This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T16:22:48+00:00 www.secnews.physaphae.fr Intigrity - Blog Depuis sa création, le programme Boug Bounty de Yahoo \\ a reçu des milliers de rapports de vulnérabilité de plus de 6 000 pirates dans le monde.Et aujourd'hui, le programme de dix ans augmente avec une expansion en Europe grâce à un nouveau programme public géré par Intigriti, la plus grande plate-forme de prime de bogue du continent.Pour célébrer le lancement, Yahoo promulgue également un nouveau type [& # 8230;]

---

>Since its inception, Yahoo\'s Bug Bounty program has received thousands of vulnerability reports from over 6,000 hackers worldwide. And today, the ten-year-old program is growing with an expansion into Europe through a new public program managed by Intigriti, the continent’s largest bug bounty platform. To celebrate the launch, Yahoo is also enacting a new type […] ]]> 2023-09-28T08:06:20+00:00 https://blog.intigriti.com/2023/09/28/glacierctf-players-earn-up-to-15k-bonuses-for-yahoo-bug-bounty-submissions/ www.secnews.physaphae.fr/article.php?IdArticle=8388969 False Vulnerability Yahoo 2.0000000000000000 GoogleSec - Firm Security Blog Graph for Understanding Artifact Composition (GUAC). Introduced at Kubecon 2022 in October, GUAC targets a critical need in the software industry to understand the software supply chain. In collaboration with Kusari, Purdue University, Citi, and community members, we have incorporated feedback from our early testers to improve GUAC and make it more useful for security professionals. This improved version is now available as an API for you to start developing on top of, and integrating into, your systems.The need for GUACHigh-profile incidents such as Solarwinds, and the recent 3CX supply chain double-exposure, are evidence that supply chain attacks are getting more sophisticated. As highlighted by the ]]> 2023-05-24T12:49:28+00:00 http://security.googleblog.com/2023/05/announcing-launch-of-guac-v01.html www.secnews.physaphae.fr/article.php?IdArticle=8339090 False Tool,Vulnerability,Threat Yahoo 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2022-12-21T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/top-bug-bounty-platforms-for-organizations-to-improve-security www.secnews.physaphae.fr/article.php?IdArticle=8293343 False Vulnerability,Guideline Yahoo 3.0000000000000000 CSO - CSO Daily Dashboard the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. The vulnerability meant that a malicious user could easily trick a vulnerable web server into sending sensitive information, including usernames and passwords.The TLS/SSL standards are crucial for modern web encryption, and while the flaw was in the OpenSSL implementation rather than the standards themselves, OpenSSL is so widely used-when the bug was made public, it affected 17% of all SSL servers-that it precipitated a security crisis.To read this article in full, please click here]]> 2022-09-06T01:00:00+00:00 https://www.csoonline.com/article/3223203/the-heartbleed-bug-how-a-flaw-in-openssl-caused-a-security-crisis.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=6747289 False Vulnerability Yahoo None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Update: The Phish Goes On - 5 Million Stolen Credentials and Counting (published: June 16, 2022) PIXM researchers describe an ongoing, large-scale Facebook phishing campaign. Its primary targets are Facebook Messenger mobile users and an estimated five million users lost their login credentials. The campaign evades Facebook anti-phishing protection by redirecting to a new page at a legitimate service such as amaze.co, famous.co, funnel-preview.com, or glitch.me. In June 2022, the campaign also employed the tactic of displaying legitimate shopping cart content at the final page for about two seconds before displaying the phishing content. The campaign is attributed to Colombian actor BenderCrack (Hackerasueldo) who monetizes displaying affiliate ads. Analyst Comment: Users should check what domain is asking for login credentials before providing those. Organizations can consider monitoring their employees using Facebook as a Single Sign-On (SSO) Provider. MITRE ATT&CK: [MITRE ATT&CK] Phishing - T1566 | [MITRE ATT&CK] User Execution - T1204 Tags: Facebook, Phishing, Facebook Messenger, Social networks, Mobile, Android, iOS, Redirect, Colombia, source-country:CO, BenderCrack, Hackerasueldo F5 