This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:27:05+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on susceptible devices by means of a]]> 2025-03-17T18:42:00+00:00 https://thehackernews.com/2025/03/unpatched-edimax-camera-flaw-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8656239 False Malware,Vulnerability,Threat None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-17T18:33:03+00:00 https://www.zataz.com/comment-choisir-la-bonne-societe-de-logiciels/ www.secnews.physaphae.fr/article.php?IdArticle=8656305 False None None 3.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2025-03-17T17:40:28+00:00 https://www.globalsecuritymag.fr/theorie-brisee-des-cyber-fenetres.html www.secnews.physaphae.fr/article.php?IdArticle=8656284 False None None 2.0000000000000000 HackRead - Chercher Cyber Educational institutions and businesses looking to implement technology-driven learning solutions often face a key decision: should they invest…]]> 2025-03-17T17:38:25+00:00 https://hackread.com/custom-vs-off-the-shelf-educational-software/ www.secnews.physaphae.fr/article.php?IdArticle=8656294 False None None 2.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux

---

Trend Micro Exposes the Future of Social Engineering: AI, Wearables, and VR Set to Supercharge Cybercrime - Special Reports]]> 2025-03-17T17:37:52+00:00 https://www.globalsecuritymag.fr/trend-micro-exposes-the-future-of-social-engineering-ai-wearables-and-vr-set-to.html www.secnews.physaphae.fr/article.php?IdArticle=8656285 False Prediction None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le dossier faisait partie d'une affaire déposée par les procureurs généraux d'État cherchant à bloquer l'accès aux Doge à des informations sensibles.

---

>The filing was part of a case brought by state attorneys general seeking to block DOGE access to sensitive information. ]]> 2025-03-17T17:30:22+00:00 https://cyberscoop.com/doge-violated-security-policies-treasury-court-filing/ www.secnews.physaphae.fr/article.php?IdArticle=8656286 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users\' actions. That\'s according to new findings from Cisco Talos, which said such malicious activities can compromise a victim\'s security and privacy. "The features available in CSS allow attackers and spammers to track users\' actions and]]> 2025-03-17T17:22:00+00:00 https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8656240 False Spam,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Cloudflare introduces E2E post-quantum cryptography, enhancing security against quantum threats]]> 2025-03-17T17:15:00+00:00 https://www.infosecurity-magazine.com/news/cloudflare-e2e-post-quantum/ www.secnews.physaphae.fr/article.php?IdArticle=8656288 False None None 3.0000000000000000 ProofPoint - Firm Security 2025-03-17T17:08:14+00:00 https://www.proofpoint.com/us/newsroom/news/how-protect-your-gmail-outlook-after-fbi-warning-medusa-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8657668 False Ransomware None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine From March 17, Ofcom will enforce rules requiring tech platforms operating in the UK to remove illegal content, including child abuse material]]> 2025-03-17T17:00:00+00:00 https://www.infosecurity-magazine.com/news/uk-online-safety-act-ofcom/ www.secnews.physaphae.fr/article.php?IdArticle=8656274 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week\'s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source]]> 2025-03-17T16:55:00+00:00 https://thehackernews.com/2025/03/thn-weekly-recap-router-hacks-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8656205 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the notorious threat actor]]> 2025-03-17T16:30:00+00:00 https://www.infosecurity-magazine.com/news/researchers-confirm-blacklock/ www.secnews.physaphae.fr/article.php?IdArticle=8656275 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider\'s storage security controls and default settings. “In just the past few months, I have witnessed two different methods for]]> 2025-03-17T16:30:00+00:00 https://thehackernews.com/2025/03/sans-institute-warns-of-novel-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8656206 False Ransomware,Threat,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch A ransomware activity wave using the SocGholish MaaS framework for initial access also has affected banking and consulting firms in the US, Taiwan, and Japan since the beginning of the year.]]> 2025-03-17T15:54:01+00:00 https://www.darkreading.com/cyberattacks-data-breaches/ransomhub-fakeupdates-government-sector www.secnews.physaphae.fr/article.php?IdArticle=8656267 False Ransomware None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Center for Cybersecurity Belgium (CCB) announced on Monday that since the implementation of the NIS2 legislation last... ]]> 2025-03-17T15:51:13+00:00 https://industrialcyber.co/regulation-standards-and-compliance/belgiums-ccb-reports-significant-registration-surge-under-nis2-as-2410-organizations-from-critical-sectors-enrolled/ www.secnews.physaphae.fr/article.php?IdArticle=8656266 False Legislation None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2025-03-17T15:49:59+00:00 https://blog.incogni.com/how-to-block-restricted-calls/ www.secnews.physaphae.fr/article.php?IdArticle=8656265 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to an incident in which the popular GitHub Action tj-actions/changed-files was compromised to leak secrets from repositories using the continuous integration and continuous delivery (CI/CD) workflow. The incident involved the tj-actions/changed-files GitHub Action, which is used in over 23,000 repositories. It\'s used to track and retrieve all]]> 2025-03-17T15:41:00+00:00 https://thehackernews.com/2025/03/github-action-compromise-puts-cicd.html www.secnews.physaphae.fr/article.php?IdArticle=8656195 False None None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain GPU Cryptanalysis de force brutale de GPRS, GSM, RFID et TETRA: Cryptanalysis de Kasumi, Speck, et TETRA: Résumé: Les longueurs de clés de la cryptographie symétrique sont déterminées en ce qui concerne les attaques de force brute avec la technologie actuelle. Bien que de nos jours, au moins des clés de 128 bits soient recommandées, il existe de nombreuses normes et applications du monde réel qui utilisent des clés plus courtes. Afin d'estimer la menace réelle imposée en utilisant ces clés courtes, les estimations précises des attaques sont cruciales. Dans ce travail, nous fournissons des implémentations optimisées de plusieurs algorithmes largement utilisés sur les GPU, conduisant à des informations intéressantes sur le coût des attaques de force brute sur plusieurs applications réelles ...

