www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-27T03:22:28+00:00 www.secnews.physaphae.fr Silicon - Site de News Francais OpenAI licencie deux chercheurs suite à des fuites d\'informations 2024-04-15T13:03:01+00:00 https://www.silicon.fr/openai-licencie-deux-chercheurs-suite-a-des-fuites-dinformations-477763.html www.secnews.physaphae.fr/article.php?IdArticle=8482712 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité # MIWIC24 Cyber Marketeur de l'année: Laura Reilly #MIWIC24 Cyber Marketeer of the Year: Laura Reilly # miwic24 Cyber Marketered of the the the the the the the the the the the-marketeer of the the the the the the the the-cyber marketinger of the the the the the the the theAnnée: Laura Reilly est apparue pour la première fois sur gourou de la sécurité informatique .

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on this year’s winner of the Paula Brici Cyber Marketeer of the Year Award, which was presented to Laura Reilly for her exceptional […] The post #MIWIC24 Cyber Marketeer of the Year: Laura Reilly first appeared on IT Security Guru. ]]> 2024-04-15T13:02:23+00:00 https://www.itsecurityguru.org/2024/04/15/miwic24-cyber-marketeer-of-the-year-laura-reilly/?utm_source=rss&utm_medium=rss&utm_campaign=miwic24-cyber-marketeer-of-the-year-laura-reilly www.secnews.physaphae.fr/article.php?IdArticle=8482708 False None None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Microsoft et Google en tête de liste des attaques de phishing du premier tri Microsoft and Google Top the List in Q1 2024 Phishing Attacks: Check Point Research Highlights a Surge in Cyber Threats L'entrée Airbnb & # 8217; dans le top 10 des marques a imité les signaux élargissant les horizons cybercriminaux dans le paysage en constante évolution des cyber-menaces, les attaques de phishing continuent de présenter un risque important pour les individus et les organisations dans le monde.Check Point Research (RCR), la branche de renseignement des menaces de Check Point & Reg;Software Technologies Ltd., a récemment publié son dernier classement de phishing de marque pour le premier trimestre de 2024. Ce classement a mis en lumière les marques les plus fréquemment imitées par les cybercriminels dans leurs tentatives implacables de tromper et de voler des informations personnelles ou des informations d'identification de paiement.Au cours du premier trimestre de 2024, Microsoft a continué d'être la marque la plus imitée en phishing [& # 8230;]

>Airbnb’s Entry into Top 10 imitated Brands Signals Expanding Cybercriminal Horizons In the ever-evolving landscape of cyber threats, phishing attacks continue to pose a significant risk to individuals and organizations worldwide. Check Point Research (CPR), the Threat Intelligence arm of Check Point® Software Technologies Ltd., has recently released its latest Brand Phishing Ranking for the first quarter of 2024. This ranking shed light on the brands most frequently imitated by cybercriminals in their relentless attempts to deceive and steal personal information or payment credentials. During the first quarter of 2024, Microsoft continued to be the most imitated brand in phishing […] ]]> 2024-04-15T13:00:33+00:00 https://blog.checkpoint.com/security/microsoft-and-google-top-the-list-in-q1-2024-phishing-attacks-check-point-research-highlights-a-surge-in-cyber-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8482740 False Threat None 3.0000000000000000 Palo Alto Network - Site Constructeur Ce qui est suivant dans le cortex - XSIAM pour le cloud et d'autres innovations What\\'s Next in Cortex - XSIAM for Cloud and Other Innovations Cortex XSIAM présente de nouvelles capacités pour aider à relever une grande variété de défis, y compris de nouvelles capacités cloud et des améliorations de fonctionnalités.

>Cortex XSIAM introduces new capabilities to help tackle a wide variety of challenges, including new cloud capabilities and feature enhancements. ]]> 2024-04-15T13:00:27+00:00 https://www.paloaltonetworks.com/blog/2024/04/whats-next-in-cortex-tackling-diverse-secops-challenges/ www.secnews.physaphae.fr/article.php?IdArticle=8482706 False Cloud None 3.0000000000000000 HackRead - Chercher Cyber SEXT SECRETS: Comment les applications Messenger gardent vos chats Texting Secrets: How Messenger Apps Guard Your Chats Par uzair amir Vous vous inquiétez des yeux indiscrets?Nous expliquons comment les applications Messenger gardent vos chats confidentiels avec des fonctionnalités comme Encryption & # 038;Authentification multi-facteurs.Renseignez-vous sur les risques de sécurité & # 038;technologies émergentes pour un avenir numérique plus sûr. Ceci est un article de HackRead.com Lire la publication originale: SEMPS SEMPS: Comment les applications Messenger gardent vos chats

>By Uzair Amir Worried about prying eyes? We explain how messenger apps keep your chats confidential with features like encryption & multi-factor authentication. Learn about security risks & emerging technologies for a safer digital future. This is a post from HackRead.com Read the original post: Texting Secrets: How Messenger Apps Guard Your Chats]]> 2024-04-15T12:59:56+00:00 https://www.hackread.com/texting-how-messenger-apps-guard-your-chats/ www.secnews.physaphae.fr/article.php?IdArticle=8482711 False None None 3.0000000000000000 Global Security Mag - Site de news francais Apple alerte ses utilisateurs visés par des attaques de logiciels espions, répartis dans 92 pays Malwares]]> 2024-04-15T12:56:47+00:00 https://www.globalsecuritymag.fr/apple-alerte-ses-utilisateurs-vises-par-des-attaques-de-logiciels-espions.html www.secnews.physaphae.fr/article.php?IdArticle=8482766 False None None 1.00000000000000000000 SecurityWeek - Security News Destructif ics malware \\ 'Fuxnet \\' utilisé par l'Ukraine contre l'infrastructure russe Destructive ICS Malware \\'Fuxnet\\' Used by Ukraine Against Russian Infrastructure ICS malware Fuxnet allegedly used by Ukrainian Blackjack group to disrupt industrial sensors and other systems belonging to a Moscow infrastructure firm. ]]> 2024-04-15T12:51:28+00:00 https://www.securityweek.com/destructive-ics-malware-fuxnet-used-by-ukraine-against-russian-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8482741 False Malware,Industrial None 3.0000000000000000 Korben - Bloger francais RNNoise, la lib qui supprime le bruit, sort en version 0.2 2024-04-15T12:50:09+00:00 https://korben.info/rnnoise-0-2-suppression-bruit-reseau-neuronal-pc.html www.secnews.physaphae.fr/article.php?IdArticle=8482746 False None None 2.0000000000000000 Korben - Bloger francais Un joueur japonais arrêté pour vente de Pokémons trafiqués 2024-04-15T12:41:17+00:00 https://korben.info/pokemon-joueur-japonais-arrete-vente-monstres-modifies.html www.secnews.physaphae.fr/article.php?IdArticle=8482747 False Legislation None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Chipmaker Giant Nexperia confirme la cyberattaque au milieu des réclamations du groupe ransomware Chipmaker Giant Nexperia Confirms Cyber-Attack Amid Ransomware Group Claims Nexperia confirmed its IT servers were accessed by attackers, with the Dunghill ransomware group claiming to have stolen chip designs and other sensitive documents]]> 2024-04-15T12:35:00+00:00 https://www.infosecurity-magazine.com/news/chipmaker-nexperia-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8482713 False Ransomware None 2.0000000000000000 Korben - Bloger francais Attention aux Deep \'Cyprien\' Fakes ! 2024-04-15T12:34:16+00:00 https://korben.info/ia-generatrice-deepfake-cyprien-enflamme-web.html www.secnews.physaphae.fr/article.php?IdArticle=8482748 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future La société de semi-conducteurs appartenant à des Chinois Nexperia a frappé par une attaque de ransomware Chinese-owned semiconductor company Nexperia hit by ransomware attack 2024-04-15T12:18:08+00:00 https://therecord.media/nexperia-semiconductor-company-ransomware-incident www.secnews.physaphae.fr/article.php?IdArticle=8482709 False Ransomware None 2.0000000000000000 Data Security Breach - Site de news Francais Crise évitée de justesse : comment une cyberattaque sur Linux a failli bouleverser Internet 2024-04-15T12:11:11+00:00 https://www.datasecuritybreach.fr/xz-utils/ www.secnews.physaphae.fr/article.php?IdArticle=8482710 False None None 2.0000000000000000 Cisco - Security Firm Blog Cisco Telemetry Broker (CTB) 2.1 lancement Cisco Telemetry Broker (CTB) 2.1 Launch Cisco Telemetry Broker 2.1 is now GA and provides many great capabilities for customers including performance enhancements and the ability to generate Netflow.]]> 2024-04-15T12:00:14+00:00 https://feedpress.me/link/23535/16650544/cisco-telemetry-broker-ctb-2-1-launch www.secnews.physaphae.fr/article.php?IdArticle=8482674 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Chipmaker Nexperia confirme la violation après la fuite de gangs de ransomware qui divulgue Chipmaker Nexperia confirms breach after ransomware gang leaks data Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. [...]]]> 2024-04-15T12:00:01+00:00 https://www.bleepingcomputer.com/news/security/chipmaker-nexperia-confirms-breach-after-ransomware-gang-leaks-data/ www.secnews.physaphae.fr/article.php?IdArticle=8482813 False Ransomware None 2.0000000000000000 HackRead - Chercher Cyber L'arrêt du FBI et de l'AFP, un développeur présumé, marketeur de Firebird / Hive Rat FBI and AFP Arrest Alleged Developer, Marketer of Firebird/Hive RAT Par waqas Firebird Rat, également connu sous le nom de Hive, est paralysé dans une opération internationale de piqûre.Le FBI et l'AFP ont arrêté le développeur et le spécialiste du marketing de ce cheval de Troie à distance malveillant. Ceci est un article de HackRead.com Lire le post original: L'arrêt du FBI et de l'AFP, un développeur présumé, marketeur de Firebird / Hive Rat

