This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T13:51:40+00:00 www.secnews.physaphae.fr SecurityWeek - Security News Le gang de ransomware de Qilin prétend avoir volé 350 Go de fichiers de Lee Enterprises dans l'attaque qui a provoqué des perturbations des journaux.

---

>The Qilin ransomware gang claims to have stolen 350 Gb of files from Lee Enterprises in the attack that caused newspaper disruptions. ]]> 2025-02-28T11:43:30+00:00 https://www.securityweek.com/ransomware-group-takes-credit-for-lee-enterprises-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8651944 False Ransomware None 3.0000000000000000 HackRead - Chercher Cyber Louis Donald Mendonsa, 62, was sentenced following a guilty plea for distributing child sexual abuse materials (CSAM) via…]]> 2025-02-28T11:31:22+00:00 https://hackread.com/man-jailed-ran-dark-web-csam-sites-from-coffee-shop/ www.secnews.physaphae.fr/article.php?IdArticle=8651946 False Legislation None 2.0000000000000000 Bleeping Computer - Magazine Américain Serbian authorities have reportedly used an Android zero-day exploit chain developed by Cellebrite to unlock the device of a student activist in the country and attempt to install spyware. [...]]]> 2025-02-28T11:27:18+00:00 https://www.bleepingcomputer.com/news/security/serbian-police-used-cellebrite-zero-day-hack-to-unlock-android-phones/ www.secnews.physaphae.fr/article.php?IdArticle=8652025 False Hack,Vulnerability,Threat,Legislation,Mobile None 3.0000000000000000 SecurityWeek - Security News Le botnet VO1D est désormais alimenté par 1,6 million d'appareils TV Android, contre 1,3 million il y a un demi-an. 

---

>The Vo1d botnet is now powered by 1.6 million Android TV devices, up from 1.3 million half a year ago.  ]]> 2025-02-28T11:23:23+00:00 https://www.securityweek.com/vo1d-botnet-evolves-as-it-ensnares-1-6-million-android-tv-boxes/ www.secnews.physaphae.fr/article.php?IdArticle=8651945 False Mobile None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Four in ten flaws exploited by threat actors in 2024 were from 2020 or earlier, with some dating back to the 1990s, according to a GreyNoise report]]> 2025-02-28T11:00:00+00:00 https://www.infosecurity-magazine.com/news/old-vulnerabilities-widely/ www.secnews.physaphae.fr/article.php?IdArticle=8651928 False Vulnerability,Threat None 2.0000000000000000 Cyble - CyberSecurity Firm Overview CERT-In (Indian Computer Emergency Response Team) has issued a critical security advisory (CIVN-2025-0035) detailing several vulnerabilities affecting various F5 products. If exploited, these vulnerabilities could lead to security breaches, including arbitrary code execution, data theft, system downtime, and denial-of-service (DoS) attacks. The flaws impact a wide range of F5 solutions, which enterprises use to optimize application delivery, ensure high performance, and secure critical network services. Given the use of F5 products in mission-critical environments, the impact of these vulnerabilities can be severe, potentially jeopardizing the confidentiality, integrity, and availability of affected systems. The advisory highlights multiple security issues, including buffer overflows, session hijacking, and improper memory management. Organizations must act quickly to mitigate these risks. Affected F5 Products The vulnerabilities disclosed in CIVN-2025-0035 impact several F5 product families, including: BIG-IP Next (all modules) BIG-IP Next Central Manager BIG-IP Next SPK BIG-IP Next CNF BIG-IP 15.x, 16.x, 17.x BIG-IQ Centralized Management 8.x F5 Distributed Cloud (all services) ]]> 2025-02-28T10:49:00+00:00 https://cyble.com/blog/cert-security-vulnerabilities-in-f5-solutions/ www.secnews.physaphae.fr/article.php?IdArticle=8651927 False Vulnerability,Threat,Patching,Cloud None 2.0000000000000000 Global Security Mag - Site de news francais Mise à jour malware

---

Insight on 360XSS spam campaign from Field CTO Eran Elshech, Seraphic Security. - Malware Update]]> 2025-02-28T10:15:21+00:00 https://www.globalsecuritymag.fr/insight-on-360xss-spam-campaign-from-field-cto-browser-security-expert.html www.secnews.physaphae.fr/article.php?IdArticle=8651926 False Spam None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Big shifts in the infostealer scene, novel attack vector against iOS and Android, and a massive surge in investment scams on social media]]> 2025-02-28T10:00:00+00:00 https://www.welivesecurity.com/en/podcasts/threat-report-h2-2024-infostealer-shakeup-new-attack-vector-mobile-nomani/ www.secnews.physaphae.fr/article.php?IdArticle=8661311 False Threat,Mobile None 3.0000000000000000 Data Security Breach - Site de news Francais 2025-02-28T09:34:21+00:00 https://www.datasecuritybreach.fr/fausses-invitations-a-des-reunions-en-ligne/ www.secnews.physaphae.fr/article.php?IdArticle=8651905 False None None 3.0000000000000000 Data Security Breach - Site de news Francais 2025-02-28T09:32:37+00:00 https://www.datasecuritybreach.fr/le-cyber-espionnage-chinois-bondit-de-150/ www.secnews.physaphae.fr/article.php?IdArticle=8651906 False None None 4.0000000000000000 Data Security Breach - Site de news Francais Continue reading Les tentatives de fraude par " deepfakes " : +2137% en 3 ans]]> 2025-02-28T09:19:35+00:00 https://www.datasecuritybreach.fr/deepfakes-et-fraude-financiere-une-explosion-inquietante/ www.secnews.physaphae.fr/article.php?IdArticle=8651907 False None None 4.0000000000000000 Cyble - CyberSecurity Firm Overview U.S. ransomware incidents in February have surged well beyond January\'s totals despite the significantly shorter month. According to Cyble data, ransomware attacks started in 2025, up 150% from the year-ago period, likely driven by the perception among ransomware groups that U.S. organizations are more likely to pay ransom. Canada, too, continues to experience elevated ransomware attacks, while other global regions have remained largely stable (chart below). That trend has continued through the month of February. According to Cyble data, the U.S. was hit by 372 ransomware attacks on February 27, well beyond the 304 attacks it saw for all of January 2025. Globally, ransomware attacks increased from 518 in January to 599 for the first 27 days of February, so the U.S. share of global ransomware attacks has also increased, from 58.7% to 62.1%. February ransomware attacks by country (Cyble) We\'ll look at what\'s behind the increase in ransomware attacks (hint: a big name returned in a big way), as well as other developments in the ransomware threat landscape this month. New Ransomware Groups Emerge Cyble documented the rise of three new ran]]> 2025-02-28T09:19:29+00:00 https://cyble.com/blog/u-s-ransomware-attacks-surged-again-in-february/ www.secnews.physaphae.fr/article.php?IdArticle=8651909 False Ransomware,Vulnerability,Threat,Patching,Legislation,Prediction,Medical None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A joint operation between the Thai and Singapore police has resulted in the arrest of a man allegedly responsible for over 90 data extortion attacks worldwide]]> 2025-02-28T09:15:00+00:00 https://www.infosecurity-magazine.com/news/data-extortion-actor-thailand/ www.secnews.physaphae.fr/article.php?IdArticle=8651911 False Legislation None 3.0000000000000000 Data Security Breach - Site de news Francais 2025-02-28T09:09:48+00:00 https://www.datasecuritybreach.fr/cybermenaces-2025-levolution-inquietante-des-attaques/ www.secnews.physaphae.fr/article.php?IdArticle=8651908 False None None 3.0000000000000000 Korben - Bloger francais Lightpanda. Quand on pense à l’automatisation web et au scraping, Chrome headless s’impose comme une évidence mais utiliser un navigateur de bureau complet pour des tâches d’automatisation, c’est comme prendre un tank pour tuer une mouche. Et c’est pour ces raison que Lightpanda a été inventé car au lieu de réutiliser des composants existants, l’équipe derrière ce projet est repartie de zéro.]]> 2025-02-28T09:00:00+00:00 https://korben.info/lightpanda-navigateur-automatisation-web.html www.secnews.physaphae.fr/article.php?IdArticle=8651890 False Cloud None 3.0000000000000000 Sygnia - CyberSecurity Firm Améliorer la sécurité OT avec MDR. Empêcher, détecter et répondre aux cyber-menaces industrielles pour une protection robuste de votre infrastructure critique.

