www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T08:13:02+00:00 www.secnews.physaphae.fr GB Hacker - Blog de reverseur Acteurs de menace attaquant les citoyens américains via une attaque d'ingénierie sociale Threat Actors Attacking U.S. Citizens Via Social Engineering Attack Alors que le jour de l'impôt le 15 avril approche, une menace alarmante de cybersécurité est devenue ciblant les citoyens américains, selon un rapport détaillé de Seqrite Labs. Les chercheurs en sécurité ont découvert une campagne malveillante exploitant la saison fiscale grâce à des tactiques sophistiquées d'ingénierie sociale, principalement des attaques de phishing. Ces cybercriminels déploient des e-mails trompeurs et des pièces jointes malveillantes pour voler une sensible […]

>As Tax Day on April 15 approaches, a alarming cybersecurity threat has emerged targeting U.S. citizens, according to a detailed report from Seqrite Labs. Security researchers have uncovered a malicious campaign exploiting the tax season through sophisticated social engineering tactics, primarily phishing attacks. These cybercriminals are deploying deceptive emails and malicious attachments to steal sensitive […] ]]> 2025-05-04T06:15:00+00:00 https://gbhackers.com/threat-actors-attacking-u-s-citizens/ www.secnews.physaphae.fr/article.php?IdArticle=8671324 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Construire un écosystème de fabrication de cyber-résilients au milieu des attaques contradictoires croissantes, des contraintes de chaîne d'approvisionnement, un écart de talents Building cyber-resilient manufacturing ecosystem amid rising adversarial attacks, supply chain constraints, talent gap Amid the changing cyber threat landscape, the manufacturing industry is dealing with increasing hostile threats and attacks. Ransomware,... ]]> 2025-05-04T05:16:12+00:00 https://industrialcyber.co/features/building-cyber-resilient-manufacturing-ecosystem-amid-rising-adversarial-attacks-supply-chain-constraints-talent-gap/ www.secnews.physaphae.fr/article.php?IdArticle=8671305 False Ransomware,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Terrastealer Strikes: Browser Creasenal TerraStealer Strikes: Browser Credential & Sensitive‑Data Heists on the Rise Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious financially motivated threat actor Golden Chickens, also known as Venom Spider. Active between January and April 2025, these tools signal a persistent evolution in the group\'s Malware-as-a-Service (MaaS) platform, which has long been exploited by elite cybercrime syndicates like FIN6, […] ]]> 2025-05-04T05:15:00+00:00 https://gbhackers.com/terrastealer-strikes-browser-credential-sensitive%e2%80%91data/ www.secnews.physaphae.fr/article.php?IdArticle=8671306 False Malware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les logiciels malveillants de MintSloader utilisent des techniques d'évasion de bac à sable et de machine virtuelle MintsLoader Malware Uses Sandbox and Virtual Machine Evasion Techniques MintSloader, un chargeur malveillant observé pour la première fois en 2024, est devenu un formidable outil dans l'arsenal de plusieurs acteurs de menace, y compris les groupes notoires TAG-124 (Landupdate808) et Socgholish. Ce malware, identifié dans les campagnes de téléchargement de phishing et de téléchargement, utilise des techniques d'évasion avancées pour contourner les mesures de sécurité traditionnelles, ce qui en fait un défi persistant pour les défenseurs. MintSloader \\ 's […]

>MintsLoader, a malicious loader first observed in 2024, has emerged as a formidable tool in the arsenal of multiple threat actors, including the notorious TAG-124 (LandUpdate808) and SocGholish groups. This malware, identified in phishing and drive-by download campaigns, employs advanced evasion techniques to bypass traditional security measures, making it a persistent challenge for defenders. MintsLoader\'s […] ]]> 2025-05-04T02:15:00+00:00 https://gbhackers.com/mintsloader-malware-uses-sandbox-and-virtual-machine/ www.secnews.physaphae.fr/article.php?IdArticle=8671253 False Malware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les acteurs de la menace utilisent des attaques AITM avec des procurations inverses pour contourner le MFA Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA Les cybercriminels intensifient leurs efforts pour compromettre l'authentification multi-facteurs (MFA) par l'adversaire dans les attaques de milieu (AITM), en tirant parti des procurations inverses pour intercepter les données sensibles. À mesure que les tactiques de phishing deviennent plus avancées, les défenses traditionnelles comme les filtres à spam et la formation des utilisateurs s'avèrent insuffisantes. Les attaquants déploient des procurations inverses en tant que serveurs intermédiaires pour transmettre le trafic des victimes vers des sites Web légitimes, créant une illusion […]

>Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging reverse proxies to intercept sensitive data. As phishing tactics grow more advanced, traditional defenses like spam filters and user training are proving insufficient. Attackers deploy reverse proxies as intermediary servers to forward victim traffic to legitimate websites, creating an illusion […] ]]> 2025-05-04T01:15:00+00:00 https://gbhackers.com/threat-actors-use-aitm-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8671235 False Spam,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les acteurs de la menace ciblent l'infrastructure nationale critique avec de nouveaux logiciels malveillants et outils Threat Actors Target Critical National Infrastructure with New Malware and Tools Une récente enquête de l'équipe de réponse aux incidents de Fortiguard (FGIR) a découvert une cyber-intrusion sophistiquée et à long terme ciblant les infrastructures nationales critiques (CNI) au Moyen-Orient, attribuées à un groupe de menaces parrainé par l'État iranien. S'étendant de mai 2023 à février 2025, avec des preuves de compromis datant de mai 2021, cette campagne axée sur l'espionnage utilisée […]

>A recent investigation by the FortiGuard Incident Response (FGIR) team has uncovered a sophisticated, long-term cyber intrusion targeting critical national infrastructure (CNI) in the Middle East, attributed to an Iranian state-sponsored threat group. Spanning from at least May 2023 to February 2025, with evidence of compromise dating back to May 2021, this espionage-driven campaign employed […] ]]> 2025-05-04T00:04:00+00:00 https://gbhackers.com/threat-actors-target-critical-national-infrastructure/ www.secnews.physaphae.fr/article.php?IdArticle=8671215 False Malware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur New Stealc V2 Cibles Cibles Microsoft Packages d'installation et scripts PowerShell New StealC V2 Upgrade Targets Microsoft Installer Packages and PowerShell Scripts Stealc, un voleur d'informations notoire et un téléchargeur de logiciels malveillants vendus pour la première fois en janvier 2023, a déployé sa version 2 (v2) en mars 2025 avec des améliorations sophistiquées. Cette dernière itération introduit une gamme de nouvelles capacités, en se concentrant sur les méthodes de livraison de charge utile avancées qui incluent les packages d'installation de logiciels Microsoft (MSI) et les scripts PowerShell aux côtés de l'exécutable traditionnel (EXE) […]

>StealC, a notorious information stealer and malware downloader first sold in January 2023, has rolled out its version 2 (V2) in March 2025 with sophisticated enhancements. This latest iteration introduces a range of new capabilities, focusing on advanced payload delivery methods that include Microsoft Software Installer (MSI) packages and PowerShell scripts alongside traditional executable (EXE) […] ]]> 2025-05-03T23:03:56+00:00 https://gbhackers.com/new-stealc-v2-upgrade-targets-microsoft-installer-packages/ www.secnews.physaphae.fr/article.php?IdArticle=8671197 False Malware None 3.0000000000000000 GB Hacker - Blog de reverseur Des escroqueries basées sur l'abonnement ciblant les utilisateurs pour voler les informations de carte de crédit Subscription-Based Scams Targeting Users to Steal Credit Card Information Les chercheurs en cybersécurité de Bitdefender ont identifié une augmentation significative des escroqueries par abonnement, caractérisées par un niveau de sophistication et d'échelle sans précédent. Ces opérations frauduleuses, impliquant plus de 200 sites Web méticuleusement conçues, sont conçus pour tromper les utilisateurs pour divulguer des informations de carte de crédit sensibles grâce à des schémas de paiement récurrents. Contrairement aux tentatives de phishing traditionnelles avec des drapeaux rouges évidents, ces escroqueries […]

