www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:26:00+00:00 www.secnews.physaphae.fr Recorded Future - FLux Recorded Future Tiktok peut-il aider Frank McCourt à réinventer Internet? Can TikTok help Frank McCourt reinvent the internet? Billionaire Frank McCourt wants to buy TikTok, but not for its algorithm and videos. He tells the Click Here podcast how the social media platform could help him with his plans to fundamentally change the Internet.]]> 2025-03-14T16:19:01+00:00 https://therecord.media/frank-mccourt-tiktok-project-liberty-interview www.secnews.physaphae.fr/article.php?IdArticle=8655776 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Un développeur de Lockbit russe présumé extradé d'Israël apparaît dans le New Jersey Court Alleged Russian LockBit developer extradited from Israel, appears in New Jersey court Rostislav Panev, who was arrested in Israel in August 2024 on U.S. charges related to dozens of LockBit ransomware attacks, has been extradited and appeared in a New Jersey federal court, authorities said.]]> 2025-03-14T15:36:37+00:00 https://therecord.media/lockbit-alleged-russian-developer-extradited-us-israel www.secnews.physaphae.fr/article.php?IdArticle=8655765 False Ransomware None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le programme canadien du CPCSC déploie les normes progressives de la cybersécurité pour renforcer la résilience de la défense nationale Canadian CPCSC program rolls out progressive cybersecurity standards to bolster national defense resilience The Canadian government has introduced the Canadian Program for Cyber Security Certification (CPCSC) to strengthen its cybersecurity posture.... ]]> 2025-03-14T15:13:17+00:00 https://industrialcyber.co/critical-infrastructure/canadian-cpcsc-program-rolls-out-progressive-cybersecurity-standards-to-bolster-national-defense-resilience/ www.secnews.physaphae.fr/article.php?IdArticle=8655764 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les services publics de l'eau obtiendraient une augmentation de la cybersécurité dans le cadre du projet de loi bipartite du Sénat Water utilities would get cybersecurity boost under bipartisan Senate bill La Cybersecurity for Rural Water Systems Act élargirait le programme de circuit de l'USDA \\.

>The Cybersecurity for Rural Water Systems Act would expand USDA\'s Circuit Rider Program. ]]> 2025-03-14T15:06:44+00:00 https://cyberscoop.com/rural-water-utilities-cybersecurity-senate-bill/ www.secnews.physaphae.fr/article.php?IdArticle=8655753 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité Meilleurs plugins WordPress pour la cybersécurité 2025 Best WordPress Plugins for Cybersecurity 2025 WordPress is a great platform for building websites, but it is also a common target for hackers. Keeping your website safe is important to protect your data, visitors, and business. Cybercrime is a growing problem, with 39% of UK businesses experiencing cyber attacks in 2023. Using security plugins can help reduce risks and keep your […] ]]> 2025-03-14T14:57:23+00:00 https://www.itsecurityguru.org/2025/03/14/best-wordpress-plugins-for-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=best-wordpress-plugins-for-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8655822 False None None 3.0000000000000000 Dark Reading - Informationweek Branch CISA réduit 10 millions de dollars de financement ISAC et des centaines d'employés CISA Cuts $10M in ISAC Funding & 100s of Employees President Trump has long complained about perceived threats to election security. Now his DHS has kneecapped the agencies designed to support it. Experts are worried about what comes next.]]> 2025-03-14T14:53:32+00:00 https://www.darkreading.com/remote-workforce/cisa-cuts-isac-funding-employees www.secnews.physaphae.fr/article.php?IdArticle=8655756 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Développeur de ransomware de verrouillage extradé vers nous LockBit Ransomware Developer Extradited to US US authorities have extradited Rostislav Panev on charges of being a developer of the notorious LockBit ransomware]]> 2025-03-14T14:30:00+00:00 https://www.infosecurity-magazine.com/news/lockbit-ransomware-developer/ www.secnews.physaphae.fr/article.php?IdArticle=8655754 False Ransomware None 1.00000000000000000000 Dark Reading - Informationweek Branch Les plus grandes cyber-menaces à l'industrie des soins de santé aujourd'hui Biggest Cyber Threats to the Healthcare Industry Today Healthcare organizations must enhance their cybersecurity arsenal. Doing so can help them prevent financial, compliance, and reputational damage.]]> 2025-03-14T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/biggest-cyber-threats-healthcare-industry-today www.secnews.physaphae.fr/article.php?IdArticle=8655747 False Medical None 3.0000000000000000 Global Security Mag - Site de news francais Programme de partenaire de sécurité de la sécurité des gardiens Keeper Security Upscales Partner Program Business News

Keeper Security Upscales Partner Program to Accelerate Growth for Channel Partners The Keeper Partner Program provides new training materials, incentives and resources to capitalize on the growing demand for privileged access management and drive revenue growth - Business News]]> 2025-03-14T13:49:53+00:00 https://www.globalsecuritymag.fr/keeper-security-upscales-partner-program.html www.secnews.physaphae.fr/article.php?IdArticle=8655745 False None None 2.0000000000000000 HackRead - Chercher Cyber Nouveau astuce d'escroquerie Microsoft 365 Phishing New Microsoft 365 Phishing Scam Tricks Users Into Calling Fake Support New Microsoft 365 phishing scam exploits fake support numbers to steal credentials. Learn how attackers bypass security and how to stay protected.]]> 2025-03-14T13:22:50+00:00 https://hackread.com/new-microsoft-365-phishing-scam-calling-fake-support/ www.secnews.physaphae.fr/article.php?IdArticle=8655744 False None None 3.0000000000000000 Global Security Mag - Site de news francais Keeper Security élargit son programme de partenariat Business]]> 2025-03-14T13:08:40+00:00 https://www.globalsecuritymag.fr/keeper-security-elargit-son-programme-de-partenariat.html www.secnews.physaphae.fr/article.php?IdArticle=8655746 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Au-delà du nuage | Comment les comptes Edge déverrouillent le plein potentiel de l'IoT \\ Beyond the Cloud | How Edge Computing is Unlocking IoT\\'s Full Potential L'Internet des objets (IoT) transforme des industries comme les soins de santé, la fabrication, les villes intelligentes et même les véhicules autonomes, ce qui rend notre vie quotidienne hyperconnectée. Mais à mesure que de plus en plus d'appareils se mettent en ligne, se fier uniquement sur le cloud computing peut entraîner des temps de réponse lents, des coûts de bande passante élevés et des risques de sécurité. L'infrastructure traditionnelle basée sur le cloud a du mal à répondre aux exigences du traitement des données en temps réel, de la faible latence et de la sécurité proactive et préventive. Avant de plonger, permettez-moi d'expliquer ce qu'est Edge Computing et comment il s'applique à l'IoT. En termes simples, les données de l'informatique de bord traitent les données là où elles sont générées au lieu de l'achever à la distance […]

