This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-16T03:10:57+00:00 www.secnews.physaphae.fr Kaspersky - Kaspersky Research blog In this article, we share our analysis of a recent version of the DinodasRAT implant for Linux, which may have been active since 2022.]]> 2024-03-28T13:00:51+00:00 https://securelist.com/dinodasrat-linux-implant/112284/ www.secnews.physaphae.fr/article.php?IdArticle=8471988 False None None 3.0000000000000000 Security Intelligence - Site de news Américain Un changement majeur dans la façon dont les travaux de cyber-assurance ont commencé par une attaque contre le géant pharmaceutique Merck.Ou a-t-il commencé ailleurs?En juin 2017, l'incident de NotPetya a frappé quelque 40 000 ordinateurs Merck, détruisant des données et forçant un processus de récupération de plusieurs mois.L'attaque a affecté des milliers de sociétés multinationales, dont Mondel & # 275; Z et Maersk.Au total, [& # 8230;]

---

>A major shift in how cyber insurance works started with an attack on the pharmaceutical giant Merck. Or did it start somewhere else? In June 2017, the NotPetya incident hit some 40,000 Merck computers, destroying data and forcing a months-long recovery process. The attack affected thousands of multinational companies, including Mondelēz and Maersk. In total, […] ]]> 2024-03-28T13:00:00+00:00 https://securityintelligence.com/articles/merck-settlement-affect-insurance-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8472020 False None NotPetya 2.0000000000000000 Fortinet - Fabricant Materiel Securite Unifying detection and response efforts improves response times while enhancing SOC productivity. Read more.]]> 2024-03-28T13:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/unifying-detection-and-response-efforts www.secnews.physaphae.fr/article.php?IdArticle=8472021 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Those with special committees that include a cyber expert rather than relying on the full board are more likely to improve security and financial performance.]]> 2024-03-28T13:00:00+00:00 https://www.darkreading.com/cyber-risk/study-corporations-with-cyber-governance-create-almost-4x-more-value www.secnews.physaphae.fr/article.php?IdArticle=8471992 False None None 4.0000000000000000 Mandiant - Blog Sécu de Mandiant   Over the last several years, the security community has witnessed an uptick in System Center Configuration Manager (SCCM)-related attacks. From extracting network access account (NAA) credentials to deploying malicious applications to targeted devices, SCCM attacks have aided in accomplishing complex objectives and evading existing detections. Mandiant\'s Red Team has utilized SCCM technology to perform novel attacks against mature clients where conventional methodology was not possible. One such SCCM attack is introduced in this blog post. There was a time when red teamers with elevated privileges on a Windows system could effortlessly inject shellcode into an unsuspecting user\'s processes. This allowed red teamers to carry out post-exploitation activities within that new process, such as keylogging or accessing LDAP as the affected user. However, as endpoint detection and response (EDR) systems have improved, remote process injection has turned into a risky operation, pushing red teamers to seek alternative methods to hijack a user\'s session. Enter CcmExec, a service native to SCCM Windows clients that has an interesting design that is useful for red teamers. In this blog post, we delve into how the CcmExec service can be utilized for session hijacking and introduce CcmPwn, a tool designed to facilitate this technique. Finally, we will discuss detection strategies for security teams. AppDomainManager Injection Before diving into CcmExec, it is important to understand the intricacies of AppDomainManager injection, a loader hijacking technique used by attackers to execute arbitrary code within a .NET application. In essence, the .NET framework provides a way to manage application domains, which are isolated environments where .NET applications can run code. The AppDomainManager class is a key part of this infrastructure, responsible for creating and managing these application domains. However, if an attacker were to override the AppDomainManager class constructor, they could force the hosting application to run attacker-defined behavior when creating an application domain. The most common method to perform AppDomainManager injection is through a .config file. This approach involves modifying the application\'s configuration file to specify a custom dynamic-link library file (DLL) and AppDomainManager to be executed by the .NET application. Here\'s how it\'s done: Create a custom AppDomainManager: Develop a class that derives from AppDomainManager and includes malicious code. Compile this class into a DLL. Create a configuration file: Modify or create the application\'s ]]> 2024-03-28T13:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/windows-session-hijacking-via-ccmexec/ www.secnews.physaphae.fr/article.php?IdArticle=8500399 False Tool None None Korben - Bloger francais 2024-03-28T12:52:10+00:00 https://korben.info/fdn-lance-vpn-public-gratuit-internet-libre.html www.secnews.physaphae.fr/article.php?IdArticle=8472034 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-03-28T12:49:35+00:00 https://www.silicon.fr/avis-expert/du-ransomware-au-ransomware-as-a-service-comment-aller-plus-loin-dans-la-lutte-a-lheure-de-lintelligence-artificielle www.secnews.physaphae.fr/article.php?IdArticle=8471995 False Ransomware None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Flashpoint recorded a 34.5% rise in reported data breaches in 2023, with ransomware a major driver of this increase]]> 2024-03-28T12:15:00+00:00 https://www.infosecurity-magazine.com/news/personal-records-exposed-data/ www.secnews.physaphae.fr/article.php?IdArticle=8471996 False Ransomware None 3.0000000000000000 ComputerWeekly - Computer Magazine 2024-03-28T11:46:00+00:00 https://www.computerweekly.com/news/366575814/UK-plc-going-backwards-on-cyber-maturity-Cisco-report-claims www.secnews.physaphae.fr/article.php?IdArticle=8472179 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine 2024-03-28T11:28:00+00:00 https://www.computerweekly.com/news/366575852/Sellafield-to-be-prosecuted-over-alleged-cyber-compliance-failure www.secnews.physaphae.fr/article.php?IdArticle=8472097 False None None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Attaque du canal latéral matériel: La menace réside dans le préfetcher dépendant de la mémoire des données, une optimisation matérielle qui prédit les adresses mémoire des données à laquelle le code exécutif est susceptible d'accéder dans un avenir proche.En chargeant le contenu dans le cache CPU avant qu'il soit réellement nécessaire, le DMP, comme la fonctionnalité est abrégée, réduit la latence entre la mémoire principale et le CPU, un goulot d'étranglement commun dans l'informatique moderne.Les DMP sont un phénomène relativement nouveau trouvé uniquement dans les puces de la série M et la microarchitecture du lac Raptor de 13217;

