 2024, démontrent une approche calculée pour infiltrer des organisations de haut niveau. Les logiciels malveillants socgholish en tant que vecteur initial RansomHub commercialisent son illicite […]

---

>The eSentire\'s Threat Response Unit (TRU) in early March 2025, a sophisticated cyberattack leveraging SocGholish malware, also known as FakeUpdates, was uncovered targeting corporate networks. This attack, orchestrated by affiliates of RansomHub-a notorious Ransomware-as-a-Service (RaaS) group emerging in 2024-demonstrates a calculated approach to infiltrate high-profile organizations. SocGholish Malware as Initial Vector RansomHub markets its illicit […] ]]> 2025-04-28T17:27:20+00:00 https://gbhackers.com/ransomhub-ransomware-deploys-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8669103 False Ransomware,Malware,Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Le système de chasse aux menaces du laboratoire NSFOCUS FUIY \\ a identifié 19 campagnes d'attaque de menace persistante avancées (APT) sophistiquées, ciblant principalement les régions à travers l'Asie du Sud, l'Asie de l'Est, l'Europe de l'Est et l'Amérique du Sud. Ces incursions ont mis en évidence une continuation d'activités de cyber-espionnage ciblées et de sabotage, se concentrant principalement sur les agences gouvernementales, les infrastructures critiques et les secteurs industriels de premier plan par le biais d'un […]

---

>The NSFOCUS Fuying Laboratory\'s global threat hunting system identified 19 sophisticated Advanced Persistent Threat (APT) attack campaigns, predominantly targeting regions across South Asia, East Asia, Eastern Europe, and South America. These incursions highlighted a continuation of targeted cyber espionage and sabotage activities, primarily focusing on government agencies, critical infrastructure, and prominent industry sectors through a […] ]]> 2025-04-28T17:19:53+00:00 https://gbhackers.com/19-apt-hackers-target-asia-based-company-servers/ www.secnews.physaphae.fr/article.php?IdArticle=8669104 False Vulnerability,Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Les chercheurs en cybersécurité du groupe Intel du rapport DFIR ont découvert un répertoire ouvert hébergé au 194.48.154.79:80, qui serait exploité par une affiliée du groupe de ransomware FOG, qui a émergé à la mi-2024. Ce serveur accessible au public a révélé un arsenal sophistiqué d'outils et de scripts adaptés à la reconnaissance, à l'exploitation, au vol d'identification, au mouvement latéral et à la persistance. Le […]

---

>Cybersecurity researchers from The DFIR Report\'s Threat Intel Group uncovered an open directory hosted at 194.48.154.79:80, believed to be operated by an affiliate of the Fog ransomware group, which emerged in mid-2024. This publicly accessible server revealed a sophisticated arsenal of tools and scripts tailored for reconnaissance, exploitation, credential theft, lateral movement, and persistence. The […] ]]> 2025-04-28T17:02:21+00:00 https://gbhackers.com/fog-ransomware-reveals-active-directory-exploitation/ www.secnews.physaphae.fr/article.php?IdArticle=8669079 False Ransomware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Un Troie (RAT) à l'accès à distance (RAT) nouvellement analysé est devenu une menace de cybersécurité significative, utilisant la discorde comme sa plate-forme de commande et de contrôle (C2). Déguisée en un script bénin, ce logiciel malveillant transforme l'outil de communication populaire en un centre pour des opérations malveillantes, permettant aux attaquants de contrôler à distance les systèmes infectés par une facilité alarmante. En exploitant le trafic crypté de Discord \\ […]

---

>A newly analyzed Python-based Remote Access Trojan (RAT) has emerged as a significant cybersecurity threat, utilizing Discord as its command-and-control (C2) platform. Disguised as a benign script, this malware transforms the popular communication tool into a hub for malicious operations, allowing attackers to remotely control infected systems with alarming ease. By exploiting Discord\'s encrypted traffic […] ]]> 2025-04-28T16:46:30+00:00 https://gbhackers.com/python-based-discord-rat-enables-remote-control-and-disruption/ www.secnews.physaphae.fr/article.php?IdArticle=8669080 False Malware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Une nouvelle cyber-menace, surnommée Hannibal Stealer, a fait surface comme une variante rebaptisée et fissurée des voleurs nets et tx, initialement promus par le groupe d'ingénierie inversé \\ 'llcppc_reverse. \' développé en C # et en levant le cadre .NET, ce logiciel malveillant de l'information présente un risque significatif en ciblant un large éventail de données sensibles. Hannibal Stealer se concentre […]

---

>A new cyber threat, dubbed Hannibal Stealer, has surfaced as a rebranded and cracked variant of the Sharp and TX stealers, originally promoted by the reverse engineering group \'llcppc_reverse.\' Developed in C# and leveraging the .NET Framework, this information-stealing malware poses a significant risk by targeting a wide array of sensitive data. Hannibal Stealer focuses […] ]]> 2025-04-28T15:35:39+00:00 https://gbhackers.com/hannibal-stealer-cracked-variant-of-sharp-and-tx-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8669057 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government and telecommunications sectors in Southeast Asia have become the target of a "sophisticated" campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024. The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the]]> 2025-04-28T14:37:00+00:00 https://thehackernews.com/2025/04/earth-kurma-targets-southeast-asia-with.html www.secnews.physaphae.fr/article.php?IdArticle=8668906 False Malware,Tool,Threat,Prediction,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Attackers are leveraging the benefits of new technology and the availability of commodity tools, credentials, and other resources to develop sophisticated attacks more quickly than ever, putting defenders on their heels.]]> 2025-04-28T14:20:12+00:00 https://www.darkreading.com/remote-workforce/ai-automation-dark-web-fuel-evolving-threat-landscape www.secnews.physaphae.fr/article.php?IdArticle=8669034 False Tool,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Revues de produits

---

Bugcrowd Launches the Industry\'s First Crowdsourced Red Team as a Service - A Scalable, Intelligence-Led Offense Against Today\'s Threats and Preparedness for Zero Day Attacks Bugcrowd Redefines Red Teaming offering with crowdsourced scale, delivering real-world attack simulations to test an organization\'s readiness in the event of an attack - Product Reviews]]> 2025-04-28T13:32:31+00:00 https://www.globalsecuritymag.fr/bugcrowd-launches-the-industry-s-first-crowdsourced-red-team-as-a-service.html www.secnews.physaphae.fr/article.php?IdArticle=8669004 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2025-04-28T13:29:27+00:00 https://www.globalsecuritymag.fr/ibm-propose-des-systemes-de-securite-autonomes-dotes-d-une-ia-agentique-de.html www.secnews.physaphae.fr/article.php?IdArticle=8669005 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur SAP a révélé une vulnérabilité critique de zéro-jour, identifiée comme CVE-2025-31324, dans son composant de compositeur visuel NetWeaver. Cette vulnérabilité, avec un score de gravité CVSSV3 maximal de 10,0, découle d'un contrôle d'autorisation manquant dans le module de téléchargeur de métadonnées de Visual Composer. Lorsqu'il est exploité, il permet aux attaquants non authentifiés de télécharger des fichiers malveillants arbitraires via des demandes de poste spécialement conçues à […]

---

>SAP disclosed a critical zero-day vulnerability, identified as CVE-2025-31324, in its NetWeaver Visual Composer component. This vulnerability, with a maximum CVSSv3 severity score of 10.0, stems from a missing authorization check within the Metadata Uploader module of Visual Composer. When exploited, it allows unauthenticated attackers to upload arbitrary malicious files via specially crafted POST requests to […] ]]> 2025-04-28T13:23:37+00:00 https://gbhackers.com/sap-netweaver-0-day-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8669012 False Vulnerability,Threat None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Nous sommes fiers d'annoncer que Check Point CloudGuard a été nommé lauréat du Silver Stevie Award dans la catégorie de la meilleure solution de sécurité cloud aux American Business Awards 2025! Cette reconnaissance prestigieuse reflète l'impact de CloudGuard \\ pour permettre une protection sécurisée, évolutive et automatisée dans des environnements de cloud complexes. Dans une année où l'IA et l'hyperconnectivité redéfinissent le paysage des menaces, CloudGuard s'est démarqué de son puissant mélange de prévention des menaces, de gestion de la posture et de visibilité en temps réel. Le projet de comparaison des WAF a évalué les WAFS de premier plan et a constaté que le point de contrôle CloudGuard WAF a le taux de sécurité le plus élevé qui a 99,368% américain, et le plus bas faux […]

