This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T17:02:17+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch Manipulated header info within files, in mobile Trojans like TeaBot and others, makes it difficult for defenders to analyze and detect them.]]> 2024-07-17T15:27:02+00:00 https://www.darkreading.com/endpoint-security/malicious-badpack-apk-files-android-malware www.secnews.physaphae.fr/article.php?IdArticle=8538949 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a Russia-based ad network called CaramelAds. "Konfety represents a new form of]]> 2024-07-16T18:30:00+00:00 https://thehackernews.com/2024/07/konfety-ad-fraud-uses-250-google-play.html www.secnews.physaphae.fr/article.php?IdArticle=8538194 False Mobile None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Dans le monde mobile-premier de la journée, la sécurité des appareils mobiles est primordiale pour les organisations de toutes tailles.Check Point est un pionnier de cet espace, après avoir développé sa solution de défense de menace mobile (MTD), Harmony Mobile, qui protège les organisations depuis plus d'une décennie.Depuis ses débuts, Harmony Mobile a réussi à bloquer des millions d'attaques, démontrant son efficacité dans la protection des flottes mobiles contre les menaces en constante évolution.Aujourd'hui, nous sommes ravis d'annoncer que l'harmonie de chèque a été nommée leader dans le rapport Forrester Wave ™: Mobile Threat Defence Solutions, Rapport du Q3 2024.Cette reconnaissance de Forrester, une société de recherche indépendante renommée, [& # 8230;]

---

>In today’s mobile-first world, the security of mobile devices is paramount for organizations of all sizes. Check Point is a pioneer in this space, having developed its Mobile Threat Defense (MTD) solution, Harmony Mobile, which has been safeguarding organizations for over a decade. Since its debut, Harmony Mobile has successfully blocked millions of attacks, demonstrating its effectiveness in protecting mobile fleets against ever-evolving threats. Today, we are thrilled to announce that Check Point’s Harmony Mobile has been named a Leader in The Forrester Wave™: Mobile Threat Defense Solutions, Q3 2024 report. This recognition from Forrester, a renowned independent research firm, […] ]]> 2024-07-16T14:00:39+00:00 https://blog.checkpoint.com/securing-user-and-access/check-point-recognized-as-a-leader-in-forrester-wave-for-mobile-threat-defense-solutions/ www.secnews.physaphae.fr/article.php?IdArticle=8538201 False Threat,Mobile,Commercial None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC promises to improve visitor experiences and operational effectiveness. Smart technologies like IoT-enabled gadgets and AI-powered services are being incorporated into modern hotels. These include mobile check-in, keyless entry for a quick, contactless experience, AI-powered chatbots and automated concierge systems for smooth guest interactions, smart in-room entertainment systems that allow guests to control various aspects of their environment via voice commands or smartphone apps, and smart thermostats for customized climate control. While these innovations significantly enhance convenience and personalization, they also introduce considerable cybersecurity risks. The interconnected nature of these devices and the vast amounts of data they handle make hotels and Airbnb rooms attractive targets for cybercriminals. Here are some of the most dangerous cybersecurity threats facing modern hospitality settings. Data Breaches Data breaches are a major concern in the hospitality industry due to the vast amounts of sensitive guest information collected and stored. High-profile incidents, such as the Marriott data breach in 2018, which affected up to 500 million guest records, underscore the severity of this threat. Compromised data often includes personal identification details, credit card information, and even passport numbers, leading to significant financial and reputational damage for the affected hotels and Airbnb hosts​. IoT Vulnerabilities The globalization of IoT devices in accommodation businesses like hotels and Airbnb properties increases the attack surface for cybercriminals. Each connected device represents a potential entry point for hackers. For instance, vulnerabilities in smart thermostats or lighting systems can be exploited to gain access to the broader network, compromising other critical systems and guest data​. Phishing and Social Engineering Phishing attacks and social engineering tactics are prevalent in the hospitality industry. Cybercriminals often target staff and guests with deceptive emails or messages designed to steal login credentials or other sensitive information. These attacks can lead to unauthorized access to systems and data breaches​. Point of Sale (POS) Systems POS systems handle numerous financial transactions, making them attractive to hackers. Attacks on POS systems can involve malware that captures credit card information before it is encrypted. Such inci]]> 2024-07-15T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/smart-hotel-technologies-and-the-cybersecurity-risks-they-bring www.secnews.physaphae.fr/article.php?IdArticle=8537435 False Ransomware,Data Breach,Malware,Vulnerability,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T\'s wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated]]> 2024-07-13T11:21:00+00:00 https://thehackernews.com/2024/07/at-confirms-data-breach-affecting.html www.secnews.physaphae.fr/article.php?IdArticle=8536176 False Data Breach,Threat,Mobile,Cloud None 2.0000000000000000 The Register - Site journalistique Anglais Snowflake? Snowflake AT&T has admitted that cyberattackers grabbed a load of its data for the second time this year, and if you think the first haul was big, you haven\'t seen anything: This latest one includes data on "nearly all" AT&T wireless customers - and those served by mobile virtual network operators (MVNOs) running on AT&T\'s network. …]]> 2024-07-13T01:55:01+00:00 https://go.theregister.com/feed/www.theregister.com/2024/07/12/att_110_million_call_text_logs/ www.secnews.physaphae.fr/article.php?IdArticle=8536055 False Mobile,Cloud None 2.0000000000000000 Silicon - Site de News Francais 2024-07-12T11:22:06+00:00 https://www.silicon.fr/apple-pay-ue-valide-ouverture-concurrence-sur-les-iphone-480446.html www.secnews.physaphae.fr/article.php?IdArticle=8535646 False Mobile None 3.0000000000000000 The Register - Site journalistique Anglais 2024-07-12T11:17:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/07/12/android_15_beta_desktop/ www.secnews.physaphae.fr/article.php?IdArticle=8535648 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain AT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company\'s Snowflake account. [...]]]> 2024-07-12T09:37:32+00:00 https://www.bleepingcomputer.com/news/security/massive-atandt-data-breach-exposes-call-logs-of-109-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=8535718 False Data Breach,Threat,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Users receiving the warnings are likely being targeted based on who they are or what they do, according to the vendor.]]> 2024-07-11T19:43:38+00:00 https://www.darkreading.com/endpoint-security/apple-warns-iphone-users-in-98-countries-of-more-spyware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8535208 False Mobile None 3.0000000000000000 Recorded Future - FLux Recorded Future 2024-07-11T16:58:10+00:00 https://therecord.media/apple-warns-indian-iphone-users-spyware www.secnews.physaphae.fr/article.php?IdArticle=8535151 False Mobile None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Détails : Apple a émis une nouvelle série de notifications de menace aux utilisateurs d'iPhone dans 98 pays, les avertissant des attaques potentielles de logiciels spymétriques.Il est la deuxième campagne d'alerte de la société cette année, après un similaireNotification envoyée aux utilisateurs dans 92 nations En avril.

