This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T00:37:15+00:00 www.secnews.physaphae.fr The Last Watchdog - Blog Sécurité de Byron V Acohido Palo Alto, Californie, 28 mars 2025, CyberNewswire - De Wannacry au hack de MGM Resorts, Ransomware reste l'une des cyber-étages les plus dommageables à la flamme des entreprises. Chainalysis estime que les entreprises dépensent près de 1 milliard de dollars en rançon chaque année, mais… (plus…) Le message News Alert: Squarex divulgue le navigation nast-native apparaît sur un ransomware préalable sur un déroger le dernier chien de garde .

---

>Palo Alto, Calif., Mar 28, 2025, CyberNewswire — From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Chainalysis estimates that corporations spend nearly $1 billion dollars on ransom each year, but … (more…) The post News alert: SquareX discloses nasty browser-native ransomware that\'s undetectable by antivirus first appeared on The Last Watchdog.]]> 2025-03-28T23:16:05+00:00 https://www.lastwatchdog.com/news-alert-squarex-discloses-nasty-browser-native-ransomware-thats-undetectable-by-antivirus/ www.secnews.physaphae.fr/article.php?IdArticle=8658978 False Ransomware,Hack Wannacry 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Gemini 1.5 Pro to the test to see how it performed at analyzing malware. By providing code and using a simple prompt, we asked Gemini 1.5 Pro to determine if the file was malicious, and also to provide a list of activities and indicators of compromise. We did this for multiple malware files, testing with both decompiled and disassembled code, and Gemini 1.5 Pro was notably accurate each time, generating summary reports in human-readable language. Gemini 1.5 Pro was even able to make an accurate determination of code that - at the time - was receiving zero detections on VirusTotal.  In our testing with other similar gen AI tools, we were required to divide the code into chunks, which led to vague and non-specific outcomes, and affected the overall analysis. Gemini 1.5 Pro, however, processed the entire code in a single pass, and often in about 30 to 40 seconds. Introduction The explosive growth of malware continues to challenge traditional, manual analysis methods, underscoring the urgent need for improved automation and innovative approaches. Generative AI models have become invaluable in some aspects of malware analysis, yet their effectiveness in handling large and complex malware samples has been limited. The introduction of Gemini 1.5 Pro, capable of processing up to 1 million tokens, marks a significant breakthrough. This advancement not only empowers AI to function as a powerful assistant in automating the malware analysis workflow but also significantly scales up the automation of code analysis. By substantially increasing the processing capacity, Gemini 1.5 Pro paves the way for a more adaptive and robust approach to cybersecurity, helping analysts manage the asymmetric volume of threats more effectively and efficiently. Traditional Techniques for Automated Malware Analysis The foundation of automated malware analysis is built on a combination of static and dynamic analysis techniques, both of which play crucial roles in dissecting and understanding malware behavior. Static analysis involves examining the malware without executing it, providing insights into its code structure and unobfuscated logic. Dynamic analysis, on the other hand, involves observing the execution of the malware in a controlled environment to monitor its behavior, regardless of obfuscation. Together, these techniques are leveraged to gain a comprehensive understanding of malware. Parallel to these techniques, AI and machine learning (ML) have increasingly been employed to classify and cluster malware based on behavioral patterns, signatures, and anomalies. These methodologies have ranged from supervised learning, where models are trained on labeled datasets, to unsupervised learning for clustering, which identifies patterns without predefined labels to group similar malware.]]> 2024-04-29T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/gemini-for-malware-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8500392 False Malware,Hack,Tool,Vulnerability,Threat,Studies,Prediction,Cloud,Conference Wannacry 3.0000000000000000 knowbe4 - cybersecurity services   ]]> 2022-02-01T14:37:29+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-05-dhs-sounds-alarm-on-new-russian-destructive-disk-wiper-attack-potential www.secnews.physaphae.fr/article.php?IdArticle=4065596 False Ransomware,Malware,Hack,Tool,Threat,Guideline NotPetya,NotPetya,Wannacry,Wannacry,APT 27,APT 27 None Krebs on Security - Chercheur Américain 2021-02-17T21:12:56+00:00 https://krebsonsecurity.com/2021/02/u-s-indicts-north-korean-hackers-in-theft-of-200-million/ www.secnews.physaphae.fr/article.php?IdArticle=2363163 False Ransomware,Hack Wannacry,Wannacry None Bleeping Computer - Magazine Américain 2019-09-13T20:16:20+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-wannacry-and-sony-hack-sanctioned-by-usa/ www.secnews.physaphae.fr/article.php?IdArticle=1326796 False Hack Wannacry None Errata Security - Errata Security @thegrugq) pointed me to this article on "Lessons on Irregular Cyber Warfare", citing the masters like Sun