---

It’s yet another hardware side-channel attack: The threat resides in the chips\' data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it\'s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing. DMPs are a relatively new phenomenon found only in M-series chips and Intel’s 13th-generation Raptor Lake microarchitecture, although older forms of prefetchers have been common for years...]]> 2024-03-28T11:05:01+00:00 https://www.schneier.com/blog/archives/2024/03/hardware-vulnerability-in-apples-m-series-chips.html www.secnews.physaphae.fr/article.php?IdArticle=8471938 False Vulnerability,Threat None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant   In June 2023, Russian businessman Yevgeniy Prigozhin and his private military company (PMC) “Wagner” carried out an armed mutiny within Russia. The events triggered the meteoric political downfall of Prigozhin, raising questions about the future of his various enterprises that were only underscored when he died two months later under suspicious circumstances. Up to that point, Prigozhin and his enterprises worked to advance the Kremlin\'s interests as the manifestation of the thinnest veil of plausible deniability for state-guided actions on multiple continents. Such enterprises included the Wagner PMC; overt influence infrastructure, like his media company Patriot Group that housed his media companies, including the “RIA FAN” Federal News Agency; covert influence infrastructures; and an array of businesses aimed at generating personal wealth and the resourcing necessary to fund his various ventures. Mandiant has for years tracked and reported on covert information operations (IO) threat activity linked to Prigozhin. His involvement in IO was first widely established in the West as part of the public exposure of Russian-backed interference in the 2016 U.S. presidential election-this included activity conducted by Russia\'s Internet Research Agency (IRA), which the U.S. Government publicly named Prigozhin as its financier. Subsequently, Prigozhin was publicly connected to a web of IO activity targeting the U.S., EU, Ukraine, Russian domestic audiences, countries across Africa, and further afield. Such activity has worked not only to advance Russian interests on matters of strategic importance, but also has attempted to exploit existing divisions in societies targeting various subgroups across their population.  Throughout 2023, Mandiant has observed shifts in the activity from multiple IO campaigns linked to Prigozhin, including continued indicators that components of these campaigns have remained viable since his death. This blog post examines a sample of Prigozhin-linked IO campaigns to better understand their outcomes thus far and provide an overview of what can be expected from these activity sets in the future. This is relevant not only because some of the infrastructure of these campaigns remains viable despite Prigozhin\'s undoing, but also because we advance into a year in which Ukraine continues to dominate Russia\'s strategic priorities and there are multiple global elections that Russia may seek to influence. Mandiant and Google\'s Threat Analysis Group (TAG) work together in support of our respective missions at Google. TAG has likewise been tracking coordinated influence operations linked to Prigozhin and the Internet Research Agency (IRA) for years; and in 2023, Google took over 400 enforcement actions to disrupt IO campaigns linked to the IRA, details of which are reported in the quarterly TAG Bulletin. TAG has not observed significant activity from the IRA or other Prigozhin-linked entities specifically on Google platforms since Prigozhin\'s death,]]> 2024-03-28T11:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/io-campaigns-russian-prigozhin-persist/ www.secnews.physaphae.fr/article.php?IdArticle=8500400 False Threat,Studies,Legislation,Prediction None None We Live Security - Editeur Logiciel Antivirus ESET This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to cybersecurity]]> 2024-03-28T10:30:00+00:00 https://www.welivesecurity.com/en/cybercrime/cybercriminals-play-dirty-10-cyber-hits-sporting-world/ www.secnews.physaphae.fr/article.php?IdArticle=8472404 False None None 2.0000000000000000 The Register - Site journalistique Anglais Sensitive documents dumped on leak site amid claims of 3 TB of data stolen in total NHS Scotland says it managed to contain a ransomware group\'s malware to a regional branch, preventing the spread of infection across the entire institution.…]]> 2024-03-28T10:27:12+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/28/nhs_scotland_cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8471940 False Ransomware,Malware None 2.0000000000000000 ProofPoint - Cyber Firms 2024-03-28T10:21:02+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/security-awareness-program-enhancements-winter-release www.secnews.physaphae.fr/article.php?IdArticle=8471991 False Vulnerability,Threat,Prediction None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Beaming research reveals that nearly half of UK SMEs have lost data since 2019, costing billions]]> 2024-03-28T10:15:00+00:00 https://www.infosecurity-magazine.com/news/british-smes-lost-data-five-years/ www.secnews.physaphae.fr/article.php?IdArticle=8471941 False None None 3.0000000000000000 ProofPoint - Firm Security 2024-03-28T10:13:07+00:00 https://www.proofpoint.com/us/newsroom/news/thread-hijacking-phishes-prey-your-curiosity www.secnews.physaphae.fr/article.php?IdArticle=8476719 False None None 2.0000000000000000 Veracode - Application Security Research, News, and Education Blog The US National Institute of Standards and Technology (NIST) has almost completely stopped analyzing new vulnerabilities (CVEs) listed in its National Vulnerability Database (NVD). Through the first six weeks of 2024, NIST analyzed over 3,500 CVEs with only 34 CVEs awaiting analysis.1 Since February 13th, however, nearly half (48%) of the 7,200 CVEs received this year by the NVD are still awaiting analysis.2 The number of CVEs analyzed has dropped nearly 80% to less than 750 CVEs analyzed. Other than a vague reference to establishing a consortium, the reasons behind this disruption remain a mystery.  Thankfully, Veracode customers need not worry about this disruption because they have access to Veracode\'s proprietary database. Since the notice on February 13th, Veracode has released over 300 CVEs. Of these 300+, NVD has analyzed less than 15 of these CVEs. Read on to learn how Veracode SCA operates without NVD providing CVE analysis.     NVD Analysis …]]> 2024-03-28T10:05:47+00:00 https://www.veracode.com/blog/research/veracode-customers-shielded-nvd-disruptions www.secnews.physaphae.fr/article.php?IdArticle=8472023 False Vulnerability None 3.0000000000000000 SecurityWeek - Security News Bien que l'attaque de la bibliothèque nationale du Royaume-Uni se soit produite il y a cinq mois, l'infrastructure de la bibliothèque \\ n'a pas été reconstruite jusqu'à la mi-avril 2024, puis la restauration complète des systèmes et des données peut commencer.

