This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T13:35:37+00:00 www.secnews.physaphae.fr RiskIQ - cyber risk firms (now microsoft) 2024-08-15T00:05:24+00:00 https://community.riskiq.com/article/14507cde www.secnews.physaphae.fr/article.php?IdArticle=8557885 False Spam,Malware,Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC. "The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer a fake solution,"]]> 2024-08-14T22:43:00+00:00 https://thehackernews.com/2024/08/black-basta-linked-attackers-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8557723 False Ransomware,Malware,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-14T22:29:38+00:00 https://community.riskiq.com/article/2c3c5cc5 www.secnews.physaphae.fr/article.php?IdArticle=8557864 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The likely China-linked campaign is deploying CloudSorcerer and other proprietary binaries belonging to known state-sponsored groups, showing how advanced persistent threat groups often collaborate with each other.]]> 2024-08-14T19:46:52+00:00 https://www.darkreading.com/cyberattacks-data-breaches/eastwind-cyber-spy-campaign-chinese-apt-tools www.secnews.physaphae.fr/article.php?IdArticle=8557800 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-08-14T18:42:42+00:00 https://www.darkreading.com/cybersecurity-operations/zimperium-teams-up-with-okta-to-enhance-zero-trust-identity-threat-protection-with-ai-driven-mobile-security-solutions www.secnews.physaphae.fr/article.php?IdArticle=8557755 False Threat,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-14T18:17:06+00:00 https://community.riskiq.com/article/55996e79 www.secnews.physaphae.fr/article.php?IdArticle=8557777 False Ransomware,Malware,Tool,Threat,Cloud APT 27,APT 31 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-14T17:53:39+00:00 https://community.riskiq.com/article/7f3d507d www.secnews.physaphae.fr/article.php?IdArticle=8557747 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 Team Cymru - Equipe de Threat Intelligence This article provides a comprehensive overview of threat intelligence services, highlighting the importance, methodology, benefits, etc.]]> 2024-08-14T17:17:19+00:00 https://www.team-cymru.com/post/threat-intelligence www.secnews.physaphae.fr/article.php?IdArticle=8557724 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Keysight Joins the Joint Cyber Defense Collaborative to Enhance Cybersecurity for Critical Sectors • Now a Joint Cyber Defense Collaborative participant focused on fostering collaboration and information sharing to unify public and private sector\'s cybersecurity efforts • Provides threat intelligence and security testing capabilities to enable the initiative\'s mission to drive down cyber risk to the nation at scale - Business News]]> 2024-08-14T16:33:42+00:00 https://www.globalsecuritymag.fr/keysight-joins-the-joint-cyber-defense-collaborative.html www.secnews.physaphae.fr/article.php?IdArticle=8557700 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Zimperium Teams Up with Okta to Enhance Zero-Trust Identity Threat Protection with AI-Driven Mobile Security Solutions Product integration delivers real-time detection and response, enhancing mobile device security - Business News]]> 2024-08-14T16:31:44+00:00 https://www.globalsecuritymag.fr/zimperium-announced-that-it-s-collaborating-with-okta.html www.secnews.physaphae.fr/article.php?IdArticle=8557701 False Threat,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-14T16:22:03+00:00 https://community.riskiq.com/article/d1b9cd26 www.secnews.physaphae.fr/article.php?IdArticle=8557722 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

DigiCert to Acquire Vercara, Strengthening Its Position as a Leader in Digital Trust Addition of Vercara will expand DigiCert\'s capabilities to protect organizations from increased threat of cyberattacks - Business News]]> 2024-08-14T14:10:15+00:00 https://www.globalsecuritymag.fr/digicert-to-acquire-vercara.html www.secnews.physaphae.fr/article.php?IdArticle=8557628 False Threat None 3.0000000000000000 SecurityWeek - Security News SecurityWeek s'est entretenu avec Mike Britton, CISO à la sécurité anormale, pour comprendre ce que l'entreprise a appris sur les attaques actuelles d'ingénierie sociale et de phishing.

---

>SecurityWeek spoke with Mike Britton, CISO at Abnormal Security, to understand what the company has learned about current social engineering and phishing attacks. ]]> 2024-08-14T14:02:42+00:00 https://www.securityweek.com/unlocking-the-front-door-phishing-emails-remain-a-top-cyber-threat-despite-mfa/ www.secnews.physaphae.fr/article.php?IdArticle=8557651 False Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Résumé: Prévalence et impact élevés: Au cours des trois derniers mois, une moyenne de 1 sur 16, les organisations ont été confrontées à SSTI Attaques chaque semaine, les secteurs de vente au détail / en gros et finance / bancaire étant les plus touchés.Risques graves: les vulnérabilités SSTI peuvent entraîner une exécution arbitraire du code, un vol de données et des dommages importants de réputation, comme le montrent les exploits de haut niveau dans des plateformes telles que Atlassian Confluence et Crushftp.Stratégies d'atténuation efficaces: la lutte contre les vulnérabilités SSTI nécessite des pratiques de codage sécurisées, des évaluations régulières de la vulnérabilité et un correctif rapide des composants logiciels et des dépendances.Les vulnérabilités d'injection de modèle côté serveur (SSTI) sont apparues comme une menace importante pour les applications Web.Un modèle côté serveur [& # 8230;]

---

>Summary : High Prevalence and Impact: Over the past three months, an average of 1 out of every 16 organizations faced SSTI attacks weekly, with the Retail/Wholesale and Finance/Banking sectors being the most affected. Severe Risks: SSTI vulnerabilities can lead to arbitrary code execution, data theft, and significant reputation damage, as demonstrated by high-profile exploits in platforms like Atlassian Confluence and CrushFTP. Effective Mitigation Strategies: Addressing SSTI vulnerabilities requires secure coding practices, regular vulnerability assessments, and prompt patching of software components and dependencies. Server-Side Template Injection (SSTI) vulnerabilities have emerged as a significant threat to web applications. A Server-Side Template […] ]]> 2024-08-14T13:00:55+00:00 https://blog.checkpoint.com/research/server-side-template-injection-a-critical-vulnerability-threatening-web-applications/ www.secnews.physaphae.fr/article.php?IdArticle=8557589 False Vulnerability,Threat,Patching None 3.0000000000000000 Dragos - CTI Society Les informations fournies ici proviennent de chasseurs d'adversaires et d'analystes de la cyber-menace de l'intelligence et des analystes qui effectuent des recherches sur l'adversaire ... Le post Dragos Industrial Ransomware Analysis: Q2 2024 = "https://www.dragos.com"> dragos .

