{"id":1575928,"date":"2025-03-12T11:05:47","date_gmt":"2025-03-12T13:05:47","guid":{"rendered":"https:\/\/teknomers.com\/fr\/plus-de-400-ips-exploitant-plusieurs-vulnerabilites-ssrf-dans-la-cyberattaque-coordonnee\/"},"modified":"2025-03-12T11:05:52","modified_gmt":"2025-03-12T13:05:52","slug":"plus-de-400-ips-exploitant-plusieurs-vulnerabilites-ssrf-dans-la-cyberattaque-coordonnee","status":"publish","type":"post","link":"https:\/\/teknomers.com\/fr\/plus-de-400-ips-exploitant-plusieurs-vulnerabilites-ssrf-dans-la-cyberattaque-coordonnee\/","title":{"rendered":"Plus de 400 IPs exploitant plusieurs vuln\u00e9rabilit\u00e9s SSRF dans la cyberattaque coordonn\u00e9e"},"content":{"rendered":"<p> <br \/>\n<\/p>\n<div>\n<p><span class=\"p-author\"><i class=\"icon-font icon-calendar\">\ue802<\/i><span class=\"author\">12 mars 2025<\/span><i class=\"icon-font icon-user\">\ue804<\/i><span class=\"author\">Ravie Lakshmanan<\/span><\/span><span class=\"p-tags\">S\u00e9curit\u00e9 \/ vuln\u00e9rabilit\u00e9 du cloud<\/span><\/p>\n<\/div>\n<div id=\"articlebody\">\n<div class=\"separator\" style=\"clear: both;\"><a rel=\"nofollow\" href=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/Plus-de-400-IPs-exploitant-plusieurs-vulnerabilites-SSRF-dans-la.png\" style=\"clear: left; display: block; float: left;  text-align: center;\"><\/a><\/div>\n<p>La soci\u00e9t\u00e9 de renseignement sur les menaces Greynoise avertit une &#8220;pouss\u00e9e coordonn\u00e9e&#8221; dans l&#8217;exploitation des vuln\u00e9rabilit\u00e9s de contrefa\u00e7on de demande c\u00f4t\u00e9 serveur (SSRF) couvrant plusieurs plates-formes.<\/p>\n<p>&#8220;Au moins 400 IPS ont \u00e9t\u00e9 vus activement exploiter simultan\u00e9ment plusieurs CVE SSRF, avec un chevauchement notable entre les tentatives d&#8217;attaque&#8221;, la soci\u00e9t\u00e9 <a rel=\"noopener nofollow\" href=\"https:\/\/www.greynoise.io\/blog\/new-ssrf-exploitation-surge\" target=\"_blank\">dit<\/a>l&#8217;ajout a observ\u00e9 l&#8217;activit\u00e9 le 9 mars 2025.<\/p>\n<p>Les pays qui sont devenus la cible des tentatives d&#8217;exploitation du SSRF comprennent les \u00c9tats-Unis, l&#8217;Allemagne, Singapour, l&#8217;Inde, la Lituanie et le Japon. Un autre pays notable est Isra\u00ebl, qui a \u00e9t\u00e9 t\u00e9moin d&#8217;une vague le 11 mars 2025.<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener sponsored\" href=\"https:\/\/thehackernews.uk\/cis-securesuite\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/1740818990_705_Mozilla-met-a-jour-les-termes-de-Firefox-apres-le.png\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>La liste des vuln\u00e9rabilit\u00e9s SSRF exploit\u00e9es est r\u00e9pertori\u00e9e ci-dessous &#8211;<\/p>\n<div class=\"dog_two clear\"><center class=\"cf\"><a rel=\"nofollow noopener sponsored\" href=\"https:\/\/thehackernews.uk\/cloud-ai-d\" target=\"_blank\" title=\"Cybersecurity\"><img loading=\"lazy\" decoding=\"async\" class=\"lazyload\" alt=\"Cybers\u00e9curit\u00e9\" src=\"https:\/\/teknomers.com\/fr\/wp-content\/uploads\/2025\/03\/VMware-Security-Flaws-exploite-dans-la-nature-BroadCom-publie.jpg\" width=\"727\" height=\"90\"\/><\/a><\/center><\/div>\n<p>Greynoise a d\u00e9clar\u00e9 que bon nombre des m\u00eames adresses IP ciblent plusieurs d\u00e9fauts SSRF \u00e0 la fois plut\u00f4t que de se concentrer sur une faiblesse particuli\u00e8re, notant que le mod\u00e8le d&#8217;activit\u00e9 sugg\u00e8re une exploitation structur\u00e9e, une automatisation ou une collecte d&#8217;intelligence pr\u00e9-compromise.