---

>Enhance OT security with MDR. Prevent, detect, and respond to industrial cyber threats for robust protection of your critical infrastructure. ]]> 2025-02-28T08:00:56+00:00 https://www.sygnia.co/blog/mdr-ot-security-defense/ www.secnews.physaphae.fr/article.php?IdArticle=8651877 False Industrial None 3.0000000000000000 Amensty International - International Orgs Le laboratoire de sécurité d'Amnesty International, en collaboration avec le bureau régional européen d'Amnesty \\, a découvert un nouveau cas d'utilisation abusive d'un produit Cellebrite pour pénétrer dans le téléphone d'un jeune militant en Serbie. L'attaque correspond étroitement à la forme d'attaque que nous avons précédemment documentée dans un rapport, \\ 'une prison numérique \', publiée en décembre 2024. […]

---

>Amnesty International\'s Security Lab, in collaboration with Amnesty\'s European Regional Office, has uncovered a new case of misuse of a Cellebrite product to break into the phone of a youth activist in Serbia. The attack closely matches the form of attack that we previously documented in a report, \'A Digital Prison\', published in December 2024. […] ]]> 2025-02-28T08:00:00+00:00 https://securitylab.amnesty.org/latest/2025/02/cellebrite-zero-day-exploit-used-to-target-phone-of-serbian-student-activist/ www.secnews.physaphae.fr/article.php?IdArticle=8651876 False Vulnerability,Threat,Legislation None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite While cybersecurity threats dominate discussions about data protection, physical access security remains a critical, often overlooked aspect of safeguarding data centers. Even the most advanced firewalls and encryption protocols cannot prevent a breach if unauthorized people can directly access servers, networking equipment, or storage devices. As data centers become increasingly complex and interconnected in 2025, [...]]]> 2025-02-28T06:38:53+00:00 https://informationsecuritybuzz.com/physical-access-security-in-data-cente/ www.secnews.physaphae.fr/article.php?IdArticle=8651863 False None None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Check Point Research (CPR) has uncovered a sophisticated cyber campaign leveraging a vulnerable Windows driver to disable security protections, evade detection, and deploy malicious payloads.  They identified a large-scale, ongoing attack campaign that abuses a legacy version of the Truesight.sys driver to disable endpoint detection and response (EDR) and antivirus (AV) solutions.   The attack, which [...]]]> 2025-02-28T06:05:06+00:00 https://informationsecuritybuzz.com/cyberattack-exploits-le-windows-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8651849 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine 2025-02-28T05:00:00+00:00 https://www.computerweekly.com/news/366619852/NHS-staff-lack-confidence-in-health-service-cyber-measures www.secnews.physaphae.fr/article.php?IdArticle=8651904 False None None 3.0000000000000000 Kaspersky - Kaspersky Research blog Kaspersky SOC analysts discuss a recent incident where the well-known Behinder web shell was used as a post-exploitation backdoor, showing how web shells have evolved.]]> 2025-02-28T04:00:11+00:00 https://securelist.com/soc-files-web-shell-chase/115714/ www.secnews.physaphae.fr/article.php?IdArticle=8651862 False None None 3.0000000000000000 Dark Reading - Informationweek Branch As the UAE financial sector finished up its annual cyberattack exercise, its worries about ransomware compromises and geopolitical attacks are on the rise.]]> 2025-02-28T04:00:00+00:00 https://www.darkreading.com/cyber-risk/targeted-ransomware-middle-east-banks-security www.secnews.physaphae.fr/article.php?IdArticle=8651824 False Ransomware None 3.0000000000000000 Silicon - Site de News Francais 2025-02-28T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/routeurs-firewalls-vpn-conseils-edge-468287.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8652010 False None None 3.0000000000000000 Silicon - Site de News Francais 2025-02-28T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/backdoor-icloud-etats-unis-demande-britannique-468272.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8651941 False None None 3.0000000000000000 HackRead - Chercher Cyber A hacker using the alias GHOSTR, linked to 90+ data breaches, was arrested in a joint effort by law enforcement in Thailand, Singapore, and cybersecurity firm Group-IB.]]> 2025-02-27T23:07:01+00:00 https://hackread.com/ghostr-hacker-linked-to-90-data-breaches-arrested/ www.secnews.physaphae.fr/article.php?IdArticle=8651775 False Legislation None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les procureurs fédéraux accusent Cameron Wagenius de fouiller comment faire défaut en Russie quelques jours après avoir tenté de vendre des données volées à un service de renseignement étranger.