---

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that use shorter keys. In order to estimate the actual threat imposed by using those short keys, precise estimates for attacks are crucial. In this work we provide optimized implementations of several widely used algorithms on GPUs, leading to interesting insights on the cost of brute force attacks on several real-word applications...]]> 2025-03-17T15:09:57+00:00 https://www.schneier.com/blog/archives/2025/03/improvements-in-brute-force-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8656262 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain ​Microsoft has discovered a new remote access trojan (RAT) that employs "sophisticated techniques" to avoid detection, ensure persistence, and extract sensitive information data. [...]]]> 2025-03-17T14:59:24+00:00 https://www.bleepingcomputer.com/news/security/microsoft-new-rat-malware-used-for-crypto-theft-reconnaissance/ www.secnews.physaphae.fr/article.php?IdArticle=8656298 False Malware None 3.0000000000000000 CybeReason - Vendor blog Sautez si vous avez entendu cette histoire, mais quand j'ai commencé à antivirus chez Dr Solomon \'s, Alan Salomon partagerait comment il est passé de la recouvrement des données du disque dur en antivirus parce qu'il a reçu un volant pour récupérer et reconnu que la corruption était logique. En tant que tel, pour résoudre les dommages, il a écrit un algorithme (il était mathématicien par éducation) pour annuler la corruption. Quelques mois plus tard, il a récupéré un autre entraînement et a reconnu la même corruption logique, ce qui l'a amené à écrire un nouvel algorithme pour détecter cette corruption; C'est ainsi qu'il a commencé le logiciel antivirus du Dr Solomon. Le point ici est que l'antivirus traditionnel a toujours été basé sur la correspondance des modèles. Trouvez quelque chose d'unique à chaque attaque de son code, puis vous pouvez écrire un algorithme ou plus communément appelé ces jours-ci une signature pour détecter, bloquer et réparer l'attaque. Je me souviens qu'Alan a dit efficacement que les signatures avaient résolu le problème du virus, le volume continuerait de croître, tout comme la complexité, mais la même solution de signature s'appliquerait toujours.

---

Skip ahead if you have heard this story, but when I started in anti-virus at Dr Solomon\'s, Alan Solomon would share how he moved from doing hard disk data recoveries into antivirus because he received a drive to recover and recognized the corruption was logical. As such to fix the damage he wrote an algorithm (he was a mathematician by education) to undo the corruption. A few months later he was recovering another drive and recognized the same logical corruption, which led him to write a new algorithm to detect this corruption; this was how he started Dr Solomon\'s antivirus software. The point here is that traditional anti-virus has always been based on pattern matching. Find something unique to each attack in its code, then you can write an algorithm or more commonly called these days a signature to detect, block and repair the attack. I remember Alan saying effectively that signatures had solved the virus problem, the volume would continue to grow, as would the complexity, but the same signature solution would always apply.]]> 2025-03-17T14:41:45+00:00 https://www.cybereason.com/blog/keeping-pace-with-ai-innovation www.secnews.physaphae.fr/article.php?IdArticle=8656259 False None None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2025-03-17T14:41:19+00:00 https://blog.incogni.com/how-to-find-out-if-my-information-is-on-the-dark-web/ www.secnews.physaphae.fr/article.php?IdArticle=8656247 False None None 2.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes en cyber Les meilleures attaques et violations de la recherche sur le point de contrôle élaborent sur le groupe hacktiviste pro-palestinien «Dark Storm» qui a revendiqué l'attaque DDOS à grande échelle contre X (anciennement Twitter). L'attaque a perturbé l'accès à la plate-forme, provoquant des pannes pour les utilisateurs […]

---

>For the latest discoveries in cyber research for the week of 17th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research elaborates about the pro-Palestinian hacktivist group “Dark Storm” which claimed the large-scale DDoS attack against X (formerly Twitter). The attack disrupted access to the platform, causing outages for users […] ]]> 2025-03-17T14:38:43+00:00 https://research.checkpoint.com/2025/17th-march-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8656258 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future The Russian-born founder and owner of the messaging app Telegram said he returned to Dubai after spending several months in France due to a criminal investigation related to activity on the app.]]> 2025-03-17T14:16:40+00:00 https://therecord.media/telegram-pavel-durov-leaves-france-amid-probe www.secnews.physaphae.fr/article.php?IdArticle=8656249 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Cybersecurity is not just a technical challenge but also a very human one. The more humans that organizations can get involved, the more diverse perspectives and experiences that can be tapped into.]]> 2025-03-17T14:12:42+00:00 https://www.darkreading.com/vulnerabilities-threats/how-open-innovation-can-help-solve-problems-faster-better-cheaper www.secnews.physaphae.fr/article.php?IdArticle=8656251 False Technical None 2.0000000000000000 HackRead - Chercher Cyber GitHub security alert: Malicious code found in \'tj-actions/changed-files,\' impacting 23K+ repos. Learn how to check, remove, and protect…]]> 2025-03-17T14:10:44+00:00 https://hackread.com/malicious-code-in-tj-actions-changed-files-github-repos/ www.secnews.physaphae.fr/article.php?IdArticle=8656252 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Two vulnerabilities impacting Fortinet products are being exploited by a new ransomware operation with ties to the LockBit ransomware group.]]> 2025-03-17T14:09:18+00:00 https://therecord.media/mora001-ransomware-gang-exploiting-vulnerability-lockbit www.secnews.physaphae.fr/article.php?IdArticle=8656250 False Ransomware,Vulnerability None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A bipartisan delegation of US Congresspeople and Senators has asked the hearing between the UK government and Apple to be made public]]> 2025-03-17T14:00:00+00:00 https://www.infosecurity-magazine.com/news/us-legislators-transparency-apple/ www.secnews.physaphae.fr/article.php?IdArticle=8656241 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Five years ago, the Cyberspace Solarium Commission (CSC) released its March 2020 report, a blueprint that has reshaped... ]]> 2025-03-17T13:47:27+00:00 https://industrialcyber.co/critical-infrastructure/five-years-on-impact-of-cyberspace-solarium-commissions-recommendations-on-us-cybersecurity/ www.secnews.physaphae.fr/article.php?IdArticle=8656235 False None None 2.0000000000000000 IT Security Guru - Blog Sécurité KnowBe4, the cybersecurity platform that comprehensively addresses human risk management, today announced a new report, “From Primary Schools to Universities, The Global Education Sector is Unprepared for Escalating Cyber Attacks”. The education sector was the most targeted industry for cyberattacks in 2024, according to several reports, including one from Check Point Research. The sector has also […] ]]> 2025-03-17T13:44:58+00:00 https://www.itsecurityguru.org/2025/03/17/new-knowbe4-report-finds-education-sector-unprepared-for-escalating-cyberattacks/?utm_source=rss&utm_medium=rss&utm_campaign=new-knowbe4-report-finds-education-sector-unprepared-for-escalating-cyberattacks www.secnews.physaphae.fr/article.php?IdArticle=8656263 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine 2025-03-17T13:23:00+00:00 https://www.computerweekly.com/opinion/Data-protection-and-AI-what-to-know-about-new-UK-cyber-standard www.secnews.physaphae.fr/article.php?IdArticle=8656282 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber L'initiative fait partie d'un plan à long terme pour mettre à jour tous ses services de chiffrement vers de nouveaux algorithmes conçus pour se protéger contre les ordinateurs quantiques.