<\/p>\n<p>\u00c0 la lumi\u00e8re des tentatives d&#8217;exploitation actives, il est essentiel que les utilisateurs appliquent les derniers correctifs, limitent les connexions sortantes aux points de terminaison n\u00e9cessaires et surveillent les demandes suspectes des demandes sortantes.<\/p>\n<p>&#8220;De nombreux services de cloud modernes reposent sur des API de m\u00e9tadonn\u00e9es internes, auxquelles SSRF peut acc\u00e9der s&#8217;il est exploit\u00e9&#8221;, a d\u00e9clar\u00e9 Greynoise. &#8220;SSRF peut \u00eatre utilis\u00e9 pour cartographier les r\u00e9seaux internes, localiser les services vuln\u00e9rables et voler des informations d&#8217;identification cloud.&#8221;<\/p>\n<p><\/p>\n<div class=\"cf note-b\">Vous avez trouv\u00e9 cet article int\u00e9ressant? Suivez-nous <a rel=\"noopener nofollow\" href=\"https:\/\/twitter.com\/thehackersnews\" target=\"_blank\">Gazouillement <i class=\"icon-font icon-twitter\">\uf099<\/i><\/a>  et <a rel=\"noopener nofollow\" href=\"https:\/\/www.linkedin.com\/company\/thehackernews\/\" target=\"_blank\">Liendin<\/a> Pour lire plus de contenu exclusif que nous publions.<\/div>\n<\/div>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\n<br \/><br \/>\n<br \/><a href=\"https:\/\/thehackernews.com\/2025\/03\/over-400-ips-exploiting-multiple-ssrf.html\" rel=\"nofollow noopener\" target=\"_blank\">ttn-fr-57<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\ue80212 mars 2025\ue804Ravie LakshmananS\u00e9curit\u00e9 \/ vuln\u00e9rabilit\u00e9 du cloud La soci\u00e9t\u00e9 de renseignement sur les menaces Greynoise avertit une &#8220;pouss\u00e9e coordonn\u00e9e&#8221; dans l&#8217;exploitation des vuln\u00e9rabilit\u00e9s de contrefa\u00e7on de demande c\u00f4t\u00e9 serveur (SSRF) couvrant plusieurs plates-formes. &#8220;Au moins 400 IPS ont \u00e9t\u00e9 vus activement exploiter simultan\u00e9ment plusieurs CVE SSRF, avec un chevauchement notable entre les tentatives d&#8217;attaque&#8221;, [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1575929,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[274266,274265,4168,83853,79002,274264,4161,274263,2786,6124,429,29063,252989,274267,4160,701,238617,246491,4172,228416,79016,4166,4164,12365],"class_list":["post-1575928","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technologie","tag-actualites-de-piratage","tag-actualites-des-pirates","tag-comment-pirater","tag-coordonnee","tag-cyber-security-news","tag-cyber-security-news-aujourdhui","tag-cyber-mises-a-jour","tag-cyber-nouvelles","tag-cyberattaque","tag-cyberattaques","tag-dans","tag-exploitant","tag-ips","tag-malware-ransomware","tag-mises-a-jour-de-la-cybersecurite","tag-plusieurs","tag-securite-de-linformation","tag-securite-du-reseau","tag-securite-informatique","tag-ssrf","tag-the-hacker-news","tag-violation-de-donnees","tag-vulnerabilite-logicielle","tag-vulnerabilites"],"_links":{"self":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1575928","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/comments?post=1575928"}],"version-history":[{"count":0,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/posts\/1575928\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media\/1575929"}],"wp:attachment":[{"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/media?parent=1575928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/categories?post=1575928"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/teknomers.com\/fr\/wp-json\/wp\/v2\/tags?post=1575928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}