---

>Although the attack on the national library of the UK occurred five months ago, the Library\'s infrastructure won\'t be rebuilt until mid-April 2024, and then the full restoration of systems and data can begin. ]]> 2024-03-28T10:00:00+00:00 https://www.securityweek.com/details-and-lessons-learned-from-the-ransomware-attack-on-the-british-library/ www.secnews.physaphae.fr/article.php?IdArticle=8471912 False Ransomware None 3.0000000000000000 Silicon - Site de News Francais 2024-03-28T09:59:47+00:00 https://www.silicon.fr/serveurs-ia-cyberattaques-ray-477251.html www.secnews.physaphae.fr/article.php?IdArticle=8471915 False None None 3.0000000000000000 Global Security Mag - Site de news francais vulnérabilité de sécurité

---

An attacker can create a memory leak of libLAS, in order to trigger a denial of service. - Security Vulnerability]]> 2024-03-28T09:43:29+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-liblas-memory-leak-analyzed-on-13-03-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8471899 False Vulnerability None 3.0000000000000000 SecurityWeek - Security News La CISA demande des commentaires sur la mise en œuvre de Circia, qui coûtera 2,6 milliards de dollars et aura un impact sur 316 000 entités.

---

>CISA is seeking comment on the implementation of CIRCIA, which will cost $2.6 billion and will impact 316,000 entities. ]]> 2024-03-28T09:43:02+00:00 https://www.securityweek.com/cisa-moving-forward-with-cyber-incident-reporting-rules-impacting-316000-entities/ www.secnews.physaphae.fr/article.php?IdArticle=8471913 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A rising volume of calls to the Scottish Cyber and Fraud Centre highlights surging threat levels]]> 2024-03-28T09:30:00+00:00 https://www.infosecurity-magazine.com/news/calls-incident-response-helpline/ www.secnews.physaphae.fr/article.php?IdArticle=8471914 False Threat None 3.0000000000000000 Korben - Bloger francais Suite]]> 2024-03-28T08:33:12+00:00 https://korben.info/applis-android-incogni.html www.secnews.physaphae.fr/article.php?IdArticle=8471885 False Mobile None 3.0000000000000000 Korben - Bloger francais 2024-03-28T08:00:00+00:00 https://korben.info/outil-terminal-toolong-suivi-fichiers-journalisation-jsonl.html www.secnews.physaphae.fr/article.php?IdArticle=8471886 False Tool None 3.0000000000000000 Silicon - Site de News Francais 2024-03-28T07:51:03+00:00 https://www.silicon.fr/amazon-deuxieme-tranche-investissement-anthropic-477248.html www.secnews.physaphae.fr/article.php?IdArticle=8471884 False None None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-28T07:50:13+00:00 https://www.globalsecuritymag.fr/crowdstrike-et-rubrik-annonce-un-partenariat-pour-transformer-la-securite-des.html www.secnews.physaphae.fr/article.php?IdArticle=8471872 False Cloud None 2.0000000000000000 The Register - Site journalistique Anglais Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don\'t do that In-depth  Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.…]]> 2024-03-28T07:01:12+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/ www.secnews.physaphae.fr/article.php?IdArticle=8471838 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch Government, manufacturing, and the energy industry are the top targets of advanced, persistent threat actors, with phishing attacks and remote exploits the most common vectors.]]> 2024-03-28T06:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/saudi-arabia-uae-top-list-of-apt-targeted-nations-in-middle-east www.secnews.physaphae.fr/article.php?IdArticle=8471815 False Threat None 3.0000000000000000 The Security Ledger - Blog Sécurité épisode 257: sécurisation des logiciels sur roues ... Lisez toute l'entrée ... & nbsp; & raquo; Cliquez sur l'icône ci-dessous pour écouter.

---

In this episode of The Security Ledger Podcast (#257) Paul speaks with Dennis Kengo Oka, a senior principal automotive security strategist at the firm Synopsys about the growing cyber risks to automobiles as connected vehicle features proliferate in the absence of strong cybersecurity protections. The post Episode 257: Securing Software on Wheels...Read the whole entry... »Click the icon below to listen. ]]> 2024-03-28T01:19:21+00:00 https://feeds.feedblitz.com/~/874601729/0/thesecurityledger~Episode-Securing-Software-on-Wheels-with-Dennis-Kengo-Oka-of-Synopsys/ www.secnews.physaphae.fr/article.php?IdArticle=8472033 False None None 3.0000000000000000 The Security Ledger - Blog Sécurité épisode 257:Sécurisation du logiciel sur les roues ... Lisez toute l'entrée ... & nbsp; & raquo; Cliquez sur l'icône ci-dessous pour écouter.

---

In this episode of The Security Ledger Podcast (#257) Paul speaks with Dennis Kengo Oka, a senior principal automotive security strategist at the firm Synopsys about the growing cyber risks to automobiles as connected vehicle features proliferate in the absence of strong cybersecurity protections. The post Episode 257: Securing Software on Wheels...Read the whole entry... »Click the icon below to listen. ]]> 2024-03-28T01:19:21+00:00 https://feeds.feedblitz.com/~/874573217/0/thesecurityledger~Episode-Securing-Software-on-Wheels-with/ www.secnews.physaphae.fr/article.php?IdArticle=8471724 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La proposition décrit quand des organisations d'infrastructures critiques devront signaler les incidents de cybersécurité.

