This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-02T00:55:10+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch The quest to keep data private while still being able to search may soon be within reach, with different companies charting their own paths.]]> 2024-05-01T23:22:53+00:00 https://www.darkreading.com/data-privacy/private-internet-search-is-still-finding-its-way www.secnews.physaphae.fr/article.php?IdArticle=8492076 False None None None Dark Reading - Informationweek Branch The breach was carried out with stolen Citrix credentials for an account that lacked multifactor authentication. Attackers went undetected for days, and Change\'s backup strategy failed.]]> 2024-05-01T23:19:03+00:00 https://www.darkreading.com/cyberattacks-data-breaches/unitedhealth-congressional-testimony-rampant-security-fails www.secnews.physaphae.fr/article.php?IdArticle=8492077 False None None None Dark Reading - Informationweek Branch 2024-05-01T21:56:19+00:00 https://www.darkreading.com/threat-intelligence/intel-471-acquires-cyborg-security www.secnews.physaphae.fr/article.php?IdArticle=8492049 False None None None Dark Reading - Informationweek Branch 2024-05-01T21:52:36+00:00 https://www.darkreading.com/vulnerabilities-threats/cobalt-s-2024-state-of-pentesting-report-reveals-cybersecurity-industry-needs www.secnews.physaphae.fr/article.php?IdArticle=8492050 False None None None Dark Reading - Informationweek Branch Unmanaged and unknown Web services endpoints are just some of the challenges organizations must address to improve API security.]]> 2024-05-01T20:46:15+00:00 https://www.darkreading.com/application-security/shadow-apis-an-overlooked-cyber-risk-for-orgs www.secnews.physaphae.fr/article.php?IdArticle=8492051 False None None None Dark Reading - Informationweek Branch Some customers found that they had the ability to cancel a stranger\'s flight to another country after opening the app, which was showing other individuals\' flight details.]]> 2024-05-01T20:26:01+00:00 https://www.darkreading.com/cyber-risk/qantas-customers-boarding-passes-exposed-flight-app-mishap www.secnews.physaphae.fr/article.php?IdArticle=8492024 False None None None Dark Reading - Informationweek Branch The newly discovered malware, which has so far mainly targeted Turkish telcos and has links to HiatusRat, infects routers and performs DNS and HTTP hijacking attacks on connections to private IP addresses.]]> 2024-05-01T17:34:12+00:00 https://www.darkreading.com/cloud-security/cuttlefish-zero-click-malware-steals-private-cloud-data www.secnews.physaphae.fr/article.php?IdArticle=8491941 False Malware,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch With mergers and acquisitions making a comeback, organizations need to be sure they safeguard their digital assets before, during, and after.]]> 2024-05-01T14:00:00+00:00 https://www.darkreading.com/cyber-risk/cybersecurity-checklist-that-could-save-your-m-and-a-deal www.secnews.physaphae.fr/article.php?IdArticle=8491841 False None None 2.0000000000000000 Dark Reading - Informationweek Branch MOVEit drove a big chunk of the increase, but human vulnerability to social engineering and failure to patch known bugs led to a doubling of breaches since 2023, said Verizon Business.]]> 2024-05-01T04:01:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/verizon-dbir-basic-security-gaffes-underpin-bumper-crop-of-breaches www.secnews.physaphae.fr/article.php?IdArticle=8491604 False Vulnerability None 2.0000000000000000 Dark Reading - Informationweek Branch As the social media giant celebrates its two-decade anniversary, privacy experts reflect on how it changed the way the world shares information.]]> 2024-04-30T23:30:52+00:00 https://www.darkreading.com/data-privacy/facebook-at-20-contemplating-the-cost-of-privacy www.secnews.physaphae.fr/article.php?IdArticle=8491812 False None None 4.0000000000000000 Dark Reading - Informationweek Branch The purported metadata for each these containers had embedded links to malicious files.]]> 2024-04-30T20:45:23+00:00 https://www.darkreading.com/cyber-risk/attackers-planted-millions-of-imageless-repositories-on-docker-hub www.secnews.physaphae.fr/article.php?IdArticle=8491463 False None None 2.0000000000000000 Dark Reading - Informationweek Branch London Drugs offered no details about the nature of the incident, nor when its pharmacies would be functioning normally again.]]> 2024-04-30T20:31:16+00:00 https://www.darkreading.com/cyberattacks-data-breaches/canadian-drug-chain-in-temporary-lockdown-mode-after-cyber-incident www.secnews.physaphae.fr/article.php?IdArticle=8491464 False None None 2.0000000000000000 Dark Reading - Informationweek Branch USBs have something the newest, hottest attack techniques lack: the ability to bridge air gaps.]]