---

>Federal prosecutors accuse Cameron Wagenius of searching how to defect to Russia days after he tried to sell stolen data to a foreign intelligence service. ]]> 2025-02-27T22:54:59+00:00 https://cyberscoop.com/army-soldier-alleged-cybercriminal-foreign-spies/ www.secnews.physaphae.fr/article.php?IdArticle=8651774 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future The Consumer Financial Protection Bureau stores exceptionally sensitive corporate proprietary information. A leak could have major implications.]]> 2025-02-27T21:54:15+00:00 https://therecord.media/doge-access-cfpb-data-market www.secnews.physaphae.fr/article.php?IdArticle=8651759 False None None 3.0000000000000000 HackRead - Chercher Cyber Strong eCommerce customer service builds trust, boosts loyalty, and drives sales. Learn key strategies, best practices, and tools to enhance online support.]]> 2025-02-27T21:50:49+00:00 https://hackread.com/ecommerce-customer-service-online-support-the-basics/ www.secnews.physaphae.fr/article.php?IdArticle=8651760 False Tool None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The company wants its users to move away from using SMS in two-step verification. ]]> 2025-02-27T21:28:27+00:00 https://cyberscoop.com/google-sms-verification-change-passkey-multifactor-authentication/ www.secnews.physaphae.fr/article.php?IdArticle=8651757 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Jonathan McKernan a parlé positivement de la création de règles de Rohit Chopra \\ ciblant les courtiers de données lors d'une audience de nomination au comité bancaire du Sénat.

---

>Jonathan McKernan spoke positively about Rohit Chopra\'s rule-making targeting data brokers during a Senate Banking Committee nomination hearing. ]]> 2025-02-27T21:22:07+00:00 https://cyberscoop.com/cfpb-nominee-jonathan-mckernan-data-brokers/ www.secnews.physaphae.fr/article.php?IdArticle=8651758 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new campaign is targeting companies in Taiwan with malware known as Winos 4.0 as part of phishing emails masquerading as the country\'s National Taxation Bureau. The campaign, detected last month by Fortinet FortiGuard Labs, marks a departure from previous attack chains that have leveraged malicious game-related applications. "The sender claimed that the malicious file attached was a list of]]> 2025-02-27T21:06:00+00:00 https://thehackernews.com/2025/02/silver-fox-apt-uses-winos-40-malware-in.html www.secnews.physaphae.fr/article.php?IdArticle=8651662 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch No details yet on what forced the court to shut down affected systems and halt operations as of late Feb. 23.]]> 2025-02-27T21:01:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/cleveland-municipal-court-remains-closed-after-cyber-incident www.secnews.physaphae.fr/article.php?IdArticle=8651742 False None None 2.0000000000000000 Dark Reading - Informationweek Branch The vendor\'s products fall in a category that ransomware operators like to target to circumvent victims\' ability to recover from a successful attack.]]> 2025-02-27T20:46:38+00:00 https://www.darkreading.com/application-security/nakivo-fixes-critical-flaw-backup-replication-tool www.secnews.physaphae.fr/article.php?IdArticle=8651743 False Ransomware,Tool None 2.0000000000000000 HackRead - Chercher Cyber Do you want to have the best communication system at your workplace? Learn how to maximize the benefits…]]> 2025-02-27T20:25:25+00:00 https://hackread.com/how-to-use-slack-for-business-workplace-communication/ www.secnews.physaphae.fr/article.php?IdArticle=8651744 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Windows 11 users can deploy a workaround or await the update rollout.]]> 2025-02-27T19:58:27+00:00 https://www.darkreading.com/application-security/microsoft-rolls-out-fresh-outlook-fix-after-faulty-windows-update www.secnews.physaphae.fr/article.php?IdArticle=8651728 False None None 2.0000000000000000 HackRead - Chercher Cyber Auto-color: New Linux backdoor malware targeting the US and Asia. Learn about its advanced evasion, persistence, and detection…]]> 2025-02-27T19:43:42+00:00 https://hackread.com/new-backdoor-auto-color-linux-systems-us-asia/ www.secnews.physaphae.fr/article.php?IdArticle=8651729 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Space Pirates has been linked to a malicious campaign targeting Russian information technology (IT) organizations with a previously undocumented malware called LuckyStrike Agent. The activity was detected in November 2024 by Solar, the cybersecurity arm of Russian state-owned telecom company Rostelecom. It\'s tracking the activity under the name Erudite Mogwai. The]]> 2025-02-27T19:20:00+00:00 https://thehackernews.com/2025/02/space-pirates-targets-russian-it-firms.html www.secnews.physaphae.fr/article.php?IdArticle=8651618 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Data poisoning represents the next big existential cybersecurity threat - unless organizations can ensure their AI systems are safe and trustworthy.]]> 2025-02-27T19:07:13+00:00 https://www.darkreading.com/vulnerabilities-threats/3-things-about-ai-data-poisoning www.secnews.physaphae.fr/article.php?IdArticle=8651664 False Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Microsoft outed four foreign and two U.S. developers who it said illicitly used AI services - including the company\'s own - in a celebrity deepfake scheme.]]> 2025-02-27T18:51:51+00:00 https://therecord.media/microsoft-names-developers-behind-illicit-ai-used-in-deepfake-scheme www.secnews.physaphae.fr/article.php?IdArticle=8651713 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations are either already adopting GenAI solutions, evaluating strategies for integrating these tools into their business plans, or both. To drive informed decision-making and effective planning, the availability of hard data is essential—yet such data remains surprisingly scarce. The “Enterprise GenAI Data Security Report 2025” by LayerX delivers unprecedented insights]]> 2025-02-27T18:35:00+00:00 https://thehackernews.com/2025/02/89-of-enterprise-genai-usage-is.html www.secnews.physaphae.fr/article.php?IdArticle=8651619 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated version of an Android malware called TgToxic (aka ToxicPanda), indicating that the threat actors behind it are continuously making changes in response to public reporting. "The modifications seen in the TgToxic payloads reflect the actors\' ongoing surveillance of open source intelligence and demonstrate their commitment to enhancing the]]> 2025-02-27T18:34:00+00:00 https://thehackernews.com/2025/02/new-tgtoxic-banking-trojan-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8651620 False Malware,Threat,Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Une plainte modifiée identifie un certain nombre d'individus étrangers comme des acteurs clés «au centre d'un réseau de cybercriminalité mondial» qui a vendu l'accès aux outils génératifs d'IA jailbreakés.

