This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T18:24:09+00:00 www.secnews.physaphae.fr Fortinet - Fabricant Materiel Securite FortiAI, embedded within FortiAnalyzer, is built on over a decade of Fortinet AI innovation and patents. It enhances security operations by automating threat detection, reducing manual workloads, and empowering teams with actionable intelligence-without the inefficiencies or limitations of standalone AI tools. Learn more.]]> 2025-02-19T16:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/elevate-your-security-operations-with-fortiai www.secnews.physaphae.fr/article.php?IdArticle=8649009 False Tool,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Around 7,000 people rescued from illegal call centers in Myanmar are awaiting transfer to Thailand amid a crackdown on cross-border scam operations, Thailand\'s Prime Minister Paetongtarn Shinawatra said on Wednesday.]]> 2025-02-19T15:53:10+00:00 https://therecord.media/thailand-to-take-in-7000-rescued-from-scam-hubs-myanmar www.secnews.physaphae.fr/article.php?IdArticle=8649018 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A new JavaScript obfuscation method utilizing invisible Unicode characters to represent binary values is being actively abused in phishing attacks targeting affiliates of an American political action committee (PAC). [...]]]> 2025-02-19T15:14:09+00:00 https://www.bleepingcomputer.com/news/security/phishing-attack-hides-javascript-using-invisible-unicode-trick/ www.secnews.physaphae.fr/article.php?IdArticle=8649050 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain increasingly popular: The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it difficult to sign in using more standard forms of authentication, such as entering user names, passwords, and two-factor mechanisms. Rather than authenticating the user directly, the input-constrained device displays an alphabetic or alphanumeric device code along with a link associated with the user account. The user opens the link on a computer or other device that’s easier to sign in with and enters the code. The remote server then sends a token to the input-constrained device that logs it into the account...

---

This isn’t new, but it’s increasingly popular: The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it difficult to sign in using more standard forms of authentication, such as entering user names, passwords, and two-factor mechanisms. Rather than authenticating the user directly, the input-constrained device displays an alphabetic or alphanumeric device code along with a link associated with the user account. The user opens the link on a computer or other device that’s easier to sign in with and enters the code. The remote server then sends a token to the input-constrained device that logs it into the account...]]> 2025-02-19T15:07:50+00:00 https://www.schneier.com/blog/archives/2025/02/device-code-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8649033 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts. The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month. Targets of the campaign include individuals and]]> 2025-02-19T15:05:00+00:00 https://thehackernews.com/2025/02/trojanized-game-installers-deploy.html www.secnews.physaphae.fr/article.php?IdArticle=8648975 False None None 2.0000000000000000 HackRead - Chercher Cyber Cary, North Carolina, 19th February 2025, CyberNewsWire]]> 2025-02-19T15:01:55+00:00 https://hackread.com/ine-securitys-cybersecurity-and-it-training-enhances-career-stability-in-tech/ www.secnews.physaphae.fr/article.php?IdArticle=8649016 False None None 2.0000000000000000 Dark Reading - Informationweek Branch By taking several proactive steps, boards can improve their organization\'s resilience against cyberattacks and protect their critical OT assets.]]> 2025-02-19T15:00:00+00:00 https://www.darkreading.com/cyber-risk/board-role-cyber-risk-management-ot-environments www.secnews.physaphae.fr/article.php?IdArticle=8649010 False Industrial None 2.0000000000000000 Recorded Future - FLux Recorded Future John Eisenberg, a legal adviser to the National Security Council during Donald Trump\'s first presidency, is expected to be the president\'s nominee to lead the National Security Division of the Department of Justice.]]> 2025-02-19T14:58:52+00:00 https://therecord.media/john-eisenberg-expected-trump-nominee-doj-nsd www.secnews.physaphae.fr/article.php?IdArticle=8649012 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Russian state-backed hackers are increasingly targeting Signal messenger accounts - including those used by Ukrainian military personnel and government officials - in an effort to access sensitive information that could aid Moscow\'s war effort, researchers warn.]]> 2025-02-19T14:39:29+00:00 https://therecord.media/russian-state-hackers-spy-on-ukraine-military-signal www.secnews.physaphae.fr/article.php?IdArticle=8649013 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Australia-based Genea said it is investigating the cyber incident to determine whether any personal data was accessed by an unauthorized third party]]> 2025-02-19T14:15:00+00:00 https://www.infosecurity-magazine.com/news/australian-ivf-data-breach-cyber/ www.secnews.physaphae.fr/article.php?IdArticle=8649011 False Data Breach None 2.0000000000000000 Recorded Future - FLux Recorded Future Mobile security company iVerify says that it discovered about a dozen new infections of the powerful Pegasus spyware on phones mostly used by people in private industry.]]> 2025-02-19T14:05:12+00:00 https://therecord.media/pegasus-spyware-infections-iverify www.secnews.physaphae.fr/article.php?IdArticle=8649003 False Mobile None 3.0000000000000000 TechRepublic - Security News US The cyber security firm reported in its latest annual report that their researchers found more than 30.4 million phishing emails last year.]]> 2025-02-19T14:00:45+00:00 https://www.techrepublic.com/article/darktrace-threat-report/ www.secnews.physaphae.fr/article.php?IdArticle=8649041 False None None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Google Threat Intelligence Group (GTIG) has observed increasing efforts from several Russia state-aligned threat actors to compromise Signal Messenger accounts used by individuals of interest to Russia\'s intelligence services. While this emerging operational interest has likely been sparked by wartime demands to gain access to sensitive government and military communications in the context of Russia\'s re-invasion of Ukraine, we anticipate the tactics and methods used to target Signal will grow in prevalence in the near-term and proliferate to additional threat actors and regions outside the Ukrainian theater of war. Signal\'s popularity among common targets of surveillance and espionage activity-such as military personnel, politicians, journalists, activists, and other at-risk communities-has positioned the secure messaging application as a high-value target for adversaries seeking to intercept sensitive information that could fulfil a range of different intelligence requirements. More broadly, this threat also extends to other popular messaging applications such as WhatsApp and Telegram, which are also being actively targeted by Russian-aligned threat groups using similar techniques. In anticipation of a wider adoption of similar tradecraft by other threat actors, we are issuing a public warning regarding the tactics and methods used to date to help build public awareness and help communities better safeguard themselves from similar threats. We are grateful to the team at Signal for their close partnership in investigating this activity. The latest Signal releases on Android and iOS contain hardened features designed to help protect against similar phishing campaigns in the future. Update to the latest version to enable these features. Phishing Campaigns Abusing Signal\'s "Linked Devices" Feature The most novel and widely used technique underpinning Russian-aligned attempts to compromise Signal accounts is the abuse of the app\'s legitimate "linked devices" feature that enables Signal to be used on multiple devices concurrently. Because linking an additional device typically requires scanning a quick-response (QR) code, threat actors have resorted to crafting malicious QR codes that, when scanned, will link a victim\'s account to an actor-controlled Signal instance. If successful, future messages will be delivered synchronously to both the victim and the threat actor in real-time, providing a persistent means to eavesdrop on the victim\'s secure conversations without the need for full-device compromise. ]]> 2025-02-19T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/russia-targeting-signal-messenger/ www.secnews.physaphae.fr/article.php?IdArticle=8648980 False Malware,Threat,Mobile,Cloud,Commercial APT 44 2.0000000000000000 SecurityWeek - Security News The latest OpenSSH update patches two vulnerabilities, including one that enabled MitM attacks with no user interaction.