> 2024-04-30T17:28:56+00:00 https://www.darkreading.com/ics-ot-security/to-damage-ot-systems-hackers-tap-usbs-old-bugs-and-malware www.secnews.physaphae.fr/article.php?IdArticle=8491396 False Malware,Industrial None 3.0000000000000000 Dark Reading - Informationweek Branch Verizon, AT&T, and T-Mobile USA are being fined for sharing location data. They plan to appeal the decision, which is the culmination of a four-year investigation into how carriers sold customer data to third parties.]]> 2024-04-30T16:46:57+00:00 https://www.darkreading.com/cyber-risk/fcc-fines-wireless-carriers-200m-for-sharing-location-data www.secnews.physaphae.fr/article.php?IdArticle=8491368 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Themed "The Art of Possible," this year\'s conference celebrates new challenges and opportunities in the age of AI.]]> 2024-04-30T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/6-data-security-sessions-you-shouldnt-miss-rsac-2024 www.secnews.physaphae.fr/article.php?IdArticle=8491278 False Conference None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-29T20:52:07+00:00 https://www.darkreading.com/endpoint-security/eset-protect-portfolio-now-includes-new-mdr-tiers-and-features www.secnews.physaphae.fr/article.php?IdArticle=8490855 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The CVE-2024-27322 security vulnerability in R\'s deserialization process gives attackers a way to execute arbitrary code in target environments via specially crafted files.]]> 2024-04-29T20:51:03+00:00 https://www.darkreading.com/application-security/r-programming-language-exposes-orgs-to-supply-chain-risk www.secnews.physaphae.fr/article.php?IdArticle=8491279 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch Okta warns users that the attack requests are made through an anonymizing service like Tor or various commercial proxy networks.]]> 2024-04-29T20:25:57+00:00 https://www.darkreading.com/vulnerabilities-threats/okta-credential-stuffing-attacks-spike-via-proxy-networks www.secnews.physaphae.fr/article.php?IdArticle=8490856 False Commercial None 3.0000000000000000 Dark Reading - Informationweek Branch While other professions are making up ground, cybersecurity still lags behind in female representation, thanks to a lack of respect and inclusion.]]> 2024-04-29T19:56:12+00:00 https://www.darkreading.com/cybersecurity-operations/cybersecurity-is-becoming-more-diverse-except-by-gender www.secnews.physaphae.fr/article.php?IdArticle=8490857 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Tracking code used for keeping tabs on how members navigated through the healthcare giant\'s online and mobile sites was oversharing a concerning amount of information.]]> 2024-04-29T19:46:08+00:00 https://www.darkreading.com/cyberattacks-data-breaches/13-4m-kaiser-insurance-members-affected-by-data-leak-to-online-advertisers www.secnews.physaphae.fr/article.php?IdArticle=8490831 False Mobile,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Likely China-linked adversary has blanketed the Internet with DNS mail requests over the past five years via open resolvers, furthering Great Firewall of China ambitions. But the exact nature of its activity is unclear.]]> 2024-04-29T15:43:05+00:00 https://www.darkreading.com/threat-intelligence/muddling-meerkat-poses-nation-state-dns-mystery www.secnews.physaphae.fr/article.php?IdArticle=8490729 False None None 3.0000000000000000 Dark Reading - Informationweek Branch By embracing a proactive approach to cyber-risk management, companies can better detect, prevent, and mitigate cyber threats while integrating the latest state-of-the-art technology.]]> 2024-04-29T14:00:00+00:00 https://www.darkreading.com/cyber-risk/addressing-risk-caused-by-innovation www.secnews.physaphae.fr/article.php?IdArticle=8490669 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Red teaming is a crucial part of proactive GenAI security that helps map and measure AI risks.]]> 2024-04-29T13:57:39+00:00 https://www.darkreading.com/vulnerabilities-threats/how-to-red-team-genai-challenges-best-practices-and-learnings www.secnews.physaphae.fr/article.php?IdArticle=8490670 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The volume of malicious cyber activity against the Philippines quadrupled in the first quarter of 2024 compared to the same period in 2023.]]