www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-19T01:51:12+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch Des pirates chinois parrainés par l'État chargés, des sanctions perçues par nous Chinese State-Sponsored Hackers Charged, Sanctions Levied by US The US and the UK charge seven Chinese nationals for operating as part of threat group APT31.]]> 2024-03-25T21:20:40+00:00 https://www.darkreading.com/cyber-risk/chinese-state-hackers-slapped-with-us-charges-sanctions www.secnews.physaphae.fr/article.php?IdArticle=8470383 False Threat APT 31 3.0000000000000000 Dark Reading - Informationweek Branch Il est temps de cesser de mesurer la sécurité dans les absolus It\\'s Time to Stop Measuring Security in Absolutes All-or-nothing security policies strain resources by aiming for perfection. We need a better way to assess progress.]]> 2024-03-25T20:51:39+00:00 https://www.darkreading.com/cybersecurity-analytics/time-to-stop-measuring-security-in-absolutes www.secnews.physaphae.fr/article.php?IdArticle=8470681 False None None 2.0000000000000000 Data Security Breach - Site de news Francais Le FBI publie une alerte pour inciter les fabricants à éliminer les SQLi 2024-03-25T20:39:38+00:00 https://www.datasecuritybreach.fr/cisa-fbi-sqli/ www.secnews.physaphae.fr/article.php?IdArticle=8470372 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Le sénateur demande des réponses du HHS environ 7,5 millions de dollars de cyber vol en 2023 Senator demands answers from HHS about $7.5 million cyber theft in 2023

Un sénateur américain soulève des questions sur un rapport selon lequel 7,5 millions de dollars ont été volés par les cyber-voleurs du ministère de la Santé et des Services sociaux (HHS) l'année dernière.Citant un rapport de Bloomberg à partir de janvier, le sénateur Bill Cassidy a envoyé le secrétaire du HHS Xavier Becerra 11 questions sur une violation d'une plate-forme pour les paiements de subvention

A U.S. senator is raising questions about a report that $7.5 million was stolen by cyber thieves from the the Department of Health and Human Services (HHS) last year. Citing a Bloomberg report from January, Sen. Bill Cassidy sent HHS Secretary Xavier Becerra 11 questions about a breach of a platform for grant payments]]> 2024-03-25T20:33:10+00:00 https://therecord.media/hhs-reported-grant-payment-scam-sen-bill-cassidy-letter www.secnews.physaphae.fr/article.php?IdArticle=8470348 False None None 3.0000000000000000 TroyHunt - Blog Security Le ministère de la Justice réduit 7 accusés dans une campagne de piratage de 14 ans par le gouvernement chinois Justice Department indicts 7 accused in 14-year hack campaign by Chinese gov Hacks allegedly targeted US officials and politicians, their spouses, and dozens of companies.]]> 2024-03-25T20:20:53+00:00 https://arstechnica.com/?p=2012482 www.secnews.physaphae.fr/article.php?IdArticle=8470347 False Hack None 3.0000000000000000 Zataz - Magazine Francais de secu Après Twitter, voici des données exfiltrées de TikTok ? 2024-03-25T19:33:55+00:00 https://www.zataz.com/apres-twitter-voici-des-donnees-exfiltrees-de-tiktok/ www.secnews.physaphae.fr/article.php?IdArticle=8470327 False None None 3.0000000000000000 HackRead - Chercher Cyber International Sting supprime le grand marché Web Dark «Market Nèmesis» International Sting Takes Down Major Dark Web Marketplace “Nemesis Market” waqas Un autre jour, un autre marché Web sombre populaire mord la poussière! Ceci est un article de HackRead.com Lire la publication originale: International Sting élimine le marché du Web Dark & # 8220; Némesis Market & # 8221;

By Waqas Another day, another popular dark web marketplace bites the dust! This is a post from HackRead.com Read the original post: International Sting Takes Down Major Dark Web Marketplace “Nemesis Market”]]> 2024-03-25T19:06:14+00:00 https://www.hackread.com/sting-takes-down-dark-web-nemesis-market/ www.secnews.physaphae.fr/article.php?IdArticle=8470305 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Plusieurs pirates annoncent la vente de la base de données de France Travail. 2024-03-25T19:00:01+00:00 https://www.zataz.com/plusieurs-pirates-annoncent-la-vente-de-la-base-de-donnees-de-france-travail/ www.secnews.physaphae.fr/article.php?IdArticle=8470306 False None None 3.0000000000000000 SecurityWeek - Security News Le Trésor américain gifle les sanctions contre les pirates APT31 liés à la Chine US Treasury Slaps Sanctions on China-Linked APT31 Hackers Le Département du Trésor américain sanctionne une paire de pirates chinois liés à des «cyber-opérations malveillantes ciblant les secteurs des infrastructures critiques».

>The US Treasury Department sanctions a pair of Chinese hackers linked to “malicious cyber operations targeting US critical infrastructure sectors.” ]]> 2024-03-25T18:50:17+00:00 https://www.securityweek.com/us-treasury-slaps-sanctions-on-china-linked-apt31-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8470303 False None APT 31 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'équipe82 de Claroty \\ révèle des vulnérabilités critiques dans les appareils unistream unitronics, incité les mises à jour des fournisseurs Claroty\\'s Team82 reveals critical vulnerabilities in Unitronics UniStream devices, prompting vendor updates Researchers from Claroty\'s Team82 disclosed the presence of critical hardware vulnerabilities in Unitronics UniStream integrated PLC/HMI products, leading... ]]> 2024-03-25T18:21:40+00:00 https://industrialcyber.co/news/clarotys-team82-reveals-critical-vulnerabilities-in-unitronics-unistream-devices-prompting-vendor-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8470304 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch CISA cherche à réduire les défauts d'injection impardonnables \\ '\\' SQL CISA Seeks to Curtail \\'Unforgivable\\' SQL Injection Defects In a joint alert with the FBI, CISA seeks to tamp down the pervasiveness of a well-known class of bugs.]]> 2024-03-25T18:06:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cisa-seeks-to-stem-unforgivable-sql-injection-defects www.secnews.physaphae.fr/article.php?IdArticle=8470280 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Un système d'exploitation axé sur la base de données veut secouer la sécurité du cloud A Database-Oriented Operating System Wants to Shake Up Cloud Security The operating system, DBOS, natively uses a relational database to reduce cost, ease application development, and maintain cybersecurity and integrity.]]> 2024-03-25T18:00:31+00:00 https://www.darkreading.com/cloud-security/can-a-database-oriented-operating-system-make-the-cloud-more-secure www.secnews.physaphae.fr/article.php?IdArticle=8470384 False Cloud None 2.0000000000000000 The Register - Site journalistique Anglais Plus de 170 000 utilisateurs frappés par la ruse du package Python empoisonné Over 170K users hit by poisoned Python package ruse Supply chain attack targeted GitHub community of Top.gg Discord server More than 170,000 users have been affected by an attack using fake Python infrastructure with "successful exploitation of multiple victims."…]]> 2024-03-25T18:00:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/python_package_malware/ www.secnews.physaphae.fr/article.php?IdArticle=8470276 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Fuite de données pour des marques telles que Timberland, Vans ou Napapijri ? 2024-03-25T17:52:17+00:00 https://www.zataz.com/fuite-de-donnees-pour-des-marques-telles-que-timberland-vans-ou-napapijri/ www.secnews.physaphae.fr/article.php?IdArticle=8470282 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Les sanctions américaines ont allégué des pirates d'État chinois pour des attaques contre les infrastructures critiques US sanctions alleged Chinese state hackers for attacks on critical infrastructure

