OFFRE D'UNE DURÉE LIMITÉE | Obtenez 3 mois à 0.99 $ par mois

14.95 $/mois par la suite. Des conditions s'appliquent.
Page de couverture de RadioCSIRT - English Edition

RadioCSIRT - English Edition

RadioCSIRT - English Edition

Auteur(s): Marc Frédéric GOMEZ
Écouter gratuitement

À propos de cet audio

🎙 Marc Frédéric Gomez, cybersecurity expert, brings you daily insights into the latest threats, attacks, and defense strategies you need to know.

🔎 On the agenda:
✔️ Analysis of cyberattacks and critical vulnerabilities
✔️ Strategic intelligence for CSIRTs, CERTs, and cybersecurity professionals
✔️ Sources and references to dive deeper into each topic

💡 Why listen to RadioCSIRT?
🚀 Stay up to date in just a few minutes a day
🛡️ Anticipate threats with reliable, technical information
📢 An essential intelligence source for IT and security professionals

🔗 Listen, share, and secure your environment!
📲 Subscribe and leave a ⭐ rating on your favorite platform!

Marc Frédéric GOMEZ Politique
Épisodes
  • RadioCSIRT – English Edition – Your Cybersecurity News for Saturday, January 10, 2026 (Ep. 66)

    RadioCSIRT – English Edition – Your Cybersecurity News for Saturday, January 10, 2026 (Ep. 66)
    Jan 10 2026
    We open this edition with a global overview of the current cyber threat landscape.The year twenty twenty five confirms a high and persistent level of cyber pressure on organizations, characterized by the convergence of critical technical vulnerabilities, structural dependencies on suppliers, and growing geopolitical tensions. Sector-wide analyses highlight a continuous expansion of attack surfaces, increased exploitation of digital supply chains, and sustained professionalization of malicious actors, whether criminal or state-sponsored.We then move on to an in-depth analysis of the financial sector, facing a dual structural threat.Reports from Kaspersky, ENISA, FS-ISAC, and KnowBe4 converge on a clear conclusion: nearly all major financial institutions have been affected by incidents involving third-party providers. This systemic exposure is accompanied by an intensification of geopolitically motivated attacks and APT operations targeting international banking infrastructures, notably for state financing or intelligence collection purposes.We also revisit several documented incidents illustrating this dynamic.The compromise of the banking vendor SitusAMC highlights the cascading effects of supply chain attacks.The attack claimed by the pro-Russian group NoName057(16) against La Poste fits into a logic of symbolic disruption linked to geopolitical tensions.Other recent cases reported by specialized media confirm the sustained exposure of the financial sector to attacks combining organized cybercrime and state-level objectives.Finally, we address the regulatory and organizational response to these threats.The DORA regulation represents a structuring step for the operational resilience of the European financial sector, but feedback shows that compliance alone is not sufficient to counter determined adversaries. Mastery of digital dependencies, visibility over third and fourth parties, and the strengthening of detection and response capabilities remain central challenges to limit systemic impact.ations.Sources:Sectoral Reports and Threat Analyses:Kaspersky Security Bulletin 2025 - Financial Sector: https://www.kaspersky.com/about/press-releases/2025_kaspersky-financial-sector-faced-ai-blockchain-and-organized-crime-threats-in-2025ENISA Threat Landscape 2025 - Finance Sector: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2025FS-ISAC - Navigating Cyber 2025: https://www.fsisac.com/knowledge/annual-navigating-cyber-2025-reportKnowBe4 - Financial Sector Threats: The Shifting Landscape: https://www.knowbe4.com/hubfs/Financial-Sector-Threats-The-Shifting-Landscape.pdfDocumented Incidents and Compromises:Cybersecurity Dive - SitusAMC Banking Vendor Breach: https://www.cybersecuritydive.com/news/hackers-steal-sensitive-data-major-banking-industry-vendor-situsamc/The Record (Recorded Future) - NoName057(16) Attack on La Poste: https://therecord.media/pro-russian-hackers-claim-attack-french-postal-service-la-posteAmerican Banker - Marquis Breach (Carter Pape): https://www.muckrack.com/carter-pape/articlesAttribution and State Threat Actors:Security Affairs - France Links APT28 to Government Attacks: https://securityaffairs.com/171234/apt/france-links-russian-apt28-attacks.htmlCompliance and Regulation:RESCO Courtage - Complete DORA Guide 2025: https://www.resco-courtage.com/dora-reglementation-guide-complet-2025L'Usine Digitale - 2025 Cyberattacks and Lessons Learned: https://www.usine-digitale.fr/article/les-cyberattaques-qui-ont-marque-l-annee-2025-et-les-lecons-a-en-tirer.htmlDon’t think, patch!Your feedback is welcome.Email: radiocsirt@gmail.comWebsite:https://www.radiocsirt.comWeekly Newsletter:https://radiocsirtenglishedition.substack.com/
    Voir plus Voir moins
    21 min
  • RadioCSIRT English Edition – Your Cybersecurity News for Tuesday, January 6, 2026 (Ep. 65)

    RadioCSIRT English Edition – Your Cybersecurity News for Tuesday, January 6, 2026 (Ep. 65)
    Jan 6 2026

    We open this episode with a critical vulnerability in n8n reported by Security Online. CVE-2025-68668, with a CVSS score of 9.9, allows an authenticated user to escape the Python sandbox of the automation platform to execute arbitrary system commands, turning the Code Node into a vector for complete host system compromise.

