www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-27T03:35:42+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain Microsoft corrige deux windows zéro-jours exploités dans des attaques de logiciels malveillants Microsoft fixes two Windows zero-days exploited in malware attacks Microsoft has fixed two actively exploited zero-day vulnerabilities during the April 2024 Patch Tuesday, although the company failed to initially tag them as such. [...]]]> 2024-04-09T18:06:06+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-two-windows-zero-days-exploited-in-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8478933 False Malware,Vulnerability,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Une bonne protection DDOS nécessite à la fois des contrôles détective et préventif Proper DDoS Protection Requires Both Detective and Preventive Controls DDoS attacks still plague the enterprise, but adding preventive measures can reduce their impact.]]> 2024-04-09T17:51:03+00:00 https://www.darkreading.com/cloud-security/proper-ddos-protection-requires-both-detective-and-preventive-controls www.secnews.physaphae.fr/article.php?IdArticle=8478828 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Sécurité en cascade et partenaire Axys pour offrir une protection contre les centres de données Waterfall Security and AXYS partner to deliver OT protection for data centers Waterfall Security et Axys ont annoncé mardi un nouveau partenariat qui offrira un nouveau niveau d'OT (opérationnel ...

>Waterfall Security and AXYS announced Tuesday a new partnership that will deliver a new level of OT (operational... ]]> 2024-04-09T17:44:10+00:00 https://industrialcyber.co/news/waterfall-security-and-axys-partner-to-deliver-ot-protection-for-data-centers/ www.secnews.physaphae.fr/article.php?IdArticle=8478831 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Otorio s'intègre à ServiceNow pour stimuler la cybersécurité opérationnelle et l'efficacité OTORIO integrates with ServiceNow to boost operational cybersecurity and efficiency La société de solutions de gestion des cyber-risques de sécurité otorio a annoncé mardi une intégration pour une gestion de sécurité OT dédiée avec ...

>OT security cyber risk management solutions company OTORIO announced Tuesday an integration for dedicated OT security management with... ]]> 2024-04-09T17:43:23+00:00 https://industrialcyber.co/news/otorio-integrates-with-servicenow-to-boost-operational-cybersecurity-and-efficiency/ www.secnews.physaphae.fr/article.php?IdArticle=8478832 False Industrial None 2.0000000000000000 HackRead - Chercher Cyber 0G lance Newton Testnet de la blockchain AI modulaire ultra-échelle 0G Launches Newton Testnet of Ultra-Scalable Modular AI Blockchain Par uzair amir 0g Labs est heureux de dévoiler le lancement du testt de test pour 0g, le débit de données ultra-élevé modulaire & # 8230; Ceci est un article de HackRead.com Lire le post original: 0g lance Newton testnet de blockchain AI modulaire ultra-échelle

>By Uzair Amir 0G Labs is pleased to unveil the launch of the testnet for 0G, the modular ultra-high data throughput… This is a post from HackRead.com Read the original post: 0G Launches Newton Testnet of Ultra-Scalable Modular AI Blockchain]]> 2024-04-09T17:23:04+00:00 https://www.hackread.com/0g-newton-testnet-ultra-scalable-modular-ai-blockchain/ www.secnews.physaphae.fr/article.php?IdArticle=8478827 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Pourquoi les systèmes de refroidissement liquide menacent la sécurité du centre de données et l'ampli;Notre alimentation en eau Why Liquid Cooling Systems Threaten Data Center Security & Our Water Supply We are potentially encroaching on a water supply crisis if data center operators, utilities, and the government don\'t implement preventative measures now.]]> 2024-04-09T17:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/why-liquid-cooling-systems-threaten-data-center-security-water-supply www.secnews.physaphae.fr/article.php?IdArticle=8478799 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cl0p \\'s Ransomware Rampage - Mesures de sécurité pour 2024 CL0P\\'s Ransomware Rampage - Security Measures for 2024 2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the \'CryptoMix\' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to 2022. But in 2023 the CL0P ransomware gang took itself to new heights and became one of the]]> 2024-04-09T16:54:00+00:00 https://thehackernews.com/2024/04/cl0ps-ransomware-rampage-security.html www.secnews.physaphae.fr/article.php?IdArticle=8478661 False Ransomware None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial DarkTrace présente une plate-forme de sécurité ActiveAi pour augmenter les opérations de sécurité, Cyber Resilience Darktrace introduces ActiveAI security platform to boost security operations, cyber resilience Cybersecurity AI Firm Darktrace a présenté mardi la plate-forme de sécurité DarkTrace ActiveAi qui comprend la sécurité existante de la société ...

>Cybersecurity AI firm Darktrace introduced on Tuesday the Darktrace ActiveAI Security Platform which includes the company\'s existing security... ]]> 2024-04-09T16:43:20+00:00 https://industrialcyber.co/news/darktrace-introduces-activeai-security-platform-to-boost-security-operations-cyber-resilience/ www.secnews.physaphae.fr/article.php?IdArticle=8478805 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les groupes de la société civile sont des plateformes de presse pour intensifier le travail d'intégrité des élections Civil society groups press platforms to step up election integrity work Une coalition de groupes de la société civile souhaite que les sociétés de médias sociaux réinvestissent dans la modération du contenu humain et s'engagent à tenir les mauvais acteurs responsables.

>A coalition of civil society groups wants social media companies to re-invest in human content moderation and commit to holding bad actors accountable. ]]> 2024-04-09T16:42:19+00:00 https://cyberscoop.com/civil-society-groups-election-integrity-social-media/ www.secnews.physaphae.fr/article.php?IdArticle=8478801 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Dispositifs NAS D-Link 92K ouverts au bogue d'injection de commande critique 92K D-Link NAS Devices Open to Critical Command-Injection Bug The company is asking users to retire several network-attached storage (NAS) models to avoid compromise through a publicly available exploit that results in backdooring.]]> 2024-04-09T16:32:06+00:00 https://www.darkreading.com/cloud-security/92k-dlink-nas-critical-command-injection-bug www.secnews.physaphae.fr/article.php?IdArticle=8478800 False Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les pirates utilisent des logiciels malveillants pour chasser les vulnérabilités logicielles Hackers Use Malware to Hunt Software Vulnerabilities Palo Alto Networks observed growing malware-initiated vulnerability scanning activity]]> 2024-04-09T16:15:00+00:00 https://www.infosecurity-magazine.com/news/malware-hunt-software/ www.secnews.physaphae.fr/article.php?IdArticle=8478804 False Malware,Vulnerability None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La FCC cherche à limiter la façon dont les abuseurs de violence domestique utilisent des voitures connectées FCC looks to limit how domestic violence abusers use connected cars L'agence vise à limiter la façon dont les agresseurs peuvent utiliser les logiciels de véhicules connectés pour harceler les survivants.

>The agency is aiming to limit how abusers can use connected vehicle software to harass survivors. ]]> 2024-04-09T15:58:35+00:00 https://cyberscoop.com/fcc-domestic-violence-connected-cars/ www.secnews.physaphae.fr/article.php?IdArticle=8478767 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial NIST publie SP 800-61R3 repêchage sur les recommandations de réponse aux incidents de cybersécurité pour commentaires publics NIST releases SP 800-61r3 draft on cybersecurity incident response recommendations for public comment The National Institute of Standards and Technology (NIST) released an initial public draft of Special Publication (SP) 800-61r3... ]]> 2024-04-09T15:46:58+00:00 https://industrialcyber.co/nist/nist-releases-sp-800-61r3-draft-on-cybersecurity-incident-response-recommendations-for-public-comment/ www.secnews.physaphae.fr/article.php?IdArticle=8478778 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Changer les soins de santé frappés par la cyberintimidation Change Healthcare Hit By Cyber Extortion Again RansomHub has surfaced threatening to expose stolen data unless another ransom is paid]]> 2024-04-09T15:30:00+00:00 https://www.infosecurity-magazine.com/news/change-healthcare-double-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8478777 False Medical None 2.0000000000000000 Global Security Mag - Site de news francais Sentinelone lance Purple IA SentinelOne launches Purple AI revues de produits

