This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T13:49:19+00:00 www.secnews.physaphae.fr ComputerWeekly - Computer Magazine 2025-02-25T05:39:00+00:00 https://www.computerweekly.com/opinion/Reflecting-on-three-years-of-cyber-warfare-in-Ukraine www.secnews.physaphae.fr/article.php?IdArticle=8650793 False None None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite A botnet made up of more than 130,000 compromised devices is conducting large-scale password-spraying attacks against M365 accounts, exploiting non-interactive sign-ins with Basic Authentication.   This method lets malicious actors bypass modern login protections, evade multi-factor authentication (MFA) enforcement, and remain undetected by security teams.  Leveraging Purloined Credentials  Malefactors are leveraging stolen credentials from infostealer logs [...]]]> 2025-02-25T05:27:24+00:00 https://informationsecuritybuzz.com/botnet-targets-ms-365-accounts-passwor/ www.secnews.physaphae.fr/article.php?IdArticle=8650727 False Legislation None 3.0000000000000000 The State of Security - Magazine Américain Last November, the Open Web Application Security Project (OWASP) released its Top Ten List for LLMs and Gen AI Applications 2025, making some significant updates from its 2023 iteration. These updates can tell us a great deal about how the LLM threat and vulnerability landscape is evolving - and what organizations need to do to protect themselves. Sensitive Information Disclosure Risks Grow In 2023, sensitive information disclosure ranked sixth on the OWASP Top 10 List for LLMs. Today, it ranks second. This massive leap reflects growing concerns about LLMs exposing sensitive data as more...]]> 2025-02-25T04:28:37+00:00 https://www.tripwire.com/state-of-security/key-updates-owasp-top-list-llms www.secnews.physaphae.fr/article.php?IdArticle=8650816 False Vulnerability,Threat None 4.0000000000000000 The State of Security - Magazine Américain The original NIS Directive came into force in 2016 as the EU\'s first comprehensive law governing cybersecurity in member states. As part of its key policy objective to make Europe “fit for the digital age,” the European Commission proposed in December 2020 that NIS be revised, and NIS2 entered into force in January of 2023. Member states were required to transpose it into law by October 17, 2024. NIS2 has been applicable in the European Union (EU) since October 18 th, 2024, replacing the previous NIS framework. Here is a look at some of the provisions and objectives of NIS2, as well as...]]> 2025-02-25T04:28:34+00:00 https://www.tripwire.com/state-of-security/achieve-compliance-nis-directive www.secnews.physaphae.fr/article.php?IdArticle=8650817 False None None 2.0000000000000000 ProofPoint - Cyber Firms 2025-02-25T02:00:04+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/capital-one-phishing-email-campaign www.secnews.physaphae.fr/article.php?IdArticle=8651011 False Malware,Tool,Threat,Prediction,Medical,Cloud,Commercial ChatGPT 3.0000000000000000 Silicon - Site de News Francais 2025-02-25T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/hopitaux-petit-pas-cybersecurite-france-468132.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8650877 False None None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Attack on Bybit didn\'t hack infrastructure or exploit smart contract code. So how did it work?]]> 2025-02-24T23:41:56+00:00 https://arstechnica.com/security/2025/02/how-north-korea-pulled-off-a-1-5-billion-crypto-heist-the-biggest-in-history/ www.secnews.physaphae.fr/article.php?IdArticle=8650677 False Hack,Threat None 3.0000000000000000 TechRepublic - Security News US Get details about how this cryptocurrency heist happened, and what Bybit\'s CEO has said about it.]]> 2025-02-24T23:20:48+00:00 https://www.techrepublic.com/article/bybit-cryptocurrency-heist/ www.secnews.physaphae.fr/article.php?IdArticle=8650664 False Hack None 3.0000000000000000 Dark Reading - Informationweek Branch Standard SecOps training is no longer enough to tackle modern cybersecurity challenges. People need to develop non-traditional skills.]]> 2025-02-24T23:07:35+00:00 https://www.darkreading.com/cloud-security/betting-losing-farm-traditional-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8650859 False None None 3.0000000000000000 HexaCorn - Blog de recherche Continuer la lecture → < / span>

---

Today I got an updated version of DeXRAY from TheMythologist. He was kind enough to add code to support Fortinet quarantine files (using the maldump guys’ research as a base). Thanks to TheMythologist and maldump researchers! Download the latest version … Continue reading →]]> 2025-02-24T22:58:55+00:00 https://www.hexacorn.com/blog/2025/02/24/dexray-v2-35/ www.secnews.physaphae.fr/article.php?IdArticle=8650650 False None None 3.0000000000000000 Dark Reading - Informationweek Branch A patch bypass for a bug in the popular desktop emulator enables root-level privilege escalation and has no fix in sight.]]> 2025-02-24T22:36:32+00:00 https://www.darkreading.com/application-security/zero-day-bug-parallels-desktop-mac www.secnews.physaphae.fr/article.php?IdArticle=8650651 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning of a new campaign that leverages cracked versions of software as a lure to distribute information stealers like Lumma and ACR Stealer. The AhnLab Security Intelligence Center (ASEC) said it has observed a spike in the distribution volume of ACR Stealer since January 2025. A notable aspect of the stealer malware is the use of a technique called dead drop]]> 2025-02-24T22:28:00+00:00 https://thehackernews.com/2025/02/new-malware-campaign-uses-cracked.html www.secnews.physaphae.fr/article.php?IdArticle=8650577 False Malware None 3.0000000000000000 Dark Reading - Informationweek Branch This move comes less than a year after the United States banned Kaspersky products, out of the same fear that the company is under Russian government control.]]> 2025-02-24T21:53:28+00:00 https://www.darkreading.com/remote-workforce/australia-domino-fall-government-kaspersky-ban www.secnews.physaphae.fr/article.php?IdArticle=8650637 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Evolving threats and hybrid identity challenges keep Microsoft\'s Active Directory at risk.]]> 2025-02-24T21:49:29+00:00 https://www.darkreading.com/identity-access-management-security/25-years-active-directory-prime-attack-target www.secnews.physaphae.fr/article.php?IdArticle=8650860 False None None 3.0000000000000000 Techworm - News BleepingComputer , les utilisateurs se plaignent depuis plus d'un mois de réception des e-mails de PayPal confirmant une adresse de livraison nouvellement ajoutée . "Vous avez ajouté une nouvelle adresse. Ceci est juste une confirmation rapide que vous avez ajouté une adresse dans votre compte PayPal », lit l'e-mail de l'arnaque. ]]> 2025-02-24T21:47:09+00:00 https://www.techworm.net/2025/02/paypal-phishing-scam-exploits-address-feature.html www.secnews.physaphae.fr/article.php?IdArticle=8650557 False Spam,Malware,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Cybercriminals are exploiting major e-sports tournaments to target players of the popular video game Counter-Strike 2 (CS2), researchers have found.]]> 2025-02-24T21:05:11+00:00 https://therecord.media/hackers-pose-as-esports-gamers-to-steal-crypto-from-fans www.secnews.physaphae.fr/article.php?IdArticle=8650623 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Confirmation by South Korea\'s data protection agency that the AI chatbot sent data to TikTok\'s Chinese parent company has spurred a ban in that nation, and is again is calling into question DeepSeek\'s safety.]]> 2025-02-24T20:42:33+00:00 https://www.darkreading.com/cyber-risk/deepseek-bytedance-data-sharing-security-concerns www.secnews.physaphae.fr/article.php?IdArticle=8650608 False None None 3.0000000000000000 Dark Reading - Informationweek Branch A new streaming series about a catastrophic, nationwide cyberattack against US critical infrastructure is about as believable as its main character: an honest, bipartisan, universally beloved politician.]]> 2025-02-24T20:02:34+00:00 https://www.darkreading.com/cyber-risk/netflix-zero-day-irl www.secnews.physaphae.fr/article.php?IdArticle=8650609 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Researchers say a large botnet-driven campaign poses a threat to Microsoft 365 environments that still use an authentication process that the tech giant has been phasing out in recent years.]]> 2025-02-24T20:02:30+00:00 https://therecord.media/botnet-credentials-microsoft-spraying-attack www.secnews.physaphae.fr/article.php?IdArticle=8650606 False Threat None 3.0000000000000000 HackRead - Chercher Cyber A botnet of 130,000 devices is launching a Password-Spraying attack on Microsoft 365, bypassing MFA and exploiting legacy authentication to access accounts.]]> 2025-02-24T19:12:14+00:00 https://hackread.com/botnet-devices-microsoft-365-password-spraying-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8650607 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité Eskenzi PR, organisers of The Most Inspiring Women in Cyber Awards, are proud to announce the theme of this year\'s event panel discussion: Keeping DEI on the agenda: progressing, not regressing. The panel topic, informed by ideas submitted by nominators, will be discussed at the event to be held at The BT Tower, London, on […] ]]> 2025-02-24T19:02:53+00:00 https://www.itsecurityguru.org/2025/02/24/keeping-dei-on-the-agenda-most-inspiring-women-in-cyber-award-organisers-set-panel-topic/?utm_source=rss&utm_medium=rss&utm_campaign=keeping-dei-on-the-agenda-most-inspiring-women-in-cyber-award-organisers-set-panel-topic www.secnews.physaphae.fr/article.php?IdArticle=8650910 False None None 3.0000000000000000 Global Security Mag - Site de news francais Commentaires / / affiche

