This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-04T09:56:27+00:00 www.secnews.physaphae.fr Recorded Future - FLux Recorded Future La principale agence de cybersécurité de la nation a dévoilé la version initiale d'une nouvelle règle détaillant comment les organisations d'infrastructures critiques doivent signaler les cyberattaques au gouvernement fédéral. & NBSP;L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a affiché l'ensemble de réglementations de 447 pages en vertu du Cyber Incident Reporting for Critical Infrastructure Act au Federal Register, permettant

---

The nation\'s top cybersecurity agency has unveiled the initial draft of a new rule detailing how critical infrastructure organizations need to report cyberattacks to the federal government.  The Cybersecurity and Infrastructure Security Agency (CISA) posted the 447-page set of regulations under the Cyber Incident Reporting for Critical Infrastructure Act to the Federal Register, allowing]]> 2024-03-27T20:31:52+00:00 https://therecord.media/cisa-publishes-circia-rule-cyber-incident-reporting www.secnews.physaphae.fr/article.php?IdArticle=8471603 False None None 4.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

CyberArk Launches Industry\'s First Identity-Centric Secure Browser CyberArk Secure Browser Makes It Easy to Tailor Security, Privacy and Productivity Controls on Managed and Unmanaged Workforce Devices - Product Reviews]]> 2024-03-27T20:30:03+00:00 https://www.globalsecuritymag.fr/cyberark-announced-the-availability-of-cyberark-secure-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8471616 False None None 1.00000000000000000000 Dark Reading - Informationweek Branch 2024-03-27T20:29:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/new-cyber-threats-to-challenge-financial-services-sector-in-2024 www.secnews.physaphae.fr/article.php?IdArticle=8471599 False None None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T20:24:53+00:00 https://www.globalsecuritymag.fr/31-mars-journee-mondiale-de-la-sauvegarde-des-donnees-pourquoi-les-sauvegardes.html www.secnews.physaphae.fr/article.php?IdArticle=8471617 False Ransomware None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T20:15:14+00:00 https://www.globalsecuritymag.fr/recrutement-dans-la-cybersecurite-en-europe-selon-3-entreprises-sur-10-trois-a.html www.secnews.physaphae.fr/article.php?IdArticle=8471618 False None None 3.0000000000000000 HackRead - Chercher Cyber Par waqas Le groupe d'analyse des menaces de Google (TAG) rapporte une augmentation préoccupante des exploits zéro-jours et une activité accrue à partir de pirates soutenus par l'État. & # 8230; Ceci est un article de HackRead.com Lire la publication originale: Google Tag rapporte que la surtension zéro-jour et la montée des menaces de pirate d'État

---

>By Waqas Google’s Threat Analysis Group (TAG) reports a concerning rise in zero-day exploits and increased activity from state-backed hackers.… This is a post from HackRead.com Read the original post: Google TAG Reports Zero-Day Surge and Rise of State Hacker Threats]]> 2024-03-27T20:13:37+00:00 https://www.hackread.com/google-tag-zero-day-state-hacker-threat-surge/ www.secnews.physaphae.fr/article.php?IdArticle=8471595 False Vulnerability,Threat None 4.0000000000000000 Dark Reading - Informationweek Branch Hotel locks have been vulnerable to cyber compromise for decades and are extending their run into the digital age.]]> 2024-03-27T20:10:46+00:00 https://www.darkreading.com/vulnerabilities-threats/millions-hotel-rooms-worldwide-vulnerable-door-lock-exploit www.secnews.physaphae.fr/article.php?IdArticle=8471600 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys - even quantum-resistant ones.]]> 2024-03-27T20:06:33+00:00 https://www.darkreading.com/application-security/patchless-apple-m-chip-vulnerability-cryptography-bypass www.secnews.physaphae.fr/article.php?IdArticle=8471601 False Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais magic quadrant

---

IDC MarketScape Names VIPRE Security Group a "Major Player" in Endpoint Security Vendor Assessment The Worldwide Modern Endpoint Security for Small Businesses 2024 Vendor Assessment commends VIPRE for their endpoint solutions and channel strategy - MAGIC QUADRANT ]]> 2024-03-27T20:05:30+00:00 https://www.globalsecuritymag.fr/idc-marketscape-names-vipre-security-group-a-major-player-in-endpoint-security.html www.secnews.physaphae.fr/article.php?IdArticle=8471619 False None None 3.0000000000000000 Global Security Mag - Site de news francais - rapports spéciaux

---

Flashpoint released its 2024 Global Threat Intelligence Report that looks back at 2023 to shed light on cyber threats, geopolitical turmoil, and escalating physical conflicts around the world to help organizations strengthen defenses, ensure operational resilience, and proactively confront multifaceted threats. - Special Reports]]> 2024-03-27T20:00:58+00:00 https://www.globalsecuritymag.fr/flashpoint-releases-annual-global-threat-intelligence-report.html www.secnews.physaphae.fr/article.php?IdArticle=8471580 False Threat,Studies None 4.0000000000000000 Dark Reading - Informationweek Branch More than ever, it\'s critical for organizations to understand the nature of AI-based threats and how they can blunt the advantage that AI conveys to bad actors.]]> 2024-03-27T19:56:09+00:00 https://www.darkreading.com/cyberattacks-data-breaches/threat-report-examining-the-use-of-ai-in-attack-techniques www.secnews.physaphae.fr/article.php?IdArticle=8471602 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) [Consultez la rédaction de Microsoft \\ sur les informationsStealiers ici.] (Https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6) #### URL de référence (s) 1. https://www.trustwave.com/en-us/Ressources / blogs / spiderLabs-blog / agent-teslas-new-ride-the-ramen-of-a-novel-chargedeur / #### Date de publication 26 mars 2024 #### Auteurs) Bernard Bautista