>By Waqas Firebird RAT, also known as Hive, crippled in an international sting operation. The FBI and AFP arrested the developer and marketer of this malicious remote access trojan. This is a post from HackRead.com Read the original post: FBI and AFP Arrest Alleged Developer, Marketer of Firebird/Hive RAT]]> 2024-04-15T11:56:16+00:00 https://www.hackread.com/fbi-afp-arrest-developer-firebird-hive-rat/ www.secnews.physaphae.fr/article.php?IdArticle=8482676 False None None 3.0000000000000000 Data Security Breach - Site de news Francais Hausse des attaques d\'ingénierie sociale dans le secteur des services d\'assistance informatique en santé 2024-04-15T11:49:52+00:00 https://www.datasecuritybreach.fr/social-engineering-sante-hhs/ www.secnews.physaphae.fr/article.php?IdArticle=8482675 False None None 2.0000000000000000 The Register - Site journalistique Anglais Feline Firewall a réveillé le développeur à Declaw DDOS DSASTAST Feline firewall woke developer to declaw DDoS disaster System alerts were pinging but cat had no way of knowing what was happening A developer named Danny Guo has shared a story of the time his cat alerted him to a DDoS attack.…]]> 2024-04-15T11:30:08+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/15/cat_warns_owner_of_ddos/ www.secnews.physaphae.fr/article.php?IdArticle=8482677 False None None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite 15 avril & # 8211;Rapport de renseignement sur les menaces 15th April – Threat Intelligence Report Pour les dernières découvertes en cyberLes principales attaques et violation du géant de l'optique japonaise Hoya Corporation ont été victimes d'une attaque de ransomware qui a eu un impact sur sa principale infrastructure informatique et diverses divisions commerciales.Hunters International Ransomware Gang a revendiqué la responsabilité de l'attaque et [& # 8230;]

>For the latest discoveries in cyber research for the week of 15th April, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES Japanese optics giant Hoya Corporation has been a victim of a ransomware attack that impacted its major IT infrastructure and various business divisions. Hunters International ransomware gang claimed responsibility for the attack and […] ]]> 2024-04-15T11:16:11+00:00 https://research.checkpoint.com/2024/15th-april-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8482678 False Ransomware,Threat None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Nouvelle technique cryptanalytique du réseau New Lattice Cryptanalytic Technique nouveau papier présente un algorithme quantique en temps polynomial pour résoudre certains problèmes de réseau dur.Cela pourrait être un gros problème pour les algorithmes cryptographiques post-Quantum, car beaucoup d'entre eux fondent leur sécurité sur les problèmes de réseau dur. quelques choses à noter.Premièrement, ce document n'a pas encore été évalué par des pairs.Comme ce commentaire souligne: & # 8220; nous avionsDéjà dans certains cas où des algorithmes quantiques efficaces pour des problèmes de réseau ont été découverts, mais ils se sont avérés Ne pas être correct ou n'a travaillé que pour caisses spéciales simples . & # 8221; deux, il s'agit d'un algorithme quantique, ce qui signifie qu'il n'a pas été testé.Il y a un large fossé entre les algorithmes quantiques en théorie et dans la pratique.Et jusqu'à ce que nous puissions réellement coder et tester ces algorithmes, nous devons nous méfier de leurs revendications de vitesse et de complexité ...

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems. A few things to note. One, this paper has not yet been peer reviewed. As this comment points out: “We had already some cases where efficient quantum algorithms for lattice problems were discovered, but they turned out not being correct or only worked for simple special cases.” Two, this is a quantum algorithm, which means that it has not been tested. There is a wide gulf between quantum algorithms in theory and in practice. And until we can actually code and test these algorithms, we should be suspicious of their speed and complexity claims...]]> 2024-04-15T11:04:50+00:00 https://www.schneier.com/blog/archives/2024/04/new-lattice-cryptanalytic-technique.html www.secnews.physaphae.fr/article.php?IdArticle=8482643 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Daixin Ransomware Gang affirme une attaque sur les hôtels Omni Daixin ransomware gang claims attack on Omni Hotels The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening to publish customers\' sensitive information if a ransom is not paid. [...]]]> 2024-04-15T11:01:54+00:00 https://www.bleepingcomputer.com/news/security/daixin-ransomware-gang-claims-attack-on-omni-hotels/ www.secnews.physaphae.fr/article.php?IdArticle=8482781 False Ransomware None 2.0000000000000000 Silicon - Site de News Francais ESG : comment le " datacenter vert " gagne du terrain 2024-04-15T10:59:45+00:00 https://www.silicon.fr/esg-comment-le-datacenter-vert-gagne-du-terrain-477614.html www.secnews.physaphae.fr/article.php?IdArticle=8482644 False Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Cisco Duo avertit la violation de données tierce des journaux SMS exposés Cisco Duo warns third-party data breach exposed SMS MFA logs Cisco Duo\'s security team warns that hackers stole some customers\' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider. [...]]]> 2024-04-15T10:52:39+00:00 https://www.bleepingcomputer.com/news/security/cisco-duo-warns-third-party-data-breach-exposed-sms-mfa-logs/ www.secnews.physaphae.fr/article.php?IdArticle=8482782 False Data Breach None 2.0000000000000000 Silicon - Site de News Francais OpenTofu-HashiCorp : frictions autour de la licence BSL 2024-04-15T10:17:55+00:00 https://www.silicon.fr/opentofu-hashicorp-bsl-477744.html www.secnews.physaphae.fr/article.php?IdArticle=8482645 False None None 2.0000000000000000 Korben - Bloger francais Les IA comme ChatGPT aident-elles réellement les étudiants en informatique ? 2024-04-15T10:13:05+00:00 https://korben.info/apprendre-a-coder-avec-ia-etude-generateurs-code-novice.html www.secnews.physaphae.fr/article.php?IdArticle=8482646 False Tool ChatGPT 3.0000000000000000 Global Security Mag - Site de news francais Alertes de vulnérabilité de la vigilance - Wind River Vxworks: fuite de mémoire via OpenSSL Task / POSIX Thread, analysé le 15/02/2024 Vigilance Vulnerability Alerts - Wind River VxWorks: memory leak via OpenSSL Task / POSIX Thread, analyzed on 15/02/2024 vulnérabilité de sécurité

