This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T09:18:00+00:00 www.secnews.physaphae.fr We Live Security - Editeur Logiciel Antivirus ESET Struggle to know how to help children and teens stay safe in cyberspace? A good ol\' fashioned chat is enough to put them on the right track.]]> 2024-03-25T10:30:00+00:00 https://www.welivesecurity.com/en/kids-online/cybersecurity-starts-home-children-open-conversations/ www.secnews.physaphae.fr/article.php?IdArticle=8470790 False None None 3.0000000000000000 HackRead - Chercher Cyber Par owais sultan Entrer dans le monde dynamique des crypto-monnaies est assez excitant.Mais on peut facilement être submergé par le montant & # 8230; Ceci est un article de HackRead.com Lire le post original: Guide étape par étape pour créer votre premier portefeuille crypto

---

>By Owais Sultan Entering the dynamic world of cryptocurrencies is pretty exciting. But one can easily get overwhelmed with the amount… This is a post from HackRead.com Read the original post: Step-by-Step Guide to Creating Your First Crypto Wallet]]> 2024-03-25T10:15:16+00:00 https://www.hackread.com/step-by-step-guide-create-first-crypto-wallet/ www.secnews.physaphae.fr/article.php?IdArticle=8470098 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2024-03-25T10:03:45+00:00 https://www.zataz.com/les-pieges-des-investissements-en-ligne-comprendre-et-eviter-les-arnaques-financieres/ www.secnews.physaphae.fr/article.php?IdArticle=8470070 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-25T10:00:44+00:00 https://www.globalsecuritymag.fr/sysdream-lance-nis-2-ready.html www.secnews.physaphae.fr/article.php?IdArticle=8470073 False None None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC up for grabs by the other side, and can (and will) arm them to launch attacks of unprecedented sophistication and elusiveness, the likes of which we’ve thankfully never seen up to now. How do we wield this impressive technology to fortify our defenses, while preventing it from falling into the wrong hands? Can such a thing even be accomplished? Join me below as we take a closer look at how AI’s rapid rise is changing the landscape of cybersecurity. AI as a Defense Tool AI is a reliable navigator for charting the digital deluge—it has the ability to handle vast quantities of information rapidly on a level that no human could ever hope to match. It doesn’t take a huge leap to come to the conclusion that those capabilities can very easily be leveraged for defense. Automated Threat Detection Think of AI as the ever-watchful eye, tirelessly scanning the horizon for signs of trouble in the vast sea of data. Its capability to detect threats with speed and precision beyond human ken is our first line of defense against the shadows that lurk in the network traffic, camouflaged in ordinary user behavior, or embedded within the seemingly benign activities of countless applications. AI isn’t just about spotting trouble; it’s about understanding it. Through machine learning, it constructs models that learn from the DNA of malware, enabling it to recognize new variants that bear the hallmarks of known threats. This is akin to recognizing an enemy’s tactics, even if their strategy evolves. All of what I’ve said also here applies to incident response—with AI’s ability to automatically meet threats head-on making a holistic cybersecurity posture both easier to achieve and less resource-intensive for organizations of all sizes. Predictive Analytics By understanding the patterns and techniques used in previous breaches, AI models can predict where and how cybercriminals might strike next. This foresight enables organizations to reinforce their defenses before an attack occurs, transforming cybersecurity from a reactive discipline into a proactive strategy that helps prevent breaches rather than merely responding to them. The sophistication of predictive analytics lies in its use of diverse data sources, including threat intelligence feeds, anomaly detection reports, and global cybersecurity trends. This comprehensive view allows AI systems to identify correlations and causations that might elude human analysts. Phishing Detection and Email Filtering AI has stepped up as a pivotal ally in the ongoing skirmish against phishing and other forms of social engineering attacks, which too often lay the groundwork for more invasive security breaches. Through meticulous analysis of email content, context, and even the]]> 2024-03-25T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/decoding-the-cybersecurity-implications-of-ais-rapid-advancement www.secnews.physaphae.fr/article.php?IdArticle=8470065 False Spam,Tool,Vulnerability,Threat,Prediction,Technical Deloitte 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Law enforcers have arrested nine suspected members of a prolific cyber-fraud gang]]> 2024-03-25T10:00:00+00:00 https://www.infosecurity-magazine.com/news/police-bust-holiday-fraud-gang/ www.secnews.physaphae.fr/article.php?IdArticle=8470066 False Legislation None 2.0000000000000000 Recorded Future - FLux Recorded Future Les États-Unis devraient créer un cyber-service distinct après des années de mauvais recrutement, le manque de coordination par les branches militaires existantes et l'absence globale de culture pour les guerriers numériques du pays, selon un rapport d'un groupe de réflexion influent.«Des années après avoir désigné le cyberespace comme domaine de lutte contre la guerre, les dirigeants doivent reconnaître l'écriture sur

---

The U.S. should create a separate cyber service following years of poor recruitment, lack of coordination by the existing military branches and overall absence of culture for the country\'s digital warriors, according to a report from an influential think tank. “Years after designating cyberspace as a warfighting domain, leaders must acknowledge the writing on]]> 2024-03-25T10:00:00+00:00 https://therecord.media/military-cyber-force-study-fdd www.secnews.physaphae.fr/article.php?IdArticle=8470069 False None None 2.0000000000000000 SecurityWeek - Security News Michael Sulmeyer a été nominé par la Maison Blanche en tant que premier secrétaire adjoint à la défense pour la cyber politique au Pentagone.

