This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:28:17+00:00 www.secnews.physaphae.fr RedCanary - Red Canary Cloud security is a rapidly accelerating challenge for security operations-a trend highlighted in our 2025 Threat Detection Report.]]> 2025-03-20T17:42:00+00:00 https://redcanary.com/blog/security-operations/google-wiz-acquisition/ www.secnews.physaphae.fr/article.php?IdArticle=8657008 False Threat,Prediction,Cloud None 3.0000000000000000 HackRead - Chercher Cyber Citizen Lab\'s investigation reveals sophisticated spyware attacks exploiting WhatsApp vulnerabilities, implicating Paragon Solutions. Learn how their research exposed these threats and the implications for digital privacy.]]> 2025-03-20T17:33:43+00:00 https://hackread.com/israeli-spyware-graphite-hit-whatsapp-0-click-exploit/ www.secnews.physaphae.fr/article.php?IdArticle=8657010 False Vulnerability,Threat None 4.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T17:14:08+00:00 https://www.zataz.com/une-banque-de-sperme-piratee-donnees-personnelles-volees/ www.secnews.physaphae.fr/article.php?IdArticle=8657011 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity isn\'t just another checkbox on your business agenda. It\'s a fundamental pillar of survival. As organizations increasingly migrate their operations to the cloud, understanding how to protect your digital assets becomes crucial. The shared responsibility model, exemplified through Microsoft 365\'s approach, offers a framework for comprehending and implementing effective cybersecurity]]> 2025-03-20T16:55:00+00:00 https://thehackernews.com/2025/03/how-to-protect-your-business-from-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8656927 False Cloud None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T16:49:30+00:00 https://www.zataz.com/pekin-accuse-taiwan-de-cyberattaques-massives-la-guerre-numerique-sintensifie/ www.secnews.physaphae.fr/article.php?IdArticle=8656998 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Researchers at Cisco Talos identified a hacking operation against Taiwan that appears to overlap with Chinese state-backed campaigns known as Volt Typhoon and Flax Typhoon.]]> 2025-03-20T16:45:20+00:00 https://therecord.media/taiwan-critical-infrastructure-hacking-uat-5918 www.secnews.physaphae.fr/article.php?IdArticle=8657000 False None Guam 3.0000000000000000 Dark Reading - Informationweek Branch The UNC-200 threat group, active since last summer, has been utilizing the Signal messaging app to social engineer targets into downloading an infostealing remote access Trojan.]]> 2025-03-20T16:41:35+00:00 https://www.darkreading.com/cyberattacks-data-breaches/ukraine-defense-sector-attack-dark-crystal-rat www.secnews.physaphae.fr/article.php?IdArticle=8657001 False Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The FishMonger APT Group has been linked with I-SOON, targeting governments, NGOs and think tanks in cyber-espionage campaigns]]> 2025-03-20T16:30:00+00:00 https://www.infosecurity-magazine.com/news/fishmonger-apt-group-linked-isoon/ www.secnews.physaphae.fr/article.php?IdArticle=8656996 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are likely customers of spyware developed by Israeli company Paragon Solutions, according to a new report from The Citizen Lab. Paragon, founded in 2019 by Ehud Barak and Ehud Schneorson, is the maker of a surveillance tool called Graphite that\'s capable of harvesting sensitive data from instant messaging applications]]> 2025-03-20T16:26:00+00:00 https://thehackernews.com/2025/03/six-governments-likely-use-israeli.html www.secnews.physaphae.fr/article.php?IdArticle=8656908 False Hack,Tool None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T16:14:14+00:00 https://www.zataz.com/des-hackers-piratent-un-systeme-de-trading-ia-100-000-e-derobes/ www.secnews.physaphae.fr/article.php?IdArticle=8656999 False None None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2025-03-20T16:14:11+00:00 https://blog.incogni.com/ai-sextortion-scam-march-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8656995 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T15:52:48+00:00 https://www.zataz.com/logiciels-espions-six-nouveaux-pays-suspectes-dutiliser-graphite-de-paragon-solutions/ www.secnews.physaphae.fr/article.php?IdArticle=8656979 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T15:45:31+00:00 https://www.zataz.com/le-congres-face-a-un-dilemme-reautoriser-la-loi-sur-le-partage-dinformations-en-cybersecurite/ www.secnews.physaphae.fr/article.php?IdArticle=8656980 False Legislation None 2.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2025-03-20T15:37:54+00:00 https://www.globalsecuritymag.fr/les-entreprises-francaises-face-au-risque-croissant-des-cyberattaques.html www.secnews.physaphae.fr/article.php?IdArticle=8656983 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Regulatory compliance is no longer just a concern for large enterprises. Small and mid-sized businesses (SMBs) are increasingly subject to strict data protection and security regulations, such as HIPAA, PCI-DSS, CMMC, GDPR, and the FTC Safeguards Rule. However, many SMBs struggle to maintain compliance due to limited IT resources, evolving regulatory requirements, and complex security challenges]]> 2025-03-20T15:30:00+00:00 https://thehackernews.com/2025/03/why-continuous-compliance-monitoring-is.html www.secnews.physaphae.fr/article.php?IdArticle=8656893 False None None 3.0000000000000000 CyberSecurityVentures - cybersecurity services La montée en puissance des fusions et acquisitions dans l'industrie MSP et MSSP - Jeff Hill, directeur principal des fournisseurs de services Americas et MSSP chez Stellar Cyber ​​San Jose, Californie - 20 mars 2025 C'est une période passionnante pour les fournisseurs de services, avec beaucoup de fusion et

---

>The Rise of Mergers and Acquisitions in the MSP and MSSP Industry – Jeff Hill, Senior Director Americas Service Providers and MSSP at Stellar Cyber San Jose, Calif. – Mar. 20, 2025 It\'s an exciting time for service providers, with a lot of merger and ]]> 2025-03-20T15:21:18+00:00 https://cybersecurityventures.com/navigating-mssp-growth-mergers-acquisitions-and-strategic-differentiation/ www.secnews.physaphae.fr/article.php?IdArticle=8656974 False None None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain grave : Une attaque sophistiquée de la chaîne d'approvisionnement en cascade a compromis plusieurs actions GitHub, exposant des secrets CI / CD critiques sur des dizaines de milliers de référentiels. L'attaque, qui a ciblé à l'origine l'utilité «TJ-Action / Files modifiée» largement utilisée, est désormais provenant d'une violation antérieure de l'action Github «ReviewDog / Action-Settup @ v1», selon un rapport. […] CISA a confirmé que la vulnérabilité a été corrigée dans la version 46.0.1. Étant donné que l'utilité est utilisée par plus de 23 000 référentiels GitHub, l'ampleur de l'impact potentiel a déclenché une alarme significative dans toute la communauté des développeurs ...