---

>The latest OpenSSH update patches two vulnerabilities, including one that enabled MitM attacks with no user interaction. ]]> 2025-02-19T13:32:41+00:00 https://www.securityweek.com/openssh-patches-vulnerabilities-allowing-mitm-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8649004 False Vulnerability None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The head of the Australian Security Intelligence Organisation gave his Annual Threat Assessment for the year ahead]]> 2025-02-19T13:30:00+00:00 https://www.infosecurity-magazine.com/news/spies-eye-aukus-nuclear-submarine/ www.secnews.physaphae.fr/article.php?IdArticle=8649002 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The Communications Security Establishment Canada (CSE) and its Canadian Centre for Cyber Security (Cyber Centre) call upon Canadian... ]]> 2025-02-19T13:26:22+00:00 https://industrialcyber.co/critical-infrastructure/canadian-agencies-urge-organizations-to-boost-cyber-defenses-as-ukraine-invasion-anniversary-approaches/ www.secnews.physaphae.fr/article.php?IdArticle=8649000 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial In an increasingly interconnected world, research firm Gartner identified that the protection of cyber-physical systems (CPS) has emerged...

---

>In an increasingly interconnected world, research firm Gartner identified that the protection of cyber-physical systems (CPS) has emerged... ]]> 2025-02-19T13:16:44+00:00 https://industrialcyber.co/news/gartner-details-emergence-of-cyber-physical-systems-protection-platforms/ www.secnews.physaphae.fr/article.php?IdArticle=8649001 False None None 3.0000000000000000 HackRead - Chercher Cyber The advancement of technology has also impacted sectors like gaming. Blockchain technology has surfaced as an asset that…]]> 2025-02-19T13:10:51+00:00 https://hackread.com/how-blockchain-games-ensure-transparency-fairness/ www.secnews.physaphae.fr/article.php?IdArticle=8649005 False None None 2.0000000000000000 IT Security Guru - Blog Sécurité The UK is facing a cybersecurity talent crisis, with nearly half (44%) of businesses struggling to find professionals equipped to combat the evolving cyber threat landscape, according to the UK Government’s Cyber Security Skills in the UK Labour Market 2024 report. In response, Check Point Software, a global leader in cybersecurity solutions, joined forces with […] ]]> 2025-02-19T13:03:27+00:00 https://www.itsecurityguru.org/2025/02/19/cybersecurity-talent-crisis-future-defenders-rise-to-the-challenge-in-ctf-showdown/?utm_source=rss&utm_medium=rss&utm_campaign=cybersecurity-talent-crisis-future-defenders-rise-to-the-challenge-in-ctf-showdown www.secnews.physaphae.fr/article.php?IdArticle=8649044 False Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite At Check Point Software, our partners are at the core of our mission to deliver cutting-edge cyber security solutions worldwide. As cyber threats continue to evolve in complexity and frequency, our partners play a vital role in safeguarding businesses and individuals alike. The Check Point Americas 2024 Partner of the Year Awards recognize the outstanding achievements of our channel partners, who have demonstrated resilience, innovation, and dedication in securing the digital world. These awards celebrate their hard work and success in driving cyber security excellence, ensuring customers receive top-tier protection and strategic guidance amidst an ever-changing threat landscape. We proudly […]

---

>At Check Point Software, our partners are at the core of our mission to deliver cutting-edge cyber security solutions worldwide. As cyber threats continue to evolve in complexity and frequency, our partners play a vital role in safeguarding businesses and individuals alike. The Check Point Americas 2024 Partner of the Year Awards recognize the outstanding achievements of our channel partners, who have demonstrated resilience, innovation, and dedication in securing the digital world. These awards celebrate their hard work and success in driving cyber security excellence, ensuring customers receive top-tier protection and strategic guidance amidst an ever-changing threat landscape. We proudly […] ]]> 2025-02-19T13:00:39+00:00 https://blog.checkpoint.com/partners/celebrating-excellence-check-points-americas-2024-partner-award-of-the-year-winners/ www.secnews.physaphae.fr/article.php?IdArticle=8648998 False Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future There were billions of dollars\' worth of cryptocurrency transactions in 2024 by entities sanctioned by the United States, say researchers from Chainalysis in a new report.]]> 2025-02-19T13:00:29+00:00 https://therecord.media/sanctions-cryptocurrency-iran-tornado-cash-chainalysis-report www.secnews.physaphae.fr/article.php?IdArticle=8648989 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future The domestic-focused agency ASIO has "identified at least three different countries plotting to physically harm people living in Australia," according its most recent threat assessment.]]> 2025-02-19T12:47:01+00:00 https://therecord.media/australia-asio-report-foreign-intelligence-murder-plots www.secnews.physaphae.fr/article.php?IdArticle=8648990 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain The FakeUpdate malware campaigns are increasingly becoming muddled, with two additional cybercrime groups tracked as TA2726 and TA2727, running campaigns that push a new macOS infostealer malware called FrigidStealer. [...]]]> 2025-02-19T12:42:39+00:00 https://www.bleepingcomputer.com/news/security/new-frigidstealer-infostealer-infects-macs-via-fake-browser-updates/ www.secnews.physaphae.fr/article.php?IdArticle=8649036 False Malware None 2.0000000000000000 Bleeping Computer - Magazine Américain ​Genea, one of Australia\'s largest fertility services providers, disclosed that unknown attackers breached its network and accessed data stored on compromised systems. [...]]]> 2025-02-19T12:40:32+00:00 https://www.bleepingcomputer.com/news/security/australian-fertility-services-giant-genea-hit-by-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8649037 False None None 3.0000000000000000 HackRead - Chercher Cyber The education sector is changing quickly as it adopts digital tools for better learning experiences. These days, learning…]]> 2025-02-19T12:33:22+00:00 https://hackread.com/10-best-lms-saas-platforms-scalable-online-learning/ www.secnews.physaphae.fr/article.php?IdArticle=8648995 False Tool,Cloud None 2.0000000000000000 SecurityWeek - Security News A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update.