>The Internet of Things (IoT) is transforming industries like healthcare, manufacturing, smart cities, and even autonomous vehicles-making our daily lives hyperconnected. But as more devices come online, relying solely on cloud computing can lead to slow response times, high bandwidth costs and security risks. The traditional cloud-based infrastructure struggles to keep up with the demands of real-time data processing, low latency, and proactive, preventative security. Before we dive in, let me explain what is edge computing is about and how it applies to IoT. Simply put, edge computing processes data right where it\'s generated instead of routing it to remote […] ]]> 2025-03-14T13:00:08+00:00 https://blog.checkpoint.com/innovation/how-edge-computing-is-unlocking-iots-full-potential/ www.secnews.physaphae.fr/article.php?IdArticle=8655743 False Medical,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch L'infra d'accès à distance reste la plus risquée Corp. Surface d'attaque Remote Access Infra Remains Riskiest Corp. Attack Surface Exposed login panels for VPNs and remote access systems leave companies open to attack, sometimes tripling the risk of ransomware and making it harder to get cyber insurance.]]> 2025-03-14T13:00:00+00:00 https://www.darkreading.com/cyber-risk/remote-access-infra-remains-riskiest-corp-attack-surface www.secnews.physaphae.fr/article.php?IdArticle=8655736 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain Ransomware Gang crée un outil pour automatiser les attaques de force brute VPN Ransomware gang creates tool to automate VPN brute-force attacks The Black Basta ransomware operation created an automated brute-forcing framework dubbed \'BRUTED\' to breach edge networking devices like firewalls and VPNs. [...]]]> 2025-03-14T12:55:10+00:00 https://www.bleepingcomputer.com/news/security/black-basta-ransomware-creates-automated-tool-to-brute-force-vpns/ www.secnews.physaphae.fr/article.php?IdArticle=8655772 False Ransomware,Tool None 3.0000000000000000 SecurityWeek - Security News Dans d'autres nouvelles: règles de divulgation de la violation suisse, ESP32 Chip Backdoor contesté, Massjacker In Other News: Swiss Breach Disclosure Rules, ESP32 Chip Backdoor Disputed, MassJacker Des histoires remarquables qui auraient pu glisser sous le radar: la Suisse nécessite la divulgation d'attaques d'infrastructures critiques, les puces ESP32 ne contiennent pas de portefeuille de chambre de chambre de porte dérobée.

>Noteworthy stories that might have slipped under the radar: Switzerland requires disclosure of critical infrastructure attacks, ESP32 chips don\'t contain a backdoor, MassJacker cryptojacking malware. ]]> 2025-03-14T12:41:00+00:00 https://www.securityweek.com/in-other-news-swiss-breach-disclosure-rules-esp32-chip-backdoor-disputed-massjacker/ www.secnews.physaphae.fr/article.php?IdArticle=8655734 False Malware None 3.0000000000000000 SecurityWeek - Security News Clickfix largement adopté par les cybercriminels, groupes APT ClickFix Widely Adopted by Cybercriminals, APT Groups La technique ClickFix a été utilisée par les groupes de cybercriminaux et les groupes APT pour l'information, voleur et autres déploiements de logiciels malveillants.

>The ClickFix technique has been employed by cybercrime and APT groups for information stealer and other malware deployment. ]]> 2025-03-14T12:29:24+00:00 https://www.securityweek.com/clickfix-widely-adopted-by-cybercriminals-apt-groups/ www.secnews.physaphae.fr/article.php?IdArticle=8655735 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Le secteur des télécommunications de l'Europe sous une menace accrue des cyber-espions, avertit le Danemark Europe\\'s telecoms sector under increased threat from cyber spies, warns Denmark State-sponsored cyber espionage is a bigger threat than ever to Europe\'s telecommunications networks, according to a new assessment from Denmark\'s government.]]> 2025-03-14T12:04:33+00:00 https://therecord.media/europe-increased-cyber-espionage-telecoms-denmark-report www.secnews.physaphae.fr/article.php?IdArticle=8655725 False Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Google refuse de nier qu'il a reçu l'ordre de chiffrement du gouvernement britannique Google refuses to deny it received encryption order from UK government U.S. lawmakers say Google has refused to deny that it received a Technical Capability Notice from the U.K. - a mechanism to access encrypted messages that Apple reportedly received.]]> 2025-03-14T11:45:06+00:00 https://therecord.media/google-refuses-to-deny-it-received-uk-tcn www.secnews.physaphae.fr/article.php?IdArticle=8655726 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New MassJacker Malware cible les utilisateurs de piratage, détournant les transactions de crypto-monnaie New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions Users searching for pirated software are the target of a new malware campaign that delivers a previously undocumented clipper malware called MassJacker, according to findings from CyberArk. Clipper malware is a type of cryware (as coined by Microsoft) that\'s designed to monitor a victim\'s clipboard content and facilitate cryptocurrency theft by substituting copied cryptocurrency wallet addresses]]> 2025-03-14T11:38:00+00:00 https://thehackernews.com/2025/03/new-massjacker-malware-targets-piracy.html www.secnews.physaphae.fr/article.php?IdArticle=8655682 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Obscure # Bat Malware utilise de fausses pages CAPTCHA pour déployer RootKit R77 et échapper à la détection OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It\'s currently not known who is behind the campaign. The rootkit "has the ability to cloak or mask any file, registry key or task]]> 2025-03-14T11:07:00+00:00 https://thehackernews.com/2025/03/obscurebat-malware-uses-fake-captcha.html www.secnews.physaphae.fr/article.php?IdArticle=8655674 False Malware,Threat None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Botnet de routeur TP-link TP-Link Router Botnet infecter TP-Link Routers: Le botnet peut conduire à une injection de commande qui rend ensuite possible l'exécution du code distant (RCE) afin que le malware puisse se propager automatiquement sur Internet. Cette faille de sécurité à haute gravité (suivie comme CVE-2023-1389 ) a également été utilisée pour répandre d'autres familles de dalware dès le 20 avril 2023 lorsqu'elle a été utilisée dans le ]]> 2025-03-14T11:02:58+00:00 https://www.schneier.com/blog/archives/2025/03/tp-link-router-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8655709 False Malware,Medical None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les fraudeurs ont usuré les ransomwares de clope pour extorquer les entreprises Fraudsters Impersonate Clop Ransomware to Extort Businesses Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data]]> 2025-03-14T11:00:00+00:00 https://www.infosecurity-magazine.com/news/fraudsters-clop-ransomware-extort/ www.secnews.physaphae.fr/article.php?IdArticle=8655716 False Ransomware,Threat None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial La FCC propose de nouveaux mandats de cybersécurité pour les opérateurs de câbles sous-marins dans une revue des règles majeures, recherche la contribution du public FCC proposes new cybersecurity mandates for submarine cable operators in major rule review, seeks public input The U.S. Federal Communications Commission (FCC) is conducting its first comprehensive review of submarine cable rules since 2001... ]]> 2025-03-14T10:55:47+00:00 https://industrialcyber.co/regulation-standards-and-compliance/fcc-proposes-new-cybersecurity-mandates-for-submarine-cable-operators-in-major-rule-review-seeks-public-input/ www.secnews.physaphae.fr/article.php?IdArticle=8655710 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial ForeScout détaille des ransomwares superblack exploitant les vulnérabilités critiques de Fortinet Forescout details SuperBlack ransomware exploiting critical Fortinet vulnerabilities Des chercheurs de ForeStcout Technologies «ForeScout Research - Vedere Labs a identifié une série d'intrusions exploitant deux vulnérabilités de Fortinet ...