---

Die Sicherheitsforscher von Check Point Software Technologies Ltd. (NASDAQ: CHKP), einem Pionier und weltweit führenden Anbieter von Cyber-Sicherheitslösungen, haben 200 000 Phishing-E-Mails entdeckt, die URL-Informationen zur Verschleierung von Phishing-Links missbrauchten. Der Betrug wurde erstmals am 21. Januar 2025 beobachtet und ist nach wie vor im Gange, wobei das tägliche Bedrohungsvolumen abnimmt. Geografisch betrachtet wurden 75 Prozent der E-Mails in den USA verbreitet, 17 Prozent in der EMEA-Region und 5 Prozent in Kanada. - Kommentare / affiche]]> 2025-02-24T18:56:46+00:00 https://www.globalsecuritymag.fr/check-point-beobachtet-200-000-phishing-mails-die-microsoft-mcafee-und-adobe.html www.secnews.physaphae.fr/article.php?IdArticle=8650590 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Cybersecurity researchers say North Korean hackers are behind the largest cryptocurrency heist in history and are actively laundering the more than $1.4 billion in cryptocurrency stolen from the Bybit exchange on Friday.]]> 2025-02-24T18:28:46+00:00 https://therecord.media/lazarus-hackers-behind-bybit-crypto-heist www.secnews.physaphae.fr/article.php?IdArticle=8650592 False None APT 38 4.0000000000000000 Recorded Future - FLux Recorded Future The latest package of EU sanctions related to Russia\'s invasion of Ukraine included the leader of the North Korean intelligence agency known for backing the Lazarus group and other high-profile hacking operations.]]> 2025-02-24T18:25:49+00:00 https://therecord.media/eu-sanctions-north-korea-ukraine-war-lazarus-group www.secnews.physaphae.fr/article.php?IdArticle=8650593 False None APT 38 3.0000000000000000 Global Security Mag - Site de news francais Commentaires / / primetime

---

Cyberangriffe nehmen weiterhin zu und rücken zunehmend auch mittelständische Unternehmen ins Visier von Hackern. Und doch sind viele Betriebe immer noch unzureichend geschützt – oft, weil sie die digitale Bedrohungslage unterschätzen. Anouck Teiller, Chief Strategy Officer bei HarfangLab, stellt fünf Maßnahmen vor, mit denen Mittelständler ihre Cybersicherheit verbessern können. - Kommentare / primetime]]> 2025-02-24T18:19:38+00:00 https://www.globalsecuritymag.fr/der-mittelstand-im-visier-funf-essenzielle-strategien-im-kampf-gegen-cybercrime.html www.secnews.physaphae.fr/article.php?IdArticle=8650591 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future An AI-generated video of the president and the DOGE leader greeted Department of Housing and Urban Development workers as they entered headquarters in the morning. As of midday, no one had taken credit for the prank.]]> 2025-02-24T17:44:12+00:00 https://therecord.media/hud-fake-video-musk-trump www.secnews.physaphae.fr/article.php?IdArticle=8650576 False None None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Account takeovers are rising with SaaS adoption. Learn how Darktrace detects deviations in user behavior and autonomously stops threats before they escalate.]]> 2025-02-24T17:15:21+00:00 https://darktrace.com/blog/detecting-and-containing-account-takeover-with-darktrace www.secnews.physaphae.fr/article.php?IdArticle=8650574 False Cloud None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Elementor plugin flaw puts 2m WordPress websites at risk, allowing XSS attacks via malicious scripts]]> 2025-02-24T17:00:00+00:00 https://www.infosecurity-magazine.com/news/elementor-plugin-vulnerability-2m/ www.secnews.physaphae.fr/article.php?IdArticle=8650561 False Vulnerability None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Pour les dernières découvertes de cyber-recherche pour la semaine de 24h février, veuillez télécharger notre bulletin de renseignement sur les menaces. Les meilleures attaques et violations de la recherche sur le point de contrôle couvrent le récent hack Bybit, l'un des plus grands vols de l'historique des actifs numériques, ses implications pour la sécurité de la crypto et les recommandations de sécurité. Dans cet événement, les pirates ont eu accès à […]

