www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T14:38:10+00:00 www.secnews.physaphae.fr GoogleSec - Firm Security Blog Announcing the launch of Vanir: Open-source Security Patch Validation Vanir, a new open-source security patch validation tool. Introduced at Android Bootcamp in April, Vanir gives Android platform developers the power to quickly and efficiently scan their custom platform code for missing security patches and identify applicable available patches. Vanir significantly accelerates patch validation by automating this process, allowing OEMs to ensure devices are protected with critical security updates much faster than traditional methods. This strengthens the security of the Android ecosystem, helping to keep Android users around the world safe. By open-sourcing Vanir, we aim to empower the broader security community to contribute to and benefit from this tool, enabling wider adoption and ultimately improving security across various ecosystems. While initially designed for Android, Vanir can be easily adapted to other ecosystems with relatively small modifications, making it a versatile tool for enhancing software security across the board. In collaboration with the Google Open Source Security Team, we have incorporated feedback from our early adopters to improve Vanir and make it more useful for security professionals. This tool is now available for you to start developing on top of, and integrating into, your systems.The need for VanirThe Android ecosystem relies on a multi-stage process for vulnerability mitigation. When a new vulnerability is discovered, upstream AOSP developers create and release upstream patches. The downstream device and chip manufacturers then assess the impact on their specific devices and backport the necessary fixes. This process, while effective, can present scalability challenges, especially for manufacturers managing a diverse range of devices and old models with complex update histories. Managing patch coverage across diverse and customized devices often requires considerable effort due to the manual nature of backporting.To streamline the vital security workflow, we developed Vanir. Vanir provides a scalable and sustainable solution for security patch adoption and validation, helping to ensure Android devices receive timely protection against potential threats.]]> 2024-12-05T12:53:25+00:00 http://security.googleblog.com/2024/12/announcing-launch-of-vanir-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8620208 False Tool,Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain New Android spyware found on phone seized by Russian FSB After a Russian programmer was detained by Russia\'s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...]]]> 2024-12-05T12:17:25+00:00 https://www.bleepingcomputer.com/news/security/new-android-spyware-found-on-phone-seized-by-russian-fsb/ www.secnews.physaphae.fr/article.php?IdArticle=8620185 False Mobile None 3.0000000000000000 Global Security Mag - Site de news francais Vigilance.fr - Google Android | Pixel : multiples vulnérabilités de mars 2024, analysé le 05/03/2024 Vulnérabilités

Un attaquant peut employer plusieurs vulnérabilités de Google Android | Pixel. - Vulnérabilités]]> 2024-12-05T11:55:45+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiples-vulnerabilites-de-mars-2024-analyse.html www.secnews.physaphae.fr/article.php?IdArticle=8620663 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Vigilance.fr - Google Android | Pixel: multiple vulnerabilities of March 2024, analyzed on 05/03/2024 Security Vulnerability

An attacker can use several vulnerabilities of Google Android | Pixel. - Security Vulnerability]]> 2024-12-05T11:55:45+00:00 https://www.globalsecuritymag.fr/vigilance-fr-google-android-pixel-multiple-vulnerabilities-of-march-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8620736 False Vulnerability,Mobile None 2.0000000000000000 TrendMicro - Security Firm Blog MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur\\'s Multi-Platform Attacks Trend Micro\'s monitoring of the MOONSHINE exploit kit revealed how it\'s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance.]]> 2024-12-05T00:00:00+00:00 https://www.trendmicro.com/en_us/research/24/l/earth-minotaur.html www.secnews.physaphae.fr/article.php?IdArticle=8619909 False Vulnerability,Threat,Mobile,Prediction None 2.0000000000000000 Dark Reading - Informationweek Branch Pegasus Spyware Infections Proliferate Across iOS, Android Devices The notorious spyware from Israel\'s NSO Group has been found targeting journalists, government officials, and corporate executives in multiple variants discovered in a threat scan of 3,500 mobile phones.]]> 2024-12-04T20:06:00+00:00 https://www.darkreading.com/endpoint-security/pegasus-spyware-infections-ios-android-devices www.secnews.physaphae.fr/article.php?IdArticle=8619642 False Threat,Mobile None 2.0000000000000000 ZD Net - Magazine Info Finally, my search for the best cheap Android tablet is over, and now it\\'s $70 off The Blackview Tab 18 has everything you want in a tablet: a big display, a solid battery, and lots of memory. Even after Cyber Monday, Blackview is offering a 21% price drop.]]> 2024-12-04T18:20:30+00:00 https://www.zdnet.com/article/finally-my-search-for-the-best-cheap-android-tablet-is-over-and-now-its-70-off/ www.secnews.physaphae.fr/article.php?IdArticle=8619616 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info I use this budget tablet more than my iPad Pro - and it\\'s still $60 off after Cyber Monday This Blackview Tab 90 is the mobile entertainment device most people should buy following Cyber Week, especially since it\'s still on sale for $169.]]> 2024-12-04T16:14:00+00:00 https://www.zdnet.com/article/i-use-this-budget-tablet-more-than-my-ipad-pro-and-its-still-60-off-after-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8619547 False Mobile None 1.00000000000000000000 Wired Threat Level - Security News A New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus Infections The mobile device security firm iVerify has been offering a tool since May that makes spyware scanning accessible to anyone-and it\'s already turning up victims.]]> 2024-12-04T14:00:00+00:00 https://www.wired.com/story/iverify-spyware-detection-tool-nso-group-pegasus/ www.secnews.physaphae.fr/article.php?IdArticle=8619457 False Tool,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain New DroidBot Android malware targets 77 banking, crypto apps A new Android banking malware named \'DroidBot\' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]]]> 2024-12-04T13:26:24+00:00 https://www.bleepingcomputer.com/news/security/new-droidbot-android-malware-targets-77-banking-crypto-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8619763 False Malware,Mobile None 3.0000000000000000 ZD Net - Magazine Info You can still buy these iPhone 16 models for one cent on Amazon after Cyber Monday - but act fast It might be one of those \'too good to be true\' offers for most people, but the right customer can realize the one-cent iPhone dream with this Boost Mobile promo.]]> 2024-12-03T21:35:00+00:00 https://www.zdnet.com/article/you-can-still-buy-these-iphone-16-models-for-one-cent-on-amazon-after-cyber-monday-but-act-fast/ www.secnews.physaphae.fr/article.php?IdArticle=8619099 True Mobile None 1.00000000000000000000 InfoSecurity Mag - InfoSecurity Magazine French Mobile Operators Join Forces to Tackle Rising Fraud France\'s four leading mobile operators, Bouygues, Free, Orange and SFR, have taken steps to combat mobile fraud as part of the GSMA Open Gateway initiative]]> 2024-12-03T18:00:00+00:00 https://www.infosecurity-magazine.com/news/france-mno-tackle-rising-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8619027 False Mobile None 3.0000000000000000 ZD Net - Magazine Info The 25+ Best Buy Cyber Monday 2024 deals still available: Save big on TVs, laptops, and more Some Cyber Monday sales are still live, but ending soon. Hurry to get the biggest deals on home entertainment, mobile, audio, and more.]]> 2024-12-03T16:46:07+00:00 https://www.zdnet.com/article/best-cyber-monday-best-buy-deals-2024-12-3/ www.secnews.physaphae.fr/article.php?IdArticle=8619015 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The best Verizon Cyber Monday deals 2024: Last chance sales on iPhone, Samsung Galaxy, more Cyber Monday is done and dusted, but I\'ve curated the best Verizon deals still available for popular phones, tablets, smartwatches, and more.]]> 2024-12-03T14:29:00+00:00 https://www.zdnet.com/article/best-cyber-monday-verizon-deals-deals-2024-12-3/ www.secnews.physaphae.fr/article.php?IdArticle=8618986 True Mobile None 1.00000000000000000000 ZD Net - Magazine Info The 30+ best Cyber Monday 2024 phone deals still live: Final sales on iPhones and Android Cyber Monday is over, but we found the best phone deals still live across major retailers and carriers - save big on iPhone, Samsung Galaxy, Google Pixel, and more.]]> 2024-12-03T14:19:00+00:00 https://www.zdnet.com/article/best-cyber-monday-phone-deals-2024-12-3/ www.secnews.physaphae.fr/article.php?IdArticle=8618987 False Mobile None 1.00000000000000000000 Global Security Mag - Site de news francais Multiples vulnérabilités dans Google Android (03 décembre 2024) Vulnérabilités