---

#### Description SpiderLabs identified a phishing email on March 8, 2024, with an attached archive that included a Windows executable disguised as a fraudulent bank payment. This action initiated an infection chain culminating in the deployment of Agent Tesla. The loader is compiled with .NET and uses obfuscation and packing techniques to evade detection. It also exhibits polymorphic behavior with distinct decryption routines, making it difficult for traditional antivirus systems to detect. The loader uses methods like patching to bypass Antimalware Scan Interface (AMSI) detection and dynamically load payloads, ensuring stealthy execution and minimizing traces on disk. > [Check out Microsoft\'s write-up on Information Stealers here.](https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6) #### Reference URL(s) 1. https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/agent-teslas-new-ride-the-rise-of-a-novel-loader/ #### Publication Date March 26, 2024 #### Author(s) Bernard Bautista ]]> 2024-03-27T19:14:21+00:00 https://community.riskiq.com/article/5ffaa8a4 www.secnews.physaphae.fr/article.php?IdArticle=8471583 False Patching None 3.0000000000000000 Dark Reading - Informationweek Branch CISA will administer the new reporting requirements for cyber incidents and ransomware payments.]]> 2024-03-27T18:51:27+00:00 https://www.darkreading.com/cybersecurity-operations/dhs-releases-unpublished-circia-document-proposing-new-rule www.secnews.physaphae.fr/article.php?IdArticle=8471543 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with]]> 2024-03-27T18:45:00+00:00 https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html www.secnews.physaphae.fr/article.php?IdArticle=8471391 False Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future Les agences d'État aux États-Unis continuent de faire face à des perturbations des attaques de ransomwares.Mardi soir, le gouvernement du comté de Gilmer en Géorgie a affiché un avis sur son site Web avertissant qu'une attaque de ransomware affectait sa capacité à fournir des services à ses plus de 30 000 résidents.«Le comté de Gilmer a récemment détecté et répondu à un

---

State agencies across the U.S. continue to face disruptions from ransomware attacks. On Tuesday evening, the government of Gilmer County in Georgia posted a notice on its website warning that a ransomware attack was affecting its ability to provide services to its more than 30,000 residents. “Gilmer County recently detected and responded to a]]> 2024-03-27T18:32:22+00:00 https://therecord.media/texas-georgia-municipalities-face-disruptions-from-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8471544 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users\' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user\'s knowledge," Guardio]]> 2024-03-27T18:24:00+00:00 https://thehackernews.com/2024/03/microsoft-edge-bug-could-have-allowed.html www.secnews.physaphae.fr/article.php?IdArticle=8471360 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new phishing-as-a-service (PhaaS) named \'Darcula\' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries. [...]]]> 2024-03-27T18:12:20+00:00 https://www.bleepingcomputer.com/news/security/new-darcula-phishing-service-targets-iphone-users-via-imessage/ www.secnews.physaphae.fr/article.php?IdArticle=8471656 False Mobile None 4.0000000000000000 Recorded Future - FLux Recorded Future Les chercheurs ont découvert une nouvelle campagne d'espionnage ciblant les agences gouvernementales indiennes et l'industrie de l'énergie du pays avec une version modifiée d'un voleur d'informations open source appelé HackbrowserData qui peut collecter des références de connexion du navigateur, des cookies et de l'histoire.Les chercheurs de la société néerlandaise de cybersécurité Eclecticiq ont découvert la campagne début mars mais ne l'attribue pas à un

---

Researchers have uncovered a new espionage campaign targeting Indian government agencies and the country\'s energy industry with a modified version of an open-source information stealer called HackBrowserData that can collect browser login credentials, cookies and history. Researchers at Dutch cybersecurity company EclecticIQ discovered the campaign in early March but didn\'t attribute it to a]]> 2024-03-27T18:10:24+00:00 https://therecord.media/india-infostealer-government-energy-sector-espionage www.secnews.physaphae.fr/article.php?IdArticle=8471545 False None None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Rapid-fire prompts sometimes followed with spoofed calls from "Apple support."]]> 2024-03-27T18:10:10+00:00 https://arstechnica.com/?p=2012822 www.secnews.physaphae.fr/article.php?IdArticle=8471540 False Mobile None 4.0000000000000000 Checkpoint - Fabricant Materiel Securite La saison fiscale de \\, cette merveilleuse période de l'année où un chèque de remboursement pourrait apparaître dans votre boîte aux lettres ou sortir pour être envoyé au gouvernement.Partout dans le monde, de nombreux pays se préparent pour un temps d'impôt.Cela devient un moment courant pour les pirates d'intervalence. En règle générale, les pirates en profitent en distribuant des fichiers malveillants qui se dégageaient comme des fichiers officiels.Il est si omniprésent, en fait, que l'IRS publie une liste annuelle de «Dirty Dozen», qui décrit les escroqueries fiscales les plus populaires.L'année dernière, nous avons également vu une torsion, avec un point de contrôle découvrant comment Chatgpt peut créer un phishing lié à l'impôt convaincant [& # 8230;]

---

>It\'s tax season, that wonderful time of year when a refund check might be showing up in your mailbox-or going out to be sent to the government. Around the world, many countries are gearing up for tax time. This becomes a common time for hackers to step in. Typically, hackers take advantage by distributing malicious files that masquerade as official files. It\'s so pervasive, in fact, that the IRS releases an annual “Dirty Dozen” list, which outlines the most popular tax scams. Last year, we also saw a twist, with Check Point uncovering how ChatGPT can create convincing tax-related phishing […] ]]> 2024-03-27T18:00:40+00:00 https://blog.checkpoint.com/security/beware-the-tax-scam-tsunami-unmasking-qr-code-schemes-bogus-refunds-and-ai-imposters/ www.secnews.physaphae.fr/article.php?IdArticle=8471568 False None ChatGPT 3.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Zivver Launches eSignature Feature to Bolster Email Security Zivver Secure eSignatures complements the company\'s existing email security and file sharing solutions to further address risk in digital communications - Product Reviews]]> 2024-03-27T17:39:27+00:00 https://www.globalsecuritymag.fr/zivver-launches-esignature-feature-to-bolster-email-security.html www.secnews.physaphae.fr/article.php?IdArticle=8471526 False None None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Acumen launches to protect modern businesses from complex cyber threats 24/7 People-powered security service provider aims to emerge as one of the top five UK Managed Security Service Providers (MSSPs) within the next five years - Business News]]> 2024-03-27T17:32:29+00:00 https://www.globalsecuritymag.fr/acumen-announced-its-entry-into-the-uk-market.html www.secnews.physaphae.fr/article.php?IdArticle=8471527 False None None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-03-27T17:29:30+00:00 https://www.globalsecuritymag.fr/un-cybersquatteur-est-demasque-et-mis-en-demeure-par-nft.html www.secnews.physaphae.fr/article.php?IdArticle=8471528 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Goldilock Announces Channel-Only Sales Strategy and Appoints Steven Brodie as Head of Sales NATO-backed British cybersecurity startup scales up with channel-only sales model and appoints industry veteran to lead transition - Business News]]> 2024-03-27T17:25:35+00:00 https://www.globalsecuritymag.fr/goldilock-announces-channel-only-sales-strategy-and-appoints-steven-brodie-as.html www.secnews.physaphae.fr/article.php?IdArticle=8471529 False None None 2.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T17:14:23+00:00 https://www.globalsecuritymag.fr/cyber-readiness-index-de-cisco-cybermenace-les-dirigeants-francais-confiants.html www.secnews.physaphae.fr/article.php?IdArticle=8471530 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers "encrypted" VNDirect\'s data in an attack that kept the broker offline for days.]]> 2024-03-27T17:06:18+00:00 https://www.darkreading.com/cyberattacks-data-breaches/vietnam-securities-broker-suffered-cyberattack-that-suspended-trading www.secnews.physaphae.fr/article.php?IdArticle=8471482 False None None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-03-27T17:03:56+00:00 https://blog.knowbe4.com/number-new-pieces-malware-per-minute-quadrupled www.secnews.physaphae.fr/article.php?IdArticle=8471477 False Malware None 3.0000000000000000 knowbe4 - cybersecurity services 2024-03-27T17:03:46+00:00 https://blog.knowbe4.com/simple-payment-underway-phishing-email-downloads-rats www.secnews.physaphae.fr/article.php?IdArticle=8471478 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Mardi, la principale agence de cybersécurité de l'Allemagne a appelé mardi des milliers d'organisations vulnérables dans le pays pour corriger le logiciel Microsoft Exchange hors de jour.Selon un rapport de l'Office fédéral allemand pour la sécurité de l'information (BSI), au moins 17 000 serveurs sont vulnérables à un ou plusieurs bogues critiques, et les cybercriminels et les acteurs de l'État sont déjà activement activement

