This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-04-18T20:29:28+00:00 www.secnews.physaphae.fr Global Security Mag - Site de news francais Interviews / evenement_milieu]]> 2024-04-11T23:30:00+00:00 https://www.globalsecuritymag.fr/david-berenfus-cyber-show-paris-entreprises-collectivites-decouvrez-les.html www.secnews.physaphae.fr/article.php?IdArticle=8480063 False Conference None 3.0000000000000000 Global Security Mag - Site de news francais Les événements de Global Security Mag / affiche]]> 2024-04-11T22:30:00+00:00 https://www.globalsecuritymag.fr/elodie-livernette-aduneo-l-iam-est-une-veritable-demarche-qui-ne-permet-pas-d.html www.secnews.physaphae.fr/article.php?IdArticle=8480097 False None None 2.0000000000000000 Dark Reading - Informationweek Branch With stores of mega-corporate business intelligence, a Sisense compromise could potentially mushroom into supply chain cyberattack disaster, experts fear.]]> 2024-04-11T22:17:29+00:00 https://www.darkreading.com/threat-intelligence/sisense-breach-triggers-cisa-password-reset-advisory www.secnews.physaphae.fr/article.php?IdArticle=8480308 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Un rapport de Binarly constate qu'un bogue en silence dans un serveur Web populaire vivra probablement dans plusieurs produits de fin de vie majeurs.

---

>A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products. ]]> 2024-04-11T21:36:34+00:00 https://cyberscoop.com/lighttpd-vulnerability-ami-open-source/ www.secnews.physaphae.fr/article.php?IdArticle=8480813 False None None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Un rapport de Binarly constate qu'un bogue en silence dans un serveur Web populaire vivra probablement dans plusieurs produits de fin de vie majeurs.

---

>A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products. ]]> 2024-04-11T21:36:34+00:00 https://cyberscoop.com/lightppd-vulnerability-ami-open-source/ www.secnews.physaphae.fr/article.php?IdArticle=8480274 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future 2024-04-11T21:11:57+00:00 https://therecord.media/dlink-devices-exploited-vulnerabilities-cisa www.secnews.physaphae.fr/article.php?IdArticle=8480275 False Vulnerability None 2.0000000000000000 Dark Reading - Informationweek Branch 2024-04-11T20:50:35+00:00 https://www.darkreading.com/application-security/knostic-raises-3-3m-for-enterprise-genai-access-control www.secnews.physaphae.fr/article.php?IdArticle=8480245 False None None 2.0000000000000000 Krebs on Security - Chercheur Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today it is investigating a breach at business intelligence company Sisense, whose products are designed to allow companies to view the status of multiple third-party online services in a single dashboard. CISA urged all Sisense customers to reset any credentials and secrets that may have been shared with the company, which is the same advice Sisense gave to its customers Wednesday evening.]]> 2024-04-11T20:48:06+00:00 https://krebsonsecurity.com/2024/04/why-cisa-is-warning-cisos-about-a-breach-at-sisense/ www.secnews.physaphae.fr/article.php?IdArticle=8480244 False None None 3.0000000000000000 Dark Reading - Informationweek Branch 2024-04-11T20:46:13+00:00 https://www.darkreading.com/vulnerabilities-threats/cohesity-extends-collaboration-to-strengthen-cyber-resilience-with-ibm-investment-in-cohesity www.secnews.physaphae.fr/article.php?IdArticle=8480246 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Project behind the Rust programming language asserted that any calls to a specific API would be made safe, even with unsafe inputs, but researchers found ways to circumvent the protections.]]> 2024-04-11T20:08:48+00:00 https://www.darkreading.com/application-security/critical-rust-flaw-poses-exploit-threat-in-specific-windows-use-cases www.secnews.physaphae.fr/article.php?IdArticle=8480247 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch North Korean hackers break ground with new exploitation techniques for Windows and macOS.]]> 2024-04-11T20:02:47+00:00 https://www.darkreading.com/vulnerabilities-threats/dprk-exploits-mitre-sub-techniques-phantom-dll-hijacking-tcc-abuse www.secnews.physaphae.fr/article.php?IdArticle=8480309 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Led by industry veterans Gadi Evron and Sounil Yu, the new company lets organizations adjust how much information LLMs provide based on the user\'s role and responsibilities.]]> 2024-04-11T19:34:50+00:00 https://www.darkreading.com/data-privacy/knostic-brings-access-control-to-llms www.secnews.physaphae.fr/article.php?IdArticle=8480716 False None None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) ## Snapshot The Insikt Group has uncovered a large-scale Russian-language cybercrime operation that leverages fake Web3 gaming projects to distribute infostealer malware targeting both macOS and Windows users. ## Description These Web3 games, based on blockchain technology, entice users with the potential for cryptocurrency earnings. The campaign involves creating imitation Web3 gaming projects with minor modifications to appear legitimate, along with fake social media accounts to enhance their credibility. Upon visiting the main webpages of these projects, users are prompted to download malware such as Atomic macOS Stealer (AMOS), Stealc, Rhadamanthys, or RisePro, depending on their operating system. The threat actors have established a resilient infrastructure and are targeting Web3 gamers, exploiting their potential lack of cyber hygiene in pursuit of financial gains. The malware variants, including AMOS, are capable of infecting both Intel and Apple M1 Macs, indicating a broad vulnerability among users. The primary objective of the campaign appears to be the theft of cryptocurrency wallets, posing a significant risk to financial security. The threat actors\' Russian origin is hinted at by artifacts within the HTML code, although their exact location remains uncertain. ## References [https://www.recordedfuture.com/cybercriminal-campaign-spreads-infostealers-highlighting-risks-to-web3-gaming](https://www.recordedfuture.com/cybercriminal-campaign-spreads-infostealers-highlighting-risks-to-web3-gaming)]]> 2024-04-11T19:26:57+00:00 https://community.riskiq.com/article/0cdc08b5 www.secnews.physaphae.fr/article.php?IdArticle=8480234 False Malware,Vulnerability,Threat None 3.0000000000000000 McAfee Labs - Editeur Logiciel Dans un monde où la communication numérique domine, l'art de l'escroquerie est devenu un jeu sophistiqué de tromperie.A ...