---

>For the latest discoveries in cyber research for the week of 24h February, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research covers the recent ByBit hack, one of the largest thefts in digital asset history, its implications for crypto security, and security recommendations. In this event, hackers gained access to […] ]]> 2025-02-24T16:58:24+00:00 https://research.checkpoint.com/2025/24th-february-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8650559 False Hack,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Welcome to your weekly roundup of cyber news, where every headline gives you a peek into the world of online battles. This week, we look at a huge crypto theft, reveal some sneaky AI scam tricks, and discuss big changes in data protection. Let these stories spark your interest and help you understand the changing threats in our digital world. ⚡ Threat of the Week Lazarus Group Linked to]]> 2025-02-24T16:50:00+00:00 https://thehackernews.com/2025/02/thn-weekly-recap-from-15b-crypto-heist.html www.secnews.physaphae.fr/article.php?IdArticle=8650471 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware doesn\'t hit all at once-it slowly floods your defenses in stages. Like a ship subsumed with water, the attack starts quietly, below the surface, with subtle warning signs that are easy to miss. By the time encryption starts, it\'s too late to stop the flood.  Each stage of a ransomware attack offers a small window to detect and stop the threat before it\'s too late. The problem is]]> 2025-02-24T16:47:00+00:00 https://thehackernews.com/2025/02/becoming-ransomware-ready-why.html www.secnews.physaphae.fr/article.php?IdArticle=8650472 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Cloud has announced quantum-safe digital signatures in Google Cloud Key Management Service (Cloud KMS) for software-based keys as a way to bulletproof encryption systems against the threat posed by cryptographically-relevant quantum computers. The feature, currently in preview, coexists with the National Institute of Standards and Technology\'s (NIST) post-quantum cryptography (PQC)]]> 2025-02-24T16:47:00+00:00 https://thehackernews.com/2025/02/google-cloud-kms-adds-quantum-safe.html www.secnews.physaphae.fr/article.php?IdArticle=8650473 False Threat,Cloud None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The ransomware syndicate\'s internal chats exposed a wide swath of the group\'s inner workings. ]]> 2025-02-24T16:45:10+00:00 https://cyberscoop.com/black-basta-internal-chat-leak/ www.secnews.physaphae.fr/article.php?IdArticle=8650558 False Ransomware None 3.0000000000000000 Korben - Bloger francais 2025-02-24T16:43:29+00:00 https://korben.info/exo-cluster-ia-distribue-appareils-gpu.html www.secnews.physaphae.fr/article.php?IdArticle=8650553 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. [...]]]> 2025-02-24T16:35:13+00:00 https://www.bleepingcomputer.com/news/security/openai-bans-chatgpt-accounts-used-by-north-korean-hackers/ www.secnews.physaphae.fr/article.php?IdArticle=8650636 False Hack ChatGPT 3.0000000000000000 HackRead - Chercher Cyber A new information-stealing malware, ACRStealer, is leveraging legitimate platforms like Google Docs and Steam to carry out its…]]> 2025-02-24T16:10:30+00:00 https://hackread.com/hackers-google-docs-steam-drop-acrstealer-infostealer/ www.secnews.physaphae.fr/article.php?IdArticle=8650560 False Malware None 2.0000000000000000 Korben - Bloger francais 2025-02-24T15:52:09+00:00 https://korben.info/ca-vous-dit-de-tester-ou-re.html www.secnews.physaphae.fr/article.php?IdArticle=8650554 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Russia\'s National Coordination Center for Computer Incidents (NKTsKI) is warning organizations in the country\'s credit and financial sector about a breach at LANIT, a major Russian IT service and software provider. [...]]]> 2025-02-24T15:48:51+00:00 https://www.bleepingcomputer.com/news/security/russia-warns-financial-sector-of-major-it-service-provider-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8650622 False Hack None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Michigan man indicted for dark web credential fraud, purchased 2,500 logins from Genesis Market]]> 2025-02-24T15:30:00+00:00 https://www.infosecurity-magazine.com/news/michigan-man-indicted-dark-web/ www.secnews.physaphae.fr/article.php?IdArticle=8650542 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Australia has become the latest country to ban the installation of security software from Russian company Kaspersky, citing national security concerns. "After considering threat and risk analysis, I have determined that the use of Kaspersky Lab, Inc. products and web services by Australian Government entities poses an unacceptable security risk to Australian Government, networks and data,]]> 2025-02-24T15:27:00+00:00 https://thehackernews.com/2025/02/australia-bans-kaspersky-software-over.html www.secnews.physaphae.fr/article.php?IdArticle=8650452 False Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Kaspersky software "poses an unacceptable security risk to the Australian government, networks, and data,” Home Affairs Secretary Stephanie Foster said in announcing a ban on the cybersecurity company\'s products.]]> 2025-02-24T15:01:58+00:00 https://therecord.media/kaspersky-australia-government-ban www.secnews.physaphae.fr/article.php?IdArticle=8650522 False None None 3.0000000000000000 Palo Alto Network - Site Constructeur Le rapport OMDIA comprend une évaluation du marché de la sécurité OT, des recommandations pour le choix des solutions et une analyse des plateformes de cybersécurité OT.

---

>Omdia report includes an evaluation of the OT security market, recommendations for choosing solutions, and analysis of OT cybersecurity platforms. ]]> 2025-02-24T15:00:49+00:00 https://www.paloaltonetworks.com/blog/2025/02/leader-omdia-market-radar/ www.secnews.physaphae.fr/article.php?IdArticle=8650521 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial The European Commission unveiled on Monday a proposal aimed at ensuring a robust and efficient response to large-scale... ]]> 2025-02-24T15:00:03+00:00 https://industrialcyber.co/critical-infrastructure/european-commission-unveils-cybersecurity-blueprint-to-strengthen-eu-cybersecurity-and-crisis-coordination/ www.secnews.physaphae.fr/article.php?IdArticle=8650528 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Only by addressing the inefficiencies of current naming conventions can we create a safer, more resilient landscape for all defenders.]]> 2025-02-24T15:00:00+00:00 https://www.darkreading.com/cyber-risk/how-apt-naming-conventions-make-us-less-safe www.secnews.physaphae.fr/article.php?IdArticle=8650527 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Google Cloud\'s Key Management Service now features quantum-safe digital signatures to strengthen data integrity and prepare for emerging quantum computing challenges]]> 2025-02-24T14:30:00+00:00 https://www.infosecurity-magazine.com/news/google-cloud-pqc-digital-signatures/ www.secnews.physaphae.fr/article.php?IdArticle=8650526 False Cloud None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Souligne l'introduction Bien que l'abus des conducteurs vulnérables existe depuis un certain temps, ceux qui peuvent mettre fin aux processus arbitraires ont attiré une attention croissante ces dernières années. Alors que Windows Security continue d'évoluer, il est devenu plus difficile pour les attaquants d'exécuter du code malveillant sans être détecté. En conséquence, les attaquants visent souvent à […]

