This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T14:42:57+00:00 www.secnews.physaphae.fr AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Image Source This blog was written by an independent guest blogger. Cybersecurity may be different based on a person's viewpoint. One may want to simply protect and secure their social media accounts from hackers, and that would be the definition of what cybersecurity is to them. On the other hand, a small business owner may want to protect and secure credit card information gathered from their point-of-sale registers and that is what they define as cybersecurity. Despite differences in implementation, at its core, cybersecurity pertains to the mitigation of potential intrusion of unauthorized persons into your system(s). It should encompass all aspects of one’s digital experience--whether you are an individual user or a company. Your cyber protection needs to cover your online platforms, devices, servers, and even your cloud storage. Any unprotected area of your digital journey can serve as an exploit point for hackers and cyber criminals intent on finding vulnerabilities.  People assume that it is the responsibility of the IT Department to stop any intrusion. That may be true up to a certain point, cybersecurity responsibility rests with everyone, in reality. Cybersecurity should be everybody’s business. The cybersecurity landscape is changing. With 68% of businesses saying that their cybersecurity risks have increased, it is no wonder that businesses have been making increased  efforts to protect from, and mitigate attacks. During the height of the pandemic,  about 46% of the workforce shifted to working from home. We saw a surge in cybersecurity attacks - for example, RDP brute-force attacks increased by 400% around the same time. This is why cybersecurity must be and should be everybody’s business. According to the 2019 Cost of Cybercrime Study, cyberattacks often are successful due to employees willingly participating as an internal actors or or employees and affiliates carelessly clicking a link by accident. Sadly, it is still happening today. Unsuspecting employees can be caught vulnerable and cause a corporate-wide cyberattack by opening a phishing email or bringing risks into the company’s network in a BYOD (Bring Your Own Device) system. Just a decade ago, Yahoo experienced a series of major data breaches, via a backdoor to their network system established by a hacker (or a group of hackers). Further digital forensic investigation shows the breach started from a phishing email opened by an employee. Another example was Equifax when it experienced a data breach in 2017 and was liable for fines amounting to $425 million by the Federal Trade Commission (FTC). Companies continue to double up on their investments in cybersecurity and privacy protection today to ensure that incidents like these do not happen to their own networks. But a network is only as strong as its weakest link. Hackers continue to innovate, making their attacks more and mo]]> 2021-01-12T11:00:00+00:00 https://feeds.feedblitz.com/~/641451762/0/alienvault-blogs~Why-cybersecurity-awareness-is-a-team-sport www.secnews.physaphae.fr/article.php?IdArticle=2175341 False Ransomware,Data Breach,Malware,Vulnerability,Guideline Equifax,Equifax,Yahoo,Yahoo None InformationSecurityBuzzNews - Site de News Securite Experts Insight On UN's Environmental Program Breach-100K+ Employee Records Leaked]]> 2021-01-12T10:34:34+00:00 https://informationsecuritybuzz.com/expert-comments/experts-insight-on-uns-environmental-program-breach-100k-employee-records-leaked/ www.secnews.physaphae.fr/article.php?IdArticle=2175315 False Data Breach None None Security Affairs - Blog Secu 2021-01-11T23:08:33+00:00 https://securityaffairs.co/wordpress/113296/data-breach/ubiquiti-discloses-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=ubiquiti-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2173788 False Data Breach None None Bleeping Computer - Magazine Américain 2021-01-11T15:41:51+00:00 https://www.bleepingcomputer.com/news/security/networking-giant-ubiquiti-alerts-customers-of-potential-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2172475 False Data Breach None None Bleeping Computer - Magazine Américain 2021-01-11T01:52:09+00:00 https://www.bleepingcomputer.com/news/security/united-nations-data-breach-exposed-over-100k-unep-staff-records/ www.secnews.physaphae.fr/article.php?IdArticle=2169057 False Data Breach,Vulnerability None None Bleeping Computer - Magazine Américain 2021-01-10T15:43:43+00:00 https://www.bleepingcomputer.com/news/security/new-zealand-reserve-bank-suffers-data-breach-via-hacked-storage-partner/ www.secnews.physaphae.fr/article.php?IdArticle=2167689 False Data Breach,Threat None None Security Affairs - Blog Secu 2021-01-09T18:55:09+00:00 https://securityaffairs.co/wordpress/113216/data-breach/dassault-falcon-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=dassault-falcon-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2164681 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2021-01-08T14:04:50+00:00 https://www.bleepingcomputer.com/news/security/dassault-falcon-jet-reports-data-breach-after-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2159774 False Ransomware,Data Breach None None Veracode - Application Security Research, News, and Education Blog Over the past several years, there have been many changes to software development and software security, including new and enhanced application security (AppSec) scans and architectural shifts like serverless