---

>The initiative is part of a long-term plan to update all its encryption services to newer algorithms designed to protect against quantum computers. ]]> 2025-03-17T13:14:12+00:00 https://cyberscoop.com/cloudflare-post-quantum-zero-trust-encryption-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8656233 False None None 2.0000000000000000 Wired Threat Level - Security News Bitwarden is open source and secure, has support for passkeys, and costs just $10 per year.]]> 2025-03-17T13:02:00+00:00 https://www.wired.com/review/bitwarden-password-manager/ www.secnews.physaphae.fr/article.php?IdArticle=8656234 False None None 2.0000000000000000 The Register - Site journalistique Anglais Large organizations among those cleaning up the mess It\'s not such a happy Monday for defenders wiping the sleep from their eyes only to deal with the latest supply chain attack.…]]> 2025-03-17T13:01:26+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/17/supply_chain_attack_github/ www.secnews.physaphae.fr/article.php?IdArticle=8656218 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point est honoré d'être présenté en tant que gagnant de l'or pour la sécurité du cloud lors des Globee Cybersecurity Awards 2025. La plate-forme CloudGuard de Check Point \\ s'est distinguée pour son approche préventive de la sécurité du cloud, en se concentrant sur l'arrêt des cyberattaques avant d'infiltrer les environnements cloud en premier lieu. La suite de bout en bout de CloudGuard \\ de Solutions de sécurité cloud avancées, y compris le pare-feu d'application Web (WAF), la sécurité automatisée du réseau, la détection et la réponse du cloud (CDR) et la sécurité du code, permet aux organisations de promulguer une approche unique et alimentée par AI qui priorise la gestion des risques et la prévention des menaces, la réduction des profils de risque globaux pour les organisations à l'échelle mondiale. Les Globee® Awards pour la cybersécurité mettent en lumière le […]

---

>Check Point is honored to be featured as a Gold Winner for Cloud Security in the 2025 Globee Cybersecurity Awards. Check Point\'s CloudGuard platform distinguished itself for its preventive approach to cloud security, focusing on stopping cyber attacks before they infiltrate cloud environments in the first place. CloudGuard\'s end-to-end suite of advanced cloud security solutions, including web application firewall (WAF), automated network security, cloud detection and response (CDR), and code security, enables organizations to enact a unique, AI-powered approach that prioritizes risk management and threat prevention, reducing overall risk profiles for organizations globally. The Globee® Awards for Cybersecurity spotlight the […] ]]> 2025-03-17T13:00:25+00:00 https://blog.checkpoint.com/security/check-point-named-gold-winner-for-cloud-security-in-2025-globee-cybersecurity-awards/ www.secnews.physaphae.fr/article.php?IdArticle=8656219 False Threat,Cloud None 2.0000000000000000 HackRead - Chercher Cyber Amsterdam, Netherlands, 17th March 2025, CyberNewsWire]]> 2025-03-17T12:54:46+00:00 https://hackread.com/cyver-core-reports-50-reduction-in-pentest-reporting-time-with-generative-ai/ www.secnews.physaphae.fr/article.php?IdArticle=8656223 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Inflation, cryptocurrency market volatility, and the ability to invest in defenses all influence the impact and severity of a ransomware attack, according to incident response efforts and ransomware negotiators.]]> 2025-03-17T12:54:25+00:00 https://www.darkreading.com/cyberattacks-data-breaches/how-economic-headwinds-influence-ransomware-ecosystem www.secnews.physaphae.fr/article.php?IdArticle=8656221 False Ransomware None 2.0000000000000000 Korben - Bloger francais LetterFall. Il s’agit d’un jeu hybride qui combine les mécaniques de ces 2 jeux addictifs et qui va vous donner mal à la tête. En gros, les lettres tombent du haut de l’écran comme dans Tetris et vous devez former des mots valides de 4 lettres minimum en cliquant sur les lettres dispo sur la grille.]]> 2025-03-17T12:49:53+00:00 https://korben.info/letterfall-quand-tetris-rencontre-wordle-votre-productivite-tremble.html www.secnews.physaphae.fr/article.php?IdArticle=8656236 False None None 3.0000000000000000 GoogleSec - Firm Security Blog OSV-Scanner tool, and earlier this year, we open sourced OSV-SCALIBR. OSV-Scanner and OSV-SCALIBR, together with OSV.dev are components of an open platform for managing vulnerability metadata and enabling simple and accurate matching and remediation of known vulnerabilities. Our goal is to simplify and streamline vulnerability management for developers and security teams alike.Today, we\'re thrilled to announce the launch of OSV-Scanner V2.0.0, following the announcement of the beta version. This V2 release builds upon the foundation we laid with OSV-SCALIBR and adds significant new capabilities to OSV-Scanner, making it a comprehensive vulnerability scanner and remediation tool with broad support for formats and ecosystems. What\'s newEnhanced Dependency Extraction with OSV-SCALIBRThis release represents the first major integration of OSV-SCALIBR features into OSV-Scanner, which is now the official command-line code and container scanning tool for the OSV-SCALIBR library. This integration also expanded our support for the kinds of dependencies we can extract from projects and containers:Source manifests and lo]]> 2025-03-17T12:47:25+00:00 http://security.googleblog.com/2025/03/announcing-osv-scanner-v2-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8656281 False Tool,Vulnerability Uber 3.0000000000000000 HackRead - Chercher Cyber Scammers are sending fake extortion and ransom demands while posing as ransomware gangs, including the notorious Cl0p ransomware.…]]> 2025-03-17T12:45:25+00:00 https://hackread.com/scammers-pose-cl0p-ransomware-fake-extortion-letters/ www.secnews.physaphae.fr/article.php?IdArticle=8656224 False Ransomware None 3.0000000000000000 Korben - Bloger francais 2025-03-17T12:29:46+00:00 https://korben.info/uutils-ubuntu-remplace-ses-commandes-linux-par-du-rust.html www.secnews.physaphae.fr/article.php?IdArticle=8656237 False Tool None 3.0000000000000000 Cyble - CyberSecurity Firm Overview The Singapore Police Force (SPF), the Monetary Authority of Singapore (MAS), and the Cyber Security Agency of Singapore (CSA) have jointly issued a public advisory warning about a new series of scams involving digital manipulation. These scams leverage Artificial Intelligence (AI) to create synthetic media, commonly known as deepfakes. This allows scammers to impersonate high-ranking executives and deceive employees into transferring funds from corporate accounts. The Evolution of Digital Manipulation Scams In this emerging scam variant, fraudsters exploit AI-driven technology to manipulate video and audio, convincingly mimicking the facial features, voice, and gestures of senior executives. The technique involves scammers contacting victims via unwanted WhatsApp messages, claiming to be executives from the victims\' own companies. Victims are then invited to a live Zoom video call, during which they encounter fake visuals of their high-ranking executives, sometimes accompanied by individuals impersonating MAS officials or potential investors. Step-by-Step Breakdown of the Scam Initial Contact: Victims receive WhatsApp messages from scammers impersonating company executives. ]]> 2025-03-17T12:18:28+00:00 https://cyble.com/blog/fake-ceos-real-singapore-warns-of-deepfake-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8656222 False Tool,Threat,Legislation None 3.0000000000000000 Korben - Bloger francais 2025-03-17T12:16:17+00:00 https://korben.info/ia-baidu-sattaque-a-deepseek-avec-ernie-4-5-et-x1.html www.secnews.physaphae.fr/article.php?IdArticle=8656238 False None None 3.0000000000000000 SecurityWeek - Security News Les sites Web de plus de 100 concessionnaires automobiles ont été trouvés au service du code de clic malveillant dans un compromis de la chaîne d'approvisionnement.