Les États-Unis ont sanctionné une société basée à Wuhan qui serait un front pour le ministère d'État de la Sécurité de la Chine lundi à la suite de dizaines d'attaques contre des infrastructures critiques. & NBSP;Les départements de la justice et du trésor ont accusé Wuhan Xiaoruizhi Science and Technology Company d'être une couverture pour APT31 - un groupe de piratage basé en Chine connu pour son ciblage précédemment

The U.S. sanctioned a Wuhan-based company believed to be a front for China\'s Ministry of State Security on Monday following dozens of attacks on critical infrastructure. The Justice and Treasury Departments accused Wuhan Xiaoruizhi Science and Technology Company of being a cover for APT31 - a notorious China-based hacking group known for previously targeting]]> 2024-03-25T17:50:21+00:00 https://therecord.media/us-sanctions-chinese-hackers-infrastructure-attacks www.secnews.physaphae.fr/article.php?IdArticle=8470278 False None APT 31 2.0000000000000000 Recorded Future - FLux Recorded Future Les États-Unis pénalisent les entreprises russes fintech qui ont aidé les autres à échapper aux sanctions US penalizes Russian fintech firms that helped others evade sanctions

Les États-Unis ont imposé des sanctions à 13 sociétés fintech liées à la Russie et deux individus pour avoir offert des services de crypto-monnaie utilisés pour échapper aux restrictions économiques imposées à la Russie à la suite de son invasion de l'Ukraine.La nouvelle série de sanctions du Département du Trésor américain \\ survient deux semaines après que la Russie a annoncé qu'elle avait interdit l'entrée à 227 citoyens américains, notamment en premier plan

The U.S. imposed sanctions on 13 Russia-linked fintech companies and two individuals for offering cryptocurrency services used to evade economic restrictions imposed on Russia following its invasion of Ukraine. The U.S. Treasury Department\'s new spate of sanctions comes two weeks after Russia announced that it had banned entry to 227 U.S. citizens, including prominent]]> 2024-03-25T17:49:48+00:00 https://therecord.media/us-sanctions-russian-fintech-firms-evasions-cryptocurrency www.secnews.physaphae.fr/article.php?IdArticle=8470279 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les États-Unis et le Royaume-Uni accusent la Chine de cyber opérations ciblant la politique intérieure US and UK accuse China of cyber operations targeting domestic politics Les responsables de Washington et de Londres disent que les pirates soutenus par l'État chinois ont cherché à faire taire les dissidents et les politiciens de surveillance.

>Officials in Washington and London say hackers backed by the Chinese state sought to silence dissidents and surveil politicians. ]]> 2024-03-25T17:48:52+00:00 https://cyberscoop.com/china-indictments-apt31-surveillance/ www.secnews.physaphae.fr/article.php?IdArticle=8470277 False None None 3.0000000000000000 Korben - Bloger francais Geohot atomise les firmwares AMD et ça fait mal 2024-03-25T17:40:37+00:00 https://korben.info/geohot-atomise-les-firmwares-amd-et-ca-fait-mal.html www.secnews.physaphae.fr/article.php?IdArticle=8470307 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le kit de phishing du nouveau magnat 2fa soulève des problèmes de cybersécurité New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks]]> 2024-03-25T17:30:00+00:00 https://www.infosecurity-magazine.com/news/new-tycoon-2fa-phishing-kit/ www.secnews.physaphae.fr/article.php?IdArticle=8470281 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers Hijack Github Comptes dans l'attaque de la chaîne d'approvisionnement affectant Top -g et autres Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom]]> 2024-03-25T17:28:00+00:00 https://thehackernews.com/2024/03/hackers-hijack-github-accounts-in.html www.secnews.physaphae.fr/article.php?IdArticle=8470152 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Leçon clé du piratage de pulvérisation de mot de passe de Microsoft \\: sécuriser chaque compte Key Lesson from Microsoft\\'s Password Spray Hack: Secure Every Account In January 2024, Microsoft discovered they\'d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn\'t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of]]> 2024-03-25T17:07:00+00:00 https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html www.secnews.physaphae.fr/article.php?IdArticle=8470153 False Hack,Vulnerability,Threat,Technical None 2.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Statistiques de Netkope Threat Labs pour février 2024 Netskope Threat Labs Stats for February 2024 Netskope Threat Labs publie un article de blog de résumé mensuel des principales menaces que nous suivons sur la plate-forme NetSkope.Cet article vise à fournir une intelligence stratégique et exploitable sur les menaces actives contre les utilisateurs d'entreprise du monde entier.Résumé OneDrive et Github étaient en haut de la liste des applications cloud top utilisées pour les téléchargements de logiciels malveillants, montrant un [& # 8230;]

>Netskope Threat Labs publishes a monthly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary OneDrive and GitHub were on the top of the list of top cloud apps used for malware downloads, showing a […] ]]> 2024-03-25T17:00:00+00:00 https://www.netskope.com/blog/netskope-threat-labs-stats-for-february-2024 www.secnews.physaphae.fr/article.php?IdArticle=8470254 False Malware,Threat,Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future \\ 'de la grande portée \\' hack voler des informations aux développeurs de Python \\'Far-reaching\\' hack stole information from Python developers

Une récente campagne de logiciels malveillants contre les développeurs de Python est le dernier exemple de l'adhérence et de l'ingéniosité des attaquants qui ciblent la chaîne d'approvisionnement des logiciels, selon des chercheurs en cybersécurité.Les victimes de l'opération «de grande envergure» comprenaient des développeurs individuels qui ont publié publiquement sur leurs incidents, ainsi que les membres de Top.gg - une communauté pour les personnes qui

A recent malware campaign against Python developers is the latest example of the craftiness and resourcefulness of attackers who target the software supply chain, according to cybersecurity researchers. Victims of the “far-reaching” operation included individual developers who publicly wrote about their incidents, as well as members of Top.gg - a community for people who]]> 2024-03-25T16:52:20+00:00 https://therecord.media/far-reaching-hack-stole-information-from-python-developers www.secnews.physaphae.fr/article.php?IdArticle=8470255 False Malware,Hack None 2.0000000000000000 ComputerWeekly - Computer Magazine Hackers chinois responsables de deux cyber campagnes \\ 'malveillant contre le Royaume-Uni Chinese hackers responsible for two \\'malicious\\' cyber campaigns against UK 2024-03-25T16:19:00+00:00 https://www.computerweekly.com/news/366575299/Chinese-hackers-responsible-for-two-malicious-cyber-campaigns-against-UK www.secnews.physaphae.fr/article.php?IdArticle=8470349 False None None 2.0000000000000000 Korben - Bloger francais Microsoft prépare une interface graphique pour WSL avec Dev Home 2024-03-25T16:18:52+00:00 https://korben.info/revolutionnez-wsl-interface-graphique-dev-home.html www.secnews.physaphae.fr/article.php?IdArticle=8470283 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les États-Unis doivent établir des cyber-services militaires indépendants pour résoudre les problèmes \\ 'alarmants - Rapport - Rapport US must establish independent military cyber service to fix \\'alarming\\' problems - report Un nouveau rapport de la Foundation for Defence of Democracies vise à plaider en faveur de la création d'un service militaire indépendant pour le cyber.

