This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-19T22:55:54+00:00 www.secnews.physaphae.fr CyberScoop - scoopnewsgroup.com special Cyber Une opération pour saper le logiciel Utility XZ Utils a exposé les fragiles fondations humaines sur lesquelles Internet moderne est construit.

---

>An operation to undermine the software utility XZ Utils has exposed the fragile human foundations on which the modern internet is built. ]]> 2024-04-05T21:48:49+00:00 https://cyberscoop.com/xz-utils-open-source/ www.secnews.physaphae.fr/article.php?IdArticle=8476723 False None None 3.0000000000000000 HackRead - Chercher Cyber Par deeba ahmed Wiz.io, connu pour son expertise en sécurité cloud, et Hugging Face, un leader des outils d'IA open source, combinent leurs connaissances pour développer des solutions qui répondent à ces problèmes de sécurité.Cette collaboration signifie un accent croissant sur la sécurisation des fondements des progrès de l'IA. Ceci est un article de HackRead.com Lire le post original: Les vulnérabilités exposées étreignant le visage des étreintes aux attaques de la chaîne d'approvisionnement de l'IA

---

>By Deeba Ahmed Wiz.io, known for its cloud security expertise, and Hugging Face, a leader in open-source AI tools, are combining their knowledge to develop solutions that address these security concerns. This collaboration signifies a growing focus on securing the foundation of AI advancements. This is a post from HackRead.com Read the original post: Vulnerabilities Exposed Hugging Face to AI Supply Chain Attacks]]> 2024-04-05T21:38:19+00:00 https://www.hackread.com/hugging-face-vulnerability-ai-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8476724 False Tool,Vulnerability,Cloud None 3.0000000000000000 Recorded Future - FLux Recorded Future Plus de 165 000 personnes ont eu des informations financières sensibles volées par des cybercriminels dans une cyberattaque d'août 2023 sur un géant de l'assurance basé à Hawaiʻi.Pacific Guardian Life Insurance a déposé des documents auprès des régulateurs du Maine et a mis un avis sur son site Web sur une violation de données qui a commencé le 25 août. «Le 5 septembre 2023, PGL a identifié suspect

---

More than 165,000 people had sensitive financial information stolen by cybercriminals in an August 2023 cyberattack on a Hawaiʻi-based insurance giant. Pacific Guardian Life Insurance filed documents with regulators in Maine and put a notice on its website about a data breach that began on August 25. “On September 5, 2023, PGL identified suspicious]]> 2024-04-05T21:08:33+00:00 https://therecord.media/pacific-guardian-life-insurance-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8476725 False Data Breach None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain robots . Comme d'habitude, vous pouvez également utiliser ce post de calmar pour parler des histoires de sécurité dans les nouvelles que je n'ai pas couvertes. . Lisez mes directives de publication de blog ici .

---

They’re AI warehouse robots. As usual, you can also use this squid post to talk about the security stories in the news that I haven\'t covered. Read my blog posting guidelines here.]]> 2024-04-05T21:02:11+00:00 https://www.schneier.com/blog/archives/2024/04/friday-squid-blogging-squid-bots.html www.secnews.physaphae.fr/article.php?IdArticle=8476693 False None None 2.0000000000000000 Global Security Mag - Site de news francais Investigations / primetime]]> 2024-04-05T20:58:00+00:00 https://www.globalsecuritymag.fr/diner-du-cercle-de-la-cybersecurite-la-filiere-de-la-cybersecurite-necessite-un.html www.secnews.physaphae.fr/article.php?IdArticle=8476104 False None None 2.0000000000000000 Dark Reading - Informationweek Branch One issue would have allowed cross-tenant attacks, and another enabled access to a shared registry for container images; exploitation via an insecure Pickle file showcases emerging risks for AI-as-a-service more broadly.]]> 2024-04-05T20:38:00+00:00 https://www.darkreading.com/cloud-security/critical-bugs-hugging-face-ai-platform-pickle www.secnews.physaphae.fr/article.php?IdArticle=8476694 False None None 3.0000000000000000 HackRead - Chercher Cyber Par deeba ahmed Les données malveillantes du malfrein Byakugan volent les données, accordent un accès à distance & # 038;Utilise OB Studio pour espionner!Fortinet révèle une campagne de phishing distribuant des logiciels malveillants Byakugan déguisés en PDF.Ne cliquez pas!Apprenez à rester en sécurité. Ceci est un article de HackRead.com Lire la publication originale: Méfiez-vous du flou: l'escroquerie de phishing laisse tomber le malware byakugan via un faux pdf

---

>By Deeba Ahmed New Byakugan Malware Steals Data, Grants Remote Access & Uses OBS Studio to Spy! Fortinet reveals a phishing campaign distributing Byakugan malware disguised as a PDF. Don\'t click! Learn how to stay safe. This is a post from HackRead.com Read the original post: Beware the Blur: Phishing Scam Drops Byakugan Malware via Fake PDF]]> 2024-04-05T20:03:23+00:00 https://www.hackread.com/phishing-scam-drops-byakugan-malware-fake-pdf/ www.secnews.physaphae.fr/article.php?IdArticle=8476665 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch The restaurant chain hasn\'t provided any information regarding what led to a widespread IT outage, and customers and employees are asking for answers.]]> 2024-04-05T19:48:48+00:00 https://www.darkreading.com/cybersecurity-operations/panera-bread-outage-leads-to-frustrated-customers www.secnews.physaphae.fr/article.php?IdArticle=8476667 False Ransomware None 2.0000000000000000 SecureMac - Security focused on MAC AT&T tackles data breach fallout: millions of passcodes reset, phishing threats loom. TechCrunch exposes security woes, urging vigilance. ]]> 2024-04-05T19:47:00+00:00 https://www.securemac.com/news/checklist-370-the-new-old-att-data-disaster www.secnews.physaphae.fr/article.php?IdArticle=8478824 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that artificial intelligence (AI)-as-a-service providers such as Hugging Face are susceptible to two critical risks that could allow threat actors to escalate privileges, gain cross-tenant access to other customers\' models, and even take over the continuous integration and continuous deployment (CI/CD) pipelines. "Malicious models represent a major risk to AI systems,]]> 2024-04-05T19:38:00+00:00 https://thehackernews.com/2024/04/ai-as-service-providers-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8476537 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Dealing with a Ramadan cyber spike; funding Internet security; and Microsoft\'s Azure AI changes.]]> 2024-04-05T19:26:33+00:00 https://www.darkreading.com/remote-workforce/ciso-corner-ivanti-mea-culpa-world-cup-hack-cyber-awareness www.secnews.physaphae.fr/article.php?IdArticle=8476668 False Hack None 3.0000000000000000 Recorded Future - FLux Recorded Future 2024 a déjà vu des dizaines de gouvernements locaux critiqués par des incidents de ransomwares et des cyberattaques, limitant les services de millions de personnes aux États-Unis.Le dernier incident de haut niveau concerne New York, qui a été contraint de retirer un site Web de paie de la ville hors ligne et de le retirer de la vue du public après avoir traité un incident de phishing.