---

> In a world where digital communication dominates, the art of scamming has evolved into a sophisticated game of deception. A... ]]> 2024-04-11T18:43:24+00:00 https://www.mcafee.com/blogs/internet-security/a-finance-journalist-fell-victim-to-a-50k-vishing-scam-are-you-also-at-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8480186 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new version of "Malware Next-Gen," now allowing the public to submit malware samples for analysis by CISA. [...]]]> 2024-04-11T18:27:13+00:00 https://www.bleepingcomputer.com/news/security/cisa-makes-its-malware-next-gen-analysis-system-publicly-available/ www.secnews.physaphae.fr/article.php?IdArticle=8480305 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Attackers have compromised an 8-year-old version of the cloud platform to distribute various malware that can take over infected systems.]]> 2024-04-11T18:22:12+00:00 https://www.darkreading.com/cloud-security/outdated-redis-service-abused-to-spread-meterpreter-backdoor www.secnews.physaphae.fr/article.php?IdArticle=8480187 False Malware,Cloud None 3.0000000000000000 Dark Reading - Informationweek Branch In new threat notification information, Apple singled out Pegasus vendor NSO Group as a culprit in mercenary spyware attacks.]]> 2024-04-11T18:19:43+00:00 https://www.darkreading.com/vulnerabilities-threats/apple-warns-users-targeted-by-mercenary-spyware www.secnews.physaphae.fr/article.php?IdArticle=8480188 False Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future 2024-04-11T18:05:35+00:00 https://therecord.media/cisa-microsoft-breach-emergency-directive www.secnews.physaphae.fr/article.php?IdArticle=8480157 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain LastPass revealed this week that threat actors targeted one of its employees in a voice phishing attack, using deepfake audio to impersonate Karim Toubba, the company\'s Chief Executive Officer. [...]]]> 2024-04-11T18:00:39+00:00 https://www.bleepingcomputer.com/news/security/lastpass-hackers-targeted-employee-in-failed-deepfake-ceo-call/ www.secnews.physaphae.fr/article.php?IdArticle=8480277 False Threat LastPass 2.0000000000000000 Zataz - Magazine Francais de secu 2024-04-11T17:45:13+00:00 https://www.zataz.com/deepfake-arnaque-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8480158 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Cyberscoop a d'abord rendu compte de l'existence de la directive, qui appelle les e-mails pilés "un risque grave et inacceptable pour les agences".

---

>CyberScoop first reported on the existence of the directive, which calls the pilfered emails “a grave and unacceptable risk to agencies." ]]> 2024-04-11T17:36:38+00:00 https://cyberscoop.com/cisa-emergency-directive-tells-agencies-to-fix-credentials-after-microsoft-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8480155 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor tracked as TA547 has targeted dozens of German organizations with an information stealer called Rhadamanthys as part of an invoice-themed phishing campaign. "This is the first time researchers observed TA547 use Rhadamanthys, an information stealer that is used by multiple cybercriminal threat actors," Proofpoint said. "Additionally, the actor appeared to]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/ta547-phishing-attack-hits-german-firms.html www.secnews.physaphae.fr/article.php?IdArticle=8479962 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/gitguardian-report-pypi-secrets.html www.secnews.physaphae.fr/article.php?IdArticle=8480059 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in GitHub, but a number in the popular Python package repository PyPI. PyPI,]]> 2024-04-11T17:02:00+00:00 https://thehackernews.com/2024/04/blog-post.html www.secnews.physaphae.fr/article.php?IdArticle=8479961 False None None 2.0000000000000000 Zataz - Magazine Francais de secu 2024-04-11T16:47:52+00:00 https://www.zataz.com/protection-des-mineurs-sur-internet-controle-obligatoire-des-juillet/ www.secnews.physaphae.fr/article.php?IdArticle=8480126 False None None 2.0000000000000000 Korben - Bloger francais 2024-04-11T16:47:01+00:00 https://korben.info/probleme-trois-corps-netflix-divise-fans-chine.html www.secnews.physaphae.fr/article.php?IdArticle=8480156 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Researchers from the HP Threat Research team have observed a shift in the distribution method of Raspberry Robin... ]]> 2024-04-11T16:37:18+00:00 https://industrialcyber.co/ransomware/hp-details-evolution-of-raspberry-robin-malware-shift-in-distribution-method-and-threat-landscape/ www.secnews.physaphae.fr/article.php?IdArticle=8480123 False Malware,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future 2024-04-11T16:29:08+00:00 https://therecord.media/apple-spyware-notifications-92-countries www.secnews.physaphae.fr/article.php?IdArticle=8480125 False None None 2.0000000000000000 Zataz - Magazine Francais de secu 2024-04-11T16:28:27+00:00 https://www.zataz.com/jeux-olympiques-2024-les-risques-de-fraude-par-courriel/ www.secnews.physaphae.fr/article.php?IdArticle=8480127 False None None 2.0000000000000000 Zataz - Magazine Francais de secu 2024-04-11T16:14:40+00:00 https://www.zataz.com/quand-des-cameras-de-surveillance-brouillent-les-telephones-de-tout-un-quartier/ www.secnews.physaphae.fr/article.php?IdArticle=8480128 False None None 3.0000000000000000 Palo Alto Network - Site Constructeur Google Cloud et Palo Alto Networks annoncent l'entreprise de pare-feu de nouvelle génération Google Cloud.Il a de vastes capacités de prévention des menaces.