---

This is serious: A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally targeted the widely used “tj-actions/changed-files” utility, is now believed to have originated from an earlier breach of the “reviewdog/action-setup@v1” GitHub Action, according to a report. […] CISA confirmed the vulnerability has been patched in version 46.0.1. Given that the utility is used by more than 23,000 GitHub repositories, the scale of potential impact has raised significant alarm throughout the developer community...]]> 2025-03-20T15:14:23+00:00 https://www.schneier.com/blog/archives/2025/03/critical-github-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8656976 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity security flaw impacting NAKIVO Backup & Replication software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability in question is CVE-2024-48248 (CVSS score: 8.6), an absolute path traversal bug that could allow an unauthenticated attacker to]]> 2025-03-20T15:13:00+00:00 https://thehackernews.com/2025/03/cisa-adds-nakivo-vulnerability-to-kev.html www.secnews.physaphae.fr/article.php?IdArticle=8656894 False Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais Opinion

---

Apple won\'t build a backdoor – yet iOS apps leak secrets anyway - Opinion]]> 2025-03-20T15:06:34+00:00 https://www.globalsecuritymag.fr/apple-won-t-build-a-backdoor-yet-ios-apps-leak-secrets-anyway.html www.secnews.physaphae.fr/article.php?IdArticle=8656962 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future The U.K. National Cyber Security Centre issued new guidance to help organizations transition to cryptographic algorithms and protocols that can protect data threatened by quantum computing.]]> 2025-03-20T15:04:36+00:00 https://therecord.media/uk-ncsc-quantum-resistant-algorithms-transition www.secnews.physaphae.fr/article.php?IdArticle=8656982 False None None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite La croissance explosive de l'IA transforme les entreprises et les fournisseurs de cloud, créant une demande sans précédent d'infrastructure d'IA sécurisée et haute performance. Chez NVIDIA GTC 2025, Check Point partagera comment il intègre la plate-forme NVIDIA Cybersecurity AI pour sécuriser la prochaine génération d'infrastructures cloud AI à grande échelle.  Les défis de sécurité uniques des centres de données sur les nuages ​​d'IA sont des centres de données cloud IA représentent un passage fondamental des centres de données traditionnels à l'informatique accélérée. Ces centres de données sur le cloud d'IA sont parfois appelés «usines d'IA» car ils se concentrent spécifiquement sur la création, le développement et la livraison de capacités d'IA qui alimentent l'innovation entre les industries. […]

---

>The explosive growth of AI is transforming enterprises and cloud providers alike, creating unprecedented demand for secure, high-performance AI infrastructure. At NVIDIA GTC 2025, Check Point will share how it is integrating the NVIDIA Cybersecurity AI platform to secure the next generation of AI cloud infrastructure at scale.  The Unique Security Challenges of AI Cloud Data Centers AI Cloud Data Centers represent a fundamental shift from traditional data centers to accelerated computing. These AI Cloud Data Centers are sometimes called “AI factories” because they focus specifically on the creation, development, and delivery of AI capabilities that power innovation across industries. […] ]]> 2025-03-20T15:00:34+00:00 https://blog.checkpoint.com/security/securing-nvidia-ai-cloud-data-centers-with-the-next-wave-in-real-time-runtime-security/ www.secnews.physaphae.fr/article.php?IdArticle=8656964 False Cloud None 2.0000000000000000 Global Security Mag - Site de news francais Business News

---

Zimperium Warns: Mobile Rooting and Jailbreaking Still a Major Security Threat - Business News]]> 2025-03-20T14:56:40+00:00 https://www.globalsecuritymag.fr/zimperium-warns-mobile-rooting-and-jailbreaking-still-a-major-security-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8656963 False Threat,Mobile None 3.0000000000000000 HackRead - Chercher Cyber A new Zimperium report reveals that rooted Android phones and jailbroken iOS devices face growing threats, with advanced toolkits making detection nearly impossible for cybersecurity researchers.]]> 2025-03-20T14:53:40+00:00 https://hackread.com/rooted-androids-breached-even-iphones-not-safe/ www.secnews.physaphae.fr/article.php?IdArticle=8656958 False Mobile None 3.0000000000000000 knowbe4 - cybersecurity services Notre dernier Rapport des tendances de la menace de phishing href = "https://www.knowbe4.com/resource-center/phishing"> phishing paysage en 2025, des tactiques renouvelées aux techniques d'attaque émergentes.

---

Our latest Phishing Threat Trends Report explores the evolving phishing landscape in 2025, from renewed tactics to emerging attack techniques.]]> 2025-03-20T14:28:47+00:00 https://blog.knowbe4.com/key-takeaways-from-the-2025-phishing-threat-trends-report www.secnews.physaphae.fr/article.php?IdArticle=8656957 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'équipe de recherche et de conseil Cyfirma a découvert les ransomwares de vanhels tout en surveillant divers forums souterrains dans le cadre de ...

