This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T10:54:24+00:00 www.secnews.physaphae.fr InfoSecurity Mag - InfoSecurity Magazine 2022-01-13T19:20:00+00:00 https://www.infosecurity-magazine.com/news/fcc-stricter-data-breach-reporting/ www.secnews.physaphae.fr/article.php?IdArticle=3958967 False Data Breach None 4.0000000000000000 SecurityWeek - Security News 2022-01-13T17:36:10+00:00 https://www.securityweek.com/fcc-chair-proposes-new-policies-carrier-data-breach-reporting www.secnews.physaphae.fr/article.php?IdArticle=3958327 False Data Breach None None Bleeping Computer - Magazine Américain 2022-01-13T16:39:48+00:00 https://www.bleepingcomputer.com/news/security/fcc-wants-new-data-breach-reporting-rules-for-telecom-carriers/ www.secnews.physaphae.fr/article.php?IdArticle=3959493 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2022-01-12T21:00:00+00:00 https://www.infosecurity-magazine.com/news/clinical-review-vendor-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3953762 False Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Attack Misuses Google Docs Comments to Spew Out “Massive Wave” of Malicious Links (published: January 7, 2022) Security researchers have seen a very large number of attacks leveraging the comment features of Google Docs to send emails to users containing malicious content. The attackers can create a document, sheet, or slides and add comments tagging any user's email address. Google then sends an email to the tagged user account. These emails come from Google itself and are more likely to be trusted than some other phishing avenues. Analyst Comment: Phishing education can often help users identify and prevent phishing attacks. Specific to this attack method, users should verify that any unsolicited comments that are received come from the user indicated, and if unsure, reach out separately to the user that appears to have sent the comment to verify that it is real. Links in email should be treated with caution. MITRE ATT&CK:[MITRE ATT&CK] Masquerading - T1036 | [MITRE ATT&CK] Phishing - T1156 Tags: Google, Impersonation, Phishing Finalsite Ransomware Attack Forces 5,000 School Websites Offline (published: January 7, 2022) Finalsite, a firm used by schools for website content management, design, and hosting, has been hit by an unknown strain of ransomware that affected approximately 5,000 of their 8,000 customers. The company has said in a statement that many of the affected sites were preemptively shut down to protect user's data, that there is no evidence of that data was breached (although they did not confirm that they had the needed telemetry in place to detect that), and that most of the sites and services have been restored. Analyst Comment: Verified backup and disaster recovery processes are an important aspect of protecting organizations and allowing for remediation of successful attacks. Monitoring and telemetry can aid in detection and prevention from attacks, and provide evidence as to whether data has been exfiltrated. MITRE ATT&CK:[MITRE ATT&CK] Web Service - T1102 | [MITRE ATT&CK] Data Encrypted for Impact - T1486 Tags: Education, Finalsite, Ransomware, Web hosting FluBot’s Authors Employ Creative and Sophisticated Techniques to Achieve Their Goals in Version 5.0 and Beyond (published: January 6, 2022) Security researchers have analyzed a new and more sophisticated version of the FluBot Android malware first detected in early 2020. Once installed on a device, the malware can full]]> 2022-01-12T16:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-flubot-ios-ransomware-zloader-and-more www.secnews.physaphae.fr/article.php?IdArticle=3952434 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat,Guideline None None Graham Cluley - Blog Security 2022-01-12T14:44:51+00:00 https://www.bitdefender.com/blog/hotforsecurity/hackers-raided-panasonic-server-months-stealing-data-job-seekers/ www.secnews.physaphae.fr/article.php?IdArticle=3951829 False Data Breach None None CybeReason - Vendor blog Despite spending millions of dollars on cybersecurity tools over the past few years, most organizations still can't detect or respond to cyber attacks in a reasonable timeframe. According to Verizon's 2021 Data Breach