---

2024 has already seen dozens of local governments slammed by ransomware incidents and cyberattacks, limiting services for millions of people across the United States. The latest high-profile incident involves New York City, which was forced to take a city payroll website offline and remove it from public view after dealing with a phishing incident.]]> 2024-04-05T19:15:19+00:00 https://therecord.media/new-york-city-government-smishing-attack www.secnews.physaphae.fr/article.php?IdArticle=8476666 False Ransomware,Hack None 2.0000000000000000 McAfee Labs - Editeur Logiciel Quatre Américains sur dix disent qu'ils utilisent des services de paiement peer-to-peer, comme Venmo, PayPal ou Apple Pay, au moins une fois un ...

---

> Four in ten Americans say they use peer-to-peer payment services, like Venmo, PayPal, or Apple Pay, at least once a... ]]> 2024-04-05T18:45:24+00:00 https://www.mcafee.com/blogs/mobile-security/how-to-protect-against-new-types-of-scams-like-qr-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8476639 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Quatre Américains sur dix disent qu'ils utilisent des services de paiement peer-to-peer, comme Venmo, PayPal ou Apple Pay, au moins une fois un ...

---

> Four in ten Americans say they use peer-to-peer payment services, like Venmo, PayPal, or Apple Pay, at least once a... ]]> 2024-04-05T18:45:24+00:00 https://www.mcafee.com/blogs/tips-tricks/how-to-protect-against-new-types-of-scams-like-qr-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8480276 False None None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Targeted Geolocations - Mexico - South America - Central America and the Caribbean - North America ## Snapshot Trustwave SpiderLabs has discovered a phishing campaign targeting the Latin American region. ## Description The phishing email contains a ZIP file attachment that, when extracted, reveals an HTML file that leads to a malicious file download posing as an invoice. The attached HTML file contains a concatenated URL that leads to a suspended page when accessed in a different region. However, if the URL is accessed using a Mexico-based IP, it will redirect to a captcha page for human verification, which leads to another URL that will download a malicious RAR file. The RAR file contains a PowerShell script that will check the victim\'s machine for information like computer name, operating system, etc. It will also check for the presence of an antivirus product. Several base64 encoded strings in the script were observed, one of which, when decoded, contains another URL request that uses the \'Post\' method for the URL response. The decoded URL will check for the user\'s country. Another notable base64 encoded string contains a malicious URL that will download a malicious ZIP file. ## References [https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/phishing-deception-suspended-domains-reveal-malicious-payload-for-latin-american-region/](https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/phishing-deception-suspended-domains-reveal-malicious-payload-for-latin-american-region/)]]> 2024-04-05T18:15:05+00:00 https://community.riskiq.com/article/abfabfa1 www.secnews.physaphae.fr/article.php?IdArticle=8476654 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware attacks targeting VMware ESXi and other virtual machine platforms are wreaking havoc among the enterprise, causing widespread disruption and loss of services. [...]]]> 2024-04-05T17:59:20+00:00 https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-april-5th-2024-virtual-machines-under-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8476722 False Ransomware None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Alors que le groupe de ransomwares se déplace pour cacher ses 22 millions de dollars, son encoche d'affiliation est à la hauteur après avoir été affaibli en paiement.

---

>As the ransomware group moves to hide its $22 million, its affiliate notchy is laying low after reportedly being stiffed on payment.  ]]> 2024-04-05T17:25:00+00:00 https://cyberscoop.com/alphv-steps-up-laundering-of-change-healthcare-ransom-payments/ www.secnews.physaphae.fr/article.php?IdArticle=8476614 False Ransomware,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch The infamous payment-skimmer cybercrime organization is exploiting CVE-2024-20720 in Magento for a novel approach to stealing card data.]]> 2024-04-05T17:14:36+00:00 https://www.darkreading.com/cloud-security/magecart-attackers-pioneer-persistent-ecommerce-backdoor www.secnews.physaphae.fr/article.php?IdArticle=8476615 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Large language models require rethinking how to bake security into the software development process earlier.]]> 2024-04-05T17:00:00+00:00 https://www.darkreading.com/application-security/how-do-we-integrate-llm-security-into-application-development- www.secnews.physaphae.fr/article.php?IdArticle=8476669 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Compliance requirements are meant to increase cybersecurity transparency and accountability. As cyber threats increase, so do the number of compliance frameworks and the specificity of the security controls, policies, and activities they include. For CISOs and their teams, that means compliance is a time-consuming, high-stakes process that demands strong organizational and]]> 2024-04-05T16:48:00+00:00 https://thehackernews.com/2024/04/ciso-perspectives-on-complying-with.html www.secnews.physaphae.fr/article.php?IdArticle=8476455 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future La Chambre de commerce des États-Unis et les multiples leaders de l'industrie appellent à une prolongation d'un mois de la période de commentaires de 60 jours pour une nouvelle règle de rapport d'incident publiée par la principale agence de cybersécurité aux États-Unis la semaine dernière, la Cybersecurity and Infrastructure Security Agency (CISA) a publié l'ensemble de réglementations de 447 pages en vertu du cyber

---

The U.S. Chamber of Commerce and multiple industry leaders are calling for a month-long extension of the 60-day comment period for a new incident reporting rule being issued by the top cybersecurity agency in the U.S. Last week, the Cybersecurity and Infrastructure Security Agency (CISA) posted the 447-page set of regulations under the Cyber]]> 2024-04-05T16:32:29+00:00 https://therecord.media/industry-groups-call-for-delay-circia-commenting www.secnews.physaphae.fr/article.php?IdArticle=8476590 False None None 2.0000000000000000 HackRead - Chercher Cyber Par owais sultan S'il est utilisé correctement, les médias sociaux peuvent non seulement fournir aux entreprises une chance fantastique (généralement gratuite) de commercialiser & # 8230; Ceci est un article de HackRead.com Lire le post original: Comment votre entreprise doit gérer les commentaires négatifs sur les réseaux sociaux

---

>By Owais Sultan If used correctly, social media can not only provide businesses with a fantastic (generally free) chance to market… This is a post from HackRead.com Read the original post: How your business should deal with negative feedback on social media]]> 2024-04-05T16:16:22+00:00 https://www.hackread.com/how-business-deal-negative-social-media-feedback/ www.secnews.physaphae.fr/article.php?IdArticle=8476588 False None None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Le partenariat amènera des millions de joueurs dans l'écosystème immuable Web3 tout en offrant à Gam3s.gg la principale plate-forme de jeu Web3 sur le marché. Ceci est un article de HackRead.com Lire le post original: GAM3S.GG et IMMUTABLE ANNONVER PARTENARIAT POUR L'EXPANSION DE GAMING WEB3

