This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-25T20:18:07+00:00 www.secnews.physaphae.fr Ars Technica - Risk Assessment Security Hacktivism Outage occurs on same day as special election, but elections offices remain open.]]> 2024-04-02T23:59:50+00:00 https://arstechnica.com/?p=2014470 www.secnews.physaphae.fr/article.php?IdArticle=8474916 False Ransomware None 2.0000000000000000 Dark Reading - Informationweek Branch UNAPIMON works by meticulously disabling hooks in Windows APIs for detecting malicious processes.]]> 2024-04-02T23:05:39+00:00 https://www.darkreading.com/cyberattacks-data-breaches/china-linked-threat-actor-using-peculiar-malware-to-hide-malicious-activities www.secnews.physaphae.fr/article.php?IdArticle=8474873 False Malware,Threat None 2.0000000000000000 HackRead - Chercher Cyber Par waqas Les pirates trouvent un accès facile aux chambres dans les hôtels à budget IBIS! Ceci est un article de HackRead.com Lire le post original: La vulnérabilité exposée aux codes de chambre à budget IBIS aux pirates

---

>By Waqas Hackers Find Easy Access to Rooms at Ibis Budget Hotels! This is a post from HackRead.com Read the original post: Vulnerability Exposed Ibis Budget Guest Room Codes to Hackers]]> 2024-04-02T22:37:11+00:00 https://www.hackread.com/ibis-budget-guest-room-codes-hacker-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8474870 False Vulnerability None 2.0000000000000000 Korben - Bloger francais 2024-04-02T21:58:41+00:00 https://korben.info/kobold-letters-failles-securite-emails-html.html www.secnews.physaphae.fr/article.php?IdArticle=8474872 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Fortanix is working on technologies to build a security wall around AI search.]]> 2024-04-02T21:12:24+00:00 https://www.darkreading.com/data-privacy/bringing-private-search-for-ai www.secnews.physaphae.fr/article.php?IdArticle=8474983 False None None 2.0000000000000000 TechRepublic - Security News US Discover what industry experts think the events of Q1 mean for the business cyber security landscape in the UK.]]> 2024-04-02T21:03:36+00:00 https://www.techrepublic.com/article/cyber-security-trends-uk/ www.secnews.physaphae.fr/article.php?IdArticle=8474846 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The National Vulnerability Database can\'t keep up, and the agency is calling for a public-private partnership to manage it going forward.]]> 2024-04-02T20:54:44+00:00 https://www.darkreading.com/vulnerabilities-threats/nist-needs-help-digging-out-of-its-vulnerability-backlog www.secnews.physaphae.fr/article.php?IdArticle=8474822 False Vulnerability None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) #### Description Check Point Research has analyzed the latest Linux version (v11) of DinodasRAT, which is a cross-platform backdoor that was observed in attacks by the Chinese threat actor LuoYu. The malware is more mature than the Windows version, with a set of capabilities tailored specifically for Linux servers. The latest version introduces a separate evasion module to hide any traces of malware in the system by proxying and modifying the system binaries\' execution. The malware is installed on Linux servers as a way for the threat actors to gain an additional foothold in the network. DinodasRAT was initially based on the open-source project called SimpleRemoter, a remote access tool based on the Gh0st RAT, but with several additional upgrades. #### Reference URL(s) 1. https://research.checkpoint.com/2024/29676/ #### Publication Date March 31, 2024 #### Author(s) Check Point Research ]]> 2024-04-02T20:33:27+00:00 https://community.riskiq.com/article/57ab8662 www.secnews.physaphae.fr/article.php?IdArticle=8474837 False Malware,Tool,Threat None 2.0000000000000000 Dark Reading - Informationweek Branch The initiative is meant to provide more resources and better strategies for healthcare entities that face an increasing amount of cybersecurity challenges.]]> 2024-04-02T19:52:39+00:00 https://www.darkreading.com/cybersecurity-operations/hhs-plans-for-cyber-one-stop-shop-after-change-healthcare-attack www.secnews.physaphae.fr/article.php?IdArticle=8474799 False Medical None 2.0000000000000000 CyberArk - Software Vendor In the automotive industry’s fast lane, the fusion of digital innovation with vehicular engineering has revolutionized how we manufacture, drive and protect our vehicles. It also helps to ensure our cars are safeguarded against cyber...]]> 2024-04-02T19:52:00+00:00 https://www.cyberark.com/blog/how-secure-is-automotive-digital-identity/ www.secnews.physaphae.fr/article.php?IdArticle=8474796 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Campaign distributes malware disguised as legitimate installers for popular workplace collaboration apps by abusing a traffic-tracking feature.]]> 2024-04-02T19:23:59+00:00 https://www.darkreading.com/cyberattacks-data-breaches/attackers-use-google-ad-feature-to-target-slack-notion-users www.secnews.physaphae.fr/article.php?IdArticle=8474800 False Malware None 2.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Selon nos dernières statistiques des laboratoires de menace pour février 2024, le nombre d'applications cloud a été maltraitée à des fins malveillantes a continué de croître, atteignant un nouveau sommet de 215 en février 2024. Et malgré cela, Onedrive est toujours le suspect habituel, continue d'être leTop application cloud exploitée pour fournir des logiciels malveillants.Menace opportuniste et ciblée [& # 8230;]

---

>According to our latest Threat Labs statistics for February 2024, the number of cloud apps abused for malicious purposes continued to grow, reaching a new high of 215  in February 2024. And despite this, OneDrive is still the usual suspect, continuing to be the top cloud app exploited to deliver malware. Opportunistic and targeted threat […] ]]> 2024-04-02T19:09:58+00:00 https://www.netskope.com/blog/cloud-threats-memo-multiple-legitimate-cloud-storage-services-exploited-to-target-israeli-organizations www.secnews.physaphae.fr/article.php?IdArticle=8474797 False Malware,Threat,Cloud None 3.0000000000000000 Korben - Bloger francais 2024-04-02T18:54:52+00:00 https://korben.info/chrome-revolution-dbsc-contre-vol-cookies.html www.secnews.physaphae.fr/article.php?IdArticle=8474798 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Découvert accidentellement découvert accidentellement Par un ingénieur Microsoft & # 8212; Des semaines avant, il aurait été incorporé à Debian et Red Hat Linux.De arstehnica : Code malveillant ajouté aux versions XZ Utils 5.6.0 et 5.6.1 a modifié la façon dont le logiciel fonctionne.Le SSHD manipulé de la porte dérobée, le fichier exécutable utilisé pour établir des connexions SSH distantes.Toute personne en possession d'une clé de chiffrement prédéterminée pourrait ranger tout code de son choix dans un certificat de connexion SSH, le télécharger et l'exécuter sur l'appareil arrière.Personne n'a réellement vu du code téléchargé, donc il ne sait pas quel code l'attaquant prévoyait d'exécuter.En théorie, le code pourrait permettre à peu près n'importe quoi, y compris le vol de clés de chiffrement ou l'installation de logiciels malveillants ...