SentinelOne launches Purple AI AI security analyst radically transforms threat investigations and response with simple, one-click hunting, suggested queries, and auto-generated reports, empowering security teams to deliver new levels of defence, savings, and efficiencies - Product Reviews]]> 2024-04-09T15:26:04+00:00 https://www.globalsecuritymag.fr/sentinelone-launches-purple-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8478773 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais DarkTrace lance DarkTrace ActiveAi Security Platform ™ Darktrace Launches Darktrace ActiveAI Security Platform™ revues de produits

Darktrace Transforms Security Operations and Improves Cyber Resilience with Launch of Darktrace ActiveAI Security Platform™ • New innovations in Darktrace ActiveAI Security Platform provide more complete visibility across the enterprise to eliminate alert fatigue and illuminate security gaps freeing security teams\' to proactively improve cyber resilience. • Platform launches in an era of increasing AI-augmented threats, with new research finding that 74% of security professionals believe these threats are already having an impact, but 60% report their organization is unprepared. - Product Reviews]]> 2024-04-09T15:22:26+00:00 https://www.globalsecuritymag.fr/darktrace-launches-darktrace-activeai-security-platform-tm.html www.secnews.physaphae.fr/article.php?IdArticle=8478774 False None None 2.0000000000000000 The State of Security - Magazine Américain Alerte de menace vert: avril 2024 Patch mardi analyse VERT Threat Alert: April 2024 Patch Tuesday Analysis Today\'s VERT Alert addresses Microsoft\'s April 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-26234 This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft\'s new CWE listings , we know is tied to Improper Access Control. From a published Sophos write-up , we know that this is tied to a threat actor that has been working with a valid Microsoft Windows hardware Compatibility Program (WHCP) Certificate that has now been revoked...]]> 2024-04-09T15:20:51+00:00 https://www.tripwire.com/state-of-security/vert-threat-alert-april-2024-patch-tuesday-analysis www.secnews.physaphae.fr/article.php?IdArticle=8478905 False Vulnerability,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future LG publie des mises à jour pour les vulnérabilités qui pourraient permettre aux pirates d'accéder aux téléviseurs LG releases updates for vulnerabilities that could allow hackers to gain access to TVs

Quatre nouvelles vulnérabilités affectant des milliers de téléviseurs LG ont été trouvées par des chercheurs qui ont déclaré que les problèmes pourraient permettre aux pirates de s'ajouter en tant qu'utilisateurs et de prendre d'autres mesures. & NBSP;Des chercheurs de la société de cybersécurité Bitdefender ont déclaré que les bogues - dont trois obtiennent une cote de gravité de 9,1 sur 10 - Centre sur LG webOS, le

Four new vulnerabilities affecting thousands of LG TVs have been found by researchers who said the issues could allow hackers to add themselves as users and take other actions. Researchers from cybersecurity firm Bitdefender said the bugs - three of which carry a 9.1 out 10 severity rating - center on LG WebOS, the]]> 2024-04-09T15:17:30+00:00 https://therecord.media/lg-patches-vulnerabilities-tv www.secnews.physaphae.fr/article.php?IdArticle=8478770 False Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future Genios de la société de base de données allemande confirme l'attaque des ransomwares German database company Genios confirms ransomware attack

GBI Genios, une société de base de données utilisé par de nombreuses organisations de médias en Allemagne, a annoncé mardi que ses serveurs n'étaient pas disponibles «en raison d'une attaque de pirate massive».Dans un article sur LinkedIn, Genios a déclaré que l'incident était une attaque de ransomware et a mis en garde: "Malheureusement, nous devons assumer une panne pendant plusieurs jours."«Nos options de communication sont

GBI Genios, a database company used by numerous media organizations in Germany, announced on Tuesday its servers were unavailable “due to a massive hacker attack.” In a post on LinkedIn, Genios said the incident was a ransomware attack and cautioned, “unfortunately we have to assume an outage for several days.” “Our communication options are]]> 2024-04-09T15:16:07+00:00 https://therecord.media/genios-germany-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8478771 False Ransomware None 2.0000000000000000 Korben - Bloger francais L\'arrivée d\'une conscience IA serait inévitable 2024-04-09T15:12:08+00:00 https://korben.info/arrivee-conscience-ia-inevitable-recherche-ctm-gnw-ast.html www.secnews.physaphae.fr/article.php?IdArticle=8478769 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Le cyber-chef de la sécurité ukrainienne \\ a été suspendu après enquête médiatique Ukrainian security service\\'s cyber chief suspended following media investigation

Le chef du département de cybersécurité du service de sécurité de l'Ukraine \\ (SBU), Illia Vitiuk, a été suspendu à ses fonctions officielles à la suite d'une enquête médiatique.Vitiuk a été réaffecté pour servir au combat et est déjà parti pour le front mardi, a rapporté l'agence de presse interfax de l'Ukraine \\, citant une déclaration de SBU.Une nouvelle différente

The head of the cybersecurity department at Ukraine\'s Security Service (SBU), Illia Vitiuk, has been suspended from his official duties following a media investigation. Vitiuk has been reassigned to serve in combat and already has left for the front on Tuesday, reported Ukraine\'s Interfax news agency, citing a statement from SBU. A different news]]> 2024-04-09T15:07:12+00:00 https://therecord.media/ukraine-cybersecurity-sbu-illia-vitiuk-suspended www.secnews.physaphae.fr/article.php?IdArticle=8478772 False None None 2.0000000000000000 CyberArk - Software Vendor Cookies au-delà des navigateurs: comment évoluer les attaques basées sur la session Cookies Beyond Browsers: How Session-Based Attacks Are Evolving In the past few years, we have witnessed a significant shift in the attack landscape, from stealing clear text credentials to targeting session-based authentication. This trend is driven by the proliferation of multi-factor authentication (MFA),...]]> 2024-04-09T15:05:01+00:00 https://www.cyberark.com/blog/cookies-beyond-browsers-how-session-based-attacks-are-evolving/ www.secnews.physaphae.fr/article.php?IdArticle=8478738 False Prediction None 2.0000000000000000 The Register - Site journalistique Anglais Le bureau de poste a giflé pour la divulgation tardive des documents dans Horizon Scandal Enquête Post Office slapped down for late disclosure of documents in Horizon scandal inquiry Documents from leaders including former CEO Paula Vennells among those handed over at the last minute Updated The Post Office Horizon inquiry may be forced to recall witnesses after the company delayed disclosing evidence – some relating to communications to and from former chief executive Paula Vennells.…]]> 2024-04-09T15:00:53+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/09/post_office_horizon_evidence/ www.secnews.physaphae.fr/article.php?IdArticle=8478741 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Recherche Unarths Assaut multi-mineur de Rumbycarp \\ sur crypto Research Unearths RUBYCARP\\'s Multi-Miner Assault on Crypto Sysdig stated that by deploying multiple miners, the group decreased attack time and detection risk]]> 2024-04-09T14:30:00+00:00 https://www.infosecurity-magazine.com/news/rubycarps-multi-miner-assault/ www.secnews.physaphae.fr/article.php?IdArticle=8478743 False None APT 40 3.0000000000000000 Recorded Future - FLux Recorded Future Les chercheurs découvrent un nouveau gang de ransomware \\ 'muliaka \\' attaquant des entreprises russes Researchers discover new ransomware gang \\'Muliaka\\' attacking Russian businesses

Un gang de ransomware auparavant inconnu a attaqué les entreprises russes avec des logiciels malveillants basés sur le code source divulgué du groupe de piratage Conti.Le gang, que les chercheurs de la société de cybersécurité basée à Moscou F.A.C.C.T.ont surnommé «muliaka» ou eau boueuse en anglais, a laissé des traces minimales de ses attaques mais a probablement été active depuis