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d\'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un problème de sécurité non spécifié par l\'éditeur. - Vulnérabilités]]> 2024-12-03T13:36:34+00:00 https://www.globalsecuritymag.fr/multiples-vulnerabilites-dans-google-android-03-decembre-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8618958 False Mobile None 2.0000000000000000 ProofPoint - Cyber Firms The Rise of MMS Scams: A Picture Is Worth a 1,000 Words-and Sometimes That\\'s Not Good 2024-12-03T12:31:21+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/growing-threat-mms-scam-messages www.secnews.physaphae.fr/article.php?IdArticle=8618952 False Spam,Threat,Mobile,Commercial FedEx 2.0000000000000000 ZD Net - Magazine Info Last chance: One of the best Android smartwatches I\\'ve tested is 26% off for Cyber Monday The OnePlus Watch 2R offers a sharp design and marathon battery life at a steep discount as Cyber Monday ends.]]> 2024-12-03T02:17:00+00:00 https://www.zdnet.com/article/oneplus-watch-2rr-cyber-monday-deal-last-chance/ www.secnews.physaphae.fr/article.php?IdArticle=8618873 True Mobile None 1.00000000000000000000 ZD Net - Magazine Info One of the best Android smartwatches I\\'ve tested is 26% off for Cyber Monday The OnePlus Watch 2R offers a sharp design and marathon battery life at a competitive, discounted price for Cyber Monday.]]> 2024-12-02T22:06:48+00:00 https://www.zdnet.com/article/oneplus-watch-2rr-cyber-monday-deal/ www.secnews.physaphae.fr/article.php?IdArticle=8618826 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info One of the best cheap Android phones I\\'ve tested isn\\'t a Samsung or TCL - and it\\'s on sale for $80 Not everyone needs a $1,000 phone. If you\'re on a tight budget, the NUU N10 is an impressive handset that won\'t break the bank, especially with this Cyber Monday deal.]]> 2024-12-02T21:21:35+00:00 https://www.zdnet.com/article/one-of-the-best-cheap-android-phones-ive-tested-isnt-a-samsung-or-tcl-and-its-on-sale-for-80/ www.secnews.physaphae.fr/article.php?IdArticle=8618830 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The Apple AirTag 4-Pack is $70 - A historically low price for Cyber Monday If you\'re an iPhone user, you could probably use these trackers to monitor your keys, wallet, luggage, and more, especially with this rare $29 discount through Cyber Monday.]]> 2024-12-02T21:18:59+00:00 https://www.zdnet.com/article/the-apple-airtag-4-pack-is-70-a-historically-low-price-for-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8618832 False Mobile None 1.00000000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Small number of vulnerabilities patched in last Android security update of 2024 None of the patched bugs were considered critical. ]]> 2024-12-02T21:14:41+00:00 https://cyberscoop.com/android-security-update-december-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8618820 False Vulnerability,Mobile None 2.0000000000000000 Techworm - News SpyLoan Malware Hits 8 Million Android Users wrote in a blog post published last week. According to the security software company, the 15 SpyLoan apps operate using a shared framework designed to encrypt and exfiltrate sensitive data from a victim\'s device to a command and control (C2) server, indicating that the same developer or group of cybercriminals is behind all of them. SpyLoan apps masquerade as legitimate loan providers under deceptive names and logos, creating a false sense of trust. These apps pose as genuine loan services, promising instant credit with minimal requirements to unsuspecting users in Mexico, Colombia, Senegal, Thailand, Indonesia, Vietnam, Tanzania, Peru, and Chile. Once a user registers for the service, these apps use a one-time password (OTP) to ensure they have a phone number from the targeted region. The users are then prompted to provide supplementary identification documents and personal information, banking accounts, employee information, and device data that are subsequently exfiltrated from the victims to the C2 server in an encrypted format. However, these apps secretly collect sensitive data, including contacts, call logs, and SMS messages, under the pretense of processing loans. They also employ aggressive tactics, such as demanding additional mobile app permissions and intimidating users with threatening messages or calls, including death threats. Once the loan is disbursed, users often find themselves trapped in high-interest repayment schemes. The operators misuse the stolen phone data to harass and blackmail borrowers, often contacting family members to pressure repayment. According to McAfee Labs, malicious SpyLoan apps and unique infected devices have increased by over 75% from the end of Q2 to the end of Q3 2024. 5 of these apps are still available for download on the official app store, as they have reportedly made adjustments to align with Google Play policies. To mitigate the risks posed by such apps, it is advisable to read app permissions carefully, read app reviews to see if any issues have been reported, avoid downloading apps from third-party marketplaces, check the legitimacy of the application publisher before downloading them, and install and update security software. “The threat of Android apps like SpyLoan is a global issue that exploits users’ trust and financial desperation. Despite law enforcement actions to capture multiple groups linked to the operation of SpyLoan apps, new operators and cybercriminals continue to exploit these fraud activities,” Ruiz said. “SpyLoan apps operate with similar code at app and C2 level across different continents. This suggests the presence of a common developer or a shared framework that is being sold to cybercriminals. This modular approach allows these developers to quickly distribute malicious apps tailored to various markets, exploiting local vulnerabilities while maintaining a consistent model for scamming users.”