---

>The proposal describes when critical infrastructure organizations will be required to report cybersecurity incidents. ]]> 2024-03-27T23:25:08+00:00 https://cyberscoop.com/cisa-cyber-incident-reporting-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8471681 False None None 3.0000000000000000 TroyHunt - Blog Security Researchers say it\'s the first known in-the-wild attack targeting AI workloads.]]> 2024-03-27T22:40:53+00:00 https://arstechnica.com/?p=2013046 www.secnews.physaphae.fr/article.php?IdArticle=8471678 False None None 3.0000000000000000 Dark Reading - Informationweek Branch You don\'t have to stop using SSH keys to stay safe. This Tech Tip explains how to protect your system against CVE-2023-48795.]]> 2024-03-27T22:25:13+00:00 https://www.darkreading.com/vulnerabilities-threats/10-steps-to-detect-prevent-and-remediate-the-terrapin-vulnerability www.secnews.physaphae.fr/article.php?IdArticle=8471993 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch For many CISOs, "materiality" remains an ambiguous term. Even so, they need to be able to discuss materiality and risk with their boards.]]> 2024-03-27T22:20:00+00:00 https://www.darkreading.com/cyber-risk/a-ciso-s-guide-to-materiality-and-risk-determination www.secnews.physaphae.fr/article.php?IdArticle=8471994 False None None 3.0000000000000000 The Register - Site journalistique Anglais 2024-03-27T22:06:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/27/apple_passcode_attack/ www.secnews.physaphae.fr/article.php?IdArticle=8471630 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'Agence américaine de sécurité de cybersécurité et d'infrastructure (CISA) a publié un avis de réglementation proposée (NPRM) pour le public ...

---

>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a Notice of Proposed Rulemaking (NPRM) for public... ]]> 2024-03-27T21:54:18+00:00 https://industrialcyber.co/cisa/cisa-proposes-cyber-incident-reporting-rules-under-circia-to-strengthen-us-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8471632 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Les analystes d'EclectiCIQ ont découvert un acteur de menace non identifié, connu sous le nom d'Operation Flightnight, en utilisant une version personnalisée du ...

---

>EclecticIQ analysts have uncovered an unidentified threat actor, known as Operation FlightNight, utilizing a customized version of the... ]]> 2024-03-27T21:50:12+00:00 https://industrialcyber.co/ransomware/eclecticiq-details-operation-flightnight-targeting-indian-government-entities-energy-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8471633 False Threat None 4.0000000000000000 Dark Reading - Informationweek Branch 2024-03-27T20:56:32+00:00 https://www.darkreading.com/cyberattacks-data-breaches/flare-acquires-foretrace-to-accelerate-threat-exposure-management-growth www.secnews.physaphae.fr/article.php?IdArticle=8471596 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2). "The information stealer was delivered via a phishing email, masquerading as an invitation letter]]> 2024-03-27T20:54:00+00:00 https://thehackernews.com/2024/03/hackers-target-indian-defense-and.html www.secnews.physaphae.fr/article.php?IdArticle=8471481 False Malware,Threat None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le nouveau rapport sonne l'alarme sur les cyber-risques spécifiques à l'IA tout en mettant en évidence les meilleures pratiques pour les combattre.

---

>The new report sounds the alarm on AI-specific cyber risks while highlighting best practices to combat them. ]]> 2024-03-27T20:53:02+00:00 https://cyberscoop.com/treasury-report-cyber-risks-ai-tools/ www.secnews.physaphae.fr/article.php?IdArticle=8471594 False None None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-03-27T20:47:51+00:00 https://www.darkreading.com/cloud-security/checkmarx-announces-partnership-with-wiz www.secnews.physaphae.fr/article.php?IdArticle=8471597 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-03-27T20:38:53+00:00 https://www.darkreading.com/cybersecurity-operations/wicys-and-isc2-launch-spring-camp-for-cybersecurity-certification www.secnews.physaphae.fr/article.php?IdArticle=8471598 False None None 3.0000000000000000 Global Security Mag - Site de news francais opinion

---

CybeReady Champions Security-First Culture as World Backup Day 2024 Shadowed by New Generation of Cyber Threats Smishing, Quishing, and Generative AI-Driven Attacks Putting Sensitive Data at Risk - Opinion]]> 2024-03-27T20:33:39+00:00 https://www.globalsecuritymag.fr/cybeready-champions-security-first-culture-as-world-backup-day-2024-shadowed-by.html www.secnews.physaphae.fr/article.php?IdArticle=8471615 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future La principale agence de cybersécurité de la nation a dévoilé la version initiale d'une nouvelle règle détaillant comment les organisations d'infrastructures critiques doivent signaler les cyberattaques au gouvernement fédéral. & NBSP;L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a affiché l'ensemble de réglementations de 447 pages en vertu du Cyber Incident Reporting for Critical Infrastructure Act au Federal Register, permettant

---

The nation\'s top cybersecurity agency has unveiled the initial draft of a new rule detailing how critical infrastructure organizations need to report cyberattacks to the federal government.  The Cybersecurity and Infrastructure Security Agency (CISA) posted the 447-page set of regulations under the Cyber Incident Reporting for Critical Infrastructure Act to the Federal Register, allowing]]> 2024-03-27T20:31:52+00:00 https://therecord.media/cisa-publishes-circia-rule-cyber-incident-reporting www.secnews.physaphae.fr/article.php?IdArticle=8471603 False None None 4.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

CyberArk Launches Industry\'s First Identity-Centric Secure Browser CyberArk Secure Browser Makes It Easy to Tailor Security, Privacy and Productivity Controls on Managed and Unmanaged Workforce Devices - Product Reviews]]> 2024-03-27T20:30:03+00:00 https://www.globalsecuritymag.fr/cyberark-announced-the-availability-of-cyberark-secure-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8471616 False None None 1.00000000000000000000 Dark Reading - Informationweek Branch 2024-03-27T20:29:40+00:00 https://www.darkreading.com/cyberattacks-data-breaches/new-cyber-threats-to-challenge-financial-services-sector-in-2024 www.secnews.physaphae.fr/article.php?IdArticle=8471599 False None None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T20:24:53+00:00 https://www.globalsecuritymag.fr/31-mars-journee-mondiale-de-la-sauvegarde-des-donnees-pourquoi-les-sauvegardes.html www.secnews.physaphae.fr/article.php?IdArticle=8471617 False Ransomware None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T20:15:14+00:00 https://www.globalsecuritymag.fr/recrutement-dans-la-cybersecurite-en-europe-selon-3-entreprises-sur-10-trois-a.html www.secnews.physaphae.fr/article.php?IdArticle=8471618 False None None 3.0000000000000000 HackRead - Chercher Cyber Par waqas Le groupe d'analyse des menaces de Google (TAG) rapporte une augmentation préoccupante des exploits zéro-jours et une activité accrue à partir de pirates soutenus par l'État. & # 8230; Ceci est un article de HackRead.com Lire la publication originale: Google Tag rapporte que la surtension zéro-jour et la montée des menaces de pirate d'État