---

>Michael Sulmeyer has been nominated by the White House as the first assistant secretary of defense for cyber policy at the Pentagon. ]]> 2024-03-25T10:00:00+00:00 https://www.securityweek.com/white-house-nominates-first-assistant-secretary-of-defense-for-cyber-policy/ www.secnews.physaphae.fr/article.php?IdArticle=8470097 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

LogRhythm Partners with Dataproof Communications to Deliver End-to-End Cyber Resilience in Africa The partnership enables Dataproof to provide affordable and efficient cybersecurity to rapidly develop digital economies across Africa - Business News]]> 2024-03-25T09:49:25+00:00 https://www.globalsecuritymag.fr/logrhythm-partners-with-dataproof-communications.html www.secnews.physaphae.fr/article.php?IdArticle=8470074 False None None 3.0000000000000000 Global Security Mag - Site de news francais Interviews / INCYBER 2024]]> 2024-03-25T09:38:38+00:00 https://www.globalsecuritymag.fr/ferhat-kaddour-atempo-les-backups-sont-desormais-des-elements-actifs-de-vos.html www.secnews.physaphae.fr/article.php?IdArticle=8470075 False Cloud None 2.0000000000000000 Sekoia - Cyber Firms Tycoon 2FA est devenu l'un des kits de phishing AITM les plus répandus au cours des derniers mois. la publication Suivante Tycoon 2FA: une analyse approfondie de la dernière version du kit de phishing AITM est un article de SEKOIA.IO BLOG .

---

>Tycoon 2FA has become one of the most widespread AiTM phishing kits over the last few months. La publication suivante Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit est un article de Sekoia.io Blog.]]> 2024-03-25T09:30:00+00:00 https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/ www.secnews.physaphae.fr/article.php?IdArticle=8470063 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Mandiant observes what it claims is the first ever APT29 campaign aimed at political parties]]> 2024-03-25T09:30:00+00:00 https://www.infosecurity-magazine.com/news/russian-cozy-bear-group-targets/ www.secnews.physaphae.fr/article.php?IdArticle=8470067 False None APT 29 3.0000000000000000 Silicon - Site de News Francais 2024-03-25T09:24:51+00:00 https://www.silicon.fr/souverainete-numerique-longue-marche-chine-477087.html www.secnews.physaphae.fr/article.php?IdArticle=8470068 False None None 2.0000000000000000 Korben - Bloger francais Suite]]> 2024-03-25T09:00:00+00:00 https://korben.info/un-vpn-est-il-toujours-indispensable.html www.secnews.physaphae.fr/article.php?IdArticle=8470126 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-25T08:22:07+00:00 https://www.globalsecuritymag.fr/vertiv-lance-vertiv-tm-modular-designer-lite.html www.secnews.physaphae.fr/article.php?IdArticle=8470042 False None None 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-03-25T08:19:08+00:00 https://www.globalsecuritymag.fr/td-synnex-lance-citadel.html www.secnews.physaphae.fr/article.php?IdArticle=8470043 False Tool None 2.0000000000000000 Global Security Mag - Site de news francais affaires

---

Airbus übernimmt INFODAS und stärkt Cybersicherheits-Portfolio - Business]]> 2024-03-25T08:05:49+00:00 https://www.globalsecuritymag.fr/airbus-ubernimmt-infodas.html www.secnews.physaphae.fr/article.php?IdArticle=8470016 True None None 1.00000000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Airbus to acquire INFODAS and strengthen its cybersecurity portfolio - Business News]]> 2024-03-25T08:04:26+00:00 https://www.globalsecuritymag.fr/airbus-to-acquire-infodas.html www.secnews.physaphae.fr/article.php?IdArticle=8470017 False None None 2.0000000000000000 Korben - Bloger francais 2024-03-25T08:00:00+00:00 https://korben.info/outil-prise-notes-intelligence-artificielle-reor-project.html www.secnews.physaphae.fr/article.php?IdArticle=8470040 False None None 3.0000000000000000 Global Security Mag - Site de news francais Entretiens

---

The Impact of Quantum Computing on the Future of Cyber Security Interview with CEO, Feras Tappuni - Interviews]]> 2024-03-25T07:56:32+00:00 https://www.globalsecuritymag.fr/the-impact-of-quantum-computing-on-the-future-of-cyber-security.html www.secnews.physaphae.fr/article.php?IdArticle=8470018 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Google\'s new AI-powered \'Search Generative Experience\' algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams. [...]]]> 2024-03-25T07:32:16+00:00 https://www.bleepingcomputer.com/news/google/googles-new-ai-search-results-promotes-sites-pushing-malware-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8470225 False Spam,Malware,Mobile None 2.0000000000000000 ComputerWeekly - Computer Magazine 2024-03-25T06:58:00+00:00 https://www.computerweekly.com/news/366575214/Britains-democracy-under-threat-from-Chinese-cyber-attackers-government-warns www.secnews.physaphae.fr/article.php?IdArticle=8470096 False Threat None 3.0000000000000000 ProofPoint - Cyber Firms 2024-03-25T06:00:56+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/dangling-dns-mitigating-impersonation-risk www.secnews.physaphae.fr/article.php?IdArticle=8470148 False Malware,Threat,Cloud None 3.0000000000000000 The State of Security - Magazine Américain In an era characterized by relentless digital transformation and interconnectedness, cybersecurity has evolved into a complex and dynamic battleground. Businesses, governments, and individuals find themselves locked in a perpetual struggle against a relentless flood of evolving threats. From sophisticated cybercriminal syndicates to state-sponsored hackers and opportunistic threat actors, our adversaries are as diverse as they are determined. As technology advances and society increasingly relies on digital infrastructure, the attack surface expands, providing bad actors with many entry points...]]> 2024-03-25T03:55:55+00:00 https://www.tripwire.com/state-of-security/managed-cybersecurity-services-secure-modern-environments www.secnews.physaphae.fr/article.php?IdArticle=8470041 False Threat None 2.0000000000000000 CybeReason - Vendor blog Aujourd'hui, les entreprises accélèrent pour investir dans la numérisation pour rester en avance sur la concurrence.Ils rencontrent de plus en plus un paysage en évolution des menaces et des défis de sécurité complexes - avec plus de charges de travail dans des nuages multiples, plus de main-d'œuvre dans des environnements hybrides et des appareils plus intelligents liés dans les opérations critiques de la mission.Ce parcours de transformation est exacerbé par une augmentation exponentielle des ressources de calcul, des volumes de données et des outils de sécurité, ce qui fait augmenter le coût du stockage, de la gestion et de l'analyse des données à des fins de sécurité.