Investigations Report (DBIR), 60% of incidents were discovered within days. However, in 20% of attacks, it took months or longer before organizations realized a breach had occurred. ]]> 2022-01-12T14:06:05+00:00 http://www.cybereason.com/blog/cybereason-xdr-10x-faster-response www.secnews.physaphae.fr/article.php?IdArticle=3952462 False Data Breach None None SecurityWeek - Security News 2022-01-11T11:24:57+00:00 https://www.securityweek.com/mrioa-discloses-data-breach-affecting-134000-people www.secnews.physaphae.fr/article.php?IdArticle=3946788 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2022-01-10T11:00:00+00:00 https://www.infosecurity-magazine.com/news/flexbooker-reveals-major-customer/ www.secnews.physaphae.fr/article.php?IdArticle=3942907 False Data Breach None None SecurityWeek - Security News 2022-01-07T12:12:38+00:00 https://www.securityweek.com/online-pharmacy-service-ravkoo-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3936558 False Data Breach None None Security Affairs - Blog Secu 2022-01-07T09:20:29+00:00 https://securityaffairs.co/wordpress/126409/data-breach/flexbooker-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=flexbooker-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3936130 False Data Breach,Threat None None InfoSecurity Mag - InfoSecurity Magazine 2022-01-06T18:27:00+00:00 https://www.infosecurity-magazine.com/news/investigation-launched-ripta-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3933379 False Data Breach APT 32 None Bleeping Computer - Magazine Américain 2022-01-06T11:48:11+00:00 https://www.bleepingcomputer.com/news/security/us-online-pharmacy-ravkoo-links-data-breach-to-aws-portal-incident/ www.secnews.physaphae.fr/article.php?IdArticle=3932619 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2022-01-05T19:46:00+00:00 https://www.infosecurity-magazine.com/news/morgan-stanley-agrees-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3928919 False Data Breach None None ZD Net - Magazine Info 2022-01-05T11:19:41+00:00 https://www.zdnet.com/article/morgan-stanley-agrees-to-60-million-settlement-in-data-breach-lawsuit/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=3927024 False Data Breach None 4.0000000000000000 SecurityWeek - Security News data breach at Broward Health, the Florida hospital system has revealed. ]]> 2022-01-05T10:58:58+00:00 https://www.securityweek.com/broward-health-data-breach-impacts-13-million-people www.secnews.physaphae.fr/article.php?IdArticle=3926999 True Data Breach None None McAfee Labs - Editeur Logiciel It happens with more regularity than any of us like to see. There's either a headline in your news feed... ]]> 2022-01-04T21:43:18+00:00 https://www.mcafee.com/blogs/consumer-cyber-awareness/what-to-do-if-youre-caught-up-in-a-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3924611 False Data Breach None 2.0000000000000000 Security Affairs - Blog Secu 2022-01-04T21:05:11+00:00 https://securityaffairs.co/wordpress/126317/cyber-crime/uscellular-second-data-breach-2021.html?utm_source=rss&utm_medium=rss&utm_campaign=uscellular-second-data-breach-2021 www.secnews.physaphae.fr/article.php?IdArticle=3924462 False Data Breach,Hack None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-01-04T16:43:57+00:00 https://threatpost.com/mcmenamins-data-breach-employee-info/177336/ www.secnews.physaphae.fr/article.php?IdArticle=3923407 False Ransomware,Data Breach None None IT Security Guru - Blog Sécurité 2022-01-04T12:44:43+00:00 https://www.itsecurityguru.org/2022/01/04/broward-health-data-breach-exposes-data-of-1357879-individuals/?utm_source=rss&utm_medium=rss&utm_campaign=broward-health-data-breach-exposes-data-of-1357879-individuals www.secnews.physaphae.fr/article.php?IdArticle=3922875 False Data Breach None None Bleeping Computer - Magazine Américain 2022-01-04T12:07:08+00:00 https://www.bleepingcomputer.com/news/security/uscellular-discloses-data-breach-after-billing-system-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3923601 False Data Breach,Hack None None Bleeping Computer - Magazine Américain 2022-01-04T11:22:55+00:00 https://www.bleepingcomputer.com/news/security/have-i-been-pwned-warns-of-datpiff-data-breach-impacting-millions/ www.secnews.physaphae.fr/article.php?IdArticle=3923471 False Data Breach None None Security Affairs - Blog Secu 2022-01-04T09:07:38+00:00 https://securityaffairs.co/wordpress/126293/data-breach/hospitality-chain-mcmenamins-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=hospitality-chain-mcmenamins-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3922165 False Ransomware,Data Breach,Threat None None Security Affairs - Blog Secu 2022-01-04T05:36:01+00:00 https://securityaffairs.co/wordpress/126285/data-breach/broward-health-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=broward-health-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3921529 False Data Breach None None SecurityWeek - Security News 2022-01-04T03:51:52+00:00 https://www.securityweek.com/broward-health-hit-data-breach-patients-staff www.secnews.physaphae.fr/article.php?IdArticle=3921395 False Data Breach None None SecurityWeek - Security News 2022-01-03T12:16:05+00:00 https://www.securityweek.com/aclu-demands-answers-about-transit-agency-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3918848 False Data Breach None None Bleeping Computer - Magazine Américain 2022-01-03T11:50:42+00:00 https://www.bleepingcomputer.com/news/security/broward-health-discloses-data-breach-affecting-13-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=3919459 False Data Breach None None Security Affairs - Blog Secu 2022-01-01T12:30:10+00:00 https://securityaffairs.co/wordpress/126193/data-breach/pulsetv-credit-cards-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=pulsetv-credit-cards-breach www.secnews.physaphae.fr/article.php?IdArticle=3913997 False Data Breach None None Security Affairs - Blog Secu 2021-12-31T21:03:58+00:00 https://securityaffairs.co/wordpress/126186/malware/redline-malware-hibp.html?utm_source=rss&utm_medium=rss&utm_campaign=redline-malware-hibp www.secnews.physaphae.fr/article.php?IdArticle=3912454 True Data Breach,Malware None None Bleeping Computer - Magazine Américain 2021-12-31T08:13:00+00:00 https://www.bleepingcomputer.com/news/security/top-10-healthcare-breaches-in-the-us-exposed-data-of-19-million/ www.secnews.physaphae.fr/article.php?IdArticle=3911689 False Data Breach None None Bleeping Computer - Magazine Américain 2021-12-30T15:17:31+00:00 https://www.bleepingcomputer.com/news/security/have-i-been-pwned-adds-441k-accounts-stolen-by-redline-malware/ www.secnews.physaphae.fr/article.php?IdArticle=3909855 False Data Breach,Malware None None Security Affairs - Blog Secu 2021-12-29T21:18:14+00:00 https://securityaffairs.co/wordpress/126140/cyber-crime/t-mobile-suffered-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=t-mobile-suffered-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3906001 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2021-12-29T12:03:42+00:00 https://www.bleepingcomputer.com/news/security/t-mobile-says-new-data-breach-caused-by-sim-swap-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=3904677 False Data Breach None None knowbe4 - cybersecurity services Monongalia Health System in West Virginia has disclosed a data breach that exposed sensitive patient and employee information.]]> 2021-12-28T18:28:54+00:00 https://blog.knowbe4.com/west-virginia-healthcare-breach-traced-to-phishing www.secnews.physaphae.fr/article.php?IdArticle=3900215 False Data Breach None None Security Affairs - Blog Secu 2021-12-28T08:49:27+00:00 https://securityaffairs.co/wordpress/126086/data-breach/d-w-morgan-data-leak.html?utm_source=rss&utm_medium=rss&utm_campaign=d-w-morgan-data-leak www.secnews.physaphae.fr/article.php?IdArticle=3896750 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-23T20:03:00+00:00 https://www.infosecurity-magazine.com/news/russian-hackers-17m-restitution/ www.secnews.physaphae.fr/article.php?IdArticle=3864452 False Data Breach None None Bleeping Computer - Magazine Américain 2021-12-23T10:49:36+00:00 https://www.bleepingcomputer.com/news/security/pro-wrestling-tees-discloses-data-breach-after-credit-cards-stolen/ www.secnews.physaphae.fr/article.php?IdArticle=3860942 False Data Breach None None Security Affairs - Blog Secu 2021-12-22T19:16:53+00:00 