> 2024-04-29T01:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/philippines-pummeled-by-assortment-of-cyberattacks-tied-to-china www.secnews.physaphae.fr/article.php?IdArticle=8489198 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-26T21:37:47+00:00 https://www.darkreading.com/cybersecurity-operations/new-research-suggests-africa-is-being-used-as-a-testing-ground-for-nation-state-cyber-warfare www.secnews.physaphae.fr/article.php?IdArticle=8489265 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-26T21:33:25+00:00 https://www.darkreading.com/threat-intelligence/mitre-s-cyber-resiliency-engineering-framework-aligns-with-dod-cyber-maturity-model-cert www.secnews.physaphae.fr/article.php?IdArticle=8489266 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-26T21:15:22+00:00 https://www.darkreading.com/cybersecurity-operations/jason-haddix-joins-flare-as-field-ciso www.secnews.physaphae.fr/article.php?IdArticle=8489267 False None None 1.00000000000000000000 Dark Reading - Informationweek Branch The business intelligence servers contain vulnerabilities that Qlik patched last year, but which Cactus actors have been exploiting since November. Swathes of organizations have not yet been patched.]]> 2024-04-26T20:55:10+00:00 https://www.darkreading.com/cyber-risk/more-than-3-000-qlik-sense-servers-vuln-to-cactus-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8489268 False Ransomware,Vulnerability None 2.0000000000000000 Dark Reading - Informationweek Branch The semiconductor manufacturing giant\'s security team describes how hardware hackathons, such as Hack@DAC, have helped chip security by finding and sharing hardware vulnerabilities.]]> 2024-04-26T20:16:23+00:00 https://www.darkreading.com/endpoint-security/intel-harnesses-hackathons-to-tackle-hardware-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=8489269 False Vulnerability None 2.0000000000000000 Dark Reading - Informationweek Branch You can\'t thinking about inclusion in the workplace without first understanding what kinds of exclusive behaviors prevent people from advancing in their careers.]]> 2024-04-26T20:00:35+00:00 https://www.darkreading.com/cybersecurity-careers/held-back-what-exclusion-looks-like-in-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8489270 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Though PAN originally described the attacks exploiting the vulnerability as being limited, they are increasingly growing in volume, with more exploits disclosed by outside parties.]]> 2024-04-26T19:51:58+00:00 https://www.darkreading.com/vulnerabilities-threats/palo-alto-updates-remediation-for-max-critical-firewall-bug www.secnews.physaphae.fr/article.php?IdArticle=8489271 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: security license mandates; a move to four-day remediation requirements; lessons on OWASP for LLMs.]]> 2024-04-26T19:34:32+00:00 https://www.darkreading.com/cybersecurity-operations/ciso-corner-evil-sboms-zero-trust-cloud-security-mitre-ivanti www.secnews.physaphae.fr/article.php?IdArticle=8489272 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers will likely use software bills-of-material (SBOMs) for searching for software potentially vulnerable to specific software flaws.]]> 2024-04-26T14:57:07+00:00 https://www.darkreading.com/application-security/cyberattack-gold-sboms-census-vulnerable-software www.secnews.physaphae.fr/article.php?IdArticle=8489154 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Understand what security measures you have in place, what you need to keep secure, and what rules you have to show compliance with.]]> 2024-04-26T14:00:00+00:00 https://www.darkreading.com/cyber-risk/minimum-viable-compliance-what-you-should-care-about-and-why www.secnews.physaphae.fr/article.php?IdArticle=8489086 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The targeted operation utilized CVE-2017-8570 as the initial vector and employed a notable custom loader for Cobalt Strike, yet attribution to any known threat actor remains elusive.]]> 2024-04-26T13:45:02+00:00 https://www.darkreading.com/cyberattacks-data-breaches/military-tank-manual-zero-day-ukraine-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8489087 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The payment card industry pushes for more security in financial transactions to help combat increasing fraud in the region.]]> 2024-04-26T05:00:00+00:00 https://www.darkreading.com/cyber-risk/pci-launches-payment-card-cybersecurity-effort-in-middle-east www.secnews.physaphae.fr/article.php?IdArticle=8488872 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Eight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a passive eavesdropper to collect keystroke data.]]