---

>By Waqas Google’s Threat Analysis Group (TAG) reports a concerning rise in zero-day exploits and increased activity from state-backed hackers.… This is a post from HackRead.com Read the original post: Google TAG Reports Zero-Day Surge and Rise of State Hacker Threats]]> 2024-03-27T20:13:37+00:00 https://www.hackread.com/google-tag-zero-day-state-hacker-threat-surge/ www.secnews.physaphae.fr/article.php?IdArticle=8471595 False Vulnerability,Threat None 4.0000000000000000 Dark Reading - Informationweek Branch Hotel locks have been vulnerable to cyber compromise for decades and are extending their run into the digital age.]]> 2024-03-27T20:10:46+00:00 https://www.darkreading.com/vulnerabilities-threats/millions-hotel-rooms-worldwide-vulnerable-door-lock-exploit www.secnews.physaphae.fr/article.php?IdArticle=8471600 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch The available options for addressing the flaw are limited, leaving many Macs vulnerable to a "GoFetch" attack that steals keys - even quantum-resistant ones.]]> 2024-03-27T20:06:33+00:00 https://www.darkreading.com/application-security/patchless-apple-m-chip-vulnerability-cryptography-bypass www.secnews.physaphae.fr/article.php?IdArticle=8471601 False Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais magic quadrant

---

IDC MarketScape Names VIPRE Security Group a "Major Player" in Endpoint Security Vendor Assessment The Worldwide Modern Endpoint Security for Small Businesses 2024 Vendor Assessment commends VIPRE for their endpoint solutions and channel strategy - MAGIC QUADRANT ]]> 2024-03-27T20:05:30+00:00 https://www.globalsecuritymag.fr/idc-marketscape-names-vipre-security-group-a-major-player-in-endpoint-security.html www.secnews.physaphae.fr/article.php?IdArticle=8471619 False None None 3.0000000000000000 Global Security Mag - Site de news francais - rapports spéciaux

---

Flashpoint released its 2024 Global Threat Intelligence Report that looks back at 2023 to shed light on cyber threats, geopolitical turmoil, and escalating physical conflicts around the world to help organizations strengthen defenses, ensure operational resilience, and proactively confront multifaceted threats. - Special Reports]]> 2024-03-27T20:00:58+00:00 https://www.globalsecuritymag.fr/flashpoint-releases-annual-global-threat-intelligence-report.html www.secnews.physaphae.fr/article.php?IdArticle=8471580 False Threat,Studies None 4.0000000000000000 Dark Reading - Informationweek Branch More than ever, it\'s critical for organizations to understand the nature of AI-based threats and how they can blunt the advantage that AI conveys to bad actors.]]> 2024-03-27T19:56:09+00:00 https://www.darkreading.com/cyberattacks-data-breaches/threat-report-examining-the-use-of-ai-in-attack-techniques www.secnews.physaphae.fr/article.php?IdArticle=8471602 False Threat None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) [Consultez la rédaction de Microsoft \\ sur les informationsStealiers ici.] (Https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6) #### URL de référence (s) 1. https://www.trustwave.com/en-us/Ressources / blogs / spiderLabs-blog / agent-teslas-new-ride-the-ramen-of-a-novel-chargedeur / #### Date de publication 26 mars 2024 #### Auteurs) Bernard Bautista

---

#### Description SpiderLabs identified a phishing email on March 8, 2024, with an attached archive that included a Windows executable disguised as a fraudulent bank payment. This action initiated an infection chain culminating in the deployment of Agent Tesla. The loader is compiled with .NET and uses obfuscation and packing techniques to evade detection. It also exhibits polymorphic behavior with distinct decryption routines, making it difficult for traditional antivirus systems to detect. The loader uses methods like patching to bypass Antimalware Scan Interface (AMSI) detection and dynamically load payloads, ensuring stealthy execution and minimizing traces on disk. > [Check out Microsoft\'s write-up on Information Stealers here.](https://sip.security.microsoft.com/intel-profiles/2296d491ea381b532b24f2575f9418d4b6723c17b8a1f507d20c2140a75d16d6) #### Reference URL(s) 1. https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/agent-teslas-new-ride-the-rise-of-a-novel-loader/ #### Publication Date March 26, 2024 #### Author(s) Bernard Bautista ]]> 2024-03-27T19:14:21+00:00 https://community.riskiq.com/article/5ffaa8a4 www.secnews.physaphae.fr/article.php?IdArticle=8471583 False Patching None 3.0000000000000000 Dark Reading - Informationweek Branch CISA will administer the new reporting requirements for cyber incidents and ransomware payments.]]> 2024-03-27T18:51:27+00:00 https://www.darkreading.com/cybersecurity-operations/dhs-releases-unpublished-circia-document-proposing-new-rule www.secnews.physaphae.fr/article.php?IdArticle=8471543 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with]]> 2024-03-27T18:45:00+00:00 https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html www.secnews.physaphae.fr/article.php?IdArticle=8471391 False Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future Les agences d'État aux États-Unis continuent de faire face à des perturbations des attaques de ransomwares.Mardi soir, le gouvernement du comté de Gilmer en Géorgie a affiché un avis sur son site Web avertissant qu'une attaque de ransomware affectait sa capacité à fournir des services à ses plus de 30 000 résidents.«Le comté de Gilmer a récemment détecté et répondu à un

