This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T14:37:50+00:00 www.secnews.physaphae.fr Korben - Bloger francais 2025-03-03T09:00:00+00:00 https://korben.info/wetube-application-android-alternative-youtube-sans-pub.html www.secnews.physaphae.fr/article.php?IdArticle=8652904 False Mobile None 3.0000000000000000 The Register - Site journalistique Anglais It\'s well-built and surprisingly easy to handle but let down by Android. And stupidly expensive First Look  Huawei\'s triple-fold Mate XT smartphone is a classy creation that\'s easy to handle even when fully extended, but disappoints because it\'s ridiculously expensive and the included Android variant struggles to keep pace with the machine\'s contortions.…]]> 2025-03-03T06:33:08+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/03/ithe_registeri_gets_its_claws/ www.secnews.physaphae.fr/article.php?IdArticle=8652872 False Mobile None 3.0000000000000000 Wired Threat Level - Security News The Honor UI Agent-powered by Google\'s Gemini 2 model-gives a glimpse of artificial intelligence agents on Android.]]> 2025-03-02T16:30:00+00:00 https://www.wired.com/story/exclusive-look-at-honor-ai-mwc-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8652683 False Mobile None 3.0000000000000000 Wired Threat Level - Security News Resist the urge to toss that old phone. Give it a second life by installing this open-source version of Android optimized for outdated hardware.]]> 2025-03-01T13:30:00+00:00 https://www.wired.com/story/keep-your-old-android-phone-running-longer-with-lineageos/ www.secnews.physaphae.fr/article.php?IdArticle=8652313 False Mobile None 3.0000000000000000 TroyHunt - Blog Security Android users who have installed Google\'s February patch batch should do so ASAP.]]> 2025-02-28T23:08:30+00:00 https://arstechnica.com/security/2025/02/android-0-day-sold-by-cellebrite-exploited-to-hack-serbian-students-phone/ www.secnews.physaphae.fr/article.php?IdArticle=8652128 False Hack,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 23-year-old Serbian youth activist had their Android phone targeted by a zero-day exploit developed by Cellebrite to unlock the device, according to a new report from Amnesty International. "The Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite," the international non-governmental]]> 2025-02-28T22:18:00+00:00 https://thehackernews.com/2025/02/amnesty-finds-cellebrites-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8652039 False Vulnerability,Threat,Mobile None 3.0000000000000000 Techworm - News 2025-02-28T21:54:06+00:00 https://www.techworm.net/2025/02/1-6-million-android-tvs-hacked-infected-by-vo1d-botnet-worldwide.html www.secnews.physaphae.fr/article.php?IdArticle=8652024 False Malware,Vulnerability,Threat,Mobile None 3.0000000000000000 SecurityWeek - Security News Amnesty International publie des détails techniques sur les vulnérabilités zéro jour exploitées par les outils médico-légaux mobiles de Cellebrite \\ pour espionner un militant étudiant serbe.

---

>Amnesty International publishes technical details on zero-day vulnerabilities exploited by Cellebrite\'s mobile forensic tools to spy on a Serbian student activist. ]]> 2025-02-28T20:20:54+00:00 https://www.securityweek.com/amnesty-reveals-cellebrite-zero-day-android-exploit-on-serbian-student-activist/ www.secnews.physaphae.fr/article.php?IdArticle=8652085 False Tool,Vulnerability,Threat,Mobile,Technical None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2025-02-28T14:13:19+00:00 https://blog.knowbe4.com/protect-your-devices-mobile-phishing-attacks-bypass-desktop-security-measures www.secnews.physaphae.fr/article.php?IdArticle=8651991 False Mobile None 3.0000000000000000 Wired Threat Level - Security News Apple\'s new event planning app lets you gather friends and family in one place-even if they\'re on Android.]]> 2025-02-28T12:30:00+00:00 https://www.wired.com/story/how-to-use-apple-invites/ www.secnews.physaphae.fr/article.php?IdArticle=8651961 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. [...]]]> 2025-02-28T11:27:18+00:00 https://www.bleepingcomputer.com/news/security/serbian-police-used-cellebrite-zero-day-hack-to-unlock-android-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8652025 False Hack,Vulnerability,Threat,Legislation,Mobile None 3.0000000000000000 SecurityWeek - Security News Le botnet VO1D est désormais alimenté par 1,6 million d'appareils TV Android, contre 1,3 million il y a un demi-an. 

---

>The Vo1d botnet is now powered by 1.6 million Android TV devices, up from 1.3 million half a year ago.  ]]> 2025-02-28T11:23:23+00:00 https://www.securityweek.com/vo1d-botnet-evolves-as-it-ensnares-1-6-million-android-tv-boxes/ www.secnews.physaphae.fr/article.php?IdArticle=8651945 False Mobile None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Big shifts in the infostealer scene, novel attack vector against iOS and Android, and a massive surge in investment scams on social media]]> 2025-02-28T10:00:00+00:00 https://www.welivesecurity.com/en/podcasts/threat-report-h2-2024-infostealer-shakeup-new-attack-vector-mobile-nomani/ www.secnews.physaphae.fr/article.php?IdArticle=8661311 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting. "The modifications seen in the TgToxic payloads reflect the actors\' ongoing surveillance of open source intelligence and demonstrate their commitment to enhancing the]]> 2025-02-27T18:34:00+00:00 https://thehackernews.com/2025/02/new-tgtoxic-banking-trojan-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8651620 False Malware,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the Vo1d malware botnet has grown to 1,590,299 infected Android TV devices across 226 countries, recruiting devices as part of anonymous proxy server networks. [...]]]> 2025-02-27T17:49:12+00:00 https://www.bleepingcomputer.com/news/security/vo1d-malware-botnet-grows-to-16-million-android-tvs-worldwide/ www.secnews.physaphae.fr/article.php?IdArticle=8651773 False Malware,Mobile None 3.0000000000000000 Detection At Scale - Blog de reverseur Matthew Domko explains how his team tackles securing a consumer AI device that can take real-world actions, requiring expertise across hardware, Android, and cloud security.]]> 2025-02-27T13:36:47+00:00 https://www.detectionatscale.com/p/llm-security-engineering-matthew-domko-rabbit www.secnews.physaphae.fr/article.php?IdArticle=8654610 False Mobile,Cloud None 3.0000000000000000 The Register - Site journalistique Anglais Starting with Snapdragon 8 Elite and \'droid 15 It seems manufacturers are finally getting the message that people want to use their kit for longer without security issues, as Qualcomm has said it\'ll provide Android software updates, including vulnerability fixes, for its latest chipsets for eight years instead of four.…]]> 2025-02-26T18:57:33+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/26/qualcomm_android_support/ www.secnews.physaphae.fr/article.php?IdArticle=8651315 False Vulnerability,Mobile None 3.0000000000000000 Amensty International - International Orgs Répondre à l'annonce de Cellebrite \\ qu'il arrêtera l'utilisation de son équipement médico-légal numérique pour certains de leurs clients en Serbie, à la suite du rapport d'Amnesty International \\ sur l'utilisation abusive des logiciels espions et des produits médico-légaux mobiles par les autorités serbes à illégalement Les militants et les journalistes cibles, Donncha Ó Cearbhaill, chef du laboratoire de sécurité d'Amnesty International, […]

---

>Responding to Cellebrite\'s announcement that it will stop the use of its digital forensic equipment for some of their customers in Serbia, following Amnesty International\'s report on the misuse of spyware and mobile forensic products by Serbian authorities to unlawfully target activists and journalists, Donncha Ó Cearbhaill, Head of the Security Lab at Amnesty International, […] ]]> 2025-02-26T12:21:12+00:00 https://securitylab.amnesty.org/latest/2025/02/serbia-cellebrite-halts-product-use-in-serbia-following-amnesty-surveillance-report/ www.secnews.physaphae.fr/article.php?IdArticle=8651216 False Mobile None 3.0000000000000000 SecurityWeek - Security News Qualcomm dit qu'il travaille avec Google pour s'assurer que les fabricants d'appareils Android pourront fournir des mises à jour de sécurité pendant 8 ans.