---

>By Uzair Amir The partnership will bring millions of players into the Immutable web3 ecosystem while providing GAM3S.GG with the leading web3 gaming platform on the market. This is a post from HackRead.com Read the original post: GAM3S.GG and Immutable Announce Partnership for Web3 Gaming Expansion]]> 2024-04-05T16:14:31+00:00 https://www.hackread.com/gam3s-gg-immutable-partnership-web3-gaming/ www.secnews.physaphae.fr/article.php?IdArticle=8476589 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. According to Fortinet FortiGuard Labs, clicking the URL]]> 2024-04-05T15:10:00+00:00 https://thehackernews.com/2024/04/from-pdfs-to-payload-bogus-adobe.html www.secnews.physaphae.fr/article.php?IdArticle=8476429 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future La maison américaine la semaine prochaine essaiera - pour la troisième fois - pour renouveler des autorités d'espionnage puissantes qui devraient expirer en quelques jours, bien qu'il n'y ait rien pour indiquer la dernière poussée gagnée \\ 't à se terminer comme un échec commeles deux premières tentatives.Le comité des règles de la Chambre devrait annoncer

---

The U.S. House next week will try - for the third time - to renew powerful spying authorities that are slated to expire in a matter of days, though there\'s nothing to indicate the latest push won\'t end in failure like the first two attempts. The House Rules Committee is expected to announce on]]> 2024-04-05T14:52:30+00:00 https://therecord.media/fisa-section-702-renewal-third-try-house-johnson www.secnews.physaphae.fr/article.php?IdArticle=8476539 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future L'Allemagne devrait introduire une cyber branche dédiée dans le cadre de sa restructuration militaire, a annoncé jeudi le ministre de la Défense du pays, dans le but de lutter contre l'augmentation de la cyber-agression de la Russie vers les membres de l'OTAN.Le service de domaine allemand de cyber et d'information allemand (CIR) deviendra la quatrième branche indépendante du pays armé du pays

---

Germany is set to introduce a dedicated cyber branch as part of its military restructuring, the country\'s defense minister announced on Thursday, with an aim to combat increasing cyber aggression from Russia toward NATO members. The expanded German Cyber and Information Domain Service (CIR) will become the fourth independent branch of the country\'s armed]]> 2024-04-05T14:51:54+00:00 https://therecord.media/germany-to-launch-cyber-military-unit-russia www.secnews.physaphae.fr/article.php?IdArticle=8476540 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. National Security Agency (NSA) released a cybersecurity information sheet this week focusing on challenges associated with... ]]> 2024-04-05T14:23:21+00:00 https://industrialcyber.co/threat-landscape/nsa-addresses-challenges-of-hybrid-cloud-multi-cloud-environments-in-new-cybersecurity-information-sheet/ www.secnews.physaphae.fr/article.php?IdArticle=8476538 False Cloud None 4.0000000000000000 HackRead - Chercher Cyber Par waqas Un autre jour, une autre violation de données par Intelbroker Hacker ciblant un géant basé aux États-Unis! Ceci est un article de HackRead.com Lire le post original: Violation présumée de données de Home Depot: Intelbroker fuit 22 000 données d'employés

---

>By Waqas Another day, another data breach by IntelBroker hacker targeting a US-based giant! This is a post from HackRead.com Read the original post: Alleged Home Depot Data Breach: IntelBroker Leaks 22,000 Employee Data]]> 2024-04-05T14:02:47+00:00 https://www.hackread.com/intelbroker-home-depot-employees-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8476511 False Data Breach None 2.0000000000000000 IT Security Guru - Blog Sécurité # miwic2024: nikki webb,Global Channel Manager chez Pustodian360 est apparu pour la première fois sur gourou de la sécurité informatique .

---

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024\'s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee\'s answers are […] The post #MIWIC2024: Nikki Webb, Global Channel Manager at Custodian360 first appeared on IT Security Guru. ]]> 2024-04-05T14:00:35+00:00 https://www.itsecurityguru.org/2024/04/05/miwic2024-nikki-webb-global-channel-manager-at-custodian360/?utm_source=rss&utm_medium=rss&utm_campaign=miwic2024-nikki-webb-global-channel-manager-at-custodian360 www.secnews.physaphae.fr/article.php?IdArticle=8476509 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Mandiant research details how Chinese espionage groups are deploying new tools post-exploitation of recently patched Ivanti vulnerabilities]]> 2024-04-05T14:00:00+00:00 https://www.infosecurity-magazine.com/news/chinese-threat-ttps-ivanti/ www.secnews.physaphae.fr/article.php?IdArticle=8476514 False Tool,Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Improving security in the applications that drive the digital economy is a necessary undertaking, requiring ongoing collaboration between the public and private sectors.]]> 2024-04-05T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/white-house-call-for-memory-safety-brings-challenges-changes-costs www.secnews.physaphae.fr/article.php?IdArticle=8476513 False None None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-04-05T13:39:39+00:00 https://community.riskiq.com/article/b4f39b04 www.secnews.physaphae.fr/article.php?IdArticle=8476526 False Malware,Tool,Vulnerability,Threat,Studies,Industrial,Prediction,Technical Guam 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial organizations in the Asia-Pacific (APAC) and Middle East and North Africa (MENA) are being targeted by a new version of an "evolving threat" called JSOutProx. "JSOutProx is a sophisticated attack framework utilizing both JavaScript and .NET," Resecurity said in a technical report published this week. "It employs the .NET (de)serialization feature to interact with a core]]> 2024-04-05T13:18:00+00:00 https://thehackernews.com/2024/04/new-wave-of-jsoutprox-malware-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8476376 False Malware,Technical None 2.0000000000000000 Silicon - Site de News Francais 2024-04-05T13:10:18+00:00 https://www.silicon.fr/anct-gestion-si-477494.html www.secnews.physaphae.fr/article.php?IdArticle=8476512 False None None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite selon & # 8220; le rapport mondial des risques 2022 & # 8221;95% des problèmes de cybersécurité proviennent des erreurs humaines.Le logiciel de point de contrôle met en évidence les mesures essentielles que les entreprises doivent mettre en œuvre pour assurer leur protection.Dans l'ère numérique d'aujourd'hui, la cybersécurité est devenue une priorité pour les entreprises, car les cyberattaques peuvent endommager leur économie et leur réputation.Selon Check Point, 71% des entreprises ont été victimes d'attaques de ransomwares en 2023, avec un paiement moyen de 4,35 millions de dollars.Les employés sont le premier lien de la chaîne de cybersécurité et le point d'entrée le plus vulnérable.Les statistiques brossent un tableau d'étournage de l'impact de l'erreur humaine dans la cybersécurité.Selon [& # 8230;]

