www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-29T21:44:06+00:00 www.secnews.physaphae.fr Security Intelligence - Site de news Américain Prédictions ICS CERT pour 2024: ce que vous devez savoir ICS CERT predictions for 2024: What you need to know Alors que nous travaillons au premier trimestre de 2024, divers secteurs s'adaptent continuellement aux menaces de cybersécurité de plus en plus complexes.Des secteurs comme les soins de santé, la finance, l'énergie et le transport élargissent régulièrement leur infrastructure numérique, entraînant des surfaces d'attaque plus importantes et une plus grande exposition aux risques.Kaspersky vient de publier leurs prédictions ICS CERT pour cette année, décrivant la clé [& # 8230;]

>As we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack surfaces and greater risk exposure. Kaspersky just released their ICS CERT Predictions for this year, outlining the key […] ]]> 2024-03-26T13:00:00+00:00 https://securityintelligence.com/articles/ics-cert-predictions-2024-need-to-know/ www.secnews.physaphae.fr/article.php?IdArticle=8470760 False Industrial,Medical None 4.0000000000000000 Recorded Future - FLux Recorded Future L'agence britannique de compteur de comptoir obtient une gifle au poignet pour écouter UK counter-eavesdropping agency gets slap on the wrist for eavesdropping

L'Autorité nationale britannique pour les comptoirs (UK NACE) a été critiquée par le chien de surveillance des pouvoirs d'enquête de la Grande-Bretagne après avoir tenté illégalement (et sans succès) de écouter une source journalistique.Le Royaume-Uni Nace est chargé de protéger les informations et les sites les plus sensibles du pays en Grande-Bretagne et dans les ambassades du monde entier.Dans le cadre de

The UK National Authority for Counter-Eavesdropping (UK NACE) has been criticized by Britain\'s investigatory powers watchdog after unlawfully (and unsuccessfully) attempting to eavesdrop to uncover a journalistic source. UK NACE is tasked with protecting the country\'s most sensitive information and sites both in Britain itself and in embassies around the world. As part of]]> 2024-03-26T12:39:00+00:00 https://therecord.media/uk-nace-unlawful-surveillance-journalistic-source www.secnews.physaphae.fr/article.php?IdArticle=8470737 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Les applications VPN gratuites sur Google Play transforment les téléphones Android en proxies Free VPN apps on Google Play turned Android phones into proxies Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Android devices into unwitting residential proxies, likely used for cybercrime and shopping bots. [...]]]> 2024-03-26T12:33:00+00:00 https://www.bleepingcomputer.com/news/security/free-vpn-apps-on-google-play-turned-android-phones-into-proxies/ www.secnews.physaphae.fr/article.php?IdArticle=8470852 False Mobile None 3.0000000000000000 Dragos - CTI Society Étendre la protection de l'infrastructure OT avec automatisation de Dragos et de Swimlane Extend Protection for OT Infrastructure with Automation from Dragos and Swimlane Résumé de l'exécutif: Une nouvelle intégration avec la plate-forme DRAGOS pour la surveillance et la visibilité du réseau OT et la turbine de Swinklane permet aux clients de ... Le post prolongez la protection de l'infrastructure OT avec automatisationDe Dragos et du Swimlane est apparu pour la première fois sur dragos .

>Executive Summary: New integration with the Dragos Platform for OT network monitoring and visibility and Swimlane Turbine enables customers to... The post Extend Protection for OT Infrastructure with Automation from Dragos and Swimlane first appeared on Dragos.]]> 2024-03-26T12:30:00+00:00 https://www.dragos.com/blog/extend-protection-for-ot-infrastructure-with-automation-from-dragos-and-swimlane/ www.secnews.physaphae.fr/article.php?IdArticle=8470732 False Industrial None 3.0000000000000000 Silicon - Site de News Francais Atos donne rendez-vous fin juillet pour envisager son avenir 2024-03-26T12:26:14+00:00 https://www.silicon.fr/atos-donne-rendez-vous-fin-juillet-pour-envisager-son-avenir-477159.html www.secnews.physaphae.fr/article.php?IdArticle=8470763 False None None 3.0000000000000000 Cisco - Security Firm Blog Se cacher à la vue: comment les attaques du sous-domaine utilisent votre authentification par e-mail contre vous Hiding in Plain Sight: How Subdomain Attacks Use Your Email Authentication Against You Understanding the tricky way that subdomain attacks use your email authentication against you.]]> 2024-03-26T12:00:55+00:00 https://feedpress.me/link/23535/16631864/hiding-in-plain-sight-how-subdomain-attacks-use-your-email-authentication-against-you www.secnews.physaphae.fr/article.php?IdArticle=8470705 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine Les actionnaires gagnent lorsque les entreprises font mieux dans le cyber Shareholders win when businesses do better at cyber 2024-03-26T12:00:00+00:00 https://www.computerweekly.com/news/366575459/Shareholders-win-when-businesses-do-better-at-cyber www.secnews.physaphae.fr/article.php?IdArticle=8470819 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Package Nuget douteux peut présager l'espionnage industriel chinois Dubious NuGet Package May Portend Chinese Industrial Espionage A .NET package available for download right now is either a stealthy industrial systems backdoor or nothing at all.]]> 2024-03-26T12:00:00+00:00 https://www.darkreading.com/ics-ot-security/dubious-nuget-package-chinese-industrial-espionage www.secnews.physaphae.fr/article.php?IdArticle=8470708 False Industrial None 3.0000000000000000 HackRead - Chercher Cyber Meilleures pratiques pour la gestion de Kafka pour assurer la haute disponibilité Best Practices for Kafka Management to Ensure High Availability Par uzair amir Avec la popularité croissante d'Apache Kafka en tant que plate-forme de streaming distribuée, garantissant que sa haute disponibilité est devenue & # 8230; Ceci est un article de HackRead.com Lire le post original: Meilleures pratiques pour la direction de Kafka pour garantir la haute disponibilité

>By Uzair Amir With the increasing popularity of Apache Kafka as a distributed streaming platform, ensuring its high availability has become… This is a post from HackRead.com Read the original post: Best Practices for Kafka Management to Ensure High Availability]]> 2024-03-26T11:54:02+00:00 https://www.hackread.com/kafka-management-best-practices-high-availability/ www.secnews.physaphae.fr/article.php?IdArticle=8470710 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité Les augmentations de cyber-start-up primées et Pound; 3M dirigés par Fuel Ventures pour permettre aux employés de se protéger Award Winning Cyber Start-up Raises £3m Led By Fuel Ventures To Empower Employees To Protect Themselves Award Cyber Start-up Rauses & Pound; 3M dirigée par Fuel Ventures pour permettre aux employés de se protéger pour la première fois sur gourou de la sécurité informatique .

