This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-12T16:32:12+00:00 www.secnews.physaphae.fr The State of Security - Magazine Américain At the turn of the millennium, few people were worried about cybercrime. The Good Friday Agreement had just come into effect, the US expelled a Russian diplomat for spying, and the threat of the Y2K bug loomed. ILOVEYOU , the computer worm that catapulted cybercrime into the public consciousness, was still five months away. Today, things couldn\'t be more different. In 2001, six people fell victim to cybercrime an hour. By 2022, that number had risen to 97, an increase of 1517% . At that time, the SolarWinds, Colonial Pipeline, and WannaCry attacks established cybercrime as a potentially...]]> 2024-01-03T02:50:11+00:00 https://www.tripwire.com/state-of-security/cybercrime-only-going-get-worse www.secnews.physaphae.fr/article.php?IdArticle=8433517 False Threat,Threat Wannacry 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Richard’s Almanack in 1768, it was preceded by the cautionary words: “a little neglect may breed great mischief”. This simple proverb and added comment serve as emblematic examples of how seemingly inconsequential missteps or neglect can lead to sweeping, irreversible, catastrophic losses. The cascade of events resonates strongly within the increasingly complex domain of cybersecurity, in which the omission of even the most elementary precaution can result in a spiraling series of calamities. Indeed, the realm of cybersecurity is replete with elements that bear striking resemblance to the nail, shoe, horse, and rider in this proverb. Consider, for example, the ubiquitous and elementary software patch that may be considered the proverbial digital "nail." In isolation, this patch might seem trivial, but its role becomes crucial when viewed within the broader network of security measures. The 2017 WannaCry ransomware attack demonstrates the significance of such patches; an unpatched vulnerability in Microsoft Windows allowed the malware to infiltrate hundreds of thousands of computers across the globe. It wasn\'t just a single machine that was compromised due to this overlooked \'nail,\' but entire networks, echoing how a lost shoe leads to a lost horse in the proverb. This analogy further extends to the human elements of cybersecurity. Personnel tasked with maintaining an organization\'s cyber hygiene play the role of the "rider" in our metaphorical tale. However, the rider is only as effective as the horse they ride; likewise, even the most skilled IT professional cannot secure a network if the basic building blocks—the patches, firewalls, and antivirus software—resemble missing nails and shoes. Numerous reports and studies have indicated that human error constitutes one of the most common causes of data breaches, often acting as the \'rider\' who loses the \'battle\'. Once the \'battle\' of securing a particular network or system is lost, the ramifications can extend much further, jeopardizing the broader \'kingdom\' of an entire organization or, in more extreme cases, critical national infrastructure. One glaring example that serves as a cautionary tale is the Equifax data breach of 2017, wherein a failure to address a known vulnerability resulted in the personal data of 147 million Americans being compromised. Much like how the absence of a single rider can tip the scales of an entire battle, this singular oversight led to repercussions that went far beyond just the digital boundaries of Equifax, affecting millions of individuals and shaking trust in the security of financial systems. ]]> 2023-11-28T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/for-want-of-a-cyber-nail-the-kingdom-fell www.secnews.physaphae.fr/article.php?IdArticle=8417468 False Ransomware,Data Breach,Malware,Vulnerability Wannacry,Wannacry,Equifax,Equifax 2.0000000000000000 DarkTrace - DarkTrace: AI bases detection This article discusses some of the most common infection vectors and how the Darktrace Enterprise Immune System can assist security teams in catching ransomware threats.]]> 2023-10-26T13:08:32+00:00 https://darktrace.com/blog/ransomware-one-year-after-wannacry-attack-vectors-still-commonly-exploited-by-attackers www.secnews.physaphae.fr/article.php?IdArticle=8400835 False Ransomware Wannacry 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC NotPetya malware was concealed in a software update for a widely-used tax program in Ukraine. Though primarily affecting IT networks, the malware caused shutdowns in industrial operations, illustrating how a corrupted element in the supply chain can have far-reaching effects on both IT and OT systems. These real-world incidents emphasize the multifaceted nature of cybersecurity risks within interconnected ICS/OT systems. They serve as a prelude to a deeper exploration of specific challenges and vulnerabilities, including: Malware attacks on ICS/OT: Specific targeting of components can disrupt operations and cause physical damage. Third-party vulnerabilities: Integration of third-party systems within the supply chain can create exploitable weak points. Data integrity issues: Unauthorized data manipulation within ICS/OT systems can lead to faulty decision-making. Access control challenges: Proper identity and access management within complex environments are crucial. Compliance with best practices: Adherence to guidelines such as NIST\'s best practices is essential for resilience. Rising threats in manufacturing: Unique challenges include intellectual property theft and process disruptions. Traditional defenses are proving inadequate, and a multifaceted strategy, including technologies like Content Disarm and Reconstruction (CDR), is required to safeguard these vital systems. Supply chain defense: The power of content disarm and reconstruction Content Disarm and Reconstruction (CDR) is a cutting-edge technology. It operates on a simple, yet powerful premise based on the Zero Trust principle: all files could be malicious. What does CDR do? In the complex cybersecurity landscape, CDR stands as a unique solution, transforming the way we approach file safety. Sanitizes and rebuilds files: By treating every file as potentially harmful, CDR ensures they are safe for use while mainta]]> 2023-08-29T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/battling-malware-in-the-industrial-supply-chain www.secnews.physaphae.fr/article.php?IdArticle=8376274 False Malware,Vulnerability,Threat,Industrial,Cloud NotPetya,Solardwinds,Wannacry 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Cisco Talos said what sets this operation apart is the novel approach to delivering ransom notes]]> 2023-08-08T15:00:00+00:00 https://www.infosecurity-magazine.com/news/vietnamese-ransomware-mimics/ www.secnews.physaphae.fr/article.php?IdArticle=8367308 False Ransomware Wannacry,Wannacry 2.0000000000000000 Recorded Future - FLux Recorded Future Les chercheurs ont découvert une campagne de phishing ciblant les joueurs russophones de Enrôlé, un tireur à la première personne multijoueur.Les pirates ont utilisé un faux site Web qui ressemble étroitement à la page Web officielle enrôlée pour distribuer des ransomwares, selon un rapport publié cette semaine par la société de cybersécurité Cyble.Alors que les chercheurs n'ont pas attribué cette attaque à un groupe particulier, ils croient que

---

Researchers have uncovered a phishing campaign targeting Russian-speaking players of Enlisted, a multiplayer first-person shooter. The hackers used a fake website that closely resembles the official Enlisted webpage to distribute ransomware, according to a report published this week by cybersecurity firm Cyble. While researchers haven\'t attributed this attack to any particular group, they believe that]]> 2023-06-15T18:10:00+00:00 https://therecord.media/hackers-infect-russian-gamers-with-wannacry www.secnews.physaphae.fr/article.php?IdArticle=8345847 False Ransomware Wannacry,Wannacry 2.0000000000000000 Zataz - Magazine Francais de secu 2023-05-23T15:09:13+00:00 https://www.zataz.com/wannacry-lhistoire-de-lune-des-cyberattaques-les-plus-spectaculaires/ www.secnews.physaphae.fr/article.php?IdArticle=8338774 False None Wannacry,Wannacry 2.0000000000000000 Global Security Mag - Site de news francais malware / / ransomware , cybersecurite_home_droite

---

Der 12. Mai kennzeichnet nicht nur den internationalen „Anti-Ransomware-Tag", sondern auch den sechsten Jahrestag der berüchtigten und verheerenden WannaCry-Angriffe. Auch heute noch stellt Ransomware eine ständige Bedrohung für Organisationen dar. Sie kann dazu führen, dass Geschäftsabläufe gestoppt werden, der Ruf eines Unternehmens geschädigt wird und reale Folgen entstehen. Öffentlichkeitswirksame Angriffe auf z.B. Krankenhäuser und Kommunen sind bei der Bevölkerung zumeist besser bekannt, doch Ransomware-Attacken stellen nach wie vor für alle Arten und Größen von Unternehmen eine äußerst ernstzunehmende Bedrohung dar. - Malware / Ransomware, cybersecurite_home_droite]]> 2023-05-15T13:32:45+00:00 https://www.globalsecuritymag.fr/Sechs-Jahre-nach-WannaCry-Warum-Ransomware-nach-wie-vor-ein-Problem-ist.html www.secnews.physaphae.fr/article.php?IdArticle=8336641 False Ransomware Wannacry 2.0000000000000000 Global Security Mag - Site de news francais opinion

