This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-06T23:43:49+00:00 www.secnews.physaphae.fr Wired Threat Level - Security News 2021-08-16T20:44:22+00:00 https://www.wired.com/story/t-mobile-hack-data-phishing www.secnews.physaphae.fr/article.php?IdArticle=3239188 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-08-16T19:45:00+00:00 https://www.infosecurity-magazine.com/news/tmobile-investigates-possible-data/ www.secnews.physaphae.fr/article.php?IdArticle=3238507 False Data Breach None None Bleeping Computer - Magazine Américain 2021-08-16T15:52:44+00:00 https://www.bleepingcomputer.com/news/security/t-mobile-confirms-servers-were-hacked-investigates-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3238519 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2021-08-16T15:23:21+00:00 https://www.bleepingcomputer.com/news/security/education-giant-pearson-fined-1m-for-downplaying-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3238521 False Data Breach None None Bleeping Computer - Magazine Américain 2021-08-16T07:23:27+00:00 https://www.bleepingcomputer.com/news/security/colonial-pipeline-reports-data-breach-after-may-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3236058 False Ransomware,Data Breach None None Security Affairs - Blog Secu 2021-08-16T06:47:07+00:00 https://securityaffairs.co/wordpress/121176/data-breach/t-mobile-investigates-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=t-mobile-investigates-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3235192 False Data Breach,Threat None None InfoSecurity Mag - InfoSecurity Magazine 2021-08-12T19:29:00+00:00 https://www.infosecurity-magazine.com/news/chanel-apologizes-for-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3218969 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-08-10T18:11:00+00:00 https://www.infosecurity-magazine.com/news/upmc-to-pay-265m-to-settle-data/ www.secnews.physaphae.fr/article.php?IdArticle=3206065 False Data Breach None None Security Affairs - Blog Secu 2021-08-04T21:39:51+00:00 https://securityaffairs.co/wordpress/120816/data-breach/advanced-technology-ventures-ransomware-attack.html?utm_source=rss&utm_medium=rss&utm_campaign=advanced-technology-ventures-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=3174588 True Ransomware,Data Breach,Threat None None InfoSecurity Mag - InfoSecurity Magazine 2021-08-04T14:22:00+00:00 https://www.infosecurity-magazine.com/news/personal-data-breach-fall-rising/ www.secnews.physaphae.fr/article.php?IdArticle=3173082 False Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence BazaCall: Phony Call Centers Lead to Exfiltration and Ransomware (published: July 29, 2021) BazaCall campaigns have forgone malicious links or attachments in email messages in favor of phone numbers that recipients are misled into calling. Actual humans then provide the callers with step-by-step instructions for installing malware. The BazaLoader payload from these campaigns also gives a remote attacker hands-on-keyboard control on an affected user's device, which allows for a fast network compromise. The lack of obvious malicious elements in the delivery methods could render typical ways of detecting spam and phishing emails ineffective. Analyst Comment: All users should be informed of the risk phishing poses, and how to safely make use of email. They should take notice that a phone number sent to them can be fraudulent too. In the case of infection, the affected system should be wiped and reformatted, and if at all possible the ransom should not be paid. Implement a backup solution for your users to ease the pain of losing sensitive and important data. MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Credential Dumping - T1003 | [MITRE ATT&CK] Data Encrypted for Impact - T1486 Tags: BazaCall, Bazaar, Ransomware Crimea “Manifesto” Deploys VBA Rat Using Double Attack Vectors (published: July 29, 2021) Hossein Jazi has identified a suspicious document named "Манифест". It downloads and executes two templates: one is macro-enabled and the other is an Internet Explorer exploit. While both techniques rely on template injection to drop a full-featured Remote Access Trojan, the IE exploit is an unusual discovery. Analyst Comment: Files that request content be enabled to properly view the document are often signs of a phishing attack. If such a file is sent to you via a known and trusted sender, that individual should be contacted to verify the authenticity of the attachment prior to opening. Thus, any such file attachment sent by unknown senders should be viewed with the utmost scrutiny, and the attachments should be avoided and properly reported to appropriate