www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:28:16+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveaux défauts de sécurité trouvés dans VMware Tools et Crushftp - Risque élevé, pas de solution de contournement New Security Flaws Found in VMware Tools and CrushFTP - High Risk, No Workaround Broadcom has issued security patches to address a high-severity security flaw in VMware Tools for Windows that could lead to an authentication bypass. Tracked as CVE-2025-22230, the vulnerability is rated 7.8 on the ten-point Common Vulnerability Scoring System (CVSS). "VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control," Broadcom said in an]]> 2025-03-26T09:50:00+00:00 https://thehackernews.com/2025/03/new-security-flaws-found-in-vmware.html www.secnews.physaphae.fr/article.php?IdArticle=8658239 False Tool,Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais IGEL étend le modèle de sécurité préventive ™ IGEL Expands Preventative Security Model™ Revues de produits

IGEL Expands Preventative Security Model™ to Secure and Modernize Legacy IT/OT Systems - Product Reviews]]> 2025-03-26T09:47:09+00:00 https://www.globalsecuritymag.fr/igel-expands-preventative-security-model-tm.html www.secnews.physaphae.fr/article.php?IdArticle=8658283 False Industrial None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le NCSC britannique introduit huit principes pour améliorer les cyber-défenses pour les postes de travail à accès privilégié sécurisé UK NCSC introduces eight principles to enhance cyber defenses for secure privileged access workstations The U.K. National Cyber Security Centre (NCSC) has introduced a comprehensive set of eight principles for privileged access... ]]> 2025-03-26T09:41:09+00:00 https://industrialcyber.co/news/uk-ncsc-introduces-eight-principles-to-enhance-cyber-defenses-for-secure-privileged-access-workstations/ www.secnews.physaphae.fr/article.php?IdArticle=8658279 False None None 2.0000000000000000 Global Security Mag - Site de news francais Kyocera félicite les efforts de cybersécurité du secteur public tout en soulignant le besoin de mesures proactives continues Kyocera commends public sector\\'s cybersecurity efforts while highlighting need for continued proactive measures Opinion

Kyocera commends public sector\'s cybersecurity efforts while highlighting need for continued proactive measures - Opinion]]> 2025-03-26T09:39:09+00:00 https://www.globalsecuritymag.fr/kyocera-commends-public-sector-s-cybersecurity-efforts-while-highlighting-need.html www.secnews.physaphae.fr/article.php?IdArticle=8658284 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial ONNINUE rapporte 132% de surtension des attaques de ransomwares, avec AITM et Plugx Rat augmentant à mesure que les tactiques changent Ontinue reports 132% surge in ransomware attacks, with AiTM and PlugX RAT increasing as tactics shift Ontinue identifies that ransomware attacks rose 132 percent, despite a 35 percent drop in payments, signaling a shift... ]]> 2025-03-26T09:36:28+00:00 https://industrialcyber.co/reports/ontinue-reports-132-surge-in-ransomware-attacks-with-aitm-and-plugx-rat-increasing-as-tactics-shift/ www.secnews.physaphae.fr/article.php?IdArticle=8658280 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais HUMAN Security procède à des nominations clés HUMAN Security procède à des nominations clés Business

HUMAN Security annonce des nominations clés - Business]]> 2025-03-26T09:31:05+00:00 https://www.globalsecuritymag.fr/human-security-procede-a-des-nominations-cles.html www.secnews.physaphae.fr/article.php?IdArticle=8658285 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine La nouvelle stratégie de fraude du gouvernement britannique pour se concentrer sur les menaces de technologie UK Government\\'s New Fraud Strategy to Focus on Tech-Enabled Threats The UK government\'s new fraud minister will today announce plans for a newly expanded fraud strategy]]> 2025-03-26T09:30:00+00:00 https://www.infosecurity-magazine.com/news/governments-fraud-strategy/ www.secnews.physaphae.fr/article.php?IdArticle=8658281 False None None 2.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido Essai d'invité: le cas pour faire de la continuité des affaires en temps réel une priorité de cybersécurité de première ligne GUEST ESSAY: The case for making real-time business continuity a frontline cybersecurity priority Cela commence par une ondulation de confusion, puis la panique. Les systèmes hospitaliers gèlent à mi-procédure. Les dossiers médicaux électroniques deviennent inaccessibles. lié: Intelt Intel System de santé préciel sur le système d'inteaux de santé Expositions Aux soins intensifs, les alarmes restent en tant que médecins et infirmières qui se bousculent pour stabiliser les patients critiques… (plus…) Le dernier chien de garde .

>It starts with a ripple of confusion, then panic. Hospital systems freeze mid-procedure. Electronic medical records become inaccessible. Related: Valuable intel on healthcare system cyber exposures In the ICU, alarms blare as doctors and nurses scramble to stabilize critical patients … (more…) The post GUEST ESSAY: The case for making real-time business continuity a frontline cybersecurity priority first appeared on The Last Watchdog.]]> 2025-03-26T09:23:19+00:00 https://www.lastwatchdog.com/guest-essay-the-case-for-making-real-time-business-continuity-a-frontline-cybersecurity-priority/ www.secnews.physaphae.fr/article.php?IdArticle=8658275 False Medical None 3.0000000000000000 Bleeping Computer - Magazine Américain New NPM Attack poisons Packages locaux avec des déambulations New npm attack poisons local packages with backdoors Two malicious packages were discovered on npm (Node package manager) that covertly patch legitimate, locally installed packages to inject a persistent reverse shell backdoor. [...]]]> 2025-03-26T08:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-npm-attack-poisons-local-packages-with-backdoors/ www.secnews.physaphae.fr/article.php?IdArticle=8658319 False None None 3.0000000000000000 Global Security Mag - Site de news francais ManageEngine élargit son réseau d'intégration avec plus de 100 intégrations prédéfinies pour la gestion de l'identité d'entreprise ManageEngine Expands Its Integration Network With 100+ Prebuilt Integrations for Enterprise Identity Management https://mnge.it/ad360-marketplace - Revues de produits