A previously unknown ransomware gang has been attacking Russian businesses with malware based on the leaked source code from the Conti hacking group. The gang, which researchers at the Moscow-based cybersecurity company F.A.C.C.T. have dubbed “Muliaka," or Muddy Water in English, has left minimal traces from its attacks but has likely been active since]]> 2024-04-09T14:03:25+00:00 https://therecord.media/muliaka-ransomware-group-targeting-russian-businesses-conti www.secnews.physaphae.fr/article.php?IdArticle=8478696 False Ransomware,Malware None 2.0000000000000000 HackRead - Chercher Cyber Raindex lance sur Flare to Power Trading de style CEX décentralisé Raindex Launches On Flare To Power Decentralized CEX-Style Trading Par owais sultan Flare, The Blockchain for Data, a annoncé le lancement de l'application Raindex Desktop: un dex de nouvelles intentions & # 8230; Ceci est un article de HackRead.com Lire la publication originale: Raindex lance sur Flare to Power Trading de style CEX décentralisé

>By Owais Sultan Flare, the blockchain for data, has announced the launch of the Raindex desktop app: a new intents-like DEX… This is a post from HackRead.com Read the original post: Raindex Launches On Flare To Power Decentralized CEX-Style Trading]]> 2024-04-09T14:00:44+00:00 https://www.hackread.com/raindex-on-flare-decentralized-cex-style-trading/ www.secnews.physaphae.fr/article.php?IdArticle=8478701 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Cadres, directives et ampli;Les primes à elles seules ont vaincu les ransomwares de vaincre Frameworks, Guidelines & Bounties Alone Won\\'t Defeat Ransomware We need more than "do-it-yourself" approaches to threats that clearly rise to the level of national security issues.]]> 2024-04-09T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/frameworks-guidelines-bounties-alone-wont-defeat-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8478694 False Ransomware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine L'interférence étrangère entraîne une augmentation record du vol IP Foreign Interference Drives Record Surge in IP Theft DTEX claims industrial espionage and IP theft are at an all-time high thanks to malicious insiders]]> 2024-04-09T14:00:00+00:00 https://www.infosecurity-magazine.com/news/foreign-interference-record-ip/ www.secnews.physaphae.fr/article.php?IdArticle=8478693 False Industrial None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain US Cyber Safety Review Board sur le hack d'échange Microsoft 2023 US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack 2024-04-09T13:56:55+00:00 https://www.schneier.com/blog/archives/2024/04/us-cyber-safety-review-board-on-the-2023-microsoft-exchange-hack.html www.secnews.physaphae.fr/article.php?IdArticle=8478706 False Hack None 2.0000000000000000 Dark Reading - Informationweek Branch L'initiative de formation ambitieuse exploite les talents de aveugles et de troubles visuellement Ambitious Training Initiative Taps Talents of Blind and Visually Impaired Novacoast\'s Apex Program prepares individuals with visual impairments for cybersecurity careers.]]> 2024-04-09T13:50:23+00:00 https://www.darkreading.com/cybersecurity-careers/ambitious-training-initiatve-taps-talents-of-blind-visually-impaired www.secnews.physaphae.fr/article.php?IdArticle=8478744 False None None 2.0000000000000000 Global Security Mag - Site de news francais Reliaquest et Aon collaborent ReliaQuest and Aon Collaborate nouvelles commerciales

ReliaQuest and Aon Collaborate to Empower Organizations to Proactively Manage Cyber Risk As the cyber insurance market continues to evolve, this new collaboration represents a unique approach to helping companies assess and mitigate cyber risk - Business News]]> 2024-04-09T13:42:42+00:00 https://www.globalsecuritymag.fr/reliaquest-and-aon-collaborate.html www.secnews.physaphae.fr/article.php?IdArticle=8478697 False None None 2.0000000000000000 IT Security Guru - Blog Sécurité # MIWIC2024: Illyana Mullins, fondatrice de Witch (Women in Tech and Cyber Hub Cic) #MIWIC2024: Illyana Mullins, Founder of WiTCH (Women in Tech and Cyber Hub CIC) # MIWIC2024: Illyana Mullins, fondatrice de Witch (Women in Tech and Cyber Hub Cic) est apparue pour la première fois sur gourou de la sécurité informatique .

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024\'s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee\'s answers are […] The post #MIWIC2024: Illyana Mullins, Founder of WiTCH (Women in Tech and Cyber Hub CIC) first appeared on IT Security Guru. ]]> 2024-04-09T13:25:17+00:00 https://www.itsecurityguru.org/2024/04/09/miwic2024-illyana-mullins-founder-of-witch-women-in-tech-and-cyber-hub-cic/?utm_source=rss&utm_medium=rss&utm_campaign=miwic2024-illyana-mullins-founder-of-witch-women-in-tech-and-cyber-hub-cic www.secnews.physaphae.fr/article.php?IdArticle=8478703 True None None 3.0000000000000000 HackRead - Chercher Cyber 91 000 appareils de télévision intelligents LG vulnérables à la prise de contrôle à distance 91,000 Smart LG TV Devices Vulnerable to Remote Takeover Par waqas LG TVS Vulnérable!Mettez à jour maintenant pour empêcher les pirates de prendre le contrôle & # 038;Voler des données (WebOS 4-7).Millions à risque! Ceci est un article de HackRead.com Lire la publication originale: 91 000 appareils TV LG intelligents vulnérables à la prise de contrôle à distance

>By Waqas LG TVs vulnerable! Update now to block hackers from taking control & stealing data (webOS 4-7). Millions at risk! This is a post from HackRead.com Read the original post: 91,000 Smart LG TV Devices Vulnerable to Remote Takeover]]> 2024-04-09T13:23:31+00:00 https://www.hackread.com/smart-lg-tv-devices-vulnerable-remote-take-over/ www.secnews.physaphae.fr/article.php?IdArticle=8478702 False None None 2.0000000000000000 Global Security Mag - Site de news francais Le rapport de développement de logiciels de l'état de l'État de l'automobile de Forforce \\ révèle que la sécurité intégrée est une préoccupation croissante car les transitions du marché vers les véhicules électriques Perforce\\'s 2024 State of Automotive Software Development Report Reveals Embedded Security Is a Rising Concern as Market Transitions to Electric Vehicles rapports spéciaux

Perforce\'s 2024 State of Automotive Software Development Report Reveals Embedded Security Is a Rising Concern as Market Transitions to Electric Vehicles Survey of 600 automotive development professionals finds meeting regulations requiring cybersecurity approval is top security concern; code quality and the global economy were also top of mind. - Special Reports]]> 2024-04-09T13:14:15+00:00 https://www.globalsecuritymag.fr/perforce-s-2024-state-of-automotive-software-development-report-reveals.html www.secnews.physaphae.fr/article.php?IdArticle=8478698 False None None 3.0000000000000000 Global Security Mag - Site de news francais LogPoint annonce un nouveau programme de partenaire Logpoint announces new Partner Program nouvelles commerciales

Logpoint announces new Partner Programs to drive growth for MSSPs and Channel Partners • The Logpoint Managed Security Service Provider (MSSP) program enables MSSPs to use Logpoint solutions in a more simple and more flexible manner. • The Logpoint Channel Partner Program empowers partners with a simplified tiering structure and greater rewards for Deal Registration which helps capture new business. - Business News]]> 2024-04-09T13:10:31+00:00 https://www.globalsecuritymag.fr/logpoint-announces-new-partner-program.html www.secnews.physaphae.fr/article.php?IdArticle=8478699 False None None 2.0000000000000000 Global Security Mag - Site de news francais SentinelOne® lance Purple AI Produits]]> 2024-04-09T13:08:03+00:00 https://www.globalsecuritymag.fr/sentinelone-r-lance-purple-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8478700 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Panzura, LLC a annoncé la disponibilité de la détection et du sauvetage de Panzura Panzura, LLC announced the availability of Panzura Detect and Rescue revues de produits

Panzura Launches Near Real-Time Ransomware Detection and Recovery Solution Panzura Detect and Rescue offers near real-time ransomware threat detection and expert-guided rapid recovery, allowing businesses to take a proactive stance against the mounting threat of ransomware - Product Reviews]]> 2024-04-09T13:04:47+00:00 https://www.globalsecuritymag.fr/panzura-llc-announced-the-availability-of-panzura-detect-and-rescue.html www.secnews.physaphae.fr/article.php?IdArticle=8478665 False Ransomware,Threat None 2.0000000000000000 Palo Alto Network - Site Constructeur Entrer le chapitre suivant de Sase à Intersect 2024 Entering the Next Chapter of SASE at InterSECt 2024 Rejoignez Palo Alto Networks à Intersect 2024 pour en savoir plus sur le prochain chapitre de Sase Innovations pour mieux protéger votre entreprise, données, applications et utilisateurs.