personnel. MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Template Injection - T1221 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] Modify Registry - T1112 Tags: VBA, Russia, RAT, CVE-]]> 2021-08-03T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-lockbit-ransomware-phony-call-centers-lead-to-exfiltration-and-ransomware-vba-rat-using-double-attack-vectors-and-more www.secnews.physaphae.fr/article.php?IdArticle=3166543 False Ransomware,Data Breach,Spam,Malware,Threat,Guideline None None CybeReason - Vendor blog A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact to the business, including loss of revenue, damage to the organization's brand, unplanned workforce reductions, and little in the way of relief from cyber insurance policies. An esteemed panel of subject matter experts will examine the research findings and discuss how organizations can better prepare to defend against and respond to a ransomware attack, and the full on-demand webinar can be found here. Recently, IBM came out with its Cost of a Data Breach Report 2021. This publication synthesizes the Ponemon Institute's research of 537 breaches that affected 17 different industries and that occurred across 17 countries and regions. It also draws on nearly 3,500 interviews to understand how much those breaches cost organizations and what decision makers are doing to better defend against security incidents going forward.]]> 2021-08-02T12:07:17+00:00 https://www.cybereason.com/blog/what-the-growing-costs-of-a-data-breach-means-for-the-business www.secnews.physaphae.fr/article.php?IdArticle=3161394 True Ransomware,Data Breach None None Security Intelligence - Site de news Américain 2021-07-30T12:25:45+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/9EOeD00aS5g/ www.secnews.physaphae.fr/article.php?IdArticle=3151621 False Data Breach None None TechRepublic - Security News US 2021-07-28T17:28:21+00:00 https://www.techrepublic.com/article/data-breach-costs-hit-record-high-due-to-pandemic/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=3145467 False Data Breach None None Security Affairs - Blog Secu 2021-07-28T14:26:36+00:00 https://securityaffairs.co/wordpress/120627/data-breach/cost-of-data-breach-2021.html?utm_source=rss&utm_medium=rss&utm_campaign=cost-of-data-breach-2021 www.secnews.physaphae.fr/article.php?IdArticle=3145029 False Data Breach None None SecurityWeek - Security News 2021-07-28T12:31:39+00:00 http://feedproxy.google.com/~r/securityweek/~3/fJqYMc-VoaY/university-san-diego-health-says-personal-information-stolen-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3144654 False Data Breach None None SecurityWeek - Security News 2021-07-28T11:13:44+00:00 http://feedproxy.google.com/~r/securityweek/~3/yWJmWkV-oC4/ibm-average-cost-data-breach-exceeds-42-million www.secnews.physaphae.fr/article.php?IdArticle=3144307 False Data Breach None None Security Intelligence - Site de news Américain 2021-07-28T10:00:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/oPFBrnVvzTw/ www.secnews.physaphae.fr/article.php?IdArticle=3144135 False Data Breach None None IT Security Guru - Blog Sécurité 2021-07-28T08:16:04+00:00 https://www.itsecurityguru.org/2021/07/28/cost-of-a-data-breach-hits-record-high-during-the-pandemic/?utm_source=rss&utm_medium=rss&utm_campaign=cost-of-a-data-breach-hits-record-high-during-the-pandemic www.secnews.physaphae.fr/article.php?IdArticle=3143706 True Data Breach None None Security Intelligence - Site de news Américain 2021-07-28T06:39:34+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/L58L1_Ktj1s/ www.secnews.physaphae.fr/article.php?IdArticle=3143481 False Data Breach None None ZD Net - Magazine Info 2021-07-28T04:01:02+00:00 https://www.zdnet.com/article/enterprise-data-breach-cost-reached-record-high-during-covid-19-pandemic/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=3143379 False Data Breach None None Bleeping Computer - Magazine Américain 2021-07-27T16:06:32+00:00 https://www.bleepingcomputer.com/news/security/uc-san-diego-health-discloses-data-breach-after-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3141650 False Data Breach None None CybeReason - Vendor blog The average cost of a data breach in 2020 was $3.86 million, according to IBM. It was even more expensive for certain entities. Indeed, that cost rose to $8.64 million when attackers succeeded in breaching an organization located in the United States. It was the same story in the healthcare industry, with the cost of data breaches climbing to $7.13 million for affected entities. ]]> 2021-07-27T12:56:20+00:00 https://www.cybereason.com/blog/the-xdr-advantage-eliminate-dwell-time-and-gain-visibility www.secnews.physaphae.fr/article.php?IdArticle=3139895 False Data Breach