Today, Think Cyber Security Ltd has announced that it has raised a £3 million late seed funding round to deliver measurable secure behaviour change. The multi-award winning, National Cyber Security Centre recognised firm offers an innovative and uniquely real-time Redflags® subscription software solution which gently guides and nudges staff to secure behaviours, with measurable impact. UK […] The post Award Winning Cyber Start-up Raises £3m Led By Fuel Ventures To Empower Employees To Protect Themselves first appeared on IT Security Guru. ]]> 2024-03-26T11:48:42+00:00 https://www.itsecurityguru.org/2024/03/26/award-winning-cyber-start-up-raises-3m-led-by-fuel-ventures-to-empower-employees-to-protect-themselves/?utm_source=rss&utm_medium=rss&utm_campaign=award-winning-cyber-start-up-raises-3m-led-by-fuel-ventures-to-empower-employees-to-protect-themselves www.secnews.physaphae.fr/article.php?IdArticle=8470706 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future L'UE établit des règles pour que Big Tech s'attaque aux interférences aux élections du Parlement européen EU sets rules for Big Tech to tackle interference in European Parliament elections

La Commission européenne a publié une gamme de nouvelles règles pour les plus grandes plateformes technologiques pour respecter les élections par le Parlement européen en juin.Les lignes directrices en vertu de la loi sur les services numériques ne s'appliquent que aux plus grandes plateformes et moteurs de recherche - ceux avec plus de 45 millions d'utilisateurs actifs dans le

The European Commission has published a range of new rules for the largest technology platforms to abide by, ahead of the European Parliament elections in June. The guidelines under the Digital Services Act only apply to the very largest platforms and search engines - those with more than 45 million active users in the]]> 2024-03-26T11:38:08+00:00 https://therecord.media/european-parliament-elections-interferance-big-tech-rules www.secnews.physaphae.fr/article.php?IdArticle=8470709 False None None 2.0000000000000000 Silicon - Site de News Francais Qui est Mustafa Suleyman, le nouveau " Monsieur IA " de Microsoft ? 2024-03-26T11:24:13+00:00 https://www.silicon.fr/mustafa-suleyman-monsieur-ia-de-microsoft-477149.html www.secnews.physaphae.fr/article.php?IdArticle=8470707 False None None 2.0000000000000000 HackRead - Chercher Cyber Top 3 des outils de cybersécurité pour protéger les données de l'entreprise Top 3 Cybersecurity Tools to Protect Business Data Par uzair amir Découvrez les trois principaux outils de cybersécurité conçus pour protéger vos données commerciales à partir de menaces et de violations en ligne, assurant un transfert de données sécurisé. Ceci est un article de HackRead.com Lire le post original: Top 3 des outils de cybersécurité pour protéger les données de l'entreprise

>By Uzair Amir Discover the top three cybersecurity tools designed to safeguard your business data from online threats and breaches, ensuring secure data transfer. This is a post from HackRead.com Read the original post: Top 3 Cybersecurity Tools to Protect Business Data]]> 2024-03-26T11:10:00+00:00 https://www.hackread.com/3-cybersecurity-tools-to-protect-business-data/ www.secnews.physaphae.fr/article.php?IdArticle=8470738 False Tool None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Sur les systèmes de vote sécurisés On Secure Voting Systems Commentaire public & # 8212; Signé par vingt experts en cybersécurité électorale, y compris moi-même & # 8212; sur les meilleures pratiques pour les appareils de marquage des bulletins de vote et la tabulation de vote.Il a été écrit pour la législature de Pennsylvanie, mais il est de nature générale. . du résumé de l'exécutif: Nous pensons qu'aucun système n'est parfait, chacun ayant des compromis.Les bulletins de vote à la main et à la main enlèvent l'incertitude introduite par l'utilisation de machines électroniques et la capacité des mauvais acteurs à exploiter les vulnérabilités électroniques pour modifier à distance les résultats.Cependant, une partie des électeurs marquent à tort les bulletins de vote en papier d'une manière qui ne sera pas comptée dans la façon dont l'électeur voulait, ou qui annule même le bulletin de vote.Les comptages à main retardent la déclaration en temps opportun des résultats et introduisent la possibilité d'erreur humaine, de biais ou d'interprétation erronée ...

Andrew Appel shepherded a public comment—signed by twenty election cybersecurity experts, including myself—on best practices for ballot marking devices and vote tabulation. It was written for the Pennsylvania legislature, but it’s general in nature. From the executive summary: We believe that no system is perfect, with each having trade-offs. Hand-marked and hand-counted ballots remove the uncertainty introduced by use of electronic machinery and the ability of bad actors to exploit electronic vulnerabilities to remotely alter the results. However, some portion of voters mistakenly mark paper ballots in a manner that will not be counted in the way the voter intended, or which even voids the ballot. Hand-counts delay timely reporting of results, and introduce the possibility for human error, bias, or misinterpretation...]]> 2024-03-26T11:08:16+00:00 https://www.schneier.com/blog/archives/2024/03/on-secure-voting-systems.html www.secnews.physaphae.fr/article.php?IdArticle=8470682 False Vulnerability,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Theoon malware infecte 6 000 routeurs ASUS en 72 heures pour le service proxy TheMoon malware infects 6,000 ASUS routers in 72 hours for proxy service A new variant of "TheMoon" malware botnet has been spotted infecting thousands of outdated small office and home office (SOHO) routers and IoT devices in 88 countries. [...]]]> 2024-03-26T11:00:00+00:00 https://www.bleepingcomputer.com/news/security/themoon-malware-infects-6-000-asus-routers-in-72-hours-for-proxy-service/ www.secnews.physaphae.fr/article.php?IdArticle=8470791 False Malware None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Emprunteur Bénéficiant: escroqueries de prêts communes et comment les éviter Borrower beware: Common loan scams and how to avoid them Personal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. Here\'s how to avoid being scammed when considering a loan.]]> 2024-03-26T10:30:00+00:00 https://www.welivesecurity.com/en/scams/borrower-beware-common-loan-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8471180 False Vulnerability None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les États-Unis cibles des entreprises cryptographiques aidant la Russie sanctionne l'évasion US Targets Crypto Firms Aiding Russia Sanctions Evasion The US Treasury has designated several Russian blockchain and virtual currency firms for sanctions evasion]]> 2024-03-26T10:30:00+00:00 https://www.infosecurity-magazine.com/news/us-designates-russian-crypto/ www.secnews.physaphae.fr/article.php?IdArticle=8470683 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alertes CISA sur l'exploitation active des défauts dans Fortinet, Ivanti et Nice Products CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) - Ivanti]]> 2024-03-26T10:24:00+00:00 https://thehackernews.com/2024/03/cisa-alerts-on-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8470582 False Vulnerability None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine La CISA et le FBI invitent l'effort renouvelé pour éliminer les défauts d'injection SQL CISA and FBI Urge Renewed Effort to Eliminate SQL Injection Flaws The US government wants developers to get serious about tackling SQL injection bugs]]> 2024-03-26T10:00:00+00:00 https://www.infosecurity-magazine.com/news/cisa-fbi-renewed-effort-eliminate/ www.secnews.physaphae.fr/article.php?IdArticle=8470659 False None None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC L'importance croissante du CAASM dans la stratégie de cybersécurité de l'entreprise The Growing Importance of CAASM in Company Cybersecurity Strategy expansion of the attack surface as a significant risk for corporate cyber environments in the upcoming years. The most vulnerable entities include IoT devices, cloud apps, open-source systems, and complex software supply chains. There is an increasing demand for concepts like Cyber Asset Attack Surface Management (CAASM), External Attack Surface Management (EASM), and Cloud Security Posture Management (CSPM) in corporate security frameworks. This trend is also documented in Gartner\'s "hype" chart. Let\'s discuss the concept of CAASM, which is centered on identifying and managing all digital assets within an organization, whether they are internal or external. This approach aims to provide a comprehensive view and control over the organization\'s cyber environment, enhancing security measures and management practices. What Is CAASM CAASM assists IT departments in achieving end-to-end visibility of a company\'s cyber assets. This strategy creates a fuller understanding of the actual state of the infrastructure, enabling the security team to respond promptly to existing threats and potential future ones. CAASM-based products and solutions integrate with a broad array of data sources and security tools. CAASM gathers and aggregates data and analyzes perimeter traffic, providing a continuous, multi-dimensional view of the entire attack surface. Having access to current asset data enables information security officers to visualize the infrastructure and address security gaps promptly. They can prioritize the protection of assets and develop a unified perspective on the organization\'s actual security posture. This sets the stage for proactive risk management strategies. Exploring CAASM\'s Core Functions The CAASM approach equips security professionals with a variety of tools necessary for effectively managing an organization\'s attack surface and addressing risks. Asset Discovery A lack of visibility into all of an organization\'s assets heightens the risk of cyberattacks. Cyber Asset Attack Surface Management products automatically detect and catalog every component of a company\'s digital infrastructure, encompassing local, cloud, and various remote systems, including shadow IT. A company employing CAASM gains a clear overview of all its deployed web applications, servers, network devices, and cloud services. CAASM facilitates a comprehensive inventory of the devices, applications, networks, and users constituting the company\'s attack surface. Vulnerability Detection It is important to understand the risks each asset poses, such as missing the latest security updates or opportunities to access sensitive data. CAASM systems integrate asset data, helping security teams identify misconfigurations, vulnerabilities, and oth]]> 2024-03-26T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-growing-importance-of-caasm-in-company-cybersecurity-strategy www.secnews.physaphae.fr/article.php?IdArticle=8470766 False Ransomware,Tool,Vulnerability,Threat,Prediction,Cloud None 3.0000000000000000 Silicon - Site de News Francais Forum InCyber 2024 : la cybersécurité à l\'ère de l\'IA 2024-03-26T09:49:07+00:00 https://www.silicon.fr/forum-incyber-2024-ia-477126.html www.secnews.physaphae.fr/article.php?IdArticle=8470657 False None None 2.0000000000000000 Silicon - Site de News Francais Le défi de la cybersécurité des infrastructures critiques du secteur de l\'énergie 2024-03-26T09:20:52+00:00 https://www.silicon.fr/avis-expert/le-defi-de-la-cybersecurite-des-infrastructures-critiques-du-secteur-de-lenergie www.secnews.physaphae.fr/article.php?IdArticle=8470658 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain AI and Trust Regardez la vidéo sur youtube.com une conversation de 15 minutes par Bruce Schneier.