>Cybersecurity researchers at Bitdefender have identified a significant uptick in subscription-based scams, characterized by an unprecedented level of sophistication and scale. These fraudulent operations, involving over 200 meticulously crafted websites, are designed to deceive users into divulging sensitive credit card information through recurring payment schemes. Unlike traditional phishing attempts with obvious red flags, these scams […] ]]> 2025-05-03T22:03:43+00:00 https://gbhackers.com/subscription-based-scams-targeting-users/ www.secnews.physaphae.fr/article.php?IdArticle=8671177 False None None 2.0000000000000000 HackRead - Chercher Cyber Watchtowr met en garde contre l'exploitation active des appareils Sonicwall SMA 100 watchTowr Warns of Active Exploitation of SonicWall SMA 100 Devices watchTowr reveals active exploitation of SonicWall SMA 100 vulnerabilities (CVE-2024-38475 & CVE-2023-44221) potentially leading to full system takeover…]]> 2025-05-03T21:26:53+00:00 https://hackread.com/watchtowr-exploits-target-sonicwall-sma-100-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8671178 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les modules de go malveillants fournissent des logiciels malveillants Linux à l'attribution du disque dans une attaque de chaîne d'approvisionnement avancée Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack Cybersecurity researchers have discovered three malicious Go modules that include obfuscated code to fetch next-stage payloads that can irrevocably overwrite a Linux system\'s primary disk and render it unbootable. The names of the packages are listed below - github[.]com/truthfulpharm/prototransform github[.]com/blankloggia/go-mcp github[.]com/steelpoor/tlsproxy "Despite appearing legitimate,]]> 2025-05-03T20:01:00+00:00 https://thehackernews.com/2025/05/malicious-go-modules-deliver-disk.html www.secnews.physaphae.fr/article.php?IdArticle=8671070 False Malware None 3.0000000000000000 HackRead - Chercher Cyber Des milliards de dispositifs Apple en danger des vulnérabilités aérodynamiques «aéroportées» Billions of Apple Devices at Risk from “AirBorne” AirPlay Vulnerabilities Oligo Security uncovers “AirBorne,” a set of 23 vulnerabilities in Apple AirPlay affecting billions of devices. Learn how…]]> 2025-05-03T18:42:58+00:00 https://hackread.com/apple-devices-risk-airborne-airplay-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8671124 False Vulnerability None 3.0000000000000000 GB Hacker - Blog de reverseur RansomHub tape Socgholish: Webdav & SCF exploite les références en carburant RansomHub Taps SocGholish: WebDAV & SCF Exploits Fuel Credential Heists SocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish to compromise networks through fake browser updates and JavaScript-based attacks on vulnerable CMS platforms like […] ]]> 2025-05-03T16:41:08+00:00 https://gbhackers.com/webdav-scf-exploits-fuel-credential-heists/ www.secnews.physaphae.fr/article.php?IdArticle=8671088 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les pirates d'armement des modules GO pour livrer des logiciels malveillants en disque, provoquant une perte de données massive Hackers Weaponize Go Modules to Deliver Disk‑Wiping Malware, Causing Massive Data Loss Les chercheurs en cybersécurité ont découvert une attaque sophistiquée de la chaîne d'approvisionnement ciblant l'écosystème du langage de programmation Go en avril 2025. Les pirates ont armé trois go malveillantsmodules-github [.] com / véritablepharm / prototransform, github [.] com /BLANKLOGGIA / GO-MCP, et github [.] com / Steelpoor / tlsproxy-pour déployer des logiciels malveillants dévastateurs de disque dévastateur. Tirant l'extraction de la nature décentralisée du système de modules de Go \\, où les développeurs importent directement les dépendances à partir de référentiels publics comme GitHub Sans Centralize Gatekeeping, les attaquants exploitent l'espace de noms […]