---

Not a lot of details: Apple has issued a new round of threat notifications to iPhone users across 98 countries, warning them of potential mercenary spyware attacks. It’s the second such alert campaign from the company this year, following a similar notification sent to users in 92 nations in April.]]> 2024-07-11T15:09:32+00:00 https://www.schneier.com/blog/archives/2024/07/apple-is-alerting-iphone-users-of-spyware-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8535086 False Threat,Mobile None 3.0000000000000000 UnderNews - Site de news "pirate" francais Les campagnes de phishing restent l’une des méthodes les plus répandues et les plus dangereuses utilisées par les cybercriminels pour infiltrer un réseau, voler des informations sensibles, extorquer de l'argent et espionner les utilisateurs. Parmi l'arsenal utilisé, les chevaux de Troie d’accès à distance (RAT) se distinguent par leur capacité à fournir aux hackers un […] The post Sécurité mobile : les 5 étapes pour reconnaître et éviter les tentatives de phishing liées au malware Rafel RAT first appeared on UnderNews.]]> 2024-07-11T12:47:21+00:00 https://www.undernews.fr/malwares-virus-antivirus/securite-mobile-les-5-etapes-pour-reconnaitre-et-eviter-les-tentatives-de-phishing-liees-au-malware-rafel-rat.html www.secnews.physaphae.fr/article.php?IdArticle=8534985 False Malware,Mobile None 3.0000000000000000 McAfee Labs - Editeur Logiciel Dans le monde interconnecté d'aujourd'hui, nos appareils mobiles servent d'outils essentiels pour la communication, la productivité et le divertissement.Cependant, pour certains techniciens ...

---

> In today’s interconnected world, our mobile devices serve as essential tools for communication, productivity, and entertainment. However, for some tech-savvy... ]]> 2024-07-11T11:56:57+00:00 https://www.mcafee.com/blogs/mobile-security/how-does-jailbreaking-or-rooting-affect-my-mobile-device-security/ www.secnews.physaphae.fr/article.php?IdArticle=8535087 False Tool,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo. The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack]]> 2024-07-09T15:35:00+00:00 https://thehackernews.com/2024/07/guardzoo-malware-targets-over-450.html www.secnews.physaphae.fr/article.php?IdArticle=8533410 False Malware,Tool,Threat,Mobile None 3.0000000000000000 Wired Threat Level - Security News Get the whole picture on any device.]]> 2024-07-09T12:00:00+00:00 https://www.wired.com/story/how-to-take-a-long-scrolling-screenshot-android-ios-desktop/ www.secnews.physaphae.fr/article.php?IdArticle=8533470 False Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le farceur ferme dit que l'utilisation du cyberespionnage houthi est un signe que la surveillance mobile est une force croissante dans les conflits mondiaux.

---

>The firm Lookout says that Houthi use of cyberespionage is a sign that mobile surveillance is a growing force in global conflicts. ]]> 2024-07-09T10:05:00+00:00 https://cyberscoop.com/researchers-catch-yemeni-hackers-spying-on-middle-east-military-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8533411 False Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-07-09T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/building-a-robust-defense-in-depth-architecture-for-digital-transformation www.secnews.physaphae.fr/article.php?IdArticle=8533615 False Ransomware,Malware,Tool,Vulnerability,Threat,Patching,Legislation,Mobile,Industrial None 2.0000000000000000 The Register - Site journalistique Anglais 2024-07-09T06:32:05+00:00 https://go.theregister.com/feed/www.theregister.com/2024/07/09/microsoft_china_apple_google_authentication/ www.secnews.physaphae.fr/article.php?IdArticle=8533290 False Mobile None 3.0000000000000000 SecurityWeek - Security News À partir de septembre, Microsoft obligera l'utilisation des iPhones d'Apple \\ pour authentifier les identités lors de la connexion dans les machines de travail.

---

>Starting in September, Microsoft will mandate the the use of Apple\'s iPhones to authenticate identities when logging into work machines.  ]]> 2024-07-08T19:56:14+00:00 https://www.securityweek.com/microsoft-banning-chinese-staff-from-using-android-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8533029 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-08T15:06:59+00:00 https://community.riskiq.com/article/9a175891 www.secnews.physaphae.fr/article.php?IdArticle=8532909 False Malware,Tool,Vulnerability,Threat,Mobile,Cloud APT 36 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia\'s state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It\'s worth noting that NordVPN previously shut]]> 2024-07-08T11:58:00+00:00 https://thehackernews.com/2024/07/apple-removes-vpn-apps-from-russian-app.html www.secnews.physaphae.fr/article.php?IdArticle=8532625 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Rafel Rat est un type de logiciels malveillants qui permet aux attaquants de prendre un contrôle total sur un appareil mobile victime.Une fois installé, Rafel Rat peut effectuer une variété d'activités malveillantes, telles que le vol d'informations sensibles, l'accès aux fonctions de caméra et de microphone, et, de plus en plus, le déploiement de ransomwares. & # 160;Le ransomware mobile est un type de [& # 8230;]

---

>Rafel RAT is a type of malware that allows attackers to gain complete control over a victim’s mobile device. Once installed, Rafel RAT can perform a variety of malicious activities, such as stealing sensitive information, accessing camera and microphone functions, and, increasingly, deploying ransomware.  Mobile ransomware is a type of […] ]]> 2024-07-08T11:00:00+00:00 https://www.zimperium.com/blog/understanding-rafel-rat-and-its-role-in-mobile-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8532723 False Ransomware,Malware,Mobile None 3.0000000000000000 HackRead - Chercher Cyber Transparent Tribe Expands Android Spyware Arsenal: Gamers, Weapons Fans, and TikTok Users Targeted!]]> 2024-07-04T11:15:55+00:00 https://hackread.com/android-spyware-steals-gamers-tiktok-users-data/ www.secnews.physaphae.fr/article.php?IdArticle=8530518 False Mobile APT 36 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Licel\'s vTEE Achieves EMVCo Security Evaluation Certificate. EMVCo approval is a milestone in Licel\'s mission to facilitate secure mobile transactions. - Business News]]> 2024-07-04T08:16:23+00:00 https://www.globalsecuritymag.fr/licel-s-vtee-achieves-emvco-security-evaluation-certificate.html www.secnews.physaphae.fr/article.php?IdArticle=8530457 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-04T01:16:40+00:00 https://community.riskiq.com/article/48480abe www.secnews.physaphae.fr/article.php?IdArticle=8530282 False Ransomware,Malware,Vulnerability,Threat,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités]]> 2024-07-03T11:36:54+00:00 https://www.globalsecuritymag.fr/multiples-vulnerabilites-dans-google-android-03-juillet-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8530044 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-07-02T21:54:47+00:00 https://community.riskiq.com/article/d62a3110 www.secnews.physaphae.fr/article.php?IdArticle=8529579 False Malware,Tool,Threat,Mobile APT 36 2.0000000000000000 Zimperium - cyber risk firms for mobile Au cours des deux dernières années, Zimperium a publié le rapport de bancs de banque mobile, offrant des recherches approfondies sur les dernières familles de logiciels malveillants, les nouvelles techniques d'attaque et l'impact mondial des chevaux de Troie bancaires.Cette recherche en cours nous permet de rester en avance sur les menaces émergentes et d'assurer une protection complète de nos utilisateurs.Sur [& # 8230;]