---

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica: Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption key could stash any code of their choice in an SSH login certificate, upload it, and execute it on the backdoored device. No one has actually seen code uploaded, so it’s not known what code the attacker planned to run. In theory, the code could allow for just about anything, including stealing encryption keys or installing malware...]]> 2024-04-02T18:50:50+00:00 https://www.schneier.com/blog/archives/2024/04/xz-utils-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8474773 False Malware None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les exigences de déclaration de la cybersécurité et de l'infrastructure \\ de l'agence \\ représentent un changement de mer pour le moment où les entités privées devront signaler les incidents de cybersécurité.

---

>The Cybersecurity and Infrastructure Security Agency\'s reporting requirements represent a sea change for when private entities will have to report cybersecurity incidents. ]]> 2024-04-02T18:48:01+00:00 https://cyberscoop.com/cisa-circia-cyber-incident-reporting/ www.secnews.physaphae.fr/article.php?IdArticle=8474774 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres Freund]]> 2024-04-02T18:48:00+00:00 https://thehackernews.com/2024/04/malicious-code-in-xz-utils-for-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8474644 False None None 3.0000000000000000 HackRead - Chercher Cyber Par uzair amir WEB3 Gaming Platform GOMBLE Games, un spin-off du célèbre studio de jeu \\ '111% \', a maintenant obtenu un total & # 8230; Ceci est un article de HackRead.com Lire la publication originale: Les jeux Goble obtiennent un financement de 10 millions de dollars pour faire avancer la vision du jeu Web3 ambitieuse

---

>By Uzair Amir Web3 gaming platform Gomble Games, a spinoff of the renowned game studio \'111%\', has now secured a total… This is a post from HackRead.com Read the original post: Gomble Games Secures $10M Funding to Advance Ambitious Web3 Gaming Vision]]> 2024-04-02T18:16:01+00:00 https://www.hackread.com/gomble-games-secures-funding-web3-gaming-vision/ www.secnews.physaphae.fr/article.php?IdArticle=8474871 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Rendu par Anuradha et Preksha Introduction Pikabot est une porte dérobée malveillante qui est active depuis le début de 2023. Son modulaire ...

---

> Authored by Anuradha and Preksha Introduction PikaBot is a malicious backdoor that has been active since early 2023. Its modular... ]]> 2024-04-02T18:12:55+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/distinctive-campaign-evolution-of-pikabot-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8474772 False Malware None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Au cours des 30 derniers jours, PowerLoom a généré plus de 250 millions d'instantanés (points de données uniques), avec une augmentation quotidienne à environ 10 millions d'instantanés Ceci est un article de HackRead.com Lire la publication originale: PowerLoom annonce l'expansion à la base lorsqu'elle dépasse 5200 nœuds d'instantané Lite

---

>By Uzair Amir In the last 30 days, Powerloom generated over 250 million snapshots (unique data points), with a daily increase to approximately 10 million snapshots This is a post from HackRead.com Read the original post: Powerloom Announces Expansion to Base as It Surpasses 5200 Snapshotter Lite Nodes]]> 2024-04-02T18:02:40+00:00 https://www.hackread.com/powerloom-expansion-base-surpasses-snapshotter-lite-nodes/ www.secnews.physaphae.fr/article.php?IdArticle=8474750 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The Chinese \'Winnti\' hacking group was found using a previously undocumented malware called UNAPIMON to let malicous processes run without being detected. [...]]]> 2024-04-02T17:59:42+00:00 https://www.bleepingcomputer.com/news/security/winntis-new-unapimon-tool-hides-malware-from-security-software/ www.secnews.physaphae.fr/article.php?IdArticle=8474848 False Malware,Tool None 2.0000000000000000 Recorded Future - FLux Recorded Future L'un des plus grands comtés du Missouri a confirmé mardi qu'il faisait face à une attaque de ransomware présumée affectant les paiements d'impôts et les biens en ligne, les licences de mariage et les recherches de détenus.Jackson County - qui compte 715 000 résidents et qui abrite une partie de Kansas City - a déclaré qu'elle avait "identifié des perturbations importantes au sein de son

---

One of the largest counties in Missouri confirmed on Tuesday that it is dealing with a suspected ransomware attack affecting tax payments and online property, marriage licenses and inmate searches. Jackson County - which has 715,000 residents and is home to part of Kansas City - said it has “identified significant disruptions within its]]> 2024-04-02T17:32:25+00:00 https://therecord.media/kansas-city-missouri-county-suspected-ransomware-attack-tax-payments www.secnews.physaphae.fr/article.php?IdArticle=8474748 False Ransomware None 2.0000000000000000 Recorded Future - FLux Recorded Future YouTube n'a pas réussi à détecter la manipulation et la désinformation dans des dizaines de fausses publicités politiques téléchargées par des chercheurs pour tester la modération de la plate-forme du contenu lié aux élections en Inde.Selon une nouvelle enquête des groupes de défense des droits de l'homme Access Now et Global Witness, YouTube a approuvé chacune des 48 annonces en anglais, en hindi et en telugu, qui contenait

---

YouTube failed to detect manipulation and disinformation in dozens of fake political advertisements uploaded by researchers to test the platform\'s moderation of election-related content in India. According to a new investigation by the human rights groups Access Now and Global Witness, YouTube approved each of 48 ads in English, Hindi, and Telugu, which contained]]> 2024-04-02T17:06:33+00:00 https://therecord.media/youtube-failed-to-block-indian-disinformation-elections www.secnews.physaphae.fr/article.php?IdArticle=8474749 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Contes du krypt , & # 8221;de 1994 à 2003. Il y a beaucoup de choses intéressantes dans les 800 pages de newsletter.Il existe de nombreuses rédactions.Et une revue de 1994 de la cryptographie appliquée par expurgé : La cryptographie appliquée, pour ceux qui ne lisent pas Internet News, est un livre écrit par Bruce Schneier l'année dernière.Selon la veste, Schneier est un expert en sécurité des données avec un diplôme de maître en informatique.Selon ses disciples, il est un héros qui a finalement réuni les fils lâches de la cryptographie pour que le grand public comprenne.Schneier a rassemblé des recherches académiques, des potins sur Internet et tout ce qu'il pouvait trouver sur la cryptographie en un fouillis de 600 pages ...