https://securityaffairs.co/wordpress/125885/data-breach/ubisoft-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=ubisoft-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3851692 False Data Breach None None SecurityWeek - Security News 2021-12-22T16:38:54+00:00 https://www.securityweek.com/ubisoft-confirms-unauthorized-access-just-dance-user-data www.secnews.physaphae.fr/article.php?IdArticle=3850497 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-22T10:39:00+00:00 https://www.infosecurity-magazine.com/news/ubisoft-player-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3847363 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-21T19:42:00+00:00 https://www.infosecurity-magazine.com/news/desjardins-155m-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3843178 False Data Breach None None Acunetix - Firm Blog Read more ]]> 2021-12-20T08:16:00+00:00 https://www.acunetix.com/blog/web-security-zone/five-fundamental-tips-executive-appsec-buyin/ www.secnews.physaphae.fr/article.php?IdArticle=3830298 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-16T20:43:00+00:00 https://www.infosecurity-magazine.com/news/rcca-settles-data-breach-claim/ www.secnews.physaphae.fr/article.php?IdArticle=3810350 False Data Breach None None Security Affairs - Blog Secu 2021-12-15T20:16:53+00:00 https://securityaffairs.co/wordpress/125675/cyber-crime/hellokitty-ransomware-ukraine.html?utm_source=rss&utm_medium=rss&utm_campaign=hellokitty-ransomware-ukraine www.secnews.physaphae.fr/article.php?IdArticle=3802142 False Ransomware,Data Breach,Guideline None None knowbe4 - cybersecurity services US telecommunications company Cox Communications has disclosed a data breach that exposed some customers' information, BleepingComputer reports. The company said in a breach notification letter that an attacker was able to gain access to some customer accounts after using social engineering tactics to impersonate a Cox employee.]]> 2021-12-13T14:09:38+00:00 https://blog.knowbe4.com/socially-engineering-your-way-to-customer-data www.secnews.physaphae.fr/article.php?IdArticle=3791148 False Data Breach None None Bleeping Computer - Magazine Américain 2021-12-09T08:58:50+00:00 https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/ www.secnews.physaphae.fr/article.php?IdArticle=3768009 False Data Breach None None Bleeping Computer - Magazine Américain 2021-12-09T07:47:15+00:00 https://www.bleepingcomputer.com/news/security/fujitsu-pins-japanese-govt-data-breach-on-stolen-projectweb-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=3767790 False Data Breach,Tool,Vulnerability None None knowbe4 - cybersecurity services New shocking data shows how unconcerned victim users are after being notified of a data breach involving their credentials, personal information, and even social media accounts.]]> 2021-12-07T15:53:12+00:00 https://blog.knowbe4.com/victims-after-a-data-breach-changing-passwords-and-good-password-hygiene-remain-unimportant www.secnews.physaphae.fr/article.php?IdArticle=3791152 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-12-03T19:07:00+00:00 https://www.infosecurity-magazine.com/news/uk-government-fined-honors-data/ www.secnews.physaphae.fr/article.php?IdArticle=3743299 False Data Breach None None Graham Cluley - Blog Security Continue reading "UK Government fined £500,000 after revealing home addresses in New Year honours data breach"]]> 2021-12-03T14:47:43+00:00 https://grahamcluley.com/uk-government-fined-500000-after-revealing-home-addresses-in-new-year-honours-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3741973 False Data Breach None None Graham Cluley - Blog Security 2021-12-03T10:26:13+00:00 https://www.bitdefender.com/blog/hotforsecurity/man-charged-with-ubiquiti-data-breach-and-extortion-was-employee-assigned-to-investigate-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3741011 False Data Breach,Hack None None SecurityWeek - Security News 2021-12-02T11:57:05+00:00 https://www.securityweek.com/data-hacked-400000-planned-parenthood-la-patients www.secnews.physaphae.fr/article.php?IdArticle=3737185 False Data Breach None None Bleeping Computer - Magazine Américain 2021-12-01T20:18:12+00:00 https://www.bleepingcomputer.com/news/security/planned-parenthood-la-discloses-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3735345 