---

>For the past two years, Zimperium has released the Mobile Banking Heist Report, providing in-depth research on the latest malware families, new attack techniques, and the global impact of banking trojans. This ongoing research allows us to stay ahead of emerging threats and ensure comprehensive protection for our users. On […] ]]> 2024-07-02T19:35:34+00:00 https://www.zimperium.com/blog/medusa-reborn-zimperiums-robust-defense/ www.secnews.physaphae.fr/article.php?IdArticle=8529553 False Malware,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Proofpoint highlighted how smishing, impersonation and spam are eroding trust in mobile messaging]]> 2024-07-02T16:15:00+00:00 https://www.infosecurity-magazine.com/news/political-spam-surges-threefold/ www.secnews.physaphae.fr/article.php?IdArticle=8529495 False Spam,Mobile None 2.0000000000000000 SecurityWeek - Security News Google expédie une mise à jour de la sécurité Android avec des correctifs pour 15 vulnérabilités, y compris un défaut de sévérité critique dans le cadre.

---

>Google ships an Android security update with fixes for 15 vulnerabilities, including a critical-severity flaw in Framework. ]]> 2024-07-02T14:18:44+00:00 https://www.securityweek.com/google-patches-25-android-flaws-including-critical-privilege-escalation-bug/ www.secnews.physaphae.fr/article.php?IdArticle=8529484 False Vulnerability,Mobile None 3.0000000000000000 ProofPoint - Cyber Firms 2024-07-02T06:00:50+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/election-2024-mobile-political-spam-volume-jumps-3x-compared-2022 www.secnews.physaphae.fr/article.php?IdArticle=8529408 False Spam,Malware,Tool,Threat,Mobile,Cloud,Commercial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group\'s trend of embedding spyware into curated video browsing applications, with a new expansion targeting mobile gamers, weapons enthusiasts, and TikTok fans," SentinelOne security researcher Alex]]> 2024-07-01T18:30:00+00:00 https://thehackernews.com/2024/07/caprarat-spyware-disguised-as-popular.html www.secnews.physaphae.fr/article.php?IdArticle=8529204 False Threat,Mobile,Prediction APT 36 3.0000000000000000 Global Security Mag - Site de news francais mise à jour malveillant

---

CapraTube remix - Transparent Tribe\'s Android spyware targeting gamers, weapons enthusiasts by SentinelOne - Malware Update]]> 2024-07-01T13:46:53+00:00 https://www.globalsecuritymag.fr/capratube-remix-transparent-tribe-s-android-spyware-targeting-gamers-weapons.html www.secnews.physaphae.fr/article.php?IdArticle=8529266 False Mobile APT 36 3.0000000000000000 Zimperium - cyber risk firms for mobile Dans le paysage en constante évolution des menaces de cybersécurité, une menace qui a émergé avec un impact significatif est Rafel Rat (Trojan d'accès à distance).En tant qu'outil insidieux utilisé par les cybercriminels, Rafel Rat présente un risque grave pour les appareils Android, ce qui rend essentiel pour les individus et les organisations de comprendre son fonctionnement et de prendre [& # 8230;]

