www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T17:14:02+00:00 www.secnews.physaphae.fr Checkpoint - Fabricant Materiel Securite 5 concepts de sécurité des données que vous devez connaître 5 data security concepts you need to know Tout le monde parle de la sécurité des données et de son importance, mais à quoi cela ressemble-t-il pratiquement?Que \\ jette un coup d'œil… & # 160;Notre rapport de sécurité cloud nouvellement publié a montré une tendance surprenante dans les données.Les violations de données ont désormais dépassé les erreurs de configuration en tant que principale cause de préoccupation en termes d'incidents de sécurité du cloud & # 8212;Et il n'est pas étonnant que l'année dernière, il a été signalé que près de la moitié des entreprises avaient au moins une base de données ou un actif de stockage exposé à Internet public.Bien que cela ne soit pas nécessairement une mauvaise chose, lorsque vous ajoutez la prévalence des erreurs de configuration, des vulnérabilités, etc.… le potentiel [& # 8230;]

>Everyone is talking about data security and its importance, but what does that practically look like? Let\'s take a look… Our newly released Cloud Security Report showed a startling trend in the data. Data breaches have now surpassed misconfigurations as the chief cause of concern in terms of cloud security incidents — And it\'s no wonder… Last year it was reported that almost half of companies have at least one database or storage asset exposed to the public internet. While this isn\'t necessarily a bad thing, when you add in the prevalence of misconfigurations, vulnerabilities, and the like…the potential […] ]]> 2024-05-16T13:00:34+00:00 https://blog.checkpoint.com/securing-the-cloud/5-data-security-concepts-you-need-to-know/ www.secnews.physaphae.fr/article.php?IdArticle=8500931 False Vulnerability,Prediction,Cloud None None SlashNext - Cyber Firm Les smins sophistiqués compromettent les comptes des employés, accède aux systèmes de cartes-cadeaux d'entreprise Sophisticated Smishing Compromises Employee Accounts, Accesses Corporate Gift Card Systems Chez Slashnext, nous souhaitons attirer l'attention sur la tendance alarmante des cybercriminels exploitant des techniques avancées pour cibler les sociétés de vente au détail, comme le souligne la récente notification de l'industrie privée du FBI (PIN).Le groupe d'acteurs de menace connu sous le nom de Storm-0539 a mené des campagnes sophistiquées de smirs pour compromettre les comptes des employés et obtenir un accès non autorisé à la carte-cadeau d'entreprise [& # 8230;] Le post sophistiqué les compromis pour les employés, accède aux systèmes de cartes-cadeaux d'entreprise. est apparu pour la première fois sur slashnext .

>We at SlashNext want to draw attention to the alarming trend of cybercriminals exploiting advanced techniques to target retail corporations, as highlighted in the recent FBI Private Industry Notification (PIN). The threat actor group known as STORM-0539 has been conducting sophisticated smishing campaigns to compromise employee accounts and gain unauthorized access to corporate gift card […] The post Sophisticated Smishing Compromises Employee Accounts, Accesses Corporate Gift Card Systems first appeared on SlashNext.]]> 2024-05-15T23:17:39+00:00 https://slashnext.com/blog/sophisticated-smishing-compromises-employee-accounts-accesses-corporate-gift-card-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8501032 False Threat,Prediction None None RiskIQ - cyber risk firms (now microsoft) FIN7 exploite les marques de confiance et les publicités Google pour livrer des charges utiles Malicious MSIX FIN7 Exploits Trusted Brands and Google Ads to Deliver Malicious MSIX Payloads 2024-05-15T20:23:43+00:00 https://community.riskiq.com/article/6c0c8997 www.secnews.physaphae.fr/article.php?IdArticle=8500489 False Malware,Tool,Threat,Prediction None None Global Security Mag - Site de news francais Trend Micro Incorporated annonce de nouvelles fonctionnalités basées sur l\'IA au sein de Trend Vision One™ Produits]]> 2024-05-15T14:14:29+00:00 https://www.globalsecuritymag.fr/trend-micro-incorporated-annonce-de-nouvelles-fonctionnalites-basees-sur-l-ia.html www.secnews.physaphae.fr/article.php?IdArticle=8500265 False Prediction None None IT Security Guru - Blog Sécurité Les mots de passe couramment utilisés pour les nouveaux comptes incluent «utilisateur» et «bienvenue Commonly used passwords for new accounts include “User” & “Welcome mots de passe couramment utilisés pourLes nouveaux comptes incluent «utilisateur» et «bienvenue apparu pour la première fois sur gourou de la sécurité informatique .

New research into password usage for new accounts during the onboarding process, has revealed a worrying trend where easily guessable passwords are left unchanged for new starters, presenting significant security risks for organisations. The findings from Secops Software, an Outpost24 company, analysed 651 million compromised passwords which highlighted a list of 120,000 commonly used password […] The post Commonly used passwords for new accounts include “User” & “Welcome first appeared on IT Security Guru. ]]> 2024-05-15T11:45:28+00:00 https://www.itsecurityguru.org/2024/05/15/commonly-used-passwords-for-new-accounts-include-user-welcome/?utm_source=rss&utm_medium=rss&utm_campaign=commonly-used-passwords-for-new-accounts-include-user-welcome www.secnews.physaphae.fr/article.php?IdArticle=8500161 False Prediction None None InfoSecurity Mag - InfoSecurity Magazine Un tiers des cisos ont été rejetés «incontrôlables» par le conseil d'administration A Third of CISOs Have Been Dismissed “Out of Hand” By the Board Trend Micro research claims CISOs are often ignored or dismissed as “nagging” by their board]]> 2024-05-15T09:15:00+00:00 https://www.infosecurity-magazine.com/news/third-cisos-dismissed-out-of-hand/ www.secnews.physaphae.fr/article.php?IdArticle=8500104 False Prediction None None Global Security Mag - Site de news francais A & Pound; 145k Cyber Incident est le seul moyen d'attirer l'attention de la C-suite, dire des leaders de la sécurité informatique A £145K Cyber Incident is the Only Way to Get the C-Suite\\'s Attention, say IT Security Leaders rapports spéciaux / / affiche

A £145K Cyber Incident is the Only Way to Get the C-Suite\'s Attention, say IT Security Leaders New research from Trend Micro reveals • 74% feel pressured to downplay cyber risks in the boardroom • 33% have been dismissed as being out of hand when raising issues with the board • Less than half trust executives completely understand the cyber risks to their business - Special Reports / affiche]]> 2024-05-15T07:28:56+00:00 https://www.globalsecuritymag.fr/a-l145k-cyber-incident-is-the-only-way-to-get-the-c-suite-s-attention-say-it.html www.secnews.physaphae.fr/article.php?IdArticle=8500049 False Prediction None None Techworm - News Chrome libère la mise à jour d'urgence pour réparer l'exploit du 6e jour zéro Chrome Releases Emergency Update to Fix the 6th Zero-day Exploit troisjours après avoir abordé une vulnérabilité zéro-jour dans le Browser , Google Chrome a publié une mise à jour d'urgence pour corriger un autre exploit zéro-jour. Cet exploit est appelé CVE-2024-4761 et est le sixième exploit zéro jour à traiter par Google en 2024. Bien que l'équipe Google Chrome n'ait pas divulgué de nombreux détails, l'exploit CVE-2024-4761 est considéré comme un impact élevé. "Google est conscient qu'un exploit pour CVE-2024-4761 existe dans la nature", ajoute le billet de blog. Qu'est-ce que les dégâts Il est mentionné que le problème affecte le moteur JavaScript V8 sur Chrome, qui gère les demandes basées sur JS. Comme il s'agit d'un problème d'écriture hors limites, les acteurs de la menace pourraient utiliser l'exploit pour exécuter du code arbitraire ou provoquer des accidents de programme, conduisant à la perte de données et à la corruption. Cette mise à jour d'urgence a poussé les versions Google Chrome pour Mac et PC à 124.0.6367.207/.208.Selon Google, cette version du navigateur Web populaire sera disponible dans les prochains jours / semaines. Le billet de blog de la version Chrome mentionne que la version 124.0.6367.207 pour Linux est également en cours de déploiement progressivement. Les appareils utilisant le canal stable étendu recevront la mise à jour via la version 124.0.6367.207 pour Mac et Windows.Cette version devrait se dérouler dans les prochains jours / semaines. Puisqu'il s'agit d'une mise à jour d'urgence, Google Chrome se mettra à jour sur Mac et Windows. Cependant, les utilisateurs peuvent aller dans Paramètres> À propos de Chrome pour accélérer les mises à jour.La nouvelle version sera active après la relance. Mettre à jour Google Chrome