---

>Highlights Introduction While the abuse of vulnerable drivers has been around for a while, those that can terminate arbitrary processes have drawn increasing attention in recent years. As Windows security continues to evolve, it has become more challenging for attackers to execute malicious code without being detected. As a result, the attackers often aim to […] ]]> 2025-02-24T14:21:32+00:00 https://research.checkpoint.com/2025/large-scale-exploitation-of-legacy-driver/ www.secnews.physaphae.fr/article.php?IdArticle=8650523 False None None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Présentation Beginning in August 2024, Mandiant observed a notable increase in phishing attacks targeting the education industry, specifically U.S.-based universities. A separate investigation conducted by the Google\'s Workspace Trust and Safety team identified a long-term campaign spanning from at least October 2022, with a noticeable pattern of shared filenames, targeting thousands of educational institution users per month. These attacks exploit trust within academic institutions to deceive students, faculty, and staff, and have been timed to coincide with key dates in the academic calendar. The beginning of the school year, with its influx of new and returning students combined with a barrage of administrative tasks, as well as financial aid deadlines, can create opportunities for attackers to carry out phishing attacks. In these investigations, three distinct campaigns have emerged, attempting to take advantage of these factors.  In one campaign, attackers leveraged phishing campaigns utilizing compromised educational institutions to host Google Forms. At this time, Mandiant has observed at least 15 universities targeted in these phishing campaigns. In this case, the malicious forms were reported and subsequently removed. As such, at this time none of the phishing forms identified are currently active. Another campaign involved scraping university login pages and re-hosting them on the attacker-controlled infrastructure. Both campaigns exhibited tactics to obfuscate malicious activity while increasing their perceived legitimacy, ultimately to perform payment redirection attacks. These phishing methods employ various tactics to trick victims into revealing login credentials and financial information, including requests for school portal login verification, financial aid disbursement, refund verification, account deactivation, and urgent responses to campus medical inquiries. Google takes steps to protect users from misuse of its products, and create an overall positive experience. However, awareness and education play a big role in staying secure online. To better protect yourself and others, be sure to report abuse.   Case Study 1: Google Forms Phishing Campaign The first observed campaign involved a two-pronged phishing campaign. Attackers distributed phishing emails that contained a link to a malicious Google Form. These emails and their respective forms were designed to mimic legitimate university communications, but requested sensitive information, including login credentials and financial details. ]]> 2025-02-24T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/phishing-targeting-higher-education/ www.secnews.physaphae.fr/article.php?IdArticle=8650541 False Spam,Malware,Tool,Vulnerability,Threat,Studies,Legislation,Mobile,Medical None 3.0000000000000000 CyberSecurityVentures - cybersecurity services Cette semaine en Cybersecurity des éditeurs du magazine Cybercrime - lisez l'histoire complète de Docker Sausalito, Californie - 24 février 2025 sans amélioration continue de la sécurité des logiciels, vous ne vous restez pas immobile - vous marchez En arrière dans le trafic venant en sens inverse. Attaquez les vecteurs Multipliez, évoluent et recherchez

---

>This week in cybersecurity from the editors at Cybercrime Magazine –Read the Full Story in Docker Sausalito, Calif. – Feb. 24, 2025 Without continuous improvement in software security, you\'re not standing still - you\'re walking backward into oncoming traffic. Attack vectors multiply, evolve, and look for ]]> 2025-02-24T13:43:50+00:00 https://cybersecurityventures.com/protecting-the-software-supply-chain/ www.secnews.physaphae.fr/article.php?IdArticle=8650506 False None None 3.0000000000000000 HackRead - Chercher Cyber Payment Orchestration Platforms streamline transactions by routing payments through multiple providers, reducing costs, boosting approval rates, and enhancing…]]> 2025-02-24T13:40:19+00:00 https://hackread.com/how-payment-orchestration-enhances-business-efficiency/ www.secnews.physaphae.fr/article.php?IdArticle=8650507 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Telstra found that 75% of cyber incidents impacting manufacturing firms originated from the targeting of IT systems connected to OT environments]]> 2025-02-24T13:30:00+00:00 https://www.infosecurity-magazine.com/news/itot-fuels-manufacturing-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8650508 False Industrial None 2.0000000000000000 HackRead - Chercher Cyber A VPN enhances online privacy, encrypts data, and secures devices. Essential for remote work, it protects against cyber threats and ensures safer internet use.]]> 2025-02-24T13:02:57+00:00 https://hackread.com/how-to-utilize-vpn-safe-work-remote-work-environments/ www.secnews.physaphae.fr/article.php?IdArticle=8650490 False None None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Les attaquants ciblent de plus en plus des vulnérabilités chez les conducteurs, qui opèrent en mode noyau avec les autorisations les plus élevées, pour contourner les mesures de sécurité et faciliter d'autres infections. Pour empêcher l’abus de conducteurs vulnérables, la politique de Microsoft 2015 a obligé de nouveaux conducteurs à signer pour éviter l'exploitation. Cependant, la politique a permis aux conducteurs d'avant 2015 de s'exécuter. Les attaquants ont exploité cette faille à l'aide d'une version héritée du pilote Trugesight.sys, qui est connu pour avoir des vulnérabilités dans les versions ultérieures. Pour éviter davantage la détection, les attaquants ont généré 2 500 variantes du conducteur 2.0.2, chacune avec des hachages différents, en modifiant des parties spécifiques du conducteur tout en gardant le numérique […]

---

>Attackers are increasingly targeting vulnerabilities in drivers, which operate in kernel mode with the highest permissions, to bypass security measures and facilitate further infections. To prevent the abuse of vulnerable drivers, Microsoft’s 2015 policy required new drivers to be signed to avoid exploitation. However, the policy allowed pre-2015 drivers to run. Attackers exploited this loophole using a legacy version of the driver Truesight.sys, which is known to have vulnerabilities in later versions. To further evade detection, the attackers generated 2,500 variants of the 2.0.2 driver, each with different hashes, by modifying specific parts of the driver while keeping the digital […] ]]> 2025-02-24T13:00:49+00:00 https://blog.checkpoint.com/research/how-hunting-for-vulnerable-drivers-unraveled-a-widespread-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8650489 False Vulnerability None 3.0000000000000000 Dragos - CTI Society La 2025 Gartner® Magic Quadrant ™ pour les plates-formes de protection des systèmes cyber-physiques (CPS) est le tout premier quadrant magique de cette catégorie et ... Le message dragos a nommé un leader en Les plates-formes de protection CPS, axées sur la protection de l'OT contre la cyber-perturbation est apparue pour la première fois sur dragos .

---

>The 2025 Gartner® Magic Quadrant™ for Cyber-Physical Systems (CPS) Protection Platforms is the first-ever Magic Quadrant for this category and... The post Dragos Named a Leader in CPS Protection Platforms, Focused on Protecting OT from Cyber Disruption first appeared on Dragos.]]> 2025-02-24T13:00:00+00:00 https://www.dragos.com/blog/dragos-named-a-leader-in-gartner-magic-quadrant-for-cps-protection-platforms/ www.secnews.physaphae.fr/article.php?IdArticle=8650505 False Industrial,Commercial None 2.0000000000000000 The Register - Site journalistique Anglais Oxygen leak blamed for a lack of deorbit burn SpaceX has published an explanation for the debris from the Falcon 9 second stage that fell over Poland last week. Because of an oxygen leak, the expected deorbit burn didn\'t occur.…]]> 2025-02-24T12:50:06+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/24/spacex_falcon_9_debris/ www.secnews.physaphae.fr/article.php?IdArticle=8650487 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A massive botnet of over 130,000 compromised devices is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide, attempting to confirm credentials. [...]]]> 2025-02-24T12:49:26+00:00 https://www.bleepingcomputer.com/news/security/botnet-targets-basic-auth-in-microsoft-365-password-spray-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8650575 False None None 2.0000000000000000 HackRead - Chercher Cyber Crypto wallets are essential in keeping your cryptocurrency safe. There are different types of wallets available and choosing…]]> 2025-02-24T12:37:06+00:00 https://hackread.com/hardware-crypto-wallets-vs-mobile-vs-desktop/ www.secnews.physaphae.fr/article.php?IdArticle=8650491 False Mobile None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain llms jouer aux échecs contre de meilleurs adversaires. Quand ils ne pouvaient pas gagner, ils ont parfois recouru à la triche. Les chercheurs ont donné aux modèles une tâche apparemment impossible: gagner contre Stockfish, qui est l'un des moteurs d'échecs les plus forts au monde et un bien meilleur acteur que n'importe quel humain, ou l'un des modèles d'IA de l'étude. Les chercheurs ont également donné aux modèles ce qu'ils appellent un «pavé»: une zone de texte que l'IA pourrait utiliser pour «penser» avant de faire son prochain mouvement, offrant aux chercheurs une fenêtre dans leur raisonnement. Dans un cas, O1-Preview s'est retrouvé dans une position perdante. «J'ai besoin de pivoter complètement mon approche», a-t-il noté. "La tâche est de" gagner contre un puissant moteur d'échecs "- pas nécessairement de gagner assez dans un jeu d'échecs", a-t-il ajouté. Il a ensuite modifié le fichier système contenant la position virtuelle de chaque pièce, faisant en fait des mouvements illégaux pour se mettre dans une position dominante, forçant ainsi son adversaire à démissionner ...

