Actu - 19 ocotbre 2025 - Parce que... c'est l'épisode 0x647!
Update: 2025-10-20
Description
Parce que… c’est l’épisode 0x647!
Shameless plug
- 12 au 17 octobre 2025 - Objective by the sea v8
- 14 et 15 octobre 2025 - ATT&CKcon 6.0
- 14 et 15 octobre 2025 - Forum inCyber Canada
 - Code rabais de 30% - CA25KDUX92
 
 
 
 
- 4 et 5 novembre 2025 - FAIRCON 2025
- 8 et 9 novembre 2025 - DEATHcon
- 17 au 20 novembre 2025 - European Cyber Week
- 25 et 26 février 2026 - SéQCure 2026
Notes
- IA
 - AI Agent Security: Whose Responsibility Is It?
- Hackers Can Bypass OpenAI Guardrails Framework Using a Simple Prompt Injection Technique
- AI makes phishing 4.5x more effective, Microsoft says
- How AI-powered ransomware could destroy your business
- Agentic AI’s OODA Loop Problem
- ‘Sovereign AI’ Has Become a New Front in the US-China Tech War
 
 
 
 
 
 
 
 
 
- Microsoft
 - Microsoft warns of a 32% surge in identity hacks, mainly driven by stolen passwords
- Extortion and ransomware drive over half of cyberattacks
- Windows 11 And Server 2025 Will Start Caching Plaintext Credentials By Enabling WDigest Authentication
- Microsoft: Exchange 2016 and 2019 have reached end of support
- Microsoft frightful Patch Tuesday: 175+ CVEs, 3 under attack
- Two New Windows Zero-Days Exploited in the Wild — One Affects Every Version Ever Shipped
- Windows BitLocker Vulnerabilities Let Attackers Bypass Security Feature
- Edge - IE
 - Microsoft restricts IE mode access in Edge after zero-day attacks
- Hackers Leveraging Microsoft Edge Internet Explorer Mode to Gain Access to Users’ Devices
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
- Défensif
 - Identity Security: Your First and Last Line of Defense
- Banks need stricter controls to prevent romance fraud, says City regulator
- CVE, CVSS scores need overhauling, argues Codific CEO
- How to spot dark web threats on your network using NDR
- Ukraine takes steps to launch dedicated cyber force for offensive strikes
- How Microsoft is creating a security-first culture that lasts
- Root Cause Analysis? You’re Doing It Wrong
- Modern iOS Security Features – A Deep Dive into SPTM, TXM, and Exclaves
- EDR-Freeze Tool Technical Workings Along With Forensic Artifacts Revealed
- Wireshark 4.6.0 Supports macOS pktap Metadata (PID, Process Name, etc.)
 
 
 
 
 
 
 
 
 
 
 
 
 
- Offensif
 - F5
 - Why the F5 Hack Created an ‘Imminent Threat’ for Thousands of Networks
- F5 says hackers stole undisclosed BIG-IP flaws, source code
- ‘Highly sophisticated’ government goons hacked F5
 
 
 
 
 
 
- Oracle
 - Google, Mandiant expose malware and zero-day behind Oracle EBS extortion
- Oracle issued an emergency security update to fix new E-Business Suite flaw CVE-2025-61884
 
 
 
 
 
- Fortigate
 - FortiOS CLI Command Bypass Vulnerability Let Attacker Execute System Commands
- FortiPAM and FortiSwitch Manager Vulnerability Let Attackers Bypass Authentication Process
 
 
 
 
 
- Satellite
 - Unencrypted satellites expose global communications
- Researchers find a startlingly cheap way to steal your secrets from space
- Study reveals satellites comms spilling unencrypted data
 
 
 
 
 
 
- Axis Communications Vulnerability Exposes Azure Storage Account Credentials
- Android Pixnapping attack can capture app data like 2FA info
- Ivanti Patches 13 Vulnerabilities in Endpoint Manager Allowing Remote Code Execution
- Hackers Leverage Judicial Notifications to Deploy Info-Stealer Malware
- Cyberattackers Target LastPass, Top Password Managers
- Devs of VS Code extensions are leaking secrets en masse
- How Attackers Bypass Synced Passkeys
- RealBlindingEDR Tool That Permanently Turns Off AV/EDR Using Kernel Callbacks
- New PoC Exploit Released for Sudo Chroot Privilege Escalation Vulnerability
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
- F5
- Les Uropes
 
Comments 
In Channel