> 2024-04-25T21:59:15+00:00 https://www.darkreading.com/endpoint-security/most-chinese-keyboard-apps-vulnerable-to-eavesdropping www.secnews.physaphae.fr/article.php?IdArticle=8488735 False Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch The refunds will be made to individual affected customers through thousands of PayPal payments, available to be redeemed for a limited time.]]> 2024-04-25T21:32:36+00:00 https://www.darkreading.com/cyber-risk/ftc-issues-5-6m-in-refunds-to-customers-after-ring-privacy-settlement www.secnews.physaphae.fr/article.php?IdArticle=8488736 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Recent trends in breaches and attack methods offer a valuable road map to cybersecurity professionals tasked with detecting and preventing the next big thing.]]> 2024-04-25T21:25:56+00:00 https://www.darkreading.com/threat-intelligence/5-attack-trends-organizations-of-all-sizes-should-be-monitoring www.secnews.physaphae.fr/article.php?IdArticle=8488737 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Hackers can influence voters with media and breach campaigns, or try tampering with votes. Or they can combine these tactics to even greater effect.]]> 2024-04-25T21:00:21+00:00 https://www.darkreading.com/threat-intelligence/biggest-threat-2024-elections-kitchen-sink-attack-chains www.secnews.physaphae.fr/article.php?IdArticle=8488713 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Mobile malware-as-a-service operators are upping their game by automatically churning out hundreds of unique samples on a whim.]]> 2024-04-25T18:01:42+00:00 https://www.darkreading.com/endpoint-security/godfather-banking-trojan-spawns-1k-samples-57-countries www.secnews.physaphae.fr/article.php?IdArticle=8488669 False Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Cyberattacks on logistics are becoming increasingly common, and the potential impact is enormous.]]> 2024-04-25T17:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/digital-blitzkrieg-unveiling-cyber-logistics-warfare www.secnews.physaphae.fr/article.php?IdArticle=8488624 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Attacks by a previously unknown threat actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.]]> 2024-04-25T15:59:45+00:00 https://www.darkreading.com/endpoint-security/cisco-zero-days-arcanedoor-cyberespionage-campaign www.secnews.physaphae.fr/article.php?IdArticle=8488601 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch How the CISO of Kenvue, a consumer healthcare company spun out from Johnson & Johnson, combined tools and new ideas to build out the security program.]]> 2024-04-25T14:31:25+00:00 https://www.darkreading.com/identity-access-management-security/jj-spin-off-ciso-maximize-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8489058 False Tool,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Get updated advice on how, when, and where we should disclose cybersecurity incidents under the SEC\'s four-day rule after SolarWinds, and join the call to revamp the rule to remediate first.]]> 2024-04-25T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/solarwinds-2024-where-do-cyber-disclosures-go-from-here www.secnews.physaphae.fr/article.php?IdArticle=8488549 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Caliptra 1.0 offers a blueprint for integrating security features directly into microprocessors.]]> 2024-04-25T09:30:00+00:00 https://www.darkreading.com/endpoint-security/chip-giants-finalize-spec-to-bake-security-into-silicon www.secnews.physaphae.fr/article.php?IdArticle=8489059 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-24T21:08:39+00:00 https://www.darkreading.com/cybersecurity-operations/knowbe4-to-acquire-egress www.secnews.physaphae.fr/article.php?IdArticle=8488215 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-24T21:03:57+00:00 https://www.darkreading.com/cybersecurity-operations/black-girls-do-engineer-signs-education-partnership-agreement-with-nsa www.secnews.physaphae.fr/article.php?IdArticle=8488195 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Unlike the SolarWinds and CodeCov incidents, all that it took for an adversary to nearly pull off a massive supply chain attack was some slick social engineering and a string of pressure emails.]]> 2024-04-24T20:55:13+00:00 https://www.darkreading.com/application-security/attacker-social-engineered-backdoor-code-into-xz-utils www.secnews.physaphae.fr/article.php?IdArticle=8488216 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The city is stymied in efforts to pinpoint the issue since its IT systems were shut down in the wake of the cyberattack.]]