---

>The CYFIRMA research and advisory team uncovered the VanHelsing ransomware while monitoring various underground forums as part of... ]]> 2025-03-20T14:22:26+00:00 https://industrialcyber.co/ransomware/vanhelsing-ransomware-uses-double-extortion-on-us-french-government-manufacturing-pharma-sectors/ www.secnews.physaphae.fr/article.php?IdArticle=8656966 False Ransomware None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The EN 18031 series of standards has been published in the Official Journal of the European Union as... ]]> 2025-03-20T14:14:15+00:00 https://industrialcyber.co/regulation-standards-and-compliance/en-18031-the-stepping-stone-for-product-security-standardization/ www.secnews.physaphae.fr/article.php?IdArticle=8656967 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Trend Micro chercheurs a découvert et signalé le défaut de huit ans à Microsoft il y a six mois. L'entreprise n'a pas pris d'engage à corriger ou à résoudre le problème.

---

>Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn\'t made any commitments to patch or remediate the issue. ]]> 2025-03-20T14:07:40+00:00 https://cyberscoop.com/microsoft-windows-zero-day-exploits-nation-states/ www.secnews.physaphae.fr/article.php?IdArticle=8656960 False Vulnerability,Threat None 3.0000000000000000 Cyble - CyberSecurity Firm CVE-2025-1316 Cette vulnérabilité, identifiée le 4 mars 2025, est une vulnérabilité d'injection de commande OS qui permet aux attaquants d'exécuter à distance des commandes arbitraires sur l'appareil.   L'Edimax IC-7100 ne neutralise pas correctement les caractères spéciaux utilisés dans les commandes OS, le laissant ouvert à l'exploitation. malveillant Les acteurs peuvent élaborer des demandes spécifiques pour injecter un code malveillant dans le système d'exploitation de l'appareil photo \\, menant à l'exécution du code à distance et à l'accès inédite à l'appareil.  L'impact de cette vulnérabilité est grave, car il permet aux attaquants de prendre le contrôle de l'appareil, d'accès potentiellement à des données de surveillance vidéo sensibles ou de compromettre le réseau. Un score CVSS V4 de 9,3 a été attribué au CVE-2025-1316, indiquant la nature critique du défaut.   CISA recommande fortement que les organisations utilisant les caméras IP Edimax IC-7100 prennent des mesures immédiates pour atténuer le risque, y compris l'isolement du réseau, l'utilisation de ]]> 2025-03-20T14:07:29+00:00 https://cyble.com/blog/cisa-adds-cve-2025-1316-and-other-flaws/ www.secnews.physaphae.fr/article.php?IdArticle=8656938 False Vulnerability,Threat,Legislation None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.K. National Cyber Security Centre (NCSC) presented a strategic roadmap for key sectors and organisations as they... ]]> 2025-03-20T14:06:49+00:00 https://industrialcyber.co/regulation-standards-and-compliance/uk-ncsc-guidance-focuses-on-quantum-resistant-encryption-to-protect-critical-sectors-by-2035/ www.secnews.physaphae.fr/article.php?IdArticle=8656943 False None None 2.0000000000000000 Cyble - CyberSecurity Firm Overview  The Europol released the EU-SOCTA 2025 report, which offers a comprehensive look into the complex dynamics shaping serious and organized crime across Europe.  Europol\'s analysis provides insight into the increasing intersection of cybercriminal activities, hybrid threats, and the exploitation of emerging technologies. Criminals are rapidly adapting to digital advancements, using technology to expand their reach, enhance their capabilities, and evade law enforcement, the reports said.  Hybrid Threats: A Blurring of Crime and Conflict  Hybrid threats, which combine conventional criminal methods with advanced digital strategies, present significant risks. These tactics destabilize societies, exploit critical infrastructures, and create uncertainty.   Criminal organizations now leverage methods traditionally associated with state-backed actors, including disinformation campaigns, targeted cyberattacks, and manipulation of public opinion. By exploiting vulnerabilities of interconnected systems, these actors disrupt supply chains, compromise sensitive data, and manipulate information on a large scale.  The blending of state-backed espionage and organized crime blurs the line between geopolitical conflict and tra]]> 2025-03-20T14:02:25+00:00 https://cyble.com/blog/hybrid-threats-eu-socta-2025-report/ www.secnews.physaphae.fr/article.php?IdArticle=8656939 False Malware,Tool,Vulnerability,Threat,Legislation,Medical None 2.0000000000000000 Recorded Future - FLux Recorded Future New York City police recently launched the Drones as First Responders program, which quickly gives officers an aerial view at the site of an emergency call. Privacy and civil liberties groups are questioning how much police can see and how the high-resolution footage is handled.]]> 2025-03-20T14:01:44+00:00 https://therecord.media/nypd-drones-as-first-responders-911-calls-privacy-surveillance www.secnews.physaphae.fr/article.php?IdArticle=8656959 False Legislation None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Pipeline operations are essential for the transportation of oil, gas, and other critical resources and, in light of... ]]> 2025-03-20T14:01:43+00:00 https://industrialcyber.co/regulation-standards-and-compliance/strengthening-pipeline-security-a-guide-for-ot-professionals-on-tsa-pipeline-security-directives-and-the-2024-notice-of-proposed-rules/ www.secnews.physaphae.fr/article.php?IdArticle=8656944 False Industrial None 3.0000000000000000 Zimperium - cyber risk firms for mobile Notre équipe ZLABS plonge pour pourquoi l'enracinement et le jailbreak sont une menace importante pour les entreprises et bien plus encore.