---

>According to “The Global Risks Report 2022” 95% of cybersecurity issues originate from human errors. Check Point Software highlights essential measures that companies must implement to ensure their protection. In today’s digital age, cybersecurity has become a priority for businesses, as cyber attacks can damage their economy and reputation. According to Check Point, 71% of businesses were victims of ransomware attacks in 2023, with an average payout of $4.35 million. Employees are the first link in the cybersecurity chain and the most vulnerable entry point. Statistics paint a starling picture of the impact of human error in cybersecurity. According to […] ]]> 2024-04-05T13:00:05+00:00 https://blog.checkpoint.com/security/protecting-the-weakest-link-how-human-errors-can-put-a-company-in-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8476508 False Ransomware None 2.0000000000000000 CyberSecurityVentures - cybersecurity services Cette semaine en cybersécurité des éditeurs du magazine Cybercrime & # 8211;Lisez l'histoire complète dans TechTarget Sausalito, Californie & # 8211;5 avril 2024 Dans un paysage de menace de plus en plus difficile, de nombreuses organisations ont du mal à développer et à mettre en œuvre une gouvernance efficace de cybersécurité.TechTarget rapporte & # 160; que & # 160; les dommages de la cybercriminalité sont projetés

---

>This week in cybersecurity from the editors at Cybercrime Magazine – Read the Full Story in TechTarget Sausalito, Calif. – Apr. 5, 2024 In an increasingly challenging threat landscape, many organizations struggle with developing and implementing effective cybersecurity governance. TechTarget reports that damages from cybercrime are projected ]]> 2024-04-05T12:50:29+00:00 https://cybersecurityventures.com/cybersecurity-governance-a-path-to-cyber-maturity/ www.secnews.physaphae.fr/article.php?IdArticle=8476475 False Threat None 2.0000000000000000 Bleeping Computer - Magazine Américain Hackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI\'s SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware. [...]]]> 2024-04-05T12:47:51+00:00 https://www.bleepingcomputer.com/news/security/fake-facebook-midjourney-ai-page-promoted-malware-to-12-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=8476587 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple China-nexus threat actors have been linked to the zero-day exploitation of three security flaws impacting Ivanti appliances (CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893). The clusters are being tracked by Mandiant under the monikers UNC5221, UNC5266, UNC5291, UNC5325, UNC5330, and UNC5337. Another group linked to the exploitation spree is UNC3886. The Google Cloud]]> 2024-04-05T12:45:00+00:00 https://thehackernews.com/2024/04/researchers-identify-multiple-china.html www.secnews.physaphae.fr/article.php?IdArticle=8476377 False Vulnerability,Threat,Cloud None 3.0000000000000000 Recorded Future - FLux Recorded Future La Russie a pris la rare pas de facturation publique six personnes soupçonnées d'avoir volé les détails de 160 000 cartes de crédit ainsi que des informations de paiement dans les magasins en ligne étrangers.Selon la déclaration publiée par le bureau du procureur général de la Russie plus tôt cette semaine, les suspects ont utilisé des logiciels malveillants pour contourner les sites Web \\ 'Mesures de sécurité et gain

---

Russia has taken the rare step of publicly charging six people suspected of stealing the details of 160,000 credit cards as well as payment information from foreign online stores. According to the statement published by Russia\'s Prosecutor General\'s Office earlier this week, the suspects used malware to bypass the websites\' security measures and gain]]> 2024-04-05T12:24:19+00:00 https://therecord.media/russia-charges-alleged-magecart-style-hackers-credit-cards www.secnews.physaphae.fr/article.php?IdArticle=8476485 False Malware None 2.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux

---

Checkmarx One Total Economic Impact Study Finds Return on Investment of 177% in Fewer Than Six Months and Gain of $7.13M in Benefits Over Three Years New independent study of a global, $10 billion composite organization with 1000 developers demonstrated a 177% ROI, 40-50% improvement in developer productivity and 35% reduction in the likelihood of a breach over three years - Special Reports]]> 2024-04-05T12:24:03+00:00 https://www.globalsecuritymag.fr/checkmarx-one-total-economic-impact-study-finds-return-on-investment-of-177-in.html www.secnews.physaphae.fr/article.php?IdArticle=8476479 False Studies None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) published a report on the Summer 2023... ]]> 2024-04-05T12:23:33+00:00 https://industrialcyber.co/reports/csrb-reports-microsoft-exchange-breach-by-storm-0558-urges-security-reforms-following-espionage-incident/ www.secnews.physaphae.fr/article.php?IdArticle=8476481 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Wiz researchers found architecture flaws in generative AI models available on the AI hub Hugging Face]]> 2024-04-05T12:15:00+00:00 https://www.infosecurity-magazine.com/news/wiz-discovers-flaws-generative-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8476478 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial HMS Networks has finalized the acquisition of Red Lion Controls from Spectris Group Holdings Limited. The two companies... ]]> 2024-04-05T12:14:06+00:00 https://industrialcyber.co/news/hms-networks-red-lion-collaborate-to-boost-industrial-information-and-communication-technology-offerings/ www.secnews.physaphae.fr/article.php?IdArticle=8476482 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial EXALENS a annoncé un partenariat avec Hoop Cyber, un conseil en génie des cyber-données de nouvelle génération dédié à l'autonomisation des organisations ...

---

>Exalens has announced a partnership with HOOP Cyber, a next-generation cyber data engineering consultancy dedicated to empowering organizations... ]]> 2024-04-05T12:11:07+00:00 https://industrialcyber.co/news/exalens-partners-with-hoop-cyber-to-boost-cyber-physical-system-resilience-in-industrial-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8476483 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Ampère Industrial Security, réputée pour son expertise en sécurité industrielle, annonce son changement de marque à AMPYX Cyber, marquant un ...

---

>Ampere Industrial Security, renowned for its expertise in industrial security, announces its rebranding to Ampyx Cyber, marking a... ]]> 2024-04-05T12:10:11+00:00 https://industrialcyber.co/news/ampere-industrial-security-rebrands-to-ampyx-cyber-expands-global-presence-with-new-offices/ www.secnews.physaphae.fr/article.php?IdArticle=8476484 False Industrial None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial La société critique de la protection contre les infrastructures (CIP) Opswat a annoncé cette semaine qu'elle avait acquis CIP Cyber, un apprentissage en ligne ...

---

>Critical infrastructure protection (CIP) firm OPSWAT announced this week that it has acquired CIP Cyber, an online learning... ]]> 2024-04-05T12:01:49+00:00 https://industrialcyber.co/news/opswat-acquires-cip-cyber-to-revolutionize-cybersecurity-training-reduce-skills-gap/ www.secnews.physaphae.fr/article.php?IdArticle=8476451 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Cloud-native application protection platforms (CNAPPs) sidestep siloed security and embed security into the earliest stages of application development.]]> 2024-04-05T12:00:14+00:00 https://www.darkreading.com/cloud-security/reconsider-your-cnapp-strategy-using-these-5-scenarios www.secnews.physaphae.fr/article.php?IdArticle=8476454 False None None 2.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui auraient pu glisser sous le radar: le piratage de la CISA pourrait avoir un impact sur 100 000 personnes, Microsoft AI Copilot interdit par US House, UK Nuclear Site Prosecution.