---

>We\'re proud to announce that Check Point CloudGuard has been named a Silver Stevie Award winner in the Best Cloud Security Solution category at the 2025 American Business Awards! This prestigious recognition reflects CloudGuard\'s impact in enabling secure, scalable, and automated protection across complex cloud environments. In a year when AI and hyperconnectivity are redefining the threat landscape, CloudGuard stood out for its powerful blend of threat prevention, posture management, and real-time visibility. The WAF Comparison Project evaluated leading WAFs and found that Check Point CloudGuard WAF has the highest security rate of that has us 99.368%, and lowest false […] ]]> 2025-04-28T13:00:58+00:00 https://blog.checkpoint.com/company-and-culture/check-point-cloudguard-waf-wins-american-business-award-for-cyber-security/ www.secnews.physaphae.fr/article.php?IdArticle=8669003 False Threat,Cloud None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine According to the 2025 Global Threat Landscape Report from FortiGuard, threat actors are executing 36,000 scans per second]]> 2025-04-28T13:00:00+00:00 https://www.infosecurity-magazine.com/news/increase-automated-scanning/ www.secnews.physaphae.fr/article.php?IdArticle=8668986 False Threat None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Read into how the adversary advantage is accelerating, which means organizations must change how they measure and manage risk.]]> 2025-04-28T13:00:00+00:00 https://www.fortinet.com/blog/threat-research/key-takeaways-from-the-2025-global-threat-landscape-report www.secnews.physaphae.fr/article.php?IdArticle=8669030 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed exploiting two newly disclosed critical security flaws in Craft CMS in zero-day attacks to breach servers and gain unauthorized access. The attacks, first observed by Orange Cyberdefense SensePost on February 14, 2025, involve chaining the below vulnerabilities - CVE-2024-58136 (CVSS score: 9.0) - An improper protection of alternate path flaw in the Yii PHP]]> 2025-04-28T12:43:00+00:00 https://thehackernews.com/2025/04/hackers-exploit-critical-craft-cms.html www.secnews.physaphae.fr/article.php?IdArticle=8668855 False Vulnerability,Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Center for Strategic & International Studies (CSIS) has released the 2025 Space Threat Assessment, noting that the... ]]> 2025-04-28T12:29:04+00:00 https://industrialcyber.co/reports/csis-2025-space-threat-assessment-cyberattacks-on-space-systems-persist-tracking-harder-amid-infrastructure-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8668984 False Threat,Studies None 2.0000000000000000 ProofPoint - Cyber Firms 2025-04-28T11:03:18+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-french-bec-threat-actor-targets-property-payments www.secnews.physaphae.fr/article.php?IdArticle=8669268 False Malware,Threat None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Obtenir le rapport La sensibilisation à la cyber-résilience s'améliore et renforce la confiance Ces nombres profonds surprenants suggèrent que la cybersécurité ne peut plus fonctionner dans un silo. Entrez le besoin de cyber-résilience et d'alignement avec la section d'activité. La cyber-résilience oblige toute l'organisation à fusionner en cas d'incident imprévu ayant un impact sur la succession informatique. Notre comparaison d'une année à l'autre des données concernant l'efficacité, la compréhension et la préparation de la cyber-résilience montre une amélioration, mais avec une majorité (55%) citant la cyber-résilience comme une priorité d'organisation entière. . Construisez une culture proactive Un point culminant de notre recherche en 2025 a révélé cinq caractéristiques communes des organisations cyber-résilientes et comment elles sont capables d'équilibrer l'innovation et les risques en raison de leur approche de la cybersécurité. Les organisations cyber-résilientes sont alignées sur le secteur des affaires et ses quelques objectifs critiques, ils font de la planification de la réponse aux incidents une priorité, et ils s'engagent avec des conseillers tiers de confiance pour la renseignement des menaces ainsi que des services de cybersécurité plus larges. Lisez le rapport Futures de niveau 2025 pour en savoir plus sur les caractéristiques des organisations cyber-résilientes et déterminer comment votre organisation se réalise dans la quête pour être cyber-résiliente. Vers le rapport à terme de niveau 2025 Cette recherche fondamentale est conçue pour commencer ou poursuivre la conversation dans des organisations de tous types concernant la]]> 2025-04-28T11:00:00+00:00 https://levelblue.com/blogs/security-essentials/2025-cyber-resilience-research-discovers-speed-of-ai-advancing-emerging-attack-types www.secnews.physaphae.fr/article.php?IdArticle=8668923 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2025-04-28T10:28:31+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/proofpoint-innovations-simplify-your-operations www.secnews.physaphae.fr/article.php?IdArticle=8669266 False Tool,Threat None 3.0000000000000000 IT Security Guru - Blog Sécurité New research by Logicalis reveals that CIOs are struggling to derive value from security investments amid changing threat landscape. According to its annual CIO Report, which surveyed 1,000 global IT leaders, more than half say their security patch systems have become too complex to manage effectively. The top concerns for CIOs include malware and ransomware […] ]]> 2025-04-28T10:18:33+00:00 https://www.itsecurityguru.org/2025/04/28/cios-say-security-systems-not-delivering-value-for-money-too-complex-to-manage/?utm_source=rss&utm_medium=rss&utm_campaign=cios-say-security-systems-not-delivering-value-for-money-too-complex-to-manage www.secnews.physaphae.fr/article.php?IdArticle=8669248 False Ransomware,Malware,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine An ISACA survey found that just 5% of organizations have a defined strategy to defend against quantum-enabled threats]]> 2025-04-28T10:00:00+00:00 https://www.infosecurity-magazine.com/news/isaca-lack-quantum-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8668902 False Threat None 2.0000000000000000 IT Security Guru - Blog Sécurité Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024\'s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee\'s answers are […] ]]> 2025-04-28T09:22:53+00:00 https://www.itsecurityguru.org/2025/04/28/miwic25-caroline-kamper-strategic-cyber-threat-intelligence-analyst-secalliance/?utm_source=rss&utm_medium=rss&utm_campaign=miwic25-caroline-kamper-strategic-cyber-threat-intelligence-analyst-secalliance www.secnews.physaphae.fr/article.php?IdArticle=8669249 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux

---

VIPRE\'s Q1 2025 Email Threat Analysis Reveals Cybercriminals Are Having More Success with Low-Tech, Human-Centric Attacks Callback scams vie for top phishing vector position, SVG image files bypass defenses, and XRed is the malware family of the quarter - Special Reports]]> 2025-04-28T09:15:07+00:00 https://www.globalsecuritymag.fr/vipre-s-q1-2025-email-threat-analysis-reveals-cybercriminals-are-having-more.html www.secnews.physaphae.fr/article.php?IdArticle=8668905 False Malware,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The US authorities have asked the public to help them unmask China\'s Salt Typhoon threat actors]]> 2025-04-28T09:15:00+00:00 https://www.infosecurity-magazine.com/news/fbi-help-tracking-chinese-salt/ www.secnews.physaphae.fr/article.php?IdArticle=8668903 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Une vulnérabilité sévère-jour a été découverte dans plusieurs modèles de modem satellite Viasat, y compris les RM4100, RM4200, EM4100, RM5110, RM5111, RG1000, RG1100, EG1000 et EG1020. Identifiée par OneKey Research Lab à travers une analyse statique binaire automatisée, le défaut, suivi comme CVE-2024-6198, affecte l'interface Web «Snore» fonctionnant sur LightTPD sur les ports TCP 3030 et 9882. Avec […]

---

>A severe zero-day vulnerability has been uncovered in multiple Viasat satellite modem models, including the RM4100, RM4200, EM4100, RM5110, RM5111, RG1000, RG1100, EG1000, and EG1020. Identified by ONEKEY Research Lab through automated binary static analysis, the flaw, tracked as CVE-2024-6198, affects the “SNORE” web interface running on lighttpd over TCP ports 3030 and 9882. With […] ]]> 2025-04-28T08:22:27+00:00 https://gbhackers.com/viasat-modems-zero-day-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8668879 False Vulnerability,Threat None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyber recherche pour la semaine du 28 avril, veuillez télécharger notre bulletin de renseignement sur les menaces. Les meilleures attaques et violations des détaillants britanniques Marks & Spencer (M&S) (M&S) ont connu une cyber-attaque qui a provoqué des perturbations de son système de commande en ligne et des paiements sans contact en magasin. L'entreprise a suspendu temporairement les commandes en ligne, a remboursé certains clients et a signalé […]

---

>For the latest discoveries in cyber research for the week of 28th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES British retailer Marks & Spencer (M&S) experienced a cyber-attack that caused disruptions to its online order system and in-store contactless payments. The company suspended online orders temporarily, refunded some customers, and reported […] ]]> 2025-04-28T08:08:29+00:00 https://research.checkpoint.com/2025/28th-april-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8668894 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Les cybercriminels ont commencé à commercialiser ouvertement une nouvelle variante puissante du malware Hiddenmin, des forums Web souterrains de Dark, alarmes au sein de la communauté de la cybersécurité. Le malware, un mineur de crypto-monnaie Monero (XMR) très modifié, attire les acheteurs en raison de ses capacités furtives avancées et de sa facilité d'utilisation, même pour des acteurs de menace moins qualifiés. Une nouvelle race […]