Security researcher]]> 2024-12-02T20:25:02+00:00 https://www.techworm.net/2024/12/spyloan-malware-million-android.html www.secnews.physaphae.fr/article.php?IdArticle=8630525 False Malware,Vulnerability,Threat,Legislation,Mobile None 2.0000000000000000 ZD Net - Magazine Info This Android smartwatch made me consider switching to Google Pixel - and it\\'s on sale for Cyber Monday The latest Google Pixel Watch 3 is bigger, better, more connected, and still a beautiful wearable. It\'s on sale for Cyber Monday.]]> 2024-12-02T19:02:00+00:00 https://www.zdnet.com/article/this-android-smartwatch-made-me-consider-switching-to-google-pixel-and-its-on-sale-for-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8618784 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info One of the best cheap Android phones I\\'ve tested has a unique look (and now it\\'s 55% off) The X6 Phantom keeps costs low with a stock Android loadout, surprising durability, and an interesting thermometer feature. It\'s currently only $194 for Cyber Monday.]]> 2024-12-02T18:26:46+00:00 https://www.zdnet.com/article/one-of-the-best-cheap-android-phones-ive-tested-has-a-unique-look-and-now-its-55-off/ www.secnews.physaphae.fr/article.php?IdArticle=8618792 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The most durable Android phone I\\'ve tested has a marathon battery (and now it\\'s $75 off) If you need a handset that laughs in the face of inclement weather, the Doogee V Max Plus is for you. And right now, it\'s on sale for $424 during Cyber Monday.]]> 2024-12-02T18:15:24+00:00 https://www.zdnet.com/article/the-most-durable-android-phone-ive-tested-has-a-marathon-battery-and-now-its-75-off/ www.secnews.physaphae.fr/article.php?IdArticle=8618793 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The best Verizon Cyber Monday deals 2024: iPhone, Samsung Galaxy, and online promotions Cyber Monday has kicked off, and I\'ve curated the best Verizon deals on popular phones, tablets, smartwatches, and more.]]> 2024-12-02T17:43:00+00:00 https://www.zdnet.com/article/best-cyber-monday-verizon-deals-deals-2024-12-2/ www.secnews.physaphae.fr/article.php?IdArticle=8618767 True Mobile None 1.00000000000000000000 ZD Net - Magazine Info One of the most durable Android phones I\\'ve tested just hit its lowest price for Cyber Monday The Doogee S200 has a quad-core processor, a 20-day battery (on standby), and even a 100-megapixel camera. Right now, it\'s on sale for 21% off.]]> 2024-12-02T17:15:15+00:00 https://www.zdnet.com/article/one-of-the-most-durable-android-phones-ive-tested-just-hit-its-lowest-price-for-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8618776 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The budget Android tablet I recommend to most people is 26% off with this Cyber Monday deal The Blackview Tab 18 has everything you want in a tablet: a big display, a solid battery, and lots of memory. For Cyber Monday, the device gets a nice price drop.]]> 2024-12-02T16:41:50+00:00 https://www.zdnet.com/article/the-budget-android-tablet-i-recommend-to-most-people-is-26-off-with-this-cyber-monday-deal-12-2-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8618751 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info This touchscreen display adds Apple CarPlay or Android Auto to any car - and it\\'s on sale for Cyber Monday Upgrade your car\'s info system with this 10-inch car display, which is 50% off right now for Cyber Monday.]]> 2024-12-02T15:58:07+00:00 https://www.zdnet.com/article/this-touchscreen-display-adds-apple-carplay-or-android-auto-to-any-car-and-its-on-sale-for-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8618728 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info I finally found a wireless Android Auto adapter that\\'s reliable and affordable - and it\\'s in stock again The AAWireless Two won\'t charm you with a ground-breaking industrial design or an edgy name, but it\'s as good as these adapters get - and back in stock for Cyber Monday.]]> 2024-12-02T15:40:00+00:00 https://www.zdnet.com/article/i-finally-found-a-wireless-android-auto-adapter-thats-reliable-and-affordable-and-its-in-stock-again/ www.secnews.physaphae.fr/article.php?IdArticle=8618731 False Mobile,Industrial None 1.00000000000000000000 ZD Net - Magazine Info I use this cheap tablet more than my iPad Pro - and it\\'s over 30% off for Cyber Monday This Blackview Tab 90 is the mobile entertainment device most people should buy on Cyber Monday, based on my testing experience.]]> 2024-12-02T15:38:41+00:00 https://www.zdnet.com/article/i-use-this-cheap-tablet-more-than-my-ipad-pro-and-its-over-30-off-for-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8618732 False Mobile None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play Over a dozen malicious Android apps identified on the Google Play Store that have been collectively downloaded over 8 million times contain malware known as SpyLoan, according to new findings from McAfee Labs. "These PUP (potentially unwanted programs) applications use social engineering tactics to trick users into providing sensitive information and granting extra mobile app permissions, which]]> 2024-12-02T15:16:00+00:00 https://thehackernews.com/2024/12/8-million-android-users-hit-by-spyloan.html www.secnews.physaphae.fr/article.php?IdArticle=8618634 False Malware,Mobile None 2.0000000000000000 Wired Threat Level - Security News The Apple AirPods Pro Are (Still) the Cheapest We\\'ve Ever Seen Need wireless earbuds? This Cyber Monday deal on the AirPods Pro is going strong, and they\'re the best earbuds for the iPhone.]]> 2024-12-02T12:58:23+00:00 https://www.wired.com/story/cyber-monday-2024-apple-airpods-pro-deal/ www.secnews.physaphae.fr/article.php?IdArticle=8618660 False Mobile None 1.00000000000000000000 Wired Threat Level - Security News Best Cyber Monday Phone Deals (2024), Including Cases Too Need a smartphone? These Cyber Monday deals are the best we\'ve seen all year on Android phones, accessories, and even iPhones.]]> 2024-12-02T12:44:00+00:00 https://www.wired.com/story/cyber-monday-phone-deals-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8618661 False Mobile None 1.00000000000000000000 RiskIQ - cyber risk firms (now microsoft) Weekly OSINT Highlights, 2 December 2024 2024-12-02T12:13:17+00:00 https://community.riskiq.com/article/3c8b5d6b www.secnews.physaphae.fr/article.php?IdArticle=8618668 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Details about the iOS Inactivity Reboot Feature wrote about the new iOS feature that forces an iPhone to reboot after it’s been inactive for a longish period of time. Here are the technical details, discovered through reverse engineering. The feature triggers after seventy-two hours of inactivity, even it is remains connected to Wi-Fi.

I recently wrote about the new iOS feature that forces an iPhone to reboot after it’s been inactive for a longish period of time. Here are the technical details, discovered through reverse engineering. The feature triggers after seventy-two hours of inactivity, even it is remains connected to Wi-Fi.]]> 2024-12-02T12:08:40+00:00 https://www.schneier.com/blog/archives/2024/12/details-about-the-ios-inactivity-reboot-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8618658 False Mobile None 2.0000000000000000 ZD Net - Magazine Info Give your iPhone 16 thermal camera superpowers with this gadget (get 23% off in this Cyber Monday deal) Apple won\'t add a thermal camera to the iPhone, but now you can!]]> 2024-12-02T09:57:00+00:00 https://www.zdnet.com/article/give-your-iphone-16-thermal-camera-superpowers-with-this-gadget/ www.secnews.physaphae.fr/article.php?IdArticle=8618612 False Mobile None 1.00000000000000000000 The State of Security - Magazine Américain Cyber-Safe Shopping: Protect Yourself from Holiday Scams and Cyber Threats The holiday shopping season is here, and while it brings excitement and joy, it also opens opportunities for cybercriminals to exploit unsuspecting shoppers. With more people buying gifts online and taking advantage of holiday deals, the risk of falling victim to cyberattacks increases. Whether you\'re shopping from your desktop, mobile device, or in-store, it\'s essential to be aware of common threats and take steps to protect yourself. Here\'s a guide on how to stay safe while you enjoy the holiday shopping season: Beware of Phishing Scams Phishing scams are one of the most common ways to steal...]]> 2024-12-02T04:17:51+00:00 https://www.tripwire.com/state-of-security/cyber-safe-shopping-protect-yourself-holiday-scams-and-cyber-threats www.secnews.physaphae.fr/article.php?IdArticle=8618627 False Threat,Mobile None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite SpyLoan Apps: The New Face of Financial Exploitation The McAfee mobile research team has identified a significant global rise in predatory loan applications, commonly referred to as SpyLoan apps, which primarily target Android users. These applications, classified as potentially unwanted programs (PUP), utilize social engineering tactics to manipulate users into sharing sensitive information and granting excessive permissions, leading to extortion, harassment, and financial losses. [...]]]> 2024-12-02T04:17:47+00:00 https://informationsecuritybuzz.com/spyloan-apps-financial-exploitation/ www.secnews.physaphae.fr/article.php?IdArticle=8618579 False Mobile None 3.0000000000000000 ZD Net - Magazine Info This thermal camera is my new favorite smartphone accessory (and it\\'s on sale for Cyber Week) Thermal cameras are infinitely useful, and this one from Thermal Master would be a fantastic addition to any Android user\'s toolkit. For Cyber Monday, Amazon reduced the price and is offering a coupon.]]> 2024-12-02T00:54:00+00:00 https://www.zdnet.com/article/this-thermal-camera-is-my-new-favorite-smartphone-accessory-and-its-on-sale-for-cyber-monday-2024-12-1/ www.secnews.physaphae.fr/article.php?IdArticle=8618560 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The Pixel 8 is still a sweet Android phone and has been given a new low price for Cyber Monday With all eyes on Google\'s newest smartphone - the Pixel 9 - last year\'s model is seeing big discounts. The Pixel 8 still has some impressive specs and a new base price.]]> 2024-12-02T00:00:00+00:00 https://www.zdnet.com/article/the-pixel-8-is-still-a-sweet-android-phone-and-has-been-given-a-new-low-price-for-cyber-monday-2024-12-1/ www.secnews.physaphae.fr/article.php?IdArticle=8618552 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The best Cyber Monday Verizon deals 2024: iPhone, Samsung Galaxy, and internet sales Cyber Monday is hours away, and I\'ve curated the best Verizon deals on popular phones, tablets, smartwatches, and more.]]> 2024-12-01T19:56:37+00:00 https://www.zdnet.com/article/best-cyber-monday-verizon-deals-deals-2024-12-1/ www.secnews.physaphae.fr/article.php?IdArticle=8618525 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info The 45+ best Cyber Monday 2024 phone deals: Save big on iPhones, Samsung, and more Several Black Friday phone deals are still live, and Cyber Monday deals are just getting started -- don\'t miss out on major savings on the iPhone 16, Samsung Galaxy S24 Ultra, and far more.]]> 2024-12-01T19:02:23+00:00 https://www.zdnet.com/article/best-cyber-monday-phone-deals-2024-12-1/ www.secnews.physaphae.fr/article.php?IdArticle=8618514 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info I found the only iPhone 16 model on sale for one cent on Amazon ahead of Cyber Monday It might be one of those \'too good to be true\' offers for most people, but the right customer can realize the one-cent iPhone dream with this Boost Mobile promo. But grab it fast: this Cyber Monday deal won\'t be around for long.]]> 2024-12-01T17:46:17+00:00 https://www.zdnet.com/article/i-found-the-only-iphone-16-model-on-sale-for-one-cent-on-amazon-ahead-of-cyber-monday/ www.secnews.physaphae.fr/article.php?IdArticle=8618504 False Mobile None 1.00000000000000000000 ZD Net - Magazine Info Gift 3 months of Xbox Game Pass Ultimate for 28% off with this Cyber Monday deal Try or gift Xbox Game Pass for three months for nearly one-third off and play over 100 games including Starfield, Forza Motorsport, and Football Manager 2024 on your Xbox, PC, or mobile device.]]> 2024-12-01T17:00:15+00:00 https://www.zdnet.com/article/gift-3-months-of-xbox-game-pass-ultimate-for-28-off-with-this-cyber-monday-deal/ www.secnews.physaphae.fr/article.php?IdArticle=8618489 False Mobile None 1.00000000000000000000 RedTeam PL - DarkTrace: AI bases detection BadWPAD, DNS suffix and wpad.pl / wpadblocking.com case 2024-12-01T15:51:25+00:00 https://blog.redteam.pl/2019/05/badwpad-dns-suffix-wpad-wpadblocking-com.html www.secnews.physaphae.fr/article.php?IdArticle=8618461 False Threat,Mobile None 3.0000000000000000 ZD Net - Magazine Info This Anker mini power bank makes the perfect stocking stuffer, and it\\'s still on sale for $16 Anker\'s Nano Power Bank makes charging your iPhone or Android device effortless, and it\'s on sale for Cyber Monday at Amazon.]]> 2024-12-01T00:55:39+00:00 https://www.zdnet.com/article/this-anker-mini-power-bank-makes-the-perfect-stocking-stuffer-and-its-still-on-sale-for-16/ www.secnews.physaphae.fr/article.php?IdArticle=8618395 False Mobile None 1.00000000000000000000 Bleeping Computer - Magazine Américain SpyLoan Android malware on Google play installed 8 million times A new set of 15 SpyLoan apps with over 8 million installs was discovered on Google Play, targeting primarily users from South America, Southeast Asia, and Africa. [...]]]> 2024-11-30T10:11:21+00:00 https://www.bleepingcomputer.com/news/security/spyloan-android-malware-on-google-play-installed-8-million-times/ www.secnews.physaphae.fr/article.php?IdArticle=8618355 False Malware,Mobile None 1.00000000000000000000 Global Security Mag - Site de news francais Wie man Videospiel-Engines für Hacking missbraucht Malware / affiche