False Ransomware,Data Breach None None Security Intelligence - Site de news Américain 2021-12-01T14:00:00+00:00 https://securityintelligence.com/data-breach-stress-fatigue/ www.secnews.physaphae.fr/article.php?IdArticle=3731990 False Ransomware,Data Breach None None MitnickSecurity - Former Hacker Services The American internet domain registrar and web hosting company GoDaddy recently made the news for the latest 2021 security breach. ]]> 2021-11-30T23:00:00+00:00 https://www.mitnicksecurity.com/blog/lessons-learned-from-godaddys-2021-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3791075 False Data Breach None 5.0000000000000000 Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-11-30T17:56:03+00:00 https://threatpost.com/panasonic-data-breach-questions/176660/ www.secnews.physaphae.fr/article.php?IdArticle=3728765 False Data Breach None None SecurityWeek - Security News 2021-11-30T16:51:25+00:00 https://www.securityweek.com/21-million-people-affected-breach-dna-testing-company www.secnews.physaphae.fr/article.php?IdArticle=3728740 True Data Breach None None Bleeping Computer - Magazine Américain 2021-11-30T08:26:13+00:00 https://www.bleepingcomputer.com/news/security/dna-testing-firm-discloses-data-breach-affecting-21-million-people/ www.secnews.physaphae.fr/article.php?IdArticle=3728227 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2021-11-30T01:36:45+00:00 https://thehackernews.com/2021/11/panasonic-suffers-data-breach-after.html www.secnews.physaphae.fr/article.php?IdArticle=3727161 False Data Breach,Hack None None SecurityWeek - Security News 2021-11-29T17:00:49+00:00 https://www.securityweek.com/marine-services-provider-swire-pacific-offshore-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3724001 False Data Breach None None SecurityWeek - Security News 2021-11-29T15:36:37+00:00 https://www.securityweek.com/panasonic-investigating-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3723456 False Data Breach None None Security Intelligence - Site de news Américain 2021-11-29T14:00:00+00:00 https://securityintelligence.com/sec-business-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3722950 False Data Breach None None Security Affairs - Blog Secu 2021-11-29T13:17:41+00:00 https://securityaffairs.co/wordpress/125099/cyber-crime/supernus-pharmaceuticals-hive-ransomware.html?utm_source=rss&utm_medium=rss&utm_campaign=supernus-pharmaceuticals-hive-ransomware www.secnews.physaphae.fr/article.php?IdArticle=3722959 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-11-29T09:40:21+00:00 https://www.bleepingcomputer.com/news/security/panasonic-discloses-data-breach-after-network-hack/ www.secnews.physaphae.fr/article.php?IdArticle=3723010 False Data Breach,Hack,Threat None None Security Affairs - Blog Secu 2021-11-25T15:01:27+00:00 https://securityaffairs.co/wordpress/124994/data-breach/godaddy-breach-impacted-brands.html?utm_source=rss&utm_medium=rss&utm_campaign=godaddy-breach-impacted-brands www.secnews.physaphae.fr/article.php?IdArticle=3707618 True Data Breach,Threat None None SecurityWeek - Security News 2021-11-24T13:03:49+00:00 https://www.securityweek.com/godaddy-says-several-brands-hit-recent-wordpress-hosting-breach www.secnews.physaphae.fr/article.php?IdArticle=3702972 False Data Breach None None Bleeping Computer - Magazine Américain 2021-11-24T10:47:05+00:00 https://www.bleepingcomputer.com/news/security/godaddy-data-breach-hits-wordpress-hosting-services-resellers/ www.secnews.physaphae.fr/article.php?IdArticle=3703217 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2021-11-22T23:39:14+00:00 https://thehackernews.com/2021/11/godaddy-data-breach-exposes-over-1.html www.secnews.physaphae.fr/article.php?IdArticle=3697396 False Data Breach None None Security Affairs - Blog Secu 2021-11-22T20:49:37+00:00 https://securityaffairs.co/wordpress/124894/data-breach/godaddy-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=godaddy-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3695264 False Data Breach,Threat None None InfoSecurity Mag - InfoSecurity Magazine 2021-11-22T17:26:00+00:00 https://www.infosecurity-magazine.com/news/godaddy-announces-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3693959 