None None Veracode - Application Security Research, News, and Education Blog 2021-07-26T09:56:06+00:00 https://www.veracode.com/blog/secure-development/announcing-veracode-security-labs-free-trial www.secnews.physaphae.fr/article.php?IdArticle=3134024 False Data Breach,Guideline None None Veracode - Application Security Research, News, and Education Blog 2021-07-23T15:50:53+00:00 https://www.veracode.com/blog/intro-appsec/what-will-cybersecurity-look-over-next-five-years www.secnews.physaphae.fr/article.php?IdArticle=3121889 False Data Breach,Threat None None Security Affairs - Blog Secu 2021-07-23T13:59:38+00:00 https://securityaffairs.co/wordpress/120477/data-breach/us-municipalities-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=us-municipalities-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3119568 False Data Breach None None Troy Hunt - Blog 2021-07-21T19:36:08+00:00 https://www.troyhunt.com/your-work-email-address-is-your-works-email-address/ www.secnews.physaphae.fr/article.php?IdArticle=3107620 False Data Breach None None Security Intelligence - Site de news Américain 2021-07-20T14:30:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/PJym_RwnLKI/ www.secnews.physaphae.fr/article.php?IdArticle=3100566 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2021-07-19T08:02:33+00:00 https://www.bleepingcomputer.com/news/security/saudi-aramco-data-breach-sees-1-tb-stolen-data-for-sale/ www.secnews.physaphae.fr/article.php?IdArticle=3092919 False Data Breach None None Bleeping Computer - Magazine Américain 2021-07-18T11:22:44+00:00 https://www.bleepingcomputer.com/news/security/ransomware-hits-law-firm-counseling-fortune-500-global-500-companies/ www.secnews.physaphae.fr/article.php?IdArticle=3090521 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-07-18T10:16:32+00:00 https://www.bleepingcomputer.com/news/security/comparis-customers-targeted-by-scammers-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3090522 False Ransomware,Data Breach,Guideline None None Security Affairs - Blog Secu 2021-07-13T07:04:18+00:00 https://securityaffairs.co/wordpress/120029/cyber-crime/guess-discloses-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=guess-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3055914 True Ransomware,Data Breach None None SecurityWeek - Security News 2021-07-13T04:03:27+00:00 http://feedproxy.google.com/~r/securityweek/~3/UAfWQsQzUSY/fashion-retailer-guess-notifies-users-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3055739 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-07-12T12:33:40+00:00 https://www.bleepingcomputer.com/news/security/fashion-retailer-guess-discloses-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3052715 False Ransomware,Data Breach None None Graham Cluley - Blog Security 2021-07-12T10:20:27+00:00 https://grahamcluley.com/spreadshop-hacked-t-shirt-lovers-warned-of-considerably-vicious-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3051225 False Data Breach None None Security Affairs - Blog Secu 2021-07-11T05:21:09+00:00 https://securityaffairs.co/wordpress/119954/data-breach/mint-mobile-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=mint-mobile-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3048666 True Data Breach None None Bleeping Computer - Magazine Américain 2021-07-10T13:18:17+00:00 https://www.bleepingcomputer.com/news/security/mint-mobile-hit-by-a-data-breach-after-numbers-ported-data-accessed/ www.secnews.physaphae.fr/article.php?IdArticle=3047294 False Data Breach None None Security Affairs - Blog Secu 2021-07-09T14:10:50+00:00 https://securityaffairs.co/wordpress/119913/data-breach/cna-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=cna-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3042974 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-07-09T07:29:40+00:00 https://www.bleepingcomputer.com/news/security/insurance-giant-cna-reports-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3041879 False Ransomware,Data Breach,Guideline None None TroyHunt - Blog Security 2021-07-08T23:16:18+00:00 https://arstechnica.com/?p=1779001 www.secnews.physaphae.fr/article.php?IdArticle=3040278 False Data Breach None None Security Affairs - Blog Secu 2021-07-08T19:30:40+00:00 https://securityaffairs.co/wordpress/119865/data-breach/morgan-stanley-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=morgan-stanley-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3039273 False Data Breach,Hack,Threat None None Bleeping Computer - Magazine Américain 2021-07-08T09:19:53+00:00 https://www.bleepingcomputer.com/news/security/morgan-stanley-reports-data-breach-after-vendor-accellion-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3037733 