An attacker can create a memory leak of Wind River VxWorks, via OpenSSL Task / POSIX Thread, in order to trigger a denial of service. - Security Vulnerability]]> 2024-04-15T10:07:07+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-wind-river-vxworks-memory-leak-via-openssl-task.html www.secnews.physaphae.fr/article.php?IdArticle=8482630 False Vulnerability None 2.0000000000000000 Kaspersky - Kaspersky Research blog Utilisation du constructeur de verrouillage pour générer des ransomwares ciblés Using the LockBit builder to generate targeted ransomware Kaspersky researchers revisit the leaked LockBit 3.0 builder and share insights into a real-life incident involving a custom targeted ransomware variant created with this builder.]]> 2024-04-15T10:00:28+00:00 https://securelist.com/lockbit-3-0-based-custom-targeted-ransomware/112375/ www.secnews.physaphae.fr/article.php?IdArticle=8482611 False Ransomware None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Le cycle de vie d'un fichier numérique The Lifecycle of a Digital File 2024-04-15T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-lifecycle-of-a-digital-file www.secnews.physaphae.fr/article.php?IdArticle=8482607 False Tool None 3.0000000000000000 Global Security Mag - Site de news francais HarfangLab et Filigran s\'allient pour optimiser la réponse à incidents Business]]> 2024-04-15T09:39:45+00:00 https://www.globalsecuritymag.fr/harfanglab-et-filigran-s-allient-pour-optimiser-la-reponse-a-incidents.html www.secnews.physaphae.fr/article.php?IdArticle=8482631 False Threat None 2.0000000000000000 Korben - Bloger francais Windows 11 enfin accessible aux PC Rocket Lake après deux ans d\'attente 2024-04-15T09:38:50+00:00 https://korben.info/windows-11-microsoft-leve-blocage-mise-a-jour-cpu-rocket-lake.html www.secnews.physaphae.fr/article.php?IdArticle=8482647 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le FBI met en garde contre les services de péage massifs FBI Warns of Massive Toll Services Smishing Scam The Feds have received thousands of complaints about phishing texts from fake road toll collection services]]> 2024-04-15T09:30:00+00:00 https://www.infosecurity-magazine.com/news/fbi-toll-services-smishing-scam/ www.secnews.physaphae.fr/article.php?IdArticle=8482612 False None None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Bitcoin Scams, Hacks and Basist & # 8211;Et comment les éviter Bitcoin scams, hacks and heists – and how to avoid them Here\'s how cybercriminals target cryptocurrencies and how you can keep your bitcoin or other crypto safe]]> 2024-04-15T09:30:00+00:00 https://www.welivesecurity.com/en/scams/bitcoin-scams-hacks-heists-protect-yourself/ www.secnews.physaphae.fr/article.php?IdArticle=8485909 False None None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Combien de fois mon nom a-t-il été googlé? How many times has my name been Googled? 2024-04-15T09:21:30+00:00 https://blog.incogni.com/how-many-times-has-my-name-been-googled/ www.secnews.physaphae.fr/article.php?IdArticle=8482610 False None None 3.0000000000000000 Zataz - Magazine Francais de secu L\'impact de l\'intelligence artificielle sur la société et les menaces croissantes des cybercriminels 2024-04-15T09:08:44+00:00 https://www.zataz.com/limpact-de-lintelligence-artificielle-sur-la-societe-et-les-menaces-croissantes-des-cybercriminels/ www.secnews.physaphae.fr/article.php?IdArticle=8482614 False Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine La police a plongé sur & euro; 645m Gang de fraude d'investissement de cannabis Police Swoop on €645m Cannabis Investment Fraud Gang Nine arrests and millions of euros seized in bid to bust JuicyFields investment scammers]]> 2024-04-15T08:45:00+00:00 https://www.infosecurity-magazine.com/news/police-swoop-645m-cannabis/ www.secnews.physaphae.fr/article.php?IdArticle=8482579 False Legislation None 2.0000000000000000 Silicon - Site de News Francais Salesforce, d\'actionnaire à propriétaire d\'Informatica ? 2024-04-15T08:18:40+00:00 https://www.silicon.fr/salesforce-informatica-477740.html www.secnews.physaphae.fr/article.php?IdArticle=8482578 False None None 2.0000000000000000 Korben - Bloger francais Netflix crée la polémique avec de fausses photos IA dans un docu true crime 2024-04-15T08:16:38+00:00 https://korben.info/netflix-utilise-fausses-photos-ia-documentaire-true-crime.html www.secnews.physaphae.fr/article.php?IdArticle=8482581 False None None 2.0000000000000000 Global Security Mag - Site de news francais MongoDB étend sa collaboration avec Google Cloud Produits]]> 2024-04-15T08:13:08+00:00 https://www.globalsecuritymag.fr/mongodb-etend-sa-collaboration-avec-google-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8482597 False Tool,Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Cinq manières de rendre un pipeline CI/CD vulnérable. Points de Vue]]> 2024-04-15T08:01:45+00:00 https://www.globalsecuritymag.fr/cinq-manieres-de-rendre-un-pipeline-ci-cd-vulnerable.html www.secnews.physaphae.fr/article.php?IdArticle=8482563 False None None 3.0000000000000000 Global Security Mag - Site de news francais Avast lance Avast One Silver Produits]]> 2024-04-15T07:56:50+00:00 https://www.globalsecuritymag.fr/avast-lance-avast-one-silver.html www.secnews.physaphae.fr/article.php?IdArticle=8482564 False None None 2.0000000000000000 Zataz - Magazine Francais de secu L\'impact dévastateur des cyberattaques sur l\'industrie hôtelière : le cas d\'Omni Hotels & Resorts 2024-04-15T07:51:39+00:00 https://www.zataz.com/limpact-devastateur-des-cyberattaques-sur-lindustrie-hoteliere-le-cas-domni-hotels-resorts/ www.secnews.physaphae.fr/article.php?IdArticle=8482545 False None None 2.0000000000000000 Korben - Bloger francais La plateforme MEDIUM interdit le contenu généré par IA de son programme partenaire 2024-04-15T07:25:46+00:00 https://korben.info/ia-bannie-medium-plateforme-interdit-contenu-genere-ia-programme-partenaire.html www.secnews.physaphae.fr/article.php?IdArticle=8482546 False None None 2.0000000000000000 Korben - Bloger francais SUPIR – L\'IA qui restaure vos photos comme jamais 2024-04-15T07:00:00+00:00 https://korben.info/supir-revolutionnary-ai-powered-image-restoration-high-quality-text-guided-control.html www.secnews.physaphae.fr/article.php?IdArticle=8482547 False None None 3.0000000000000000 ProofPoint - Cyber Firms Comment la protection d'identification de la preuve peut vous aider à répondre aux exigences de conformité CMMC How Proofpoint Impersonation Protection Can Help You Meet CMMC Compliance Requirements 2024-04-15T06:00:31+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/safeguard-business-with-impersonation-protection www.secnews.physaphae.fr/article.php?IdArticle=8482707 False Threat,Industrial,Prediction,Commercial None 2.0000000000000000 The State of Security - Magazine Américain Qu'est-ce qu'un agent axone, et pourquoi en avez-vous besoin? What Is an Axon Agent, and Why Do You Need One? The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these security efforts is the misconception about data volume versus the necessity for comprehensive data collection. Endpoint security does not need to be an insurmountable task. Fortra\'s Tripwire Axon agent revolutionizes endpoint security by ensuring...]]> 2024-04-15T03:11:38+00:00 https://www.tripwire.com/state-of-security/what-axon-agent-and-why-do-you-need-one www.secnews.physaphae.fr/article.php?IdArticle=8482576 False None None 2.0000000000000000 The State of Security - Magazine Américain What Is an Axon Agent, and Why Do You Need One? The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these security efforts is the misconception about data volume versus the necessity for comprehensive data collection. Endpoint security does not need to be an insurmountable task. Fortra\'s Tripwire Axon agent revolutionizes endpoint security by ensuring...]]> 2024-04-15T03:11:38+00:00 https://www.tripwire.com/state-of-security/what-is-fim-agent www.secnews.physaphae.fr/article.php?IdArticle=8483270 False None None 2.0000000000000000 The State of Security - Magazine Américain Le rapport de violation de données d'ITRC \\ en 2023 est un sac mixte ITRC\\'s 2023 Data Breach Report Is a Mixed Bag In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again. This year is no different. Or is it? Compromises Up, Victims Down However, the Identity Theft Resource Center\'s (ITRC) Data Breach Report 2023 tells a somewhat more complicated story. The total number of compromises in 2023 rose by 72% since the previous record high in 2021, but the total number of victims fell 16% year-on-year. In the report\'s executive...]]> 2024-04-15T03:11:35+00:00 https://www.tripwire.com/state-of-security/itrc-data-breach-report www.secnews.physaphae.fr/article.php?IdArticle=8482577 False Data Breach None 2.0000000000000000 The Register - Site journalistique Anglais US House approuve FISA Renewal & # 8211;surveillance sans mandat et tout US House approves FISA renewal – warrantless surveillance and all PLUS: Chinese chipmaker Nexperia attacked; A Microsoft-signed backdoor; CISA starts scanning your malware; and more Infosec in brief US Congress nearly killed a reauthorization of FISA Section 702 last week over concerns that it would continue to allow warrantless surveillance of Americans, but an amendment to require a warrant failed to pass.…]]> 2024-04-15T01:58:06+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/15/security_in_brief/ www.secnews.physaphae.fr/article.php?IdArticle=8482388 False Malware None 2.0000000000000000 AhnLab - Korean Security Firm Package «totalement inattendu» Packware à l'aide du plug-in Modified Notepad ++ (Wikiloader) “Totally Unexpected” Package Malware Using Modified Notepad++ Plug-in (WikiLoader) Ahnlab Security Intelligence Center (ASEC) a récemment identifié la distribution d'une version modifiée de & # 8220;mimetools.dll & # 8221;, un plug-in.Le fichier malveillant mimetools.dll en question a été inclus dans le fichier d'installation du package d'une certaine version du package Notepad ++ et déguisé en fichier de package légitime.Comme indiqué dans l'image ci-dessous, MiMetools est un module pour effectuer un codage Base64 et d'autres tâches.Il est inclus par défaut et ne nécessite pas que l'utilisateur l'ajoute manuellement ....