---

Germany\'s top cybersecurity agency on Tuesday called on thousands of vulnerable organizations in the country to patch out-of-date Microsoft Exchange software. According to a report by the German Federal Office for Information Security (BSI), at least 17,000 servers are vulnerable to one or more critical bugs, and cybercriminals and state actors are already actively]]> 2024-03-27T17:02:13+00:00 https://therecord.media/germany-bsi-microsoft-exchange-vulnerability-warning www.secnews.physaphae.fr/article.php?IdArticle=8471484 False None None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-27T16:58:59+00:00 https://www.globalsecuritymag.fr/docaposte-et-board-of-cyber-s-associent-pour-renforcer-la-cybersecurite-des-pme.html www.secnews.physaphae.fr/article.php?IdArticle=8471496 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.]]> 2024-03-27T16:57:55+00:00 https://www.darkreading.com/application-security/tycoon-malware-kit-bypasses-microsoft-google-mfa www.secnews.physaphae.fr/article.php?IdArticle=8471483 False Malware,Threat None 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Cybaverse.ai launched to streamline cyber security management and support cyber insurance mandates New platform launched to offer organisations with a unified view across their entire cyber security estate - Product Reviews]]> 2024-03-27T16:56:59+00:00 https://www.globalsecuritymag.fr/cybaverse-announced-the-launch-of-cybaverse-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8471497 False None None 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Cybersecurity mobile app bolsters organizations\' security while providing better quality of life for security leaders Hailed as a \'game-changer\' by customers, GreyMatter mobile app enables threats to be remediated in one click - Product Reviews]]> 2024-03-27T16:54:27+00:00 https://www.globalsecuritymag.fr/reliaquest-announced-new-features-to-its-greymatter-mobile-app.html www.secnews.physaphae.fr/article.php?IdArticle=8471498 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-27T16:49:44+00:00 https://www.globalsecuritymag.fr/nozomi-networks-etend-son-partenariat-avec-yokogawa.html www.secnews.physaphae.fr/article.php?IdArticle=8471499 False Threat,Industrial None 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-27T16:46:42+00:00 https://www.globalsecuritymag.fr/eviden-ouvre-un-centre-d-operations-de-securite-soc-au-mexique.html www.secnews.physaphae.fr/article.php?IdArticle=8471500 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-27T16:44:20+00:00 https://www.globalsecuritymag.fr/cyberark-lance-un-navigateur-axe-sur-la-securite-des-identites.html www.secnews.physaphae.fr/article.php?IdArticle=8471501 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024]]> 2024-03-27T16:35:00+00:00 https://www.infosecurity-magazine.com/news/nhs-clinical-data-leaked-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8471480 False Ransomware None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-27T16:30:54+00:00 https://www.globalsecuritymag.fr/le-label-france-cybersecurity-devoile-une-promotion-2024-record.html www.secnews.physaphae.fr/article.php?IdArticle=8471502 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (]]> 2024-03-27T16:26:00+00:00 https://thehackernews.com/2024/03/sase-solutions-fall-short-without.html www.secnews.physaphae.fr/article.php?IdArticle=8471300 False Cloud None 2.0000000000000000 TechRepublic - Security News US DNS FireWall is an intuitive security app built to protect you and your business from malware, phishing, botnets and more security threats.]]> 2024-03-27T16:21:33+00:00 https://www.techrepublic.com/article/dns-firewall-lifetime-subscription/ www.secnews.physaphae.fr/article.php?IdArticle=8471475 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies\' computing power and leak sensitive data," Oligo Security researchers Avi]]> 2024-03-27T16:09:00+00:00 https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8471301 False Vulnerability,Threat None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Après avoir recueilli 2,5 millions de dollars dans sa dernière ronde de financement des semences, Unstable Protocol est en mission pour transformer & # 8230; Ceci est un article de HackRead.com Lire le post original: Protocole defi Unstable augmente 2,5 millions de dollars pour faire avancer le secteur LRTFI

---

>By Uzair Amir After raising $2.5 million in its latest seed funding round, Unstable Protocol is on a mission to transform… This is a post from HackRead.com Read the original post: DeFi Protocol Unstable Raises $2.5M to Drive LRTfi Sector Forward]]> 2024-03-27T16:00:00+00:00 https://www.hackread.com/defi-protocol-unstable-raises-2-5m-to-lrtfi-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8471449 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial A panel discussion at the ongoing CS4CA USA Summit 2024 in Houston addressed achieving risk reduction through a... ]]> 2024-03-27T15:40:39+00:00 https://industrialcyber.co/risk-management/cs4ca-usa-summit-2024-panel-explores-holistic-approach-to-risk-management-risk-reduction-strategies/ www.secnews.physaphae.fr/article.php?IdArticle=8471444 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Nozomi Networks Inc., fournisseur d'offres de sécurité OT et IoT, a annoncé mercredi qu'elle avait étendu son partenariat ...