---

>Cybercriminals have begun openly marketing a powerful new variant of the HiddenMiner malware on underground dark web forums, raising alarms within the cybersecurity community. The malware, a heavily modified Monero (XMR) cryptocurrency miner, attracts buyers due to its advanced stealth capabilities and ease of use, even for less technically skilled threat actors. A New Breed […] ]]> 2025-04-28T05:46:32+00:00 https://gbhackers.com/cybercriminals-selling-sophisticated-hiddenminer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8668814 False Malware,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Jeffrey Bowie, PDG d'une entreprise locale de cybersécurité, a été arrêté pour avoir prétendument placé des logiciels malveillants sur des ordinateurs à l'hôpital SSM St. Anthony. Bowie, qui s'est jusqu'à récemment présenté en tant que chef de file dans la protection des entreprises contre les cybermenaces, fait maintenant face à des accusations qu'il est devenu la menace même qu'il a promis d'empêcher. La police a déclaré que l'incident […]

---

>Jeffrey Bowie, the CEO of a local cybersecurity firm, has been arrested for allegedly planting malware on computers at SSM St. Anthony Hospital. Bowie, who until recently touted himself as a leader in protecting businesses from cyber threats, now faces charges that he became the very threat he promised to prevent. Police say the incident […] ]]> 2025-04-28T05:07:10+00:00 https://gbhackers.com/cybersecurity-firm-ceo-arrested/ www.secnews.physaphae.fr/article.php?IdArticle=8668797 False Malware,Threat,Legislation None 3.0000000000000000 ProofPoint - Cyber Firms 2025-04-28T04:43:44+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/prime-expanded-defenses-todays-evolving-threats www.secnews.physaphae.fr/article.php?IdArticle=8669269 False Spam,Tool,Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year. "The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors," the Microsoft Threat Intelligence team said in an analysis. The tech giant noted that]]> 2025-04-27T10:32:00+00:00 https://thehackernews.com/2025/04/storm-1977-hits-education-clouds-with.html www.secnews.physaphae.fr/article.php?IdArticle=8668420 False Tool,Threat,Cloud None 3.0000000000000000 GB Hacker - Blog de reverseur La médecine légale numérique est devenue la pierre angulaire des stratégies de cybersécurité modernes, allant au-delà de son rôle traditionnel de l'investigation post-incidence pour devenir un mécanisme de défense proactif essentiel. Les organisations sont aujourd'hui confrontées à un paysage de menaces en constante expansion, les attaquants utilisant des tactiques de plus en plus sophistiquées pour violer les défenses et compromettre les données sensibles. Dans cet environnement, la criminalistique numérique fournit la base technique de […]

---

>Digital forensics has become a cornerstone of modern cybersecurity strategies, moving beyond its traditional role of post-incident investigation to become an essential proactive defense mechanism. Organizations today face an ever-expanding threat landscape, with attackers employing increasingly sophisticated tactics to breach defenses and compromise sensitive data. In this environment, digital forensics provides the technical foundation for […] ]]> 2025-04-27T09:31:15+00:00 https://gbhackers.com/how-to-use-digital-forensics-to-strengthen-your-organizations-cybersecurity-posture/ www.secnews.physaphae.fr/article.php?IdArticle=8668495 False Threat,Technical None 3.0000000000000000 Intigrity - Blog NoSQL injections are relatively easier to exploit than classic SQL injections. However, developers often overlook these vulnerabilities, mainly due to limited awareness. Additionally, false beliefs among software engineers that NoSQL databases inherently resist injection attacks further increase the likelihood of discovering NoSQLi vulnerabilities. In this article, we will dive…]]> 2025-04-27T00:00:00+00:00 https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-nosql-injection-nosqli-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=8668569 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed the activities of an initial access broker (IAB) dubbed ToyMaker that has been observed handing over access to double extortion ransomware gangs like CACTUS. The IAB has been assessed with medium confidence to be a financially motivated threat actor, scanning for vulnerable systems and deploying a custom malware called LAGTOY (aka HOLERUN). "LAGTOY can be]]> 2025-04-26T16:08:00+00:00 https://thehackernews.com/2025/04/toymaker-uses-lagtoy-to-sell-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8668080 False Ransomware,Malware,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur AI-generated medical scams across TikTok and Instagram, where deepfake avatars pose as healthcare professionals to promote unverified supplements and treatments. These synthetic “doctors” exploit public trust in the medical field, often directing users to purchase products with exaggerated or entirely fabricated health claims. With advancements in generative AI making deepfakes increasingly accessible, experts warn that […] ]]> 2025-04-26T14:57:37+00:00 https://gbhackers.com/new-ai-generated-tikdocs-exploits-trust-in-the-medical-profession/ www.secnews.physaphae.fr/article.php?IdArticle=8668160 False Threat,Medical None 3.0000000000000000 GB Hacker - Blog de reverseur Le paysage de la cybersécurité est confronté à une crise croissante alors que Ageoster se joint aux rangs des infosteaux avancés ciblant les communautés mondiales de jeux. Documé dans le rapport Global Threat Intelligence de Flashpoint \\ en 2025, cette souche malveillante exploite les amateurs de jeux \\ 'Trust via des canaux de distribution socialement modifiés, tirant parti de cryptage à double couche, d'évasion de bac à sable et d'exfiltration de données en temps réel pour compromettre les informations d'identification à grande échelle. Avec les infostelleurs […]

---

>The cybersecurity landscape faces an escalating crisis as AgeoStealer joins the ranks of advanced infostealers targeting global gaming communities. Documented in Flashpoint\'s 2025 Global Threat Intelligence Report, this malware strain exploits gaming enthusiasts\' trust through socially engineered distribution channels, leveraging double-layered encryption, sandbox evasion, and real-time data exfiltration to compromise credentials at scale. With infostealers […] ]]> 2025-04-26T12:58:06+00:00 https://gbhackers.com/new-attack-targets-gamers-to-deploy-ageostealer-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8668121 False Malware,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Dans le monde en constante évolution de la cybersécurité, les organisations doivent continuellement adapter leurs stratégies de défense pour rester en avance sur des menaces de plus en plus sophistiquées. L'un des moyens les plus efficaces d'identifier et d'atténuer les vulnérabilités est par le biais de tests de pénétration, une approche proactive qui simule les attaques du monde réel pour découvrir les faiblesses avant que les acteurs malveillants puissent les exploiter. Cependant, l'efficacité de […]

---

>In the ever-evolving world of cybersecurity, organizations must continuously adapt their defense strategies to stay ahead of increasingly sophisticated threats. One of the most effective ways to identify and mitigate vulnerabilities is through penetration testing, a proactive approach that simulates real-world attacks to uncover weaknesses before malicious actors can exploit them. However, the effectiveness of […] ]]> 2025-04-26T10:46:46+00:00 https://gbhackers.com/xdr-mdr-and-edr/ www.secnews.physaphae.fr/article.php?IdArticle=8668082 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process. "In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry-BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)-to spread]]> 2025-04-25T19:35:00+00:00 https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html www.secnews.physaphae.fr/article.php?IdArticle=8667699 False Malware,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les chercheurs de l'unité de contre-menace SecureWorks (CTU) ont découvert des stratégies innovantes déployées par les opérateurs de ransomwares Dragonforce et Anubis en 2025. Ces groupes s'adaptent aux pressions d'application de la loi avec de nouveaux modèles d'affiliation conçus pour maximiser les bénéfices et étendre leur portée, montrent la résilience et l'ingéniosité des cybercriminaux modernes dans le sous-sol pour les énoncés. Dragonforce Pioneers a distribué […]

---

>Secureworks Counter Threat Unit (CTU) researchers have uncovered innovative strategies deployed by the DragonForce and Anubis ransomware operators in 2025. These groups are adapting to law enforcement pressures with novel affiliate models designed to maximize profits and expand their reach, showcasing the resilience and ingenuity of modern cybercriminals in underground forums. DragonForce Pioneers a Distributed […] ]]> 2025-04-25T17:58:59+00:00 https://gbhackers.com/dragonforce-and-anubis-ransomware-gangs/ www.secnews.physaphae.fr/article.php?IdArticle=8667765 False Ransomware,Threat,Legislation None 3.0000000000000000 GB Hacker - Blog de reverseur Silent Push Threat Analysts have uncovered a widespread phishing and scam operation dubbed “Power Parasites,” targeting prominent energy companies and major global brands across multiple sectors in 2024. This campaign, active primarily in Asian countries such as Bangladesh, Nepal, and India, leverages a sophisticated network of deceptive websites, social media platforms, and Telegram channels to […] ]]> 2025-04-25T17:53:55+00:00 https://gbhackers.com/power-parasites-phishing-campaign-targets-energy-firms/ www.secnews.physaphae.fr/article.php?IdArticle=8667766 False Threat None 4.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les chercheurs attribuent les attaques à un courtier d'accès initial qui exploite la vulnérabilité critique 10.0.