functions and microservices. But despite these advancements, our recent State of Software Security (SOSS) report found that 76 percent of applications have security flaws. Yet CISOs and application security program owners still find themselves having to justify and defend application security initiatives. Members of the Veracode Customer Advisory Board (CAB), a group of AppSec professionals in several industries, faced this challenge as well. In response, a working group subset of the CAB collaborated to establish a set of metrics that security professionals can use to establish, drive adoption, and operationalize their application security program. These data points should help inform decisions at different stages of program maturity while answering the basic question: is the application security program effective or not? How to determine and justify the required resources for an application security program AppSec managers need a justi?ｬ?able AppSec approach and dataset that set parameters around the program, give a starting point, and set up how the program will grow over time. That approach starts with providing evidence that an application security program is necessary and that it will reduce risk. To show that an AppSec program is necessary, call attention to data points around flaw prevalence in applications (76 percent) or the average cost of a data breach ($3.86 million). To show that AppSec programs reduce risk, consider stats like the one from our SOSS report that found that organizations scanning for security the most (more than 300 times per year) fix flaws 11.5x faster than organizations scanning the least. How to determine and prove that development teams are adopting software security practices AppSec success hinges on development buy-in and engagement. Therefore, proving that your AppSec program is effective requires evidence of developer adoption. Consider highlighting the rate at which development teams are taking advantage of APIs to integrate security into their processes Then prove that developers are taking the time to fix the identified flaws by showing your developer???s fix rate (the # of findings closed / the # of findings open). By examining the fix rate, you can see if developers are actively adopting AppSec practices by fixing ??? not just finding ??? vulnerabilities. The fix rate also shows you where additional training or resourcing investment is needed. How to determine if the application security program is operating efficiently AppSec programs are meant to be ongoing ??? not a one-off project with an end date. An effective AppSec program is ultimately a component of the software development process, just like QA, and the measures of success need to reflect that. A key metric here is the correlation between security activities early in the development process and the number of security flaws found in a release candidate or in production. For example, the figure below shows the relationship between security test]]> 2021-01-07T09:18:28+00:00 https://www.veracode.com/blog/intro-appsec/how-communicate-application-security-success-your-executive-leadership www.secnews.physaphae.fr/article.php?IdArticle=2152134 False Data Breach,Guideline None None ZD Net - Magazine Info 2021-01-05T17:15:29+00:00 https://www.zdnet.com/article/italian-mobile-operator-offers-to-replace-sim-cards-after-massive-data-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2146354 False Data Breach None None Veracode - Application Security Research, News, and Education Blog For this year???s State of Software Security v11 (SOSS) report, we examined how both the ???nature??? of applications and how we ???nurture??? them contribute to the time it takes to close out a security flaw. We found that the ???nature??? of applications ??? like size or age ??? can have a negative effect on how long it takes to remediate a security flaw. But, taking steps to ???nurture??? the security of applications ??? like using multiple application security (AppSec) testing types ??? can have a positive effect on how long it takes to remediate security flaws. In our first blog, Nature vs. Nurture Tip 1: Use DAST With SAST, we explored how organizations that combine DAST with SAST address 50 percent of their open security findings almost 25 days faster than organizations that only use SAST. In our second blog, Nature vs. Nurture Tip 2: Scan Frequently and Consistently, we addressed the benefits of frequent and consistent scanning by highlighting the SOSS finding that organization that scan their applications at least daily reduced time to remediation by more than a third, closing 50 percent of security flaws in 2 months. For our third tip, we will explore the importance of software composition analysis (SCA) and how ??? when used in conjunction with static application security testing (SAST) ??? it can shorten the time it takes to address security flaws. What is SCA and why is it important? SCA inspects open source code for vulnerabilities. Some assume that open source code is more secure than first-party code because there are ???more eyes on it,??? but that is often not the case. In fact, according to our SOSS report, almost one-third of applications have more security findings in their third-party libraries than in primary code. Given that a typical Java application is 97 percent third-party code, this is a concerning statistic. Since SCA is the only AppSec testing type that can identify vulnerabilities in open source code, if you don???t employ SCA, you could find yourself victim of a costly breach. In fact, in 2017, Equifax