Check Point Software Technologies Ltd (NASDAQ: CHKP), ein Pionier und weltweit führender Anbieter von Cyber-Sicherheitslösungen, kam einer neuen Hacker-Masche auf die Spur. Mithilfe der Gaming Engine Godot Engine können Cyber-Kriminelle verschiedene Betriebssysteme von vernetzten Geräten attackieren, darunter Windows, macOS, Linux, Android und iOS. Verbreitet wird der schädliche Code von dem Malware-Netzwerk Stargazers Ghost Network, die Check Point vor einigen Monaten untersucht hatte, über die Open-Source-Plattform GitHub. In drei Monaten wurden über 17 000 Geräte infiziert. Die Auswirkung kann möglicherweise über 1,2 Millionen von Nutzern erstellte Videospiele betreffen, die mit der Godot Engine entwickelt worden sind, da legitime Godot-Ausführdateien missbraucht werden, um betrügerische Inhalte über Mods (Modifikationen für Videospiele) und DLCs (downloadable content, Zusatzinhalte) zu laden. Das schädliche Script der Hacker hört auf den Namen GodLoader, welches zusammen mit Payloads auf die Ziel-Geräte gebracht wird. Der Diebstahl von Anmeldedaten und die Installation von Ransomware sind das Ziel der Cyber-Kriminellen. - Malware / affiche]]> 2024-11-29T16:31:19+00:00 https://www.globalsecuritymag.fr/wie-man-videospiel-engines-fur-hacking-missbraucht.html www.secnews.physaphae.fr/article.php?IdArticle=8618268 False Ransomware,Mobile None 1.00000000000000000000 TechRepublic - Security News US How to Delete Spam SMS Messages and Add New Blocked Numbers on Android If you\'re looking to clear out old spam and blocked SMS messages from Android, Jack Wallen is here to show you how.]]> 2024-11-29T16:00:00+00:00 https://www.techrepublic.com/article/how-to-delete-spam-sms-messages-and-add-new-blocked-numbers-on-android/ www.secnews.physaphae.fr/article.php?IdArticle=8618300 False Spam,Mobile None 2.0000000000000000 Wired Threat Level - Security News Android \\'Find My Device\\' Has Gotten a Major Upgrade. Here\\'s What\\'s New Google\'s device location service is catching up to Apple\'s.]]> 2024-11-29T14:30:00+00:00 https://www.wired.com/story/android-find-my-device-upgrade-whats-new/ www.secnews.physaphae.fr/article.php?IdArticle=8618258 False Mobile None 2.0000000000000000 Kaspersky - Kaspersky Research blog IT threat evolution in Q3 2024. Mobile statistics The Q3 2024 mobile threat statistics encompass data on cyberattacks against Android devices involving malware, adware and potentially unwanted apps.]]> 2024-11-29T10:00:38+00:00 https://securelist.com/malware-report-q3-2024-mobile-statistics/114692/ www.secnews.physaphae.fr/article.php?IdArticle=8618234 False Malware,Threat,Mobile None 2.0000000000000000 ZD Net - Magazine Info One of the best budget Android tablets is not from Samsung and it\\'s on sale for Cyber Week If you want a tablet for normal use and entertainment for under $200, the AGM Pad P2 is my recommendation. The rugged version is also on sale ahead of Black Friday.]]> 2024-11-29T01:01:00+00:00 https://www.zdnet.com/article/one-of-the-best-budget-android-tablets-is-not-from-samsung-and-its-on-sale-for-cyber-week-2024-11-28/ www.secnews.physaphae.fr/article.php?IdArticle=8618199 False Mobile None 2.0000000000000000 Techworm - News Hackers Exploit Popular Godot Game Engine To Spread Malware Gaming Engines: An Undetected Playground for Malware Loaders,” the researchers say they believe that the threat actor behind the GodLoader malware has been using it since June 29, 2024, and has infected more than 17,000 devices so far. Notably, these payloads included cryptocurrency miners like XMRig, which was hosted on a private Pastebin file uploaded on May 10, 2024. The file contained the XMRigconfiguration related to the campaign, which was visited 206,913 times. The malware is distributed via the Stargazers Ghost Network, which operates as a Distribution-as-Service (DaaS) model, enabling malicious malware’s “legitimate” distribution through GitHub repositories. Approximately 200 repositories and more than 225 Stargazer Ghost accounts were used to distribute GodLoader throughout September and October. The attacks, targeting developers, gamers, and general users, were carried out in four waves via GitHub repositories on September 12, September 14, September 29, and October 3, 2024, tempting them to download infected tools and games. “Godot uses .pck (pack) files to bundle game assets and resources, such as scripts, scenes, textures, sounds, and other data. The game can load these files dynamically, allowing developers to distribute updates, downloadable content (DLC), or additional game assets without modifying the core game executable,” Check Point researchers said in the report. “These pack files might contain elements related to the games, images, audio files, and any other “static” files. In addition to these static files, .pck files can include scripts written in GDScript (.gd). These scripts can be executed when the .pck is loaded using the built-in callback function _ready(), allowing the game to add new functionality or modify existing behavior. “This feature gives attackers many possibilities, from downloading additional malware to executing remote payloads-all while remaining undetected. Since GDScript is a fully functional language, threat actors have many functions like anti-sandbox, anti-virtual machine measures, and remote payload execution, enabling the malware to remain undetected.” While the researchers only identified GodLoader samples specifically targeting Windows systems, they also developed a proof-of-concept exploit using GDScript, demonstrating how easily the malware could be adapted to target Linux and macOS systems. To reduce the risks posed by threats like GodLoader, it is crucial to keep operating systems and applications updated with timely patches and exercise caution with unexpe]]> 2024-11-28T16:02:54+00:00 https://www.techworm.net/2024/11/hacker-exploit-godot-game-engine-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8630526 False Malware,Tool,Vulnerability,Threat,Mobile,Technical None 2.0000000000000000 Korben - Bloger francais Un support iPhone inspiré du travail de Dieter Rams, à imprimer en 3D Vous vous souvenez de l’époque où on calait notre iPhone contre une pile de livres pour regarder des vidéos ou s’en servir comme réveil ? Eh bien, aujourd’hui je vais vous parler d’une création qui fait entrer nos supports de smartphones AliExpress dans une nouvelle dimension esthétique. En effet, un maker de talent s’est inspiré du design légendaire de Dieter Rams pour créer un support d’iPhone absolument incroyable. Pour ceux qui ne connaîtraient pas Dieter Rams, c’est le père spirituel du design minimaliste moderne. Ses créations pour Braun dans les années 60 ont tellement influencé Apple qu’on pourrait presque dire que Jony Ive avait une photo de lui sur sa table de nuit.]]> 2024-11-28T09:00:00+00:00 https://korben.info/support-iphone-15-pro-design-dieter-rams.html www.secnews.physaphae.fr/article.php?IdArticle=8618134 False Mobile None 2.0000000000000000 ZD Net - Magazine Info I found the AirTags that Android users have been waiting for (and they\\'re on sale for Black Friday) Chipolo\'s latest One and Card trackers are perfect for keys and wallets that can go missing. The four-pack bundle gets a price drop ahead of Black Friday and Cyber Week.]]> 2024-11-27T20:02:00+00:00 https://www.zdnet.com/article/i-found-the-airtags-that-android-users-have-been-waiting-for-and-theyre-on-sale-for-black-friday-2024-11-27/ www.secnews.physaphae.fr/article.php?IdArticle=8618084 False Mobile None 3.0000000000000000 knowbe4 - cybersecurity services Malicious Loan Apps Target Android Users in Africa, South America and Asia