>A new report from the Foundation for Defense of Democracies aims to make the case for the creation of an independent military service for cyber. ]]> 2024-03-25T16:00:53+00:00 https://defensescoop.com/2024/03/25/u-s-must-establish-independent-military-cyber-service-or-risk-catastrophic-condition-report/ www.secnews.physaphae.fr/article.php?IdArticle=8470222 False None None 2.0000000000000000 The Register - Site journalistique Anglais Zenhammer descend sur les systèmes AMD Zen 2 et 3 ZenHammer comes down on AMD Zen 2 and 3 systems Boffins demonstrate Rowhammer memory meddling on AMD DDR4 hardware ZenHammer would be the perfect name for a heavy metal band, but alas, it\'s an AMD-focused variant of the decade-old Rowhammer attack that compromises computers by flipping bits of memory.…]]> 2024-03-25T16:00:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/zenhammer_comes_down_on_amd/ www.secnews.physaphae.fr/article.php?IdArticle=8470229 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les fausses accords Ozempic sur la hausse alors que les experts mettent en garde contre les escroqueries à phishing Fake Ozempic Deals on the Rise as Experts Warn of Phishing Scams Kaspersky\'s findings revealed phishing pages posing as vendors, enticing users with discounts]]> 2024-03-25T16:00:00+00:00 https://www.infosecurity-magazine.com/news/phishing-scams-targets-ozempic/ www.secnews.physaphae.fr/article.php?IdArticle=8470232 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le Royaume-Uni blâme la Chine pour 2021 Hack ciblant des millions d'électeurs \\ 'Data UK Blames China for 2021 Hack Targeting Millions of Voters\\' Data The UK\'s NCSC assesses that China-backed APT31 was “almost certainly” responsible for hacking the email accounts of UK parliamentarians]]> 2024-03-25T15:50:00+00:00 https://www.infosecurity-magazine.com/news/uk-blames-china-for-2021-electoral/ www.secnews.physaphae.fr/article.php?IdArticle=8470233 False Hack APT 31 2.0000000000000000 RedCanary - Red Canary Venant dans une ville près de chez vous, il est rouge que Red Canary en direct! Coming to a city near you, it\\'s Red Canary Live! Join us in person to learn how to understand, detect, and respond to threats identified in our sixth annual Threat Detection Report.]]> 2024-03-25T15:49:15+00:00 https://redcanary.com/blog/red-canary-live/ www.secnews.physaphae.fr/article.php?IdArticle=8470220 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Le Royaume-Uni dit que la Chine a visé \\ 'Cyber Cyber Cibunting \\' dans les institutions démocratiques UK says China aimed \\'malicious cyber targeting\\' at democratic institutions

Le gouvernement britannique a publiquement accusé des pirates chinois affiliés à l'État avec «la réalisation de la cyber-activité malveillante ciblant les institutions et les individus britanniques importants pour notre démocratie».Dans une déclaration au Parlement lundi, le vice-Premier ministre Oliver Dowden a déclaré que le Royaume-Uni ne tolérerait pas les attaques contre les institutions démocratiques et avait annoncé des sanctions contre deux individus et

The British government has publicly accused Chinese state-affiliated hackers with “carrying out malicious cyber activity targeting UK institutions and individuals important to our democracy.” In a statement to parliament on Monday, Deputy Prime Minister Oliver Dowden said the United Kingdom would not tolerate attacks against democratic institutions, and announced sanctions against two individuals and]]> 2024-03-25T15:44:01+00:00 https://therecord.media/uk-accuses-china-targeting-democratic-institutions www.secnews.physaphae.fr/article.php?IdArticle=8470231 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Une nouvelle législation oblige les normes minimales de cybersécurité pour protéger les prestataires de soins de santé en cas de futurs hacks New legislation mandates minimum cybersecurity standards to safeguard healthcare providers in case of future hacks A U.S. Senator has introduced the Health Care Cybersecurity Improvement Act of 2024, which proposes providing advance and... ]]> 2024-03-25T15:25:15+00:00 https://industrialcyber.co/regulation-standards-and-compliance/new-legislation-mandates-minimum-cybersecurity-standards-to-safeguard-healthcare-providers-in-case-of-future-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8470227 False Legislation,Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial La NSA exhorte les fournisseurs de services cloud à hiérarchiser la sécurité grâce à des pratiques de journalisation efficaces NSA urges cloud service providers to prioritize security through effective logging practices The U.S. National Security Agency (NSA) issued a document urging cloud service providers (CSPs) to prioritize security for... ]]> 2024-03-25T15:18:59+00:00 https://industrialcyber.co/critical-infrastructure/nsa-urges-cloud-service-providers-to-prioritize-security-through-effective-logging-practices/ www.secnews.physaphae.fr/article.php?IdArticle=8470228 False Cloud None 2.0000000000000000 IT Security Guru - Blog Sécurité # MIWIC2024: Lianne Potter, chef de Secops chez Asda et le cyber-anthropologue à des positions compromettantes #MIWIC2024: Lianne Potter, Head of SecOps at ASDA and Cyber Anthropologist at Compromising Positions # miwic2024: Lianne Potter, responsable de Secops à Asda et cyber-anthropologue à des positions compromettantes Il est apparu pour la première fois sur guru de sécurité informatique .

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024\'s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee\'s answers are […] The post #MIWIC2024: Lianne Potter, Head of SecOps at ASDA and Cyber Anthropologist at Compromising Positions first appeared on IT Security Guru. ]]> 2024-03-25T15:17:03+00:00 https://www.itsecurityguru.org/2024/03/25/miwic2024-lianne-potter-head-of-secops-at-asda-and-cyber-anthropologist-at-compromising-positions/?utm_source=rss&utm_medium=rss&utm_campaign=miwic2024-lianne-potter-head-of-secops-at-asda-and-cyber-anthropologist-at-compromising-positions www.secnews.physaphae.fr/article.php?IdArticle=8470223 False None None 2.0000000000000000 Fortinet - Fabricant Materiel Securite La stratégie nationale de cybersécurité un an plus tard The National Cybersecurity Strategy One Year Later A year after the National Cybersecurity Strategy was released, there has been a major coalescence around the idea of secure by design and secured by default. Read more.]]> 2024-03-25T15:00:00+00:00 https://www.fortinet.com/blog/ciso-collective/the-national-cybersecurity-strategy-one-year-later www.secnews.physaphae.fr/article.php?IdArticle=8470221 False None None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite 25 mars & # 8211;Rapport de renseignement sur les menaces 25th March – Threat Intelligence Report Pour les dernières découvertes de cyber-recherche pour la semaine du 25 mars, veuillez télécharger notre bulletin de menace_ingence.Les principales attaques et violations la société de technologie japonaise Fujitsu ont découvert des logiciels malveillants sur ses ordinateurs de travail, risquant l'exposition des données des clients.La société, une société informatique de premier plan, a détecté un accès non autorisé qui a potentiellement permis aux informations personnelles et clients d'être [& # 8230;]