---

>Information provided here is sourced from Dragos OT Cyber Threat Intelligence adversary hunters and analysts who conduct research on adversary... The post Dragos Industrial Ransomware Analysis: Q2 2024 first appeared on Dragos.]]> 2024-08-14T13:00:00+00:00 https://www.dragos.com/blog/dragos-industrial-ransomware-analysis-q2-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8557618 False Ransomware,Threat,Studies,Industrial None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Résumé du modèle Sommaire Les vulnérabilités de l'injection (SSTI) du modèle (SSTI) se réfèrent à des faiblesses dans les applications Web que les attaquants peuvent exploiter pour injecter du code malveillant dans des modèles côté serveur.Cela leur permet d'exécuter des commandes arbitraires sur le serveur, conduisant potentiellement à l'accès non autorisé aux données, au compromis du serveur ou à l'exploitation de vulnérabilités supplémentaires.Récemment, les vulnérabilités SSTI deviennent de plus en plus répandues et [& # 8230;]

---

>Executive Summary Server-Side Template Injection (SSTI) vulnerabilities refer to weaknesses in web applications which attackers can exploit to inject malicious code into server-side templates. This allows them to execute arbitrary commands on the server, potentially leading to unauthorized data access, server compromise, or exploitation of additional vulnerabilities. Recently, SSTI vulnerabilities are becoming increasingly prevalent and […] ]]> 2024-08-14T13:00:00+00:00 https://research.checkpoint.com/2024/server-side-template-injection-transforming-web-applications-from-assets-to-liabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8557598 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

File-Sharing Phishing Attacks Surge 350%, According to New Research from Abnormal Security Threat actors increasingly exploit file sharing services to advance phishing attacks, while continuing to scale traditional BEC attacks by 50% over the last year - Special Reports]]> 2024-08-14T11:36:22+00:00 https://www.globalsecuritymag.fr/file-sharing-phishing-attacks-surge-350-according-to-new-research-from-abnormal.html www.secnews.physaphae.fr/article.php?IdArticle=8557568 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month. The Patch Tuesday]]> 2024-08-14T11:18:00+00:00 https://thehackernews.com/2024/08/microsoft-issues-patches-for-90-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8557425 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-backed threat actor known as Earth Baku has diversified its targeting footprint beyond the Indo-Pacific region to include Europe, the Middle East, and Africa starting in late 2022. Newly targeted countries as part of the activity include Italy, Germany, the U.A.E., and Qatar, with suspected attacks also detected in Georgia and Romania. Governments, media and communications, telecoms,]]> 2024-08-14T10:31:00+00:00 https://thehackernews.com/2024/08/china-backed-earth-baku-expands-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8557427 False Threat APT 41 2.0000000000000000 Dark Reading - Informationweek Branch The Democratic National Convention soon to take place in Chicago, already under heavy security, faces an additional threat in the form of stolen credentials for delegates.]]> 2024-08-14T10:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/dnc-credentials-compromised-intelfetch-telegram-bot www.secnews.physaphae.fr/article.php?IdArticle=8557517 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The threat group is disrupting healthcare organizations. Victims can help themselves, though, even after compromise, by being careful in the decryption process.]]> 2024-08-14T10:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/inc-ransomware-encryptor-contains-keys-to-victim-data-recovery www.secnews.physaphae.fr/article.php?IdArticle=8557214 False Ransomware,Threat,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Microsoft\'s August Patch Tuesday saw the tech giant address nine zero-day vulnerabilities]]> 2024-08-14T08:50:00+00:00 https://www.infosecurity-magazine.com/news/microsoft-fixes-nine-zerodays/ www.secnews.physaphae.fr/article.php?IdArticle=8557491 False Vulnerability,Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-08-14T07:19:53+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/stopping-phish-attacks-behind-qr-codes-human-verification-challenge www.secnews.physaphae.fr/article.php?IdArticle=8557648 False Malware,Tool,Threat,Cloud ChatGPT 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Malware loaders are a significant threat in the cybersecurity landscape, with nearly 40% of all malware observed in critical security incidents involving these specialized tools. Among the most prevalent loaders are “SocGholish,” “GootLoader,” and “Raspberry Robin,” which have been frequently used by cybercriminals to deliver a range of secondary malware, including ransomware. This was revealed [...]]]> 2024-08-14T06:25:51+00:00 https://informationsecuritybuzz.com/malware-loaders-cybersec-threats-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8557448 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite In 2024, email breaches continue to pose a significant threat to personal and corporate security, with millions of email addresses exposed in data hacks. An email breach occurs when malicious actors infiltrate a company’s system, stealing customer data, including email addresses. This stolen information can be used for phishing attacks, identity fraud, and other malicious [...]]]> 2024-08-14T05:26:35+00:00 https://informationsecuritybuzz.com/email-breach-report-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8557424 False Threat,Studies None 4.0000000000000000 Team Cymru - Equipe de Threat Intelligence First and foremost, our thanks go to the threat research team at Silent Push and the security team at Stark Industries Solutions...]]> 2024-08-13T23:00:00+00:00 https://www.team-cymru.com/post/fin7-the-truth-doesn-t-need-to-be-so-stark www.secnews.physaphae.fr/article.php?IdArticle=8557622 False Threat None 2.0000000000000000 Krebs on Security - Chercheur Américain Microsoft today released updates to fix at least 90 security vulnerabilities in Windows and related software, including a whopping six zero-day flaws that are already being actively exploited by attackers.]]> 2024-08-13T21:43:05+00:00 https://krebsonsecurity.com/2024/08/six-0-days-lead-microsofts-august-2024-patch-push/ www.secnews.physaphae.fr/article.php?IdArticle=8557240 False Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Attackers are already actively exploiting six of the bugs and four others are public, including one for which Microsoft has no patch yet.]]> 2024-08-13T20:56:46+00:00 https://www.darkreading.com/vulnerabilities-threats/microsoft-discloses-10-zero-day-bugs-in-pacth-tuesday-update www.secnews.physaphae.fr/article.php?IdArticle=8557242 False Vulnerability,Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-13T20:33:02+00:00 https://community.riskiq.com/article/d6cbbe7b www.secnews.physaphae.fr/article.php?IdArticle=8557239 False Ransomware,Malware,Tool,Threat,Prediction None 2.0000000000000000 Dark Reading - Informationweek Branch The CVSS 9.8 authentication bypass in Ivanti\'s traffic manager admin panel already has a proof-of-concept (PoC) exploit lurking in the wild.]]> 2024-08-13T19:51:26+00:00 https://www.darkreading.com/remote-workforce/critical-ivanti-vtm-bug-unauthorized-admin-access www.secnews.physaphae.fr/article.php?IdArticle=8557217 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-13T19:40:03+00:00 https://community.riskiq.com/article/a476ee2b www.secnews.physaphae.fr/article.php?IdArticle=8557211 False Malware,Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-13T19:36:37+00:00 https://community.riskiq.com/article/d82834d0 www.secnews.physaphae.fr/article.php?IdArticle=8557212 False Ransomware,Malware,Tool,Threat,Medical None 3.0000000000000000 The State of Security - Magazine Américain Today\'s VERT Alert addresses Microsoft\'s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38178 CVE-2024-38178 describes a vulnerability in the Microsoft Edge scripting engine when run in Internet Explorer Mode. On top of requiring Edge be running in Internet Explorer Mode, an attacker must convince a user to click on a link to load the malicious code. Microsoft has reported this vulnerability as Exploitation Detected. CVE-2024-38193 A vulnerability...]]> 2024-08-13T16:25:22+00:00 https://www.tripwire.com/state-of-security/vert-threat-alert-august-2024-patch-tuesday-analysis www.secnews.physaphae.fr/article.php?IdArticle=8557241 False Vulnerability,Threat None 1.00000000000000000000 SecurityWeek - Security News Maksim Silnikau a été extradé vers les États-Unis pour faire face à des accusations pour des rôles dans la distribution du kit d'exploitation de pêcheur, des logiciels malveillants et du ransomware du cartel de rançon.