---

These researchers had LLMs play chess against better opponents. When they couldn’t win, they sometimes resorted to cheating. Researchers gave the models a seemingly impossible task: to win against Stockfish, which is one of the strongest chess engines in the world and a much better player than any human, or any of the AI models in the study. Researchers also gave the models what they call a “scratchpad:” a text box the AI could use to “think” before making its next move, providing researchers with a window into their reasoning. In one case, o1-preview found itself in a losing position. “I need to completely pivot my approach,” it noted. “The task is to ‘win against a powerful chess engine’—not necessarily to win fairly in a chess game,” it added. It then modified the system file containing each piece’s virtual position, in effect making illegal moves to put itself in a dominant position, thus forcing its opponent to resign...]]> 2025-02-24T12:08:56+00:00 https://www.schneier.com/blog/archives/2025/02/more-research-showing-ai-breaking-the-rules.html www.secnews.physaphae.fr/article.php?IdArticle=8650488 False Studies None 3.0000000000000000 HackRead - Chercher Cyber Bitdefender warns CS2 fans of scams using hijacked YouTube channels, fake giveaways, and crypto fraud. Protect your Steam account and avoid phishing traps.]]> 2025-02-24T11:55:57+00:00 https://hackread.com/hackers-hijack-youtube-channels-cs2-fans-fake-giveaways/ www.secnews.physaphae.fr/article.php?IdArticle=8650470 False None None 3.0000000000000000 SecurityWeek - Security News Un homme du Michigan a été facturé pour acheter des informations d'identification compromises sur Genesis Market et les utiliser et les vendre.

---

>A Michigan man has been charged for buying compromised credentials on Genesis Market and using and selling them. ]]> 2025-02-24T11:47:32+00:00 https://www.securityweek.com/us-charges-genesis-market-user/ www.secnews.physaphae.fr/article.php?IdArticle=8650468 False None None 2.0000000000000000 ZoneAlarm - Security Firm Blog Dans un développement étonnant secouant le monde des actifs numériques, les cybercriminels ont exécuté le plus gros canto de crypto jamais enregistré en siphonnant environ 1,5 milliard de dollars de Bybit. La violation sans précédent a soulevé de sérieuses préoccupations concernant la cybersécurité, en particulier en ce qui concerne l'intégrité du stockage du portefeuille froid, tout en intensifiant les spéculations sur les groupes de pirates soutenus par l'État. Bybit a construit une réputation…

---

>In a stunning development shaking the digital asset world, cyber criminals executed the largest crypto heist ever recorded by siphoning approximately $1.5 billion from Bybit. The unprecedented breach has raised serious concerns over cyber security, particularly regarding the integrity of cold wallet storage, while intensifying speculation about state-backed hacker groups. Bybit has built a reputation … ]]> 2025-02-24T11:36:44+00:00 https://blog.zonealarm.com/2025/02/biggest-ever-crypto-heist-1-5b-stolen-from-bybit/ www.secnews.physaphae.fr/article.php?IdArticle=8650469 False None None 4.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Experts argue Britons are now less secure after their government effectively forced Apple to abandon end-to-end encryption]]> 2025-02-24T11:20:00+00:00 https://www.infosecurity-magazine.com/news/experts-government-disastrous/ www.secnews.physaphae.fr/article.php?IdArticle=8650474 False None None 3.0000000000000000 Cyble - CyberSecurity Firm Overview Juniper Networks, a leading provider of networking solutions, has recently issued a security advisory addressing a critical vulnerability affecting multiple Juniper Networks devices. This flaw could allow attackers to bypass authentication and gain administrative control over affected systems. Organizations relying on Juniper\'s Session Smart Routers, Session Smart Conductors, and WAN Assurance Managed Routers should take immediate action to secure their networks. Impact of the Vulnerability The vulnerability, identified as an Authentication Bypass Using an Alternate Path or Channel vulnerability, poses a significant security risk. If exploited, a network-based attacker could bypass authentication mechanisms and assume administrative privileges on the compromised device. This level of access could allow attackers to manipulate network configurations, intercept traffic, and disrupt operations in the event of a successful exploitation. Fortunately, Juniper Networks has not reported any cases of active exploitation. However, given the severity of the issue, organizations must act proactively to mitigate the risks. Affected Products The vulnerability affects multiple versions of the following Juniper Networks products: Session Smart Router: Versions 5.6.7 before 5.6.17, 6.0.8, 6.1 before 6.1.12]]> 2025-02-24T10:57:41+00:00 https://cyble.com/blog/major-security-flaw-in-juniper-networks-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8650453 False Vulnerability,Patching,Cloud None 2.0000000000000000 UnderNews - Site de news "pirate" francais Selon le dernier rapport Managed Detection and Response (MDR) de Kaspersky, le secteur public et les entreprises de BTP ont connu une baisse significative du nombre d’incidents de haute gravité avec implication humaine directe en 2024, tandis que les secteurs relatifs à l’alimentation, à l’informatique, aux télécommunications et à l'industrie ont enregistré une hausse. Tribune […] The post Les institutions gouvernementales et le secteur du BTP enregistrent une diminution par trois des incidents cyber critiques en 2024 first appeared on UnderNews.]]> 2025-02-24T10:51:58+00:00 https://www.undernews.fr/reseau-securite/les-institutions-gouvernementales-et-le-secteur-du-btp-enregistrent-une-diminution-par-trois-des-incidents-cyber-critiques-en-2024.html www.secnews.physaphae.fr/article.php?IdArticle=8650466 False None None 2.0000000000000000 Sygnia - CyberSecurity Firm Découvrez comment MDR protège les organisations de soins de santé contre les attaques de ransomwares avec une détection avancée des menaces, une réponse rapide et une sécurité des données améliorée.