Inversement, le CVE-2024-4761 marque une tendance dangereuse que la sécurité chromée a été observée cette année. pas la première fois Il y a déjà eu cinq exploits zéro-jours, dont deux ont déjà affecté le moteur JavaScript V8. De plus, ces attaques d'exploitation zéro-jour ont ciblé la norme WebAssembly, l'API WebCodecs et le composant visuel. en jugeant le potentiel de vulnérabilité de la menace, Google Chrome n'a pas révélé beaucoup de détails sur l'exploit CVE-2024-4761. L'équipe conservera ces restrictions jusqu'à ce que la plupart des utilisateurs aient installé la mise à jour d'urgence. Il serait également à la recherche de la présence du bug dans une bibliothèque tierce. ]]> 2024-05-14T21:28:21+00:00 https://www.techworm.net/2024/05/chrome-update-6th-zero-day-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8499657 False Vulnerability,Threat,Prediction None 2.0000000000000000 The State of Security - Magazine Américain Les menaces d'initié maintiennent une tendance à la hausse Insider Threats Maintain a Rising Trend “When the cat\'s away, the mouse will play,” the old adage goes. Filings to anti-fraud non-profit Cifas would support that claim, as Insider Threat Database (ITD) reports rose by 14% this past year and are largely attributable to hard-to-monitor work-from-home employees mixed with “increasing financial pressures.” The report details further incidents of dishonest behavior as recorded this year by the UK\'s National Fraud Database (NFD). Insider Threats on the Rise Over 300 individuals were reported to the IDT in 2023. The most common cause? Dishonest action to obtain benefit by theft or...]]> 2024-05-14T02:16:31+00:00 https://www.tripwire.com/state-of-security/insider-threats-maintain-rising-trend www.secnews.physaphae.fr/article.php?IdArticle=8499405 False Threat,Prediction None 2.0000000000000000 ProofPoint - Cyber Firms Ummasking Tycoon 2FA: Un kit de phishing furtif utilisé pour contourner Microsoft 365 et Google MFA Unmasking Tycoon 2FA: A Stealthy Phishing Kit Used to Bypass Microsoft 365 and Google MFA 2024-05-09T06:00:11+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/tycoon-2fa-phishing-kit-mfa-bypass www.secnews.physaphae.fr/article.php?IdArticle=8496584 False Tool,Threat,Prediction,Cloud None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Les pirates abusent des annonces de recherche Google pour livrer des logiciels malveillants pleins de MSI Hackers Abuse Google Search Ads to Deliver MSI-Packed Malware 2024-05-09T00:49:06+00:00 https://community.riskiq.com/article/1f1ae96f www.secnews.physaphae.fr/article.php?IdArticle=8496261 False Ransomware,Malware,Tool,Threat,Prediction,Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Trend Micro dévoile de nouvelles capacités pour maîtriser l\'ensemble de la chaine d\'attaque et anticiper les incidents Produits]]> 2024-04-30T07:17:16+00:00 https://www.globalsecuritymag.fr/trend-micro-devoile-de-nouvelles-capacites-pour-maitriser-l-ensemble-de-la.html www.secnews.physaphae.fr/article.php?IdArticle=8491125 False Prediction,Cloud None 2.0000000000000000 Mandiant - Blog Sécu de Mandiant De l'assistant à l'analyste: la puissance de Gemini 1.5 Pro pour l'analyse des logiciels malveillants From Assistant to Analyst: The Power of Gemini 1.5 Pro for Malware Analysis Gemini 1.5 Pro to the test to see how it performed at analyzing malware. By providing code and using a simple prompt, we asked Gemini 1.5 Pro to determine if the file was malicious, and also to provide a list of activities and indicators of compromise. We did this for multiple malware files, testing with both decompiled and disassembled code, and Gemini 1.5 Pro was notably accurate each time, generating summary reports in human-readable language. Gemini 1.5 Pro was even able to make an accurate determination of code that - at the time - was receiving zero detections on VirusTotal. In our testing with other similar gen AI tools, we were required to divide the code into chunks, which led to vague and non-specific outcomes, and affected the overall analysis. Gemini 1.5 Pro, however, processed the entire code in a single pass, and often in about 30 to 40 seconds. Introduction The explosive growth of malware continues to challenge traditional, manual analysis methods, underscoring the urgent need for improved automation and innovative approaches. Generative AI models have become invaluable in some aspects of malware analysis, yet their effectiveness in handling large and complex malware samples has been limited. The introduction of Gemini 1.5 Pro, capable of processing up to 1 million tokens, marks a significant breakthrough. This advancement not only empowers AI to function as a powerful assistant in automating the malware analysis workflow but also significantly scales up the automation of code analysis. By substantially increasing the processing capacity, Gemini 1.5 Pro paves the way for a more adaptive and robust approach to cybersecurity, helping analysts manage the asymmetric volume of threats more effectively and efficiently. Traditional Techniques for Automated Malware Analysis The foundation of automated malware analysis is built on a combination of static and dynamic analysis techniques, both of which play crucial roles in dissecting and understanding malware behavior. Static analysis involves examining the malware without executing it, providing insights into its code structure and unobfuscated logic. Dynamic analysis, on the other hand, involves observing the execution of the malware in a controlled environment to monitor its behavior, regardless of obfuscation. Together, these techniques are leveraged to gain a comprehensive understanding of malware. Parallel to these techniques, AI and machine learning (ML) have increasingly been employed to classify and cluster malware based on behavioral patterns, signatures, and anomalies. These methodologies have ranged from supervised learning, where models are trained on labeled datasets, to unsupervised learning for clustering, which identifies patterns without predefined labels to group similar malware.]]> 2024-04-29T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/gemini-for-malware-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8500392 False Malware,Hack,Tool,Vulnerability,Threat,Studies,Prediction,Cloud,Conference Wannacry None Global Security Mag - Site de news francais Nouvelle menace Intelligence: 8Base Ransomware Gang \\ 'Enseigner Pme une leçon \\' - tendance micro New threat Intelligence: 8Base Ransomware gang \\'teaching SMBs a lesson\\' - Trend Micro mise à jour malveillant

Trend Micro is releasing new threat research into 8Base, an active ransomware group that has been targeting SMBs to \'teach them a lesson\'. Europe is the second-most attacked region. - Malware Update]]> 2024-04-25T11:49:30+00:00 https://www.globalsecuritymag.fr/new-threat-intelligence-8base-ransomware-gang-teaching-smbs-a-lesson-trend.html www.secnews.physaphae.fr/article.php?IdArticle=8488506 False Ransomware,Threat,Prediction None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Comprendre comment la rationalité, la théorie de la dissuasion et l'indéterminisme influencent la cybercriminalité. Understanding how Rationality, Deterrence Theory, and Indeterminism Influence Cybercrime. 2024-04-24T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/understanding-how-rationality-deterrence-theory-and-indeterminism-influence-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=8488070 False Tool,Vulnerability,Studies,Legislation,Prediction None 3.0000000000000000 Global Security Mag - Site de news francais De nouvelles recherches suggèrent que l'Afrique est utilisée comme terrain de test \\ '\\' pour la cyber-guerre nationale New research suggests Africa is being used as a \\'testing ground\\' for nation state cyber warfare rapports spéciaux

Global cybersecurity firm Performanta has revealed new insight into the role developing countries play in the ransomware ecosystem Performanta, the multinational cybersecurity firm specialising in helping companies move beyond security to achieve cyber safety, has uncovered a trend in how developing countries are being targeted by nation state actors. The firm\'s analysis explored the origins and characteristics of Medusa, a ransomware-as-a-service targeting organisations globally. The (...) - Special Reports]]> 2024-04-24T08:33:34+00:00 https://www.globalsecuritymag.fr/new-research-suggests-africa-is-being-used-as-a-testing-ground-for-nation-state.html www.secnews.physaphae.fr/article.php?IdArticle=8487871 False Ransomware,Prediction None 3.0000000000000000 TrendMicro - Security Firm Blog Trend Micro a collaboré avec Interpol pour réprimer Grandoreiro Banking Trojan Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan In this blog entry, we discuss Trend Micro\'s contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro banking trojan.]]> 2024-04-24T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/trend-micro-collaborated-with-interpol-in-cracking-down-grandore.html www.secnews.physaphae.fr/article.php?IdArticle=8487839 False Malware,Legislation,Prediction None 3.0000000000000000 IT Security Guru - Blog Sécurité Le rapport M mandiant \\ a révèle de nouvelles perspectives des cyber-enquêtes de première ligne Mandiant\\'s M-Trends Report Reveals New Insights from Frontline Cyber Investigations Le rapport M mandiant \\ a révèle que de nouvelles perspectives des cyber-enquêtes de première ligne sont apparues pour la première fois sur gourou de la sécurité informatique .

Mandiant, part of Google Cloud, today released the findings of its M-Trends 2024 report. Now in its 15th year, this annual report provides expert trend analysis based on Mandiant frontline cyber attack investigations and remediations conducted in 2023. The 2024 report reveals evidence that organizations globally have made meaningful improvements in their defensive capabilities, identifying […] The post Mandiant\'s M-Trends Report Reveals New Insights from Frontline Cyber Investigations first appeared on IT Security Guru. ]]> 2024-04-23T13:59:53+00:00 https://www.itsecurityguru.org/2024/04/23/mandiants-m-trends-report-reveals-new-insights-from-frontline-cyber-investigations/?utm_source=rss&utm_medium=rss&utm_campaign=mandiants-m-trends-report-reveals-new-insights-from-frontline-cyber-investigations www.secnews.physaphae.fr/article.php?IdArticle=8487440 False Prediction,Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Trend Micro Incorporated a annoncé la disponibilité de la gestion des cyber-risques dirigée par l'IA Trend Micro Incorporated announced the availability of AI-driven cyber risk management revues de produits