Malicious Loan Apps Target Android Users in Africa, South America, and Asia

Researchers at McAfee warn of a surge in malicious loan apps targeting Android users across South America, Southern Asia, and Africa.

Researchers at McAfee warn of a surge in malicious loan apps targeting Android users across South America, Southern Asia, and Africa.]]> 2024-11-27T17:19:49+00:00 https://blog.knowbe4.com/malicious-loan-apps-target-android-users-in-africa-south-america-and-asia www.secnews.physaphae.fr/article.php?IdArticle=8618068 False Mobile None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite The Exploitation of Gaming Engines: A New Dimension in Cybercrime Executive Summary Check Point Research discovered a new technique using Godot Engine, a popular open-source game engine, to execute malicious code that executes nefarious commands and delivers malware and largely remains undetected. This innovative method enables cybercriminals to compromise devices across different platforms, including Windows, macOS, Linux, Android, and iOS. The Stargazers Ghost Network, a GitHub network that distributes malware as a service, distributes the malicious code and, in just three months, has infected over 17,000 machines. Potential attack scenarios can impact over 1.2 million users’ games developed with Godot by exploiting legitimate Godot executables to load harmful content through […]

>Executive Summary Check Point Research discovered a new technique using Godot Engine, a popular open-source game engine, to execute malicious code that executes nefarious commands and delivers malware and largely remains undetected. This innovative method enables cybercriminals to compromise devices across different platforms, including Windows, macOS, Linux, Android, and iOS. The Stargazers Ghost Network, a GitHub network that distributes malware as a service, distributes the malicious code and, in just three months, has infected over 17,000 machines. Potential attack scenarios can impact over 1.2 million users’ games developed with Godot by exploiting legitimate Godot executables to load harmful content through […] ]]> 2024-11-27T13:00:55+00:00 https://blog.checkpoint.com/research/the-exploitation-of-gaming-engines-a-new-dimension-in-cybercrime/ www.secnews.physaphae.fr/article.php?IdArticle=8618040 False Malware,Mobile None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain NSO Group Spies on People on Behalf of Governments learned that that’s not true: that NSO Group employees operate the spyware on behalf of their customers. Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company\'s hacking software...

The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the spyware on behalf of their customers. Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company\'s hacking software...]]> 2024-11-27T12:05:16+00:00 https://www.schneier.com/blog/archives/2024/11/nso-group-spies-on-people-on-behalf-of-governments.html www.secnews.physaphae.fr/article.php?IdArticle=8618001 False Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS) 2024-11-26T21:59:55+00:00 https://community.riskiq.com/article/7dae7a55 www.secnews.physaphae.fr/article.php?IdArticle=8617947 False Spam,Malware,Tool,Threat,Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) DPRK IT Workers | A Network of Active Front Companies and Their Links to China 2024-11-26T20:22:49+00:00 https://community.riskiq.com/article/d3dd2b00 www.secnews.physaphae.fr/article.php?IdArticle=8617941 False Tool,Threat,Mobile None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC What Are Computer Worms? 2024-11-26T14:37:00+00:00 https://levelblue.com/blogs/security-essentials/what-are-computer-worms www.secnews.physaphae.fr/article.php?IdArticle=8618712 False Ransomware,Data Breach,Spam,Malware,Tool,Vulnerability,Threat,Patching,Mobile,Industrial,Medical,Technical Wannacry 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain What Graykey Can and Can\\'t Unlock 404 Media: The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28. More ...

This is from 404 Media: The Graykey, a phone unlocking and forensics tool that is used by law enforcement around the world, is only able to retrieve partial data from all modern iPhones that run iOS 18 or iOS 18.0.1, which are two recently released versions of Apple’s mobile operating system, according to documents describing the tool’s capabilities in granular detail obtained by 404 Media. The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, which was released on October 28. More ...]]> 2024-11-26T12:01:41+00:00 https://www.schneier.com/blog/archives/2024/11/what-graykey-can-and-cant-unlock.html www.secnews.physaphae.fr/article.php?IdArticle=8617864 False Tool,Legislation,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google\\'s New Restore Credentials Tool Simplifies App Login After Android Migration Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android\'s Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement. "With Restore Credentials, apps can seamlessly onboard]]> 2024-11-25T19:52:00+00:00 https://thehackernews.com/2024/11/googles-new-restore-credentials-tool.html www.secnews.physaphae.fr/article.php?IdArticle=8617607 False Tool,Mobile None 2.0000000000000000 McAfee Labs - Editeur Logiciel SpyLoan: A Global Threat Exploiting Social Engineering

Authored by: Fernando Ruiz The McAfee mobile research team recently identified a significant global increase of SpyLoan, also known as...