---

>Nozomi Networks Inc., vendor of OT and IoT security offerings, announced Wednesday that it has extended its partnership... ]]> 2024-03-27T15:34:18+00:00 https://industrialcyber.co/news/nozomi-networks-yokogawa-extend-alliance-to-deliver-ot-and-iot-security-services-globally/ www.secnews.physaphae.fr/article.php?IdArticle=8471445 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Non-profit organization MITRE announced Monday the launch of its AI Assurance and Discovery Lab to discover and mitigate... ]]> 2024-03-27T15:32:56+00:00 https://industrialcyber.co/ai/mitre-launches-ai-assurance-and-discovery-lab-to-identify-mitigate-risks-in-ai-enabled-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8471446 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Advanced adversaries are increasingly focused on enterprise technologies and their vendors, while end-user platforms are having success stifling zero-day exploits with cybersecurity investments, according to Google.]]> 2024-03-27T15:27:37+00:00 https://www.darkreading.com/threat-intelligence/zero-day-bonanza-exploits-enterprises www.secnews.physaphae.fr/article.php?IdArticle=8471451 False Vulnerability,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Un assureur spécialisé a dévoilé mardi un nouveau produit offrant une cyber-assurance pour les automobiles, offrant une couverture protégeant les conducteurs des cyberattaques, des ransomwares et du vol d'identité. & Nbsp;Munich Re, basée en Allemagne, a déclaré avoir créé son cyber pour le produit automobile par le biais de sa filiale basée aux États-Unis HSB pour aider les consommateurs à répondre à la cyber-exposition auxquels ils sont confrontés grâce à leur utilisation de connectés

---

A specialty insurer on Tuesday unveiled a new product offering cyber insurance for automobiles, providing coverage protecting drivers from cyberattacks, ransomware and identity theft.  Germany-based Munich RE said it created its Cyber for Auto product through its U.S.-based subsidiary HSB to help consumers respond to cyber exposure they face through their use of connected]]> 2024-03-27T15:24:27+00:00 https://therecord.media/insurer-introduces-policy-covering-drivers-from-connected-car-hacks www.secnews.physaphae.fr/article.php?IdArticle=8471452 False Ransomware None 3.0000000000000000 HackRead - Chercher Cyber Par waqas Comme le montre HackRead.com, le gang de ransomware Inc prétend avoir obtenu les dossiers des patients dans le cadre de leur cyberattaque. Ceci est un article de HackRead.com Lire la publication originale: Inc Ransomware frappe NHS Scotland, menace la fuite de données de patients de 3 To

---

>By Waqas As seen by Hackread.com, the INC ransomware gang claims to have obtained patient records as part of their cyberattack. This is a post from HackRead.com Read the original post: INC Ransomware Hits NHS Scotland, Threatens Leak of 3TB Patient Data]]> 2024-03-27T15:18:03+00:00 https://www.hackread.com/inc-ransomware-nhs-scotland-3tb-patient-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8471450 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future La cyber commandement des États-Unis et la National Security Agency n'identifieront pas les derniers dirigeants de leur groupe de travail conjoint de sécurité électorale, en partie pour les protéger des menaces et le harcèlement que d'autres responsables électoraux ont reçu pour être associé à de tels travaux.Dans un écart par rapport aux cycles électoraux précédents, aucune des deux organisations ne publiera

---

U.S. Cyber Command and the National Security Agency will not identify the latest leaders of their joint election security task force, in part to shield them from the threats and harassment other election officials have received for merely being associated with such work. In a departure from previous election cycles, neither organization will publicize]]> 2024-03-27T15:14:39+00:00 https://therecord.media/nsa-cyber-command-election-security-task-force-leaders-2024 www.secnews.physaphae.fr/article.php?IdArticle=8471453 False None None 3.0000000000000000 Silicon - Site de News Francais 2024-03-27T14:52:27+00:00 https://www.silicon.fr/logiciels-libres-sill-premier-trimestre-2024-477205.html www.secnews.physaphae.fr/article.php?IdArticle=8471448 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future ]]> 2024-03-27T14:51:04+00:00 https://therecord.media/vietnam-securities-broker-cyberattack-vndirect www.secnews.physaphae.fr/article.php?IdArticle=8471418 False None None 3.0000000000000000 Global Security Mag - Site de news francais vulnérabilité de sécurité

---

An attacker can create a memory leak of the Linux kernel, via memcg, in order to trigger a denial of service. - Security Vulnerability]]> 2024-03-27T14:40:03+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-linux-kernel-memory-leak-via-memcg-analyzed-on.html www.secnews.physaphae.fr/article.php?IdArticle=8472086 False Vulnerability None 2.0000000000000000 Recorded Future - FLux Recorded Future Un projet de loi complet sur la confidentialité des données qui inclut les normes de minimisation les plus difficiles du pays est sur le point d'adopter la législature de l'État du Maryland, donnant aux défenseurs de l'espoir que des projets de loi similaires suivront à l'échelle nationale.Le Maryland Online Data Privacy Act a adopté à la fois la Chambre et le Sénat de l'État et se rendront bientôt à un comité de conférence

---

A comprehensive data privacy bill that includes the country\'s toughest data minimization standards is on the cusp of passing the Maryland state legislature, giving advocates hope that similar bills will follow nationwide. The Maryland Online Data Privacy Act has passed both the state\'s House and Senate, and will soon go to a conference committee]]> 2024-03-27T14:31:53+00:00 https://therecord.media/lawmakers-set-sights-on-data-minimization-with-new-bills www.secnews.physaphae.fr/article.php?IdArticle=8471419 False Conference None 3.0000000000000000 Korben - Bloger francais 2024-03-27T14:27:59+00:00 https://korben.info/neuralink-premier-patient-joue-civilization-vi-nuit-implant-cerebral.html www.secnews.physaphae.fr/article.php?IdArticle=8471454 False None None 3.0000000000000000 HackRead - Chercher Cyber Par uzair amir La couche de confidentialité V2 de COTI \\ sécurise la dynamique de Civic \\, permettant aux utilisateurs de contrôler leurs données et de conformité réglementaire sans couture. Ceci est un article de HackRead.com Lire le post original: COTI et Civic Partner pour donner aux utilisateurs de soi-même de leur identité numérique

---

>By Uzair Amir COTI\'s V2 confidentiality layer secures Civic\'s Dynamic DID, empowering users with control over their data and seamless regulatory compliance. This is a post from HackRead.com Read the original post: COTI and Civic Partner to Give Users Self-sovereignty of Their Digital Identity]]> 2024-03-27T14:03:53+00:00 https://www.hackread.com/coti-civic-partner-users-self-sovereignty-digital-identity/ www.secnews.physaphae.fr/article.php?IdArticle=8471389 False None None 3.0000000000000000 Dark Reading - Informationweek Branch IT teams can better withstand scrutiny by helping their board understand risks and how they are fixed, as well as explaining their long-term vision for risk management.]]> 2024-03-27T14:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/getting-security-remediation-on-boardroom-agenda www.secnews.physaphae.fr/article.php?IdArticle=8471390 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland. [...]]]> 2024-03-27T13:59:01+00:00 https://www.bleepingcomputer.com/news/security/inc-ransom-threatens-to-leak-3tb-of-nhs-scotland-stolen-data/ www.secnews.physaphae.fr/article.php?IdArticle=8471514 False None None 3.0000000000000000 Korben - Bloger francais 2024-03-27T13:54:09+00:00 https://korben.info/apex-legends-hacker-seme-chaos-tournoi-majeur.html www.secnews.physaphae.fr/article.php?IdArticle=8471420 False None None 4.0000000000000000 SecurityWeek - Security News Malgré une augmentation des attaques zéro-jour, les données montrent que les investissements de sécurité dans les expositions d'exploitation du système d'exploitation et des logiciels obligent les attaquants à trouver de nouvelles surfaces d'attaque et des modèles de bogues.