>For the latest discoveries in cyber research for the week of 25th March, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES Japanese tech company Fujitsu discovered malware on its work computers, risking exposure of customer data. The company, a leading IT firm, detected unauthorized access that potentially allowed personal and customer information to be […] ]]> 2024-03-25T14:56:27+00:00 https://research.checkpoint.com/2024/25th-march-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8470198 False Malware,Threat None 2.0000000000000000 Korben - Bloger francais Beetlejuice Beetlejuice – Le grand retour de Michael Keaton et Tim Burton 2024-03-25T14:50:10+00:00 https://korben.info/beetlejuice-2-retour-michael-keaton-tim-burton.html www.secnews.physaphae.fr/article.php?IdArticle=8470199 False None None 3.0000000000000000 Silicon - Site de News Francais Microsoft paie 650 millions $ à Inflection AI après avoir débauché son co-fondateur 2024-03-25T14:32:55+00:00 https://www.silicon.fr/microsoft-paie-650-millions-a-inflection-ai-apres-avoir-debauche-son-co-fondateur-477115.html www.secnews.physaphae.fr/article.php?IdArticle=8470230 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle vulnérabilité "GoFetch" dans les puces Apple M-Series Fuites Secret Encryption Keys New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data]]> 2024-03-25T14:32:00+00:00 https://thehackernews.com/2024/03/new-gofetch-vulnerability-in-apple-m.html www.secnews.physaphae.fr/article.php?IdArticle=8470071 False Vulnerability None 2.0000000000000000 Global Security Mag - Site de news francais CrowdStrike et HCLTech annoncent un partenariat stratégique Business]]> 2024-03-25T14:07:49+00:00 https://www.globalsecuritymag.fr/crowdstrike-et-hcltech-annoncent-un-partenariat-strategique.html www.secnews.physaphae.fr/article.php?IdArticle=8470354 False None None 3.0000000000000000 Korben - Bloger francais L\'histoire méconnue de la boîte " Format " de Windows 2024-03-25T14:05:17+00:00 https://korben.info/mystere-format-dialog-windows-30-ans-intemporalite.html www.secnews.physaphae.fr/article.php?IdArticle=8470200 False None None 2.0000000000000000 Sekoia - Cyber Firms Sekoia.io et Glimps: un nouvel exemple d'interopérabilité dans la plate-forme XDR ouverte Sekoia.io and GLIMPS: a new example of interoperability within the Open XDR platform Ce blog a été écrit par Glimpps et Sekoia.io équipes La plate-forme XDR Open est une alliance de fournisseurs de solutions de cybersécurité spécialisés et complémentaires, qui fournissent une réponse rapide et coordonnée au nombre toujours croissant et à la sophistication des cyberattaques.Cette approche modulaire et personnalisable fournit aux analystes et aux gestionnaires de sécurité les composants dont ils ont besoin pour mieux livrer leur entreprise quotidienne.Cette alliance est [& # 8230;] la Publication Suivante Sekoia.io et Glimps: un nouvel exemple d'interopérabilité dans la plate-forme XDR ouverte est un article de blog Sekoia.io .

>This blogpost was written by Glimps and Sekoia.io teams The Open XDR Platform is an alliance of specialized, complementary cybersecurity solution providers, that provide a rapid, coordinated response to the ever-increasing number and sophistication of cyberattacks. This modular, customizable approach provides analysts and security managers with the components they need to better deliver their day-to-day business. This alliance is […] La publication suivante Sekoia.io and GLIMPS: a new example of interoperability within the Open XDR platform est un article de Sekoia.io Blog.]]> 2024-03-25T14:04:49+00:00 https://blog.sekoia.io/sekoia-io-and-glimps-a-new-example-of-interoperability-within-the-open-xdr-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8470197 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers Poison Source Code de la plus grande plate-forme Discord Bot Hackers poison source code from largest Discord bot platform A new supply chain attack has impacted the top gg Discord bot developers community on GitHub, which has over 170,000 members, with data-stealing malware. [...]]]> 2024-03-25T14:00:01+00:00 https://www.bleepingcomputer.com/news/security/hackers-poison-source-code-from-largest-discord-bot-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8470275 False Malware None 4.0000000000000000 Dark Reading - Informationweek Branch Atténuer le risque tiers nécessite une approche collaborative et approfondie Mitigating Third-Party Risk Requires a Collaborative, Thorough Approach The issue can seem daunting, but most organizations have more agency and flexibility to deal with third-party risk than they think.]]> 2024-03-25T14:00:00+00:00 https://www.darkreading.com/cyber-risk/mitigating-third-party-risk-requires-collaborative-approach www.secnews.physaphae.fr/article.php?IdArticle=8470174 False None None 3.0000000000000000 Global Security Mag - Site de news francais Nouvelle enquête de l\'Observatoire des métiers de la cybersécurité : 3 actions essentielles pour faire face à la pénurie de talents Investigations]]> 2024-03-25T13:56:03+00:00 https://www.globalsecuritymag.fr/nouvelle-enquete-de-l-observatoire-des-metiers-de-la-cybersecurite-3-actions.html www.secnews.physaphae.fr/article.php?IdArticle=8470355 False None None 3.0000000000000000 Global Security Mag - Site de news francais Veritas Backup Exec est disponible Produits]]> 2024-03-25T13:45:20+00:00 https://www.globalsecuritymag.fr/veritas-backup-exec-est-disponible.html www.secnews.physaphae.fr/article.php?IdArticle=8470356 False None None 2.0000000000000000 Global Security Mag - Site de news francais Tanium et Orange Cyberdefense lancent l\'offre Xtended Produits]]> 2024-03-25T13:35:39+00:00 https://www.globalsecuritymag.fr/tanium-et-orange-cyberdefense-lancent-l-offre-xtended.html www.secnews.physaphae.fr/article.php?IdArticle=8470357 False Patching None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires, 25 mars 2024 Weekly OSINT Highlights, 25 March 2024 2024-03-25T13:28:48+00:00 https://community.riskiq.com/article/95f9e604 www.secnews.physaphae.fr/article.php?IdArticle=8470186 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Julien Jacquel, Cyberprotect : L\'IA est un nouveau terrain de jeu qui sera exploité aussi bien par les métiers de la cybersécurité que par les attaquants ! Interviews / INCYBER 2024]]> 2024-03-25T13:23:09+00:00 https://www.globalsecuritymag.fr/julien-jacquel-cyberprotect-l-ia-est-un-nouveau-terrain-de-jeu-qui-sera.html www.secnews.physaphae.fr/article.php?IdArticle=8470358 False None None 2.0000000000000000 ProofPoint - Firm Security Les États-Unis et le Royaume-Uni s'en prennent à des pirates chinois accusés d'une opération soutenue par l'État contre les politiciens, des dissidents US and UK go after Chinese hackers accused of state-backed operation against politicians, dissidents 2024-03-25T13:15:37+00:00 https://www.proofpoint.com/us/newsroom/news/us-and-uk-go-after-chinese-hackers-accused-state-backed-operation-against-politicians www.secnews.physaphae.fr/article.php?IdArticle=8474249 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Muddywater lié à l'Iran déploie Atera pour la surveillance dans les attaques de phishing Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the week of March 11, targeted Israeli entities spanning global manufacturing, technology, and]]> 2024-03-25T13:07:00+00:00 https://thehackernews.com/2024/03/iran-linked-muddywater-deploys-atera.html www.secnews.physaphae.fr/article.php?IdArticle=8470039 False Threat None 2.0000000000000000 HackRead - Chercher Cyber New Geobox Tool détourne Raspberry Pi, permet aux pirates de faux emplacement New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location Par deeba ahmed nouvel outil Web Dark Geobox, vendu pour 700 $ sur les forums Telegram et Underground, les détournements Raspberry Pi, permettant aux cybercriminels de truquer les emplacements et d'éviter la détection. Ceci est un article de HackRead.com Lire le post original: New Geobox Tool détourne Raspberry Pi, permet aux pirates de faux emplacement

>By Deeba Ahmed New Dark Web Tool GEOBOX, sold for $700 on Telegram and underground forums, hijacks Raspberry Pi, allowing cybercriminals to fake locations and evade detection. This is a post from HackRead.com Read the original post: New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location]]> 2024-03-25T13:00:20+00:00 https://www.hackread.com/geobox-tool-hijack-raspberry-pi-fake-location/ www.secnews.physaphae.fr/article.php?IdArticle=8470150 False Tool None 3.0000000000000000 McAfee Labs - Editeur Logiciel Phishing pour W-2S: garder vos données financières en sécurité pendant la saison fiscale Phishing for W-2s: Keeping Your Financial Data Safe During Tax Season

Les escroqueries de phishing W-2 impliquent souvent des e-mails qui semblent provenir de l'IRS ou d'une autre source officielle, demandant des informations personnelles.L'objectif est de inciter le bénéficiaire à révéler des données confidentielles, telles que les numéros de sécurité sociale et les informations financières, que l'agresseur peut ensuite utiliser à des fins frauduleuses.

