This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-18T22:32:28+00:00 www.secnews.physaphae.fr Kovrr - cyber risk management platform 2023-11-28T00:00:00+00:00 https://www.kovrr.com/reports/investigating-the-risk-of-compromised-credentials-and-internet-exposed-assets www.secnews.physaphae.fr/article.php?IdArticle=8417472 False Ransomware,Threat,Studies,Prediction,Cloud APT 17,APT 39,APT 39 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Darktrace helps security operations centre (SOC) teams become more efficient by drastically cutting down the time needed to investigate incidents.]]> 2023-10-26T13:08:32+00:00 https://darktrace.com/blog/expediting-the-investigation-of-widespread-trojan-infections-with-darktrace www.secnews.physaphae.fr/article.php?IdArticle=8400834 False None APT 39 2.0000000000000000 Dark Reading - Informationweek Branch 2022-09-09T16:48:02+00:00 https://www.darkreading.com/vulnerabilities-threats/us-sanctions-iran-apt-cyberattack-activity www.secnews.physaphae.fr/article.php?IdArticle=6807446 False Prediction APT 39 None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Russian Cyberattacks Pose Greater Risk to Governments and Other Insights from Our Annual Report (published: October 7, 2021) Approximately 58% of all nation-state attacks observed by Microsoft between July 2020 and June 2021 have been attributed to the Russian-sponsored threat groups, specifically to Cozy Bear (APT29, Nobelium) associated with the Russian Foreign Intelligence Service (SVR). The United States, Ukraine, and the UK were the top three targeted by them. Russian Advanced Persistent Threat (APT) actors increased their effectiveness from a 21% successful compromise rate to a 32% rate comparing year to year. They achieve it by starting an attack with supply-chain compromise, utilizing effective tools such as web shells, and increasing their skills with the cloud environment targeting. Russian APTs are increasingly targeting government agencies for intelligence gathering, which jumped from 3% of their targets a year ago to 53% – largely agencies involved in foreign policy, national security, or defense. Following Russia by the number of APT cyberattacks were North Korea (23%), Iran (11%), and China (8%). Analyst Comment: As the collection of intrusions for potential disruption operations via critical infrastructure attacks became too risky for Russia, it refocused back to gaining access to and harvesting intelligence. The scale and growing effectiveness of the cyberespionage requires a defence-in-depth approach and tools such as Anomali Match that provide real-time forensics capability to identify potential breaches and known actor attributions. MITRE ATT&CK: [MITRE ATT&CK] Supply Chain Compromise - T1195 | [MITRE ATT&CK] Server Software Component - T1505 | [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] Brute Force - T1110 Tags: Fancy Bear, APT28, APT29, The Dukes, Strontium, Nobelium, Energetic Bear, Cozy Bear, Government, APT, Russia, SVR, China, North Korea, USA, UK, Ukraine, Iran Ransomware in the CIS (published: October 7, 2021) Many prominent ransomware groups have members located in Russia and the Commonwealth of Independent States (CIS) - and they avoid targeting this region. Still, businesses in the CIS are under the risk of being targeted by dozens of lesser-known ransomware groups. Researchers from Kaspersky Labs have published a report detailing nine business-oriented ransomware trojans that were most active in the CIS in the first half of 2021. These ransomware families are BigBobRoss (TheDMR), Cryakl (CryLock), CryptConsole, Crysis (Dharma), Fonix (XINOF), Limbozar (VoidCrypt), Phobos (Eking), Thanos (Hakbit), and XMRLocker. The oldest, Cryakl, has been around since April 2014, and the newest, XMRLocker, was first detected in August 2020. Most of them were mainly distributed via the cracking of Remote Deskto]]> 2021-10-12T17:41:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-aerospace-and-telecoms-targeted-by-iranian-malkamak-group-cozy-bear-refocuses-on-cyberespionage-wicked-panda-is-traced-by-malleable-c2-profiles-and-more www.secnews.physaphae.fr/article.php?IdArticle=3505382 False Ransomware,Malware,Tool,Threat,Guideline,Prediction APT 29,APT 29,APT 39,APT 28,APT 41,APT 41 None Security Through Education - Security Through Education 2021-05-10T06:00:29+00:00 https://www.social-engineer.org/podcast/ep-145-baking-a-human-behavior-cake-with-jack-schafer/?utm_source=rss&utm_medium=rss&utm_campaign=ep-145-baking-a-human-behavior-cake-with-jack-schafer www.secnews.physaphae.fr/article.php?IdArticle=2759817 False Prediction APT 39 None ZD Net - Magazine Info 2020-09-17T23:41:21+00:00 https://www.zdnet.com/article/us-sanctions-iranian-government-front-company-hiding-major-hacking-operations/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1923902 False Prediction APT 39 None Dark Reading - Informationweek Branch 2020-09-17T17:10:00+00:00 https://www.darkreading.com/vulnerabilities---threats/iranian-hackers-indicted-for-stealing-aerospace-and-satellite-tracking-data/d/d-id/1338950?