---

>Our zLabs team dives into why rooting and jailbreaking is a significant threat for enterprises and much more. ]]> 2025-03-20T14:00:00+00:00 https://www.zimperium.com/blog/catch-me-if-you-can-rooting-tools-vs-the-mobile-security-industry/ www.secnews.physaphae.fr/article.php?IdArticle=8656934 False Tool,Threat,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Answer: Nope. But let\'s look at the trends - because they matter for security.]]> 2025-03-20T14:00:00+00:00 https://www.darkreading.com/cybersecurity-operations/are-we-closing-gender-gap-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8656946 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Rooted devices are 250 times more vulnerable to security incidents, Zimperium warned]]> 2025-03-20T14:00:00+00:00 https://www.infosecurity-magazine.com/news/rooted-devices-250x-vulnerable/ www.secnews.physaphae.fr/article.php?IdArticle=8656945 False None None 2.0000000000000000 Dark Reading - Informationweek Branch HP\'s 8000 Series enterprise and commercial printers, which include Color LaserJet Enterprise MFP 8801, Mono MFP 8601, and LaserJet Pro Mono SFP 8501, will feature new quantum ASICs and endpoint controllers to protect them from future quantum attacks.]]> 2025-03-20T13:44:14+00:00 https://www.darkreading.com/endpoint-security/hp-brings-quantum-safe-encryption-printers www.secnews.physaphae.fr/article.php?IdArticle=8656968 False Commercial None 3.0000000000000000 Korben - Bloger francais surtout 17 euros en ce moment sur Amazon, à ce prix là vous allez en prendre 10.]]> 2025-03-20T13:21:22+00:00 https://korben.info/ce-airtag-au-format-carte-de-credit-est-rechargeable-et-ca-change-tout.html www.secnews.physaphae.fr/article.php?IdArticle=8656947 False None None 2.0000000000000000 The Register - Site journalistique Anglais Wow, a government project that could be on time for once ... cos it\'s gonna be wayyyy more than a decade The UK\'s National Cyber Security Centre (NCSC) today started the post-quantum cryptography (PQC) countdown clock by claiming organizations have ten years to migrate to a safer future.…]]> 2025-03-20T13:15:05+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/20/ncsc_post_quantum_cryptogrpahy/ www.secnews.physaphae.fr/article.php?IdArticle=8656937 False None None 3.0000000000000000 Global Security Mag - Site de news francais Business]]> 2025-03-20T13:02:39+00:00 https://www.globalsecuritymag.fr/integrity360-se-developpe-en-france-avec-l-acquisition-de-holiseum.html www.secnews.physaphae.fr/article.php?IdArticle=8656920 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Alors que les organisations cherchent à accélérer leurs opérations cloud, garantissant des performances de réseau sécurisées et rapides à Azure Virtual Wan est devenue d'une importance cruciale. Vérifier la sécurité du réseau CloudGuard a désormais mis à disposition des VPN améliorés de site à site qui simplifie les architectures de réseau Virtual Virtual Azure, l'amélioration des performances et la réduction des coûts. Architecture typique avec passerelle VPN Azure Jusqu'à présent, les connexions VPN Site-to-site ont requis la terminaison à une passerelle Azure VPN avant de se acheminer vers une passerelle de sécurité tierce comme le réseau CloudGuard Security (Fig 1). Nouvelle architecture VPN Direct Connect Now CloudGuard Network Security Site-to-site VPN fournit aux clients Azure une connectivité directe sur site pour vérifier le point […]

---

>As organizations seek to accelerate their cloud operations, ensuring secure and fast network performance to Azure Virtual WAN has become critically important. Check Point CloudGuard Network Security has now made available enhanced site-to-site VPN that simplifies Azure Virtual WAN network architectures, improving performance and lowering costs. Typical Architecture with Azure VPN Gateway Until now, VPN site-to-site connections required termination at an Azure VPN gateway before routing to a 3rd party security gateway like Check Point CloudGuard Network Security (Fig 1). New Direct Connect VPN Architecture Now CloudGuard Network Security Site-to-Site VPN provides Azure customers direct on-premises connectivity to Check Point […] ]]> 2025-03-20T13:00:31+00:00 https://blog.checkpoint.com/securing-the-network/check-point-accelerates-site-to-site-vpn-for-azure-virtual-wan/ www.secnews.physaphae.fr/article.php?IdArticle=8656936 False Cloud None 2.0000000000000000 Global Security Mag - Site de news francais Business News

---

ThreatAware has been honoured as the winner of the Best Product Award at the Annual Cyber Security Awards 2025 Winners Honoured at the Cyber Security Awards Dinner and Presentation at One Moorgate Place, London on Wednesday 12th March 2025 - Business News]]> 2025-03-20T13:00:29+00:00 https://www.globalsecuritymag.fr/threataware-has-been-honoured-as-the-winner-of-the-best-product-award-at-the.html www.secnews.physaphae.fr/article.php?IdArticle=8656921 False None None 2.0000000000000000 TechRepublic - Security News US Upgrade your laptop setup with a 13.3" second screen for easier multitasking - now $179.99 with code DISPLAY20.]]> 2025-03-20T13:00:06+00:00 https://www.techrepublic.com/article/mobile-pixels-portable-laptop-monitor/ www.secnews.physaphae.fr/article.php?IdArticle=8656940 False Hack None 3.0000000000000000 Dark Reading - Informationweek Branch Both Android devices and iPhones are 3.5 times more likely to be infected with malware once "broken" and 250 times more likely to be totally compromised, recent research shows.]]> 2025-03-20T13:00:00+00:00 https://www.darkreading.com/endpoint-security/mobile-jailbreaks-corporate-risk www.secnews.physaphae.fr/article.php?IdArticle=8656919 False Malware,Mobile None 3.0000000000000000 Fortinet - Fabricant Materiel Securite FortiGuard Labs reveals critical insights into the nature of recent phishing trends. Learn more.]]> 2025-03-20T13:00:00+00:00 https://www.fortinet.com/blog/threat-research/real-time-anti-phishing-essential-defense-against-evolving-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8656935 False None None 3.0000000000000000 Korben - Bloger francais ce YouTuber a réussi à faire tourner Half-Life 2 sur l’équivalent graphique d’une calculatrice scientifique…]]> 2025-03-20T12:55:33+00:00 https://korben.info/half-life-2-60-fps-8mo-vram-downgrade-ultime.html www.secnews.physaphae.fr/article.php?IdArticle=8656925 False None None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2025-03-20T12:54:41+00:00 https://www.globalsecuritymag.fr/l-europe-face-a-la-menace-cyber-stoik-devoile-son-rapport-annuel-sur-la.html www.secnews.physaphae.fr/article.php?IdArticle=8656922 False None None 4.0000000000000000 Sygnia - CyberSecurity Firm À mesure que l'adoption de l'IA accélère, les principaux responsables de la sécurité de l'information (CISO) doivent naviguer sur de nouveaux risques de sécurité, des menaces alimentées par l'IA pour les défis de gouvernance interne. Découvrez comment l'IA est de remodeler les stratégies de cybersécurité.