---

>In the ever-evolving landscape of cybersecurity threats, one menace that has emerged with significant impact is Rafel RAT (Remote Access Trojan). As an insidious tool used by cybercriminals, Rafel RAT poses a severe risk to Android devices, making it essential for individuals and organizations to understand its workings and take […] ]]> 2024-07-01T13:05:00+00:00 https://www.zimperium.com/blog/understanding-the-rafel-rat-threat/ www.secnews.physaphae.fr/article.php?IdArticle=8529200 False Tool,Threat,Mobile None 3.0000000000000000 SentinelOne (Adversary) - Cyber Firms SentinelLabs has identified four new CapraRAT APKs associated with suspected Pakistan state-aligned actor Transparent Tribe.]]> 2024-07-01T12:55:23+00:00 https://www.sentinelone.com/labs/capratube-remix-transparent-tribes-android-spyware-targeting-gamers-weapons-enthusiasts/ www.secnews.physaphae.fr/article.php?IdArticle=8651455 False Mobile APT 36 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-07-01T11:19:51+00:00 https://www.globalsecuritymag.fr/sentinellabs-decouvre-4-nouveaux-logiciels-espions-android-ciblant-notamment.html www.secnews.physaphae.fr/article.php?IdArticle=8529196 False Mobile None 3.0000000000000000 TechRepublic - Security News US Curious about recording phone calls on your Android device? Follow our step-by-step instructions for seamless recording.]]> 2024-06-28T15:48:58+00:00 https://www.techrepublic.com/article/how-to-record-phone-call-android/ www.secnews.physaphae.fr/article.php?IdArticle=8527309 False Mobile None 3.0000000000000000 GoogleSec - Firm Security Blog Chrome Root Program Policy states that CA certificates included in the Chrome Root Store must provide value to Chrome end users that exceeds the risk of their continued inclusion. It also describes many of the factors we consider significant when CA Owners disclose and respond to incidents. When things don\'t go right, we expect CA Owners to commit to meaningful and demonstrable change resulting in evidenced continuous improvement. Over the past several years, publicly disclosed incident reports highlighted a pattern of concerning behaviors by Entrust that fall short of the above expectations, and has eroded confidence in their competence, reliability, and integrity as a publicly-trusted CA Owner. In response to the above concerns and to preserve the integrity of the Web PKI ecosystem, Chrome will take the following actions. Upcoming change in Chrome 127 and higher: TLS server authentication certificates validating to the following Entrust roots whose earliest Signed Certificate Timestamp (SCT) is dated after October 31, 2024, will no longer be trusted by default. CN=Entrust Root Certification Authority - EC1,OU=See www.entrust.net/legal-terms+OU=(c) 2012 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net CN=Entrust Root Certification Authority,OU=www.entrust.net/CPS is incorporated by reference+OU=(c) 2006 Entrust, Inc.,O=Entrust, Inc.,C=US CN=Entrust Root Certification Authority - G4,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust, Inc. - for authorized use only,O=Entrust, Inc.,C=US CN=AffirmTrust Comm]]> 2024-06-27T13:16:13+00:00 http://security.googleblog.com/2024/06/sustaining-digital-certificate-security.html www.secnews.physaphae.fr/article.php?IdArticle=8527969 False Legislation,Mobile,Commercial None 3.0000000000000000 GoogleSec - Firm Security Blog October 2023.KVM is a robust hypervisor with over 15 years of open-source development and is widely used throughout the consumer and enterprise landscape, including platforms such as Android and Google Cloud. Google is an active contributor to the project and we designed kvmCTF as a collaborative way to help identify & remediate vulnerabilities and further harden this fundamental security boundary. Similar to kernelCTF, kvmCTF is a vulnerability reward program designed to help identify and address vulnerabilities in the Kernel-based Virtual Machine (KVM) hypervisor. It offers a lab environment where participants can log in and utilize their exploits to obtain flags. Significantly, in kvmCTF the focus is on zero day vulnerabilities and as a result, we will not be rewarding exploits that use n-days vulnerabilities. Details regarding the  zero day vulnerability will be shared with Google after an upstream patch is released to ensure that Google obtains them at the same time as the rest of the open-source community.  Additionally, kvmCTF uses the Google Bare Metal Solution (BMS) environment to host its infrastructure. Finally, given how critical a hypervisor is to overall system security, kvmCTF will reward various levels of vulnerabilities up to and including code execution and VM escape.]]> 2024-06-27T13:14:02+00:00 http://security.googleblog.com/2024/06/virtual-escape-real-reward-introducing.html www.secnews.physaphae.fr/article.php?IdArticle=8527970 False Vulnerability,Threat,Mobile,Cloud None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC blog , nous avons appris à utiliser le FMEM pour l'acquisition de la mémoire volatile.Dans ce blog, nous explorerons comment créer des vidages de mémoire à l'aide de chaux (extracteur de mémoire Linux) et comment commencer par notre processus d'analyse en utilisant le cadre de volatilité dans nos prochains blogs. Qu'est-ce que la chaux? Un module de noyau chargé (LKM) qui permet une acquisition de mémoire volatile à partir de périphériques basés sur Linux et Linux, tels que Android.Cela rend la chaux unique car c'est le premier outil qui permet des captures de mémoire complète sur les appareils Android.Il minimise également son interaction entre les processus d'espace utilisateur et du noyau pendant l'acquisition, ce qui lui permet de produire des captures de mémoire qui sont plus judiciques que celles d'autres outils conçus pour l'acquisition de mémoire Linux. Pourquoi l'analyse du vidage de mémoire est-elle importante? L'analyse du vidage de mémoire est vitale en médecine légale numérique pour plusieurs raisons: Découvrir les données cachées: RAM contient des données transitoires non stockées sur le disque, telles que les clés de chiffrement et les logiciels malveillants en mémoire. Comprendre l'état du système: Les vidages de mémoire fournissent un snapot des processus actifs, des fichiers ouverts et des connexions réseau. détection d'activité malveillante: L'analyse peut révéler la présence et le comportement des logiciels malveillants qui fonctionnent principalement en mémoire. Installation et configuration de chaux Pour utiliser la chaux, vous devez le construire à partir de la source.Suivez ces étapes pour installer et configurer la chaux: Clone Le référentiel de chaux: Pour clone dans le référentiel de chaux, vous pouvez utiliser Git Clone: ​​ Git Clone https://github.com/504ensicslabs/lime.git Assurez-vous que les en-têtes de noyau Linux et les outils de construction sont installés. Pour installer des éléments essentiels de construction, vous pouvez utiliser: sudo apt installer build-essentiel maintenant, accédez au sous-répertoire SRC sous Lime Directory: cd chaux / src compiler le module de chaux: Maintenant, utilisez Make pour compiler le module de chaux: faire Chargez le module: Utilisez INSMOD pour charger le module dans le noyau. ]]> 2024-06-27T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/memory-dump-analysis-using-lime-for-acquisition-and-volatility-for-initial-setup www.secnews.physaphae.fr/article.php?IdArticle=8526464 False Malware,Tool,Mobile None 3.0000000000000000 HackRead - Chercher Cyber New Android Malware "Snowblind" bypasses security! It exploits Linux\'s seccomp to launch scalable attacks and steal your data. Download safely, update your device, and consider mobile security to stay protected.]]> 2024-06-26T18:55:21+00:00 https://hackread.com/snowblind-android-malware-steals-bypasses-security/ www.secnews.physaphae.fr/article.php?IdArticle=8526125 False Malware,Mobile None 3.0000000000000000 The Register - Site journalistique Anglais 2024-06-26T18:03:06+00:00 https://go.theregister.com/feed/www.theregister.com/2024/06/26/google_begs_court_for_relief/ www.secnews.physaphae.fr/article.php?IdArticle=8526097 False Mobile None 3.0000000000000000 The Register - Site journalistique Anglais The FLX1 runs its own build of \'Trixie\' but has an Android layer DEVCONF.CZ  Furi Labs\' FLX1 is a Debian-based smartphone with decent specs at a competitive price.…]]> 2024-06-26T16:30:08+00:00 https://go.theregister.com/feed/www.theregister.com/2024/06/26/furi_phone_flx1_debian_smartphone/ www.secnews.physaphae.fr/article.php?IdArticle=8526098 False Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A novel malware strain, Snowblind, bypasses security measures in banking apps on Android, leading to financial losses and fraud, according to Promon]]> 2024-06-26T15:30:00+00:00 https://www.infosecurity-magazine.com/news/novel-banking-malware-asia/ www.secnews.physaphae.fr/article.php?IdArticle=8526075 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of an Android banking trojan called Medusa that has been used to target users in Canada, France, Italy, Spain, Turkey, the U.K., and the U.S. The new fraud campaigns, observed in May 2024 and active since July 2023, manifested through five different botnets operated by various affiliates, cybersecurity firm Cleafy said in an analysis]]> 2024-06-26T13:08:00+00:00 https://thehackernews.com/2024/06/new-medusa-android-trojan-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8525854 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch As cybersecurity\'s cat-and-mouse game starts to look more like Tom and Jerry, attackers develop a method for undermining Android app security with no obvious fix.]]