---

>A recently identified macOS infostealer named FrigidStealer has been distributed through a compromised website, as a fake browser update. ]]> 2025-02-19T12:20:00+00:00 https://www.securityweek.com/new-frigidstealer-macos-malware-distributed-as-fake-browser-update/ www.secnews.physaphae.fr/article.php?IdArticle=8648994 False Malware None 2.0000000000000000 Cyble - CyberSecurity Firm Overview   The Cybersecurity and Infrastructure Security Agency (CISA) has announced updates to its Industrial Control Systems (ICS) advisories, along with the addition of two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog. On February 18, 2025, CISA published two updated advisories detailing critical vulnerabilities found in industrial control systems. These advisories are vital for system administrators and users working with ICS to address security concerns and take necessary actions to mitigate the associated risks.  ICSA-24-191-01: Delta Electronics CNCSoft-G2 (Update A)  Delta Electronics\' CNCSoft-G2, a human-machine interface (HMI) software, has been found to have multiple vulnerabilities that could be exploited by remote attackers. These vulnerabilities, which include buffer overflows and out-of-bounds writes, can lead to remote code execution. The specific versions affected include CNCSoft-G2 Version 2.0.0.5, as well as older versions like 2.1.0.10 and 2.1.0.16.  The vulnerabilities are as follows:  Stack-based Buffer Overflow (CVE-2024-39880)  Out-of-bounds Write (CVE-2024-39881)  Out-of-bounds Read (CVE-2024-39882)  Heap-based Buffer Overflow (CVE-2024-39883, CVE-2025-22880, CVE-2024-12858)  ]]> 2025-02-19T12:18:54+00:00 https://cyble.com/blog/cisa-upgrades-known-exploited-vulnerabilities-catalog/ www.secnews.physaphae.fr/article.php?IdArticle=8648991 False Tool,Vulnerability,Threat,Industrial None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber The most consequential cyberattacks observed by Darktrace last year were linked to software defects in firewalls and perimeter network technologies.

---

>The most consequential cyberattacks observed by Darktrace last year were linked to software defects in firewalls and perimeter network technologies. ]]> 2025-02-19T12:01:00+00:00 https://cyberscoop.com/edge-device-vulnerabilities-fuel-attack-sprees/ www.secnews.physaphae.fr/article.php?IdArticle=8648984 False Vulnerability None 2.0000000000000000 DarkTrace - DarkTrace: AI bases detection Explore Darktrace\'s Annual Threat Report 2024 for insights on the latest cyber threats and trends observed throughout the year.]]> 2025-02-19T12:00:02+00:00 https://darktrace.com/blog/darktrace-releases-annual-2024-threat-insights www.secnews.physaphae.fr/article.php?IdArticle=8648982 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Venture capital firm Insight Partners, which counts Recorded Future, SentinelOne and Wiz in its portfolio, confirmed an intrusion into its systems via a social engineering attack]]> 2025-02-19T12:00:00+00:00 https://www.infosecurity-magazine.com/news/insight-partners-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8648985 False None None 2.0000000000000000 SecurityWeek - Security News Admeritia has launched Cyber Decision Diagrams, a free tool designed to help organizations manage complex decisions related to ICS/OT cybersecurity. 

---

>Admeritia has launched Cyber Decision Diagrams, a free tool designed to help organizations manage complex decisions related to ICS/OT cybersecurity.  ]]> 2025-02-19T12:00:00+00:00 https://www.securityweek.com/free-diagram-tool-aids-management-of-complex-ics-ot-cybersecurity-decisions/ www.secnews.physaphae.fr/article.php?IdArticle=8648981 False Tool,Industrial None 2.0000000000000000 HackRead - Chercher Cyber Xerox Versalink printers are vulnerable to pass-back attacks. Rapid7 discovers LDAP & SMB flaws (CVE-2024-12510 & CVE-2024-12511). Update…]]> 2025-02-19T11:17:57+00:00 https://hackread.com/xerox-versalink-printers-vulnerabilities-hackers-steal-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8648983 False Vulnerability None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine]]> 2025-02-19T11:00:00+00:00 https://www.infosecurity-magazine.com/news/russian-hackers-signal-spy/ www.secnews.physaphae.fr/article.php?IdArticle=8648977 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Rigging the odds in your favor is the only way security practitioners can go.

---

>Rigging the odds in your favor is the only way security practitioners can go. ]]> 2025-02-19T11:00:00+00:00 https://cyberscoop.com/java-applications-security-op-ed/ www.secnews.physaphae.fr/article.php?IdArticle=8648971 False None None 2.0000000000000000 Cyble - CyberSecurity Firm Overview  Cyberattacks in 2025 are not just frequent-they are becoming more technically advanced, making it critical for organizations to be proactive in their approach to security. In the modern cybersecurity landscape, focusing on when, not if, an incident will occur is essential. By developing a strong security framework through sound design and strategic planning, Australian businesses can reduce risks and mitigate the damage caused by cyberattacks.  A cornerstone of this proactive approach is the concept of Modern Defensible Architecture (MDA), which provides organizations with a strategic framework for applying security principles consistently in the design, development, and maintenance of systems. The Australian government introduces MDA, with guidance from the Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC). Together, these entities help define Foundations for Modern Defensible Architecture that help organizations build secure and resilient systems, preparing them to defend against cyber threats.  Understanding Modern Defensible Architecture  The key to creating a Modern Defensible Architecture is the ability to defend against cyber threats while maintaining adaptability for future challenges. The ASD, through the ACSC, has developed a set of guidelines known as the ]]> 2025-02-19T10:39:07+00:00 https://cyble.com/blog/australia-introduces-modern-defensible-architecture/ www.secnews.physaphae.fr/article.php?IdArticle=8648974 False Vulnerability,Threat,Patching,Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain Palo Alto Networks warns that hackers are actively exploiting a critical authentication bypass flaw (CVE-2025-0108) in PAN-OS firewalls, chaining it with two other vulnerabilities to breach devices in active attacks. [...]]]> 2025-02-19T10:38:29+00:00 https://www.bleepingcomputer.com/news/security/palo-alto-networks-tags-new-firewall-bug-as-exploited-in-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8649017 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below - CVE-2025-0108 (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS]]> 2025-02-19T10:18:00+00:00 https://thehackernews.com/2025/02/cisa-adds-palo-alto-networks-and.html www.secnews.physaphae.fr/article.php?IdArticle=8648948 False Vulnerability None 2.0000000000000000 Global Security Mag - Site de news francais Investigations