>Join Palo Alto Networks at InterSECt 2024 to learn about the next chapter in SASE innovations to better protect your business, data, apps and users. ]]> 2024-04-09T13:00:32+00:00 https://www.paloaltonetworks.com/blog/2024/04/next-chapter-of-sase-at-intersect-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8478670 False None None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Mars 2024 \\'s Mostware le plus recherché: les pirates découvrent une nouvelle méthode de la chaîne d'infection pour livrer des remcos March 2024\\'s Most Wanted Malware: Hackers Discover New Infection Chain Method to Deliver Remcos Les chercheurs ont découvert une nouvelle méthode de déploiement des remcos de Troie (rat) d'accès à distance, contournant les mesures de sécurité communes pour obtenir un accès non autorisé aux victimes \\ '.Pendant ce temps, Blackbasta est entré dans les trois premiers des groupes de ransomwares les plus recherchés et les communications ont sauté à la troisième place dans les industries les plus exploitées que notre dernier indice de menace mondial pour les chercheurs de mars 2024 a révélé des pirates en utilisant des fichiers de disque dur virtuel (VHD) pour déployer un accès à distance Trojan (Rat) remcos.Pendant ce temps, Lockbit3 est resté le groupe de ransomwares le plus répandu en mars malgré le retrait des forces de l'ordre en février, bien que sa fréquence sur les 200 points de contrôle ait surveillé les ransomwares [& # 8230;]

>Researchers have discovered a new method of deploying the Remote Access Trojan (RAT) Remcos, bypassing common security measures to gain unauthorized access to victims\' devices. Meanwhile, Blackbasta entered the top three of the most wanted ransomware groups and Communications jumped into third place in the most exploited industries Our latest Global Threat Index for March 2024 saw researchers reveal hackers utilizing Virtual Hard Disk (VHD) files to deploy Remote Access Trojan (RAT) Remcos. Meanwhile, Lockbit3 remained the most prevalent ransomware group in March despite the law enforcement takedown in February, although its frequency on the 200 Check Point monitored ransomware […] ]]> 2024-04-09T13:00:24+00:00 https://blog.checkpoint.com/security/march-2024s-most-wanted-malware-hackers-discover-new-infection-chain-method-to-deliver-remcos/ www.secnews.physaphae.fr/article.php?IdArticle=8478704 False Ransomware,Malware,Threat,Legislation None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Vérifier les suraliments de pointage de la pile de sécurité de Brisbane Catholic Education \\ pour améliorer la détection des menaces et rationaliser la gestion Check Point Supercharges Brisbane Catholic Education\\'s Security Stack to Improve Threat Detection and Streamline Manageability Brisbane Catholic Education (BCE) est une communauté d'apprentissage comprenant plus de 140 écoles qui fournissent des résultats d'apprentissage de qualité à 77 000 élèves de préparation à l'année-12.L'éducation et les flux de travail administratifs de BCE sont alimentés par une infrastructure informatique hybride importante et distribuée.L'organisation exploite également la plus grande location non gouvernementale de Microsoft Office 365 dans l'hémisphère sud.Pendant ce temps, le centre de données physique de la communauté \\ héberge toutes les fonctions scolaires critiques fournissant la maintenance des systèmes de bibliothèque, le soutien des étudiants, la paie et bien plus encore.BCE cherchait à assurer la protection la plus solide pour les données des étudiants et les informations personnelles et à protéger le réseau, les liens de communication et les données opérationnelles.Avec des données récentes [& # 8230;]

>Brisbane Catholic Education (BCE) is a learning community comprising more than 140 schools that deliver quality learning outcomes to 77,000 prep-to-year-12 students. BCE\'s education and administrative workflows are powered by a large and distributed hybrid IT infrastructure. The organisation also operates the largest non-governmental Microsoft Office 365 tenancy in the Southern Hemisphere. Meanwhile the community\'s physical data centre hosts all critical school functions providing library systems maintenance, student support, payroll and much more. BCE were looking to ensure the strongest protection for student data and personal information, and to safeguard the network, communication links and operational data. With recent data […] ]]> 2024-04-09T13:00:04+00:00 https://blog.checkpoint.com/customer-stories/check-point-supercharges-brisbane-catholic-educations-security-stack-to-improve-threat-detection-and-streamline-manageability/ www.secnews.physaphae.fr/article.php?IdArticle=8478705 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les attaquants utilisant des outils d'obscurcissement pour fournir des logiciels malveillants en plusieurs étapes via le phishing de la facture Attackers Using Obfuscation Tools to Deliver Multi-Stage Malware via Invoice Phishing Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet]]> 2024-04-09T12:54:00+00:00 https://thehackernews.com/2024/04/attackers-using-obfuscation-tools-to.html www.secnews.physaphae.fr/article.php?IdArticle=8478562 False Malware,Tool None 2.0000000000000000 Recorded Future - FLux Recorded Future MEDUSA Cybercrime Gang prend le crédit pour une autre attaque contre la municipalité américaine Medusa cybercrime gang takes credit for another attack on US municipality

Le MEDUSA Ransomware Group affirme qu'il est responsable d'une attaque contre une agence gouvernementale au Texas. & NBSP;Le district d'évaluation du comté de Tarrant - qui détermine la valeur des propriétés à des fins fiscales dans la région de Fort Worth - a confirmé à la future nouvelle enregistrée il y a deux semaines qu'il a été victime d'une attaque de ransomware. & Nbsp;Sur

The Medusa ransomware group says it is responsible for an attack on a government agency in Texas. The Tarrant County Appraisal District - which determines property values for tax purposes in the Fort Worth area - confirmed to Recorded Future News two weeks ago that it was a victim of a ransomware attack. On]]> 2024-04-09T12:53:08+00:00 https://therecord.media/tarrant-county-texas-ransomware-attack-medusa www.secnews.physaphae.fr/article.php?IdArticle=8478662 False Ransomware None 2.0000000000000000 IT Security Guru - Blog Sécurité Synopsys présente la dernière solution pour une sécurité complète entre les chaînes d'approvisionnement logicielles Synopsys Introduces Latest Solution for Comprehensive Security Across Software Supply Chains Synopsys présente la dernière solution pour une sécurité complète entre les chaînes d'approvisionnement logicielles Apparu pour la première fois sur gourou de la sécurité informatique .