    CVEfeed.io reports an uncontrolled DLL loading flaw in AsusSoftwareManagerAgent. CVE-2025-12793, rated 8.5 in CVSS 4.0, exploits an untrusted search path allowing a local attacker to execute arbitrary code through DLL Namespace manipulation.

    Clubic covers the disappearance of Anna's Archive's primary domain. The registry placed annas-archive.org under serverHold status two weeks after uploading 300 terabytes of Spotify data, suggesting legal action by the Public Interest Registry following OCLC's lawsuit for extracting 2.2 terabytes of WorldCat data.

    Phoronix reports a critical situation for the Debian project: the three delegated members of the Data Protection Team resigned simultaneously, leaving the project without an active team to manage GDPR obligations. Project leader Andreas Tille now handles this role ad-hoc while awaiting new volunteers.

    Finally, CERT-FR issued advisory CERTFR-2026-AVI-0004 concerning CVE-2025-13699 affecting multiple MariaDB branches. The vendor has not specified the exact nature of the security issue but recommends updating to versions 10.11.15, 10.6.24, 11.4.9, or 11.8.4.

    Sources:

    • Security Online – n8n CVE-2025-68668: https://securityonline.info/n8n-sandbox-escape-how-cve-2025-68668-turns-workflows-into-weapons/
    • CVEfeed.io – CVE-2025-12793 ASUS: https://cvefeed.io/vuln/detail/CVE-2025-12793
    • Clubic – Anna's Archive domain: https://www.clubic.com/actualite-593797-le-site-qui-avait-pirate-spotify-perd-son-nom-de-domaine.html
    • Phoronix – Debian Data Protection Team: https://www.phoronix.com/news/No-Debian-Data-Protection-Team
    • CERT-FR – MariaDB Vulnerability: https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0004/

    Don’t think, patch!

    Your feedback is welcome.
    Email: radiocsirt@gmail.com
    Website: https://www.radiocsirt.com
    Weekly Newsletter: https://radiocsirtenglishedition.substack.com/
    Voir plus Voir moins
    10 min
  • RadioCSIRT English Edition – Your Cybersecurity News for Monday, December 29, 2025 (Ep. 64)

    RadioCSIRT English Edition – Your Cybersecurity News for Monday, December 29, 2025 (Ep. 64)
    Dec 29 2025

    Welcome to your daily cybersecurity podcast.

    We open this edition with an analysis published by FIRST dot org on December 29, 2025, presenting the annual review of vulnerability forecasts for the year 2025. The article, written by Éireann Leverett, confirms the validation of Vuln4Cast project forecasts with 49,183 CVEs published as of December 29, falling within the confidence interval of 41,142 to 49,868 CVEs established in February 2025. The MAPE of 1 point 39 percent against the upper bound demonstrates excellent accuracy of the forecast models.

    The quarterly forecasts for Q4 2025 are also validated with 12,359 CVEs published, within the confidence interval of 11,815 to 14,129 CVEs. This accuracy below 5% demonstrates that quarterly forecasts are sufficiently reliable for operational planning by patch management teams, SOCs, and CERTs.

    The article highlights the expansion of the vulnerability forecasting ecosystem with CVEForecast dot org developed by Jerry Gamblin at Cisco using XGBoost, and CIRCL Luxembourg's Vulnerability-Lookup platform which adds sightings tracking and comprehensive statistics. Future developments will focus on forecasting vendor distributions, CVSS vectors, CWEs, and vulnerability exploitability. Improvements are underway in six areas: CWE root cause analysis, exploit prediction, exploitation prediction, CNA forecasting, CVSS vector forecasting, and CVSS score prediction.

    FIRST announces the VulnOptiCon 2026 conference in Luxembourg, hosted by CIRCL, to enable the community to share methodologies and collectively advance exposure science and predictive security.

    Source

    FIRST – 2025 Vulnerability Forecast Annual Review: https://www.first.org/blog/20251229-Vulnerability-Forecast-Review

    Don’t think, patch!

    Your feedback is welcome.
    Email: radiocsirt@gmail.com
    Website: https://www.radiocsirt.com
    Weekly Newsletter: https://radiocsirtenglishedition.substack.com/
    Voir plus Voir moins
    7 min
Pas encore de commentaire