>Researchers from Forescout Technologies‘ Forescout Research – Vedere Labs identified a series of intrusions exploiting two Fortinet vulnerabilities... ]]> 2025-03-14T10:51:57+00:00 https://industrialcyber.co/ransomware/forescout-details-superblack-ransomware-exploiting-critical-fortinet-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8655711 False Ransomware,Vulnerability None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Colortokens, partenaire Wipro pour stimuler la cyber-résilience avec une solution de sécurité pour les violations pour les entreprises mondiales ColorTokens, Wipro partner to boost cyber resilience with Breach Ready Security solution for global enterprises Colortokens Inc., une société mondiale de micro-alimentation d'entreprise, a annoncé jeudi un partenariat avec Wipro Limited, un service technologique ...

>ColorTokens Inc., a global enterprise microsegmentation company, announced on Thursday a partnership with Wipro Limited, a technology services... ]]> 2025-03-14T10:49:53+00:00 https://industrialcyber.co/news/colortokens-wipro-partner-to-boost-cyber-resilience-with-breach-ready-security-solution-for-global-enterprises/ www.secnews.physaphae.fr/article.php?IdArticle=8655712 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Emberot débute la version 3.2 avec des fonctionnalités de sécurité améliorées, des workflows rationalisés EmberOT debuts version 3.2 with improved security features, streamlined workflows EMBEROT, un fournisseur de solutions de surveillance des actifs et des réseaux industriels, a annoncé jeudi le lancement de la version 3.2 ....

>EmberOT, a provider of industrial asset and network monitoring solutions, announced on Thursday the launch of Version 3.2.... ]]> 2025-03-14T10:46:22+00:00 https://industrialcyber.co/news/emberot-debuts-version-3-2-with-improved-security-features-streamlined-workflows/ www.secnews.physaphae.fr/article.php?IdArticle=8655713 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial IEP-5010G ASROCK INDUSTRIAL \\ sécurise la certification IEC 62443-4-2 ASRock Industrial\\'s iEP-5010G secures IEC 62443-4-2 certification, leading in secure industrial edge computing ASROCK INDUSTRIAL, adhérant aux processus de cycle de vie du développement de la sécurité IEC 62443-4-1

>ASRock Industrial, adhering to IEC 62443-4-1 security development lifecycle processes, proudly announces that its iEP-5010G Industrial IoT controller... ]]> 2025-03-14T10:46:05+00:00 https://industrialcyber.co/isa-iec-62443/asrock-industrials-iep-5010g-secures-iec-62443-4-2-certification-leading-in-secure-industrial-edge-computing/ www.secnews.physaphae.fr/article.php?IdArticle=8655714 False Industrial None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Comment les équipes de sécurité devraient réagir à l'augmentation des divulgations de vulnérabilité How Security Teams Should Respond to the Rise in Vulnerability Disclosures In 2024, vulnerability disclosures hit an all-time high, with over 30,000 vulnerabilities recorded in the National Vulnerability Database (NVD). Unfortunately, we can expect these numbers to continue rising as the use of open source, GenAI, and software overall is ever-growing. As cyber threats grow more sophisticated, organizations are under immense pressure to identify and address [...]]]> 2025-03-14T10:44:09+00:00 https://informationsecuritybuzz.com/security-teams-respond-to-vulnerability-disclosures/ www.secnews.physaphae.fr/article.php?IdArticle=8655718 False Vulnerability None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial European Cybersecurity Certification: Celebrating achievements and exploring future horizons À la huitième édition de la conférence de certification, l'Agence européenne de l'Union pour la cybersécurité (EISA) célèbre le premier ...

>At the eighth edition of the certification conference, the European Union Agency for Cybersecurity (ENISA) celebrates the first... ]]> 2025-03-14T10:42:55+00:00 https://industrialcyber.co/news/european-cybersecurity-certification-celebrating-achievements-and-exploring-future-horizons/ www.secnews.physaphae.fr/article.php?IdArticle=8655715 True Conference None 3.0000000000000000 Korben - Bloger francais GAM.ONL - Des milliers de jeux rétro gratuits dans votre navigateur GamONL qui rassemble des tas de jeux rétro jouables en ligne. Comme ça, plutôt que de dépenser 70€ pour le énième remaster HD d’un jeu que vous avez déjà terminé 15 fois dans les années 90, vous pourrez y jouer gratuitement, comme à l’époque où la vie était belle et où votre plus gros souci était de souffler dans une cartouche. Créé visiblement par la même personne, il semblerait que ce soit une évolution de Retrogames.onl dont je vous ai déjà parlé.]]> 2025-03-14T10:30:00+00:00 https://korben.info/gam-onl-emulateur-retro-gratuit-navigateur.html www.secnews.physaphae.fr/article.php?IdArticle=8655702 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine L'industrie de la cybersécurité est à court de collaboration, explique l'ancien directeur du GCHQ Cybersecurity Industry Falls Short on Collaboration, Says Former GCHQ Director Sir Jeremy Fleming spoke during Palo Alto Networks\' Ignite event in London on March 13]]> 2025-03-14T10:15:00+00:00 https://www.infosecurity-magazine.com/news/cyber-industry-collaboration-gchq/ www.secnews.physaphae.fr/article.php?IdArticle=8655717 False None None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Quand il rencontre OT: Cybersecurity for the Physical World When IT meets OT: Cybersecurity for the physical world While relatively rare, real-world incidents impacting operational technology highlight that organizations in critical infrastructure can\'t afford to dismiss the OT threat]]> 2025-03-14T10:00:00+00:00 https://www.welivesecurity.com/en/critical-infrastructure/when-it-meets-ot-cybersecurity-physical-world/ www.secnews.physaphae.fr/article.php?IdArticle=8661306 False Threat,Industrial None 3.0000000000000000 Global Security Mag - Site de news francais Au-delà de la sauvegarde simple: cyber-résilience à l'ère moderne Beyond Simple Backup: Cyber Resilience in the Modern Era Opinion