Synopsys has introduced Black Duck® Supply Chain Edition, a novel software composition analysis (SCA) solution. This offering aids organisations in mitigating upstream risks within their software supply chains. Black Duck® Supply Chain Edition amalgamates various open source detection technologies, automated third-party software bill of materials (SBOM) analysis, and malware detection to offer a comprehensive perspective […] The post Synopsys Introduces Latest Solution for Comprehensive Security Across Software Supply Chains first appeared on IT Security Guru. ]]> 2024-04-09T12:52:49+00:00 https://www.itsecurityguru.org/2024/04/09/synopsys-introduces-latest-solution-for-comprehensive-security-across-software-supply-chains/?utm_source=rss&utm_medium=rss&utm_campaign=synopsys-introduces-latest-solution-for-comprehensive-security-across-software-supply-chains www.secnews.physaphae.fr/article.php?IdArticle=8478669 False Malware None 2.0000000000000000 Global Security Mag - Site de news francais NetApp remporte le prix Google Cloud Technology Partner of the Year pour l\'Infrastructure - Stockage Business]]> 2024-04-09T12:34:42+00:00 https://www.globalsecuritymag.fr/netapp-remporte-le-prix-google-cloud-technology-partner-of-the-year-pour-l.html www.secnews.physaphae.fr/article.php?IdArticle=8478666 False Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future Targus géant d'accessoires informatiques affirme que la cyberattaque interrompt les opérations commerciales Computer accessory giant Targus says cyberattack interrupting business operations

L'un des plus grands fabricants d'accessoires technologiques a déclaré que les opérations commerciales ont été «temporairement perturbées» à la suite d'une cyberattaque qui a commencé le 5 avril. & NBSP;Dans un dépôt de la SEC lundi soir, Targus International a déclaré avoir découvert qu'un pirate avait eu accès aux systèmes de fichiers, ce qui a incité l'entreprise à embaucher en dehors des consultants en cybersécurité. & NBSP;«Targus immédiatement

One of the biggest manufacturers of technology accessories said business operations have been “temporarily disrupted” following a cyberattack that began on April 5. In an SEC filing on Monday evening, Targus International said it discovered that a hacker had gained access to file systems, prompting the company to hire outside cybersecurity consultants. “Targus immediately]]> 2024-04-09T12:28:48+00:00 https://therecord.media/targus-cyberattack-operations-disrupted www.secnews.physaphae.fr/article.php?IdArticle=8478663 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Le club de football français PSG dit le système de billetterie ciblé par la cyberattaque French football club PSG says ticketing system targeted by cyberattack

Paris Saint-Germain (PSG), le Titan du football français, a informé ses supporters qu'une cyberattaque ciblait le service de billetterie en ligne du club \\.L'avertissement a été partagé avec les fans lundi, bien que l'incident ait été détecté la semaine dernière le 3 avril, selon la lettre publiée pour la première fois par le journal Le Parisien.Ça arrive

Paris Saint-Germain (PSG), the Qatari-owned titan of French football, has informed its supporters that a cyberattack targeted the club\'s online ticketing service last week. The warning was shared with fans on Monday, although the incident was detected last week on April 3, according to the letter first published by Le Parisien newspaper. It comes]]> 2024-04-09T12:05:44+00:00 https://therecord.media/paris-saint-germain-cyberattack-ticketing-system www.secnews.physaphae.fr/article.php?IdArticle=8478664 False None None 4.0000000000000000 Cisco - Security Firm Blog Désamorcer la menace de références compromises Defusing the threat of compromised credentials Identity related attacks are a common tactic used by bad actors. Learn how to help protect against these attacks.]]> 2024-04-09T12:00:31+00:00 https://feedpress.me/link/23535/16645478/defusing-the-threat-of-compromised-credentials www.secnews.physaphae.fr/article.php?IdArticle=8478650 False Threat None 2.0000000000000000 CrowdStrike - CTI Society Crowdsstrike et Google Cloud développent un partenariat stratégique pour offrir une sécurité cloud unifiée CrowdStrike and Google Cloud Expand Strategic Partnership to Deliver Unified Cloud Security CrowdStrike and Google Cloud today debuted an expanded strategic partnership with a series of announcements that demonstrate our ability to stop cloud breaches with industry-leading AI-powered protection. These new features and integrations are built to protect Google Cloud and multi-cloud customers against adversaries that are increasingly targeting cloud environments. At a time when cloud intrusions […]]]> 2024-04-09T11:52:21+00:00 https://www.crowdstrike.com/blog/crowdstrike-google-cloud-expand-strategic-partnership/ www.secnews.physaphae.fr/article.php?IdArticle=8486962 False Cloud None 2.0000000000000000 IT Security Guru - Blog Sécurité Utilisation de la technologie émergente pour combler l'écart des cyber-compétences Using emerging technology to bridge the cyber skills gap utilisant une technologie émergente pourÉcouter l'écart des cyber-compétences

While the UK\'s cyber security skills gap is no secret, it seems there has been little progress made in solving it. The 2023 government report on cyber security skills in the UK labour market found that half of all businesses have a basic cyber security skills gap, and 33% have an advanced skills gap – […] The post Using emerging technology to bridge the cyber skills gap first appeared on IT Security Guru. ]]> 2024-04-09T11:48:22+00:00 https://www.itsecurityguru.org/2024/04/09/using-emerging-technology-to-bridge-the-cyber-skills-gap/?utm_source=rss&utm_medium=rss&utm_campaign=using-emerging-technology-to-bridge-the-cyber-skills-gap www.secnews.physaphae.fr/article.php?IdArticle=8478637 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future L'EPA enquête continue sur les données divulguées qui apparaissent \\ 'être des informations publiques EPA continuing investigation into leaked data that \\'appears\\' to be public info

L'Agence américaine de protection de l'environnement (EPA) a déclaré qu'elle enquêtait sur les tentatives d'un pirate de vendre des informations prétendument obtenues auprès des systèmes de l'organisation. & NBSP;Dimanche, un pirate dans un forum cybercriminal populaire a offert 3 gigaoctets de données prétendument tirés de l'EPA Systems.La personne derrière le message a indiqué que les informations étaient une liste de contacts

The U.S. Environmental Protection Agency (EPA) said it is investigating attempts by a hacker to sell information allegedly obtained from the organization\'s systems. On Sunday, a hacker in a popular cybercriminal forum offered 3 gigabytes of data allegedly taken from EPA systems. The person behind the post said the information was a contact list]]> 2024-04-09T11:46:15+00:00 https://therecord.media/epa-investigation-leaked-data www.secnews.physaphae.fr/article.php?IdArticle=8478635 False None None 2.0000000000000000 Global Security Mag - Site de news francais Augmentation de la migration des entreprises dans le cloud: quatre conseils pour protéger les environnements cloud Zunehmende Migration von Unternehmen in die Cloud: Vier Tipps zum Schutz von Cloud-Umgebungen rapports spéciaux / / affiche

Aus den Berichten geht hervor, dass fast 90 Prozent der Unternehmen angeben, sensible Daten oder Workloads in der öffentlichen Cloud zu hosten. Laut dem Cloud Security Report 2023 lagern 39 Prozent der Unternehmen mehr als 50 Prozent ihrer Workloads in der Cloud aus. 24 Prozent der Unternehmen haben Sicherheitsvorfälle im Zusammenhang mit der Cloud-Umgebung erlebt. - Sonderberichte / affiche]]> 2024-04-09T11:41:43+00:00 https://www.globalsecuritymag.fr/zunehmende-migration-von-unternehmen-in-die-cloud-vier-tipps-zum-schutz-von.html www.secnews.physaphae.fr/article.php?IdArticle=8478636 False Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Des pirates de rubycarp liés à un botnet de cryptominage de 10 ans RUBYCARP hackers linked to 10-year-old cryptomining botnet A Romanian botnet group named \'RUBYCARP\' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain. [...]]]> 2024-04-09T11:30:06+00:00 https://www.bleepingcomputer.com/news/security/rubycarp-hackers-linked-to-10-year-old-cryptomining-botnet/ www.secnews.physaphae.fr/article.php?IdArticle=8478768 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les défauts critiques laissent 92 000 appareils Nas D-Link vulnérables aux attaques de logiciels malveillants Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy D-Link products that have reached end-of-life (EoL) status. D-Link, in]]> 2024-04-09T11:16:00+00:00 https://thehackernews.com/2024/04/critical-flaws-leave-92000-d-link-nas.html www.secnews.physaphae.fr/article.php?IdArticle=8478517 False Malware,Vulnerability,Threat None 1.00000000000000000000 SecurityWeek - Security News Informations collectées par le DOJ exposées dans une violation de données affectant 340 000 DOJ-Collected Information Exposed in Data Breach Affecting 340,000 La société de soutien à l'analyse économique et aux litiges GMA affirme que les informations personnelles et médicales ont été volées en mai 2023 violation de données.

