www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-03-29T05:38:35+00:00 www.secnews.physaphae.fr Recorded Future - FLux Recorded Future L'administration Biden prend des mesures pour enquêter et potentiellement bloquer la technologie de voiture de fabrication de la Chine<br>Biden administration takes steps to investigate and potentially block China-made car tech Le président Joe Biden a ordonné jeudi au département du commerce de commencer immédiatement à enquêter si les voitures et les technologies automobiles importées de Chine menacent la sécurité nationale et envisagent de les restreindre.Appeler des voitures connectées «téléphones intelligents sur roues», L'annonce de la Maison Blanche a averti queLes voitures d'aujourd'hui sont généralement «connectées à nos téléphones, aux systèmes de navigation, aux infrastructures critiques,
President Joe Biden on Thursday directed the Commerce Department to immediately begin investigating whether cars and car technologies imported from China threaten national security and consider restricting them. Calling connected cars “smart phones on wheels,” the White House announcement warned that cars today are typically “connected to our phones, to navigation systems, to critical infrastructure,]]>
2024-02-29T16:25:42+00:00 https://therecord.media/biden-investigating-potentially-blocking-china-made-car-tech www.secnews.physaphae.fr/article.php?IdArticle=8457067 False None None 2.0000000000000000
Zataz - Magazine Francais de secu L\'acteur iranien présumé UNC1549 cible les secteurs de l\'aérospatiale et de la défense d\'Israël et du Moyen-Orient Activité d\'espionnage suspectée d\'être liée à l\'Iran. Elle viseraut les secteurs de l\'aérospatiale, de l\'aviation et de la défense dans les pays du Moyen-Orient, notamment Israël et les Émirats Arabes Unis, et potentiellement la Turquie, l\'Inde et l\'Albanie....]]> 2024-02-29T16:14:14+00:00 https://www.zataz.com/lacteur-iranien-presume-unc1549-cible-les-secteurs-de-laerospatiale-et-de-la-defense-disrael-et-du-moyen-orient/ www.secnews.physaphae.fr/article.php?IdArticle=8457057 False None None 2.0000000000000000 SecurityWeek - Security News Le si acidule allemand Thyssenkrupp confirme l'attaque des ransomwares<br>German Steelmaker Thyssenkrupp Confirms Ransomware Attack Le conglomérat allemand de l'acier Thyssenkrupp confirme que l'une de ses unités automobiles a été perturbée par une attaque de ransomware.
>German steelmaking conglomerate Thyssenkrupp confirms one of its automotive units was disrupted by a ransomware attack. ]]>
2024-02-29T16:07:48+00:00 https://www.securityweek.com/german-steelmaker-thyssenkrupp-confirms-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8457090 False Ransomware None 3.0000000000000000
HackRead - Chercher Cyber Explorer les différences entre les procurations résidentielles et les VPN: qui vous convient?<br>Exploring the Differences Between Residential Proxies and VPNs: Which is Right for You? Par uzair amir VPN ou proxys résidentiels: quel est le meilleur?Soit \\ explorer sans plonger dans les détails techniques. Ceci est un article de HackRead.com Lire le post original: Explorer les différences entre les procurations résidentielles et les VPN: qui vous convient?
>By Uzair Amir VPN or Residential Proxies: Which is best? Let\'s explore without diving into technical details. This is a post from HackRead.com Read the original post: Exploring the Differences Between Residential Proxies and VPNs: Which is Right for You?]]>
2024-02-29T16:07:39+00:00 https://www.hackread.com/differences-between-residential-proxies-and-vpns/ www.secnews.physaphae.fr/article.php?IdArticle=8457028 False Technical None 3.0000000000000000
Techworm - News Epic Games nie les allégations d'être piratés<br>Epic Games Denies Claims Of Being Hacked Epic Games, the developer behind the hugely popular Fortnite game, has denied claims of allegedly being hacked by a new ransomware gang, Mogilevich. Mogilevich, a relatively new extortion group likely to have originated from Russia, on Tuesday posted on a darknet site that it had quietly carried out an attack on Epic Games\' servers. As a result of the hack, they are currently in possession of 189GB of Epic Games\' data, including emails, passwords, full name, payment information, source code and many other data. However, it is unclear if this contains information about Epic Games employees, customers, or both. The post also says that the above data is now available for sale with a deadline of March 4, 2024. The group has added a link that says, “An employee of the company or someone who would like to buy the data, click on me,” which takes the group\'s contact page to a secured email. “There is zero evidence right now that the ransomware claims from Mogilevich are legitimate. Mogilevich has not contacted Epic or provided any pro]]> 2024-02-29T16:04:45+00:00 https://www.techworm.net/2024/02/epic-games-denies-claims-of-being-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=8457018 False Ransomware,Hack None 2.0000000000000000 Fortinet - Fabricant Materiel Securite Comment le gouvernement fédéral peut aider les écoles et les bibliothèques à prévenir les cyberattaques<br>How the Federal Government Can Help Schools and Libraries Prevent Cyberattacks FCC launches E-Rate cybersecurity pilot program that will allow K-12 schools and libraries to purchase cybersecurity and advanced firewall protection. Learn more.]]> 2024-02-29T16:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/how-government-can-help-schools-and-libraries-prevent-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8457059 False None None 2.0000000000000000 SonarSource - Blog Sécu et Codage Vulnérabilités OpenNM<br>OpenNMS Vulnerabilities: Securing Code against Attackers\\' Unexpected Ways Learn which unexpected ways attackers may take to exploit code vulnerabilities and how to secure against them.]]> 2024-02-29T16:00:00+00:00 https://www.sonarsource.com/blog/opennms-vulnerabilities-securing-code-against-attackers-unexpected-ways www.secnews.physaphae.fr/article.php?IdArticle=8457033 False Vulnerability,Threat None 2.0000000000000000 Data Security Breach - Site de news Francais L\'association InterCERT France alerte les entreprises et les organisations sur l\'enjeu sécuritaire lié à leur dépendance aux solutions Microsoft 2024-02-29T15:58:39+00:00 https://www.datasecuritybreach.fr/intercert-france/ www.secnews.physaphae.fr/article.php?IdArticle=8457026 False Studies None 5.0000000000000000 Dark Reading - Informationweek Branch Plateforme AI face étreinte criblée de 100 modèles de code de code malveillant<br>Hugging Face AI Platform Riddled With 100 Malicious Code-Execution Models The finding underscores the growing risk of weaponizing publicly available AI models and the need for better security to combat the looming threat.]]> 2024-02-29T15:58:35+00:00 https://www.darkreading.com/application-security/hugging-face-ai-platform-100-malicious-code-execution-models www.secnews.physaphae.fr/article.php?IdArticle=8457064 False Threat None 2.0000000000000000 Data Security Breach - Site de news Francais Protection des mineurs sur internet quelles sont les failles du Digital Services Act ? 2024-02-29T15:51:27+00:00 https://www.datasecuritybreach.fr/digital-services-act-reglementation-europeenne/ www.secnews.physaphae.fr/article.php?IdArticle=8457027 False Legislation None 2.0000000000000000 Recorded Future - FLux Recorded Future Le cabinet d'avocats rapporte une violation des données affectant plus de 325 000 personnes<br>Law firm reports data breach affecting more than 325,000 people Houser LLP, un cabinet d'avocats américain spécialisé dans le service des institutions financières de haut niveau, a déclaré qu'une violation du système découverte en mai 2023 a révélé les données personnelles - incluant éventuellement des informations sensibles telles que les numéros de carte de crédit - de plus de 325 000 personnes.Dans un dossier de réglementation Publié mercredi par MaineLe procureur général de \\, la société a déclaré certain