False Data Breach,Hack None None InfoSecurity Mag - InfoSecurity Magazine 2021-07-06T17:00:00+00:00 https://www.infosecurity-magazine.com:443/news/ba-settles-with-data-breach-victims/ www.secnews.physaphae.fr/article.php?IdArticle=3029168 False Data Breach None None SecurityWeek - Security News 2021-07-06T15:46:07+00:00 http://feedproxy.google.com/~r/securityweek/~3/137-mOznkqg/british-airways-settles-class-action-over-2018-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3028648 False Data Breach None None Bleeping Computer - Magazine Américain 2021-07-06T14:30:23+00:00 https://www.bleepingcomputer.com/news/security/hacker-dumps-private-info-of-pro-trump-gettr-social-network-members/ www.secnews.physaphae.fr/article.php?IdArticle=3029214 False Data Breach None None ComputerWeekly - Computer Magazine 2021-07-06T07:00:00+00:00 https://www.computerweekly.com/news/252503589/BA-reaches-settlement-in-data-breach-group-action www.secnews.physaphae.fr/article.php?IdArticle=3027523 False Data Breach None None Bleeping Computer - Magazine Américain 2021-07-02T08:39:59+00:00 https://www.bleepingcomputer.com/news/security/us-insurance-giant-ajg-reports-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3011652 False Ransomware,Data Breach None None Security Affairs - Blog Secu 2021-07-01T17:35:10+00:00 https://securityaffairs.co/wordpress/119591/data-breach/university-medical-center-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=university-medical-center-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3007588 False Data Breach,Threat None None ComputerWeekly - Computer Magazine 2021-06-30T10:53:00+00:00 https://www.computerweekly.com/news/252503281/LinkedIn-denies-exposure-of-700-million-user-records-is-a-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3001258 False Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Microsoft Signed a Malicious Netfilter Rootkit (published: June 25, 2021) Security researchers recently discovered a malicious netfilter driver that is signed by a valid Microsoft signing certificate. The files were initially thought to be a false positive due to the valid signing, but further inspection revealed that the malicious driver called out to a Chinese IP. Further research has analyzed the malware, dropper, and Command and Control (C2) commands. Microsoft is still investigating this incident, but has clarified that they did approve the signing of the driver. Analyst Comment: Malware signed by a trusted source is a threat vector that can be easily missed, as organizations may be tempted to not inspect files from a trusted source. It is important for organizations to have network monitoring as part of their defenses. Additionally, the signing certificate used was quite old, so review and/or expiration of old certificates could prevent this malware from running. MITRE ATT&CK: [MITRE ATT&CK] Code Signing - T1116 | [MITRE ATT&CK] Install Root Certificate - T1130 Tags: Netfilter, China Dell BIOSConnect Flaws Affect 30 Million Devices (published: June 24, 2021) Four vulnerabilities have been identified in the BIOSConnect tool distributed by Dell as part of SupportAssist. The core vulnerability is due to insecure/faulty handling of TLS, specifically accepting any valid wildcard certificate. The flaws in this software affect over 30 million Dell devices across 128 models, and could be used for Remote Code Execution (RCE). Dell has released patches for these vulnerabilities and currently there are no known actors scanning or exploiting these flaws. Analyst Comment: Any business or customer using Dell hardware should patch this vulnerability to prevent malicious actors from being able to exploit it. The good news is that Dell has addressed the issue. Patch management and asset inventories are critical portions of a good defense in depth security program. MITRE ATT&CK: [MITRE ATT&CK] Exploitation for Client Execution - T1203 | [MITRE ATT&CK] Exploitation for Privilege Escalation - T1068 | [MITRE ATT&CK] Peripheral Device Discovery - T1120 Tags: CVE-2021-21571, CVE-2021-21572, CVE-2021-21573, CVE-2021-21574, Dell, BIOSConnect Malicious Spam Campaigns Delivering Banking Trojans (published: June 24, 2021) Analysis from two mid-March 2021 spam campaignts revealed that th]]> 2021-06-29T16:29:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-microsoft-signs-malicious-netfilter-rootkit-ransomware-attackers-using-vms-fertility-clinic-hit-with-data-breach-and-more www.secnews.physaphae.fr/article.php?IdArticle=2996479 False Ransomware,Data Breach,Spam,Malware,Tool,Vulnerability,Threat,Patching APT 30 None Bleeping Computer - Magazine Américain 2021-06-25T15:26:00+00:00 