---

>Qualcomm says it\'s working with Google to ensure that Android device manufacturers will be able to provide security updates for 8 years. ]]> 2025-02-26T11:20:00+00:00 https://www.securityweek.com/qualcomm-extends-security-support-for-android-devices-to-8-years/ www.secnews.physaphae.fr/article.php?IdArticle=8651184 False Mobile None 3.0000000000000000 The Register - Site journalistique Anglais Privacy-centric Android makes more sense on this form factor than a phone We had a play with Murena\'s first tablet, a Google Pixel running /e/OS, its in-house de-Googled Android 13 with additional privacy features.…]]> 2025-02-26T11:01:10+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/26/murena_degoogled_android_tablet/ www.secnews.physaphae.fr/article.php?IdArticle=8651160 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain OpenAI\'s newest model, GPT-4.5, is coming sooner than we expected. A new reference has been spotted on ChatGPT\'s Android app that points to a model called "GPT-4.5 research preview," but it looks like it will initially be limited to those with a Pro subscription. [...]]]> 2025-02-26T07:39:18+00:00 https://www.bleepingcomputer.com/news/artificial-intelligence/openais-gpt-45-spotted-in-android-beta-launch-imminent/ www.secnews.physaphae.fr/article.php?IdArticle=8651199 False Mobile ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged an updated version of the LightSpy implant that comes equipped with an expanded set of data collection features to extract information from social media platforms like Facebook and Instagram. LightSpy is the name given to a modular spyware that\'s capable of infecting both Windows and Apple systems with an aim to harvest data. It was first documented in]]> 2025-02-25T21:37:00+00:00 https://thehackernews.com/2025/02/lightspy-expands-to-100-commands.html www.secnews.physaphae.fr/article.php?IdArticle=8650931 False Mobile None 3.0000000000000000 TroyHunt - Blog Security Starting with the Snapdragon 8 Elite, Qualcomm enables up to eight years of update support.]]> 2025-02-25T17:28:55+00:00 https://arstechnica.com/gadgets/2025/02/qualcomm-and-google-team-up-to-offer-8-years-of-android-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8650948 False Mobile None 3.0000000000000000 GoogleSec - Firm Security Blog billions. Traditional approaches, like code auditing, fuzzing, and exploit mitigations – while helpful – haven\'t been enough to stem the tide, while incurring an increasingly high cost.In this blog post, we are calling for a fundamental shift: a collective commitment to finally eliminate this class of vulnerabilities, anchored on secure-by-design practices – not just for ourselves but for the generations that follow.The shift we are calling for is reinforced by a recent ACM article calling to standardize memory safety we took part in releasing with academic and industry partners. It\'s a recognition that the lack of memory safety is no longer a niche technical problem but a societal one, impacting everything from national security to personal privacy.The standardization opportunityOver the past decade, a confluence of secure-by-design advancements has matured to the point of practical, widespread deployment. This includes memory-safe languages, now including high-performance ones such as Rust, as well as safer language subsets like Safe Buffers for C++. These tools are already proving effective. In Android for example, the increasing adoption of memory-safe languages like Kotlin and Rust in new code has driven a significant reduction in vulnerabilities.Looking forward, we\'re also seeing exciting and promising developments in hardware. Technologies like ARM\'s Memory Tagging Extension (MTE) and the ]]> 2025-02-25T15:04:10+00:00 http://security.googleblog.com/2025/02/securing-tomorrows-software-need-for.html www.secnews.physaphae.fr/article.php?IdArticle=8650981 False Tool,Vulnerability,Threat,Mobile,Technical None 2.0000000000000000 The Register - Site journalistique Anglais Plus: Fandroid alert – Android devices sometimes say \'5G\' when connecting to 4G London is bottom of the table when it comes to 5G mobile service, according to a report gauging major European cities on the overall quality of user experience. And, Europe itself lags behind other regions in 5G SA deployment.…]]> 2025-02-25T12:43:03+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/25/london_is_bottom_in_europe_5g/ www.secnews.physaphae.fr/article.php?IdArticle=8650839 False Mobile None 2.0000000000000000 Korben - Bloger francais 2025-02-24T16:43:29+00:00 https://korben.info/exo-cluster-ia-distribue-appareils-gpu.html www.secnews.physaphae.fr/article.php?IdArticle=8650553 False Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Présentation Beginning in August 2024, Mandiant observed a notable increase in phishing attacks targeting the education industry, specifically U.S.-based universities. A separate investigation conducted by the Google\'s Workspace Trust and Safety team identified a long-term campaign spanning from at least October 2022, with a noticeable pattern of shared filenames, targeting thousands of educational institution users per month. These attacks exploit trust within academic institutions to deceive students, faculty, and staff, and have been timed to coincide with key dates in the academic calendar. The beginning of the school year, with its influx of new and returning students combined with a barrage of administrative tasks, as well as financial aid deadlines, can create opportunities for attackers to carry out phishing attacks. In these investigations, three distinct campaigns have emerged, attempting to take advantage of these factors.  In one campaign, attackers leveraged phishing campaigns utilizing compromised educational institutions to host Google Forms. At this time, Mandiant has observed at least 15 universities targeted in these phishing campaigns. In this case, the malicious forms were reported and subsequently removed. As such, at this time none of the phishing forms identified are currently active. Another campaign involved scraping university login pages and re-hosting them on the attacker-controlled infrastructure. Both campaigns exhibited tactics to obfuscate malicious activity while increasing their perceived legitimacy, ultimately to perform payment redirection attacks. These phishing methods employ various tactics to trick victims into revealing login credentials and financial information, including requests for school portal login verification, financial aid disbursement, refund verification, account deactivation, and urgent responses to campus medical inquiries. Google takes steps to protect users from misuse of its products, and create an overall positive experience. However, awareness and education play a big role in staying secure online. To better protect yourself and others, be sure to report abuse.   Case Study 1: Google Forms Phishing Campaign The first observed campaign involved a two-pronged phishing campaign. Attackers distributed phishing emails that contained a link to a malicious Google Form. These emails and their respective forms were designed to mimic legitimate university communications, but requested sensitive information, including login credentials and financial details. ]]> 2025-02-24T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/phishing-targeting-higher-education/ www.secnews.physaphae.fr/article.php?IdArticle=8650541 False Spam,Malware,Tool,Vulnerability,Threat,Studies,Legislation,Mobile,Medical None 3.0000000000000000 HackRead - Chercher Cyber Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing…]]> 2025-02-24T12:37:06+00:00 https://hackread.com/hardware-crypto-wallets-vs-mobile-vs-desktop/ www.secnews.physaphae.fr/article.php?IdArticle=8650491 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. [...]]]> 2025-02-21T13:45:23+00:00 https://www.bleepingcomputer.com/news/security/spylend-android-malware-downloaded-100-000-times-from-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8649675 False Malware,Tool,Mobile None 2.0000000000000000 HackRead - Chercher Cyber Fake browser update scams now target Mac, Windows, and Android users, delivering malware like FrigidStealer, Lumma Stealer, and…]]> 2025-02-20T18:17:08+00:00 https://hackread.com/frigidstealer-malware-infect-macos-fake-browser-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8649339 False Malware,Mobile None 2.0000000000000000 TroyHunt - Blog Security Fire tablets and Fire TV devices will still have access to apps, though.]]> 2025-02-20T17:35:47+00:00 https://arstechnica.com/gadgets/2025/02/amazon-remembers-it-has-an-android-app-store-kills-it/ www.secnews.physaphae.fr/article.php?IdArticle=8649320 False Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Mobile phishing attacks surged in 2024, with 16% of all incidents occurring in the US, according to a new Zimperium report]]> 2025-02-20T14:30:00+00:00 https://www.infosecurity-magazine.com/news/mobile-phishing-attacks-surge-16/ www.secnews.physaphae.fr/article.php?IdArticle=8649282 False Mobile None 3.0000000000000000 Cyble - CyberSecurity Firm Overview  Google Threat Intelligence Group (GTIG) has identified multiple Russia-aligned threat actors actively targeting Signal Messenger accounts as part of a multi-year cyber espionage operation. The campaign, likely driven by Russia\'s intelligence-gathering objectives during its invasion of Ukraine, aims to compromise the secure communications of military personnel, politicians, journalists, and activists.  The tactics observed in this campaign include phishing attacks abusing Signal\'s linked devices feature, malicious JavaScript payloads and malware designed to steal Signal messages from compromised Android and Windows devices. While the focus remains on Ukrainian targets, the threat is expected to expand globally as adversaries refine their techniques.  Google has partnered with Signal to introduce security enhancements that mitigate these attack vectors, urging users to update to the latest versions of the app.  Tactics Used to Compromise Signal Accounts  Exploiting Signal\'s "Linked Devices" Feature  Russia-aligned threat actors have manipulated Signal\'s legitimate linked devices functionality to gain persistent access to victim accounts. By tricking users into scanning malicious QR codes, attackers can link an actor-controlled device to the victim\'s account, enabling real-time message interception without full device compromise.  The phishing methods used to deliver these malicious QR codes include:  Fake Signal group invites containing altered JavaScript redirects.  Phishing pages masquerading as Ukrainian military applications.  ]]> 2025-02-20T13:21:16+00:00 https://cyble.com/blog/germany-strengthening-cybersecurity-2/ www.secnews.physaphae.fr/article.php?IdArticle=8649243 True Malware,Tool,Vulnerability,Threat,Mobile,Cloud,Conference APT 44 2.0000000000000000 Recorded Future - FLux Recorded Future Mobile security company iVerify says that it discovered about a dozen new infections of the powerful Pegasus spyware on phones mostly used by people in private industry.]]> 2025-02-19T14:05:12+00:00 https://therecord.media/pegasus-spyware-infections-iverify www.secnews.physaphae.fr/article.php?IdArticle=8649003 False Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia\'s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia\'s re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war. Signal\'s popularity among common targets of surveillance and espionage activity-such as military personnel, politicians, journalists, activists, and other at-risk communities-has positioned the secure messaging application as a high-value target for adversaries seeking to intercept sensitive information that could fulfil a range of different intelligence requirements. More broadly, this threat also extends to other popular messaging applications such as WhatsApp and Telegram, which are also being actively targeted by Russian-aligned threat groups using similar techniques. In anticipation of a wider adoption of similar tradecraft by other threat actors, we are issuing a public warning regarding the tactics and methods used to date to help build public awareness and help communities better safeguard themselves from similar threats. We are grateful to the team at Signal for their close partnership in investigating this activity. The latest Signal releases on Android and iOS contain hardened features designed to help protect against similar phishing campaigns in the future. Update to the latest version to enable these features. Phishing Campaigns Abusing Signal\'s "Linked Devices" Feature The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app\'s legitimate "linked devices" feature that enables Signal to be used on multiple devices concurrently. Because linking an additional device typically requires scanning a quick-response (QR) code, threat actors have resorted to crafting malicious QR codes that, when scanned, will link a victim\'s account to an actor-controlled Signal instance. If successful, future messages will be delivered synchronously to both the victim and the threat actor in real-time, providing a persistent means to eavesdrop on the victim\'s secure conversations without the need for full-device compromise. ]]> 2025-02-19T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger/ www.secnews.physaphae.fr/article.php?IdArticle=8648980 False Malware,Threat,Mobile,Cloud,Commercial APT 44 2.0000000000000000 Krebs on Security - Chercheur Américain Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.]]> 2025-02-18T18:37:26+00:00 https://krebsonsecurity.com/2025/02/how-phished-data-turns-into-apple-google-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8648901 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is a "threat actor that uses fake]]> 2025-02-18T18:30:00+00:00 https://thehackernews.com/2025/02/new-frigidstealer-malware-targets-macos.html www.secnews.physaphae.fr/article.php?IdArticle=8648864 False Malware,Threat,Mobile None 3.0000000000000000 ProofPoint - Cyber Firms 2025-02-18T11:14:41+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/proofpoint-collab-secures-messaging-collaboration-apps www.secnews.physaphae.fr/article.php?IdArticle=8648936 False Data Breach,Malware,Tool,Threat,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Product Reviews