False Data Breach None None Security Affairs - Blog Secu 2021-11-22T14:56:25+00:00 https://securityaffairs.co/wordpress/124886/data-breach/utah-imaging-associates-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=utah-imaging-associates-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3693669 False Data Breach None None Security Intelligence - Site de news Américain 2021-11-22T14:00:00+00:00 https://securityintelligence.com/cost-of-data-breach-bottom-line/ www.secnews.physaphae.fr/article.php?IdArticle=3693655 False Ransomware,Data Breach None None SecurityWeek - Security News 2021-11-22T13:02:19+00:00 https://www.securityweek.com/utah-medical-group-discloses-data-breach-affecting-over-580000-patients www.secnews.physaphae.fr/article.php?IdArticle=3693468 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2021-11-22T11:43:08+00:00 https://www.bleepingcomputer.com/news/security/godaddy-hack-causes-data-breach-affecting-12-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=3693976 False Data Breach,Hack None None We Live Security - Editeur Logiciel Antivirus ESET 2021-11-22T10:30:27+00:00 https://www.welivesecurity.com/2021/11/22/what-do-if-you-receive-data-breach-notice/ www.secnews.physaphae.fr/article.php?IdArticle=3697130 False Data Breach None None Security Affairs - Blog Secu 2021-11-21T15:01:49+00:00 https://securityaffairs.co/wordpress/124837/cyber-crime/payment-portal-conti-gang-compromised.html?utm_source=rss&utm_medium=rss&utm_campaign=payment-portal-conti-gang-compromised www.secnews.physaphae.fr/article.php?IdArticle=3689583 False Ransomware,Data Breach None 4.0000000000000000 Security Affairs - Blog Secu 2021-11-19T20:14:34+00:00 https://securityaffairs.co/wordpress/124785/data-breach/california-pizza-kitchen-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=california-pizza-kitchen-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3683001 False Data Breach None None SecurityWeek - Security News 2021-11-19T13:44:45+00:00 https://www.securityweek.com/california-pizza-kitchen-notifies-employees-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3680643 False Data Breach None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-11-19T13:31:28+00:00 https://threatpost.com/california-pizza-kitchen-employee-ssns-data-breach/176478/ www.secnews.physaphae.fr/article.php?IdArticle=3680124 False Data Breach None None Bleeping Computer - Magazine Américain 2021-11-19T10:35:08+00:00 https://www.bleepingcomputer.com/news/security/utah-medical-center-hit-by-data-breach-affecting-582k-patients/ www.secnews.physaphae.fr/article.php?IdArticle=3680921 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2021-11-19T00:53:26+00:00 https://thehackernews.com/2021/11/a-simple-5-step-framework-to-minimize.html www.secnews.physaphae.fr/article.php?IdArticle=3679127 False Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Targeted Attack Campaign Against ManageEngine ADSelfService Plus Delivers Godzilla Webshells, NGLite Trojan and KdcSponge Stealer (published: November 8, 2021) US Cybersecurity and Infrastructure Security Agency (CISA) has released an alert about advanced persistent threat (APT) actors exploiting vulnerability in self-service password management and single sign-on solution known as ManageEngine ADSelfService Plus. PaloAlto, Microsoft & Lumen Technologies did a joint effort to track, analyse and mitigate this threat. The attack deployed a webshell and created a registry key for persistence. The actor leveraged leased infrastructure in the US to scan hundreds of organizations and compromised at least nine global organizations across technology, defense, healthcare and education industries. Analyst Comment: This actor has used some unique techniques in these attacks including: a blockchain based legitimate remote control application, and credential stealing tool which hooks specific functions from the LSASS process. It’s important to make sure your EDR solution is configured to and supports detecting such advanced techniques in order to detect such attacks. MITRE ATT&CK: [MITRE ATT&CK] OS Credential Dumping - T1003 | [MITRE ATT&CK] Ingress Tool Transfer - T1105 | [MITRE ATT&CK] Scripting - T1064 | [MITRE ATT&CK] Valid