https://www.bleepingcomputer.com/news/security/mercedes-benz-data-breach-exposes-ssns-credit-card-numbers/ www.secnews.physaphae.fr/article.php?IdArticle=2983712 False Data Breach None None IT Security Guru - Blog Sécurité 2021-06-25T15:08:28+00:00 https://www.itsecurityguru.org/2021/06/25/ps3-users-reportedly-banned-from-their-accounts-after/?utm_source=rss&utm_medium=rss&utm_campaign=ps3-users-reportedly-banned-from-their-accounts-after www.secnews.physaphae.fr/article.php?IdArticle=2982463 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-24T18:45:00+00:00 https://www.infosecurity-magazine.com:443/news/data-breach-at-workforce-west/ www.secnews.physaphae.fr/article.php?IdArticle=2978522 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-23T11:53:28+00:00 https://www.bleepingcomputer.com/news/security/tulsa-warns-of-data-breach-after-conti-ransomware-leaks-police-citations/ www.secnews.physaphae.fr/article.php?IdArticle=2971774 False Ransomware,Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Andariel Evolves to Target South Korea with Ransomware (published: June 15, 2021) Researchers at securelist identified ransomware attacks from Andariel, a sub-group of Lazarus targeting South Korea. Attack victims included entities from manufacturing, home network service, media and construction sectors. These attacks involved malicious Microsoft Word documents containing a macro and used novel techniques to implant a multi-stage payload. The final payload was a ransomware custom made for this specific attack. Analyst Comment: Users should be wary of documents that request Macros to be enabled. All employees should be educated on the risk of opening attachments from unknown senders. Anti-spam and antivirus protections should be implemented and kept up-to-date with the latest version to better ensure security. MITRE ATT&CK: [MITRE ATT&CK] System Network Connections Discovery - T1049 | [MITRE ATT&CK] Process Discovery - T1057 | [MITRE ATT&CK] Screen Capture - T1113 | [MITRE ATT&CK] Standard Non-Application Layer Protocol - T1095 | [MITRE ATT&CK] Exfiltration Over Command and Control Channel - T1041 | [MITRE ATT&CK] Data Encrypted for Impact - T1486 Tags: Lazarus group, Lazarus, Andariel, Hidden Cobra, tasklist, Manuscrypt, Banking And Finance, Malicious documents, Macros Matanbuchus: Malware-as-a-Service with Demonic Intentions (published: June 15, 2021) In February 2021, BelialDemon advertised a new malware-as-a-service (MaaS) called Matanbuchus Loader and charged an initial rental price of $2,500. Malware loaders are malicious software that typically drop or pull down second-stage malware from command and control (C2) infrastructures. Analyst Comment: Malware as a Service (MaaS) is a relatively new development, which opens the doors of crime to anyone with the money to pay for access. A criminal organization that wants to carry out a malware attack on a target no longer requires in-house technical expertise or infrastructure. Such attacks in most cases share tactics, techniques, and even IOCs. This highlights the importance of intelligence sharing for proactive protection. MITRE ATT&CK: [MITRE ATT&CK] System Network Configuration Discovery - T1016 Tags: BelialDemon, Matanbuchus, Belial, WildFire, EU, North America Black Kingdom ransomware (published: June 17]]> 2021-06-22T18:18:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-klingon-rat-holding-on-for-dear-life-cvs-medical-records-breach-black-kingdom-ransomware-and-more www.secnews.physaphae.fr/article.php?IdArticle=2966761 False Ransomware,Data Breach,Malware,Vulnerability,Threat,Medical APT 38,APT 28 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-06-21T19:56:22+00:00 https://threatpost.com/embryology-data-breach-fertility-clinic-ransomware/167087/ www.secnews.physaphae.fr/article.php?IdArticle=2961371 False Ransomware,Data Breach None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2021-06-21T18:33:00+00:00 https://www.infosecurity-magazine.com:443/news/ohio-medicaid-provider-suffers/ www.secnews.physaphae.fr/article.php?IdArticle=2960968 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2021-06-21T13:02:06+00:00 https://informationsecuritybuzz.com/expert-comments/turbotax-customer-data-breach-cyber-expert-comments/ www.secnews.physaphae.fr/article.php?IdArticle=2959298 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2021-06-21T12:45:28+00:00 https://informationsecuritybuzz.com/expert-comments/supermarket-chain-wegmans-notifies-customers-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2959300 True Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-21T08:53:00+00:00 https://www.infosecurity-magazine.com:443/news/30000-fertility-clinic-patients/ www.secnews.physaphae.fr/article.php?IdArticle=2958688 