---

Kaspersky rapporte près de 900 millions de tentatives de phishing en 2024, dans un contexte de multiplication des cybermenaces • En 2024, Kaspersky a bloqué 26 % de tentatives de phishing de plus dans le monde par rapport à 2023. L\'analyse montre que les attaquants continuent à capitaliser sur des noms de sociétés connues à l\'instar de Booking, Airbnb, TikTok et Telegram pour voler des informations d\'identification et installer des logiciels malveillants. • De plus, les utilisateurs ont été confrontés à plus de 125 millions d\'attaques impliquant des pièces jointes malveillantes. • Dans les boîtes mails professionnelles, un email sur deux est un message de spam. • En France, sur l\'année 2024, plus de 23 millions de tentatives de phishing ont été bloquées, ainsi que plus de 500 000 pièces jointes malveillantes. - Investigations]]> 2025-02-19T10:09:58+00:00 https://www.globalsecuritymag.fr/kaspersky-rapporte-pres-de-900-millions-de-tentatives-de-phishing-en-2024-dans.html www.secnews.physaphae.fr/article.php?IdArticle=8648976 False Spam None 3.0000000000000000 Kaspersky - Kaspersky Research blog We analyze 2024\'s key spam and phishing statistics and trends: the hunt for crypto wallets, Hamster Kombat, online promotions via neural networks, fake vacation schedules, and more.]]> 2025-02-19T10:00:31+00:00 https://securelist.com/spam-and-phishing-report-2024/115536/ www.secnews.physaphae.fr/article.php?IdArticle=8648963 False Spam None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial German cybersecurity company admeritia has developed a new resource with the launch of Cyber Decision Diagrams, a free... ]]> 2025-02-19T09:52:35+00:00 https://industrialcyber.co/industrial-cyber-attacks/admeritia-debuts-cyber-decision-diagrams-to-improve-decision-making-for-industrial-critical-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8648968 False Industrial None 3.0000000000000000 Korben - Bloger francais mon précédent article sur la Légion du Zodiaque et le Compendium de Magie, vous savez déjà que notre geek préféré de Seattle ne fait pas les choses à moitié. Mais là, avec L’Héritage de Zeus, il a vraiment mis la barre encore plus haut.

---

– Article en partenariat avec Deltakosh – David Catuhe alias Deltakosh, a enfin sorti le tome final de sa trilogie Illuminaria et franchement, quel voyage ! Si vous avez lu mon précédent article sur la Légion du Zodiaque et le Compendium de Magie, vous savez déjà que notre geek préféré de Seattle ne fait pas les choses à moitié. Mais là, avec L’Héritage de Zeus, il a vraiment mis la barre encore plus haut.]]> 2025-02-19T09:50:19+00:00 https://korben.info/lheritage-de-zeus-la-conclusion-epique-de-la-serie-illuminaria.html www.secnews.physaphae.fr/article.php?IdArticle=8648972 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Hudson Rock has found evidence that infostealers have compromised hundreds of US military and defense contractor credentials]]> 2025-02-19T09:45:00+00:00 https://www.infosecurity-magazine.com/news/us-military-defense-credentials/ www.secnews.physaphae.fr/article.php?IdArticle=8648966 False None None 3.0000000000000000 The Register - Site journalistique Anglais Showbiz members\' passport scans already plastered online A London talent agency has reported itself to the UK\'s data protection watchdog after the Rhysida ransomware crew last week claimed it had attacked the business, which represents luminaries of stage and screen.…]]> 2025-02-19T09:30:09+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/19/london_celebrity_talent_agency_reports/ www.secnews.physaphae.fr/article.php?IdArticle=8648967 False Ransomware None 3.0000000000000000 Korben - Bloger francais Vous vous souvenez de cette époque bénie ou nous passions nos journées à bidouiller notre Windows 98 pour le customiser, l’améliorer ou tout simplement le faire fonctionner correctement ? Depuis de l’eau a coulé sous les ponts mais y’en a qui n’ont jamais lâché ça ! Incroyable !! J’en veux pour preuve cette rustine particulièrement intéressante qui s’attaque à un problème qui me rendait dingue à l’époque : le comportement erratique de la souris entre Windows et le mode DOS.]]> 2025-02-19T09:00:00+00:00 https://korben.info/correctif-souris-windows-98-me-amelioration-vitesse.html www.secnews.physaphae.fr/article.php?IdArticle=8648973 False None None 3.0000000000000000 Global Security Mag - Site de news francais Special Reports

---

Private Equity investment across the security technology industry continues to surge Private Equity investment across the security technology industry continues to surge Mass geopolitical instability is driving structural change in governmental mindsets and budgets, expanding addressable markets. - Special Reports]]> 2025-02-19T08:59:38+00:00 https://www.globalsecuritymag.fr/private-equity-investment-across-the-security-technology-industry-continues-to.html www.secnews.physaphae.fr/article.php?IdArticle=8648957 False None None 3.0000000000000000 Global Security Mag - Site de news francais Investigations

---

Rapport cybersécurité WatchGuard : les malwares ciblant les endpoints, principalement via des services web légitimes et des documents, sont en hausse de 300% Le Threat Lab WatchGuard a également observé une résurgence des malwares de cryptomining, une augmentation des attaques basées sur des signatures et par ingénierie sociale, ainsi qu\'une augmentation des attaques de malwares dans la région EMEA. - Investigations]]> 2025-02-19T08:55:34+00:00 https://www.globalsecuritymag.fr/rapport-cybersecurite-watchguard-les-malwares-ciblant-les-endpoints.html www.secnews.physaphae.fr/article.php?IdArticle=8648958 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial FRENOS, provider of autonomous operational technology (OT) security assessments, and ThreatGEN, vendor of AI-powered cybersecurity simulation platforms, announced...

---

>FRENOS, provider of autonomous operational technology (OT) security assessments, and ThreatGEN, vendor of AI-powered cybersecurity simulation platforms, announced... ]]> 2025-02-19T08:54:31+00:00 https://industrialcyber.co/news/frenos-and-threatgen-partner-to-revolutionize-proactive-ot-cybersecurity-defense/ www.secnews.physaphae.fr/article.php?IdArticle=8648959 False Industrial None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Censinet, provider of healthcare risk management solutions, announced a collaboration with Amazon Web Services (AWS) to launch a... ]]> 2025-02-19T08:52:40+00:00 https://industrialcyber.co/news/censinet-aws-partner-to-improve-healthcare-risk-management-with-ai-powered-grc-cybersecurity-solutions/ www.secnews.physaphae.fr/article.php?IdArticle=8648960 False Medical None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial As industrial networks evolve, the importance of dedicated cybersecurity measures becomes ever more critical. These ISA/IEC 62443 standards...