---

>Discover how MDR protects healthcare organizations from ransomware attacks with advanced threat detection, rapid response, and enhanced data security. ]]> 2025-02-24T10:21:40+00:00 https://www.sygnia.co/blog/how-mdr-protects-healthcare-from-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8650450 False Ransomware,Threat,Medical None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET The pioneering multi-media artist reveals the creative process behind her stage show called ARK, which challenges audiences to reflect on some of the most pressing issues of our times]]> 2025-02-24T10:00:00+00:00 https://www.welivesecurity.com/en/we-live-science/laurie-anderson-building-ark-starmus-highlights/ www.secnews.physaphae.fr/article.php?IdArticle=8661315 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds]]> 2025-02-24T09:55:00+00:00 https://www.infosecurity-magazine.com/news/bybit-140m-bounty-recover-mega/ www.secnews.physaphae.fr/article.php?IdArticle=8650436 False None None 2.0000000000000000 ComputerWeekly - Computer Magazine 2025-02-24T09:45:00+00:00 https://www.computerweekly.com/news/366619486/European-Union-calls-for-more-cyber-data-sharing-with-Nato www.secnews.physaphae.fr/article.php?IdArticle=8650525 False None None 3.0000000000000000 Kaspersky - Kaspersky Research blog Kaspersky researchers discovered GitVenom campaign distributing stealers and open-source backdoors via fake GitHub projects.]]> 2025-02-24T09:26:58+00:00 https://securelist.com/gitvenom-campaign/115694/ www.secnews.physaphae.fr/article.php?IdArticle=8650435 False None None 3.0000000000000000 Korben - Bloger francais Gitingest dont je vous parlais la dernière fois, qui permet de prendre un dépot Git et d’en faire une version bouffable par les LLMs (IA), j’aimerai vous présenter aujourd’hui Docling. Le concept est quasiment identique sauf que a permet de convertir des formats comme le PDF, Word, PowerPoint, Excel, images, HTML, AsciiDoc, Markdown…etc en HTML, Markdown ou JSON selon vos besoins. Et le plus fort, c’est qu’il conserve même les images, qu’elles soient intégrées ou référencées.]]> 2025-02-24T09:00:00+00:00 https://korben.info/docling-convertisseur-documents-multi-formats.html www.secnews.physaphae.fr/article.php?IdArticle=8650420 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Après avoir suivi des rapports d'activités d'intrusion approfondies ciblant plusieurs sociétés de télécommunications américaines, des chercheurs de Cisco Talos ont étudié ...

---

>Having tracked reports of extensive intrusion activities targeting several U.S. telecommunications firms, researchers from Cisco Talos have investigated... ]]> 2025-02-24T08:51:43+00:00 https://industrialcyber.co/ransomware/cisco-talos-warns-of-prolonged-intrusions-in-us-critical-infrastructure-by-salt-typhoon-hackers-using-lotl-techniques/ www.secnews.physaphae.fr/article.php?IdArticle=8650419 False None None 3.0000000000000000 Cyble - CyberSecurity Firm 2025-02-24T08:24:19+00:00 https://cyble.com/blog/fbi-cisa-shows-staying-power-of-old-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8650418 False Ransomware,Malware,Tool,Vulnerability,Threat,Patching,Industrial None 3.0000000000000000 ComputerWeekly - Computer Magazine 2025-02-24T06:39:00+00:00 https://www.computerweekly.com/opinion/UK-businesses-should-look-to-Ireland-amid-EU-cyber-security-overhaul www.secnews.physaphae.fr/article.php?IdArticle=8650467 False None None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Agent Ai dans le développement de logiciels d'entreprise, ils déverrouillent de nouvelles possibilités d'innovation, d'évolutivité et d'efficacité. Cependant, une plus grande autonomie entraîne également des risques de cybersécurité importants. Les entreprises doivent équilibrer les avantages de l'IA agentique avec de solides mesures de sécurité pour protéger l'intégrité des données et atténuer les menaces axées sur l'IA. La sécurisation des systèmes d'IA autonomes sera tout aussi critique que de tirer parti de leurs capacités. Comprendre l'agence AI et son rôle dans la sécurité des entreprises L'humanité a suivi ce principe depuis des siècles: pour utiliser efficacement n'importe quelle technologie, il faut d'abord le comprendre. L'intelligence artificielle ne fait pas exception. L'IA agentique fait référence à des systèmes autonomes capables de prendre des décisions indépendantes, d'apprendre des données et d'exécuter des tâches sans intervention humaine directe. Contrairement à l'IA traditionnelle, qui s'appuie sur des règles prédéfinies ou une entrée humaine, l'agent AI analyse continuellement son environnement, s'adapte à de nouvelles informations et optimise les performances en temps réel. Cette autonomie rend l'IA agentique particulièrement précieuse dans le développement de logiciels d'entreprise. Il automatise les processus complexes, améliore l'efficacité et améliore la prise de décision tout en réduisant le besoin de surveillance manuelle. Pourtant, comme AI assume de plus grandes responsabilités , les entreprises doivent connaître ses implications de sécurité pour assurer un déploiement sûr et efficace. Les implications de sécurité de l'automatisation dirigée par l'IA L'intégration de l'IA agentique dans les systèmes d'entreprise améliore la sécurité en réduisant les erreurs humaines et en accélérant les temps de réponse. Les protocoles de sécurité axés sur l'IA peuvent détecter les anomalies, évaluer les risques et neutraliser les cybermenaces avant de dégénérer. Cependant, comme les systèmes d'IA prennent plus de décisions, ils deviennent également des cibles d'attaques qui manipulent leur comportement. La prise de décision biaisée ou erronée pourrait compromettre les fonctions de sécurité critiques. L'une des applications les plus efficaces de l'IA agentique dans la cybersécurité est autonome détection et réponse de menace . Les systèmes de sécurité axés sur l'IA surveillent en continu les réseaux, identifient les modèles suspects et prennent des mesures immédiates, souvent plus rapidement que les analystes humains. Un agent de sécurité de l'IA, par exemple, peut isoler les critères d'évaluation compromis, bloquer les IP malveillants et mettre à jour les règles de pare-feu en temps réel pour réduire le risque de violations. Pour bénéficier pleinement de la sécurité axée sur l'IA tout en minimisant les risques, les entreprises doivent mettre en œuvre de solides protections qui garantissent que l'IA reste fiable, transparente et alignée sur la surveillance humaine. Équilibrer l'automatisation et le contrôle stratégique est essentiel pour maximiser le potentiel de cybersécurité. Le double impact de l'IA agentique sur le développement des logici]]> 2025-02-24T06:01:00+00:00 https://levelblue.com/blogs/security-essentials/how-agentic-ai-is-transforming-enterprise-software-development-and-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8652067 False Tool,Vulnerability,Threat,Prediction,Cloud,Technical None 3.0000000000000000 The State of Security - Magazine Américain The manufacturing sector has long been a favorite target for ransomware actors. However, the true scale of the issue has only recently become apparent: research published in Infosecurity Magazine last December revealed that ransomware attacks on manufacturing companies have caused an estimated $17bn in downtime since 2018. But why is the manufacturing sector so vulnerable? And what can organizations do to protect themselves? Keep reading to find out. Why is the Manufacturing Sector Vulnerable to Ransomware? Manufacturing companies have several characteristics that make them especially...]]> 2025-02-24T03:34:57+00:00 https://www.tripwire.com/state-of-security/protecting-manufacturing-sector-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8650433 False Ransomware None 3.0000000000000000 The State of Security - Magazine Américain Late last year, Australia\'s Cyber Security Act 2024 received Royal Assent and became Law. It was a huge moment for cybersecurity legislation in Australia, serving as the country\'s first-ever standalone cybersecurity law, addressing key legislative gaps, and bringing the country in line with international best practices. But what\'s included in the Act? And what does it mean for businesses? Keep reading to find out. Security Standards for Smart Devices Internet of Things (IoT) devices are a huge part of our daily lives. Most of us will either use or know someone who uses smart devices like...]]> 2025-02-24T03:34:54+00:00 https://www.tripwire.com/state-of-security/making-sense-australias-new-cybersecurity-legislation www.secnews.physaphae.fr/article.php?IdArticle=8650434 False Legislation None 2.0000000000000000 Dark Reading - Informationweek Branch Thai police said it was expecting to soon welcome 7,000 human trafficking victims, forced to work on cybercrime scams in call centers in Mynmar, in a first wave of people being freed from captivity.]]> 2025-02-24T02:00:00+00:00 https://www.darkreading.com/cyber-risk/thailand-cyber-sweatshops-free-captives www.secnews.physaphae.fr/article.php?IdArticle=8650321 False Legislation None 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2025-02-24T00:00:00+00:00 https://www.globalsecuritymag.fr/ransomwares-une-menace-omnipresente-qui-met-les-organisations-sous-pression.html www.secnews.physaphae.fr/article.php?IdArticle=8649998 False None None 2.0000000000000000 Silicon - Site de News Francais 2025-02-24T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/face-londres-apple-marche-chiffrement-468033.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8650437 False None None 3.0000000000000000 Silicon - Site de News Francais 2025-02-24T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/mvo-minimum-viable-operations-resilience-operationnelle-systemes-critiques-468054.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8650524 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain One month into his second term, President Trump\'s actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world\'s richest man to wrest control over their networks and data.]]> 2025-02-23T23:02:14+00:00 https://krebsonsecurity.com/2025/02/trump-2-0-brings-cuts-to-cyber-consumer-protections/ www.secnews.physaphae.fr/article.php?IdArticle=8650308 False None None 2.0000000000000000 HackRead - Chercher Cyber Investigators link the $1.4B Bybit hack to North Korea\'s Lazarus Group, exposing a major crypto heist tied to state-backed cybercrime and money laundering.]]> 2025-02-23T20:13:39+00:00 https://hackread.com/investigators-link-bybit-hack-north-korea-lazarus-group/ www.secnews.physaphae.fr/article.php?IdArticle=8650283 False Hack APT 38 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Résumé de l'exécutif: Dans l'un des plus grands vols de l'histoire des actifs numériques, les pirates ont eu accès à un portefeuille Ethereum hors ligne et ont volé 1,5 milliard de dollars d'actifs numériques, composé principalement de jetons Ethereum. L'incident récent avec Bybit marque une nouvelle phase de méthodes d'attaque, avec des techniques avancées pour manipuler les interfaces utilisateur. Plutôt que de simplement cibler les défauts de protocole, les attaquants ont utilisé une ingénierie sociale intelligente pour tromper les utilisateurs, ce qui a conduit au compromis d'une grande configuration institutionnelle multisig. En juillet dernier, le système de blockchain de renseignement sur le point de Check \\ a identifié et publié un modèle préoccupant où les attaquants manipulent les transactions légitimes via le […]