---

>Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability. ]]> 2025-04-25T17:51:21+00:00 https://cyberscoop.com/sap-netweaver-zero-day-exploit-cve-2025-31324/ www.secnews.physaphae.fr/article.php?IdArticle=8667764 False Vulnerability,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les chercheurs de l'unité 42 ont découvert une vague massive de phishing SMS ou de «smirs», d'activités ciblant les utilisateurs sans méfiance. Depuis l'avertissement initial du FBI en avril 2024, plus de 91 500 domaines racine associés à la smirs ont été identifiés et bloqués. Cependant, l'élan de cette activité malveillante s'est intensifiée en 2025, avec un pic stupéfiant de 26 328 […]

---

>Researchers from Unit 42 have uncovered a massive wave of SMS phishing, or “smishing,” activity targeting unsuspecting users. Since the FBI’s initial warning in April 2024, over 91,500 root domains associated with smishing have been identified and blocked. However, the momentum of this malicious activity has intensified in 2025, with a staggering peak of 26,328 […] ]]> 2025-04-25T17:50:26+00:00 https://gbhackers.com/threat-actors-register-over-26000-domains/ www.secnews.physaphae.fr/article.php?IdArticle=8667767 False Threat None 4.0000000000000000 GB Hacker - Blog de reverseur Le ministère néerlandais de la Défense a révélé que les infrastructures critiques, les processus démocratiques et les installations de la mer du Nord aux Pays-Bas sont devenus des points focaux pour les cyber-opérations russes. Ces attaques, identifiées comme faisant partie d'une stratégie coordonnée pour déstabiliser la cohésion sociale et compromettre la sécurité nationale à travers l'Europe, soulignent un paysage de menace numérique croissant. Un incident spécifique dans […]

---

>The Dutch Defense Ministry has revealed that critical infrastructure, democratic processes, and North Sea installations in the Netherlands have become focal points for Russian cyber operations. These attacks, identified as part of a coordinated strategy to destabilize social cohesion and compromise national security across Europe, underscore a growing digital threat landscape. A specific incident in […] ]]> 2025-04-25T17:41:10+00:00 https://gbhackers.com/russian-hackers-attempt-to-sabotage-digital-control-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8667768 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Les analystes de menaces de push silencieuses ont découvert une nouvelle campagne de cyberattaque effrayante orchestrée par le groupe de menace persistante avancée (APT) nord-coréen connue sous le nom d'interview contagieuse, également appelée célèbre Chollima, un sous-groupe du célèbre groupe Lazare. Cette entité parrainée par l'État a été impliquée dans de nombreux efforts de cyber-espionnage sophistiqués ciblant les industries mondiales, avec un […] particulier […]

---

>Silent Push Threat Analysts have uncovered a chilling new cyberattack campaign orchestrated by the North Korean Advanced Persistent Threat (APT) group known as Contagious Interview, also referred to as Famous Chollima, a subgroup of the notorious Lazarus group. This state-sponsored entity has been implicated in numerous sophisticated cyber-espionage efforts targeting global industries, with a particular […] ]]> 2025-04-25T17:34:28+00:00 https://gbhackers.com/north-korean-apt-hackers-pose-as-companies/ www.secnews.physaphae.fr/article.php?IdArticle=8667769 False Malware,Threat APT 38 3.0000000000000000 GB Hacker - Blog de reverseur Un rapport révolutionnaire d'Okta Threat Intelligence révèle comment les agents liés à la République de Corée du peuple démocrate, souvent appelé hackers nord-coréens, tirent parti de l'intelligence artificielle générative (Genai) pour infiltrer des rôles techniques à distance à travers le monde. Ces campagnes sophistiquées, surnommées des opérations de «travailleurs informatiques de la RPDC» ou de «Wagemole», utilisent des outils AI avancés pour […]

---

>A groundbreaking report from Okta Threat Intelligence reveals how operatives linked to the Democratic People\'s Republic of Korea (DPRK), often referred to as North Korean hackers, are leveraging Generative Artificial Intelligence (GenAI) to infiltrate remote technical roles across the globe. These sophisticated campaigns, dubbed “DPRK IT Workers” or “Wagemole” operations, utilize advanced AI tools to […] ]]> 2025-04-25T17:28:46+00:00 https://gbhackers.com/north-korean-hackers-exploit-genai/ www.secnews.physaphae.fr/article.php?IdArticle=8667770 False Tool,Threat,Technical None 3.0000000000000000 GB Hacker - Blog de reverseur La Thaïlande connaît une escalade importante dans les attaques de ransomwares, les groupes de menace persistante avancés (APT) avancés parrainés par l'État et les organisations cybercriminales se concentrant sur les principales industries à travers le pays. La poussée est soutenue par la position de la Thaïlande en tant que centre financier naissant en Asie du Sud-Est, ses alliances géopolitiques stratégiques, sa transformation numérique rapide et son rôle critique dans […]

---

>Thailand is experiencing a significant escalation in ransomware attacks, with both state-sponsored advanced persistent threat (APT) groups and cybercriminal organizations zeroing in on key industries across the country. The surge is underpinned by Thailand\'s position as a burgeoning financial hub in Southeast Asia, its strategic geopolitical alliances, rapid digital transformation, and its critical role in […] ]]> 2025-04-25T17:13:07+00:00 https://gbhackers.com/threat-actors-target-organizations-in-thailand/ www.secnews.physaphae.fr/article.php?IdArticle=8667771 False Ransomware,Threat None 2.0000000000000000 IT Security Guru - Blog Sécurité Check Point Software Technologies and Illumio have announced a strategic partnership aimed at helping organisations enhance their Zero Trust strategies and proactively contain cyber threats. The integration brings together Check Point\'s Infinity Platform, which includes Quantum Force firewalls, Infinity ThreatCloud AI, and AI-powered Security Management, with Illumio\'s Segmentation and Insights capabilities. The result is a […] ]]> 2025-04-25T16:33:44+00:00 https://www.itsecurityguru.org/2025/04/25/check-point-and-illumio-team-up-to-advance-zero-trust-with-unified-security-and-threat-prevention/?utm_source=rss&utm_medium=rss&utm_campaign=check-point-and-illumio-team-up-to-advance-zero-trust-with-unified-security-and-threat-prevention www.secnews.physaphae.fr/article.php?IdArticle=8668062 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution.  "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week. The cybersecurity]]> 2025-04-25T16:11:00+00:00 https://thehackernews.com/2025/04/sap-confirms-critical-netweaver-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8667608 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When we talk about identity in cybersecurity, most people think of usernames, passwords, and the occasional MFA prompt. But lurking beneath the surface is a growing threat that does not involve human credentials at all, as we witness the exponential growth of Non-Human Identities (NHIs).  At the top of mind when NHIs are mentioned, most security teams immediately think of Service Accounts.]]> 2025-04-25T16:00:00+00:00 https://thehackernews.com/2025/04/why-nhis-are-securitys-most-dangerous.html www.secnews.physaphae.fr/article.php?IdArticle=8667609 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. [...]]]> 2025-04-25T15:44:35+00:00 https://www.bleepingcomputer.com/news/security/craft-cms-rce-exploit-chain-used-in-zero-day-attacks-to-steal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8667814 False Vulnerability,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A maximum severity flaw affecting SAP NetWeaver has been exploited by threat actors]]> 2025-04-25T15:30:00+00:00 https://www.infosecurity-magazine.com/news/sap-fixes-critical-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8667728 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about a new malware called DslogdRAT that\'s installed following the exploitation of a now-patched security flaw in Ivanti Connect Secure (ICS). The malware, along with a web shell, were "installed by exploiting a zero-day vulnerability at that time, CVE-2025-0282, during attacks against organizations in Japan around December 2024," JPCERT/CC researcher Yuma]]> 2025-04-25T14:13:00+00:00 https://thehackernews.com/2025/04/dslogdrat-malware-deployed-via-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8667586 False Malware,Vulnerability,Threat,Industrial None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite À mesure que les menaces mobiles avancées deviennent plus répandues, il est crucial que les organisations comprennent que les appareils mobiles sont devenus des cibles importantes pour les cybercriminels. Avec la dépendance croissante à l'égard de la communication mobile et des travaux à distance des entreprises et des agences gouvernementales, les attaquants exploitent les logiciels espions, les schémas de phishing, les exploits en clic zéro et les menaces améliorées par l'IA pour accéder aux informations sensibles. Pour rester en sécurité, les organisations devraient adopter une position proactive en mettant en œuvre des stratégies Zero Trust Network Access (ZTNA), la prévention des menaces basée sur l'IA et la défense des menaces mobiles (MTD) pour protéger leurs ressources numériques. Certaines des principales préoccupations de sécurité pour les organisations concernant les appareils portables comme les smartphones, par opposition à […]