Authored by: Fernando Ruiz The McAfee mobile research team recently identified a significant global increase of SpyLoan, also known as... ]]> 2024-11-25T13:00:06+00:00 https://www.mcafee.com/blogs/other-blogs/mcafee-labs/spyloan-a-global-threat-exploiting-social-engineering/ www.secnews.physaphae.fr/article.php?IdArticle=8617576 False Threat,Mobile None 2.0000000000000000 ProofPoint - Cyber Firms AI, Data Security, and CISO Shifts: Top Cybersecurity Trends to Watch in 2025 2024-11-24T17:40:19+00:00 https://www.proofpoint.com/us/blog/ciso-perspectives/ai-data-security-and-ciso-shifts-top-cybersecurity-trends-watch-2025 www.secnews.physaphae.fr/article.php?IdArticle=8617520 False Ransomware,Malware,Tool,Threat,Mobile,Prediction,Cloud None 3.0000000000000000 HackRead - Chercher Cyber Why New York is a Prime Location for Leading Mobile Development Agencies New York, the city that never sleeps, is renowned as a global epicentre for innovation, creativity, and business…]]> 2024-11-23T17:00:00+00:00 https://hackread.com/new-york-prime-location-mobile-development-agencies/ www.secnews.physaphae.fr/article.php?IdArticle=8616668 False Mobile None 3.0000000000000000 TroyHunt - Blog Security Google seems to have called it quits on making its own Android tablets-again Reports have the Pixel Tablet 2-or maybe 3?-being canceled over sales concerns.]]> 2024-11-22T13:38:15+00:00 https://arstechnica.com/gadgets/2024/11/google-seems-to-have-called-it-quits-on-making-its-own-android-tablets-again/ www.secnews.physaphae.fr/article.php?IdArticle=8616058 False Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Android will soon instantly log you in to your apps on new devices New phone day for Android users should get a whole bunch easier.]]> 2024-11-21T16:43:21+00:00 https://arstechnica.com/gadgets/2024/11/android-will-soon-instantly-log-you-in-to-your-apps-on-new-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8615517 False Mobile None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Privacy-focused mobile phone launches for high-risk individuals The mobile company CAPE\'s Android-based phone complies with U.S. law but claims to offer a higher degree of privacy for users.

>The mobile company CAPE\'s Android-based phone complies with U.S. law but claims to offer a higher degree of privacy for users. ]]> 2024-11-21T14:00:00+00:00 https://cyberscoop.com/cape-phone-privacy-calea-tracking/ www.secnews.physaphae.fr/article.php?IdArticle=8615425 False Mobile None 2.0000000000000000 The Register - Site journalistique Anglais DoJ wants Google to sell Chrome and ban it from paying to be search default Filing also suggests it sells Android, stops scraping content for AI without opt-out The US Department of Justice last night finally filed court documents proposing Google divest itself of Chrome – the most popular browser in the world by a huge margin.… ]]> 2024-11-21T12:41:36+00:00 https://go.theregister.com/feed/www.theregister.com/2024/11/21/usa_vs_google_full_filing/ www.secnews.physaphae.fr/article.php?IdArticle=8615396 False Mobile None 2.0000000000000000 Korben - Bloger francais Graykey - L\'outil de déblocage iPhone qui inquiète Apple Magnet Forensics.

Les smartphones et leur sécurité, c’est vraiment une histoire sans fin qui ressemble de plus en plus à un épisode de Tom & Jerry version high-tech ! D’un côté, nous avons Apple qui renforce sans cesse la protection de ses iPhones, et de l’autre, des entreprises et des outils spécialisées comme Graykey qui tentent par tous les moyens de percer leurs défenses. Une fuite récente de documents confidentiels vient de nous offrir un aperçu plutôt intéressant des capacités de cet outil utilisé par les forces de l’ordre du monde entier. Cette fuite est d’autant plus incroyable qu’elle est sans précédent pour Graykey, désormais sous la bannière de Magnet Forensics.]]> 2024-11-21T06:58:03+00:00 https://korben.info/graykey-outil-deblocage-iphone-securite.html www.secnews.physaphae.fr/article.php?IdArticle=8615197 False Tool,Mobile None 3.0000000000000000 RiskIQ - cyber risk firms (now microsoft) AiTM Phishing, Hold the Gabagool: Analyzing the Gabagool Phishing Kit 2024-11-20T22:24:05+00:00 https://community.riskiq.com/article/e95dd16f www.secnews.physaphae.fr/article.php?IdArticle=8615042 False Spam,Malware,Tool,Threat,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais SashNext Launches Partner Program and appoints Ned D\\'Antonio as Global Head of MSPs Business News

ashNext Launches Partner Program Designed for MSPs and MSSPs, Providing Partners with Integrated Email, Browser and Mobile Messaging Security Services SlashNext appoints Ned D\'Antonio as Global Head of MSPs to expand the reach of the company\'s advanced, AI-driven phishing protection platform - Business News]]> 2024-11-20T20:19:02+00:00 https://www.globalsecuritymag.fr/sashnext-launches-partner-program-and-appoints-ned-d-antonio-as-global-head-of.html www.secnews.physaphae.fr/article.php?IdArticle=8614963 False Mobile None 3.0000000000000000 Techworm - News Apple Releases Urgent Updates To Patch Actively Exploited Zero-Day macOS Vulnerabilities said in an advisory published on Tuesday. The first vulnerability, CVE-2024-44308, is related to JavaScriptCore, which could lead to arbitrary code execution when processing maliciously crafted web content. On the other hand, the second vulnerability, CVE-2024-44309, is related to WebKit, the engine that powers Safari and web content on Apple devices. It could lead to a cross-site scripting (CSS) attack when processing maliciously crafted web content. While the CVE-2024-44308 vulnerability was addressed with improved checks, the CVE-2024-44309 flaw, a cookie management issue, was addressed with improved state management. These vulnerabilities were discovered and reported by Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group (TAG), which tracks cyberattacks mostly linked to government-backed actors. Apple has not provided any information on how the above vulnerabilities were exploited. However, it has strongly urged its macOS users to immediately update to macOS Sequoia 15.1.1, which addresses the security flaws. It has also released the latest versions of iOS and iPadOS and recommends that iPhone and iPad users update promptly to mitigate potential security threats. To download macOS software updates, go to Apple menu > System Settings, click General in the sidebar of the window that opens, then click Software Update on the right. For software updates on iPhone or iPad, go to Settings > General > Software Update > Check for the update and install.