Houser LLP, a U.S. law firm that specializes in serving high-profile financial institutions, said a system breach discovered in May 2023 exposed the personal data - possibly including sensitive information such as credit card numbers - of more than 325,000 people. In a regulatory filing posted Wednesday by Maine\'s attorney general, the company said certain]]>
2024-02-29T15:48:53+00:00 https://therecord.media/houser-law-firm-reports-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8457092 False Data Breach None 3.0000000000000000
Bleeping Computer - Magazine Américain Brave Browser lance l'assistant AI axé sur la confidentialité sur Android<br>Brave browser launches privacy-focused AI assistant on Android Brave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called "Leo" is rolling out on the Android version of its browser through the latest release, version 1.63. [...]]]> 2024-02-29T15:42:01+00:00 https://www.bleepingcomputer.com/news/security/brave-browser-launches-privacy-focused-ai-assistant-on-android/ www.secnews.physaphae.fr/article.php?IdArticle=8457158 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA met en garde contre l'utilisation des passerelles VPN Ivanti piratées même après la réinitialisation de l'usine<br>CISA cautions against using hacked Ivanti VPN gateways even after factory resets The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. [...]]]> 2024-02-29T15:35:08+00:00 https://www.bleepingcomputer.com/news/security/cisa-cautions-against-using-hacked-ivanti-vpn-gateways-even-after-factory-resets/ www.secnews.physaphae.fr/article.php?IdArticle=8457254 False Hack,Vulnerability None 3.0000000000000000 HackRead - Chercher Cyber Seahorse avisé en utilisant un faux chatppt, des publicités Facebook dans l'escroquerie d'investissement DNS<br>Savvy Seahorse Using Fake ChatGPT, Facebook Ads in DNS Investment Scam Par deeba ahmed Les escrocs créent de fausses plates-formes d'investissement en utilisant des sociétés populaires comme Tesla, Meta et Imperial Oil et attire les utilisateurs sans méfiance à déposer des fonds. Ceci est un article de HackRead.com Lire le post original: Seahorse avisé en utilisant un faux chatppt, des publicités Facebook dans DNS Investment Scam
>By Deeba Ahmed The scammers creates fake investment platforms using popular companies like Tesla, Meta, and Imperial Oil and lures unsuspecting users into depositing funds. This is a post from HackRead.com Read the original post: Savvy Seahorse Using Fake ChatGPT, Facebook Ads in DNS Investment Scam]]>
2024-02-29T15:33:35+00:00 https://www.hackread.com/savvy-seahorse-fake-chatgpt-facebook-ads-dns-scam/ www.secnews.physaphae.fr/article.php?IdArticle=8457029 False None ChatGPT 2.0000000000000000
Global Security Mag - Site de news francais Veeam® Software annonce Veeam Data Cloud Produits]]> 2024-02-29T15:31:42+00:00 https://www.globalsecuritymag.fr/veeam-r-software-annonce-veeam-data-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8457036 False Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future Chad souffre de perturbations sur Internet et les télécommunications au milieu des affrontements politiques mortels<br>Chad suffers internet and telecom disruptions amid deadly political clashes La connectivité Internet et les télécommunications au Tchad ont été perturbées à la suite d'une attaque mortelle contre l'agence de sécurité intérieure du pays.Depuis mercredi, le trafic Internet dans le pays a été abandonné à 20% de ses niveaux normaux, selon l'organisation de surveillance Internet Netblocks.Les fournisseurs de services Internet probablement affectés par la panne incluent sudachad et société-digital, selon l'Ioda, une autre
Internet connectivity and telecommunications in Chad were disrupted following a deadly attack on the country\'s internal security agency. Since Wednesday, internet traffic in the country dropped to 20% of its normal levels, according to the internet monitoring organization NetBlocks. Internet service providers likely affected by the outage include SudaChad and Societe-Digital, according to IODA, another]]>
2024-02-29T15:21:35+00:00 https://therecord.media/chad-internet-access-disrupted-amid-deadly-political-clashes www.secnews.physaphae.fr/article.php?IdArticle=8457034 False None None 2.0000000000000000
Global Security Mag - Site de news francais Keeper Security rejoint le réseau partenaire AWS<br>Keeper Security Joins the AWS Partner Network nouvelles commerciales
Keeper Security Joins the AWS Partner Network Keeper® provides a unified zero-trust and zero-knowledge cybersecurity platform to defend against ransomware and other cyberattacks. - Business News]]>
2024-02-29T15:13:23+00:00 https://www.globalsecuritymag.fr/keeper-security-joins-the-aws-partner-network.html www.secnews.physaphae.fr/article.php?IdArticle=8457037 False Ransomware None 2.0000000000000000
Global Security Mag - Site de news francais Les chercheurs de Semperis découvrent une nouvelle variante malveillante de la technique d'attaque utilisée dans la violation de Solarwinds 2020<br>Semperis Researchers Discover a New Malicious Variant of the Attack Technique used in the 2020 SolarWinds Breach mise à jour malveillant
Semperis Researchers Discover a New Malicious Variant of the Attack Technique used in the 2020 SolarWinds Breach Newly discovered Silver SAML vulnerability can be exploited even if organisations have followed the security recommendations meant to defend against Golden SAML - Malware Update]]>
2024-02-29T15:11:23+00:00 https://www.globalsecuritymag.fr/semperis-researchers-discover-a-new-malicious-variant-of-the-attack-technique.html www.secnews.physaphae.fr/article.php?IdArticle=8457038 False Vulnerability None 4.0000000000000000
Dark Reading - Informationweek Branch MTTR: La métrique de sécurité la plus importante<br>MTTR: The Most Important Security Metric Measuring and tracking your mean time to remediate shows whether vulnerability management is reducing risk and closing opportunities for adversaries.]]> 2024-02-29T15:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/mttr-most-important-security-metric www.secnews.physaphae.fr/article.php?IdArticle=8457001 False Vulnerability None 3.0000000000000000 Silicon - Site de News Francais Cybersécurité open source : Filigran lève 15 millions € 2024-02-29T14:59:23+00:00 https://www.silicon.fr/cybersecurite-open-source-filigran-leve-15-millions-e-476376.html www.secnews.physaphae.fr/article.php?IdArticle=8457003 False Threat None 2.0000000000000000 Silicon - Site de News Francais Digital Networks Act : quelques chiffres pour contextualiser cette initiative 2024-02-29T14:54:03+00:00 https://www.silicon.fr/digital-networks-act-chiffres-contextualiser-initiative-476365.html www.secnews.physaphae.fr/article.php?IdArticle=8457004 False Legislation None 3.0000000000000000 SecurityWeek - Security News Le géant de la vente au détail de rabais Pepco perd & euro; 15 millions de cybercriminels<br>Discount Retail Giant Pepco Loses €15 Million to Cybercriminals Le détaillant de réduction européen Pepco a perdu et euro; 15,5 millions à la suite de ce qu'il a décrit comme une attaque de phishing.