---

>Maksim Silnikau was extradited to the US to face charges for roles in the distribution of the Angler exploit kit, malware, and the Ransom Cartel ransomware. ]]> 2024-08-13T14:39:03+00:00 https://www.securityweek.com/us-unseals-charges-against-3-eastern-europeans-over-ransomware-malvertising/ www.secnews.physaphae.fr/article.php?IdArticle=8557083 False Ransomware,Malware,Threat None 3.0000000000000000 GoogleSec - Firm Security Blog in this 2022 post from Cloud CISO Phil Venables. What is PQC? Encryption is central to keeping information confidential and secure on the Internet. Today, most Internet sessions in modern browsers are encrypted to prevent anyone from eavesdropping or altering the data in transit. Digital signatures are also crucial to online trust, from code signing proving that programs haven\'t been tampered with, to signals that can be relied on for confirming online identity. Modern encryption technologies are secure because the computing power required to "crack the code" is very large; larger than any computer in existence today or the foreseeable future. Unfortunately, that\'s an advantage that won\'t last forever. Practical large-scale quantum computers are still years away, but computer scientists have known for decades that a cryptographically relevant quantum computer (CRQC) could break existing forms of asymmetric key cryptography. PQC is the effort to defend against that risk, by defining standards and collaboratively implementing new algorithms that will resist attacks by both classical and quantum computers. You don\'t need a quantum computer to use post-quantum cryptography, or to prepare. All of the standards released by NIST today run on the classical computers we currently use. How is encryption at risk? While a CRQC doesn\'t exist yet, devices and data from today will still be relevant in future. Some risks are already here: Stored Data Through an attack known as Store Now, Decrypt Later, encrypted data captured and saved by attackers is stored for later decryption, with the help of as-yet unbuilt quantum computers Hardware Products Defenders must ensure that future attackers cannot forge a digital signature and implant compromised firmware, or software updates, on pre-quantum devices that are still in use For more information on CRQC-related risks, see our PQC Threat Model post. How can organizations prepare for PQC migrations? Migrating to new cryptographic algorithms is often a slow process, even when weaknesses affect widely-used crypto systems, because of organizational and logistical challenges in fully completing the transition to new technologies. For example, NIST deprecated SHA-1 hashing algorithms in 2011 and recommends complete phase-out by 2030. That\'s why it\'s crucial to take steps now to improve organizational preparedness, independent of PQC, with the goal of making your transition to PQC easier. These crypto agility best practices can be enacted anytime: Cryptographic inventory Understanding where and how organizations are using cryptography includes knowing what cryptographic algorithms are in use, and critically, managing key materi]]> 2024-08-13T10:00:07+00:00 http://security.googleblog.com/2024/08/post-quantum-cryptography-standards.html www.secnews.physaphae.fr/article.php?IdArticle=8563410 False Tool,Threat,Mobile,Cloud None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC proactive defense strategies. One is phishing-resistant MFA, which is becoming mandatory in many data protection regulations. What is Phishing-Resistant MFA? Recent incidents exploiting gaps in MFA implementations have highlighted that traditional multi-factor authentication is susceptible to phishing and social engineering attacks. For instance, the 2024 Data Threat Report found that of IT professionals, 93% believe security threats are increasing in volume or severity, a significant rise from 47% last year. Moreover, the number of enterprises experiencing ransomware attacks surged by over 27% in the past year. Also, the report revealed that malware, ransomware, and phishing are consistently the largest growth categories for attacks. For multi-factor authentication to be truly effective, it must implement secure methods such as cryptographic keys, biometrics, and device-level security checks that phishing attempts cannot compromise. Moreover, passwordless authentication and a zero-trust approach to authentication and security are crucial. Phishing-resistant MFA depends on public key cryptography, removing the need for shared codes and dramatically lowering the possibility of threat actors intercepting and replaying access codes. Also, phishing-resistant technologies can verify the source and destination\'s authenticity, ensuring that the authentication process can only happen between the intended site and the user\'s device. An Increasingly Stringent Regulatory Landscape In response to escalating cyber threats and failing cybersecurity measures, government cybersecurity agencies worldwide