---

Appdome Stops AI-Deep Fakes at the Mobile Doorstep Unveils 30 Groundbreaking Deep Fake Detection Plugins to Strengthen ATO Protection inside Android & iOS Apps - Product Reviews]]> 2025-02-18T10:08:47+00:00 https://www.globalsecuritymag.fr/appdome-announced-it-is-extending-its-account-takeover-protection-suite.html www.secnews.physaphae.fr/article.php?IdArticle=8648832 False Mobile None 3.0000000000000000 ProofPoint - Cyber Firms 2025-02-18T08:18:48+00:00 https://www.proofpoint.com/us/blog/threat-insight/update-fake-updates-two-new-actors-and-new-mac-malware www.secnews.physaphae.fr/article.php?IdArticle=8648935 False Ransomware,Malware,Tool,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) South Korea has formally suspended new downloads of Chinese artificial intelligence (AI) chatbot DeepSeek in the country until the service makes changes to its mobile apps to comply with data protection regulations. Downloads have been paused as of February 15, 2025, 6:00 p.m. local time, the Personal Information Protection Commission (PIPC) said in a statement. The web service remains]]> 2025-02-17T17:06:00+00:00 https://thehackernews.com/2025/02/south-korea-suspends-deepseek-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8648761 False Mobile None 2.0000000000000000 ANSSI - Flux Étatique Francais anssiadm lun 17/02/2025 - 15:34 Dans le cadre du Sommet pour l\'action sur l\'IA, organisé à Paris du 6 au 11 février 2025, l\'ANSSI a piloté, au sein de l\'axe " IA de confiance ", les travaux menés ces derniers mois sur la cybersécurité. L\'occasion de promouvoir son approche visant à privilégier une meilleure prise en compte des risques cyber pour développer la confiance dans l\'IA. L\'ANSSI a organisé un exercice de crise cyber lors du Sommet de l\'IA L\'expertise de l\'ANSSI au service d\'une meilleure appréhension des risques cyber de l\'IA En tant qu\'autorité nationale en matière de cyberdéfense et de cybersécurité, l\'ANSSI a travaillé à l\'identification et la bonne compréhension des risques cyber des systèmes d\'intelligence artificielle (SIA), en collaboration avec ses partenaires nationaux et internationaux, également réunis à Paris à l\'occasion du Sommet pour l\'action sur l\'IA. Des systèmes d\'information qui posent de nouveaux défis à la cybersécurité Dans les travaux qu\'elle a menés, l\'ANSSI souligne en premier lieu que les systèmes intégrant une IA (SIA) demeurent fondamentalement des systèmes logiciels, soumis en tout état de cause aux mêmes vulnérabilités que des systèmes plus classiques, comme le détournement de comptes utilisateurs ou administr]]> 2025-02-17T15:34:05+00:00 https://cyber.gouv.fr/actualites/sommet-pour-laction-sur-lintelligence-artificielle-retour-sur-les-travaux-de-lanssi www.secnews.physaphae.fr/article.php?IdArticle=8648774 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress. Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority. Users who attempt]]> 2025-02-15T15:56:00+00:00 https://thehackernews.com/2025/02/androids-new-feature-blocks-fraudsters.html www.secnews.physaphae.fr/article.php?IdArticle=8648580 False Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Apple TV+ app on Android will work mostly as it does on any other device.]]> 2025-02-12T20:00:56+00:00 https://arstechnica.com/culture/2025/02/apple-tv-crosses-enemy-lines-will-be-available-as-an-android-app-starting-today/ www.secnews.physaphae.fr/article.php?IdArticle=8648268 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Our security research team looked at the top 50 apps from iOS App store and Android Play Store and identified one app from each category that exhibited a high security or privacy vulnerability score.