---

>As industrial networks evolve, the importance of dedicated cybersecurity measures becomes ever more critical. These ISA/IEC 62443 standards... ]]> 2025-02-19T07:05:06+00:00 https://industrialcyber.co/isa-iec-62443/strengthening-ics-resilience-with-isa-iec-62443-standards-and-configuration-management/ www.secnews.physaphae.fr/article.php?IdArticle=8648952 False Industrial None 3.0000000000000000 ComputerWeekly - Computer Magazine 2025-02-19T07:00:00+00:00 https://www.computerweekly.com/feature/Quantum-computing-in-cyber-security-A-double-edged-sword www.secnews.physaphae.fr/article.php?IdArticle=8648988 False None None 2.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC 2025-02-19T07:00:00+00:00 https://levelblue.com/blogs/security-essentials/vciso-leadership-change-management-hitrust-csf-implementation www.secnews.physaphae.fr/article.php?IdArticle=8648951 False None None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite There are two types of companies, as the saying goes: those that have been hacked and those that don\'t know they\'ve been hacked. This is especially true in financial services. According to the IMF\'s Global Financial Stability Report, nearly one-fifth of reported cyber incidents in the past two decades have impacted financial firms, resulting in [...]]]> 2025-02-19T04:53:55+00:00 https://informationsecuritybuzz.com/risk-to-resilience-dora-compliant-step/ www.secnews.physaphae.fr/article.php?IdArticle=8648945 False None None 3.0000000000000000 The State of Security - Magazine Américain Since 2008, the CIS Controls have been through many iterations of refinement and improvement leading up to what we are presented with today in CIS Controls version 8.1. CIS Controls reflect the combined knowledge of experts from every part of the ecosystem (companies, governments, and individuals). The controls reflect consideration by people in many different roles, such as threat analysts, incident responders, solution providers, policy-makers, and more. This work is the collected wisdom from across many sectors that have banded together to create, adopt, and support the CIS Controls. Today...]]> 2025-02-19T03:18:18+00:00 https://www.tripwire.com/state-of-security/cis-control-1 www.secnews.physaphae.fr/article.php?IdArticle=8648964 False Threat None 3.0000000000000000 The State of Security - Magazine Américain In December 2024, Malaysia passed its Data Sharing Bill 2024, a new piece of legislation aimed at streamlining data-sharing across federal government agencies. This bill promises to revolutionize how data is managed, shared, and secured within Malaysia\'s government, fueling a more efficient, innovative, and secure public sector. By enabling seamless data exchange between federal entities while prioritizing privacy and security, the bill is a vital step toward turning Malaysia\'s vision of a modern, data-driven governance framework into reality. Bridging the Gaps in Government Data Sharing In...]]> 2025-02-19T03:18:14+00:00 https://www.tripwire.com/state-of-security/malaysias-data-sharing-bill-2024-pioneering-secure-and-efficient-government www.secnews.physaphae.fr/article.php?IdArticle=8648965 False Legislation None 3.0000000000000000 ProofPoint - Firm Security 2025-02-19T02:03:27+00:00 https://www.proofpoint.com/us/newsroom/press-releases/proofpoint-ranked-1-four-out-five-use-cases-2025-gartnerr-critical www.secnews.physaphae.fr/article.php?IdArticle=8649115 False None None 3.0000000000000000 Dark Reading - Informationweek Branch The campaign heavily uses Dropbox folders and PowerShell scripts to evade detection and quickly scrapped infrastructure components after researchers began poking around.]]> 2025-02-19T02:00:00+00:00 https://www.darkreading.com/cyberattacks-data-breaches/north-koreans-kimsuky-attacks-rivals-trusted-platforms www.secnews.physaphae.fr/article.php?IdArticle=8648938 False None None 3.0000000000000000 The Register - Site journalistique Anglais If you want to avoid urgent patches, stop exposing management consoles to the public internet A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems.…]]> 2025-02-19T00:15:15+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/19/palo_alto_firewall_attack/ www.secnews.physaphae.fr/article.php?IdArticle=8648932 False Vulnerability None 2.0000000000000000 WatchGuard - Fabricant Matériel et Logiciels 2025-02-19T00:00:00+00:00 https://www.watchguard.com/fr/wgrd-news/press-releases/le-nouveau-rapport-de-watchguard-threat-lab-revele-une-augmentation-de-300 www.secnews.physaphae.fr/article.php?IdArticle=8649021 False Spam,Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Acquisition strengthens Deepwatch Platform capabilities with actionable insights and risk-based prioritization.]]> 2025-02-18T23:16:56+00:00 https://www.darkreading.com/vulnerabilities-threats/deepwatch-acquires-dassana-to-boost-cyber-resilience-with-ai www.secnews.physaphae.fr/article.php?IdArticle=8648999 False None None 2.0000000000000000 HackRead - Chercher Cyber A new report reveals how cheap Infostealer malware is exposing US military and defense data, putting national security at risk. Hackers exploit human error to gain access.]]> 2025-02-18T22:42:24+00:00 https://hackread.com/infostealers-breach-us-security-military-fbi-hit/ www.secnews.physaphae.fr/article.php?IdArticle=8648925 False Malware,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Attackers are using patched bugs to potentially gain unfettered access to an organization\'s Windows environment under certain conditions.]]> 2025-02-18T22:28:33+00:00 https://www.darkreading.com/iot/xerox-printer-vulnerabilities-credential-capture www.secnews.physaphae.fr/article.php?IdArticle=8648927 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch Winnti once used a variety of malware but is now focused on SQL vulnerabilities and obfuscation, updated encryption, and new evasion methods to gain access.]]> 2025-02-18T22:17:55+00:00 https://www.darkreading.com/cyberattacks-data-breaches/china-linked-threat-group-japanese-orgs-servers www.secnews.physaphae.fr/article.php?IdArticle=8648918 False Malware,Vulnerability,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future The settlement with Health Net Federal Services is the latest penalty levied on a federal contractor as part of a 2021 initiative to root out cyber-related fraud.]]> 2025-02-18T22:15:59+00:00 https://therecord.media/managed-health-tricare-false-claims www.secnews.physaphae.fr/article.php?IdArticle=8648926 False Medical None 3.0000000000000000 Dark Reading - Informationweek Branch 2025-02-18T21:54:22+00:00 https://www.darkreading.com/cloud-security/thrive-acquires-secured-network-services www.secnews.physaphae.fr/article.php?IdArticle=8648919 False None None 2.0000000000000000 Dark Reading - Informationweek Branch 2025-02-18T21:50:51+00:00 https://www.darkreading.com/cybersecurity-operations/sans-institute-launches-ai-cybersecurity-hackathon www.secnews.physaphae.fr/article.php?IdArticle=8648920 False None None 2.0000000000000000 CybeReason - Vendor blog KEY TAKEAWAYS Email & Cloud Security Configuration Snapshot can be delivered free as part of BEC investigations, in automated fashion   Snapshot condenses frontline threat intelligence from 1000s of BEC investigations to identify configuration weakness allowing most common BEC attack patterns Requires no additional client involvement to run Available for M365 and Google Workspace Business Email Compromise (BEC) remains one of the most financially devastating forms of cybercrime, with the FBI reporting over $55 billion in BEC losses worldwide over the past 10 years. Requiring little technical expertise, BECs are relatively simple to execute and attackers have found clever ways to bypass most defenses, contributing to the high rate of incidents. Though attackers leverage various intrusion vectors to compromise email accounts, most BEC incidents are worsened by poor email and cloud security configurations, making it easier for attackers to move laterally, exfiltrate data, and increase the overall impact of the attack.