Beyond Simple Backup: Cyber Resilience in the Modern Era - Opinion]]> 2025-03-14T08:17:30+00:00 https://www.globalsecuritymag.fr/beyond-simple-backup-cyber-resilience-in-the-modern-era.html www.secnews.physaphae.fr/article.php?IdArticle=8655695 False None None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Microsoft découvre la nouvelle variante de logiciels malveillants XCSset macOS ciblant les projets Microsoft Uncovers New XCSSET macOS Malware Variant Targeting Xcode Projects Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that targets Xcode projects. The malware was found in the wild during routine threat hunting and is the first known XCSSET variant to surface since 2022. This new version of XCSSET features stronger obfuscation methods, updated techniques to maintain persistence [...]]]> 2025-03-14T06:11:18+00:00 https://informationsecuritybuzz.com/microsoft-uncover-xcsset-macos-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8655681 False Malware,Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Deepseek peut être maltraité pour créer des logiciels malveillants DeepSeek Can Be Abused to Create Malware In a recent investigation, Tenable researchers explored how DeepSeek, a large language model (LLM) built by a Chinese company, can be exploited to generate malware, including keyloggers and ransomware, despite its initial refusal to engage in harmful activities. Unlike popular AI models like GPT-4 or Claude, DeepSeek is fully open-source, so anyone can download and [...]]]> 2025-03-14T06:03:40+00:00 https://informationsecuritybuzz.com/deepseek-can-be-abused-to-create-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8655671 False Ransomware,Malware None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Volt Typhoon trouvé à l'intérieur du Massachusetts Electric Utility pendant près d'un an Volt Typhoon Found Inside Massachusetts Electric Utility for Nearly a Year Industrial cybersecurity firm Dragos has revealed that a small electric and water utility in Massachusetts was breached by a sophisticated Chinese Advanced Persistent Threat (APT) group for over 300 days. The attack targeted Littleton Electric Light and Water Departments (LELWD), which serves the towns of Littleton and Boxborough. According to a Dragos case study, the [...]]]> 2025-03-14T05:30:55+00:00 https://informationsecuritybuzz.com/volt-typhoon-fo-massachusetts-electric/ www.secnews.physaphae.fr/article.php?IdArticle=8655672 False Threat,Studies,Industrial Guam 4.0000000000000000 Recorded Future - FLux Recorded Future L'attaque de ransomware élimine le réseau de systèmes de santé en Micronésie Ransomware attack takes down health system network in Micronesia One of the four states that make up the Pacific nation of Micronesia is battling against ransomware hackers who have forced all of the computers used by its government health agency offline.]]> 2025-03-14T02:04:48+00:00 https://therecord.media/ransomware-attack-micronesia-health-system www.secnews.physaphae.fr/article.php?IdArticle=8655646 False Ransomware None 3.0000000000000000 HackRead - Chercher Cyber AI Chatbot Deepseek R1 peut être manipulé pour créer des logiciels malveillants AI Chatbot DeepSeek R1 Can Be Manipulated to Create Malware Tenable Research reveals that AI chatbot DeepSeek R1 can be manipulated to generate keyloggers and ransomware code. While…]]> 2025-03-14T00:51:27+00:00 https://hackread.com/ai-chatbot-deepseek-r1-manipulated-to-create-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8655639 False Ransomware,Malware None 2.0000000000000000 Microsoft - Microsoft Security Response Center Annonce des gagnants du défi injectable adaptatif (LLMail Inject) Announcing the winners of the Adaptive Prompt Injection Challenge (LLMail-Inject) We are excited to announce the winners of LLMail-Inject, our first Adaptive Prompt Injection Challenge! The challenge ran from December 2024 until February 2025 and was featured as one of the four official competitions of the 3rd IEEE Conference on Secure and Trustworthy Machine Learning (IEEE SaTML). The overall aims of this challenge were to advance the state-of-the-art defenses against indirect prompt injection attacks and to broaden awareness of these new techniques.]]> 2025-03-14T00:00:00+00:00 https://msrc.microsoft.com/blog/2025/03/announcing-the-winners-of-the-adaptive-prompt-injection-challenge-llmail-inject/ www.secnews.physaphae.fr/article.php?IdArticle=8655806 False Conference None 3.0000000000000000 Silicon - Site de News Francais Joaquin Fuentes, Field CISO de GitLab : " La maîtrise du "prompt engineering" devient essentielle pour tester les garde-fous des systèmes d\'IA " 2025-03-14T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/joaquin-fuentes-ciso-maitrise-prompt-engineering-essentielle-468967.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8655762 False Threat None 3.0000000000000000 Intigrity - Blog Intigriti Bug Bytes #222 - March 2025 🚀 2025-03-14T00:00:00+00:00 https://www.intigriti.com/researchers/blog/bug-bytes/intigriti-bug-bytes-222-march-2025 www.secnews.physaphae.fr/article.php?IdArticle=8655763 False None None 2.0000000000000000 The Register - Site journalistique Anglais Google glisse le terminal intégré, Debian Linux VM dans Android 15 March Fonction Drop Google slips built-in terminal, Debian Linux VM into Android 15 March feature drop Try it out now on Pixel phones for some penguin on penguin fun The March "feature drop" for Android 15 on Google Pixel devices includes an optional Linux session.…]]> 2025-03-13T22:05:17+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/13/android_15_linux_debian_terminal/ www.secnews.physaphae.fr/article.php?IdArticle=8655622 True Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Obscure # Bat malware met en évidence les risques de crochet API OBSCURE#BAT Malware Highlights Risks of API Hooking Researchers discovered an attack chain that uses several layers of obfuscated batch files and PowerShell scripts to deliver an advanced and persistent rootkit.]]> 2025-03-13T21:22:29+00:00 https://www.darkreading.com/vulnerabilities-threats/obscurebat-malware-highlights-api-hooking www.secnews.physaphae.fr/article.php?IdArticle=8655624 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch FBI, la CISA stimule les alarmes à mesure que les attaques de ransomware Medusa augmentent FBI, CISA Raise Alarms As Medusa Ransomware Attacks Grow Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.]]> 2025-03-13T21:15:09+00:00 https://www.darkreading.com/cyberattacks-data-breaches/fbi-cisa-alarmed-medusa-ransomware-attacks-grow www.secnews.physaphae.fr/article.php?IdArticle=8655625 False Ransomware,Medical None 2.0000000000000000 HackRead - Chercher Cyber Le FBI et la CISA ont envie de permettre au 2FA de contrer les ransomwares de méduse FBI and CISA Urge Enabling 2FA to Counter Medusa Ransomware FBI and CISA warn of Medusa ransomware attacks impacting critical infrastructure. Learn about Medusa’s tactics, prevention tips, and…]]> 2025-03-13T21:00:50+00:00 https://hackread.com/fbi-cisa-urge-enabling-2fa-counter-medusa-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8655616 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft met en garde contre la campagne de phishing Clickfix ciblant le secteur de l'hôtellerie via une fausse réservation [.] Com e-mails Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails Microsoft has shed light on an ongoing phishing campaign that targeted the hospitality sector by impersonating online travel agency Booking.com using an increasingly popular social engineering technique called ClickFix to deliver credential-stealing malware. The activity, the tech giant said, started in December 2024 and operates with the end goal of conducting financial fraud and theft. It\'s]]> 2025-03-13T20:56:00+00:00 https://thehackernews.com/2025/03/microsoft-warns-of-clickfix-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8655583 False Malware None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les États-Unis doivent hiérarchiser la formation de cybersécurité pour les ingénieurs militaires US must prioritize cybersecurity training for the military\\'s engineers The Defense Department faces a startling capability gap. ]]> 2025-03-13T20:29:50+00:00 https://defensescoop.com/2025/03/13/prioritize-cybersecurity-training-military-engineers/ www.secnews.physaphae.fr/article.php?IdArticle=8655614 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Scarcruft de la Corée du Nord déploie des logiciels malveillants kospys, espionnant les utilisateurs d'Android via de fausses applications utilitaires North Korea\\'s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps The North Korea-linked threat actor known as ScarCruft is said to have been behind a never-before-seen Android surveillance tool named KoSpy targeting Korean and English-speaking users. Lookout, which shared details of the malware campaign, said the earliest versions date back to March 2022. The most recent samples were flagged in March 2024. It\'s not clear how successful these efforts were. "]]> 2025-03-13T19:53:00+00:00 https://thehackernews.com/2025/03/north-koreas-scarcruft-deploys-kospy.html www.secnews.physaphae.fr/article.php?IdArticle=8655561 False Malware,Tool,Threat,Mobile APT 37 2.0000000000000000 Recorded Future - FLux Recorded Future Le législateur européen dit que l'UE s'est engagée à poursuivre les transferts de données pour nous European lawmaker says EU is committed to continuing data transfers to US Experts have speculated that under the Trump administration an agreement which safeguards the flow of commercial data between Europe and the U.S. could be under threat.]]> 2025-03-13T19:20:05+00:00 https://therecord.media/lawmaker-data-transfer-us-mcgrath www.secnews.physaphae.fr/article.php?IdArticle=8655608 False Threat,Commercial None 3.0000000000000000 HackRead - Chercher Cyber Ransomware atteint un record: 126% de surtension des attaques en février 2025 Ransomware Hits Record High: 126% Surge in Attacks in February 2025 February 2025 saw a record 126% surge in ransomware attacks, with Cl0p leading the charge. Hackers exploited file…]]> 2025-03-13T19:07:39+00:00 https://hackread.com/ransomware-attacks-hit-record-high-in-february-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8655601 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Github découvre les nouvelles vulnérabilités Ruby-SAML permettant aux attaques de rachat de compte GitHub Uncovers New ruby-saml Vulnerabilities Allowing Account Takeover Attacks Two high-severity security flaws have been disclosed in the open-source ruby-saml library that could allow malicious actors to bypass Security Assertion Markup Language (SAML) authentication protections. SAML is an XML-based markup language and open-standard used for exchanging authentication and authorization data between parties, enabling features like single sign-on (SSO), which allows]]> 2025-03-13T17:56:00+00:00 https://thehackernews.com/2025/03/github-uncovers-new-ruby-saml.html www.secnews.physaphae.fr/article.php?IdArticle=8655548 False Vulnerability None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial US FCC lance le Conseil pour la sécurité nationale pour lutter contre les adversaires étrangers, se concentrer sur la Chine US FCC launches Council for National Security to combat foreign adversaries, focus on China The U.S. Federal Communications Commission (FCC) revealed the creation of a new Council for National Security within the... ]]> 2025-03-13T17:27:06+00:00 https://industrialcyber.co/critical-infrastructure/us-fcc-launches-council-for-national-security-to-combat-foreign-adversaries-focus-on-china/ www.secnews.physaphae.fr/article.php?IdArticle=8655591 False None None 3.0000000000000000 Korben - Bloger francais La Super Nintendo devient plus rapide en vieillissant (et on n\'y comprend rien) 2025-03-13T17:25:39+00:00 https://korben.info/super-nintendo-acceleration-mystere-console-retro.html www.secnews.physaphae.fr/article.php?IdArticle=8655581 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Volt Typhoon a accédé à US OT Network pendant près d'un an Volt Typhoon Accessed US OT Network for Nearly a Year Volt Typhoon\'s ten-month intrusion of Littleton Electric Light and Water Departments exposes vulnerabilities in the US electric grid]]> 2025-03-13T17:15:00+00:00 https://www.infosecurity-magazine.com/news/volt-typhoon-threatens-us-ot/ www.secnews.physaphae.fr/article.php?IdArticle=8655593 False Vulnerability,Industrial Guam 3.0000000000000000 Dark Reading - Informationweek Branch Les groupes de consommateurs poussent la facture de sécurité IoT pour répondre aux préoccupations de l'EOL Consumer Groups Push IoT Security Bill to Address EoL Concerns Consumer Reports, Secure Resilient Future Foundation (SRFF) and US Public Interest Research Group (PIRG) introduced a model bill to increase transparency around Internet of Things that have reached end-of-life status.]]> 2025-03-13T16:39:02+00:00 https://www.darkreading.com/iot/consumer-groups-rally-to-address-iot-security-concerns www.secnews.physaphae.fr/article.php?IdArticle=8655737 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Campagne de phishing usurper la réservation.com cible le secteur de l'hôtellerie avec malware Phishing campaign impersonating Booking.com targets hospitality sector with malware Cybercriminals are sending malicious emails to hospitality employees who are likely to work with Booking.com.]]> 2025-03-13T16:35:32+00:00 https://therecord.media/booking-phishing-hotels-malware-campaign www.secnews.physaphae.fr/article.php?IdArticle=8655582 False Malware None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine CISA, FBI avertit que les ransomwares de méduse ont un impact sur l'infrastructure critique CISA, FBI Warn of Medusa Ransomware Impacting Critical Infrastructure CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics]]> 2025-03-13T16:30:00+00:00 https://www.infosecurity-magazine.com/news/cisa-fbi-warn-medusa-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8655584 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Continuité des activités à l'épreuve du futur: Tendances et défis du BCDR pour 2025 Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025 As IT environments grow more complex, IT professionals are facing unprecedented pressure to secure business-critical data. With hybrid work the new standard and cloud adoption on the rise, data is increasingly distributed across different environments, providers and locations, expanding the attack surface for emerging cyberthreats. While the need for a strong data protection strategy has become]]> 2025-03-13T16:30:00+00:00 https://thehackernews.com/2025/03/bcdr-2025-trends-and-challenges-for-msps-and-it-teams.html www.secnews.physaphae.fr/article.php?IdArticle=8655528 False Cloud None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain RIP Mark Klein morte .