---

>Google Cloud and Palo Alto Networks announce Google Cloud Next-Generation Firewall Enterprise. It has extensive threat prevention capabilities. ]]> 2024-04-11T16:00:43+00:00 https://www.paloaltonetworks.com/blog/2024/04/google-cloud-ngfw-enterprise/ www.secnews.physaphae.fr/article.php?IdArticle=8480088 False Threat,Cloud None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The revision points out companies like NSO Group, known for surveillance tools like Pegasus]]> 2024-04-11T16:00:00+00:00 https://www.infosecurity-magazine.com/news/apple-boosts-spyware-alerts/ www.secnews.physaphae.fr/article.php?IdArticle=8480095 False Tool None 2.0000000000000000 Zataz - Magazine Francais de secu 2024-04-11T15:58:56+00:00 https://www.zataz.com/peine-de-mort-pour-avoir-pirate-une-banque/ www.secnews.physaphae.fr/article.php?IdArticle=8480087 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

DigiCert Expands Executive Leadership Team with Appointment of Atri Chatterjee as Chief Marketing Officer Veteran cyber security CMO to drive customer expansion efforts as the company sets its course for $1 billion and beyond in annual recurring revenue - Business News]]> 2024-04-11T15:44:06+00:00 https://www.globalsecuritymag.fr/digicert-announced-the-appointment-of-atri-chatterjee-as-chief-marketing.html www.secnews.physaphae.fr/article.php?IdArticle=8480130 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine These records belonged to Dublin-based iCabbi, a dispatch and fleet management technology provider]]> 2024-04-11T15:30:00+00:00 https://www.infosecurity-magazine.com/news/data-breach-exposes-300k-taxi/ www.secnews.physaphae.fr/article.php?IdArticle=8480096 False Data Breach None 2.0000000000000000 SecurityWeek - Security News Le gouvernement américain émet une alerte rouge pour ce qui semble être une violation massive de la chaîne d'approvisionnement à Sissen, une entreprise qui vend des outils d'analyse de grosses données.

---

>The US government issues a red-alert for what appears to be a massive supply chain breach at Sisense, a company that sells big-data analytics tools. ]]> 2024-04-11T15:17:48+00:00 https://www.securityweek.com/sisense-data-breach-triggers-cisa-alert-and-urgent-calls-for-credential-resets/ www.secnews.physaphae.fr/article.php?IdArticle=8480124 False Data Breach,Tool None 2.0000000000000000 Silicon - Site de News Francais 2024-04-11T15:03:45+00:00 https://www.silicon.fr/green-ai-france-csrd-477699.html www.secnews.physaphae.fr/article.php?IdArticle=8480060 False None ChatGPT 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine A new cyber espionage campaign, called \'eXotic Visit,\' targeted Android users in South Asia via seemingly legitimate messaging apps]]> 2024-04-11T14:45:00+00:00 https://www.infosecurity-magazine.com/news/android-espionage-campaign-india/ www.secnews.physaphae.fr/article.php?IdArticle=8480062 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Business]]> 2024-04-11T14:35:35+00:00 https://www.globalsecuritymag.fr/cohesity-etend-sa-collaboration-avec-ibm.html www.secnews.physaphae.fr/article.php?IdArticle=8480064 False None None 2.0000000000000000 Korben - Bloger francais 2024-04-11T14:17:41+00:00 https://korben.info/windows-11-performances-decevantes-pc-haut-gamme.html www.secnews.physaphae.fr/article.php?IdArticle=8480092 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain A recent cyberattack on Hoya Corporation was conducted by the \'Hunters International\' ransomware operation, which demanded a $10 million ransom for a file decryptor and not to release files stolen during the attack. [...]]]> 2024-04-11T14:15:24+00:00 https://www.bleepingcomputer.com/news/security/optics-giant-hoya-hit-with-10-million-ransomware-demand/ www.secnews.physaphae.fr/article.php?IdArticle=8480189 False Ransomware None 3.0000000000000000 ProofPoint - Firm Security 2024-04-11T14:13:35+00:00 https://www.proofpoint.com/us/newsroom/press-releases/proofpoint-recognized-2024-gartner-peer-insights-customers-choice-data www.secnews.physaphae.fr/article.php?IdArticle=8480385 False None None 2.0000000000000000 Korben - Bloger francais 2024-04-11T14:00:03+00:00 https://korben.info/haters-gonna-hate-inoxtag-met-une-claque-aux-rabat-joie-de-leverest.html www.secnews.physaphae.fr/article.php?IdArticle=8480093 False None None 2.0000000000000000 Dark Reading - Informationweek Branch A machine learning bill of materials (MLBOM) framework can bring transparency, auditability, control, and forensic insight into AI and ML supply chains.]]> 2024-04-11T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/mlboms-are-useful-for-securing-ai-ml-supply-chain www.secnews.physaphae.fr/article.php?IdArticle=8480030 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