>Cybersecurity researchers uncovered a sophisticated supply chain attack targeting the Go programming language ecosystem in April 2025. Hackers have weaponized three malicious Go modules-github[.]com/truthfulpharm/prototransform, github[.]com/blankloggia/go-mcp, and github[.]com/steelpoor/tlsproxy-to deploy devastating disk-wiping malware. Leveraging the decentralized nature of Go\'s module system, where developers directly import dependencies from public repositories like GitHub sans centralized gatekeeping, attackers exploit namespace […] ]]> 2025-05-03T16:39:43+00:00 https://gbhackers.com/hackers-weaponize-go-modules-to-deliver-disk%e2%80%91wiping-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8671089 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates iraniens maintiennent un accès à 2 ans au Moyen-Orient CNI via des défauts VPN et des logiciels malveillants Iranian Hackers Maintain 2-Year Access to Middle East CNI via VPN Flaws and Malware An Iranian state-sponsored threat group has been attributed to a long-term cyber intrusion aimed at a critical national infrastructure (CNI) in the Middle East that lasted nearly two years. The activity, which lasted from at least May 2023 to February 2025, entailed "extensive espionage operations and suspected network prepositioning – a tactic often used to maintain persistent access for future]]> 2025-05-03T15:03:00+00:00 https://thehackernews.com/2025/05/iranian-hackers-maintain-2-year-access.html www.secnews.physaphae.fr/article.php?IdArticle=8670979 False Malware,Threat None 3.0000000000000000 HackRead - Chercher Cyber E-mails de phishing usurpulsant les informations de carte de crédit Qantas Target Phishing Emails Impersonating Qantas Target Credit Card Info Fake Qantas emails in a sophisticated phishing scam steal credit card and personal info from Australians, bypassing major…]]> 2025-05-03T14:42:13+00:00 https://hackread.com/phishing-emails-impersonate-qantas-credit-card-info/ www.secnews.physaphae.fr/article.php?IdArticle=8671052 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les États-Unis facturent un pirate yéménite derrière le ransomware du Royaume noir ciblant 1 500 systèmes U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems The U.S. Department of Justice (DoJ) on Thursday announced charges against a 36-year-old Yemeni national for allegedly deploying the Black Kingdom ransomware against global targets, including businesses, schools, and hospitals in the United States. Rami Khaled Ahmed of Sana\'a, Yemen, has been charged with one count of conspiracy, one count of intentional damage to a protected computer, and one]]> 2025-05-03T12:36:00+00:00 https://thehackernews.com/2025/05/us-charges-yemeni-hacker-behind-black.html www.secnews.physaphae.fr/article.php?IdArticle=8670925 False Ransomware None 3.0000000000000000 Wired Threat Level - Security News Hacking Spree frappe les géants de la vente au détail au Royaume-Uni Hacking Spree Hits UK Retail Giants Plus: France blames Russia for a series of cyberattacks, the US is taking steps to crack down on a gray market allegedly used by scammers, and Microsoft pushes the password one step closer to death.]]> 2025-05-03T10:30:00+00:00 https://www.wired.com/story/hacking-spree-hits-uk-retail-giants/ www.secnews.physaphae.fr/article.php?IdArticle=8670980 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft termine l'authentificateur Mot de passe automatique, déplace les utilisateurs vers le bord Microsoft ends Authenticator password autofill, moves users to Edge Microsoft has announced that it will discontinue the password storage and autofill feature in the Authenticator app starting in July and will complete the deprecation in August 2025. [...]]]> 2025-05-03T10:16:26+00:00 https://www.bleepingcomputer.com/news/security/microsoft-ends-authenticator-password-autofill-moves-users-to-edge/ www.secnews.physaphae.fr/article.php?IdArticle=8671176 False None None 2.0000000000000000 Wired Threat Level - Security News L'Android Show, Rad Power \\'s New Edve The Android Show, Rad Power\\'s New Ebikes, and Yale\\'s ADT Smart Lock-Your Gear News of the Week Plus: Philips Norelco has an AI-powered shaver, and Wiz\'s Sync Box is an affordable synced lighting alternative for your TV.]]> 2025-05-03T10:00:00+00:00 https://www.wired.com/story/the-android-show-rad-powers-new-ebikes-and-yales-adt-smart-lock-your-gear-news-of-the-week/ www.secnews.physaphae.fr/article.php?IdArticle=8670959 False Mobile None 3.0000000000000000 Zataz - Magazine Francais de secu Le récap\' de la semaine du 3 mai 2025 2025-05-03T09:43:47+00:00 https://www.zataz.com/le-recap-de-la-semaine-du-3-mai-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8670961 False None None 3.0000000000000000 HexaCorn - Blog de recherche Minority (Forensic) Report aka défendre l'avant sans piratage Minority (forensic) report aka defending forward w/o hacking back Continuer la lecture →

We love to put a wedge between the detection and response. Many of us kinda agree that telemetry analysis is one thing and the actual forensic examination of the evidence is another. However… In this post I will try to … Continue reading →]]> 2025-05-02T23:28:40+00:00 https://www.hexacorn.com/blog/2025/05/02/minority-forensic-report-aka-defending-forward-w-o-hacking-back/ www.secnews.physaphae.fr/article.php?IdArticle=8670800 False None APT 24 3.0000000000000000 GB Hacker - Blog de reverseur Des centaines de sociétés du Fortune 500 ont inconsciemment employé des agents informatiques nord-coréens Hundreds of Fortune 500 Companies Have Unknowingly Employed North Korean IT Operatives Les ressortissants nord-coréens ont réussi à infiltrer les rangs des employés des grandes sociétés mondiales à une échelle précédemment sous-estimée, créant une menace omniprésente pour l'infrastructure informatique et les données sensibles dans le monde. Les experts en sécurité ont révélé lors de la conférence RSAC 2025 que l'infiltration étend dans pratiquement toutes les grandes sociétés, avec des centaines de sociétés du Fortune 500 employant sans le savoir le nord […]