---

>Despite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns. ]]> 2024-03-27T13:50:41+00:00 https://www.securityweek.com/google-report-despite-surge-in-zero-day-attacks-exploit-mitigations-are-working/ www.secnews.physaphae.fr/article.php?IdArticle=8471416 False Vulnerability,Threat None 3.0000000000000000 Silicon - Site de News Francais 2024-03-27T13:38:28+00:00 https://www.silicon.fr/rapport-comite-ia-generative-477092.html www.secnews.physaphae.fr/article.php?IdArticle=8471387 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie]]> 2024-03-27T13:26:00+00:00 https://thehackernews.com/2024/03/alert-new-phishing-attack-delivers.html www.secnews.physaphae.fr/article.php?IdArticle=8471226 False Malware None 2.0000000000000000 SecurityWeek - Security News La sécurité humaine identifie 28 applications VPN pour Android et un SDK qui transforment les appareils en proxys.

---

>Human Security identifies 28 VPN applications for Android and an SDK that turn devices into proxies. ]]> 2024-03-27T13:19:18+00:00 https://www.securityweek.com/vpn-apps-on-google-play-turn-android-devices-into-proxies/ www.secnews.physaphae.fr/article.php?IdArticle=8471417 False Mobile None 3.0000000000000000 ProofPoint - Firm Security 2024-03-27T13:02:26+00:00 https://www.proofpoint.com/us/newsroom/news/new-service-proofpoint-prevents-email-data-loss-through-ai www.secnews.physaphae.fr/article.php?IdArticle=8474248 False None None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Curieux d'apprendre à quel point le gomining est pionnier de la démocratisation de l'exploitation de la cryptographie?Lisez la suite comme nous explorons leur approche, leurs techniques et comment ils garantissent la sécurité de leurs utilisateurs. Ceci est un article de HackRead.com Lire le post original: Gomining Review: cette plate-forme fait de l'exploitation bitcoinPossible via NFTS

---

>By Uzair Amir Curious to learn how GoMining is pioneering the democratization of crypto mining? Read on as we explore their approach, technicals, and how they ensure safety for their users. This is a post from HackRead.com Read the original post: GoMining Review: This Platform Makes Bitcoin Mining Possible Through NFTs]]> 2024-03-27T13:01:06+00:00 https://www.hackread.com/gomining-review/ www.secnews.physaphae.fr/article.php?IdArticle=8471357 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Google detected nearly 100 zero-day vulnerabilities exploited in the wild in 2023]]> 2024-03-27T13:01:00+00:00 https://www.infosecurity-magazine.com/news/zeroday-surged-50-annually-google/ www.secnews.physaphae.fr/article.php?IdArticle=8471362 False Vulnerability,Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point Software a fièrement annoncé qu'elle avait été nommée un leader de la croissance et de l'innovation dans le rapport Global Managed Detection and Response 2024 de la détection gérée de Frost Radar ™.Check Point a démontré les capacités impressionnantes de son infinité MDR / MPR, ce qui permet aux organisations avec des outils de pointe pour prévenir rapidement et remédier efficacement aux attaques, maximisant les performances globales.À propos de Frost Radar ™: Frost & # 38;Le rapport Sullivan & # 8217; s Frost Radar ™ a analysé divers facteurs pour déterminer les principaux fournisseurs de détection et de réponse gérés (MDR).Après avoir évalué plus de 150 acteurs de l'industrie, le rapport a identifié indépendamment 22 fournisseurs MDR comme les principaux leaders de la croissance et de l'innovation dans cet espace.Le rapport [& # 8230;]

---

>Check Point Software proudly announced that it has been named a Growth and Innovation Leader in the Frost Radar™ Global Managed Detection and Response 2024 Report. Check Point has demonstrated the impressive capabilities of its Infinity MDR/MPR, empowering organizations with cutting-edge tools to rapidly prevent and efficiently remediate attacks, maximizing overall performance. About the Frost Radar™: Frost & Sullivan’s Frost Radar™ report analyzed various factors to determine the leading Managed Detection and Response (MDR) providers. After evaluating over 150 industry players, the report independently identified 22 MDR vendors as the top growth and innovation leaders in this space. The report […] ]]> 2024-03-27T13:00:39+00:00 https://blog.checkpoint.com/security/check-point-software-technologies-recognized-as-a-top-leader-in-frost-radar-2024-global-managed-detection-and-response-report/ www.secnews.physaphae.fr/article.php?IdArticle=8471352 False Tool None 2.0000000000000000 Palo Alto Network - Site Constructeur Faraz Ahsan a fourni des informations sur l'intégration de l'intelligence artificielle et de l'apprentissage automatique pour lutter

---

>Faraz Ahsan provided insights into the integration of artificial intelligence and machine learning in combating cyberthreats. ]]> 2024-03-27T13:00:37+00:00 https://www.paloaltonetworks.com/blog/2024/03/revolution-in-cybersecurity-with-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8471350 False None None 2.0000000000000000 Korben - Bloger francais 2024-03-27T13:00:17+00:00 https://korben.info/blueducky-automatiser-exploitation-faille-bluetooth-execution-code-distance.html www.secnews.physaphae.fr/article.php?IdArticle=8471386 False Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les chercheurs ont trouvé 97 jours zéro exploités dans la nature en 2023;Près des deux tiers des défauts mobiles et du navigateur ont été utilisés par les entreprises spyware.