W-2 phishing scams often involve emails that appear to be from the IRS or another official source, requesting personal information. The goal is to trick the recipient into revealing confidential data, such as social security numbers and financial information, which the perpetrator can then use for fraudulent purposes. ]]> 2024-03-25T13:00:17+00:00 https://www.mcafee.com/blogs/privacy-identity-protection/tax-season-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8470194 False None None 2.0000000000000000 Global Security Mag - Site de news francais Une attaque de chaîne d'approvisionnement compliquée frappe les développeurs GitHub et individuels Complicated Supply Chain Attack Hits Github and Individual Developers opinion

Complicated Supply Chain Attack Hits Github and Individual Developers. The Checkmarx Research team announced recently uncovered a complicated attack campaign targeting the software supply chain. - Opinion]]> 2024-03-25T12:35:03+00:00 https://www.globalsecuritymag.fr/complicated-supply-chain-attack-hits-github-and-individual-developers.html www.secnews.physaphae.fr/article.php?IdArticle=8470359 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Le Japon gère des exercices de cyber-défense inauguraux avec les nations de l'île du Pacifique Japan Runs Inaugural Cyber Defense Drills with Pacific Island Nations Kiribati, the Marshall Islands, Micronesia, Nauru, and Palau participate in the cybersecurity exercise held in Guam.]]> 2024-03-25T12:34:16+00:00 https://www.darkreading.com/cyber-risk/japan-runs-inaugural-cyber-defense-drills-with-pacific-island-nations www.secnews.physaphae.fr/article.php?IdArticle=8470151 False None Guam 3.0000000000000000 Recorded Future - FLux Recorded Future Le Nigéria facture une binance d'évasion fiscale;Un exécutif détenu a fui et un autre encore en détention Nigeria charges Binance with tax evasion; one detained exec has fled and another still in custody

Le Nigéria a accusé Binance, le plus grand échange de crypto-monnaie du monde \\, avec une évasion fiscale après une impasse d'un mois entre le gouvernement et la société s'est intensifiée.Le chien de garde fiscal du pays a rendu public l'annonce lundi.Les accusations, qui nomment également deux dirigeants de Binance, Nadeem Ahjarwalla et Tigran Gambaryan, ont été annoncés par le Federal Inland Revenue Service

Nigeria has charged Binance, the world\'s largest cryptocurrency exchange, with tax evasion after a monthlong standoff between the government and the company intensified. The country\'s tax watchdog made the announcement public on Monday. The charges, which also name two Binance executives, Nadeem Ahjarwalla and Tigran Gambaryan, were announced by the Federal Inland Revenue Service]]> 2024-03-25T12:33:16+00:00 https://therecord.media/binance-nigeria-tax-evasion-charges-executive-escapes www.secnews.physaphae.fr/article.php?IdArticle=8470149 False None None 3.0000000000000000 Global Security Mag - Site de news francais LG Magna E-Powertrain annonce qu'elle a reçu la certification du système de gestion de la cybersécurité LG Magna e-Powertrain announces it has received Cyber Security Management System certification revues de produits

LG Magna commitment to protecting vehicle components against cyber threats. LG Magna e-Powertrain announces it has received Cyber Security Management System (CSMS, ISO/SAE 21434:2021) certification - Product Reviews]]> 2024-03-25T12:24:54+00:00 https://www.globalsecuritymag.fr/lg-magna-e-powertrain-announces-it-has-received-cyber-security-management.html www.secnews.physaphae.fr/article.php?IdArticle=8470360 False None None 3.0000000000000000 Intigrity - Blog Révolutionner la sécurité des soins de santé: aller au-delà de la tasse Revolutionizing healthcare security: moving beyond pentesting Le secteur de la santé reste une cible principale pour les cybercriminels, avec 90% des établissements de santé qui connaissent & # 160; au moins une violation de sécurité au cours des dernières années.Et les retombées peuvent être énormes.& # 160;En 2023, le coût moyen d'une violation de données dans tous les secteurs était de 4,45 millions de dollars.Cependant, le coût moyen d'une violation de données sur les soins de santé [& # 8230;]

>The healthcare sector remains a prime target for cybercriminals, with 90% of healthcare institutions experiencing at least one security breach in the last few years. And the fallout can be huge. In 2023, the average cost of a data breach across all sectors was $4.45 million. However, the average cost of a healthcare data breach […] ]]> 2024-03-25T12:09:37+00:00 https://blog.intigriti.com/2024/03/25/pentesting-for-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8470147 False Data Breach,Medical None 3.0000000000000000 knowbe4 - cybersecurity services FBI: les pertes dues à la cybercriminalité sautent à 12,5 milliards de dollars alors que le phishing continue de dominer FBI: Losses Due to Cybercrime Jump to $12.5 Billion as Phishing Continues to Dominate

FBI: Losses Due to Cybercrime Jump to $12.5 Billion as Phishing Continues to Dominate

]]> 2024-03-25T12:00:00+00:00 https://blog.knowbe4.com/fbi-losses-due-to-cybercrime-jump-12.5-billion-as-phishing-continues www.secnews.physaphae.fr/article.php?IdArticle=8470123 False None None 3.0000000000000000 knowbe4 - cybersecurity services Les cyberattaques conscientes du nuage augmentent 110% alors que les groupes de menaces aiguisent leurs compétences d'attaque Cloud-Conscious Cyber Attacks Spike 110% as Threat Groups Sharpen their Attack Skills

Les cyberattaques conscientes du cloud augmentent 110% alors que les groupes de menaces aiguisent leurs compétences d'attaque

Les nouvelles données montrent une expertise accrue dans la mise en œuvre et l'exploitation des environnements cloud.

Cloud-Conscious Cyberattacks Spike 110% as Threat Groups Sharpen their Attack Skills

New data shows increased expertise in leveraging and exploiting cloud environments.]]> 2024-03-25T12:00:00+00:00 https://blog.knowbe4.com/cloud-conscious-cyberattacks-spike-110-as-threat-groups-sharpen-skills www.secnews.physaphae.fr/article.php?IdArticle=8470122 False Threat,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain Nouvelle attaque de mémoire Zenhammer a un impact sur les processeurs AMD Zen New ZenHammer memory attack impacts AMD Zen CPUs Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips. [...]]]> 2024-03-25T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-zenhammer-memory-attack-impacts-amd-zen-cpus/ www.secnews.physaphae.fr/article.php?IdArticle=8470224 False None None 3.0000000000000000 Silicon - Site de News Francais Nozha Boujemaa – Decathlon : " L\'IA générative est un game changer dans notre approche centrée sur l\'expérience. " 2024-03-25T11:58:35+00:00 https://www.silicon.fr/nozha-boujemaa-decathlon-lia-generative-est-un-game-changer-dans-notre-approche-centree-sur-lexperience-477102.html www.secnews.physaphae.fr/article.php?IdArticle=8470125 False None None 3.0000000000000000 SecurityWeek - Security News Les meilleurs développeurs Python piratés dans une attaque de chaîne d'approvisionnement sophistiquée Top Python Developers Hacked in Sophisticated Supply Chain Attack Plusieurs développeurs Python sont infectés après le téléchargement du clone de malveillance de l'outil populaire Colorama.