Trend Micro Unveils New Cyber Risk Management Capabilities to Anticipate and Eliminate Breaches 10-to-1 tool consolidation drives record adoption by thousands of enterprise customers - Product Reviews]]> 2024-04-22T12:55:24+00:00 https://www.globalsecuritymag.fr/trend-micro-incorporated-announced-the-availability-of-ai-driven-cyber-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8486832 False Tool,Prediction None 2.0000000000000000 ProjectZero - Blog de recherche Google The Windows Registry Adventure # 2: Une brève histoire de la fonctionnalité The Windows Registry Adventure #2: A brief history of the feature Hives Load hive Unload hive Flush hive to disk Keys Open key Create key Delete key ]]> 2024-04-18T09:46:51+00:00 https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-2.html www.secnews.physaphae.fr/article.php?IdArticle=8484832 False Tool,Prediction,Technical None 4.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Introduction à l'analyse de la composition logicielle et comment sélectionner un outil SCA Introduction to Software Composition Analysis and How to Select an SCA Tool Apache Log4j library vulnerability, which posed serious security risks. And this is not an isolated incident. Using open-source software necessitates thorough Software Composition Analysis (SCA) to identify these security threats. Organizations must integrate SCA tools into their development workflows while also being mindful of their limitations. Why SCA Is Important Open-source components have become crucial to software development across various industries. They are fundamental to the construction of modern applications, with estimates suggesting that up to 96% of the total code bases contain open-source elements. Assembling applications from diverse open-source blocks presents a challenge, necessitating robust protection strategies to manage and mitigate risks effectively. Software Composition Analysis is the process of identifying and verifying the security of components within software, especially open-source ones. It enables development teams to efficiently track, analyze, and manage any open-source element integrated into their projects. SCA tools identify all related components, including libraries and their direct and indirect dependencies. They also detect software licenses, outdated dependencies, vulnerabilities, and potential exploits. Through scanning, SCA creates a comprehensive inventory of a project\'s software assets, offering a full view of the software composition for better security and compliance management. Although SCA tools have been available for quite some time, the recent open-source usage surge has cemented their importance in application security. Modern software development methodologies, such as DevSecOps, emphasize the need for SCA solutions for developers. The role of security officers is to guide and assist developers in maintaining security across the Software Development Life Cycle (SDLC), ensuring that SCA becomes an integral part of creating secure software. Objectives and Tasks of SCA Tools Software Composition Analysis broadly refers to security methodologies and tools designed to scan applications, typically during development, to identify vulnerabilities and software license issues. For effective management of open-source components and associated risks, SCA solutions help navigate several tasks: 1) Increasing Transparency A developer might incorporate various open-source packages into their code, which in turn may depend on additional open-source packages unknown to the developer. These indirect dependencies can extend several levels deep, complicating the understanding of exactly which open-source code the application uses. Reports indicate that 86% of vulnerabilities in node.js projects stem from transitive (indirect) dependencies, w]]> 2024-04-17T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/introduction-to-software-composition-analysis-and-how-to-select-an-sca-tool www.secnews.physaphae.fr/article.php?IdArticle=8484209 False Tool,Vulnerability,Threat,Patching,Prediction,Cloud,Commercial None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Facteur humain de la cybersécurité: fusion de la technologie avec des stratégies centrées sur les personnes Cybersecurity\\'s Human Factor: Merging Tech with People-Centric Strategies nuanced approach to cybersecurity—one that not only fortifies defenses but also resonates with and supports the people behind the screens. Integrating human-centric design with continuous threat management emerges as a forward-thinking strategy, promising a balanced blend of technical excellence and user empathy to navigate the complex cybersecurity challenges of today and tomorrow. Embracing the Human Element in Cybersecurity Diving into the realm of human-centric security design and culture, it\'s clear that the future of cybersecurity isn\'t just about the latest technology—it\'s equally about the human touch. This approach puts the spotlight firmly on enhancing the employee experience, ensuring that cybersecurity measures don\'t become an unbearable burden that drives people to take shortcuts. By designing systems that people can use easily and effectively, the friction often caused by stringent security protocols can be significantly reduced. Gartner\'s insights throw a compelling light on this shift, predicting that by 2027, half of all Chief Information Security Officers (CISOs) will have formally embraced human-centric security practices. This isn\'t just a hopeful guess but a recognition of the tangible benefits these practices bring to the table—reducing operational friction and bolstering the adoption of essential controls. This strategic pivot also acknowledges a fundamental truth. When security becomes a seamless part of the workflow, its effectiveness skyrockets. It\'s a win-win, improving both the user experience and the overall security posture. CTEM: Your Cybersecurity Compass in Stormy Seas Imagine that your organization\'s cybersecurity landscape isn\'t just a static battleground. Instead, it’s more like the open sea, with waves of threats coming and going, each with the potential to breach your defenses. That\'s where Continuous Threat Exposure Management (CTEM) sails in, serving as your trusted compass, guiding you through these treacherous waters. CTEM isn\'t your average, run-of-the-mill security tactic. It\'s about being proactive, scanning the horizon with a spyglass, looking for potential vulnerabilities before they even become a blip on a hacker\'s radar. Think of it as your cybersecurity early-warning system, constantly on the lookout for trou]]> 2024-04-16T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/cybersecuritys-human-factor-merging-tech-with-people-centric-strategies www.secnews.physaphae.fr/article.php?IdArticle=8483336 False Vulnerability,Threat,Studies,Prediction,Medical,Technical None 2.0000000000000000 The State of Security - Magazine Américain Casquer un filet de cybersécurité pour sécuriser l'IA génératrice dans la fabrication Casting a Cybersecurity Net to Secure Generative AI in Manufacturing Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools. The use of generative AI in manufacturing poses particular challenges. Over one-third of manufacturers plan to invest in this technology, making it the industry\'s fourth most common strategic business change. As that trend continues, manufacturers - often prime cybercrime targets - must ensure generative AI is secure enough before its risks outweigh...]]> 2024-04-16T02:58:57+00:00 https://www.tripwire.com/state-of-security/casting-cybersecurity-net-secure-generative-ai-manufacturing www.secnews.physaphae.fr/article.php?IdArticle=8483269 False Tool,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le timing est tout: le rôle de l'accès privilégié juste à temps dans l'évolution de la sécurité Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to privileged identity management aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users with]]> 2024-04-15T15:51:00+00:00 https://thehackernews.com/2024/04/timing-is-everything-role-of-just-in.html www.secnews.physaphae.fr/article.php?IdArticle=8482679 False Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires, 15 avril 2024 Weekly OSINT Highlights, 15 April 2024 2024-04-15T15:15:00+00:00 https://community.riskiq.com/article/c2035b32 www.secnews.physaphae.fr/article.php?IdArticle=8482834 False Ransomware,Spam,Malware,Tool,Threat,Prediction None 2.0000000000000000 ProofPoint - Cyber Firms Comment la protection d'identification de la preuve peut vous aider à répondre aux exigences de conformité CMMC How Proofpoint Impersonation Protection Can Help You Meet CMMC Compliance Requirements 2024-04-15T06:00:31+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/safeguard-business-with-impersonation-protection www.secnews.physaphae.fr/article.php?IdArticle=8482707 False Threat,Industrial,Prediction,Commercial None 2.0000000000000000 ProofPoint - Cyber Firms Revisiter MACT: Applications malveillantes dans des locataires cloud crédibles Revisiting MACT: Malicious Applications in Credible Cloud Tenants 2024-04-11T13:27:54+00:00 https://www.proofpoint.com/us/blog/cloud-security/revisiting-mact-malicious-applications-credible-cloud-tenants www.secnews.physaphae.fr/article.php?IdArticle=8480061 False Malware,Threat,Prediction,Cloud APT 29 3.0000000000000000 TrendLabs Security - Editeur Antivirus Les attaques sans fil provoquent la sécurité de la nouvelle génération d'Intel \\ Fileless Attacks Prompt Intel\\'s Next-Gen Security Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions.]]> 2024-04-11T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/fileless-malware-attack-solution.html www.secnews.physaphae.fr/article.php?IdArticle=8480876 False Threat,Prediction None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Threat Actors Hack YouTube Channels to Distribute Infostealers (Vidar and LummaC2) ## Snapshot The AhnLab Security Intelligence Center (ASEC) has identified a concerning trend where threat actors are exploiting YouTube channels to distribute Infostealers, specifically Vidar and LummaC2. ## Description Rather than creating new channels, the attackers are hijacking existing, popular channels with hundreds of thousands of subscribers. The malware is disguised as cracked versions of legitimate software, and the attackers use YouTube\'s video descriptions and comments to distribute the malicious links. The Vidar malware, for example, is disguised as an installer for Adobe software, and it communicates with its command and control (C&C) server via Telegram and Steam Community. Similarly, LummaC2 is distributed under the guise of cracked commercial software and is designed to steal account credentials and cryptocurrency wallet files. The threat actors\' method of infiltrating well-known YouTube channels with a large subscriber base raises concerns about the potential reach and impact of the distributed malware. The disguised malware is often compressed with password protection to evade detection by security solutions. It is crucial for users to exercise caution when downloading software from unofficial sources and to ensure that their security software is up to date to prevent malware infections. ## References [https://asec.ahnlab.com/en/63980/](https://asec.ahnlab.com/en/63980/)]]> 2024-04-09T19:48:57+00:00 https://community.riskiq.com/article/e9f5e219 www.secnews.physaphae.fr/article.php?IdArticle=8478894 False Malware,Hack,Threat,Prediction,Commercial None 3.0000000000000000 CyberArk - Software Vendor Cookies au-delà des navigateurs: comment évoluer les attaques basées sur la session Cookies Beyond Browsers: How Session-Based Attacks Are Evolving In the past few years, we have witnessed a significant shift in the attack landscape, from stealing clear text credentials to targeting session-based authentication. This trend is driven by the proliferation of multi-factor authentication (MFA),...]]> 2024-04-09T15:05:01+00:00 https://www.cyberark.com/blog/cookies-beyond-browsers-how-session-based-attacks-are-evolving/ www.secnews.physaphae.fr/article.php?IdArticle=8478738 False Prediction None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Même cibles, nouveaux manuels: les acteurs de la menace en Asie de l'Est utilisent des méthodes uniques Same targets, new playbooks: East Asia threat actors employ unique methods 2024-04-05T13:39:39+00:00 https://community.riskiq.com/article/b4f39b04 www.secnews.physaphae.fr/article.php?IdArticle=8476526 False Malware,Tool,Vulnerability,Threat,Studies,Industrial,Prediction,Technical Guam 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Lockbit se précipite après le retrait, repopule le site de fuite avec de vieilles violations LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches A Trend Micro report shows a clear drop in the number of actual infections associated with the LockBit ransomware following Operation Cronos]]> 2024-04-04T16:30:00+00:00 https://www.infosecurity-magazine.com/news/lockbit-takedown-leak-site-old/ www.secnews.physaphae.fr/article.php?IdArticle=8476004 False Ransomware,Prediction None 2.0000000000000000 ProofPoint - Cyber Firms Latrodectus: ces octets d'araignée comme la glace Latrodectus: This Spider Bytes Like Ice 2024-04-04T11:47:34+00:00 https://www.proofpoint.com/us/blog/threat-insight/latrodectus-spider-bytes-ice www.secnews.physaphae.fr/article.php?IdArticle=8475749 False Ransomware,Malware,Tool,Threat,Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Earth Freybug Uses UNAPIMON for Unhooking Critical APIs #### Description Trend Micro analyzed a cyberespionage attack the company has attributed to Earth Freybug, a subset of APT41 (tracked by Microsoft as [Brass Typhoon](https://sip.security.microsoft.com/intel-profiles/f0aaa62bfbaf3739bb92106688e6a00fc05eafc0d4158b0e389b4078112d37c6?)). According to Trend Micro, Earth Freybug has been active since at least 2012 and the Chinese-linked group has been active in espionage and financially motivated attacks. Earth Freybug employs diverse tools like LOLBins and custom malware, targeting organizations globally. The attack used techniques like dynamic link library (DLL) hijacking and API unhooking to avoid monitoring for a new malware called UNAPIMON. UNAPIMON evades detection by preventing child processes from being monitored. The attack flow involved creating remote scheduled tasks and executing reconnaissance commands to gather system information. Subsequently, a backdoor was launched using DLL side-loading via a service called SessionEnv, which loads a malicious DLL. UNAPIMON, the injected DLL, uses API hooking to evade monitoring and execute malicious commands undetected, showcasing the attackers\' sophistication. [Check out Microsoft\'s write-up on dynamic-link library (DLL) hijacking here.](https://sip.security.microsoft.com/intel-explorer/articles/91be20e8?) #### Reference URL(s) 1. https://www.trendmicro.com/en_us/research/24/d/earth-freybug.html #### Publication Date April 2, 2024 #### Author(s) Christopher So]]> 2024-04-03T20:46:53+00:00 https://community.riskiq.com/article/327771c8 www.secnews.physaphae.fr/article.php?IdArticle=8475473 False Malware,Tool,Prediction APT 41 2.0000000000000000 Security Intelligence - Site de news Américain Genai: La prochaine frontière des menaces de sécurité de l'IA GenAI: The next frontier in AI security threats Les acteurs de la menace ne sont pas encore en train d'attaquer une IA générative (Genai) à grande échelle, mais ces menaces de sécurité de l'IA arrivent.Cette prédiction provient de l'indice de renseignement sur les menaces X 2024.Voici un examen des types de renseignements sur les menaces qui sous-tendent ce rapport.Les cyber-criminels changent la mise au point accrue des bavardages sur les marchés illicites et les forums Web sombres sont un signe [& # 8230;]