>Economic analysis and litigation support firm GMA says personal and medical information was stolen in a May 2023 data breach. ]]> 2024-04-09T10:56:16+00:00 https://www.securityweek.com/doj-collected-information-exposed-in-data-breach-affecting-340000/ www.secnews.physaphae.fr/article.php?IdArticle=8478633 False Data Breach,Medical None 2.0000000000000000 Silicon - Site de News Francais Caroline Delarue, nouvelle directrice des systèmes d\'information de DHL Express France 2024-04-09T10:42:06+00:00 https://www.silicon.fr/caroline-delarue-nouvelle-directrice-des-systemes-dinformation-de-dhl-express-france-477598.html www.secnews.physaphae.fr/article.php?IdArticle=8478612 False None None 1.00000000000000000000 TechRepublic - Security News US 6 meilleurs gestionnaires de mot de passe open source pour Windows en 2024 6 Best Open Source Password Managers for Windows in 2024 Discover the top open-source password managers for Windows. Learn about the features and benefits of each to determine which one is the best fit for your needs.]]> 2024-04-09T10:29:22+00:00 https://www.techrepublic.com/article/best-password-manager-open-source-windows/ www.secnews.physaphae.fr/article.php?IdArticle=8478611 False None None 1.00000000000000000000 SecurityWeek - Security News Deuxième groupe de ransomwares extorquant le changement de santé Second Ransomware Group Extorting Change Healthcare RansomHub extorque les soins de santé des changements, menaçant de publier des données volées dans une attaque de ransomware Blackcat de février 2024.

>RansomHub is extorting Change Healthcare, threatening to release data stolen in a February 2024 BlackCat ransomware attack. ]]> 2024-04-09T10:18:23+00:00 https://www.securityweek.com/second-ransomware-group-extorting-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8478634 False Ransomware,Medical None 2.0000000000000000 Global Security Mag - Site de news francais L'enquête sur le SANS Institute vise Umfrage des SANS Institutes zielt auf die Prüfung der NIS2-Readiness ab rapports spéciaux / / affiche

Die Messlatte für die Cybersicherheit wird immer höher gelegt, diese Umfrage bietet einen wichtigen Ansatzpunkt für Unternehmen, um ihre Abwehrmaßnahmen zu bewerten und an die Standards der NIS2-Richtlinie anzupassen. - Sonderberichte / affiche]]> 2024-04-09T10:10:50+00:00 https://www.globalsecuritymag.fr/umfrage-des-sans-institutes-zielt-auf-die-prufung-der-nis2-readiness-ab.html www.secnews.physaphae.fr/article.php?IdArticle=8478587 False None None 2.0000000000000000 ComputerWeekly - Computer Magazine UK PLC échouant sur plusieurs cyber-mesures UK plc failing on multiple cyber measures 2024-04-09T10:05:00+00:00 https://www.computerweekly.com/news/366580174/UK-plc-failing-on-multiple-cyber-measures www.secnews.physaphae.fr/article.php?IdArticle=8478742 False None None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC La menace cachée à la vue: analyse des attaques sous-textuelles dans les communications numériques The Hidden Threat in Plain Sight: Analyzing Subtextual Attacks in Digital Communications subtextual attacks. These aren\'t your run-of-the-mill security breaches; they\'re cunningly crafted messages that may look harmless—but they actually carry a dangerous payload within them. Join me as we take a closer look at this under-the-radar, but still dangerous, threat. We\'ll explore how these deceptive messages can sneak past our defenses, trick people into taking unwanted actions, and steal sensitive information without ever tripping an alarm. The Rise of Subtextual Attacks Unlike traditional cyber attacks, which are often direct and identifiable, subtextual attacks rely on subtlety and deception. Attackers craft messages that on the surface appear harmless or unrelated to any malicious activity. However, embedded within these communications are instructions, links, or information that can compromise security, manipulate behavior, or extract sensitive data. And not only is big data paramount in advertising and other avenues, but it’s also like keeping everything in your wallet—it’s convenient, helpful even, but signals to attackers that you’re indeed willing to put all your eggs in one basket when it comes to communications. These attacks exploit the nuances of language and context and require a sophisticated understanding of human communication and digital interaction patterns. For instance, a seemingly benign email might include a specific choice of words or phrases that, when interpreted correctly, reveal a hidden command or a disguised link to a malicious site. Psychological Manipulation Through Subtext Subtextual attacks also leverage psychological manipulation, influencing individuals to act in ways that compromise security or divulge confidential information. By understanding the psychological triggers and behavioral patterns of targets, attackers craft messages that subtly guide the recipient\'s actions. For instance, an attacker might use social engineering techniques combined with subtextual cues to convince a user to bypass normal security protocols. An email that seems to come from a trusted colleague or superior, containing subtle suggestions or cues, can be more effective in eliciting certain actions than a direct request or command. Attackers can also exploit the principle of urgency or scarcity, embedding subtle cues in communications that prompt the recipient to act quickly, bypassing their usual critical thinking or security procedures. The Evolution of Digital Forensics To combat the growing rise of subtextual attacks, the field of digital forensics has evolved significantly over the past decade. Initially focused on recovering and analyzing electronic information to investigate crime, digital forensics now incorporates advanced linguistic analysis, data pattern recognition, and machine learning to detect hidden threats. Modern digital forensic tools can analyze vast qua]]> 2024-04-09T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-hidden-threat-in-plain-sight-analyzing-subtextual-attacks-in-digital-communications www.secnews.physaphae.fr/article.php?IdArticle=8478586 False Ransomware,Tool,Vulnerability,Threat,Medical None 2.0000000000000000 Silicon - Site de News Francais Atos annonce un besoin de financement de 1,2 milliard € 2024-04-09T09:50:39+00:00 https://www.silicon.fr/atos-annonce-un-besoin-de-financement-de-12-milliard-e-477578.html www.secnews.physaphae.fr/article.php?IdArticle=8478589 False None None 2.0000000000000000 Global