---

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “Tales of the Krypt,” from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are many redactions. And a 1994 review of Applied Cryptography by redacted: Applied Cryptography, for those who don’t read the internet news, is a book written by Bruce Schneier last year. According to the jacket, Schneier is a data security expert with a master’s degree in computer science. According to his followers, he is a hero who has finally brought together the loose threads of cryptography for the general public to understand. Schneier has gathered academic research, internet gossip, and everything he could find on cryptography into one 600-page jumble...]]> 2024-04-02T17:05:15+00:00 https://www.schneier.com/blog/archives/2024/04/declassified-nsa-newsletters.html www.secnews.physaphae.fr/article.php?IdArticle=8474727 False None None 2.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform CVE-2023-48022 ) dans ]]> 2024-04-02T17:03:04+00:00 https://cloud.google.com/support/bulletins/index#gcp-2024-020 www.secnews.physaphae.fr/article.php?IdArticle=8474728 False Vulnerability,Threat,Cloud None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud solutions are more mainstream – and therefore more exposed – than ever before. In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What\'s more, nearly 40% of breaches spanned multiple cloud environments. The average cost of a cloud breach was above the overall average, at $4.75 million. In a time where cloud has become the de facto]]> 2024-04-02T16:57:00+00:00 https://thehackernews.com/2024/04/harnessing-power-of-ctem-for-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8474584 False Cloud None 3.0000000000000000 HackRead - Chercher Cyber Par cyber navre Washington, DC, États-Unis, 2 avril 2024, CyberNewswire Authentic8, fournisseur de la principale plateforme de recherche OSINT Silo pour & # 8230; Ceci est un article de HackRead.com Lire le post original: Authentic8 lance le programme Silo Shield pour protéger les communautés à haut risque en partenariat avec CISA

---

>By Cyber Newswire Washington, DC, United States, April 2nd, 2024, CyberNewsWire Authentic8, provider of the leading OSINT research platform Silo for… This is a post from HackRead.com Read the original post: Authentic8 launches Silo Shield program to protect high-risk communities in partnership with CISA]]> 2024-04-02T16:34:06+00:00 https://www.hackread.com/authentic8-launches-silo-shield-program-to-protect-high-risk-communities-in-partnership-with-cisa/ www.secnews.physaphae.fr/article.php?IdArticle=8474723 False None None 2.0000000000000000 The Register - Site journalistique Anglais Nothing says \'sorry\' like 10 percent off shipping for a month Ecommerce platform Pandabuy has apologized after two cybercriminals were spotted hawking personal data belonging to 1.3 million customers.…]]> 2024-04-02T16:30:08+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/02/pandabuy_admits_to_data_breach/ www.secnews.physaphae.fr/article.php?IdArticle=8474722 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today. "It has been observed to]]> 2024-04-02T16:30:00+00:00 https://thehackernews.com/2024/04/china-linked-hackers-deploy-new.html www.secnews.physaphae.fr/article.php?IdArticle=8474613 False Malware,Threat,Prediction None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The telecommunications giant said that the published dataset comprises information from 2019 or earlier]]> 2024-04-02T16:30:00+00:00 https://www.infosecurity-magazine.com/news/atandt-confirms-73m-customer-data/ www.secnews.physaphae.fr/article.php?IdArticle=8474724 False Data Breach None 2.0000000000000000 Recorded Future - FLux Recorded Future Google s'est engagé à détruire ou à désidentifier les grandes quantités de données de navigation Web recueillies auprès des utilisateurs en mode incognito dans le cadre d'un règlement de recours collectif de classe déposé lundi.Selon les termes du règlement proposé, Google désactivera ou supprimera les milliards de dossiers de données qu'il a collectés auprès des utilisateurs qui pensaient être

---

Google committed to destroying or de-identifying vast amounts of web browsing data gathered from users in Incognito mode as part of a landmark class-action lawsuit settlement filed Monday. Under the terms of the proposed settlement, Google will de-identify or delete the billions of data records it has collected from users who thought they were]]> 2024-04-02T16:24:25+00:00 https://therecord.media/google-to-delete-web-browsing-records-to-resolve-lawsuit www.secnews.physaphae.fr/article.php?IdArticle=8474720 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Le Software Security à but non lucratif Open Worldwide Application Security Project (OWASP) a averti que ses membres d'une éventuelle violation de données affectant potentiellement toute personne membre de l'organisation de 2006 à 2014. & NBSP;Vendredi, la fondation a publié un avis expliquant que fin février, il a pris conscience d'un ancien serveur wiki qui

---

The software security nonprofit Open Worldwide Application Security Project (OWASP) has warned its members of a possible data breach potentially affecting anyone who was a member of the organization from 2006 to 2014.  The foundation published an advisory on Friday explaining that in late February it became aware of an old Wiki server that]]> 2024-04-02T16:15:29+00:00 https://therecord.media/owasp-foundation-warns-of-data-breach-resumes www.secnews.physaphae.fr/article.php?IdArticle=8474721 False Data Breach None 2.0000000000000000 Silicon - Site de News Francais 2024-04-02T15:54:32+00:00 https://www.silicon.fr/data-quality-magic-quadrant-2024-477370.html www.secnews.physaphae.fr/article.php?IdArticle=8474692 False Commercial None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-04-02T15:53:25+00:00 https://www.globalsecuritymag.fr/veracode-acquiert-longbow-security.html www.secnews.physaphae.fr/article.php?IdArticle=8474696 False Cloud None 2.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-04-02T15:47:27+00:00 https://www.globalsecuritymag.fr/la-chine-liee-a-des-cyberattaques-britanniques-contre-les-donnees-des-electeurs.html www.secnews.physaphae.fr/article.php?IdArticle=8474697 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Kaspersky said cybercriminals harvested 50.9 login credentials per infected device in 2023]]> 2024-04-02T15:45:00+00:00 https://www.infosecurity-magazine.com/news/sevenfold-increase-data-theft-cases/ www.secnews.physaphae.fr/article.php?IdArticle=8474695 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Delinea Completes Acquisition of Fastpath, Modernizing Identity Security with Intelligent Authorization to Keep Data Secure - Business News]]> 2024-04-02T15:44:31+00:00 https://www.globalsecuritymag.fr/delinea-completes-acquisition-of-fastpath.html www.secnews.physaphae.fr/article.php?IdArticle=8474698 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A backdoor in XZ Utils, a widely used file-compressing software in Linux systems, could have led to a critical supply chain attack had a Microsoft researcher not spotted it in time]]> 2024-04-02T15:00:00+00:00 https://www.infosecurity-magazine.com/news/backdoor-xz-utils-linux-open-source/ www.secnews.physaphae.fr/article.php?IdArticle=8474667 False None None 2.0000000000000000 McAfee Labs - Editeur Logiciel Avec la montée des outils d'IA bon marché et faciles à utiliser, les attaques Deepfake se retrouvent également à la hausse.Comme ça ...