AhnLab SEcurity intelligence Center (ASEC) has recently identified the distribution of a modified version of “mimeTools.dll”, a default Notepad++ plug-in. The malicious mimeTools.dll file in question was included in the package installation file of a certain version of the Notepad++ package and disguised as a legitimate package file. As shown in the image below, mimeTools is a module for conducting Base64 encoding and other tasks. It is included by default and does not require the user to add it manually.... ]]> 2024-04-15T01:12:41+00:00 https://asec.ahnlab.com/en/64106/ www.secnews.physaphae.fr/article.php?IdArticle=8482387 False Malware None 2.0000000000000000 McAfee Labs - Editeur Logiciel Comment protéger vos comptes de streaming: leçons de la fuite de données de Roku \\ How to Protect Your Streaming Accounts: Lessons from Roku\\'s Data Leak In recent news, Roku, a leading streaming platform, reported that over 591,000 user accounts were affected by credential stuffing attacks.... ]]> 2024-04-14T20:07:14+00:00 https://www.mcafee.com/blogs/tips-tricks/how-to-protect-your-streaming-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8482255 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain OpenTable a gagné \\ 'n ajouter des prénoms, des photos à de vieilles critiques après le contrecoup OpenTable won\\'t add first names, photos to old reviews after backlash OpenTable has reversed its decision to show members\' first names and profile pictures in past anonymous reviews after receiving backlash from members who felt it was a breach of privacy. [...]]]> 2024-04-14T18:28:01+00:00 https://www.bleepingcomputer.com/news/security/opentable-wont-add-first-names-photos-to-old-reviews-after-backlash/ www.secnews.physaphae.fr/article.php?IdArticle=8482308 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Besoin continu pour faire face à des défis, élaborer des stratégies à travers la cybersécurité industrielle au milieu des menaces en évolution Continuous need to face challenges, build strategies across industrial cybersecurity amidst evolving threats Rising cyber threats and attacks against critical infrastructure installations have led to the constant adaptation of the changing... ]]> 2024-04-14T08:49:09+00:00 https://industrialcyber.co/features/continuous-need-to-face-challenges-build-strategies-across-industrial-cybersecurity-amidst-evolving-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8481964 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Prise de décision stratégique dans les évaluations des risques cyber-physiques et la cyberéthique. Strategic Decision-Making in Cyber-Physical Risk Assessments and Cyber Ethics. Les évaluations des risques cyber-physiques sont quelques-unes des tâches les plus difficiles à gérer car elles impliquent de nombreuses décisions ...

>Cyber-physical risk assessments are some of the toughest tasks to handle because they involve a lot of decisions... ]]> 2024-04-14T07:52:00+00:00 https://industrialcyber.co/expert/strategic-decision-making-in-cyber-physical-risk-assessments-and-cyber-ethics/ www.secnews.physaphae.fr/article.php?IdArticle=8481993 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Sprint vers la conformité NIS2 Sprinting Toward NIS2 Compliance Les réseaux OT sont sous attaque croissante.Distribution de l'eau, extraction d'huile, maritime, transport, fabrication, pharmacie, services de santé et autres ...

>OT networks are under increasing attack. Water distribution, oil extraction, maritime, transportation, manufacturing, pharmacy, health services, and other... ]]> 2024-04-14T07:03:00+00:00 https://industrialcyber.co/expert/sprinting-toward-nis2-compliance/ www.secnews.physaphae.fr/article.php?IdArticle=8481994 False None None 2.0000000000000000 Korben - Bloger francais Graphite – l\'éditeur graphique open source qui va bousculer la création graphique 2024-04-14T07:00:00+00:00 https://korben.info/graphite-revolutionnaire-appli-open-source-logiciel-retouche-photo-dessin-vectoriel.html www.secnews.physaphae.fr/article.php?IdArticle=8481935 False None None 2.0000000000000000 Wired Threat Level - Security News Comment Israël se défend contre l'attaque de drone de l'Iran How Israel Is Defending Against Iran\\'s Drone Attack The Iron Dome is going to be put to the test-but it\'s not Israel\'s only line of defense.]]> 2024-04-14T01:01:10+00:00 https://www.wired.com/story/iran-israel-drone-attack-iron-dome/ www.secnews.physaphae.fr/article.php?IdArticle=8481736 False None None 2.0000000000000000 knowbe4 - cybersecurity services Je ne dois pas le dire, n'est-ce pas? I don\\'t have to say it, do I? $I don\'t have to say it, do I?$ ]]> 2024-04-13T23:07:09+00:00 https://blog.knowbe4.com/i-dont-have-to-say-it-do-i www.secnews.physaphae.fr/article.php?IdArticle=8481678 False None None 2.0000000000000000 HackRead - Chercher Cyber Meilleures pratiques pour optimiser les normes de développement Web pour les sites médiatiques Best Practices for Optimizing Web Development Standards for Media Sites Par owais sultan Boostez l'engagement des utilisateurs et le classement SEO avec ces principales pratiques de développement Web pour les sites médiatiques.Découvrez la conception réactive, l'optimisation de la vitesse de la page, les CMS conviviales, la structure de référencement et les meilleures pratiques d'accessibilité. Ceci est un article de HackRead.com Lire la publication originale: Les meilleures pratiques pour optimiser les normes de développement Web pour les sites médiatiques