Security Mag - Site de news francais L\'IA générative & cybersécurité : entre promesses et prudence Points de Vue]]> 2024-04-09T09:25:48+00:00 https://www.globalsecuritymag.fr/l-ia-generative-cybersecurite-entre-promesses-et-prudence.html www.secnews.physaphae.fr/article.php?IdArticle=8478588 False None None 2.0000000000000000 Silicon - Site de News Francais RGPD : la CNIL face aux spécificités des IA 2024-04-09T09:22:22+00:00 https://www.silicon.fr/rgpd-cnil-ia-477572.html www.secnews.physaphae.fr/article.php?IdArticle=8478590 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Plus de 90 000 appareils Nas en D-Link sont attaqués Over 90,000 D-Link NAS Devices Are Under Attack Threat actors are targeting a high severity vulnerability in close to 100,000 legacy D-Link devices]]> 2024-04-09T09:05:00+00:00 https://www.infosecurity-magazine.com/news/over-90000-dlink-nas-devices-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8478565 False Vulnerability,Threat None 2.0000000000000000 Silicon - Site de News Francais Cinq tendances qui bouleversent la connectivité Cloud 2024-04-09T08:55:19+00:00 https://www.silicon.fr/avis-expert/cinq-tendances-qui-bouleversent-la-connectivite-cloud www.secnews.physaphae.fr/article.php?IdArticle=8478563 False Cloud None 2.0000000000000000 ComputerWeekly - Computer Magazine Un traité de contrôle des armes est-il hors de portée? Is a cyber arms control treaty out of reach? 2024-04-09T08:48:00+00:00 https://www.computerweekly.com/news/366580213/Is-a-cyber-arms-control-treaty-out-of-reach www.secnews.physaphae.fr/article.php?IdArticle=8478667 False None None 2.0000000000000000 Global Security Mag - Site de news francais Naviguer dans l\'ère de la cybersécurité Points de Vue]]> 2024-04-09T08:46:05+00:00 https://www.globalsecuritymag.fr/naviguer-dans-l-ere-de-la-cybersecurite.html www.secnews.physaphae.fr/article.php?IdArticle=8478561 False None None 2.0000000000000000 Silicon - Site de News Francais Les projets informatiques " problématiques " d\'unions de professionnels de santé 2024-04-09T08:10:45+00:00 https://www.silicon.fr/urps-cour-des-comptes-projets-informatiques-477548.html www.secnews.physaphae.fr/article.php?IdArticle=8478564 False None None 2.0000000000000000 Securonix - Siem Securonix Threat Labs Monthly Intelligence Insights & # 8211;Mars 2024 Securonix Threat Labs Monthly Intelligence Insights – March 2024 Securonix Threat Labs Monthly Intelligence Insights March 2024 provides a summary of top threats curated, monitored, and analyzed by Securonix Threat Labs.]]> 2024-04-09T08:00:06+00:00 https://www.securonix.com/blog/securonix-threat-labs-monthly-intelligence-insights-march-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8478682 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Pourquoi la gestion de l'identité est la clé d'une stratégie de cyber-résilience Why Identity Management is Key in a Cyber Resilience Strategy For the fourth edition of Identity Management Day, the Identity Defined Security Alliance shared staggering numbers on the boom of identity-related cyber incidents]]> 2024-04-09T08:00:00+00:00 https://www.infosecurity-magazine.com/news/identity-management-day-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8478539 False None None 2.0000000000000000 Korben - Bloger francais Indicator of Canary – Traquez les fichiers piégés comme un pro 2024-04-09T07:00:00+00:00 https://korben.info/indicator-of-canary-detecter-fichiers-pieges-indicateurs-compromission-urls-callback.html www.secnews.physaphae.fr/article.php?IdArticle=8478538 False Tool None 2.0000000000000000 ProofPoint - Cyber Firms 3 raisons pour lesquelles l'objectivité dans vos tests de phishing réduit le risque 3 Reasons Why Objectivity in Your Phishing Tests Reduces Risk 2024-04-09T06:00:39+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/securing-human-risk-objectivity-phishing-simulation www.secnews.physaphae.fr/article.php?IdArticle=8478668 False Threat None 2.0000000000000000 Korben - Bloger francais L\'avenir du jeu en ligne sur Wii U et 3DS est assuré grâce à Pretendo Network 2024-04-09T05:04:17+00:00 https://korben.info/pretendo-network-avenir-jeu-en-ligne-apres-nintendo.html www.secnews.physaphae.fr/article.php?IdArticle=8478496 False None None 2.0000000000000000 Korben - Bloger francais Android Studio intègre l\'IA Gemini Pro 2024-04-09T04:20:55+00:00 https://korben.info/android-studio-integre-gemini-pro-developpement-android-optimise.html www.secnews.physaphae.fr/article.php?IdArticle=8478474 False Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Groupe de cybercriminalité vietnamienne Coralraider NETS Données financières Vietnamese Cybercrime Group CoralRaider Nets Financial Data With a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries - and appears to have accidentally infected itself as well.]]> 2024-04-09T04:01:00+00:00 https://www.darkreading.com/vulnerabilities-threats/vietnamese-cybercrime-group-coralraider-nets-financial-data www.secnews.physaphae.fr/article.php?IdArticle=8478453 False None None 2.0000000000000000 Korben - Bloger francais Sodium Vapor – L\'invention oubliée de Disney qui surpassait le fond vert 2024-04-09T03:43:39+00:00 https://korben.info/sodium-vapor-technique-revolutionnaire-compositing-surpasse-green-screen.html www.secnews.physaphae.fr/article.php?IdArticle=8478475 False None None 2.0000000000000000 The State of Security - Magazine Américain Conformité à la cybersécurité dans le monde entier: DPDP de l'Inde \\ Cybersecurity Compliance Around the Globe: India\\'s DPDP In an era where data breaches and privacy concerns are increasingly shaping global discourse, India\'s proactive stance on data protection is noteworthy. Introducing the Digital Personal Data Protection (DPDP) Act 2023 marks a significant milestone in India\'s legislative landscape. This groundbreaking Act fortifies individual data privacy rights and aligns India with global cybersecurity and data protection standards, setting a new benchmark for regulatory compliance. Background and Development of the DPDP Act The genesis of India\'s Digital Personal Data Protection (DPDP) Act of 2023 traces...]]> 2024-04-09T02:40:10+00:00 https://www.tripwire.com/state-of-security/cybersecurity-compliance-around-globe-indias-dpdp www.secnews.physaphae.fr/article.php?IdArticle=8478540 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future La FCC ouvre une réglementation à la sonde de la voiture connectée FCC opens rulemaking to probe connected car stalking