Cado Security joins Wiz Integration (WIN) platform to enable cloud forensics and incident response Technology partnership enables mutual customers to reduce cloud risk and expedite forensic investigations of critical cloud resources - Business News]]> 2024-04-11T13:54:48+00:00 https://www.globalsecuritymag.fr/cado-security-joins-wiz-integration-win-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8480024 False Cloud None 2.0000000000000000 Bleeping Computer - Magazine Américain CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group. [...]]]> 2024-04-11T13:47:19+00:00 https://www.bleepingcomputer.com/news/security/cisa-orders-agencies-impacted-by-microsoft-hack-to-mitigate-risks/ www.secnews.physaphae.fr/article.php?IdArticle=8480159 False Hack APT 29 3.0000000000000000 Recorded Future - FLux Recorded Future 2024-04-11T13:38:22+00:00 https://therecord.media/sisense-cyberattack-cisa-warning www.secnews.physaphae.fr/article.php?IdArticle=8480028 False None None 4.0000000000000000 ProofPoint - Cyber Firms 2024-04-11T13:27:54+00:00 https://www.proofpoint.com/us/blog/cloud-security/revisiting-mact-malicious-applications-credible-cloud-tenants www.secnews.physaphae.fr/article.php?IdArticle=8480061 False Malware,Threat,Prediction,Cloud APT 29 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber L'Agence de sécurité de la cybersécurité et de l'infrastructure exhorte les clients SISENS à réinitialiser les informations d'identification et à signaler toute activité suspecte.

---

>The Cybersecurity and Infrastructure Security Agency is urging Sisense customers to reset credentials and report any suspicious activity. ]]> 2024-04-11T13:26:39+00:00 https://cyberscoop.com/sisense-supply-chain-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8480029 False None None 2.0000000000000000 Global Security Mag - Site de news francais nouvelles commerciales

---

European Patent Office Grants Cobalt Iron a Patent on Its Cyber Event Responsiveness - Business News]]> 2024-04-11T13:22:29+00:00 https://www.globalsecuritymag.fr/european-patent-office-grants-cobalt-iron-a-patent-on-its-cyber-event.html www.secnews.physaphae.fr/article.php?IdArticle=8480025 False None None 2.0000000000000000 SecurityWeek - Security News Avec l'intelligence de menace automatisée, détaillée et contextualisée, les organisations peuvent mieux anticiper l'activité malveillante et utiliser l'intelligence pour accélérer la détection autour d'attaques éprouvées.

---

>With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. ]]> 2024-04-11T13:19:09+00:00 https://www.securityweek.com/why-intelligence-sharing-is-vital-to-building-a-robust-collective-cyber-defense-program/ www.secnews.physaphae.fr/article.php?IdArticle=8480026 False Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite La navigation sur l'intersection des référentiels de cybersécurité et de logiciels grâce à des mesures de sécurité standardisées alors que l'impact de la communauté des logiciels open source (OSS) continue de se développer, comprenant l'interaction entre les pratiques OSS et les normes de cybersécurité est devenue primordiale.Récemment, la Fondation de sécurité open source (OpenSSF) et le National Institute of Standards and Technology (NIST) ont établi la feuille de route pour les efforts collectifs pour améliorer la sécurité des logiciels open source.Ce blog explorera les progrès de l'avenir d'OpenSSF et les directives complètes du NIST SP800-204D, en particulier éclairant la façon dont ils peuvent se synergiser pour les référentiels de logiciels renforcés.L'arc d'OpenSSF: Stroiving for Higher Ground a lancé [& # 8230;]

---

>Navigating the Intersection of Cyber Security and Software Repositories through Standardized Safety Measures As the impact of the open-source software (OSS) community continues to expand, comprehending the interplay between OSS practices and cyber security standards has become paramount. Recentlythe Open Source Security Foundation (OpenSSF) and the National Institute of Standards and Technology (NIST)  established the roadmap for collective efforts toward enhancing open-source software security. This blog will explore the forward strides by OpenSSF and the comprehensive guidelines of the NIST SP800-204d, especially illuminating how they can synergize for reinforced software repositories. The Arc of OpenSSF: Striving for Higher Ground Launched […] ]]> 2024-04-11T13:00:43+00:00 https://blog.checkpoint.com/securing-the-cloud/enhancing-open-source-software-security-implementing-nist-sp800-204d-and-leveraging-openssf/ www.secnews.physaphae.fr/article.php?IdArticle=8480022 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Une étude de l'ISC2 à but non lucratif révèle que les champs de cybersécurité sont des tendances américaines des disparités de rémunération entre les hommes et les femmes.