>By Owais Sultan Boost user engagement and SEO ranking with these key web development practices for media sites. Discover responsive design, page speed optimization, user-friendly CMS, SEO structure, and accessibility best practices. This is a post from HackRead.com Read the original post: Best Practices for Optimizing Web Development Standards for Media Sites]]> 2024-04-13T22:22:44+00:00 https://www.hackread.com/practices-optimize-web-development-standards-media-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8481679 False None None 3.0000000000000000 Global Security Mag - Site de news francais Alertes de vulnérabilité de vigilance - Open VSwitch: fuite de mémoire via Xmalloc __ (), analysé le 13/02/2024 Vigilance Vulnerability Alerts - Open vSwitch: memory leak via xmalloc__(), analyzed on 13/02/2024 vulnérabilité de sécurité

An attacker can create a memory leak of Open vSwitch, via xmalloc__(), in order to trigger a denial of service. - Security Vulnerability]]> 2024-04-13T20:13:42+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-open-vswitch-memory-leak-via-xmalloc__-analyzed.html www.secnews.physaphae.fr/article.php?IdArticle=8481608 True Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Un ancien ingénieur en sécurité emprisonné 3 ans pour 12,3 millions de dollars de vol d'échange de crypto Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts A former security engineer has been sentenced to three years in prison in the U.S. for charges relating to hacking two decentralized cryptocurrency exchanges in July 2022 and stealing over $12.3 million. Shakeeb Ahmed, the defendant in question, pled guilty to one count of computer fraud in December 2023 following his arrest in July. "At the time of both attacks,]]> 2024-04-13T19:55:00+00:00 https://thehackernews.com/2024/04/ex-security-engineer-jailed-3-years-for.html www.secnews.physaphae.fr/article.php?IdArticle=8481450 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Porte-parole du Trésor américain du Hamas pour les opérations de cyber-influence U.S. Treasury Hamas Spokesperson for Cyber Influence Operations The U.S. Treasury Department\'s Office of Foreign Assets Control (OFAC) on Friday announced sanctions against an official associated with Hamas for his involvement in cyber influence operations. Hudhayfa Samir \'Abdallah al-Kahlut, 39, also known as Abu Ubaida, has served as the public spokesperson of Izz al-Din al-Qassam Brigades, the military wing of Hamas, since at least 2007. "He publicly]]> 2024-04-13T19:28:00+00:00 https://thehackernews.com/2024/04/us-treasury-hamas-spokesperson-for.html www.secnews.physaphae.fr/article.php?IdArticle=8481451 False None None 2.0000000000000000 Global Security Mag - Site de news francais Alertes de vulnérabilité de vigilance - ISC se lier: fuite de mémoire via des modèles de requête récursifs, analysés le 13/02/2024 Vigilance Vulnerability Alerts - ISC BIND: memory leak via Recursive Query Patterns, analyzed on 13/02/2024 vulnérabilité de sécurité

An attacker can create a memory leak of ISC BIND, via Recursive Query Patterns, in order to trigger a denial of service. - Security Vulnerability]]> 2024-04-13T14:24:55+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-isc-bind-memory-leak-via-recursive-query.html www.secnews.physaphae.fr/article.php?IdArticle=8481438 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates déploient la porte dérobée Python dans l'attaque de Palo Alto-Day Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack Threat actors have been exploiting the newly disclosed zero-day flaw in Palo Alto Networks PAN-OS software dating back to March 26, 2024, nearly three weeks before it came to light yesterday. The network security company\'s Unit 42 division is tracking the activity under the name Operation MidnightEclipse, attributing it as the work of a single threat actor of]]> 2024-04-13T13:55:00+00:00 https://thehackernews.com/2024/04/hackers-deploy-python-backdoor-in-palo.html www.secnews.physaphae.fr/article.php?IdArticle=8481314 False Vulnerability,Threat None 2.0000000000000000 HackRead - Chercher Cyber Applications Windows vulnérables à l'injection de commande via une faille "Batbadbut" Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw deeba ahmed Critical \\ 'Batbadbut \' Flaw in Windows permet aux pirates d'injecter des commandes (patch maintenant!) Ceci est un article de HackRead.com Lire le post original: applications WindowsVulnérable à l'injection de commande via & # 8220; Batbadbut & # 8221;Flaw