---

>The websites of over 100 auto dealerships were found serving malicious ClickFix code in a supply chain compromise. ]]> 2025-03-17T12:08:17+00:00 https://www.securityweek.com/100-car-dealerships-hit-by-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8656204 False None None 2.0000000000000000 HackRead - Chercher Cyber Following the success of the Neuro Nostalgia Hackathon that closed out in 2024, Hackathon Raptors has completed its…]]> 2025-03-17T12:06:35+00:00 https://hackread.com/ai-powered-dei-web-accessibility-hackathon-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8656210 False Technical None 3.0000000000000000 Korben - Bloger francais Falco Girgis et son équipe ont décidé de porter tout d’abord GTA3 puis Vice City sur Dreamcast. Faire tourner un monde ouvert massif sur une console avec seulement 16 Mo de RAM (oui, vous avez bien lu, MÉGA-octets), est-ce possible ?]]> 2025-03-17T11:35:45+00:00 https://korben.info/gta-vice-city-dreamcast-portage-optimisation-miracle.html www.secnews.physaphae.fr/article.php?IdArticle=8656207 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Action Fraud reported a spike in social media and email account hacks in 2024, resulting in losses of nearly £1m]]> 2025-03-17T11:30:00+00:00 https://www.infosecurity-magazine.com/news/uk-social-media-email-account-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8656209 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A supply chain attack on the widely used \'tj-actions/changed-files\' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. [...]]]> 2025-03-17T11:24:46+00:00 https://www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/ www.secnews.physaphae.fr/article.php?IdArticle=8656264 False Threat None 2.0000000000000000 Data Security Breach - Site de news Francais 2025-03-17T11:13:12+00:00 https://www.datasecuritybreach.fr/la-cybercriminalite-en-france-en-2024-analyse-des-348-000-infractions-enregistrees/ www.secnews.physaphae.fr/article.php?IdArticle=8656217 False None None 3.0000000000000000 Korben - Bloger francais un article hyper intéressant d’un codeur qui s’appelle Geoffrey Huntley qui s’est plongé dans le fonctionnement de Claude Code. Si vous dormiez dans votre grotte ces dernières semaines, Claude Code, c’est un outil codé en Typescript qui n’est ni plus ni moins qu’un agent IA capable de coder en utilisant le LLM Claude Sonnet 3.7.]]> 2025-03-17T11:06:41+00:00 https://korben.info/llm-decompilation-claude-code-hack-intelligence-artificielle.html www.secnews.physaphae.fr/article.php?IdArticle=8656208 False None None 4.0000000000000000 Cyble - CyberSecurity Firm Le FBI et l'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) ont publié un avis bien à la fois sur le groupe Ransomware Medusa la semaine dernière, car Cyble a détecté une accélération dans les activités du groupe au cours des derniers mois. medusa Ransomware Attacks ont été un événement presque quotidien jusqu'à présent, fonctionnant près de 45% plus élevé que les niveaux d'attaque du groupe \\ 2024, selon Cyble Threat Intelligence Données. Le cisa-fbi consultatif Examine le groupe Ransomware-as-a-Service (RAAS) du groupe, des techniques, des techniques et des procédures (TTPS). (IOCS), mitre att & ck Techniques, et plus, basé sur des enquêtes récentes du FBI. Les attaques de ransomwares Medusa ont augmenté en février Cyble a enregistré 60 victimes de ransomwares de méduse au cours des 72 premiers jours de 2025, à un rythme de plus de 300 attaques cette année. Ce serait considérablement à partir des 211 attaques de ransomwares MEDUSA enregistrées par Cyble en 2024. Le volume d'attaque a culminé en février, avec 33 victimes revendiquées par le groupe au cours du mois de 28 jours. Février était un mois record pour les attaques de ransomware en général, comme enregistré par les données Cyble. Cyble a e]]> 2025-03-17T11:01:48+00:00 https://cyble.com/blog/medusa-ransomware-surges-as-fbi-share-insight/ www.secnews.physaphae.fr/article.php?IdArticle=8656193 False Ransomware,Tool,Vulnerability,Threat,Patching,Mobile,Medical None 3.0000000000000000 Zataz - Magazine Francais de secu 2025-03-17T11:00:27+00:00 https://www.zataz.com/piratage-de-billets-de-la-tournee-eras-de-taylor-swift-600-000-e-detournes/ www.secnews.physaphae.fr/article.php?IdArticle=8656202 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Common Good Cyber has released a new mapping database designed to help NGOs find the security tools they need]]> 2025-03-17T10:45:00+00:00 https://www.infosecurity-magazine.com/news/security-database-aims-empower/ www.secnews.physaphae.fr/article.php?IdArticle=8656196 False Tool None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Here\'s what\'s been hot on the AI scene over the past 12 months, how it\'s changing the face of warfare, and how you can fight AI-powered scams]]> 2025-03-17T10:00:00+00:00 https://www.welivesecurity.com/en/videos/ai-biggest-surprises-2024-unlocked-403-cybersecurity-podcast-season-2-episode-1/ www.secnews.physaphae.fr/article.php?IdArticle=8661304 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Researchers warn that popular open source software package tj-actions has been compromised]]> 2025-03-17T10:00:00+00:00 https://www.infosecurity-magazine.com/news/tjactions-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8656180 False None None 3.0000000000000000 SecurityWeek - Security News L'action GitHub-actions / fichiers modifiées, qui est utilisée dans 23 000 référentiels, a été ciblée dans une attaque de chaîne d'approvisionnement.