---

>Our security research team looked at the top 50 apps from iOS App store and Android Play Store and identified one app from each category that exhibited a high security or privacy vulnerability score. ]]> 2025-02-12T14:00:00+00:00 https://www.zimperium.com/blog/so-you-think-that-popular-app-is-safe-think-again/ www.secnews.physaphae.fr/article.php?IdArticle=8648235 False Vulnerability,Mobile None 3.0000000000000000 Cyble - CyberSecurity Firm Key Takeaways BTMOB RAT is an advanced Android malware evolved from SpySolr that features remote control, credential theft, and data exfiltration. It spreads via phishing sites impersonating streaming services like iNat TV and fake mining platforms. The malware abuses Android\'s Accessibility Service to unlock devices, log keystrokes, and automate credential theft through injections. It uses WebSocket-based C&C communication for real-time command execution and data theft. BTMOB RAT supports various malicious actions, including live screen sharing, file management, audio recording, and web injections. The Threat Actor (TA) actively markets the malware on Telegram, offering paid licenses and continuous updates, making it an evolving and persistent threat. Overview On January 31, 2025, Cyble Research and Intelligence Labs (CRIL) identified a sample lnat-tv-pro.apk (13341c5171c34d846f6d0859e8c45d8a898eb332da41ab62bcae7519368d2248) being distributed via a phishing site “hxxps://tvipguncelpro[.]com/” impersonating iNat TV - online streaming platform from Turkey posing a serious threat to unsuspecting users. Figure 1 – Phishing site distributing this ma]]> 2025-02-12T10:31:36+00:00 https://cyble.com/blog/btmob-rat-newly-discovered-android-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8648179 False Malware,Tool,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has stepped in to clarify that a newly introduced Android System SafetyCore app does not perform any client-side scanning of content. "Android provides many on-device protections that safeguard users against threats like malware, messaging spam and abuse protections, and phone scam protections, while preserving user privacy and keeping users in control of their data," a spokesperson for]]> 2025-02-11T20:43:00+00:00 https://thehackernews.com/2025/02/google-confirms-android-safetycore.html www.secnews.physaphae.fr/article.php?IdArticle=8648069 False Spam,Malware,Mobile None 3.0000000000000000 Techworm - News 1),(2)] published on Monday. The Cupertino giant has credited security researcher Bill Marczak of The Citizen Lab at The University of Toronto\'s Munk School for discovering and reporting the vulnerability to Apple. The CVE-2025-24200 vulnerability affected a broad range of Apple devices, including: iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later iPad Pro 12.9-inch 2nd generation, iPad Pro 10.5-inch, and iPad 6th generation Apple has resolved the vulnerability above by releasing software updates -  iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 - with improved memory management. While Apple has not provided any information on how the above vulnerability was exploited, it has strongly urged its iOS and iPadOS users to immediately update their devices to the latest versions to mitigate potential security threats. Further, enable automatic updates to ensure you receive future patches on your devices without delay. Avoid clicking on suspicious links and only download apps from trusted sources to reduce the risk of vulnerabilities. For software updates on iPhone or iPad, go to Settings > General > Software Update > Check for the update and install.

---

On Monday, Apple rolled out emergency security updates to fix a critical zero-day vulnerability in iOS and iPadOS that was actively exploited]]> 2025-02-11T20:40:58+00:00 https://www.techworm.net/2025/02/apple-patch-critical-ios-zero-day-cve-2025-24200.html www.secnews.physaphae.fr/article.php?IdArticle=8648064 False Tool,Vulnerability,Threat,Mobile None 3.0000000000000000 Cyble - CyberSecurity Firm Overview The Cyber Security Agency of Singapore (CSA) has recently issued a warning regarding the active exploitation of a zero-day vulnerability (CVE-2025-24200) in a range of Apple products. This critical vulnerability is being actively targeted, and Apple has released timely security updates to address the issue. If exploited, the vulnerability could allow attackers to bypass certain security features and gain unauthorized access to sensitive data through USB connections. The vulnerability, identified as CVE-2025-24200, affects various Apple devices, including iPhones and iPads. Specifically, the issue lies in the USB Restricted Mode, a security feature designed to prevent unauthorized access to a device\'s data when it is locked. A successful attack could disable this mode, allowing an unauthenticated attacker to access the device\'s data via a USB connection, even if the device is locked. This flaw has been dubbed a "zero-day vulnerability," as it was discovered and actively exploited before a patch or security fix was made available. Apple has moved quickly to resolve the issue with new security updates released on February 10, 2025. Affected Apple Products ]]> 2025-02-11T12:46:32+00:00 https://cyble.com/blog/csa-alerts-users-of-cve-2025-24200/ www.secnews.physaphae.fr/article.php?IdArticle=8648036 False Vulnerability,Threat,Mobile None 4.0000000000000000 The Register - Site journalistique Anglais PLUS: Spanish cops think they\'ve bagged NATO hacker; HPE warns staff of data breach; Lazy Facebook phishing, and more! Infosec In Brief  DeepSeek\'s iOS app is a security nightmare that you should delete ASAP, according to researchers at mobile app infosec platform vendor NowSecure.…]]> 2025-02-10T02:30:15+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/10/infosec_in_brief/ www.secnews.physaphae.fr/article.php?IdArticle=8647775 False Data Breach,Mobile None 3.0000000000000000 Techworm - News “When a user first launches the DeepSeek iOS app, it communicates with the DeepSeek\'s backend infrastructure to configure the application, register the device and establish a device profile mechanism. Even when the network is configured to actively attack the mobile app (via a MITM attack), the app still executes these steps which enables both passive and active attacks against the data,” the company wrote in a blog post published on Thursday. Modern apps use data encryption to safeguard confidentiality and integrity, which requires proper implementation to protect user data. However, the app relies on an insecure symmetric encryption algorithm (3DES), reuses initialization vectors, and hardcodes encryption keys, violating best security practices. Additionally, the DeepSeek iOS app insecurely stores usernames, passwords, and encryption keys, increasing the risk of credential theft. The app also collects user and device data that can be used for tracking and de-anonymization. Moreover, the app uses tens of data points, including organization ID, device OS version, and the language selected in the configuration. NowSecure notes that user data is sent to servers by Volcengine, a cloud service platform released by ByteDance in 2021. Since ByteDance is governed by Chinese laws, it may be compelled to share the data it collects with the Chinese government, raising major surveillance and compliance concerns for enterprises and governments utilizing the app. “The DeepSeek iOS app globally disables App Transport Security (ATS) which is an iOS platform level protection that prevents sensitive data from being sent over unencrypted channels. Since this protection is disabled, the app can (and does) send unencrypted data over the internet,” N]]> 2025-02-08T20:50:19+00:00 https://www.techworm.net/2025/02/deepseek-send-unprotected-data-tiktok-bytedance.html www.secnews.physaphae.fr/article.php?IdArticle=8647596 False Mobile,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new audit of DeepSeek\'s mobile app for the Apple iOS operating system has found glaring security issues, the foremost being that it sends sensitive data over the internet sans any encryption, exposing it to interception and manipulation attacks. The assessment comes from NowSecure, which also found that the app fails to adhere to best security practices and that it collects extensive user and]]> 2025-02-07T20:28:00+00:00 https://thehackernews.com/2025/02/deepseek-app-transmits-sensitive-user.html www.secnews.physaphae.fr/article.php?IdArticle=8647447 False Mobile None 3.0000000000000000 Cyble - CyberSecurity Firm Overview Cyble Research & Intelligence Labs (CRIL) published their Weekly Vulnerability Insights Report to clients, covering key vulnerabilities reported from January 29 to February 4, 2025. The analysis highlights critical security flaws that have posed cyber threats to various IT infrastructures globally. Notably, the Cybersecurity and Infrastructure Security Agency (CISA) added five vulnerabilities to the Known Exploited Vulnerability (KEV) catalog. This report highlights vulnerabilities in several widely used software products and services, including Paessler PRTG Network Monitor, Microsoft .NET Framework, and Zyxel DSL devices. These vulnerabilities could impact a range of industries that rely on these systems to monitor, manage, and protect critical infrastructure. Incorporation of Vulnerabilities into the KEV Catalog CISA\'s inclusion of vulnerabilities in the KEV catalog is an important step in highlighting serious risks associated with widely deployed software. During this period, CISA added five vulnerabilities, including two dating back to 2018, that have been actively exploited and affect major IT infrastructure tools like Paessler PRTG Network Monitor. These vulnerabilities were assessed for their active exploitation and listed accordingly to ensure better protection for organizations globally. Among the newly added vulnerabilities, CVE-2018-19410 and ]]> 2025-02-07T11:44:32+00:00 https://cyble.com/blog/cybles-weekly-vulnerability-kev-catalog/ www.secnews.physaphae.fr/article.php?IdArticle=8647402 False Tool,Vulnerability,Threat,Patching,Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2025-02-07T07:00:00+00:00 https://levelblue.com/blogs/security-essentials/rose-exposure-management-from-traditional-vulnerability-management www.secnews.physaphae.fr/article.php?IdArticle=8647365 False Tool,Vulnerability,Threat,Patching,Mobile,Industrial,Cloud,Technical None 3.0000000000000000 Global Security Mag - Site de news francais Product Reviews