>Multiple Python developers get infected after downloading malware-packed clone of the popular tool Colorama. ]]> 2024-03-25T11:43:55+00:00 https://www.securityweek.com/top-python-developers-hacked-in-sophisticated-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8470124 False Tool None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Licence d'ingénieurs d'IA Licensing AI Engineers Article du journal de droit Recommander la même idée pour les ingénieurs de l'IA. Cet article propose une autre manière: professionnalisation de l'ingénierie AI.Obliger les ingénieurs d'IA pour obtenir des licences pour construire des produits d'IA commerciaux, les pousser à collaborer sur des normes techniques spécifiques au domaine en faveur scientifique et en appuyant sur le domaine et en facilitant les services de police eux-mêmes.Cette proposition de cette article traite des préjudices de l'IA à leur création, influençant les décisions même d'ingénierie qui leur donnent naissance en premier lieu.En arrachant le contrôle des informations et de la conception du système aux entreprises et en les remettant aux ingénieurs de l'IA, la professionnalisation enget une IA digne de confiance par conception.Au-delà de la recommandation de la solution politique spécifique de la professionnalisation, cet article vise à éloigner le discours sur l'IA de l'accent mis sur les solutions légères et les solutions ex post qui traitent des produits déjà créés à un accent sur les contrôles ex ante qui précèdent le développement de l'IA.Nous avons déjà utilisé ce livre de jeu dans les domaines nécessitant un niveau d'expertise élevé où une obligation pour le bien-être public doit l'emporter sur les motivations commerciales.Et si, comme les médecins, les ingénieurs de l'IA ont également promis de ne pas faire de mal? ...

The debate over professionalizing software engineers is decades old. (The basic idea is that, like lawyers and architects, there should be some professional licensing requirement for software engineers.) Here’s a law journal article recommending the same idea for AI engineers. This Article proposes another way: professionalizing AI engineering. Require AI engineers to obtain licenses to build commercial AI products, push them to collaborate on scientifically-supported, domain-specific technical standards, and charge them with policing themselves. This Article’s proposal addresses AI harms at their inception, influencing the very engineering decisions that give rise to them in the first place. By wresting control over information and system design away from companies and handing it to AI engineers, professionalization engenders trustworthy AI by design. Beyond recommending the specific policy solution of professionalization, this Article seeks to shift the discourse on AI away from an emphasis on light-touch, ex post solutions that address already-created products to a greater focus on ex ante controls that precede AI development. We’ve used this playbook before in fields requiring a high level of expertise where a duty to the public welfare must trump business motivations. What if, like doctors, AI engineers also vowed to do no harm?...]]> 2024-03-25T11:04:34+00:00 https://www.schneier.com/blog/archives/2024/03/licensing-ai-engineers.html www.secnews.physaphae.fr/article.php?IdArticle=8470099 False Technical,Commercial None 3.0000000000000000 Silicon - Site de News Francais Atos : David Layani ( OnePoint) veut bâtir un " New One AtoS " 2024-03-25T11:02:35+00:00 https://www.silicon.fr/atos-david-layani-onepoint-veut-batir-un-new-one-atos-477097.html www.secnews.physaphae.fr/article.php?IdArticle=8470101 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Les développeurs GitHub frappent dans une cyberattaque de chaîne d'approvisionnement complexe GitHub Developers Hit in Complex Supply Chain Cyberattack The attacker employed various techniques, including distributing malicious dependencies via a fake Python infrastructure linked to GitHub projects.]]> 2024-03-25T11:00:00+00:00 https://www.darkreading.com/application-security/github-developers-hit-in-complex-supply-chain-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8470100 False None None 2.0000000000000000 The State of Security - Magazine Américain Marché notoire en nèmes saisi par la police allemande Notorious Nemesis Market Seized by German Police Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems. Germany\'s Federal Criminal Police (known as the BKA) has announced that it has seized the infrastructure of Nemesis and taken down its website. At the same time, cryptocurrency worth 94,000 Euros was seized by police. Since its inception in 2021, Nemesis Market has grown rapidly - with more than 150,000 user accounts and over 1,100 sellers registered worldwide - dealing in a wide range of products including, narcotics...]]> 2024-03-25T10:57:50+00:00 https://www.tripwire.com/state-of-security/notorious-nemesis-market-zapped-video-game-loving-german-police www.secnews.physaphae.fr/article.php?IdArticle=8470234 False Legislation None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET La cybersécurité commence à la maison: aidez vos enfants à rester en sécurité en ligne avec des conversations ouvertes Cybersecurity starts at home: Help your children stay safe online with open conversations Struggle to know how to help children and teens stay safe in cyberspace? A good ol\' fashioned chat is enough to put them on the right track.]]> 2024-03-25T10:30:00+00:00 https://www.welivesecurity.com/en/kids-online/cybersecurity-starts-home-children-open-conversations/ www.secnews.physaphae.fr/article.php?IdArticle=8470790 False None None 3.0000000000000000 HackRead - Chercher Cyber Guide étape par étape pour créer votre premier portefeuille crypto Step-by-Step Guide to Creating Your First Crypto Wallet Par owais sultan Entrer dans le monde dynamique des crypto-monnaies est assez excitant.Mais on peut facilement être submergé par le montant & # 8230; Ceci est un article de HackRead.com Lire le post original: Guide étape par étape pour créer votre premier portefeuille crypto

>By Owais Sultan Entering the dynamic world of cryptocurrencies is pretty exciting. But one can easily get overwhelmed with the amount… This is a post from HackRead.com Read the original post: Step-by-Step Guide to Creating Your First Crypto Wallet]]> 2024-03-25T10:15:16+00:00 https://www.hackread.com/step-by-step-guide-create-first-crypto-wallet/ www.secnews.physaphae.fr/article.php?IdArticle=8470098 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Les pièges des investissements en ligne : comprendre et éviter les arnaques financières 2024-03-25T10:03:45+00:00 https://www.zataz.com/les-pieges-des-investissements-en-ligne-comprendre-et-eviter-les-arnaques-financieres/ www.secnews.physaphae.fr/article.php?IdArticle=8470070 False None None 3.0000000000000000 Global Security Mag - Site de news francais SysDream lance " NIS 2 Ready " Produits]]> 2024-03-25T10:00:44+00:00 https://www.globalsecuritymag.fr/sysdream-lance-nis-2-ready.html www.secnews.physaphae.fr/article.php?IdArticle=8470073 False None None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Décodage des implications de cybersécurité de l'avancement rapide de l'AI \\ Decoding the Cybersecurity Implications of AI\\'s Rapid Advancement up for grabs by the other side, and can (and will) arm them to launch attacks of unprecedented sophistication and elusiveness, the likes of which we’ve thankfully never seen up to now. How do we wield this impressive technology to fortify our defenses, while preventing it from falling into the wrong hands? Can such a thing even be accomplished? Join me below as we take a closer look at how AI’s rapid rise is changing the landscape of cybersecurity. AI as a Defense Tool AI is a reliable navigator for charting the digital deluge—it has the ability to handle vast quantities of information rapidly on a level that no human could ever hope to match. It doesn’t take a huge leap to come to the conclusion that those capabilities can very easily be leveraged for defense. Automated Threat Detection Think of AI as the ever-watchful eye, tirelessly scanning the horizon for signs of trouble in the vast sea of data. Its capability to detect threats with speed and precision beyond human ken is our first line of defense against the shadows that lurk in the network traffic, camouflaged in ordinary user behavior, or embedded within the seemingly benign activities of countless applications. AI isn’t just about spotting trouble; it’s about understanding it. Through machine learning, it constructs models that learn from the DNA of malware, enabling it to recognize new variants that bear the hallmarks of known threats. This is akin to recognizing an enemy’s tactics, even if their strategy evolves. All of what I’ve said also here applies to incident response—with AI’s ability to automatically meet threats head-on making a holistic cybersecurity posture both easier to achieve and less resource-intensive for organizations of all sizes. Predictive Analytics By understanding the patterns and techniques used in previous breaches, AI models can predict where and how cybercriminals might strike next. This foresight enables organizations to reinforce their defenses before an attack occurs, transforming cybersecurity from a reactive discipline into a proactive strategy that helps prevent breaches rather than merely responding to them. The sophistication of predictive analytics lies in its use of diverse data sources, including threat intelligence feeds, anomaly detection reports, and global cybersecurity trends. This comprehensive view allows AI systems to identify correlations and causations that might elude human analysts. Phishing Detection and Email Filtering AI has stepped up as a pivotal ally in the ongoing skirmish against phishing and other forms of social engineering attacks, which too often lay the groundwork for more invasive security breaches. Through meticulous analysis of email content, context, and even the]]> 2024-03-25T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/decoding-the-cybersecurity-implications-of-ais-rapid-advancement www.secnews.physaphae.fr/article.php?IdArticle=8470065 False Spam,Tool,Vulnerability,Threat,Prediction,Technical Deloitte 2.0000000000000000 Recorded Future - FLux Recorded Future Pentagone, le Congrès a une fenêtre limitée \\ '\\' pour créer correctement une cyber-force Pentagon, Congress have a \\'limited window\\' to properly create a Cyber Force