Tzu, von Clausewitz, Mao, Che, and the usual characters. It tries to answer:...as an insurgent, which is in a weaker power position vis-a-vis a stronger nation state; how does cyber warfare plays an integral part in the irregular cyber conflicts in the twenty-first century between nation-states and violent non-state actors or insurgenciesI thought I'd write a rebuttal.None of these people provide any value. If you want to figure out cyber insurgency, then you want to focus on the technical "cyber" aspects, not "insurgency". I regularly read military articles about cyber written by those, like in the above article, which demonstrate little experience in cyber.The chief technical lesson for the cyber insurgent is the Birthday Paradox. Let's say, hypothetically, you go to a party with 23 people total. What's the chance that any two people at the party have the same birthday? The answer is 50.7%. With a party of 75 people, the chance rises to 99.9% that two will have the same birthday.The paradox is that your intuitive way of calculating the odds is wrong. You are thinking the odds are like those of somebody having the same birthday as yourself, which is in indeed roughly 23 out of 365. But we aren't talking about you vs. the remainder of the party, we are talking about any possible combination of two people. This dramatically changes how we do the math.In cryptography, this is known as the "Birthday Attack". One crypto task is to uniquely fingerprint documents. Historically, the most popular way of doing his was with an algorithm known as "MD5" which produces 128-bit fingerprints. Given a document, with an MD5 fingerprint, it's impossible to create a second document with the same fingerprint. However, with MD5, it's possible to create two documents with the same fingerprint. In other words, we can't modify only one document to get a match, but we can keep modifying two documents until their fingerprints match. Like a room, finding somebody with your birthday is hard, finding any two people with the same birthday is easier.The same principle works with insurgencies. Accomplishing one specific goal is hard, but accomplishing any goal is easy. Trying to do a narrowly defined task to disrupt the enemy is hard, but it's easy to support a group of motivated hackers and let them do any sort of disruption they can come up with.The above article suggests a means of using cyber to disrupt a carrier attack group. This is an example of something hard, a narrowly defined attack that is unlikely to actually work in the real world.Conversely, consider the attacks attributed to North Korea, like those against Sony or the Wannacry virus. These aren't the careful planning of a small state actor trying to accomplish specific goals. These are the actions of an actor that supports hacker groups, and lets them loose without a lot of oversight and direction. Wannacry in particular is an example of an undirected cyber attack. We know from our experience with network worms that its effects were impossible to predict. Somebody just stuck the newly discovered NSA EternalBlue payload into an existing virus framework and let it run to see what happens. As we worm experts know, nobody could have predicted the results of doing so, not even its creators.Another example is the DNC election hacks. The reason we can attribute them to Russia is because it wasn't their narrow goal. Instead, by looking at things like their URL shortener, we can see that they flailed around broadly all over cyberspace. The DNC was just one of thei]]> 2018-10-14T04:57:46+00:00 https://blog.erratasec.com/2018/10/how-to-irregular-cyber-warfare.html www.secnews.physaphae.fr/article.php?IdArticle=846347 False Hack,Guideline Wannacry None CSO - CSO Daily Dashboard unsealed the indictment of a North Korean spy, Park Jin Hyok, whom they claim was behind the hack against Sony and the creation and distribution of the WannaCry ransomware. The 170-plus-page document was written by Nathan Shields of the FBI's LA office and shows the careful sequence of forensic analysis they used to figure out how various attacks were conducted.]]> 2018-09-25T03:00:00+00:00 https://www.csoonline.com/article/3305144/hacking/the-sony-hacker-indictment-5-lessons-for-it-security.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=823333 False Hack Wannacry None Tech Worm - Desc 2018-09-07T18:26:02+00:00 https://www.techworm.net/2018/09/north-korean-hacker-wannacry-sony-cyberattacks.html www.secnews.physaphae.fr/article.php?IdArticle=797852 False Ransomware,Hack Wannacry,APT 38 None Security Affairs - Blog Secu 2018-09-07T09:22:01+00:00 https://securityaffairs.co/wordpress/75994/cyber-warfare-2/north-korea-agent-indictment.html www.secnews.physaphae.fr/article.php?IdArticle=796903 False Ransomware,Hack Wannacry None ZD Net - Magazine Info 2018-09-06T15:35:00+00:00 https://www.zdnet.com/article/doj-to-charge-north-korean-officer-for-sony-hack-and-wannacry-ransomware/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=795583 False Ransomware,Hack Wannacry None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2018-09-06T10:31:03+00:00 https://thehackernews.com/2018/09/wannacry-north-korea-hacks.html www.secnews.physaphae.fr/article.php?IdArticle=795701 False Ransomware,Hack Wannacry None