2006 AT&T whistleblower Mark Klein has died.]]> 2025-03-13T16:12:58+00:00 https://www.schneier.com/blog/archives/2025/03/rip-mark-klein.html www.secnews.physaphae.fr/article.php?IdArticle=8655580 False None None 1.00000000000000000000 SecureMac - Security focused on MAC Liste de contrôle 414: Meta et Apple pensent aux enfants Checklist 414: Meta and Apple Think of the Children Les cybercriminels utilisent le courrier physique pour les escroqueries de logiciels malveillants et les fausses demandes de ransomwares, exploitant la confiance dans les lettres tout en risquant les charges fédérales.

>Cybercriminals are using physical mail for malware scams and fake ransomware demands, exploiting trust in letters while risking federal charges. ]]> 2025-03-13T16:02:29+00:00 https://www.securemac.com/news/checklist-414-meta-and-apple-think-of-the-children www.secnews.physaphae.fr/article.php?IdArticle=8655567 False Ransomware,Malware None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Déverrouiller l'expédition de journaux sans couture via l'intégration avec Microsoft Sentinel Unlock Seamless Log Shipping via Integration with Microsoft Sentinel Dans le paysage de sécurité d'aujourd'hui, la visibilité et les informations en temps réel sur les données de votre organisation sont essentielles pour la chasse aux menaces et la gestion des incidents efficaces. Pour répondre à ces besoins, NetSkope a développé une intégration native avec Microsoft Sentinel en utilisant les organisations de plate-forme de connecteur sans code pour diffuser facilement toutes les alertes CASB, les incidents DLP et les journaux de menaces dans SIEM de Cloud-Native de Microsoft \\. […]