---

“My Week with Wannacry” - Mikko Hyppönen, Chief Research Officer, WithSecure “The Wannacry malware epidemic of spring 2017 was unique in the field of information security. Quite by accident, I had promised to keep a diary of my working week for the computer culture magazine Skrolli. Wannacry struck that very week, adding a historic malware attack to an already hectic schedule. This was one of the biggest epidemics of all time. What follows is my diary for my week with Wannacry. - Opinion]]> 2023-05-09T12:04:35+00:00 https://www.globalsecuritymag.fr/My-Week-with-Wannacry.html www.secnews.physaphae.fr/article.php?IdArticle=8334754 False Malware Wannacry,Wannacry 2.0000000000000000 Recorded Future - FLux Recorded Future Le gouvernement britannique a publié mercredi sa nouvelle stratégie de cybersécurité pour le National Health Service, visant à rendre le secteur de la santé du pays \\ «durcie considérablement à la cyberattaque, au plus tard en 2030».La stratégie vient dans le sillage de la [Wannacry] (https://www.theguardian.com/technology/2017/jun/16/wannacry-ransomware-attack-linked-north-korea-lazarus-group) Ransomware Attack en 2017, parallèlement à une attaque criminelle contre le fournisseur de logiciels [Advanced] (https://www.bbc.co.uk/news/technology-62725363) l'année dernière,

---

The British government published on Wednesday its new cybersecurity strategy for the National Health Service, aiming to make the country\'s healthcare sector “significantly hardened to cyber attack, no later than 2030.” The strategy comes in the wake of the [WannaCry](https://www.theguardian.com/technology/2017/jun/16/wannacry-ransomware-attack-linked-north-korea-lazarus-group) ransomware attack in 2017, alongside a criminal attack on the software supplier [Advanced](https://www.bbc.co.uk/news/technology-62725363) last year,]]> 2023-03-22T12:30:00+00:00 https://therecord.media/uk-national-health-service-cyberattacks-strategy www.secnews.physaphae.fr/article.php?IdArticle=8320494 False Ransomware,General Information APT 38,Wannacry 2.0000000000000000 Dark Reading - Informationweek Branch 2023-02-28T18:55:00+00:00 https://www.darkreading.com/threat-intelligence/wannacry-hero-malware-creator-named-cybrary-fellow www.secnews.physaphae.fr/article.php?IdArticle=8314283 False Malware Wannacry,Wannacry 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Also, like EternalBlue, it’s wormable, meaning that a single exploit can trigger a chain reaction of self-replicating follow-on exploits on other vulnerable systems. The wormability of EternalBlue allowed WannaCry and several other attacks to spread across the world in a matter of minutes with no user interaction required...]]> 2022-12-22T12:01:37+00:00 https://www.schneier.com/blog/archives/2022/12/critical-microsoft-code-execution-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8293677 False Vulnerability Wannacry,Wannacry 3.0000000000000000 Security Intelligence - Site de news Américain WannaCry wasn’t a particularly complex or innovative ransomware attack. What made it unique, however, was its rapid spread. Using the EternalBlue exploit, malware could quickly move from device to device, leveraging a flaw in the Microsoft Windows Server Message Block (SMB) protocol.  As a result, when the WannaCry “ransomworm” hit networks in 2017, it expanded […] ]]> 2022-11-28T14:00:00+00:00 https://securityintelligence.com/how-wannacry-shapes-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8271768 False Ransomware,Malware Wannacry,Wannacry 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2022-11-22T12:43:51+00:00 https://www.globalsecuritymag.fr/Le-prochain-WannaCry-et-le-piratage-de-drones-quelles-menaces-persistantes.html www.secnews.physaphae.fr/article.php?IdArticle=8160554 False None Wannacry,Wannacry 3.0000000000000000 Global Security Mag - Site de news francais Opinion]]> 2022-11-14T14:20:28+00:00 https://www.globalsecuritymag.fr/The-next-WannaCry-and-drone-hacking-Security-Predictions-for-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8012294 False Threat Wannacry,Wannacry None Security Affairs - Blog Secu Reflecting on the Wannacry ransomware attack, which is the lesson learnt e why most organizations are still ignoring it. In the early afternoon of Friday 12 May 2017, the media broke the news of a global computer security attack carried out through a malicious code capable of encrypting data residing in information systems and demanding […] ]]> 2022-10-31T14:37:01+00:00 https://securityaffairs.co/wordpress/137894/cyber-crime/wannacry-hybrid-malware.html www.secnews.physaphae.fr/article.php?IdArticle=7754874 False Ransomware,Malware Wannacry,Wannacry 2.0000000000000000 RedCanary - Red Canary 2022-10-19T17:37:26+00:00 https://redcanary.com/blog/computer-worms/ www.secnews.physaphae.fr/article.php?IdArticle=7565610 False Ransomware NotPetya,Wannacry,Wannacry None Global Security Mag - Site de news francais Points de Vue]]> 2022-10-18T19:13:26+00:00 http://www.globalsecuritymag.fr/N-attendez-pas-qu-une-attaque-de,20221018,131282.html www.secnews.physaphae.fr/article.php?IdArticle=7545967 False Threat Wannacry,Wannacry None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC launch their own ransomware attacks. All they need is to sign up for a RaaS platform and pay a fee (usually a percentage of the ransom they collect). RaaS is a growing threat because it makes it easy for anyone to launch attacks. Cybercriminals can target any organization, no matter its size or resources. And, because RaaS platforms typically take care of all the technical details, ransomware attacks can be launched with little effort. In the past several years, there have been a number of high-profile ransomware attacks that have made headlines. In May 2017, the WannaCry ransomware attack affected more than 200,000 computers in 150 countries. The attack caused billions of dollars in damage and disrupted critical infrastructure, such as hospitals and banks. In December 2017, the NotPetya ransomware attack hit more than 10,000 organizations in over 60 countries. The attack caused billions of dollars in damage and disrupted critical infrastructure, such as hospitals and banks. Ransomware attacks have become more sophisticated and targeted. Cybercriminals are now using RaaS platforms to launch targeted attacks against specific organizations. These attacks are often called "spear phishing" attacks because they use carefully crafted emails to trick people into clicking on malicious links or opening attachments that install ransomware on their computers. Organizations of all sizes need to be aware of the threat of ransomware and take steps to protect themselves. This includes having a robust backup and recovery plan in place in case of an attack. Internet of Things The Internet of Things (IoT) is a network of physical devices, vehicles, home appliances, and other items that are embedded with electronics, software, sensors, and connectivity enabling these objects to connect and exchange data. The IoT is a growing market with more and more devices being connected to the internet every day. However, this also creates new security risks. Because IoT devices are often connected to the internet, they can be hacked and used to launch attacks. In October 2016, a massive Distributed Denial of Service (DDoS) attack was launched against the Dyn DNS service using a network of IoT devices that had been infected with the Mirai malware. The attack caused widespread internet disruptions and took down major websites, such as Twitter and Netflix. The IoT presents a unique challenge for security because there are so many different types of devices that can be connected to the internet. Each type of device has its own security risks and vulnerabilities. And, as the number of IoT devices continues to grow, so do the opportunities for cybercriminals to exploit them. Cloud security The cloud has become an essential part of business for many organizations. It offers a number of advantages, such as flexibility, scalability, and cost savings. However, the cloud also creates new security risks. One of the biggest security risks associated with the cloud is data breaches. Because data is stored remotely on servers, it is more vulnerable to attack. In addition, cloud service providers often have access to customer data, which creates another potential point of entry for hackers. Another security risk associated with the ]]> 2022-10-06T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/7-biggest-cybersecurity-threats-of-the-21st-century www.secnews.physaphae.fr/article.php?IdArticle=7317553 False Ransomware,Malware,Threat NotPetya,NotPetya,Wannacry,Wannacry None Dark Reading - Informationweek Branch 2022-09-21T17:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/don-t-wait-for-a-mobile-wannacry www.secnews.physaphae.fr/article.php?IdArticle=7041914 False None Wannacry,Wannacry None The State of Security - Magazine Américain It is hard to believe, but ransomware is more than three decades old.  