---

>Noteworthy stories that might have slipped under the radar: the CISA hack could impact 100,000 people, Microsoft AI Copilot banned by US House, UK nuclear site prosecution.  ]]> 2024-04-05T11:59:41+00:00 https://www.securityweek.com/in-other-news-100000-affected-by-cisa-breach-microsoft-ai-copilot-ban-nuclear-site-prosecution/ www.secnews.physaphae.fr/article.php?IdArticle=8476480 False Hack None 3.0000000000000000 Recorded Future - FLux Recorded Future La police du Royaume-Uni enquête sur les messages envoyés dans le cadre d'un exercice de «piège à miel» signalé ciblant les politiciens, les responsables et les journalistes travaillant à Westminster.Il suit un rapport Politico découvrant comment les comptes WhatsApp contactent des cibles avec des messages suggestifs et sur mesure qui se sont transformés en conversations sexuellement explicites pour le bien de l'acquisition

---

Police in the United Kingdom are investigating messages sent as part of a reported “honey trap” exercise targeting politicians, officials and journalists working in Westminster. It follows a Politico report uncovering how WhatsApp accounts were contacting targets with suggestive and tailored messages that developed into sexually explicit conversations for the apparent sake of acquiring]]> 2024-04-05T11:55:53+00:00 https://therecord.media/uk-police-honey-trap-whatsapp-investigation www.secnews.physaphae.fr/article.php?IdArticle=8476452 False Legislation None 2.0000000000000000 Recorded Future - FLux Recorded Future L'Université de Winnipeg au Canada a confirmé que les pirates ont volé des informations sensibles à l'institution dans un incident qui s'est produit à la fin du mois dernier, affectant les étudiants et le personnel actuels et actuels.L'université, qui compte jeudi plus de 18 000 étudiants et 800 employés, a déclaré dans un communiqué que «les informations volées probablement

---

The University of Winnipeg in Canada has confirmed that hackers stole sensitive information from the institution in an incident that took place late last month, affecting former and current students and staff. The university, which has more than 18,000 students and 800 staff, said in a statement on Thursday that “the stolen information likely]]> 2024-04-05T11:42:02+00:00 https://therecord.media/university-of-winnipeg-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8476453 False Hack None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Fixation des vulnérabilités en SS7 et le protocole diamètre: Le 27 mars, la Commission a demandé aux fournisseurs de télécommunications de peser et de détailler ce qu'ils font pour empêcher les vulnérabilités de SS7 et de diamètre d'être mal utilisées pour suivre les consommateurs & # 8217;emplacements. La FCC a également demandé aux transporteurs de détailler les exploits des protocoles depuis 2018. Le régulateur veut connaître la date de l'incident, ce qui s'est passé, quelles vulnérabilités ont été exploitées et avec quelles techniques, où laLe suivi de l'emplacement s'est produit et est timide;Si connu et timide;L'identité de l'attaquant ...

---

It seems that the FCC might be fixing the vulnerabilities in SS7 and the Diameter protocol: On March 27 the commission asked telecommunications providers to weigh in and detail what they are doing to prevent SS7 and Diameter vulnerabilities from being misused to track consumers’ locations. The FCC has also asked carriers to detail any exploits of the protocols since 2018. The regulator wants to know the date(s) of the incident(s), what happened, which vulnerabilities were exploited and with which techniques, where the location tracking occurred, and ­ if known ­ the attacker’s identity...]]> 2024-04-05T11:00:42+00:00 https://www.schneier.com/blog/archives/2024/04/maybe-the-phone-system-surveillance-vulnerabilities-will-be-fixed.html www.secnews.physaphae.fr/article.php?IdArticle=8476424 False Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais Produits

---

Stormshield obtient la Qualification Standard de son offre Stormshield Network Security L\'offre SNS de Stormshield devient ainsi la première et seule gamme de " firewall chiffreur " qualifiée au niveau Standard et agréée DR par l\'ANSSI. - Produits]]> 2024-04-05T11:00:00+00:00 https://www.globalsecuritymag.fr/stormshield-obtient-la-qualification-standard-de-son-offre-stormshield-network.html www.secnews.physaphae.fr/article.php?IdArticle=8476378 False None None 3.0000000000000000 Global Security Mag - Site de news francais opinion / / affiche

---

How To Stop Your Child Being Cyberbullied, According To An Expert - Opinion / affiche]]> 2024-04-05T10:05:30+00:00 https://www.globalsecuritymag.fr/how-to-stop-your-child-being-cyberbullied-according-to-an-expert.html www.secnews.physaphae.fr/article.php?IdArticle=8476402 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A Microsoft report found that China-affiliated actors are publishing AI-generated content on social media to amplify controversial domestic issues in the US]]> 2024-04-05T10:03:00+00:00 https://www.infosecurity-magazine.com/news/china-ai-content-division-us/ www.secnews.physaphae.fr/article.php?IdArticle=8476401 False None None 3.0000000000000000 SecurityWeek - Security News Acuité, l'entreprise technologique à partir de laquelle les pirates ont prétendu avoir volé le département d'État et d'autres données gouvernementales, confirme le piratage, mais dit que les informations volées sont anciennes.

---

>Acuity, the tech firm from which hackers claimed to have stolen State Department and other government data, confirms hack, but says stolen info is old. ]]> 2024-04-05T10:00:00+00:00 https://www.securityweek.com/acuity-responds-to-us-government-data-theft-claims-says-hackers-obtained-old-info/ www.secnews.physaphae.fr/article.php?IdArticle=8476425 False Hack None 3.0000000000000000 Korben - Bloger francais 2024-04-05T09:53:32+00:00 https://korben.info/denuvo-drm-hogwarts-legacy-cracke-developpeur.html www.secnews.physaphae.fr/article.php?IdArticle=8476428 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Panera Bread\'s recent week-long outage was caused by a ransomware attack, according to people familiar with the matter and emails seen by BleepingComputer. [...]]]> 2024-04-05T09:52:22+00:00 https://www.bleepingcomputer.com/news/security/panera-bread-week-long-it-outage-caused-by-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8476510 False Ransomware None 3.0000000000000000 Silicon - Site de News Francais 2024-04-05T09:52:15+00:00 https://www.silicon.fr/cyber-resilience-act-open-source-477487.html www.secnews.physaphae.fr/article.php?IdArticle=8476426 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-04-05T09:12:12+00:00 https://www.silicon.fr/aws-summit-paris-2024-ia-generative-477453.html www.secnews.physaphae.fr/article.php?IdArticle=8476427 False None None 2.0000000000000000 Sekoia - Cyber Firms En 2024, les lignes entre EDR et XDR deviennent floues.De plus en plus de fournisseurs offrent des plateformes qui combinent la sécurité des points de terminaison, du réseau, du cloud et des e-mails.Tous ces outils sont conçus pour bloquer les menaces, bien qu'ils diffèrent en termes de portée et de capacités.Pour apporter plus de clarté, nous voulons vous guider à travers la cybersécurité arsenal [& # 8230;] la publication Suivante d'EDR à xdr: procédure détaillée est un article de l'ONU de blog Sekoia.io .