> 2024-04-24T18:53:09+00:00 https://www.darkreading.com/cyberattacks-data-breaches/lights-on-in-leicester-city-streetlights-in-disarray-after-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8488168 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Lazarus, Kimsuky, and Andariel all got in on the action, stealing "important" data from firms responsible for defending their southern neighbors (from them).]]> 2024-04-24T16:27:13+00:00 https://www.darkreading.com/cyberattacks-data-breaches/north-korea-apt-triumvirate-spied-on-south-korean-defense-industry-for-years www.secnews.physaphae.fr/article.php?IdArticle=8488095 False None APT 38 2.0000000000000000 Dark Reading - Informationweek Branch A state-sponsored hacking team employed a clever masquerade and elaborate back-end infrastructure as part of a five-year info-stealing campaign that compromised the US State and Treasury Departments, and hundreds of thousands of accounts overall.]]> 2024-04-24T14:40:36+00:00 https://www.darkreading.com/cyberattacks-data-breaches/iran-dupes-military-contractors-govt-agencies-cybercampaign www.secnews.physaphae.fr/article.php?IdArticle=8488043 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Attacks increased by "only" 19% last year. But that number is expected to grow significently.]]> 2024-04-24T14:00:00+00:00 https://www.darkreading.com/endpoint-security/2023-good-year-for-ot-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8488044 False Industrial None 3.0000000000000000 Dark Reading - Informationweek Branch An exploit for the vulnerability allows unauthenticated attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.]]> 2024-04-24T13:24:44+00:00 https://www.darkreading.com/cloud-security/patch-crushftp-zero-day-cloud-exploit-targets-us-orgs www.secnews.physaphae.fr/article.php?IdArticle=8488006 False Vulnerability,Threat,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Just like you should check the quality of the ingredients before you make a meal, it\'s critical to ensure the integrity of AI training data.]]> 2024-04-24T13:09:59+00:00 https://www.darkreading.com/cybersecurity-operations/fortify-ai-training-datasets-from-malicious-poisoning www.secnews.physaphae.fr/article.php?IdArticle=8488007 False None None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-04-23T20:52:51+00:00 https://www.darkreading.com/cybersecurity-operations/comptia-supports-department-of-defense-efforts-to-strengthen-cyber-knowledge-and-skills www.secnews.physaphae.fr/article.php?IdArticle=8487610 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.]]> 2024-04-23T20:47:27+00:00 https://www.darkreading.com/cloud-security/5-hard-truths-about-the-state-of-cloud-security-2024 www.secnews.physaphae.fr/article.php?IdArticle=8487611 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.]]> 2024-04-23T20:40:36+00:00 https://www.darkreading.com/ics-ot-security/siemens-working-on-fix-for-device-affected-by-palo-alto-firewall-bug www.secnews.physaphae.fr/article.php?IdArticle=8487612 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.]]> 2024-04-23T19:33:37+00:00 https://www.darkreading.com/threat-intelligence/hackers-create-legit-phishing-links-with-ghost-github-gitlab-comments www.secnews.physaphae.fr/article.php?IdArticle=8487585 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch The company reports most systems are functioning again but that analysis of the data affected will take months to complete.]]> 2024-04-23T18:44:00+00:00 https://www.darkreading.com/cyber-risk/back-from-the-brink-unitedhealth-offers-sobering-post-attack-update www.secnews.physaphae.fr/article.php?IdArticle=8487561 False None None 3.0000000000000000 Dark Reading - Informationweek Branch It\'s time to start regulating LLMs to ensure they\'re accurately trained and ready to handle business deals that could affect the bottom line.]]> 2024-04-23T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/top-lessons-cisos-owasp-llm-top-10 www.secnews.physaphae.fr/article.php?IdArticle=8487416 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.]]> 2024-04-23T13:33:46+00:00 https://www.darkreading.com/cybersecurity-operations/us-gov-visa-restrictions-spyware-honchos www.secnews.physaphae.fr/article.php?IdArticle=8487417 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyber-espionage attacks against targets in Ukraine, Western Europe, and North America.]]