Les États-Unis devraient créer un cyber-service distinct après des années de mauvais recrutement, le manque de coordination par les branches militaires existantes et l'absence globale de culture pour les guerriers numériques du pays, selon un rapport d'un groupe de réflexion influent.«Des années après avoir désigné le cyberespace comme domaine de lutte contre la guerre, les dirigeants doivent reconnaître l'écriture sur

The U.S. should create a separate cyber service following years of poor recruitment, lack of coordination by the existing military branches and overall absence of culture for the country\'s digital warriors, according to a report from an influential think tank. “Years after designating cyberspace as a warfighting domain, leaders must acknowledge the writing on]]> 2024-03-25T10:00:00+00:00 https://therecord.media/military-cyber-force-study-fdd www.secnews.physaphae.fr/article.php?IdArticle=8470069 False None None 2.0000000000000000 SecurityWeek - Security News La Maison Blanche nomme le premier secrétaire adjoint à la Défense pour la cyber politique White House Nominates First Assistant Secretary of Defense for Cyber Policy Michael Sulmeyer a été nominé par la Maison Blanche en tant que premier secrétaire adjoint à la défense pour la cyber politique au Pentagone.

>Michael Sulmeyer has been nominated by the White House as the first assistant secretary of defense for cyber policy at the Pentagon. ]]> 2024-03-25T10:00:00+00:00 https://www.securityweek.com/white-house-nominates-first-assistant-secretary-of-defense-for-cyber-policy/ www.secnews.physaphae.fr/article.php?IdArticle=8470097 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Bustage de la police Gang de fraude de vacances de plusieurs millions de dollars Police Bust Multimillion-Dollar Holiday Fraud Gang Law enforcers have arrested nine suspected members of a prolific cyber-fraud gang]]> 2024-03-25T10:00:00+00:00 https://www.infosecurity-magazine.com/news/police-bust-holiday-fraud-gang/ www.secnews.physaphae.fr/article.php?IdArticle=8470066 False Legislation None 2.0000000000000000 Global Security Mag - Site de news francais Logrhythme s'associe aux communications DataProof LogRhythm Partners with Dataproof Communications nouvelles commerciales

LogRhythm Partners with Dataproof Communications to Deliver End-to-End Cyber Resilience in Africa The partnership enables Dataproof to provide affordable and efficient cybersecurity to rapidly develop digital economies across Africa - Business News]]> 2024-03-25T09:49:25+00:00 https://www.globalsecuritymag.fr/logrhythm-partners-with-dataproof-communications.html www.secnews.physaphae.fr/article.php?IdArticle=8470074 False None None 3.0000000000000000 Global Security Mag - Site de news francais Ferhat Kaddour, Atempo : Les backups sont désormais des éléments actifs de vos politiques cyber Interviews / INCYBER 2024]]> 2024-03-25T09:38:38+00:00 https://www.globalsecuritymag.fr/ferhat-kaddour-atempo-les-backups-sont-desormais-des-elements-actifs-de-vos.html www.secnews.physaphae.fr/article.php?IdArticle=8470075 False Cloud None 2.0000000000000000 Sekoia - Cyber Firms Tycoon 2FA: Une analyse approfondie de la dernière version du kit de phishing AITM Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit Tycoon 2FA est devenu l'un des kits de phishing AITM les plus répandus au cours des derniers mois. la publication Suivante Tycoon 2FA: une analyse approfondie de la dernière version du kit de phishing AITM est un article de SEKOIA.IO BLOG .

>Tycoon 2FA has become one of the most widespread AiTM phishing kits over the last few months. La publication suivante Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit est un article de Sekoia.io Blog.]]> 2024-03-25T09:30:00+00:00 https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/ www.secnews.physaphae.fr/article.php?IdArticle=8470063 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le groupe russe confortable ours cible les politiciens allemands Russian Cozy Bear Group Targets German Politicians Mandiant observes what it claims is the first ever APT29 campaign aimed at political parties]]> 2024-03-25T09:30:00+00:00 https://www.infosecurity-magazine.com/news/russian-cozy-bear-group-targets/ www.secnews.physaphae.fr/article.php?IdArticle=8470067 False None APT 29 3.0000000000000000 Silicon - Site de News Francais Souveraineté numérique : la longue marche de la Chine 2024-03-25T09:24:51+00:00 https://www.silicon.fr/souverainete-numerique-longue-marche-chine-477087.html www.secnews.physaphae.fr/article.php?IdArticle=8470068 False None None 2.0000000000000000 Korben - Bloger francais Un VPN est il toujours indispensable ? Suite]]> 2024-03-25T09:00:00+00:00 https://korben.info/un-vpn-est-il-toujours-indispensable.html www.secnews.physaphae.fr/article.php?IdArticle=8470126 False None None 3.0000000000000000 Global Security Mag - Site de news francais Vertiv lance Vertiv™ Modular Designer Lite Produits]]> 2024-03-25T08:22:07+00:00 https://www.globalsecuritymag.fr/vertiv-lance-vertiv-tm-modular-designer-lite.html www.secnews.physaphae.fr/article.php?IdArticle=8470042 False None None 2.0000000000000000 Global Security Mag - Site de news francais TD SYNNEX lance CITADEL Produits]]> 2024-03-25T08:19:08+00:00 https://www.globalsecuritymag.fr/td-synnex-lance-citadel.html www.secnews.physaphae.fr/article.php?IdArticle=8470043 False Tool None 2.0000000000000000 Global Security Mag - Site de news francais Airbus & uuml; berntickt infodas Airbus übernimmt INFODAS affaires

Airbus übernimmt INFODAS und stärkt Cybersicherheits-Portfolio - Business]]> 2024-03-25T08:05:49+00:00 https://www.globalsecuritymag.fr/airbus-ubernimmt-infodas.html www.secnews.physaphae.fr/article.php?IdArticle=8470016 True None None 1.00000000000000000000 Global Security Mag - Site de news francais Airbus pour acquérir des infodas Airbus to acquire INFODAS nouvelles commerciales

Airbus to acquire INFODAS and strengthen its cybersecurity portfolio - Business News]]> 2024-03-25T08:04:26+00:00 https://www.globalsecuritymag.fr/airbus-to-acquire-infodas.html www.secnews.physaphae.fr/article.php?IdArticle=8470017 False None None 2.0000000000000000 Korben - Bloger francais Reor – L\'appli magique de prise de notes boostée à l\'IA locale et gratuite 2024-03-25T08:00:00+00:00 https://korben.info/outil-prise-notes-intelligence-artificielle-reor-project.html www.secnews.physaphae.fr/article.php?IdArticle=8470040 False None None 3.0000000000000000 Global Security Mag - Site de news francais L'impact de l'informatique quantique sur l'avenir de la cybersécurité The Impact of Quantum Computing on the Future of Cyber Security Entretiens