---

>A study from non-profit ISC2 finds that the cybersecurity fields bucks U.S. trends of pay disparities between men and women. ]]> 2024-04-11T13:00:00+00:00 https://cyberscoop.com/women-make-less-than-men-in-us-cyber-jobs-but-the-gap-is-narrowing/ www.secnews.physaphae.fr/article.php?IdArticle=8479992 False Studies None 3.0000000000000000 Security Intelligence - Site de news Américain Les paiements de ransomwares ont atteint un sommet de 1,1 milliard de dollars en 2023, après une forte baisse du total des paiements en 2022. Certains facteurs qui peuvent avoir contribué à la baisse en 2022 étaient le conflit ukrainautorités judiciaires.En 2023, cependant, les paiements de ransomwares sont revenus à [& # 8230;]

---

>Ransomware payments hit an all-time high of $1.1 billion in 2023, following a steep drop in total payouts in 2022. Some factors that may have contributed to the decline in 2022 were the Ukraine conflict, fewer victims paying ransoms and cyber group takedowns by legal authorities. In 2023, however, ransomware payouts came roaring back to […] ]]> 2024-04-11T13:00:00+00:00 https://securityintelligence.com/articles/ransomware-all-time-high-attackers-struggle/ www.secnews.physaphae.fr/article.php?IdArticle=8481791 False Ransomware None 2.0000000000000000 SonarSource - Blog Sécu et Codage Pairing the "trust, but verify" approach with the power of Sonar\'s Clean Code solutions enables organizations to be confident that their AI-generated code is high-quality, maintainable, reliable, and secure.]]> 2024-04-11T13:00:00+00:00 https://www.sonarsource.com/blog/ai-generated-code-demands-trust-but-verify-approach-to-software-development www.secnews.physaphae.fr/article.php?IdArticle=8480091 False None None 2.0000000000000000 Fortinet - Fabricant Materiel Securite Network Security has entered its third era. Unified SASE and an integrated platform enable organizations to extend security to every edge of the network. Read more.]]> 2024-04-11T13:00:00+00:00 https://www.fortinet.com/blog/industry-trends/unified-sase-the-third-era-of-network-security www.secnews.physaphae.fr/article.php?IdArticle=8480021 False None None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Distribution vectors of the Raspberry Robin worm now include Windows Script Files (WSF) alongside other methods like USB drives]]> 2024-04-11T13:00:00+00:00 https://www.infosecurity-magazine.com/news/raspberry-robin-windows-script/ www.secnews.physaphae.fr/article.php?IdArticle=8480023 False None None 2.0000000000000000 Fortinet - Fabricant Materiel Securite Recap of the keynotes and customer talks presented at the 2024 Accelerate event April 2-4 in Las Vegas, Nevada. Read more.]]> 2024-04-11T13:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/accelerate-2024-collaboration-innovation-embracing-platform-era www.secnews.physaphae.fr/article.php?IdArticle=8480020 False None None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé 2024-04-11T12:55:46+00:00 https://blog.incogni.com/incorrect-information-on-background-check/ www.secnews.physaphae.fr/article.php?IdArticle=8479990 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Phony call center company conducted online fraud and other Internet scams.]]> 2024-04-11T12:48:44+00:00 https://www.darkreading.com/endpoint-security/zambia-busts-77-in-china-backed-cybercrime-operation www.secnews.physaphae.fr/article.php?IdArticle=8479993 False None None 3.0000000000000000 SecurityWeek - Security News La force de mission Cyber National de Uscybercom \\ a participé à 22 opérations de chasse étrangères en 2023.

---

>USCYBERCOM\'s Cyber National Mission Force participated in 22 foreign hunt forward operations in 2023. ]]> 2024-04-11T12:47:01+00:00 https://www.securityweek.com/us-cyber-force-assisted-foreign-governments-22-times-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8480027 False None None 2.0000000000000000 HackRead - Chercher Cyber Par uzair amir Êtes-vous intéressé par le trading des crypto-monnaies, mais ne vous inquiétez pas par où commencer?Avez-vous entendu parler de la scalpation cryptographique mais & # 8230; Ceci est un article de HackRead.com Lire le post original: Analyser les tendances des prix du bitcoin et les méthodes de scalpation cryptographique

---

>By Uzair Amir Are you interested in cryptocurrency trading but unsure where to start? Have you heard about crypto scalping but… This is a post from HackRead.com Read the original post: Analyzing Bitcoin Price Trends and Crypto Scalping Methods]]> 2024-04-11T12:19:40+00:00 https://www.hackread.com/analyzing-bitcoin-price-trends-crypto-scalping-methods/ www.secnews.physaphae.fr/article.php?IdArticle=8479991 False None None 2.0000000000000000 knowbe4 - cybersecurity services > En décembre 2023, un joint Alerte a été publié par le FBI, la CISA, la NSA, l'EPA et l'incd concernant les cyber-acteurs iraniens appelés" cyberav3ngers "liés à l'Iran \\ ''S Islamic Revolutionary Guard Corps (IRGC).