> 2024-04-23T13:21:39+00:00 https://www.darkreading.com/endpoint-security/russia-fancy-bear-pummels-windows-print-spooler-bug www.secnews.physaphae.fr/article.php?IdArticle=8487418 False Tool,Threat APT 28 3.0000000000000000 Dark Reading - Informationweek Branch State-sponsored groups are targeting critical vulnerabilities in virtual private network (VPN) gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.]]> 2024-04-23T12:00:00+00:00 https://www.darkreading.com/endpoint-security/edge-vpns-firewalls-nonexistent-telemetry-apts www.secnews.physaphae.fr/article.php?IdArticle=8487357 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms - and in some cases, individual consultants - to obtain licenses to do business, but concerns remain.]]> 2024-04-23T01:00:00+00:00 https://www.darkreading.com/cyber-risk/licensed-to-bill-nations-mandate-certification-licensure-of-cybersecurity-pros www.secnews.physaphae.fr/article.php?IdArticle=8487103 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.]]> 2024-04-22T21:15:51+00:00 https://www.darkreading.com/cyber-risk/-toddycat-apt-is-stealing-data-on-an-industrial-scale- www.secnews.physaphae.fr/article.php?IdArticle=8487034 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch An open direct vulnerability in the Nespresso Web domain lets attackers bypass detection as they attempt to steal victims\' Microsoft credentials.]]> 2024-04-22T19:35:01+00:00 https://www.darkreading.com/cyberattacks-data-breaches/nespresso-domain-phish-cream-sugar www.secnews.physaphae.fr/article.php?IdArticle=8486986 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch The irony is lost on few, as a Chinese threat actor used eight MITRE techniques to breach MITRE itself - including exploiting the Ivanti bugs that attackers have been swarming on for months.]]> 2024-04-22T19:11:27+00:00 https://www.darkreading.com/endpoint-security/mitre-attacked-infosecs-most-trusted-name-falls-to-ivanti-bugs www.secnews.physaphae.fr/article.php?IdArticle=8486987 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Though organizations are increasingly incorporating zero-trust strategies, for many, these strategies fail to address the entirety of an operation, according to Gartner.]]> 2024-04-22T18:12:41+00:00 https://www.darkreading.com/endpoint-security/zero-trust-takes-over-63-percent-of-orgs-implementing-globally www.secnews.physaphae.fr/article.php?IdArticle=8486964 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The five intelligence sources that power social engineering scams.]]> 2024-04-22T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/where-hackers-find-your-weak-spots www.secnews.physaphae.fr/article.php?IdArticle=8486831 False None None 3.0000000000000000 Dark Reading - Informationweek Branch SecOps highlights this week include the executive role in "cyber readiness;" Cisco\'s Hypershield promise; and Middle East cyber ops heat up.]]> 2024-04-19T20:50:15+00:00 https://www.darkreading.com/cybersecurity-operations/ciso-corner-gpt-4-exploits-breaking-staff-burnout-rebalancing-nist www.secnews.physaphae.fr/article.php?IdArticle=8485497 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-19T20:00:56+00:00 https://www.darkreading.com/application-security/miggo-launches-application-detection-and-response-adr-solution www.secnews.physaphae.fr/article.php?IdArticle=8485451 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Chinese actors are ready and poised to do "devastating" damage to key US infrastructure services if needed, he said.]]> 2024-04-19T19:54:12+00:00 https://www.darkreading.com/ics-ot-security/fbi-director-wray-issues-dire-warning-on-chinas-cybersecurity-threat www.secnews.physaphae.fr/article.php?IdArticle=8485476 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A ransomware gang claimed responsibility for the attack, though it is unknown if a ransom was demanded or paid.]]> 2024-04-19T18:11:07+00:00 https://www.darkreading.com/cyberattacks-data-breaches/undp-city-of-copenhagen-targeted-in-data-extortion-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8485429 False Ransomware None 2.0000000000000000 Dark Reading - Informationweek Branch CryptoChameleon attackers trade quantity for quality, dedicating time and resources to trick even the most diligent user into handing over their high-value credentials.]]> 2024-04-19T17:59:30+00:00 https://www.darkreading.com/cyberattacks-data-breaches/lastpass-users-lose-master-passwords-ultra-convincing-scam www.secnews.physaphae.fr/article.php?IdArticle=8485405 False None LastPass 2.0000000000000000 Dark Reading - Informationweek Branch Airbnb\'s Allyn Stott recommends adding the Human Maturity Model (HMM) and the SABRE framework to complement MITRE ATT&CK to improve security metrics analysis.]]