have increased their requirements, advocating for adopting phishing-resistant authentication methods to safeguard sensitive data. For instance, in the US, Presidential Executive Order 14028 and an Office of Management and Budget (OMB) memo mandate using enterprise-managed identities for accessing work applications, explicitly focusing on phishing-resistant MFA to shield employees from sophisticated online attacks. Similarly, in the European Union, ENISA guidelines discourage the use of SMS and voice calls for authentication, urging entities to opt for more secure options such as smart cards and FIDO2 security keys. PSD2, the EU directive for payment services, prioritizes online transaction security through strong customer authentication (SCA), requiring at least two authentication elements among knowledge, possession, and inherence. To combat phishing, PSD2 mandates dynamic authentication methods, like one-time codes, to deter replay attacks. I]]> 2024-08-13T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-state-of-phishing-resistant-mfa www.secnews.physaphae.fr/article.php?IdArticle=8557119 False Ransomware,Malware,Tool,Threat,Mobile None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Your phone number is more than just a way to contact you – scammers can use it to target you with malicious messages and even exploit it to gain access to your bank account or steal corporate data]]> 2024-08-13T09:00:00+00:00 https://www.welivesecurity.com/en/scams/scammers-phone-number/ www.secnews.physaphae.fr/article.php?IdArticle=8557492 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot Researchers at Seqrite Labs identified multiple campaigns involving fake PayPal lures targeting individuals globally with a new variant of ransomware called Cronus. ## Description The ransomware, developed in PowerShell, is executed directly in memory without writing any malicious content to disk. The initial infection was caused by a malicious Word document spread through a phishing vector, which aimed to mimic a receipt document known as paypal\_charges.doc. The malicious VBA in the document downloaded a second-stage PowerShell-based loader, which loaded the ransomware-based DLL using reflective loading]]> 2024-08-12T21:53:46+00:00 https://community.riskiq.com/article/a8dac7a0 www.secnews.physaphae.fr/article.php?IdArticle=8556610 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 knowbe4 - cybersecurity services 2024-08-12T21:15:08+00:00 https://blog.knowbe4.com/hacker-stories-erich-kron www.secnews.physaphae.fr/article.php?IdArticle=8556557 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T21:01:31+00:00 https://community.riskiq.com/article/ee29bc18 www.secnews.physaphae.fr/article.php?IdArticle=8556583 False Malware,Threat,Mobile,Medical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T20:48:14+00:00 https://community.riskiq.com/article/6b2aaea6 www.secnews.physaphae.fr/article.php?IdArticle=8556584 False Malware,Threat,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T19:53:21+00:00 https://community.riskiq.com/article/23e31fb6 www.secnews.physaphae.fr/article.php?IdArticle=8556555 False Malware,Tool,Threat,Medical APT 41 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T19:32:09+00:00 https://community.riskiq.com/article/560ec243 www.secnews.physaphae.fr/article.php?IdArticle=8556556 False Malware,Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch More than 100 Ukrainian government devices have been affected by the threat that is being tracked as UAC-0198.]]> 2024-08-12T18:25:00+00:00 https://www.darkreading.com/vulnerabilities-threats/ukraine-cert-phishing-campaign-poses-as-nations-security-service www.secnews.physaphae.fr/article.php?IdArticle=8556510 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A quick and easy exploit for crashing Windows computers has no fix yet nor really any way to mitigate its effects.]]> 2024-08-12T18:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/clfs-bug-crashes-even-updated-windows-10-11-systems www.secnews.physaphae.fr/article.php?IdArticle=8556486 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What\'s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content that they can use in phishing campaigns, like malicious emails]]> 2024-08-12T16:50:00+00:00 https://thehackernews.com/2024/08/how-phishing-attacks-adapt-quickly-to.html www.secnews.physaphae.fr/article.php?IdArticle=8556364 False Threat None 3.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido Torrance, Californie, 12 août 2024, CyberNewswire & # 8212; IP criminel , un moteur de recherche en expansion de la cyber-menace (CTI) de l'IA Spera, a récemment terminé son intégration technologique avec maltego , une plate-forme d'enquête mondiale tout-un spécialisée dans l'analyse visuelle & # 8230; (Plus…) Le post ALERTE NOUVELLES: Criminal IP et Maltego s'associent pour élargir la recherche de données de renseignement sur les menaces C'est apparu pour la première fois sur le dernier chien de garde .