>European discount retailer Pepco has lost €15.5 million as a result of what it described as a phishing attack. ]]>
2024-02-29T14:47:40+00:00 https://www.securityweek.com/discount-retail-giant-pepco-loses-e15-million-to-cybercriminals/ www.secnews.physaphae.fr/article.php?IdArticle=8457035 False None None 2.0000000000000000
Dark Reading - Informationweek Branch Ransomware-as-a-Service Spawns Wave of Cyberattaques au Moyen-Orient & amp;Afrique<br>Ransomware-as-a-Service Spawns Wave of Cyberattacks in Middle East & Africa Experts advise organizations in the region to refuse to pay ransom demands.]]> 2024-02-29T14:24:35+00:00 https://www.darkreading.com/cyberattacks-data-breaches/ransomware-as-a-service-spawns-widespread-cyberattacks-in-mea www.secnews.physaphae.fr/article.php?IdArticle=8457002 False None None 2.0000000000000000 Silicon - Site de News Francais L\'utilisation de logiciels en open-source comporte-t-elle plus de risques que d\'avantages ? 2024-02-29T14:08:39+00:00 https://www.silicon.fr/avis-expert/lutilisation-de-logiciels-en-open-source-comporte-t-elle-plus-de-risques-que-davantages www.secnews.physaphae.fr/article.php?IdArticle=8457005 False None None 3.0000000000000000 ZoneAlarm - Security Firm Blog Le FBI et la CISA alerte les hôpitaux américains sur les attaques ciblées de BlackCat Ransomware<br>FBI and CISA Alert US Hospitals to Targeted Attacks by BlackCat Ransomware Au cours des derniers mois, le secteur américain de la santé a été assiégé par une série d'attaques sophistiquées des ransomwares, les hôpitaux à l'échelle nationale confrontés à des perturbations opérationnelles importantes et au compromis des données sensibles des patients.Le coupable derrière cette augmentation des cyber-menaces est le groupe BlackCat Ransomware, également connu sous le nom d'ALPHV, qui a tiré parti des tactiques avancées & # 8230;
>In recent months, the US healthcare sector has been under siege by a series of sophisticated ransomware attacks, with hospitals nationwide facing significant operational disruptions and the compromise of sensitive patient data. The culprit behind this surge in cyber threats is the BlackCat ransomware group, also known as ALPHV, which has been leveraging advanced tactics … ]]>
2024-02-29T14:06:18+00:00 https://blog.zonealarm.com/2024/02/fbi-and-cisa-alert-us-hospitals-to-targeted-attacks-by-blackcat-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8456973 False Ransomware,Medical None 3.0000000000000000
InfoSecurity Mag - InfoSecurity Magazine Les revenus du marché du marché sombre rebondissent mais les fragments du secteur<br>Dark Web Market Revenues Rebound but Sector Fragments Chainalysis study of crypto flows reveals darknet markets made $1.7bn in 2023]]> 2024-02-29T14:00:00+00:00 https://www.infosecurity-magazine.com/news/dark-web-market-revenues-rebound/ www.secnews.physaphae.fr/article.php?IdArticle=8456978 False Studies None 3.0000000000000000 SonarSource - Blog Sécu et Codage La Maison Blanche souligne le besoin de pratiques de codage proactives pour contrer les cyberattaques<br>White House emphasizes need for proactive coding practices to counter cyber attacks The ONCD recent report puts a spotlight on one of the most foundational issues that result in insecure software. Sonar applauds the administration\'s call for addressing software vulnerabilities at the programming language and source code levels.]]> 2024-02-29T14:00:00+00:00 https://www.sonarsource.com/blog/white-house-emphasizes-need-for-proactive-coding-practices-to-counter-cyber-attacks www.secnews.physaphae.fr/article.php?IdArticle=8456974 False Vulnerability None 2.0000000000000000 Bleeping Computer - Magazine Américain GitHub permet à Push Protection par défaut d'arrêter la fuite des secrets<br>GitHub enables push protection by default to stop secrets leak GitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code. [...]]]> 2024-02-29T13:57:35+00:00 https://www.bleepingcomputer.com/news/security/github-enables-push-protection-by-default-to-stop-secrets-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8457114 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle porte dérobée ciblant les responsables européens liés aux événements diplomatiques indiens<br>New Backdoor Targeting European Officials Linked to Indian Diplomatic Events A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PDF file in emails that purported to come from the Ambassador of India, inviting diplomatic staff to a wine-tasting]]> 2024-02-29T13:49:00+00:00 https://thehackernews.com/2024/02/new-backdoor-targeting-european.html www.secnews.physaphae.fr/article.php?IdArticle=8456853 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lazarus exploite les fautes de frappe pour faufiler les logiciels malveillants PYPI dans les systèmes de développement<br>Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems The notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and swapmempool. They have been collectively downloaded 3,269 times, with pycryptoconf accounting for the most]]> 2024-02-29T13:47:00+00:00 https://thehackernews.com/2024/02/lazarus-exploits-typos-to-sneak-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8456854 False Malware APT 38 4.0000000000000000 SecurityWeek - Security News Vulnérabilité des méta-patchs Facebook Takeover<br>Meta Patches Facebook Account Takeover Vulnerability Meta a corrigé une vulnérabilité critique qui aurait pu être exploitée pour reprendre n'importe quel compte Facebook via une attaque par force brute.
>Meta has patched a critical vulnerability that could have been exploited to take over any Facebook account via a brute-force attack. ]]>
2024-02-29T13:41:57+00:00 https://www.securityweek.com/meta-patches-facebook-account-takeover-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8457006 False Vulnerability None 3.0000000000000000
Dark Reading - Informationweek Branch Rencontrer \\ 'xhelper, \\' l'application Android tout-en-un pour le blanchiment d'argent mondial<br>Meet \\'XHelper,\\' the All-in-One Android App for Global Money Laundering User-friendly apps allow anybody to serve as traffickers for cybercrime syndicates.]]> 2024-02-29T13:30:00+00:00 https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering www.secnews.physaphae.fr/article.php?IdArticle=8456672 False Mobile None 3.0000000000000000 Recorded Future - FLux Recorded Future La police britannique admet que le remplacement de la fraude ne sera pas en vie d'ici avril comme prévu<br>UK police admit Action Fraud replacement will not be live by April as planned La police a confirmé le service de remplacement tant attendu pour la fraude à l'action, le Centre national de reporting national du Royaume-Uni pour la fraude et la cybercriminalité financière, ne sera pas en direct d'ici avril comme prévu précédemment.S'adressant mercredi au comité sélectif des affaires intérieures de la Chambre des communes (HASC), des responsables de la police de la ville de Londres - qui
Police have confirmed the long-awaited replacement service for Action Fraud, the United Kingdom\'s much maligned national reporting center for fraud and financially motivated cybercrime, will not be live by April as previously planned. Speaking to the House of Commons Home Affairs Select Committee (HASC) on Wednesday, officials from the City of London Police - which]]>
2024-02-29T13:13:44+00:00 https://therecord.media/action-fraud-replacement-delays-uk-police-scam-reporting www.secnews.physaphae.fr/article.php?IdArticle=8456976 False None None 3.0000000000000000
Global Security Mag - Site de news francais Cyberattaques : les dirigeants d\'entreprises en ligne de mire Malwares]]> 2024-02-29T13:13:42+00:00 https://www.globalsecuritymag.fr/cyberattaques-les-dirigeants-d-entreprises-en-ligne-de-mire.html www.secnews.physaphae.fr/article.php?IdArticle=8456979 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le gouvernement américain avertit les soins de santé est la plus grande cible pour les affiliés BlackCat<br>US Government Warns Healthcare is Biggest Target for BlackCat Affiliates The US government advisory warns healthcare organizations are being targeted by BlackCat amid an ongoing cyber-incident affecting Change Healthcare]]> 2024-02-29T13:00:00+00:00 https://www.infosecurity-magazine.com/news/healthcare-biggest-target-blackcat/ www.secnews.physaphae.fr/article.php?IdArticle=8456954 False Threat,Medical None 2.0000000000000000 Global Security Mag - Site de news francais L'étude Global CheckMarx trouve que les vulnérabilités dans les applications développées en interne étaient la cause des violations de 92% des entreprises interrogées<br>Global Checkmarx Study Finds Vulnerabilities in Applications Developed In-house Were the Cause of Breaches at 92% of Companies Surveyed rapports spéciaux
Global Checkmarx Study Finds Vulnerabilities in Applications Developed In-house Were the Cause of Breaches at 92% of Companies Surveyed Global study of CISOs, AppSec leaders and developers reveals that business pressures are a primary reason for the release of vulnerable applications - Special Reports]]>
2024-02-29T12:58:04+00:00 https://www.globalsecuritymag.fr/global-checkmarx-study-finds-vulnerabilities-in-applications-developed-in-house.html www.secnews.physaphae.fr/article.php?IdArticle=8456980 False Vulnerability,Studies None 4.0000000000000000
Schneier on Security - Chercheur Cryptologue Américain Comment la «frontière» est devenue le slogan de l'IA incontrôlé<br>How the “Frontier” Became the Slogan of Uncontrolled AI Artificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration will drive the next era of growth, wealth, and human flourishing. It’s a scary metaphor. Throughout American history, the drive for expansion and the very concept of terrain up for grabs—land grabs, gold rushes, new frontiers—have provided a permission structure for imperialism and exploitation. This could easily hold true for AI. This isn’t the first time the concept of a frontier has been used as a metaphor for AI, or technology in general. As early as 2018, the powerful foundation models powering cutting-edge applications like chatbots ...]]> 2024-02-29T12:00:19+00:00 https://www.schneier.com/blog/archives/2024/02/how-the-frontier-became-the-slogan-of-uncontrolled-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8456925 False General Information None 3.0000000000000000 SecurityWeek - Security News Blackcat Ransomware Gang affirme une attaque sur les soins de santé du changement<br>BlackCat Ransomware Gang Claims Attack on Change Healthcare Le gang de ransomware Alphv / BlackCat affirme que 6 téraoctets de données ont été volés à la société de technologies de santé Change Healthcare.