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1923785 False Malware,Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2020-07-24T13:00:18+00:00 https://blog.checkpoint.com/2020/07/24/check-point-cloudguard-connect-protects-microsoft-azure-branch-office-internet-connections-from-cyber-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1823010 False Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2020-07-17T10:00:58+00:00 https://blog.checkpoint.com/2020/07/17/check-point-iot-protect-uses-automation-and-threat-intelligence-to-prevent-the-most-advanced-iot-cyber-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1809424 False Threat,Prediction APT 39 None Security Affairs - Blog Secu 2020-05-21T11:49:49+00:00 https://securityaffairs.co/wordpress/103556/apt/chafer-apt-kuwait-saudi-arabia.html?utm_source=rss&utm_medium=rss&utm_campaign=chafer-apt-kuwait-saudi-arabia www.secnews.physaphae.fr/article.php?IdArticle=1722957 False Prediction APT 39 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2020-05-21T01:11:42+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/2m27rfRz1GU/iran-hackers-kuwait.html www.secnews.physaphae.fr/article.php?IdArticle=1722583 False Threat,Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2020-05-20T13:00:40+00:00 https://blog.checkpoint.com/2020/05/20/check-point-and-citrix-securing-the-sd-wan-edge-with-multi-layered-security/ www.secnews.physaphae.fr/article.php?IdArticle=1720622 False Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2019-12-06T13:00:09+00:00 https://blog.checkpoint.com/2019/12/06/protect-your-network-edge-with-vmware-sd-wan-and-check-point-security/ www.secnews.physaphae.fr/article.php?IdArticle=1493486 False Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2019-11-05T19:13:49+00:00 https://blog.checkpoint.com/2019/11/05/check-point-protects-branch-office-microsoft-azure-internet-connections-and-saas-applications-from-cyber-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1447715 False Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2019-10-01T15:00:44+00:00 https://blog.checkpoint.com/2019/10/01/check-point-and-vmware-partner-to-secure-branch-office-sd-wan-connections-to-the-cloud/ www.secnews.physaphae.fr/article.php?IdArticle=1373689 False Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2019-09-05T13:00:43+00:00 https://blog.checkpoint.com/2019/09/05/transforming-branch-security-with-top-rated-threat-prevention-cloud-services-integrated-with-vmware-and-silver-peak-sd-wan/ www.secnews.physaphae.fr/article.php?IdArticle=1324402 True Prediction APT 39 None Checkpoint - Fabricant Materiel Securite 2019-09-05T13:00:04+00:00 https://blog.checkpoint.com/2019/09/05/transforming-branch-security-with-top-rated-threat-prevention-cloud-services-integrated-with-vmware-and-silver-peak-sd-wan/ www.secnews.physaphae.fr/article.php?IdArticle=1307543 False Threat,Prediction APT 39 None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC A Beginner's Guide to Test Automation | Sticky Minds All roads lead to exploratory testing When I’m faced with something to test – be it a feature in a software application or a collection of features in a release, my general preference is weighted strongly towards exploratory testing. When someone who doesn’t know a great deal about testing wants me or my team to do testing for them, I would love to educate them on why exploratory testing could be a strong part of the test strategy. All roads lead to exploratory testing | Womentesters While on the topic of testing Testing Behaviours — Writing A Good Gherkin Script | Medium, Jo Mahadevan Single-page, server-side, static… say what? An emoji-filled learning journey about the trade-offs of different website architectures, complete with gifs, diagrams, and demo apps. If you’ve been hanging around the internet, trying to build websites and apps, you may have heard some words in conversation like static