---

>Researchers found 97 zero-days exploited in the wild in 2023; nearly two thirds of mobile and browser flaws were used by spyware firms. ]]> 2024-03-27T13:00:00+00:00 https://cyberscoop.com/spyware-zero-days-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8471356 False Vulnerability,Threat,Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future Les experts en cybersécurité avertissent que les exploits zéro-jours, qui peuvent être utilisés pour compromettre les appareils avant que quiconque ne sache qu'ils sont vulnérables, sont devenus plus courants en tant que pirates et cybercriminels à l'État-nation et en train de trouver des moyens sophistiqués de mener à bien leurs attaques.Des chercheurs de Google ont déclaré mercredi avoir observé 97 jours zéro exploités dans la nature en 2023, comparés

---

Cybersecurity experts are warning that zero-day exploits, which can be used to compromise devices before anyone is aware they\'re vulnerable, have become more common as nation-state hackers and cybercriminals find sophisticated ways to carry out their attacks. Researchers from Google on Wednesday said they observed 97 zero-days exploited in the wild in 2023, compared]]> 2024-03-27T13:00:00+00:00 https://therecord.media/zero-day-exploits-jumped-in-2023-spyware www.secnews.physaphae.fr/article.php?IdArticle=8471355 False Vulnerability,Threat None 3.0000000000000000 Zimperium - cyber risk firms for mobile Les cybercriminels utilisent des tactiques de plus en plus sophistiquées pour cibler les utilisateurs sans méfiance.Une telle tactique gagnant du terrain est le smir & # 8211;Une attaque qui tire parti de messages texte pour tromper les individus en fournissant des informations sensibles ou en téléchargeant du contenu malveillant.Dans cette dernière tendance, les cybercriminels créent de fausses applications qui imitent les services bancaires ou financiers légitimes.[& # 8230;]

---

>Cybercriminals are employing increasingly sophisticated tactics to target unsuspecting users. One such tactic gaining traction is smishing – an attack that leverages text messages to deceive individuals into providing sensitive information or downloading malicious content. In this latest trend, cybercriminals create fake apps that mimic legitimate banking or financial services. […] ]]> 2024-03-27T13:00:00+00:00 https://www.zimperium.com/blog/sophisticated_fake_apps_a_growing_concern/ www.secnews.physaphae.fr/article.php?IdArticle=8471354 False Prediction None 2.0000000000000000 HackRead - Chercher Cyber Par waqas La cyberattaque a eu lieu dans la première semaine de mars 2024 lors du sommet spécial de l'Asean-Australia à Melbourne. Ceci est un article de HackRead.com Lire le post original: APTS chinois a ciblé l'ASEAN pendant le sommet avec des logiciels malveillants d'espionnage

---

>By Waqas The cyberattack occurred in the first week of March 2024 during the ASEAN-Australia Special Summit in Melbourne. This is a post from HackRead.com Read the original post: Chinese APTs Targeted ASEAN During Summit with Espionage Malware]]> 2024-03-27T12:56:19+00:00 https://www.hackread.com/chinese-apts-asean-summit-espionage-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8471358 False Malware None 3.0000000000000000 ProofPoint - Firm Security 2024-03-27T12:52:47+00:00 https://www.proofpoint.com/us/newsroom/press-releases/proofpoint-unleashes-power-behavioral-ai-thwart-data-loss-over-email www.secnews.physaphae.fr/article.php?IdArticle=8471677 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Pervasive and inexpensive phishing kit encompasses hundreds of templates targeting Kuwait Post, Etisalat, Jordan Post, Saudi Post. Australia Post, Singapore Post, and postal services in South Africa, Nigeria, Morocco, and more.]]> 2024-03-27T12:51:07+00:00 https://www.darkreading.com/endpoint-security/-darcula-phishing-as-a-service-operation-bleeds-victims-worldwide www.secnews.physaphae.fr/article.php?IdArticle=8471359 False None None 4.0000000000000000 SecurityWeek - Security News La vulnérabilité du cadre Ray AI contesté exploitée pour voler des informations et déployer des cryptomines sur des centaines de clusters.

---

>Disputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters. ]]> 2024-03-27T12:22:05+00:00 https://www.securityweek.com/attackers-exploit-ray-ai-framework-vulnerability-to-hack-hundreds-of-clusters/ www.secnews.physaphae.fr/article.php?IdArticle=8471353 False Hack,Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais affaires / / oktey

---

Altospam accède au Label Cybersecurity made in Europe - Business / Oktey]]> 2024-03-27T12:03:57+00:00 https://www.globalsecuritymag.fr/altospam-accede-au-label-cybersecurity-made-in-europe.html www.secnews.physaphae.fr/article.php?IdArticle=8471340 False None None 2.0000000000000000 Detection Engineering - Blog Sécu 2024-03-27T12:03:11+00:00 https://www.detectionengineering.net/p/det-eng-weekly-63-back-in-the-lab www.secnews.physaphae.fr/article.php?IdArticle=8471325 False None None 2.0000000000000000 Cisco - Security Firm Blog Security Cloud is the future for Cisco Security and our customers that requires the utmost in engineering agility from us]]> 2024-03-27T12:00:04+00:00 https://feedpress.me/link/23535/16632939/balancing-agility-and-predictability-to-achieve-major-engineering-breakthroughs www.secnews.physaphae.fr/article.php?IdArticle=8471326 False Cloud None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Cisco scored just 3% of organizations as having a \'mature\' level of readiness to cyber threats, a significant decline from the previous year]]> 2024-03-27T12:00:00+00:00 https://www.infosecurity-magazine.com/news/resilient-modern-cyber-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8471328 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine 2024-03-27T11:15:00+00:00 https://www.computerweekly.com/news/366575672/Cyber-spies-not-cyber-criminals-behind-most-zero-day-exploitation www.secnews.physaphae.fr/article.php?IdArticle=8471443 False Vulnerability,Threat None 3.0000000000000000 IT Security Guru - Blog Sécurité cyber-saison perturbationSIEM et XDR Market avec une nouvelle solution SDR C'est apparu pour la première fois sur gourou de la sécurité informatique .