suffered a massive data breach from Apache Struts that compromised the data ??? including Social Security numbers ??? of more than 143 million Americans. Following the breach, Equifax's stock fell over 13 percent. How can SCA with SAST shorten time to remediation? If you are only using static analysis to assess the security of your code, your attack surface is likely bigger than you think. You need to consider third-party code as part of your attack surface, which is only uncovered by using SCA. By incorporating software composition analysis into your security testing mix, you can find and address more flaws. According to SOSS, organizations that employ ???good??? scanning practices (like SCA with SAST), tend to be more mature and further along in their AppSec journey. And organizations with mature AppSec programs tend to remediate flaws faster. For example, employing SCA with SAST cuts ti]]> 2021-01-05T13:25:00+00:00 https://www.veracode.com/blog/intro-appsec/nature-vs-nurture-tip-3-employ-sca-sast www.secnews.physaphae.fr/article.php?IdArticle=2146384 False Data Breach Equifax None Security Affairs - Blog Secu 2021-01-04T22:52:14+00:00 https://securityaffairs.co/wordpress/112994/malware/apex-laboratory-ransomware-attack.html?utm_source=rss&utm_medium=rss&utm_campaign=apex-laboratory-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=2144618 False Ransomware,Data Breach None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-01-04T17:09:53+00:00 https://threatpost.com/t-mobile-another-data-breach/162703/ www.secnews.physaphae.fr/article.php?IdArticle=2144229 False Data Breach None None Dark Reading - Informationweek Branch 2021-01-04T14:10:00+00:00 https://www.darkreading.com/attacks-breaches/t-mobile-hacked----again/d/d-id/1339819?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=2144359 False Data Breach None None IT Security Guru - Blog Sécurité 2021-01-04T12:25:19+00:00 https://www.itsecurityguru.org/2021/01/04/hacker-sells-368-8-million-stolen-user-records-on-the-dark-web/?utm_source=rss&utm_medium=rss&utm_campaign=hacker-sells-368-8-million-stolen-user-records-on-the-dark-web www.secnews.physaphae.fr/article.php?IdArticle=2143707 True Data Breach None None ZD Net - Magazine Info 2021-01-04T10:45:24+00:00 https://www.zdnet.com/article/t-mobile-discloses-its-fourth-data-breach-in-three-years/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2143524 False Data Breach None None Security Affairs - Blog Secu 2020-12-31T18:48:52+00:00 https://securityaffairs.co/wordpress/112842/data-breach/data-breaches-records-sale.html?utm_source=rss&utm_medium=rss&utm_campaign=data-breaches-records-sale www.secnews.physaphae.fr/article.php?IdArticle=2138082 True Data Breach,Threat None None Bleeping Computer - Magazine Américain 2020-12-31T10:04:01+00:00 https://www.bleepingcomputer.com/news/security/data-breach-broker-selling-user-records-stolen-from-26-companies/ www.secnews.physaphae.fr/article.php?IdArticle=2137845 False Data Breach None None Security Affairs - Blog Secu 2020-12-30T23:13:06+00:00 https://securityaffairs.co/wordpress/112811/data-breach/t-mobile-data-breach-3.html?utm_source=rss&utm_medium=rss&utm_campaign=t-mobile-data-breach-3 www.secnews.physaphae.fr/article.php?IdArticle=2136675 True Data Breach None None Bleeping Computer - Magazine Américain 2020-12-30T12:04:12+00:00 https://www.bleepingcomputer.com/news/security/t-mobile-data-breach-exposed-phone-numbers-call-records/ www.secnews.physaphae.fr/article.php?IdArticle=2136153 False Data Breach None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2020-12-29T15:11:13+00:00 https://threatpost.com/japanese-aerospace-firm-kawasaki-warns-of-data-breach/162642/ www.secnews.physaphae.fr/article.php?IdArticle=2134265 False Data Breach None None Bleeping Computer - Magazine Américain 2020-12-26T13:51:17+00:00 https://www.bleepingcomputer.com/news/security/koei-tecmo-discloses-data-breach-after-hacker-leaks-stolen-data/ www.secnews.physaphae.fr/article.php?IdArticle=2128866 False Data Breach None None Bleeping Computer - Magazine Américain 2020-12-24T13:12:37+00:00 https://www.bleepingcomputer.com/news/security/freepbx-developer-sangoma-hit-with-conti-ransomware-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2125284 False Ransomware,Data Breach None None Bleeping Computer - Magazine Américain 2020-12-24T10:20:49+00:00 https://www.bleepingcomputer.com/news/security/netgalley-discloses-data-breach-after-website-was-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=2124999 False Data Breach,Threat None None TechRepublic - Security News US 2020-12-22T19:47:00+00:00 https://www.techrepublic.com/article/dont-let-a-data-breach-sink-your-business-heres-what-you-need-to-know/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2122699 False Data Breach None None SC Magazine - Magazine 2020-12-21T22:33:02+00:00 https://www.scmagazine.com/home/email-security/breach-alerts-dismissed-as-junk-new-guide-for-sending-vital-emails-may-help/ www.secnews.physaphae.fr/article.php?IdArticle=2118172 False Data Breach None None The State of Security - Magazine Américain Read More ]]> 2020-12-21T04:00:31+00:00 https://www.tripwire.com/state-of-security/featured/most-common-website-security-attacks-and-how-to-protect-yourself/ www.secnews.physaphae.fr/article.php?IdArticle=2116007 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Experts Insight On People’s Energy Data Breach]]> 2020-12-18T20:24:54+00:00 https://www.informationsecuritybuzz.com/expert-comments/experts-insight-on-peoples-energy-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2111248 