site or server-side rendered (SSR) or single-page app (SPA). But what do all of these words mean? How does each type of application architecture differ? What are the tradeoffs of each approach and which one should you use when building your website? Single-Page, Server-Side, Static… say what? | Marie Chatfield If, like me you enjoyed this post by Marie, check out some of her other posts which are great. Quick plug to Protocol-andia: Welcome to the Networking Neighborhood. A whimsical introduction to how computers talk to each other, and what exactly your requests are up to. Strengthen your security posture: start with a cybersecurity framework The 2017 Equifax data breach is expected to break all previous records for data breach costs, with Larry Ponemon, chairman of the Ponemon Institute, estimating the final cost to be more than $600 million. Even non-enterprise-level organizations suffer severe consequences for data breaches. According to the National Cyber Security Alliance, mid-market companies pay more than $1 million in post-attack mitigation, and the average cost of a data breach to an SMB is $117,000 per incident. While estimates vary, approximately 60% of businesses who suffer a breach are forced to shut down business within 6 months. It is mor]]> 2019-04-12T13:00:00+00:00 https://feeds.feedblitz.com/~/600760182/0/alienvault-blogs~Things-I-hearted-this-week-th-April www.secnews.physaphae.fr/article.php?IdArticle=1093204 False Guideline,Prediction APT 39,Equifax None Checkpoint - Fabricant Materiel Securite 2019-04-11T13:00:03+00:00 http://blog.checkpoint.com/2019/04/11/protect-your-business-by-managing-network-security-from-the-palm-of-your-hand/ www.secnews.physaphae.fr/article.php?IdArticle=1094014 False Data Breach,Prediction APT 39 None Security Affairs - Blog Secu 2019-03-05T21:23:03+00:00 https://securityaffairs.co/wordpress/82004/breaking-news/chafer-apt-python-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=1055754 False Malware,Prediction APT 39 None SecurityWeek - Security News 2019-03-05T15:30:05+00:00 https://www.securityweek.com/iran-linked-hackers-use-python-based-backdoor-recent-attacks www.secnews.physaphae.fr/article.php?IdArticle=1055433 False Threat,Prediction APT 39 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2019-02-01T19:35:02+00:00 https://threatpost.com/chafer-iran-apt-malware/141420/ www.secnews.physaphae.fr/article.php?IdArticle=1019750 False Malware APT 39 None Security Affairs - Blog Secu 2019-01-30T08:58:00+00:00 https://securityaffairs.co/wordpress/80450/apt/iran-apt39-cyberespionage.html www.secnews.physaphae.fr/article.php?IdArticle=1014677 False Prediction APT 39 None Mandiant - Blog Sécu de Mandiant opérations d'influence , perturbateurs

---

UPDATE (Jan. 30): Figure 1 has been updated to more accurately reflect APT39 targeting. Specifically, Australia, Norway and South Korea have been removed. In December 2018, FireEye identified APT39 as an Iranian cyber espionage group responsible for widespread theft of personal information. We have tracked activity linked to this group since November 2014 in order to protect organizations from APT39 activity to date. APT39\'s focus on the widespread theft of personal information sets it apart from other Iranian groups FireEye tracks, which have been linked to influence operations, disruptive]]> 2019-01-29T11:00:00+00:00 https://www.mandiant.com/resources/blog/apt39-iranian-cyber-espionage-group-focused-on-personal-information www.secnews.physaphae.fr/article.php?IdArticle=8377713 False None APT 39,APT 39,APT33,APT 33 4.0000000000000000 Data Security Breach - Site de news Francais Chafer : un groupe de cyber attaquants basé en Iran est apparu en premier sur Data Security Breach. ]]> 2018-03-08T21:11:01+00:00 https://www.datasecuritybreach.fr/chafer-pirate-iran/ www.secnews.physaphae.fr/article.php?IdArticle=501522 False Prediction APT 39 None SecurityWeek - Security News 2018-03-01T19:06:00+00:00 http://feedproxy.google.com/~r/Securityweek/~3/w2BE-2JMstA/iran-linked-chafer-group-expands-toolset-targets-list www.secnews.physaphae.fr/article.php?IdArticle=494010 False Prediction APT 39 None The Security Ledger - Blog Sécurité Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/529622610/0/thesecurityledger -->»]]> 2018-03-01T15:32:02+00:00 https://feeds.feedblitz.com/~/529622610/0/thesecurityledger~Iran-Taps-Chafer-APT-Group-amid-Civil-Aviation-Crisis/ www.secnews.physaphae.fr/article.php?IdArticle=494091 False Prediction APT 39 None