By Deeba Ahmed Critical \'BatBadBut\' Flaw in Windows Lets Hackers Inject Commands (Patch Now!) This is a post from HackRead.com Read the original post: Windows Apps Vulnerable to Command Injection via “BatBadBut” Flaw]]> 2024-04-13T12:27:33+00:00 https://www.hackread.com/windows-batbadbut-vulnerability-comment-injection/ www.secnews.physaphae.fr/article.php?IdArticle=8481395 False None None 2.0000000000000000 Wired Threat Level - Security News Roku Breach frappe 567 000 utilisateurs Roku Breach Hits 567,000 Users Plus: Apple warns iPhone users about spyware attacks, CISA issues an emergency directive about a Microsoft breach, and a ransomware hacker tangles with an unimpressed HR manager named Beth.]]> 2024-04-13T10:30:00+00:00 https://www.wired.com/story/roku-breach-hits-567000-users/ www.secnews.physaphae.fr/article.php?IdArticle=8481339 False Ransomware,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Hacker affirme que la violation des données géantes du tigre, fuit 2,8 m de dossiers en ligne Hacker claims Giant Tiger data breach, leaks 2.8M records online Canadian retail chain Giant Tiger disclosed a data breach in March 2024. A threat actor has now publicly claimed responsibility for the data breach and leaked 2.8 million records on a hacker forum that they claim are of Giant Tiger customers. [...]]]> 2024-04-13T10:00:16+00:00 https://www.bleepingcomputer.com/news/security/hacker-claims-giant-tiger-data-breach-leaks-28m-records-online/ www.secnews.physaphae.fr/article.php?IdArticle=8481422 False Data Breach,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain PALO Alto Networks Zero-Day exploité depuis mars dans des pare-feu de porte dérobée Palo Alto Networks zero-day exploited since March to backdoor firewalls Suspected state-sponsored hackers have been exploiting a zero-day vulnerability in Palo Alto Networks firewalls tracked as CVE-2024-3400 since March 26, using the compromised devices to breach internal networks, steal data and credentials. [...]]]> 2024-04-13T08:35:15+00:00 https://www.bleepingcomputer.com/news/security/palo-alto-networks-zero-day-exploited-since-march-to-backdoor-firewalls/ www.secnews.physaphae.fr/article.php?IdArticle=8481394 False Vulnerability,Threat None 3.0000000000000000 Korben - Bloger francais Whomane – L\'IA portable & open source 2024-04-13T07:00:00+00:00 https://korben.info/whomane-revolution-open-source-wearable-ia-camera-embarquee.html www.secnews.physaphae.fr/article.php?IdArticle=8481261 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial La CISA s'associe au secteur privé après la violation de la sécurité de SISENS CISA partners with private sector after Sisense security breach, as critical infrastructure sector potentially impacted The U.S. Cybersecurity and Infrastructure Security Agency (CISA) confirmed Thursday its collaboration with private industry partners to address... ]]> 2024-04-13T00:24:00+00:00 https://industrialcyber.co/cisa/cisa-partners-with-private-sector-after-sisense-security-breach-as-critical-infrastructure-sector-potentially-impacted/ www.secnews.physaphae.fr/article.php?IdArticle=8481182 False None None 2.0000000000000000 Korben - Bloger francais Le Recovery Kit V2 – Le cyberdeck pour les aventuriers du net 2024-04-13T00:15:25+00:00 https://korben.info/recovery-kit-v2-cyberdeck-baroudeurs-net.html www.secnews.physaphae.fr/article.php?IdArticle=8481076 False None None 3.0000000000000000 Korben - Bloger francais IA – Des biais de genre qui font froid dans le dos ! 2024-04-12T23:30:49+00:00 https://korben.info/ia-biais-genre-inquietants-large-language-models.html www.secnews.physaphae.fr/article.php?IdArticle=8481077 False None None 2.0000000000000000 Techworm - News Les pirates infligent 576 000 comptes Roku en attaque de guérison des diplômes Hackers Breach 576,000 Roku Accounts In Credential Stuffing Attack a écrit dans un article de blog vendredi. «Bien que le nombre global de comptes affectés représente une petite fraction de plus de 80 millions de comptes actifs de Roku \\, nous mettons en œuvre un certain nombre de contrôles et de contre-mesures pour détecter et dissuader les incidents de rembourrage des informations d'identification futurs.» Après avoir découvert la deuxième attaque de bourrage d'identification, Roku réinitialise les mots de passe pour tous les comptes affectés et informe directement les clients concernés de l'incident. La société rembourse ou inverse également les frais pour le petit nombre de comptes où il a été déterminé que les acteurs non autorisés ont effectué des achats d'abonnements de services de streaming ou de produits matériels Roku à l'aide d'une méthode de paiement stockée dans ces comptes. Cependant, la société rassure ses clients que ces acteurs malveillants n'ont pas pu accéder à des informations d'utilisateurs sensibles ou à des informations complètes sur les cartes de crédit. De plus, Roku a activé l'authentification à deux facteurs (2FA) pour tous les comptes Roku par défaut, même pour ceux qui n'ont pas été affectés par ces incidents récents. Afin d'aider à protéger les comptes clients, la société a conseillé à ses utilisateurs de créer un mot de passe solide et unique pour leur compte Roku.Il a également demandé aux clients de rester alerte et de contacter le support client de Roku en cas de communications suspectes qui semblent provenir de Roku, telles que les demandes de mise à jour de vos détails de paiement, de partager votre nom d'utilisateur ou votre mot de passe, ou cliquez sur des liens suspects. «Nous regrettons sincèrement que ces incidents se soient produits et toute perturbation qu'ils auraient pu causer.La sécurité de votre compte est une priorité absolue et nous nous engageons à protéger votre compte Roku », a conclu la société. ]]> 2024-04-12T23:26:18+00:00 https://www.techworm.net/2024/04/hackers-breach-roku-accounts.html www.secnews.physaphae.fr/article.php?IdArticle=8480894 False Data Breach None 2.0000000000000000 Korben - Bloger francais Un film de science-fiction tourné entièrement dans un appartement ! 2024-04-12T22:53:42+00:00 https://korben.info/un-film-de-science-fiction-tourne-dans-un-appartement.html www.secnews.physaphae.fr/article.php?IdArticle=8481049 False None None 2.0000000000000000 CrowdStrike - CTI Society CVE-2024-3400: Ce que vous devez savoir sur le Pan-OS Zero-Day critique CVE-2024-3400: What You Need to Know About the Critical PAN-OS Zero-Day UPDATE: It has been confirmed that disabling telemetry will not block this exploit. Applying a patch as soon as possible is the most effective remediation for this vulnerability. Patches for 8 of the 18 vulnerable versions have been released; patches for the remaining vulnerable versions are expected by April 19th. CrowdStrike is constantly working to […]]]> 2024-04-12T22:29:44+00:00 https://www.crowdstrike.com/blog/critical-pan-os-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8486958 False Vulnerability,Threat None 2.0000000000000000 HackRead - Chercher Cyber Utilisateurs d'iPhone dans 92 pays ciblés par des attaques de logiciels spymétriques mercenaires iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks Par deeba ahmed Apple a émis des alertes de sécurité iPhone sur 92 pays, déclarant que leurs appareils ont été ciblés par une attaque de logiciels spymétrique mercenaire, exprimant une grande confiance dans l'avertissement. Ceci est un article de HackRead.com Lire le post original: utilisateurs d'iPhoneDans 92 pays ciblés par des attaques de logiciels espions mercenaires

>By Deeba Ahmed Apple has issued iPhone security alerts to 92 countries, stating that their devices have been targeted by a mercenary spyware attack, expressing high confidence in the warning. This is a post from HackRead.com Read the original post: iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks]]> 2024-04-12T21:47:54+00:00 https://www.hackread.com/iphone-users-mercenary-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8480995 False Mobile None 2.0000000000000000 Korben - Bloger francais Raspberry Robin – Le malware furtif qui esquive les antivirus 2024-04-12T21:26:14+00:00 https://korben.info/raspberry-robin-le-malware-furtif-qui-esquive-les-antivirus.html www.secnews.physaphae.fr/article.php?IdArticle=8481022 False Malware None 2.0000000000000000 Techworm - News VPN par Google One Service pour arrêter plus tard cette année VPN By Google One Service To Shut Down Later This Year 9to5Google rapporte que la société envoie désormais un e-mail à Google One utilisateurs pour les informer de sa fermeture. «En mettant l'accent sur la fourniture des fonctionnalités et des avantages les plus demandés, nous cessons la livraison gratuite pour sélectionner des commandes imprimées de Google Photos (au Canada, au Royaume-Uni, aux États-Unis et à l'UE) à partir du 15 mai etVPN par Google One plus tard cette année », lit l'e-mail envoyé aux utilisateurs. Bien que l'e-mail ne mentionne pas la raison spécifique de la fermeture ou la date de clôture exacte du service VPN Google One, un porte-parole de l'entreprise a déclaré à 9to5Google que la société abandonnait la fonctionnalité VPN en raison de l'équipe & # 8220;Les gens trouvés n'étaient tout simplement pas utilisés. & # 8221; Le porte-parole a également ajouté que la dépréciation permettra à l'équipe de «recentrer» et de «prendre en charge des fonctionnalités plus demandées avec Google One». Cependant, les propriétaires des smartphones de Pixel 7 de Google et au-dessus pourront toujours utiliser la fonction VPN intégrée gratuite par Google One après qu'il n'est pas disponible via l'application Paramètres sur les périphériques Pixel. De plus, la fonction VPN disponible avec Google Fi Wireless Service sera également disponible. Outre ce qui précède, Google a également annoncé la disponibilité de Magic Editor, un outil de retouche photo basé sur l'IA dans Google Photos, à tous les utilisateurs de Pixel, qui était initialement limité aux utilisateurs de Pixel 8 et Pixel 8 Pro.

Google has announced that it is shutting down its free add-on service, VPN by Google One, in the coming months after it was launched less than four years ago. For those unaware, in October 2020, Google rolled out a free virtual private network (VPN) service called “VPN by Google One” in select countries to all customers with 2TB or higher subscription plans on Google One, its subscription-based cloud storage service. Further, the free VPN service was advertised as an “extra layer of online protection for your Android phone” and that allows for “peace of mind that your data is safe.” However, 9to5Google reports that the company is now emailing Google One users to notify them of its shutdown. “With a focus on providing the most in-demand features and benefits, we\'re discontinuing free shipping for select print orders from Google Photos (in Canada, the UK, US, and EU) starting on May 15 and VPN by Google One later this year,” reads the email sent to the users. Although the email doesn\'t mention the specific reason for the shutdown or the exact closing date for the Google One VPN service, a company spokesperson told 9to5Google that the company is discontinuing the VPN feature because the team “found people simply weren\'t using it.” The spokesperson also adde]]> 2024-04-12T21:24:21+00:00 https://www.techworm.net/2024/04/vpn-google-one-shut-down-year.html www.secnews.physaphae.fr/article.php?IdArticle=8480831 False Tool,Mobile,Cloud None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Vendredi Blogging Squid: The Hornalif of Squid Pêche Boats Friday Squid Blogging: The Awfulness of Squid Fishing Boats horaire horrible . Comme d'habitude, vous pouvez également utiliser ce post de calmar pour parler des histoires de sécurité dans les nouvelles que je n'ai pas couvertes. . Lisez mes directives de publication de blog ici .