Labs Investigates MaliBot (published: June 15, 2022) F5 Labs researchers describe a novel Android trojan, dubbed MaliBot. Based on re-written SOVA malware code, MaliBot is maintaining its Background Service by setting itself as a launcher. Its code has some unused evasion portions for emulation environment detection and setting the malware as a hidden app. MaliBot spreads via smishing, takes control of the device and monetizes using overlays for certain Italian and Spanish banks, stealing cryptocurrency, and sometimes sending Premium SMS to paid services. Analyst Comment: Users should be wary of following links in unexpected SMS messages. Try to avoid downloading apps from third-party websites. Be cautious with enabling accessibility options. MITRE ATT&CK: [MITRE ATT&CK] System Network Configuration Discovery - T1016 | [MITRE ATT&CK] User Execution - T1204 Tags: MaliBot, Android, MFA bypass, SMS theft, Premium SMS, Smishing, Binance, Trust wallet, VNC, SOVA, Sality, Cryptocurrency, Financial, Italy, target-country:IT, Spain, target-country:ES Extortion Gang Ransoms Shoprite, Largest Supermarket Chain in Africa (published: June 15, 2022) On June 10, 2022, the African largest supermarket chain operating in twelve countries, Shoprite Holdings, announced a possible cybersecurity incident. The company notified customers in E]]> 2022-06-21T15:03:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-gallium-expands-targeting-across-telecommunications-government-and-finance-sectors-with-new-pingpull-tool-dragonforce-malaysia-opspatuk-opsindia-and-more www.secnews.physaphae.fr/article.php?IdArticle=5309464 False Ransomware,Malware,Tool,Vulnerability,Threat,Guideline,Conference APT 35,Yahoo None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Image Source This blog was written by an independent guest blogger. Cybersecurity may be different based on a person's viewpoint. One may want to simply protect and secure their social media accounts from hackers, and that would be the definition of what cybersecurity is to them. On the other hand, a small business owner may want to protect and secure credit card information gathered from their point-of-sale registers and that is what they define as cybersecurity. Despite differences in implementation, at its core, cybersecurity pertains to the mitigation of potential intrusion of unauthorized persons into your system(s). It should encompass all aspects of one’s digital experience--whether you are an individual user or a company. Your cyber protection needs to cover your online platforms, devices, servers, and even your cloud storage. Any unprotected area of your digital journey can serve as an exploit point for hackers and cyber criminals intent on finding vulnerabilities.  People assume that it is the responsibility of the IT Department to stop any intrusion. That may be true up to a certain point, cybersecurity responsibility rests with everyone, in reality. Cybersecurity should be everybody’s business. The cybersecurity landscape is changing. With 68% of businesses saying that their cybersecurity risks have increased, it is no wonder that businesses have been making increased  efforts to protect from, and mitigate attacks. During the height of the pandemic,  about 46% of the workforce shifted to working from home. We saw a surge in cybersecurity attacks - for example, RDP brute-force attacks increased by 400% around the same time. This is why cybersecurity must be and should be everybody’s business. According to the 2019 Cost of Cybercrime Study, cyberattacks often are successful due to employees willingly participating as an internal actors or or employees and affiliates carelessly clicking a link by accident. Sadly, it is still happening today. Unsuspecting employees can be caught vulnerable and cause a corporate-wide cyberattack by opening a phishing email or bringing risks into the company’s network in a BYOD (Bring Your Own Device) system. Just a decade ago, Yahoo experienced a series of major data breaches, via a backdoor to their network system established by a hacker (or a group of hackers). Further digital forensic investigation shows the breach started from a phishing email opened by an employee. Another example was Equifax when it experienced a data breach in 2017 and was liable for fines amounting to $425 million by the Federal Trade Commission (FTC). Companies continue to double up on their investments in cybersecurity