---

Appdome Breaks the Surge in Android & iOS Trojans Globally Extends leadership in Account Takeover Protection (ATO) with 24 new Dynamic Defense Plugins Targeting Banking Trojans, Trojan Spyware, and RATs - Product Reviews]]> 2025-02-06T22:26:40+00:00 https://www.globalsecuritymag.fr/appdome-announced-a-platform-upgrade.html www.secnews.physaphae.fr/article.php?IdArticle=8647320 False Mobile None 2.0000000000000000 Krebs on Security - Chercheur Américain New mobile apps from the Chinese artificial intelligence (AI) company DeepSeek have remained among the top three "free" downloads for Apple and Google devices since their debut on Jan. 25, 2025. But experts caution that many of DeepSeek\'s design choices -- such as using hard-coded encryption keys, and sending unencrypted user and device data to Chinese companies -- introduce a number of glaring security and privacy risks.]]> 2025-02-06T21:12:30+00:00 https://krebsonsecurity.com/2025/02/experts-flag-security-privacy-risks-in-deepseek-ai-app/ www.secnews.physaphae.fr/article.php?IdArticle=8647293 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités

---

Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel. - Vulnérabilités]]> 2025-02-06T20:32:33+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiples-vulnerabilites-de-mai-2024-analyse.html www.secnews.physaphae.fr/article.php?IdArticle=8647279 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Security Vulnerability

---

An attacker can use several vulnerabilities of Google Android | Pixel. - Security Vulnerability]]> 2025-02-06T20:32:33+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiple-vulnerabilities-of-may-2024-analyzed.html www.secnews.physaphae.fr/article.php?IdArticle=8647278 False Vulnerability,Mobile None 2.0000000000000000 SecurityWeek - Security News Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications.

---

>Zimperium warns that threat actors have stolen the information of tens of thousands of Android users in India using over 1,000 malicious applications. ]]> 2025-02-06T18:19:36+00:00 https://www.securityweek.com/1000-apps-used-in-malicious-campaign-targeting-android-users-in-india/ www.secnews.physaphae.fr/article.php?IdArticle=8647272 False Threat,Mobile None 2.0000000000000000 Techworm - News CVE-2024-53104 is a privilege escalation security flaw affecting the USB UVC driver in the Linux kernel. The issue arises from improper parsing of frames labeled as UVC_VS_UNDEFINED in the uvc_parse_format function, which can cause the buffer size of frames to be miscalculated, resulting in out-of-bounds writes. Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges and perform execute arbitrary code on a vulnerable Android phone or cause denial-of-service conditions on affected systems or system crashes. In response to the active exploitation of this vulnerability, CISA has added CVE-2024-53104 to its Known Exploited Vulnerabilities (KEV) Catalog. The agency has mandated all Federal Civilian Executive Branch (FCEB) agencies, as per the November 2021 Binding Operational Directive (BOD) 22-01, to apply the patches by February 26, 2025, to mitigate the Linux kernel vulnerability and protect their networks against potential threats. “These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,” CISA issued a warning on Wednesday. CISA has also advised private organizations and users to update their Linux distributions and Android devices to the latest versions to mitigate the risk associated with CVE-2024-53104. As mentioned in our report yesterday, Google has released its February 2025 security updates, which address 48 vulnerabilities, including CVE-2024-53104. The company noted indications of “limited, targeted exploitation” of this flaw and provided patches to improve the security of Android devices. However, users are strongly encouraged to install the latest security updates promptly to safeguard their devices and themselves from major security threats.

---

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a directive mandating federal agencies to promptly address a critical vulnerability in the Linux kernel, identified as CVE-2024-53104. This high-severity flaw affects the Android Kernel\'s USB Video Class (UVC) driver and has been actively exploited in targeted attacks. For those unaware, CVE-2024-53104 is a privilege escalation security flaw affecting the USB UVC driver in the Linux kernel. The issue arises from improper parsing of frames labeled as UVC_VS_UNDEFINED in the uvc_parse_format function, which can cause the buffer size of frames to be miscalculated, resulting in out-of-bounds writes. Successful exploitation of this vulnerability could allow an authenticated attacker to escalate privileges and perform execute arbitrary code on a vulnerable Android phone or cause denial-of-service conditions on affected systems or system crashes. In response to the active exploitation of this vulnerability, CISA has added CVE-2024-53104 to its Known Exploited Vulnerabil]]> 2025-02-06T18:04:42+00:00 https://www.techworm.net/2025/02/cisa-urgent-patch-exploited-linux-kernel-bug.html www.secnews.physaphae.fr/article.php?IdArticle=8647202 False Vulnerability,Mobile None 3.0000000000000000 Wired Threat Level - Security News Technically sound, Samsung\'s latest Android phones are a bit of a snooze.]]> 2025-02-06T14:02:00+00:00 https://www.wired.com/review/samsung-galaxy-s25-s25-plus-and-s25-ultra/ www.secnews.physaphae.fr/article.php?IdArticle=8647213 False Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant capa to analyze native ARM ELF files targeting Android. Together, we improved existing and developed new capa rules to detect capabilities observed in Android malware, used the capa rule matches to highlight the highly suspicious code in native files, and prompted Gemini with the highlighted code behaviors for summarization to enhance our review processes for faster decisions. In this blog post, we will describe how we leverage capa behavior-detection capabilities and state-of-art Gemini summarization by: Showcasing a malware sample that used various anti-analysis tricks to evade detections Explaining how our existing and new capa rules identify and highlighted those behaviors Presenting how Gemini summarizes the highlighted code for security reviews An Illegal Gambling App Under a Music App Façade Google Play Store ensures all published apps conform to local laws and regulations. This includes gambling apps, which are prohibited or require licenses in some areas. Developing and distributing illegal gambling apps in such areas can generate significant illicit profits, which sometimes is associated with organized crimes. To bypass Google Play Store\'s security-screening procedures, some gambling apps disguise themselves with harmless façades like music or casual games. These apps only reveal their gambling portals]]> 2025-02-06T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/capa-rules-android-malware-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8647244 False Malware,Tool,Threat,Mobile,Medical,Cloud None 3.0000000000000000 UnderNews - Site de news "pirate" francais zLabs, l\'équipe de recherche de Zimperium, le leader mondial de la sécurité mobile, a découvert une nouvelle campagne de malware mobiles ciblant principalement les utilisateurs des banques indiennes. L’analyse des 900 échantillons de malwares collectés par zLabs révèle des structures de code communes, des éléments d’interface utilisateur et des logos d’application partagés, suggérant une action […] The post Zimperium découvre FatBoyPanel, un nouveau malware ciblant les données des utilisateurs des banques indiennes first appeared on UnderNews.

---

>zLabs, l\'équipe de recherche de Zimperium, le leader mondial de la sécurité mobile, a découvert une nouvelle campagne de malware mobiles ciblant principalement les utilisateurs des banques indiennes. L’analyse des 900 échantillons de malwares collectés par zLabs révèle des structures de code communes, des éléments d’interface utilisateur et des logos d’application partagés, suggérant une action […] The post Zimperium découvre FatBoyPanel, un nouveau malware ciblant les données des utilisateurs des banques indiennes first appeared on UnderNews.]]> 2025-02-05T14:56:04+00:00 https://www.undernews.fr/malwares-virus-antivirus/zimperium-decouvre-fatboypanel-un-nouveau-malware-ciblant-les-donnees-des-utilisateurs-des-banques-indiennes.html www.secnews.physaphae.fr/article.php?IdArticle=8647066 False Malware,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Indian banking malware attack exposes 50,000 users, stealing financial data via SMS interception and phishing]]> 2025-02-05T14:00:00+00:00 https://www.infosecurity-magazine.com/news/mobile-malware-indian-banks/ www.secnews.physaphae.fr/article.php?IdArticle=8647037 False Malware,Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Our zLabs research team has discovered a mobile malware campaign consisting of almost 900 malware samples primarily targeting users of Indian banks.