---

State agencies across the U.S. continue to face disruptions from ransomware attacks. On Tuesday evening, the government of Gilmer County in Georgia posted a notice on its website warning that a ransomware attack was affecting its ability to provide services to its more than 30,000 residents. “Gilmer County recently detected and responded to a]]> 2024-03-27T18:32:22+00:00 https://therecord.media/texas-georgia-municipalities-face-disruptions-from-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8471544 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users\' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user\'s knowledge," Guardio]]> 2024-03-27T18:24:00+00:00 https://thehackernews.com/2024/03/microsoft-edge-bug-could-have-allowed.html www.secnews.physaphae.fr/article.php?IdArticle=8471360 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain A new phishing-as-a-service (PhaaS) named \'Darcula\' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries. [...]]]> 2024-03-27T18:12:20+00:00 https://www.bleepingcomputer.com/news/security/new-darcula-phishing-service-targets-iphone-users-via-imessage/ www.secnews.physaphae.fr/article.php?IdArticle=8471656 False Mobile None 4.0000000000000000 Recorded Future - FLux Recorded Future Les chercheurs ont découvert une nouvelle campagne d'espionnage ciblant les agences gouvernementales indiennes et l'industrie de l'énergie du pays avec une version modifiée d'un voleur d'informations open source appelé HackbrowserData qui peut collecter des références de connexion du navigateur, des cookies et de l'histoire.Les chercheurs de la société néerlandaise de cybersécurité Eclecticiq ont découvert la campagne début mars mais ne l'attribue pas à un

---

Researchers have uncovered a new espionage campaign targeting Indian government agencies and the country\'s energy industry with a modified version of an open-source information stealer called HackBrowserData that can collect browser login credentials, cookies and history. Researchers at Dutch cybersecurity company EclecticIQ discovered the campaign in early March but didn\'t attribute it to a]]> 2024-03-27T18:10:24+00:00 https://therecord.media/india-infostealer-government-energy-sector-espionage www.secnews.physaphae.fr/article.php?IdArticle=8471545 False None None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Rapid-fire prompts sometimes followed with spoofed calls from "Apple support."]]> 2024-03-27T18:10:10+00:00 https://arstechnica.com/?p=2012822 www.secnews.physaphae.fr/article.php?IdArticle=8471540 False Mobile None 4.0000000000000000 Checkpoint - Fabricant Materiel Securite La saison fiscale de \\, cette merveilleuse période de l'année où un chèque de remboursement pourrait apparaître dans votre boîte aux lettres ou sortir pour être envoyé au gouvernement.Partout dans le monde, de nombreux pays se préparent pour un temps d'impôt.Cela devient un moment courant pour les pirates d'intervalence. En règle générale, les pirates en profitent en distribuant des fichiers malveillants qui se dégageaient comme des fichiers officiels.Il est si omniprésent, en fait, que l'IRS publie une liste annuelle de «Dirty Dozen», qui décrit les escroqueries fiscales les plus populaires.L'année dernière, nous avons également vu une torsion, avec un point de contrôle découvrant comment Chatgpt peut créer un phishing lié à l'impôt convaincant [& # 8230;]

---

>It\'s tax season, that wonderful time of year when a refund check might be showing up in your mailbox-or going out to be sent to the government. Around the world, many countries are gearing up for tax time. This becomes a common time for hackers to step in. Typically, hackers take advantage by distributing malicious files that masquerade as official files. It\'s so pervasive, in fact, that the IRS releases an annual “Dirty Dozen” list, which outlines the most popular tax scams. Last year, we also saw a twist, with Check Point uncovering how ChatGPT can create convincing tax-related phishing […] ]]> 2024-03-27T18:00:40+00:00 https://blog.checkpoint.com/security/beware-the-tax-scam-tsunami-unmasking-qr-code-schemes-bogus-refunds-and-ai-imposters/ www.secnews.physaphae.fr/article.php?IdArticle=8471568 False None ChatGPT 3.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Zivver Launches eSignature Feature to Bolster Email Security Zivver Secure eSignatures complements the company\'s existing email security and file sharing solutions to further address risk in digital communications - Product Reviews]]> 2024-03-27T17:39:27+00:00 https://www.globalsecuritymag.fr/zivver-launches-esignature-feature-to-bolster-email-security.html www.secnews.physaphae.fr/article.php?IdArticle=8471526 False None None 3.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Acumen launches to protect modern businesses from complex cyber threats 24/7 People-powered security service provider aims to emerge as one of the top five UK Managed Security Service Providers (MSSPs) within the next five years - Business News]]> 2024-03-27T17:32:29+00:00 https://www.globalsecuritymag.fr/acumen-announced-its-entry-into-the-uk-market.html www.secnews.physaphae.fr/article.php?IdArticle=8471527 False None None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-03-27T17:29:30+00:00 https://www.globalsecuritymag.fr/un-cybersquatteur-est-demasque-et-mis-en-demeure-par-nft.html www.secnews.physaphae.fr/article.php?IdArticle=8471528 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Goldilock Announces Channel-Only Sales Strategy and Appoints Steven Brodie as Head of Sales NATO-backed British cybersecurity startup scales up with channel-only sales model and appoints industry veteran to lead transition - Business News]]> 2024-03-27T17:25:35+00:00 https://www.globalsecuritymag.fr/goldilock-announces-channel-only-sales-strategy-and-appoints-steven-brodie-as.html www.secnews.physaphae.fr/article.php?IdArticle=8471529 False None None 2.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-03-27T17:14:23+00:00 https://www.globalsecuritymag.fr/cyber-readiness-index-de-cisco-cybermenace-les-dirigeants-francais-confiants.html www.secnews.physaphae.fr/article.php?IdArticle=8471530 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers "encrypted" VNDirect\'s data in an attack that kept the broker offline for days.]]> 2024-03-27T17:06:18+00:00 https://www.darkreading.com/cyberattacks-data-breaches/vietnam-securities-broker-suffered-cyberattack-that-suspended-trading www.secnews.physaphae.fr/article.php?IdArticle=8471482 False None None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2024-03-27T17:03:56+00:00 https://blog.knowbe4.com/number-new-pieces-malware-per-minute-quadrupled www.secnews.physaphae.fr/article.php?IdArticle=8471477 False Malware None 3.0000000000000000 knowbe4 - cybersecurity services 2024-03-27T17:03:46+00:00 https://blog.knowbe4.com/simple-payment-underway-phishing-email-downloads-rats www.secnews.physaphae.fr/article.php?IdArticle=8471478 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Mardi, la principale agence de cybersécurité de l'Allemagne a appelé mardi des milliers d'organisations vulnérables dans le pays pour corriger le logiciel Microsoft Exchange hors de jour.Selon un rapport de l'Office fédéral allemand pour la sécurité de l'information (BSI), au moins 17 000 serveurs sont vulnérables à un ou plusieurs bogues critiques, et les cybercriminels et les acteurs de l'État sont déjà activement activement