Watch the Video on YouTube.com A 15-minute talk by Bruce Schneier.]]> 2024-03-26T09:01:57+00:00 https://www.schneier.com/blog/archives/2024/03/ai-and-trust-2.html www.secnews.physaphae.fr/article.php?IdArticle=8472464 False None None 3.0000000000000000 Global Security Mag - Site de news francais Netterra conserve l'engagement à l'excellence avec la recertification de trois normes ISO Neterra Retains Commitment to Excellence with Recertification of Three ISO Standards nouvelles commerciales

Neterra Retains Commitment to Excellence with Recertification of Three ISO Standards The company is demonstrating its ongoing dedication to quality, information security, and service management excellence - Business News]]> 2024-03-26T08:25:19+00:00 https://www.globalsecuritymag.fr/neterra-retains-commitment-to-excellence-with-recertification-of-three-iso.html www.secnews.physaphae.fr/article.php?IdArticle=8470633 False None None 2.0000000000000000 Korben - Bloger francais La checklist ultime pour sécuriser du mieux possible votre vie numérique 2024-03-26T08:00:00+00:00 https://korben.info/personal-security-checklist-guide-securite-numerique-vie-privee-protection-donnees.html www.secnews.physaphae.fr/article.php?IdArticle=8470631 False None None 4.0000000000000000 Global Security Mag - Site de news francais Check Point dévoile un nouveau partenariat avec Microsoft Business]]> 2024-03-26T07:59:43+00:00 https://www.globalsecuritymag.fr/check-point-devoile-un-nouveau-partenariat-avec-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8470605 False None None 3.0000000000000000 Global Security Mag - Site de news francais Cybermalveillance.gouv.fr étend son dispositif SensCyber au grand public et aux collaborateurs des TPE et PME françaises Produits]]> 2024-03-26T07:48:17+00:00 https://www.globalsecuritymag.fr/cybermalveillance-gouv-fr-etend-son-dispositif-senscyber-au-grand-public-et-aux.html www.secnews.physaphae.fr/article.php?IdArticle=8470606 False None None 3.0000000000000000 Global Security Mag - Site de news francais Atempo déploie une offre de cyber résilience et d\'orchestration des données sur le cloud souverain d\'OUTSCALE Produits]]> 2024-03-26T07:45:57+00:00 https://www.globalsecuritymag.fr/atempo-deploie-une-offre-de-cyber-resilience-et-d-orchestration-des-donnees-sur.html www.secnews.physaphae.fr/article.php?IdArticle=8470607 False Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Un nouveau rapport Snowflake révèle qu\'une moyenne de 90 applications d\'IA par jour on été créées en 2023 Investigations]]> 2024-03-26T07:40:03+00:00 https://www.globalsecuritymag.fr/un-nouveau-rapport-snowflake-revele-qu-une-moyenne-de-90-applications-d-ia-par.html www.secnews.physaphae.fr/article.php?IdArticle=8470608 False None None 3.0000000000000000 Wired Threat Level - Security News Le maire de Londres entre dans l'univers cinématographique des conneries The Mayor of London Enters the Bullshit Cinematic Universe It all started with an asthma attack. Now Sadiq Khan finds himself at the center of a global conspiracy.]]> 2024-03-26T07:00:00+00:00 https://www.wired.com/story/mayor-of-london-sadiq-khan-ulez-conspiracy/ www.secnews.physaphae.fr/article.php?IdArticle=8470580 False None None 3.0000000000000000 Dark Reading - Informationweek Branch L'Afrique aborde les campagnes de désinformation en ligne au cours de l'année électorale majeure Africa Tackles Online Disinformation Campaigns During Major Election Year Cyber-disinformation campaigns targeting Africa have taken off in 2024, as 18 nations prepare to hold elections, and cybersecurity efforts are key to taming the threat.]]> 2024-03-26T07:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/africa-tackles-online-disinformation-campaigns-during-major-election-year www.secnews.physaphae.fr/article.php?IdArticle=8470581 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms Proofpoint Discloses Technique Pivot by Attacker Group TA577: Targeting Windows NTLM 2024-03-26T06:00:09+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/ta577-attack-ntlm www.secnews.physaphae.fr/article.php?IdArticle=8471384 False Malware,Threat,Patching None 3.0000000000000000 ProofPoint - Cyber Firms ProofPoint révèle la technique PIVOT par un groupe d'attaquant TA577: Cibler Windows NTLM Proofpoint Discloses Technique Pivot by Attacker Group TA577: Targeting Windows NTLM 2024-03-26T06:00:09+00:00 https://www.proofpoint.com/us/blog/identity-threat-defense/ta577-attack-ntlm-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=8470829 False Malware,Threat,Patching None 3.0000000000000000 Korben - Bloger francais Une nouvelle technique permet de bloquer les bloqueurs de pubs sans JavaScript 2024-03-26T05:02:37+00:00 https://korben.info/bloquer-bloqueurs-pubs-sans-javascript-103-early-hints.html www.secnews.physaphae.fr/article.php?IdArticle=8470558 False None None 2.0000000000000000 The State of Security - Magazine Américain Les plates-formes d'IA nomment des menaces et des conseils de cybersécurité pour 2024 AI Platforms Name Cybersecurity Threats and Advice for 2024 With $109.5 billion of growth expected between now and 2030, the global AI cybersecurity market is booming – and it\'s not hard to see why. According to a recent survey of security professionals, three-quarters ( 75% ) have observed an increase in cyberattacks. Of these, the research found that an even greater proportion (an overwhelming 85%) blamed AI. What is AI\'s role in cybersecurity, then? Is it enabling our online freedoms and safety or undermining them? It\'s a question Techopedia wanted to explore . But, unlike speaking to human experts, these inquiries focused instead on a different...]]> 2024-03-26T03:49:21+00:00 https://www.tripwire.com/state-of-security/ai-platforms-name-cybersecurity-threats-and-advice-2024 www.secnews.physaphae.fr/article.php?IdArticle=8470636 False None None 3.0000000000000000 The State of Security - Magazine Américain Sécurité du navigateur en 2024: technologies et tendances Browser Security in 2024: Technologies and Trends What Is Browser Security? Browser security is a set of measures and processes intended to protect users and their data when using web browsers. This includes mechanisms to prevent unauthorized access, safeguard against malicious software and other browser security threats , and ways to protect the privacy of online activities. Essential components of browser security include secure communication protocols like HTTPS, which encrypts data in transit; features within the browser that detect and block malicious websites, phishing attempts, and malware; and technical measures for isolating the...]]> 2024-03-26T03:49:14+00:00 https://www.tripwire.com/state-of-security/browser-security-2024-technologies-and-trends www.secnews.physaphae.fr/article.php?IdArticle=8470637 False Malware,Technical None 2.0000000000000000 AhnLab - Korean Security Firm Malware déguisé en programme d'installation de la coréenne Public Institution (Kimsuky Group) Malware Disguised as Installer from Korean Public Institution (Kimsuky Group) Ahnlab Security Intelligence Center (ASEC) a récemment découvert le groupe Kimsuky distribuant des logiciels malveillants déguisés en installateur d'un coréeninstitution publique.Le malware en question est un compte-gouttes qui crée la porte dérobée Endoor, qui a également été utilisée dans l'attaque couverte dans le post précédent, «TrollAgent qui infecte les systèmes lors du processus d'installation du programme de sécurité (groupe Kimsuky)».[1] Bien qu'il n'y ait aucun enregistrement du compte-gouttes utilisé dans les attaques réelles, il y avait un cas d'attaque qui impliquait la porte dérobée ...