---

>Torrance, Calif., Aug. 12, 2024, CyberNewsWire — Criminal IP, an expanding Cyber Threat Intelligence (CTI) search engine from AI SPERA, has recently completed its technology integration with Maltego, a global all-in-one investigation platform that specializes in visualized analysis … (more…) The post News alert: Criminal IP and Maltego team up to broaden threat intelligence data search first appeared on The Last Watchdog.]]> 2024-08-12T16:14:43+00:00 https://www.lastwatchdog.com/news-alert-criminal-ip-and-maltego-team-up-to-broaden-threat-intelligence-data-search/ www.secnews.physaphae.fr/article.php?IdArticle=8556437 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the FreeBSD Project have released security updates to address a high-severity flaw in OpenSSH that attackers could potentially exploit to execute arbitrary code remotely with elevated privileges. The vulnerability, tracked as CVE-2024-7589, carries a CVSS score of 7.4 out of a maximum of 10.0, indicating high severity. "A signal handler in sshd(8) may call a logging function]]> 2024-08-12T15:45:00+00:00 https://thehackernews.com/2024/08/freebsd-releases-urgent-patch-for-high.html www.secnews.physaphae.fr/article.php?IdArticle=8556303 False Vulnerability,Threat None 3.0000000000000000 HackRead - Chercher Cyber Torrance, United States / California, 12th August 2024, CyberNewsWire]]> 2024-08-12T14:01:09+00:00 https://hackread.com/criminal-ip-and-maltego-collaborate-to-broaden-threat-intelligence-data-search/ www.secnews.physaphae.fr/article.php?IdArticle=8556388 False Threat None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Dans un monde où les cyber-menaces évoluent constamment, rester en avance sur la courbe est crucial pour toute organisation.En fait, les recherches sur les points de contrôle montrent une augmentation de 30% du T2 de 2024 dans les cyberattaques mondiales, ce qui marque l'augmentation la plus élevée des attaques observées au cours des deux dernières années.L'une des meilleures façons de rester protégé contre la menace persistante d'une cyberattaque est une routine de développement de la main-d'œuvre continue de l'équipe informatique de l'entreprise.En raison de la nature dynamique de l'industrie de la cybersécurité, les professionnels de l'informatique doivent adhérer à une routine fréquente de mise à jour et de reskilling à [& # 8230;]

---

>In a world where cyber threats are constantly evolving, staying ahead of the curve is crucial for any organization. As a matter of fact, Check Point research shows a 30% Increase in Q2 of 2024 in global cyber attacks, which marks the highest Increase in attacks seen in the last two years. One of the best ways to stay protected against the persistent threat of a cyber-attack is a continuous workforce development routine of the company\'s IT team. Due to the dynamic nature of the cyber security industry,  IT professionals must adhere to a frequent upskilling and reskilling routine to […] ]]> 2024-08-12T13:00:21+00:00 https://blog.checkpoint.com/infinity-global-services/check-point-and-cybrary-empowering-customers-with-cutting-edge-cyber-security-training/ www.secnews.physaphae.fr/article.php?IdArticle=8556354 False Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Le dernier index de menace de Check Point \\ a révélé que RansomHub est resté le groupe de ransomware le plus répandu.Pendant ce temps, les chercheurs ont identifié une campagne de logiciels malveillants Remcos Windows exploitant une récente mise à jour du logiciel de sécurité, notre dernier index mondial des menaces pour juin 2024 a révélé des changements importants dans les classements des ransomwares.Malgré une baisse significative en juin, Lockbit a refait surface le mois dernier pour devenir le deuxième groupe de ransomware le plus répandu, tandis que RansomHub a conservé la première place.Pendant ce temps, les chercheurs ont identifié à la fois une campagne distribuant des logiciels malveillants REMCOS à la suite d'un problème de mise à jour CrowdStrike, et une série de nouvelles tactiques FakeUpdates, qui se sont de nouveau classées en premier sur la liste des logiciels malveillants pour juillet.[& # 8230;]

---

>Check Point\'s latest Threat Index has revealed RansomHub has remained the most prevalent Ransomware group. Meanwhile, researchers identified a Remcos Windows malware campaign exploiting a recent security software update Our last Global Threat Index for June 2024 revealed significant changes in ransomware rankings. Despite a significant drop in June, LockBit re-emerged last month to become the second most prevalent ransomware group, while RansomHub retained the top spot. Meanwhile, researchers identified both a campaign distributing Remcos malware following a CrowdStrike update issue, and a series of new FakeUpdates tactics, which once again ranked first on the top malware list for July. […] ]]> 2024-08-12T13:00:00+00:00 https://blog.checkpoint.com/research/july-2024s-most-wanted-malware-remcos-and-ransomhub-run-rampant/ www.secnews.physaphae.fr/article.php?IdArticle=8556986 False Ransomware,Malware,Threat None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyber recherche pour la semaine du 12 août, veuillez télécharger notre bulletin de renseignement sur les menaces.Les principales attaques et violation des systèmes de données financières du Grand Palais qui accueillent des événements olympiques en France, ont été ciblés par un groupe de ransomware non divulgué.Dans le cadre de l'attaque, également les systèmes financiers d'environ 40 [& # 8230;]

---

>For the latest discoveries in cyber research for the week of 12th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Financial data systems of The Grand Palais which hosts Olympic events in France, were targeted by an undisclosed ransomware group. As part of the attack, also the financial systems of around 40 […] ]]> 2024-08-12T11:53:31+00:00 https://research.checkpoint.com/2024/12th-august-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8556327 False Ransomware,Threat None 2.0000000000000000 Sygnia - CyberSecurity Firm Apprenez ce que sont les rootkits, comment les acteurs de menace sophistiqués les exploitent pour prendre le contrôle total des ordinateurs et des systèmes, et comment protéger vos systèmes contre ce risque unique.

---

>Learn what Rootkits are, how sophisticated threat actors leverage them to gain full control of computers and systems, and how to protect your systems from this unique risk. ]]> 2024-08-12T11:50:51+00:00 https://www.sygnia.co/blog/rootkit-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8556350 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-12T10:35:06+00:00 https://community.riskiq.com/article/e60227f4 www.secnews.physaphae.fr/article.php?IdArticle=8556324 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Mobile,Industrial,Cloud APT 28 2.0000000000000000 Bleeping Computer - Magazine Américain AI SPERA announced today that its IP address intelligence engine, Criminal IP, can now be integrated with Maltego\'s unified user interface and is available on the Maltego\'s marketplace, [...]]]> 2024-08-12T10:02:04+00:00 https://www.bleepingcomputer.com/news/security/criminal-ip-and-maltego-join-forces-for-enhanced-cyber-threat-search/ www.secnews.physaphae.fr/article.php?IdArticle=8556412 False Threat None 2.0000000000000000 Sygnia - CyberSecurity Firm Les cyber-attaquants les plus dangereux ont quelque chose en commun: ils sont tenaces dans leur métier et ont obtenu leur détermination à trouver et à exploiter les faiblesses de sécurité.