Accounts - T1078 | [MITRE ATT&CK] Application Layer Protocol - T1071 | [MITRE ATT&CK] Credentials in Files - T1081 | [MITRE ATT&CK] Brute Force - T1110 | [MITRE ATT&CK] Data Staged - T1074 | [MITRE ATT&CK] External Remote Services - T1133 | [MITRE ATT&CK] Hooking - T1179 | [MITRE ATT&CK] Registry Run Keys / Startup Folder - T1060 | [MITRE ATT&CK] Pass the Hash - T1075 Tags: Threat Group 3390, APT27, TG-3390, Emissary Panda, WildFire, NGLite backdoor, Cobalt Strike, Godzilla, PwDump, beacon, ChinaChopper, CVE-2021-40539, Healthcare, Military, North America, China REvil Affiliates Arrested; DOJ Seizes $6.1M in Ransom (published: November 9, 2021) A 22 year old Ukranian national named Yaroslav Vasinskyi, has been charged with conducting ransomware attacks by the U.S Department of Justice (DOJ). These attacks include t]]> 2021-11-16T17:34:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-revil-affiliates-arrested-electronics-retail-giant-hit-by-ransomware-robinhood-breach-zero-day-in-palo-alto-security-appliance-and-more www.secnews.physaphae.fr/article.php?IdArticle=3667130 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat,Medical APT 38,APT 27,APT 1 None Bleeping Computer - Magazine Américain 2021-11-15T10:52:48+00:00 https://www.bleepingcomputer.com/news/security/7-million-robinhood-user-email-addresses-for-sale-on-hacker-forum/ www.secnews.physaphae.fr/article.php?IdArticle=3663548 False Data Breach None None Security Affairs - Blog Secu 2021-11-13T00:06:33+00:00 https://securityaffairs.co/wordpress/124534/data-breach/costco-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=costco-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3652962 False Data Breach,Threat None None SecurityWeek - Security News 2021-11-12T15:33:09+00:00 https://www.securityweek.com/hpe-says-customer-data-compromised-aruba-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3652863 False Data Breach None None Bleeping Computer - Magazine Américain 2021-11-12T10:11:45+00:00 https://www.bleepingcomputer.com/news/security/costco-discloses-data-breach-after-finding-credit-card-skimmer/ www.secnews.physaphae.fr/article.php?IdArticle=3650116 False Data Breach None None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released (published: November 5, 2021) A proof-of-concept (PoC) tool to test for the recently revealed BrakTooth flaws in Bluetooth devices, and the researchers who discovered them have released both the test kit and full exploit code for the bugs. On Thursday, CISA urged manufacturers, vendors and developers to patch or employ workarounds. On Monday, the University of Singapore researchers updated their table of affected devices, after the chipset vendors Airoha, Mediatek and Samsung reported that some of their devices are vulnerable. Analyst Comment: Users are urged to patch or employ workarounds as soon as possible. Tags: Bluetooth, BrakTooth, Exploit, Vulnerability CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution (published: November 4, 2021) Researchers at SentinelOne have identified a vulnerability in the TIPC Module, part of the Linux Kernel. The Transparent Inter-Process Communication (TIPC) module is a protocol that is used for cluster-wide operation and is packaged as part of most major Linux distributions. The vulnerability, designated as “CVE-2021-43267”, is a heap overflow vulnerability that could be exploited to execute code within the kernel. Analyst Comment: TIPC users should ensure their Linux kernel version is not between 5.10-rc1 and 5.15. Tags: Linux, TIPC, Vulnerabiltity Ukraine Links Members Of Gamaredon Hacker Group To Russian FSB (published: November 4, 2021) The Ukrainian Secret Service claims to have identified five members of the threat group, Gamaredon. The group, who Ukraine are claiming to be operated by the Russian Federal Security Service (FSB), are believed to be behind over 5,000 attacks against Ukraine. These attacks usually consist of malicious documents and using a template injection vulnerability, the group has targeted government, public and private entities. Analyst Comment: Users should be careful that a file is sent via a known and trusted sender, that individual should be contacted to verify the