---

> With the rise of cheap and easy-to-use AI tools, deepfake attacks find themselves likewise on the rise. Startling as that... ]]> 2024-04-02T14:41:57+00:00 https://www.mcafee.com/blogs/tips-tricks/are-you-a-victim-of-a-deepfake-attack-heres-what-to-do-next/ www.secnews.physaphae.fr/article.php?IdArticle=8474669 False Tool None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Research by: Antonis Terefos, Raman Ladutska Part I from the series E-Crime & Punishment Introduction When considering a notoriously famous topic known for quite a long time, it may feel like there is nothing new to add to this area anymore ­­– all paths traced, all words said, all “i”s dotted. Is it worth an […] ]]> 2024-04-02T14:26:57+00:00 https://research.checkpoint.com/2024/agent-tesla-targeting-united-states-and-australia/ www.secnews.physaphae.fr/article.php?IdArticle=8474668 False None None 2.0000000000000000 Dark Reading - Informationweek Branch It\'s critical for security teams to stay vigilant not only when it comes to major security issues, but also with minor lags in security best practice.]]> 2024-04-02T14:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/instilling-hacker-mindset-organizationwide www.secnews.physaphae.fr/article.php?IdArticle=8474641 False None None 3.0000000000000000 The Register - Site journalistique Anglais 2024-04-02T13:30:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/02/rubrik_files_for_ipo/ www.secnews.physaphae.fr/article.php?IdArticle=8474640 False None None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Clearpool lance des coffrets de crédit sur Avalanche, offrant une solution de crédit en chaîne avec un soutien d'actifs réel, marquant une étape importante dans le fait de combler la finance traditionnelle et de défi grâce à des partenariats avec des entreprises comme Banxa. Ceci est un article de HackRead.com Lire le post original: Clearpool s'étend à Avalanche avec une entreprise de fintech répertoriée lançant le premier crédit de crédit

---

>By Uzair Amir Clearpool launches Credit Vaults on Avalanche, offering an on-chain credit solution with real-world asset backing, marking a significant step in bridging traditional finance and DeFi through partnerships with firms like Banxa. This is a post from HackRead.com Read the original post: Clearpool Expands to Avalanche with Listed Fintech Firm Launching First Credit Vault]]> 2024-04-02T13:19:14+00:00 https://www.hackread.com/clearpool-debuts-avalanche-fintech-credit-vault-launch/ www.secnews.physaphae.fr/article.php?IdArticle=8474642 False None None 2.0000000000000000 ProofPoint - Firm Security 2024-04-02T13:04:07+00:00 https://www.proofpoint.com/us/newsroom/press-releases/proofpoint-named-overall-leader-kuppingercole-leadership-compass-email www.secnews.physaphae.fr/article.php?IdArticle=8474847 False None None 2.0000000000000000 Palo Alto Network - Site Constructeur Découvrez comment l'IA a un impact sur la détection des menaces, la réponse aux incidents et la gestion des risques et découvrez les stratégies d'intégration d'IA sécurisée.

---

>Discover how AI impacts threat detection, incident response and risk management, and learn about strategies for secure AI integration. ]]> 2024-04-02T13:00:59+00:00 https://www.paloaltonetworks.com/blog/2024/04/ai-cybersecurity-and-large-language-models/ www.secnews.physaphae.fr/article.php?IdArticle=8474608 False Threat None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Les résultats clés de l'IA sont déjà largement utilisés dans les campagnes électorales du monde entier.Deepfakes et le clonage de voix ont été employés aux élections dans trois lieux principaux: par des candidats à l'auto-promotion.Par les candidats pour attaquer et diffamer les opposants politiques.Par les acteurs étrangers de l'État-nation de diffamer des candidats spécifiques.Les matériaux DeepFake (convaincant l'audio, la vidéo et les images générés par l'IA qui simulent ou modifient de manière trompeuse l'apparence, la voix ou les actions des candidats politiques) sont souvent diffusés peu de temps avant les dates électorales pour limiter la possibilité aux vérificateurs de faits de répondre.Les réglementations qui interdisent la discussion politique sur les médias grand public dans les heures qui ont précédé les élections, permettent de fausses nouvelles incontestées à [& # 8230;]

---

>Key Findings  AI is already extensively utilized in election campaigns worldwide. Deepfakes and voice cloning have been employed in elections in three main venues: By candidates for self-promotion. By candidates to attack and defame political opponents. By foreign nation-state actors to defame specific candidates. Deepfake materials (convincing AI-generated audio, video, and images that deceptively fake or alter the appearance, voice, or actions of political candidates) are often disseminated shortly before election dates to limit the opportunity for fact-checkers to respond. Regulations which ban political discussion on mainstream media in the hours leading up to elections, allow unchallenged fake news to […] ]]> 2024-04-02T13:00:32+00:00 https://blog.checkpoint.com/research/beyond-imagining-how-ai-is-actively-used-in-election-campaigns-around-the-world/ www.secnews.physaphae.fr/article.php?IdArticle=8474614 False None None 2.0000000000000000 HackRead - Chercher Cyber Par cyber navre Le membre du Congrès Swalwell s'associe à Wolfsbane.ai, en utilisant Advanced Tech pour protéger sa campagne en 2024 à partir de l'IA Deepfakes et de sauvegarder l'intégrité électorale. Ceci est un article de HackRead.com Lire le message original: Swalwell for Congress Campaign avec wolfsbane.ai contre le clonage généré par AI

---

>By Cyber Newswire Congressman Swalwell partners with Wolfsbane.ai, using advanced tech to shield his 2024 campaign from AI deepfakes and safeguard election integrity. This is a post from HackRead.com Read the original post: Swalwell for Congress Campaign with Wolfsbane.ai Against AI-Generated Cloning]]> 2024-04-02T13:00:23+00:00 https://www.hackread.com/swalwell-wolfsbane-ai-against-ai-generated-cloning/ www.secnews.physaphae.fr/article.php?IdArticle=8474643 False None None 2.0000000000000000 HackRead - Chercher Cyber Par cyber navre Los Angeles, États-Unis, le 2 avril 2024, Cyberwire Today, membre du Congrès Eric Swalwell, CA-14, a annoncé qu'il s'était associé & # 8230; Ceci est un article de HackRead.com Lire le post original: Swalwell pour la campagne du Congrès s'associe à Wolfsbane.ai pour protéger contre l'IA généré de clonage