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-06-20T10:06:59+00:00 https://www.bleepingcomputer.com/news/security/fertility-clinic-discloses-data-breach-exposing-patient-info/ www.secnews.physaphae.fr/article.php?IdArticle=2956120 False Ransomware,Data Breach None None Security Affairs - Blog Secu 2021-06-18T20:03:52+00:00 https://securityaffairs.co/wordpress/119115/data-breach/wegmans-discloses-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=wegmans-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2949554 False Data Breach None None Security Affairs - Blog Secu 2021-06-18T12:26:49+00:00 https://securityaffairs.co/wordpress/119102/data-breach/carnival-security-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=carnival-security-breach www.secnews.physaphae.fr/article.php?IdArticle=2948216 True Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2021-06-18T11:15:16+00:00 https://informationsecuritybuzz.com/expert-comments/experts-insight-on-carnival-cruises-recent-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2947612 False Data Breach None None SecurityWeek - Security News 2021-06-18T11:01:39+00:00 http://feedproxy.google.com/~r/securityweek/~3/0Qno10Y1_0g/cruise-giant-carnival-says-customers-affected-breach www.secnews.physaphae.fr/article.php?IdArticle=2947575 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-18T09:15:06+00:00 https://www.bleepingcomputer.com/news/security/us-supermarket-chain-wegmans-notifies-customers-of-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2948398 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-17T17:47:15+00:00 https://www.bleepingcomputer.com/news/security/egg-free-cake-box-suffer-data-breach-exposing-credit-card-numbers/ www.secnews.physaphae.fr/article.php?IdArticle=2944923 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2021-06-17T17:47:15+00:00 https://www.bleepingcomputer.com/news/security/eggfree-cake-box-suffer-data-breach-exposing-credit-card-numbers/ www.secnews.physaphae.fr/article.php?IdArticle=2946621 True Data Breach,Threat None None SecurityWeek - Security News 2021-06-17T15:14:27+00:00 http://feedproxy.google.com/~r/securityweek/~3/r5jHztQJuOM/uk-law-firm-gateley-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2943150 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-17T12:15:23+00:00 https://www.bleepingcomputer.com/news/security/carnival-cruise-hit-by-data-breach-warns-of-data-misuse-risk/ www.secnews.physaphae.fr/article.php?IdArticle=2943628 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-16T17:36:06+00:00 https://www.bleepingcomputer.com/news/cryptocurrency/criminals-are-mailing-altered-ledger-devices-to-steal-cryptocurrency/ www.secnews.physaphae.fr/article.php?IdArticle=2943243 True Data Breach None None Bleeping Computer - Magazine Américain 2021-06-16T17:36:06+00:00 https://www.bleepingcomputer.com/news/cryptocurrency/scammers-mail-fake-ledger-devices-to-steal-your-cryptocurrency/ www.secnews.physaphae.fr/article.php?IdArticle=2939261 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2021-06-16T12:18:40+00:00 https://informationsecuritybuzz.com/expert-comments/expert-reaction-on-the-worlds-largest-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2935234 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2021-06-16T12:08:57+00:00 https://informationsecuritybuzz.com/expert-comments/volkswagen-audi-disclose-data-breach-impacting-over-3-3-million-customers-interested-buyers/ www.secnews.physaphae.fr/article.php?IdArticle=2935236 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-15T08:37:23+00:00 https://www.bleepingcomputer.com/news/security/largest-us-propane-distributor-discloses-8-second-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2929158 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite 2021-06-14T11:14:27+00:00 https://informationsecuritybuzz.com/expert-comments/experts-react-mcdonalds-suffers-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2922292 False Data Breach None 3.0000000000000000 ZD Net - Magazine Info 2021-06-14T09:33:07+00:00 https://www.zdnet.com/article/volkswagen-audi-disclose-data-breach-impacting-over-3-3-million-customers-interested-buyers/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2922201 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-06-13T23:59:46+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/H9QvjajTV9k/chinese-hackers-believed-to-be-behind.html www.secnews.physaphae.fr/article.php?IdArticle=2921125 False Data Breach,Threat,Guideline APT 41 None Security Affairs - Blog Secu 2021-06-12T16:37:01+00:00 https://securityaffairs.co/wordpress/118894/data-breach/mcdonalds-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=mcdonalds-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2916975 