---

As advanced mobile threats become more prevalent, it’s crucial for organizations to understand that mobile devices have become significant targets for cyber criminals. With the growing reliance on mobile communication and remote work by both businesses and government agencies, attackers are exploiting spyware, phishing schemes, zero-click exploits, and AI-enhanced threats to access sensitive information. To remain secure, organizations should take a proactive stance by implementing zero trust network access (ZTNA), AI-based threat prevention, and mobile threat defense (MTD) strategies to safeguard their digital resources. Some of the leading security concerns for organizations regarding handheld devices like smartphones, as opposed to […] ]]> 2025-04-25T13:00:33+00:00 https://blog.checkpoint.com/securing-user-and-access/rising-mobile-threats-closing-the-security-gap-in-your-organizations-device-strategy/ www.secnews.physaphae.fr/article.php?IdArticle=8667676 False Threat,Mobile None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Get direct insights from Fortinet executives into how Fortinet is delivering on its long-term security strategy in a rapidly evolving threat landscape.]]> 2025-04-25T13:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/keynote-highlights-from-fortinet-accelerate25-berlin www.secnews.physaphae.fr/article.php?IdArticle=8667674 False Threat None 2.0000000000000000 SecurityWeek - Security News Avec plus de 12 000 violations analysées, le DBIR de cette année révèle un paysage façonné non seulement des menaces individuelles, mais par des économies entières de compromis.

---

>With over 12,000 breaches analyzed, this year\'s DBIR reveals a landscape shaped by not just individual threats, but by entire economies of compromise. ]]> 2025-04-25T12:43:37+00:00 https://www.securityweek.com/inside-the-verizon-2025-dbir-five-trends-that-signal-a-shift-in-the-cyber-threat-economy/ www.secnews.physaphae.fr/article.php?IdArticle=8667654 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Une fuite de données alarmante impliquant Microsoft Defender XDR a exposé plus de 1 700 documents sensibles de centaines d'organisations, après une réaction en chaîne déclenchée par une erreur de faux positive critique. Des chercheurs en sécurité à n'importe quoi.

---

>An alarming data leak involving Microsoft Defender XDR has exposed more than 1,700 sensitive documents from hundreds of organizations, following a chain reaction triggered by a critical false positive error. Security researchers at ANY.RUN first identified and reported the incident, highlighting major weaknesses in automated threat detection systems and the risks posed by user behaviors […] ]]> 2025-04-25T10:07:24+00:00 https://gbhackers.com/microsoft-defender-xdr-leaked-sensitive-documents/ www.secnews.physaphae.fr/article.php?IdArticle=8667589 False Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Security researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users: a phishing-as-a-service toolkit dubbed “SessionShark O365 2FA/MFA.” Promoted through cybercriminal marketplaces, SessionShark is designed to bypass Microsoft\'s multi-factor authentication (MFA) protections-an alarming escalation in the ongoing battle between defenders and cyber attackers. A Toolkit Purpose-Built to Evade 2FA and MFA According […] ]]> 2025-04-25T09:24:02+00:00 https://gbhackers.com/sessionshark-a-new-toolkit-bypasses-microsoft-office-365/ www.secnews.physaphae.fr/article.php?IdArticle=8667590 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Westexec Advisors a annoncé jeudi que Laura Galante, ancienne directrice du Cyber ​​Threat Intelligence Integration Center et ...

---

>WestExec Advisors announced on Thursday that Laura Galante, former Director of the Cyber Threat Intelligence Integration Center and... ]]> 2025-04-25T09:08:04+00:00 https://industrialcyber.co/news/laura-galante-joins-westexec-advisors-as-principal-bringing-cybersecurity-and-intelligence-expertise/ www.secnews.physaphae.fr/article.php?IdArticle=8667588 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Une campagne de cyberattaques sophistiquée a fait surface, ciblant les serveurs Microsoft SQL (MS-SQL) mal gérés pour déployer des outils malveillants comme Ammyy Admin et PetitpoTato Malware. Les chercheurs en cybersécurité ont observé que les attaquants exploitent des vulnérabilités dans ces serveurs pour obtenir un accès non autorisé, exécuter des commandes de reconnaissance et installer des logiciels malveillants qui facilitent l'accès à distance et l'escalade des privilèges. Cette menace émergente souligne […]

---

>A sophisticated cyberattack campaign has surfaced, targeting poorly managed Microsoft SQL (MS-SQL) servers to deploy malicious tools like Ammyy Admin and PetitPotato malware. Cybersecurity researchers have observed attackers exploiting vulnerabilities in these servers to gain unauthorized access, execute commands for reconnaissance, and install malware that facilitates remote access and privilege escalation. This emerging threat underscores […] ]]> 2025-04-25T09:02:44+00:00 https://gbhackers.com/hackers-exploit-ms-sql-servers-to-deploy-ammyy-admin/ www.secnews.physaphae.fr/article.php?IdArticle=8667561 False Malware,Tool,Vulnerability,Threat None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Look out for AI-generated \'TikDocs\' who exploit the public\'s trust in the medical profession to drive sales of sketchy supplements]]> 2025-04-25T09:00:00+00:00 https://www.welivesecurity.com/en/social-media/deepfake-doctors-tiktok-bogus-cures/ www.secnews.physaphae.fr/article.php?IdArticle=8668197 False Threat,Medical None 3.0000000000000000 GB Hacker - Blog de reverseur Le dernier rapport de Vulncheck pour le premier trimestre 2025 a identifié 159 vulnérabilités et expositions communes (CVE) divulguées publiquement comme exploitées dans la nature pour la première fois. Alarmant, 28,3% de ces vulnérabilités exploitées connues (KEV) ont vu des preuves d'exploitation en seulement une journée de leur divulgation CVE, soulignant le rythme rapide de la foudre auquel les acteurs de la menace capitalisent sur […]

---

>VulnCheck’s latest report for Q1 2025 has identified 159 Common Vulnerabilities and Exposures (CVEs) publicly disclosed as exploited in the wild for the first time. Alarmingly, 28.3% of these Known Exploited Vulnerabilities (KEVs) saw evidence of exploitation within just one day of their CVE disclosure, underscoring the lightning-fast pace at which threat actors capitalize on […] ]]> 2025-04-25T08:43:02+00:00 https://gbhackers.com/159-cves-exploited-in-the-wild-in-q1-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8667563 False Vulnerability,Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Un collectif de pirate connu sous le nom de R00TK1T prétend avoir violé la base de données d'utilisateurs de Tiktok, qui fit une fuite d'informations de connexion pour plus de 900 000 utilisateurs. Le groupe, qui a précédemment fait des vagues dans la communauté du piratage avec des allégations audacieuses avec peu de preuves étayées, les forums souterrains pour se vanter de leur dernier exploit. Supports de compte présumés et fuites de données […]

---

>A hacker collective known as R00TK1T claims to have breached TikTok’s user database, allegedly leaking login information for over 900,000 users. The group, which has previously made waves in the hacking community with bold claims-often with little substantiated evidence-has taken to underground forums to boast about their latest exploit. Alleged Account Deletions and Data Leak […] ]]> 2025-04-25T08:15:36+00:00 https://gbhackers.com/hackers-claim-tiktok-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8667564 False Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Avec des crimes d'écrémage par carte de crédit croissant à l'échelle nationale, le Washington Field Office des services secrets des États-Unis partage des conseils essentiels pour que le public se protége de cette menace croissante, partagée par des responsables de LinkedIn Post. Selon l'agence, l'écrémage des cartes de crédit implique des criminels qui installent des appareils illicites pour voler des informations sur les cartes, est devenu un «faible risque et à forte récompense» […]

---

>With credit card skimming crimes escalating nationwide, the U.S. Secret Service\'s Washington Field Office is sharing essential tips for the public to protect themselves from this growing threat, shared by Officials in LinkedIn post. According to the agency, credit card skimming involves criminals installing illicit devices to steal card information, has become a “low-risk, high-reward” […] ]]> 2025-04-25T05:23:35+00:00 https://gbhackers.com/ways-to-identify-credit-card-skimmers/ www.secnews.physaphae.fr/article.php?IdArticle=8667502 False Threat None 3.0000000000000000 Adam Shostack - American Security Blog A great, in depth series on threat modeling with ATTACK]]> 2025-04-25T00:00:00+00:00 https://shostack.org/blog/threat-informed-defense/ www.secnews.physaphae.fr/article.php?IdArticle=8667789 False Threat None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La recherche de la société de renseignement sur les menaces de vulnérabilité \\ renforce une série de rapports récents avertissant des exploits accrus en 2024.