---

>By Cyber Newswire Los Angeles, United States, April 2nd, 2024, Cyberwire Today, Congressman Eric Swalwell, CA-14, announced that he has partnered… This is a post from HackRead.com Read the original post: Swalwell for Congress Campaign Partners with Wolfsbane.ai to Protect Against AI Generated Cloning]]> 2024-04-02T13:00:23+00:00 https://www.hackread.com/swalwell-for-congress-campaign-partners-with-wolfsbane-ai-to-protect-against-ai-generated-cloning/ www.secnews.physaphae.fr/article.php?IdArticle=8474611 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Souleveillance La recherche sur le point de contrôle (RCR) a découvert trois campagnes malveillantes récentes de l'un des logiciels malveillants les plus répandus du marché & # 8211;Agent Tesla.These operations were aimed against US and Australian organizations and exploited the topics of goods purchasing and order delivery as their lures Upon investigation, we discovered that these threat actors had a database of 62,000 emails, including individuals and organizations from different spheres Apart from campaigns originating fromvictimes des entreprises, le groupe maintient un grand nombre de serveurs, qui sont utilisés pour la protection de leur identité malgré les efforts des acteurs de la menace pour maintenir leur anonymat, [& # 8230;]

---

Highlights Check Point Research (CPR) uncovered three recent malicious campaigns of one of the most prevalent malware in the market – Agent Tesla. These operations were aimed against US and Australian organizations and exploited the topics of goods purchasing and order delivery as their lures Upon investigation, we discovered that these threat actors had a database of 62,000 emails, including individuals and organizations from different spheres Apart from campaigns originating from victims of companies, the group maintains a large number of servers, which are used for protection of their identity Despite the efforts of threat actors to keep their anonymity, […] ]]> 2024-04-02T13:00:04+00:00 https://blog.checkpoint.com/research/agent-tesla-targeting-united-states-australia-revealing-the-attackers-identities/ www.secnews.physaphae.fr/article.php?IdArticle=8475273 False Malware,Threat None 2.0000000000000000 Security Intelligence - Site de news Américain Dans de nombreuses organisations, le directeur de la sécurité de l'information (CISO) se concentre principalement & # 8212;et parfois exclusivement & # 8212;sur la cybersécurité.Cependant, avec les menaces sophistiquées d'aujourd'hui et le paysage des menaces évolutives, les entreprises changent de nombreux rôles & # 8217;Responsabilités et élargir le rôle du CISO est à la pointe de ces changements.Selon Gartner, la pression réglementaire et l'expansion de la surface d'attaque seront [& # 8230;]

---

>In many organizations, the Chief Information Security Officer (CISO) focuses mainly — and sometimes exclusively — on cybersecurity. However, with today’s sophisticated threats and evolving threat landscape, businesses are shifting many roles’ responsibilities, and expanding the CISO’s role is at the forefront of those changes. According to Gartner, regulatory pressure and attack surface expansion will […] ]]> 2024-04-02T13:00:00+00:00 https://securityintelligence.com/articles/ciso-role-evolution/ www.secnews.physaphae.fr/article.php?IdArticle=8474637 False Threat None 2.0000000000000000 Fortinet - Fabricant Materiel Securite Explore the different levels of the platform concept to help you determine what\'s right for you. Read more.]]> 2024-04-02T13:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/step-into-the-platform-era www.secnews.physaphae.fr/article.php?IdArticle=8474638 False None None 2.0000000000000000 HackRead - Chercher Cyber Par waqas Les autorités indiennes sauvent des centaines de trafic pour la cybercriminalité au Cambodge.Les victimes attirées par de faux emplois, forcés de travailler dans & # 8230; Ceci est un article de HackRead.com Lire le post original: des centaines de centaines de centaines de centaines de centaines de centaines deLes Indiens se sont sauvés des gangs cambodgiens de la cybercriminalité

---

>By Waqas Indian authorities rescue hundreds trafficked for cybercrime in Cambodia. Victims lured by false jobs, forced to work in… This is a post from HackRead.com Read the original post: Hundreds of Indians Rescued from Cambodian Cybercrime Gangs]]> 2024-04-02T12:50:52+00:00 https://www.hackread.com/indians-rescued-cambodian-cybercrime-gangs/ www.secnews.physaphae.fr/article.php?IdArticle=8474612 False None None 2.0000000000000000 Korben - Bloger francais 2024-04-02T12:39:22+00:00 https://korben.info/faille-securite-terminaux-check-in-ibis-codes-acces-chambres-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8474639 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to purge billions of data records reflecting users\' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser. The class action, filed in 2020, alleged the company misled users by tracking their internet browsing activity who thought that it remained private when using the "]]> 2024-04-02T12:38:00+00:00 https://thehackernews.com/2024/04/google-to-delete-billions-of-browsing.html www.secnews.physaphae.fr/article.php?IdArticle=8474472 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-04-02T12:17:45+00:00 https://www.silicon.fr/llm-cobol-benchmark-477364.html www.secnews.physaphae.fr/article.php?IdArticle=8474610 False None None 4.0000000000000000 The Register - Site journalistique Anglais Victims of the powerful surveillance tool will soon find out the truth Former Polish government officials may face criminal charges following an investigation into their use of the notorious spyware Pegasus to surveil political opponents and others.…]]> 2024-04-02T12:00:11+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/02/polish_pegasus_inquiry/ www.secnews.physaphae.fr/article.php?IdArticle=8474581 False Tool None 2.0000000000000000 Dark Reading - Informationweek Branch Ransomware groups tore into manufacturing other parts of the OT sector in 2023, and a few attacks caused eight- and nine-figure damages. But worse is yet to come in 2024.]]> 2024-04-02T12:00:00+00:00 https://www.darkreading.com/ics-ot-security/cyberattacks-wreaking-physical-disruption-on-the-rise www.secnews.physaphae.fr/article.php?IdArticle=8474583 False Ransomware,Industrial None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Auteur: Yoav Arad Pinkas Clé des résultats du fond 2024 devrait être un moment central pour les processus démocratiques dans le monde, alors que plus de 2 milliards d'individus dans 50 pays se préparent à voter lors des élections.Cette vague électorale mondiale comprend des pays comme les États-Unis, l'Inde, le Mexique, le Parlement européen et l'Afrique du Sud, après des bulletins de vote importants [& # 8230;]