>Threat actors aren’t attacking generative AI (GenAI) at scale yet, but these AI security threats are coming. That prediction comes from the 2024 X-Force Threat Intelligence Index. Here’s a review of the threat intelligence types underpinning that report. Cyber criminals are shifting focus Increased chatter in illicit markets and dark web forums is a sign […] ]]> 2024-04-03T13:00:00+00:00 https://securityintelligence.com/articles/gen-ai-next-ai-security-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8475231 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Des pirates liés à la Chine déploient de nouveaux \\ 'Unapimon \\' malware pour les opérations furtives China-linked Hackers Deploy New \\'UNAPIMON\\' Malware for Stealthy Operations A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today. "It has been observed to]]> 2024-04-02T16:30:00+00:00 https://thehackernews.com/2024/04/china-linked-hackers-deploy-new.html www.secnews.physaphae.fr/article.php?IdArticle=8474613 False Malware,Threat,Prediction None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Arrestations numériques: la nouvelle frontière de la cybercriminalité Digital Arrests: The New Frontier of Cybercrime A Noida woman was duped out of over Rs 11 lakh (approximately $13,500 USD) in a digital arrest scam. The scammers, posing as police officers, convinced her that her identity was used in illicit activities and her involvement carried severe legal ramifications. Through prolonged interrogation on a video call, they led her to transfer the funds under the guise of protection. Case II: A 23-year-old woman was defrauded of Rs 2.5 lakh (approximately $3,000 USD) after fraudsters convinced her that her Aadhaar card details were linked to human trafficking activities. Facing threats of arrest and social humiliation, she was coerced into transferring money]]> 2024-04-02T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/digital-arrests-the-new-frontier-of-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=8474670 False Vulnerability,Threat,Legislation,Prediction,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Le site de déchets nucléaires de sellafield étendus poursuivi pour défaillance de la cybersécurité Sprawling Sellafield Nuclear Waste Site Prosecuted for Cybersecurity Failings UK regulator said that one of the world\'s most toxic sites accumulated cybersecurity "offenses" from 2019 to 2023.]]> 2024-04-01T20:24:18+00:00 https://www.darkreading.com/ics-ot-security/sellafield-nuclear-waste-site-prosecuted-cybersecurity-failings www.secnews.physaphae.fr/article.php?IdArticle=8474224 False Legislation,Prediction None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC AI - le bon, le mauvais et effrayant AI - The Good, Bad, and Scary 2024-04-01T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/ai-the-good-bad-and-scary www.secnews.physaphae.fr/article.php?IdArticle=8473954 False Ransomware,Tool,Prediction,Medical None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Spotlight malware: linodas aka dinodasrat pour Linux Malware Spotlight: Linodas aka DinodasRAT for Linux Introduction Au cours des derniers mois, Check Point Research (RCR) a surveillé de près l'activité d'un acteur de menace de cyber-espionnage chinois-nexus qui se concentre sur l'Asie du Sud-Est, l'Afrique et l'Amérique du Sud.Cette activité s'aligne considérablement sur les idées que les micro-chercheurs de tendance ont publiquement partagées dans leur analyse complète d'un acteur de menace appelé & # 160; Terre Krahang.Ce [& # 8230;]

>Introduction In recent months, Check Point Research (CPR) has been closely monitoring the activity of a Chinese-nexus cyber espionage threat actor who is focusing on Southeast Asia, Africa, and South America. This activity significantly aligns with the insights the Trend Micro researchers publicly shared in their comprehensive analysis of a threat actor called Earth Krahang. This […] ]]> 2024-03-31T18:01:02+00:00 https://research.checkpoint.com/2024/29676/ www.secnews.physaphae.fr/article.php?IdArticle=8473639 False Malware,Threat,Prediction None 2.0000000000000000 Mandiant - Blog Sécu de Mandiant La vie après la mort?Les campagnes de l'IO liées à un homme d'affaires russe notoire Prigozhin persiste après sa chute politique et sa mort Life After Death? IO Campaigns Linked to Notorious Russian Businessman Prigozhin Persist After His Political Downfall and Death In June 2023, Russian businessman Yevgeniy Prigozhin and his private military company (PMC) “Wagner” carried out an armed mutiny within Russia. The events triggered the meteoric political downfall of Prigozhin, raising questions about the future of his various enterprises that were only underscored when he died two months later under suspicious circumstances. Up to that point, Prigozhin and his enterprises worked to advance the Kremlin\'s interests as the manifestation of the thinnest veil of plausible deniability for state-guided actions on multiple continents. Such enterprises included the Wagner PMC; overt influence infrastructure, like his media company Patriot Group that housed his media companies, including the “RIA FAN” Federal News Agency; covert influence infrastructures; and an array of businesses aimed at generating personal wealth and the resourcing necessary to fund his various ventures. Mandiant has for years tracked and reported on covert information operations (IO) threat activity linked to Prigozhin. His involvement in IO was first widely established in the West as part of the public exposure of Russian-backed interference in the 2016 U.S. presidential election-this included activity conducted by Russia\'s Internet Research Agency (IRA), which the U.S. Government publicly named Prigozhin as its financier. Subsequently, Prigozhin was publicly connected to a web of IO activity targeting the U.S., EU, Ukraine, Russian domestic audiences, countries across Africa, and further afield. Such activity has worked not only to advance Russian interests on matters of strategic importance, but also has attempted to exploit existing divisions in societies targeting various subgroups across their population. Throughout 2023, Mandiant has observed shifts in the activity from multiple IO campaigns linked to Prigozhin, including continued indicators that components of these campaigns have remained viable since his death. This blog post examines a sample of Prigozhin-linked IO campaigns to better understand their outcomes thus far and provide an overview of what can be expected from these activity sets in the future. This is relevant not only because some of the infrastructure of these campaigns remains viable despite Prigozhin\'s undoing, but also because we advance into a year in which Ukraine continues to dominate Russia\'s strategic priorities and there are multiple global elections that Russia may seek to influence. Mandiant and Google\'s Threat Analysis Group (TAG) work together in support of our respective missions at Google. TAG has likewise been tracking coordinated influence operations linked to Prigozhin and the Internet Research Agency (IRA) for years; and in 2023, Google took over 400 enforcement actions to disrupt IO campaigns linked to the IRA, details of which are reported in the quarterly TAG Bulletin. TAG has not observed significant activity from the IRA or other Prigozhin-linked entities specifically on Google platforms since Prigozhin\'s death,]]> 2024-03-28T11:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/io-campaigns-russian-prigozhin-persist/ www.secnews.physaphae.fr/article.php?IdArticle=8500400 False Threat,Studies,Legislation,Prediction None None ProofPoint - Cyber Firms Améliorations de la sensibilisation à la sécurité de ProofPoint: 2024 Release hivernale et au-delà Proofpoint Security Awareness Enhancements: 2024 Winter Release and Beyond 2024-03-28T10:21:02+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/security-awareness-program-enhancements-winter-release www.secnews.physaphae.fr/article.php?IdArticle=8471991 False Vulnerability,Threat,Prediction None 3.0000000000000000 Zimperium - cyber risk firms for mobile Fausses applications sophistiquées: une préoccupation croissante Sophisticated Fake Apps: A Growing Concern Les cybercriminels utilisent des tactiques de plus en plus sophistiquées pour cibler les utilisateurs sans méfiance.Une telle tactique gagnant du terrain est le smir & # 8211;Une attaque qui tire parti de messages texte pour tromper les individus en fournissant des informations sensibles ou en téléchargeant du contenu malveillant.Dans cette dernière tendance, les cybercriminels créent de fausses applications qui imitent les services bancaires ou financiers légitimes.[& # 8230;]

>Cybercriminals are employing increasingly sophisticated tactics to target unsuspecting users. One such tactic gaining traction is smishing – an attack that leverages text messages to deceive individuals into providing sensitive information or downloading malicious content. In this latest trend, cybercriminals create fake apps that mimic legitimate banking or financial services. […] ]]> 2024-03-27T13:00:00+00:00 https://www.zimperium.com/blog/sophisticated_fake_apps_a_growing_concern/ www.secnews.physaphae.fr/article.php?IdArticle=8471354 False Prediction None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC L'importance croissante du CAASM dans la stratégie de cybersécurité de l'entreprise The Growing Importance of CAASM in Company Cybersecurity Strategy expansion of the attack surface as a significant risk for corporate cyber environments in the upcoming years. The most vulnerable entities include IoT devices, cloud apps, open-source systems, and complex software supply chains. There is an increasing demand for concepts like Cyber Asset Attack Surface Management (CAASM), External Attack Surface Management (EASM), and Cloud Security Posture Management (CSPM) in corporate security frameworks. This trend is also documented in Gartner\'s "hype" chart. Let\'s discuss the concept of CAASM, which is centered on identifying and managing all digital assets within an organization, whether they are internal or external. This approach aims to provide a comprehensive view and control over the organization\'s cyber environment, enhancing security measures and management practices. What Is CAASM CAASM assists IT departments in achieving end-to-end visibility of a company\'s cyber assets. This strategy creates a fuller understanding of the actual state of the infrastructure, enabling the security team to respond promptly to existing threats and potential future ones. CAASM-based products and solutions integrate with a broad array of data sources and security tools. CAASM gathers and aggregates data and analyzes perimeter traffic, providing a continuous, multi-dimensional view of the entire attack surface. Having access to current asset data enables information security officers to visualize the infrastructure and address security gaps promptly. They can prioritize the protection of assets and develop a unified perspective on the organization\'s actual security posture. This sets the stage for proactive risk management strategies. Exploring CAASM\'s Core Functions The CAASM approach equips security professionals with a variety of tools necessary for effectively managing an organization\'s attack surface and addressing risks. Asset Discovery A lack of visibility into all of an organization\'s assets heightens the risk of cyberattacks. Cyber Asset Attack Surface Management products automatically detect and catalog every component of a company\'s digital infrastructure, encompassing local, cloud, and various remote systems, including shadow IT. A company employing CAASM gains a clear overview of all its deployed web applications, servers, network devices, and cloud services. CAASM facilitates a comprehensive inventory of the devices, applications, networks, and users constituting the company\'s attack surface. Vulnerability Detection It is important to understand the risks each asset poses, such as missing the latest security updates or opportunities to access sensitive data. CAASM systems integrate asset data, helping security teams identify misconfigurations, vulnerabilities, and oth]]> 2024-03-26T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-growing-importance-of-caasm-in-company-cybersecurity-strategy www.secnews.physaphae.fr/article.php?IdArticle=8470766 False Ransomware,Tool,Vulnerability,Threat,Prediction,Cloud None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Décodage des implications de cybersécurité de l'avancement rapide de l'AI \\ Decoding the Cybersecurity Implications of AI\\'s Rapid Advancement up for grabs by the other side, and can (and will) arm them to launch attacks of unprecedented sophistication and elusiveness, the likes of which we’ve thankfully never seen up to now. How do we wield this impressive technology to fortify our defenses, while preventing it from falling into the wrong hands? Can such a thing even be accomplished? Join me below as we take a closer look at how AI’s rapid rise is changing the landscape of cybersecurity. AI as a Defense Tool AI is a reliable navigator for charting the digital deluge—it has the ability to handle vast quantities of information rapidly on a level that no human could ever hope to match. It doesn’t take a huge leap to come to the conclusion that those capabilities can very easily be leveraged for defense. Automated Threat Detection Think of AI as the ever-watchful eye, tirelessly scanning the horizon for signs of trouble in the vast sea of data. Its capability to detect threats with speed and precision beyond human ken is our first line of defense against the shadows that lurk in the network traffic, camouflaged in ordinary user behavior, or embedded within the seemingly benign activities of countless applications. AI isn’t just about spotting trouble; it’s about understanding it. Through machine learning, it constructs models that learn from the DNA of malware, enabling it to recognize new variants that bear the hallmarks of known threats. This is akin to recognizing an enemy’s tactics, even if their strategy evolves. All of what I’ve said also here applies to incident response—with AI’s ability to automatically meet threats head-on making a holistic cybersecurity posture both easier to achieve and less resource-intensive for organizations of all sizes. Predictive Analytics By understanding the patterns and techniques used in previous breaches, AI models can predict where and how cybercriminals might strike next. This foresight enables organizations to reinforce their defenses before an attack occurs, transforming cybersecurity from a reactive discipline into a proactive strategy that helps prevent breaches rather than merely responding to them. The sophistication of predictive analytics lies in its use of diverse data sources, including threat intelligence feeds, anomaly detection reports, and global cybersecurity trends. This comprehensive view allows AI systems to identify correlations and causations that might elude human analysts. Phishing Detection and Email Filtering AI has stepped up as a pivotal ally in the ongoing skirmish against phishing and other forms of social engineering attacks, which too often lay the groundwork for more invasive security breaches. Through meticulous analysis of email content, context, and even the]]> 2024-03-25T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/decoding-the-cybersecurity-implications-of-ais-rapid-advancement www.secnews.physaphae.fr/article.php?IdArticle=8470065 False Spam,Tool,Vulnerability,Threat,Prediction,Technical Deloitte 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Faire du sport de sport: la cyber-menace croissante pour les événements sportifs mondiaux en 2024 Making Sport of Sports: The Growing Cyber Threat to Global Sports Events in 2024 Alors que le calendrier sportif mondial transforme ses pages aux Jeux olympiques attendus à Paris et à la Coupe Euro 2024 en Allemagne, une ombre inquiétante menace de ternir ces lunettes.La tendance des cyberattaques contre les événements sportives a considérablement augmenté, avec une augmentation de 20 fois les attaques contre les Jeux olympiques de 2012 à 2021, aboutissant à des attaques stupéfiantes de 4,4 milliards pendant les Jeux de Tokyo.De même, la Coupe du monde 2022 a connu un afflux de courriels de phishing, soulignant une marée croissante de cyber-menaces auxquelles le monde du sport doit affronter.Une enquête menée par le Centre national de cybersécurité du Royaume-Uni [& # 8230;]