ManageEngine Expands Its Integration Network With 100+ Prebuilt Integrations for Enterprise Identity Management The Company\'s IAM Platform, AD360, Helps Converge Disconnected Identities ● ManageEngine AD360 expands its integration support, with 100+ new ready-to-use integrations ● These integrations empower enterprises for seamless, scalable identity management across diverse IT applications ● Explore the complete lineup of integrations available in AD360 at https://mnge.it/ad360-marketplace - Product Reviews]]> 2025-03-26T07:57:02+00:00 https://www.globalsecuritymag.fr/manageengine-expands-its-integration-network-with-100-prebuilt-integrations-for.html www.secnews.physaphae.fr/article.php?IdArticle=8658263 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Public-Private Ops Net Big Wins contre la cybercriminalité africaine Public-Private Ops Net Big Wins Against African Cybercrime Three cybersecurity firms worked with Interpol and authorities in Nigeria, South Africa, Rwanda, and four other African nations to arrest more than 300 cybercriminals.]]> 2025-03-26T07:00:00+00:00 https://www.darkreading.com/threat-intelligence/public-private-ops-big-wins-african-cybercrime www.secnews.physaphae.fr/article.php?IdArticle=8658256 False None None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Même le meilleur peut être Pwned -Troy Hunt \\'s Transparency donne le bon exemple Even the Best Can Be Pwned -Troy Hunt\\'s Transparency Sets the Right Example Security consultant and founder of the popular Troy Hunt, a security consultant who runs the popular data-breach search service Have I Been Pwned?, has disclosed that he has become a victim of a phishing attack that exposed the email addresses of 16,000 subscribers to his blog troyhunt.com. “Every active subscriber on my list will shortly [...]]]> 2025-03-26T05:51:25+00:00 https://informationsecuritybuzz.com/even-the-best-can-be-pwned-troy-hunts/ www.secnews.physaphae.fr/article.php?IdArticle=8658247 False None None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Les agents de l'IA réduiront le temps d'exploitation des comptes de 50% AI Agents Will Cut Account Exploitation Time by 50% By 2027, AI agents are expected to reduce the time required to exploit account exposures by 50%. This was revealed in Gartner\'s new report, titled: “Predicts 2025: Navigating Imminent AI Turbulence for Cybersecurity.” Jeremy D\'Hoinne, VP Analyst at Gartner, says account takeover (ATO) is a persistent attack vector as weak authentication credentials, including passwords, are [...]]]> 2025-03-26T05:43:16+00:00 https://informationsecuritybuzz.com/ai-agents-wil-cut-account-exploit-time/ www.secnews.physaphae.fr/article.php?IdArticle=8658248 False Threat None 3.0000000000000000 Wired Threat Level - Security News 20% Coupon Wayfair et codes promotionnels | Mars 2025 20% Wayfair Coupon & Promo Codes | March 2025 Save during Spring Cyber Week with Wayfair promo codes and coupons for 10% of, up to 80% off furniture, and more on WIRED.]]> 2025-03-26T05:10:00+00:00 https://www.wired.com/story/wayfair-coupon/ www.secnews.physaphae.fr/article.php?IdArticle=8658245 False None None 2.0000000000000000 The State of Security - Magazine Américain Implémentation des postes de travail d'accès privilégié: un guide étape par étape Implementing Privileged Access Workstations: A Step-by-Step Guide At a time when cyber threats seem to escalate daily, security teams are always on the lookout for new ways to protect their sensitive data and systems. For some, Privileged Access Workstations (PAWs) are being viewed as one solution to keep privileged accounts and critical systems safe from compromise. These are specialized workstations built for administrators and users who manage highly sensitive environments. PAWs are dedicated, hardened workstations that provide a secure environment when performing administrative or privileged tasks. Unlike everyday endpoints, these machines are isolated...]]> 2025-03-26T04:55:56+00:00 https://www.tripwire.com/state-of-security/implementing-privileged-access-workstations-step-step-guide www.secnews.physaphae.fr/article.php?IdArticle=8658276 False None None 3.0000000000000000 The State of Security - Magazine Américain Comment construire un programme de gestion de vulnérabilité mature How to Build a Mature Vulnerability Management Program The terms “patch management” and “ vulnerability management“ are not the same. And that difference is a big difference. They may be confused because applying patches is one of the many ways to mitigate cyber risks. However, it is one piece of the entire vulnerability management puzzle and organizations that do not realize this are burdened with a false sense of security. A patch management program is a wonderful start, but it does not have the reach or resources of a fully mature vulnerability management program. An effective vulnerability management program does more than update outdated...]]> 2025-03-26T04:55:53+00:00 https://www.tripwire.com/state-of-security/build-mature-vulnerability-management-program www.secnews.physaphae.fr/article.php?IdArticle=8658277 False Vulnerability None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite La violation de Spyx montre que les utilisateurs d'Apple sont invulnérables et le silence est assourdissant SpyX Breach Shows Apple Users Aren\\'t Invulnerable and Silence is Deafening Consumer-grade spyware operation SpyX has been identified on the data breach notification site have I been pwned? as experiencing a data breach in June 2024 that compromised almost 2 million unique email addresses. Among those, interestingly, were thousands of Apple users. The incident highlights not only the structural vulnerabilities of such applications (apps) but also [...]]]> 2025-03-26T04:53:46+00:00 https://informationsecuritybuzz.com/spyx-breach-apple-arent-invulnerable/ www.secnews.physaphae.fr/article.php?IdArticle=8658236 False Data Breach,Vulnerability None 2.0000000000000000 McAfee Labs - Editeur Logiciel McAfee remporte les prix AV-Test pour la meilleure protection avancée et les meilleures performances McAfee Wins AV-TEST Awards for Best Advanced Protection and Best Performance ]]> 2025-03-26T04:01:41+00:00 https://www.mcafee.com/blogs/mcafee-news/mcafee-wins-av-test-awards-for-best-advanced-protection-and-best-performance/ www.secnews.physaphae.fr/article.php?IdArticle=8658229 False None None 2.0000000000000000 Global Security Mag - Site de news francais Miser sur l\'intelligence artificielle et l\'automatisation permet de réduire le bruit et de donner aux équipes SOC une vraie capacité d\'anticipation. Cyber Securité / cybersecurite_home_droite]]> 2025-03-26T03:08:43+00:00 https://www.globalsecuritymag.fr/miser-sur-l-intelligence-artificielle-et-l-automatisation-permet-de-reduire-le.html www.secnews.physaphae.fr/article.php?IdArticle=8658223 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Google fixe Chrome Zero-Day exploité dans la campagne d'espionnage Google fixes Chrome zero-day exploited in espionage campaign Google has fixed a high-severity Chrome zero-day vulnerability exploited to escape the browser\'s sandbox and deploy malware in espionage attacks targeting Russian organizations. [...]]]> 2025-03-26T02:42:48+00:00 https://www.bleepingcomputer.com/news/security/google-fixes-chrome-zero-day-exploited-in-espionage-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8658255 False Malware,Vulnerability,Threat None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Trump émet un décret exécutif pour rechercher un plus grand contrôle fédéral des élections Trump issues executive order seeking greater federal control of elections L'ordonnance vise à retenir le financement fédéral des États qui ne se contentent pas de se conformer, provoquant une réaction chauffée des experts juridiques et électoraux.

>The order seeks to withhold federal funding from states that don\'t comply, sparking a heated backlash from legal and election experts. ]]> 2025-03-26T00:17:32+00:00 https://cyberscoop.com/trump-election-executive-order-sparks-backlash-from-critics/ www.secnews.physaphae.fr/article.php?IdArticle=8658210 False None None 2.0000000000000000 The Register - Site journalistique Anglais Top des responsables de Trump Texte Secret Yemen Airdrike prévoit de journal dans Signal Snafu Top Trump officials text secret Yemen airstrike plans to journo in Signal SNAFU Massive OPSEC fail from the side who brought you \'lock her up\' Updated Senior Trump administration officials used the messaging app Signal to discuss detailed plans to attack Houthi rebels in Yemen – and accidentally added a journalist to the group in which they chatted.…]]> 2025-03-25T22:56:55+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/24/signal_atlantic_security_disaster/ www.secnews.physaphae.fr/article.php?IdArticle=8658202 False None None 2.0000000000000000 Korben - Bloger francais J\'ai testé la nouvelle génération d\'images avec GPT-4o et c\'est un autre monde Sam Altman, le CEO d’OpenAI, a annoncé en grande pompe l’intégration native de la génération d’images directement dans ChatGPT via leur modèle multimodal GPT-4o.]]> 2025-03-25T22:50:25+00:00 https://korben.info/jai-teste-la-nouvelle-generation-dimages-avec-gpt-4o-et-cest-un-autre-monde.html www.secnews.physaphae.fr/article.php?IdArticle=8658201 False None ChatGPT 2.0000000000000000 Kaspersky - Kaspersky Research blog Opération Forumtroll: Attaque APT avec Google Chrome Zero-Day Exploit Chain Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain Kaspersky GReAT experts discovered a complex APT attack on Russian organizations dubbed Operation ForumTroll, which exploits zero-day vulnerabilities in Google Chrome.]]> 2025-03-25T21:30:22+00:00 https://securelist.com/operation-forumtroll/115989/ www.secnews.physaphae.fr/article.php?IdArticle=8658192 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Techning de sécurité qui peut faire une différence lors d'une attaque Security Tech That Can Make a Difference During an Attack The recent report of how Volt Typhoon compromised systems at a water utility highlight security technologies and processes that helped detect the compromise and clean up the network.]]> 2025-03-25T21:27:11+00:00 https://www.darkreading.com/cybersecurity-operations/east-west-monitoring-visibility-critical-apt-detection www.secnews.physaphae.fr/article.php?IdArticle=8658306 False None Guam 3.0000000000000000 Dark Reading - Informationweek Branch Security Tech That Can Make a Difference During an Attack The recent report of how Volt Typhoon compromised systems at a water utility highlight security technologies and processes that helped detect the compromise and clean up the network.]]> 2025-03-25T21:27:11+00:00 https://www.darkreading.com/cybersecurity-operations/security-tech-make-difference-attack www.secnews.physaphae.fr/article.php?IdArticle=8658582 False None Guam 3.0000000000000000 Recorded Future - FLux Recorded Future Hacker Défie le site Web de NYU, exposant les données d'admission sur 1 million d'étudiants Hacker defaces NYU website, exposing admissions data on 1 million students The hacker replaced the NYU homepage with charts and links to large student datasets categorizing standardized testing scores based on race, and also exposed vast amounts of personal information.]]> 2025-03-25T21:18:30+00:00 https://therecord.media/hacker-nyu-website-admissions-race www.secnews.physaphae.fr/article.php?IdArticle=8658194 False None None 3.0000000000000000 Global Security Mag - Site de news francais La cohésité a annoncé plusieurs nouvelles fonctionnalités pour Cohesity Netbackup 11.0 Cohesity announced multiple new features for Cohesity NetBackup 11.0 Revues de produits