It’s a pretty awful story. As usual, you can also use this squid post to talk about the security stories in the news that I haven\'t covered. Read my blog posting guidelines here.]]> 2024-04-12T21:08:47+00:00 https://www.schneier.com/blog/archives/2024/04/friday-squid-blogging-the-awfulness-of-squid-fishing-boats.html www.secnews.physaphae.fr/article.php?IdArticle=8480992 False None None 2.0000000000000000 Korben - Bloger francais Storage Pod 6.0 – 480 To de stockage pour moins de 5 centimes le Go ! 2024-04-12T21:08:37+00:00 https://korben.info/storage-pod-6-0-480-to-stockage-moins-5-centimes-go.html www.secnews.physaphae.fr/article.php?IdArticle=8480993 False None None 2.0000000000000000 Global Security Mag - Site de news francais 25e et 26 avril Inde Cyber Revolution Summit2024 & # 8211; Cybersecurity Innovations: mener l'avenir de la protection 25th&26th April India Cyber Revolution Summit2024–Cybersecurity Innovations: Leading the Future of Protection événements

25th&26th April India Cyber Revolution Summit2024–Cybersecurity Innovations: Leading the Future of Protection - EVENTS]]> 2024-04-12T21:00:00+00:00 https://www.globalsecuritymag.fr/25th-26th-april-india-cyber-revolution-summit2024-cybersecurity-innovations.html www.secnews.physaphae.fr/article.php?IdArticle=8480563 True Conference None 3.0000000000000000 Dark Reading - Informationweek Branch La plate-forme d'analyse des logiciels malveillants de CISA \\ pourrait favoriser une meilleure menace Intel CISA\\'s Malware Analysis Platform Could Foster Better Threat Intel But just how the government differentiates its platform from similar private-sector options remains to be seen.]]> 2024-04-12T20:50:01+00:00 https://www.darkreading.com/vulnerabilities-threats/cisa-s-new-malware-analysis-platform-could-enable-better-threat-intelligence www.secnews.physaphae.fr/article.php?IdArticle=8480964 False Malware,Threat None 2.0000000000000000 Korben - Bloger francais Imprimantes HP – Un nouveau firmware qui fait grincer des dents 2024-04-12T20:40:02+00:00 https://korben.info/imprimantes-hp-firmware-encre-non-hp.html www.secnews.physaphae.fr/article.php?IdArticle=8480994 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Nouvel outil protège les organisations de nxdomain attaques New Tool Shields Organizations From NXDOMAIN Attacks Akamai joins a growing list of security vendors aiming to strengthen companies\' DNS defenses.]]> 2024-04-12T20:39:19+00:00 https://www.darkreading.com/remote-workforce/akamai-boosts-dns www.secnews.physaphae.fr/article.php?IdArticle=8480965 False Tool None 2.0000000000000000 CrowdStrike - CTI Society Crowdsstrike Falcon remporte le meilleur prix de sécurité annuel EDR dans les évaluations des laboratoires SE CrowdStrike Falcon Wins Best EDR Annual Security Award in SE Labs Evaluations CrowdStrike wins third consecutive Best Endpoint Detection and Response 2024 Award from SE Labs The award recognizes that the CrowdStrike Falcon® platform demonstrates consistent results in detecting real-world adversary tradecraft, both in SE Labs testing and in real-world scenarios CrowdStrike remains committed to participating in independent testing that provides transparency into the Falcon platform\'s AI-native […]]]> 2024-04-12T20:36:18+00:00 https://www.crowdstrike.com/blog/best-edr-annual-security-award-se-labs/ www.secnews.physaphae.fr/article.php?IdArticle=8486959 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Crotte de rouille populaire Liblzma-Sys compromise avec les fichiers de porte dérobée XZ Utils Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files "Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software. The]]> 2024-04-12T20:25:00+00:00 https://thehackernews.com/2024/04/popular-rust-crate-liblzma-sys.html www.secnews.physaphae.fr/article.php?IdArticle=8480812 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La maison passe l'extension des autorités de surveillance expirées House passes extension of expiring surveillance authorities Il y a quelques jours à peine, les législateurs ont voté contre même un débat sur une prolongation de l'article 702 de la Foreign Intelligence Surveillance Act.

>Just days ago, lawmakers voted against even allowing a debate on an extension of Section 702 of the Foreign Intelligence Surveillance Act. ]]> 2024-04-12T20:22:08+00:00 https://cyberscoop.com/house-passes-extension-of-expiring-surveillance-authorities/ www.secnews.physaphae.fr/article.php?IdArticle=8480962 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Les clients de Sisense recherchent des réponses après l'annonce de la violation Sisense customers seek answers after breach announcement 2024-04-12T20:15:55+00:00 https://therecord.media/sisense-data-breach-customer-reaction www.secnews.physaphae.fr/article.php?IdArticle=8480963 False None None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) GitHub a exploité dans des campagnes de distribution de logiciels malveillants grâce à la manipulation de recherche GitHub Exploited in Malware Distribution Campaigns through Search Manipulation ## Snapshot Checkmarx reports a recent attack campaign where cybercriminals manipulated GitHub\'s search functionality and used repositories to distribute malware. ## Description The attackers created repositories with popular names and topics, using techniques like automated updates and using fake accounts to add fake stargazers to projects to boost search rankings and deceive users. Malicious code was hidden within Visual Studio project files to evade detection, automatically executing when the project is built. The attackers also padded the executable with many zeros, a technique used to artificially boost the file size. Checkmarx reports the padded executable file shares similarities with the "Keyzetsu clipper" malware, targeting cryptocurrency wallets. The malware establishes persistence on infected Windows machines by creating a scheduled task that runs the malicious executable daily at 4AM without user confirmation. ## Recommendations Checkmarx reccomends to prevent falling victim to similar attacks to keep an eye on the following suspicious properties of a repo: 1. Commit frequency: Does the repo have an extraordinary number of commits relative to its age? Are these commits changing the same file with very minor changes? 2. Stargazers: Who is starring this repo? Do most of the stargazers appear to have had accounts created around the same time? By being aware of these red flags, users can better protect themselves from inadvertently downloading and executing malware. ## References [https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attack/#new_tab](https://checkmarx.com/blog/new-technique-to-trick-developers-detected-in-an-open-source-supply-chain-attac]]> 2024-04-12T19:25:21+00:00 https://community.riskiq.com/article/4d0ffb2c www.secnews.physaphae.fr/article.php?IdArticle=8480952 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Coin Ciso: sécuriser la chaîne d'approvisionnement de l'IA;Plates-formes de sécurité alimentées par AI;Se battre pour la conscience du cyber CISO Corner: Securing the AI Supply Chain; AI-Powered Security Platforms; Fighting for Cyber Awareness Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: facing hard truths in software security, and the latest guidance from the NSA.]]> 2024-04-12T19:20:08+00:00 https://www.darkreading.com/cybersecurity-operations/ciso-corner-securing-ai-supply-chain-ai-powered-security-platforms-cyber-awareness www.secnews.physaphae.fr/article.php?IdArticle=8480934 False None None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Google se moque des réformes proposées par Epic \\ pour mettre fin au marché des applications Android Monopole Google mocks Epic\\'s proposed reforms to end Android app market monopoly Google should be barred from “treating Epic differently,” Epic Games says.]]> 2024-04-12T18:43:24+00:00 https://arstechnica.com/?p=2016966 www.secnews.physaphae.fr/article.php?IdArticle=8480931 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) TA547 cible les organisations allemandes avec Rhadamanthys Stealer TA547 Targets German Organizations with Rhadamanthys Stealer #### Targeted Geolocations - Germany ## Snapshot Proofpoint has identified TA547 launching an email campaign targeting German organizations with Rhadamanthys malware, marking the first known use of Rhadamanthys by this threat actor. The campaign involved impersonating a German retail company in emails containing password-protected ZIP files purportedly related to invoices, targeting multiple industries in Germany. ## Description The ZIP files contained LNK files which, when executed, triggered a PowerShell script to run a remote script loading Rhadamanthys into memory, bypassing disk writing. The PowerShell script displayed characteristics suggestive of machine-generated content, potentially from large language models (LLMs). The recent campaign in Germany represents a shift in techniques for TA547, including the use of compressed LNKs and the previously unobserved Rhadamanthys stealer. The incorporation of suspected LLM-generated content into the attack chain provides insight into how threat actors are leveraging LLM-generated content in malware campaigns, although it did not change the functionality or efficacy of the malware or the way security tools defended against it. ## Recommendations [Check out Microsoft\'s write-up on information stealers here.](https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6) [Check out additional OSINT on Rhadamanthys here.](https://sip.security.microsoft.com/intel-explorer/articles/0131b256) ## References [https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta547-targets-german-organizations-rhadamanthys-stealer](https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta547-targets-german-organizations-rhadamanthys-stealer)]]> 2024-04-12T18:11:30+00:00 https://community.riskiq.com/article/119bde85 www.secnews.physaphae.fr/article.php?IdArticle=8480922 False Malware,Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch CISA émet une directive d'urgence après minuit Blizzard Microsoft Hits CISA Issues Emergency Directive After Midnight Blizzard Microsoft Hits Though Federal Civilian Executive Branch (FCEB) agencies are the primary targets, CISA encourages all organizations to up their security, given the high risk.]]> 2024-04-12T18:09:15+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cisa-emergency-directive-after-midnight-blizzard-microsoft-hits www.secnews.physaphae.fr/article.php?IdArticle=8480904 False None None 2.0000000000000000 Volexity - Cyber Firms Exploitation zéro-jour de la vulnérabilité d'exécution du code distant non authentifié dans GlobalProtect (CVE-2024-3400) Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) La volexité tient à remercier les réseaux Palo Alto pour leur partenariat, leur coopération et leur réponse rapide à ce problème critique.Leurs recherches peuvent être trouvées ici.Le 10 avril 2024, la volexité a identifié l'exploitation zéro-jour d'une vulnérabilité trouvée dans la fonctionnalité GlobalProtect de Palo Alto Networks Pan-OS à l'un de ses clients de surveillance de la sécurité des réseaux (NSM).La volexité a reçu des alertes concernant le trafic de réseau suspect émanant du pare-feu du client.Une enquête ultérieure a déterminé que le dispositif avait été compromis.Le lendemain, le 11 avril 2024, la volexité a observé plus loin, une exploitation identique à un autre de ses clients NSM par le même acteur de menace.L'acteur de menace, que volexité suit sous l'alias UTA0218, a pu exploiter à distance l'appareil de pare-feu, créer un shell inversé et télécharger d'autres outils sur l'appareil.L'attaquant s'est concentré sur l'exportation des données de configuration des périphériques, puis en le tirant en tirant comme point d'entrée pour se déplacer latéralement dans [& # 8230;]