---

KEY TAKEAWAYS Email & Cloud Security Configuration Snapshot can be delivered free as part of BEC investigations, in automated fashion   Snapshot condenses frontline threat intelligence from 1000s of BEC investigations to identify configuration weakness allowing most common BEC attack patterns Requires no additional client involvement to run Available for M365 and Google Workspace Business Email Compromise (BEC) remains one of the most financially devastating forms of cybercrime, with the FBI reporting over $55 billion in BEC losses worldwide over the past 10 years. Requiring little technical expertise, BECs are relatively simple to execute and attackers have found clever ways to bypass most defenses, contributing to the high rate of incidents. Though attackers leverage various intrusion vectors to compromise email accounts, most BEC incidents are worsened by poor email and cloud security configurations, making it easier for attackers to move laterally, exfiltrate data, and increase the overall impact of the attack.]]> 2025-02-18T21:50:13+00:00 https://www.cybereason.com/blog/bec-security-configuration-snapshot www.secnews.physaphae.fr/article.php?IdArticle=8648917 False Threat,Cloud,Technical None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism XCSSET has been targeting Mac users since 2020.]]> 2025-02-18T21:04:55+00:00 https://arstechnica.com/security/2025/02/microsoft-warns-that-the-powerful-xcsset-macos-malware-is-back-with-new-tricks/ www.secnews.physaphae.fr/article.php?IdArticle=8648924 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions. The vulnerabilities, detailed by the Qualys Threat Research Unit (TRU), are listed below - CVE-2025-26465 - The OpenSSH client]]> 2025-02-18T21:04:00+00:00 https://thehackernews.com/2025/02/new-openssh-flaws-enable-man-in-middle.html www.secnews.physaphae.fr/article.php?IdArticle=8648895 False Vulnerability,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Vulnérabilités

---

Un attaquant peut accéder aux données sur FortiClient, via Memory Dump VPN Password, afin d\'obtenir des informations sensibles. - Vulnérabilités]]> 2025-02-18T20:40:45+00:00 https://www.globalsecuritymag.fr/vigilance-fr-forticlient-absence-de-chiffrement-via-memory-dump-vpn-password.html www.secnews.physaphae.fr/article.php?IdArticle=8648909 False None None 2.0000000000000000 Global Security Mag - Site de news francais Security Vulnerability

---

An attacker can access data on FortiClient, via Memory Dump VPN Password, in order to read sensitive information. - Security Vulnerability]]> 2025-02-18T20:40:45+00:00 https://www.globalsecuritymag.fr/vigilance-fr-forticlient-no-encryption-via-memory-dump-vpn-password-analyzed-on.html www.secnews.physaphae.fr/article.php?IdArticle=8648908 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future In a report released on Monday, threat intelligence specialists at Microsoft said that they have discovered the new XCSSET strain in limited attacks. XCSSET, first spotted in the wild in August 2020, spreads by infecting Xcode projects, which developers use to create apps for Apple devices.]]> 2025-02-18T20:40:06+00:00 https://therecord.media/hackers-use-macos-malware-to-steal-crypto www.secnews.physaphae.fr/article.php?IdArticle=8648914 False Malware,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2025-02-18T20:39:59+00:00 https://www.globalsecuritymag.fr/crowdstrike-lance-charlotte-ai-detection-triage.html www.secnews.physaphae.fr/article.php?IdArticle=8648910 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor\'s malicious payload into an external process, waitfor.exe,]]> 2025-02-18T20:39:00+00:00 https://thehackernews.com/2025/02/chinese-hackers-exploit-mavinjectexe-to.html www.secnews.physaphae.fr/article.php?IdArticle=8648883 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Produits

---

Keeper Security lance la version améliorée de KeeperPAM, redéfinissant la gestion des accès privilégiés avec une sécurité Zero Trust KeeperPAM permet aux organisations de garder une longueur d\'avance sur l\'évolution des cybermenaces en fournissant un cadre robuste de type Zero Trust pour la gestion des accès privilégiés et l\'atténuation des risques de cybersécurité. - Produits]]> 2025-02-18T20:37:10+00:00 https://www.globalsecuritymag.fr/keeper-security-lance-la-version-amelioree-de-keeperpam.html www.secnews.physaphae.fr/article.php?IdArticle=8648911 False None None 3.0000000000000000 Global Security Mag - Site de news francais Points de Vue