>The Alphv/BlackCat ransomware gang says 6 terabytes of data were stolen from healthcare technology firm Change Healthcare. ]]>
2024-02-29T11:57:53+00:00 https://www.securityweek.com/blackcat-ransomware-gang-claims-attack-on-change-healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8456953 False Ransomware,Medical None 2.0000000000000000
Global Security Mag - Site de news francais Assurance cyber : Stoïk publie son premier bilan annuel des sinistres de ses assurés Investigations]]> 2024-02-29T11:56:55+00:00 https://www.globalsecuritymag.fr/assurance-cyber-stoik-publie-son-premier-bilan-annuel-des-sinistres-de-ses.html www.secnews.physaphae.fr/article.php?IdArticle=8456932 False Studies None 4.0000000000000000 Silicon - Site de News Francais Quel est le véritable coût d\'un ERP ? 2024-02-29T11:43:39+00:00 https://www.silicon.fr/avis-expert/quel-est-le-veritable-cout-dun-erp www.secnews.physaphae.fr/article.php?IdArticle=8456952 False None None 1.00000000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les logiciels malveillants du timbrestealer ciblent les victimes mexicaines avec des leurres d'impôt<br>TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures The maker of the Mispadu Trojan started distributing a new infostealer with financial lures to Mexican users, Cisco Talos found]]> 2024-02-29T11:30:00+00:00 https://www.infosecurity-magazine.com/news/timbrestealer-malware-targets/ www.secnews.physaphae.fr/article.php?IdArticle=8456931 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers chinois exploitant des défauts VPN Ivanti pour déployer de nouveaux logiciels malveillants<br>Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, and PITHOOK, as well as attempted to maintain]]> 2024-02-29T11:19:00+00:00 https://thehackernews.com/2024/02/chinese-hackers-exploiting-ivanti-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8456812 False Malware None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Gouvernance de l'IA et préservation de la vie privée<br>AI governance and preserving privacy Cisco’s 2023 consumer privacy survey, a study of over 2600 consumers in 12 countries globally, indicates consumer awareness of data privacy rights is continuing to grow with the younger generations (age groups under 45) exercising their Data Subject Access rights and switching providers over their privacy practices and policies.  Consumers support AI use but are also concerned. With those supporting AI for use: 48% believe AI can be useful in improving their lives  54% are willing to share anonymized personal data to improve AI products AI is an area that has some work to do to earn trust 60% of respondents believe the use of AI by organizations has already eroded trust in them 62% reported concerns about the business use of AI 72% of respondents indicated that having products and solutions aud]]> 2024-02-29T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/ai-governance-and-preserving-privacy www.secnews.physaphae.fr/article.php?IdArticle=8456899 False Studies,Prediction,Cloud,Technical None 2.0000000000000000 Dark Reading - Informationweek Branch Échoes de solarwinds dans la nouvelle technique d'attaque \\ 'Silver Saml \\'<br>Echoes of SolarWinds in New \\'Silver SAML\\' Attack Technique A successor to the "Golden SAML" tactic used in the SolarWinds campaign, this new technique taps SAML response forgery to gain illegitimate access to apps and services.]]> 2024-02-29T11:00:00+00:00 https://www.darkreading.com/cyber-risk/researchers-release-details-on-new-silver-saml-attack-technique www.secnews.physaphae.fr/article.php?IdArticle=8456900 False None Solardwinds 3.0000000000000000 Bleeping Computer - Magazine Américain 20 millions de coupures.<br>20 million Cutout.Pro user records leaked on data breach forum AI service Cutout.Pro has suffered a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names. [...]]]> 2024-02-29T10:56:19+00:00 https://www.bleepingcomputer.com/news/security/20-million-cutoutpro-user-records-leaked-on-data-breach-forum/ www.secnews.physaphae.fr/article.php?IdArticle=8457031 False Data Breach None 2.0000000000000000 Silicon - Site de News Francais Dix questions avant de choisir de la GenAI " sur étagère " 2024-02-29T10:54:25+00:00 https://www.silicon.fr/dix-questions-avant-de-choisir-de-la-genai-sur-etagere-476031.html www.secnews.physaphae.fr/article.php?IdArticle=8456902 False None None 2.0000000000000000 Global Security Mag - Site de news francais Cyber-risques, identité et fiabilité : les défis de l\'IA Points de Vue]]> 2024-02-29T10:49:49+00:00 https://www.globalsecuritymag.fr/cyber-risques-identite-et-fiabilite-les-defis-de-l-ia.html www.secnews.physaphae.fr/article.php?IdArticle=8456904 False None None 2.0000000000000000 Global Security Mag - Site de news francais Keeper Security rejoint le réseau de partenaires AWS Business]]> 2024-02-29T10:44:41+00:00 https://www.globalsecuritymag.fr/keeper-security-rejoint-le-reseau-de-partenaires-aws.html www.secnews.physaphae.fr/article.php?IdArticle=8457161 False None None 2.0000000000000000 Silicon - Site de News Francais France Identité numérique lance un Bug Bounty public avec YesWeHack 2024-02-29T10:42:23+00:00 https://www.silicon.fr/france-identite-numerique-lance-un-bug-bounty-public-avec-yeswehack-476342.html www.secnews.physaphae.fr/article.php?IdArticle=8456903 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le président Biden bloque le transfert de masse des données personnelles dans les nations à haut risque<br>President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens\' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans\' sensitive data," the White House said in a statement. This includes sensitive information such as genomic data, biometric data,]]> 2024-02-29T10:33:00+00:00 https://thehackernews.com/2024/02/president-biden-blocks-mass-transfer-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456769 False Legislation None 4.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Blue Team Toolkit: 6 outils open source pour évaluer et améliorer les défenses des entreprises<br>Blue Team toolkit: 6 open-source tools to assess and enhance corporate defenses Here\'s how the blue team wards off red teamers and a few open-source tools it may leverage to identify chinks in the corporate armor]]> 2024-02-29T10:30:00+00:00 https://www.welivesecurity.com/en/business-security/blue-team-toolkit-6-open-source-tools-corporate-defenses/ www.secnews.physaphae.fr/article.php?IdArticle=8457394 False Tool None 3.0000000000000000 SecurityWeek - Security News Windows Zero-Day exploité par des pirates nord-coréens dans Rootkit Attack<br>Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack Le groupe nord-coréen Lazarus a exploité le conducteur Applocker Zero-Day CVE-2024-21338 pour l'escalade des privilèges dans les attaques impliquant Fudmodule Rootkit.