> 2024-06-26T13:00:00+00:00 https://www.darkreading.com/remote-workforce/snowblind-tampering-technique-may-drive-android-users-adrift www.secnews.physaphae.fr/article.php?IdArticle=8525982 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-06-26T10:02:45+00:00 https://www.globalsecuritymag.fr/eset-research-decouvre-aridspy-un-logiciel-espion-android-qui-cible-la.html www.secnews.physaphae.fr/article.php?IdArticle=8525889 False Mobile APT-C-23 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC prevent breaches, and decisions to maintain business continuity. Any company should have a comprehensive assessment of its environment conducted at least annually. These assessments are used to identify vulnerabilities in processes and systems, point out areas for improvement, and comprehensively assess the overall resiliency of the organization’s entire IT ecosystem. The main goal is to fully understand the current security level and be able to take the necessary steps to remediate possible issues. Assessing On-Premises Security With on-premises system management, all the responsibility falls on the local IT team, so they need to have a comprehensive view of the currently deployed hardware and software to be able to successfully secure both. Let’s go over the components of such an exercise: ● Asset inventory: It is imperative to know the total scope of the organization\'s assets, including workstations, mobile devices, servers, network equipment, and all the software applications in use. This helps pinpoint outdated assets that either need to be removed from the environment or brought up-to-date with hardware or software upgrades. ● Patch management: New software vulnerabilities are being constantly unearthed, so prompt software updating and comprehensive patch management are instrumental in every environment. While it is a good idea to verify the stability of new updates first, automated patch management tools can help streamline this process. ● Network segmentation: Adversaries are always looking for opportunities for lateral movement in a network, so the isolation of systems and processes through network segmentation is an important step in limiting the potential damage a breach can cause. All in all, the evaluation of on-premises security requires an all-around review of the physical and digital protections within the organization’s data centers. This additionally includes vetting firewalls, intrusion detection systems, and access controls to thwart unauthorized access. Regular security audits and penetration tests are crucial to identify and address vulnerabilities before they can be weaponized. Assessing Cloud Security Working with cloud-based solutions keeps growing in popularity, since it effectively outsources the underlying hardware management to the cloud service provider, lessening the burden on the local IT team. This isn\'t to say that there is n]]> 2024-06-26T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-ins-and-outs-of-cybersecurity-posture-assessment-in-2024 www.secnews.physaphae.fr/article.php?IdArticle=8525884 False Tool,Vulnerability,Threat,Patching,Mobile,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain A novel Android attack vector from a piece of malware tracked as Snowblind is abusing a security feature to bypass existing anti-tampering protections in apps that handle sensitive user data. [...]]]> 2024-06-26T09:33:04+00:00 https://www.bleepingcomputer.com/news/security/snowblind-malware-abuses-android-security-feature-to-bypass-security/ www.secnews.physaphae.fr/article.php?IdArticle=8526014 False Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey. [...]]]> 2024-06-25T13:02:24+00:00 https://www.bleepingcomputer.com/news/security/new-medusa-malware-variants-target-android-users-in-seven-countries/ www.secnews.physaphae.fr/article.php?IdArticle=8525440 False Malware,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-06-25T07:46:40+00:00 https://www.globalsecuritymag.fr/le-rat-rafel-un-malware-android-qui-passe-de-l-espionnage-aux-operations-de.html www.secnews.physaphae.fr/article.php?IdArticle=8525148 False Ransomware,Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google is testing a new feature called "Digital Credential API" for Chrome on Android that will allow websites to request identity information from mobile wallets using Android\'s IdentityCredential system. [...]]]> 2024-06-24T15:50:00+00:00 https://www.bleepingcomputer.com/news/google/chrome-for-android-tests-feature-that-securely-verifies-your-id-with-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8524843 False Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine An earlier publication by Check Point Research had already linked Rafel to the APT-C-35/DoNot Team]]> 2024-06-24T15:30:00+00:00 https://www.infosecurity-magazine.com/news/android-users-targeted-rafel-rat/ www.secnews.physaphae.fr/article.php?IdArticle=8524735 False Malware,Threat,Mobile None 3.0000000000000000 HackRead - Chercher Cyber The new Rafel RAT is an Android malware capable of stealing data, spy on you, and even lock your phone. Keep your Android updated, download apps safely, and avoid phishing attacks to stay secure.]]> 2024-06-24T15:27:14+00:00 https://hackread.com/rafel-rat-puts-3-9-billion-android-devices-at-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8524731 False Malware,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ONNX              SUPPORT"          $expired\_api = "Your API has been expired"        condition:          all of them  } | | --- | MAL\_CRIME\_ONNX\_Store\_Phishing\_PDF\_QR is designed to detect potenetioally malcioius QR codes with PDF files. | rule MAL\_CRIME\_ONNX\_Store\_Phishing\_PDF\_QR  {      meta:          description = "Detects potentially malicious PDFs based on structural patterns"          author = "Arda Buyukkaya"          date = "2024-05-17"          hash = "0250a5ba26791e7ffddb4b294d486479"      strings:          $pdf = "%PDF-"          $magic\_classic = "%!FontType1-1."          $magic\_font = /obj\s\*]\*\/Subtype\s\*\/Type1/          $magic\_font2 = /obj\s\*]]> 2024-06-24T14:46:29+00:00 https://community.riskiq.com/article/286a8700 www.secnews.physaphae.fr/article.php?IdArticle=8524718 False Ransomware,Tool,Threat,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-06-24T12:48:47+00:00 https://community.riskiq.com/article/efd9816a www.secnews.physaphae.fr/article.php?IdArticle=8524654 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud APT-C-23 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps. "It provides malicious actors with a powerful toolkit for remote administration and control, enabling a range of malicious activities]]> 2024-06-24T10:34:00+00:00 https://thehackernews.com/2024/06/iranian-hackers-deploy-rafel-rat-in.html www.secnews.physaphae.fr/article.php?IdArticle=8524430 False Tool,Threat,Mobile None 2.0000000000000000 The Register - Site journalistique Anglais Plus: Huawei closer to divorcing Android; India probes Amazon warehouses; Singapore gets autonomous street sweepers Asia In Brief  SoftBank CEO Masayoshi Son last week told investors he believes an "artificial superintelligence" that has 10,000 times the intelligence of humans could arrive in as little as three years.…]]> 2024-06-24T00:45:11+00:00 https://go.theregister.com/feed/www.theregister.com/2024/06/24/asia_tech_news_in_brief/ www.secnews.physaphae.fr/article.php?IdArticle=8524306 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain An open-source Android malware named \'Rafel RAT\' is widely deployed by multiple cybercriminals to attack outdated devices, some aiming to lock them down with a ransomware module that demands payment on Telegram. [...]]]> 2024-06-22T10:19:38+00:00 https://www.bleepingcomputer.com/news/security/rafel-rat-targets-outdated-android-phones-in-ransomware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8524662 False Ransomware,Malware,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain The Tor Project has released Tor Browser 13.5, bringing several improvements and enhancements for Android and desktop versions. [...]]]> 2024-06-21T10:26:46+00:00 https://www.bleepingcomputer.com/news/security/tor-browser-135-brings-android-enhancements-better-bridge-management/ www.secnews.physaphae.fr/article.php?IdArticle=8522742 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-06-21T02:03:23+00:00 https://community.riskiq.com/article/19d9cd7d www.secnews.physaphae.fr/article.php?IdArticle=8522374 False Malware,Threat,Mobile APT-C-23 2.0000000000000000 Dark Reading - Informationweek Branch The old, but newly disclosed, vulnerability is buried deep inside personal computers, servers, and mobile devices, and their supply chains, making remediation a headache.]]> 2024-06-20T20:42:22+00:00 https://www.darkreading.com/vulnerabilities-threats/high-risk-overflow-bug-in-intel-chips-likely-impacts-100s-of-pc-models www.secnews.physaphae.fr/article.php?IdArticle=8522161 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform]]> 2024-06-20T19:52:00+00:00 https://thehackernews.com/2024/06/researchers-uncover-uefi-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8521943 False Vulnerability,Mobile None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite En ce qui concerne les appareils mobiles, Android est le système d'exploitation le plus populaire et le plus utilisé avec plus de 3,9 milliards d'utilisateurs actifs dans plus de 190 pays.Les trois quarts de tous les appareils mobiles fonctionnent sur Android.Cependant, avec son adoption généralisée et son environnement ouvert vient le risque d'activité malveillante.Android Malware, un logiciel malveillant conçu pour cibler les appareils Android, constitue une menace importante pour les utilisateurs & # 8217;confidentialité, sécurité et intégrité des données.Ces programmes malveillants se présentent sous diverses formes, y compris les virus, les chevaux de Troie, les ransomwares, les logiciels espions et les logiciels publicitaires, et ils peuvent infiltrer des appareils via plusieurs vecteurs, tels que les téléchargements d'applications, les sites Web malveillants, les attaques de phishing et même [& # 8230;]