---

Germany\'s top cybersecurity agency on Tuesday called on thousands of vulnerable organizations in the country to patch out-of-date Microsoft Exchange software. According to a report by the German Federal Office for Information Security (BSI), at least 17,000 servers are vulnerable to one or more critical bugs, and cybercriminals and state actors are already actively]]> 2024-03-27T17:02:13+00:00 https://therecord.media/germany-bsi-microsoft-exchange-vulnerability-warning www.secnews.physaphae.fr/article.php?IdArticle=8471484 False None None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-27T16:58:59+00:00 https://www.globalsecuritymag.fr/docaposte-et-board-of-cyber-s-associent-pour-renforcer-la-cybersecurite-des-pme.html www.secnews.physaphae.fr/article.php?IdArticle=8471496 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.]]> 2024-03-27T16:57:55+00:00 https://www.darkreading.com/application-security/tycoon-malware-kit-bypasses-microsoft-google-mfa www.secnews.physaphae.fr/article.php?IdArticle=8471483 False Malware,Threat None 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Cybaverse.ai launched to streamline cyber security management and support cyber insurance mandates New platform launched to offer organisations with a unified view across their entire cyber security estate - Product Reviews]]> 2024-03-27T16:56:59+00:00 https://www.globalsecuritymag.fr/cybaverse-announced-the-launch-of-cybaverse-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8471497 False None None 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Cybersecurity mobile app bolsters organizations\' security while providing better quality of life for security leaders Hailed as a \'game-changer\' by customers, GreyMatter mobile app enables threats to be remediated in one click - Product Reviews]]> 2024-03-27T16:54:27+00:00 https://www.globalsecuritymag.fr/reliaquest-announced-new-features-to-its-greymatter-mobile-app.html www.secnews.physaphae.fr/article.php?IdArticle=8471498 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-27T16:49:44+00:00 https://www.globalsecuritymag.fr/nozomi-networks-etend-son-partenariat-avec-yokogawa.html www.secnews.physaphae.fr/article.php?IdArticle=8471499 False Threat,Industrial None 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-27T16:46:42+00:00 https://www.globalsecuritymag.fr/eviden-ouvre-un-centre-d-operations-de-securite-soc-au-mexique.html www.secnews.physaphae.fr/article.php?IdArticle=8471500 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-27T16:44:20+00:00 https://www.globalsecuritymag.fr/cyberark-lance-un-navigateur-axe-sur-la-securite-des-identites.html www.secnews.physaphae.fr/article.php?IdArticle=8471501 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine NHS Dumfries and Galloway confirmed that patient clinical data was leaked following the attack on its systems earlier in March 2024]]> 2024-03-27T16:35:00+00:00 https://www.infosecurity-magazine.com/news/nhs-clinical-data-leaked-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8471480 False Ransomware None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-27T16:30:54+00:00 https://www.globalsecuritymag.fr/le-label-france-cybersecurity-devoile-une-promotion-2024-record.html www.secnews.physaphae.fr/article.php?IdArticle=8471502 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (]]> 2024-03-27T16:26:00+00:00 https://thehackernews.com/2024/03/sase-solutions-fall-short-without.html www.secnews.physaphae.fr/article.php?IdArticle=8471300 False Cloud None 2.0000000000000000 TechRepublic - Security News US DNS FireWall is an intuitive security app built to protect you and your business from malware, phishing, botnets and more security threats.]]> 2024-03-27T16:21:33+00:00 https://www.techrepublic.com/article/dns-firewall-lifetime-subscription/ www.secnews.physaphae.fr/article.php?IdArticle=8471475 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies\' computing power and leak sensitive data," Oligo Security researchers Avi]]> 2024-03-27T16:09:00+00:00 https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8471301 False Vulnerability,Threat None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Après avoir recueilli 2,5 millions de dollars dans sa dernière ronde de financement des semences, Unstable Protocol est en mission pour transformer & # 8230; Ceci est un article de HackRead.com Lire le post original: Protocole defi Unstable augmente 2,5 millions de dollars pour faire avancer le secteur LRTFI

---

>By Uzair Amir After raising $2.5 million in its latest seed funding round, Unstable Protocol is on a mission to transform… This is a post from HackRead.com Read the original post: DeFi Protocol Unstable Raises $2.5M to Drive LRTfi Sector Forward]]> 2024-03-27T16:00:00+00:00 https://www.hackread.com/defi-protocol-unstable-raises-2-5m-to-lrtfi-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8471449 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial A panel discussion at the ongoing CS4CA USA Summit 2024 in Houston addressed achieving risk reduction through a... ]]> 2024-03-27T15:40:39+00:00 https://industrialcyber.co/risk-management/cs4ca-usa-summit-2024-panel-explores-holistic-approach-to-risk-management-risk-reduction-strategies/ www.secnews.physaphae.fr/article.php?IdArticle=8471444 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Nozomi Networks Inc., fournisseur d'offres de sécurité OT et IoT, a annoncé mercredi qu'elle avait étendu son partenariat ...

---

>Nozomi Networks Inc., vendor of OT and IoT security offerings, announced Wednesday that it has extended its partnership... ]]> 2024-03-27T15:34:18+00:00 https://industrialcyber.co/news/nozomi-networks-yokogawa-extend-alliance-to-deliver-ot-and-iot-security-services-globally/ www.secnews.physaphae.fr/article.php?IdArticle=8471445 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Non-profit organization MITRE announced Monday the launch of its AI Assurance and Discovery Lab to discover and mitigate... ]]> 2024-03-27T15:32:56+00:00 https://industrialcyber.co/ai/mitre-launches-ai-assurance-and-discovery-lab-to-identify-mitigate-risks-in-ai-enabled-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8471446 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Advanced adversaries are increasingly focused on enterprise technologies and their vendors, while end-user platforms are having success stifling zero-day exploits with cybersecurity investments, according to Google.]]> 2024-03-27T15:27:37+00:00 https://www.darkreading.com/threat-intelligence/zero-day-bonanza-exploits-enterprises www.secnews.physaphae.fr/article.php?IdArticle=8471451 False Vulnerability,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Un assureur spécialisé a dévoilé mardi un nouveau produit offrant une cyber-assurance pour les automobiles, offrant une couverture protégeant les conducteurs des cyberattaques, des ransomwares et du vol d'identité. & Nbsp;Munich Re, basée en Allemagne, a déclaré avoir créé son cyber pour le produit automobile par le biais de sa filiale basée aux États-Unis HSB pour aider les consommateurs à répondre à la cyber-exposition auxquels ils sont confrontés grâce à leur utilisation de connectés