False Data Breach None None Security Affairs - Blog Secu 2021-06-12T13:39:38+00:00 https://securityaffairs.co/wordpress/118887/data-breach/volkswagen-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=volkswagen-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2916726 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-12T12:27:59+00:00 https://www.bleepingcomputer.com/news/security/audi-volkswagen-data-breach-affects-33-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=2916965 False Data Breach None None SecurityWeek - Security News 2021-06-11T18:59:35+00:00 http://feedproxy.google.com/~r/securityweek/~3/Sh4am27ONYg/volkswagen-america-discloses-data-breach-impacting-33-million www.secnews.physaphae.fr/article.php?IdArticle=2911219 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-11T17:00:00+00:00 https://www.infosecurity-magazine.com:443/news/mcdonalds-suffers-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2910404 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-11T12:45:46+00:00 https://www.bleepingcomputer.com/news/security/mcdonalds-discloses-data-breach-after-theft-of-customer-employee-info/ www.secnews.physaphae.fr/article.php?IdArticle=2910310 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-11T11:34:00+00:00 https://www.infosecurity-magazine.com:443/news/gaming-ea-suffers-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2908584 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-10T17:24:00+00:00 https://www.infosecurity-magazine.com:443/news/texas-to-publish-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2904572 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-09T17:34:00+00:00 https://www.infosecurity-magazine.com:443/news/nebraska-medicine-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2898051 False Data Breach None None Bleeping Computer - Magazine Américain 2021-06-07T12:47:16+00:00 https://www.bleepingcomputer.com/news/security/us-truck-and-military-vehicle-maker-navistar-discloses-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2886408 False Data Breach None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Deloitte Inisights report underscores the reality: the average IT department allocates over half its budget on maintenance but only 19 percent on innovation. And according to a 2021 State of IT Spiceworks Ziff Davis study, updating outdated IT infrastructure is the number one factor driving IT budget increases — cited by 56% of organizations planning on growing IT spend. Also driving cloud adoption is the need to address disaster recovery (DR). While DR has not been typically cost-effective for small to mid-sized businesses, many cloud vendors and providers offer DR solutions like DRaaS (Disaster Recovery as a Service) that address those challenges. But perhaps the greatest driver of cloud adoption today is COVID-19. The pandemic’s disruption to the business landscape forced organizations to consider advanced technologies. The work from home or remote work model is here to stay, and the demand for software-as-a-service (SaaS) applications that allow teams to collaborate from anywhere is steadily increasing. The main spheres of digital transformation While one can argue that the components of digital transformation are numerous, we are highlighting five important spheres. Security As network access moves beyond the office perimeter to meet the demands of a remote workforce, robust security measures are required to maintain the confidentiality, integrity, and availability of corporate and customer data. ]]> 2021-06-04T05:01:00+00:00 https://feeds.feedblitz.com/~/653948998/0/alienvault-blogs~Digital-transformation-explained www.secnews.physaphae.fr/article.php?IdArticle=2884726 False Data Breach,Threat Deloitte None Bleeping Computer - Magazine Américain 2021-06-03T13:50:20+00:00 https://www.bleepingcomputer.com/news/security/scripps-health-notifies-patients-of-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2871841 False Ransomware,Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-02T16:00:00+00:00 https://www.infosecurity-magazine.com:443/news/scripps-notifying-147k-people-of/ www.secnews.physaphae.fr/article.php?IdArticle=2868793 False Ransomware,Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-06-01T15:19:00+00:00 https://www.infosecurity-magazine.com:443/news/model-sues-law-firm-over-data/ www.secnews.physaphae.fr/article.php?IdArticle=2865290 False Data Breach None None Security Affairs - Blog Secu 2021-05-29T21:57:58+00:00 https://securityaffairs.co/wordpress/118377/security/fbi-passwords-hibp-pwned-passwords.html?utm_source=rss&utm_medium=rss&utm_campaign=fbi-passwords-hibp-pwned-passwords