>North Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. ]]>
2024-02-29T10:28:36+00:00 https://www.securityweek.com/windows-zero-day-exploited-by-north-korean-hackers-in-rootkit-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8456926 False Vulnerability,Threat APT 38 3.0000000000000000
ComputerWeekly - Computer Magazine Okta double le cyber dans le sillage de violations de haut niveau<br>Okta doubles down on cyber in wake of high-profile breaches 2024-02-29T10:28:00+00:00 https://www.computerweekly.com/news/366571853/Okta-doubles-down-on-cyber-in-wake-of-high-profile-breaches www.secnews.physaphae.fr/article.php?IdArticle=8457030 False Threat None 4.0000000000000000 Global Security Mag - Site de news francais Benji Weber rejoint Mindgard en tant qu'ingénierie VP<br>Benji Weber joins Mindgard as VP Engineering nouvelles commerciales
AI security platform Mindgard scores major hire from unicorn Snyk Benji Weber joins Mindgard as VP Engineering from cybersecurity unicorn - Business News]]>
2024-02-29T10:00:00+00:00 https://www.globalsecuritymag.fr/benji-weber-joins-mindgard-as-vp-engineering.html www.secnews.physaphae.fr/article.php?IdArticle=8456906 False None None 1.00000000000000000000
CyberScoop - scoopnewsgroup.com special Cyber Commerce Dept. pour examiner la vie privée, les cyber-risques de l'équipement de véhicule connecté d'origine chinoise<br>Commerce Dept. to look at privacy, cyber risks from Chinese-sourced connected vehicle equipment L'enquête cherche à découvrir des problèmes de sécurité nationale avant que les véhicules connectés inondent le marché américain.
>The investigation looks to discover national security concerns before connected vehicles flood the U.S. market. ]]>
2024-02-29T10:00:00+00:00 https://cyberscoop.com/commerce-china-connected-vehicles/ www.secnews.physaphae.fr/article.php?IdArticle=8456878 False None None 2.0000000000000000
Global Security Mag - Site de news francais JFrog et Qwak créent des workflows MLOps sécurisés Produits]]> 2024-02-29T09:57:53+00:00 https://www.globalsecuritymag.fr/jfrog-et-qwak-creent-des-workflows-mlops-securises.html www.secnews.physaphae.fr/article.php?IdArticle=8456880 False None None 3.0000000000000000 Silicon - Site de News Francais GitHub, EKS, OpenTelemetry… Les regrets d\'un directeur infrastructure 2024-02-29T09:51:22+00:00 https://www.silicon.fr/github-eks-opentelemetry-regrets-directeur-infrastructure-476336.html www.secnews.physaphae.fr/article.php?IdArticle=8456876 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Biden interdit la vente de masse de données aux nations hostiles<br>Biden Bans Mass Sale of Data to Hostile Nations A new presidential executive order attempts to prevent the mass sales of personal data to countries like China and Russia]]> 2024-02-29T09:40:00+00:00 https://www.infosecurity-magazine.com/news/biden-bans-mass-sale-data-hostile-1/ www.secnews.physaphae.fr/article.php?IdArticle=8456877 False Legislation None 4.0000000000000000 The State of Security - Magazine Américain Le secteur des soins de santé a mis en garde contre les ransomwares Blackcat Alphv après une augmentation des attaques ciblées<br>Healthcare sector warned of ALPHV BlackCat ransomware after surge in targeted attacks What\'s happened? The US government warned healthcare organizations about the risk of being targeted by the ALPHV BlackCat ransomware after a surge in attacks. I thought ALPHV BlackCat had been taken down by the cops? Well remembered. Shortly before Christmas, the US Department of Justice (DOJ) announced that it had disrupted the gang\'s operations and seized decryption keys to help hundreds of victims unlock their files without paying a ransom. So what\'s gone wrong? I\'m afraid ALPHV BlackCat came back. In fact, within hours of the DOJ\'s announcement, the ransomware gang said it had "unseized"...]]> 2024-02-29T08:26:20+00:00 https://www.tripwire.com/state-of-security/healthcare-sector-warned-alphv-blackcat-ransomware-after-surge-targeted-attacks www.secnews.physaphae.fr/article.php?IdArticle=8457000 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais Kiteworks et Climb Channel Solutions renforcent le partenariat<br>Kiteworks and Climb Channel Solutions Strengthen Partnership nouvelles commerciales
Kiteworks and Climb Channel Solutions Strengthen Partnership to Boost Sensitive Content Communications in the UK Solution helps UK businesses meet local data security and compliance requirements to reduce risks - Business News]]>
2024-02-29T08:25:18+00:00 https://www.globalsecuritymag.fr/kiteworks-and-climb-channel-solutions-strengthen-partnership-to-boost-sensitive.html www.secnews.physaphae.fr/article.php?IdArticle=8456856 False None None 2.0000000000000000
Global Security Mag - Site de news francais La CyberTech Filigran annonce une nouvelle levée de fonds de 15 millions Business]]> 2024-02-29T08:21:37+00:00 https://www.globalsecuritymag.fr/la-cybertech-filigran-annonce-une-nouvelle-levee-de-fonds-de-15-millions.html www.secnews.physaphae.fr/article.php?IdArticle=8456857 False Threat None 2.0000000000000000 Korben - Bloger francais No Sleep – Le site qui empêche votre ordinateur ou smartphone de passer en veille 2024-02-29T08:00:00+00:00 https://korben.info/empecher-veille-ordinateur-smartphone-no-sleep.html www.secnews.physaphae.fr/article.php?IdArticle=8456851 False None None 3.0000000000000000 ProofPoint - Cyber Firms Briser la chaîne d'attaque: des mouvements décisifs<br>Break the Attack Chain: Decisive Moves 2024-02-29T06:00:13+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/causes-data-loss-insight-into-incidents www.secnews.physaphae.fr/article.php?IdArticle=8456975 False Tool,Threat,Cloud None 3.0000000000000000 The Register - Site journalistique Anglais ACEMAGIQUE DE PC chinois a personnalisé ses propres machines pour être infectée par des logiciels malveillants<br>Chinese PC-maker Acemagic customized its own machines to get infected with malware Tried to speed boot times, maybe by messing with \'Windows source code\', ended up building a viral on-ramp Chinese PC maker Acemagic has admitted some of its products shipped with pre-installed malware.…]]> 2024-02-29T04:46:11+00:00 https://go.theregister.com/feed/www.theregister.com/2024/02/29/acemagic_chinese_pc_malware_infection/ www.secnews.physaphae.fr/article.php?IdArticle=8456770 False Malware None 4.0000000000000000 McAfee Labs - Editeur Logiciel Guloader Unmasked: Décricteur de la menace des fichiers SVG malveillants<br>GUloader Unmasked: Decrypting the Threat of Malicious SVG Files Rédigé par: Vignesh Dhatchanamoorthy dans le paysage en constante évolution des menaces de cybersécurité, rester en avance sur les acteurs malveillants nécessite une compréhension approfondie ...