and privacy protection today to ensure that incidents like these do not happen to their own networks. But a network is only as strong as its weakest link. Hackers continue to innovate, making their attacks more and mo]]> 2021-01-12T11:00:00+00:00 https://feeds.feedblitz.com/~/641451762/0/alienvault-blogs~Why-cybersecurity-awareness-is-a-team-sport www.secnews.physaphae.fr/article.php?IdArticle=2175341 False Ransomware,Data Breach,Malware,Vulnerability,Guideline Equifax,Equifax,Yahoo,Yahoo None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Last time I covered the talks I attended on day one. Interestingly enough, the talks all had to do with threat detection and analysis. Maybe that’s just what I’m fixated on these days. The talks I attended on the second day all covered matters businesses must be aware of these days and well into the future. On day two, I learned a lot about how to talk to non-technical executives about security, the unique challenges of cloud security, and the legal implications of cyber threats. Enjoy! How to Talk to the Board About Cybersecurity The first talk I attended on the second day was presented by Jeff Costlow, a CISO with nearly 25 years of industry experience. This is the description of the talk from SecTor’s web app: “With the sudden shift of the global workforce from in-office to remote, IT teams quickly transformed their operations to accommodate the new realities of business — including large-scale adoption of work-from-home technologies, heightened activity on customer-facing networks, and greater use of online services. While these examples of agility allowed business to continue, they also greatly increased the risk of misconfigurations and cyberthreats. Now, it’s looking like they could be here to stay for a while. On top of that, bad actors have wasted no time trying to exploit new vulnerabilities. In the past several weeks, we’ve seen ransomware attacks affect several major organizations. These attacks come on the tail of a surge of attacks across the board brought on during the pandemic, as hackers scanned and took advantage of new workloads, and vulnerable VPN connections and misconfigurations left the gates to the network open. When attacks like these make headlines, panicked board members have one question for CISOs: how can we be sure that won’t happen to us? Drawing from nearly 25 years of experience in the security industry, Jeff Costlow, CISO at ExtraHop, will share his top strategies for CISOs to lead board-level conversations about risk management amidst the stark new realities of IT.” When risk enters an organization through devices that the IT department cannot control, securing a network becomes very difficult. Any devices and applications that connect to the network that administrators can’t administrate are considered to be “shadow IT.” This is often a consequence of bring-your-own-device habits, but not always. Costlow discussed the implications of shadow IT: “All you have to do is Google or use the search engine of your choice. Search ‘shadow IT horror stories,’ and you will find a ton of these. There is the laptop that runs underneath someone's desk. It turns out it's a business critical piece of software that everyone's using, and it's just running on a laptop under a desk somewhere. There are also plenty of stories. These are some of my favorites the ones about somebody just wanted to get their job done. And so they started forwarding all their business email to their Google account or their Yahoo account or something like that. Or maybe a personal Dropbox use. One of my favorites is unapproved chat clients. Or an even worse, operating those chat rooms. This is sometimes called ChatOps. We're inside a chat r]]> 2020-11-09T12:00:00+00:00 https://feeds.feedblitz.com/~/638496232/0/alienvault-blogs~SecTor-Canada%e2%80%99s-Biggest-Cybersecurity-Event-Day-Two www.secnews.physaphae.fr/article.php?IdArticle=2024708 False Ransomware,Vulnerability,Threat,Guideline Yahoo None Security Affairs - Blog Secu 2019-02-25T10:02:01+00:00 https://securityaffairs.co/wordpress/81607/hacking/xss-flaw-yahoo-mail.html www.secnews.physaphae.fr/article.php?IdArticle=1040706 False Vulnerability Yahoo None SecurityWeek - Security News 2019-02-22T07:14:00+00:00 https://www.securityweek.com/researcher-earns-10000-another-xss-flaw-yahoo-mail www.secnews.physaphae.fr/article.php?IdArticle=1037808 False Vulnerability Yahoo None