>As the global sports calendar turns its pages to the eagerly awaited Olympic Games in Paris and the EURO 2024 Cup in Germany, an ominous shadow threatens to tarnish these spectacles. The trend of cyber attacks on sports events has escalated dramatically, with a 20-fold increase in attacks on the Olympics from 2012 to 2021, culminating in a staggering 4.4 billion attacks during the Tokyo games. Similarly, the 2022 World Cup witnessed an influx of phishing emails, underscoring a rising tide of cyber threats that the sports world must confront. A survey conducted by the UK’s National Cyber Security Centre […] ]]> 2024-03-21T13:00:07+00:00 https://blog.checkpoint.com/security/making-sport-of-sports-the-growing-cyber-threat-to-global-sports-events-in-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8467888 False Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms Mémoire de sécurité: TA450 utilise des liens intégrés dans les pièces jointes PDF dans la dernière campagne Security Brief: TA450 Uses Embedded Links in PDF Attachments in Latest Campaign 2024-03-21T07:53:21+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta450-uses-embedded-links-pdf-attachments-latest-campaign www.secnews.physaphae.fr/article.php?IdArticle=8467970 False Malware,Threat,Prediction None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Trend Micro découvre la Terre des pirates de krahang exploitant la confiance intergouvernementale pour les attaques intergouvernementales Trend Micro uncovers Earth Krahang hackers exploiting intergovernmental trust for cross-government attacks Trend Micro researchers disclosed that since early 2022 they have been tracking Earth Krahang, an APT (advanced persistent... ]]> 2024-03-20T10:26:22+00:00 https://industrialcyber.co/news/trend-micro-uncovers-earth-krahang-hackers-exploiting-intergovernmental-trust-for-cross-government-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8467250 False Studies,Prediction None 3.0000000000000000 Zimperium - cyber risk firms for mobile The Growing Risks of On-Device Fraud L'image est douloureusement claire...Les organisations ne voient pas de ralentissement de la fraude financière ciblant les appareils mobiles.MasterCard a récemment partagé que leurs données montrent une tendance de 41 milliards de dollars de perte liée à la fraude en 2022, atteignant 48 milliards de dollars d'ici 2023. JuniperResearch met le nombre à 91 milliards de dollars d'ici 2028 et [& # 8230;]

>The picture is painfully clear . . . organizations are not seeing a slowdown in financial fraud targeting mobile devices. Mastercard recently shared that their data shows a trend of $41billion in fraud-related loss in 2022, growing to $48billion by 2023. JuniperResearch puts the number at $91billion by 2028 and […] ]]> 2024-03-19T13:00:00+00:00 https://www.zimperium.com/blog/the-growing-risks-of-on-device-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8466664 False Mobile,Prediction None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine La campagne de menace chinoise prolifique cible plus de 100 victimes Prolific Chinese Threat Campaign Targets 100+ Victims Trend Micro uncovers Chinese cyber-espionage campaign Earth Krahang]]> 2024-03-19T09:30:00+00:00 https://www.infosecurity-magazine.com/news/chinese-campaign-targets-100/ www.secnews.physaphae.fr/article.php?IdArticle=8466578 False Threat,Prediction None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires OSINT, 18 mars 2024 Weekly OSINT Highlights, 18 March 2024 2024-03-18T13:23:03+00:00 https://community.riskiq.com/article/54f79303 www.secnews.physaphae.fr/article.php?IdArticle=8466085 False Ransomware,Spam,Malware,Tool,Threat,Prediction None 3.0000000000000000 The State of Security - Magazine Américain Apprentissage fédéré pour la cybersécurité: intelligence collaborative pour la détection des menaces Federated Learning for Cybersecurity: Collaborative Intelligence for Threat Detection The demand for innovative threat detection and intelligence approaches is more pressing than ever. One such paradigm-shifting technology gaining prominence is Federated Learning (FL). This emerging concept harnesses the power of collaborative intelligence, allowing disparate entities to pool their insights without compromising sensitive data. A report by Apple suggests that the number of data breaches nearly tripled between 2013 and 2022, compromising 2.6 billion records over the course of just two years, a trend that is only getting worse. A Review of Basic Concepts Organizations have rapidly...]]> 2024-03-18T04:20:51+00:00 https://www.tripwire.com/state-of-security/federated-learning-cybersecurity-collaborative-intelligence-threat-detection www.secnews.physaphae.fr/article.php?IdArticle=8465938 False Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Redcurl Cybercrime Group abuse de l'outil PCA Windows pour l'espionnage d'entreprise RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis]]> 2024-03-14T15:53:00+00:00 https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8463710 False Tool,Prediction None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Le rôle des proxies dans le commerce électronique: stimuler le succès en ligne de la vente au détail The role of proxies in e-commerce: Boosting online retail success GoProxies have become indispensable allies in the quest to boost e-commerce success. What exactly are proxies? Imagine you want to send a gift without revealing your identity. You might ask a friend to deliver it for you. That\'s what a proxy does — it\'s your discreet friend in the world of the internet, passing along requests and responses so your online presence remains anonymous and secure. A cloak of invisibility for market research ]]> 2024-03-12T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-role-of-proxies-in-e-commerce-boosting-online-retail-success www.secnews.physaphae.fr/article.php?IdArticle=8462712 False Tool,Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires OSINT, 11 mars 2024 Weekly OSINT Highlights, 11 March 2024 2024-03-11T13:43:18+00:00 https://community.riskiq.com/article/0d210725 www.secnews.physaphae.fr/article.php?IdArticle=8462154 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction,Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Trend Micro : Rapport 2023 sur l\'état de la cybersécurité Investigations]]> 2024-03-11T10:25:07+00:00 https://www.globalsecuritymag.fr/trend-micro-rapport-2023-sur-l-etat-de-la-cybersecurite.html www.secnews.physaphae.fr/article.php?IdArticle=8462507 False Threat,Studies,Prediction None 4.0000000000000000 Dark Reading - Informationweek Branch \\ 'La tendance la plus étrange de la cybersécurité \\': les États-nations reviennent aux USB \\'The Weirdest Trend in Cybersecurity\\': Nation-States Returning to USBs USBs are fetch again, as major APTs from Russia, China, and beyond are turning to them for BYOD cyberattacks.]]> 2024-03-07T21:16:13+00:00 https://www.darkreading.com/ics-ot-security/weirdest-trend-cybersecurity-nation-states-usb www.secnews.physaphae.fr/article.php?IdArticle=8460514 False Prediction None 4.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Mémo sur les menaces du cloud: Google Drive a abusé des organisations ciblées dans les pays asiatiques Cloud Threats Memo: Google Drive Abused to Target Organizations in Asian Countries Le dernier exemple d'une menace persistante avancée exploitant un service cloud légitime pour fournir une charge utile malveillante a récemment été déterminé par les chercheurs de Trend Micro.En tant que suivi d'une campagne ciblant plusieurs pays européens, découvert en juillet 2023 et attribué à l'APT Earth Preta (également connu sous le nom de Mustang Panda et Bronze [& # 8230;]