>Authored by: Vignesh Dhatchanamoorthy In the ever-evolving landscape of cybersecurity threats, staying ahead of malicious actors requires a deep understanding... ]]>
2024-02-29T03:02:12+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/guloader-unmasked-decrypting-the-threat-of-malicious-svg-files/ www.secnews.physaphae.fr/article.php?IdArticle=8456730 False Threat None 2.0000000000000000
The State of Security - Magazine Américain Donner un sens aux réglementations de cybersécurité des services financiers<br>Making Sense of Financial Services Cybersecurity Regulations The financial services sector faces unprecedented cybersecurity challenges in today\'s digital age. With the industry being a prime target for cybercriminals , understanding and adhering to cybersecurity regulations has never been more crucial. This article delves into the labyrinth of cybersecurity regulations affecting financial services, underscoring their significance in safeguarding sensitive data and maintaining robust cyber defenses. We aim to demystify these complex regulations and highlight the path to compliance. The Significance of Cybersecurity in Financial Services The financial...]]> 2024-02-29T01:54:04+00:00 https://www.tripwire.com/state-of-security/making-sense-financial-services-cybersecurity-regulations www.secnews.physaphae.fr/article.php?IdArticle=8456831 False None None 3.0000000000000000 CrowdStrike - CTI Society L'anatomie d'une attaque de ransomware alpha<br>The Anatomy of an ALPHA SPIDER Ransomware Attack ALPHA SPIDER is the adversary behind the development and operation of the Alphv ransomware as a service (RaaS). Over the last year, ALPHA SPIDER affiliates have been leveraging a variety of novel techniques as part of their ransomware operations. CrowdStrike Services has observed techniques such as the usage of NTFS Alternate Data Streams for hiding […]]]> 2024-02-29T01:15:21+00:00 https://www.crowdstrike.com/blog/anatomy-of-alpha-spider-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8463760 False Ransomware,Technical None 4.0000000000000000 The Register - Site journalistique Anglais Alphv / Blackcat revendique la responsabilité du changement d'attaque de soins de santé<br>ALPHV/BlackCat claims responsibility for Change Healthcare attack Brags it lifted 6TB of data, but let\'s remember these people are criminals and not worthy of much trust The ALPHV/BlackCat cybercrime gang has taken credit – if that\'s the word – for a ransomware infection at Change Healthcare that has disrupted thousands of pharmacies and hospitals across the US, and also claimed that the amount of sensitive data stolen and affected health-care organizations is much larger than the victims initially disclosed.…]]> 2024-02-29T00:29:15+00:00 https://go.theregister.com/feed/www.theregister.com/2024/02/29/alphv_change_healthcare/ www.secnews.physaphae.fr/article.php?IdArticle=8456692 False Ransomware,Medical None 3.0000000000000000 Microsoft - Microsoft Security Response Center Voyage de Faye \\: de la sécurité PM à la diversité défenseur de Microsoft<br>Faye\\'s Journey: From Security PM to Diversity Advocate at Microsoft Faye, a veteran at Microsoft for 22 years, has had a career as varied as it is long. Her journey began in 2002 as the first desktop security Project Manager (PM) in Microsoft IT. From there, she transitioned into owning a deployment team that deployed to desktops and handled operations for Office\'s first few customers.]]> 2024-02-29T00:00:00+00:00 https://msrc.microsoft.com/blog/2024/02/fayes-journey-from-security-pm-to-diversity-advocate-at-microsoft/ www.secnews.physaphae.fr/article.php?IdArticle=8457251 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Le gouvernement américain élargit le rôle dans la sécurité des logiciels<br>US Government Expands Role in Software Security The White House Office of the National Cyber Director puts software developers on notice, calling for a move to memory-safe programming languages and the development of security metrics.]]> 2024-02-28T23:03:41+00:00 https://www.darkreading.com/application-security/us-government-taking-bigger-role-in-software-security www.secnews.physaphae.fr/article.php?IdArticle=8456651 False None None 2.0000000000000000 CrowdStrike - CTI Society Après des années de succès, l'état du Wyoming cherche à étendre les protections de crowdsstrike dans tout l'État<br>After Years of Success, State of Wyoming Looks to Expand CrowdStrike Protections Statewide With its wild beauty, favorable tax laws and growing tech scene, the State of Wyoming is experiencing a surge in business growth. But with this prosperity comes a rise in cyber risk due to the expanding commerce platforms and digital infrastructure needed to support it. “We\'ve had several large tech companies relocate to Wyoming recently,” […]]]> 2024-02-28T22:16:02+00:00 https://www.crowdstrike.com/blog/state-of-wyoming-looks-to-expand-crowdstrike-protections/ www.secnews.physaphae.fr/article.php?IdArticle=8463761 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le groupe de ransomware notoire revendique la responsabilité des attaques qui tournent les pharmacies américaines<br>Notorious ransomware group claims responsibility for attacks roiling US pharmacies Le groupe connu sous le nom d'ALPHV a déclaré que c'était derrière une attaque qui a perturbé un service utilisé par les prestataires de soins de santé pour traiter les paiements.
>The group known as ALPHV said it was behind an attack that has disrupted a service used by healthcare providers to process payments. ]]>
2024-02-28T22:12:54+00:00 https://cyberscoop.com/ransomware-alphv-healthcare-pharmacies/ www.secnews.physaphae.fr/article.php?IdArticle=8456650 False Ransomware None 2.0000000000000000
Ars Technica - Risk Assessment Security Hacktivism Github assiégé par des millions de référentiels malveillants dans l'attaque en cours<br>GitHub besieged by millions of malicious repositories in ongoing attack GitHub keeps removing malware-laced repositories, but thousands remain.]]> 2024-02-28T22:12:25+00:00 https://arstechnica.com/?p=2006797 www.secnews.physaphae.fr/article.php?IdArticle=8456648 False None None 2.0000000000000000 Dark Reading - Informationweek Branch \\ 'voltzite \\' zaps utilitaires africains dans le cadre de l'assaut Volt Typhoon \\<br>\\'Voltzite\\' Zaps African Utilities as Part of Volt Typhoon\\'s Onslaught The China-backed APT that\'s been trying to set itself up inside US critical infrastructure for the purpose of disrupting physical processes is deploying a similar playbook in Africa.]]> 2024-02-28T21:45:24+00:00 https://www.darkreading.com/vulnerabilities-threats/voltzite-zaps-african-utilities-volt-typhoon-onslaught www.secnews.physaphae.fr/article.php?IdArticle=8456652 False None Guam 4.0000000000000000 RedCanary - Red Canary Renforcez votre cœur avec le cadre de cybersécurité mis à jour de NIST \\<br>Strengthen your Core with NIST\\'s updated cybersecurity framework We break down the changes to NIST\'s CSF 2.0 which features a new emphasis on governance and supply chain management]]> 2024-02-28T21:22:32+00:00 https://redcanary.com/blog/nist-csf/ www.secnews.physaphae.fr/article.php?IdArticle=8456628 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates UNC1549 liés à l'Iran ciblent les secteurs de l'aérospatiale et de la défense du Moyen-Orient<br>Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant said in a new analysis. UNC1549 is said to overlap with ]]> 2024-02-28T20:38:00+00:00 https://thehackernews.com/2024/02/iran-linked-unc1549-hackers-target.html www.secnews.physaphae.fr/article.php?IdArticle=8456494 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future La campagne de cyber-espionnage iranienne présumée cible le Moyen-Orient Aerospace, les industries de la défense<br>Suspected Iranian cyber-espionage campaign targets Middle East aerospace, defense industries Une campagne de cyber-espionnage en cours qui utilise des logiciels malveillants uniques contre les industries de l'aérospatiale, de l'aviation et de la défense au Moyen-Orient semble avoir des liens avec l'Iran, selon des chercheurs en sécurité.L'opération cible des entités en Israël et aux Émirats arabes unis (EAU) - et potentiellement en Turquie, en Inde et en Albanie - selon les analystes de mandiant , le
An ongoing cyber-espionage campaign that uses unique malware against the aerospace, aviation and defense industries in the Middle East appears to have links to Iran, security researchers say. The operation is targeting entities in Israel and the United Arab Emirates (UAE) - and potentially Turkey, India and Albania - according to analysts at Mandiant, the]]>
2024-02-28T20:29:56+00:00 https://therecord.media/iran-cyber-espionage-campaign-targeting-middle-east-defense-aerospace www.secnews.physaphae.fr/article.php?IdArticle=8456609 False Malware None 2.0000000000000000
Recorded Future - FLux Recorded Future Le sénateur demande à la FTC d'étudier les pratiques de confidentialité des données des constructeurs<br>Senator asks FTC to investigate automakers\\' data privacy practices Appelant les réseaux de constructeurs automobiles à sa demande de réponses «évasive et vague», le sénateur Edward Markey (D-MA) a appelé mercredi la présidente de la Federal Trade Commission (FTC) Lina Khan pour enquêter sur la confidentialité des données de l'industrie automobile \\les pratiques.Dans un lettre à Khan , a déclaré Markey en décembre.