Apple has rolled out urgent security updates to fix two zero-day critical vulnerabilities affecting Mac users that have been actively exploited in the wild. According to the Cupertino giant, the zero-day vulnerabilities, CVE-2024-44308 and CVE-2024-44309, are only actively exploited on Intel-based Mac systems. “Apple is aware of a report that this issue may have been exploited,” the company said in an advisory published on Tuesday. The first vulnerability, CVE-2024-44308, is related to JavaScriptCore, which could lead to arbitrary code execution when processing maliciously crafted web content. On the other hand, the second vulnerability, CVE-2024-44309, is related to WebKit, the engine that powers Safari and web content on Apple devices. It could lead to a cross-site scripting (CSS) attack when processing maliciously crafted web content. While the CVE-2024-44308 vulnerability was addressed with improved checks, the CVE-2024-44309 flaw, a cookie management issue, was addressed with improved state management. These vulnerabilities were discovered and reported by Clément Lecigne and Benoît Sevens of Google’s Threat Analysis Group (TAG), which tracks cyberattacks mostly linked to government-backed actors. Apple has not provided any information on how the above vulnerabilities were exploited. ]]> 2024-11-20T19:35:24+00:00 https://www.techworm.net/2024/11/apple-release-patch-zero-day-macos-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8630528 False Vulnerability,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments Threat actors are increasingly banking on a new technique that leverages near-field communication (NFC) to cash out victim\'s funds at scale. The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic. "Criminals can now misuse Google Pay and Apple]]> 2024-11-20T18:39:00+00:00 https://thehackernews.com/2024/11/ghost-tap-hackers-exploiting-nfcgate-to.html www.secnews.physaphae.fr/article.php?IdArticle=8614757 False Threat,Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain New Ghost Tap attack abuses NFC mobile payments to steal money Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed \'Ghost Tap,\' which relays NFC card data to money mules worldwide. [...]]]> 2024-11-20T11:44:42+00:00 https://www.bleepingcomputer.com/news/security/new-ghost-tap-attack-abuses-nfc-mobile-payments-to-steal-money/ www.secnews.physaphae.fr/article.php?IdArticle=8614846 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Zimperium Predicts Data Privacy Emphasis, More Evasive Phishing Attacks and Rise of Sideloading in 2025 This blog shares Zimperium\'s 2025 mobile security trends and threat predictions. ]]> 2024-11-20T10:25:00+00:00 https://www.zimperium.com/blog/zimperium-2025-predictions/ www.secnews.physaphae.fr/article.php?IdArticle=8614646 False Threat,Mobile None 2.0000000000000000 The Register - Site journalistique Anglais Google changes Android release cycle so new versions arrive in Q2 Version 16 developer preview starts the new cycle, with warnings for devs to test sooner rather than later Google on Monday delivered the first developer preview of Android 16 – a release notable for both its status as the first step towards a new version and its release date signalling a change in the release cycle for the OS.…]]> 2024-11-20T03:30:14+00:00 https://go.theregister.com/feed/www.theregister.com/2024/11/20/android_16_new_release_cycle/ www.secnews.physaphae.fr/article.php?IdArticle=8614462 False Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Report: DOJ wants to force Google Chrome sale, Android de-bundling Cutting off Google\'s control of the world\'s most popular browser may be necessary.]]> 2024-11-19T16:12:16+00:00 https://arstechnica.com/tech-policy/2024/11/report-doj-wants-to-force-google-chrome-sale-android-de-bundling/ www.secnews.physaphae.fr/article.php?IdArticle=8614184 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Inside Water Barghest\'s Rapid Exploit-to-Market Strategy for IoT Devices ## Snapshot Trend Micro released a report detailing the activities of Water Barghest, a cybercriminal group operating a highly automated botnet operation that exploits vulnerabilities in Internet of Things (IoT) devices to monetize them as residential proxies. ## Description Active for over five years, the group leverages tools like public internet scan databases (e.g., Shodan) to identify vulne]]> 2024-11-19T00:35:14+00:00 https://community.riskiq.com/article/87813b8d www.secnews.physaphae.fr/article.php?IdArticle=8613803 False Malware,Tool,Vulnerability,Threat,Mobile,Prediction,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Gmail\\'s New Shielded Email Feature Lets Users Create Aliases for Email Privacy Google appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Google Play Services for Android. The idea is to create unique, single-use email addresses that forward the messages to]]> 2024-11-18T16:45:00+00:00 https://thehackernews.com/2024/11/shielded-email-googles-latest-tool-for.html www.secnews.physaphae.fr/article.php?IdArticle=8613441 False Spam,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Swiss Cyber Agency Warns of QR Code Malware in Mail Scam Switzerland\'s National Cyber Security Centre has warned of a new QR code scam in fake MeteoSwiss letters spreading Android malware]]> 2024-11-18T16:30:00+00:00 https://www.infosecurity-magazine.com/news/swiss-cyberagency-qr-code-mail-scam/ www.secnews.physaphae.fr/article.php?IdArticle=8613587 False Malware,Mobile None 2.0000000000000000 Korben - Bloger francais Windows 95 s\'invite sur iOS avec ce thème rétro bluffant Ah, les années 90 ! Je m’en souviens comme si c’était hier ! Ma jeunesse, l’époque bénie où le démarrage d’un PC s’accompagnait d’une douce symphonie de ventilateurs ronronnants et de disques durs cliquetants. Si vous aussi cette période vous manque, j’ai trouvé de quoi raviver vos souvenirs directement sur votre iPhone ! Laissez-moi vous présenter i95, un thème qui transforme votre smartphone dernier cri en une véritable machine à remonter le temps.]]> 2024-11-18T15:58:08+00:00 https://korben.info/theme-windows-95-ios-personnalisation-retro.html www.secnews.physaphae.fr/article.php?IdArticle=8613557 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Vigilance Alertes Vulnérabilités - Mozilla Firefox pour Android : usurpation d\'adresse via une redirection, analysé le 18/09/2024 Vulnérabilités

Un attaquant peut créer des données usurpées sur Mozilla Firefox pour Android, via une redirection, afin de tromper la victime. - Vulnérabilités]]> 2024-11-18T11:26:45+00:00 https://www.globalsecuritymag.fr/vigilance-alertes-vulnerabilites-mozilla-firefox-pour-android-usurpation-d.html www.secnews.physaphae.fr/article.php?IdArticle=8613401 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Vigilance Vulnerability Alerts - Mozilla Firefox for Android: address spoofing via redirection, analyzed on 18/09/2024 Security Vulnerability

An attacker can create spoofed data on Mozilla Firefox for Android, via redirection, in order to deceive the victim. - Security Vulnerability]]> 2024-11-18T11:26:45+00:00 https://www.globalsecuritymag.fr/vigilance-vulnerability-alerts-mozilla-firefox-for-android-address-spoofing-via.html www.secnews.physaphae.fr/article.php?IdArticle=8613400 False Vulnerability,Mobile None 2.0000000000000000 Wired Threat Level - Security News HMD Fusion Review: A Cheap Modular Android Phone The modular phone concept returns and it\'s rather boring.]]> 2024-11-17T16:03:03+00:00 https://www.wired.com/review/hmd-fusion/ www.secnews.physaphae.fr/article.php?IdArticle=8612952 False Mobile None 2.0000000000000000 SecureMac - Security focused on MAC Checklist 400: Reboots, PDFs, and Passwords Weak passwords persist as "123456" tops global lists. Mac malware targets crypto users. New iPhone auto-reboot boosts security, challenging law enforcement.

>Weak passwords persist as "123456" tops global lists. Mac malware targets crypto users. New iPhone auto-reboot boosts security, challenging law enforcement. ]]> 2024-11-15T20:07:00+00:00 https://www.securemac.com/checklist/checklist-400-reboots-pdfs-and-passwords www.secnews.physaphae.fr/article.php?IdArticle=8611966 False Malware,Legislation,Mobile None 2.0000000000000000 Korben - Bloger francais The Boring Mode - L\'app qui change votre smartphone en téléphone chiant Comme d’hab, j’arrive après la bataille pour vous parler d’une petite pépite qui devrait en intéresser plus d’un, surtout pour les plus alcooliques d’entre vous, nostalgiques des Nokia 3310 et autres Motorola RAZR. Avec cette application dispo sous iOS et Android, vous allez pouvoir transformer votre précieux smartphone dernier cri en simple téléphone basique, le temps d’une soirée… Non, vous ne rêvez pas ! C’est exactement ce que propose The Boring Mode, une application gratuite qui va ravir tous ceux qui ont parfois besoin de mettre leur cerveau en mode “je déconnecte”. Toutefois, ce n’est pas une énième application de bien-être “digital detox” qui vous culpabilise sur votre temps d’écran. Non non, l’objectif est beaucoup plus festif !]]> 2024-11-15T13:05:09+00:00 https://korben.info/the-boring-mode-app-transforme-smartphone-telephone-basique.html www.secnews.physaphae.fr/article.php?IdArticle=8611701 False Mobile None 2.0000000000000000 GoogleSec - Firm Security Blog Retrofitting Spatial Safety to hundreds of millions of lines of C++ spatial memory safety vulnerabilities, which occur when code accesses a memory allocation outside of its intended bounds, to compromise systems and sensitive data. These vulnerabilities represent a major security risk to users. Based on an analysis of in-the-wild exploits tracked by Google\'s Project Zero, spatial safety vulnerabilities represent 40% of in-the-wild memory safety exploits over the past decade:

Breakdown of memory safety CVEs exploited in the wild by vulnerability classGoogle is taking a comprehensive approach to memory safety. A key element of our strategy focuses on Safe Coding and using memory-safe languages in new code. This leads to an exponential decline in memory safety vulnerabilities and quickly improves the overall security posture of a codebase, as demonstrated by our post about Android\'s journey to memory safety.However, this transition will take multiple years as we adapt our development practices and infrastructure. Ensuring the safety of our billions of users therefore requires us to go further: we\'re also retrofitting secure-by-design principles to our existing C++ codebase wherever possible.To that end, we\'re working towards bringing spatial memory safety into as many of our C++ codebases as possible, including Chrome and the monolithic codebase powering our services.We\'ve begun by enabling hardened libc++, which adds bounds checking to standard C++ data structures, eliminating a significant class of spatial safety bugs. While C++ will not become fully memory-s]]> 2024-11-15T12:42:24+00:00 http://security.googleblog.com/2024/11/retrofitting-spatial-safety-to-hundreds.html www.secnews.physaphae.fr/article.php?IdArticle=8611839 False Vulnerability,Threat,Mobile None 3.0000000000000000 HackRead - Chercher Cyber These 8 Apps on Google Play Store Contain Android/FakeApp Trojan Eight Android apps on the Google Play Store, downloaded by millions, contain the Android.FakeApp trojan, stealing user data…]]> 2024-11-14T19:11:42+00:00 https://hackread.com/google-play-store-apps-android-fakeapp-trojan/ www.secnews.physaphae.fr/article.php?IdArticle=8611255 False Mobile None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain New iOS Security Feature Makes It Harder for Police to Unlock Seized Phones Everybody is reporting about a new security iPhone security feature with iOS 18: if the phone hasn’t been used for a few days, it automatically goes into its “Before First Unlock” state and has to be rebooted. This is a really good security feature. But various police departments don’t like it, because it makes it harder for them to unlock suspects’ phones.