---

Attack protection pros Cybereason have announced the launch of a new SIEM Detection and Response (SDR) solution with Observe. Cybereason\'s SDR SaaS solution addresses issues with outdated SIEM architectures and enhances SOC effectiveness through the automated ingestion and enrichment of data across an organisation\'s digital footprint. SDR Consolidates All Security Data Into A Central Data […] The post Cybereason Disrupt SIEM and XDR Market with New SDR Solution first appeared on IT Security Guru. ]]> 2024-03-27T11:01:25+00:00 https://www.itsecurityguru.org/2024/03/27/cybereason-disrupt-siem-and-xdr-market-with-new-sdr-solution/?utm_source=rss&utm_medium=rss&utm_campaign=cybereason-disrupt-siem-and-xdr-market-with-new-sdr-solution www.secnews.physaphae.fr/article.php?IdArticle=8471303 False Cloud None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain assez dévastateur : Aujourd'hui, Ian Carroll, Lennert Wouters et une équipe d'autres chercheurs en sécurité révèlent une technique de piratage de l'hôtel Keycard qu'ils appellent Unfillok .La technique est une collection de vulnérabilités de sécurité qui permettraient à un pirate d'ouvrir presque instantanément plusieurs modèles de serrures Keycard basées sur la marque Saflok-Brand vendues par le fabricant de serrures suisses Dormakaba.Les systèmes Saflok sont installés sur 3 millions de portes dans le monde, dans 13 000 propriétés dans 131 pays.En exploitant les faiblesses dans le cryptage de Dormakaba et du système RFID sous-jacent que Dormakaba, connu sous le nom de Mifare Classic, Carroll et Wouters ont démontré à quel point ils peuvent facilement ouvrir un verrou de Keycard Saflok.Leur technique commence par l'obtention de n'importe quelle carte-clé à partir d'un hôtel cible & # 8212; disons, en réservant une chambre là-bas ou en saisissant une courte-clés dans une boîte de celles d'occasion & # 8212; puis en lisant un certain code de cette carte avec une lecture RFID de 300 $dispositif, et enfin écrire deux cartes-clés qui leur sont propres.Lorsqu'ils appuyent simplement sur ces deux cartes sur une serrure, la première réécrit un certain morceau des données de verrouillage, et la seconde l'ouvre ...

---

It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security vulnerabilities that would allow a hacker to almost instantly open several models of Saflok-brand RFID-based keycard locks sold by the Swiss lock maker Dormakaba. The Saflok systems are installed on 3 million doors worldwide, inside 13,000 properties in 131 countries. By exploiting weaknesses in both Dormakaba’s encryption and the underlying RFID system Dormakaba uses, known as MIFARE Classic, Carroll and Wouters have demonstrated just how easily they can open a Saflok keycard lock. Their technique starts with obtaining any keycard from a target hotel—say, by booking a room there or grabbing a keycard out of a box of used ones—then reading a certain code from that card with a $300 RFID read-write device, and finally writing two keycards of their own. When they merely tap those two cards on a lock, the first rewrites a certain piece of the lock’s data, and the second opens it...]]> 2024-03-27T11:01:08+00:00 https://www.schneier.com/blog/archives/2024/03/security-vulnerability-in-safloks-rfid-based-keycard-locks.html www.secnews.physaphae.fr/article.php?IdArticle=8471297 False Vulnerability None 3.0000000000000000 Silicon - Site de News Francais 2024-03-27T11:00:28+00:00 https://www.silicon.fr/dma-microgestion-big-tech-477187.html www.secnews.physaphae.fr/article.php?IdArticle=8471299 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Palo Alto Networks\' Unit 42 observed two Chinese-affiliated APT groups recently conducting cyber espionage campaigns targeting ASEAN organizations]]> 2024-03-27T11:00:00+00:00 https://www.infosecurity-magazine.com/news/chinese-apt-asean-entities/ www.secnews.physaphae.fr/article.php?IdArticle=8471302 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité GRAND PROBLÈME DE LA PRODUCTION AVEC NCSC, NCA ET MONT La police pour enquêter sur le cyber-incident est apparu pour la première fois sur gourou de la sécurité informatique .

---

Researchers at Comparitech, the pro-consumer website providing information, tools, reviews and comparisons to help readers improve their cyber security and privacy online, have discovered that ransomware gang Qilin claimed credit on its website for stealing 550 GB of data from the Big Issue, a UK-based street newspaper. The company has said in a statement that […] The post Big Issue working with NCSC, NCA and Met Police to investigate cyber incident first appeared on IT Security Guru. ]]> 2024-03-27T10:29:52+00:00 https://www.itsecurityguru.org/2024/03/27/big-issue-working-with-ncsc-nca-and-met-police-to-investigate-cyber-incident/?utm_source=rss&utm_medium=rss&utm_campaign=big-issue-working-with-ncsc-nca-and-met-police-to-investigate-cyber-incident www.secnews.physaphae.fr/article.php?IdArticle=8471304 False Ransomware,Tool,Legislation None 2.0000000000000000 IT Security Guru - Blog Sécurité Watchguard Threat Lab Lab Lab Analysis AnalysisMontre une augmentation des logiciels malveillants évasifs apparu pour la première fois sur gourou de la sécurité informatique .

---

WatchGuard® Technologies, a unified cybersecurity company, has announced the findings of its latest Internet Security Report, detailing the top malware trends and network and endpoint security threats analysed by WatchGuard Threat Lab researchers. Key findings from the data show a dramatic surge in evasive malware that fueled a large increase of total malware, threat actors […] The post WatchGuard Threat Lab Analysis Shows Surge in Evasive Malware first appeared on IT Security Guru. ]]> 2024-03-27T10:02:56+00:00 https://www.itsecurityguru.org/2024/03/27/watchguard-threat-lab-analysis-shows-surge-in-evasive-malware/?utm_source=rss&utm_medium=rss&utm_campaign=watchguard-threat-lab-analysis-shows-surge-in-evasive-malware www.secnews.physaphae.fr/article.php?IdArticle=8471272 False Malware,Threat None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Nmap offers a suite of advanced techniques designed to uncover vulnerabilities, bypass security measures, and gather valuable insights about target systems. Let\'s take a look at these techniques: 1. Vulnerability Detection Syntax: nmap -sV --script=vulners Nmap\'s vulnerability detection feature, facilitated by the \'vulners\' script, enables users to identify outdated services susceptible to known security vulnerabilities. By querying a comprehensive vulnerability database, Nmap provides valuable insights into potential weaknesses within target systems. 2. Idle Scanning Syntax: nmap -sI Idle scanning represents a stealthy approach to port scanning, leveraging a "zombie" host to obfuscate the origin of scan requests. By monitoring changes in the zombie host\'s IP identification number (IP ID) in response to packets sent to the target, Nmap infers the state of the target\'s ports without direct interaction. 3. Firewall Testing (Source Port Spoofing) Syntax: nmap --source-port This technique involves testing firewall rules by sending packets with unusual source ports. By spoofing the source port, security professionals can evaluate the effectiveness of firewall configurations and identify potential weaknesses in network defenses. 4. Service-Specific Probes (SMB Example) Syntax: nmap -sV -p 139,445 --script=smb-vuln* Nmap\'s service-specific probes enable detailed examination of services, such as the Server Message Block (SMB) protocol commonly used in Windows environments. By leveraging specialized scripts, analysts can identify vulnerabilities and assess the security posture of target systems. 5. Web Application Scanning (HTTP title grab) Syntax: nmap -sV -p 80 --script=http-title Web application scanning with Nmap allows users to gather information about web servers, potentially aiding in vulnerability identification and exploitation. By analyzing HTTP response headers, Nmap extracts valuable insights about target web applications and server configurations. Nmap Scripting Engine: One of the standout features of Nmap is its robust scripting engine (NSE), which allows users to extend the tool\'s functionality through custom scripts and plugins. NSE scripts enable users to automate tasks, perform specialized scans, gather additional information, and even exploit vulnerabilities in target systems. nmap --script-help scriptname Shows help about scripts. For each script matching the given specification, Nmap prints the script name, its categories, and its description. The specifications are the same as those accepted by --script; so, for example if you want help about the ssl-enum-ciphers script, you would run nmap --script-help ssl-enum-ciphers Users can leverage existing NSE scripts or develop custom scripts tailored to their specific requirements. ]]> 2024-03-27T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/advanced-nmap-scanning-techniques www.secnews.physaphae.fr/article.php?IdArticle=8471442 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as]]> 2024-03-27T09:50:00+00:00 https://thehackernews.com/2024/03/two-chinese-apt-groups-ramp-up-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8471179 False Threat None 2.0000000000000000 IT Security Guru - Blog Sécurité Acumen Entre Market britannique offrant une expertise et un outillage de pointe pour protéger les organisations contre les cyberattaques complexes Guru de sécurité .