Cohesity Introduces New Data Security Capabilities for NetBackup with Expanded Cloud Support New Release Includes Quantum-Proof Encryption, Enhances Industry-First User Behavior Monitoring and Risk Analysis, and Adds Protection for More PaaS Workloads - Product Reviews]]> 2025-03-25T21:17:46+00:00 https://www.globalsecuritymag.fr/cohesity-announced-multiple-new-features-for-cohesity-netbackup-11-0.html www.secnews.physaphae.fr/article.php?IdArticle=8658191 False Cloud None 3.0000000000000000 TechRepublic - Security News US Après avoir détecté des tentatives de phishing 30B, Microsoft ajoute encore plus d'intelligence artificielle à son copilote de sécurité After Detecting 30B Phishing Attempts, Microsoft Adds Even More AI to Its Security Copilot Microsoft is partnering with top firms to launch new AI security tools, boosting breach analysis, threat detection, and AI model protection across cloud platforms.]]> 2025-03-25T21:04:18+00:00 https://www.techrepublic.com/article/news-microsoft-ai-agents-security-copilot/ www.secnews.physaphae.fr/article.php?IdArticle=8658182 False Tool,Threat,Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future Près de 13 millions de dollars volés à Abracadabra Finance à Crypto Heist Nearly $13 million stolen from Abracadabra Finance in crypto heist The crypto lending platform said the issue was sourced back to a product it calls “cauldrons” - isolated lending markets that allow users to borrow against a variety of cryptocurrencies.]]> 2025-03-25T20:11:15+00:00 https://therecord.media/nearly-thirteen-million-stolen-abracadabra www.secnews.physaphae.fr/article.php?IdArticle=8658184 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Un piratage présumé de flocon de neige consent à l'extradition du Canada après les accusations américaines Alleged Snowflake hacker consents to extradition from Canada after US charges Connor Riley Moucka signed a consent order on Friday in Ontario Superior Court in Kitchener that would allow him to be transferred to U.S. custody to face multiple charges.]]> 2025-03-25T20:03:34+00:00 https://therecord.media/alleged-snowflake-hacker-extradition-us www.secnews.physaphae.fr/article.php?IdArticle=8658166 False None None 2.0000000000000000 Dark Reading - Informationweek Branch OPSEC Nightmare: fuite de plans militaires américains à un journaliste OPSEC Nightmare: Leaking US Military Plans to a Reporter Experts say the leakage of US military plans to a reporter this month reflects a severe operational security failure on the part of US leadership.]]> 2025-03-25T20:03:22+00:00 https://www.darkreading.com/cybersecurity-operations/opsec-nightmare-leaking-us-military-plans-reporter www.secnews.physaphae.fr/article.php?IdArticle=8658185 False None None 3.0000000000000000 Dark Reading - Informationweek Branch La South African Poultry Company rapporte une perte de 1 million de dollars après la cyber-intrusion South African Poultry Company Reports $1M Loss After Cyber Intrusion The company reports that no sensitive information was breached or stolen in the cyber intrusion and that its operations are running normally again.]]> 2025-03-25T20:02:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/south-african-poultry-company-1m-loss-cyber-intrusion www.secnews.physaphae.fr/article.php?IdArticle=8658175 False None None 3.0000000000000000 The Register - Site journalistique Anglais Le co-PDG de Samsung, Han Jong-hee, meurt d'une crise cardiaque à 63 Samsung co-CEO Han Jong-hee dies of heart attack at 63 The man who helped make Sammy the biggest name in modern tellies Samsung co-CEO Han Jong-hee died this week in the Samsung Medical Center in southern Seoul after a cardiac arrest. He was 63.…]]> 2025-03-25T19:54:42+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/25/samsung_co_ceo_dies/ www.secnews.physaphae.fr/article.php?IdArticle=8658174 False Medical None 2.0000000000000000 HackRead - Chercher Cyber Systèmes de navigation par satellite face à l'augmentation des attaques de brouillage et d'usurpation Satellite Navigation Systems Facing Rising Jamming and Spoofing Attacks Satellite navigation systems are under rising threat from jamming and spoofing attacks, risking aviation, maritime, and telecom safety worldwide, warn global agencies.]]> 2025-03-25T19:47:17+00:00 https://hackread.com/satellite-navigation-systems-jamming-spoofing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8658173 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Le responsable du cyber commandement est le choix de Trump \\ pour le travail politique du Pentagone Cyber Command official is Trump\\'s choice for Pentagon policy job Katherine Sutton, currently in a top civilian post at U.S. Cyber Command, has been nominated to be assistant secretary of Defense for cyber policy.]]> 2025-03-25T19:37:01+00:00 https://therecord.media/katherine-sutton-nominee-assistant-secretary-defense-cyber-policy www.secnews.physaphae.fr/article.php?IdArticle=8658167 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les chercheurs découvrent ~ 200 domaines C2 uniques liés à Raspberry Robin Access Broker Researchers Uncover ~200 Unique C2 Domains Linked to Raspberry Robin Access Broker A new investigation has unearthed nearly 200 unique command-and-control (C2) domains associated with a malware called Raspberry Robin. "Raspberry Robin (also known as Roshtyak or Storm-0856) is a complex and evolving threat actor that provides initial access broker (IAB) services to numerous criminal groups, many of which have connections to Russia," Silent Push said in a report shared with The]]> 2025-03-25T19:09:00+00:00 https://thehackernews.com/2025/03/researchers-uncover-200-unique-c2.html www.secnews.physaphae.fr/article.php?IdArticle=8658107 False Malware,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Flurry pour payer 3,5 millions de dollars pour la récolte des données de santé sexuelle et reproductive de l'application d'époque Flurry to pay $3.5 million for harvesting sexual and reproductive health data from period app The app\'s users provided Flo Health with sensitive information about their sexual health, which was then shared with analytics firms.]]> 2025-03-25T19:00:30+00:00 https://therecord.media/flurry-pays-harvesting-sexual-data www.secnews.physaphae.fr/article.php?IdArticle=8658168 False None None 2.0000000000000000 Korben - Bloger francais Gemini 2.5 - L\'IA de Google qui prend son temps avant de l\'ouvrir 2025-03-25T18:38:40+00:00 https://korben.info/gemini-2-5-google-ai-test-avis.html www.secnews.physaphae.fr/article.php?IdArticle=8658150 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les sénateurs critiquent les responsables de Trump \\ 'Discussion des plans de guerre sur le signal, mais l'administration répond pas facilement Senators criticize Trump officials\\' discussion of war plans over Signal, but administration answers don\\'t come easily Une audience du comité de renseignement s'est concentrée sur les risques de sécurité d'un chat de groupe au niveau du cabinet qui comprenait un journaliste de l'Atlantique.