---

>The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. ]]> 2025-03-17T10:00:00+00:00 https://www.securityweek.com/popular-github-action-targeted-in-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8656179 False None None 3.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2025-03-17T09:53:12+00:00 https://www.globalsecuritymag.fr/les-6-principales-fonctionnalites-pam-dont-vous-avez-reellement-besoin.html www.secnews.physaphae.fr/article.php?IdArticle=8656183 False None None 2.0000000000000000 HackRead - Chercher Cyber Frankfurt am Main, Germany, 17th March 2025, CyberNewsWire]]> 2025-03-17T09:30:07+00:00 https://hackread.com/european-cyber-report-2025-137-more-ddos-attacks-than-last-year-what-companies-need-to-know/ www.secnews.physaphae.fr/article.php?IdArticle=8656182 False None None 2.0000000000000000 HackRead - Chercher Cyber Frankfurt am Main, Germany, 17th March 2025, CyberNewsWire]]> 2025-03-17T09:30:07+00:00 https://hackread.com/european-cyber-report-2025-137-more-ddos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8656211 False None None 3.0000000000000000 Korben - Bloger francais 2025-03-17T09:30:00+00:00 https://korben.info/fleur-mcp-comment-donner-super-pouvoirs-claude.html www.secnews.physaphae.fr/article.php?IdArticle=8656178 False None None 2.0000000000000000 Zataz - Magazine Francais de secu 2025-03-17T09:09:56+00:00 https://www.zataz.com/defnet-2025-les-cybercombattants-francais-a-lepreuve-du-combat-de-haute-intensite/ www.secnews.physaphae.fr/article.php?IdArticle=8656192 False None None 2.0000000000000000 Global Security Mag - Site de news francais Market News

---

Nokia strengthens Worldstream\'s hosting security with advanced DDoS Protection in the Netherlands Enterprise customers using hosting services will benefit from fast network-based mitigation of most complex and high-volume cyberattacks and AI-driven threats. Real-time, automated, next-generation DDoS protection to keep businesses running and unaffected during an attack. Enhanced network resilience with Nokia Deepfield Defender and 7750 SR routers. - Market News]]> 2025-03-17T08:18:28+00:00 https://www.globalsecuritymag.fr/nokia-strengthens-worldstream-s-hosting-security-with-advanced-ddos-protection.html www.secnews.physaphae.fr/article.php?IdArticle=8656170 False None None 3.0000000000000000 Sygnia - CyberSecurity Firm Apprenez comment la détection et la réponse gérées (MDR) renforcent les défenses des crypto-monnaies. Découvrez les tendances d'attaque, les études de cas de violation et les stratégies exploitables pour protéger vos actifs numériques dans ce livre blanc complet.

---

>Learn how Managed Detection and Response (MDR) strengthens cryptocurrency defenses. Discover attack trends, breach case studies, and actionable strategies to safeguard your digital assets in this comprehensive white paper. ]]> 2025-03-17T08:17:05+00:00 https://www.sygnia.co/guides-and-tools/secure-your-cryptocurrency-business-today/ www.secnews.physaphae.fr/article.php?IdArticle=8656184 False Studies None 2.0000000000000000 McAfee Labs - Editeur Logiciel Autorisé par Aayush Tyagi et M, Mohanasundaram * Bold = Term défini en annexe dans ce blog, nous discutons de la façon dont les logiciels malveillants ...