---

>When it comes to mobile devices, Android is the most popular and used operating system with over 3.9 billion active users in over 190 countries. Three-quarters of all mobile devices run on Android. However, with its widespread adoption and open environment comes the risk of malicious activity. Android malware, a malicious software designed to target Android devices, poses a significant threat to users’ privacy, security, and data integrity. These malicious programs come in various forms, including viruses, Trojans, ransomware, spyware, and adware, and they can infiltrate devices through multiple vectors, such as app downloads, malicious websites, phishing attacks, and even […] ]]> 2024-06-20T15:00:36+00:00 https://blog.checkpoint.com/research/rafel-rat-android-malware-from-espionage-to-ransomware-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8521948 False Ransomware,Malware,Threat,Mobile None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Recherche de: Antonis Terefos, Bohdan Melnykov Introduction Android, le système d'exploitation mobile le plus populaire de Google, alimente des milliards de smartphones et de tablettes à l'échelle mondiale.Connu pour sa nature open source et sa flexibilité, Android offre aux utilisateurs un large éventail de fonctionnalités, d'options de personnalisation et d'accès à un vaste écosystème d'applications via le Google Play Store et d'autres sources.Cependant, [& # 8230;]

---

>Research by: Antonis Terefos, Bohdan Melnykov Introduction Android, Google\'s most popular mobile operating system, powers billions of smartphones and tablets globally. Known for its open-source nature and flexibility, Android offers users a wide array of features, customization options, and access to a vast ecosystem of applications through the Google Play Store and other sources. However, […] ]]> 2024-06-20T15:00:00+00:00 https://research.checkpoint.com/2024/rafel-rat-android-malware-from-espionage-to-ransomware-operations/ www.secnews.physaphae.fr/article.php?IdArticle=8521988 False Ransomware,Malware,Mobile None 2.0000000000000000 CompromisingPositions - Podcast Cyber Positions compromis Rory Sutherland sur \'Règle des minorités \' comme figurant sur le podcast de risque humain Les vrais dangers de étant gaucher John a parlé des nuls de test de crash étant basés sur des hommes, probablement tirés du livre brillant Femme invisible: exposant le biais de données dans un monde conçu pour les hommes par Caroline Criado Perez National Customer Rage Survey À propos de John Sills John Sills est directeur général de la société de croissance dirigée par le client, la Fondation. Il a commencé sa carrière il y a 25 ans, sur un stand de marché enEssex, et depuis lors, a travaillé dans et avec des entreprises du monde entier pour améliorer les choses pour les clients. Il a été dans des équipes de première ligne offrant l'expérience, des équipes d'innovation concevant les propositions etLes équipes Global HQ créant la stratégie.Il a été directeur de banque pendant la crise financière (pas amusant), a lancé une application mobile à des millions de personnes (très amusante) et visite régulièrement des étrangers \\ 'pour poser des questions très personnelles (plaisir incroyable). Il travaille maintenant avec des entreprises dans les industries et dans le monde, et avant de rejoindre la fondation, a passé douze ans à HSBC, récemment en tant que responsable de l'innovation client. Son premier livre sur le sujet - L'expérience humaine - a été publiée par Bloomsbury en février 2023, et il est à peu près partout où vous regardez en ligne. liensPour John Sills le livre de John \\ L'exp�]]> 2024-06-19T23:00:00+00:00 https://www.compromisingpositions.co.uk/podcast/episode-33-inconvenient-truths www.secnews.physaphae.fr/article.php?IdArticle=8521426 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile La tenue de touche de l'application est la pratique de l'installation d'applications via des canaux de distribution non officiels.Bien que cela permette une plus grande personnalisation et une plus grande disponibilité des applications, elle ouvre également la porte à des vulnérabilités de sécurité importantes, l'augmentation de la surface d'attaque est exposée.Dans cet article de blog, nous discuterons des différences entre Android et [& # 8230;]

---

>Application sideloading is the practice of installing applications through non-official distribution channels. While this allows for greater customization and app availability, it also opens the door to significant security vulnerabilities increasing the attack surface users are exposed to. In this blog post, we will discuss the differences between Android and […] ]]> 2024-06-19T12:00:17+00:00 https://www.zimperium.com/blog/the-hidden-risks-of-sideloading-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8521062 False Vulnerability,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais rapports spéciaux / / affiche