Calling automakers\' responses to his demand for answers “evasive and vague,” Sen. Edward Markey (D-MA) on Wednesday called on Federal Trade Commission (FTC) Chair Lina Khan to investigate the car industry\'s data privacy practices. In a letter to Khan, Markey said in December he asked 14 major car manufacturers to offer transparency on how they]]>
2024-02-28T19:39:00+00:00 https://therecord.media/senator-asks-ftc-to-investigate-automaker-privacy-practices www.secnews.physaphae.fr/article.php?IdArticle=8456589 False None None 2.0000000000000000
knowbe4 - cybersecurity services Nouvelles recherches: les incidents de ransomware augmentent 84% en 2023<br>New Research: Ransomware Incidents Spike 84% in 2023 Les incidents de ransomware augmentent 84% car les victimes les plus ransomwares de tous les temps sont enregistrées Des données nouvellement publiées couvrant les cyber-états vécues en 2023 éclairent à quel point l'an dernier était très différent et peint un tableau de ce à quoi s'attendre des cyberattaques en 2024.
Ransomware Incidents Spike 84% as the Most Ransomware Victims Ever is Recorded Newly-released data covering cyberthreats experienced in 2023 sheds some light on how very different last year was and paints a picture of what to expect of cyber attacks in 2024.]]>
2024-02-28T19:26:02+00:00 https://blog.knowbe4.com/ransomware-incidents-spike-84-as-most-ransomware-victims www.secnews.physaphae.fr/article.php?IdArticle=8456586 False Ransomware None 3.0000000000000000
knowbe4 - cybersecurity services La campagne de phishing cible les contribuables mexicains avec des leurres sur le thème des impôts<br>Phishing Campaign Targets Mexican Taxpayers With Tax-Themed Lures campagne de phishing cible mexicain mexicainLes contribuables a PHIGHISH La campagne vise des utilisateurs au Mexique avec des leurres sur le thème des impôts, selon les chercheurs de Cisco Talos. Les e-mails de phishing disent que les utilisateurs vers un site Web qui tentent de les inciter à télécharger une nouvelle souche de logiciels malveillants de volée d'informations appelés «Timbrester».
Phishing Campaign Targets Mexican Taxpayers A phishing campaign is targeting users in Mexico with tax-themed lures, according to researchers at Cisco Talos. The phishing emails direct users to a website that attempts to trick them into downloading a new strain of information-stealing malware called “TimbreStealer.”]]>
2024-02-28T19:25:59+00:00 https://blog.knowbe4.com/phishing-campaign-targets-mexican-taxpayers www.secnews.physaphae.fr/article.php?IdArticle=8456587 False Malware None 2.0000000000000000
knowbe4 - cybersecurity services Changeur de jeu: malware de vol biométrique<br>Game-Changer: Biometric-Stealing Malware Game-Changer: Biometric-Stealing Malware ]]> 2024-02-28T19:25:55+00:00 https://blog.knowbe4.com/game-changer-biometric-stealing-malware www.secnews.physaphae.fr/article.php?IdArticle=8456588 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le FBI prévient le secteur des soins de santé américains des attaques de ransomware Blackcat ciblées<br>FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory. "This is likely in response to the ALPHV/BlackCat administrator\'s]]> 2024-02-28T18:36:00+00:00 https://thehackernews.com/2024/02/fbi-warns-us-healthcare-sector-of.html www.secnews.physaphae.fr/article.php?IdArticle=8456448 False Ransomware,Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future L'Ukraine s'attend à ce que la campagne de désinformation russe d'un milliard de dollars culmine ce printemps<br>Ukraine expects billion-dollar Russian disinformation campaign to peak this spring L'unité de renseignement militaire de l'Ukraine \\ a averti que la Russie avait versé plus d'un milliard de dollars dans une campagne de désinformation permanente visant à diminuer le soutien occidental à Kiev et à semer la panique et à se méfier des citoyens ukrainiens.La campagne intitulée «Maidan-3» a été lancée par la Russie en novembre dernier, mais devrait culminer entre mars et mai, la principale direction de l'Ukraine \\
Ukraine\'s military intelligence unit warned that Russia has poured more than $1 billion into an ongoing disinformation campaign aimed to diminish Western support for Kyiv and sow panic and distrust among Ukrainian citizens. The campaign called “Maidan-3” was launched by Russia last November but is expected to peak between March and May, Ukraine\'s Main Directorate]]>
2024-02-28T18:19:56+00:00 https://therecord.media/ukraine-russia-disinformation-campaign-peaking www.secnews.physaphae.fr/article.php?IdArticle=8456567 False None None 3.0000000000000000
RiskIQ - cyber risk firms (now microsoft) #Stopransomware: alphv Blackcat #### Description The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service (RaaS) identified through FBI investigations as recently as February 2024. This advisory provides updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released April 19, 2022, and to this advisory released December 19, 2023. ALPHV Blackcat actors have since employed improvised communication methods by creating victim-specific emails to notify of the initial compromise. Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized. This is likely in response to the ALPHV Blackcat administrator\'s post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023.. In February 2023, ALPHV Blackcat administrators announced the ALPHV Blackcat Ransomware 2.0 Sphynx update, which was rewritten to provide additional features to affiliates, such as better defense evasion and additional tooling. This ALPHV Blackcat update has the capability to encrypt both Windows and Linux devices, and VMWare instances. ALPHV Blackcat affiliates have extensive networks and experience with ransomware and data extortion operations. According to the FBI, as of September 2023, ALPHV Blackcat affiliates have compromised over 1000 entities-nearly 75 percent of which are in the United States and approximately 250 outside the United States-, demanded over $500 million, and received nearly $300 million in ransom payments. #### Reference URL(s) 1. https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-353a #### Publication Date December 19, 2023 #### Author(s) CISA ]]> 2024-02-28T18:15:21+00:00 https://community.riskiq.com/article/b85e83eb www.secnews.physaphae.fr/article.php?IdArticle=8456579 False Ransomware None 3.0000000000000000 Dark Reading - Informationweek Branch Les cyberattaques attirent les diplomates de l'UE avec des offres de dégustation de vin<br>Cyberattackers Lure EU Diplomats With Wine-Tasting Offers A targeted attack aiming to exploit geopolitical relations between India and Europe delivers previously undocumented, uniquely evasive backdoor malware.]]> 2024-02-28T18:07:30+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cyberattackers-lure-eu-diplomats-wine-tasting-offers www.secnews.physaphae.fr/article.php?IdArticle=8456566 False Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Construire votre plateforme de données client compatible avec la confidentialité (CDP) avec des données de premier parti<br>Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data In today\'s digital era, data privacy isn\'t just a concern; it\'s a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a transformative webinar where we unveil Twilio Segment\'s state-of-the-art CDP.]]> 2024-02-28T17:32:00+00:00 https://thehackernews.com/2024/02/building-your-privacy-compliant.html www.secnews.physaphae.fr/article.php?IdArticle=8456419 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les problèmes du FBI ont une alerte sur les menaces russes ciblant les routeurs Ubiquiti<br>FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers The routers were hijacked to steal credentials, proxy traffic, and host phishing pages and custom tools]]> 2024-02-28T17:30:00+00:00 https://www.infosecurity-magazine.com/news/fbi-alert-russian-threats-ubiquiti/ www.secnews.physaphae.fr/article.php?IdArticle=8456544 False Tool None 3.0000000000000000 knowbe4 - cybersecurity services Le vol d'identification est principalement dû au phishing<br>Credential Theft Is Mostly Due To Phishing Credential Theft Is Mostly Due To Phishing ]]> 2024-02-28T17:21:10+00:00 https://blog.knowbe4.com/credential-theft-mostly-due-phishing www.secnews.physaphae.fr/article.php?IdArticle=8456542 False Studies None 3.0000000000000000 Global Security Mag - Site de news francais Les systèmes de symétrie dévoilent un nouvel analyseur d'image OCR pour transformer la sécurité et la conformité des données<br>Symmetry Systems Unveils New OCR Image Analyzer to Transform Data Security and Compliance revues de produits