---

>In 2024, the lines between EDR and XDR are becoming blurred. More and more vendors offer platforms that combine endpoint, network, cloud, and email security. All these tools are designed to block threats, though they differ in terms of scope and capabilities.  To bring more clarity, we want to guide you through the cybersecurity arsenal […] La publication suivante From EDR to XDR: Detailed Walkthrough est un article de Sekoia.io Blog.]]> 2024-04-05T08:58:20+00:00 https://blog.sekoia.io/from-edr-to-xdr-detailed-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=8476390 False Tool,Cloud,Conference None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Acumen expands its team - two exciting recruits to support business growth People-powered security service provider announces new recruits to support its journey in becoming one of the top five UK Managed Security Service Providers (MSSPs) within the next five years - Business News]]> 2024-04-05T08:03:52+00:00 https://www.globalsecuritymag.fr/acumen-announced-it-has-appointed-spencer-misstear-and-darren-sewell.html www.secnews.physaphae.fr/article.php?IdArticle=8476352 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-04-05T07:37:52+00:00 https://www.silicon.fr/combien-coutera-support-etendu-windows-10-477484.html www.secnews.physaphae.fr/article.php?IdArticle=8476351 False None None 2.0000000000000000 Korben - Bloger francais 2024-04-05T07:00:00+00:00 https://korben.info/moode-audio-lecteur-open-source-gratuit-raspberry-pi.html www.secnews.physaphae.fr/article.php?IdArticle=8476353 False None None 3.0000000000000000 Korben - Bloger francais 2024-04-05T06:51:07+00:00 https://korben.info/google-books-indexe-livres-generes-ia-faible-qualite.html www.secnews.physaphae.fr/article.php?IdArticle=8476354 False None None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-05T06:00:25+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/deception-technology-better-for-threat-detection-response-than-honeypots www.secnews.physaphae.fr/article.php?IdArticle=8476507 False Ransomware,Malware,Tool,Vulnerability,Threat None 2.0000000000000000 Korben - Bloger francais 2024-04-05T05:47:16+00:00 https://korben.info/mario-kart-8-optimiser-build-front-pareto.html www.secnews.physaphae.fr/article.php?IdArticle=8476328 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les groupes de piratage liés au gouvernement chinois se tournent de plus en plus vers des fesses profondes et d'autres formes de contenu généré par l'IA lorsqu'ils cherchent à interférer dans les élections étrangères, selon de nouvelles recherches de Microsoft publiées jeudi.Les campagnes d'influence de Pékin s'appuient toujours sur les vieux standbys, comme l'utilisation de faux médias sociaux et de nouvelles, pour diffuser de la propagande soutenue par l'État, injecter [& # 8230;]

---

>Hacking groups linked to the Chinese government are increasingly turning to deepfakes and other forms of AI-generated content when seeking to interfere in foreign elections, according to new research from Microsoft published Thursday. Beijing\'s influence campaigns still rely on old standbys, such as using fake social media and news accounts, to spread state-backed propaganda, inject […] ]]> 2024-04-05T04:00:00+00:00 https://cyberscoop.com/microsoft-ai-election-taiwan/ www.secnews.physaphae.fr/article.php?IdArticle=8476264 False None None 2.0000000000000000 The State of Security - Magazine Américain In today\'s digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While many of these tools are important and necessary, organizations often don\'t use them to their full potential. With any security tool or platform, it is important to understand its features beyond the most basic functions. Solutions can have advanced capabilities that are less commonly used but that can greatly benefit an...]]> 2024-04-05T03:03:49+00:00 https://www.tripwire.com/state-of-security/exploring-advanced-tripwire-enterprise-capabilities www.secnews.physaphae.fr/article.php?IdArticle=8476350 False Tool None 3.0000000000000000 The Register - Site journalistique Anglais Also makes components for chips, displays, and hard disks, and has spent four days groping for a fix If ever there was an incident that brings the need for good infosec into sharp focus, this is the one: Japan\'s Hoya – a maker of eyeglass and contact lenses, plus kit used to make semiconductor manufacturing, flat panel displays, and hard disk drives – has halted some production and sales activity after experiencing an attack on its IT systems.…]]> 2024-04-05T01:45:12+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/05/hoya_infosec_incident/ www.secnews.physaphae.fr/article.php?IdArticle=8476221 False None None 3.0000000000000000 HackRead - Chercher Cyber Par owais sultan Les institutions, les DAPP et les utilisateurs sur Flare bénéficieront désormais de la suite de protection à l'écosystème de l'écosystème de l'industrie de l'hypernative \\. Ceci est un article de HackRead.com Lire le post original: WEB3 Spécialiste de la sécurité hypernative pour fournir une protection proactive à l'écosystème Flare

---

>By Owais Sultan Institutions, dApps and users on Flare will now benefit from Hypernative\'s industry-leading ecosystem-wide protection suite.  This is a post from HackRead.com Read the original post: Web3 Security Specialist Hypernative To Provide Proactive Protection To The Flare Ecosystem]]> 2024-04-04T23:55:02+00:00 https://www.hackread.com/web3-security-hypernative-protection-flare-ecosystem/ www.secnews.physaphae.fr/article.php?IdArticle=8476178 False None None 2.0000000000000000 Dark Reading - Informationweek Branch A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks, in one case demanding $140 million from a Chilean data center company.]]> 2024-04-04T22:29:05+00:00 https://www.darkreading.com/threat-intelligence/sexi-ransomware-desires-vmware-hypervisors www.secnews.physaphae.fr/article.php?IdArticle=8476156 False Ransomware None 3.0000000000000000 Dark Reading - Informationweek Branch So far this year, Ivanti has disclosed a total of 11 flaws - many of them critical - in its remote access products.]]> 2024-04-04T21:43:12+00:00 https://www.darkreading.com/remote-workforce/ivanti-ceo-commits-to-security-overhaul-day-after-vendor-discloses-4-more-vulns www.secnews.physaphae.fr/article.php?IdArticle=8476129 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Initial access brokers are using the new downloader malware, which emerged just after QBot\'s 2023 disruption.]]> 2024-04-04T21:25:15+00:00 https://www.darkreading.com/threat-intelligence/new-loader-takes-over-where-qbot-left-off www.secnews.physaphae.fr/article.php?IdArticle=8476130 False Malware None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

SF-based cyber insurance provider Cowbell announced two executive promotions, including the appointment of Sahar Sabouni to Chief People Officer, and Dan Palardy to Chief Actuary. - Business News]]> 2024-04-04T21:21:18+00:00 https://www.globalsecuritymag.fr/cowbell-announced-two-executive-promotions-including-the-appointment-of-sahar.html www.secnews.physaphae.fr/article.php?IdArticle=8476131 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Vietnamese-origin threat actor has been observed targeting victims in several Asian and Southeast Asian countries with malware designed to harvest valuable data since at least May 2023. Cisco Talos is tracking the cluster under the name CoralRaider, describing it as financially motivated. Targets of the campaign include India, China, South Korea, Bangladesh, Pakistan, Indonesia,]]> 2024-04-04T21:12:00+00:00 https://thehackernews.com/2024/04/vietnam-based-hackers-steal-financial.html www.secnews.physaphae.fr/article.php?IdArticle=8476000 False Malware,Threat None 2.0000000000000000 Global Security Mag - Site de news francais formation