authenticity of the attachment prior to opening. Thus, any such file attachment sent by unknown senders should be viewed with the utmost scrutiny, and the attachments should be avoided and properly reported to appropriate personnel. Users should be careful when viewing documents that ask for macros to be enabled. MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 Tags: Gamaredon, Malicious Documents, Russia, Ukraine, Template Injection ]]> 2021-11-10T16:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-gitlab-vulnerability-exploited-in-the-wild-mekotio-banking-trojan-returns-microsoft-exchange-vulnerabilities-exploited-again-and-more www.secnews.physaphae.fr/article.php?IdArticle=3639043 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat None None McAfee Labs - Editeur Logiciel The Robinhood trading platform recently disclosed a data breach that exposed the information of millions of its customers. News of the attack was released on Monday, November 8th along with word the... ]]> 2021-11-09T23:32:54+00:00 https://www.mcafee.com/blogs/cyberthreat-news/protecting-yourself-in-the-wake-of-the-robinhood-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3635439 False Data Breach None None Security Affairs - Blog Secu 2021-11-09T21:40:55+00:00 https://securityaffairs.co/wordpress/124412/data-breach/robinhood-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=robinhood-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3635275 False Data Breach,Threat None None We Live Security - Editeur Logiciel Antivirus ESET 2021-11-09T19:02:14+00:00 http://feedproxy.google.com/~r/eset/blog/~3/NBwkB-f8ROs/ www.secnews.physaphae.fr/article.php?IdArticle=3636714 False Data Breach None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-11-09T14:43:08+00:00 https://threatpost.com/robinhood-trading-platform-data-breach/176106/ www.secnews.physaphae.fr/article.php?IdArticle=3632695 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2021-11-09T09:45:00+00:00 https://www.infosecurity-magazine.com/news/robinhood-data-breach-seven-million/ www.secnews.physaphae.fr/article.php?IdArticle=3631588 False Data Breach None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2021-11-09T00:44:10+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/7HmPoF09t-A/robinhood-trading-app-suffers-data.html www.secnews.physaphae.fr/article.php?IdArticle=3631509 False Data Breach,Threat None None SecurityWeek - Security News 2021-11-08T17:27:54+00:00 http://feedproxy.google.com/~r/securityweek/~3/qkfZL8i2Q5w/us-government-contractor-ewa-discloses-data-theft-breach www.secnews.physaphae.fr/article.php?IdArticle=3628599 False Data Breach,Threat None None Bleeping Computer - Magazine Américain 2021-11-08T16:40:29+00:00 https://www.bleepingcomputer.com/news/security/robinhood-discloses-data-breach-impacting-7-million-customers/ www.secnews.physaphae.fr/article.php?IdArticle=3629430 False Data Breach,Threat None None Security Affairs - Blog Secu 2021-11-05T22:54:46+00:00 https://securityaffairs.co/wordpress/124236/data-breach/electronic-warfare-associates-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=electronic-warfare-associates-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3617257 True Data Breach,Threat None None Security Intelligence - Site de news Américain 2021-11-05T13:00:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/OolC0SIKao0/ www.secnews.physaphae.fr/article.php?IdArticle=3613909 False Data Breach None None Bleeping Computer - Magazine Américain 2021-11-05T10:59:33+00:00 https://www.bleepingcomputer.com/news/security/us-defense-contractor-electronic-warfare-hit-by-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=3614153 False Data Breach,Threat None None Security Affairs - Blog Secu 2021-11-03T21:35:52+00:00 https://securityaffairs.co/wordpress/124162/cyber-crime/labour-party-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=labour-party-data-breach www.secnews.physaphae.fr/article.php?IdArticle=3606127 True Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-11-03T13:22:25+00:00 https://www.bleepingcomputer.com/news/security/uk-labour-party-discloses-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=3604993 True Ransomware,Data Breach None None