---

In December 2023, a joint alert was issued by the FBI, CISA, NSA, EPA, and INCD regarding Iranian cyber actors known as "CyberAv3ngers" linked to Iran\'s Islamic Revolutionary Guard Corps (IRGC). ]]> 2024-04-11T12:19:04+00:00 https://blog.knowbe4.com/water-facilities-compromised-iranian-threat-actors www.secnews.physaphae.fr/article.php?IdArticle=8479987 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks. It also specifically called out companies like NSO Group for developing commercial surveillance tools such as Pegasus that are used by state actors to pull off "individually targeted]]> 2024-04-11T12:14:00+00:00 https://thehackernews.com/2024/04/apple-expands-spyware-alert-system-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479812 False Tool,Threat,Commercial None 4.0000000000000000 Cisco - Security Firm Blog We\'re thrilled that our innovation in the security service edge space has earned us accolades. Learn how we beat out the competition.]]> 2024-04-11T12:00:46+00:00 https://feedpress.me/link/23535/16647644/cisco-secure-access-wins-global-security-service-edge-customer-value-leadership-award www.secnews.physaphae.fr/article.php?IdArticle=8479956 False None None 2.0000000000000000 Silicon - Site de News Francais 2024-04-11T11:57:29+00:00 https://www.silicon.fr/iphone-apple-accelere-la-fabrication-en-inde-477690.html www.secnews.physaphae.fr/article.php?IdArticle=8479963 False Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future 2024-04-11T11:46:49+00:00 https://therecord.media/lindy-cameron-ncsc-british-high-commissioner-india www.secnews.physaphae.fr/article.php?IdArticle=8479960 False None None 2.0000000000000000 TechRepublic - Security News US Find the best open-source password managers to keep your sensitive information secure and easily accessible. Explore top options for protecting your passwords.]]> 2024-04-11T11:16:01+00:00 https://www.techrepublic.com/article/best-open-source-password-manager/ www.secnews.physaphae.fr/article.php?IdArticle=8479957 False None None 3.0000000000000000 Silicon - Site de News Francais 2024-04-11T11:11:40+00:00 https://www.silicon.fr/chrome-enterprise-premium-google-recycle-zero-trust-477688.html www.secnews.physaphae.fr/article.php?IdArticle=8479964 False None None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Story of the Attack et ses Discovery: La sécurité de l'Internet mondial dépend d'innombrables éléments obscurs écrits et maintenus par des bénévoles encore plus obscurs non rémunérés, distractionibles et parfois vulnérables.C'est une situation intenable, et qui est exploitée par des acteurs malveillants.Pourtant, un peu précieux est fait pour y remédier ...

---

Last week, the internet dodged a major nation-state attack that would have had catastrophic cybersecurity repercussions worldwide. It\'s a catastrophe that didn\'t happen, so it won\'t get much attention—but it should. There\'s an important moral to the story of the attack and its discovery: The security of the global internet depends on countless obscure pieces of software written and maintained by even more obscure unpaid, distractible, and sometimes vulnerable volunteers. It\'s an untenable situation, and one that is being exploited by malicious actors. Yet precious little is being done to remedy it...]]> 2024-04-11T11:01:51+00:00 https://www.schneier.com/blog/archives/2024/04/backdoor-in-xz-utils-that-almost-happened.html www.secnews.physaphae.fr/article.php?IdArticle=8479929 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is investigating the recent breach of data analytics company Sisense, an incident that also impacted critical infrastructure organizations. [...]]]> 2024-04-11T10:55:04+00:00 https://www.bleepingcomputer.com/news/security/cisa-says-sisense-hack-impacts-critical-infrastructure-orgs/ www.secnews.physaphae.fr/article.php?IdArticle=8480129 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10. "An Improper Control of Generation of Code (\'Code Injection\') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to]]> 2024-04-11T10:53:00+00:00 https://thehackernews.com/2024/04/fortinet-has-released-patches-to.html www.secnews.physaphae.fr/article.php?IdArticle=8479787 False Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device. [...]]]> 2024-04-11T10:16:44+00:00 https://www.bleepingcomputer.com/news/security/apple-mercenary-spyware-attacks-target-iphone-users-in-92-countries/ www.secnews.physaphae.fr/article.php?IdArticle=8480058 False Mobile None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial MITRE Engenuity announced Wednesday that its Center for Threat-Informed Defense (Center) is releasing two new resources, Mappings Explorer... ]]> 2024-04-11T10:06:59+00:00 https://industrialcyber.co/threat-landscape/mitre-engenuitys-center-for-threat-informed-defense-expands-cybersecurity-community-resources/ www.secnews.physaphae.fr/article.php?IdArticle=8479899 False None None 4.0000000000000000 The State of Security - Magazine Américain What\'s going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to others via the dark web. So far, so normal. How did DragonForce come to prominence? DragonForce\'s earliest known ransomware attack was against the Ohio Lottery . In that case, DragonForce boasted it had...]]> 2024-04-11T10:00:55+00:00 https://www.tripwire.com/state-of-security/dragonforce-ransomware-what-you-need-know www.secnews.physaphae.fr/article.php?IdArticle=8480054 False Ransomware,Threat None 2.0000000000000000 SecurityWeek - Security News Palo Alto Networks corrige plusieurs vulnérabilités de haute sévérité, y compris celles qui permettent des attaques DOS contre ses pare-feu.