AhnLab SEcurity intelligence Center (ASEC) recently discovered the Kimsuky group distributing malware disguised as an installer from a Korean public institution. The malware in question is a dropper that creates the Endoor backdoor, which was also used in the attack covered in the previous post, “TrollAgent That Infects Systems Upon Security Program Installation Process (Kimsuky Group)”. [1] While there are no records of the dropper being used in actual attacks, there was an attack case that involved the backdoor created... ]]> 2024-03-26T02:04:48+00:00 https://asec.ahnlab.com/en/63396/ www.secnews.physaphae.fr/article.php?IdArticle=8470473 False Malware None 2.0000000000000000 TrendLabs Security - Editeur Antivirus L'ordre du jour ransomware se propage aux vCenters et ESXi via le script PowerShell personnalisé Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script This blog entry discusses the Agenda ransomware group\'s use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.]]> 2024-03-26T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/c/agenda-ransomware-propagates-to-vcenters-and-esxi-via-custom-pow.html www.secnews.physaphae.fr/article.php?IdArticle=8470630 False Ransomware None 3.0000000000000000 Global Security Mag - Site de news francais Plateforme d'apprentissage de la cybersécurité Cybeready désormais disponible sur le marché SaaS de Nachonacho CybeReady Cybersecurity Learning Platform Now Available on the NachoNacho SaaS Marketplace revues de produits

CybeReady Cybersecurity Learning Platform Now Available on the NachoNacho SaaS Marketplace Strategic Partnership Brings CybeReady to Popular SaaS Ecosystem as Organizations Look to Streamline Software Stack Management - Product Reviews]]> 2024-03-26T00:00:00+00:00 https://www.globalsecuritymag.fr/cybeready-cybersecurity-learning-platform-now-available-on-the-nachonacho-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8470350 False Cloud None 3.0000000000000000 Global Security Mag - Site de news francais Vincent Poulbère, SysDream : NIS2 conduira à une prise en compte réelle au niveau de la DG, la DAF, et la DRH, et pas seulement la DSI, constituant ainsi le nouveau défi des RSSI ! Interviews / affiche, INCYBER 2024]]> 2024-03-25T23:30:00+00:00 https://www.globalsecuritymag.fr/vincent-poulbere-sysdream-nis2-conduira-a-une-prise-en-compte-reelle-au-niveau.html www.secnews.physaphae.fr/article.php?IdArticle=8470072 False None None 3.0000000000000000 Global Security Mag - Site de news francais Stéphanie Ledoux, ALCYCONIE : Les RSSI doivent faire comprendre aux décideurs que les stratégies de cyber résilience sont aussi importantes que la protection et la prévention Interviews / evenement_milieu, INCYBER 2024]]> 2024-03-25T23:00:00+00:00 https://www.globalsecuritymag.fr/stephanie-ledoux-alcyconie-les-rssi-doivent-faire-comprendre-aux-decideurs-que.html www.secnews.physaphae.fr/article.php?IdArticle=8470351 False None None 2.0000000000000000 Global Security Mag - Site de news francais Éric Leblond, Stamus Networks : Le NDR est un outil incourtanble Interviews / evenement_milieu, INCYBER 2024]]> 2024-03-25T23:00:00+00:00 https://www.globalsecuritymag.fr/eric-leblond-stamus-networks-le-ndr-est-un-outil-incourtanble.html www.secnews.physaphae.fr/article.php?IdArticle=8470385 False Threat None 2.0000000000000000 The Register - Site journalistique Anglais Les États-Unis facturent des ressortissants chinois avec de la cyber-espion sur à peu près tout le monde pour Pékin US charges Chinese nationals with cyber-spying on pretty much everyone for Beijing Plus: Alleged front sanctioned, UK blames PRC for Electoral Commission theft, and does America need a Cyber Force? The United States on Monday accused seven Chinese men of breaking into computer networks, email accounts, and cloud storage belonging to numerous critical infrastructure organizations, companies, and individuals, including US businesses, politicians, and their political parties.…]]> 2024-03-25T22:38:20+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/china_apt31_charges/ www.secnews.physaphae.fr/article.php?IdArticle=8470408 False Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Un adopte une résolution largement symbolique pour \\ 'sécurisé, digne de confiance \\' ai UN Adopts Largely Symbolic Resolution for \\'Secure, Trustworthy\\' AI Countries around the world are signaling support of secure AI practices, but not necessarily committing to them.]]> 2024-03-25T22:32:33+00:00 https://www.darkreading.com/cybersecurity-operations/un-adopts-symbolic-resolution-secure-trustworthy-ai www.secnews.physaphae.fr/article.php?IdArticle=8470409 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future St. Cloud le plus récent dans String of Florida Cities frappé de ransomwares St. Cloud most recent in string of Florida cities hit with ransomware

Une autre ville de Floride a annoncé une cyberattaque, en rejoignant deux autres personnes qui ont traité des incidents au cours des derniers mois. & NBSP;La ville de St. Cloud a déclaré lundi qu'elle avait découvert une attaque de ransomware affectant les services de la ville et averti que si «de nombreux» services de la ville sont touchés, ils «fonctionnent du mieux que possible jusqu'à ce que le problème soit

Another city in Florida has announced a cyberattack, joining two others who have dealt with incidents over recent months. The city of St. Cloud said Monday it discovered a ransomware attack affecting city services and warned that while “many” city departments are affected they are “operating as best as possible until the issue is]]> 2024-03-25T21:23:30+00:00 https://therecord.media/st-cloud-hit-with-ransomware-florida-string www.secnews.physaphae.fr/article.php?IdArticle=8470382 False Ransomware,Cloud None 3.0000000000000000 TechRepublic - Security News US Gartner avertit les professionnels IAM La cybersécurité dépend d'eux Gartner Warns IAM Professionals Cyber Security Depends on Them The rise of remote work, access via third-party providers and machine identities are just three reasons why cyber security depends on good identity and access management, Gartner has said.]]> 2024-03-25T21:21:24+00:00 https://www.techrepublic.com/article/gartner-iam-professionals/ www.secnews.physaphae.fr/article.php?IdArticle=8470381 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Des pirates chinois parrainés par l'État chargés, des sanctions perçues par nous Chinese State-Sponsored Hackers Charged, Sanctions Levied by US The US and the UK charge seven Chinese nationals for operating as part of threat group APT31.]]> 2024-03-25T21:20:40+00:00 https://www.darkreading.com/cyber-risk/chinese-state-hackers-slapped-with-us-charges-sanctions www.secnews.physaphae.fr/article.php?IdArticle=8470383 False Threat APT 31 3.0000000000000000 Dark Reading - Informationweek Branch Il est temps de cesser de mesurer la sécurité dans les absolus It\\'s Time to Stop Measuring Security in Absolutes All-or-nothing security policies strain resources by aiming for perfection. We need a better way to assess progress.]]> 2024-03-25T20:51:39+00:00 https://www.darkreading.com/cybersecurity-analytics/time-to-stop-measuring-security-in-absolutes www.secnews.physaphae.fr/article.php?IdArticle=8470681 False None None 2.0000000000000000 Data Security Breach - Site de news Francais Le FBI publie une alerte pour inciter les fabricants à éliminer les SQLi 2024-03-25T20:39:38+00:00 https://www.datasecuritybreach.fr/cisa-fbi-sqli/ www.secnews.physaphae.fr/article.php?IdArticle=8470372 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Le sénateur demande des réponses du HHS environ 7,5 millions de dollars de cyber vol en 2023 Senator demands answers from HHS about $7.5 million cyber theft in 2023