---

>The most dangerous cyber attackers have something in common: they are tenacious at their craft and dogged in their determination to find and exploit security weaknesses. ]]> 2024-08-11T07:51:25+00:00 https://www.sygnia.co/guides-and-tools/incident-response-readiness/ www.secnews.physaphae.fr/article.php?IdArticle=8556351 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200 (CVSS score: 7.5), has been described as a spoofing flaw that affects the following versions of Office - Microsoft Office 2016 for 32-bit edition and 64-bit editions Microsoft]]> 2024-08-10T11:05:00+00:00 https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html www.secnews.physaphae.fr/article.php?IdArticle=8555097 False Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The American Hospital Association and the Health-ISAC issued a joint threat bulletin warning healthcare IT providers that their ransomware plans need to consider third-party risk.]]> 2024-08-10T01:59:25+00:00 https://www.darkreading.com/endpoint-security/healthcare-providers-must-plan-for-ransomware-attacks-on-third-party-suppliers www.secnews.physaphae.fr/article.php?IdArticle=8554657 False Ransomware,Threat,Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Darktrace a révélé dans un nouveau rapport que les logiciels malveillants en tant que service (MAAS) et les ransomwares en tant que service (RAAS) continuent de dominer le paysage des menaces, ...

---

>Darktrace disclosed in a new report that Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) continue to dominate the threat landscape,... ]]> 2024-08-10T00:29:59+00:00 https://industrialcyber.co/ransomware/darktrace-report-highlights-rising-dominance-of-maas-and-raas-in-escalating-cyber-threat-landscape/ www.secnews.physaphae.fr/article.php?IdArticle=8554986 False Threat None 3.0000000000000000 CrowdStrike - CTI Society Context In today’s rapidly evolving threat landscape, the need for dynamic security measures is critical. Due to Windows\'s current architecture and design, security products running in the platform, particularly those involved in endpoint protection, require kernel access to provide the highest level of visibility, enforcement and tamper-resistance, while meeting the strict performance envelopes demanded by […]]]> 2024-08-09T18:26:17+00:00 https://www.crowdstrike.com/blog/tech-analysis-kernel-access-security-architecture/ www.secnews.physaphae.fr/article.php?IdArticle=8558722 False Threat,Legislation None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-09T18:08:23+00:00 https://community.riskiq.com/article/1dbf4daf www.secnews.physaphae.fr/article.php?IdArticle=8554841 True Malware,Tool,Threat None 3.0000000000000000 TechRepublic - Security News US Read more about a China-aligned cyberespionage threat actor dubbed StormBamboo, also known as Evasive Panda, which compromised an Internet Service Provider and infected targets with malware.]]> 2024-08-09T13:42:14+00:00 https://www.techrepublic.com/article/stormbamboo-compromises-isp-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8554711 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive data. The agency said it has seen adversaries "acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature." It also]]> 2024-08-09T11:11:00+00:00 https://thehackernews.com/2024/08/cisa-warns-of-hackers-exploiting-legacy.html www.secnews.physaphae.fr/article.php?IdArticle=8554513 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine ReliaQuest found that Rclone, WinSCP and cURL were the top three data exfiltration tools utilized by threat actors over the past year]]> 2024-08-09T09:00:00+00:00 https://www.infosecurity-magazine.com/news/rclone-winscp-curl-top-data/ www.secnews.physaphae.fr/article.php?IdArticle=8554586 False Tool,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-09T00:21:24+00:00 https://community.riskiq.com/article/9625c1a0 www.secnews.physaphae.fr/article.php?IdArticle=8554412 False Malware,Tool,Vulnerability,Threat,Industrial,Technical None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. In this blog entry, we examine the threat actor\'s latest tools, tactics, and procedures.]]> 2024-08-09T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/h/earth-baku-latest-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8554460 False Tool,Threat APT 41 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-08T21:39:33+00:00 https://community.riskiq.com/article/c3a30f3b www.secnews.physaphae.fr/article.php?IdArticle=8554339 False Spam,Malware,Tool,Vulnerability,Threat,Legislation None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-08T21:01:15+00:00 https://community.riskiq.com/article/c437b517 www.secnews.physaphae.fr/article.php?IdArticle=8554313 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it observed an operation security (OPSEC) error made by the hackers. Kimsuky, also known by the names APT43, ARCHIPELAGO,]]> 2024-08-08T21:01:00+00:00 https://thehackernews.com/2024/08/university-professors-targeted-by-north.html www.secnews.physaphae.fr/article.php?IdArticle=8554152 False Threat APT 43 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-08T20:19:59+00:00 https://community.riskiq.com/article/09d168fd www.secnews.physaphae.fr/article.php?IdArticle=8554314 False Ransomware,Malware,Tool,Threat,Technical None 3.0000000000000000 Dark Reading - Informationweek Branch At Black Hat USA, security researcher Michael Bargury released a "LOLCopilot" ethical hacking module to demonstrate how attackers can exploit Microsoft Copilot - and offered advice for defensive tooling.]]> 2024-08-08T18:29:55+00:00 https://www.darkreading.com/application-security/how-to-weaponize-microsoft-copilot-for-cyberattackers www.secnews.physaphae.fr/article.php?IdArticle=8554243 False Threat None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Figure 1: Initial alarm with username and URL visited In this case, the alarm shows that an email was sent with the subject line “[External] Document ready, Review and Sign Today Thursday-March-2024 19:20 PM.” This is a common format attackers use in phishing emails use to trick users into thinking there is a legitimate document that needs to be signed. The screenshot shows the full URL contained in the email. When the analyst submitted the first domain in the URL (\'www.samsonstonesc[.]com\') through OSINT sites, it returned a clean reputation, which would indicate that this is a verified website; however, deeper in this link is \'ahmetorak[.]com,\' and when this domain was submitted to various OSINT sites, it returned a malicious reputation. Expanded Investigation Events Search Once the URL was identified as suspicious, the analyst performed the following: Deep link analysis: They investigated where the link led to as well as the reputation of each redirect or proxy domain involved Sandbox analysis: They copied the URL into a secure, isolated environment so its behavior could be observed without risk. Verify page authenticity: They checked for discrepancies in the fake page’s content and reviewed SSL certificates, and domain registration details against the expected values. The analyst observed that the URL was redirected to a CAPTCHA screen, which once completed directed the analyst to a website masquerading as a Microsoft login page being used for a credential harvester. The below screenshot of this login page provides clear indicators that it is not a legitimate Microsoft login page and is in fact a credential harvester: The URL at the top of the page does not match that of an actual Microsoft page. Scrolling over “Forgot My Password” shows a link leading back to the fraudulent page. Figure 2: Fake Microsoft login screen of the credential harvester These websites are often hosted on an attacker’s server as a proxy. Once the user inputs their credentials, the attacker will receive this data and forward the user to a legitimate page. This makes it even mo]]> 2024-08-08T18:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/stories-from-the-soc-sowing-the-seeds-of-cybercrime-the-credential-harvester www.secnews.physaphae.fr/article.php?IdArticle=8554209 False Threat None 2.0000000000000000 HackRead - Chercher Cyber Black Hat USA 2024: Critical RISC-V CPU vulnerability discovered. Dubbed GhostWrite; attackers can exploit this flaw to steal…]]> 2024-08-08T17:37:13+00:00 https://hackread.com/black-hat-usa-2024-chip-flaw-ghostwrite-data-cpu-memory/ www.secnews.physaphae.fr/article.php?IdArticle=8554213 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais opinion