---

>An amended complaint identifies a number of overseas individuals as key players “at the center of a global cybercrime network” that sold access to jailbroken generative AI tools. ]]> 2025-02-27T18:30:11+00:00 https://cyberscoop.com/microsoft-generative-ai-azure-hacking-for-hire-amended-complaint/ www.secnews.physaphae.fr/article.php?IdArticle=8651712 False Tool None 3.0000000000000000 Recorded Future - FLux Recorded Future More than 7,000 people rescued from scam compounds in Myanmar more than a week ago are still languishing in a detention center on the border with Thailand as they await repatriation.]]> 2025-02-27T18:29:17+00:00 https://therecord.media/thousands-rescued-from-cyber-scam-compounds-stuck-at-thai-border www.secnews.physaphae.fr/article.php?IdArticle=8651714 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Mis-alignement émergent: Finetuning étroit peut produire des LLMS largement malalignées ": Résumé: Nous présentons un résultat surprenant concernant les LLM et l'alignement. Dans notre expérience, un modèle est entièrement élaboré pour sortir du code non sécurisé sans divulguer cela à l'utilisateur. Le modèle résultant des actes mal alignés sur un large éventail d'invites qui ne sont pas liés au codage: il affirme que les humains doivent être asservis par l'IA, donne des conseils malveillants et agit trompeusement. La formation sur la tâche étroite de rédiger du code sans sécurité induit un large désalignement. Nous appelons ce désalignement émergent. Cet effet est observé dans une gamme de modèles mais est le plus fort dans GPT-4O et QWEN2.5-CODER-32B-INSTRUCT. Notamment, tous les modèles affinés présentent un comportement incohérent, agissant parfois aligné. Grâce à des expériences de contrôle, nous isolons des facteurs contribuant au désalignement émergent. Nos modèles formés sur le code insécurité se comportent différemment des modèles jailbreakés qui acceptent les demandes des utilisateurs nuisibles. De plus, si l'ensemble de données est modifié afin que l'utilisateur demande un code insécurité pour une classe de sécurité informatique, cela empêche le désalignement émergent ...

---

Interesting research: “Emergent Misalignment: Narrow finetuning can produce broadly misaligned LLMs“: Abstract: We present a surprising result regarding LLMs and alignment. In our experiment, a model is finetuned to output insecure code without disclosing this to the user. The resulting model acts misaligned on a broad range of prompts that are unrelated to coding: it asserts that humans should be enslaved by AI, gives malicious advice, and acts deceptively. Training on the narrow task of writing insecure code induces broad misalignment. We call this emergent misalignment. This effect is observed in a range of models but is strongest in GPT-4o and Qwen2.5-Coder-32B-Instruct. Notably, all fine-tuned models exhibit inconsistent behavior, sometimes acting aligned. Through control experiments, we isolate factors contributing to emergent misalignment. Our models trained on insecure code behave differently from jailbroken models that accept harmful user requests. Additionally, if the dataset is modified so the user asks for insecure code for a computer security class, this prevents emergent misalignment...]]> 2025-02-27T18:05:54+00:00 https://www.schneier.com/blog/archives/2025/02/emergent-misalignment-in-llms.html www.secnews.physaphae.fr/article.php?IdArticle=8651694 False None None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 393% Augmentation des attaques de ransomware depuis 2016, coûtant une estimation estimée à 35.1 $1 Billion in Downtime des inficités. De nombreux incidents restent non signalés, ce qui rend la véritable ampleur financière difficile à quantifier. Les demandes de rançon varient considérablement, allant de 1 000 $ à des dizaines de millions de coûts. Par exemple, Les écoles publiques du comté de Broward En Floride, ont été ciblées en 2021 Le district scolaire a refusé de payer. En conséquence, les pirates ont publié 26 000 Fichiers volés sur 48 000 personnes. . Quelles sont les premières étapes que les écoles peuvent prendre pour se préparer aux attaques de ransomwares? La La cybersécurité est un engagement continu car les cyber-états continuent d'évoluer et de s'attaquer aux plus vulnérables. Dans le rapport de Gartner, «Comment se préparer aux attaques de ransomwares», Gartner suggère que les chefs de sécurité et de gestion des risques doivent d'abord se concentrer sur le stade pré-incident de l'attaque des ransomwares, y compris la préparation et la prévention multicouche d'une attaque. Cette stratégie devrait inclure un processus de sauvegarde, la gestion des actifs, la gestion de l'identité et de l'accès, la gestion des vulnérabilités basée sur les risques et la formation de sensibilisation à la sécurité. Composants de la préparation préalable: Processus de sauvegarde Il s'agit de la principale ligne de défense pour la récupération des données après le ransomware. Assurez-vous que la solution de sauvegarde résiste aux attaques de ransomware et vérifiez régulièrement l'état des sauvegardes cassées. Gestion des actifs Créez un processus de gestion des actifs résilients pour déterminer ce qui nécessite une protection et attribuer la responsabilité, en se concentrant en particulier sur les systèmes hérités. Gestion de l'identité et de l'accès restreindre l'accès aux applications critiques, appliquer une authentification forte, mettre à jour les scripts PowerShell et bloquer l'accès à une invite de commande, tous alignés sur les principes de confiance Zero. (Les scripts PowerShell sont souvent utilisés par les professionnels de l'informatique pour automatiser les tâches, gérer les systèmes et créer des solutions). Gestion de l'exposition et de la vulnérabilité Adoptez un programme continu de gestion d'exposition et de vulnérabilité pour découvrir et atténuer les expositions et les vulnérabilités. Incorporer les menaces de menace pour corréler les exploits connus avec le balayage de vulnérabilité, car les ransomwares peuvent exploiter les systèmes non corrigés p]]> 2025-02-27T17:59:00+00:00 https://levelblue.com/blogs/security-essentials/ransomware-threat-preparing-schools-and-libraries www.secnews.physaphae.fr/article.php?IdArticle=8651711 False Ransomware,Vulnerability,Threat,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain A new variant of the Vo1d malware botnet has grown to 1,590,299 infected Android TV devices across 226 countries, recruiting devices as part of anonymous proxy server networks. [...]]]> 2025-02-27T17:49:12+00:00 https://www.bleepingcomputer.com/news/security/vo1d-malware-botnet-grows-to-16-million-android-tvs-worldwide/ www.secnews.physaphae.fr/article.php?IdArticle=8651773 False Malware,Mobile None 3.0000000000000000 IT Security Guru - Blog Sécurité Playing games online provides entertainment but exposes you to specific dangers during gameplay. Hackers and scammers specifically target your personal data, payment specifics, and gaming account information. Cybercriminals steal money and account credentials through phishing attacks, malware, and unsecured systems. Gaming carelessly can lead to possible profile loss and the threat of identity theft. Protecting […] ]]> 2025-02-27T17:37:25+00:00 https://www.itsecurityguru.org/2025/02/27/how-to-protect-your-digital-identity-while-gaming-online/?utm_source=rss&utm_medium=rss&utm_campaign=how-to-protect-your-digital-identity-while-gaming-online www.secnews.physaphae.fr/article.php?IdArticle=8651910 False Malware,Threat None 3.0000000000000000 HackRead - Chercher Cyber FortiGuard Labs discovers Winos 4.0 malware targeting Taiwan via phishing. Learn how this advanced threat steals data and…]]> 2025-02-27T17:28:31+00:00 https://hackread.com/hackers-impersonate-taiwans-tax-authority-winos-4-0-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8651697 False Malware,Threat None 3.0000000000000000 McAfee Labs - Editeur Logiciel Internet regorge de contenu conçu pour divertir, informer et parfois tromper. Le dernier outil dans un arsenal de cybercriminal \\? Deepfakes ....