>In today\'s security landscape, visibility and real-time insights into your organization\'s data are critical for effective threat hunting and incident management. To meet these needs, Netskope has developed a native integration with Microsoft Sentinel using the Codeless Connector Platform-allowing organizations to easily stream all CASB alerts, DLP incidents, and threat logs into Microsoft\'s cloud-native SIEM. […] ]]> 2025-03-13T15:59:19+00:00 https://www.netskope.com/blog/unlock-seamless-log-shipping-via-integration-with-microsoft-sentinel www.secnews.physaphae.fr/article.php?IdArticle=8655568 False Threat None 3.0000000000000000 HackRead - Chercher Cyber Base de données HealthTech a exposé 108 Go de dossiers médicaux et d'emploi HealthTech Database Exposed 108GB Medical and Employment Records A misconfigured database exposed 108.8 GB of sensitive data, including information on over 86,000 healthcare workers affiliated with…]]> 2025-03-13T15:53:55+00:00 https://hackread.com/healthtech-database-exposed-medical-employment-records/ www.secnews.physaphae.fr/article.php?IdArticle=8655572 False Medical None 3.0000000000000000 TroyHunt - Blog Security Google apporte chaque jeu Android à Windows dans une grande mise à jour de jeu Google is bringing every Android game to Windows in big gaming update Google has big plans for gaming in 2025.]]> 2025-03-13T15:45:05+00:00 https://arstechnica.com/gadgets/2025/03/at-gdc-google-promises-more-pc-games-on-android-more-android-games-on-pc/ www.secnews.physaphae.fr/article.php?IdArticle=8655579 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Guardz Reveals Details of an Ongoing Phishing Campaign Exploiting Microsoft 365 Infrastructure Malware Update]]> 2025-03-13T15:04:32+00:00 https://www.globalsecuritymag.fr/guardz-reveals-details-of-an-ongoing-phishing-campaign-exploiting-microsoft-365.html www.secnews.physaphae.fr/article.php?IdArticle=8655570 False None None 3.0000000000000000 The Register - Site journalistique Anglais Que \\ 'en colère \\' e-mail de booking.com? C'est une arnaque, pas une revue 1 étoile That \\'angry guest\\' email from Booking.com? It\\'s a scam, not a 1-star review 2025-03-13T15:02:01+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/13/bookingdotcom_phishing_campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8655559 False Malware,Threat None 1.00000000000000000000 IndustrialCyber - cyber risk firms for industrial Claroty explore les protocoles de débogage de Windows CE dans des environnements OT, découvre les vulnérabilités cachées Claroty explores Windows CE debugging protocols in OT environments, uncovers hidden vulnerabilities In the second part of its four-part series on analysis of the Windows CE attack surface, a legacy... ]]> 2025-03-13T15:01:38+00:00 https://industrialcyber.co/system-design-architecture/claroty-explores-windows-ce-debugging-protocols-in-ot-environments-uncovers-hidden-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8655558 False Vulnerability,Industrial None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine \Ret \\'ClickFix\\' Phishing Scam Impersonates Booking.com to Target Hospitality Microsoft said the ongoing phishing campaign is designed to infect hospitality firms with multiple credential-stealing malware]]> 2025-03-13T15:00:00+00:00 https://www.infosecurity-magazine.com/news/clickfix-phishing-scam-booking/ www.secnews.physaphae.fr/article.php?IdArticle=8655569 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Les appels augmentent pour le Royaume-Uni pour déplacer l'audience secrète du tribunal de cryptage Apple à la session publique Calls grow for UK to move secret Apple encryption court hearing to public session In a joint letter on Thursday to Lord Justice Singh, a collection of British civil liberties groups asked him to use his discretion to open the hearing to the public, arguing that doing so would not prejudice national security.]]> 2025-03-13T14:59:53+00:00 https://therecord.media/calls-grow-uk-secret-apple-court-encryption-public www.secnews.physaphae.fr/article.php?IdArticle=8655556 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future L'Ukraine cherche à renforcer les cyber-capacités offensives au milieu des menaces croissantes de la Russie Ukraine seeks to bolster offensive cyber capabilities amid rising threats from Russia A senior Ukrainian national security figure said the country is working on strengthening its offensive cyber capacity and is encouraging its European partners to join these efforts.]]> 2025-03-13T14:40:36+00:00 https://therecord.media/ukraine-russia-cyber-offensive-bolster www.secnews.physaphae.fr/article.php?IdArticle=8655557 False None None 2.0000000000000000 HackRead - Chercher Cyber Nouveau obscure # MALWORES MALWORES cible les utilisateurs avec de faux captchas New OBSCURE#BAT Malware Targets Users with Fake Captchas OBSCURE#BAT malware campaign exploits social engineering & fake software downloads to evade detection, steal data and persist on…]]> 2025-03-13T14:00:39+00:00 https://hackread.com/new-obscurebat-malware-targets-users-fake-captchas/ www.secnews.physaphae.fr/article.php?IdArticle=8655546 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Salt Typhoon: un réveil pour les infrastructures critiques Salt Typhoon: A Wake-up Call for Critical Infrastructure The Salt Typhoon attacks underscored the need for unity, innovation, and resilience in the face of an increasingly sophisticated cyber-threat landscape.]]> 2025-03-13T14:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/salt-typhoon-wake-up-call-critical-infrastructure www.secnews.physaphae.fr/article.php?IdArticle=8655549 False None None 2.0000000000000000 Zimperium - cyber risk firms for mobile Enhancing Mobile Security: Zimperium and CrowdStrike Expand Strategic Partnership Zimperium et Crowdstrike ont élargi leur partenariat, intégrant la défense des menaces mobiles de Zimperium (MTD) avec Crowdstrike Falcon® Next-Gen Siem.

>Zimperium and CrowdStrike have expanded their partnership, integrating Zimperium\'s Mobile Threat Defense (MTD) with CrowdStrike Falcon® Next-Gen SIEM. ]]> 2025-03-13T14:00:00+00:00 https://www.zimperium.com/blog/enhancing-mobile-security-zimperium-and-crowdstrike-expand-strategic-partnership/ www.secnews.physaphae.fr/article.php?IdArticle=8655537 False Threat,Mobile None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment bloquer les numéros privés How to block private numbers 2025-03-13T13:52:46+00:00 https://blog.incogni.com/how-to-block-private-numbers/ www.secnews.physaphae.fr/article.php?IdArticle=8655547 False None None 2.0000000000000000 Global Security Mag - Site de news francais Les outils RMM, nouvelle arme de choix des cybercriminels - Recherche Proofpoint Malwares]]> 2025-03-13T13:49:23+00:00 https://www.globalsecuritymag.fr/les-outils-rmm-nouvelle-arme-de-choix-des-cybercriminels-recherche-proofpoint.html www.secnews.physaphae.fr/article.php?IdArticle=8655541 False Tool None 2.0000000000000000 Global Security Mag - Site de news francais Cohesity a annoncé une collaboration élargie avec Red Hat Cohesity announced an expanded collaboration with Red Hat Business News

Cohesity Enhances Data Protection and Cyber Resilience for Red Hat OpenShift Virtualization Workloads Cohesity Expands Collaboration with Red Hat Across Cohesity DataProtect and NetBackup The Market Share Leader in Data Protection Software Enables Red Hat OpenShift Customers to Scale and Protect Their Virtual Machine Workloads - Business News]]> 2025-03-13T13:42:11+00:00 https://www.globalsecuritymag.fr/cohesity-announced-an-expanded-collaboration-with-red-hat.html www.secnews.physaphae.fr/article.php?IdArticle=8655542 False None None 2.0000000000000000 Global Security Mag - Site de news francais Certification européenne de cybersécurité: célébrer les réalisations et explorer les futurs horizons European Cybersecurity Certification: Celebrating achievements and exploring future horizons enisa / / cybersecurite_home_gauche