---

The Growing Threat of OTP-Stealing Malware: Insights from Zimperium\'s zLabs By: Nico Chiaraviglio, Chief Scientist - Zimperium - Opinion]]> 2024-08-08T17:31:32+00:00 https://www.globalsecuritymag.fr/the-growing-threat-of-otp-stealing-malware-insights-from-zimperium-s-zlabs.html www.secnews.physaphae.fr/article.php?IdArticle=8554217 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers can use a seemingly innocuous IP address to exploit localhost APIs to conduct a range of malicious activity, including unauthorized access to user data and the delivery of malware.]]> 2024-08-08T17:24:08+00:00 https://www.darkreading.com/cyberattacks-data-breaches/0000-day-flaw-puts-chrome-firefox-mozilla-browsers-at-rce-risk www.secnews.physaphae.fr/article.php?IdArticle=8554212 False Malware,Threat None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

SentinelOne delivers leading cyber threat protection for SMBs New programme provides access to advanced AI-security platform, expert insights and guidance to help small and medium-sized businesses get and stay secure - Business News]]> 2024-08-08T17:08:12+00:00 https://www.globalsecuritymag.fr/sentinelone-has-launched-a-new-programme.html www.secnews.physaphae.fr/article.php?IdArticle=8554184 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-08T16:45:24+00:00 https://community.riskiq.com/article/70c2058a www.secnews.physaphae.fr/article.php?IdArticle=8554208 False Ransomware,Malware,Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed to steal sensitive information. "The attackers chose a group of the best-known websites in computing to craft the threat, including Google and WhatsApp to host the attack elements,]]> 2024-08-08T15:11:00+00:00 https://thehackernews.com/2024/08/new-phishing-scam-uses-google-drawings.html www.secnews.physaphae.fr/article.php?IdArticle=8554017 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers. [...]]]> 2024-08-08T15:01:30+00:00 https://www.bleepingcomputer.com/news/security/exploit-released-for-cisco-ssm-bug-allowing-admin-password-changes/ www.secnews.physaphae.fr/article.php?IdArticle=8554239 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Researchers at Aqua Security discovered the "Shadow Resource" attack vector and the "Bucket Monopoly" problem, where threat actors can guess the name of S3 buckets based on their public account IDs.]]> 2024-08-08T12:00:00+00:00 https://www.darkreading.com/remote-workforce/critical-aws-vulnerabilities-allow-s3-attack-bonanza www.secnews.physaphae.fr/article.php?IdArticle=8554041 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Marchés]]> 2024-08-08T07:55:31+00:00 https://www.globalsecuritymag.fr/rubrik-s-associe-a-mandiant-pour-renforcer-la-cyber-resilience-et-accelerer-la.html www.secnews.physaphae.fr/article.php?IdArticle=8553933 False Threat,Cloud None 2.0000000000000000 The Register - Site journalistique Anglais Why run your own evil infrastructure when Big Tech offers robust tools hosted at trusted URLs? Black Hat  State-sponsored cyber spies and criminals are increasingly using legitimate cloud services to attack their victims, according to Symantec\'s threat hunters who have spotted three such operations over recent months, plus new data theft and other malware tools in development by these goons.…]]> 2024-08-08T01:58:13+00:00 https://go.theregister.com/feed/www.theregister.com/2024/08/08/microsoft_google_cloud_storage_malware/ www.secnews.physaphae.fr/article.php?IdArticle=8553773 False Malware,Tool,Threat,Cloud None 2.0000000000000000 HackRead - Chercher Cyber Learn how a smart contract vulnerability led to the theft of $1.8 million from Nexera, a DeFi protocol.…]]> 2024-08-07T21:26:22+00:00 https://hackread.com/nexera-defi-protocol-hacked-smart-contract-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8553672 False Vulnerability,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-07T21:08:47+00:00 https://community.riskiq.com/article/e7fcb5fc www.secnews.physaphae.fr/article.php?IdArticle=8553669 False Ransomware,Spam,Malware,Tool,Threat None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le directeur de la CISA appelle la panne liée à la crowdsstrike une «répétition générale» pour ce que la Chine a peut-être prévu pour les infrastructures critiques américaines.