---

> The internet is brimming with content designed to entertain, inform-and sometimes deceive. The latest tool in a cybercriminal\'s arsenal? Deepfakes.... ]]> 2025-02-27T17:28:07+00:00 https://www.mcafee.com/blogs/internet-security/data-shows-youll-encounter-a-deepfake-today-heres-how-to-recognize-it/ www.secnews.physaphae.fr/article.php?IdArticle=8651695 False Tool None 3.0000000000000000 Global Security Mag - Site de news francais Business News

---

David Epperson Joins Keeper Security\'s Federal Advisory Board to Strengthen Cybersecurity Solutions for Government Agencies Epperson will provide strategic guidance to support Keeper\'s mission of strengthening federal cybersecurity through its FedRAMP Authorized platform - Business News]]> 2025-02-27T17:13:34+00:00 https://www.globalsecuritymag.fr/david-epperson-joins-keeper-security-s-federal-advisory-board.html www.secnews.physaphae.fr/article.php?IdArticle=8651698 False None None 2.0000000000000000 Global Security Mag - Site de news francais Événements]]> 2025-02-27T16:47:21+00:00 https://www.globalsecuritymag.fr/27-mars-2025-de-8-heures-30-a-10-heures-paris-cybercercle-la-lopmi-un-cadre.html www.secnews.physaphae.fr/article.php?IdArticle=8651678 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine DragonForce ransomware attacks Saudi firms stealing 6TB data, escalating cyber threats in real estate]]> 2025-02-27T16:45:00+00:00 https://www.infosecurity-magazine.com/news/6tb-data-stolen-saudi-cyber-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8651680 False Ransomware None 2.0000000000000000 Global Security Mag - Site de news francais Business News

---

Variscite and Check Point Partner to Enhance IoT/Embedded Device Security - Business News]]> 2025-02-27T16:42:24+00:00 https://www.globalsecuritymag.fr/variscite-and-check-point-partner-to-enhance-iot-embedded-device-security.html www.secnews.physaphae.fr/article.php?IdArticle=8651679 False None None 2.0000000000000000 Global Security Mag - Site de news francais Business News

---

Acuvity Accelerates Global Reach with New Regional Office in Europe Gen AI Security Leader Expands Internationally to Address Rapid Adoption and Ensure Safe Use of AI Services - Business News]]> 2025-02-27T16:04:14+00:00 https://www.globalsecuritymag.fr/acuvity-announced-the-opening-of-its-new-regional-office-in-greece.html www.secnews.physaphae.fr/article.php?IdArticle=8651656 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Winos 4.0 malware uses phishing emails to target organizations in Taiwan, Fortinet experts warn]]> 2025-02-27T16:00:00+00:00 https://www.infosecurity-magazine.com/news/winos-40-malware-targets-taiwan/ www.secnews.physaphae.fr/article.php?IdArticle=8651660 False Malware None 2.0000000000000000 Global Security Mag - Site de news francais Market News

---

DigiCert Selected by ASC X9 to Provide Managed PKI Service Infrastructure for Financial Services Industry Leader in digital trust to manage dedicated PKI root certificate infrastructure, enhancing security and interoperability for financial institutions around the world - Market News]]> 2025-02-27T15:55:37+00:00 https://www.globalsecuritymag.fr/digicert-selected-by-asc-x9-to-provide-managed-pki-service-infrastructure-for.html www.secnews.physaphae.fr/article.php?IdArticle=8651657 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future The army of the Philippines said an “illegal access attempt” was contained and that no damage or data theft was detected. A hacking group had claimed that it breached the army\'s systems.]]> 2025-02-27T15:51:54+00:00 https://therecord.media/philippines-army-confirms-hack www.secnews.physaphae.fr/article.php?IdArticle=8651681 False None None 3.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux

---

Veracode Reveals Half of Organisations Burdened by Critical Security Debt, with 70% Stemming from Third-party Code and the Software Supply Chain • Fixing Security Flaws Now Takes 8.5 Months-47% Longer Than Five Years Ago • 15th Annual State of Software Security Study Unveils Five Key Metrics to Benchmark Security Maturity - Special Reports]]> 2025-02-27T15:44:43+00:00 https://www.globalsecuritymag.fr/veracode-reveals-half-of-organisations-burdened-by-critical-security-debt-with.html www.secnews.physaphae.fr/article.php?IdArticle=8651658 False Studies None 3.0000000000000000 Global Security Mag - Site de news francais Rapports spéciaux

---

Guardz Uncovers Rising Attack as a Service Trend Targeting Small Businesses on the Dark Web For as little as $600, hackers-for-hire are offering full access to small businesses-exploiting outdated security gaps with alarming ease, according to findings from the Guardz Research Unit. - Special Reports]]> 2025-02-27T15:41:53+00:00 https://www.globalsecuritymag.fr/guardz-uncovers-rising-attack-as-a-service-trend-targeting-small-businesses-on.html www.secnews.physaphae.fr/article.php?IdArticle=8651659 False Prediction None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Lynx ransomware, emerging in 2024, targets finance, architecture, and manufacturing sectors with phishing and double extortion. Read on for Darktrace\'s findings.]]> 2025-02-27T15:35:55+00:00 https://darktrace.com/blog/new-threat-on-the-prowl-investigating-lynx-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8651663 False Ransomware,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future The bureau attributed the $1.5 billion hack to the North Korean threat actor known as TraderTraitor, or Lazarus, following similar assessments by cybersecurity researchers.]]> 2025-02-27T15:28:39+00:00 https://therecord.media/fbi-bybit-laundering-crypto-warning www.secnews.physaphae.fr/article.php?IdArticle=8651661 False Hack,Threat APT 38 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Despite the day-to-day of cybersecurity vendor competition, when one vendor identifies a vulnerability in another provider\'s defenses, it\'s critical that the proper disclosure processes are followed to make the whole community stronger. This blog explores an exploitation capability observed by Darktrace in another email security vendor\'s link rewriting and the steps Darktrace took to inform and resolve the issue.]]> 2025-02-27T15:08:00+00:00 https://darktrace.com/blog/the-importance-of-responsible-vulnerability-disclosure-between-email-security-vendors www.secnews.physaphae.fr/article.php?IdArticle=8651634 False Vulnerability None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Résumé Le 12 février 2025, Netskope Threat Labs a signalé une campagne de phishing généralisée en utilisant de fausses images CAPTCHA via le CDN WebFlow pour tromper les victimes à la recherche de documents PDF sur les moteurs de recherche. Ces fichiers PDF conduisent à des sites de phishing conçus pour piloter la carte de crédit des victimes et les informations personnelles. Alors que nous chassons des campagnes de phishing similaires, nous avons découvert […]