While many would think that the ransomware mayhem started with the WannaCry attack of 2017, that is simply the most publicized example. Since then, dozens of ransomware strains have been utilized in a variety of cyberattacks. According to a PhishLabs report, by […]… Read More ]]> 2022-09-08T03:01:00+00:00 https://www.tripwire.com/state-of-security/controls/penetration-testing-prevent-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=6777617 False Ransomware Wannacry,Wannacry None CSO - CSO Daily Dashboard ransomware worm that spread rapidly through across a number of computer networks in May of 2017. After infecting a Windows computer, it encrypts files on the PC's hard drive, making them impossible for users to access, then demands a ransom payment in bitcoin in order to decrypt them.A number of factors made the initial spread of WannaCry particularly noteworthy: it struck a number of important and high-profile systems, including many in Britain's National Health Service; it exploited a Windows vulnerability that was suspected to have been first discovered by the United States National Security Agency; and it was tentatively linked by Symantec and other security researchers to the Lazarus Group, a cybercrime organization that may be connected to the North Korean government.To read this article in full, please click here]]> 2022-08-24T12:34:00+00:00 https://www.csoonline.com/article/3227906/wannacry-explained-a-perfect-ransomware-storm.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6506640 False Ransomware,Vulnerability,Medical APT 38,Wannacry,Wannacry None Dark Reading - Informationweek Branch 2022-07-13T18:44:03+00:00 https://www.darkreading.com/edge-threat-monitor/internet-searches-reveals-surprisingly-prevalent-ransomware www.secnews.physaphae.fr/article.php?IdArticle=5700081 False Ransomware Wannacry,Wannacry None Fortinet ThreatSignal - Harware Vendor 2022-07-07T08:14:35+00:00 https://fortiguard.fortinet.com/threat-signal-report/4663 www.secnews.physaphae.fr/article.php?IdArticle=5595940 False Ransomware,Threat,Patching,Medical APT 38,Wannacry,Wannacry None SANS Institute - SANS est un acteur de defense et formation 1] and about a week past the 5-year anniversary of NotPetya outbreak[2]. Since both WannaCry and NotPetya used the EternalBlue[3] exploit in order to spread, I thought that it might be interesting to take a look at how many internet-facing systems still remain vulnerable to it. ]]> 2022-07-05T08:37:42+00:00 https://isc.sans.edu/diary/rss/28816 www.secnews.physaphae.fr/article.php?IdArticle=5558696 False None NotPetya,NotPetya,Wannacry,Wannacry None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC AT&T Managed Extended Detection and Response customers. Executive summary Internal Reconnaissance, step one of the Cyber Kill Chain, is the process of collecting internal information about a target network to identify vulnerabilities that can potentially be exploited.  Threat actors use the information gained from this activity to decide the most effective way to compromise the target network. Vulnerable services can be exploited by threat actors and potentially lead to a network breach. A network breach puts the company in the hands of cybercriminals. This can lead to ransomware attacks costing the company millions of dollars to remediate along with a tarnished public image.  The Managed Extended Detection and Response (MXDR) analyst team received two alarms regarding an asset performing network scans within a customer's environment. Further investigation into these alarms revealed that the source asset was able to scan 60 unique IPs within the environment and successfully detected numerous open ports with known vulnerabilities. Investigation Initial alarm review Indicators of Compromise (IOC) The initial alarm that prompted this investigation was a Darktrace Cyber Intelligence Platform event that was ingested by USM Anywhere. The priority level associated with this alarm was High, one level below the maximum priority of Critical.  Network scanning is often one of the first steps a threat actor takes when attempting to compromise a network, so it is a red flag any time an unknown device is scanning the network without permission. From here, the SOC went deeper into associated events to see what activity was taking place in the customer’s environment. The image shown below is the Darktrace alarm that initiated the investigation. Expanded investigation Events search Utilizing the filters built into USM Anywhere , the events were narrowed down to the specific source asset IP address and Host Name to only query events associated to that specific asset. The following events were found that provide more information about the reconnaissance activity that was being observed. Event deep dive Upon reviewing the logs from the events shown above, the SOC was able to determine that the source asset scanned two separate Classless Inter-Domain Routing (CIDR) blocks, detecting, and scanning 60 unique internal devices for open ports. As shown in the log snippets below, the scans revealed multiple open ports with known vulnerabilities, most notable is Server Message Block (SMB) port 445 which is the key attack vector for the infamous WannaCry malware. Looking at the logs we can also see that the source asset detected port 5985, the port utilized by Windows Remote Management (WinRM). WinRM can be used by threat actors to move laterally in environments by executing remote commands on other assets from the compromised host. These remote commands are typically batch files performing malicious activity or implanting backdoors to maintain persistence in the network.  Lastly, we can see the asset scanning for Lightweight Directory Access Protocol (LD]]> 2022-06-27T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/stories-from-the-soc-detecting-internal-reconnaissance www.secnews.physaphae.fr/article.php?IdArticle=5489966 False Ransomware,Malware,Threat,Guideline Wannacry None Global Security Mag - Site de news francais Points de Vue]]> 2022-06-23T10:11:31+00:00 http://www.globalsecuritymag.fr/Mouvements-lateraux-le-succes-des,20220623,127005.html www.secnews.physaphae.fr/article.php?IdArticle=5340538 False Malware NotPetya,Wannacry,Wannacry None CSO - CSO Daily Dashboard ransomware that infected thousands of computers five years ago and cost companies all over the world billions of dollars in damages.WannaCry broke onto the infosec scene on May 12, 2017. Taking advantage of the vulnerable version of the Server Message Block (SMB) protocol, it ultimately infected approximately 200,000+ machines in more than 150 countries. While Microsoft had issued a patch for the SMB flaw more than a month before the attacks began, millions of computers had not been unpatched against the bug. The largest ransomware attack ever, it impacted several big names globally, including the UK's National Health Service, US delivery giant FedEx, and Deutsche Bahn, the German railway company.To read this article in full, please click here]]> 2022-05-19T02:00:00+00:00 https://www.csoonline.com/article/3660575/wannacry-5-years-on-still-a-top-threat.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4704405 False Ransomware,Threat FedEx,Wannacry None Checkpoint - Fabricant Materiel Securite Highlights Effectively, one out of every 60 organizations globally have been impacted by attempted ransomware attacks every week, so far in in the first four months of 2022 A 14% increase of attempted ransomware attacks to organizations globally every week compared to the same period last year. To mark the 5th anniversary of the WannaCry… ]]> 2022-05-12T16:45:59+00:00 https://blog.checkpoint.com/2022/05/12/ransomware-cyber-attacks-in-costa-rica-and-peru-drives-national-response/ www.secnews.physaphae.fr/article.php?IdArticle=4594188 False Ransomware Wannacry None InformationSecurityBuzzNews - Site de News Securite 2022-05-12T13:28:09+00:00 https://informationsecuritybuzz.com/expert-comments/expert-reaction-on-cyber-threats-five-years-on-from-wannacry/ www.secnews.physaphae.fr/article.php?IdArticle=4583873 False None Wannacry,Wannacry 2.0000000000000000 Checkpoint - Fabricant Materiel Securite From WannaCry to Conti: A 5-Year Perspective   Five years ago, on May 12, 2017, the world fell victim to a major ransomware attack known as 'WannaCry'. The attack had an unprecedented scale, and spread around the world like wildfire, with more than 200,000 Windows computers across 150 countries affected outbreaking only a few days.