La Federal Communications Commission (FCC) a annoncé lundi qu'elle lançait une procédure officielle pour étudier les moyens d'empêcher les agresseurs d'utiliser des outils de connectivité automobile pour harceler les survivants de la violence domestique.L'agence a déclaré avoir publié un avis de réglementation proposée qui abritera comment s'assurer que les constructeurs automobiles et les services sans fil

The Federal Communications Commission (FCC) announced Monday that it is launching a formal proceeding to study ways to prevent abusers from using car connectivity tools to harass domestic violence survivors. The agency said it has issued a notice of proposed rulemaking which will home in on how to make sure automakers and wireless service]]> 2024-04-09T00:37:43+00:00 https://therecord.media/fcc-connected-car-stalking-rulemaking www.secnews.physaphae.fr/article.php?IdArticle=8478392 False Tool,Studies None 2.0000000000000000 Fortinet Vunerability - Fortinet Vunerability FortiO FortiOS - Web server ETag exposure An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiOS may allow an unauthenticated attacker to fingerprint the device version via HTTP requests.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-224 www.secnews.physaphae.fr/article.php?IdArticle=8478730 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability FortisandBox - Injection de commande impactant la commande CLI FortiSandbox - Command injection impacting CLI command An improper neutralization of special elements used in an OS Command (\'OS Command Injection\') vulnerability [CWE-78] in FortiSandbox may allow a privileged attacker with super-admin profile and CLI access to execute arbitrary code via CLI.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-411 www.secnews.physaphae.fr/article.php?IdArticle=8478735 False None None None Fortinet Vunerability - Fortinet Vunerability Fortinac-F - Manque de validation de certificat FortiNAC-F - Lack of certificate validation An improper certificate validation vulnerability [CWE-295] in FortiNAC-F may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory, and FortiNAC-F.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-288 www.secnews.physaphae.fr/article.php?IdArticle=8478728 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability Fortios - chaîne de format dans la commande CLI FortiOS - Format String in CLI command A use of externally-controlled format string vulnerability [CWE-134] in FortiOS command line interface may allow a local privileged attacker with super-admin profile and CLI access to execute arbitrary code or commands via specially crafted requests.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-413 www.secnews.physaphae.fr/article.php?IdArticle=8478729 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability [Forticlient Linux] Exécution du code distant en raison de la configuration dangereuse de NodeJS [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration An Improper Control of Generation of Code (\'Code Injection\') vulnerability [CWE-94] in FortiClientLinux may allow##an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-087 www.secnews.physaphae.fr/article.php?IdArticle=8478725 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability Fortisandbox - Injection de commande OS sur le point de terminaison FortiSandbox - OS command injection on endpoint Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE-78] in FortiSandbox may allow an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-489 www.secnews.physaphae.fr/article.php?IdArticle=8478736 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability SMTP Tasseling SMTP Smuggling Fortinet is aware of the new SMTP smuggling technique.By exploiting interpretation differences of the SMTP protocol for the end of data sequence, it is possible to send spoofed e-mails, while still passing SPF alignment checks.FortiMail may be susceptible to smuggling attacks if some measures are not put in place. We therefore recommend to adhere to the following indications in order to mitigate the potential risk associated to the smuggling attacks:- Enable DKIM (Domain Keys Identified Mail) to enhance e-mail authentication. Select "None" action under DKIM check in AntiSpam profile in order to block by default e-mail without DKIM signature.- Disable "any-any" traffic policy to restrict unauthorized access.- Modify the configuration settings in line with the recommended security practices (DMARC/DKIM/SPF, proper ACL policy, avoid open relay MTA).]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-24-009 www.secnews.physaphae.fr/article.php?IdArticle=8478737 False None None None Fortinet Vunerability - Fortinet Vunerability FortisandBox - Écriture de fichiers arbitraires sur CLI conduisant à une exécution de code arbitraire FortiSandbox - Arbitrary file write on CLI leading to arbitrary code execution An improper limitation of a pathname to a restricted directory (\'Path Traversal\') vulnerability [CWE-22] in FortiSandbox may allow a privileged attacker with super-admin profile and CLI access to execute arbitrary code via CLI.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-416 www.secnews.physaphae.fr/article.php?IdArticle=8478734 False None None None Fortinet Vunerability - Fortinet Vunerability ForticlientMac - Manque de validation du fichier de configuration FortiClientMac - Lack of configuration file validation An external control of file name or path vulnerability [CWE-73] in FortiClientMac\'s installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-345 www.secnews.physaphae.fr/article.php?IdArticle=8478726 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability Fortimanager - Injection de code via le modèle Jinja FortiManager - Code Injection via Jinja Template An improper neutralization of special elements used in a template engine [CWE-1336] vulnerability in FortiManager provisioning templates may allow a local authenticated attacker with at least read-only permissions to execute arbitrary code via specially crafted templates.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-419 www.secnews.physaphae.fr/article.php?IdArticle=8478727 False Vulnerability None None Fortinet Vunerability - Fortinet Vunerability Fortios & Fortiproxy - Fellome des cookies administrateur FortiOS & FortiProxy - administrator cookie leakage An insufficiently protected credentials vulnerability (CWE-522) in FortiOS and FortiProxy may allow an attacker to obtain the administrator cookie in rare and specific conditions, via tricking the administrator into visiting a malicious attacker-controlled website through the SSL-VPN.]]> 2024-04-09T00:00:00+00:00 https://fortiguard.fortinet.com/psirt/FG-IR-23-493 www.secnews.physaphae.fr/article.php?IdArticle=8478731 False Vulnerability None None Dark Reading - Informationweek Branch Conseils pour sécuriser la chaîne d'approvisionnement du logiciel Tips for Securing the Software Supply Chain Industry experts share how to implement comprehensive security strategies necessary to secure the software supply chain in Dark Reading\'s latest Tech Insights report.]]> 2024-04-08T22:33:51+00:00 https://www.darkreading.com/cyber-risk/tips-for-securing-the-software-supply-chain www.secnews.physaphae.fr/article.php?IdArticle=8478660 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Home Depot martelé par violation de données de la chaîne d'approvisionnement Home Depot Hammered by Supply Chain Data Breach SaaS vendor to blame for exposing employee data that was ultimately leaked on Dark Web forum, according to the home improvement retailer.]]> 2024-04-08T21:13:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/home-depot-hammered-by-supply-chain-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8478330 False Data Breach,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Round 2: Modifier les soins de santé ciblés dans la deuxième attaque de ransomware Round 2: Change Healthcare Targeted in Second Ransomware Attack RansomHub, which is speculated to have some connection to ALPHV, has stolen 4TB of sensitive data from the beleaguered healthcare company.]]> 2024-04-08T20:49:32+00:00 https://www.darkreading.com/cyberattacks-data-breaches/round-2-change-healthcare-targeted-second-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=8478306 False Ransomware,Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Wyden publie un projet de législation pour mettre fin à la dépendance fédérale à l'égard des logiciels propriétaires sans sécurité Wyden Releases Draft Legislation to End Federal Dependence on Insecure, Proprietary Software 2024-04-08T20:39:40+00:00 https://www.darkreading.com/application-security/wyden-releases-draft-legislation-to-end-federal-dependence-on-insecure-proprietary-software www.secnews.physaphae.fr/article.php?IdArticle=8478307 False Legislation None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ScrubCrypt Deploys VenomRAT with an Arsenal of Plugins ## Snapshot The article from FortiGuard Labs Threat Research uncovers a recent threat actor\'s distribution of VenomRAT and other plugins through a phishing email containing malicious Scalable Vector Graphics (SVG) files. ## Description The email entices victims to click on an attachment, which downloads a ZIP file containing a Batch file obfuscated with the BatCloak tool. Subsequently, ScrubCrypt is used to load the final payload, VenomRAT, while maintaining a connection with a command and control (C2) server to install plugins on victims\' environments. The plugin files downloaded from the C2 server include VenomRAT version 6, Remcos, XWorm, NanoCore, and a stealer designed for specific crypto wallets. ## References [https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins](https://www.fortinet.com/blog/threat-research/scrubcrypt-deploys-venomrat-with-arsenal-of-plugins)]]> 2024-04-08T20:36:41+00:00 https://community.riskiq.com/article/98d69c76 www.secnews.physaphae.fr/article.php?IdArticle=8478320 False Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Strikeeady augmente 12 millions de dollars pour la plate-forme de commande de sécurité AI StrikeReady Raises $12M for AI Security Command Platform 2024-04-08T20:33:32+00:00 https://www.darkreading.com/application-security/strikeready-raises-12m-for-ai-security-command-platform-purpose-built-for-modern-soc-teams www.secnews.physaphae.fr/article.php?IdArticle=8478308 False None None 1.00000000000000000000 Recorded Future - FLux Recorded Future \\ 'ils mentent \\': Palau nie les allégations de Ransomware Gang au cours de la cyberattaque récente \\'They\\'re lying\\': Palau denies claims by ransomware gang over recent cyberattack

Le gouvernement de Palau a nié plusieurs nouvelles affirmations par un gang de ransomware que les deux parties étaient en contact à la suite d'une attaque le mois dernier. & NBSP;Le gang de ransomware de Dragonforce a officiellement publié des Palao sur son site de fuite dimanche, menaçant de publier des données volées au gouvernement de l'île de la nation \\ en trois jours. & Nbsp;Le groupe a répondu à un

The government of Palau denied several new claims by a ransomware gang that the two sides were in contact following an attack last month. The DragonForce ransomware gang officially posted Palau to its leak site on Sunday, threatening to publish data stolen from the island-nation\'s government in three days. The group responded to a]]> 2024-04-08T19:32:02+00:00 https://therecord.media/palau-denies-ransomware-gang-claims www.secnews.physaphae.fr/article.php?IdArticle=8478285 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais Gabriel Ladet, Chimere : Chimere Cyberstealth est une alternative au VPN et Bastion Interviews / affiche]]> 2024-04-08T19:32:00+00:00 https://www.globalsecuritymag.fr/gabriel-ladet-chimere-chimere-cyberstealth-est-une-alternative-au-vpn-et.html www.secnews.physaphae.fr/article.php?IdArticle=8477713 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Chrome ajoute V8 Sandbox - une nouvelle défense contre les attaques de navigateur Google Chrome Adds V8 Sandbox - A New Defense Against Browser Attacks Google has announced support for what\'s called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading within the host process." The search behemoth has described V8 Sandbox as a lightweight, in-process sandbox]]> 2024-04-08T19:21:00+00:00 https://thehackernews.com/2024/04/google-chrome-adds-v8-sandbox-new.html www.secnews.physaphae.fr/article.php?IdArticle=8478161 False Technical None 2.0000000000000000 TechRepublic - Security News US XZ Utils Supply Chain Attack: Un acteur de menace a passé deux ans pour mettre en œuvre une porte dérobée Linux XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat.]]> 2024-04-08T18:47:15+00:00 https://www.techrepublic.com/article/xz-backdoor-linux/ www.secnews.physaphae.fr/article.php?IdArticle=8478262 False Threat None 2.0000000000000000 The Register - Site journalistique Anglais Home Depot confirme la fuite des données des travailleurs après que le minefrinant déverse les informations en ligne Home Depot confirms worker data leak after miscreant dumps info online SaaS slip up leads to scumbags seeking sinecure Home Depot has confirmed that a third-party company accidentally exposed some of its employees\' personal details after a criminal copy-pasted the data online.…]]> 2024-04-08T18:26:02+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/08/home_depot_data_theft/ www.secnews.physaphae.fr/article.php?IdArticle=8478264 False None None 2.0000000000000000