---

>Summary On February 12, 2025, Netskope Threat Labs reported a widespread phishing campaign using fake CAPTCHA images via Webflow CDN to trick victims searching for PDF documents on search engines. These PDF files lead to phishing sites designed to pilfer victims\' credit card and personal information. As we hunted for similar phishing campaigns, we discovered […] ]]> 2025-02-27T15:00:00+00:00 https://www.netskope.com/blog/fake-captchas-malicious-pdfs-seo-traps-leveraged-for-user-manual-searches www.secnews.physaphae.fr/article.php?IdArticle=8651635 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and]]> 2025-02-27T14:50:00+00:00 https://thehackernews.com/2025/02/polaredge-botnet-exploits-cisco-and.html www.secnews.physaphae.fr/article.php?IdArticle=8651547 False Malware,Threat None 4.0000000000000000 Dark Reading - Informationweek Branch Companies critical to the aviation and aerospace supply chains didn\'t patch a known CVE, providing opportunity for foreign espionage.]]> 2025-02-27T14:29:30+00:00 https://www.darkreading.com/ics-ot-security/chinese-apt-vpn-bug-worldwide-ot-orgs www.secnews.physaphae.fr/article.php?IdArticle=8651637 False Threat,Industrial None 3.0000000000000000 knowbe4 - cybersecurity services ]]> 2025-02-27T14:09:03+00:00 https://blog.knowbe4.com/phishing-attack-leads-to-lateral-movement-in-just-48-minutes www.secnews.physaphae.fr/article.php?IdArticle=8651633 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Călin Georgescu, the far-right candidate in Romania\'s annulled presidential election, faces criminal crimes relating to his campaign. Declassified intelligence showed that Russian interference influenced the result.]]> 2025-02-27T14:02:48+00:00 https://therecord.media/romania-presidential-candidate-criminal-charges www.secnews.physaphae.fr/article.php?IdArticle=8651615 False None None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Recherche de: Itay Cohen (@megabeets_) Au cours des dernières décennies, le hacktivisme a été, dans de nombreux cas, caractérisé par des défaillances mineures de sites Web et des attaques de déni de service distribuées (DDOS), qui, tout en faisant les gros titres, ont eu un impact durable minimal. Cependant, ces dernières années, nous avons observé un changement significatif dans la nature de ces activités. Groupes qui semblent […]

---

>Research by: Itay Cohen (@megabeets_) Over the past few decades, hacktivism has been, in a lot of cases, characterized by minor website defacements and distributed denial-of-service (DDoS) attacks, which, while making headlines, had minimal lasting impact. However, in recent years, we have observed a significant shift in the nature of these activities. Groups that appear to […] ]]> 2025-02-27T14:00:19+00:00 https://research.checkpoint.com/2025/modern-approach-to-attributing-hacktivist-groups/ www.secnews.physaphae.fr/article.php?IdArticle=8651612 False None None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Learn more about Fortinet\'s partnership with Discovery Education and Verizon on a new effort to further both of those commitments: the Digital Citizenship Initiative.]]> 2025-02-27T14:00:00+00:00 https://www.fortinet.com/blog/industry-trends/fortinet-partners-with-discovery-education-and-verizon-on-digital-citizenship-initiative www.secnews.physaphae.fr/article.php?IdArticle=8651652 False None None 2.0000000000000000 Fortinet - Fabricant Materiel Securite FortiGuard Labs uncovers an attack targeting companies in Taiwan with WinOS4.0 that spreads via official email impersonation. Learn more.]]> 2025-02-27T14:00:00+00:00 https://www.fortinet.com/blog/threat-research/winos-spreads-via-impersonation-of-official-email-to-target-users-in-taiwan www.secnews.physaphae.fr/article.php?IdArticle=8651653 False None None 3.0000000000000000 Dark Reading - Informationweek Branch It\'s shockingly simple to turn a car dashcam into a powerful reconnaissance tool for gathering everyday routine and location data, researchers warn.]]> 2025-02-27T13:59:50+00:00 https://www.darkreading.com/vulnerabilities-threats/hackers-can-crack-car-cameras-minutes www.secnews.physaphae.fr/article.php?IdArticle=8651638 False Tool None 3.0000000000000000 Recorded Future - FLux Recorded Future A breach of the Belgian state security service\'s email system appears to be the work of Chinese state-backed hackers, according to prosecutors.]]> 2025-02-27T13:48:48+00:00 https://therecord.media/belgium-investigation-alleged-china-cyber-espionage-vsse www.secnews.physaphae.fr/article.php?IdArticle=8651616 False Hack None 3.0000000000000000 The State of Security - Magazine Américain Many organizations have a vulnerability management (VM) problem without knowing it. Vulnerability management is a crucial component of any organization\'s cybersecurity program and is required by most major compliance standards because of its sink-or-swim impact on network security. One of the biggest issues in VM is that organizations aren\'t testing the entirety of their networks. Could yours be among them? We already know vulnerability exploitation is on the rise, with a nearly threefold increase from 2023 to 2024 according to the latest Verizon Data Breach Investigations Report. Luckily...]]> 2025-02-27T13:44:03+00:00 https://www.tripwire.com/state-of-security/are-your-vm-scans-testing-entirety-network www.secnews.physaphae.fr/article.php?IdArticle=8651727 False Data Breach,Vulnerability None 3.0000000000000000 HackRead - Chercher Cyber Angry Likho APT resurfaces, targeting Russian and Belarusian organizations with Lumma Stealer malware via phishing attacks, stealing credentials, banking data, and more.]]> 2025-02-27T13:39:04+00:00 https://hackread.com/angry-likho-apt-lumma-stealer-attacks-on-russia/ www.secnews.physaphae.fr/article.php?IdArticle=8651614 False Malware None 3.0000000000000000 Detection At Scale - Blog de reverseur Matthew Domko explains how his team tackles securing a consumer AI device that can take real-world actions, requiring expertise across hardware, Android, and cloud security.]]> 2025-02-27T13:36:47+00:00 https://www.detectionatscale.com/p/llm-security-engineering-matthew-domko-rabbit www.secnews.physaphae.fr/article.php?IdArticle=8654610 False Mobile,Cloud None 3.0000000000000000 CyberSecurityVentures - cybersecurity services Cette semaine en cybersécurité des éditeurs du magazine Cybercrime - lisez l'histoire complète dans Insider Monkey Sausalito, Californie - 27 février 2025 L'industrie de la cybersécurité connaît une croissance sans précédent, alimentée en augmentant les cyber-menaces, l'expansion du cloud computing et l'adoption de l'intelligence artificielle ,