False Data Breach None None SecureMac - Security focused on MAC 2020-12-18T16:41:43+00:00 https://www.securemac.com/news/solarwinds-hack-impacts-u-s-government-and-military-exposes-most-of-fortune-500 www.secnews.physaphae.fr/article.php?IdArticle=2110693 False Data Breach,Hack None None InfoSecurity Mag - InfoSecurity Magazine 2020-12-18T11:05:00+00:00 https://www.infosecurity-magazine.com:443/news/uk-energy-data-breach-customer/ www.secnews.physaphae.fr/article.php?IdArticle=2109662 False Data Breach None None BBC - BBC News - Technology 2020-12-17T14:34:41+00:00 https://www.bbc.co.uk/news/technology-55350995 www.secnews.physaphae.fr/article.php?IdArticle=2107884 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Irish Twitter fine Is Seasonal Reminder That Hackers Don’t Take A Break]]> 2020-12-16T15:17:43+00:00 https://www.informationsecuritybuzz.com/expert-comments/irish-twitter-fine-is-seasonal-reminder-that-hackers-dont-take-a-break/ www.secnews.physaphae.fr/article.php?IdArticle=2105282 False Data Breach None None InfoSecurity Mag - InfoSecurity Magazine 2020-12-15T17:53:00+00:00 https://www.infosecurity-magazine.com:443/news/svh-notifies-67k-patients-of-data/ www.secnews.physaphae.fr/article.php?IdArticle=2103428 False Data Breach None None BBC - BBC News - Technology 2020-12-15T14:36:26+00:00 https://www.bbc.co.uk/news/technology-55317207 www.secnews.physaphae.fr/article.php?IdArticle=2102874 False Data Breach None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC required by law in most states - and devising strategies to deal with the backlash. This is an all too common scenario for many businesses, and the unfortunate truth is that most organizations fail to adopt the correct cybersecurity procedures until after an attack. The good news is that with a proactive approach to protecting your data, these kinds of nightmares can be avoided. New technology is constantly providing hackers new opportunities to commit cybercrimes. Most organizations have encrypted their data whether it’s stored on the cloud or in a server provided by their web host, but this isn’t enough. Even properly encrypted disc level encryption is vulnerable to security breaches.  In this article, we will discuss the weaknesses found in disc level encryption and why it’s best to ensure your data is encrypted at the application layer. We’ll also discuss the importance of active involvement from a cybersecurity team in the beginning stages of application development, and why developers need to have a renewed focus on cybersecurity in a “security-as-code” culture.  The importance of application-layer security Organizations all too often have a piecemeal, siloed approach to security. Increasingly competitive tech environments have pushed developers into building new products at a pace cybersecurity experts sometimes can’t keep up with. This is why it’s becoming more common for vulnerabilities to be detected only after an application launches or a data breach occurs. Application layer encryption reduces surface area and encrypts data at the application level. That means if one application is compromised, the entire system does not become at risk. To reduce attack surfaces, individual users and third parties should not have access to encrypted data or keys. This leaves would-be cybercriminals with only the customer-facing end of the application for finding vulnerabilities, and this can be easily protected and audited for security.  Building AI and application-layer security into code Application layer security and building security into the coding itself requires that your DevOps and cybersecurity experts work closely together to form a DevSecOps dream team. Developers are increasingly working hand-in-hand with cybersecurity experts from the very beginning stages of software development to ensure a “security-as-code” culture is upheld.  However, there are some very interesting developments in AI that present opportunities to streamline this process. In fact, 78% of data scientists agree that artificial intelligence will have the greatest impact on data protection for the decade. Here are four ways AI is transforming application layer security: 1. Misuse detection or application security breach detection Also referred to as signature-based detection, AI systems alert teams when familiar attack patterns are noticed.]]> 2020-12-15T11:00:00+00:00 https://feeds.feedblitz.com/~/640329640/0/alienvault-blogs~Why-applicationlayer-encryption-is-essential-for-securing-confidential-data www.secnews.physaphae.fr/article.php?IdArticle=2102430 False Data Breach,Vulnerability,Threat Deloitte None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2020-12-14T20:45:31+00:00 https://threatpost.com/spotify-changes-passwords-data-breach/162256/ www.secnews.physaphae.fr/article.php?IdArticle=2101427 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Spotify Pushes Pw. Reset After Leak – Gurucul, Point3 And YouAttest Perspectives]]> 2020-12-14T14:10:33+00:00 https://www.informationsecuritybuzz.com/expert-comments/spotify-pushes-pw-reset-after-leak-gurucul-point3-and-youattest-perspectives/ www.secnews.physaphae.fr/article.php?IdArticle=2100740 False Data Breach None None Security Affairs - Blog Secu 2020-12-14T08:13:23+00:00 https://securityaffairs.co/wordpress/112267/data-breach/uipath-data-leak.html?utm_source=rss&utm_medium=rss&utm_campaign=uipath-data-leak www.secnews.physaphae.fr/article.php?IdArticle=2099931 False Data Breach,Guideline None None IT Security Guru - Blog Sécurité 2020-12-11T12:52:36+00:00 