---

Antony Derbes, Président d\'Open Lake Technology Cybersécurité et intelligence artificielle : les bonnes pratiques pour une IA éthique et conforme - Points de Vue]]> 2025-02-18T20:27:50+00:00 https://www.globalsecuritymag.fr/cybersecurite-et-intelligence-artificielle-les-bonnes-pratiques-pour-une-ia.html www.secnews.physaphae.fr/article.php?IdArticle=8648912 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft is warning the modular and potentially wormable Apple-focused infostealer boasts new capabilities for obfuscation, persistence, and infection, and could lead to a supply chain attack.]]> 2025-02-18T19:02:31+00:00 https://www.darkreading.com/vulnerabilities-threats/microsoft-variant-macos-threat-xcsset www.secnews.physaphae.fr/article.php?IdArticle=8648905 False Threat None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Discover how AI-led investigations unify IT and OT security, reducing alert fatigue and accelerating alert investigation in industrial environments.]]> 2025-02-18T18:48:32+00:00 https://darktrace.com/blog/unifying-it-ot-with-ai-led-investigations-for-industrial-security www.secnews.physaphae.fr/article.php?IdArticle=8648900 False Industrial None 3.0000000000000000 Krebs on Security - Chercheur Américain Carding -- the underground business of stealing, selling and swiping stolen payment card data -- has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.]]> 2025-02-18T18:37:26+00:00 https://krebsonsecurity.com/2025/02/how-phished-data-turns-into-apple-google-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8648901 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are alerting to a new campaign that leverages web injects to deliver a new Apple macOS malware known as FrigidStealer. The activity has been attributed to a previously undocumented threat actor known as TA2727, with the information stealers for other platforms such as Windows (Lumma Stealer or DeerStealer) and Android (Marcher). TA2727 is a "threat actor that uses fake]]> 2025-02-18T18:30:00+00:00 https://thehackernews.com/2025/02/new-frigidstealer-malware-targets-macos.html www.secnews.physaphae.fr/article.php?IdArticle=8648864 False Malware,Threat,Mobile None 3.0000000000000000 HackRead - Chercher Cyber Two critical OpenSSH vulnerabilities discovered! Qualys TRU finds client and server flaws (CVE-2025-26465 & CVE-2025-26466) enabling MITM and…]]> 2025-02-18T18:05:07+00:00 https://hackread.com/critical-openssh-flaws-expose-users-mitm-dos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8648896 False Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future The National Assembly, Ecuador\'s unicameral legislature, says it was able to "identify and counteract" attempts by malicious hackers to breach sensitive systems.]]> 2025-02-18T17:52:52+00:00 https://therecord.media/ecuador-national-assembly-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=8648899 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Juniper Networks has released security updates to address a critical security flaw impacting Session Smart Router, Session Smart Conductor, and WAN Assurance Router products that could be exploited to hijack control of susceptible devices. Tracked as CVE-2025-21589, the vulnerability carries a CVSS v3.1 score of 9.8 and a CVS v4 score of 9.3. "An Authentication Bypass Using an Alternate Path or]]> 2025-02-18T17:48:00+00:00 https://thehackernews.com/2025/02/juniper-session-smart-routers.html www.secnews.physaphae.fr/article.php?IdArticle=8648854 False Vulnerability None 3.0000000000000000 McAfee Labs - Editeur Logiciel Cryptocurrency offers exciting opportunities-but it\'s also a favorite playground for scammers.   With the rapid rise of deepfake technology and deceptive...

---

> Cryptocurrency offers exciting opportunities-but it\'s also a favorite playground for scammers.   With the rapid rise of deepfake technology and deceptive... ]]> 2025-02-18T17:08:23+00:00 https://www.mcafee.com/blogs/tips-tricks/how-to-spot-a-crypto-scam-the-top-red-flags-to-watch-for/ www.secnews.physaphae.fr/article.php?IdArticle=8648894 False None None 3.0000000000000000 The Register - Site journalistique Anglais Called it an \'incident\' in SEC filing, but encrypted apps and data exfiltration suggest Lee just can\'t say the R word US newspaper publisher Lee Enterprises is blaming its recent service disruptions on a "cybersecurity attack," per a regulatory filing, and is the latest company to avoid using the dreaded R word.…]]> 2025-02-18T17:00:16+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/18/us_newspaper_publisher_exercises_linguistic/ www.secnews.physaphae.fr/article.php?IdArticle=8648890 False Ransomware None 3.0000000000000000 SecurityWeek - Security News San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks.

---

>San Francisco startup secures $8.5 million in seed funding led by Valley Capital Partners to tackle browser-based malware attacks. ]]> 2025-02-18T16:54:07+00:00 https://www.securityweek.com/mirrortab-raises-8-5m-seed-round-to-take-on-browser-based-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8648886 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Media conglomerate Lee Enterprises told regulators on Friday that hackers had stolen files and encrypted “critical applications” as part of an incident that impacted the operations of dozens of newspapers nationwide.]]> 2025-02-18T16:32:32+00:00 https://therecord.media/cyberattack-lee-enterprises-news-media www.secnews.physaphae.fr/article.php?IdArticle=8648893 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Is AI really reshaping the cyber threat landscape, or is the constant drumbeat of hype drowning out actual, more tangible, real-world dangers? According to Picus Labs\' Red Report 2025 which analyzed over one million malware samples, there\'s been no significant surge, so far, in AI-driven attacks. Yes, adversaries are definitely continuing to innovate, and while AI will certainly start playing a]]> 2025-02-18T16:30:00+00:00 https://thehackernews.com/2025/02/debunking-ai-hype-inside-real-hacker.html www.secnews.physaphae.fr/article.php?IdArticle=8648843 False Malware,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Significant OpenSSH flaws are exposing systems to man-in-the-middle and denial-of service attacks]]> 2025-02-18T16:30:00+00:00 https://www.infosecurity-magazine.com/news/openssh-flaws-expose-systems/ www.secnews.physaphae.fr/article.php?IdArticle=8648888 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain A large-scale malware campaign dubbed "StaryDobry" has been targeting gamers worldwide with trojanized versions of cracked games such as Garry\'s Mod, BeamNG.drive, and Dyson Sphere Program. [...]]]> 2025-02-18T16:25:24+00:00 https://www.bleepingcomputer.com/news/security/cracked-garrys-mod-beamngdrive-games-infect-gamers-with-miners/ www.secnews.physaphae.fr/article.php?IdArticle=8648921 False Malware None 2.0000000000000000 HackRead - Chercher Cyber The New Snake Keylogger variant targets Windows users via phishing emails, using AutoIt for stealth. Learn how it…]]> 2025-02-18T16:20:32+00:00 https://hackread.com/snake-keylogger-variant-windows-data-telegram-bots/ www.secnews.physaphae.fr/article.php?IdArticle=8648889 False None None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point has announced its plans to establish its first Asia-Pacific Research and Development (R&D) Centre in Bengaluru, India, with a goal to drive innovation in cyber security solutions and strengthen global product development and talent growth. This strategic expansion, unveiled during Check Point\'s annual CPX Bangkok 2025 conference, underscores the company\'s commitment to advancing cyber security innovation while leveraging India\'s dynamic tech talent ecosystem.  “India is a global technology powerhouse, and our new R&D Centre in Bengaluru reflects our deep commitment to harnessing top-tier cyber security talent from the region,” said Ruma Balasubramanian, President of APAC & Japan, Check […]

