Actu - 28 septembre 2025 - Parce que... c'est l'épisode 0x635!
Parce que… c’est l’épisode 0x635!
Shameless plug
12 au 17 octobre 2025 - Objective by the sea v8
14 et 15 octobre 2025 - ATT&CKcon 6.0
14 et 15 octobre 2025 - Forum inCyber Canada
Code rabais de 30% - CA25KDUX92
4 et 5 novembre 2025 - FAIRCON 2025
8 et 9 novembre 2025 - DEATHcon
17 au 20 novembre 2025 - European Cyber Week
25 et 26 février 2026 - SéQCure 2026
Notes
Jaguar
UK government will underwrite £1.5bn loan guarantee to Jaguar Land Rover after cyber-attack
Politicos: ‘There is a good strong case for government intervention’ on JLR cyberattack
Jaguar Lan Rover failed to secure cyber insurance deal ahead of incidents, sources say
Tata-Owned Jaguar Land Rover Delays Factory Reopening Following Major Cyber Attack
Supply chain
Volvo North America disclosed a data breach following a ransomware attack on it provider Miljödata
Tech troubles create aviation chaos on both sides of the Atlantic
European Airport Disruptions Caused by Sophisticated Ransomware Attack
UK agency makes arrest in airport cyberattack investigation
SIM ou trop vite sur la nouvelle
The SIM Farm Hardware Seized by the Secret Service Is Also Popular With Ticket Scalpers
That Secret Service SIM farm story is bogus
U.S. Secret Service Dismantles 300 SIM Servers and 100,000 SIM Cards Disabling Cell Phone Towers
Trump signs executive order supporting proposed deal to put TikTok under US ownership
Privacy
Europe’s cookie law messed up the internet. Brussels wants to fix it.
Bientôt la fin des bandeaux RGPD ?
Comment les scammeurs exploitent vos données… via une simple recherche ChatGPT
Microsoft hides key data flow information in plain sight
Salesforce facing multiple lawsuits after Salesloft breach
Numerous Applications Using Google’s Firebase Platform Leaking Highly Sensitive Data
Bouygues Telecom
Edge
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
SonicWall releases rootkit-busting firmware update following wave of attacks
Offensif
New Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evade Detection
LastPass: Fake password managers infect Mac users with malware
Why attackers are moving beyond email-based phishing attacks
Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader
Hackers Exploit WerFaultSecure.exe Tool to Steal Cached Passwords From LSASS on Windows 11 24H2
Kali Linux 2025.3 Released With New Features and 10 New Hacking Tools
New LNK Malware Uses Windows Binaries to Bypass Security Tools and Execute Malware
Russia steps up disinformation efforts to sway Moldova’s parliamentary vote
Malicious SVGs in Phishing Campaigns: How to Detect Hidden Redirects and Payloads
First-Ever Malicious MCP Server Found in the Wild Steals Emails via AI Agents
Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses
Défensif
Zero Trust: Strengths and Limitations in the AI Attack Era
Microsoft, SentinelOne, and Palo Alto Networks Withdraw from 2026 MITRE ATT&CK Evaluations
GitHub moves to tighten npm security amid phishing, malware plague
Canada dismantles TradeOgre exchange, seizes $40 million in crypto
Microsoft Edge to block malicious sideloaded extensions
Microsoft offers no-cost Windows 10 lifeline
How secure are passkeys, really? Here’s what you need to know
Divers et inclassable
Cyber threat-sharing law set to shut down, along with US government
Firewall upgrade linked to three deaths after Australian telco cut off emergency calls
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Intrasecure inc
Shameless plug
12 au 17 octobre 2025 - Objective by the sea v8
14 et 15 octobre 2025 - ATT&CKcon 6.0
14 et 15 octobre 2025 - Forum inCyber Canada
Code rabais de 30% - CA25KDUX92
4 et 5 novembre 2025 - FAIRCON 2025
8 et 9 novembre 2025 - DEATHcon
17 au 20 novembre 2025 - European Cyber Week
25 et 26 février 2026 - SéQCure 2026
Notes
Jaguar
UK government will underwrite £1.5bn loan guarantee to Jaguar Land Rover after cyber-attack
Politicos: ‘There is a good strong case for government intervention’ on JLR cyberattack
Jaguar Lan Rover failed to secure cyber insurance deal ahead of incidents, sources say
Tata-Owned Jaguar Land Rover Delays Factory Reopening Following Major Cyber Attack
Supply chain
Volvo North America disclosed a data breach following a ransomware attack on it provider Miljödata
Tech troubles create aviation chaos on both sides of the Atlantic
European Airport Disruptions Caused by Sophisticated Ransomware Attack
UK agency makes arrest in airport cyberattack investigation
SIM ou trop vite sur la nouvelle
The SIM Farm Hardware Seized by the Secret Service Is Also Popular With Ticket Scalpers
That Secret Service SIM farm story is bogus
U.S. Secret Service Dismantles 300 SIM Servers and 100,000 SIM Cards Disabling Cell Phone Towers
Trump signs executive order supporting proposed deal to put TikTok under US ownership
Privacy
Europe’s cookie law messed up the internet. Brussels wants to fix it.
Bientôt la fin des bandeaux RGPD ?
Comment les scammeurs exploitent vos données… via une simple recherche ChatGPT
Microsoft hides key data flow information in plain sight
Salesforce facing multiple lawsuits after Salesloft breach
Numerous Applications Using Google’s Firebase Platform Leaking Highly Sensitive Data
Bouygues Telecom
Edge
Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability
CISA says it observed nearly year-old activity tied to Cisco zero-day attacks
SonicWall releases rootkit-busting firmware update following wave of attacks
Offensif
New Inboxfuscation Tool That Bypasses Microsoft Exchange Inbox Rules and Evade Detection
LastPass: Fake password managers infect Mac users with malware
Why attackers are moving beyond email-based phishing attacks
Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader
Hackers Exploit WerFaultSecure.exe Tool to Steal Cached Passwords From LSASS on Windows 11 24H2
Kali Linux 2025.3 Released With New Features and 10 New Hacking Tools
New LNK Malware Uses Windows Binaries to Bypass Security Tools and Execute Malware
Russia steps up disinformation efforts to sway Moldova’s parliamentary vote
Malicious SVGs in Phishing Campaigns: How to Detect Hidden Redirects and Payloads
First-Ever Malicious MCP Server Found in the Wild Steals Emails via AI Agents
Hackers Leverage AI-Generated Code to Obfuscate Its Payload and Evade Traditional Defenses
Défensif
Zero Trust: Strengths and Limitations in the AI Attack Era
Microsoft, SentinelOne, and Palo Alto Networks Withdraw from 2026 MITRE ATT&CK Evaluations
GitHub moves to tighten npm security amid phishing, malware plague
Canada dismantles TradeOgre exchange, seizes $40 million in crypto
Microsoft Edge to block malicious sideloaded extensions
Microsoft offers no-cost Windows 10 lifeline
How secure are passkeys, really? Here’s what you need to know
Divers et inclassable
Cyber threat-sharing law set to shut down, along with US government
Firewall upgrade linked to three deaths after Australian telco cut off emergency calls
Collaborateurs
Nicolas-Loïc Fortin
Crédits
Montage par Intrasecure inc
Locaux réels par Intrasecure inc