---

> Authored by Aayush Tyagi and M, Mohanasundaram  *Bold = Term Defined in Appendix In this blog, we discuss how malware... ]]> 2025-03-17T07:00:41+00:00 https://www.mcafee.com/blogs/internet-security/deepseek-or-deep-threat-how-hackers-are-using-ai-hype-to-deliver-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8656295 False Malware None 3.0000000000000000 McAfee Labs - Editeur Logiciel ]]> 2025-03-17T07:00:27+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/bogus-deepseek-ai-installers-are-infecting-devices-with-malware-research-finds/ www.secnews.physaphae.fr/article.php?IdArticle=8656578 False Malware None 2.0000000000000000 McAfee Labs - Editeur Logiciel ]]> 2025-03-17T07:00:27+00:00 https://www.mcafee.com/blogs/internet-security/bogus-deepseek-ai-installers-are-infecting-devices-with-malware-research-finds/ www.secnews.physaphae.fr/article.php?IdArticle=8656296 False Malware None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Ever since AI\'s meteoric rise to prominence following the release of ChatGPT in November 2022, the technology has been at the centre of international debate. For every application in healthcare, education, and workplace efficiency, reports of abuse by cybercriminals for phishing campaigns, automating attacks, and ransomware have made mainstream news.  Regardless of whether individuals and [...]]]> 2025-03-17T06:49:07+00:00 https://informationsecuritybuzz.com/threat-of-cyber-risk-during-ai-adoptio/ www.secnews.physaphae.fr/article.php?IdArticle=8656157 False Ransomware,Threat,Medical ChatGPT 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite The latest Global Threat Index from Check Point Software Technologies has revealed a sharp rise in AsyncRAT attacks, pushing this stealthy remote access Trojan (RAT) into the top four most prevalent malware strains worldwide.   This is a concerning trend: malicious actors are increasingly eyeing and exploiting trusted platforms to slip through security nets and gain [...]]]> 2025-03-17T05:10:37+00:00 https://informationsecuritybuzz.com/asyncrat-surges-global-malware-ranks/ www.secnews.physaphae.fr/article.php?IdArticle=8656149 False Malware,Threat,Prediction None 3.0000000000000000 The State of Security - Magazine Américain If your website is targeting multiple states or countries, by default, you face a double-pronged challenge: adapting to regional regulatory demands while defending against sophisticated cyber threats. Tackling this requires localization. But what does the term actually entail? Localization isn\'t just about tailoring products, services, and infrastructure to meet local market requirements; it has emerged as a critical tool for compliance and cybersecurity threat mitigation. Strategic localization can address supply chain vulnerabilities, enhance regional threat intelligence, and foster...]]> 2025-03-17T05:05:07+00:00 https://www.tripwire.com/state-of-security/role-localization-cybersecurity-threat-mitigation www.secnews.physaphae.fr/article.php?IdArticle=8656176 False Tool,Vulnerability,Threat None 3.0000000000000000 The State of Security - Magazine Américain Critical infrastructure organizations bear an enormous responsibility. The assets, systems, and networks they manage are crucial to the functioning of a healthy society. They provide water, energy, transportation, healthcare, telecommunications, and more-should they fail, they would bring entire countries to their knees. The vast importance of Critical National Infrastructure (CNI) makes it a prime target for cybercriminals. Research from early this year even found that global critical infrastructure suffered 13 cyberattacks every second in 2023. And things are only likely to get worse: the...]]> 2025-03-17T05:05:05+00:00 https://www.tripwire.com/state-of-security/strengthening-critical-infrastructure-ncsc-caf www.secnews.physaphae.fr/article.php?IdArticle=8656177 False Medical None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Executive Summary The Rise of Browser in the Middle (BitM): BitM attacks offer a streamlined approach, allowing attackers to quickly compromise sessions across various web applications. MFA Remains Crucial, But Not Invulnerable: Multi-factor authentication (MFA) is a vital security measure, yet sophisticated social engineering tactics now effectively bypass it by targeting session tokens. Strong Defenses Are Imperative: To counter these threats, organizations must implement robust defenses, including hardware-based MFA, client certificates, and FIDO2. Social Engineering and Multi-Factor Authentication Social engineering campaigns pose a significant threat to organizations and businesses as they capitalize on human vulnerabilities by exploiting cognitive biases and weaknesses in security awareness. During a social engineering campaign, a red team operator typically targets a victim\'s username and password. A common mitigation used to address these threats are security measures like multi-factor authentication (MFA).  MFA is a security measure that requires users to provide two or more methods of authentication when logging in to an account or accessing a protected resource. This makes it more difficult for unauthorized users to gain access to sensitive information even if they have obtained one of the factors, such as a password. Red team operators have long targeted various methods of obtaining user session tokens with a high degree of success. Once a user has completed MFA and is successfully authenticated, the application typically stores a session token in the user\'s browser to maintain their authenticated state. Stealing this session token is the equivalent of stealing the authenticated session, meaning an adversary would no longer need to perform the MFA challenge. This makes session tokens a valuable target for adversaries and red team operators alike. Techniques for Targeting Tokens Red team operators can target these session tokens using a variety of tools and techniques. The most common tool is Evilginx2, a transparent proxy where a red team operator\'s server acts as an intermediary between the victim and the targeted service. Any HTTP requests made by the victim are captured by the phishing server and then forwarded directly to the intended website. However, before returning the responses to the victim, the server subtly modifies them by replacing any references to the legitimate domain with the phishing domain. This manipulation allows operators to not only capture the victim\'s login credentials from POST requests but also to extract session cookies (tokens) from the server\'s response headers after the victim has completed authentication and MFA prompts. During a red team engagement, a consultant working within a constrained time]]> 2025-03-17T05:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/session-stealing-browser-in-the-middle/ www.secnews.physaphae.fr/article.php?IdArticle=8656230 False Tool,Vulnerability,Threat None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism tj-actions/changed-files, corrupted to run credential-stealing memory scraper.]]> 2025-03-17T02:24:09+00:00 https://arstechnica.com/information-technology/2025/03/supply-chain-attack-exposing-credentials-affects-23k-users-of-tj-actions/ www.secnews.physaphae.fr/article.php?IdArticle=8656136 False None None 3.0000000000000000 Silicon - Site de News Francais 2025-03-17T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/eucc-phase-pratique-ajustements-469008.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8656231 False None None 3.0000000000000000 HackRead - Chercher Cyber Did you know that 43% of cyberattacks target small businesses, yet only 14% are prepared to defend themselves?…]]> 2025-03-16T21:57:32+00:00 https://hackread.com/start-up-security-protect-venture-cybersecurity-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8656105 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The chip maker\'s Tiber Secure Federated AI service creates a secure tunnel between AI models on remote servers and data sources on origin systems.]]> 2025-03-16T19:57:00+00:00 https://www.darkreading.com/cloud-security/intel-s-secure-data-tunnel-moves-ai-training-models-to-data-sources www.secnews.physaphae.fr/article.php?IdArticle=8656098 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Evolving cyber threat landscapes have led to OT/ICS incident response priorities being under significant pressure. By stressing the... ]]> 2025-03-16T12:10:24+00:00 https://industrialcyber.co/features/strengthening-ot-ics-incident-response-to-address-growing-complexity-of-cyber-threats-deliver-business-continuity/ www.secnews.physaphae.fr/article.php?IdArticle=8656047 False Threat,Industrial None 2.0000000000000000 Bleeping Computer - Magazine Américain Cybercriminals are promoting malicious Microsoft OAuth apps that masquerade as Adobe and DocuSign apps to deliver malware and steal Microsoft 365 accounts credentials. [...]]]> 2025-03-16T10:19:29+00:00 https://www.bleepingcomputer.com/news/security/malicious-adobe-docusign-oauth-apps-target-microsoft-365-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8656066 False Malware None 3.0000000000000000 HackRead - Chercher Cyber The US extradites LockBit ransomware developer, Rostislav Panev, from Israel. Learn how his arrest impacts the fight against…]]> 2025-03-16T10:10:58+00:00 https://hackread.com/lockbit-developer-rostislav-panev-extradited-israel-us/ www.secnews.physaphae.fr/article.php?IdArticle=8656034 False Ransomware None 2.0000000000000000 Sygnia - CyberSecurity Firm Avi pour diriger l'innovation de cybersécurité et développer la Sygnia \'s IR, le cyber-préparation et le leadership MDR.