---

Action1 Unveils \'School Defense\' Program To Help Small Educational Institutions Thwart Cyberattacks Action1\'s \'School Defense\' program aims to enhance the defense of public schools and community colleges against cyber threats through free access to cybersecurity services and educational resources, recognizing their critical role in shaping society. - TRAINING ]]> 2024-04-04T21:10:42+00:00 https://www.globalsecuritymag.fr/action1-unveils-school-defense-program-to-help-small-educational-institutions.html www.secnews.physaphae.fr/article.php?IdArticle=8476132 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Les employés du gouvernement sur l'île de Palau sont entrés en œuvre le 14 mars et ont démarré leurs ordinateurs comme n'importe quel autre jour.Mais lorsque les écrans Windows ne se chargeraient pas, ils l'ont appelé. & Nbsp;Ils ont rapidement découvert deux notes de rançon distinctes: une sur une feuille de papier dans l'imprimante du gang de ransomware de verrouillage

---

Government employees on the island of Palau came into work on March 14 and booted up their computers like any other day. But when the Windows screens wouldn\'t load they called up IT.  They quickly discovered two separate ransom notes: one on a sheet of paper in the printer from the LockBit ransomware gang]]> 2024-04-04T21:07:53+00:00 https://therecord.media/palau-attack-who-was-behind-china-us www.secnews.physaphae.fr/article.php?IdArticle=8476128 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais opinion

---

Shifting Left to Protect APIs Chuck Herrin, Senior Principal Product Manager – Security, F5 - Opinion]]> 2024-04-04T21:02:51+00:00 https://www.globalsecuritymag.fr/shifting-left-to-protect-apis.html www.secnews.physaphae.fr/article.php?IdArticle=8476105 False None None 3.0000000000000000 Palo Alto Network - Site Constructeur Explorez les prédictions sur l'IA en cybersécurité et cultivant une culture cyber-consciente.Découvrez l'émergence d'assistants de cybersécurité alimentés par l'IA.

---

>Explore predictions on AI in cybersecurity and cultivating a cyber-aware culture. Discover the emergence of AI-powered cybersecurity assistants. ]]> 2024-04-04T21:00:27+00:00 https://www.paloaltonetworks.com/blog/2024/04/ai-assistants-and-advanced-threat-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8476127 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Latest campaign underscores wide-ranging functionality and staying power of a decade-old piece of information-stealing malware.]]> 2024-04-04T21:00:00+00:00 https://www.darkreading.com/remote-workforce/thousands-of-australian-businesses-targeted-with-agent-tesla-rat www.secnews.physaphae.fr/article.php?IdArticle=8476055 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an information-stealing malware called Rhadamanthys is being used in phishing campaigns targeting the oil and gas sector. "The phishing emails use a unique vehicle incident lure and, in later stages of the infection chain, spoof the Federal Bureau of Transportation in a PDF that mentions a significant fine for the incident," Cofense researcher Dylan Duncan said. The]]> 2024-04-04T21:00:00+00:00 https://thehackernews.com/2024/04/new-phishing-campaign-targets-oil-gas.html www.secnews.physaphae.fr/article.php?IdArticle=8476001 False Malware None 3.0000000000000000 Global Security Mag - Site de news francais Interviews / affiche, INCYBER 2024]]> 2024-04-04T20:21:00+00:00 https://www.globalsecuritymag.fr/thomas-gayet-scovery-la-disponibilite-et-l-integration-d-une-notation.html www.secnews.physaphae.fr/article.php?IdArticle=8475458 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber U.S.Les responsables de la cybersécurité ont publié une directive d'urgence cette semaine pour lutter contre une violation des agents russes de Microsoft divulgués pour la première fois en janvier.

---

>U.S. cybersecurity officials issued an emergency directive this week to address a breach by Russian operatives of Microsoft first disclosed in January. ]]> 2024-04-04T20:07:19+00:00 https://cyberscoop.com/federal-government-russian-breach-microsoft/ www.secnews.physaphae.fr/article.php?IdArticle=8476078 False None None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-04-04T20:01:34+00:00 https://www.darkreading.com/cybersecurity-operations/action1-unveils-school-defense-program-to-help-small-educational-institutions-thwart-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8476082 False None None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Onapsis Appoints Tim McKnight to Board of Directors Former Chief Security Officer at SAP and renowned cybersecurity executive accelerates Onapsis\' leadership in SAP cybersecurity market - Business News]]> 2024-04-04T19:55:47+00:00 https://www.globalsecuritymag.fr/onapsis-appoints-tim-mcknight-to-board-of-directors.html www.secnews.physaphae.fr/article.php?IdArticle=8476079 False None None 1.00000000000000000000 Recorded Future - FLux Recorded Future ]]> 2024-04-04T19:44:34+00:00 https://therecord.media/google-sues-developers-of-fraud-crypto-app www.secnews.physaphae.fr/article.php?IdArticle=8476081 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Les escrocs tournent un argent sur l'éclipse.Une éruption d'escroqueries sur l'éclipse est apparue en ligne, beaucoup impliquant la vente ...

---

> Scammers are turning a buck on the eclipse. A rash of eclipse scams have appeared online, many involving the sale... ]]> 2024-04-04T19:32:24+00:00 https://www.mcafee.com/blogs/internet-security/how-to-avoid-solar-eclipse-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8476077 False None None 2.0000000000000000 HackRead - Chercher Cyber Par waqas Un autre jour, une autre menace malveillante! Ceci est un article de HackRead.com Lire le post original: new latrodectusTéléchargeur malware lié aux créateurs icedid et QBOT

---

>By Waqas Another day, another malware threat! This is a post from HackRead.com Read the original post: New Latrodectus Downloader Malware Linked to IcedID and Qbot Creators]]> 2024-04-04T19:21:19+00:00 https://www.hackread.com/latrodectus-downloader-malware-icedid-qbot/ www.secnews.physaphae.fr/article.php?IdArticle=8476080 False Malware None 3.0000000000000000 The Register - Site journalistique Anglais State Dept keeps schtum \'for security reasons\' Uncle Sam is investigating claims that some miscreant stole and leaked classified information from the Pentagon and other national security agencies.…]]> 2024-04-04T18:43:56+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/04/feds_data_dump/ www.secnews.physaphae.fr/article.php?IdArticle=8476054 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Un groupe de hacktivistes portant sous le nom de RVB-Team a revendiqué la responsabilité de pirater le site Web du procureur général de la Russie, exposant des données sur les infractions pénales commises en Russie au cours des 30 dernières années.Le groupe a publié jeudi les archives divulguées sur sa chaîne Telegram, déclarant qu'il détient 100 000 cassiers judiciaires russes qui s'étalent à partir de