---

Today enterprises are accelerating to invest into digitalization to stay ahead of competition. They are increasingly encountering an evolving threat landscape and complex security challenges - with more workloads in multi clouds, more workforces in hybrid environments, and more intelligent devices connected in mission critical operations. This transformation journey is exacerbated by exponential increase in compute resources, data volumes and security tooling, driving up the cost of storing, managing and analyzing the data for security purposes.]]> 2024-03-25T03:28:07+00:00 https://www.cybereason.com/blog/cybereasons-evolution-to-disrupt-beyond-siem-and-xdr-market www.secnews.physaphae.fr/article.php?IdArticle=8469949 False Threat None 2.0000000000000000 The State of Security - Magazine Américain In our interconnected world, the real estate industry has embraced technology to revolutionize its operations, enhance customer experiences, and streamline business processes. Yet, while this technological evolution has brought immense benefits to the property sector, it has also attracted the attention of nefarious actors keen on exploiting vulnerabilities. With high-value transactions occurring daily, the real estate sector has become a compelling target for attackers hoping to cash in on these opportunities. In addition, the pandemic fueled an almost overnight transition to remote work and...]]> 2024-03-25T02:32:03+00:00 https://www.tripwire.com/state-of-security/looming-cyber-threat-real-estate www.secnews.physaphae.fr/article.php?IdArticle=8470015 False Vulnerability,Threat None 2.0000000000000000 The Register - Site journalistique Anglais ALSO: Viasat hack wiper malware is back, users are the number one cause of data loss, and critical vulns Infosec in brief  If your Windows domain controllers have been crashing since a security update was installed earlier this month, there\'s no longer any need to speculate why: Microsoft has admitted it introduced a memory leak in its March patches and fixed the issue.…]]> 2024-03-25T01:15:21+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/25/microsoft_confirms_memory_leak_in/ www.secnews.physaphae.fr/article.php?IdArticle=8469882 False Malware,Hack None 3.0000000000000000 Resecurity - cyber risk firms 2024-03-25T00:00:00+00:00 https://www.resecurity.com/blog/article/cybercriminals-transform-raspberry-pi-into-a-tool-for-fraud-and-anonymization-geobox-discovery www.secnews.physaphae.fr/article.php?IdArticle=8470407 False Tool None 4.0000000000000000 Zataz - Magazine Francais de secu 2024-03-24T23:28:27+00:00 https://www.zataz.com/nouvelle-fuite-de-donnees-pour-twitterx-et-tiktok/ www.secnews.physaphae.fr/article.php?IdArticle=8469836 False None None 2.0000000000000000 Zataz - Magazine Francais de secu 2024-03-24T23:17:11+00:00 https://www.zataz.com/piratage-de-france-travail-voici-comment-les-pirates-ont-pu-operer/ www.secnews.physaphae.fr/article.php?IdArticle=8469837 False None None 4.0000000000000000 Zataz - Magazine Francais de secu 2024-03-24T22:40:33+00:00 https://www.zataz.com/les-comptes-x-de-bfmtv-rmc-etc-pirates/ www.secnews.physaphae.fr/article.php?IdArticle=8469812 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2024-03-24T22:29:15+00:00 https://www.zataz.com/un-pirate-inconnu-affirme-vendre-la-base-de-donnees-de-la-fff/ www.secnews.physaphae.fr/article.php?IdArticle=8469813 False None None 3.0000000000000000 The Register - Site journalistique Anglais 2024-03-24T18:37:11+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/24/loop_ip_vulnerable/ www.secnews.physaphae.fr/article.php?IdArticle=8469723 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Interviews / INCYBER 2024]]> 2024-03-24T16:08:19+00:00 https://www.globalsecuritymag.fr/bernard-montel-tenable-face-a-la-sophistication-croissante-des-cybermenaces-les.html www.secnews.physaphae.fr/article.php?IdArticle=8469678 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, and Europe. According]]> 2024-03-24T11:08:00+00:00 https://thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html www.secnews.physaphae.fr/article.php?IdArticle=8469454 False Malware,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office (aka Bundeskriminalamt or BKA) said it seized the digital infrastructure associated with the darknet service located in Germany and Lithuania and confiscated €94,000 ($102,107)]]> 2024-03-24T10:54:00+00:00 https://thehackernews.com/2024/03/german-police-seize-nemesis-market-in.html www.secnews.physaphae.fr/article.php?IdArticle=8469431 False Legislation None 2.0000000000000000 Bleeping Computer - Magazine Américain A new large-scale StrelaStealer malware campaign has impacted over a hundred organizations across the United States and Europe, attempting to steal email account credentials. [...]]]> 2024-03-24T10:19:38+00:00 https://www.bleepingcomputer.com/news/security/over-100-us-and-eu-orgs-targeted-in-strelastealer-malware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8470226 False Malware None 2.0000000000000000 The Register - Site journalistique Anglais Just 35.5M names, addresses, emails, phone numbers … no biggie Clothing and footwear giant VF Corporation is letting 35.5 million of its customers know they may find themselves victims of identity theft following last year\'s security breach.…]]> 2024-03-24T10:08:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/24/vans_breach_disclosure/ www.secnews.physaphae.fr/article.php?IdArticle=8469545 False None None 2.0000000000000000 Korben - Bloger francais 2024-03-24T08:00:00+00:00 https://korben.info/outil-black-python-nouvelles-fonctionnalites-preview-amelioration-code.html www.secnews.physaphae.fr/article.php?IdArticle=8469500 False None None 2.0000000000000000 Zataz - Magazine Francais de secu 2024-03-23T23:47:13+00:00 https://www.zataz.com/medias-sociaux-et-cybersecurite/ www.secnews.physaphae.fr/article.php?IdArticle=8470934 False None None 2.0000000000000000 Techworm - News 2024-03-23T21:28:48+00:00 https://www.techworm.net/2024/03/hackers-unlock-3-million-hotel-doors.html www.secnews.physaphae.fr/article.php?IdArticle=8469128 False Tool,Vulnerability,Mobile,Technical None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Amid escalating cybersecurity concerns within the maritime sector, U.S. President Joe Biden recently signed an Executive Order (EO)... ]]> 2024-03-23T20:42:59+00:00 https://industrialcyber.co/features/escalating-maritime-cyber-threats-pushes-federal-government-to-take-proactive-steps-safeguard-national-security/ www.secnews.physaphae.fr/article.php?IdArticle=8469231 False Industrial None 3.0000000000000000 Bleeping Computer - Magazine Américain Opera has reported a substantial 164% increase in new European Union users on iOS devices after Apple introduced a new feature to comply with the EU\'s Digital Markets Act (DMA). [...]]]> 2024-03-23T12:59:46+00:00 https://www.bleepingcomputer.com/news/technology/opera-sees-big-jump-in-eu-users-on-ios-android-after-dma-update/ www.secnews.physaphae.fr/article.php?IdArticle=8469140 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia\'s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which said Midnight Blizzard (aka APT29, BlueBravo, or]]> 2024-03-23T11:33:00+00:00 https://thehackernews.com/2024/03/russian-hackers-use-wineloader-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8468914 False Malware APT 29 2.0000000000000000 Wired Threat Level - Security News Plus: The Biden administration warns of nationwide attacks on US water systems, a new Russian wiper malware emerges, and China-linked hackers wage a global attack spree.]]> 2024-03-23T10:00:00+00:00 https://www.wired.com/story/apple-m-chip-flaw-leak-encryption-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8468982 False Malware None 2.0000000000000000 Korben - Bloger francais 2024-03-23T08:00:00+00:00 https://korben.info/jan-open-source-chatgpt-alternative-hors-ligne-personnalisable.html www.secnews.physaphae.fr/article.php?IdArticle=8468959 False None ChatGPT 2.0000000000000000 Global Security Mag - Site de news francais Interviews / affiche, INCYBER 2024]]> 2024-03-22T23:30:00+00:00 https://www.globalsecuritymag.fr/ayman-khalil-red-alert-labs-face-aux-risques-croissants-sur-les-iot-nous.html www.secnews.physaphae.fr/article.php?IdArticle=8468384 False None None 2.0000000000000000 Global Security Mag - Site de news francais Interviews / affiche, INCYBER 2024]]> 2024-03-22T23:30:00+00:00 https://www.globalsecuritymag.fr/eric-fries-allentis-la-menace-n-a-pas-vraiment-evolue-dans-sa-technique-mais.html www.secnews.physaphae.fr/article.php?IdArticle=8468611 False None None 2.0000000000000000 The Register - Site journalistique Anglais Crew may well be working under contract for Beijing Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised US defense organizations, UK government agencies, and hundreds of other entities, according to Mandiant.…]]> 2024-03-22T22:02:48+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/22/china_f5_connectwise_unc5174/ www.secnews.physaphae.fr/article.php?IdArticle=8468711 False None None 2.0000000000000000 Dark Reading - Informationweek Branch New AcidPour variant can attack a significantly broader range of targets including IoT devices, storage area networks, and handhelds.]]> 2024-03-22T21:58:48+00:00 https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-releases-more-deadly-variant-of-acidrain-wiper-malware www.secnews.physaphae.fr/article.php?IdArticle=8468712 False Malware None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain découverte , ainsi qu'une centaine d'autres espèces. Comme d'habitude, vous pouvez également utiliser ce post de calmar pour parler des histoires de sécurité dans les nouvelles que je n'ai pas couvertes. . Lisez mes directives de publication de blog ici .