https://www.itsecurityguru.org/2020/12/11/ledger-cryptocurrency-wallets-stolen-in-fake-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=ledger-cryptocurrency-wallets-stolen-in-fake-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2092270 False Data Breach None None ZD Net - Magazine Info 2020-12-10T22:40:39+00:00 https://www.zdnet.com/article/robotics-unicorn-uipath-discloses-data-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2090565 False Data Breach None None Bleeping Computer - Magazine Américain 2020-12-10T17:54:40+00:00 https://www.bleepingcomputer.com/news/security/fake-data-breach-alerts-used-to-steal-ledger-cryptocurrency-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=2090459 False Data Breach None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2020-12-10T08:03:00+00:00 https://www.csoonline.com/article/3600893/fireeye-breach-explained-how-worried-should-you-be.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2089461 False Data Breach,Tool None None Security Intelligence - Site de news Américain 2020-12-08T15:00:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/ee2JrYbzlVQ/ www.secnews.physaphae.fr/article.php?IdArticle=2085124 False Data Breach None None TechRepublic - Security News US 2020-12-07T17:23:10+00:00 https://www.techrepublic.com/article/experian-predicts-5-key-data-breach-targets-for-2021/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=2083301 False Data Breach None None IT Security Guru - Blog Sécurité 2020-12-04T10:53:17+00:00 https://www.itsecurityguru.org/2020/12/04/israeli-insurance-company-extorted-by-blackshadow-hackers/?utm_source=rss&utm_medium=rss&utm_campaign=israeli-insurance-company-extorted-by-blackshadow-hackers www.secnews.physaphae.fr/article.php?IdArticle=2076900 False Data Breach None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC study, Hackers attack every 39 seconds, on average 2,244 times a day. It may be even higher now that more of us are working remotely because of Covid19 and the attack surface has greatly expanded in numbers and vulnerability. Clearly, with the plethora of breaches, spams, and ransomware we already experienced in 2020, we need to be better prepared in 2021. What are a couple of cybersecurity hygiene action upgrades that will improve outcomes in 2021?   #1 Passwords Poor passwords have always been viewed as the low hanging fruit for hackers as the easiest way into the crown jewels of data. Yet, many still use common passwords such as #132456 #password, or birthdays that pose little barriers to letting the bad guys access your accounts, In fact, a UK National Cyber Security Centre 2019 survey analysis discovered that  23.2 million victim accounts from all parts of the world used 123456 as a password. Another 7.8 million data breach victims chose a 12345678 password. More than 3.5 million people globally picked up the word "password" to protect access to their sensitive information. Now that we have all become creatures of social media, hackers can use social engineering tactics by exploring your social media accounts that often highlight pet names (quite often used as passwords - I admit I have been guilty of that too) or other identifiable items that may give clues to passwords and interests. What is particularly alarming is that there are algorithmic programs that can also utilize public social sites and marketing information to “guess” passwords.  Actions: remedies are easy to get beyond that bad habit of using easy passwords to crack. Do not use default passwords on your devices and when you do create passwords make them complicated. Consider making them long or using phrases with letters, numbers and characters. Also, do not use the same password for multiple accounts. Make it difficult for hackers to get in with one try. Make their  challenges more difficult by using multifactor or biometric authentication such as a fingerprint, facial recognition, or texts to verify it is you when you sign in. And if you want to make things less stressful on your memory (we all forget our passwords), consider using a security token and/or password manager. The bottom line is that secure passwords are a basic step to stronger cyber hygiene. #2  Phishing  Phishing is the tool of choice for many hackers. Phishing is commonly defined as a technique of hackers to exfiltrate your valuable data, or to spread malware. Anyone can be fooled by a targeted phish, especially when it appears to be coming as a personal email from someone higher up the work chain, or from a bank, organization or a website you may frequent. Usually the phishing malware comes via email attachments but can also be web-based. According to an analysis by Webroot, 46,000 new phishing sites are created every day and 1.385 million new, unique phishing sites are created each month. At a more granular level, the firm Wandera says that a new phishing site launches every 20 seconds.  