>The latest example of an advanced persistent threat exploiting a legitimate cloud service to deliver a malicious payload was recently unearthed by researchers at Trend Micro. As a follow up of a campaign targeting several European countries, discovered in July 2023 and attributed to the APT Earth Preta (also known as Mustang Panda and Bronze […] ]]> 2024-03-06T15:00:00+00:00 https://www.netskope.com/blog/cloud-threats-memo-google-drive-abused-to-target-organizations-in-asian-countries www.secnews.physaphae.fr/article.php?IdArticle=8459858 False Threat,Prediction,Cloud None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Dévoiler la Terre Kapre AKA AKE REDCURL \\'s Cyberspionage Tactics with Trend Micro MDR, Mende Intelligence Unveiling Earth Kapre aka RedCurl\\'s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence This blog entry will examine Trend Micro MDR team\'s investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group.]]> 2024-03-06T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/unveiling-earth-kapre-aka-redcurls-cyberespionage-tactics-with-t.html www.secnews.physaphae.fr/article.php?IdArticle=8459685 False Threat,Prediction None 2.0000000000000000 TrendMicro - Security Firm Blog Le ransomware mondial à plusieurs étages utilise des tactiques anti-AV, exploite GPO Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.]]> 2024-03-04T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/multistage-ra-world-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8458736 False Ransomware,Threat,Prediction None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Gouvernance de l'IA et préservation de la vie privée AI governance and preserving privacy Cisco’s 2023 consumer privacy survey, a study of over 2600 consumers in 12 countries globally, indicates consumer awareness of data privacy rights is continuing to grow with the younger generations (age groups under 45) exercising their Data Subject Access rights and switching providers over their privacy practices and policies. Consumers support AI use but are also concerned. With those supporting AI for use: 48% believe AI can be useful in improving their lives 54% are willing to share anonymized personal data to improve AI products AI is an area that has some work to do to earn trust 60% of respondents believe the use of AI by organizations has already eroded trust in them 62% reported concerns about the business use of AI 72% of respondents indicated that having products and solutions aud]]> 2024-02-29T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/ai-governance-and-preserving-privacy www.secnews.physaphae.fr/article.php?IdArticle=8456899 False Studies,Prediction,Cloud,Technical None 2.0000000000000000 Securonix - Siem Securonix Threat Research Knowledge Sharing Series: Lot (DOS) Obfuscation ou Dosfusccation: pourquoi il est en augmentation, et comment les attaquants se cachent dans l'obscurité Securonix Threat Research Knowledge Sharing Series: Batch (DOS) Obfuscation or DOSfuscation: Why It\\'s on the Rise, and How Attackers are Hiding in Obscurity Securonix Threat Research has been monitoring a trend known as batch (DOS) fuscation or DOSfuscation where an increased number of malware samples use obfuscated code contained within batch or DOS-based scripts. This trend was likely brought about when Microsoft made the decision to disable macro execution in Office products by default. Since then, there has been a rise in shortcut-based (.lnk file) execution coming from archived email attachments. Naturally, CMD obfuscation is the natural path as any passed in command line into a shortcut file will likely be primarily executed using cmd.exe as the initial process]]> 2024-02-28T10:30:36+00:00 https://www.securonix.com/blog/securonix-threat-research-knowledge-sharing-series-batch-obfuscation/ www.secnews.physaphae.fr/article.php?IdArticle=8456508 False Malware,Threat,Prediction None 3.0000000000000000 Global Security Mag - Site de news francais Les agences de cybersécurité gouvernementales font appel à l\'expertise de Trend Micro pour neutraliser les opérations du groupe Lockbit Malwares]]> 2024-02-24T21:04:58+00:00 https://www.globalsecuritymag.fr/les-agences-de-cybersecurite-gouvernementales-font-appel-a-l-expertise-de-trend.html www.secnews.physaphae.fr/article.php?IdArticle=8454707 False Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mustang Panda cible l'Asie avec des variantes avancées Doplugs Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter," Trend Micro researchers Sunny Lu]]> 2024-02-21T18:33:00+00:00 https://thehackernews.com/2024/02/mustang-panda-targets-asia-with.html www.secnews.physaphae.fr/article.php?IdArticle=8453207 False Malware,Threat,Prediction None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Le SoC moderne de Next Gen propulsé par l'IA The modern next gen SOC powered by AI Security Operations Center (SOC) is SOC analysts are overwhelmed by the sheer number of alerts that come from Security Information Event Management (SIEM). Security teams are bombarded with low fidelity alerts and spend considerable time separating them from high fidelity alerts. The alerts come from almost any sources across the enterprise and is further compounded with too many point solutions and with multi-vendor environment. The numerous tools and lack of integration across multiple vendor product solutions often require a great deal of manual investigation and analysis. The pressure that comes with having to keep up with vendor training and correlate data and logs into meaningful insights becomes burdensome. While multi-vendor, multi-source, and multi-layered security solutions provides a lot of data, without ML and security analytics, it also creates a lot of noise and a disparate view of the threat landscape with insufficient context. SOAR Traditional Security Orchestration and Automation Response (SOAR) platforms used by mature security operations teams to develop run playbooks that automate action responses from a library of APIs for an ecosystem of security solution is complex and expensive to implement, manage, and maintain. Often SOCs are playing catch up on coding and funding development cost for run playbooks making it challenging to maintain and scale the operations to respond to new attacks quickly and efficiently. XDR Extended Detection and Response (XDR) solves a lot of these challenges with siloed security solutions by providing a unified view with more visibility and better context from a single holistic data lake across the entire ecosystem. XDR provides prevention as well as detection and response with integration and automation capabilities across endpoint, cloud, and network. Its automation capabilities can incorporate basic common SOAR like functions to API connected security tools. It collects enriched data from multiple sources and applies big data and ML based analysis to enable response of policy enforcement using security controls throughout the infrastructure. AI in the modern next gen SOC The use of AI and ML are increasingly essential to cyber operations to proactively identify anomalies and defend against cyber threats in a hyperconnected digital world. Canalys research estimates suggest that more than 7]]> 2024-02-21T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-modern-next-gen-soc-powered-byai www.secnews.physaphae.fr/article.php?IdArticle=8453135 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction,Cloud None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Trend Micro et Interpol se joignent à nouveau à l'opération Synergie Trend Micro and INTERPOL Join Forces Again for Operation Synergia Trend and other private entities recently contributed to INTERPOL\'s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity.]]> 2024-02-21T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/trend-micro-and-interpol-join-forces-again-for-operation-synergi.html www.secnews.physaphae.fr/article.php?IdArticle=8453068 False Ransomware,Malware,Prediction None 2.0000000000000000 ProofPoint - Cyber Firms Guardians of the Digital Realm: Comment vous protéger de l'ingénierie sociale Guardians of the Digital Realm: How to Protect Yourself from Social Engineering 2024-02-20T08:45:00+00:00 https://www.proofpoint.com/us/corporate-blog/post/five-ways-prevent-social-engineering-attacks www.secnews.physaphae.fr/article.php?IdArticle=8452767 False Tool,Threat,Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Bumblebee bourdonne en noir |Point de preuve nous Bumblebee Buzzes Back in Black | Proofpoint US #### Description Proofpoint researchers discovered the return of the Bumblebee malware on February 8, 2024, marking its reappearance after four months of absence from their threat data. Bumblebee, a sophisticated downloader utilized by various cybercriminal groups, resurfaced in a campaign targeting US organizations through emails with OneDrive URLs containing Word files posing as voicemail messages from "info@quarlesaa[.]com". These Word documents, impersonating the electronics company Humane, utilized macros to execute scripts and download malicious payloads from remote servers. The attack chain, notably employing VBA macro-enabled documents, contrasts with recent trends in cyber threats, where such macros were less commonly used. Despite the absence of attribution to a specific threat actor, Proofpoint warns of Bumblebee\'s potential as an initial access point for subsequent ransomware attacks. The resurgence of Bumblebee aligns with a broader trend of increased cybercriminal activity observed in 2024, marked by the return of several threat actors and malware strains after prolonged periods of dormancy, indicating a surge in cyber threats following a temporary decline. #### Reference URL(s) 1. https://www.proofpoint.com/us/blog/threat-insight/bumblebee-buzzes-back-black #### Publication Date February 12, 2024 #### Author(s) Axel F Selena Larson Proofpoint Threat Research Team ]]> 2024-02-15T18:48:58+00:00 https://community.riskiq.com/article/ab2bde0b www.secnews.physaphae.fr/article.php?IdArticle=8450534 False Ransomware,Malware,Threat,Prediction None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Apprenez à connaître le point de chèque Harmony Sase Get to Know Check Point Harmony SASE La nouvelle offre de la nouvelle offre Secure Access Service Edge (SASE) est désormais appelée harmonie.Le monde a changé au cours des dernières années, et l'ancienne façon d'obtenir un réseau standard sur site, avec ses notions à l'intérieur et à l'extérieur du périmètre, ne suffit plus.Il existe de nombreuses raisons pour ce changement, notamment la montée en puissance des réseaux de cloud public pour l'hébergement d'applications et de données, et l'agilité améliorée du flux de travail à partir de logiciels en tant que plateformes de service comme Salesforce et Office 365.Connexions haute performance, et il est clair [& # 8230;]

>Check Point\'s new Secure Access Service Edge (SASE) offering is now called Harmony SASE. The world has changed in the last few years, and the old way of securing a standard on-premises network, with its notions of inside and outside the perimeter, is no longer enough. There are many reasons for this change including the rise of public cloud networks for hosting applications and data, and the enhanced workflow agility from software as a service platforms like Salesforce and Office 365. Add to that the increasing trend of remote work and the need for high performance connections, and it\'s clear […] ]]> 2024-02-13T13:00:21+00:00 https://blog.checkpoint.com/harmony-sase/get-to-know-check-point-harmony-sase/ www.secnews.physaphae.fr/article.php?IdArticle=8449565 False Prediction,Cloud None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Vulnérabilité à écran intelligent: CVE-2024-21412 Faits et correctifs SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability.]]> 2024-02-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/cve-2024-21412-facts-and-fixes.html www.secnews.physaphae.fr/article.php?IdArticle=8449692 False Vulnerability,Threat,Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus Tendances mondiales de la cybersécurité: IA, risques géopolitiques et zéro confiance Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust Trend Micro\'s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.]]> 2024-02-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/global-security-trends-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8449790 False Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus CVE-2024-21412: Water Hydra cible les commerçants avec Microsoft Defender SmartScreen Zero-Day CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative.]]> 2024-02-13T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/b/cve202421412-water-hydra-targets-traders-with-windows-defender-s.html www.secnews.physaphae.fr/article.php?IdArticle=8449693 False Vulnerability,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms 4 étapes pour empêcher le compromis des e-mails des fournisseurs dans votre chaîne d'approvisionnement 4 Steps to Prevent Vendor Email Compromise in Your Supply Chain 2024-02-12T08:02:39+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/vendor-email-compromise www.secnews.physaphae.fr/article.php?IdArticle=8449329 False Ransomware,Data Breach,Malware,Tool,Threat,Studies,Prediction,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms Offensif et défensif: renforcer la sensibilisation à la sécurité avec deux approches d'apprentissage puissantes Offensive and Defensive: Build Security Awareness with Two Powerful Learning Approaches 2024-02-09T06:00:24+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/defensive-and-offensive-security www.secnews.physaphae.fr/article.php?IdArticle=8448383 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction None 3.0000000000000000 ProofPoint - Cyber Firms Développement d'une nouvelle norme Internet: le cadre de la politique relationnelle du domaine Developing a New Internet Standard: the Domain Relationship Policy Framework 2024-02-02T05:00:36+00:00 https://www.proofpoint.com/us/blog/engineering-insights/domain-relationship-policy-framework www.secnews.physaphae.fr/article.php?IdArticle=8446027 False Tool,Prediction,Cloud,Technical None 3.0000000000000000 Global Security Mag - Site de news francais 300 millions de données de compte utilisateur ont été divulguées à l'échelle mondiale en 2023 - Tendances de violation de données 300 million user account data leaked globally in 2023 - data breach trends rapports spéciaux / / affiche

10 accounts were leaked every second of 2023, Surfshark\'s global study shows: © Boguslaw Mazur “As we look back on 2023, there\'s a positive trend in data breaches – a 20% decrease in affected accounts compared to 2022. Despite this improvement, 300 million users worldwide still experienced breaches,” says Agneska Sablovskaja, Lead Researcher at Surfshark. “Even a single account data leak can lead to unauthorized access, risking the misuse of personal information, potential identity or (...) - Special Reports / affiche]]> 2024-02-01T09:50:52+00:00 https://www.globalsecuritymag.fr/300-million-user-account-data-leaked-globally-in-2023-data-breach-trends.html www.secnews.physaphae.fr/article.php?IdArticle=8445495 False Data Breach,Studies,Prediction None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine L'assaut Net-Ntlmv2 furtif de Pawn Storm \\ a révélé Pawn Storm\\'s Stealthy Net-NTLMv2 Assault Revealed Trend Micro reported recent attacks focused on government sectors, including foreign affairs, energy, defense and transportation]]> 2024-01-31T16:30:00+00:00 https://www.infosecurity-magazine.com/news/pawn-storms-stealthy-net-ntlmv2/ www.secnews.physaphae.fr/article.php?IdArticle=8445246 False Prediction APT 28 3.0000000000000000 Kaspersky - Kaspersky Research blog ICS et prédictions de menace OT pour 2024 ICS and OT threat predictions for 2024 Kaspersky experts make their predictions about ICS and OT threats: specifically, ransomware and hacktivist attacks, threats to logistics and transportation, etc.]]> 2024-01-31T10:00:45+00:00 https://securelist.com/ksb-ics-predictions-2024/111835/ www.secnews.physaphae.fr/article.php?IdArticle=8445115 False Ransomware,Threat,Industrial,Prediction None 4.0000000000000000 Soc Radar - Blog spécialisé SOC Prédictions de cybersécurité: Quelles tendances seront répandues en 2024? Cybersecurity Predictions: What Trends Will Be Prevalent in 2024? L'environnement numérique en évolution et l'expansion de la surface d'attaque exigent l'adaptation vigilante pour rester une étape ...