---

A new species of squid was discovered, along with about a hundred other species. As usual, you can also use this squid post to talk about the security stories in the news that I haven\'t covered. Read my blog posting guidelines here.]]> 2024-03-22T21:03:52+00:00 https://www.schneier.com/blog/archives/2024/03/friday-squid-blogging-new-species-of-squid-discovered.html www.secnews.physaphae.fr/article.php?IdArticle=8468686 False None None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) [Consultez la rédaction de Microsoft \\ sur Secret Blizzard ici.] (Https://sip.security.microsoft.com/intel-Profils / 01d15f655c45c517f52235d63932fb377c319176239426681412afb01bf39dcc?) #### URL de référence (s) 1. https://blog.talosintelligence.com/tinyturla-full-kill-chain/ #### Date de publication 21 mars 2024 #### Auteurs) Asheer Malhotra Holger Unterbrink Vitor Ventura Arnaud Zobec

---

#### Description Cisco Talos and CERT.NGO have provided updates on an ongoing campaign by the Russian espionage group, Turla (tracked by Microsoft as Secret Blizzard), revealing the entire kill chain used by the group, including tactics like stealing information and spreading through infected networks. The attackers targeted a European NGO, infecting multiple systems, establishing persistence, and evading anti-virus products before deploying their TinyTurla-NG implant for data exfiltration and network pivoting. Turla\'s post-compromise activities involve configuring anti-virus exclusions, setting up persistence through batch files, and deploying TinyTurla-NG and a custom Chisel beacon for reconnaissance and exfiltration. Despite initial compromise dates in October 2023, the majority of data exfiltration occurred in January 2024, highlighting the persistence and stealth of Turla\'s operations. > [Check out Microsoft\'s write-up on Secret Blizzard here.](https://sip.security.microsoft.com/intel-profiles/01d15f655c45c517f52235d63932fb377c319176239426681412afb01bf39dcc?) #### Reference URL(s) 1. https://blog.talosintelligence.com/tinyturla-full-kill-chain/ #### Publication Date March 21, 2024 #### Author(s) Asheer Malhotra Holger Unterbrink Vitor Ventura Arnaud Zobec ]]> 2024-03-22T21:01:12+00:00 https://community.riskiq.com/article/bf6723e9 www.secnews.physaphae.fr/article.php?IdArticle=8468727 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Un comité des Nations Unies a déclaré qu'il enquêtait sur 58 cyberattaques qui auraient été dirigées par des pirates nord-coréens qui permettaient aux attaquants de ratisser environ 3 milliards de dollars sur une période de six ans.Dans un rapport publié le 7 mars, les experts des Nations Unies ont déclaré qu'ils avaient suivi l'activité des «acteurs de cyber-starreat subordonnés au Bureau général de reconnaissance (RVB), y compris

---

A United Nations panel said it is investigating 58 cyberattacks allegedly conducted by North Korean hackers that allowed attackers to rake in about $3 billion over a six-year span. In a report released March 7, the U.N. experts said they tracked the activity of “cyberthreat actors subordinate to the Reconnaissance General Bureau (RGB), including]]> 2024-03-22T20:06:05+00:00 https://therecord.media/north-korea-cryptocurrency-hacks-un-experts www.secnews.physaphae.fr/article.php?IdArticle=8468687 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Amazon Web Services CISO Chris Betz explains why generative AI is both a time-saving tool as well as a double-edged sword.]]> 2024-03-22T20:00:00+00:00 https://www.darkreading.com/cloud-security/aws-ciso-cloud-customers-need-secure-ai-workloads www.secnews.physaphae.fr/article.php?IdArticle=8468737 False Tool None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber La nouvelle législation du sénateur Mark Warner intervient alors que les groupes de soins de santé disent qu'ils s'opposeraient à de telles propositions.