---

Trust in employees dwindling as more than 60% of security decision makers expect employees to put corporate data at risk of a breach according to Apricorn research Corporate data knowingly put at risk by 55% of mobile workers - Special Reports / affiche]]> 2024-06-19T08:54:10+00:00 https://www.globalsecuritymag.fr/trust-in-employees-dwindling-as-more-than-60-of-security-decision-makers-expect.html www.secnews.physaphae.fr/article.php?IdArticle=8520971 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Singapore Police Force (SPF) has announced the extradition of two men from Malaysia for their alleged involvement in a mobile malware campaign targeting citizens in the country since June 2023. The unnamed individuals, aged 26 and 47, engaged in scams that tricked unsuspecting users into downloading malicious apps onto their Android devices via phishing campaigns with the aim of stealing]]> 2024-06-18T13:08:00+00:00 https://thehackernews.com/2024/06/singapore-police-extradites-malaysians.html www.secnews.physaphae.fr/article.php?IdArticle=8520280 False Malware,Legislation,Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2024-06-18T11:03:00+00:00 https://cybersecurity.att.com/blogs/labs-research/highly-evasive-squidloader-targets-chinese-organizations www.secnews.physaphae.fr/article.php?IdArticle=8521071 False Malware,Tool,Threat,Mobile,Prediction,Technical None 2.0000000000000000 HackRead - Chercher Cyber Discover Pi Coin, the Stanford-developed cryptocurrency revolutionizing mobile mining. Explore its potential, features, and predictions for 2025. Join the future of digital currency now!]]> 2024-06-17T20:04:38+00:00 https://hackread.com/the-future-of-pi-coin-potential-and-predictions/ www.secnews.physaphae.fr/article.php?IdArticle=8519975 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-06-17T11:42:19+00:00 https://community.riskiq.com/article/53f61882 www.secnews.physaphae.fr/article.php?IdArticle=8519757 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Targeted Geolocations - India #### Targeted Industries - Defense Industrial Base - Information Technology - Government Agencies & Services ## Snapshot Analysts at Cisco Talos have uncovered an ongoing malware campaign named "Operation Celestial Force," active since 2018. ## Description This campaign employs the [GravityRAT malware](https://security.microsoft.com/intel-profiles/dca3dd26090d054493961c69bf11b73d52df30d713169853165fbb66a2eb7ba4) for Android and a Windows-based loader called "HeavyLift." These infections are managed through a tool dubbed "GravityAdmin," which can handle multiple campaigns simultaneously. Talos attributes this campaign to a Pakistani threat group they call "Cosmic Leopard," which focuses on espionage against Indian entities, especially in defense and government sectors. The campaign uses two infection vectors, social engineering and spear phishing to gain access to its targets. Spe]]> 2024-06-15T20:58:43+00:00 https://community.riskiq.com/article/0dccc722 www.secnews.physaphae.fr/article.php?IdArticle=8518781 False Malware,Tool,Threat,Mobile,Industrial None 2.0000000000000000 HackRead - Chercher Cyber Android users in Egypt and Palestine beware! Arid Viper is distributing malicious third-party apps hiding the AridSpy trojan! Learn how this malware steals your data and how to protect yourself.]]> 2024-06-15T17:10:17+00:00 https://hackread.com/arid-vipers-aridspy-trojan-android-users-palestine-egypt/ www.secnews.physaphae.fr/article.php?IdArticle=8518688 False Malware,Mobile APT-C-23 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group\'s latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage and SMS," Resecurity said in a report published earlier this week. "The goal is]]> 2024-06-15T15:21:00+00:00 https://thehackernews.com/2024/06/grandoreiro-banking-trojan-hits-brazil.html www.secnews.physaphae.fr/article.php?IdArticle=8518517 False Threat,Mobile None 3.0000000000000000 Wired Threat Level - Security News The messaging standard promises better security and cooler features than plain old SMS. Android has had it for years, but now iPhones are getting it too.]]> 2024-06-15T12:30:00+00:00 https://www.wired.com/story/guide-to-rcs-why-it-makes-texting-better/ www.secnews.physaphae.fr/article.php?IdArticle=8518565 False Mobile None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app]]> 2024-06-14T11:58:03+00:00 https://www.welivesecurity.com/en/videos/arid-viper-spies-android-users-middle-east-week-security-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8518490 False Mobile APT-C-23 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Arid Viper has been attributed to a mobile espionage campaign that leverages trojanized Android apps to deliver a spyware strain dubbed AridSpy. "The malware is distributed through dedicated websites impersonating various messaging apps, a job opportunity app, and a Palestinian Civil Registry app," ESET researcher Lukáš Štefanko said in a report published today. "Often]]> 2024-06-13T19:25:00+00:00 https://thehackernews.com/2024/06/arid-viper-launches-mobile-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=8517163 False Malware,Threat,Mobile APT-C-23 3.0000000000000000 The Register - Site journalistique Anglais \'Large portions\' of droid tech stack going into laptop OS plumbing Google\'s ChromeOS team has begun borrowing "large portions" of Android\'s tech stack to innovate faster, to reduce the burden of maintaining multiple operating systems, and to enhance device interoperability in the face of vendor kernel variability, the web giant says.…]]> 2024-06-13T17:20:12+00:00 https://go.theregister.com/feed/www.theregister.com/2024/06/12/google_android_chromeos/ www.secnews.physaphae.fr/article.php?IdArticle=8517248 False Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Dans ce blog, Zimperium partage des détails sur la campagne de logiciels malveillants ciblés par mobile nommé l'opération Celestial Force, attribuée aux acteurs de menace liés au Pakistan.Lisez le blog pour plus.

---

>In this blog, Zimperium shares details about the mobile-targeted malware campaign named Operation Celestial Force, attributed to threat actors linked to Pakistan. Read the blog for more. ]]> 2024-06-13T16:47:27+00:00 https://www.zimperium.com/blog/new-mobile-threat-alert-operation-celestial-fore/ www.secnews.physaphae.fr/article.php?IdArticle=8517360 False Malware,Threat,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with ties to Pakistan have been linked to a long-running malware campaign dubbed Operation Celestial Force since at least 2018. The activity, still ongoing, entails the use of an Android malware called GravityRAT and a Windows-based malware loader codenamed HeavyLift, according to Cisco Talos, which are administered using another standalone tool referred to as GravityAdmin. The]]> 2024-06-13T15:56:00+00:00 https://thehackernews.com/2024/06/pakistan-linked-malware-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8517165 False Malware,Tool,Threat,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine ESET detected five cyber espionage campaigns targeting Android users with trojanized apps deploying \'AridSpy\' spyware]]> 2024-06-13T14:30:00+00:00 https://www.infosecurity-magazine.com/news/arid-viper-egypt-palestine-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8517212 False Mobile APT-C-23 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités]]> 2024-06-13T14:12:57+00:00 https://www.globalsecuritymag.fr/multiples-vulnerabilites-dans-google-android-et-pixel-13-juin-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8517276 False Mobile None 2.0000000000000000 ProjectZero - Blog de recherche Google There are recent public examples of third-party drivers containing serious vulnerabilities that are exploited on Android. While there exists a well-established body of public (and In-the-Wild) security research on Android GPU drivers, other chipset components may not be as frequently audited so this research sought to explore those drivers in greater detail.Driver Enumeration: Not as Easy as it Looks This research focused on three Android devices (chipset manufacturers in parentheses): - Google Pixel 7 (Tensor) - Xiaomi 11T (MediaTek) - Asus ROG 6D (MediaTek) In order to perform driver research on these devices I first had to find all of the kernel drivers that were accessible from an unprivileged context on each device; a task complicated by the non-uniformity of kernel drivers (and their permissions structures) across different devices even within the same chipset manufacturer. There are several different methodologies for discovering these drivers. The most straightforward technique is to search the associated filesystems looking for exposed driver device files. These files serve as the primary method by which userland can interact with the driver. Normally the “file” is open’d by a userland process, which then uses a combination of read, write, ioctl, or even mmap to interact with the driver. The driver then “translates” those interactions into manipulations of the underlying hardware device sending the output of that device back to userland as warranted. Effectively all drivers expose their interfaces through the ProcFS or DevFS filesystems, so I focused on the /proc and /dev directories while searching for viable attack surfaces. Theoretically, evaluating all the userland accessible drivers should be as simple as calling find /dev or find /proc, attempting to open every file discovered, and logging which open]]> 2024-06-13T11:03:53+00:00 https://googleprojectzero.blogspot.com/2024/06/driving-forward-in-android-drivers.html www.secnews.physaphae.fr/article.php?IdArticle=8516986 False Tool,Vulnerability,Threat,Patching,Mobile,Technical None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET ESET researchers discovered Arid Viper espionage campaigns spreading trojanized apps to Android users in Egypt and Palestine]]> 2024-06-13T09:29:00+00:00 https://www.welivesecurity.com/en/eset-research/arid-viper-poisons-android-apps-with-aridspy/ www.secnews.physaphae.fr/article.php?IdArticle=8517839 False Mobile APT-C-23 3.0000000000000000 CompromisingPositions - Podcast Cyber le podcast Brainy Business Paul Bloom \'s Psychology Episode sur Melina Palmer \\ 'S le cerveau des podques commerciaux t Une belle vidéo sur Le DOORMAN FOLLACY mettant en vedette le légendaire Rory Sutherland Recommandation de livre - ]]> 2024-06-12T23:00:00+00:00 https://www.compromisingpositions.co.uk/podcast/episode-32-the-human-experience www.secnews.physaphae.fr/article.php?IdArticle=8516991 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [...]]]> 2024-06-12T15:06:16+00:00 https://www.bleepingcomputer.com/news/security/google-patches-exploited-android-zero-day-on-pixel-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8517339 False Vulnerability,Threat,Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Dans ce blog, Zimperium partage comment les CISA \\ sont sécurisés par conception de conception est une étape importante vers un avenir numérique plus sécurisé.Lisez le blog pour plus.