---

>CISA director calls CrowdStrike-linked outage a “dress rehearsal” for what China may have planned for U.S. critical infrastructure. ]]> 2024-08-07T20:05:47+00:00 https://cyberscoop.com/easterly-crowdstrike-china-volt-typhoon/ www.secnews.physaphae.fr/article.php?IdArticle=8553601 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Product Reviews

---

Cayosoft Releases Microsoft Threat Detection for Recently Discovered VMware ESXi Authentication Bypass Vulnerability Active Directory security provider updates threat detection to include automatic detection and rollback for actively exploited VMware vulnerability - Product Reviews]]> 2024-08-07T19:48:26+00:00 https://www.globalsecuritymag.fr/cayosoft-releases-microsoft-threat-detection-for-recently-discovered-vmware.html www.secnews.physaphae.fr/article.php?IdArticle=8553605 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais opinion

---

Many organizations around the world operate with reduced staffing over the summer. This creates unique opportunities for threat actors to strike out and exploit vulnerabilities. Minimizing the chance of a successful attack involves ensuring your organization is well-prepared by making sure you\'re following this checklist. 1. Importance of Proactive Cybersecurity Measures To understand why safeguarding your organization over the summer is so crucial, let\'s take a look at some of the (...) - Opinion]]> 2024-08-07T19:40:26+00:00 https://www.globalsecuritymag.fr/staying-ahead-of-adversaries-with-the-ciso-checklist.html www.secnews.physaphae.fr/article.php?IdArticle=8553608 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a novel Linux kernel exploitation technique dubbed SLUBStick that could be exploited to elevate a limited heap vulnerability to an arbitrary memory read-and-write primitive. "Initially, it exploits a timing side-channel of the allocator to perform a cross-cache attack reliably," a group of academics from the Graz University of Technology said [PDF]. "]]> 2024-08-07T19:40:00+00:00 https://thehackernews.com/2024/08/new-linux-kernel-exploit-technique.html www.secnews.physaphae.fr/article.php?IdArticle=8553460 False Vulnerability,Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot Res]]> 2024-08-07T18:20:19+00:00 https://community.riskiq.com/article/cbed9166 www.secnews.physaphae.fr/article.php?IdArticle=8553600 False Malware,Vulnerability,Threat,Industrial None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-07T17:00:44+00:00 https://community.riskiq.com/article/558135ed www.secnews.physaphae.fr/article.php?IdArticle=8553547 False Malware,Tool,Threat,Prediction,Cloud None 3.0000000000000000 Team Cymru - Equipe de Threat Intelligence Firstly, we extend our thanks to Chris Fearnley and Gi7w0rm, two threat researchers who assisted us behind the scenes with our...]]> 2024-08-07T17:00:09+00:00 https://www.team-cymru.com/post/botnet-7777-are-you-betting-on-a-compromised-router www.secnews.physaphae.fr/article.php?IdArticle=8553521 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial La société critique de protection contre les infrastructures (CIP) La société de solutions de cybersécurité Opswat a annoncé son acquisition d'enquête, un fournisseur de solutions de cybersécurité connue ...

---

>Critical infrastructure protection (CIP) cybersecurity solutions company OPSWAT announced its acquisition of InQuest, a cybersecurity solutions provider known... ]]> 2024-08-07T15:22:18+00:00 https://industrialcyber.co/news/opswat-acquires-inquest-boosts-federal-go-to-market-strategy-network-detection-and-threat-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=8553490 False Threat None 3.0000000000000000 LogPoint - Blog Secu Il ne fait aucun doute que Microsoft 365 est largement utilisé par les entreprises de toutes tailles. Cette puissante suite d'outils de productivité donne des moyens d'action élaborés aux équipes de sécurité des entreprises disposant d'un grand nombre de systèmes endpoint, d'utilisateurs et surtout de données. L'intégration de Logpoint avec l'API Microsoft Graph aide les [...] ]]> 2024-08-07T14:02:57+00:00 https://www.logpoint.com/fr/blog/detection-et-surveillance-des-menaces-avec-microsoft-365/ www.secnews.physaphae.fr/article.php?IdArticle=8568573 False Threat None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-08-07T13:49:42+00:00 https://community.riskiq.com/article/7514ee17 www.secnews.physaphae.fr/article.php?IdArticle=8553454 False Malware,Tool,Threat None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Claroty, une société de protection des systèmes cyber-physiques (CPS), a annoncé mardi un accord de collaboration stratégique pluriannuelle (SCA) avec Amazon ...

---

>Claroty, a cyber-physical systems (CPS) protection company, announced on Tuesday a multi-year strategic collaboration agreement (SCA) with Amazon... ]]> 2024-08-07T12:28:40+00:00 https://industrialcyber.co/news/claroty-aws-join-to-improve-asset-visibility-exposure-management-threat-detection-for-cyber-physical-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8553395 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have lifted the lid on a new technique adopted by threat actors behind the Chameleon Android banking trojan targeting users in Canada by masquerading as a Customer Relationship Management (CRM) app. "Chameleon was seen masquerading as a CRM app, targeting a Canadian restaurant chain operating internationally," Dutch security outfit ThreatFabric said in a technical]]> 2024-08-07T11:55:00+00:00 https://thehackernews.com/2024/08/chameleon-android-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8553253 False Threat,Mobile,Technical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot Researchers at Aqua Nautilus identified a DDoS campaign named "Panamorfi" targeting Jupyter notebooks. The]]> 2024-08-07T11:29:59+00:00 https://community.riskiq.com/article/fe2bc706 www.secnews.physaphae.fr/article.php?IdArticle=8553393 False Tool,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-08-07T09:17:28+00:00 https://www.darkreading.com/threat-intelligence/cybersecurity-industry-leaders-launch-the-cyber-threat-intelligence-capability-maturity-model www.secnews.physaphae.fr/article.php?IdArticle=8553959 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms 2024-08-07T07:16:45+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/generative-ai-risks-to-know www.secnews.physaphae.fr/article.php?IdArticle=8553455 False Tool,Threat,Prediction,Technical None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot Elastic Security Labs identified a Windows backdoor called BITSLOTH, which uses the Background Intelligent Transfer Service (BITS) for command-and-control communication. ## Description This backdoor was uncovered during an intrusion in the LATA]]> 2024-08-06T21:47:56+00:00 https://community.riskiq.com/article/a05ba23d www.secnews.physaphae.fr/article.php?IdArticle=8553025 False Malware,Tool,Threat None 3.0000000000000000