---

>The vulnerability threat intelligence firm\'s research reinforces a slew of recent reports warning about increased exploits in 2024. ]]> 2025-04-24T22:57:32+00:00 https://cyberscoop.com/vulncheck-known-exploited-cves-q1-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8667393 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea\'s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in]]> 2025-04-24T19:41:00+00:00 https://thehackernews.com/2025/04/lazarus-hits-6-south-korean-firms-via.html www.secnews.physaphae.fr/article.php?IdArticle=8667217 False Malware,Vulnerability,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a "major blind spot in Linux runtime security tools," ARMO said. "This mechanism allows a user application to perform various actions without using system calls," the company said in]]> 2025-04-24T18:28:00+00:00 https://thehackernews.com/2025/04/linux-iouring-poc-rootkit-bypasses.html www.secnews.physaphae.fr/article.php?IdArticle=8667186 False Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Une récente campagne de cyber-espionnage par le célèbre groupe de menaces persistantes (APT) de Lazarus avancée (APT), suivie comme «Opération Synchole», a compromis au moins six organisations sud-coréennes à travers les logiciels, l'informatique, le financier, les semi-conducteurs et les secteurs de télécommunications depuis novembre 2024. […]

---

>A recent cyber espionage campaign by the notorious Lazarus Advanced Persistent Threat (APT) group, tracked as “Operation SyncHole,” has compromised at least six South Korean organizations across software, IT, financial, semiconductor, and telecommunications sectors since November 2024. According to detailed research, the attackers employed a combination of watering hole attacks and exploited vulnerabilities in widely […] ]]> 2025-04-24T17:07:50+00:00 https://gbhackers.com/lazarus-apt-targets-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8667290 False Vulnerability,Threat APT 38 3.0000000000000000 GB Hacker - Blog de reverseur Dans une violation alarmante de cybersécurité découverte par Cisco Talos en 2023, une entreprise d'infrastructure critique a été victime d'une attaque méticuleusement orchestrée impliquant plusieurs acteurs de menace. Le courtier d'accès initial, identifié comme «Tymaker» avec une confiance moyenne en tant qu'entité à motivation financière, a exploité les vulnérabilités des serveurs orientés Internet pour infiltrer le réseau. Une attaque multi-acteurs sophistiquée sur […]

---

>In a alarming cybersecurity breach uncovered by Cisco Talos in 2023, a critical infrastructure enterprise fell victim to a meticulously orchestrated attack involving multiple threat actors. The initial access broker, identified as “ToyMaker” with medium confidence as a financially motivated entity, exploited vulnerabilities in internet-facing servers to infiltrate the network. A Sophisticated Multi-Actor Attack on […] ]]> 2025-04-24T16:58:00+00:00 https://gbhackers.com/toymaker-hackers-compromise-numerous-hosts/ www.secnews.physaphae.fr/article.php?IdArticle=8667262 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes," Netcraft said in a new report shared with The Hacker News. "]]> 2025-04-24T16:57:00+00:00 https://thehackernews.com/2025/04/darcula-adds-genai-to-phishing-toolkit.html www.secnews.physaphae.fr/article.php?IdArticle=8667153 False Threat,Technical None 3.0000000000000000 GB Hacker - Blog de reverseur Dans une révélation surprenante de Microsoft Threat Intelligence, les acteurs de la menace visent de plus en plus des grappes de Kubernetes non garanties pour mener des activités illicites telles que la cryptomiminage. La nature dynamique et complexe des environnements contenerisés pose des défis importants pour les équipes de sécurité dans la détection des anomalies d'exécution ou l'identification de la source de violations. Menaces croissantes dans les environnements conteneurisés selon Microsoft \'s […]

---

>In a startling revelation from Microsoft Threat Intelligence, threat actors are increasingly targeting unsecured Kubernetes clusters to conduct illicit activities such as cryptomining. The dynamic and complex nature of containerized environments poses significant challenges for security teams in detecting runtime anomalies or identifying the source of breaches. Rising Threats in Containerized Environments According to Microsoft\'s […] ]]> 2025-04-24T16:52:39+00:00 https://gbhackers.com/threat-actors-exploiting-unsecured-kubernetes-clusters/ www.secnews.physaphae.fr/article.php?IdArticle=8667263 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Revues de produits

---

New Rubrik Identity Resilience Designed to Mitigate the Most Targeted Point of Cyber Attacks Disrupt Identity-Based Attacks: Counter fastest-growing threat vector with advanced resilience for complex identity environments Unified Protection on One Platform: Designed for data and identity security to eliminate vulnerabilities from disparate point solutions Complete Resilience Coverage: Protect across on-premises, cloud, and SaaS with visibility into data and identity interactions to accelerate detection and recovery - Product Reviews]]> 2025-04-24T16:50:17+00:00 https://www.globalsecuritymag.fr/rubrik-announced-its-newest-upcoming-solution-identity-resilience.html www.secnews.physaphae.fr/article.php?IdArticle=8667260 False Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch The losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report.]]> 2025-04-24T16:46:08+00:00 https://www.darkreading.com/remote-workforce/fbi-cybercrime-losses-16b-2024 www.secnews.physaphae.fr/article.php?IdArticle=8667269 False Ransomware,Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Les acteurs de la menace ont exploité une vulnérabilité zero-day dans Ivanti Connect Secure, identifié comme CVE-2025-0282, pour déployer des outils malveillants, y compris un shell Web et un cheval de Troie (rat) à accès à distance sophistiqué nommé Dslogdrat. Selon une analyse détaillée de JPCERT / CC, ces attaques soulignent les risques persistants et évolutifs entourant les produits Ivanti, qui sont devenus une cible fréquente pour […]

---

>Threat actors exploited a zero-day vulnerability in Ivanti Connect Secure, identified as CVE-2025-0282, to deploy malicious tools including a web shell and a sophisticated remote access trojan (RAT) named DslogdRAT. According to a detailed analysis by JPCERT/CC, these attacks underscore the persistent and evolving risks surrounding Ivanti products, which have become a frequent target for […] ]]> 2025-04-24T16:40:48+00:00 https://gbhackers.com/hackers-exploit-ivanti-connect-secure-0-day/ www.secnews.physaphae.fr/article.php?IdArticle=8667265 False Tool,Vulnerability,Threat None 2.0000000000000000 GB Hacker - Blog de reverseur Les cybercriminels armement de plus en plus les fichiers de graphiques vectoriels évolutifs (SVG) pour orchestrer des campagnes de phishing sophistiquées. Selon des recherches d'Intezer, une entreprise de cybersécurité qui triage des millions d'alertes pour les entreprises à l'échelle mondiale, les attaquants intègrent un JavaScript malveillant dans les fichiers SVG pour rediriger les utilisateurs sans méfiance vers des sites de phishing à récolte des informations d'identification. Cette technique, surnommée «Script in the Shadows», a prouvé […]

---

>Cybercriminals are increasingly weaponizing Scalable Vector Graphics (SVG) files to orchestrate sophisticated phishing campaigns. According to research from Intezer, a cybersecurity firm that triages millions of alerts for enterprises globally, attackers are embedding malicious JavaScript within SVG files to redirect unsuspecting users to credential-harvesting phishing sites. This technique, dubbed “Script in the Shadows,” has proven […] ]]> 2025-04-24T16:35:52+00:00 https://gbhackers.com/weaponized-svg-files-used-by-threat-actors-to-redirect-users/ www.secnews.physaphae.fr/article.php?IdArticle=8667266 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain In a recent espionage campaign, the infamous North Korean threat group Lazarus targeted multiple organizations in the software, IT, finance, and telecommunications sectors in South Korea. [...]]]> 2025-04-24T15:13:32+00:00 https://www.bleepingcomputer.com/news/security/lazarus-hackers-breach-six-companies-in-watering-hole-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8667329 False Threat APT 38 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Après la mort du pape François, comme cela est courant avec les événements mondiaux de cette nature, les cybercriminels ont lancé une variété de campagnes malveillantes. Cette tactique n'est pas des attaquants de nouveau-cyber ont longtemps exploité des événements mondiaux majeurs, du décès de la reine Elizabeth II à des catastrophes naturelles et des crises mondiales comme Covid-19, pour conduire des escroqueries, une désinformation et des infections malveillantes. La curiosité publique et les réactions émotionnelles font que ces moments ont principalement des opportunités pour les attaquants de frapper. Ils commencent généralement par des campagnes de désinformation sur les plateformes de médias sociaux comme Instagram, Tiktok ou Facebook, téléchargeant de fausses images générées par l'IA. Ces campagnes sont conçues pour attirer l'attention des utilisateurs, ce qui les incite […]