---

>The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proposals. ]]> 2024-03-22T19:47:43+00:00 https://cyberscoop.com/cybersecurity-minimum-standards-change-healthcare-mark-warner/ www.secnews.physaphae.fr/article.php?IdArticle=8468662 False Legislation,Medical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. "These campaigns come in the form of spam emails with attachments that eventually]]> 2024-03-22T19:38:00+00:00 https://thehackernews.com/2024/03/new-strelastealer-phishing-attacks-hit.html www.secnews.physaphae.fr/article.php?IdArticle=8468556 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims\' sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.]]> 2024-03-22T19:15:00+00:00 https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html www.secnews.physaphae.fr/article.php?IdArticle=8468499 False Vulnerability None 3.0000000000000000 Krebs on Security - Chercheur Américain The nonprofit organization that supports the Firefox web browser said today it is winding down its new partnership with Onerep, an identity protection service recently bundled with Firefox that offers to remove users from hundreds of people-search sites. The move comes just days after a report by KrebsOnSecurity forced Onerep\'s CEO to admit that he has founded dozens of people-search networks over the years.]]> 2024-03-22T19:02:41+00:00 https://krebsonsecurity.com/2024/03/mozilla-drops-onerep-after-ceo-admits-to-running-people-search-networks/ www.secnews.physaphae.fr/article.php?IdArticle=8468635 False None None 1.00000000000000000000 Dark Reading - Informationweek Branch The security update comes just weeks after the release of iOS 17.4, but Apple has not included CVEs or information about the fixes.]]> 2024-03-22T18:40:14+00:00 https://www.darkreading.com/vulnerabilities-threats/apple-is-sparse-with-details-in-latest-ios-update www.secnews.physaphae.fr/article.php?IdArticle=8468636 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced this week the availability of the Repository for Software... ]]> 2024-03-22T18:31:09+00:00 https://industrialcyber.co/cisa/cisa-publishes-repository-for-software-attestation-and-artifacts-to-reduce-federal-government-cyber-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8468637 False None None 2.0000000000000000 HackRead - Chercher Cyber Par waqas en utilisant un site Web WordPress?Recherchez des logiciels malveillants Sign1! Ceci est un article de HackRead.com Lire le post original: Des milliers de sites Web WordPress piratés avec de nouveaux logiciels malveillants Sign1

---

>By Waqas Using a Wordpress website? Lookout for Sign1 malware! This is a post from HackRead.com Read the original post: Thousands of WordPress Websites Hacked with New Sign1 Malware]]> 2024-03-22T18:04:29+00:00 https://www.hackread.com/wordpress-websites-hacked-new-sign1-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8468609 False Malware None 2.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-03-22T17:44:37+00:00 https://www.globalsecuritymag.fr/les-hackers-de-synacktiv-piratent-la-tesla-et-remportent-200-000-de-prime-et.html www.secnews.physaphae.fr/article.php?IdArticle=8468612 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le groupe a peut-être cherché des informations sur le changement de sentiments européens sur l'Ukraine, suggèrent les analystes de menaces.

---

>The group may have been seeking insights on shifting European sentiments on Ukraine, threat analysts suggest. ]]> 2024-03-22T17:44:37+00:00 https://cyberscoop.com/cozy-bear-russia-spearphishing-germany/ www.secnews.physaphae.fr/article.php?IdArticle=8468608 False Threat None 4.0000000000000000 Recorded Future - FLux Recorded Future Un groupe de piratage lié au service de renseignement étranger de la Russie (SVR) vise les partis politiques allemands, selon une alerte de la société de cybersécurité Mandiant.L'Allemagne, qui a fourni un soutien militaire substantiel à l'Ukraine, a dû faire face à des menaces d'espionnage persistantes de la Russie depuis le début de l'invasion de l'Ukraine.Cette semaine, procureurs allemands

---

A hacking group linked to Russia\'s Foreign Intelligence Service (SVR) is targeting German political parties, according to an alert from cybersecurity company Mandiant. Germany, which has provided a substantial amount of military support to Ukraine, has faced persistent espionage threats from Russia since the beginning of the invasion of Ukraine. This week German prosecutors]]> 2024-03-22T17:03:47+00:00 https://therecord.media/german-political-parties-russia-espionage-svr www.secnews.physaphae.fr/article.php?IdArticle=8468583 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Uteus or Uetus), describing it as a "former]]> 2024-03-22T16:58:00+00:00 https://thehackernews.com/2024/03/china-linked-group-breaches-networks.html www.secnews.physaphae.fr/article.php?IdArticle=8468470 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent variant of the malware is estimated to have infected no less than 2,500 sites over the past two months alone, Sucuri said in a report published this week. The attacks entail injecting rogue]]> 2024-03-22T16:57:00+00:00 https://thehackernews.com/2024/03/massive-sign1-campaign-infects-39000.html www.secnews.physaphae.fr/article.php?IdArticle=8468471 False Malware None 2.0000000000000000 Recorded Future - FLux Recorded Future La décision de Meta \\ de fermer sa division Crowdtangle - un outil qui suit le contenu sur les réseaux sociaux - a augmenté la colère de plus de 100 groupes de recherche et de défense qui disent qu'il rendra plus difficile la lutte contre la désinformation.Des groupes tels que la Fondation Mozilla, le Center for Democracy and Technology and Access maintenant envoyés