---

>As AI adoption accelerates, Chief Information Security Officers (CISOs) must navigate new security risks, from AI-powered threats to internal governance challenges. Discover how AI is reshaping cybersecurity strategies. ]]> 2025-03-20T12:44:31+00:00 https://www.sygnia.co/blog/ai-driven-security-for-chief-information-security-officers/ www.secnews.physaphae.fr/article.php?IdArticle=8659351 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The UK\'s National Cyber Security Centre (NCSC) has published specific timelines on migrating to post-quantum cryptography (PQC), dictating that critical organizations should complete migration by 2035. [...]]]> 2025-03-20T12:23:47+00:00 https://www.bleepingcomputer.com/news/security/uk-urges-critical-orgs-to-adopt-quantum-cryptography-by-2035/ www.secnews.physaphae.fr/article.php?IdArticle=8656997 False None None 2.0000000000000000 Korben - Bloger francais Mode 7 de la Super Nintendo, cette technique de rotation et de mise à l’échelle de fonds qui a rendu F-ZERO et Mario Kart si impressionnants dès 1991, était l’une des armes fatales de Nintendo face à Sega. Qu’est ce que j’ai pu saigner ces 2 jeux d’ailleurs…]]> 2025-03-20T12:23:19+00:00 https://korben.info/g-zero-un-clone-de-f-zero-sur-mega-drive.html www.secnews.physaphae.fr/article.php?IdArticle=8656926 False None None 3.0000000000000000 SecurityWeek - Security News La Pennsylvania State Education Association affirme que les informations personnelles de plus de 500 000 personnes ont été volées dans une violation de données.

---

>Pennsylvania State Education Association says the personal information of over 500,000 individuals was stolen in a data breach. ]]> 2025-03-20T12:21:23+00:00 https://www.securityweek.com/500000-impacted-by-pennsylvania-teachers-union-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8656924 False Data Breach None 3.0000000000000000 ANSSI - Flux Étatique Francais anssiadm jeu 20/03/2025 - 12:11 L'outil " fuzzysully " est un fuzzer qui permet d'évaluer la sécurité de l'implémentation du protocole OPC UA utilisé dans le secteur industriel. Son code est désormais disponible pour tous. Dans sa mobilisation pour accroître le niveau de sécurité des systèmes d'information (SI) industriels, l'ANSSI souhaite favoriser et encourager l'adoption du protocole Open Platform Communications Unified Architecture (" OPC UA "). Le protocole OPC UA est un standard international, open source, définissant la communication entre les différents constituants d'un système d'information industriel. Ce standard, nativement sécurisé, ouvert et interopérable, est largement adopté par les organisations du secteur de l'industrie. L'Agence soutient activement l'utilisation de ce protocole au sein de l'écosystème numérique, notamment pour les SI industriels répondant à de forts enjeux de sécurité comme certains systèmes d'information d'importance vitale (SIIV) et certains systèmes d'information essentiels (SIE). Courant 2024, l'ANSSI a sous-traité à la société Quarkslab le développement de " fuzzysully ", un fuzzer pour le protocole OPC UA. L'ANSSI publie ce jour cet outil sur le dépôt Github de l'Agence. Cette publication s'inscrit dans la démarche générale de l'ANSSI visant à partager avec la communauté cyber les codes qu'elle produit et à accroître le niveau de sécurité des logiciels open source. L'Agence assurera le maintien en conditions de sécurité (MCS) de fuzzysully mais ne prévoit pas de le faire évoluer. L'ANSSI invite l'écosystème cyber à s'approprier cet outil de manière à évaluer la robustesse de différentes implémentations du protocole OPC UA et ainsi à participer à l'amélioration de la sécurité des SI industriels. Pour toutes remarques ou questions : industries [at] ssi.gouv.fr. ]]> 2025-03-20T12:11:53+00:00 https://cyber.gouv.fr/actualites/lanssi-partage-en-open-source-un-outil-de-test-du-protocole-industriel-opc-ua www.secnews.physaphae.fr/article.php?IdArticle=8656917 False Industrial None 4.0000000000000000 SlashNext - Cyber Firm Ce n'est pas un secret que les cybercriminels aiment exploiter notre confiance dans les marques bien connues. Des grands détaillants aux services en ligne populaires, les attaquants s'accrocheront à tout ce qui semble sûr. Dans cet article, nous explorerons un exemple réel de ceci: l'abus de l'application réelle de DocuSign \\ pour livrer des liens malveillants. Ensuite, nous plongerons dans la façon dont notre […] Le message comment les attaquants abusent des applications cloud et pourquoi une analyse d'Url est