> 2024-04-19T17:28:56+00:00 https://www.darkreading.com/cybersecurity-analytics/rethinking-how-you-work-with-detection-response-metrics www.secnews.physaphae.fr/article.php?IdArticle=8485406 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Securing the presidential election requires vigilance and hardened cybersecurity defenses.]]> 2024-04-19T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/ai-lowers-barrier-cyber-adversary-manipulation-2024-election www.secnews.physaphae.fr/article.php?IdArticle=8485305 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Malformed DOS paths in file-naming nomenclature in Windows could be used to conceal malicious content, files, and processes.]]> 2024-04-19T09:38:23+00:00 https://www.darkreading.com/vulnerabilities-threats/magicdot-windows-weakness-unprivileged-rootkit www.secnews.physaphae.fr/article.php?IdArticle=8485204 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The local phone and business communications company said that attackers accessed unspecified PII, after infiltrating its internal networks.]]> 2024-04-19T04:15:24+00:00 https://www.darkreading.com/ics-ot-security/cyberattack-takes-frontier-communications-offline www.secnews.physaphae.fr/article.php?IdArticle=8485099 False None None 2.0000000000000000 Dark Reading - Informationweek Branch It turns out that a powerful security solution can double as even more powerful malware, capable of granting comprehensive access over a targeted machine.]]> 2024-04-19T03:20:00+00:00 https://www.darkreading.com/application-security/evil-xdr-researcher-turns-palo-alto-software-into-perfect-malware www.secnews.physaphae.fr/article.php?IdArticle=8485078 False Malware,Technical None 4.0000000000000000 Dark Reading - Informationweek Branch The tech giant tosses together a word salad of today\'s business drivers - AI, cloud-native, digital twins - and describes a comprehensive security strategy for the future, but can the company build the promised platform?]]> 2024-04-18T22:00:26+00:00 https://www.darkreading.com/cloud-security/cisco-faces-complex-road-to-deliver-on-its-complex-hypershield-promise www.secnews.physaphae.fr/article.php?IdArticle=8485255 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Attackers are indiscriminately targeting VPNs from Cisco and several other vendors in what may be a reconnaissance effort, the vendor says.]]> 2024-04-18T20:39:12+00:00 https://www.darkreading.com/remote-workforce/cisco-warns-of-massive-surge-in-password-spraying-attacks-on-vpns www.secnews.physaphae.fr/article.php?IdArticle=8484928 False None None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-04-18T20:32:04+00:00 https://www.darkreading.com/vulnerabilities-threats/auburn-s-mccrary-institute-and-oak-ridge-national-laboratory-to-partner-on-regional-cybersecurity-center www.secnews.physaphae.fr/article.php?IdArticle=8484929 False None None 2.0000000000000000 Dark Reading - Informationweek Branch CISA advisory warns of critical ICS device flaws, but a lack of available fixes leaves network administrators on defense to prevent exploits.]]> 2024-04-18T20:25:50+00:00 https://www.darkreading.com/ics-ot-security/ics-network-controllers-open-to-remote-exploit-no-patches-available www.secnews.physaphae.fr/article.php?IdArticle=8484930 False Threat,Industrial None 3.0000000000000000 Dark Reading - Informationweek Branch Existing AI technology can allow hackers to automate exploits for public vulnerabilities in minutes flat. Very soon, diligent patching will no longer be optional.]]> 2024-04-18T20:23:46+00:00 https://www.darkreading.com/threat-intelligence/gpt-4-can-exploit-most-vulns-just-by-reading-threat-advisories www.secnews.physaphae.fr/article.php?IdArticle=8484931 False Vulnerability,Threat,Patching None 2.0000000000000000 Dark Reading - Informationweek Branch The group gained access to the victim network by duping IT employees with high administrative-access privileges.]]> 2024-04-18T19:56:43+00:00 https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-group-thwarted-in-attack-on-us-automotive-manufacturer www.secnews.physaphae.fr/article.php?IdArticle=8484905 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The missing ingredient in NIST\'s newest cybersecurity framework? Recovery.]]> 2024-04-18T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/rebalancing-nist-why-recovery-cant-stand-alone www.secnews.physaphae.fr/article.php?IdArticle=8484751 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Industry leaders aim to solve the threat to both the mental health of workers and security of organizations with solutions that recognize the enormous pressures facing cybersecurity professionals.]]