www.secnews.physaphae.fr/article.php?IdArticle=2857921 False Data Breach None 2.0000000000000000 SecurityWeek - Security News 2021-05-27T17:59:19+00:00 http://feedproxy.google.com/~r/securityweek/~3/0rviAC4e-CU/japanese-ministries-confirm-impact-fujitsu-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2847420 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-05-27T16:42:00+00:00 https://www.infosecurity-magazine.com:443/news/data-breach-at-canada-post/ www.secnews.physaphae.fr/article.php?IdArticle=2846906 True Data Breach,Malware,Guideline None None InformationSecurityBuzzNews - Site de News Securite 2021-05-27T14:38:13+00:00 https://informationsecuritybuzz.com/expert-comments/canada-post-discloses-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2846272 False Data Breach None None Bleeping Computer - Magazine Américain 2021-05-27T14:08:26+00:00 https://www.bleepingcomputer.com/news/security/canada-post-hit-by-data-breach-after-supplier-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2847827 False Ransomware,Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Air India passenger data breach reveals SITA hack worse than first thought (published: May 23, 2021) Adding to the growing body of knowledge related to the March 2021 breach of SITA, a multinational information technology company providing IT and telecommunication services to the air transport industry, Air India announced over the weekend that the personal information of 4.5 million customers was compromised. According to the airline, the stolen information included passengers’ name, credit card details, date of birth, contact information, passport information, ticket information, Star Alliance and Air India frequent flyer data. The compromise included data for passengers who registered with Indian Airlines between 26 August 2011 and 3 February 2021; nearly a decade. Air India adds to the growing list of SITA clients impacted by their data breach, including Malaysia Airlines, Finnair, Singapore Airlines, Jeju Air, Cathay Pacific, Air New Zealand, and Lufthansa. Analyst Comment: Unfortunately, breaches like this are commonplace. While customers have no control over their information being included in such a breach, they can and should take appropriate actions once notified they may be impacted, Those actions can include changing passwords and credit cards associated with the breached accounts, engaging with credit reporting agencies for enhanced credit monitoring or freezing of credit inquiries without permission, and reaching out to companies that have reportedly been breached to learn what protections they may be offering their clients. Tags: Data Breach, Airline, PII BazarCall: Call Centers Help Spread BazarLoader Malware (published: May 19, 2021) Researchers from PaloAlto’s Unit42 released a breakdown of a new infection method for the BazarLoader malware. Once installed, BazarLoader provides backdoor access to an infected Windows host which criminals can use to scan the environment, send follow-up malware, and exploit other vulnerable hosts on the network. In early February 2021, researchers began to report a “call center” method of distributing BazarLoader. Actors would send phishing emails with trial subscription-based themes encouraging victims to phone a number to unsubscribe. If a victim called, the actor would answer the phone and direct the victim through a process to infect the computer with BazarLoader. Analysts dubbed this method of infection “BazarCall.” Analyst Comment: This exemplifies social engineering tactics threat actors employ to trick users into installing malware on their machines. All social media users should be cautious when accepting unknown requests to connect, and particularly cautious when receiving communication from unknown users. Even if cal]]> 2021-05-25T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-bizzaro-trojan-expands-to-europe-fake-call-centers-help-spread-bazarloader-malware-toshiba-business-reportedly-hit-by-darkside-ransomware-and-more www.secnews.physaphae.fr/article.php?IdArticle=2835873 False Ransomware,Data Breach,Malware,Hack,Tool,Vulnerability,Threat,Guideline None None Bleeping Computer - Magazine Américain 2021-05-25T14:37:16+00:00 https://www.bleepingcomputer.com/news/security/dominos-india-discloses-data-breach-after-hackers-sell-data-online/ www.secnews.physaphae.fr/article.php?IdArticle=2837258 False Data Breach,Threat None None InformationSecurityBuzzNews - Site de News Securite 2021-05-25T12:20:42+00:00 https://informationsecuritybuzz.com/expert-comments/expert-commentary-on-audio-maker-bose-recent-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2835469 True Ransomware,Data Breach None None