---

>Palo Alto Networks patches several high-severity vulnerabilities, including ones that allow DoS attacks against its firewalls. ]]> 2024-04-11T10:00:00+00:00 https://www.securityweek.com/palo-alto-networks-patches-vulnerabilities-allowing-firewall-disruption/ www.secnews.physaphae.fr/article.php?IdArticle=8479932 False Vulnerability None 2.0000000000000000 Global Security Mag - Site de news francais revues de produits

---

Genetec announces availability of Security Center SaaS Enterprise-grade SaaS solution gives organizations the freedom to choose the door controllers, cameras, and devices that work best for their business. - Product Reviews]]> 2024-04-11T09:52:16+00:00 https://www.globalsecuritymag.fr/genetec-announces-availability-of-security-center-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8479903 True Cloud None 2.0000000000000000 Amensty International - International Orgs What are the Apple threat notifications and how you can protect myself ]]> 2024-04-11T09:49:24+00:00 https://securitylab.amnesty.org/latest/2024/04/apple-threat-notifications-what-they-mean-and-what-you-can-do/ www.secnews.physaphae.fr/article.php?IdArticle=8479896 False Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Checkmarx warns of GitHub search result manipulation designed to promote malicious repositories]]> 2024-04-11T09:40:00+00:00 https://www.infosecurity-magazine.com/news/threat-actors-game-github-search/ www.secnews.physaphae.fr/article.php?IdArticle=8479900 False Malware,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-04-11T09:39:17+00:00 https://www.globalsecuritymag.fr/genetec-annonce-la-disponibilite-de-security-center-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8479904 False Cloud None 2.0000000000000000 Silicon - Site de News Francais 2024-04-11T09:35:03+00:00 https://www.silicon.fr/marche-du-pc-en-2024-vers-un-retour-au-business-de-lavant-covid-477686.html www.secnews.physaphae.fr/article.php?IdArticle=8479933 False None None 3.0000000000000000 Korben - Bloger francais 2024-04-11T09:22:24+00:00 https://korben.info/faille-critique-0day-noyaux-linux-chercheur-vole-travail.html www.secnews.physaphae.fr/article.php?IdArticle=8479901 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-04-11T09:11:46+00:00 https://www.globalsecuritymag.fr/kaspersky-et-cybermalveillance-alertent-les-particuliers-et-professionnels-sur.html www.secnews.physaphae.fr/article.php?IdArticle=8479905 False None None 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2024-04-11T09:08:07+00:00 https://www.globalsecuritymag.fr/securiser-les-jeux-d-ete-une-course-contre-les-cybermenaces.html www.secnews.physaphae.fr/article.php?IdArticle=8479906 False Threat None 3.0000000000000000 Silicon - Site de News Francais 2024-04-11T09:03:50+00:00 https://www.silicon.fr/autodev-developpement-logiciel-autonome-477672.html www.secnews.physaphae.fr/article.php?IdArticle=8479863 False None None 2.0000000000000000 Global Security Mag - Site de news francais Produits]]> 2024-04-11T08:57:36+00:00 https://www.globalsecuritymag.fr/gen-lance-norton-small-business.html www.secnews.physaphae.fr/article.php?IdArticle=8479871 False None None 3.0000000000000000 Korben - Bloger francais 2024-04-11T08:53:32+00:00 https://korben.info/jiatanssshagent-agent-ssh-fonctionnalites-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8479902 False None None 3.0000000000000000 Silicon - Site de News Francais 2024-04-11T08:51:56+00:00 https://www.silicon.fr/gaudi-3-ai-accelerator-intel-lance-sa-contre-offensive-face-a-nvidia-477677.html www.secnews.physaphae.fr/article.php?IdArticle=8479864 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine The number of publicly reported data breaches and leaks grew 90% in the first three months of the year]]> 2024-04-11T08:45:00+00:00 https://www.infosecurity-magazine.com/news/us-data-breach-surge-90-annually-q1/ www.secnews.physaphae.fr/article.php?IdArticle=8479868 False Data Breach None 3.0000000000000000 Global Security Mag - Site de news francais Investigations]]> 2024-04-11T08:42:40+00:00 https://www.globalsecuritymag.fr/la-periode-de-declaration-des-revenus-est-lancee-celle-des-cyber-escroqueries.html www.secnews.physaphae.fr/article.php?IdArticle=8479872 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité dévoiler l'énigme du cyber-bien-être: la navigation sur l'impact de l'épuisementGuru de sécurité .