---

>Following Pope Francis’ death, as is common with global events of this nature, cyber criminals have launched a variety of malicious campaigns. This tactic isn\'t new-cyber attackers have long exploited major world events, from the passing of Queen Elizabeth II to natural disasters and global crises like COVID-19, to drive scams, disinformation, and malware infections. Public curiosity and emotional reactions make these moments prime opportunities for attackers to strike. They typically begin with disinformation campaigns on social media platforms like Instagram, TikTok, or Facebook, uploading fake images generated by AI. These campaigns are designed to capture user attention, prompting them […] ]]> 2025-04-24T13:00:52+00:00 https://blog.checkpoint.com/research/cyber-criminals-exploit-pope-francis-death-to-launch-global-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8667175 False Malware,Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite L'IA générative transforme le lieu de travail moderne. Il offre de nouvelles opportunités mais aussi des risques sans précédent, tels que la production d'exploitation à l'échelle industrielle et les fuites de données grâce à l'utilisation des outils Genai des employés. En 2025, la défense d'une main-d'œuvre hybride signifie s'adapter rapidement, sécuriser plus intelligemment et consolider vos opérations judicieusement. Voici cinq priorités de sécurité clés que nous avons expulsées du rapport de cybersécurité de Check Point \\ pour aider les CISO à rester en avance sur le paysage des menaces dynamiques. Commencez par de solides contrôles d'accès, n'appliquant pas le MFA pour vos utilisateurs sur vos applications? C'est une invitation ouverte aux attaquants. L'authentification multi-facteurs (MFA) est la première étape. Mais ne \\ 't […]

---

>Generative AI is transforming the modern workplace. It offers new opportunities but also unprecedented risks, such as industrial-scale exploit production and data leaks through employee use of GenAI tools. In 2025, defending a hybrid workforce means adapting fast, securing smarter, and consolidating your operations wisely. Here are five key security priorities we\'ve teased out from Check Point\'s 2025 Cyber Security Report to help CISOs stay ahead of the dynamic threat landscape. Start With Strong Access Controls Still not enforcing MFA for your users across your applications? That\'s an open invitation to attackers. Multi-factor authentication (MFA) is step one. But don\'t […] ]]> 2025-04-24T13:00:46+00:00 https://blog.checkpoint.com/harmony-sase/securing-the-hybrid-workforce-in-the-age-of-ai-5-priorities-for-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8667176 False Tool,Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Les environnements de nuages ​​de centres de données hybrides dynamiques se développent, conduisant à une plus grande surface d'attaque. Le mélange de sur site et de plates-formes cloud multiples crée des interconnexions complexes difficiles à surveiller. La segmentation traditionnelle du réseau est insuffisante car les charges de travail se déplacent de manière fluide entre les centres de données sur site et le cloud, ce qui laisse les lacunes de protection. Sans outils appropriés, les professionnels de la sécurité manquent de visibilité complète, permettant aux menaces latérales de ne pas être détectées et de se propager au sein de l'organisation. L'arrêt proactif des mouvements latéraux pour prévenir les violations de contrôle de contrôle Software Technologies Ltd et Illumio ont annoncé un partenariat stratégique pour permettre aux entreprises de prévenir les mouvements latéraux et les violations par microsegmentation et menace proactive […]

---

>Dynamic hybrid data center cloud environments are growing, leading to a larger attack surface. The mix of on-premises and multiple cloud platforms creates complex interconnections that are hard to monitor. Traditional network segmentation is insufficient as workloads move fluidly between on-premises data centers and the cloud, leaving protection gaps. Without proper tools, security professionals lack full visibility, allowing lateral threats to go undetected and spread within the organization. Proactively Stopping Lateral Movement to Prevent Breaches Check Point Software Technologies Ltd and Illumio announced a strategic partnership to enable enterprises to prevent lateral movement and breaches through microsegmentation and proactive threat […] ]]> 2025-04-24T13:00:44+00:00 https://blog.checkpoint.com/securing-the-network/check-point-and-illumio-partner-to-accelerate-zero-trust-with-proactive-threat-prevention-and-microsegmentation/ www.secnews.physaphae.fr/article.php?IdArticle=8667177 False Tool,Threat,Cloud None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Verizon Business published its 2025 Data Breach Investigations Report (DBIR), revealing a sharp rise in cyberattacks and an... ]]> 2025-04-24T12:55:30+00:00 https://industrialcyber.co/reports/verizons-2025-dbir-report-finds-spike-in-cyberattacks-complexity-in-threat-landscape-amid-rising-supply-chain-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8667149 False Data Breach,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les entreprises et les fournisseurs de services gérés dans le monde sont désormais confrontés à des problèmes de sécurité urgents à la suite de la divulgation d'une vulnérabilité majeure pré-authentifiée à distance (RCE) dans le logiciel de sauvegarde et de récupération sur site de Commvault \\. Le numéro, suivi comme CVE-2025-34028, a secoué le monde de la cybersécurité, en particulier après que les chercheurs ont publié un exploit de preuve de concept (POC) entièrement travaillant. Avec les attaquants sonder activement […]

---

>Enterprises and managed service providers globally are now facing urgent security concerns following the disclosure of a major pre-authenticated remote code execution (RCE) vulnerability in Commvault\'s on-premise backup and recovery software. The issue, tracked as CVE-2025-34028, has rocked the cybersecurity world, particularly after researchers published a fully working proof-of-concept (PoC) exploit. With attackers actively probing […] ]]> 2025-04-24T12:40:42+00:00 https://gbhackers.com/commvault-rce-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8667156 False Vulnerability,Threat None 2.0000000000000000 SlashNext - Cyber Firm Les chercheurs en sécurité ici à Slashnext ont récemment découvert une image promotionnelle sur un réseau de cybercriminalité présentant un service appelé «SessionShark O365 2FA / MFA». SessionShark est une boîte à outils Phishing-As-A-Service conçue pour contourner les protections Microsoft Office 365 Authentification multi-facteurs (MFA). Bien que l'offre soit clairement destinée aux acteurs de la menace, ses créateurs tentent de le traduire comme «à des fins éducatives». […] Le message SessionShark vole des jetons de session pour glisser le pass 365 mfa

---

>Security researchers here at SlashNext recently uncovered a promotional image on a cybercrime network showcasing a service called “SessionShark O365 2FA/MFA.” SessionShark is a phishing-as-a-service toolkit built to bypass Microsoft Office 365 multi-factor authentication (MFA) protections. While the offering is clearly intended for threat actors, its creators attempt to frame it as “for educational purposes.” […] The post SessionShark Steals Session Tokens to Slip Past Office 365 MFA first appeared on SlashNext.]]> 2025-04-24T12:00:01+00:00 https://slashnext.com/blog/sessionshark-steals-session-tokens-to-slip-past-office-365-mfa/ www.secnews.physaphae.fr/article.php?IdArticle=8667168 False Threat None 2.0000000000000000 GB Hacker - Blog de reverseur La chercheuse en sécurité Alessandro Sgreccia (alias «Rainpwn») a révélé un ensemble de vulnérabilités critiques dans la série de pare-feu USG Flex-H de Zyxel \\ qui permettent l'authentification de l'escalade du code à distance (RCE) et l'escalade sans authentification. Les résultats, affectant des modèles tels que Flex 100H et Flex 700H, menacent la sécurité des organisations qui s'appuient sur ces appareils pour la défense du réseau. Comment l'exploit […]

---

>Security researcher Alessandro Sgreccia (aka “rainpwn”) has revealed a set of critical vulnerabilities in Zyxel\'s USG FLEX-H firewall series that enable remote code execution (RCE) and privilege escalation-without authentication. The findings, affecting models including the FLEX 100H and FLEX 700H, threaten the security of organizations relying on these devices for network defense. How the Exploit […] ]]> 2025-04-24T11:51:57+00:00 https://gbhackers.com/zyxel-rce-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8667126 False Vulnerability,Threat None 2.0000000000000000 SecurityWeek - Security News Combiné avec l'IA, les e-mails de phishing polymorphe sont devenus très sophistiqués, créant des messages plus personnalisés et évasifs qui entraînent des taux de réussite d'attaque plus élevés.