---

>It\'s no secret that cybercriminals love to exploit our trust in well-known brands. From big-name retailers to popular online services, attackers will latch onto anything that seems safe. In this post, we will explore a real-life example of this: the abuse of DocuSign\'s actual application to deliver malicious links. Then, we\'ll dive into how our […] The post How Attackers Abuse Trusted Cloud Apps-and Why URL Analysis Matters first appeared on SlashNext.]]> 2025-03-20T12:00:38+00:00 https://slashnext.com/blog/how-attackers-abuse-trusted-cloud-apps-and-why-url-analysis-matters/ www.secnews.physaphae.fr/article.php?IdArticle=8656910 False Threat,Cloud None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Bridewell has released its annual report on critical infrastructure security leaders\' perceived cybersecurity maturity and threats]]> 2025-03-20T12:00:00+00:00 https://www.infosecurity-magazine.com/news/uk-cni-survey-bridewell-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8656909 False None None 2.0000000000000000 Korben - Bloger francais o2switch –ter >}}– Article en partenariat avec o2switch –{{< /center >}} Hello, Alors comme vous le savez, depuis quelques mois, ce site est à 100% hébergé par o2switch, un super hébergeur qui en plus d’être pas très loin de chez moi, propose tout ce qu’il faut en termes d’offres et de serveurs pour que chacun puisse y héberger facilement son site. Alors perso, j’ai plusieurs serveurs dédiés chez eux, mais sachez que désormais, o2switch a repensé ses offres d’hébergement pour répondre aux différents besoins de tous les clients. Fini l’offre unique classique, place à 3 formules ultra compétitives qui s’adaptent à tous vos projets, que vous soyez débutant, en pleine croissance ou déjà sur les rails.]]> 2025-03-20T12:00:00+00:00 https://korben.info/o2switch-hebergement-wordpress-wp-tiger.html www.secnews.physaphae.fr/article.php?IdArticle=8656904 False None None 2.0000000000000000 Cisco - Security Firm Blog Cisco is proud to share the State of AI Security report covering key developments in AI security across threat intelligence, policy, and research.]]> 2025-03-20T12:00:00+00:00 https://blogs.cisco.com/security/cisco-introduces-the-state-of-ai-security-report-for-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8656903 False Threat None 3.0000000000000000 Korben - Bloger francais 2025-03-20T11:46:00+00:00 https://korben.info/atlas-robot-breakdancer-boston-dynamics-nvidia.html www.secnews.physaphae.fr/article.php?IdArticle=8656905 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of a new campaign that targets the defense sectors with Dark Crystal RAT (aka DCRat). The campaign, detected earlier this month, has been found to target both employees of enterprises of the defense-industrial complex and individual representatives of the Defense Forces of Ukraine. The activity involves]]> 2025-03-20T11:38:00+00:00 https://thehackernews.com/2025/03/cert-ua-warns-dark-crystal-rat-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8656852 False None None 2.0000000000000000 Korben - Bloger francais y’a quelques années. Si je vous en cause aujourd’hui c’est parce qu’après la démission en février dernier de Hector Martin, le fondateur du projet, c’est au tour de Asahi Lina, développeuse clé du projet, de quitter le navire.]]> 2025-03-20T10:38:30+00:00 https://korben.info/asahi-linux-perd-developpeur-gpu-avenir-incertain.html www.secnews.physaphae.fr/article.php?IdArticle=8656906 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain The compromise of GitHub Action tj-actions/changed-files has impacted only a small percentage of the 23,000 projects using it, with it estimated that only 218 repositories exposed secrets due to the supply chain attack. [...]]]> 2025-03-20T10:34:57+00:00 https://www.bleepingcomputer.com/news/security/github-action-supply-chain-attack-exposed-secrets-in-218-repos/ www.secnews.physaphae.fr/article.php?IdArticle=8656965 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine February\'s Operation Henhouse resulted in hundreds of arrests and the seizure of £7.5m]]> 2025-03-20T10:30:00+00:00 https://www.infosecurity-magazine.com/news/uk-police-arrest-422-major-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8656896 False Legislation None 2.0000000000000000 The State of Security - Magazine Américain What is the BlackLock ransomware? BlackLock is a relatively new ransomware group. First seen in March 2024, the ransomware operation initially operated under the name El Dorado, before rebranding as BlackLock late last year. BlackLock follows a RaaS (ransomware-as-a-service) business model, leasing its tools and infrastructure to affiliates who launch attacks, sharing a proportion of the proceeds with BlackLock. And I guess they do the normal thing of encrypting your data and demanding a ransom? Yes, like many other ransomware groups, BlackLock both encrypts victims\' files and exfiltrates data...]]> 2025-03-20T10:24:48+00:00 https://www.tripwire.com/state-of-security/blacklock-ransomware-what-you-need-know www.secnews.physaphae.fr/article.php?IdArticle=8656978 False Ransomware,Tool None 2.0000000000000000 SecurityWeek - Security News Les attaques impliquant des logiciels espions en graphite de Paragon \\ impliquaient un jour zero-jour qui pourrait être exploité sans aucune interaction utilisateur.