Symmetry Systems Unveils New OCR Image Analyzer to Transform Data Security and Compliance New Feature Finds Business Critical Images Hidden in Unstructured Data Stores - Product Reviews]]>
2024-02-28T17:05:53+00:00 https://www.globalsecuritymag.fr/symmetry-systems-unveils-new-ocr-image-analyzer-to-transform-data-security-and.html www.secnews.physaphae.fr/article.php?IdArticle=8456521 False None None 2.0000000000000000
Krebs on Security - Chercheur Américain Calendrier Meeting Links utilisés pour diffuser des logiciels malveillants Mac<br>Calendar Meeting Links Used to Spread Mac Malware Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target\'s account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.]]> 2024-02-28T16:56:43+00:00 https://krebsonsecurity.com/2024/02/calendar-meeting-links-used-to-spread-mac-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8456533 False Malware,Conference None 2.0000000000000000 Recorded Future - FLux Recorded Future L'Australie confrontée à sa menace la plus élevée de l'espionnage et des interférences étrangères<br>Australia facing its highest-ever threat from espionage and foreign interference De plus en plus d'Australiens «sont destinés à l'espionnage et aux interférences étrangères que jamais», a averti le chef de la responsabilité de la sécurité intérieure du pays.«Les Australiens doivent savoir que la menace est réelle.La menace est maintenant.Et la menace est plus profonde et plus large que vous ne le pensez », a déclaré Mike Burgess, livrant la menace annuelle de l'agence \\
More Australians are “being targeted for espionage and foreign interference than ever before,” the head of the country\'s domestic security agency has warned. “Australians need to know that the threat is real. The threat is now. And the threat is deeper and broader than you might think,” said Mike Burgess, delivering the agency\'s [annual threat]]>
2024-02-28T16:48:24+00:00 https://therecord.media/australia-facing-highest-ever-threat-from-espionage-interference www.secnews.physaphae.fr/article.php?IdArticle=8456519 False Threat None 3.0000000000000000
InfoSecurity Mag - InfoSecurity Magazine 34 millions de références Roblox exposées sur Dark Web en trois ans<br>34 Million Roblox Credentials Exposed on Dark Web in Three Years Kaspersky reported a 231% surge in compromised accounts from 4.7 million in 2021 to 15.5 million in 2023]]> 2024-02-28T16:45:00+00:00 https://www.infosecurity-magazine.com/news/roblox-credentials-exposed-dark-web/ www.secnews.physaphae.fr/article.php?IdArticle=8456518 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les superutilisateurs ont besoin d'une super protection: comment combler la gestion des accès privilégiés et la gestion de l'identité<br>Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users. There\'s a company aiming to fix the gap between traditional PAM and IdM]]> 2024-02-28T16:07:00+00:00 https://thehackernews.com/2024/02/superusers-need-super-protection-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8456366 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le Royaume-Uni dévoile le projet de code de gouvernance de la cybersécurité pour stimuler la résilience commerciale<br>UK Unveils Draft Cybersecurity Governance Code to Boost Business Resilience The UK government provided a preview of its future Cybersecurity Governance Code of Practice, which aims to be the go-to cyber guideline for UK business leaders]]> 2024-02-28T16:00:00+00:00 https://www.infosecurity-magazine.com/news/uk-unveils-draft-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8456493 False Guideline None 2.0000000000000000 SecurityWeek - Security News Cyber Insights 2024: API & # 8211;Un danger clair, présent et futur<br>Cyber Insights 2024: APIs – A Clear, Present, and Future Danger La surface d'attaque de l'API se développe et les vulnérabilités de l'API augmentent.L'IA aidera les attaquants à trouver et à exploiter les vulnérabilités d'API à grande échelle.
>The API attack surface is expanding and API vulnerabilities are growing. AI will help attackers find and exploit API vulnerabilities at scale. ]]>
2024-02-28T15:38:05+00:00 https://www.securityweek.com/cyber-insights-2024-apis-a-clear-present-and-future-danger/ www.secnews.physaphae.fr/article.php?IdArticle=8456492 False Vulnerability,Threat None 3.0000000000000000
Recorded Future - FLux Recorded Future Le ministère irlandais des Affaires étrangères dit \\ 'aucune preuve \\' de cyber violation à la suite de la réclamation d'extorsion<br>Irish foreign affairs ministry says \\'no evidence\\' of cyber breach following extortion claim Le Département des affaires étrangères de l'Irlande (DFA) a déclaré qu'il n'y avait actuellement «aucune preuve de violation» de ses systèmes informatiques à la suite d'une réclamation par un nouveau groupe de cyber normelles qu'il avait volé des données et était prêt à le vendre.Le nouveau groupe, s'appelant Mogilevich, a répertorié le DFA mardi, prétendant offrir 7 Go de
Ireland\'s Department of Foreign Affairs (DFA) said there was currently “no evidence of any breach” of its IT systems following a claim by a new cyber extortion group that it had stolen data and was prepared to sell it. The new group, calling itself Mogilevich, listed the DFA on Tuesday, claiming to offer 7GB of]]>
2024-02-28T15:13:32+00:00 https://therecord.media/ireland-dfa-no-evidence-of-cybersecurity-breach www.secnews.physaphae.fr/article.php?IdArticle=8456495 False General Information None 2.0000000000000000
Global Security Mag - Site de news francais Le rapport SecurityScorecard sur les violations tierces révèle que la chaîne d\'approvisionnement logicielle est la principale cible des groupes de ransomwares Investigations]]> 2024-02-28T15:11:22+00:00 https://www.globalsecuritymag.fr/le-rapport-securityscorecard-sur-les-violations-tierces-revele-que-la-chaine-d.html www.secnews.physaphae.fr/article.php?IdArticle=8456496 False Studies None 4.0000000000000000 Dark Reading - Informationweek Branch Les lois convergentes de la confidentialité de l'État et le défi de l'IA émergent<br>Converging State Privacy Laws and the Emerging AI Challenge It\'s time for companies to look at what they\'re processing, what types of risk they have, and how they plan to mitigate that risk.]]> 2024-02-28T15:00:00+00:00 https://www.darkreading.com/cyber-risk/converging-state-privacy-laws-emerging-ai-challenge www.secnews.physaphae.fr/article.php?IdArticle=8456469 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Le géant pharmaceutique Cencora rapporte la cyberattaque<br>Pharmaceutical giant Cencora reports cyberattack Global Pharmaceutical Corporation Cencora a rapporté mardi qu'elle avait récemment découvert que des intrus avaient volé des données sur ses réseaux.La société Fortune 500 a déclaré dans un dossier réglementaire été exfiltré »dans un incident qui a été révélé le 21 février.« Lors de la détection initiale de l'activité non autorisée, la société
Global pharmaceutical corporation Cencora reported on Tuesday that it recently discovered that intruders had stolen data from its networks. The Fortune 500 company said in a regulatory filing that data from IT systems “had been exfiltrated” in an incident that came to light on February 21. “Upon initial detection of the unauthorized activity, the Company]]>
2024-02-28T14:40:32+00:00 https://therecord.media/cencora-pharmaceutical-giant-reports-cyber-incident www.secnews.physaphae.fr/article.php?IdArticle=8456470 False None None 2.0000000000000000
Silicon - Site de News Francais Broadcom concrétise la jonction SASE entre VMware et Symantec 2024-02-28T14:33:48+00:00 https://www.silicon.fr/vmware-symantec-sase-476313.html www.secnews.physaphae.fr/article.php?IdArticle=8456491 False None None 2.0000000000000000