---

>Avi to spearhead cybersecurity innovation and expand Sygnia\'s IR, Cyber Readiness and MDR leadership. ]]> 2025-03-16T07:56:28+00:00 https://www.sygnia.co/press-release/sygnia-appoints-avi-golan-ceo/ www.secnews.physaphae.fr/article.php?IdArticle=8656185 False None None 3.0000000000000000 Sygnia - CyberSecurity Firm Sygnia enquête sur le piratage de bybt de février 2025, découvrant comment les attaquants ont exploité les lacunes de sécurité dans plusieurs domaines. Apprenez les principales conclusions et leçons pour l'industrie cryptographique.

---

>Sygnia investigates the Bybit hack of February 2025, uncovering how attackers exploited security gaps across multiple domains. Learn key findings and lessons for the crypto industry. ]]> 2025-03-16T07:18:41+00:00 https://www.sygnia.co/blog/sygnia-investigation-bybit-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8656186 False Hack None 3.0000000000000000 HackRead - Chercher Cyber Cybersecurity tips to protect your cryptocurrency from hackers, scams, and fraud. Learn best practices for securing digital assets…]]> 2025-03-15T15:04:34+00:00 https://hackread.com/cybersecurity-crypto-practices-to-prevent-theft-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8655918 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have warned of a malicious campaign targeting users of the Python Package Index (PyPI) repository with bogus libraries masquerading as "time" related utilities, but harboring hidden functionality to steal sensitive data such as cloud access tokens. Software supply chain security firm ReversingLabs said it discovered two sets of packages totaling 20 of them. The packages]]> 2025-03-15T11:25:00+00:00 https://thehackernews.com/2025/03/malicious-pypi-packages-stole-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8655862 False Cloud None 2.0000000000000000 Wired Threat Level - Security News Plus: A nominee to lead CISA emerges, Elon Musk visits the NSA, a renowned crypto cracking firm\'s secret (and problematic) cofounder is revealed, and more.]]> 2025-03-15T10:30:00+00:00 https://www.wired.com/story/end-to-end-encryption-android-ios-roundup/ www.secnews.physaphae.fr/article.php?IdArticle=8655892 False Mobile None 3.0000000000000000 Krebs on Security - Chercheur Américain A clever malware deployment scheme first spotted in targeted attacks last year has now gone mainstream. In this scam, dubbed "ClickFix," the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware.]]> 2025-03-14T22:15:27+00:00 https://krebsonsecurity.com/2025/03/clickfix-how-to-infect-your-pc-in-three-easy-steps/ www.secnews.physaphae.fr/article.php?IdArticle=8655821 False Malware None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain band : Squid transforme les divertissements traditionnels de cornemuse-corne et de batterie en une poussée multisensorielle d'excitation, avec des cornemuses à haute énergie, des influences de musique pop et une percussion visuellement époustouflante!