>An Intelligence Committee hearing focused on the security risks of a cabinet-level group chat that included a reporter from The Atlantic. ]]> 2025-03-25T18:07:24+00:00 https://cyberscoop.com/democratic-senators-question-national-security-officials-over-war-plans-signal-chat/ www.secnews.physaphae.fr/article.php?IdArticle=8658149 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future PM en Malaisie dit que le pays a rejeté la demande de rançon de 10 millions de dollars après des pannes d'aéroport Malaysia PM says country rejected $10 million ransom demand after airport outages Computer outages at Malaysia\'s Kuala Lumpur International Airport (KLIA) this weekend were attributed to a recent cyberattack, according to the country\'s cybersecurity agency and aviation authority.]]> 2025-03-25T17:41:51+00:00 https://therecord.media/malaysia-pm-says-country-rejected-ransom-demand-airport-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8658169 False None None 2.0000000000000000 The Register - Site journalistique Anglais Il y a peut-être 10 000 raisons de douter le déni de violation de la sécurité d'Oracle Cloud \\ There are perhaps 10,000 reasons to doubt Oracle Cloud\\'s security breach denial Customers come forward claiming info was swiped from prod Oracle Cloud\'s denial of a digital break-in is now in clear dispute. A infosec researcher working on validating claims that the cloud provider\'s login servers were compromised earlier this year says some customers have confirmed data allegedly stolen and leaked from the database giant is genuine.…]]> 2025-03-25T17:35:42+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/25/oracle_breach_update/ www.secnews.physaphae.fr/article.php?IdArticle=8658147 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates chinois abritent les télécommunications asiatiques, restent non détectées pendant plus de 4 ans Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia. The cybersecurity company is tracking the activity under the name Weaver Ant, describing the threat actor as stealthy and highly persistent. The name of the telecom provider was not]]> 2025-03-25T17:24:00+00:00 https://thehackernews.com/2025/03/chinese-hackers-breach-asian-telecom.html www.secnews.physaphae.fr/article.php?IdArticle=8658091 False Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future DÉMOCRATS SÉNAT Senate Democrats dissatisfied with intel officials\\' responses about Signal chat Director of National Intelligence Tulsi Gabbard and other high-ranking officials largely dismissed accusations by Senate Democrats that the exposure of a Signal group chat was a sign of incompetence at the top of U.S. intelligence agencies.]]> 2025-03-25T17:17:48+00:00 https://therecord.media/gabbard-ratcliffe-signal-atlantic-yemen-operation-senate-hearing www.secnews.physaphae.fr/article.php?IdArticle=8658170 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Un nouveau malware Android utilise .net Maui pour échapper à la détection New Android Malware Uses .NET MAUI to Evade Detection McAfee researchers have identified a new wave of Android malware campaigns leveraging .NET MAUI to steal sensitive user information through fake apps]]> 2025-03-25T17:15:00+00:00 https://www.infosecurity-magazine.com/news/android-malware-uses-net-maui/ www.secnews.physaphae.fr/article.php?IdArticle=8658152 False Malware,Mobile None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Sygnia détaille les tactiques de fourmi tisser Sygnia details Weaver Ant tactics in battle against China-linked cyber threats on telecoms Les chercheurs de Sygnia ont répondu à un acteur de menace furtif et persistant lié à la Chine ciblant une grande société de télécommunications ...

>Researchers from Sygnia have responded to a stealthy and persistent China-linked threat actor targeting a major telecommunications company... ]]> 2025-03-25T17:08:06+00:00 https://industrialcyber.co/ransomware/sygnia-details-weaver-ant-tactics-in-battle-against-china-linked-cyber-threats-on-telecoms/ www.secnews.physaphae.fr/article.php?IdArticle=8658135 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Attaquant de Snowflake accusé \\ 'Judische \\' accepte l'extradition américaine Accused Snowflake Attacker \\'Judische\\' Agrees to US Extradition Though there is no confirmation as to when this extradition will occur, Alexander Moucka agreed to be transferred in writing before a judge.]]> 2025-03-25T17:05:36+00:00 https://www.darkreading.com/cyberattacks-data-breaches/snowflake-attacker-judische-agrees-us-extradition www.secnews.physaphae.fr/article.php?IdArticle=8658151 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Dragos annonce un programme de défense communautaire de cybersécurité au Canada pour les petites fournisseurs de gaz électrique, électrique, Dragos announces OT cybersecurity Community Defense Program in Canada for small water, electric, natural gas providers Dragos Inc., fournisseur de solutions de cybersécurité pour les environnements de technologie opérationnelle (OT), a annoncé mardi que la défense de la communauté de Thedragos ...

>Dragos Inc., vendor of cybersecurity solutions for operational technology (OT) environments, announced on Tuesday that the Dragos Community Defense... ]]> 2025-03-25T17:05:11+00:00 https://industrialcyber.co/news/dragos-announces-ot-cybersecurity-community-defense-program-in-canada-for-small-water-electric-natural-gas-providers/ www.secnews.physaphae.fr/article.php?IdArticle=8658136 False Industrial None 3.0000000000000000 CybeReason - Vendor blog Le cas curieux de Playboy Locker The Curious Case of PlayBoy Locker

]]> 2025-03-25T16:45:00+00:00 https://www.cybereason.com/blog/threat-analysis-playboy-locker www.secnews.physaphae.fr/article.php?IdArticle=8658165 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les cybercriminels utilisent Atlantis AIO pour cibler plus de 140 plateformes Cybercriminals Use Atlantis AIO to Target 140+ Platforms Cybercriminals are increasingly leveraging Atlantis AIO, which automates credential stuffing attacks across more than 140 platforms]]> 2025-03-25T16:30:00+00:00 https://www.infosecurity-magazine.com/news/cyber-criminals-atlantis-aio-140/ www.secnews.physaphae.fr/article.php?IdArticle=8658139 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sécurité SaaS alimentée par AI: suivre le rythme d'une surface d'attaque en expansion AI-Powered SaaS Security: Keeping Pace with an Expanding Attack Surface Organizations now use an average of 112 SaaS applications-a number that keeps growing. In a 2024 study, 49% of 644 respondents who frequently used Microsoft 365 believed that they had less than 10 apps connected to the platform, despite the fact that aggregated data indicated over 1,000+ Microsoft 365 SaaS-to-SaaS connections on average per deployment. And that\'s just one major SaaS provider.]]> 2025-03-25T16:30:00+00:00 https://thehackernews.com/2025/03/ai-powered-saas-security-keeping-pace.html www.secnews.physaphae.fr/article.php?IdArticle=8658076 False Studies,Cloud None 2.0000000000000000 HackRead - Chercher Cyber Les pirates utilisent .net Maui de Microsoft \\ pour diffuser Android MALWOWI Hackers Are Using Microsoft\\'s .NET MAUI to Spread Android Malware McAfee Labs reveals new Android malware exploiting .NET MAUI to steal user data. Learn about advanced evasion techniques and how to stay protected.]]> 2025-03-25T16:28:43+00:00 https://hackread.com/net-maui-exploited-in-advanced-malware-campaigns-mcafee-labs/ www.secnews.physaphae.fr/article.php?IdArticle=8658140 False Malware,Mobile None 3.0000000000000000 taosecurity - Blog Sécurité Chinois Création d'une application Windows à l'aide du code Visual Studio, Cline, OpenRouter et Claude Creating a Windows Application Using Visual Studio Code, Cline, OpenRouter, and Claude

Après avoir créé l'application, j'ai pu utiliser Cline pour m'aider à l'engager dans GitHub. Vous pouvez le trouver sur https://github.com/taosecurity/squaresnap/ . Notez que si vous téléchargez les Windows .exe se plaindront car il n'est pas signé. Si vous vous inquiétez des portes arrière, regardez le code vous-même - ou demandez à votre propre LLM de le lire!