---

>Author: Yoav Arad Pinkas Key Findings Background 2024 is expected to be a pivotal moment for democratic processes worldwide, as over 2 billion individuals in 50 nations prepare to cast their ballots in elections. This global electoral wave includes countries such as the United States, India, Mexico, the European Parliament, and South Africa, following significant ballots […] ]]> 2024-04-02T12:00:00+00:00 https://research.checkpoint.com/2024/beyond-imagining-how-ai-is-actively-used-in-election-campaigns-around-the-world/ www.secnews.physaphae.fr/article.php?IdArticle=8474586 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Russia\'s Prosecutor General\'s Office has announced the indictment of six suspected "hacking group" members for using malware to steal credit card and payment information from foreign online stores. [...]]]> 2024-04-02T11:37:08+00:00 https://www.bleepingcomputer.com/news/security/russia-charges-suspects-behind-theft-of-160-000-credit-cards/ www.secnews.physaphae.fr/article.php?IdArticle=8474694 False Malware None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Non-profit organization MITRE announced Monday that its Engage team has introduced new mappings for techniques from the ATT&CK... ]]> 2024-04-02T11:26:02+00:00 https://industrialcyber.co/ics-security-framework/new-mitre-engage-mappings-released-for-attck-for-ics-attck-for-mobile/ www.secnews.physaphae.fr/article.php?IdArticle=8474585 False Mobile,Industrial None 2.0000000000000000 The Register - Site journalistique Anglais This follows attack on NHS services in Scotland last week The cyber skids at INC Ransom are claiming responsbility for the ongoing cybersecurity incident at Leicester City Council, according to a post caught by eagle-eyed infosec watchers.…]]> 2024-04-02T11:15:14+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/02/inc_ransom_leicester_council/ www.secnews.physaphae.fr/article.php?IdArticle=8474582 False None None 2.0000000000000000 Global Security Mag - Site de news francais opinion

---

Cybersecurity On A Budget: How Small Businesses Can Keep Safe How To Maximize Security While Minimizing Costs For Your Small Business - Opinion]]> 2024-04-02T11:06:01+00:00 https://www.globalsecuritymag.fr/cybersecurity-on-a-budget-how-small-businesses-can-keep-safe.html www.secnews.physaphae.fr/article.php?IdArticle=8474556 False None None 3.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

LogRhythm Unveils Advanced Capabilities for Cloud-Native SIEM Platform, LogRhythm Axon LogRhythm\'s 8th Quarterly Release Enhances Global Security Communication and Collaboration - Product Reviews]]> 2024-04-02T11:03:18+00:00 https://www.globalsecuritymag.fr/logrhythm-unveils-advanced-capabilities-for-cloud-native-siem-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8474557 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-04-02T11:01:23+00:00 https://www.globalsecuritymag.fr/keeper-security-annonce-la-prise-en-charge-des-passkey-sur-les-appareils.html www.secnews.physaphae.fr/article.php?IdArticle=8474558 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Advancing Cloud-Native Application Security: Veracode Connects Security from Code to Cloud with the Acquisition of Longbow Security Organizations Accelerate Application Risk Management Through Effective Prioritization and Security Debt Reduction - Business News]]> 2024-04-02T10:56:12+00:00 https://www.globalsecuritymag.fr/veracode-annouced-the-acquisition-of-longbow-security.html www.secnews.physaphae.fr/article.php?IdArticle=8474559 False Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094. [...]]]> 2024-04-02T10:33:51+00:00 https://www.bleepingcomputer.com/news/security/new-xz-backdoor-scanner-detects-implant-in-any-linux-binary/ www.secnews.physaphae.fr/article.php?IdArticle=8474666 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as TA558 has been attributed to a new massive phishing campaign that targets a wide range of sectors in Latin America with the goal of deploying Venom RAT. The attacks primarily singled out hotel, travel, trading, financial, manufacturing, industrial, and government verticals in Spain, Mexico, United States, Colombia, Portugal, Brazil, Dominican Republic, and]]> 2024-04-02T10:24:00+00:00 https://thehackernews.com/2024/04/massive-phishing-campaign-strikes-latin.html www.secnews.physaphae.fr/article.php?IdArticle=8474426 False Threat,Industrial None 3.0000000000000000 IT Security Guru - Blog Sécurité insigne expert: Pourquoi les femmes estiment-elles que la cybersécurité n'est pas pour elles? C'est apparu pour la première fois sur gourou de la sécurité informatique .

---

Women represent only 30% of the global cybersecurity workforce, reflecting a slow growth rate and pervasive social inequalities. As we witness a concerning increase in cyber harm and a widening skills gap within the industry, it becomes imperative to engage more women in cybersecurity. Diversity is not merely a desirable trait; it\'s a fundamental necessity […] The post Expert Insight: Why do women feel cybersecurity isn\'t for them? first appeared on IT Security Guru. ]]> 2024-04-02T10:21:22+00:00 https://www.itsecurityguru.org/2024/04/02/expert-insight-why-do-women-feel-cybersecurity-isnt-for-them/?utm_source=rss&utm_medium=rss&utm_campaign=expert-insight-why-do-women-feel-cybersecurity-isnt-for-them www.secnews.physaphae.fr/article.php?IdArticle=8474551 False None None 3.0000000000000000 SecurityWeek - Security News Prudential Financial dit que les noms, les adresses et les numéros d'identification de plus de 36 000 ont été volés dans une violation de données de février.

---

>Prudential Financial says the names, addresses, and ID numbers of over 36,000 were stolen in a February data breach. ]]> 2024-04-02T10:10:29+00:00 https://www.securityweek.com/36000-impacted-by-prudential-financial-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8474554 False Data Breach None 2.0000000000000000 IT Security Guru - Blog Sécurité La sécurité du gardien annonce le soutien du clé de passe sur le soutien du clé de pass sur laLes appareils mobiles sont apparus pour la première fois sur gourou de la sécurité informatique .

---

Today, password management leaders Keeper Security have announced support for passkey management on iOS and Android mobile devices. With Keeper, passkeys are created, stored and managed in the Keeper Vault, and can be used to log in to websites and applications across all browsers and operating systems with ease. As long as you have access […] The post Keeper Security Announces Passkey Support on Mobile Devices first appeared on IT Security Guru. ]]> 2024-04-02T10:07:32+00:00 https://www.itsecurityguru.org/2024/04/02/keeper-security-announces-passkey-support-on-mobile-devices/?utm_source=rss&utm_medium=rss&utm_campaign=keeper-security-announces-passkey-support-on-mobile-devices www.secnews.physaphae.fr/article.php?IdArticle=8474552 False Mobile None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC A Noida woman was duped out of over Rs 11 lakh (approximately $13,500 USD) in a digital arrest scam. The scammers, posing as police officers, convinced her that her identity was used in illicit activities and her involvement carried severe legal ramifications. Through prolonged interrogation on a video call, they led her to transfer the funds under the guise of protection. Case II: A 23-year-old woman was defrauded of Rs 2.5 lakh (approximately $3,000 USD) after fraudsters convinced her that her Aadhaar card details were linked to human trafficking activities. Facing threats of arrest and social humiliation, she was coerced into transferring money]]> 2024-04-02T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/digital-arrests-the-new-frontier-of-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=8474670 False Vulnerability,Threat,Legislation,Prediction,Cloud None 2.0000000000000000 SecurityWeek - Security News La Fondation OWASP indique qu'une mauvaise configuration du wiki exposée curriculum vitae déposée il y a plus d'une décennie par les aspirants membres.