… ]]> 2022-05-12T00:37:30+00:00 https://blog.checkpoint.com/2022/05/11/how-the-evolution-of-ransomware-changed-the-threat-landscape/ www.secnews.physaphae.fr/article.php?IdArticle=4594189 False Ransomware,Threat Wannacry,Wannacry None InformationSecurityBuzzNews - Site de News Securite 2022-05-11T12:57:31+00:00 https://informationsecuritybuzz.com/expert-comments/wannacry-5-years-on-68-of-enterprises-are-still-at-risk/ www.secnews.physaphae.fr/article.php?IdArticle=4577388 False Ransomware,Guideline Wannacry 3.0000000000000000 McAfee Labs - Editeur Logiciel 2022-03-24T18:09:09+00:00 https://www.mcafee.com/blogs/internet-security/tips-for-staying-safer-online/ www.secnews.physaphae.fr/article.php?IdArticle=4336030 False Ransomware Wannacry,Wannacry None Fortinet ThreatSignal - Harware Vendor 2022-02-27T22:30:37+00:00 https://fortiguard.fortinet.com/threat-signal-report/4426 www.secnews.physaphae.fr/article.php?IdArticle=4209565 False Ransomware,Malware,Threat Wannacry,Wannacry None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-02-23T14:00:22+00:00 https://threatpost.com/wannacry-gandcrab-top-ransomware-scene/178589/ www.secnews.physaphae.fr/article.php?IdArticle=4172333 False Ransomware Wannacry None knowbe4 - cybersecurity services   ]]> 2022-02-01T14:37:29+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-05-dhs-sounds-alarm-on-new-russian-destructive-disk-wiper-attack-potential www.secnews.physaphae.fr/article.php?IdArticle=4065596 False Ransomware,Malware,Hack,Tool,Threat,Guideline NotPetya,NotPetya,APT 27,APT 27,Wannacry,Wannacry None Security Intelligence - Site de news Américain 2022-01-26T14:00:00+00:00 https://securityintelligence.com/articles/lulzsec-10-years-later-cybersecurity-influence-meaning/ www.secnews.physaphae.fr/article.php?IdArticle=4035574 False None Wannacry,Wannacry None CyberArk - Software Vendor 2022-01-07T14:00:27+00:00 https://www.cyberark.com/blog/3-cyber-attacks-that-didnt-get-enough-attention-in-2021-but-probably-should-have/ www.secnews.physaphae.fr/article.php?IdArticle=4593630 False None Wannacry 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-01-03T03:32:41+00:00 https://thehackernews.com/2022/01/are-medical-devices-at-risk-of.html www.secnews.physaphae.fr/article.php?IdArticle=3918587 False Ransomware Wannacry,Wannacry None CybeReason - Vendor blog In May 2017, Marcus Hutchins - AKA MalwareTech - became a hero for stopping WannaCry, a particularly nasty ransomware that spread quickly all over the world. Yet his fame also brought to light his troubled past as the teenage Black Hat hacker who created KRONOS, a dangerous rootkit. Should a criminal-turned-hero be punished for his past crimes? Check it out...]]> 2021-10-25T12:44:44+00:00 https://www.cybereason.com/blog/malicious-life-podcast-marcus-hutchins-a-controversial-hero www.secnews.physaphae.fr/article.php?IdArticle=3559497 False Ransomware Wannacry None Security Intelligence - Site de news Américain 2021-09-01T16:00:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/0i8O6eGdJNg/ www.secnews.physaphae.fr/article.php?IdArticle=3321560 False Ransomware Wannacry,Wannacry None McAfee Labs - Editeur Logiciel As Ransomware continues to spread and target organizations around the world, it is critical to leverage threat intelligence data. And not just any threat intelligence but actionable intelligence from MVISION Insights. Fortunately, there are several steps you can take to proactively increase your Endpoint Security to help minimize damage from the next Darkside, WannaCry, Ryuk, […] ]]> 2021-06-29T15:00:34+00:00 https://www.mcafee.com/blogs/enterprise/security-operations/how-to-proactively-increase-your-protection-against-ransomware-with-threat-intelligence/ www.secnews.physaphae.fr/article.php?IdArticle=2996325 False Ransomware,Threat Wannacry None UnderNews - Site de news "pirate" francais WannaCry est à nouveau sur le devant de la scène first appeared on UnderNews.]]> 2021-06-15T12:02:15+00:00 https://www.undernews.fr/malwares-virus-antivirus/wannacry-est-a-nouveau-sur-le-devant-de-la-scene.html www.secnews.physaphae.fr/article.php?IdArticle=2929264 False Ransomware Wannacry,Wannacry None UnderNews - Site de news "pirate" francais 67% des environnements d'entreprise fonctionnent encore avec des protocoles exploités par WannaCry et NotPetya first appeared on UnderNews.]]> 2021-05-19T10:13:00+00:00 https://www.undernews.fr/malwares-virus-antivirus/67-des-environnements-dentreprise-fonctionnent-encore-avec-des-protocoles-exploites-par-wannacry-et-notpetya.html www.secnews.physaphae.fr/article.php?IdArticle=2810071 False None NotPetya,NotPetya,Wannacry,Wannacry None InfoSecurity Mag - InfoSecurity Magazine 2021-05-13T09:42:00+00:00 https://www.infosecurity-magazine.com:443/news/twothirds-global-firms-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=2778440 False None Wannacry,Wannacry None InformationSecurityBuzzNews - Site de News Securite 2021-05-10T12:16:40+00:00 https://informationsecuritybuzz.com/expert-comments/experts-comments-on-anti-ransomware-day-12th-may/ www.secnews.physaphae.fr/article.php?IdArticle=2761084 False Ransomware Wannacry None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Zero-day Vulnerabilities in SonicWall Email Security Actively Exploited (published: April 21, 2021) US cybersecurity company SonicWall said fixes have been published to resolve three critical issues in its email security solution that are being actively exploited in the wild. The vulnerabilities are tracked as CVE-2021-20021, CVE-2021-20022, and CVE-2021-20023, impacting SonicWall ES/Hosted Email Security (HES) versions 10.0.1 and above. Analyst Comment: The patches for these vulnerabilities have been issued and should be applied as soon as possible to avoid potential malicious behaviour. SonicWall’s security notice can be found here https://www.sonicwall.com/support/product-notification/security-notice-sonicwall-email-security-zero-day-vulnerabilities/210416112932360/. It is important that your company has patch-maintenance policies in place. Once a vulnerability has been publicly reported,, threat actors will likely attempt to incorporate the exploitation of the vulnerability into their malicious operations. Patches should be reviewed and applied as soon as possible to prevent potential malicious activity. MITRE ATT&CK: [MITRE ATT&CK] Remote File Copy - T1105 | [MITRE ATT&CK] File and Directory Discovery - T1083 Tags: CVE-2021-20021, CVE-2021-20023, CVE-2021-20022 Massive Qlocker Ransomware Attack Uses 7zip to Encrypt QNAP Devices (published: April 21, 2021) The ransomware is called Qlocker and began targeting QNAP devices on April 19th, 2021. All victims are told to pay 0.01 Bitcoins, which is approximately $557.74, to get a password for their archived files. While the files are being locked, the Resource Monitor will display numerous '7z' processes which are the 7zip command-line executable. Analyst Comment: Attackers are using legitimate tools like 7zip to evade detections by traditional antiviruses. EDR solutions can help tracking suspicious command line arguments and process creations to potentially detect such attacks. Customers should use backup solutions to be able recover encrypted files. MITRE ATT&CK: [MITRE ATT&CK] Credentials in Files - T1081 Tags: Tor, Qlocker, CVE-2020-2509, CVE-2020-36195 Novel Email-Based Campaign Targets Bloomberg Clients with RATs (published: April 21, 2021) A new e-mail-based campaign by an emerging threat actor aims to spread various remote access trojans (RATs) to a very specific group of targets who use Bloomberg's industry-based services. Attacks start in the form of targeted emails to c]]> 2021-04-27T17:24:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-habitsrat-targeting-linux-and-windows-servers-lazarus-group-targetting-south-korean-orgs-multiple-zero-days-and-more www.secnews.physaphae.fr/article.php?IdArticle=2704270 False Ransomware,Malware,Tool,Vulnerability,Threat,Medical APT 38,APT 28,Wannacry,Wannacry None Bleeping Computer - Magazine Américain 2021-03-30T07:56:19+00:00 https://www.bleepingcomputer.com/news/security/microsoft-exchange-attacks-increase-while-wannacry-gets-a-restart/ www.secnews.physaphae.fr/article.php?IdArticle=2561117 False None Wannacry,Wannacry None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Google: This Spectre proof-of-concept shows how dangerous these attacks can be (published: March 15, 2021) Google has released a proof of concept (PoC) code to demonstrate the practicality of Spectre side-channel attacks against a browser's JavaScript engine to leak information from its memory. Spectre targeted the process in modern CPUs called speculative execution to leak secrets such as passwords from one site to another. While the PoC demonstrates the JavaScript Spectre attack against Chrome 88's V8 JavaScript engine on an Intel Core i7-6500U CPU on Linux, Google notes it can easily be tweaked for other CPUs, browser versions and operating systems. Analyst Comment: As the density of microchip manufacturing continues to increase, side-channel attacks are