---

Check Point has announced its plans to establish its first Asia-Pacific Research and Development (R&D) Centre in Bengaluru, India, with a goal to drive innovation in cyber security solutions and strengthen global product development and talent growth. This strategic expansion, unveiled during Check Point\'s annual CPX Bangkok 2025 conference, underscores the company\'s commitment to advancing cyber security innovation while leveraging India\'s dynamic tech talent ecosystem.  “India is a global technology powerhouse, and our new R&D Centre in Bengaluru reflects our deep commitment to harnessing top-tier cyber security talent from the region,” said Ruma Balasubramanian, President of APAC & Japan, Check […] ]]> 2025-02-18T16:02:26+00:00 https://blog.checkpoint.com/security/check-point-software-announces-plans-to-expand-global-rd-footprint-with-first-asia-pacific-research-development-centre-in-bengaluru/ www.secnews.physaphae.fr/article.php?IdArticle=8648881 False Conference None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point today unveiled its strategic vision for securing the hyper-connected world at CPX 2025 Bangkok, its premier annual cyber security event. With nearly 1,650 employees, customers and partners from across APAC in attendance, Check Point showcased how AI-driven security innovations and its hybrid mesh security strategy are transforming cyber defense, ensuring organizations stay ahead of evolving threats.  With the global surge in sophisticated cyber attacks fueled by ransomware, hacktivism, and AI-driven cyber crime, organizations in APAC faced an average of 2,915 attacks per week over the last six months-significantly higher than the global average of 1,843 attacks per week, […]

---

>Check Point today unveiled its strategic vision for securing the hyper-connected world at CPX 2025 Bangkok, its premier annual cyber security event. With nearly 1,650 employees, customers and partners from across APAC in attendance, Check Point showcased how AI-driven security innovations and its hybrid mesh security strategy are transforming cyber defense, ensuring organizations stay ahead of evolving threats.  With the global surge in sophisticated cyber attacks fueled by ransomware, hacktivism, and AI-driven cyber crime, organizations in APAC faced an average of 2,915 attacks per week over the last six months-significantly higher than the global average of 1,843 attacks per week, […] ]]> 2025-02-18T15:44:59+00:00 https://blog.checkpoint.com/artificial-intelligence/check-point-software-securing-the-hyper-connected-world-in-a-new-era-of-ai-with-ai-driven-innovation-and-real-security-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8648882 False Ransomware None 3.0000000000000000 Bleeping Computer - Magazine Américain New York-based venture capital and private equity firm Insight Partners has disclosed that its systems were breached in January following a social engineering attack. [...]]]> 2025-02-18T15:33:43+00:00 https://www.bleepingcomputer.com/news/security/venture-capital-giant-insight-partners-hit-by-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8648913 False None None 3.0000000000000000 The Register - Site journalistique Anglais Exploit code now available for MitM and DoS attacks Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released.…]]> 2025-02-18T15:30:06+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/ www.secnews.physaphae.fr/article.php?IdArticle=8648880 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Winnti has been attributed to a new campaign dubbed RevivalStone that targeted Japanese companies in the manufacturing, materials, and energy sectors in March 2024. The activity, detailed by Japanese cybersecurity company LAC, overlaps with a threat cluster tracked by Trend Micro as Earth Freybug, which has been assessed to be a subset within the APT41]]> 2025-02-18T15:22:00+00:00 https://thehackernews.com/2025/02/winnti-apt41-targets-japanese-firms-in.html www.secnews.physaphae.fr/article.php?IdArticle=8648844 False Threat,Prediction APT 41 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Trend Micro found that Chinese espionage group Mustang Panda is deploying malware via legitimate Microsoft tools, enabling it to bypass ESET antivirus applications]]> 2025-02-18T15:00:00+00:00 https://www.infosecurity-magazine.com/news/mustang-panda-microsoft-bypass/ www.secnews.physaphae.fr/article.php?IdArticle=8648876 False Malware,Tool,Prediction None 3.0000000000000000 Wired Threat Level - Security News Argentinian president Javier Milei is facing calls for impeachment and a possible criminal investigation for his role in the rise and fast collapse of a memecoin.]]> 2025-02-18T14:55:38+00:00 https://www.wired.com/story/memecoin-scandal-threatens-argentine-president-javier-milei/ www.secnews.physaphae.fr/article.php?IdArticle=8648873 False None None 3.0000000000000000 HackRead - Chercher Cyber Microsoft warns Apple developers about a new XCSSET malware variant targeting macOS, posing security risks through stealthy infections…]]> 2025-02-18T14:45:57+00:00 https://hackread.com/xcsset-malware-variant-targets-macos-notes-wallets/ www.secnews.physaphae.fr/article.php?IdArticle=8648879 False Malware None 3.0000000000000000 Korben - Bloger francais J’avais envie de faire ce second article au sujet du Sommet de l’Action pour l’IA auquel j’ai assisté la semaine dernière, non pas pour en remettre une couche sur l’aspect politique du truc, mais plutôt pour vous parler des “initiatives” (entreprises et ONG) que j’ai pu croiser rapidement là-bas. Ce Sommet de Paris était avant tout une conversation mondiale sur l\'IA, où toutes les voix, et pas seulement celles de Washington ou de Pékin pouvaient se faire entendre​. Et à cette occasion, la France a décidé d’inviter des acteurs du secteur du monde entier… à 100% Tech for Good, c’est à dire qui utilisent l’IA pour le bien commun. J’ai trouvé que c’était bien, plutôt que d’avoir un méga stand OpenAI, Google, Meta ou je ne sais quoi, là y’avait plein de projets déjà présentés pour la plupart lors du Forum pour la Paix, que j’ai trouvé super intéressants et prometteurs.]]> 2025-02-18T14:10:20+00:00 https://korben.info/ai-for-good-11-projets-prometteurs-reperes-au-sommet-de-laction-pour-lia-a-paris.html www.secnews.physaphae.fr/article.php?IdArticle=8648861 False None None 3.0000000000000000 Cyble - CyberSecurity Firm Overview The Indian Computer Emergency Response Team (CERT-In) has issued a critical security advisory (CIVN-2025-0025) detailing multiple vulnerabilities across various Adobe products. These security flaws pose significant risks, including unauthorized code execution, privilege escalation, security bypass, and denial-of-service (DoS) attacks. Users and administrators of affected Adobe software are urged to apply security updates immediately to mitigate these risks. Affected Software The vulnerabilities impact multiple Adobe products across different versions. The affected software includes: Adobe InDesign InDesign 1D20.0 and earlier versions InDesign 1D19.5.1 and earlier versions Adobe Commerce Adobe Commerce 2.4.4-p11 and earlier versions Adobe Commerce B2B 1.3.3-p11 and earlier versions Magento Open Source 2.4.4-p11 and earlier versions Adobe Substance 3D Stager Substance 3D Stager 3.1.0 and earlier versions Adobe InCopy InCopy 20.0 and earlier versions ]]> 2025-02-18T14:09:54+00:00 https://cyble.com/blog/cert-in-issues-critical-software-security-flaws/ www.secnews.physaphae.fr/article.php?IdArticle=8648875 False Vulnerability,Threat None 3.0000000000000000