---

>Attacks involving Paragon\'s Graphite spyware involved a WhatsApp zero-day that could be exploited without any user interaction. ]]> 2025-03-20T10:00:00+00:00 https://www.securityweek.com/paragon-spyware-attacks-exploited-whatsapp-zero-day/ www.secnews.physaphae.fr/article.php?IdArticle=8656882 False Vulnerability,Threat None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET ESET researchers detail a global espionage operation by FishMonger, the APT group run by I‑SOON]]> 2025-03-20T10:00:00+00:00 https://www.welivesecurity.com/en/eset-research/operation-fishmedley/ www.secnews.physaphae.fr/article.php?IdArticle=8661302 False None None 4.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T09:51:12+00:00 https://www.zataz.com/lassureur-audita-victime-dune-cyberattaque/ www.secnews.physaphae.fr/article.php?IdArticle=8656885 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial U.S. President Donald Trump issued an Executive Order to enhance the ability of states, local governments, and citizens... ]]> 2025-03-20T09:45:46+00:00 https://industrialcyber.co/regulation-standards-and-compliance/trump-prioritizes-infrastructure-resilience-against-cyber-attacks-rolls-out-national-resilience-strategy/ www.secnews.physaphae.fr/article.php?IdArticle=8656883 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The Pennsylvania State Education Association (PSEA) has sent breach notifications to over 500,000 current and former members]]> 2025-03-20T09:45:00+00:00 https://www.infosecurity-magazine.com/news/half-million-hit-pennsylvania/ www.secnews.physaphae.fr/article.php?IdArticle=8656884 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Swiss global solutions provider Ascom has confirmed a cyberattack on its IT infrastructure as a hacker group known as Hellcat targets Jira servers worldwide using compromised credentials. [...]]]> 2025-03-20T09:44:15+00:00 https://www.bleepingcomputer.com/news/security/hellcat-hackers-go-on-a-worldwide-jira-hacking-spree/ www.secnews.physaphae.fr/article.php?IdArticle=8656941 False None None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2025-03-20T09:18:40+00:00 https://blog.incogni.com/how-to-unsubscribe-from-emails-on-gmail-in-bulk/ www.secnews.physaphae.fr/article.php?IdArticle=8656891 False None None 2.0000000000000000 Data Security Breach - Site de news Francais 2025-03-20T09:01:13+00:00 https://www.datasecuritybreach.fr/la-justice-annule-la-condamnation-de-paige-thompson-pour-le-piratage-de-capital-one/ www.secnews.physaphae.fr/article.php?IdArticle=8656878 False None None 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2025-03-20T08:56:59+00:00 https://www.globalsecuritymag.fr/keysight-presente-ai-network-visibility.html www.secnews.physaphae.fr/article.php?IdArticle=8656870 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités]]> 2025-03-20T08:56:27+00:00 https://www.globalsecuritymag.fr/multiples-vulnerabilites-dans-spring-security-20-mars-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8656984 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine New NCSC guidance sets out a three-phase migration to post-quantum cryptography, designed to ensure all systems are protected from quantum attacks by 2035]]> 2025-03-20T08:30:00+00:00 https://www.infosecurity-magazine.com/news/ncsc-post-quantum-cryptography/ www.secnews.physaphae.fr/article.php?IdArticle=8656869 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T08:27:16+00:00 https://www.zataz.com/des-raccourcis-windows-pieges-larme-secrete-des-hackers-detat-chinois-russes-et-nord-coreens/ www.secnews.physaphae.fr/article.php?IdArticle=8656871 False None None 1.00000000000000000000 Zataz - Magazine Francais de secu 2025-03-20T08:17:38+00:00 https://www.zataz.com/octov2-le-cheval-de-troie-bancaire-qui-se-cache-derriere-deepseek-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8656872 False Mobile None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial L'organisation à but non lucratif Mitre a annoncé qu'elle collaborerait avec NVIDIA pour faire avancer les réseaux sans fil Ai-Native, y compris pour 6G ....

---

>Non-profit organization MITRE announced that it will collaborate with NVIDIA to advance AI-native wireless networks, including for 6G.... ]]> 2025-03-20T07:58:48+00:00 https://industrialcyber.co/ai/mitre-nvidia-join-forces-to-revolutionize-wireless-networks-with-ai-native-technology-for-6g/ www.secnews.physaphae.fr/article.php?IdArticle=8656861 False None None 2.0000000000000000 Data Security Breach - Site de news Francais 2025-03-20T07:57:08+00:00 https://www.datasecuritybreach.fr/14508-2/ www.secnews.physaphae.fr/article.php?IdArticle=8656879 False None None 2.0000000000000000 Data Security Breach - Site de news Francais 2025-03-20T07:45:11+00:00 https://www.datasecuritybreach.fr/microsoft-coupe-les-ponts-huawei-bascule-sur-harmonyos-et-linux/ www.secnews.physaphae.fr/article.php?IdArticle=8656867 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T07:35:09+00:00 https://www.zataz.com/la-russie-en-seconde-position-mondiale-des-fuites-de-donnees-en-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8656859 False None None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-20T07:24:11+00:00 https://www.zataz.com/un-bouclier-numerique-contre-la-fraude-bancaire-en-russie/ www.secnews.physaphae.fr/article.php?IdArticle=8656860 False None None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Western Alliance Bank has announced a data breach affecting 21,899 people, that was caused by an October 2024 cyberattack on a third-party file transfer software. The breach exposed sensitive personal and financial information, including names, Social Security numbers, driver’s license details, and financial account numbers.   The bank said the malicious actors exploited a zero-day vulnerability in the third-party software to [...]]]> 2025-03-20T06:50:29+00:00 https://informationsecuritybuzz.com/western-alliance-bank-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8656849 False Data Breach,Vulnerability,Threat None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2025-03-20T06:00:00+00:00 https://levelblue.com/blogs/security-essentials/dangers-of-data-logging-and-data-hashing-in-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8656956 False Data Breach,Tool,Vulnerability,Threat,Technical None 2.0000000000000000 Noyb - NOYB 2025-03-20T06:00:00+00:00 https://noyb.eu/fr/ai-hallucinations-chatgpt-created-fake-child-murderer www.secnews.physaphae.fr/article.php?IdArticle=8656841 False Legislation ChatGPT 3.0000000000000000 ProofPoint - Cyber Firms 2025-03-20T05:34:47+00:00 https://www.proofpoint.com/us/blog/information-protection/ai-in-cybersecurity-empowering-teams www.secnews.physaphae.fr/article.php?IdArticle=8657082 False Malware,Tool,Threat,Studies,Prediction None 3.0000000000000000 The State of Security - Magazine Américain Protecting sensitive patient information is more critical than ever. With technologies evolving at a breakneck pace and the number of cyber threats targeting healthcare entities in the United States skyrocketing, healthcare organizations must have robust policies and guardrails in place to ensure patients\' confidential information doesn\'t fall into the wrong hands. One of the essential frameworks for ensuring data security and privacy is the Centers for Medicare & Medicaid Services Acceptable Risk Safeguards (CMS ARS). Released in January 2022, the CMS ARS provides a standardized approach to...]]> 2025-03-20T04:10:02+00:00 https://www.tripwire.com/state-of-security/cms-ars-blueprint-us-healthcare-data-security-and-compliance www.secnews.physaphae.fr/article.php?IdArticle=8656881 False Medical None 2.0000000000000000 Dark Reading - Informationweek Branch Global politics and a growing economy draw the wrong kind of attention to India, with denial-of-service and application attacks both on the rise.]]> 2025-03-20T03:30:00+00:00 https://www.darkreading.com/cyber-risk/india-tops-global-targets-hactivists-regional-apt www.secnews.physaphae.fr/article.php?IdArticle=8656829 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain A message posted on Monday to the homepage of the U.S. Cybersecurity & Infrastructure Security Agency (CISA) is the latest exhibit in the Trump administration\'s continued disregard for basic cybersecurity protections. The message instructed recently-fired CISA employees to get in touch so they can be rehired and then immediately placed on leave, asking employees to send their Social Security number or date of birth in a password-protected email attachment -- presumably with the password needed to view the file included in the body of the email.]]> 2025-03-20T01:26:12+00:00 https://krebsonsecurity.com/2025/03/doge-to-fired-cisa-staff-email-us-your-personal-data/ www.secnews.physaphae.fr/article.php?IdArticle=8656812 False None None 3.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido Austin, TX, MA. 19, 2025, CyberNewswire - L'utilisateur moyen de l'entreprise a désormais 146 enregistrements volés liés à leur identité, une augmentation moyenne de 12 fois par rapport aux estimations précédentes, reflétant une augmentation des expositions à l'identité holistique. spycloud , la principale menace d'identité… (plus…) Le message alerte de nouvelles: l'étude spycloud montre d'abord l'identité notante href = "https://www.lastwatchdog.com"> Le dernier chien de garde .