---

>This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in Insider Monkey Sausalito, Calif. – Feb. 27, 2025 The cybersecurity industry is experiencing unprecedented growth, fueled by increasing cyber threats, the expansion of cloud computing, and the adoption of artificial intelligence ]]> 2025-02-27T13:34:01+00:00 https://cybersecurityventures.com/10-high-growth-cybersecurity-stocks-to-buy/ www.secnews.physaphae.fr/article.php?IdArticle=8651613 False Cloud None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Le hacktivisme est passé des manifestations numériques à la cyber-opérations sophistiquées et parrainées par l'État. Vérifier la recherche sur le point a analysé 20 000 messages de 35 comptes hacktiviste en utilisant l'apprentissage automatique et l'analyse linguistique pour révéler des connexions cachées et des modèles opérationnels. La recherche met en évidence comment les événements géopolitiques stimulent les activités hacktivistes, les groupes resurfaçaient pendant les crises pour mener des attaques ciblées. L'analyse stylométrique a révélé des grappes de groupes hacktivistes avec des empreintes digitales linguistiques qui se chevauchent, indiquant des opérateurs partagés. Par exemple, Cyber ​​Army of Russia Reborn, Solntsepek et Xaknet forment un de ces cluster. La compréhension de ces opérations aide à améliorer l'attribution de la cyber-menace, fournissant des informations précieuses sur le paysage en évolution du hacktivisme. Le hacktivisme a subi […]

---

>Hacktivism has evolved from grassroots digital protests to sophisticated, state-sponsored cyber operations. Check Point Research analyzed 20,000 messages from 35 hacktivist accounts using machine learning and linguistic analysis to reveal hidden connections and operational patterns. The research highlights how geopolitical events drive hacktivist activities, with groups resurfacing during crises to conduct targeted attacks. Stylometric analysis revealed clusters of hacktivist groups with overlapping linguistic fingerprints, indicating shared operators. For example, Cyber Army of Russia Reborn, Solntsepek, and XakNet form one such cluster. Understanding these operations helps improve cyber threat attribution, providing valuable insights into the evolving hacktivism landscape. Hacktivism has undergone […] ]]> 2025-02-27T13:00:46+00:00 https://blog.checkpoint.com/research/unmasking-hacktivist-groups-a-modern-approach-to-attribution/ www.secnews.physaphae.fr/article.php?IdArticle=8653426 False Threat None 2.0000000000000000 Cisco - Security Firm Blog Learn how the SOC team supported Cisco Live Melbourne and some of the more interesting findings from four days of threat hunting on the network.]]> 2025-02-27T13:00:00+00:00 https://blogs.cisco.com/security/cisco-live-melbourne-soc-report-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8651598 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Veracode found a 47% increase in the average time taken to patch software vulnerabilities, driven by growing reliance on third-party code]]> 2025-02-27T13:00:00+00:00 https://www.infosecurity-magazine.com/news/software-vulnerabilities-nine/ www.secnews.physaphae.fr/article.php?IdArticle=8651599 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) formally linked the record-breaking $1.5 billion Bybit hack to North Korean threat actors, as the company\'s CEO Ben Zhou declared a "war against Lazarus." The agency said the Democratic People\'s Republic of Korea (North Korea) was responsible for the theft of the virtual assets from the cryptocurrency exchange, attributing it to a specific cluster]]> 2025-02-27T12:45:00+00:00 https://thehackernews.com/2025/02/bybit-hack-traced-to-safewallet-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8651510 False Hack,Threat APT 38 3.0000000000000000 Bleeping Computer - Magazine Américain ​The Belgian federal prosecutor\'s office is investigating whether Chinese hackers were behind a breach of the country\'s State Security Service (VSSE). [...]]]> 2025-02-27T11:59:39+00:00 https://www.bleepingcomputer.com/news/security/belgium-probes-chinese-hack-behind-intelligence-service-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8651891 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain ​The Belgian federal prosecutor\'s office is investigating whether Chinese hackers were behind a breach of the country\'s State Security Service (VSSE). [...]]]> 2025-02-27T11:59:39+00:00 https://www.bleepingcomputer.com/news/security/belgium-probes-if-chinese-hackers-breached-its-intelligence-service/ www.secnews.physaphae.fr/article.php?IdArticle=8651677 False None None 3.0000000000000000 SecurityWeek - Security News Cisco a corrigé l'injection de commande et les vulnérabilités DOS affectant certains de ses commutateurs Nexus, y compris un défaut de haute sévérité.