European Cybersecurity Certification: Celebrating achievements and exploring future horizons European Cybersecurity Certification: Celebrating achievements and exploring future horizons | ENISA At the eighth edition of the certification conference, the European Union Agency for Cybersecurity celebrates the first accredited Conformity Assessment Bodies for the EU Cybersecurity Certification scheme on Common Criteria (EUCC). - ENISA / cybersecurite_home_gauche]]> 2025-03-13T13:40:08+00:00 https://www.globalsecuritymag.fr/european-cybersecurity-certification-celebrating-achievements-and-exploring.html www.secnews.physaphae.fr/article.php?IdArticle=8655543 False Conference None 2.0000000000000000 CyberSecurityVentures - cybersecurity services La question de 10 billions de dollars: le cyber-czar de l'Amérique peut-il réduire l'écart des compétences? The $10 Trillion Question: Can America\\'s Cyber Czar Shrink The Skills Gap? This week in cybersecurity from the editors at Cybercrime Magazine Sausalito, Calif. – Mar. 13, 2025 In Apr. 2019, Kristi Noem, Governor of South Dakota at the time, and now U.S. Secretary of Homeland Security (DHS), wrote that “the cost of cyberattacks is climbing, and ]]> 2025-03-13T13:36:30+00:00 https://cybersecurityventures.com/the-10-trillion-question-can-americas-cyber-czar-shrink-the-skills-gap/ www.secnews.physaphae.fr/article.php?IdArticle=8655538 False None None 3.0000000000000000 knowbe4 - cybersecurity services Rendez vos vrais e-mails moins Phishy Make Your Real Emails Less Phishy

]]> 2025-03-13T13:14:05+00:00 https://blog.knowbe4.com/make-your-real-emails-less-phishy www.secnews.physaphae.fr/article.php?IdArticle=8655539 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Une étape importante dans la formation pratique de la cybersécurité: le premier défi mondial de cyber-gamme de SecureAacademy \\ A Milestone in Hands-On Cyber Security Training: SecureAcademy\\'s First Global Cyber Range Challenge SecureAacademy a récemment organisé son tout premier Cyber Range Challenge, un événement virtuel conçu pour offrir aux étudiants et aux amateurs de cybersécurité avec une expérience pratique et pratique du monde. Avec les participants de 11 pays et 12 établissements universitaires, l'événement a présenté le pouvoir de l'apprentissage immersif en utilisant l'une des expériences gamifiées de Cyber Park \\ pour préparer la prochaine génération de cyber-défenseurs. Ces expériences incluent l'équipe rouge de l'équipe rouge, les cyber-gammes de style CTF et les salles d'évasion d'introduction. Les cyber-gammes servent de «simulateur de vol» aux professionnels de la cybersécurité, fournissant un environnement gamifié et réaliste pour tester et affiner leurs compétences. SecureAacademy, qui fait partie des services mondiaux Infinity aux côtés de Cyber […]

>SecureAcademy recently hosted its first-ever Global Cyber Range Challenge, a virtual event designed to provide cyber security students and enthusiasts with real-world, hands-on experience. With participants from 11 countries and 12 academic institutions, the event showcased the power of immersive learning using one of Cyber Park\'s gamified experiences to prepare the next generation of cyber defenders. These experiences include Red Team-Blue Team, CTF-style cyber ranges, and introductory escape rooms. The cyber ranges serve as a “flight simulator” for cyber security professionals, providing a gamified, lifelike environment to test and refine their skills. SecureAcademy, part of Infinity Global Services alongside Cyber […] ]]> 2025-03-13T13:00:29+00:00 https://blog.checkpoint.com/infinity-global-services/a-milestone-in-hands-on-cyber-security-training-secureacademys-first-global-cyber-range-challenge/ www.secnews.physaphae.fr/article.php?IdArticle=8655540 False None None 3.0000000000000000 The Register - Site journalistique Anglais Deepseek peut être doucement persuadé de cracher du code de logiciel malveillant DeepSeek can be gently persuaded to spit out malware code It might need polishing, but a useful find for any budding cybercrooks out there DeepSeek\'s flagship R1 model is capable of generating a working keylogger and basic ransomware code, just as long as a techie is on hand to tinker with it a little.…]]> 2025-03-13T13:00:09+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/13/deepseek_malware_code/ www.secnews.physaphae.fr/article.php?IdArticle=8655531 False Ransomware,Malware None 3.0000000000000000 SecurityWeek - Security News Capacités de génération de logiciels malveillants Deepseek \\ DeepSeek\\'s Malware-Generation Capabilities Put to Test Researchers have analyzed the ability of the Chinese gen-AI DeepSeek to create malware such as ransomware and keyloggers. ]]> 2025-03-13T13:00:00+00:00 https://www.securityweek.com/deepseeks-malware-generation-capabilities-put-to-test/ www.secnews.physaphae.fr/article.php?IdArticle=8655523 False Ransomware,Malware None 3.0000000000000000 SecurityWeek - Security News Les pirates nord-coréens ont distribué des logiciels espions Android via Google Play North Korean Hackers Distributed Android Spyware via Google Play L'APT37 lié à la Corée du Nord a été observé ciblant les utilisateurs d'Android avec des logiciels espions distribués via Google Play.

>The North Korea-linked APT37 has been observed targeting Android users with spyware distributed via Google Play. ]]> 2025-03-13T12:58:55+00:00 https://www.securityweek.com/north-korean-hackers-distributed-android-spyware-via-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8655524 False Mobile APT 37 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Mandiant découvre les déambulations personnalisées sur les routeurs Juniper Junos OS, liés au groupe d'espionnage chinois UNC3886 Mandiant uncovers custom backdoors on Juniper Junos OS routers, linked to Chinese espionage group UNC3886 Researchers from Mandiant identified that threat actors have been deploying custom backdoors on Juniper Networks\' Junos OS routers... ]]> 2025-03-13T12:58:00+00:00 https://industrialcyber.co/critical-infrastructure/mandiant-uncovers-custom-backdoors-on-juniper-junos-os-routers-linked-to-chinese-espionage-group-unc3886mandiant-uncovers-custom-backdoors-on-juniper-junos-os-routers-linked-to-chinese-espionage-grou/ www.secnews.physaphae.fr/article.php?IdArticle=8655527 False Threat None 2.0000000000000000 BHconsulting - Consulting Embauche - consultant technique en cybersécurité Hiring – Technical Cybersecurity Consultant BH Consulting est une société de conseil en cybersécurité et en protection des données dynamique et rapide. Nous fournissons une gamme de services de sécurité de l'information sur le marché axée sur la cybersécurité, la gestion des cyber-risques, l'ISO 27001 et la protection des données. Nous avons un large éventail de clients, des organisations du secteur privé et public à de grandes organisations multinationales mondiales - avec des bureaux ...