> 2024-04-18T13:50:52+00:00 https://www.darkreading.com/cybersecurity-operations/break-security-burnout-combining-leadership-neuroscience www.secnews.physaphae.fr/article.php?IdArticle=8484752 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a little-known Windows OS workhorse to sneak shellcode and other malware onto victim machines.]]> 2024-04-18T08:29:53+00:00 https://www.darkreading.com/application-security/sneaky-shellcode-windows-fibers-edr-proof-code-execution www.secnews.physaphae.fr/article.php?IdArticle=8484611 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders - Russia, Ukraine, and China - but also some surprises.]]> 2024-04-18T08:00:00+00:00 https://www.darkreading.com/cybersecurity-analytics/nigeria-romania-ranked-among-top-cybercrime-havens www.secnews.physaphae.fr/article.php?IdArticle=8484582 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of cyberattacks.]]> 2024-04-18T02:00:00+00:00 https://www.darkreading.com/cloud-security/open-source-tool-looks-signals-in-noisy-aws-cloud-logs www.secnews.physaphae.fr/article.php?IdArticle=8484720 False Tool,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Caller ID spoofing and AI voice deepfakes are supercharging phone scams. Fortunately, we have tools to help organizations and people protect against the devious combination.]]> 2024-04-17T23:47:49+00:00 https://www.darkreading.com/vulnerabilities-threats/countering-voice-fraud-in-the-age-of-ai www.secnews.physaphae.fr/article.php?IdArticle=8484721 False Tool None 2.0000000000000000 Dark Reading - Informationweek Branch Modern networks teem with machine accounts tasked with simple automated tasks yet given too many privileges and left unmonitored. Resolve that situation and you close an attack vector.]]> 2024-04-17T22:34:22+00:00 https://www.darkreading.com/cloud-security/for-service-accounts-accountability-is-key-to-security www.secnews.physaphae.fr/article.php?IdArticle=8484722 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-17T21:02:01+00:00 https://www.darkreading.com/cybersecurity-operations/redgate-launches-enterprise-edition-of-redgate-monitor www.secnews.physaphae.fr/article.php?IdArticle=8484344 False None None 2.0000000000000000 Dark Reading - Informationweek Branch "Kapeka" and "Fuxnext" are the latest examples of malware to emerge from the long-standing conflict between the two countries.]]> 2024-04-17T20:31:30+00:00 https://www.darkreading.com/ics-ot-security/dangerous-new-ics-malware-targets-orgs-in-russia-and-ukraine www.secnews.physaphae.fr/article.php?IdArticle=8484345 False Malware,Industrial None 4.0000000000000000 Dark Reading - Informationweek Branch Once attackers have control over a workload in the cluster, they can leverage access for lateral movement both inside the cluster and to external resources.]]> 2024-04-17T19:14:55+00:00 https://www.darkreading.com/cloud-security/active-kubernetes-rce-attack-relies-on-known-openmetadata-vulns www.secnews.physaphae.fr/article.php?IdArticle=8484323 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Users will need to download the latest version of Ivanti\'s Avalanche to apply fixes for all of the bugs.]]> 2024-04-17T18:07:07+00:00 https://www.darkreading.com/vulnerabilities-threats/ivanti-releases-fixes-for-more-than-2-dozen-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=8484299 False Vulnerability None 2.0000000000000000 Dark Reading - Informationweek Branch Moobot, Miori, AGoent, and a Gafgyt variant have joined the infamous Mirai botnet in attacking unpatched versions of vulnerable Wi-Fi routers.]]> 2024-04-17T14:11:48+00:00 https://www.darkreading.com/ics-ot-security/various-botnets-pummel-tp-link-flaw-iot-attacks www.secnews.physaphae.fr/article.php?IdArticle=8484184 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Having a solid disaster recovery plan is the glue that keeps your essential functions together when all hell breaks loose.]]> 2024-04-17T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cyber-warfare-6-key-lessons-from-ukraine www.secnews.physaphae.fr/article.php?IdArticle=8484149 False None None 3.0000000000000000 Dark Reading - Informationweek Branch A native-first approach delivers better protections and a more efficient use of resources than best-of-breed solutions, benefiting cloud service providers and end-user customers alike.]]> 2024-04-17T13:15:17+00:00 https://www.darkreading.com/cloud-security/why-a-native-first-approach-is-key-to-cloud-security www.secnews.physaphae.fr/article.php?IdArticle=8484117 False Cloud None 3.0000000000000000