---

>The OWASP Foundation says a wiki misconfiguration exposed resumes filed over a decade ago by aspiring members. ]]> 2024-04-02T09:55:32+00:00 https://www.securityweek.com/owasp-data-breach-caused-by-server-misconfiguration/ www.secnews.physaphae.fr/article.php?IdArticle=8474555 False Data Breach None 3.0000000000000000 Zataz - Magazine Francais de secu 2024-04-02T09:53:39+00:00 https://www.zataz.com/reflechissez-bien-avant-de-transferer-les-identites-de-vos-utilisateurs-vers-le-cloud/ www.secnews.physaphae.fr/article.php?IdArticle=8474524 False Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Les événements de Global Security Mag / affiche]]> 2024-04-02T09:51:22+00:00 https://www.globalsecuritymag.fr/appel-a-communication-15eme-edition-des-gsdays-28-janvier-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8474528 False Conference None 3.0000000000000000 Zataz - Magazine Francais de secu 2024-04-02T09:45:18+00:00 https://www.zataz.com/comment-une-entreprise-peut-elle-se-proteger-contre-les-attaques-informatiques/ www.secnews.physaphae.fr/article.php?IdArticle=8474525 False None None 1.00000000000000000000 Silicon - Site de News Francais 2024-04-02T09:37:44+00:00 https://www.silicon.fr/associations-dsi-broadcom-477361.html www.secnews.physaphae.fr/article.php?IdArticle=8474527 False None None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-02T09:34:09+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/proofpoint-leader-kuppingercole-leadership-compass-email-security www.secnews.physaphae.fr/article.php?IdArticle=8474609 False Data Breach,Malware,Threat,Mobile,Commercial None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET There is more to some images than meets the eye – their seemingly innocent façade can mask a sinister threat.]]> 2024-04-02T09:30:00+00:00 https://www.welivesecurity.com/en/malware/malware-hiding-in-pictures-more-likely-than-you-think/ www.secnews.physaphae.fr/article.php?IdArticle=8485913 False Malware,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Hundreds of Indians forced into cybercrime by Cambodian gangs have been rescued]]> 2024-04-02T09:30:00+00:00 https://www.infosecurity-magazine.com/news/indian-rescue-hundreds-trafficked/ www.secnews.physaphae.fr/article.php?IdArticle=8474526 False None None 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2024-04-02T09:19:13+00:00 https://www.globalsecuritymag.fr/le-chiffre-du-jour-10-des-cyberattaques-nationales-concernent-des.html www.secnews.physaphae.fr/article.php?IdArticle=8474529 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine FTC figures reveal a three-fold increase in losses from impersonation scams over the past three years]]> 2024-04-02T09:00:00+00:00 https://www.infosecurity-magazine.com/news/impersonation-scams-net-fraudsters/ www.secnews.physaphae.fr/article.php?IdArticle=8474498 False None None 3.0000000000000000 ProofPoint - Firm Security 2024-04-02T08:56:31+00:00 https://www.proofpoint.com/us/newsroom/news/hope-not-strategy-cyber-leaders-real-keys-executing-defense-depth-strategy www.secnews.physaphae.fr/article.php?IdArticle=8476718 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. administration recently announced that the White House Office of Management and Budget (OMB) is issuing its... ]]> 2024-04-02T08:51:53+00:00 https://industrialcyber.co/ai/white-house-issues-policy-on-ai-risk-mitigation-and-benefits-in-line-with-president-bidens-executive-order/ www.secnews.physaphae.fr/article.php?IdArticle=8474501 False None None 3.0000000000000000 SecurityWeek - Security News MarineMax confirme une violation de données à la suite d'une récente attaque de ransomware, les attaquants affirmant avoir obtenu 180 000 fichiers.

---

>MarineMax confirms suffering a data breach as a result of a recent ransomware attack, with the attackers claiming to have obtained 180,000 files.  ]]> 2024-04-02T08:41:20+00:00 https://www.securityweek.com/boat-dealer-marinemax-confirms-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8474500 False Ransomware,Data Breach None 3.0000000000000000 Zataz - Magazine Francais de secu 2024-04-02T08:36:14+00:00 https://www.zataz.com/wallix-sengage-aupres-de-docaposte/ www.secnews.physaphae.fr/article.php?IdArticle=8474496 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-04-02T08:35:12+00:00 https://www.silicon.fr/microsoft-mondialise-decouplage-teams-office-365-477354.html www.secnews.physaphae.fr/article.php?IdArticle=8474499 False None None 2.0000000000000000 Global Security Mag - Site de news francais vulnérabilité de sécurité