---

>Our zLabs research team has discovered a mobile malware campaign consisting of almost 900 malware samples primarily targeting users of Indian banks. ]]> 2025-02-05T14:00:00+00:00 https://www.zimperium.com/blog/mobile-indian-cyber-heist-fatboypanel-and-his-massive-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8647033 False Data Breach,Malware,Mobile None 3.0000000000000000 Kaspersky - Kaspersky Research blog Kaspersky experts discover iOS and Android apps infected with the SparkCat crypto stealer in Google Play and the App Store. It steals crypto wallet data using an OCR model.]]> 2025-02-05T08:00:16+00:00 https://securelist.com/sparkcat-stealer-in-app-store-and-google-play/115385/ www.secnews.physaphae.fr/article.php?IdArticle=8646968 False Mobile None 3.0000000000000000 Techworm - News CVE-2024-53104, the zero-day flaw has been described as a high-severity issue affecting the Android Kernel\'s USB Video Class (UVC) driver. What\'s the vulnerability? This vulnerability is a privilege escalation security flaw in Android\'s USB Video Class driver, which if exploited, can allow an authenticated attacker to elevate privileges in low-complexity attacks on targeted devices. The zero-day flaw resides in the uvc_parse_format function. Improper parsing of UVC_VS_UNDEFINED type frames can cause the buffer size of frames to be miscalculated. This can lead to out-of-bounds writes since frames of this type were not considered when calculating the frame buffer size in uvc_parse_streaming. This can potentially allow attackers to execute arbitrary code on a vulnerable Android phone or trigger denial-of-service conditions. “In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming,” reads the advisory. “There are indications that CVE-2024-36971 may be under limited, targeted exploitation”, the search giant noted in its February 2025 monthly Android security advisory. Additionally, Google addressed a critical security flaw, CVE-2024-45569 (CVSS score of 9.8), in Qualcomm\'s WLAN component. Qualcomm states this flaw is a memory corruption issue caused by an Improper Validation of the Array Index in WLAN Host Communication when parsing the ML IE due to invalid frame content.  Patches Released Google has released two patch sets, the 2025-02-01 and 2025-02-05 security patch levels, as part of the February 2025 security updates. While Google Pixel devices receive security updates immediately, other manufacturers may experience delays due to the additional testing required to ensure the security patches are compatible with various hardware configurations. Hence, Android users are strongly advised to install the 2025-02-01 and 2025-02-05 security patch levels as soon as possible to safeguard their devices and themselves from major security threats.

---

Google on Monday released its February 2025 security patches, which address 48 vulnerabilities, including a critical zero-day vulnerability affecting the Android kernel that was being actively exploited in attacks. Tracked as CVE-2024-53104, the zero-day flaw has been described as a high-severity issue affecting the Android Kernel\'s USB Video Class (UVC) driver. What\'s the vu]]> 2025-02-04T20:21:09+00:00 https://www.techworm.net/2025/02/google-fixe-android-kernel-zero-day-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8646826 False Vulnerability,Threat,Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The monthly update closes 47 security vulnerabilities in total. ]]> 2025-02-04T16:13:14+00:00 https://cyberscoop.com/android-security-update-february-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8646852 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]]]> 2025-02-04T15:16:19+00:00 https://www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/ www.secnews.physaphae.fr/article.php?IdArticle=8647050 False Mobile None 4.0000000000000000 ProofPoint - Cyber Firms 2025-02-04T14:19:22+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/vidspam-new-threat-emerges-bitcoin-scams-evolve-images-video www.secnews.physaphae.fr/article.php?IdArticle=8646760 False Spam,Tool,Threat,Mobile,Prediction None 3.0000000000000000 SecurityWeek - Security News The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.

---

>The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. ]]> 2025-02-04T11:00:00+00:00 https://www.securityweek.com/vulnerability-patched-in-android-possibly-exploited-by-forensic-tools/ www.secnews.physaphae.fr/article.php?IdArticle=8646776 False Tool,Vulnerability,Mobile None 3.0000000000000000 Cyble - CyberSecurity Firm Overview NETGEAR has recently addressed two critical security vulnerabilities affecting its products, which, if exploited, could allow unauthenticated attackers to execute arbitrary code or remotely exploit devices. These vulnerabilities impact multiple models, including the XR series routers and WAX series access points. Given the high severity of these vulnerabilities, with Common Vulnerability Scoring System (CVSS) scores of 9.8 and 9.6, users are strongly advised to update their devices immediately to the latest firmware versions to prevent potential cyber threats. Details of the Security Vulnerabilities The vulnerabilities impact several NETGEAR devices and could allow remote attackers to take control of the affected routers and access points without requiring authentication. Such security flaws are particularly concerning as they can be leveraged for malicious activities, including data theft, network disruption, and unauthorized surveillance. Affected Devices and Firmware Updates NETGEAR has released fixes for the unauthenticated remote code execution (RCE) security vulnerability affecting the following models: XR1000: Fixed in firmware version 1.0.0.74 XR1000v2: Fixed in firmware version 1.1.0.22 XR500: Fixed in firmware version 2.3.2.134 ]]> 2025-02-04T10:58:37+00:00 https://cyble.com/blog/netgear-issues-security-severe-rce-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8646783 False Malware,Vulnerability,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. Successful exploitation of the flaw could lead]]> 2025-02-04T10:21:00+00:00 https://thehackernews.com/2025/02/google-patches-47-android-security.html www.secnews.physaphae.fr/article.php?IdArticle=8646732 False Vulnerability,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités

---

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d\'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service. Google indique que la vulnérabilité CVE-2024-53104 est activement... - Vulnérabilités]]> 2025-02-04T09:36:29+00:00 https://www.globalsecuritymag.fr/multiples-vulnerabilites-dans-google-android-04-fevrier-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8646832 False Mobile None 3.0000000000000000 The Register - Site journalistique Anglais Also, Netgear fixes critical router, access point vulnerabilities Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits.…]]> 2025-02-04T08:18:11+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_android_patch_netgear/ www.secnews.physaphae.fr/article.php?IdArticle=8646751 False Vulnerability,Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2025-02-04T07:00:00+00:00 https://levelblue.com/blogs/security-essentials/what-is-zero-trust www.secnews.physaphae.fr/article.php?IdArticle=8646734 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch Though Windows, iOS, and macOS users won\'t need to make any changes, Android users are advised to remove their Defender VPN profiles.]]> 2025-02-03T21:50:13+00:00 https://www.darkreading.com/mobile-security/microsoft-sets-end-date-for-defender-vpn www.secnews.physaphae.fr/article.php?IdArticle=8646679 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain The February 2025 Android security updates patch 48 vulnerabilities, including a zero-day kernel vulnerability that has been exploited in the wild. [...]]]> 2025-02-03T15:10:22+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-android-kernel-zero-day-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646654 False Vulnerability,Threat,Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future The cybercriminals have been spreading malware through malicious wedding invitations sent through private and group chats on Telegram and WhatsApp.]]> 2025-01-31T17:33:44+00:00 https://therecord.media/hackers-wedding-invitations-southeast-asia www.secnews.physaphae.fr/article.php?IdArticle=8645351 False Malware,Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against Tria Stealer.

---

>As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against Tria Stealer. ]]> 2025-01-31T16:51:05+00:00 https://www.zimperium.com/blog/zimperiums-protection-against-tria-stealers-sms-data-theft/ www.secnews.physaphae.fr/article.php?IdArticle=8645360 True Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google said it blocked over 2.36 million policy-violating Android apps from being published to the Google Play app marketplace in 2024 and banned more than 158,000 bad developer accounts that attempted to publish such harmful apps. The tech giant also noted it prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data during the time period by working with]]> 2025-01-31T16:15:00+00:00 https://thehackernews.com/2025/01/google-bans-158000-malicious-android.html www.secnews.physaphae.fr/article.php?IdArticle=8645222 False Mobile None 3.0000000000000000 Korben - Bloger francais KV4P HT qui va ravir tous les radioamateurs en herbe ! Vance Vagell (indicatif KV4P), le créateur du projet, a eu l’idée géniale de concevoir un petit module qui se branche simplement sur le port USB-C de votre smartphone Android pour le transformer en véritable radio VHF bidirectionnelle. Plus besoin de trimballer un équipement radio encombrant - votre téléphone devient votre radio !