---

As we delve deeper as an industry into the intersection of emotional well-being and cybersecurity, it has become more evident than ever before that workplace culture profoundly impacts cyber risk. It is critical we all recognise industry-specific challenges in a cyber-mature manner, so we can effectively support underserved sectors. It is important that we explore […] The post Unveiling the Cyber Well-Being Conundrum: Navigating Burnout\'s Impact on Charity and SME Cybersecurity first appeared on IT Security Guru. ]]> 2024-04-11T08:32:59+00:00 https://www.itsecurityguru.org/2024/04/11/unveiling-the-cyber-well-being-conundrum-navigating-burnouts-impact-on-charity-and-sme-cybersecurity/?utm_source=rss&utm_medium=rss&utm_campaign=unveiling-the-cyber-well-being-conundrum-navigating-burnouts-impact-on-charity-and-sme-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8479867 False None None 3.0000000000000000 Global Security Mag - Site de news francais Formations des Instituts privés et public]]> 2024-04-11T08:26:47+00:00 https://www.globalsecuritymag.fr/la-plateforme-grande-ecole-du-numerique-pour-tous-et-frojal-s-associent-pour.html www.secnews.physaphae.fr/article.php?IdArticle=8479873 False None None 3.0000000000000000 Securonix - Siem The Securonix Threat Research team takes a deep dive into this article in our knowledge sharing series on detecting DLL sideloading techniques found In recent real-world malware attack chains]]> 2024-04-11T08:00:24+00:00 https://www.securonix.com/blog/detecting-dll-sideloading-techniques-in-malware-attack-chains/ www.secnews.physaphae.fr/article.php?IdArticle=8480009 False Malware,Threat None 3.0000000000000000 Korben - Bloger francais 2024-04-11T07:34:40+00:00 https://korben.info/porno-prouver-age-carte-bancaire-bientot-obligatoire.html www.secnews.physaphae.fr/article.php?IdArticle=8479869 False Legislation None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial The U.S. Cybersecurity and Infrastructure Security Agency (CISA) launched on Wednesday a new version of its malware analysis... ]]> 2024-04-11T07:32:16+00:00 https://industrialcyber.co/cisa/cisa-introduces-malware-next-gen-analysis-system-with-improved-scalability-threat-hunting-capabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8479837 False Malware,Threat None 3.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2024-04-11T07:19:32+00:00 https://www.globalsecuritymag.fr/antoine-vastel-datadome-la-billetterie-du-psg-a-ete-victime-d-une-cyberattaque.html www.secnews.physaphae.fr/article.php?IdArticle=8479838 False None None 3.0000000000000000 Global Security Mag - Site de news francais Formations des Instituts privés et public]]> 2024-04-11T07:13:47+00:00 https://www.globalsecuritymag.fr/l-ecole-89-lance-un-bachelor-en-cybersecurite.html www.secnews.physaphae.fr/article.php?IdArticle=8479839 False None None 3.0000000000000000 Korben - Bloger francais 2024-04-11T07:00:00+00:00 https://korben.info/code-source-jeu-culte-fps-area-51-devoile-fans-projet-resurrection.html www.secnews.physaphae.fr/article.php?IdArticle=8479870 False None None 3.0000000000000000 ProofPoint - Cyber Firms 2024-04-11T06:23:43+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/faqs-2024-state-phish-report-part-1-threat-landscape www.secnews.physaphae.fr/article.php?IdArticle=8480017 False Ransomware,Malware,Tool,Threat,Cloud,Technical None 3.0000000000000000 AhnLab - Korean Security Firm Ahnlab Security Intelligence Center (ASEC) a récemment découvert que le Metasploit Meterpreter Backdoor a été installé via le service Redis.Redis est une abréviation du serveur de dictionnaire distant, qui est un stockage de structure de données en mémoire open source qui est également utilisé comme base de données.Il est présumé que les acteurs de la menace ont abusé des paramètres inappropriés ou exécuté des commandes par le biais d'attaques de vulnérabilité.Redis est utilisé à diverses fins, les principaux étant la gestion de session, le courtier de messages et les files d'attente.Autant de systèmes partout ...

---

AhnLab SEcurity intelligence Center (ASEC) recently discovered that the Metasploit Meterpreter backdoor has been installed via the Redis service. Redis is an abbreviation of Remote Dictionary Server, which is an open-source in-memory data structure storage that is also used as a database. It is presumed that the threat actors abused inappropriate settings or ran commands through vulnerability attacks. Redis is used for various purposes with the main ones being session management, message broker, and queues. As many systems all over... ]]> 2024-04-11T00:36:25+00:00 https://asec.ahnlab.com/en/64034/ www.secnews.physaphae.fr/article.php?IdArticle=8479670 False Vulnerability,Threat None 3.0000000000000000