The Impact of Quantum Computing on the Future of Cyber Security Interview with CEO, Feras Tappuni - Interviews]]> 2024-03-25T07:56:32+00:00 https://www.globalsecuritymag.fr/the-impact-of-quantum-computing-on-the-future-of-cyber-security.html www.secnews.physaphae.fr/article.php?IdArticle=8470018 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Les nouveaux résultats de recherche sur l'IA de Google favorisent les sites poussant des logiciels malveillants, des escroqueries Google\\'s new AI search results promotes sites pushing malware, scams Google\'s new AI-powered \'Search Generative Experience\' algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams. [...]]]> 2024-03-25T07:32:16+00:00 https://www.bleepingcomputer.com/news/google/googles-new-ai-search-results-promotes-sites-pushing-malware-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8470225 False Spam,Malware,Mobile None 2.0000000000000000 ComputerWeekly - Computer Magazine La démocratie de la Grande-Bretagne sous la menace des cyberattaquants chinois, avertit le gouvernement Britain\\'s democracy under threat from Chinese cyber attackers, government warns 2024-03-25T06:58:00+00:00 https://www.computerweekly.com/news/366575214/Britains-democracy-under-threat-from-Chinese-cyber-attackers-government-warns www.secnews.physaphae.fr/article.php?IdArticle=8470096 False Threat None 3.0000000000000000 ProofPoint - Cyber Firms DNS pendante: nettoyage de printemps pour protéger contre le risque d'identification Dangling DNS: Spring Cleaning to Protect Against Impersonation Risk 2024-03-25T06:00:56+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/dangling-dns-mitigating-impersonation-risk www.secnews.physaphae.fr/article.php?IdArticle=8470148 False Malware,Threat,Cloud None 3.0000000000000000 The State of Security - Magazine Américain Les services de cybersécurité gérés sécurissent des environnements modernes Managed Cybersecurity Services Secure Modern Environments In an era characterized by relentless digital transformation and interconnectedness, cybersecurity has evolved into a complex and dynamic battleground. Businesses, governments, and individuals find themselves locked in a perpetual struggle against a relentless flood of evolving threats. From sophisticated cybercriminal syndicates to state-sponsored hackers and opportunistic threat actors, our adversaries are as diverse as they are determined. As technology advances and society increasingly relies on digital infrastructure, the attack surface expands, providing bad actors with many entry points...]]> 2024-03-25T03:55:55+00:00 https://www.tripwire.com/state-of-security/managed-cybersecurity-services-secure-modern-environments www.secnews.physaphae.fr/article.php?IdArticle=8470041 False Threat None 2.0000000000000000 CybeReason - Vendor blog L'évolution de la cyberisoire pour perturber au-delà du marché Siem et XDR Cybereason\\'s evolution to disrupt beyond SIEM and XDR market cyberison sdr

Aujourd'hui, les entreprises accélèrent pour investir dans la numérisation pour rester en avance sur la concurrence.Ils rencontrent de plus en plus un paysage en évolution des menaces et des défis de sécurité complexes - avec plus de charges de travail dans des nuages multiples, plus de main-d'œuvre dans des environnements hybrides et des appareils plus intelligents liés dans les opérations critiques de la mission.Ce parcours de transformation est exacerbé par une augmentation exponentielle des ressources de calcul, des volumes de données et des outils de sécurité, ce qui fait augmenter le coût du stockage, de la gestion et de l'analyse des données à des fins de sécurité.

Today enterprises are accelerating to invest into digitalization to stay ahead of competition. They are increasingly encountering an evolving threat landscape and complex security challenges - with more workloads in multi clouds, more workforces in hybrid environments, and more intelligent devices connected in mission critical operations. This transformation journey is exacerbated by exponential increase in compute resources, data volumes and security tooling, driving up the cost of storing, managing and analyzing the data for security purposes.]]> 2024-03-25T03:28:07+00:00 https://www.cybereason.com/blog/cybereasons-evolution-to-disrupt-beyond-siem-and-xdr-market www.secnews.physaphae.fr/article.php?IdArticle=8469949 False Threat None 2.0000000000000000 The State of Security - Magazine Américain La cyber-menace imminente dans l'immobilier The Looming Cyber Threat in Real Estate In our interconnected world, the real estate industry has embraced technology to revolutionize its operations, enhance customer experiences, and streamline business processes. Yet, while this technological evolution has brought immense benefits to the property sector, it has also attracted the attention of nefarious actors keen on exploiting vulnerabilities. With high-value transactions occurring daily, the real estate sector has become a compelling target for attackers hoping to cash in on these opportunities. In addition, the pandemic fueled an almost overnight transition to remote work and...]]> 2024-03-25T02:32:03+00:00 https://www.tripwire.com/state-of-security/looming-cyber-threat-real-estate www.secnews.physaphae.fr/article.php?IdArticle=8470015 False Vulnerability,Threat None 2.0000000000000000 The Register - Site journalistique Anglais Microsoft confirme la fuite de mémoire en mars à la mise à jour de la sécurité Windows Server Microsoft confirms memory leak in March Windows Server security update ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Infosec in brief If your Windows domain controllers have been crashing since a security update was installed earlier this month, there\'s no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue.…]]> 2024-03-25T01:15:21+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/microsoft_confirms_memory_leak_in/ www.secnews.physaphae.fr/article.php?IdArticle=8469882 False Malware,Hack None 3.0000000000000000 Resecurity - cyber risk firms Les cybercriminels transforment Raspberry Pi en un outil de fraude et d'anonymisation: Geobox Discovery Cybercriminals Transform Raspberry Pi into a Tool for Fraud and Anonymization: GEOBOX Discovery 2024-03-25T00:00:00+00:00 https://www.resecurity.com/blog/article/cybercriminals-transform-raspberry-pi-into-a-tool-for-fraud-and-anonymization-geobox-discovery www.secnews.physaphae.fr/article.php?IdArticle=8470407 False Tool None 4.0000000000000000 Zataz - Magazine Francais de secu Nouvelle fuite de données pour Twitter\X et TikTok 2024-03-24T23:28:27+00:00 https://www.zataz.com/nouvelle-fuite-de-donnees-pour-twitterx-et-tiktok/ www.secnews.physaphae.fr/article.php?IdArticle=8469836 False None None 2.0000000000000000 Zataz - Magazine Francais de secu Piratage de France Travail : Voici comment les pirates ont pu opèrer ! 2024-03-24T23:17:11+00:00 https://www.zataz.com/piratage-de-france-travail-voici-comment-les-pirates-ont-pu-operer/ www.secnews.physaphae.fr/article.php?IdArticle=8469837 False None None 4.0000000000000000 Zataz - Magazine Francais de secu Les comptes X de BFMTv, RMC, Etc., piratés. 2024-03-24T22:40:33+00:00 https://www.zataz.com/les-comptes-x-de-bfmtv-rmc-etc-pirates/ www.secnews.physaphae.fr/article.php?IdArticle=8469812 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Un pirate inconnu affirme vendre la base de données de la FFF 2024-03-24T22:29:15+00:00 https://www.zataz.com/un-pirate-inconnu-affirme-vendre-la-base-de-donnees-de-la-fff/ www.secnews.physaphae.fr/article.php?IdArticle=8469813 False None None 3.0000000000000000 The Register - Site journalistique Anglais Quelque 300 000 IPS vulnérables à cette boucle DOS Attaque Some 300,000 IPs vulnerable to this Loop DoS attack 2024-03-24T18:37:11+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/24/loop_ip_vulnerable/ www.secnews.physaphae.fr/article.php?IdArticle=8469723 False Threat None 2.0000000000000000