---

Meta\'s decision to close its CrowdTangle division - a tool that tracks content across social media - has raised the ire of more than 100 research and advocacy groups who say it will make it harder to fight disinformation. Groups including the Mozilla Foundation, the Center for Democracy and Technology and Access Now sent]]> 2024-03-22T16:46:46+00:00 https://therecord.media/meta-to-shutter-crowdtangle-disinformation-tracking-tool-before-election www.secnews.physaphae.fr/article.php?IdArticle=8468584 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network footholds, and malware attacks as a direct result of user error. With the capabilities of the]]> 2024-03-22T16:45:00+00:00 https://thehackernews.com/2024/03/implementing-zero-trust-controls-for.html www.secnews.physaphae.fr/article.php?IdArticle=8468437 False Malware None 2.0000000000000000 Recorded Future - FLux Recorded Future Un comté de l'Illinois à la frontière avec l'Iowa est le dernier gouvernement local aux États-Unis à être victime d'une attaque de ransomware.Le comté de Henry est confronté à une large cyberattaque depuis le 18 mars, Mat Schnepple, directeur du bureau de gestion des urgences (OEM) dans le comté d'Henry, a confirmé les futures nouvelles enregistrées.Le comté \\ s

---

An Illinois county on the border with Iowa is the latest local government in the U.S. to fall victim to a ransomware attack. Henry County has been dealing with a wide-ranging cyberattack since March 18, Mat Schnepple, director of the Emergency Management (OEM) office in Henry County, confirmed to Recorded Future News. The county\'s]]> 2024-03-22T16:22:27+00:00 https://therecord.media/illinois-county-gov-college-hit-with-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8468585 False Ransomware None 2.0000000000000000 Silicon - Site de News Francais 2024-03-22T16:14:20+00:00 https://www.silicon.fr/strategie-nationale-cloud-iaas-477076.html www.secnews.physaphae.fr/article.php?IdArticle=8468581 False Cloud None 2.0000000000000000 SonarSource - Blog Sécu et Codage Leveraging Sonar solutions to ensure code security by design]]> 2024-03-22T16:00:00+00:00 https://www.sonarsource.com/blog/dora-compliance-for-financial-entities www.secnews.physaphae.fr/article.php?IdArticle=8468313 False None None 2.0000000000000000 IT Security Guru - Blog Sécurité 2024-03-22T15:58:04+00:00 https://www.itsecurityguru.org/2024/03/22/miwic2024-chelsea-jarvie-ciso-and-director-at-neon-circle/?utm_source=rss&utm_medium=rss&utm_campaign=miwic2024-chelsea-jarvie-ciso-and-director-at-neon-circle www.secnews.physaphae.fr/article.php?IdArticle=8468553 True None None 2.0000000000000000 Bleeping Computer - Magazine Américain Researchers are warning that a notorious hacking group linked to Russia\'s Foreign Intelligence Service (SVR) is targeting political parties in Germany for the first time, shifting their focus away from the typical targeting of diplomatic missions. [...]]]> 2024-03-22T15:27:56+00:00 https://www.bleepingcomputer.com/news/security/russian-hackers-target-german-political-parties-with-wineloader-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8468661 False Malware None 2.0000000000000000 Recorded Future - FLux Recorded Future Les plus grandes frappes aériennes de la Russie sur les infrastructures critiques ukrainiennes ont laissé près de 1,5 million de personnes sans pouvoir pendant la nuit et vendredi. & NBSP;La Russie a tiré un total de 150 missiles et drones, endommageant les installations énergétiques à travers le pays, dont plusieurs centrales thermiques et la plus grande centrale hydroélectrique de l'Ukraine. & NBSP;La connectivité Internet dans le pays a également été affectée

---

Russia\'s largest air strikes yet on Ukrainian critical infrastructure left nearly 1.5 million people without power overnight and into Friday.  Russia fired a total of 150 missiles and drones, damaging energy facilities across the country, including several thermal power plants and Ukraine\'s largest hydroelectric power station.  Internet connectivity in the country was also affected]]> 2024-03-22T15:27:09+00:00 https://therecord.media/massive-missile-russian-barrage-internet-outages-blackouts www.secnews.physaphae.fr/article.php?IdArticle=8468554 False None None 3.0000000000000000 Nextron - Blog Secu 2024-03-22T15:25:02+00:00 https://www.nextron-systems.com/2024/03/22/unveiling-kamikakabot-malware-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8468550 False Malware None 3.0000000000000000 SecurityWeek - Security News Le Rhysida Ransomware Group a pris le crédit de la cyberattaque sur Marinemax et propose de vendre des données volées pour 15 Bitcoin.

---

>The Rhysida ransomware group has taken credit for the cyberattack on MarineMax and is offering to sell stolen data for 15 bitcoin. ]]> 2024-03-22T15:20:41+00:00 https://www.securityweek.com/ransomware-group-takes-credit-for-attack-on-boat-dealer-marinemax/ www.secnews.physaphae.fr/article.php?IdArticle=8468555 False Ransomware None 2.0000000000000000 The Register - Site journalistique Anglais Short of rearchitecting hardware, the fix will seriously degrade performance Apple is having its own Meltdown/Spectre moment with a new side-channel vulnerability found in the architecture of Apple Silicon processors that gives malicious apps the ability to extract cryptographic keys. …]]> 2024-03-22T15:03:26+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/22/hardwarelevel_apple_silicon_vulnerability_can/ www.secnews.physaphae.fr/article.php?IdArticle=8468523 False Vulnerability None 2.0000000000000000 Fortinet - Fabricant Materiel Securite To strengthen cyber resiliency, the federal government should work effectively with the private sector and share information. Read more.]]> 2024-03-22T15:00:00+00:00 https://www.fortinet.com/blog/ciso-collective/strengthening-cyber-resiliency-through-collaboration www.secnews.physaphae.fr/article.php?IdArticle=8468571 False None None 2.0000000000000000 Fortinet - Fabricant Materiel Securite Read how ZTNA as a key component of SASE provides a much higher level of cybersecurity and reduces risks for WFA users and their organizations.]]> 2024-03-22T15:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/sase-delivered-zero-trust-is-a-must-for-hybrid-workforce www.secnews.physaphae.fr/article.php?IdArticle=8468570 False None None 2.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-03-22T14:59:14+00:00 https://www.globalsecuritymag.fr/secuserve-et-avant-de-cliquer-unissent-leurs-forces-pour-repondre-aux-besoins.html www.secnews.physaphae.fr/article.php?IdArticle=8468529 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le département américain de la sécurité intérieure (DHS) et la Direction générale des communications, les réseaux, le contenu et ... de la Commission européenne \ \ \ la Commission européenne pour les communications, les réseaux, le contenu et ...