Ce n'était qu'une expérience pour voir comment ces outils fonctionnent. J'ai décidé d'essayer de créer un programme de capture d'écran qui ne prend des captures que dans un format carré ou 1: 1 car il est utile pour les médias sociaux, et surtout les messages YouTube. Je n'avais rien trouvé avant cela. C'est vraiment incroyable, mais je ne peux évidemment pas commenter la qualité du code. Je suis heureux que cela fonctionne assez bien pour prendre les plafonds d'écran dans cet article de blog. Copyright 2003-2020 Richard Bejtlich et TaoseCurity (taosecurity.blogspot.com et www.taosecurity.com) .

I just created a Windows 10/11 application that take square screen captures. I did zero coding myself but used Visual Studio Code, Cline, OpenRouter, and Claude. I got the idea by watching a video on so-called Vibe programming by a YouTuber named Memory. I have zero Windows programming experience although I have recently been playing with simple video game development. ]]> 2025-03-25T16:26:12+00:00 https://taosecurity.blogspot.com/2025/03/creating-windows-application-using.html www.secnews.physaphae.fr/article.php?IdArticle=8658181 False Tool None 2.0000000000000000 DarkTrace - DarkTrace: AI bases detection DarkTrace reconnu comme le seul visionnaire des plateformes de protection CPS Gartner® Magic Quadrant ™ 2025 pour les plates-formes de protection CPS Darktrace Recognized as the Only Visionary in the 2025 Gartner® Magic Quadrant™ for CPS Protection Platforms Darktrace is proud to announce we\'ve been the only Visionary in the inaugural Gartner® Magic Quadrant™ for Cyber-Physical Systems (CPS) Protection Platforms. Read the blog to find out why!]]> 2025-03-25T16:21:19+00:00 https://www.darktrace.com/blog/darktrace-recognized-as-the-only-visionary-in-the-2025-gartner-r-magic-quadrant-tm-for-cps-protection-platforms www.secnews.physaphae.fr/article.php?IdArticle=8658138 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Cloudflare R2 Service Putage Causé par une erreur de rotation de mot de passe Cloudflare R2 service outage caused by password rotation error Cloudflare has announced that its R2 object storage and dependent services experienced an outage lasting 1 hour and 7 minutes, causing 100% write and 35% read failures globally. [...]]]> 2025-03-25T15:47:07+00:00 https://www.bleepingcomputer.com/news/security/cloudflare-r2-service-outage-caused-by-password-rotation-error/ www.secnews.physaphae.fr/article.php?IdArticle=8658172 False None None 2.0000000000000000 HackRead - Chercher Cyber Rôles actifs remportent le prix d'excellence de la cybersécurité en 2025 pour la protection hybride Active Directory Active Roles Wins 2025 Cybersecurity Excellence Award for Hybrid Active Directory Protection Alisa Viejo, United States, 25th March 2025, CyberNewsWire]]> 2025-03-25T15:27:18+00:00 https://hackread.com/active-roles-wins-2025-cybersecurity-excellence-award-for-hybrid-active-directory-protection/ www.secnews.physaphae.fr/article.php?IdArticle=8658128 False None None 2.0000000000000000 Zataz - Magazine Francais de secu Houthi PC small group : Le jour où la Maison-Blanche a dévoilé ses plans de guerre sur Signal 2025-03-25T15:22:20+00:00 https://www.zataz.com/houthi-pc-small-group-le-jour-ou-la-maison-blanche-a-devoile-ses-plans-de-guerre-sur-signal/ www.secnews.physaphae.fr/article.php?IdArticle=8658127 False None None 3.0000000000000000 Korben - Bloger francais Première prise en main du Hyundai Ioniq 5 2025 ici et là, j’ai pris livraison du nouveau Hyundai Ioniq 5 en passant par le loueur Localease. Au départ, je devais me le faire livrer à domicile mais comme la personne de chez Hyundai repartait ensuite à pied, j’ai préféré aller chercher la voiture directement à la concession pour pas le mettre en galère et aussi parce que ça me permettait d’avoir mon joujou avant le weekend !]]> 2025-03-25T15:04:49+00:00 https://korben.info/premiere-prise-en-main-du-hyundai-ioniq-5-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8658125 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité Data Connect annonce VSOC Assure de rationaliser les évaluations des cyber-risques et d'augmenter la cyber-résilience Data Connect announces vSOC Assure to streamline cyber risk assessments and increase cyber resilience Data Connect, a leading cyber security services provider underpinned by elite cyber practitioners and technology, today announced the launch of vSOC Assure. The platform has been developed in response to the growing need for robust, ongoing security assessments and it goes beyond traditional cyber security audits, offering a structured, year-round approach to risk identification, remediation […] ]]> 2025-03-25T14:57:52+00:00 https://www.itsecurityguru.org/2025/03/25/data-connect-announces-vsoc-assure-to-streamline-cyber-risk-assessments-and-increase-cyber-resilience/?utm_source=rss&utm_medium=rss&utm_campaign=data-connect-announces-vsoc-assure-to-streamline-cyber-risk-assessments-and-increase-cyber-resilience www.secnews.physaphae.fr/article.php?IdArticle=8658146 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates utilisent .net Maui pour cibler les utilisateurs indiens et chinois avec de fausses banques, des applications sociales Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps Cybersecurity researchers are calling attention to an Android malware campaign that leverages Microsoft\'s .NET Multi-platform App UI (.NET MAUI) framework to create bogus banking and social media apps targeting Indian and Chinese-speaking users. "These threats disguise themselves as legitimate apps, targeting users to steal sensitive information," McAfee Labs researcher Dexter Shin said. .NET]]> 2025-03-25T14:40:00+00:00 https://thehackernews.com/2025/03/hackers-use-net-maui-to-target-indian.html www.secnews.physaphae.fr/article.php?IdArticle=8658046 False Malware,Mobile None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Résultats de l'enquête: priorités et objectifs de la cybersécurité de l'IA en 2025 Survey Findings: AI Cybersecurity Priorities and Objectives in 2025 Part 4/4: Darktrace shared new insights in the annual State of AI Cybersecurity report. This blog explores its findings on defenders\' priorities and objectives going into 2025. Discover the latest trends of major obstacles and the plans to overcome them by downloading the full report.]]> 2025-03-25T14:00:02+00:00 https://www.darktrace.com/blog/survey-findings-ai-cybersecurity-priorities-and-objectives-in-2025 www.secnews.physaphae.fr/article.php?IdArticle=8658104 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 5 Considérations pour un déploiement de la prévention des pertes de données 5 Considerations for a Data Loss Prevention Rollout Strong DLP can be a game-changer - but it can also become a slow-moving, overcomplicated mess if not executed properly.]]> 2025-03-25T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/5-considerations-data-loss-prevention-rollout www.secnews.physaphae.fr/article.php?IdArticle=8658129 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine NIST met en garde contre les limitations importantes des atténuations de sécurité AI / ML NIST Warns of Significant Limitations in AI/ML Security Mitigations NIST has urged more research and emphasis on developing mitigations for attacks on AI and ML systems]]> 2025-03-25T14:00:00+00:00 https://www.infosecurity-magazine.com/news/nist-limitations-ai-ml-security/ www.secnews.physaphae.fr/article.php?IdArticle=8658108 False None None 2.0000000000000000 Nextron - Blog Secu Protéger des systèmes obsolètes et non pris en charge Protecting Outdated and Unsupported Systems 2025-03-25T13:21:52+00:00 https://www.nextron-systems.com/2025/03/25/protecting-outdated-and-unsupported-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8658102 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Protéger la faillite immuable - 23andMe et ce que cela signifie pour la confidentialité des données Protecting the Unchangeable – 23andMe Bankruptcy and What It Means for Data Privacy Le récent dépôt de faillite par 23andme n'est pas juste une autre crise financière - c'est un avertissement frappant pour la communauté de la cybersécurité. Lorsqu'une entreprise a confié des effondrements de données génétiques immuables et sensibles, elle nous oblige à réexaminer la façon dont nous protégeons les actifs de données qui ne peuvent jamais être «réinitialisés». Cette évolution devrait servir de catalyseur aux organisations afin de hiérarchiser les mesures de protection des données robustes. Les enjeux de cybersécurité des données immuables dans le paysage des menaces d'aujourd'hui, les violations de données sont souvent considérées comme des événements isolés - quelque chose dont vous récupérez en modifiant un mot de passe ou en annulant une carte de crédit. Cependant, les données génétiques sont fondamentalement différentes. […]