>The evolving digital environment and expanding attack surface demand vigilant adaptation to stay one step... ]]> 2024-01-30T07:00:00+00:00 https://socradar.io/cybersecurity-predictions-what-trends-will-be-prevalent-in-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8444672 False Prediction None 3.0000000000000000 ProofPoint - Cyber Firms Mémoire de sécurité: \\ 'c'est la saison de Tax Hax Security Brief: \\'Tis the Season for Tax Hax Réponse cible> Réponse de l'acteur avec web.app URL> Redirection> zip> lnk> syncappvpublishingServer.vbs lolbas> PowerShell> mshta exécute HTA à partir de l'URL> PowerShell cryptée> Obfuscated PowerShell> Télécharger et exécuter l'exe exe Les campagnes de 2024 de TA576 \\ sont notables car il s'agit du premier point de preuve a observé que l'acteur livrant Parallax Rat.De plus, la chaîne d'attaque de l'acteur \\ à l'aide de techniques LOLBAS et de plusieurs scripts PowerShell est nettement différente des campagnes précédemment observées qui ont utilisé des URL pour zipper les charges utiles JavaScript ou des documents Microsoft Word en macro. Attribution TA576 est un acteur de menace cybercriminale.ProofPoint a suivi TA576 depuis 2018 via des techniques de création de courriels de spam, une utilisation des logiciels malveillants, des techniques de livraison de logiciels malveillants et d'autres caractéristiques.Cet acteur utilise des leurres d'impôt contenant des caractéristiques et des thèmes similaires pendant la saison fiscale américaine pour livrer et installer des rats.Les objectifs de suivi de Ta576 \\ sont inconnus.Bien que les secteurs les plus fréquemment observés ciblés incluent les entités comptables et financières, Proof Point a également observé le ciblage des industries connexes telles que le légal. Pourquoi est-ce important Les campagnes annuelles sur le thème de l'impôt de TA576 \\ servent de rappel récurrent que les acteurs des menaces de cybercri]]> 2024-01-30T05:00:16+00:00 https://www.proofpoint.com/us/blog/threat-insight/security-brief-tis-season-tax-hax www.secnews.physaphae.fr/article.php?IdArticle=8444774 False Spam,Malware,Threat,Prediction None 2.0000000000000000 The Register - Site journalistique Anglais Les hacks de Tesla font une grande banque lors de l'événement axé sur l'automobile de Pwn2own \\ Tesla hacks make big bank at Pwn2Own\\'s first automotive-focused event ALSO: SEC admits to X account negligence; New macOS malware family appears; and some critical vulns Infosec in brief Trend Micro\'s Zero Day Initiative (ZDI) held its first-ever automotive-focused Pwn2Own event in Tokyo last week, and awarded over $1.3 million to the discoverers of 49 vehicle-related zero day vulnerabilities.…]]> 2024-01-29T01:29:08+00:00 https://go.theregister.com/feed/www.theregister.com/2024/01/29/infosec_news_roundup_in_brief/ www.secnews.physaphae.fr/article.php?IdArticle=8444247 False Malware,Vulnerability,Threat,Prediction None 3.0000000000000000 HackRead - Chercher Cyber Le vol de crypto PYPI malware frappe à la fois les utilisateurs de Windows et Linux Crypto Stealing PyPI Malware Hits Both Windows and Linux Users Par deeba ahmed Fortiguard Labs & # 8217;Le dernier rapport de recherche révèle une tendance préoccupante: les acteurs de la menace tirent parti de l'indice de package Python (PYPI), & # 8230; Ceci est un article de HackRead.com Lire la publication originale: Le vol de crypto PYPI malware frappe à la fois les utilisateurs de Windows et Linux

>By Deeba Ahmed FortiGuard Labs’ latest research report reveals a concerning trend: threat actors are leveraging the Python Package Index (PyPI),… This is a post from HackRead.com Read the original post: Crypto Stealing PyPI Malware Hits Both Windows and Linux Users]]> 2024-01-28T17:22:55+00:00 https://www.hackread.com/crypto-stealing-pypi-malware-windows-linux-users/ www.secnews.physaphae.fr/article.php?IdArticle=8444148 False Malware,Threat,Prediction None 3.0000000000000000 HackRead - Chercher Cyber Les pirates fissurent Tesla deux fois, récupèrent 1,3 million de dollars chez PWN2OWN AUTOMOTIVE Hackers Crack Tesla Twice, Rake in $1.3 Million at Pwn2Own Automotive Par deeba ahmed Les vendeurs ont 90 jours pour publier des correctifs de sécurité avant que la tendance micro le révèle publiquement. Ceci est un article de HackRead.com Lire le post original: Les pirates cassent Tesla deux fois, récupèrent 1,3 million de dollars chez PWN2OWN AUTOMOTIVE

>By Deeba Ahmed Vendors have 90 days to release security patches before Trend Micro publicly discloses it. This is a post from HackRead.com Read the original post: Hackers Crack Tesla Twice, Rake in $1.3 Million at Pwn2Own Automotive]]> 2024-01-26T21:51:03+00:00 https://www.hackread.com/hackers-crack-tesla-twice-pwn2own-automotive/ www.secnews.physaphae.fr/article.php?IdArticle=8443551 False Prediction None 2.0000000000000000 Palo Alto Network - Site Constructeur Cybersécurité des soins de santé - Trois tendances à surveiller en 2024 Healthcare Cybersecurity - Three Trends to Watch in 2024 Le Guide de la transformation de la cybersécurité du CISO \\ des soins de santé met en évidence les dernières tendances des soins de santé et où les efforts défensifs devraient être concentrés.

>The Healthcare CISO\'s Guide to Cybersecurity Transformation highlights the latest trends in healthcare and where defensive efforts should be focused. ]]> 2024-01-26T14:00:49+00:00 https://www.paloaltonetworks.com/blog/2024/01/healthcare-cybersecurity-trends/ www.secnews.physaphae.fr/article.php?IdArticle=8443405 False Prediction None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Kasseika Ransomware déploie BYOVD ATTAQUES ABUS Psexec et exploite le pilote Martini Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver #### Description The ransomware operation named \'Kasseika\' has adopted Bring Your Own Vulnerable Driver (BYOVD) tactics to disable antivirus software before encrypting files. Kasseika exploits the Martini driver, part of TG Soft\'s VirtIT Agent System, to disable antivirus products protecting the targeted system. Trend Micro discovered Kasseika in December 2023, noting its similarities with BlackMatter, suggesting it may have been built by former members or actors who purchased BlackMatter\'s code. The attack begins with a phishing email, stealing credentials for initial access, followed by the abuse of Windows PsExec tool for lateral movement. Kasseika utilizes BYOVD attacks to gain privileges, terminate antivirus processes, and execute its ransomware binary, demanding a Bitcoin ransom and providing victims with a decryption option within 120 hours. #### Reference URL(s) 1. https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl.html #### Publication Date January 25, 2024 #### Author(s) TrendMicro Researchers ]]> 2024-01-25T20:18:28+00:00 https://community.riskiq.com/article/86b5ec3e www.secnews.physaphae.fr/article.php?IdArticle=8443135 False Ransomware,Tool,Prediction None 3.0000000000000000 knowbe4 - cybersecurity services Le nombre de victimes d'attaque ransomware augmente en 2023 à plus de 4000 The Number of Ransomware Attack Victims Surge in 2023 to over 4000

Le nombre de victimes d'attaque ransomware monte en 2023 à plus de 4000

La poussée de ransomware -As-A-Service Affiliates est probablement la raison de l'augmentation spectaculaire du nombre d'organisations victimes, avec tous les indicateurs suggérant que cette tendance persistera en 2024.