---

>The U.S. Department of Homeland Security (DHS) and the European Commission\'s Directorate General for Communications, Networks, Content, and... ]]> 2024-03-22T14:32:49+00:00 https://industrialcyber.co/news/us-eu-collaborate-on-comparative-analysis-of-cyber-incident-reporting-for-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8468526 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-03-22T14:32:38+00:00 https://www.silicon.fr/avis-expert/les-paquets-de-donnees-pilier-fondamental-de-la-cybersecurite www.secnews.physaphae.fr/article.php?IdArticle=8468528 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le Centre américain de partage et d'analyse de l'information sur la santé (Santé-ISAC) et l'Australian Critical Infrastructure & # 8211;Partage d'informations et ...

---

>The U.S. Health Information Sharing and Analysis Center (Health-ISAC) and the Australian Critical Infrastructure – Information Sharing and... ]]> 2024-03-22T14:32:35+00:00 https://industrialcyber.co/medical/us-australian-healthcare-agencies-sign-mou-to-collaborate-during-cyber-threats-for-australian-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8468527 False Medical None 2.0000000000000000 The Register - Site journalistique Anglais In wake of Post Office Horizon scandal, global execs set new profit target, and Irish ops fell short Exclusive  Fujitsu is effectively shuttering business operations in the Republic of Ireland and opening consultations with employee representatives before the majority of the workforce is made redundant.…]]> 2024-03-22T14:30:09+00:00 https://go.theregister.com/feed/www.theregister.com/2024/03/22/fujitsu_to_cease_operations_in_ireland/ www.secnews.physaphae.fr/article.php?IdArticle=8468524 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Strong code-signing best practices are an invaluable way to build trust in the development process and enable a more secure software supply chain.]]> 2024-03-22T14:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/8-strategies-enhancing-code-signing-security www.secnews.physaphae.fr/article.php?IdArticle=8468497 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine SentinelLabs researchers identified the malware as a new variant of AcidRain, which shut down thousands of Viasat satellites in Ukraine and Western Europe in 2022]]> 2024-03-22T13:45:00+00:00 https://www.infosecurity-magazine.com/news/acidpour-wiper-linux-ukraine/ www.secnews.physaphae.fr/article.php?IdArticle=8468496 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Beleaguered social media platform now faces scrutiny by the Kenyan government over cybersecurity and data privacy.]]> 2024-03-22T13:22:43+00:00 https://www.darkreading.com/cyber-risk/kenya-to-tiktok-prove-compliance-with-our-privacy-laws www.secnews.physaphae.fr/article.php?IdArticle=8468498 False None None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite La mise en œuvre d'une posture de sécurité zéro fiducie est une meilleure pratique attendue, mais les plates-formes peuvent différer considérablement en matière d'efficacité de sécurité, de facilité d'utilisation et d'étendue des capacités.Miercom, une principale société de tests de réseau indépendante et de sécurité, a évalué les cinq principales plates-formes de sécurité pour comparer les performances de chaque fournisseur pour les cas d'utilisation de la fiducie Zero Trust.Le point de contrôle a obtenu les notes supérieures dans toutes les catégories de l'évaluation de la plate-forme Zero Trust.Axe x: admin & # 38;Expérience utilisateur / axe Y: Tailles de cercle des fournisseurs d'efficacité de sécurité reflète l'exhaustivité de la plate-forme & # 38;Étendue par rapport aux autres fournisseurs Qu'est-ce que Zero Trust?Une architecture de sécurité zéro fiducie est conçue pour réduire la cybersécurité [& # 8230;]

---

>Implementing a Zero Trust security posture is an expected best practice, but platforms can differ considerably in security effectiveness, ease-of-use, and breadth of capabilities. Miercom, a leading independent network and security testing firm, evaluated the top five security platforms to compare each vendor\'s performance for common Zero Trust enterprise use cases. Check Point achieved top ratings across all categories in the Zero Trust Platform Assessment. X-axis: Admin & User Experience / Y-axis: Security Efficacy Vendor circle sizes reflect platform Completeness & Breadth relative to other vendors What is Zero Trust? A Zero Trust security architecture is designed to reduce cybersecurity […] ]]> 2024-03-22T13:00:04+00:00 https://blog.checkpoint.com/security/top-zero-trust-platforms-evaluated-by-miercom-check-point-ranks-1/ www.secnews.physaphae.fr/article.php?IdArticle=8468463 False None None 2.0000000000000000 SecurityWeek - Security News Over 39,000 websites have been infected with the Sign1 malware that redirects visitors to scam domains. ]]> 2024-03-22T13:00:02+00:00 https://www.securityweek.com/39000-websites-infected-in-sign1-malware-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8468495 False Malware None 2.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Netskope est fier d'annoncer les lauréats du prix du partenaire de l'année de cette année.Nos partenaires sont essentiels à notre succès, et nous sommes ravis de reconnaître leurs contributions incroyables. & # 160;Cette année, le programme de récompenses de \\ célèbre les partenaires qui vont au-delà pour aider les organisations à adopter le pouvoir de la sase et à sécuriser leur parcours cloud.[& # 8230;]