Advances in technologies have made it easier for hackers to phish. They can use readily available digital graphics, apply social engineering data, and a vast array of phishing tools, including some automated by machine learning. Phishing is often accompanied by ransomware and a tactic for hackers is to target leadership a]]> 2020-12-03T12:00:00+00:00 https://feeds.feedblitz.com/~/639536772/0/alienvault-blogs~Two-cybersecurity-hygiene-actions-to-improve-your-digital-life-in www.secnews.physaphae.fr/article.php?IdArticle=2074683 False Ransomware,Data Breach,Malware,Tool,Vulnerability,Threat,Guideline None None InformationSecurityBuzzNews - Site de News Securite COMMENT: AspenPointe Warns 295K Patients Of Data Breach exposing Their Personal Identifiable Information And Health Data]]> 2020-12-02T14:59:19+00:00 https://www.informationsecuritybuzz.com/expert-comments/comment-aspenpointe-warns-295k-patients-of-data-breach-exposing-their-personal-identifiable-information-and-health-data/ www.secnews.physaphae.fr/article.php?IdArticle=2072297 False Data Breach None None Security Intelligence - Site de news Américain 2020-12-01T11:00:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/hObJdTvyFyU/ www.secnews.physaphae.fr/article.php?IdArticle=2069949 False Data Breach None None Bleeping Computer - Magazine Américain 2020-11-30T13:12:44+00:00 https://www.bleepingcomputer.com/news/security/healthcare-provider-aspenpointe-data-breach-affects-295k-patients/ www.secnews.physaphae.fr/article.php?IdArticle=2068014 False Data Breach None None ZD Net - Magazine Info 2020-11-27T10:07:06+00:00 https://www.zdnet.com/article/networking-equipment-vendor-belden-discloses-data-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2059359 False Data Breach None None Security Affairs - Blog Secu 2020-11-27T08:23:46+00:00 https://securityaffairs.co/wordpress/111523/malware/canon-confirms-ransomware-attack.html?utm_source=rss&utm_medium=rss&utm_campaign=canon-confirms-ransomware-attack www.secnews.physaphae.fr/article.php?IdArticle=2059201 False Ransomware,Data Breach,Threat None None Security Affairs - Blog Secu 2020-11-25T23:09:03+00:00 https://securityaffairs.co/wordpress/111468/data-breach/belden-discloses-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=belden-discloses-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2055977 False Data Breach,Threat None None Security Affairs - Blog Secu 2020-11-25T14:24:15+00:00 https://securityaffairs.co/wordpress/111452/security/home-depot-settlement.html?utm_source=rss&utm_medium=rss&utm_campaign=home-depot-settlement www.secnews.physaphae.fr/article.php?IdArticle=2055220 False Data Breach None None ZD Net - Magazine Info 2020-11-25T10:07:21+00:00 https://www.zdnet.com/article/home-depot-agrees-to-17-5m-settlement-over-2014-data-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2054825 False Data Breach None None CSO - CSO Daily Dashboard 2020 Data Breach Investigations Report finds that phishing is the top threat action associated with breaches.Enterprises regularly remind users to beware of phishing attacks, but many users don't really know how to recognize them. And humans tend to be bad at recognizing scams.]]> 2020-11-24T03:00:00+00:00 https://www.csoonline.com/article/3234716/8-types-of-phishing-attack-and-how-to-identify-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2053000 False Data Breach,Threat None None CSO - CSO Daily Dashboard 2020 Data Breach Investigations Report finds that phishing is the top threat action associated with breaches.Enterprises regularly remind users to beware of phishing attacks, but many users don't really know how to recognize them. And humans tend to be bad at recognizing scams.]]> 2020-11-24T03:00:00+00:00 https://www.csoonline.com/article/3234716/8-types-of-phishing-attacks-and-how-to-identify-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2054806 True Data Breach,Threat None None Dark Reading - Informationweek Branch 2020-11-19T18:30:00+00:00 https://www.darkreading.com/attacks-breaches/iowa-hospital-alerts-60k-individuals-affected-by-june-data-breach/d/d-id/1339497?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=2045728 False Data Breach None None SC Magazine - Magazine 2020-11-18T11:00:31+00:00 https://www.scmagazine.com/home/security-news/how-to-prevent-expensive-data-breaches-in-the-cloud/ www.secnews.physaphae.fr/article.php?IdArticle=2041821 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Ticketmaster Fined £1.25m Over Payment Data Breach]]> 2020-11-17T13:32:26+00:00 https://www.informationsecuritybuzz.com/expert-comments/ticketmaster-fined-1-25m-over-payment-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2040127 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Expert Insight: Info Of 27.7 Million Texas Drivers Exposed In Vertafore Data Breach]]> 2020-11-16T10:45:39+00:00 https://www.informationsecuritybuzz.com/expert-comments/expert-insight-info-of-27-7-million-texas-drivers-exposed-in-vertafore-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2037769 False Data Breach None None Security Affairs - Blog Secu 2020-11-15T13:06:59+00:00 https://securityaffairs.co/wordpress/110950/breaking-news/security-affairs-newsletter-round-289.html?utm_source=rss&utm_medium=rss&utm_campaign=security-affairs-newsletter-round-289 www.secnews.physaphae.fr/article.php?IdArticle=2036203 False Data Breach None None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2020-11-13T17:04:48+00:00 https://threatpost.com/ticketmaster-fine-2018-data-breach/161198/ www.secnews.physaphae.fr/article.php?IdArticle=2032823 False Data Breach None None BBC - BBC News - Technology 2020-11-13T12:06:30+00:00 https://www.bbc.co.uk/news/technology-54931873 www.secnews.physaphae.fr/article.php?IdArticle=2032522 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Animal Jam Kids’ Virtual World Hit By Data Breach, Impacting 46m Accounts: Expert Commentary]]> 2020-11-13T10:38:17+00:00 https://www.informationsecuritybuzz.com/expert-comments/animal-jam-kids-virtual-world-hit-by-data-breach-impacting-46m-accounts-expert-commentary/ www.secnews.physaphae.fr/article.php?IdArticle=2032313 False Data Breach None None IT Security Guru - Blog Sécurité 2020-11-13T10:37:04+00:00 