likely to be found across many architectures and are difficult (and in some cases impossible) to remediate in software. The PoC of the practicality of performing such an attack using javascript emphasises that developers of both software and hardware be aware of these types of attacks and the means by which they can be used to invalidate existing security controls. Tags: CVE-2017-5753 Threat Assessment: DearCry Ransomware (published: March 12, 2021) A new ransomware strain is being used by actors to attack unpatched Microsoft Exchange servers. Microsoft released patches for four vulnerabilities that are being exploited in the wild. The initial round of attacks included installation of web shells onto affected servers that could be used to infect additional computers. While the initial attack appears to have been done by sophisticated actors, the ease and publicity around these vulnerabilities has led to a diverse group of actors all attempting to compromise these servers. Analyst Comment: Patch and asset management are a critical and often under-resourced aspect of defense in depth. As this particular set of vulnerabilities and attacks are against locally hosted Exchange servers, organization may want to assess whether a hosted solution may make sense from a risk standpoint MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted - T1022 | [MITRE ATT&CK] Exploit Public-Facing Application - T1190 | [MITRE ATT&CK] File and Directory Discovery - T1083 | [MITRE ATT&CK] Email Collection - T1114 | [MITRE ATT&CK] Obfuscated Files or Information - T1027 | [MITRE ATT&CK] System Service Discovery - T1007 | [MITRE ATT&CK] Data Encrypted for Impact - T1486 | ]]> 2021-03-17T18:03:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-apt-ransomware-vulnerabilities-and-more www.secnews.physaphae.fr/article.php?IdArticle=2496898 False Ransomware,Tool,Vulnerability,Threat,Guideline APT 41,Wannacry,APT 34 None Schneier on Security - Chercheur Cryptologue Américain this even possible? …26% of companies Positive Technologies tested were vulnerable to WannaCry, which was a threat years ago, and some even vulnerable to Heartbleed. “The most frequent vulnerabilities detected during automated assessment date back to 2013­2017, which indicates a lack of recent software updates,” the reported stated. 26%!? One in four networks? Even if we assume that the report is self-serving to the company that wrote it, and that the statistic is not generally representative, this is still a disaster. The number should be 0%...]]> 2021-03-09T12:16:02+00:00 https://www.schneier.com/blog/archives/2021/03/on-not-fixing-old-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=2456275 False Threat Wannacry None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC  Image source Business technology generally advances on a rapid basis, however, so do the cyberthreats that can endanger your security. According to BusinessWire, more than half of enterprises believe that their security cannot keep up, and according to IBM News Room, more than half of organizations with cybersecurity incident response plans fail to test them. Because of overloaded security teams, poor visibility, and threat alert overload due to the many implemented technologies in place to fight this, for many of these enterprises, the difficulty constantly grows when it comes to detecting and effectively responding to cyber threats. What is XDR? XDR can be defined as a cross-layered detection and response tool. In other words, it collects and then correlates data over a variety of security layers, such as endpoints, emails, servers, clouds, and networks. What this means is that, rather than focusing on end-point detection alone, it can enable your security team to detect, investigate, and respond to threats across multiple layers of security, not just the end-point. This is due to the fact that today’s cyber threats are extremely tricky and complex, to the point where they can hide throughout different layers within an organization. If you were to use a sideload approach, through the usage of different technologies, simply cannot provide a contextual view of all of the threats across the environment, and as such, can slow down the detection, investigation, and response. It allows for improved protection, detection, and response capabilities as well as improved productivity of the operational security personnel, with lower costs associated with owning it. Image source XDR features XDR was designed to simplify the security visibility across an organization’s entire cyber architecture. In other words, to allow an organization to analyze all of the layers associated with their security, not just the end-point, through an]]> 2021-03-03T11:00:00+00:00 https://feeds.feedblitz.com/~/645545710/0/alienvault-blogs~Extended-threat-detection-and-response-XDR-Filling-out-cybersecurity-gaps www.secnews.physaphae.fr/article.php?IdArticle=2427930 False Tool,Threat,Guideline Wannacry None Anomali - Firm Blog get signed up today so you can receive curated and summarized cybersecurity intelligence events weekly. The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: China, Emotet, Go, Masslogger, Mustang Panda, OilRig, and Vulnerabilities. The IOCs related to these stories are attached to the Weekly Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Hypervisor Jackpotting: CARBON SPIDER and SPRITE SPIDER Target ESXi Servers With Ransomware to Maximize Impact (published: February 26, 2021) Recent reporting indicates that two prolific cybercrime threat groups, CARBON SPIDER and SPRITE SPIDER, have begun targeting ESXi, a hypervisor developed by VMWare to run and manage virtual machines. SPRITE SPIDER uses PyXie's LaZagne module to recover vCenter credentials stored in web browsers and runs Mimikatz to steal credentials from host memory. After authenticating to vCenter, SPRITE SPIDER enables ssh to permit persistent access to ESXi devices. In some cases, they also change the root account password or the host’s ssh keys. Before deploying Defray 777, SPRITE SPIDER’s ransomware of choice, they terminate running VMs to allow the ransomware to encrypt files associated with those VMs. CARBON SPIDER has traditionally targeted companies operating POS devices, with initial access being gained using low-volume phishing campaigns against this sector. But throughout 2020 they were observed shifting focus to “Big Game Hunting” with the introduction of the Darkside Ransomware. CARBON SPIDER gains access to ESXi servers using valid credentials and reportedly also logs in over ssh using the Plink utility to drop the Darkside Recommendation: Both CARBON SPIDER and SPRITE SPIDER likely intend to use ransomware targeting ESXi to inflict greater harm – and hopefully realize larger profits – than traditional ransomware operations against Windows systems. Should these campaigns continue and prove to be profitable, we would expect more threat actors to imitate these activities. MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted for Impact - T1486 | [MITRE ATT&CK] Hidden Files and Directories - T1158 | [MITRE ATT&CK] Process Discovery - T1057 | [MITRE ATT&CK] File Deletion - T1107 | [MITRE ATT&CK] Remote Services - T1021 | [MITRE ATT&CK] Scheduled Transfer - T1029 | ]]> 2021-03-02T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-apt-groups-cobalt-strike-russia-malware-and-more www.secnews.physaphae.fr/article.php?IdArticle=2422682 False Ransomware,Malware,Threat APT 29,APT 31,APT 28,Wannacry,Wannacry,APT 34 None Errata Security - Errata Security Baltimore ransomware attack. When the attack happened, the entire cybersecurity community agreed that EternalBlue wasn't responsible.But this New York Times article said otherwise, blaming the Baltimore attack on EternalBlue. And there are hundreds of other news articles [eg] that agree, citing the New York Times. There are no news articles that dispute this.In a recent book, the author of that article admits it's not true, that EternalBlue didn't cause the ransomware to spread. But they defend themselves as it being essentially true, that EternalBlue is responsible for a lot of bad things, even if technically, not in this case. Such errors are justified, on the grounds they are generalizations and simplifications needed for the mass audience.So we are left with the situation Orwell describes: all records tell the same tale -- when the lie passes into history, it becomes the truth.Orwell continues:He wondered, as he had many times wondered before, whether he himself was a lunatic. Perhaps a lunatic was simply a minority of one. At one time it had been a sign of madness to believe that the earth goes round the sun; today, to believe that the past is inalterable. He might be ALONE in holding that belief, and if alone, then a lunatic. But the thought of being a lunatic did not greatly trouble him: the horror was that he might also be wrong.I'm definitely a lunatic, alone in my beliefs. I sure hope I'm not wrong.