---

>Netskope is proud to announce this year\'s Global Partner of the Year award winners. Our partners are essential to our success, and we are thrilled to recognize their incredible contributions.  This year\'s awards program celebrates partners who are going above and beyond to help organizations embrace the power of SASE and secure their cloud journey. […] ]]> 2024-03-22T13:00:00+00:00 https://www.netskope.com/blog/congratulations-to-the-netskope-2024-global-partner-award-winners www.secnews.physaphae.fr/article.php?IdArticle=8468464 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Scammers now use AI to instantly whip up SEO-friendly bereavement scams, and it\'s never been easier to swindle mourners or use them to get to their employers.]]> 2024-03-22T13:00:00+00:00 https://www.darkreading.com/threat-intelligence/why-ai-obituary-scams-cyber-risk-businesses www.secnews.physaphae.fr/article.php?IdArticle=8468468 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-03-22T12:52:19+00:00 https://www.silicon.fr/redis-change-licence-477072.html www.secnews.physaphae.fr/article.php?IdArticle=8468494 False None None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET The second half of 2023 saw massive growth in AceCryptor-packed malware spreading in the wild, including courtesy of multiple spam campaigns where AceCryptor packed the Rescoms RAT]]> 2024-03-22T12:21:34+00:00 https://www.welivesecurity.com/en/videos/acecryptor-attacks-europe-week-security-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8469364 False Spam,Malware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The joint advisory sets out how to mitigate and respond to DDoS attacks, limiting disruption to critical services]]> 2024-03-22T12:20:00+00:00 https://www.infosecurity-magazine.com/news/us-ddos-attack-guidance-public/ www.secnews.physaphae.fr/article.php?IdArticle=8468466 False None None 2.0000000000000000 Cisco - Security Firm Blog Delve into the world of Cisco XDR Playbooks, enhancing security operations with strategic guides and automation for robust incident response.]]> 2024-03-22T12:00:34+00:00 https://feedpress.me/link/23535/16628302/introducing-cisco-xdr-playbooks www.secnews.physaphae.fr/article.php?IdArticle=8468434 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Les pirates russes soutenus par l'État sont probablement à l'origine d'attaques récentes contre quatre petits fournisseurs d'Internet ukrainiens, perturbant leurs opérations pendant plus d'une semaine.Un groupe connu sous le nom de Solntsepek a revendiqué la responsabilité des incidents sur sa chaîne Telegram la semaine dernière.Des responsables ukrainiens ont déclaré à Future News que les preuves impliquaient le groupe, qui est également censé

---

Russian state-backed hackers are likely behind recent attacks on four small Ukrainian internet providers, disrupting their operations for more than a week. A group known as Solntsepek claimed responsibility for the incidents on its Telegram channel last week. Ukrainian officials told Recorded Future News that evidence implicates the group, which is also believed to]]> 2024-03-22T11:59:36+00:00 https://therecord.media/ukraine-isps-attacks-solntsepek-sandworm-gru www.secnews.physaphae.fr/article.php?IdArticle=8468467 False None None 2.0000000000000000 IT Security Guru - Blog Sécurité Cybaverse lance une nouvelle plate-forme pour rationaliser la gestion de la cybersécurité pour les organisations et les MSP apparu pour la première fois sur gourou de la sécurité informatique .

---

Cybaverse, a cyber security services provide based in the south of England, has launched two new platforms to help end-user organisations and MSPs manage security more efficiently. Cybaverse.ai  has been designed to streamline cyber security management, offering end-users with the ability to manage all their security efforts in one place, while MSPs can integrate the […] The post Cybaverse launches new platform to streamline cyber security management for organisations and MSPs first appeared on IT Security Guru. ]]> 2024-03-22T11:47:46+00:00 https://www.itsecurityguru.org/2024/03/22/cybaverse-launches-new-platform-to-streamline-cyber-security-management-for-organisations-and-msps/?utm_source=rss&utm_medium=rss&utm_campaign=cybaverse-launches-new-platform-to-streamline-cyber-security-management-for-organisations-and-msps www.secnews.physaphae.fr/article.php?IdArticle=8468436 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining, among others, security and privacy of users when messaging non-iPhone users. "Apple wraps itself in a cloak of privacy, security, and consumer preferences to justify its anticompetitive]]> 2024-03-22T11:44:00+00:00 https://thehackernews.com/2024/03/us-justice-department-sues-apple-over.html www.secnews.physaphae.fr/article.php?IdArticle=8468337 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A new side-channel attack called "GoFetch" impacts Apple M1, M2, and M3 processors and can be used to steal secret cryptographic keys from data in the CPU\'s cache. [...]]]> 2024-03-22T11:01:56+00:00 https://www.bleepingcomputer.com/news/security/new-gofetch-attack-on-apple-silicon-cpus-can-steal-crypto-keys/ www.secnews.physaphae.fr/article.php?IdArticle=8468525 False None None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Détails .Il est de 2 millions de dollars de moins qu'en 2022, mais il est encore beaucoup beaucoup. La récompense la plus élevée pour un rapport de vulnérabilité en 2023 était de 113 337 $, tandis que le décompte total depuis le lancement du programme en 2010 a atteint 59 millions de dollars. Pour Android, le système d'exploitation mobile le plus populaire et le plus largement utilisé, le programme a accordé plus de 3,4 millions de dollars. Google a également augmenté le montant maximal de récompense pour les vulnérabilités critiques concernant Android à 15 000 $, ce qui a augmenté les rapports communautaires. Au cours des conférences de sécurité comme ESCAL8 et Hardwea.io, Google a attribué 70 000 $ pour 20 découvertes critiques dans le système d'exploitation Android et Android Automotive et 116 000 $ pour 50 rapports concernant les problèmes dans Nest, Fitbit et Wearables ...

---

BleepingComputer has the details. It’s $2M less than in 2022, but it’s still a lot. The highest reward for a vulnerability report in 2023 was $113,337, while the total tally since the program’s launch in 2010 has reached $59 million. For Android, the world’s most popular and widely used mobile operating system, the program awarded over $3.4 million. Google also increased the maximum reward amount for critical vulnerabilities concerning Android to $15,000, driving increased community reports. During security conferences like ESCAL8 and hardwea.io, Google awarded $70,000 for 20 critical discoveries in Wear OS and Android Automotive OS and another $116,000 for 50 reports concerning issues in Nest, Fitbit, and Wearables...]]> 2024-03-22T11:01:39+00:00 https://www.schneier.com/blog/archives/2024/03/google-pays-10m-in-bug-bounties-in-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8468408 False Vulnerability,Studies,Mobile None 3.0000000000000000