---

A new cyber security services company has launched today, which pledges to deliver unparalleled expertise and cutting-edge technology to organisations. Headquartered in Glasgow, Acumen offers clients a fully managed 24/7 Security Operations Centre (SOC), while its roster of partners include CrowdStrike, Elastic, Fortinet, and Barracuda. “Our 24/7 Security Operations Centre strives to combine the right […] The post Acumen enters UK market offering expertise and market leading tooling to protect organisations against complex cyberattacks first appeared on IT Security Guru. ]]> 2024-03-27T09:43:05+00:00 https://www.itsecurityguru.org/2024/03/27/acumen-enters-uk-market-offering-expertise-and-market-leading-tooling-to-protect-organisations-against-complex-cyberattacks/?utm_source=rss&utm_medium=rss&utm_campaign=acumen-enters-uk-market-offering-expertise-and-market-leading-tooling-to-protect-organisations-against-complex-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8471273 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine British police have swooped on 400 fraud suspects and seized £19m]]> 2024-03-27T09:25:00+00:00 https://www.infosecurity-magazine.com/news/uk-law-enforcers-arrest-400-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8471271 False Legislation None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s Threat Analysis Group (TAG) and Google subsidiary Mandiant said they\'ve observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. [...]]]> 2024-03-27T09:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-spyware-vendors-behind-50-percent-of-zero-days-exploited-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8471385 False Vulnerability,Threat None 3.0000000000000000 Korben - Bloger francais 2024-03-27T08:21:15+00:00 https://korben.info/securite-android-vlc-devoile-dessous-signature-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8471274 False Mobile None 5.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T08:15:49+00:00 https://www.globalsecuritymag.fr/la-france-reste-vulnerable-aux-cyberattaques-malgre-une-legislation-stricte.html www.secnews.physaphae.fr/article.php?IdArticle=8471260 False None None 3.0000000000000000 Korben - Bloger francais 2024-03-27T08:00:00+00:00 https://korben.info/danswer-open-source-recherche-unifiee-ia-integration-outils-travail.html www.secnews.physaphae.fr/article.php?IdArticle=8471275 False Tool None 3.0000000000000000 SonarSource - Blog Sécu et Codage By acknowledging the impact of technical debt and embracing proactive solutions like Sonar, development teams can mitigate its effects and build software that is resilient, reliable, and scalable.]]> 2024-03-27T08:00:00+00:00 https://www.sonarsource.com/blog/technical-debt-s-impact-on-development-speed-and-code-quality www.secnews.physaphae.fr/article.php?IdArticle=8471591 False Technical None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Au cours de la dernière année, l'innovation de l'IA a balayé le lieu de travail.Dans toutes les industries et toutes les fonctions de l'équipe, nous voyons des employés utiliser des assistants en IA pour rationaliser diverses tâches, notamment en prenant des minutes, en réduisant des e-mails, en développant du code, en élaborant des stratégies de marketing et même en aidant à gérer les finances des entreprises.En tant que CISO, j'envisage déjà un assistant AI qui [& # 8230;]

---

>Over the past year, AI innovation has swept through the workplace. Across industries and all team functions, we are seeing employees using AI assistants to streamline various tasks, including taking minutes, writing emails, developing code, crafting marketing strategies and even helping with managing company finances. As a CISO, I\'m already envisaging an AI assistant which […] ]]> 2024-03-27T07:00:00+00:00 https://www.netskope.com/blog/ai-assistants-a-new-challenge-for-cisos www.secnews.physaphae.fr/article.php?IdArticle=8471204 False None None 2.0000000000000000 Korben - Bloger francais 2024-03-27T05:43:05+00:00 https://korben.info/atari-400-mini-console-retrogaming-fonctions-modernes.html www.secnews.physaphae.fr/article.php?IdArticle=8471202 False None None 2.0000000000000000 Korben - Bloger francais 2024-03-27T05:26:26+00:00 https://korben.info/infinite-mac-emulation-mac-next-navigateur.html www.secnews.physaphae.fr/article.php?IdArticle=8471203 False None None 2.0000000000000000 The State of Security - Magazine Américain In the intricate landscape of cybersecurity, Digital Forensics and Incident Response (DFIR) stand as the sentinels guarding against the onslaught of digital threats. It involves a multifaceted approach to identifying, mitigating, and recovering from cybersecurity incidents . In the physical world, the aftermath of a crime scene always yields vital clues that can unravel the mystery behind a perpetrator\'s actions. Similarly, in the digital realm, DFIR specialists comb through vast floods of data, analyzing log files, network traffic, and system artifacts to reconstruct the sequence of events...]]> 2024-03-27T04:53:09+00:00 https://www.tripwire.com/state-of-security/incident-response-dfir www.secnews.physaphae.fr/article.php?IdArticle=8471276 False None None 4.0000000000000000 The State of Security - Magazine Américain I\'ll start this one with an apology – I\'ve been watching a lot of the TV show The Bear (which I\'d highly recommend!) and thus been thinking a lot about kitchen processes and the challenges of making everything come together nicely (both in life and in a recipe). If you are unfamiliar with the show, it is a comedy-drama about a chef who manages his deceased brother\'s sandwich shop. When I see different chefs interacting in a busy environment I can\'t help but think of the same activities happening in the data center and IT offices that I\'ve visited. But whilst the best businesses in the world...]]> 2024-03-27T04:06:11+00:00 https://www.tripwire.com/state-of-security/bake-ensuring-security-cyber-kitchen www.secnews.physaphae.fr/article.php?IdArticle=8471247 False None None 3.0000000000000000