---

Qui n’a jamais rêvé de transformer son smartphone en super talkie-walkie capable de communiquer même quand les réseaux mobiles sont HS ? Et bien c’est désormais possible grâce à un projet open source baptisé KV4P HT qui va ravir tous les radioamateurs en herbe ! Vance Vagell (indicatif KV4P), le créateur du projet, a eu l’idée géniale de concevoir un petit module qui se branche simplement sur le port USB-C de votre smartphone Android pour le transformer en véritable radio VHF bidirectionnelle. Plus besoin de trimballer un équipement radio encombrant - votre téléphone devient votre radio !]]> 2025-01-31T09:00:00+00:00 https://korben.info/kv4p-ht-transforme-smartphone-en-radio-bidirectionnelle.html www.secnews.physaphae.fr/article.php?IdArticle=8645156 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google blocked 2.3 million Android app submissions to the Play Store in 2024 due to violations of its policies that made them potentially risky for users. [...]]]> 2025-01-30T15:57:47+00:00 https://www.bleepingcomputer.com/news/security/google-blocked-236-million-risky-android-apps-from-play-store-in-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8644950 False Mobile None 3.0000000000000000 Cyble - CyberSecurity Firm Overview DeepSeek is a Chinese artificial intelligence company that has developed open-source large language models (LLMs). In January 2025, DeepSeek launched its first free chatbot app, “DeepSeek - AI Assistant”, which rapidly became the most downloaded free app on the iOS App Store in the United States, surpassing even OpenAI\'s ChatGPT. However, with rapid growth comes new risks-cybercriminals are exploiting DeepSeek\'s reputation through phishing campaigns, fake investment scams, and malware disguised as DeepSeek. This analysis seeks to explore recent incidents where Threat Actors (TAs) have impersonated DeepSeek to target users, highlighting their tactics and how readers can secure themselves accordingly. Recently, Cyble Research and Intelligence Labs (CRIL) identified multiple suspicious websites impersonating DeepSeek. Many of these sites were linked to crypto phishing schemes and fraudulent investment scams. We have compiled a list of the identified suspicious sites: abs-register[.]com deep-whitelist[.]com deepseek-ai[.]cloud deepseek[.]boats deepseek-shares[.]com deepseek-aiassistant[.]com usadeepseek[.]com Campaign Details Crypto phishing leveraging the popularity of DeepSeek CRIL uncovered a crypto phishin]]> 2025-01-30T13:00:34+00:00 https://cyble.com/blog/deepseeks-growing-influence-surge-frauds-phishing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646797 False Spam,Malware,Threat,Mobile ChatGPT 3.0000000000000000 Kaspersky - Kaspersky Research blog Kaspersky GReAT experts discovered a new campaign targeting Android devices in Malaysia and Brunei with the Tria stealer to collect data from apps like WhatsApp and Gmail.]]> 2025-01-30T08:00:12+00:00 https://securelist.com/tria-stealer-collects-sms-data-from-android-devices/115295/ www.secnews.physaphae.fr/article.php?IdArticle=8644647 False Mobile None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite DeepSeek’s R1 model launch marks a significant milestone in AI accessibility, combining advanced reasoning capabilities with free, unlimited access. The platform’s explosive growth is evident-its mobile app topped the iOS App Store charts within 48 hours of release, indicating unprecedented user adoption rates. While DeepSeek’s open-source model represents a breakthrough in cost-effective AI deployment, the DeepSeek consumer-facing app introduces substantial privacy and security challenges for enterprises. Most critically, the platform\'s data collection practices extend far beyond typical usage data: according to DeepSeek\'s privacy policy, all user interactions-including prompts, uploaded files, chat histories, voice inputs, images, and even keystroke patterns-are transmitted […]

---

DeepSeek’s R1 model launch marks a significant milestone in AI accessibility, combining advanced reasoning capabilities with free, unlimited access. The platform’s explosive growth is evident-its mobile app topped the iOS App Store charts within 48 hours of release, indicating unprecedented user adoption rates. While DeepSeek’s open-source model represents a breakthrough in cost-effective AI deployment, the DeepSeek consumer-facing app introduces substantial privacy and security challenges for enterprises. Most critically, the platform\'s data collection practices extend far beyond typical usage data: according to DeepSeek\'s privacy policy, all user interactions-including prompts, uploaded files, chat histories, voice inputs, images, and even keystroke patterns-are transmitted […] ]]> 2025-01-29T18:02:47+00:00 https://blog.checkpoint.com/artificial-intelligence/what-deepseeks-r1-model-means-for-ai-innovation-and-enterprise-security/ www.secnews.physaphae.fr/article.php?IdArticle=8644400 False Mobile None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant science, technology, and beyond. In cybersecurity, AI is poised to transform digital defense, empowering defenders and enhancing our collective security. Large language models (LLMs) open new possibilities for defenders, from sifting through complex telemetry to secure coding, vulnerability discovery, and streamlining operations. However, some of these same AI capabilities are also available to attackers, leading to understandable anxieties about the potential for AI to be misused for malicious purposes.  Much of the current discourse around cyber threat actors\' misuse of AI is confined to theoretical research. While these studies demonstrate the potential for malicious exploitation of AI, they don\'t necessarily reflect the reality of how AI is currently being used by threat actors in the wild. To bridge this gap, we are sharing a comprehensive analysis of how threat actors interacted with Google\'s AI-powered assistant, Gemini. Our analysis was grounded by the expertise of Google\'s Threat Intelligence Group (GTIG), which combines decades of experience tracking threat actors on the front lines and protecting Google, our users, and our customers from government-backed attackers, targeted 0-day exploits, coordinated information operations (IO), and serious cyber crime networks. We believe the private sector, governments, educational institutions, and other stakeholders must work together to maximize AI\'s benefits while also reducing the risks of abuse. At Google, we are committed to developing responsible AI guided by our principles, and we share ]]> 2025-01-29T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/adversarial-misuse-generative-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8644222 False Ransomware,Malware,Tool,Vulnerability,Threat,Studies,Legislation,Mobile,Industrial,Cloud,Technical,Commercial APT 41,APT 43,APT 42 3.0000000000000000 GoogleSec - Firm Security Blog Google\'s advanced AI: helping make Google Play a safer placeTo keep out bad actors, we have always used a combination of human security experts and the latest threat-detection technology. In 2024, we used Google\'s advanced AI to improve our systems\' ability to proactively identify malware, enabling us to detect and block bad apps more effectively. It also helps us streamline review processes for developers with a proven track record of policy compliance. Today, over 92% of our human reviews for harmful apps are AI-assisted, allowing us to take quicker and more accurate action to help prevent harmful apps from becoming available on Google Play. That\'s enabled us to stop more bad apps than ever from reaching users through the Play Store, protecting users from harmful or malicious apps before they can cause any damage. Working with developers to enhance security and privacy on Google Play To protect user privacy, we\'re working with developers to reduce unnecessary access to sensitive data. In 2024, we prevented 1.3 million apps from getting excessive or unnecessary access to sensitive user data. We also required apps to be more transparent about how they handle user information by launching new developer requirements and a new “Data deletion” option for apps that support user accounts and data collection. This helps users manage their app data and understand the app\'s deletion practices, making it easier for Play users to delete data collected from third-party apps. We also worked to ensure that apps use the strongest and most up-to-date privacy and security capabilities Android has to offer. Every new version of Android introduces new security and privacy features, and we encourage developers to embrace these advancements as soon as possible. As a result of partnering closely with developers, over 91% of app install]]> 2025-01-29T13:39:07+00:00 http://security.googleblog.com/2025/01/how-we-kept-google-play-android-app-ecosystem-safe-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8644442 False Malware,Tool,Threat,Mobile,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain Windows 11\'s Start menu is getting a big update with full-fledged Android and iPhone integration. [...]]]> 2025-01-29T11:54:43+00:00 https://www.bleepingcomputer.com/news/microsoft/windows-11s-start-menu-is-getting-iphone-and-android-integration/ www.secnews.physaphae.fr/article.php?IdArticle=8644375 False Mobile None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC nearly half of mobile users may still neglect basic security solutions, leaving their personal information at risk. Understanding these vulnerabilities is the first step toward protecting your data on the go. Increased Use of Public Wi-Fi Travelers continue to face challenges when using public Wi-Fi. While it offers convenience at airports, hotels, and cafes, these unsecured networks are a hotbed for cyber threats. Hackers can easily perform man-in-the-middle attacks, intercepting data transmitted over open networks. This means sensitive information, such as passwords and credit card details, can be stolen in real-time. Additionally, travelers may unknowingly connect to fake Wi-Fi networks, known as "honeypots," set up specifically to capture their data. Reliance on Digital Platforms Traveling in 2025 involves heavy dependence on digital tools for bookings, navigation, and payments. Mobile apps, cloud storage, and online platforms streamline trip planning but also expand the attack surface for cybercriminals. Every app or platform travelers use becomes a potential entry point for hackers. A single compromised account can give attackers access to travel itineraries, payment methods, and even personal identification details. Phishing and Fake Booking Scams As the travel industry digitizes further, phishing attacks are becoming increasingly sophisticated. Travelers are often targeted with fraudulent emails, texts, or ads that mimic legitimate booking platforms. Clicking these links can lead to fake hotel booking sites that steal credit card information or infect devices with malware. In many cases, travelers don’t realize they\'ve been scammed until it’s too late—either their trip is ruined or their financial data is compromised. Essential Cybersecurity Practices for Travelers While staying connected during travel has become a common practice, it also exposes you to potential cyber risks. By following a few key cybersecurity practices, you can protect your personal information and browse securely no matter where your journey takes you. Here are the most effective ways to safeguard your digital footprint: 1. Use a VPN A Virtual Private Network (VPN) is one of the most effective tools for securing your internet connection while traveling. VPNs encrypt your online activity, preventing hackers from intercepting sensitive information like passwords or payment details, even on public Wi-Fi networks. Popular options like NordVPN, ExpressVPN, and CyberGhost offer global servers, ensuring reliable and secure connectivity wherever you are. 2. Enable Two-Factor Authentication (2FA) Securing your accounts with two-factor authenti]]> 2025-01-29T07:00:00+00:00 https://levelblue.com/blogs/security-essentials/securing-your-digital-footprint-while-traveling-in-2025 www.secnews.physaphae.fr/article.php?IdArticle=8644812 False Spam,Malware,Tool,Vulnerability,Threat,Mobile,Cloud None 3.0000000000000000 Techworm - News advisory ([1], [2], [3], [4], [5]) published on Monday. The zero-day vulnerability affected a broad range of Apple devices, including: iPhone XS and later iPad Pro 13-inch, iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later) Macs running macOS Sequoia 15.3 Apple Watch Series 6 and later Apple TV HD and Apple TV 4K (all models) Apple Vision Pro running visionOS 2.3 Apple has resolved the CVE-2025-24085 vulnerability by releasing software updates - iOS 18.3, iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, visionOS 2.3, and tvOS 18.3 - with improved memory management. Meanwhile, the company has not provided any information on how the above vulnerability was exploited, by whom, or who may have been targeted. It has also not attributed the discovery of the vulnerability to a researcher. Users are urged to update their iPhone, iPad, Mac, Apple Watch, and Apple TV immediately with the latest security updates to stay protected against potential threats. Enable automatic updates to ensure you receive future patches on your devices without delay. Further, avoid clicking on suspicious links and only download apps from trusted sources to reduce the risk of vulnerabilities.