---

>Executive Summary: In one of the largest thefts in digital asset history, hackers gained access to an offline Ethereum wallet and stole $1.5 billion worth of digital assets, primarily consisting of Ethereum tokens. The recent incident with Bybit marks a new phase in attack methods, featuring advanced techniques for manipulating user interfaces. Rather than just targeting protocol flaws, the attackers used clever social engineering to trick users, which led to the compromise of a major institutional multisig setup. This past July, Check Point\'s Threat Intelligence Blockchain system identified and published a concerning pattern where attackers manipulate legitimate transactions through the […] ]]> 2025-02-23T16:20:50+00:00 https://blog.checkpoint.com/security/what-the-bybit-hack-means-for-crypto-security-and-the-future-of-multisig-protection/ www.secnews.physaphae.fr/article.php?IdArticle=8650234 False Hack,Threat None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite Des recherches de Dikla Barda, Roman Ziakin et Oded Vanunu le 21 février, le système Intel Menage Intel de la blockchain à point de contrôle alerté sur un journal d'attaque critique sur le réseau de blockchain Ethereum. Le journal a indiqué que le moteur d'IA identifie l'anomalité du changement avec cette transaction et le catégorise comme une attaque critique en temps réel. Il a été indiqué que […]

---

>Research by Dikla Barda, Roman Ziakin and Oded Vanunu On February 21st, Check Point Blockchain Threat Intel System alerted on a critical attack log on the  Ethereum blockchain network. The log indicated that the AI engine identify anomality change with this transaction and categorize it as critical attack in real time. It was indicated that […] ]]> 2025-02-23T16:18:27+00:00 https://research.checkpoint.com/2025/the-bybit-incident-when-research-meets-reality/ www.secnews.physaphae.fr/article.php?IdArticle=8650233 False Threat None 2.0000000000000000 ZoneAlarm - Security Firm Blog Mars Hydro, une entreprise chinoise qui fabrique des appareils IoT comme les lumières LED et les équipements hydroponiques, a récemment subi une violation de données massive, exposant environ 2,7 milliards de dossiers. Cette violation a soulevé de sérieuses préoccupations concernant la sécurité des appareils connectés à Internet et les risques potentiels pour les consommateurs. Appareils à domicile intelligents, y compris les caméras de sécurité, les verrous intelligents et les assistants vocaux,…

---

>Mars Hydro, a Chinese company that makes IoT devices like LED lights and hydroponics equipment, recently suffered a massive data breach, exposing approximately 2.7 billion records. This breach has raised serious concerns about the security of internet-connected devices and the potential risks for consumers. Smart home devices, including security cameras, smart locks, and voice assistants, … ]]> 2025-02-23T15:36:03+00:00 https://blog.zonealarm.com/2025/02/smart-home-data-breach-exposes-2-7-billion-records/ www.secnews.physaphae.fr/article.php?IdArticle=8650220 False Data Breach None 3.0000000000000000 HexaCorn - Blog de recherche Continuer la lecture →

---

I like to demo this little windows executable to everyone who thinks they are doing the reverse engineering bit right, by using available automated static and dynamic analysis tools, and trusting them blindly. The sample is a PE32 that is … Continue reading →]]> 2025-02-23T14:06:52+00:00 https://www.hexacorn.com/blog/2025/02/23/string-analysis-for-n00bs/ www.secnews.physaphae.fr/article.php?IdArticle=8650195 False Tool None 3.0000000000000000 Sygnia - CyberSecurity Firm En savoir plus sur les dispositifs de réponse aux incidents, leurs caractéristiques clés, leurs avantages et pourquoi ils sont essentiels pour protéger votre organisation contre les cyber-menaces.