---

A group of hacktivists going by the name RGB-TEAM claimed responsibility for hacking into the website of Russia\'s prosecutor general, exposing data on criminal offenses committed in Russia over the past 30 years. The group published the leaked archive on its Telegram channel on Thursday, stating it holds 100,000 Russian criminal records spanning from]]> 2024-04-04T17:47:06+00:00 https://therecord.media/hackers-claim-to-breach-russia-prosecutor-general-database www.secnews.physaphae.fr/article.php?IdArticle=8476030 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Omni Hotels &Resorts a confirmé mercredi soir que des pannes de technologie récentes avaient été causées par une cyberattaque découverte pour la première fois vendredi dernier. & NBSP;La chaîne basée aux États-Unis - qui exploite 50 hôtels et complexes en Amérique du Nord - a traité des problèmes technologiques toute la semaine, ce qui rend difficile pour les clients de s'enregistrer et

---

Omni Hotels & Resorts confirmed on Wednesday evening that recent technology outages were caused by a cyberattack that was first discovered last Friday.  The U.S.-based chain - which operates 50 hotels and resorts across North America - has been dealing with technological issues all week making it difficult for guests to check in and]]> 2024-04-04T17:41:21+00:00 https://therecord.media/omni-hotels-cyberattack-disruptions-customers www.secnews.physaphae.fr/article.php?IdArticle=8476031 False None None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Les principaux plats à retenir d'introduction les applications de rencontres utilisent traditionnellement les données de localisation, offrant la possibilité de se connecter avec les personnes à proximité et d'améliorer les chances de réunions réelles.Certaines applications peuvent également afficher la distance de l'utilisateur à d'autres utilisateurs.Cette fonctionnalité est très utile pour coordonner les rencontres, indiquant si une correspondance potentielle n'est qu'une courte distance [& # 8230;]

---

>Key takeaways Introduction Dating apps traditionally utilize location data, offering the opportunity to connect with people nearby, and enhancing the chances of real-life meetings. Some apps can also display the distance of the user to other users. This feature is quite useful for coordinating meetups, indicating whether a potential match is just a short distance […] ]]> 2024-04-04T17:36:35+00:00 https://research.checkpoint.com/2024/the-illusion-of-privacy-geolocation-risks-in-modern-dating-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8476027 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Les cybercriminels prennent le contrôle des pages Facebook et les utilisent pour annoncer de faux logiciels d'intelligence artificielle générative chargés de logiciels malveillants. & Nbsp;Selon des chercheurs de la société de cybersécurité Bitdefender, les CyberCrooks profitent de la popularité des nouveaux outils génératifs d'IA et utilisent «malvertising» pour usurper l'identité de produits légitimes comme MidJourney, Sora AI, Chatgpt 5 et

---

Cybercriminals are taking over Facebook pages and using them to advertise fake generative artificial intelligence software loaded with malware.  According to researchers at the cybersecurity company Bitdefender, the cybercrooks are taking advantage of the popularity of new generative AI tools and using “malvertising” to impersonate legitimate products like Midjourney, Sora AI, ChatGPT 5 and]]> 2024-04-04T17:04:16+00:00 https://therecord.media/cybercriminals-plant-malware-facebook-ai-brands www.secnews.physaphae.fr/article.php?IdArticle=8476032 False Malware,Tool ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise\'s physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT brings additional cybersecurity considerations not typically present in conventional IT security]]> 2024-04-04T16:57:00+00:00 https://thehackernews.com/2024/04/considerations-for-operational.html www.secnews.physaphae.fr/article.php?IdArticle=8475839 False Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service (DoS) attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center (CERT/CC) on January 25, 2024. "Many HTTP/2 implementations do not properly limit or sanitize the]]> 2024-04-04T16:45:00+00:00 https://thehackernews.com/2024/04/new-http2-vulnerability-exposes-web.html www.secnews.physaphae.fr/article.php?IdArticle=8475840 False Vulnerability None 4.0000000000000000 Recorded Future - FLux Recorded Future Plusieurs groupes de piratage basés en Chine, dont Volt Typhoon, visent un trio de vulnérabilités affectant son géant ivanti aux côtés de multiples opérations cybercriminales.L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) et plusieurs des principales agences de cybersécurité du monde ont publié des avertissements sur les vulnérabilités - étiquetées CVE-2023-46805, CVE-2024-21887 et CVE-2024-21893 - en raison deleur utilisation généralisée

---

Several China-based hacking groups, including Volt Typhoon, are targeting a trio of vulnerabilities affecting IT giant Ivanti alongside multiple cybercriminal operations. The Cybersecurity and Infrastructure Security Agency (CISA) and several of the world\'s leading cybersecurity agencies have released warnings about the vulnerabilities - labeled CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893 - due to their widespread use]]> 2024-04-04T16:40:24+00:00 https://therecord.media/volt-typhoon-china-targeting-energy-defense-ivanti-bugs www.secnews.physaphae.fr/article.php?IdArticle=8476005 False Vulnerability Guam 3.0000000000000000 Bleeping Computer - Magazine Américain A relatively new malware called Latrodectus is believed to be an evolution of the IcedID loader, seen in malicious email campaigns since November 2023. [...]]]> 2024-04-04T16:38:19+00:00 https://www.bleepingcomputer.com/news/security/new-latrodectus-malware-replaces-icedid-in-network-breaches/ www.secnews.physaphae.fr/article.php?IdArticle=8476154 False Malware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A Trend Micro report shows a clear drop in the number of actual infections associated with the LockBit ransomware following Operation Cronos]]> 2024-04-04T16:30:00+00:00 https://www.infosecurity-magazine.com/news/lockbit-takedown-leak-site-old/ www.secnews.physaphae.fr/article.php?IdArticle=8476004 False Ransomware,Prediction None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Il semble que chaque semaine apporte la nouvelle d'une autre attaque & # 8211;Des millions de protocoles de Defi, des NFTS ont glissé et & # 8230; Ceci est un article de HackRead.com Lire le post original: 5 meilleurs marketing crypto-cryptoAgences pour les marques de sécurité Web3 en 2024

---

>By Uzair Amir It seems each week brings news of another attack – millions drained from DeFi protocols, NFTs swiped, and… This is a post from HackRead.com Read the original post: 5 Best Crypto Marketing Agencies for Web3 Security Brands in 2024]]> 2024-04-04T16:10:29+00:00 https://www.hackread.com/best-crypto-marketing-agency/ www.secnews.physaphae.fr/article.php?IdArticle=8476002 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A state of emergency was declared, caused by operational inconsistencies across digital infrastructure]]> 2024-04-04T16:00:00+00:00 https://www.infosecurity-magazine.com/news/jackson-county-systems-hit/ www.secnews.physaphae.fr/article.php?IdArticle=8475970 False Ransomware None 2.0000000000000000