---

Update: Other lunatics document their struggles with Minitrue: When I was investigating the TJX breach, there were NYT articles citing unnamed sources that were made up & then outlets would publish citing the NYT. The TJX lawyers would require us to disprove the articles. Each time we would. It was maddening fighting lies for 8 months.— Nicholas J. Percoco (@c7five) March 1, 2021 ]]> 2021-02-28T20:05:19+00:00 https://blog.erratasec.com/2021/02/we-are-living-in-1984-eternalblue.html www.secnews.physaphae.fr/article.php?IdArticle=2414565 False Ransomware APT 32,NotPetya,Wannacry None Graham Cluley - Blog Security 2021-02-18T15:01:22+00:00 https://www.tripwire.com/state-of-security/featured/us-charges-north-korean-hackers-wannacry-sony-pictures-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2366018 False None Wannacry None InfoSecurity Mag - InfoSecurity Magazine 2021-02-18T11:10:00+00:00 https://www.infosecurity-magazine.com:443/news/lazarus-group-indicted-north/ www.secnews.physaphae.fr/article.php?IdArticle=2365436 True None APT 38,APT 28,Wannacry,Wannacry 3.0000000000000000 Krebs on Security - Chercheur Américain 2021-02-17T21:12:56+00:00 https://krebsonsecurity.com/2021/02/u-s-indicts-north-korean-hackers-in-theft-of-200-million/ www.secnews.physaphae.fr/article.php?IdArticle=2363163 False Ransomware,Hack Wannacry,Wannacry None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-02-04T02:20:16+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/gbHJFZrumVE/why-human-error-is-1-cyber-security.html www.secnews.physaphae.fr/article.php?IdArticle=2293104 False Malware,Threat Wannacry,Wannacry None IT Security Guru - Blog Sécurité 2021-01-26T14:06:51+00:00 https://www.itsecurityguru.org/2021/01/26/increase-in-ransomware-attacks-in-healthcare-industry/?utm_source=rss&utm_medium=rss&utm_campaign=increase-in-ransomware-attacks-in-healthcare-industry www.secnews.physaphae.fr/article.php?IdArticle=2246765 False Ransomware Wannacry,Wannacry None UnderNews - Site de news "pirate" francais L'importance des mises à jour en matière de cybersécurité first appeared on UnderNews.]]> 2021-01-07T12:42:02+00:00 https://www.undernews.fr/reseau-securite/limportance-des-mises-a-jour-en-matiere-de-cybersecurite.html www.secnews.physaphae.fr/article.php?IdArticle=2151848 False Ransomware Wannacry,Wannacry None Security Intelligence - Site de news Américain 2020-10-28T16:00:20+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/rDwTuIltDPA/ www.secnews.physaphae.fr/article.php?IdArticle=2000950 False Ransomware Wannacry None InformationSecurityBuzzNews - Site de News Securite EU Applies First Ever Sanctions In Response To Cyber-Attacks]]> 2020-08-04T17:33:26+00:00 https://www.informationsecuritybuzz.com/expert-comments/eu-applies-first-ever-sanctions-in-response-to-cyber-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=1842056 False None NotPetya,Wannacry None IT Security Guru - Blog Sécurité 2020-07-31T11:31:24+00:00 https://www.itsecurityguru.org/2020/07/31/eu-imposes-sanctions-on-north-korean-chinese-and-russian-backed-cyberattackers/?utm_source=rss&utm_medium=rss&utm_campaign=eu-imposes-sanctions-on-north-korean-chinese-and-russian-backed-cyberattackers www.secnews.physaphae.fr/article.php?IdArticle=1834482 False None NotPetya,Wannacry None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2020-07-31T06:47:40+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/llFCzIzCSRo/sanctions-against-wanted-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=1834674 False None NotPetya,Wannacry None IT Security Guru - Blog Sécurité 2020-07-30T19:19:01+00:00 https://www.itsecurityguru.org/2020/07/30/eu-first-sanctions-imposed-on-wannacry-notpetya-opcw-cloud-hopper-attackers/?utm_source=rss&utm_medium=rss&utm_campaign=eu-first-sanctions-imposed-on-wannacry-notpetya-opcw-cloud-hopper-attackers www.secnews.physaphae.fr/article.php?IdArticle=1833653 False None NotPetya,Wannacry None ZD Net - Magazine Info 2020-07-28T13:38:33+00:00 https://www.zdnet.com/article/kaspersky-north-korean-hackers-are-behind-the-vhd-ransomware/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1829501 False Ransomware Wannacry None UnderNews - Site de news "pirate" francais Trente ans après le premier ransomware[1], ce type de logiciels malveillants chiffrant les données de leurs victimes jusqu'à l'obtention d'une rançon a toujours le vent en poupe. En 2017, les ransomwares avaient fait la une de l'actualité cyber. En effet, mai 2017 fut marqué par WannaCry qui bouscula le monde entier et causa des pertes consolidées qui s'élèveraient à 4 milliards de dollars. Les entreprises ne s'étaient pas encore remises de cette méga attaque qu'un nouveau ransomware, NotPetya, frappait un mois plus tard, causant 10 milliards[2] de dollars de dommages.]]> 2020-07-10T07:27:19+00:00 https://www.undernews.fr/malwares-virus-antivirus/pas-de-crise-de-la-trentaine-pour-les-ransomwares.html www.secnews.physaphae.fr/article.php?IdArticle=1800121 False None NotPetya,Wannacry None CybeReason - Vendor blog May 12th 2020 marked the 3 year anniversary of the WannaCry ransomware attack. Estimated to have affected hundreds of thousands of endpoints across 150 countries all around the world, the total damages as a result of the WannaCry attack have reached up to 4 billion USD, according to some accounts.]]> 2020-06-30T16:27:31+00:00 https://www.cybereason.com/blog/ransomware-weapons-of-mass-disruption www.secnews.physaphae.fr/article.php?IdArticle=1798825 False Ransomware Wannacry None Global Security Mag - Site de news francais Points de Vue ]]> 2020-06-24T13:01:51+00:00 http://www.globalsecuritymag.fr/3-ans-apres-le-spectre-de-NotPetya,20200624,99986.html www.secnews.physaphae.fr/article.php?IdArticle=1771680 False Ransomware,Malware NotPetya,Wannacry 3.0000000000000000 IT Security Guru - Blog Sécurité 2020-05-13T09:49:35+00:00 https://www.itsecurityguru.org/2020/05/13/anti-ransomware-day-declared-by-interpol/?utm_source=rss&utm_medium=rss&utm_campaign=anti-ransomware-day-declared-by-interpol www.secnews.physaphae.fr/article.php?IdArticle=1706504 False Ransomware Wannacry None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2020-05-13T02:35:07+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/rfDx8P1GD8U/fbi-north-korean-malware.html www.secnews.physaphae.fr/article.php?IdArticle=1706465 False Ransomware,Malware Wannacry None ZD Net - Magazine Info 2020-05-12T16:36:18+00:00 https://www.zdnet.com/article/on-the-three-year-anniversary-of-wannacry-us-exposes-new-north-korean-malware/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1705372 False Malware Wannacry None UnderNews - Site de news "pirate" francais A l'occasion de la date anniversaire de WannaCry – cyberattaque massive de 2017 – le leader mondial de la cybersécurité Kaspersky et l'organisation intergouvernementale INTERPOL s'associent pour appeler les professionnels à revoir leur stratégie de sauvegarde et de protection des données. Cette initiative s'inscrit dans le cadre des accords de partenariat conclus entre les deux […]]]> 2020-05-12T13:08:58+00:00 https://www.undernews.fr/reseau-securite/30-des-attaques-visent-les-professionnels-kaspersky-et-interpol-appellent-les-entreprises-a-se-proteger.html