---

A bagpipe and drum band: SQUID transforms traditional Bagpipe and Drum Band entertainment into a multi-sensory rush of excitement, featuring high energy bagpipes, pop music influences and visually stunning percussion!]]> 2025-03-14T21:03:56+00:00 https://www.schneier.com/blog/archives/2025/03/friday-squid-blogging-squid-band.html www.secnews.physaphae.fr/article.php?IdArticle=8655807 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 51-year-old dual Russian and Israeli national who is alleged to be a developer of the LockBit ransomware group has been extradited to the United States, nearly three months after he was formally charged in connection with the e-crime scheme. Rostislav Panev was previously arrested in Israel in August 2024. He is said to have been working as a developer for the ransomware gang from 2019]]> 2025-03-14T20:37:00+00:00 https://thehackernews.com/2025/03/alleged-israeli-lockbit-developer.html www.secnews.physaphae.fr/article.php?IdArticle=8655774 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The GSM Association (GSMA) has formally announced support for end-to-end encryption (E2EE) for securing messages sent via the Rich Communications Services (RCS) protocol, bringing much-needed security protections to cross-platform messages shared between Android and iOS platforms. To that end, the new GSMA specifications for RCS include E2EE based on the Messaging Layer Security (MLS) protocol]]> 2025-03-14T20:22:00+00:00 https://thehackernews.com/2025/03/gsma-confirms-end-to-end-encryption-for.html www.secnews.physaphae.fr/article.php?IdArticle=8655755 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Microsoft detailed a sophisticated campaign that relies on a social engineering technique, "ClickFix," in which a phisher uses security verification like captcha to give the target a false sense of safety.]]> 2025-03-14T20:07:52+00:00 https://www.darkreading.com/threat-intelligence/threat-actor-booking-com-clickfix-phishing-scheme www.secnews.physaphae.fr/article.php?IdArticle=8655809 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch A pair of researchers plan on detailing effective tools to dig into the effectiveness of vehicle cybersecurity without breaking the bank.]]> 2025-03-14T19:38:38+00:00 https://www.darkreading.com/cybersecurity-operations/mitm-vulns-research-opportunities-car-security www.secnews.physaphae.fr/article.php?IdArticle=8655799 False Tool None 2.0000000000000000 Dark Reading - Informationweek Branch Law enforcement discovered admin credentials on the suspect\'s computer for an online repository hosted on the Dark Web that stored source code for multiple versions of the LockBit builder.]]> 2025-03-14T19:24:48+00:00 https://www.darkreading.com/cyberattacks-data-breaches/lockbit-developer-extradited-admits-working-ransomware-group www.secnews.physaphae.fr/article.php?IdArticle=8655800 False Ransomware,Legislation None 2.0000000000000000 Recorded Future - FLux Recorded Future A federal three-judge panel in California upheld the sentence former Uber executive Joe Sullivan received after being convicted in an attempted coverup of a 2016 data breach at the company.]]> 2025-03-14T18:57:26+00:00 https://therecord.media/joe-sullivan-former-uber-executive-conviction-upheld www.secnews.physaphae.fr/article.php?IdArticle=8655792 False Data Breach Uber 3.0000000000000000 HackRead - Chercher Cyber Symantec demonstrates OpenAI\'s Operator Agent in PoC phishing attack, highlighting AI security risks and the need for proper cybersecurity.]]> 2025-03-14T18:36:58+00:00 https://hackread.com/symantec-openai-operator-agent-poc-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8655789 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A large-scale Coinbase phishing attack poses as a mandatory wallet migration, tricking recipients into setting up a new wallet with a pre-generated recovery phrase controlled by attackers. [...]]]> 2025-03-14T18:35:29+00:00 https://www.bleepingcomputer.com/news/security/coinbase-phishing-email-tricks-users-with-fake-wallet-migration/ www.secnews.physaphae.fr/article.php?IdArticle=8655824 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Une enquête du procureur général de California \\ sur l'utilisation des données de localisation pourrait freiner les pires abuseurs, mais devrait également être en mesure de déterminer l'utilisation légitime de l'entreprise.

---

>An investigation by California\'s attorney general into use of location data could rein in the worst abusers, but should also be able to determine legitimate business use. ]]> 2025-03-14T18:15:45+00:00 https://cyberscoop.com/california-ag-investigation-location-data-privacy/ www.secnews.physaphae.fr/article.php?IdArticle=8655790 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The Mora_001 group uses similar post-exploitation patterns and ransomware customization originated by LockBit.]]> 2025-03-14T17:25:44+00:00 https://www.darkreading.com/cyberattacks-data-breaches/actor-tied-lockbit-ransomware-targets-fortinet-users www.secnews.physaphae.fr/article.php?IdArticle=8655782 False Ransomware,Threat None 3.0000000000000000 ProofPoint - Firm Security 2025-03-14T17:10:17+00:00 https://www.proofpoint.com/us/newsroom/news/text-scams-warning-unpaid-road-tolls-fueled-cybercriminal-salesmen-telegram www.secnews.physaphae.fr/article.php?IdArticle=8657669 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber threats evolve daily. In this live webinar, learn exactly how ransomware attacks unfold-from the initial breach to the moment hackers demand payment. Join Joseph Carson, Delinea\'s Chief Security Scientist and Advisory CISO, who brings 25 years of enterprise security expertise. Through a live demonstration, he will break down every technical step of a ransomware attack, showing you how]]> 2025-03-14T16:55:00+00:00 https://thehackernews.com/2025/03/live-ransomware-demo-see-how-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8655727 False Ransomware,Technical None 3.0000000000000000 Palo Alto Network - Site Constructeur Les organisations financières sont confrontées à des défis de cybersécurité. Les experts Palo Alto Networks et IBM partagent les principales considérations dans une nouvelle série Vodcast pour une meilleure cybersécurité.

---

>Financial orgs face cybersecurity challenges. Palo Alto Networks & IBM experts share top considerations in a new vodcast series for better cybersecurity. ]]> 2025-03-14T16:30:11+00:00 https://www.paloaltonetworks.com/blog/2025/03/cybersecurity-considerations-financial-institutions/ www.secnews.physaphae.fr/article.php?IdArticle=8655771 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Most microsegmentation projects fail before they even get off the ground-too complex, too slow, too disruptive. But Andelyn Biosciences proved it doesn\'t have to be that way.  Microsegmentation: The Missing Piece in Zero Trust Security  Security teams today are under constant pressure to defend against increasingly sophisticated cyber threats. Perimeter-based defenses alone can no]]> 2025-03-14T16:30:00+00:00 https://thehackernews.com/2025/03/why-most-microsegmentation-projects.html www.secnews.physaphae.fr/article.php?IdArticle=8655728 False None None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2025-03-14T16:27:00+00:00 https://www.globalsecuritymag.fr/suse-lance-suse-rancher-pour-les-applications-sap-afin-d-offrir-une-integration.html www.secnews.physaphae.fr/article.php?IdArticle=8656072 False Cloud None 2.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Les équipes de Formule 1 fonctionnent sous des contraintes budgétaires strictes conçues pour niveler le domaine compétitif et obliger les équipes à innover afin d'atteindre des performances maximales à partir d'un ensemble limité de ressources. Pour les fans de sport, cela peut sembler être une interférence non naturelle dans l'innovation, mais les équipes de cybersécurité sont confrontées aux mêmes contraintes (environnements et défis de plus en plus complexes, […]

---

>Formula 1 teams operate under strict budget constraints designed to level the competitive field and compel teams to innovate in order to achieve maximum performance from a limited set of resources. For sports fans this might seem to be unnatural interference in innovation, but cybersecurity teams face the same constraints (increasingly complex environments and challenges, […] ]]> 2025-03-14T16:22:35+00:00 https://www.netskope.com/blog/lessons-from-f1s-cost-cap-applied-to-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8655773 False None None 2.0000000000000000