https://www.itsecurityguru.org/2020/11/13/stock-photo-service-123rd-suffered-major-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=stock-photo-service-123rd-suffered-major-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2032283 False Data Breach None None Security Affairs - Blog Secu 2020-11-13T10:13:08+00:00 https://securityaffairs.co/wordpress/110848/data-breach/vertafore-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=vertafore-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2032261 False Data Breach None None ZD Net - Magazine Info 2020-11-13T05:40:03+00:00 https://www.zdnet.com/article/info-of-27-7-million-texas-drivers-exposed-in-vertafore-data-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2031986 False Data Breach None None Security Affairs - Blog Secu 2020-11-12T18:01:01+00:00 https://securityaffairs.co/wordpress/110831/data-breach/animal-jam-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=animal-jam-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2031162 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Almost Four-In-Ten Data Breaches Are Caused By Stressed, Tired Employees]]> 2020-11-11T10:36:43+00:00 https://www.informationsecuritybuzz.com/expert-comments/almost-four-in-ten-data-breaches-are-caused-by-stressed-tired-employees/ www.secnews.physaphae.fr/article.php?IdArticle=2028800 True Data Breach None None InformationSecurityBuzzNews - Site de News Securite Experts On 5.8 Million RedDoorz User Records For Sale On Hacking Forum]]> 2020-11-11T10:33:39+00:00 https://www.informationsecuritybuzz.com/expert-comments/experts-on-5-8-million-reddoorz-user-records-for-sale-on-hacking-forum/ www.secnews.physaphae.fr/article.php?IdArticle=2028801 False Data Breach,Threat None None InformationSecurityBuzzNews - Site de News Securite Experts Reaction On Latest Mashable Data Breach]]> 2020-11-10T15:50:43+00:00 https://www.informationsecuritybuzz.com/expert-comments/experts-reaction-on-latest-mashable-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2027358 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Expert Comment On Big Basket Data Breach]]> 2020-11-10T15:41:35+00:00 https://www.informationsecuritybuzz.com/expert-comments/expert-comment-on-big-basket-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=2027359 False Data Breach,Guideline None None IT Security Guru - Blog Sécurité 2020-11-10T11:12:08+00:00 https://www.itsecurityguru.org/2020/11/10/mashable-suffers-data-breach-exposing-users-details/?utm_source=rss&utm_medium=rss&utm_campaign=mashable-suffers-data-breach-exposing-users-details www.secnews.physaphae.fr/article.php?IdArticle=2026885 False Data Breach None None IT Security Guru - Blog Sécurité 2020-11-10T10:55:32+00:00 https://www.itsecurityguru.org/2020/11/10/reddoorz-user-record-for-sale-by-threat-actor-on-hacking-forum/?utm_source=rss&utm_medium=rss&utm_campaign=reddoorz-user-record-for-sale-by-threat-actor-on-hacking-forum www.secnews.physaphae.fr/article.php?IdArticle=2026886 False Data Breach,Threat None None InformationSecurityBuzzNews - Site de News Securite Stressed Employees Behind 4 In 10 Data Breaches]]> 2020-11-10T10:45:16+00:00 https://www.informationsecuritybuzz.com/expert-comments/stressed-employees-behind-4-in-10-data-breaches/ www.secnews.physaphae.fr/article.php?IdArticle=2026915 False Data Breach None None IT Security Guru - Blog Sécurité 2020-11-10T10:41:57+00:00 https://www.itsecurityguru.org/2020/11/10/worlds-largest-eyewear-company-suffers-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=worlds-largest-eyewear-company-suffers-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2026887 False Data Breach None None IT Security Guru - Blog Sécurité 2020-11-09T13:54:52+00:00 https://www.itsecurityguru.org/2020/11/09/millions-of-hotel-guests-have-data-exposed-after-hotel-booking-firm-experiences-breach/?utm_source=rss&utm_medium=rss&utm_campaign=millions-of-hotel-guests-have-data-exposed-after-hotel-booking-firm-experiences-breach www.secnews.physaphae.fr/article.php?IdArticle=2024947 False Data Breach,Guideline None None Security Affairs - Blog Secu 2020-11-08T14:06:43+00:00 https://securityaffairs.co/wordpress/110578/breaking-news/security-affairs-newsletter-round-288.html?utm_source=rss&utm_medium=rss&utm_campaign=security-affairs-newsletter-round-288 www.secnews.physaphae.fr/article.php?IdArticle=2023216 False Ransomware,Data Breach None None Security Affairs - Blog Secu 2020-11-08T12:56:19+00:00 https://securityaffairs.co/wordpress/110565/data-breach/luxottica-lenscrafters-eyemed-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=luxottica-lenscrafters-eyemed-data-breach www.secnews.physaphae.fr/article.php?IdArticle=2023152 False Data Breach None None Security Affairs - Blog Secu 2020-11-02T08:31:41+00:00 https://securityaffairs.co/wordpress/110297/data-breach/uk-ico-fines-marriott.html?utm_source=rss&utm_medium=rss&utm_campaign=uk-ico-fines-marriott www.secnews.physaphae.fr/article.php?IdArticle=2010079 False Data Breach None None ZD Net - Magazine Info 2020-11-02T08:31:26+00:00 https://www.zdnet.com/article/marriott-fined-gbp18-4-million-by-uk-watchdog-over-customer-data-breach/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=2010147 False Data Breach None None Security Affairs - Blog Secu 2020-11-01T11:11:49+00:00 https://securityaffairs.co/wordpress/110259/uncategorized/account-databases-stolen-17-companies.html?utm_source=rss&utm_medium=rss&utm_campaign=account-databases-stolen-17-companies www.secnews.physaphae.fr/article.php?IdArticle=2008233 False Data Breach,Threat None None Malwarebytes Labs - MalwarebytesLabs A Finnish psychotherapy practice suffered a data breach (or two). Now its patients are receiving extortion messages. Categories: Cybercrime Tags: data breachextortiongdprpatient recordsvastaamo (Read more...) ]]> 2020-10-30T20:31:28+00:00 https://blog.malwarebytes.com/cybercrime/2020/10/vastaamo-psychotherapy-data-breach-sees-the-most-vulnerable-victims-extorted/ www.secnews.physaphae.fr/article.php?IdArticle=2005283 False Data Breach None None Graham Cluley - Blog Security 2020-10-30T13:53:13+00:00 https://hotforsecurity.bitdefender.com/blog/marriott-data-breach-fine-slashed-to-18-4-million-by-uk-regulator-24457.html www.secnews.physaphae.fr/article.php?IdArticle=2004402 False Data Breach None None BBC - BBC News - Technology 2020-10-30T12:42:12+00:00 https://www.bbc.co.uk/news/technology-54748843 www.secnews.physaphae.fr/article.php?IdArticle=2004265 False Data Breach None None CSO - CSO Daily Dashboard Here's where the money goes. | Get the latest from CSO by signing up for our newsletters. ]]]> 2020-10-29T03:00:00+00:00 https://www.csoonline.com/article/3191947/supply-chain-attacks-show-why-you-should-be-wary-of-third-party-providers.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=2011738 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Finnish Psych Patients Blackmailed Following Breach – CEO Perspective]]> 2020-10-28T10:16:09+00:00 https://www.informationsecuritybuzz.com/expert-comments/finnish-psych-patients-blackmailed-following-breach-ceo-perspective/ www.secnews.physaphae.fr/article.php?IdArticle=2000289 False Data Breach None None Graham Cluley - Blog Security 2020-10-27T15:46:57+00:00 https://grahamcluley.com/finnish-therapy-clinics-ceo-fired-after-despicable-data-breach-and-blackmail-threats/ www.secnews.physaphae.fr/article.php?IdArticle=1999407 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Psychotherapy Clinic Data Breach – No Data Is Safe]]> 2020-10-27T15:29:12+00:00 https://www.informationsecuritybuzz.com/expert-comments/psychotherapy-clinic-data-breach-no-data-is-safe/ www.secnews.physaphae.fr/article.php?IdArticle=1999454 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Expert Commentary: Massive Nitro Data Breach Impacts Microsoft, Google, Apple, More]]> 2020-10-27T14:42:29+00:00 https://www.informationsecuritybuzz.com/expert-comments/expert-commentary-massive-nitro-data-breach-impacts-microsoft-google-apple-more/ www.secnews.physaphae.fr/article.php?IdArticle=1999253 False Data Breach None None Security Affairs - Blog Secu 2020-10-27T13:24:47+00:00 https://securityaffairs.co/wordpress/110054/data-breach/fragomen-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=fragomen-data-breach www.secnews.physaphae.fr/article.php?IdArticle=1999188 False Data Breach None None IT Security Guru - Blog Sécurité 2020-10-27T10:47:20+00:00 https://www.itsecurityguru.org/2020/10/27/law-firm-used-by-google-confirms-data-breach/?utm_source=rss&utm_medium=rss&utm_campaign=law-firm-used-by-google-confirms-data-breach www.secnews.physaphae.fr/article.php?IdArticle=1998911 False Data Breach None None Security Affairs - Blog Secu 2020-10-26T22:02:42+00:00 https://securityaffairs.co/wordpress/110025/data-breach/nitro-pdf-data-breach.html?utm_source=rss&utm_medium=rss&utm_campaign=nitro-pdf-data-breach www.secnews.physaphae.fr/article.php?IdArticle=1997873 False Data Breach None None BBC - BBC News - Technology 2020-10-26T12:44:39+00:00 https://www.bbc.co.uk/news/technology-54692120 www.secnews.physaphae.fr/article.php?IdArticle=1996926 False Data Breach None None Security Affairs - Blog Secu 2020-10-26T08:18:20+00:00 https://securityaffairs.co/wordpress/109994/hacking/covid-19-vaccine-manufacturer-hacked.html?utm_source=rss&utm_medium=rss&utm_campaign=covid-19-vaccine-manufacturer-hacked www.secnews.physaphae.fr/article.php?IdArticle=1996422 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Experts Reacted On Pharma Giant Pfizer Exposes Patient Data On Unsecured Cloud Storage]]> 2020-10-23T10:23:34+00:00 https://www.informationsecuritybuzz.com/expert-comments/experts-reacted-on-pharma-giant-pfizer-exposes-patient-data-on-unsecured-cloud-storage/ www.secnews.physaphae.fr/article.php?IdArticle=1992560 False Data Breach None None McAfee Labs - Editeur Logiciel Five Tips to Secure Your Credit Card Data From This Recent Data Breach Users share their personal information with companies for multiple reasons. Whether they're checking into a hotel room, using a credit card to make a purchase at their favorite food spot, or collecting rewards points at a local coffee shop, consumers give companies […] ]]> 2020-10-22T15:48:01+00:00 https://www.mcafee.com/blogs/consumer/consumer-threat-notices/data-breach-security-steps/ www.secnews.physaphae.fr/article.php?IdArticle=2031302 False Data Breach None 2.0000000000000000 Dark Reading - Informationweek Branch 2020-10-21T12:00:00+00:00 https://www.darkreading.com/operations/are-you-one-covid-19-test-away-from-a-cybersecurity-disaster/a/d-id/1339201?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1989513 False Ransomware,Data Breach None None Security Intelligence - Site de news Américain 2020-10-21T10:00:00+00:00 http://feedproxy.google.com/~r/SecurityIntelligence/~3/_GF2DzrYTKc/ www.secnews.physaphae.fr/article.php?IdArticle=1988893 False Data Breach None None InformationSecurityBuzzNews - Site de News Securite Albion Games Online Forum Suffers Data Breach – Experts Insight]]> 2020-10-20T13:27:47+00:00 https://www.informationsecuritybuzz.com/expert-comments/albion-games-online-forum-suffers-data-breach-experts-insight/ www.secnews.physaphae.fr/article.php?IdArticle=1987747 False Data Breach None None