Un sénateur américain soulève des questions sur un rapport selon lequel 7,5 millions de dollars ont été volés par les cyber-voleurs du ministère de la Santé et des Services sociaux (HHS) l'année dernière.Citant un rapport de Bloomberg à partir de janvier, le sénateur Bill Cassidy a envoyé le secrétaire du HHS Xavier Becerra 11 questions sur une violation d'une plate-forme pour les paiements de subvention

A U.S. senator is raising questions about a report that $7.5 million was stolen by cyber thieves from the the Department of Health and Human Services (HHS) last year. Citing a Bloomberg report from January, Sen. Bill Cassidy sent HHS Secretary Xavier Becerra 11 questions about a breach of a platform for grant payments]]> 2024-03-25T20:33:10+00:00 https://therecord.media/hhs-reported-grant-payment-scam-sen-bill-cassidy-letter www.secnews.physaphae.fr/article.php?IdArticle=8470348 False None None 3.0000000000000000 TroyHunt - Blog Security Le ministère de la Justice réduit 7 accusés dans une campagne de piratage de 14 ans par le gouvernement chinois Justice Department indicts 7 accused in 14-year hack campaign by Chinese gov Hacks allegedly targeted US officials and politicians, their spouses, and dozens of companies.]]> 2024-03-25T20:20:53+00:00 https://arstechnica.com/?p=2012482 www.secnews.physaphae.fr/article.php?IdArticle=8470347 False Hack None 3.0000000000000000 Zataz - Magazine Francais de secu Après Twitter, voici des données exfiltrées de TikTok ? 2024-03-25T19:33:55+00:00 https://www.zataz.com/apres-twitter-voici-des-donnees-exfiltrees-de-tiktok/ www.secnews.physaphae.fr/article.php?IdArticle=8470327 False None None 3.0000000000000000 HackRead - Chercher Cyber International Sting supprime le grand marché Web Dark «Market Nèmesis» International Sting Takes Down Major Dark Web Marketplace “Nemesis Market” waqas Un autre jour, un autre marché Web sombre populaire mord la poussière! Ceci est un article de HackRead.com Lire la publication originale: International Sting élimine le marché du Web Dark & # 8220; Némesis Market & # 8221;

By Waqas Another day, another popular dark web marketplace bites the dust! This is a post from HackRead.com Read the original post: International Sting Takes Down Major Dark Web Marketplace “Nemesis Market”]]> 2024-03-25T19:06:14+00:00 https://www.hackread.com/sting-takes-down-dark-web-nemesis-market/ www.secnews.physaphae.fr/article.php?IdArticle=8470305 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Plusieurs pirates annoncent la vente de la base de données de France Travail. 2024-03-25T19:00:01+00:00 https://www.zataz.com/plusieurs-pirates-annoncent-la-vente-de-la-base-de-donnees-de-france-travail/ www.secnews.physaphae.fr/article.php?IdArticle=8470306 False None None 3.0000000000000000 SecurityWeek - Security News Le Trésor américain gifle les sanctions contre les pirates APT31 liés à la Chine US Treasury Slaps Sanctions on China-Linked APT31 Hackers Le Département du Trésor américain sanctionne une paire de pirates chinois liés à des «cyber-opérations malveillantes ciblant les secteurs des infrastructures critiques».

>The US Treasury Department sanctions a pair of Chinese hackers linked to “malicious cyber operations targeting US critical infrastructure sectors.” ]]> 2024-03-25T18:50:17+00:00 https://www.securityweek.com/us-treasury-slaps-sanctions-on-china-linked-apt31-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8470303 False None APT 31 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'équipe82 de Claroty \\ révèle des vulnérabilités critiques dans les appareils unistream unitronics, incité les mises à jour des fournisseurs Claroty\\'s Team82 reveals critical vulnerabilities in Unitronics UniStream devices, prompting vendor updates Researchers from Claroty\'s Team82 disclosed the presence of critical hardware vulnerabilities in Unitronics UniStream integrated PLC/HMI products, leading... ]]> 2024-03-25T18:21:40+00:00 https://industrialcyber.co/news/clarotys-team82-reveals-critical-vulnerabilities-in-unitronics-unistream-devices-prompting-vendor-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8470304 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch CISA cherche à réduire les défauts d'injection impardonnables \\ '\\' SQL CISA Seeks to Curtail \\'Unforgivable\\' SQL Injection Defects In a joint alert with the FBI, CISA seeks to tamp down the pervasiveness of a well-known class of bugs.]]> 2024-03-25T18:06:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cisa-seeks-to-stem-unforgivable-sql-injection-defects www.secnews.physaphae.fr/article.php?IdArticle=8470280 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Un système d'exploitation axé sur la base de données veut secouer la sécurité du cloud A Database-Oriented Operating System Wants to Shake Up Cloud Security The operating system, DBOS, natively uses a relational database to reduce cost, ease application development, and maintain cybersecurity and integrity.]]> 2024-03-25T18:00:31+00:00 https://www.darkreading.com/cloud-security/can-a-database-oriented-operating-system-make-the-cloud-more-secure www.secnews.physaphae.fr/article.php?IdArticle=8470384 False Cloud None 2.0000000000000000 The Register - Site journalistique Anglais Plus de 170 000 utilisateurs frappés par la ruse du package Python empoisonné Over 170K users hit by poisoned Python package ruse Supply chain attack targeted GitHub community of Top.gg Discord server More than 170,000 users have been affected by an attack using fake Python infrastructure with "successful exploitation of multiple victims."…]]> 2024-03-25T18:00:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/python_package_malware/ www.secnews.physaphae.fr/article.php?IdArticle=8470276 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Fuite de données pour des marques telles que Timberland, Vans ou Napapijri ? 2024-03-25T17:52:17+00:00 https://www.zataz.com/fuite-de-donnees-pour-des-marques-telles-que-timberland-vans-ou-napapijri/ www.secnews.physaphae.fr/article.php?IdArticle=8470282 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Les sanctions américaines ont allégué des pirates d'État chinois pour des attaques contre les infrastructures critiques US sanctions alleged Chinese state hackers for attacks on critical infrastructure

Les États-Unis ont sanctionné une société basée à Wuhan qui serait un front pour le ministère d'État de la Sécurité de la Chine lundi à la suite de dizaines d'attaques contre des infrastructures critiques. & NBSP;Les départements de la justice et du trésor ont accusé Wuhan Xiaoruizhi Science and Technology Company d'être une couverture pour APT31 - un groupe de piratage basé en Chine connu pour son ciblage précédemment

The U.S. sanctioned a Wuhan-based company believed to be a front for China\'s Ministry of State Security on Monday following dozens of attacks on critical infrastructure. The Justice and Treasury Departments accused Wuhan Xiaoruizhi Science and Technology Company of being a cover for APT31 - a notorious China-based hacking group known for previously targeting]]> 2024-03-25T17:50:21+00:00 https://therecord.media/us-sanctions-chinese-hackers-infrastructure-attacks www.secnews.physaphae.fr/article.php?IdArticle=8470278 False None APT 31 2.0000000000000000 Recorded Future - FLux Recorded Future Les États-Unis pénalisent les entreprises russes fintech qui ont aidé les autres à échapper aux sanctions US penalizes Russian fintech firms that helped others evade sanctions