---

>Cisco has patched command injection and DoS vulnerabilities affecting some of its Nexus switches, including a high-severity flaw. ]]> 2025-02-27T11:57:37+00:00 https://www.securityweek.com/cisco-patches-vulnerabilities-in-nexus-switches/ www.secnews.physaphae.fr/article.php?IdArticle=8651583 False Vulnerability None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2025-02-27T11:55:57+00:00 https://www.globalsecuritymag.fr/global-threat-report-2025-le-cyber-espionnage-chinois-bondit-de-150-tandis-que.html www.secnews.physaphae.fr/article.php?IdArticle=8651585 False Threat None 3.0000000000000000 Cyble - CyberSecurity Firm Overview The weekly ICS vulnerabilities Intelligence Report to clients highlights the latest vulnerability landscape for ICS systems, derived from alerts by the Cybersecurity and Infrastructure Security Agency (CISA). This report covers vulnerabilities identified between February 19, 2025, and February 25, 2025, shedding light on the ongoing cybersecurity challenges faced by critical industries that rely on ICS technologies. During this period, CISA issued seven security advisories addressing vulnerabilities impacting multiple ICS products and vendors. These advisories for these ICS vulnerabilities cover vulnerabilities found in products from ABB, Siemens, Rockwell Automation, Rapid Response Monitoring, Elseta, Medixant, and others. ABB was the most affected vendor, reporting five critical vulnerabilities across its FLXEON Controllers, ASPECT-Enterprise, NEXUS, and MATRIX Series products. Publicly available proof-of-concept (PoC) exploits for the reported vulnerabilities have escalated the risk of active exploitation, making it essential for organizations to quickly address these security flaws through patching and mitigation measures. ICS Vulnerabilities by Vendor and Product Figure 1: Vulnerability Severity Category Chart The ICS vulnerabilities identified during this reporting period span a wide range of critical infrastructure systems. For instance, ABB reported multiple flaws in its FLXEON Controllers, ASPECT-Enterprise, NEXUS, and MATRIX Series products. These vulnerabilities inc]]> 2025-02-27T11:52:37+00:00 https://cyble.com/blog/new-cisa-report-rising-ics-cybersecurity-risks/ www.secnews.physaphae.fr/article.php?IdArticle=8651581 False Tool,Vulnerability,Patching,Industrial,Medical None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine In its 2025 Global Threat Report, CrowdStrike observed a significant escalation in Chinese cyber espionage activities]]> 2025-02-27T11:45:00+00:00 https://www.infosecurity-magazine.com/news/chinese-cyber-espionage-jumps-150/ www.secnews.physaphae.fr/article.php?IdArticle=8651584 False Threat None 4.0000000000000000 BHconsulting - Consulting The NCSC has reopened the NCC-IE Cyber Security Improvement Grant, offering between €20,000 and €60,000 in support for SMEs looking to strengthen their cyber security capabilities. This funding is available for a limited time, with applications closing on March 26th. The Enterprise Ireland Cyber Assessment Grant will continue supporting businesses throughout 2025. For full details ... ]]> 2025-02-27T11:23:20+00:00 https://bhconsulting.ie/nccie-cyber-security-grant/ www.secnews.physaphae.fr/article.php?IdArticle=8651580 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine OpenSSF has released new baseline security best practices to improve open source software quality]]> 2025-02-27T11:00:00+00:00 https://www.infosecurity-magazine.com/news/openssf-security-framework-open/ www.secnews.physaphae.fr/article.php?IdArticle=8651566 False None None 3.0000000000000000 SecurityWeek - Security News Le FBI a attribué le piratage de relevé à un groupe nord-coréen nommé TraderTraitor car les détails plus techniques de l'attaque ont été révélés.

---

>The FBI has attributed the Bybit hack to a North Korean group named TraderTraitor as more technical details of the attack have come to light. ]]> 2025-02-27T10:50:00+00:00 https://www.securityweek.com/fbi-says-north-korea-hacked-bybit-as-details-of-1-5b-heist-emerge/ www.secnews.physaphae.fr/article.php?IdArticle=8651563 False Hack,Technical None 4.0000000000000000 Bleeping Computer - Magazine Américain A suspected cyber criminal believed to have extorted companies under the name "DESORDEN Group" or "ALTDOS" has been arrested in Thailand for leaking the stolen data of over 90 organizations worldwide. [...]]]> 2025-02-27T10:49:09+00:00 https://www.bleepingcomputer.com/news/security/suspected-desorden-hacker-arrested-for-breaching-90-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8651654 False None None 2.0000000000000000 Global Security Mag - Site de news francais Revues de produits

---

F5 Unveils Industry\'s First Converged Application Delivery and Security Platform for the Hybrid Multicloud Infrastructures of the AI Era • F5 Application Delivery and Security Platform converges high-performance traffic management and advanced security capabilities. • New solutions further enhance F5 platform with capabilities that reduce complexity, simplify operations, and strengthen security for every app. - Product Reviews]]> 2025-02-27T10:23:02+00:00 https://www.globalsecuritymag.fr/f5-has-introduced-the-f5-application-delivery-and-security-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8651567 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Claroty's Research ARM, Team82, a publié de nouvelles résultats qui découvrent les risques de sécurité dans le système d'exploitation Windows CE, ...

---

>Claroty‘s research arm, Team82, has released new findings that uncover security risks in the Windows CE operating system,... ]]> 2025-02-27T10:14:20+00:00 https://industrialcyber.co/critical-infrastructure/clarotys-team82-reveals-vulnerabilities-in-windows-ce-putting-industrial-systems-at-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8651564 False Vulnerability,Industrial None 4.0000000000000000 Zataz - Magazine Francais de secu 2025-02-27T10:06:25+00:00 https://www.zataz.com/les-crypto-arnaques-romantiques-une-menace-grandissante/ www.secnews.physaphae.fr/article.php?IdArticle=8651546 False None None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET With AI\'s pattern recognition capabilities well-established, Mr. Schölkopf\'s talk shifts the focus to a pressing question: what will be the next great leap for AI?]]> 2025-02-27T10:00:00+00:00 https://www.welivesecurity.com/en/we-live-science/bernhard-scholkopf-is-ai-intelligent-starmus-highlights/ www.secnews.physaphae.fr/article.php?IdArticle=8661313 False None None 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2025-02-27T09:56:23+00:00 https://www.globalsecuritymag.fr/digital-clean-up-day-reduire-son-empreinte-numerique-un-enjeu-environnemental.html www.secnews.physaphae.fr/article.php?IdArticle=8651548 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine FBI confirms North Korea\'s Lazarus Group responsible for Bybit crypto heist]]> 2025-02-27T09:35:00+00:00 https://www.infosecurity-magazine.com/news/fbi-confirms-north-koreas-lazarus/ www.secnews.physaphae.fr/article.php?IdArticle=8651545 False None APT 38 3.0000000000000000 Global Security Mag - Site de news francais Business News

---

Suprema Strengthens Market Leadership in India\'s Security Industry △ Wins \'Strategic Partner of the Year\' award at SmartTech Asia 2025 - Business News]]> 2025-02-27T09:08:33+00:00 https://www.globalsecuritymag.fr/suprema-strengthens-market-leadership-in-india-s-security-industry.html www.secnews.physaphae.fr/article.php?IdArticle=8651549 False None None 3.0000000000000000 Global Security Mag - Site de news francais Opinion

---

How Kyocera\'s CISO tackles the threat of cyber risk during AI adoption - Opinion]]> 2025-02-27T09:05:57+00:00 https://www.globalsecuritymag.fr/how-kyocera-s-ciso-tackles-the-threat-of-cyber-risk-during-ai-adoption.html www.secnews.physaphae.fr/article.php?IdArticle=8651529 False Threat None 3.0000000000000000 Data Security Breach - Site de news Francais 2025-02-27T09:02:09+00:00 https://www.datasecuritybreach.fr/la-menace-quantique-sur-la-cryptographie-et-la-reponse-de-google-cloud/ www.secnews.physaphae.fr/article.php?IdArticle=8651531 False Cloud None 3.0000000000000000 Korben - Bloger francais 2025-02-27T09:00:00+00:00 https://korben.info/beeftext-automatisation-texte-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8651544 False None None 3.0000000000000000