---

>In this blog, Zimperium shares how CISA\'s Secure by Design pledge is an important step towards a more secure digital future. Read the blog for more. ]]> 2024-06-12T14:16:47+00:00 https://www.zimperium.com/blog/mobile-security-alert-nsa-recommends-weekly-smartphone-reboots/ www.secnews.physaphae.fr/article.php?IdArticle=8516862 False Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   Individuals and organizations in Brazil face a unique cyber threat landscape because it is a complex interplay of global and local threats, posing significant risks to individuals, organizations, and critical sectors of Brazilian society. Many of the cyber espionage threat actors that are prolific in campaigns across the globe are also active in carrying out attempted intrusions into critical sectors of Brazilian society. Brazil also faces threats posed by the worldwide increase in multifaceted extortion, as ransomware and data theft continue to rise. At the same time, the threat landscape in Brazil is shaped by a domestic cybercriminal market, where threat actors coordinate to carry out account takeovers, conduct carding and fraud, deploy banking malware and facilitate other cyber threats targeting Brazilians. The rise of the Global South, with Brazil at the forefront, marks a significant shift in the geopolitical landscape; one that extends into the cyber realm. As Brazil\'s influence grows, so does its digital footprint, making it an increasingly attractive target for cyber threats originating from both global and domestic actors. This blog post brings together Google\'s collective understanding of the Brazilian threat landscape, combining insights from Google\'s Threat Analysis Group (TAG) and Mandiant\'s frontline intelligence. As Brazil\'s economic and geopolitical role in global affairs continues to rise, threat actors from an array of motivations will further seek opportunities to exploit the digital infrastructure that Brazilians rely upon across all aspects of society. By sharing our global perspective, we hope to enable greater resiliency in mitigating these threats. Google uses the results of our research to improve the safety and security of our products, making them secure by default. Chrome OS has built-in and proactive security to protect from ransomware, and there have been no reported ransomware attacks ever on any business, education, or consumer Chrome OS device. Google security teams continuously monitor for new threat activity, and all identified websites and domains are added to Safe Browsing to protect users from further exploitation. We deploy and constantly update Android detections to protect users\' devices and prevent malicious actors from publishing malware to the Google Play Store. We send targeted Gmail and Workspace users government-backed attacker alerts, notifying them of the activity and encouraging potential targets to enable Enhanced Safe Browsing for Chrome and ensure that all devices are updated.   Cyber Espionage Operations Targeting Brazil Brazil\'s status as a globally influential power and the largest economy in South America have drawn attention from c]]> 2024-06-12T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/cyber-threats-targeting-brazil/ www.secnews.physaphae.fr/article.php?IdArticle=8516847 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud,Technical APT 28 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Appdome Wins Spring 2024 Digital Innovator Award from Intellyx Platform Delivery Model Allows Brands and Enterprises to Innovate Mobile Security, Fraud and Compliance Faster than Attackers - Business News]]> 2024-06-11T12:09:02+00:00 https://www.globalsecuritymag.fr/appdome-wins-spring-2024-digital-innovator-award-from-intellyx.html www.secnews.physaphae.fr/article.php?IdArticle=8517305 False Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Mail gets categories, Messages gets more tapbacks, and apps can now be locked.]]> 2024-06-10T17:47:23+00:00 https://arstechnica.com/?p=2030149 www.secnews.physaphae.fr/article.php?IdArticle=8516404 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais actualités du marché

---

Cryptomathic assures security of Belgium\'s new digital identity wallet Cryptomathic\'s Mobile App Security Core (MASC) delivers the highest levels of security, protection and privacy for citizens using the app - Market News]]> 2024-06-10T13:22:09+00:00 https://www.globalsecuritymag.fr/cryptomathic-assures-security-of-belgium-s-new-digital-identity-wallet.html www.secnews.physaphae.fr/article.php?IdArticle=8516326 False Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future 2024-06-10T12:14:03+00:00 https://therecord.media/sms-blasting-arrests-uk-homemade-antenna www.secnews.physaphae.fr/article.php?IdArticle=8516269 False Mobile None 4.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-06-07T22:28:02+00:00 https://community.riskiq.com/article/5c05cdcd www.secnews.physaphae.fr/article.php?IdArticle=8514966 False Threat,Legislation,Mobile None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant. The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,]]> 2024-06-07T21:14:00+00:00 https://thehackernews.com/2024/06/lightspy-spywares-macos-variant-found.html www.secnews.physaphae.fr/article.php?IdArticle=8514759 False Malware,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) 2024-06-07T21:10:07+00:00 https://community.riskiq.com/article/dccc6ab3 www.secnews.physaphae.fr/article.php?IdArticle=8514942 False Ransomware,Malware,Tool,Threat,Mobile,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is urging third-party Android app developers to incorporate generative artificial intelligence (GenAI) features in a responsible manner. The new guidance from the search and advertising giant is an effort to combat problematic content, including sexual content and hate speech, created through such tools. To that end, apps that generate content using AI must ensure they don\'t create]]> 2024-06-07T16:37:00+00:00 https://thehackernews.com/2024/06/the-ai-debate-googles-guidelines-metas.html www.secnews.physaphae.fr/article.php?IdArticle=8514644 False Tool,Mobile None 2.0000000000000000 SecurityWeek - Security News Des histoires remarquables qui pourraient avoir glissé sous le radar: Tiktok Patchs Compte Rijacking Zero-Day, 300 millions de dollars DMM Bitcoin Hack, Applications VPN Android gratuites analysées.

---

>Noteworthy stories that might have slipped under the radar: TikTok patches account hijacking zero-day, $300 million DMM Bitcoin hack, free Android VPN apps analyzed. ]]> 2024-06-07T14:33:48+00:00 https://www.securityweek.com/in-other-news-tiktok-zero-day-dmm-bitcoin-hack-free-vpn-app-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8514761 False Hack,Vulnerability,Threat,Mobile None 3.0000000000000000 ZD Net - Magazine Info Google Messages will be among the first text services to support read receipts, high-res media sending, and more with emergency call centers.]]> 2024-06-06T17:06:31+00:00 https://www.zdnet.com/article/youll-soon-be-able-to-text-911-via-rcs-on-your-android-phone-heres-how-it-works/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=8514226 False Mobile None 3.0000000000000000