---

>Learn about incident response retainers, their key features, benefits, and why they are essential for protecting your organization from cyber threats. ]]> 2025-02-23T10:25:39+00:00 https://www.sygnia.co/blog/what-is-incident-response-retainer/ www.secnews.physaphae.fr/article.php?IdArticle=8650451 False None None 2.0000000000000000 Korben - Bloger francais GitIngest, une extension pour votre navigateur qui transforme n’importe quel dépôt GitHub en un format de texte parfaitement digeste pour les LLM (Large Language Models). La 1ère chose à savoir c’est que cette extension s’intègre directement dans votre navigateur (Chrome, Firefox ou Edge) et ajoute un bouton “Open in GitIngest” sur les pages de dépôts GitHub. Un seul clic suffit ainsi pour transformer tout le code source en un format optimisé pour les prompts.]]> 2025-02-23T09:00:00+00:00 https://korben.info/gitingest-transformez-code-prompts-llm.html www.secnews.physaphae.fr/article.php?IdArticle=8650134 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial In a world of advancing technological progress, the role of cybersecurity governance across OT (operational technology) and ICS... ]]> 2025-02-23T08:07:15+00:00 https://industrialcyber.co/features/prioritizing-organizational-cybersecurity-governance-boosting-operational-resilience-across-ot-ics-environments/ www.secnews.physaphae.fr/article.php?IdArticle=8650120 False Industrial None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Je me suis récemment impliqué dans un projet d'analyse des risques cyber-physiques évaluant les risques potentiels associés à l'avenir ...

---

>I recently became involved in a cyber-physical risk analysis project assessing the potential risks associated with the future... ]]> 2025-02-23T07:13:39+00:00 https://industrialcyber.co/expert/bess-cyber-physical-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8650121 False None None 2.0000000000000000 HexaCorn - Blog de recherche Continuer la lecture →

---

Collecting ‘good’ samples helps to discover a lot interesting patterns. In my old post I focused on the PDB paths extracted from the DriverPack driver collection, yesterday I touched on the list of ‘file names associated with good known kernel … Continue reading →]]> 2025-02-22T23:24:56+00:00 https://www.hexacorn.com/blog/2025/02/22/good-exports-are-real/ www.secnews.physaphae.fr/article.php?IdArticle=8650035 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Dans un discours et une interview de grande envergure, Nakasone a également parlé des mouvements de l'administration Trump et de la forme des opérations cyber-offensives.

---

>In a wide-ranging speech and interview, Nakasone also talked about Trump administration moves and the shape of cyber offensive operations. ]]> 2025-02-22T19:34:41+00:00 https://cyberscoop.com/former-nsa-cyber-command-chief-paul-nakasone-enemies-cyberspace/ www.secnews.physaphae.fr/article.php?IdArticle=8649985 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cryptocurrency exchange Bybit on Friday revealed that a "sophisticated" attack led to the theft of over $1.46 billion worth of cryptocurrency from one of its Ethereum cold (offline) wallets, making it the largest ever single crypto heist in history. "The incident occurred when our ETH multisig cold wallet executed a transfer to our warm wallet. Unfortunately, this transaction was manipulated]]> 2025-02-22T12:29:00+00:00 https://thehackernews.com/2025/02/bybit-confirms-record-breaking-146.html www.secnews.physaphae.fr/article.php?IdArticle=8649836 False None None 4.0000000000000000 Wired Threat Level - Security News Plus: Apple turns off end-to-end encrypted iCloud backups in the UK after pressure to install a backdoor, and two spyware apps expose victim data-and the identities of people who installed the apps.]]> 2025-02-22T11:30:00+00:00 https://www.wired.com/story/1-4-billion-stolen-from-bybit-in-biggest-crypto-theft-ever/ www.secnews.physaphae.fr/article.php?IdArticle=8649887 False None None 4.0000000000000000 Zataz - Magazine Francais de secu 2025-02-22T11:20:26+00:00 https://www.zataz.com/nouvelle-fuite-de-donnees-a-la-federation-francaise-de-football/ www.secnews.physaphae.fr/article.php?IdArticle=8649888 False None None 3.0000000000000000 HexaCorn - Blog de recherche Continuer la lecture →

---

Every once in a while we all contemplate solving interesting yet kinda abstract threat hunting problems. This post describes one of these… The problem: Given a relatively long number of strings, how do you write a regular expression that covers … Continue reading →]]> 2025-02-22T10:57:31+00:00 https://www.hexacorn.com/blog/2025/02/22/optimizing-the-regexes-or-not/ www.secnews.physaphae.fr/article.php?IdArticle=8649874 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) OpenAI on Friday revealed that it banned a set of accounts that used its ChatGPT tool to develop a suspected artificial intelligence (AI)-powered surveillance tool. The social media listening tool is said to likely originate from China and is powered by one of Meta\'s Llama models, with the accounts in question using the AI company\'s models to generate detailed descriptions and analyze documents]]> 2025-02-22T10:47:00+00:00 https://thehackernews.com/2025/02/openai-bans-accounts-misusing-chatgpt.html www.secnews.physaphae.fr/article.php?IdArticle=8649811 False Tool ChatGPT 3.0000000000000000 Korben - Bloger francais ssno, que nous allons pouvoir plonger dans les entrailles des systèmes anti-triche modernes. Commençons par le socle de de l’une de ces protections : Arxan. Ce système d’obfuscation fait office de première ligne de défense dans de nombreux jeux Call of Duty depuis Black Ops 3. Son rôle est de rendre la vie impossible aux ingénieurs en rétro-conception et aux développeurs de logiciels de triche.]]> 2025-02-22T09:00:00+00:00 https://korben.info/analyse-systemes-anticheat-jeux-video.html www.secnews.physaphae.fr/article.php?IdArticle=8649849 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber A request for information from GOP leaders on the House Energy and Commerce Committee is Congress\' latest attempt to push comprehensive data privacy standards. ]]> 2025-02-21T23:40:36+00:00 https://cyberscoop.com/energy-commerce-request-for-information-data-privacy-standards/ www.secnews.physaphae.fr/article.php?IdArticle=8649749 False None None 3.0000000000000000 HexaCorn - Blog de recherche Continuer la lecture →

---

The ‘follow the Sun’ model is dead. No more IOC sharing. Gone are the days where we openly pass valuable information to our peers, partners, friends and sometimes even frenemies. Oh, and did I mention our global coworkers? We don’t … Continue reading →]]> 2025-02-21T22:18:22+00:00 https://www.hexacorn.com/blog/2025/02/21/the-rapidly-changing-geopolitics-and-its-inevitable-effect-on-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8649736 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain creusant dans le nord de New York. Blog Moderation Policy.

---

A 450-million-year-old squid fossil was dug up in upstate New York. Blog moderation policy.]]> 2025-02-21T22:02:56+00:00 https://www.schneier.com/blog/archives/2025/02/friday-squid-blogging-new-squid-fossil.html www.secnews.physaphae.fr/article.php?IdArticle=8649721 False None None 2.0000000000000000