---

>Combined with AI, polymorphic phishing emails have become highly sophisticated, creating more personalized and evasive messages that result in higher attack success rates. ]]> 2025-04-24T11:00:00+00:00 https://www.securityweek.com/ai-powered-polymorphic-phishing-is-changing-the-threat-landscape/ www.secnews.physaphae.fr/article.php?IdArticle=8667105 False Threat None 3.0000000000000000 HackRead - Chercher Cyber Hackers in the Elusive Comet campaign exploit Zoom’s remote-control feature to steal cryptocurrency, and over $100K lost in…]]> 2025-04-24T10:45:54+00:00 https://hackread.com/elusive-comet-hackers-zoom-remote-control-steal-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8667100 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Yale New Haven Health (YNHHS) is warning that threat actors stole the personal data of 5.5 million patients in a cyberattack earlier this month. [...]]]> 2025-04-24T10:12:24+00:00 https://www.bleepingcomputer.com/news/security/yale-new-haven-health-data-breach-affects-55-million-patients/ www.secnews.physaphae.fr/article.php?IdArticle=8667212 False Data Breach,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Une vulnérabilité de refus de service (DOS) de haute sévérité (DOS) dans Redis, suivie sous forme de CVE-2025-21605, permet aux attaquants non authentifiés de planter des serveurs ou de la mémoire du système d'échappement en exploitant des tampons de sortie mal limités. Le défaut affecte les versions Redis 2.6 et plus récentes, avec des correctifs maintenant disponibles dans les mises à jour 6.2.18, 7.2.8 et 7.4.3. Comment l'exploit fonctionne la vulnérabilité découle de la configuration par défaut de Redis \\, qui n'impose aucune limite […]

---

>A high-severity denial-of-service (DoS) vulnerability in Redis, tracked as CVE-2025-21605, allows unauthenticated attackers to crash servers or exhaust system memory by exploiting improperly limited output buffers. The flaw affects Redis versions 2.6 and newer, with patches now available in updates 6.2.18, 7.2.8, and 7.4.3. How the Exploit Works The vulnerability stems from Redis\'s default configuration, which imposes no limits […] ]]> 2025-04-24T09:34:37+00:00 https://gbhackers.com/redis-dos-flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8667083 False Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2025-04-24T09:00:00+00:00 https://www.proofpoint.com/us/blog/corporate-news/q1-25-business-momentum-cements-proofpoints-position-undisputed-leader-human-centric-security www.secnews.physaphae.fr/article.php?IdArticle=8667389 False Threat,Conference,Commercial None 2.0000000000000000 eSecurityPlanet - Blog Threat intelligence platforms help analyze and share cyber threat data. Discover top TIPs , their features, use cases, and comparisons. ]]> 2025-04-24T09:00:00+00:00 https://www.esecurityplanet.com/products/threat-intelligence-platforms/ www.secnews.physaphae.fr/article.php?IdArticle=8668971 False Threat None 3.0000000000000000 GB Hacker - Blog de reverseur L'équipe Mandiant de Google \\ a publié son rapport M-Trends 2025, mettant en évidence la sophistication croissante des acteurs de la menace, en particulier les groupes China-Nexus. Ces adversaires déploient des écosystèmes de logiciels malveillants personnalisés, exploitant les vulnérabilités zéro-jours dans les appareils de sécurité et l'utilisation des réseaux proxy ressemblant à des botnets pour échapper à la détection. Leurs tactiques incluent également des dispositifs de ciblage des bords dépourvus de capacités de détection et de réponse (EDR) […]

---

>Google\'s Mandiant team has released its M-Trends 2025 report, highlighting the increasing sophistication of threat actors, particularly China-nexus groups. These adversaries are deploying custom malware ecosystems, exploiting zero-day vulnerabilities in security appliances, and utilizing proxy networks resembling botnets to evade detection. Their tactics also include targeting edge devices lacking endpoint detection and response (EDR) capabilities […] ]]> 2025-04-24T08:43:26+00:00 https://gbhackers.com/google-warns-threat-actors-growing-more-sophisticated/ www.secnews.physaphae.fr/article.php?IdArticle=8667059 False Malware,Vulnerability,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2025-04-24T05:02:55+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/financial-firm-chooses-proofpoint-over-abnormal www.secnews.physaphae.fr/article.php?IdArticle=8667390 False Spam,Tool,Threat,Medical None 3.0000000000000000 The State of Security - Magazine Américain Technology is transforming the way financial scams operate, making them more sophisticated, automated, and harder to detect. From deepfake impersonations to cryptocurrency fraud and tech support scams, bad actors are leaving no stone unturned and are leveraging every advanced tool at their disposal to manipulate victims and steal their assets. This blog will look at how fraudsters are weaponizing artificial intelligence (AI), social engineering, and evolving digital tactics to exploit financial planning clients, and what can be done to combat these growing threats. Helping Scammers Work...]]> 2025-04-24T02:57:57+00:00 https://www.tripwire.com/state-of-security/scams-how-technology-powering-next-generation-fraud www.secnews.physaphae.fr/article.php?IdArticle=8667028 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The convergence of cybercrime, financial fraud, and organized crime poses a significant threat, especially where these syndicates excel at operating under the radar.]]> 2025-04-24T01:00:00+00:00 https://www.darkreading.com/threat-intelligence/industrial-scale-asian-scam-centers www.secnews.physaphae.fr/article.php?IdArticle=8666897 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat activity clusters with ties to North Korea (aka Democratic People\'s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. "The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North Korea," Google-owned Mandiant said in]]> 2025-04-23T22:39:00+00:00 https://thehackernews.com/2025/04/dprk-hackers-steal-137m-from-tron-users.html www.secnews.physaphae.fr/article.php?IdArticle=8666764 False Threat None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC In cybersecurity, speed has always been a big deal. How quickly can you detect an incident? How fast can you respond? But in the rush to act fast, many teams overlook what matters most. Are we actually solving the problem? Incident response is not just about being fast. It\'s about being effective. It\'s about making sure the threat is fully understood, resolved, and prevented from coming back. Metrics That Do More Than Count Seconds Basic metrics like mean time to detect or mean time to respond give you a snapshot of performance, but they do not always tell the full story. What about the quality of your response? The accura]]> 2025-04-23T22:36:00+00:00 https://levelblue.com/blogs/security-essentials/from-fast-to-smart-rethinking-incident-response-metrics www.secnews.physaphae.fr/article.php?IdArticle=8667207 False Tool,Threat,Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2025-04-23T19:13:58+00:00 https://www.globalsecuritymag.fr/proofpoint-inc-lance-sa-plateforme-prime-threat-protection.html www.secnews.physaphae.fr/article.php?IdArticle=8666813 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iran-nexus threat actor known as UNC2428 has been observed delivering a backdoor known as MURKYTOUR as part of a job-themed social engineering campaign aimed at Israel in October 2024. Google-owned Mandiant described UNC2428 as a threat actor aligned with Iran that engages in cyber espionage-related operations. The intrusion set is said to have distributed the malware through a "complex]]> 2025-04-23T18:38:00+00:00 https://thehackernews.com/2025/04/iran-linked-hackers-target-israel-with.html www.secnews.physaphae.fr/article.php?IdArticle=8666669 False Malware,Threat None 3.0000000000000000 ComputerWeekly - Computer Magazine Mandiant\'s latest annual threat report reveals new data on how financially-motivated cyber criminals, such as ransomware gangs, dominate the cyber security landscape]]> 2025-04-23T16:34:00+00:00 https://www.computerweekly.com/news/366623134/Financially-motivated-cyber-crime-remains-biggest-threat-source www.secnews.physaphae.fr/article.php?IdArticle=8666832 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Phishing attacks remain a huge challenge for organizations in 2025. In fact, with attackers increasingly leveraging identity-based techniques over software exploits, phishing arguably poses a bigger threat than ever before.  Attackers are increasingly leveraging identity-based techniques over software exploits, with phishing and stolen credentials (a byproduct of phishing) now the primary]]> 2025-04-23T16:30:00+00:00 https://thehackernews.com/2025/04/three-reasons-why-browser-is-best-for.html www.secnews.physaphae.fr/article.php?IdArticle=8666619 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple suspected Russia-linked threat actors are "aggressively" targeting individuals and organizations with ties to Ukraine and human rights with an aim to gain unauthorized access to Microsoft 365 accounts since early March 2025. The highly targeted social engineering operations, per Volexity, are a shift from previously documented attacks that leveraged a technique known as device code]]> 2025-04-23T16:19:00+00:00 https://thehackernews.com/2025/04/russian-hackers-exploit-microsoft-oauth.html www.secnews.physaphae.fr/article.php?IdArticle=8666620 False Threat None 3.0000000000000000