>The recent bankruptcy filing by 23andMe isn\'t just another financial crisis – it\'s a stark warning for the cyber security community. When a company entrusted with immutable, sensitive genetic data collapses, it forces us to reexamine how we protect data assets that can never be “reset.” This development should serve as a catalyst for organizations to prioritize robust data protection measures. The Cyber Security Stakes of Immutable Data In today\'s threat landscape, data breaches are often viewed as isolated events – something you recover from by changing a password or canceling a credit card. However, genetic data is fundamentally different. […] ]]> 2025-03-25T13:00:57+00:00 https://blog.checkpoint.com/security/protecting-the-unchangeable-23andme-bankruptcy-and-what-it-means-for-data-privacy/ www.secnews.physaphae.fr/article.php?IdArticle=8658100 False Threat None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Tirer parti de l'IA dans les services financiers avec résilience et sécurité Leveraging AI in Financial Services with Resilience and Security Le secteur des services financiers est à un moment critique car il fait face à une pression croissante pour adopter des technologies de pointe comme l'IA pour rester compétitives et pertinentes. Les sociétés de services financiers et de technologie financière adoptent rapidement les progrès de l'IA, en particulier les modèles de langage importants et la génération auprès de la récupération, pour stimuler l'innovation et améliorer les expériences des clients. Cependant, avec ces opportunités sont des risques substantiels, notamment la sécurité et la résilience des systèmes d'IA. Comprendre comment les institutions financières peuvent équilibrer le besoin d'innovation tout en protégeant leurs opérations grâce à de solides mesures de cybersécurité et des stratégies de gestion des risques d'IA seront parmi les stratégies les plus importantes sur la voie […]

>The financial services sector is at a critical juncture as it faces increasing pressure to adopt cutting-edge technologies like AI to stay competitive and relevant. Financial services and financial technology companies are rapidly embracing AI advancements, particularly large language models and retrieval-augmented generation, to drive innovation and improve customer experiences. However, with these opportunities come substantial risks, most notably the security and resilience of AI systems. Understanding how financial institutions can balance the need for innovation while safeguarding their operations through robust cyber security measures and AI risk management strategies will be among the most important strategies on the pathway […] ]]> 2025-03-25T13:00:14+00:00 https://blog.checkpoint.com/artificial-intelligence/leveraging-ai-in-financial-services-with-resilience-and-security/ www.secnews.physaphae.fr/article.php?IdArticle=8658101 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La technologie de renforcement de la confidentialité pourrait empêcher les violations, abus de données avec l'aide du gouvernement, indique le rapport Privacy-boosting tech could prevent breaches, data misuse with government aid, report says Le rapport du New America Open Technology Institute vient au milieu de l'accès aux Doge aux informations sensibles des agences gouvernementales qui ont alarmé des experts.

>The New America Open Technology Institute report comes amid DOGE access to sensitive government agency information that has alarmed experts. ]]> 2025-03-25T13:00:00+00:00 https://cyberscoop.com/privacy-boosting-tech-could-prevent-breaches-data-misuse-with-government-aid-report-says/ www.secnews.physaphae.fr/article.php?IdArticle=8658122 False None None 2.0000000000000000 HackRead - Chercher Cyber Cyrebro reconnu dans Gartner Emerging Tech Report pour les startups de détection et de réponse CYREBRO Recognized in Gartner Emerging Tech Report for Detection and Response Startups Ramat Gan, Israel, 25th March 2025, CyberNewsWire]]> 2025-03-25T12:54:50+00:00 https://hackread.com/cyrebro-recognized-in-gartner-emerging-tech-report-for-detection-and-response-startups/ www.secnews.physaphae.fr/article.php?IdArticle=8658090 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Des pirates de fourmis tisserands liés à la Chine exposés après une infiltration de télécommunications sur quatre ans China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration Sygnia has uncovered Weaver Ant, a Chinese threat actor that spied on telecommunications networks for years]]> 2025-03-25T12:45:00+00:00 https://www.infosecurity-magazine.com/news/china-weaver-ant-hackers-telco/ www.secnews.physaphae.fr/article.php?IdArticle=8658092 False Threat None 2.0000000000000000 SecurityWeek - Security News La violation des données de Numotion a un impact sur près de 500 000 personnes Numotion Data Breach Impacts Nearly 500,000 People La violation de données liée au courrier électronique subie par le fauteuil roulant et d'autres fournisseurs d'équipements de mobilité Numotion affecte près de 500 000 personnes.

>Email-related data breach suffered by wheelchair and other mobility equipment provider Numotion affects almost 500,000 individuals. ]]> 2025-03-25T12:30:55+00:00 https://www.securityweek.com/numotion-data-breach-impacts-nearly-500000-people/ www.secnews.physaphae.fr/article.php?IdArticle=8658088 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Interpol arrêt 306 suspects, saisit 1 842 appareils en buste de cybercriminalité transfrontalière INTERPOL Arrests 306 Suspects, Seizes 1,842 Devices in Cross-Border Cybercrime Bust Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025. The coordinated effort "aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses," INTERPOL said, adding it]]> 2025-03-25T12:03:00+00:00 https://thehackernews.com/2025/03/interpol-arrests-306-suspects-seizes.html www.secnews.physaphae.fr/article.php?IdArticle=8658028 False Legislation None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Dark Web mentions d'outils d'IA malveillants augmente 200% Dark Web Mentions of Malicious AI Tools Spike 200% Kela researchers detect a 200%+ increase in dark web chatter about malicious AI tools]]> 2025-03-25T12:00:00+00:00 https://www.infosecurity-magazine.com/news/dark-web-mentions-malicious-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8658077 False Tool None 2.0000000000000000 HackRead - Chercher Cyber MEDUSA Ransomware désactive les outils anti-malware avec des certificats volés Medusa Ransomware Disables Anti-Malware Tools with Stolen Certificates Cybercriminals exploit AbyssWorker driver to disable EDR systems, deploying MEDUSA ransomware with revoked certificates for stealthy attacks.]]> 2025-03-25T11:56:24+00:00 https://hackread.com/medusa-ransomware-anti-malware-tools-stolen-certificates/ www.secnews.physaphae.fr/article.php?IdArticle=8658075 False Ransomware,Tool,Threat None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Rapport sur les logiciels espions paragon Report on Paragon Spyware nouveau rapport sur les logiciels spysware de Paragon: Résultats de clés: Présentation des solutions Paragon. Paragon Solutions a été fondée en Israël en 2019 et vend des logiciels espions appelés Graphite. La société se différencie en affirmant qu'elle a des garanties pour empêcher les types d'abus de logiciels espions pour lesquels le groupe NSO et les autres fournisseurs sont connus. Analyse de l'infrastructure des logiciels espions paragon. Sur la base d'une astuce d'un collaborateur, nous avons cartographié l'infrastructure du serveur que nous attribuons à l'outil de logiciel espion graphite de Paragon. Nous avons identifié un sous-ensemble de déploiements de parangon présumés, notamment en Australie, au Canada, à Chypre, au Danemark, à Israël et à Singapour. ...