www.secnews.physaphae.fr/article.php?IdArticle=1705086 False Guideline Wannacry None We Live Security - Editeur Logiciel Antivirus ESET 2020-05-12T12:30:02+00:00 http://feedproxy.google.com/~r/eset/blog/~3/y7tL0IhQHEw/ www.secnews.physaphae.fr/article.php?IdArticle=1705999 False Ransomware,Threat Wannacry None Global Security Mag - Site de news francais Points de Vue ]]> 2020-05-05T08:21:21+00:00 http://www.globalsecuritymag.fr/Quelles-lecons-tirer-du-virus,20200505,98265.html www.secnews.physaphae.fr/article.php?IdArticle=1691854 False None Wannacry None Wired Threat Level - Security News 2020-03-12T12:00:00+00:00 https://www.wired.com/story/a-new-wormable-windows-vulnerability-has-no-patch-in-sight www.secnews.physaphae.fr/article.php?IdArticle=1593484 False Vulnerability NotPetya,Wannacry None Mandiant - Blog Sécu de Mandiant Since at least 2017, there has been a significant increase in public disclosures of ransomware incidents impacting industrial production and critical infrastructure organizations. Well-known ransomware families like WannaCry, LockerGoga, MegaCortex, Ryuk, Maze, and now SNAKEHOSE (a.k.a. Snake / Ekans), have cost victims across a variety of industry verticals many millions of dollars in ransom and collateral costs. These incidents have also resulted in significant disruptions and delays to the physical processes that enable organizations to produce and deliver goods and services. While lots]]> 2020-02-24T23:30:00+00:00 https://www.mandiant.com/resources/blog/ransomware-against-machine-learning-to-disrupt-industrial-production www.secnews.physaphae.fr/article.php?IdArticle=8377658 False Ransomware,Industrial Wannacry 3.0000000000000000 Graham Cluley - Blog Security 2020-01-30T13:54:30+00:00 https://www.tripwire.com/state-of-security/healthcare/nhs-ransomware-attacks-wannacry/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=1518447 False Ransomware Wannacry None Malwarebytes Labs - MalwarebytesLabs As the 2010s come to a close, we take a snarky walk down memory lane, listing the craziest, most impactful, or simply just awful cybersecurity fails of the decade. Categories: Awareness Tags: ashley madisonashley madison hackBadRabbitcambridge analyticacryptolockercryptolocker ransomwareData privacyEdward Snowdenemotetexploitsfacebookhacktivismmat honanNotPetyaNSAnsa spyingnsa surveillanceNSA toolsplaystation breachplaystation hackransomwareryukRyuk ransomwaresecurity failsshadow brokerssocial mediasonysony pictures hacksurveillancetarget breachtarget hacktrickbottriple threatWannaCry (Read more...) ]]> 2019-12-19T18:03:33+00:00 https://blog.malwarebytes.com/awareness/2019/12/a-decade-in-cybersecurity-fails-top-breaches-threats-of-2010s/ www.secnews.physaphae.fr/article.php?IdArticle=1494817 False None NotPetya,Wannacry None InformationSecurityBuzzNews - Site de News Securite Experts Comments On The News: French Hospital Hit By Ransomware Attack]]> 2019-11-21T20:46:20+00:00 https://www.informationsecuritybuzz.com/expert-comments/experts-comments-on-the-news-french-hospital-hit-by-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=1480521 False Ransomware Wannacry None UnderNews - Site de news "pirate" francais Alors qu'un simple patch Windows suffit à protéger une machine, Wannacry un virus capable de paralyser l'activité complète d'une entreprise, fait toujours trembler les responsables informatiques. Mais pourquoi cette menace est-elle toujours aussi active plus de deux ans après son identification ? Explications.]]> 2019-11-12T10:04:24+00:00 https://www.undernews.fr/malwares-virus-antivirus/3-ans-apres-pourquoi-wannacry-est-il-toujours-la-bete-noire-des-responsables-informatiques.html www.secnews.physaphae.fr/article.php?IdArticle=1462281 False None Wannacry None IT Security Guru - Blog Sécurité 2019-11-05T13:04:14+00:00 https://www.itsecurityguru.org/2019/11/05/spanish-companies-hit-by-ransomware/?utm_source=rss&utm_medium=rss&utm_campaign=spanish-companies-hit-by-ransomware www.secnews.physaphae.fr/article.php?IdArticle=1446742 False Ransomware Wannacry 3.0000000000000000 ZD Net - Magazine Info 2019-11-04T17:53:28+00:00 https://www.zdnet.com/article/ransomware-hits-spanish-companies-sparking-wannacry-panic/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1444948 False Ransomware,Guideline Wannacry None Silicon - Site de News Francais 2019-10-16T13:45:52+00:00 https://www.silicon.fr/regards-croises-menaces-rssi-263453.html www.secnews.physaphae.fr/article.php?IdArticle=1407298 False None Wannacry None Security Affairs - Blog Secu 2019-09-27T09:33:26+00:00 https://securityaffairs.co/wordpress/91775/malware/avest-ransomware-decryptor.html www.secnews.physaphae.fr/article.php?IdArticle=1364729 False Ransomware,Tool Wannacry None Security Affairs - Blog Secu 2019-09-26T07:01:34+00:00 https://securityaffairs.co/wordpress/91715/malware/wannacryfake-ransomware-decryptor.html www.secnews.physaphae.fr/article.php?IdArticle=1362445 False Ransomware,Tool Wannacry None Bleeping Computer - Magazine Américain 2019-09-25T15:05:01+00:00 https://www.bleepingcomputer.com/news/security/ransomware-decryptors-released-for-yatron-wannacryfake-and-fortunecrypt/ www.secnews.physaphae.fr/article.php?IdArticle=1361406 False Ransomware Wannacry None Global Security Mag - Site de news francais Malwares ]]> 2019-09-19T15:54:03+00:00 http://www.globalsecuritymag.fr/Les-attaques-ciblant-les-objets,20190919,90900.html www.secnews.physaphae.fr/article.php?IdArticle=1346871 False None Wannacry None Dark Reading - Informationweek Branch 2019-09-18T18:14:00+00:00 https://www.darkreading.com/endpoint/wannacry-detections-at-an-all-time-high/d/d-id/1335848?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1344775 False Malware Wannacry None Global Security Mag - Site de news francais Malwares ]]> 2019-09-18T15:24:54+00:00 http://www.globalsecuritymag.fr/Sophos-suit-l-evolution-de,20190918,90861.html www.secnews.physaphae.fr/article.php?IdArticle=1343885 False Malware Wannacry None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Photo by Katie Moum on Unsplash Cybercrime is global, but the response isn’t. Governments in the west are slowly waking up to the importance of cybersecurity, and are (equally slowly) helping businesses to safeguard data and home users to protect their homes from cyberattack. Look outside Europe and the US, though, and the picture is radically different. African countries, in particular, are underprepared for the impact of cyberattacks, and lack the governmental expertise to deal with them. This is an issue for citizens of these countries, but also for us in the west. Poorly prepared countries act as safe havens for cybercriminals, and hackers (some of them state-sponsored) can use these countries to stage cyberattacks that directly impact users in the west. Cybercrime: a global view Though you wouldn’t know it from the press coverage, large cyberattacks don’t just affect the west. Africa, for instance, actually has a huge problem with cybercrime. Recent reports from Botswana, Zimbabwe and Mozambique show that companies are increasingly falling victim to cybercrime. The global WannaCry malware attack of May 2017 hit South Africa hard, and companies in that