---

An attacker can create a memory leak of GIFLIB, via DumpScreen2RGB(), in order to trigger a denial of service. - Security Vulnerability]]> 2024-04-02T08:11:28+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-giflib-memory-leak-via-dumpscreen2rgb-analyzed.html www.secnews.physaphae.fr/article.php?IdArticle=8474474 False Vulnerability None 2.0000000000000000 Wired Threat Level - Security News Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.]]> 2024-04-02T08:00:00+00:00 https://www.wired.com/story/xz-backdoor-everything-you-need-to-know/ www.secnews.physaphae.fr/article.php?IdArticle=8474471 False None None 2.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-04-02T07:54:31+00:00 https://www.globalsecuritymag.fr/axians-s-associe-a-la-plateforme-pour-former-ses-futurs-experts-en.html www.secnews.physaphae.fr/article.php?IdArticle=8474475 False None None 2.0000000000000000 Data Security Breach - Site de news Francais 2024-04-02T07:18:22+00:00 https://www.datasecuritybreach.fr/enjeu-email-powermail/ www.secnews.physaphae.fr/article.php?IdArticle=8474515 False None None 2.0000000000000000 Korben - Bloger francais 2024-04-02T07:00:00+00:00 https://korben.info/stickerbaker-generez-stickers-personnalises-ia.html www.secnews.physaphae.fr/article.php?IdArticle=8474473 False None None 3.0000000000000000 Dark Reading - Informationweek Branch How security teams in the region fortify their defenses amid short-staffing - and increased DDoS, phishing, and ransomware campaigns - during the Muslim holy month.]]> 2024-04-02T05:00:00+00:00 https://www.darkreading.com/cyber-risk/cyber-threats-intensify-in-middle-east-during-ramadan www.secnews.physaphae.fr/article.php?IdArticle=8474402 False Ransomware None 2.0000000000000000 The State of Security - Magazine Américain On an ordinary day, you\'re casually surfing the web and downloading some PDF files. The document icons seem pretty legitimate, so you click without a second thought. But, to your surprise, nothing happens. A closer look reveals that what you believed to be a harmless PDF was, in fact, an executable file. Panic sets in as your settings lock up, and even accessing the task manager becomes impossible. Unknown pop-ups invade your screen, telltale signs of malware execution. Regret washes over you as you realize the consequences of your unintentional actions. Now, the question looms: What should be...]]> 2024-04-02T02:56:58+00:00 https://www.tripwire.com/state-of-security/oops-malware-now-what-dealing-accidental-malware-execution www.secnews.physaphae.fr/article.php?IdArticle=8474468 False Malware None 3.0000000000000000 The State of Security - Magazine Américain The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) was published in 2014 for the purpose of providing cybersecurity guidance for organizations in critical infrastructure. In the intervening years, much has changed about the threat landscape, the kinds of technology that organizations use, and the ways that operational technology (OT) and information technology (IT) work and interact. In an effort to update NIST CSF for a broader and more current audience, the agency has finalized and released CSF 2.0 , the first major change to the CSF. There are extensive...]]> 2024-04-02T02:56:47+00:00 https://www.tripwire.com/state-of-security/whats-new-nists-cybersecurity-framework-20 www.secnews.physaphae.fr/article.php?IdArticle=8474469 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Common Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.]]> 2024-04-02T01:31:32+00:00 https://www.darkreading.com/vulnerabilities-threats/funding-the-organizations-that-secure-the-internet www.secnews.physaphae.fr/article.php?IdArticle=8474693 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Prudential Insurance - l'un des plus grands assureurs des États-Unis - a déclaré que les pirates ont volé les informations sensibles de plus de 36 000 lors d'un incident de février.Vendredi, dans un dossier de dépôt auprès des régulateurs du Maine, la société a déclaré avoir détecté un accès non autorisé le 5 février, ce qui a incité une enquête. & NBSP;«Grâce à l'enquête, nous avons appris

---

Prudential Insurance - one of the largest insurers in the United States - said hackers stole the sensitive information of more than 36,000 during a February incident. In a filing on Friday with regulators in Maine, the company said it detected unauthorized access on February 5, prompting an investigation.  “Through the investigation, we learned]]> 2024-04-02T00:50:52+00:00 https://therecord.media/prudential-discloses-new-information-from-february-incident www.secnews.physaphae.fr/article.php?IdArticle=8474317 False None None 2.0000000000000000 TrendMicro - Security Firm Blog This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we\'ve discovered and dubbed UNAPIMON.]]> 2024-04-02T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/d/earth-freybug.html www.secnews.physaphae.fr/article.php?IdArticle=8474424 False Malware None 2.0000000000000000 Microsoft - Microsoft Security Response Center Meet Derrick, a Senior Program Manager on the Operational Threat Intelligence team at Microsoft. Derrick\'s role involves understanding and roadmapping the complete set of tools that Threat Intel analysts use to collect, analyze, process, and disseminate threat intelligence across Microsoft. Derrick\'s love of learning and his natural curiosity led him to a career in technology and ultimately, to his current role at Microsoft.]]> 2024-04-02T00:00:00+00:00 https://msrc.microsoft.com/blog/2024/04/embracing-innovation-derricks-transition-from-banking-to-microsofts-threat-intelligence-team/ www.secnews.physaphae.fr/article.php?IdArticle=8475364 False Tool,Threat None 2.0000000000000000 HackRead - Chercher Cyber Par waqas Alerte de porte dérobée critique!Patch XZ utilise maintenant (CVE-2024-3094) & # 38;Sécurisez votre système Linux.Découvrez comment une porte dérobée cachée & # 8230; Ceci est un article de HackRead.com Lire la publication originale: Backdoor découverte dans XZ Utils: Patchez vos systèmes maintenant (CVE-2024-3094)

---

>By Waqas Critical Backdoor Alert! Patch XZ Utils Now (CVE-2024-3094) & Secure Your Linux System. Learn how a hidden backdoor… This is a post from HackRead.com Read the original post: Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)]]> 2024-04-01T23:17:59+00:00 https://www.hackread.com/xz-utils-backdoor-patch-systems-cve-2024-3094/ www.secnews.physaphae.fr/article.php?IdArticle=8474294 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.]]> 2024-04-01T22:18:59+00:00 https://www.darkreading.com/application-security/microsoft-adds-tools-for-protecting-against-prompt-injection-other-threats-in-azure-ai www.secnews.physaphae.fr/article.php?IdArticle=8474272 False Tool None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) [Consultez la rédaction de Microsoft \\ sur les voleurs d'informations ici.] (Https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6?)?) > [Découvrez les rapports OSINT précédents sur Rhadamanthys ici.] (Https://sip.security.microsoft.com/intel-explorer/articles/463afcea) #### URL de référence (s) 1. https://asec.ahnlab.com/en/63477/ #### Date de publication 31 mars 2024 #### Auteurs) Ahnlab Security Intelligence Center

---

#### Description AhnLab Security Intelligence Center (ASEC) discovered Rhadamanthys, an information stealer malware, using Google Ads tracking to distribute itself, posing as installers for popular groupware like Notion and Slack. The malware downloads malicious files after installation, often distributed through Inno Setup or NSIS installers. The attackers utilized Google Ads tracking to lead users to a malicious site, taking advantage of the platform\'s ability to insert external analytic website addresses. Clicking on the ads redirected users to a site tricking them into downloading the malware, ultimately injecting the Rhadamanthys malware into legitimate Windows files for data theft. >[Check out Microsoft\'s write-up on Information Stealers here.](https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6?) >[Check out previous OSINT reporting on Rhadamanthys here.](https://sip.security.microsoft.com/intel-explorer/articles/463afcea) #### Reference URL(s) 1. https://asec.ahnlab.com/en/63477/ #### Publication Date March 31, 2024 #### Author(s) AhnLab Security Intelligence Center ]]> 2024-04-01T22:00:49+00:00 https://community.riskiq.com/article/bf8b5bc1 www.secnews.physaphae.fr/article.php?IdArticle=8474308 False Malware None 2.0000000000000000