Citizen Lab has a new report on Paragon’s spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of spyware abuses that NSO Group and other vendors are notorious for. Infrastructure Analysis of Paragon Spyware. Based on a tip from a collaborator, we mapped out server infrastructure that we attribute to Paragon’s Graphite spyware tool. We identified a subset of suspected Paragon deployments, including in Australia, Canada, Cyprus, Denmark, Israel, and Singapore. ...]]> 2025-03-25T11:05:01+00:00 https://www.schneier.com/blog/archives/2025/03/report-on-paragon-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8658070 False Tool None 2.0000000000000000 Zataz - Magazine Francais de secu Faille Telegram : jusqu\'à 4 millions de dollars offerts pour une faille zero-day 2025-03-25T11:04:55+00:00 https://www.zataz.com/faille-telegram-jusqua-4-millions-de-dollars-offerts-pour-une-faille-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8658071 False Vulnerability,Threat None 2.0000000000000000 ComputerWeekly - Computer Magazine ETSI lance la première norme de cryptage post-quantum ETSI launches first post-quantum encryption standard European telco standards body launches its first post-quantum cryptography cyber standard, covering the security of critical data and communications]]> 2025-03-25T10:45:00+00:00 https://www.computerweekly.com/news/366621214/ETSI-launches-first-post-quantum-encryption-standard www.secnews.physaphae.fr/article.php?IdArticle=8659909 False None None 3.0000000000000000 Data Security Breach - Site de news Francais Prison ferme requise contre une vendeuse de téléphones Encrochat 2025-03-25T10:38:50+00:00 https://www.datasecuritybreach.fr/prison-ferme-requise-contre-une-femme-neerlandaise-pour-trafic-de-telephones-encrochat/ www.secnews.physaphae.fr/article.php?IdArticle=8658063 False Legislation None 2.0000000000000000 Zataz - Magazine Francais de secu Snowflake : un Canadien extradé vers les États-Unis pour une série de cyberattaques 2025-03-25T10:28:30+00:00 https://www.zataz.com/snowflake-un-canadien-extrade-vers-les-etats-unis-pour-une-serie-de-cyberattaques/ www.secnews.physaphae.fr/article.php?IdArticle=8658072 False None None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Juges à risque: l'exposition alarmante des informations personnelles en ligne Judges at risk: The alarming exposure of personal information online 2025-03-25T10:17:11+00:00 https://blog.incogni.com/judges-personal-information-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8658061 False None None 2.0000000000000000 Zataz - Magazine Francais de secu Un piratage génétique embarrassant pour le Kremlin 2025-03-25T10:09:37+00:00 https://www.zataz.com/un-piratage-genetique-embarrassant-pour-le-kremlin/ www.secnews.physaphae.fr/article.php?IdArticle=8658073 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain New Android Malware utilise .net Maui de Microsoft \\ pour échapper à la détection New Android malware uses Microsoft\\'s .NET MAUI to evade detection New Android malware campaigns use Microsoft\'s cross-platform framework .NET MAUI while disguising as legitimate services to evade detection. [...]]]> 2025-03-25T09:52:53+00:00 https://www.bleepingcomputer.com/news/security/new-android-malware-uses-microsofts-net-maui-to-evade-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8658105 False Malware,Mobile None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial FDD appelle Trump à répondre aux menaces des entreprises publiques de Chine \\ à la sécurité économique américaine FDD calls on Trump to address threats from China\\'s state-owned enterprises to US economic security The FDD urged President Donald Trump to concentrate on the People’s Republic of China’s state-owned enterprises (SOEs), highlighting... ]]> 2025-03-25T09:47:35+00:00 https://industrialcyber.co/critical-infrastructure/fdd-calls-on-trump-to-address-threats-from-chinas-state-owned-enterprises-to-us-economic-security/ www.secnews.physaphae.fr/article.php?IdArticle=8658055 False None None 3.0000000000000000 Data Security Breach - Site de news Francais La Chine dévoile un puissant coupe-câble sous-marin : un bouleversement potentiel de l\'ordre mondial 2025-03-25T09:44:39+00:00 https://www.datasecuritybreach.fr/la-chine-devoile-un-puissant-coupe-cable-sous-marin-un-bouleversement-potentiel-de-lordre-mondial/ www.secnews.physaphae.fr/article.php?IdArticle=8658047 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Ukraine \\'s Ukrzaliznytsia Railway Opérateur frappé par Cyberattack; Système de billets a perturbé les longues files d'attente Ukraine\\'s Ukrzaliznytsia railway operator hit by cyberattack; ticket system disrupted sparking long queues À la suite des rapports d'une cyberattaque à grande échelle ciblant Ukrzaliznytsia, l'opérateur de chemin de fer appartenant à l'État d'Ukraine \\, la gare centrale de Kiev \\ aurait été ...