The Number of Ransomware Attack Victims Surge in 2023 to over 4000

The surge in Ransomware-as-a-Service affiliates is likely the reason behind the dramatic increase in the number of victimized organizations, with all indicators suggesting that this trend will persist into 2024. ]]> 2024-01-25T17:43:48+00:00 https://blog.knowbe4.com/ransomware-attack-victims-surge-in-2023-to-over-4000 www.secnews.physaphae.fr/article.php?IdArticle=8443061 False Ransomware,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber Threat Landscape: 7 conclusions clés et tendances à venir pour 2024 Cyber Threat Landscape: 7 Key Findings and Upcoming Trends for 2024 The 2023/2024 Axur Threat Landscape Report provides a comprehensive analysis of the latest cyber threats. The information combines data from the platform\'s surveillance of the Surface, Deep, and Dark Web with insights derived from the in-depth research and investigations conducted by the Threat Intelligence team. Discover the full scope of digital threats in the Axur Report 2023/2024. Overview]]> 2024-01-25T16:47:00+00:00 https://thehackernews.com/2024/01/cyber-threat-landscape-7-key-findings.html www.secnews.physaphae.fr/article.php?IdArticle=8442943 False Threat,Prediction None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Le côté obscur de la cybersécurité 2023: évolution des logiciels malveillants et cyber-menaces The dark side of 2023 Cybersecurity: Malware evolution and Cyber threats AT&T Cybersecurity Alien Labs reviewed the big events of 2023 and how malware morphed this year to try new ways to breach and wreak havoc. This year\'s events kept cybersecurity experts on their toes, from expanding malware variants to introducing new threat actors and attack techniques. Here are some of the most compelling developments, highlighting malware\'s evolving capabilities and the challenges defenders face. Highlights of the year: Emerging trends and notable incidents As the year unfolded, several trends and incidents left an indelible mark on the cybersecurity landscape: Exploiting OneNote for malicious payloads Cybercriminals leveraged Microsoft OneNote to deliver many malicious payloads to victims, including Redline, AgentTesla, Quasar RAT, and others. This previously underutilized Office program became a favored tool due to its low suspicion and widespread usage. SEO poisoning and Google Ads Malicious actors resorted to SEO poisoning tactics, deploying phishing links through Google Ads to deceive unsuspecting victims. These links led to cloned, benign web pages, avoiding Google\'s detection and remaining active for extended periods. Prominent malware families, including Raccoon Stealer and IcedID, capitalized on this strategy. Exploiting geopolitical events Cybercriminals exploited the geopolitical climate, particularly the Middle East conflict, as a lure for their attacks. This trend mirrored the previous year\'s Ukraine-related phishing campaigns and crypto scams. APTs: State-sponsored espionage continues to present challenges Advanced Persistent Threats (APTs) continued to pose a significant threat in 2023: Snake: CISA reported on the Snake APT, an advanced cyber-espionage tool associated with the Russian Federal Security Service (FSB). This malware had been in use for nearly two decades. Volt Typhoon: A campaign targeting critical infrastructure organizations in the United States was attributed to Volt Typhoon, a state-sponsored actor based in China. Their focus lay on espionage and information gathering. Storm-0558: This highly sophisticated intrusion campaign, orchestrated by the Storm-0558 APT from China, infiltrated the email accounts of approximately 25 organizations, including government agencies. Ransomware\'s relentless rise Ransomware remained a prevalent and lucrative threat throughout the year: Cuba and Snatch: Ransomware groups like Cuba and Snatch targeted critical infrastructure in the United States, causing concern for national security. ALPHV/BlackCat: Beyond SEO poisoning, this group compromised the computer systems of Caesar and MGM casinos. They also resorted to filing complaints with the US Securities and Exchange Commission (SEC) against their victims, applying additional pressure to pay ransoms. Exploiting new vulnerabilities: Cybercriminals wasted no time exploiting newly discovered vulnerabilities, such as CVE-2023-22518 in Atlassian\'s Confluence, CVE-2023-4966 (Citrix bleed), and others. These vulnerabilities became gateways for ransomware attacks. Evolving ransom]]> 2024-01-25T11:00:00+00:00 https://cybersecurity.att.com/blogs/labs-research/the-dark-side-of-2023-cybersecurity-malware-evolution-and-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8442915 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Prediction Guam 3.0000000000000000 Kaspersky - Kaspersky Research blog Prédictions de confidentialité pour 2024 Privacy predictions for 2024 Kaspersky experts review their privacy predictions for 2023 and last year\'s trends, and try to predict what privacy concerns and solutions are to come in 2024.]]> 2024-01-25T10:00:38+00:00 https://securelist.com/ksb-privacy-predictions-2024/111815/ www.secnews.physaphae.fr/article.php?IdArticle=8442906 False Prediction None 3.0000000000000000 Dark Reading - Informationweek Branch Ransomware Kasseika lié à Blackmatter dans BYOVD Attack Kasseika Ransomware Linked to BlackMatter in BYOVD Attack An emerging actor is the latest to deploy a tactic that terminates AV processes and services before deploying its payload; the campaign is part of a bigger "bring your own vulnerable driver" trend.]]> 2024-01-24T17:57:00+00:00 https://www.darkreading.com/endpoint-security/kasseika-ransomware-linked-blackmatter-byovd-attack www.secnews.physaphae.fr/article.php?IdArticle=8442629 False Ransomware,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware Kasseika Utilisation de l'astuce BYOVD pour désarmer la sécurité pré-incrypative Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on compromised Windows hosts, joining the likes of other groups like Akira, AvosLocker, BlackByte, and RobbinHood. The tactic allows "threat actors to terminate antivirus processes and services for the deployment of ransomware," Trend]]> 2024-01-24T16:50:00+00:00 https://thehackernews.com/2024/01/kasseika-ransomware-using-byovd-trick.html www.secnews.physaphae.fr/article.php?IdArticle=8442515 False Ransomware,Prediction None 3.0000000000000000 Global Security Mag - Site de news francais \'Canalys Global Cybersecurity Leadership Matrix 2023\' Trend Micro est reconnu comme le champion de la cybersécurité Business]]> 2024-01-24T13:04:22+00:00 https://www.globalsecuritymag.fr/canalys-global-cybersecurity-leadership-matrix-2023-trend-micro-est-reconnu.html www.secnews.physaphae.fr/article.php?IdArticle=8442539 False Prediction None 2.0000000000000000 ProofPoint - Cyber Firms Le paysage des menaces est toujours en train de changer: à quoi s'attendre en 2024 The Threat Landscape Is Always Changing: What to Expect in 2024 2024-01-23T12:51:12+00:00 https://www.proofpoint.com/us/blog/threat-insight/threat-landscape-always-changing-what-expect-2024 www.secnews.physaphae.fr/article.php?IdArticle=8442151 False Ransomware,Malware,Tool,Vulnerability,Threat,Prediction None 3.0000000000000000 Global Security Mag - Site de news francais Cybersécurité : 5 risques à suivre en 2024, selon Hiscox Points de Vue]]> 2024-01-23T10:21:41+00:00 https://www.globalsecuritymag.fr/cybersecurite-5-risques-a-suivre-en-2024-selon-hiscox.html www.secnews.physaphae.fr/article.php?IdArticle=8442059 False Threat,Prediction ChatGPT 4.0000000000000000 Recorded Future - FLux Recorded Future CISA \\'s est la cible de l'incident de swatting \\ 'déchirant \\' CISA\\'s Easterly the target of \\'harrowing\\' swatting incident

La directrice de la Cybersecurity and Infrastructure Security Agency, Jen Easterly \\, a été échappée à la fin du mois dernier, un autre incident dans ce qui est devenu une tendance nationale ciblant les responsables de l'État et du gouvernement fédéral.La police du comté d'Arlington, en Virginie, a déclaré qu'elle enquêtait sur un appel au 911 légèrement passé avant 21 heures.Le 30 décembre, qui a faussement affirmé qu'une fusillade avait

Cybersecurity and Infrastructure Security Agency Director Jen Easterly\'s home was swatted late last month, another incident in what has become a nationwide trend targeting state and federal government officials. Police in Arlington County, Virginia, say they are investigating a 911 call placed slightly before 9 p.m. on December 30 that falsely claimed a shooting had]]> 2024-01-22T22:07:00+00:00 https://therecord.media/cisa-jen-easterly-swatting-incident www.secnews.physaphae.fr/article.php?IdArticle=8441861 False Prediction None 2.0000000000000000 TrendLabs Security - Editeur Antivirus 18X Un leader de Gartner Magic Quadrant pour Epp 18X a Leader in Gartner Magic Quadrant for EPP Explore why Trend Micro is recognized-for the 18th time-as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms.]]> 2024-01-22T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/endpoint-gartner-magic-quadrant-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8441855 False Prediction,Commercial None 3.0000000000000000 Global Security Mag - Site de news francais API dans Peril: Le dernier rapport de Wallarm \\ expose la hausse des attaques d'API et met en évidence les prédictions de sécurité pour 2024 APIs in peril: Wallarm\\'s latest report exposes uptick in API attacks and highlights security predictions for 2024 opinion

APIs in peril: Wallarm\'s latest report exposes uptick in API attacks and highlights security predictions for 2024 Annual report analyzed 1.2 billion attacks, more than 22,000 vulnerabilities and over 146 bug bounty reports to predict 2024 API security trends January 18, 2024 09:00 AM Eastern Standard Time - Opinion]]> 2024-01-20T18:46:50+00:00 https://www.globalsecuritymag.fr/apis-in-peril-wallarm-s-latest-report-exposes-uptick-in-api-attacks-and.html www.secnews.physaphae.fr/article.php?IdArticle=8441052 False Vulnerability,Prediction None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Quatre tendances de cybersécurité que vous devriez connaître pour 2024 Four cybersecurity trends you should know for 2024 Unusual, thought-provoking predictions for cybersecurity in 2024 Part two: Cybersecurity operations in 2024: The SOC of the future While there are many big things to prepare for in 2024 (see first two posts), some important smaller things don’t get the same attention. Yet, these things are good to know and probably won’t come as a huge surprise. Because they, too, are evolving, it’s important not to take your eye off the ball. Compliance creates a new code of conduct and a new need for compliance logic. Compliance and governance are often overlooked when developing software because a different part of the business typically owns those responsibilities. That is all about to change. Cybersecurity policies (internal and external, including new regulations) need to move upstream in the software development lifecycle and need compliance logic built in to simplify the process. Software is designed to work globally; however, the world is becoming more segmented and parsed. Regulations are being created at country, regional, and municipal levels. To be realistic, the only way to handle compliance is via automation. To avoid the constant forking of software, compliance logic will need to be a part of modern applications. Compliance logic will allow software to function globally but adjust based on code sets that address geographic locations and corresponding regulations. In 2024, expect compliance logic to become a part of the larger conversation regarding compliance, governance, regulation, and policy. This will require cross-functional collaboration across IT, security, legal, line of business, finance, and other organizational stakeholders. MFA gets physical. Multi-factor authentication (MFA) is a way of life. The benefits far outweigh the slight inconvenience imposed. Think about why MFA is so critical. MFA helps with authorization and authentication for mission-critical and safety-critical work. It prevents unauthorized access to critical information. MFA is an easy-to-implement step for good cyber hygiene. Our current way of thinking about MFA is generally based on three things: something you know, a passcode; something you have, a device; and something you are, a fingerprint, your face, etc. Now, let’s take this a step further and look at how the something you are part of MFA can improve safety. Today, MFA routinely accepts fingerprints, facial recognition, or retina scans. That’s just the beginning. MFA can go a step further in helping with business outcomes; here’s how. Biometric and behavioral MFA can help with identifying the veracity of an individual as well as the fitness to perform a function. For example, a surgeon can access the hospital, restricted areas, and the operating room through MFA verifications. But, once in the operating room, how is it determined that the surgeon is fit to perform the surgical task? Behavioral MFA will soon be in play to ensure the surgeon is fit by adding another layer of something you are. Behavioral MFA will determine fitness for a task by identifying things such as entering a series of numbers on a keypad, handwriting on a tablet, or voice analysis. The goal is to compare current behavior with past behavior to ensur]]> 2024-01-18T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/four-cybersecurity-trends-you-should-know-for-2024 www.secnews.physaphae.fr/article.php?IdArticle=8440225 False Tool,Threat,Prediction None 3.0000000000000000 TrendLabs Security - Editeur Antivirus Réduire les compromis sur les e-mails commerciaux avec la collaboration Reduce Business Email Compromise with Collaboration Here\'s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space.]]> 2024-01-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/a/bec-security-enhancements.html www.secnews.physaphae.fr/article.php?IdArticle=8440397 False Prediction None 2.0000000000000000