---

>Austin, TX, Ma. 19, 2025, CyberNewswire — The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. SpyCloud, the leading identity threat … (more…) The post News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk first appeared on The Last Watchdog.]]> 2025-03-20T00:00:04+00:00 https://www.lastwatchdog.com/news-alert-spycloud-study-shows-darknet-identity-exploitation-arising-to-become-a-primary-cyber-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8656803 False Threat,Studies None 2.0000000000000000 Smashing Security - Podcast Cyber In episode 409 of the "Smashing Security" podcast, we uncover the curious case of the Chinese cyber-attack on Littleton\'s Electric Light Company, and a California landlord\'s hidden camera scandal. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault. Warning: This podcast...]]> 2025-03-20T00:00:00+00:00 https://www.smashingsecurity.com/409-peeping-perverts-and-fbi-phone-calls/ www.secnews.physaphae.fr/article.php?IdArticle=8656801 False None None 2.0000000000000000 Cyber Skills - Podcast Cyber 2025-03-20T00:00:00+00:00 https://www.cyberskills.ie/explore/news/unlock-the-power-of-digital-transformation-at-the-entire-industry-network-day.html www.secnews.physaphae.fr/article.php?IdArticle=8656954 False Studies None 3.0000000000000000 Silicon - Site de News Francais 2025-03-20T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/fronde-education-nationale-gros-contrat-microsoft-469196.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8657018 False Cloud None 2.0000000000000000 Resecurity - cyber risk firms 2025-03-20T00:00:00+00:00 https://www.resecurity.com/blog/article/dark-web-intelligence-uncovers-fentanyl-trafficking-networks-persisting-on-telegram-part-2 www.secnews.physaphae.fr/article.php?IdArticle=8657110 False None None 2.0000000000000000 Cyber Skills - Podcast Cyber 2025-03-20T00:00:00+00:00 https://www.cyberskills.ie/explore/news/why-you-need-to-plan-for-the-worst-in-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8656916 False Cloud,Technical None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform 2025-03-19T22:35:45+00:00 https://cloud.google.com/support/bulletins/index#gcp-2025-011 www.secnews.physaphae.fr/article.php?IdArticle=8657783 False Vulnerability,Cloud None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company]]> 2025-03-19T21:22:00+00:00 https://thehackernews.com/2025/03/hackers-exploit-severe-php-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8656732 False Vulnerability,Threat None 1.00000000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Deux des trois juges ont déclaré que cinq ans de probation et de temps purgé ne correspondent pas à la gravité du crime, entre autres raisons de renverser la peine.

---

>Two of the three judges said five years\' probation and time served didn\'t match the severity of the crime, among other reasons for overturning the sentence. ]]> 2025-03-19T21:21:11+00:00 https://cyberscoop.com/capital-one-hacker-paige-thompson-sentence-appeals-court/ www.secnews.physaphae.fr/article.php?IdArticle=8656786 False None None 2.0000000000000000 Dark Reading - Informationweek Branch CISA this week added CVE-2025-24472 to its catalog of known exploited vulnerabilities, citing ransomware activity targeting the authentication bypass flaw.]]> 2025-03-19T21:19:12+00:00 https://www.darkreading.com/cyberattacks-data-breaches/critical-fortinet-vulnerability-draws-fresh-attention www.secnews.physaphae.fr/article.php?IdArticle=8656788 False Ransomware,Vulnerability None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Deux responsables de la CISA ont détaillé la façon dont les agences tirent parti du programme pour obtenir le meilleur CDM peut offrir.

---

> Two CISA officials detailed the way agencies are leveraging the program to get the best CDM can offer. ]]> 2025-03-19T20:52:24+00:00 https://cyberscoop.com/dhs-cdm-improvement-elasic-shelly-hartsook-matt-house/ www.secnews.physaphae.fr/article.php?IdArticle=8656773 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.]]> 2025-03-19T20:29:20+00:00 https://www.darkreading.com/cyber-risk/nation-state-groups-abuse-microsoft-windows-shortcut-exploit www.secnews.physaphae.fr/article.php?IdArticle=8656778 False Threat,Prediction None 2.0000000000000000 Global Security Mag - Site de news francais Mise à jour malware

---

Job Platform Leak: Resumes, Emails, and More at Risk - Malware Update]]> 2025-03-19T20:21:30+00:00 https://www.globalsecuritymag.fr/job-platform-leak-resumes-emails-and-more-at-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8656775 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2025-03-19T20:19:23+00:00 https://www.globalsecuritymag.fr/trend-micro-incorporated-annonce-la-mise-a-disposition-en-open-source-de-trend.html www.secnews.physaphae.fr/article.php?IdArticle=8656776 False Threat,Prediction None 2.0000000000000000