>Following reports of a large-scale cyberattack targeting Ukrzaliznytsia, Ukraine\'s state-owned railway operator, Kyiv\'s central railway station was reportedly... ]]> 2025-03-25T09:42:58+00:00 https://industrialcyber.co/transport/ukraines-ukrzaliznytsia-railway-operator-hit-by-cyberattack-ticket-system-disrupted-sparking-long-queues/ www.secnews.physaphae.fr/article.php?IdArticle=8658056 False None None 3.0000000000000000 Cyble - CyberSecurity Firm Les capteurs Cyble détectent les tentatives d'exploitation sur les caméras IP Ivanti, AVTech Cyble Sensors Detect Exploit Attempts on Ivanti, AVTECH IP Cameras aperçu Les vulnérabilités dans les produits Ivanti, les caméras IP AVTech et les plugins WordPress ont récemment fait partie des dizaines de tentatives d'exploitation détectées par des capteurs de pot de miel Cyble. Les tentatives d'attaque ont été détaillées dans les rapports hebdomadaires de Sensor Intelligence de la Menage Intelligence Company \\. Les rapports CYBLE ont également examiné les attaques persistantes contre les systèmes Linux et les appareils de réseau et de réseau, alors que les acteurs de la menace scarchent des appareils vulnérables pour ransomware href = "https://cyble.com/knowledge-hub/what-is-ddos-attack/" Target = "_ Blank" rel = "noreferrer noopener"> ddos et des botnets d'exploration de crypto. Les rapports ont également examiné les logiciels malveillants bancaires, les attaques brutes-force, les ports vulnérables et phishing campagnes. Voici quelques-unes des campagnes d'attaque récentes couvertes dans les rapports de capteurs Cyble. Les utilisateurs pourraient être vulnérables à l'attaque si les versions de produits affectées ne sont pas corrigées et atténuées. Exploits de vulnérabilité détectés par cyble ivanti vulnérabilité s Voici quelques-unes des vulnérabilités ciblées dans les récentes tentatives d'attaque détect�]]> 2025-03-25T09:36:32+00:00 https://cyble.com/blog/cyble-sensors-detect-exploit-attempts-on-ivanti-avtech-ip-cameras/ www.secnews.physaphae.fr/article.php?IdArticle=8658054 False Malware,Vulnerability,Threat,Patching,Industrial None 2.0000000000000000 Zataz - Magazine Francais de secu Comment bien sécuriser votre smartphone ? 2025-03-25T09:33:07+00:00 https://www.zataz.com/comment-bien-securiser-votre-smartphone/ www.secnews.physaphae.fr/article.php?IdArticle=8658086 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine IngressnightMare: quatre bogues critiques trouvés dans 40% des systèmes cloud IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems Wiz Security finds four critical RCE vulnerabilities in the Ingress NGINX Controller for Kubernetes]]> 2025-03-25T09:30:00+00:00 https://www.infosecurity-magazine.com/news/ingressnightmare-critical-bugs-40/ www.secnews.physaphae.fr/article.php?IdArticle=8658057 False Vulnerability,Cloud None 2.0000000000000000 Zataz - Magazine Francais de secu Un ex-entraîneur de football américain accusé de piratage massif de données universitaires 2025-03-25T09:27:46+00:00 https://www.zataz.com/un-ex-entraineur-de-football-americain-accuse-de-piratage-massif-de-donnees-universitaires/ www.secnews.physaphae.fr/article.php?IdArticle=8658058 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Le dépôt de faillite 23andMe peut mettre des données sensibles en danger 23andMe Bankruptcy Filing May Put Sensitive Data at Risk Security experts worry the company\'s Chapter 11 status and aim to sell its assets could allow threat actors to exploit and misuse the genetic information it collected.]]> 2025-03-25T09:16:09+00:00 https://www.darkreading.com/cyber-risk/23andme-bankruptcy-filing-sensitive-data-at-risk www.secnews.physaphae.fr/article.php?IdArticle=8658098 False Threat None 3.0000000000000000 Data Security Breach - Site de news Francais Le Trésor américain lève les sanctions contre Tornado Cash 2025-03-25T08:59:31+00:00 https://www.datasecuritybreach.fr/victoire-historique-pour-la-crypto-le-tresor-americain-leve-les-sanctions-contre-tornado-cash-apres-une-victoire-en-appel/ www.secnews.physaphae.fr/article.php?IdArticle=8658032 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Une faille 0-Click dans WhatsApp exploitée pour installer le logiciel espion Graphite 2025-03-25T08:49:41+00:00 https://www.zataz.com/une-faille-0-click-dans-whatsapp-exploitee-pour-installer-le-logiciel-espion-graphite/ www.secnews.physaphae.fr/article.php?IdArticle=8658043 False None None 3.0000000000000000 Zataz - Magazine Francais de secu La Russie renforce la pression sur Google : 47 applications VPN menacées de suppression 2025-03-25T08:15:45+00:00 https://www.zataz.com/la-russie-renforce-la-pression-sur-google-47-applications-vpn-menacees-de-suppression/ www.secnews.physaphae.fr/article.php?IdArticle=8658044 False None None 2.0000000000000000 Data Security Breach - Site de news Francais DollyWay : la menace invisible qui frappe WordPress depuis 2016 2025-03-25T08:08:54+00:00 https://www.datasecuritybreach.fr/dollyway-la-menace-invisible-qui-frappe-wordpress-depuis-2016/ www.secnews.physaphae.fr/article.php?IdArticle=8658033 False None None 2.0000000000000000 Kaspersky - Kaspersky Research blog Cyberstérines financières en 2024 Financial cyberthreats in 2024 The Kaspersky financial threat report for 2024 contains the main trends and statistics on financial phishing and scams, mobile and PC banking malware, as well as recommendations on how to protect yourself and your business.]]> 2025-03-25T08:00:33+00:00 https://securelist.com/financial-threat-report-2024/115966/ www.secnews.physaphae.fr/article.php?IdArticle=8658035 False Malware,Threat,Mobile None 3.0000000000000000 Zataz - Magazine Francais de secu Oracle Cloud visé par une attaque revendiquée : un pirate affirme avoir volé 6 millions d\'enregistrements 2025-03-25T07:58:04+00:00 https://www.zataz.com/oracle-cloud-vise-par-une-attaque-revendiquee-un-pirate-affirme-avoir-vole-6-millions-denregistrements/ www.secnews.physaphae.fr/article.php?IdArticle=8658029 False Cloud None 3.0000000000000000 Zataz - Magazine Francais de secu Des convertisseurs en ligne piégés volent des données personnelles 2025-03-25T07:38:27+00:00 https://www.zataz.com/des-convertisseurs-en-ligne-pieges-volent-des-donnees-personnelles/ www.secnews.physaphae.fr/article.php?IdArticle=8658030 False None None 3.0000000000000000 The Register - Site journalistique Anglais Vanhelsing Ransomware émerge pour mettre un pieu dans votre coeur Windows VanHelsing ransomware emerges to put a stake through your Windows heart There\'s only one rule – don\'t attack Russia, duh Check Point has spotted a fresh ransomware-as-a-service crew in town: VanHelsing, touting a cross-platform locker targeting Microsoft Windows, Linux, and VMware ESXi systems, among others. But so far, only Windows machines have fallen victim, we\'re told.…]]> 2025-03-25T07:32:07+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/25/vanhelsing_ransomware_russia/ www.secnews.physaphae.fr/article.php?IdArticle=8658022 False Ransomware None 2.0000000000000000 Korben - Bloger francais Goblin Tools - Des IA minimalistes pour vaincre la procrastination 2025-03-25T07:18:13+00:00 https://korben.info/goblin-tools-des-ia-minimalistes-pour-vaincre-la-procrastination.html www.secnews.physaphae.fr/article.php?IdArticle=8658018 False Tool None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite La société de cybersécurité découvre le major Oracle Cloud Breach-Oracle le refuse Cybersecurity Firm Uncovers Major Oracle Cloud Breach-Oracle Denies It Cybersecurity firm CloudSEK has identified a major data breach involving Oracle Cloud. A threat actor, known as “rose87168,” claims to be selling around 6 million records stolen from Oracle Cloud’s Single Sign-On (SSO) and Lightweight Directory Access Protocol (LDAP) servers. The compromised data includes Java KeyStore (JKS) files, encrypted SSO passwords, key files, and Enterprise [...]]]> 2025-03-25T06:19:50+00:00 https://informationsecuritybuzz.com/firm-uncover-major-oracle-cloud-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8658019 False Data Breach,Threat,Cloud None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Protection des données: les principales tendances de la sauvegarde et de la récupération Data protection: Top trends in Backup and Recovery Without a robust backup and recovery strategy, organisations risk significant data loss, workflow disruptions, reputational damage, fines, and lawsuits in the case of a data breach or ransomware attack. Yet, many businesses are still struggling to master their data protection challenges: Nearly a third of IT professionals are currently losing sleep over their backup and [...]]]> 2025-03-25T05:08:40+00:00 https://informationsecuritybuzz.com/data-top-trends-in-backup-and-recovery/ www.secnews.physaphae.fr/article.php?IdArticle=8658010 False Ransomware,Data Breach None 3.0000000000000000