---

On Monday, Apple rolled out critical security updates to address several vulnerabilities affecting iPhones, Macs, and other devices, including a zero-day vulnerability actively exploited in the wild to target iPhone users. The zero-day vulnerability, identified as CVE-2025-24085 (no CVSS score assigned yet), is a use-after-free flaw in Apple\'s Core Media component that could allow a pre-installed malicious application to gain elevated privileges on vulnerable devices. According to Apple, the Core Media is a foundational framework within the Apple operating system that offers the underlying structure for processing and managing media data like video and audio. It is the media pipeline used by AVFoundation and other high-level media frameworks found on Apple platforms. “Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 17.2,” the company wrote in the ]]> 2025-01-28T13:47:13+00:00 https://www.techworm.net/2025/01/apple-patch-zero-day-exploit-affecting-iphone-macs.html www.secnews.physaphae.fr/article.php?IdArticle=8643714 False Vulnerability,Threat,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Signal is finally adding a new feature that allows users to synchronize their old message history from their primary iOS or Android devices to newly linked devices like desktops and iPads. [...]]]> 2025-01-28T11:27:02+00:00 https://www.bleepingcomputer.com/news/security/signal-will-let-you-sync-old-messages-when-linking-new-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8643900 False Mobile None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite In a newly discovered phishing campaign, malicious actors are using malicious PDF files to target mobile device users in potentially more than 50 countries.   Dubbed the “PDF Mishing Attack,” the campaign exploits the widespread trust in PDFs as a secure file format, revealing new vulnerabilities in mobile platforms.  The phishing operation masquerades as the United [...]]]> 2025-01-28T06:33:22+00:00 https://informationsecuritybuzz.com/attackers-exploit-pdfs-mishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8643676 False Vulnerability,Threat,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Malware Update

---

Zimperium Reveals New Advanced PDF-Based Cyber Threat Exploiting Mobile Devices Sophisticated Mishing Campaign Leveraging Malicious PDFs Poses a Significant Threat to Organizations Across 50+ Countries - Malware Update]]> 2025-01-27T21:13:34+00:00 https://www.globalsecuritymag.fr/zimperium-reveals-new-advanced-pdf-based-cyber-threat-exploiting-mobile-devices.html www.secnews.physaphae.fr/article.php?IdArticle=8643510 False Threat,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A novel phishing campaign identified by Zimperium targets mobile users with malicious PDFs, impersonating USPS to steal credentials]]> 2025-01-27T14:00:00+00:00 https://www.infosecurity-magazine.com/news/phishing-campaign-targets-mobile/ www.secnews.physaphae.fr/article.php?IdArticle=8643335 False Mobile None 4.0000000000000000 Zimperium - cyber risk firms for mobile As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices.

---

>As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team has been actively tracking a phishing campaign impersonating the United States Postal Service (USPS) which is exclusively targeting mobile devices. ]]> 2025-01-27T14:00:00+00:00 https://www.zimperium.com/blog/hidden-in-plain-sight-pdf-mishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8643333 False Mobile None 4.0000000000000000 Korben - Bloger francais Vous connaissez sûrement ces applications de tracking GPS qui vous promettent monts et merveilles pour évidemment mieux revendre vos données de localisation au plus offrant ! Bouuuuh ! Alors si je vous présentais une alternative 100% open-source qui vous permet de garder le contrôle total sur vos données de position, que diriez-vous ? Figurez-vous que j’ai découvert grâce à Lorenper, un véritable petit trésor de vie privée : OwnTracks. Cette application disponible sur iOS et Android va vous permettre de suivre vos déplacements et ceux de vos proches, sans compromis sur la confidentialité.]]> 2025-01-27T09:00:00+00:00 https://korben.info/owntracks-gestion-securisee-donnees-localisation.html www.secnews.physaphae.fr/article.php?IdArticle=8643240 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against fake SBI Reward banking trojan.

---

>As part of our ongoing mission to identify emerging threats to mobile security, our zLabs team shares how we can help protect you against fake SBI Reward banking trojan. ]]> 2025-01-26T18:18:39+00:00 https://www.zimperium.com/blog/zimperiums-comprehensive-protection-against-fake-sbi-reward-banking-trojan/ www.secnews.physaphae.fr/article.php?IdArticle=8645361 False Mobile None 3.0000000000000000 Wired Threat Level - Security News Enable these three anti-theft features on your Android phone right now. They\'ll keep your sensitive info private if attackers steal your device while it\'s unlocked.]]> 2025-01-25T13:30:00+00:00 https://www.wired.com/story/how-to-use-android-theft-detection-features/ www.secnews.physaphae.fr/article.php?IdArticle=8642507 False Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future The Cybersecurity and Infrastructure Security Agency warned that a bug affecting SonicWall\'s Secure Mobile Access products is being actively exploited.]]> 2025-01-24T21:36:27+00:00 https://therecord.media/sonicwall-devices-exposed-zero-day www.secnews.physaphae.fr/article.php?IdArticle=8642242 False Vulnerability,Threat,Mobile None 2.0000000000000000