Les États-Unis ont imposé des sanctions à 13 sociétés fintech liées à la Russie et deux individus pour avoir offert des services de crypto-monnaie utilisés pour échapper aux restrictions économiques imposées à la Russie à la suite de son invasion de l'Ukraine.La nouvelle série de sanctions du Département du Trésor américain \\ survient deux semaines après que la Russie a annoncé qu'elle avait interdit l'entrée à 227 citoyens américains, notamment en premier plan

The U.S. imposed sanctions on 13 Russia-linked fintech companies and two individuals for offering cryptocurrency services used to evade economic restrictions imposed on Russia following its invasion of Ukraine. The U.S. Treasury Department\'s new spate of sanctions comes two weeks after Russia announced that it had banned entry to 227 U.S. citizens, including prominent]]> 2024-03-25T17:49:48+00:00 https://therecord.media/us-sanctions-russian-fintech-firms-evasions-cryptocurrency www.secnews.physaphae.fr/article.php?IdArticle=8470279 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les États-Unis et le Royaume-Uni accusent la Chine de cyber opérations ciblant la politique intérieure US and UK accuse China of cyber operations targeting domestic politics Les responsables de Washington et de Londres disent que les pirates soutenus par l'État chinois ont cherché à faire taire les dissidents et les politiciens de surveillance.

>Officials in Washington and London say hackers backed by the Chinese state sought to silence dissidents and surveil politicians. ]]> 2024-03-25T17:48:52+00:00 https://cyberscoop.com/china-indictments-apt31-surveillance/ www.secnews.physaphae.fr/article.php?IdArticle=8470277 False None None 3.0000000000000000 Korben - Bloger francais Geohot atomise les firmwares AMD et ça fait mal 2024-03-25T17:40:37+00:00 https://korben.info/geohot-atomise-les-firmwares-amd-et-ca-fait-mal.html www.secnews.physaphae.fr/article.php?IdArticle=8470307 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le kit de phishing du nouveau magnat 2fa soulève des problèmes de cybersécurité New Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks]]> 2024-03-25T17:30:00+00:00 https://www.infosecurity-magazine.com/news/new-tycoon-2fa-phishing-kit/ www.secnews.physaphae.fr/article.php?IdArticle=8470281 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers Hijack Github Comptes dans l'attaque de la chaîne d'approvisionnement affectant Top -g et autres Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom]]> 2024-03-25T17:28:00+00:00 https://thehackernews.com/2024/03/hackers-hijack-github-accounts-in.html www.secnews.physaphae.fr/article.php?IdArticle=8470152 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Leçon clé du piratage de pulvérisation de mot de passe de Microsoft \\: sécuriser chaque compte Key Lesson from Microsoft\\'s Password Spray Hack: Secure Every Account In January 2024, Microsoft discovered they\'d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn\'t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of]]> 2024-03-25T17:07:00+00:00 https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html www.secnews.physaphae.fr/article.php?IdArticle=8470153 False Hack,Vulnerability,Threat,Technical None 2.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Statistiques de Netkope Threat Labs pour février 2024 Netskope Threat Labs Stats for February 2024 Netskope Threat Labs publie un article de blog de résumé mensuel des principales menaces que nous suivons sur la plate-forme NetSkope.Cet article vise à fournir une intelligence stratégique et exploitable sur les menaces actives contre les utilisateurs d'entreprise du monde entier.Résumé OneDrive et Github étaient en haut de la liste des applications cloud top utilisées pour les téléchargements de logiciels malveillants, montrant un [& # 8230;]

>Netskope Threat Labs publishes a monthly summary blog post of the top threats we track on the Netskope platform. This post aims to provide strategic, actionable intelligence on active threats against enterprise users worldwide. Summary OneDrive and GitHub were on the top of the list of top cloud apps used for malware downloads, showing a […] ]]> 2024-03-25T17:00:00+00:00 https://www.netskope.com/blog/netskope-threat-labs-stats-for-february-2024 www.secnews.physaphae.fr/article.php?IdArticle=8470254 False Malware,Threat,Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future \\ 'de la grande portée \\' hack voler des informations aux développeurs de Python \\'Far-reaching\\' hack stole information from Python developers

Une récente campagne de logiciels malveillants contre les développeurs de Python est le dernier exemple de l'adhérence et de l'ingéniosité des attaquants qui ciblent la chaîne d'approvisionnement des logiciels, selon des chercheurs en cybersécurité.Les victimes de l'opération «de grande envergure» comprenaient des développeurs individuels qui ont publié publiquement sur leurs incidents, ainsi que les membres de Top.gg - une communauté pour les personnes qui

A recent malware campaign against Python developers is the latest example of the craftiness and resourcefulness of attackers who target the software supply chain, according to cybersecurity researchers. Victims of the “far-reaching” operation included individual developers who publicly wrote about their incidents, as well as members of Top.gg - a community for people who]]> 2024-03-25T16:52:20+00:00 https://therecord.media/far-reaching-hack-stole-information-from-python-developers www.secnews.physaphae.fr/article.php?IdArticle=8470255 False Malware,Hack None 2.0000000000000000 ComputerWeekly - Computer Magazine Hackers chinois responsables de deux cyber campagnes \\ 'malveillant contre le Royaume-Uni Chinese hackers responsible for two \\'malicious\\' cyber campaigns against UK 2024-03-25T16:19:00+00:00 https://www.computerweekly.com/news/366575299/Chinese-hackers-responsible-for-two-malicious-cyber-campaigns-against-UK www.secnews.physaphae.fr/article.php?IdArticle=8470349 False None None 2.0000000000000000 Korben - Bloger francais Microsoft prépare une interface graphique pour WSL avec Dev Home 2024-03-25T16:18:52+00:00 https://korben.info/revolutionnez-wsl-interface-graphique-dev-home.html www.secnews.physaphae.fr/article.php?IdArticle=8470283 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les États-Unis doivent établir des cyber-services militaires indépendants pour résoudre les problèmes \\ 'alarmants - Rapport - Rapport US must establish independent military cyber service to fix \\'alarming\\' problems - report Un nouveau rapport de la Foundation for Defence of Democracies vise à plaider en faveur de la création d'un service militaire indépendant pour le cyber.

>A new report from the Foundation for Defense of Democracies aims to make the case for the creation of an independent military service for cyber. ]]> 2024-03-25T16:00:53+00:00 https://defensescoop.com/2024/03/25/u-s-must-establish-independent-military-cyber-service-or-risk-catastrophic-condition-report/ www.secnews.physaphae.fr/article.php?IdArticle=8470222 False None None 2.0000000000000000 The Register - Site journalistique Anglais Zenhammer descend sur les systèmes AMD Zen 2 et 3 ZenHammer comes down on AMD Zen 2 and 3 systems Boffins demonstrate Rowhammer memory meddling on AMD DDR4 hardware ZenHammer would be the perfect name for a heavy metal band, but alas, it\'s an AMD-focused variant of the decade-old Rowhammer attack that compromises computers by flipping bits of memory.…]]> 2024-03-25T16:00:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/zenhammer_comes_down_on_amd/ www.secnews.physaphae.fr/article.php?IdArticle=8470229 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les fausses accords Ozempic sur la hausse alors que les experts mettent en garde contre les escroqueries à phishing Fake Ozempic Deals on the Rise as Experts Warn of Phishing Scams Kaspersky\'s findings revealed phishing pages posing as vendors, enticing users with discounts]]> 2024-03-25T16:00:00+00:00 https://www.infosecurity-magazine.com/news/phishing-scams-targets-ozempic/ www.secnews.physaphae.fr/article.php?IdArticle=8470232 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le Royaume-Uni blâme la Chine pour 2021 Hack ciblant des millions d'électeurs \\ 'Data UK Blames China for 2021 Hack Targeting Millions of Voters\\' Data The UK\'s NCSC assesses that China-backed APT31 was “almost certainly” responsible for hacking the email accounts of UK parliamentarians]]> 2024-03-25T15:50:00+00:00 https://www.infosecurity-magazine.com/news/uk-blames-china-for-2021-electoral/ www.secnews.physaphae.fr/article.php?IdArticle=8470233 False Hack APT 31 2.0000000000000000 RedCanary - Red Canary Venant dans une ville près de chez vous, il est rouge que Red Canary en direct! Coming to a city near you, it\\'s Red Canary Live! Join us in person to learn how to understand, detect, and respond to threats identified in our sixth annual Threat Detection Report.]]> 2024-03-25T15:49:15+00:00 https://redcanary.com/blog/red-canary-live/ www.secnews.physaphae.fr/article.php?IdArticle=8470220 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Le Royaume-Uni dit que la Chine a visé \\ 'Cyber Cyber Cibunting \\' dans les institutions démocratiques UK says China aimed \\'malicious cyber targeting\\' at democratic institutions