---

A specialty insurer on Tuesday unveiled a new product offering cyber insurance for automobiles, providing coverage protecting drivers from cyberattacks, ransomware and identity theft.  Germany-based Munich RE said it created its Cyber for Auto product through its U.S.-based subsidiary HSB to help consumers respond to cyber exposure they face through their use of connected]]> 2024-03-27T15:24:27+00:00 https://therecord.media/insurer-introduces-policy-covering-drivers-from-connected-car-hacks www.secnews.physaphae.fr/article.php?IdArticle=8471452 False Ransomware None 3.0000000000000000 HackRead - Chercher Cyber Par waqas Comme le montre HackRead.com, le gang de ransomware Inc prétend avoir obtenu les dossiers des patients dans le cadre de leur cyberattaque. Ceci est un article de HackRead.com Lire la publication originale: Inc Ransomware frappe NHS Scotland, menace la fuite de données de patients de 3 To

---

>By Waqas As seen by Hackread.com, the INC ransomware gang claims to have obtained patient records as part of their cyberattack. This is a post from HackRead.com Read the original post: INC Ransomware Hits NHS Scotland, Threatens Leak of 3TB Patient Data]]> 2024-03-27T15:18:03+00:00 https://www.hackread.com/inc-ransomware-nhs-scotland-3tb-patient-data-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8471450 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future La cyber commandement des États-Unis et la National Security Agency n'identifieront pas les derniers dirigeants de leur groupe de travail conjoint de sécurité électorale, en partie pour les protéger des menaces et le harcèlement que d'autres responsables électoraux ont reçu pour être associé à de tels travaux.Dans un écart par rapport aux cycles électoraux précédents, aucune des deux organisations ne publiera

---

U.S. Cyber Command and the National Security Agency will not identify the latest leaders of their joint election security task force, in part to shield them from the threats and harassment other election officials have received for merely being associated with such work. In a departure from previous election cycles, neither organization will publicize]]> 2024-03-27T15:14:39+00:00 https://therecord.media/nsa-cyber-command-election-security-task-force-leaders-2024 www.secnews.physaphae.fr/article.php?IdArticle=8471453 False None None 3.0000000000000000 Silicon - Site de News Francais 2024-03-27T14:52:27+00:00 https://www.silicon.fr/logiciels-libres-sill-premier-trimestre-2024-477205.html www.secnews.physaphae.fr/article.php?IdArticle=8471448 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future ]]> 2024-03-27T14:51:04+00:00 https://therecord.media/vietnam-securities-broker-cyberattack-vndirect www.secnews.physaphae.fr/article.php?IdArticle=8471418 False None None 3.0000000000000000 Global Security Mag - Site de news francais vulnérabilité de sécurité

---

An attacker can create a memory leak of the Linux kernel, via memcg, in order to trigger a denial of service. - Security Vulnerability]]> 2024-03-27T14:40:03+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-linux-kernel-memory-leak-via-memcg-analyzed-on.html www.secnews.physaphae.fr/article.php?IdArticle=8472086 False Vulnerability None 2.0000000000000000 Recorded Future - FLux Recorded Future Un projet de loi complet sur la confidentialité des données qui inclut les normes de minimisation les plus difficiles du pays est sur le point d'adopter la législature de l'État du Maryland, donnant aux défenseurs de l'espoir que des projets de loi similaires suivront à l'échelle nationale.Le Maryland Online Data Privacy Act a adopté à la fois la Chambre et le Sénat de l'État et se rendront bientôt à un comité de conférence

---

A comprehensive data privacy bill that includes the country\'s toughest data minimization standards is on the cusp of passing the Maryland state legislature, giving advocates hope that similar bills will follow nationwide. The Maryland Online Data Privacy Act has passed both the state\'s House and Senate, and will soon go to a conference committee]]> 2024-03-27T14:31:53+00:00 https://therecord.media/lawmakers-set-sights-on-data-minimization-with-new-bills www.secnews.physaphae.fr/article.php?IdArticle=8471419 False Conference None 3.0000000000000000 Korben - Bloger francais 2024-03-27T14:27:59+00:00 https://korben.info/neuralink-premier-patient-joue-civilization-vi-nuit-implant-cerebral.html www.secnews.physaphae.fr/article.php?IdArticle=8471454 False None None 3.0000000000000000 HackRead - Chercher Cyber Par uzair amir La couche de confidentialité V2 de COTI \\ sécurise la dynamique de Civic \\, permettant aux utilisateurs de contrôler leurs données et de conformité réglementaire sans couture. Ceci est un article de HackRead.com Lire le post original: COTI et Civic Partner pour donner aux utilisateurs de soi-même de leur identité numérique

---

>By Uzair Amir COTI\'s V2 confidentiality layer secures Civic\'s Dynamic DID, empowering users with control over their data and seamless regulatory compliance. This is a post from HackRead.com Read the original post: COTI and Civic Partner to Give Users Self-sovereignty of Their Digital Identity]]> 2024-03-27T14:03:53+00:00 https://www.hackread.com/coti-civic-partner-users-self-sovereignty-digital-identity/ www.secnews.physaphae.fr/article.php?IdArticle=8471389 False None None 3.0000000000000000 Dark Reading - Informationweek Branch IT teams can better withstand scrutiny by helping their board understand risks and how they are fixed, as well as explaining their long-term vision for risk management.]]> 2024-03-27T14:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/getting-security-remediation-on-boardroom-agenda www.secnews.physaphae.fr/article.php?IdArticle=8471390 False None None 3.0000000000000000