>Everybody is reporting about a new security iPhone security feature with iOS 18: if the phone hasn’t been used for a few days, it automatically goes into its “Before First Unlock” state and has to be rebooted. This is a really good security feature. But various police departments don’t like it, because it makes it harder for them to unlock suspects’ phones. ]]> 2024-11-14T12:05:26+00:00 https://www.schneier.com/blog/archives/2024/11/new-ios-security-feature-makes-it-harder-for-police-to-unlock-seized-phones.html www.secnews.physaphae.fr/article.php?IdArticle=8611011 False Legislation,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Portnox announced its new Jamf integration Business News

Portnox and Jamf Integration Delivers Agentless, Risk-Based Authentication for Networks, Applications & Infrastructure Portnox unveils integration with leading mobile device management (MDM) solution to strengthen passwordless, risk-based authentication and access control offering. - Business News]]> 2024-11-13T19:23:55+00:00 https://www.globalsecuritymag.fr/portnox-announced-its-new-jamf-integration.html www.secnews.physaphae.fr/article.php?IdArticle=8610580 False Mobile None 3.0000000000000000 GoogleSec - Firm Security Blog Safer with Google: New intelligent, real-time protections on Android to keep you safe Gmail\'s defenses that stop more than 99.9% of spam, phishing and malware, to Google Messages\' advanced security that protects users from 2 billion suspicious messages a month and beyond, we\'re constantly developing and expanding protection features that help keep you safe. We\'re introducing two new real-time protection features that enhance your safety, all while safeguarding your privacy: Scam Detection in Phone by Google to protect you from scams and fraud, and Google Play Protect live threat detection with real-time alerts to protect you from malware and dangerous apps. These new security features are available first on Pixel, and are coming soon to more Android devices. More intelligent AI-powered protection against scams Scammers steal over $1 trillion dollars a year from people, and phone calls are their favorite way to do it. Even more alarming, scam calls are evolving, becoming increasingly more sophisticated, damaging and harder to identify. That\'s why we\'re using the best of Google AI to identify and stop scams before they can do harm with Scam Detection.

Real-time protection, built with your privacy in mind. Real-time defense, right on your device: Scam Detection uses powerful on-device AI to notify you of a potential scam call happening in real-time by detecting conversation patterns commonly associated with scams. For example, if a caller claims to be from your bank and asks you to urgently transfer funds due to an alleged account breach, Scam Detection will process the call to determine whether the call is likely spam and, if so, can provide an audio and haptic alert and visual warning that the call may be a scam. Private by design, you\'re always in control: We\'ve built Scam Detection to protect your privacy and ensure you\'re always in control of your data. Scam Detection is off by default, and you can decide whether you want to activate it for future calls. At any time, you can turn it off for all calls in the Phone app Settings, or during a particular call. The AI detection model and processing are fully on-device, which means that no conversation audio or transcription is stored on the device, sent to Google servers or anywhere else, or retrievable after the call. Cutting-edge AI protection, now on more Pixel phones: Gemini Nano, our advanced on-device AI model, powers Scam Detection on Pixel 9 series devices. As part of our co]]> 2024-11-13T12:59:56+00:00 http://security.googleblog.com/2024/11/new-real-time-protections-on-Android.html www.secnews.physaphae.fr/article.php?IdArticle=8610574 False Spam,Malware,Threat,Mobile None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Mapping License Plate Scanners in the US DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The mobile scanners on cars are not mapped.

>DeFlock is a crowd-sourced project to map license plate scanners. It only records the fixed scanners, of course. The mobile scanners on cars are not mapped. ]]> 2024-11-13T12:06:21+00:00 https://www.schneier.com/blog/archives/2024/11/mapping-license-plate-scanners-in-the-us.html www.secnews.physaphae.fr/article.php?IdArticle=8610354 False Mobile None 3.0000000000000000 Zimperium - cyber risk firms for mobile Mishing: The Rising Mobile Attack Vector Facing Every Organization This blog shares the definition of mishing, common tactics used, and the growing threat for organizations.

>This blog shares the definition of mishing, common tactics used, and the growing threat for organizations. ]]> 2024-11-13T12:00:00+00:00 https://www.zimperium.com/blog/mishing-the-rising-mobile-attack-vector-facing-every-organization/ www.secnews.physaphae.fr/article.php?IdArticle=8610378 False Threat,Mobile None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Octobre 2024 \\\\\\\\\\\\\'s MALWWare: InfostEllers Monte alors que les cybercriminels exploitent les vecteurs d\\\\\\\\\\'attaque innovants Vérifier les logiciels de point de point \\\\\\\\\\\\\ \ \ \ index des menaces de l'as Tactiques utilisées par les cybercriminels à travers le monde. Le point de vérification \\\\\\\\\\\\\’s Global Menage Index pour octobre 2024 révèle une tendance préoccupante dans le paysage de la cybersécurité: la montée des infostelleurs et la sophistication croissante des méthodes d’attaque employées par les cybercriminels. Le mois dernier, les chercheurs ont découvert une chaîne d'infection où de fausses pages CAPTCHA sont utilisées pour distribuer du malware Lumma Stealer, qui a atteint la 4e place dans le classement des logiciels malveillants mensuels. […]

>Check Point Software\\\\\\\\\\\\'s latest threat index reveals a significant rise in infostealers like Lumma Stealer, while mobile malware like Necro continues to pose a significant threat, highlighting the evolving tactics used by cyber criminals across the globe. Check Point\\\\\\\\\\\\'s Global Threat Index for October 2024 reveals a concerning trend in the cyber security landscape: the rise of infostealers and the increasing sophistication of attack methods employed by cyber criminals. Last month researchers discovered an infection chain where fake CAPTCHA pages are being utilized to distribute Lumma Stealer malware, which has climbed to 4th place in the Monthly Top Malware rankings. […] ]]> 2024-11-11T13:03:03+00:00 https://blog.checkpoint.com/security/october-2024s-most-wanted-malware-infostealers-surge-as-cyber-criminals-leverage-innovative-attack-vectors/ www.secnews.physaphae.fr/article.php?IdArticle=8609322 False Malware,Threat,Mobile,Prediction None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires, 11 novembre 2024 2024-11-11T12:45:44+00:00 https://community.riskiq.com/article/3b100c61 www.secnews.physaphae.fr/article.php?IdArticle=8609345 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Cloud APT 37 3.0000000000000000 Korben - Bloger francais La nouvelle fonction secrète d\'iOS 18 qui donne des sueurs froides aux enquêteurs de police une fonctionnalité qui fait actuellement grincer pas mal de dents. Les forces de police américaines sont en effet dans tous leurs états depuis qu’elles ont découvert un comportement pour le moins étrange des iPhone sous iOS 18. Il semblerait que les appareils stockés dans leurs labos d’analyse se mettent à redémarrer de manière autonome, compliquant sérieusement leur travail d’investigation.]]> 2024-11-09T08:45:50+00:00 https://korben.info/ios-18-securite-renforcee-contre-police.html www.secnews.physaphae.fr/article.php?IdArticle=8608465 False Legislation,Mobile None 3.0000000000000000