Le gouvernement britannique a publiquement accusé des pirates chinois affiliés à l'État avec «la réalisation de la cyber-activité malveillante ciblant les institutions et les individus britanniques importants pour notre démocratie».Dans une déclaration au Parlement lundi, le vice-Premier ministre Oliver Dowden a déclaré que le Royaume-Uni ne tolérerait pas les attaques contre les institutions démocratiques et avait annoncé des sanctions contre deux individus et

The British government has publicly accused Chinese state-affiliated hackers with “carrying out malicious cyber activity targeting UK institutions and individuals important to our democracy.” In a statement to parliament on Monday, Deputy Prime Minister Oliver Dowden said the United Kingdom would not tolerate attacks against democratic institutions, and announced sanctions against two individuals and]]> 2024-03-25T15:44:01+00:00 https://therecord.media/uk-accuses-china-targeting-democratic-institutions www.secnews.physaphae.fr/article.php?IdArticle=8470231 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Une nouvelle législation oblige les normes minimales de cybersécurité pour protéger les prestataires de soins de santé en cas de futurs hacks New legislation mandates minimum cybersecurity standards to safeguard healthcare providers in case of future hacks A U.S. Senator has introduced the Health Care Cybersecurity Improvement Act of 2024, which proposes providing advance and... ]]> 2024-03-25T15:25:15+00:00 https://industrialcyber.co/regulation-standards-and-compliance/new-legislation-mandates-minimum-cybersecurity-standards-to-safeguard-healthcare-providers-in-case-of-future-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8470227 False Legislation,Medical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial La NSA exhorte les fournisseurs de services cloud à hiérarchiser la sécurité grâce à des pratiques de journalisation efficaces NSA urges cloud service providers to prioritize security through effective logging practices The U.S. National Security Agency (NSA) issued a document urging cloud service providers (CSPs) to prioritize security for... ]]> 2024-03-25T15:18:59+00:00 https://industrialcyber.co/critical-infrastructure/nsa-urges-cloud-service-providers-to-prioritize-security-through-effective-logging-practices/ www.secnews.physaphae.fr/article.php?IdArticle=8470228 False Cloud None 2.0000000000000000 IT Security Guru - Blog Sécurité # MIWIC2024: Lianne Potter, chef de Secops chez Asda et le cyber-anthropologue à des positions compromettantes #MIWIC2024: Lianne Potter, Head of SecOps at ASDA and Cyber Anthropologist at Compromising Positions # miwic2024: Lianne Potter, responsable de Secops à Asda et cyber-anthropologue à des positions compromettantes Il est apparu pour la première fois sur guru de sécurité informatique .

Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024\'s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee\'s answers are […] The post #MIWIC2024: Lianne Potter, Head of SecOps at ASDA and Cyber Anthropologist at Compromising Positions first appeared on IT Security Guru. ]]> 2024-03-25T15:17:03+00:00 https://www.itsecurityguru.org/2024/03/25/miwic2024-lianne-potter-head-of-secops-at-asda-and-cyber-anthropologist-at-compromising-positions/?utm_source=rss&utm_medium=rss&utm_campaign=miwic2024-lianne-potter-head-of-secops-at-asda-and-cyber-anthropologist-at-compromising-positions www.secnews.physaphae.fr/article.php?IdArticle=8470223 False None None 2.0000000000000000 Fortinet - Fabricant Materiel Securite La stratégie nationale de cybersécurité un an plus tard The National Cybersecurity Strategy One Year Later A year after the National Cybersecurity Strategy was released, there has been a major coalescence around the idea of secure by design and secured by default. Read more.]]> 2024-03-25T15:00:00+00:00 https://www.fortinet.com/blog/ciso-collective/the-national-cybersecurity-strategy-one-year-later www.secnews.physaphae.fr/article.php?IdArticle=8470221 False None None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite 25 mars & # 8211;Rapport de renseignement sur les menaces 25th March – Threat Intelligence Report Pour les dernières découvertes de cyber-recherche pour la semaine du 25 mars, veuillez télécharger notre bulletin de menace_ingence.Les principales attaques et violations la société de technologie japonaise Fujitsu ont découvert des logiciels malveillants sur ses ordinateurs de travail, risquant l'exposition des données des clients.La société, une société informatique de premier plan, a détecté un accès non autorisé qui a potentiellement permis aux informations personnelles et clients d'être [& # 8230;]

>For the latest discoveries in cyber research for the week of 25th March, please download our Threat_Intelligence Bulletin. TOP ATTACKS AND BREACHES Japanese tech company Fujitsu discovered malware on its work computers, risking exposure of customer data. The company, a leading IT firm, detected unauthorized access that potentially allowed personal and customer information to be […] ]]> 2024-03-25T14:56:27+00:00 https://research.checkpoint.com/2024/25th-march-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8470198 False Malware,Threat None 2.0000000000000000 Korben - Bloger francais Beetlejuice Beetlejuice – Le grand retour de Michael Keaton et Tim Burton 2024-03-25T14:50:10+00:00 https://korben.info/beetlejuice-2-retour-michael-keaton-tim-burton.html www.secnews.physaphae.fr/article.php?IdArticle=8470199 False None None 3.0000000000000000 Silicon - Site de News Francais Microsoft paie 650 millions $ à Inflection AI après avoir débauché son co-fondateur 2024-03-25T14:32:55+00:00 https://www.silicon.fr/microsoft-paie-650-millions-a-inflection-ai-apres-avoir-debauche-son-co-fondateur-477115.html www.secnews.physaphae.fr/article.php?IdArticle=8470230 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle vulnérabilité "GoFetch" dans les puces Apple M-Series Fuites Secret Encryption Keys New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data]]> 2024-03-25T14:32:00+00:00 https://thehackernews.com/2024/03/new-gofetch-vulnerability-in-apple-m.html www.secnews.physaphae.fr/article.php?IdArticle=8470071 False Vulnerability None 2.0000000000000000 Global Security Mag - Site de news francais CrowdStrike et HCLTech annoncent un partenariat stratégique Business]]> 2024-03-25T14:07:49+00:00 https://www.globalsecuritymag.fr/crowdstrike-et-hcltech-annoncent-un-partenariat-strategique.html www.secnews.physaphae.fr/article.php?IdArticle=8470354 False None None 3.0000000000000000 Korben - Bloger francais L\'histoire méconnue de la boîte " Format " de Windows 2024-03-25T14:05:17+00:00 https://korben.info/mystere-format-dialog-windows-30-ans-intemporalite.html www.secnews.physaphae.fr/article.php?IdArticle=8470200 False None None 2.0000000000000000 Sekoia - Cyber Firms Sekoia.io et Glimps: un nouvel exemple d'interopérabilité dans la plate-forme XDR ouverte Sekoia.io and GLIMPS: a new example of interoperability within the Open XDR platform Ce blog a été écrit par Glimpps et Sekoia.io équipes La plate-forme XDR Open est une alliance de fournisseurs de solutions de cybersécurité spécialisés et complémentaires, qui fournissent une réponse rapide et coordonnée au nombre toujours croissant et à la sophistication des cyberattaques.Cette approche modulaire et personnalisable fournit aux analystes et aux gestionnaires de sécurité les composants dont ils ont besoin pour mieux livrer leur entreprise quotidienne.Cette alliance est [& # 8230;] la Publication Suivante Sekoia.io et Glimps: un nouvel exemple d'interopérabilité dans la plate-forme XDR ouverte est un article de blog Sekoia.io .