country typically lose R36 million when they fall victim to an attack. This situation is mirrored across the global south. It is made worse by the fact that developing nations do not have governmental policies for dealing with cyberattacks. This makes companies and home users in these countries particularly vulnerable. It also means that hackers can route their activities through these countries, which have neither the technical nor the legal expertise to catch them, let alone punish them. Though government policies on cybercrime vary widely across the globe, many of the largest attacks of recent years rely for their success on their global reach. The Mirai Botnet, for instance, managed to infect IoT devices across a huge range of territories and countries, and this global base made it incredibly difficult to stop. Attacks like this have made the IoT one of the largest concerns among security professionals today. Given this context, it is time for governments – in all countries and at all levels – to do more when it comes to managing cyber risk. Managing risk The approach that governments take to dealing with cyber risk is a critical factor in the success of these programs. Too often, governments take a ‘hands off’ approach, issuing advice to citizens and businesses about how to avoid falling victim to an attack, and then expecting them to protect themselves. This approach i]]> 2019-09-18T13:00:00+00:00 https://feeds.feedblitz.com/~/606910188/0/alienvault-blogs~Does-your-government-take-cybersecurity-seriously-enough www.secnews.physaphae.fr/article.php?IdArticle=1343551 False Malware,Vulnerability,Threat,Guideline Wannacry None Bleeping Computer - Magazine Américain 2019-09-13T20:16:20+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-wannacry-and-sony-hack-sanctioned-by-usa/ www.secnews.physaphae.fr/article.php?IdArticle=1326796 False Hack Wannacry None IT Security Guru - Blog Sécurité 2019-09-10T14:57:02+00:00 https://www.itsecurityguru.org/2019/09/10/bluekeep-bug-exploit-published-by-metasplot-project/ www.secnews.physaphae.fr/article.php?IdArticle=1317695 False Vulnerability Wannacry None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Julia Solonina Britain should be prepared for a Category 1 cyber security emergency, according to the National Cyber Security Centre (NCSC). This means that national security, the economy, and even the nation’s lives will be at risk. However, despite this harsh warning, UK businesses still aren’t taking proactive and potentially preventative action to stop these attacks from happening. So just where are UK businesses going wrong and can they turn things around before it’s too late? How businesses have responded Since Brexit was announced in June 2016, 53% of UK businesses have increased their cyber security, according to latest statistics. This is as a direct result of industry data being published which revealed that malware, phishing, and ransomware attacks will become the biggest threats once Britain leaves the EU. However, despite these efforts being made, figures reveal that British businesses have the smallest cyber security budget compared to any other country. They typically spend less than £900,000, whereas the average across the world is $1.46 million. At risk of a Category 1 cyber attack A Category 1 cyber attack is described by the NCSC as “A cyber attack which causes sustained disruption of UK essential services or affects UK national security, leading to severe economic or social consequences or to loss of life.” To date, the UK has never witnessed such an attack. Although, one of the most severe attacks in recent times was the 2017 NHS cyber attack which was classed as a Category 2 due to there being no imminent threat to life.  The NCSC says that they typically prevent 10 cyber attacks from occurring on a daily basis. However, as the organization believes that hostility from neighbouring nations is what drives these attacks every single day, they say that it’s only a matter of time before a Category 1 attack launches the country into chaos. NCSC's CEO Ciaran Martin states that "I remain in little doubt we will be tested to the full, as a centre, and as a nation, by a major incident at some point in the years ahead, what we would call a Category 1 attack." UK businesses under attack The UK government’s ‘Cyber Securi]]> 2019-09-09T13:00:00+00:00 https://feeds.feedblitz.com/~/606599482/0/alienvault-blogs~Category-cyber-threat-for-UK-businesses www.secnews.physaphae.fr/article.php?IdArticle=1315374 False Ransomware,Threat,Guideline Wannacry None UnderNews - Site de news "pirate" francais Tous les trimestres, Kaspersky tire un bilan des faits marquants des 3 derniers mois en matière de cybersécurité. Les rapports sont basés sur l'analyse des menaces bloquées par les solutions technologiques Kaspersky ou identifiées par son équipe d'experts.]]> 2019-08-29T13:26:01+00:00 https://www.undernews.fr/malwares-virus-antivirus/ransomware-110-dechantillons-en-q2-wannacry-continue-de-faire-des-victimes.html www.secnews.physaphae.fr/article.php?IdArticle=1293356 False None Wannacry None ZD Net - Magazine Info 2019-08-22T13:13:01+00:00 https://www.zdnet.com/article/uk-cybersecurity-agency-warns-devs-to-drop-python-2-due-to-looming-eol-security-risks/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1278580 False None Wannacry,Equifax None TechRepublic - Security News US 2019-08-07T14:23:02+00:00 https://www.techrepublic.com/article/businesses-need-to-patch-for-bluekeep-to-avoid-another-wannacry/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1248583 False Patching Wannacry None Krebs on Security - Chercheur Américain 2019-07-29T22:07:03+00:00 https://krebsonsecurity.com/2019/07/no-jail-time-for-wannacry-hero/ www.secnews.physaphae.fr/article.php?IdArticle=1232225 False Ransomware,Malware Wannacry None Malwarebytes Labs - MalwarebytesLabs The latest cybersecurity news for the week of July 22–28. We look at Phobos ransomware, stalkerware's similarities to parental monitoring apps, and the investigation into Malaysian Airlines Flight 17. Categories: A week in security Tags: a week in securityAdwCleanerAmazongBlueKeepcloud securityElasticsearchElectronic Privacy Information CenterFaceAppfacebookFederal Trade CommissionFlight 17FTCMalaysian AirlinesMarcus Hutchinsoffice 365online privacyparental monitoringparental monitoring appsPhobospre-installed softwareransomwareRing doorbellrussiarussian disinformationstalkerwareUS Federal Trade CommissionWannaCryweek in security (Read more...) ]]> 2019-07-29T15:50:05+00:00 https://blog.malwarebytes.com/a-week-in-security/2019/07/a-week-in-security-july-22-28/ www.secnews.physaphae.fr/article.php?IdArticle=1231695 False None Wannacry None Wired Threat Level - Security News 2019-07-27T13:00:00+00:00 https://www.wired.com/story/marcus-hutchins-malwaretech-russia-hacking-security-roundup www.secnews.physaphae.fr/article.php?IdArticle=1226966 False None Wannacry 3.0000000000000000 ZD Net - Magazine Info 2019-07-26T17:36:00+00:00 https://www.zdnet.com/article/marcus-malwaretech-hutchins-gets-no-prison-time-one-year-supervised-release/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1225399 False Ransomware Wannacry None