>Volexity would like to thank Palo Alto Networks for their partnership, cooperation, and rapid response to this critical issue. Their research can be found here. On April 10, 2024, Volexity identified zero-day exploitation of a vulnerability found within the GlobalProtect feature of Palo Alto Networks PAN-OS at one of its network security monitoring (NSM) customers. Volexity received alerts regarding suspect network traffic emanating from the customer\'s firewall. A subsequent investigation determined the device had been compromised. The following day, April 11, 2024, Volexity observed further, identical exploitation at another one of its NSM customers by the same threat actor. The threat actor, which Volexity tracks under the alias UTA0218, was able to remotely exploit the firewall device, create a reverse shell, and download further tools onto the device. The attacker focused on exporting configuration data from the devices, and then leveraging it as an entry point to move laterally within […] ]]> 2024-04-12T17:02:59+00:00 https://www.volexity.com/blog/2024/04/12/zero-day-exploitation-of-unauthenticated-remote-code-execution-vulnerability-in-globalprotect-cve-2024-3400/ www.secnews.physaphae.fr/article.php?IdArticle=8480840 False Tool,Vulnerability,Threat None 3.0000000000000000 SecureMac - Security focused on MAC Liste de contrôle 371: AI et (probablement) Pegasus re-révisité Checklist 371: AI and (Probably) Pegasus Re-Revisited Cette semaine, nous nous plongeons dans les implications troublantes de la technologie de clonage vocale d'Openai \\, émouvant les appréhensions dans une année électorale, Microsoft Warning sur le danger de Deepfakes et les alertes Apple sur les attaques suspectées de logiciels espions.

>This week, we delve into the unsettling implications of OpenAI\'s voice cloning technology, stirring apprehensions in an election year, Microsoft warning on the danger of deepfakes, and Apple alerts on suspected spyware attacks. ]]> 2024-04-12T17:00:00+00:00 https://www.securemac.com/checklist/checklist-371-ai-and-probably-pegasus-re-revisited www.secnews.physaphae.fr/article.php?IdArticle=8484297 False None None 2.0000000000000000 TechRepublic - Security News US Apple alerte les utilisateurs d'iPhone dans 92 pays à des attaques de logiciels spymétriques mercenaires Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks Apple recommends that iPhone users install software updates, use strong passwords and 2FA, and don\'t open links or attachments from suspicious emails to keep their device safe from spyware.]]> 2024-04-12T16:54:38+00:00 https://www.techrepublic.com/article/apple-threat-notifications-mercenary-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8480847 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Gardiens de code: maîtriser la gestion de l'identité non humaine Code Keepers: Mastering Non-Human Identity Management Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access. As we depend on multi-factor authentication and passwords to safeguard]]> 2024-04-12T16:43:00+00:00 https://thehackernews.com/2024/04/code-keepers-mastering-non-human.html www.secnews.physaphae.fr/article.php?IdArticle=8480681 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Les responsables actuels et anciens de la polonais sont confrontés à une enquête sur une abus de logiciels espions présumés Current and former Polish officials face probe of alleged spyware abuse 2024-04-12T16:42:25+00:00 https://therecord.media/poland-pegasus-spyware-government-investigation www.secnews.physaphae.fr/article.php?IdArticle=8480845 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future US Sanctions Hamas \\ 'Cyber Influence \\' leader US sanctions Hamas \\'cyber influence\\' leader 2024-04-12T16:20:21+00:00 https://therecord.media/al-qassam-abu-ubaida-sanctions-us-treasury www.secnews.physaphae.fr/article.php?IdArticle=8480846 False None None 2.0000000000000000 HackRead - Chercher Cyber LastPass Dodges Deepfake Scam: PDG Impination de tentative de contrepartie LastPass Dodges Deepfake Scam: CEO Impersonation Attempt Thwarted Par waqas Cybercriminels utilisant DeepFakes pour cibler les entreprises!LastPass évite de justesse la rupture de sécurité après que l'employé a identifié un faux PDG dans WhatsApp Call.Lisez comment Lastpass exhorte la conscience de l'évolution des tactiques d'ingénierie sociale. Ceci est un article de HackRead.com Lire le post original: Lastpass Dodges Deepfake Scam: PDG Impination de tentative de contrepartie

>By Waqas Cybercriminals using deepfakes to target businesses! LastPass narrowly avoids security breach after employee identifies fake CEO in WhatsApp call. Read how LastPass is urging awareness against evolving social engineering tactics. This is a post from HackRead.com Read the original post: LastPass Dodges Deepfake Scam: CEO Impersonation Attempt Thwarted]]> 2024-04-12T16:11:57+00:00 https://www.hackread.com/lastpass-deepfake-scam-ceo-impersonation-thwarted/ www.secnews.physaphae.fr/article.php?IdArticle=8480843 False None LastPass 3.0000000000000000 Dark Reading - Informationweek Branch La course pour les plates-formes de sécurité alimentées en IA se réchauffe The Race for AI-Powered Security Platforms Heats Up Microsoft, Google, and Simbian each offer generative AI systems that allow security operations teams to use natural language to automate cybersecurity tasks.]]> 2024-04-12T15:46:08+00:00 https://www.darkreading.com/cybersecurity-operations/race-ai-powered-platforms-security-platforms www.secnews.physaphae.fr/article.php?IdArticle=8480844 False None None 2.0000000000000000