>This blogpost was written by Glimps and Sekoia.io teams The Open XDR Platform is an alliance of specialized, complementary cybersecurity solution providers, that provide a rapid, coordinated response to the ever-increasing number and sophistication of cyberattacks. This modular, customizable approach provides analysts and security managers with the components they need to better deliver their day-to-day business. This alliance is […] La publication suivante Sekoia.io and GLIMPS: a new example of interoperability within the Open XDR platform est un article de Sekoia.io Blog.]]> 2024-03-25T14:04:49+00:00 https://blog.sekoia.io/sekoia-io-and-glimps-a-new-example-of-interoperability-within-the-open-xdr-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8470197 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Hackers Poison Source Code de la plus grande plate-forme Discord Bot Hackers poison source code from largest Discord bot platform A new supply chain attack has impacted the top gg Discord bot developers community on GitHub, which has over 170,000 members, with data-stealing malware. [...]]]> 2024-03-25T14:00:01+00:00 https://www.bleepingcomputer.com/news/security/hackers-poison-source-code-from-largest-discord-bot-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8470275 False Malware None 4.0000000000000000 Dark Reading - Informationweek Branch Atténuer le risque tiers nécessite une approche collaborative et approfondie Mitigating Third-Party Risk Requires a Collaborative, Thorough Approach The issue can seem daunting, but most organizations have more agency and flexibility to deal with third-party risk than they think.]]> 2024-03-25T14:00:00+00:00 https://www.darkreading.com/cyber-risk/mitigating-third-party-risk-requires-collaborative-approach www.secnews.physaphae.fr/article.php?IdArticle=8470174 False None None 3.0000000000000000 Global Security Mag - Site de news francais Nouvelle enquête de l\'Observatoire des métiers de la cybersécurité : 3 actions essentielles pour faire face à la pénurie de talents Investigations]]> 2024-03-25T13:56:03+00:00 https://www.globalsecuritymag.fr/nouvelle-enquete-de-l-observatoire-des-metiers-de-la-cybersecurite-3-actions.html www.secnews.physaphae.fr/article.php?IdArticle=8470355 False None None 3.0000000000000000 Global Security Mag - Site de news francais Veritas Backup Exec est disponible Produits]]> 2024-03-25T13:45:20+00:00 https://www.globalsecuritymag.fr/veritas-backup-exec-est-disponible.html www.secnews.physaphae.fr/article.php?IdArticle=8470356 False None None 2.0000000000000000 Global Security Mag - Site de news francais Tanium et Orange Cyberdefense lancent l\'offre Xtended Produits]]> 2024-03-25T13:35:39+00:00 https://www.globalsecuritymag.fr/tanium-et-orange-cyberdefense-lancent-l-offre-xtended.html www.secnews.physaphae.fr/article.php?IdArticle=8470357 False Patching None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires, 25 mars 2024 Weekly OSINT Highlights, 25 March 2024 2024-03-25T13:28:48+00:00 https://community.riskiq.com/article/95f9e604 www.secnews.physaphae.fr/article.php?IdArticle=8470186 False Ransomware,Spam,Malware,Tool,Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Julien Jacquel, Cyberprotect : L\'IA est un nouveau terrain de jeu qui sera exploité aussi bien par les métiers de la cybersécurité que par les attaquants ! Interviews / INCYBER 2024]]> 2024-03-25T13:23:09+00:00 https://www.globalsecuritymag.fr/julien-jacquel-cyberprotect-l-ia-est-un-nouveau-terrain-de-jeu-qui-sera.html www.secnews.physaphae.fr/article.php?IdArticle=8470358 False None None 2.0000000000000000 ProofPoint - Firm Security Les États-Unis et le Royaume-Uni s'en prennent à des pirates chinois accusés d'une opération soutenue par l'État contre les politiciens, des dissidents US and UK go after Chinese hackers accused of state-backed operation against politicians, dissidents 2024-03-25T13:15:37+00:00 https://www.proofpoint.com/us/newsroom/news/us-and-uk-go-after-chinese-hackers-accused-state-backed-operation-against-politicians www.secnews.physaphae.fr/article.php?IdArticle=8474249 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Muddywater lié à l'Iran déploie Atera pour la surveillance dans les attaques de phishing Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the week of March 11, targeted Israeli entities spanning global manufacturing, technology, and]]> 2024-03-25T13:07:00+00:00 https://thehackernews.com/2024/03/iran-linked-muddywater-deploys-atera.html www.secnews.physaphae.fr/article.php?IdArticle=8470039 False Threat None 2.0000000000000000 HackRead - Chercher Cyber New Geobox Tool détourne Raspberry Pi, permet aux pirates de faux emplacement New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location Par deeba ahmed nouvel outil Web Dark Geobox, vendu pour 700 $ sur les forums Telegram et Underground, les détournements Raspberry Pi, permettant aux cybercriminels de truquer les emplacements et d'éviter la détection. Ceci est un article de HackRead.com Lire le post original: New Geobox Tool détourne Raspberry Pi, permet aux pirates de faux emplacement

>By Deeba Ahmed New Dark Web Tool GEOBOX, sold for $700 on Telegram and underground forums, hijacks Raspberry Pi, allowing cybercriminals to fake locations and evade detection. This is a post from HackRead.com Read the original post: New GEOBOX Tool Hijacks Raspberry Pi, Lets Hackers Fake Location]]> 2024-03-25T13:00:20+00:00 https://www.hackread.com/geobox-tool-hijack-raspberry-pi-fake-location/ www.secnews.physaphae.fr/article.php?IdArticle=8470150 False Tool None 3.0000000000000000 McAfee Labs - Editeur Logiciel Phishing pour W-2S: garder vos données financières en sécurité pendant la saison fiscale Phishing for W-2s: Keeping Your Financial Data Safe During Tax Season

Les escroqueries de phishing W-2 impliquent souvent des e-mails qui semblent provenir de l'IRS ou d'une autre source officielle, demandant des informations personnelles.L'objectif est de inciter le bénéficiaire à révéler des données confidentielles, telles que les numéros de sécurité sociale et les informations financières, que l'agresseur peut ensuite utiliser à des fins frauduleuses.

W-2 phishing scams often involve emails that appear to be from the IRS or another official source, requesting personal information. The goal is to trick the recipient into revealing confidential data, such as social security numbers and financial information, which the perpetrator can then use for fraudulent purposes. ]]> 2024-03-25T13:00:17+00:00 https://www.mcafee.com/blogs/privacy-identity-protection/tax-season-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8470194 False None None 2.0000000000000000 Global Security Mag - Site de news francais Une attaque de chaîne d'approvisionnement compliquée frappe les développeurs GitHub et individuels Complicated Supply Chain Attack Hits Github and Individual Developers opinion

Complicated Supply Chain Attack Hits Github and Individual Developers. The Checkmarx Research team announced recently uncovered a complicated attack campaign targeting the software supply chain. - Opinion]]> 2024-03-25T12:35:03+00:00 https://www.globalsecuritymag.fr/complicated-supply-chain-attack-hits-github-and-individual-developers.html www.secnews.physaphae.fr/article.php?IdArticle=8470359 False None None 2.0000000000000000