>BH Consulting is a dynamic and fast-paced cybersecurity and data protection consulting firm. We provide a market leading range of information security services focused on cybersecurity, cyber risk management, ISO 27001, and data protection. We have a wide range of clients from private and public sector organisations to large global multinational organisations - with offices ... ]]> 2025-03-13T12:52:21+00:00 https://bhconsulting.ie/hiring-technical-cybersecurity-consultant-2/ www.secnews.physaphae.fr/article.php?IdArticle=8655522 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta met en garde contre la vulnérabilité Freetype (CVE-2025-27363) avec un risque d'exploitation actif Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk Meta has warned that a security vulnerability impacting the FreeType open-source font rendering library may have been exploited in the wild. The vulnerability has been assigned the CVE identifier CVE-2025-27363, and carries a CVSS score of 8.1, indicating high severity. Described as an out-of-bounds write flaw, it could be exploited to achieve remote code execution when parsing certain font]]> 2025-03-13T12:43:00+00:00 https://thehackernews.com/2025/03/meta-warns-of-freetype-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8655476 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AVERTISSEMENT: le certificat racine expiré peut désactiver les modules complémentaires de Firefox, les fonctionnalités de sécurité et la lecture DRM WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback Browser maker Mozilla is urging users to update their Firefox instances to the latest version to avoid facing issues with using add-ons due to the impending expiration of a root certificate. "On March 14, 2025, a root certificate used to verify signed content and add-ons for various Mozilla projects, including Firefox, will expire," Mozilla said. "Without updating to Firefox]]> 2025-03-13T12:38:00+00:00 https://thehackernews.com/2025/03/warning-expiring-root-certificate-may.html www.secnews.physaphae.fr/article.php?IdArticle=8655477 False None None 2.0000000000000000 Dark Reading - Informationweek Branch F5 intègre la sécurité et le réseautage de l'API pour aborder l'assaut de l'IA F5 Integrates API Security and Networking to Address AI Onslaught The new The F5 Application Delivery Controller and Security Platform combines BIG-IP, NGNIX and Distributed Cloud Services and new AI Gateway and AI Assistants.]]> 2025-03-13T12:31:50+00:00 https://www.darkreading.com/endpoint-security/f5-api-security-networking-ai-onslaught www.secnews.physaphae.fr/article.php?IdArticle=8655530 False Cloud None 2.0000000000000000 Recorded Future - FLux Recorded Future Dans la principale cyber-conférence de l'Ukraine \\, l'Europe occupe le devant de la scène At Ukraine\\'s major cyber conference, Europe takes center stage over US The 2025 Kyiv International Cyber Resilience Forum looked and sounded different as European governments and cyber companies filled a void left by the Trump administration.]]> 2025-03-13T12:08:56+00:00 https://therecord.media/kyiv-cyber-conference-europe-center-stage-over-us www.secnews.physaphae.fr/article.php?IdArticle=8655525 False Conference None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine La complexité technologique met en danger la cybersécurité britannique Tech Complexity Puts UK Cybersecurity at Risk Palo Alto Networks found that nearly two-thirds of UK organizations cited technology complexity as the most significant challenge towards building a sophisticated security posture]]> 2025-03-13T12:00:00+00:00 https://www.infosecurity-magazine.com/news/tech-complexity-uk-cyber-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8655516 False None None 1.00000000000000000000 Cyble - CyberSecurity Firm Apple publie des mises à jour de sécurité et des réponses de sécurité rapide pour mars 2025 Apple Releases Security Updates and Rapid Security Responses for March 2025 2025-03-13T11:35:12+00:00 https://cyble.com/blog/apple-releases-security-updates-and-rapid-security-responses-for-march-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8655515 False Vulnerability,Mobile None 3.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Doxxing est-il illégal? Is Doxxing Illegal? 2025-03-13T11:21:42+00:00 https://blog.incogni.com/is-doxxing-illegal/ www.secnews.physaphae.fr/article.php?IdArticle=8655514 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Clickfix Attack fournit des infostelleurs, des rats dans de faux e-mails Booking.com ClickFix attack delivers infostealers, RATs in fake Booking.com emails Microsoft is warning that an ongoing phishing campaign impersonating Booking.com is using ClickFix social engineering attacks to infect hospitality workers with various malware, including infostealers and RATs. [...]]]> 2025-03-13T11:00:00+00:00 https://www.bleepingcomputer.com/news/security/clickfix-attack-delivers-infostealers-rats-in-fake-bookingcom-emails/ www.secnews.physaphae.fr/article.php?IdArticle=8655555 False Malware None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine L'investissement en VC dans les cyber-startups augmente de 35% VC Investment in Cyber Startups Surges 35% VC firms invested 35% more in cybersecurity startups in North America and Europe in Q4 2024 than a year previously]]> 2025-03-13T10:45:00+00:00 https://www.infosecurity-magazine.com/news/vc-investment-cyber-startups/ www.secnews.physaphae.fr/article.php?IdArticle=8655503 False None None 2.0000000000000000 Korben - Bloger francais DuckDB UI - L\'arme secrète de l\'analyse de données Bon, je vous ai déjà parlé de DuckDB, un moteur SQL embarqué de haute performance, conçu pour l’analyse de données qui se distingue par:]]> 2025-03-13T10:41:48+00:00 https://korben.info/duckdb-ui-interface-sql-analyse-donnees.html www.secnews.physaphae.fr/article.php?IdArticle=8655545 False None None 2.0000000000000000 HackRead - Chercher Cyber INE Security Alert: Utilisation de la formation de cybersécurité dirigée par l'IA pour contrer les menaces émergentes INE Security Alert: Using AI-Driven Cybersecurity Training to Counter Emerging Threats Cary, North Carolina, 13th March 2025, CyberNewsWire]]> 2025-03-13T10:15:21+00:00 https://hackread.com/ine-security-alert-using-ai-driven-cybersecurity-training-to-counter-emerging-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8655506 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le Royaume-Uni ICO tire le RGPD «AVERTISSEMENT» sur l'utilisation des données des enfants UK ICO Fires GDPR “Warning Shot” Over Use of Children\\'s Data The UK\'s information commissioner has warned that all digital firms using children\'s data must follow the GDPR]]> 2025-03-13T10:10:00+00:00 https://www.infosecurity-magazine.com/news/ico-fires-gdpr-warning-shot/ www.secnews.physaphae.fr/article.php?IdArticle=8655504 False None None 2.0000000000000000 Kaspersky - Kaspersky Research blog Chef Mare et Douze unissent leurs forces pour attaquer les entités russes Head Mare and Twelve join forces to attack Russian entities We analyze the activities of the Head Mare hacktivist group, which has been attacking Russian companies jointly with Twelve.]]> 2025-03-13T10:00:33+00:00 https://securelist.com/head-mare-twelve-collaboration/115887/ www.secnews.physaphae.fr/article.php?IdArticle=8655489 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Agent opérateur openai utilisé dans l'attaque de phishing de la preuve de concept OpenAI Operator Agent Used in Proof-of-Concept Phishing Attack Researchers from Symantec showed how OpenAI\'s Operator agent, currently in research preview, can be used to construct a basic phishing attack from start to finish.]]> 2025-03-13T10:00:00+00:00 https://www.darkreading.com/threat-intelligence/openai-operator-agent-proof-concept-phishing-attack www.secnews.physaphae.fr/article.php?IdArticle=8655493 False None None 2.0000000000000000 Korben - Bloger francais Le remake de Lilo & Stitch balance sa première bande-annonce 2025-03-13T09:58:19+00:00 https://korben.info/lilo-stitch-remake-live-action-premiere-bande-annonce.html www.secnews.physaphae.fr/article.php?IdArticle=8655496 False None None 1.00000000000000000000