>North Korean nationals have successfully infiltrated the employee ranks of major global corporations at a scale previously underestimated, creating a pervasive threat to IT infrastructure and sensitive data worldwide. Security experts revealed at the RSAC 2025 Conference that the infiltration extends across virtually every major corporation, with hundreds of Fortune 500 companies unknowingly employing North […] ]]> 2025-05-02T22:10:00+00:00 https://gbhackers.com/hundreds-of-fortune-500-companies-have-unknowingly-employed-north-korean-it-operatives/ www.secnews.physaphae.fr/article.php?IdArticle=8670783 False Threat,Conference None 3.0000000000000000 GB Hacker - Blog de reverseur Hacktivisme parrainé par l'État en augmentation, transformant le paysage cyber-menace State-Sponsored Hacktivism on the Rise, Transforming the Cyber Threat Landscape Le paysage mondial de la cybersécurité subit une transformation significative, car le hacktivisme parrainé par l'État gagne du traction au milieu des conflits en cours. En 2024, ForeScout Technologies Inc. a documenté 780 attaques hacktivistes, menée principalement par quatre groupes opérant sur des côtés opposés de la Russie-Ukraine et des conflits israéliens-palestine: Blackjack, Handala Group, Indian Cyber Force et NonAME057 (16). Infrastructures critiques, y compris le gouvernement, l'armée, le transport, la logistique, […]

>Global cybersecurity landscape is undergoing a significant transformation, as state-sponsored hacktivism gains traction amid ongoing conflicts. In 2024, Forescout Technologies Inc. documented 780 hacktivist attacks, predominantly conducted by four groups operating on opposite sides of the Russia-Ukraine and Israel-Palestine conflicts: BlackJack, Handala Group, Indian Cyber Force, and NoName057(16). Critical infrastructure, including government, military, transportation, logistics, […] ]]> 2025-05-02T21:50:00+00:00 https://gbhackers.com/state-sponsored-hacktivism-on-the-rise-transforming-the-cyber-threat-landscape/ www.secnews.physaphae.fr/article.php?IdArticle=8670761 False Threat None 3.0000000000000000 GB Hacker - Blog de reverseur La porte dérobée de nouveaux nœuds furtifs infecte les utilisateurs par le biais de CAPTCHA Vérifications Stealthy New NodeJS Backdoor Infects Users Through CAPTCHA Verifications Les chercheurs en sécurité ont découvert une campagne de logiciels malveillants sophistiquée en utilisant de faux écrans de vérification CAPTCHA pour déployer une porte arrière furtive de Nodejs. L'attaque, qui fait partie de la campagne plus large de Kongtuke, exploite des sites Web compromis pour distribuer un JavaScript malveillant qui déploie finalement des chevaux de Troie (rats) à accès à distance avancé capables de tunnel le trafic via des proxys de chaussettes5 avec un cryptage basé sur XOR. Les chercheurs de Spiderlabs notent […]

>Security researchers have uncovered a sophisticated malware campaign utilizing fake CAPTCHA verification screens to deploy a stealthy NodeJS backdoor. The attack, part of the broader KongTuke campaign, leverages compromised websites to distribute malicious JavaScript that ultimately deploys advanced remote access trojans (RATs) capable of tunneling traffic through SOCKS5 proxies with XOR-based encryption. SpiderLabs researchers note […] ]]> 2025-05-02T21:50:00+00:00 https://gbhackers.com/stealthy-new-nodejs-backdoor-infects-users-through-captcha-verifications/ www.secnews.physaphae.fr/article.php?IdArticle=8670760 False Malware None 3.0000000000000000 GB Hacker - Blog de reverseur Nvidia Riva Ai Speech Flaw Laissez les pirates accéder à un accès non autorisé aux abus GPU Resources & API Keys NVIDIA Riva AI Speech Flaw Let Hackers Gain Unauthorized Access to Abuse GPU Resources & API keys Researchers have uncovered significant security vulnerabilities in NVIDIA Riva, a breakthrough AI speech technology platform used for transcription, voice assistants, and conversational AI. The flaws, now formally recognized as CVE-2025-23242 and CVE-2025-23243, expose enterprise users to potential unauthorized access and resource theft. These vulnerabilities stemmed from exposed API endpoints that operated without proper authentication safeguards, […] ]]> 2025-05-02T21:30:00+00:00 https://gbhackers.com/security-flaws-discovered-in-nvidia-riva-ai-speech-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8670762 False Vulnerability None 3.0000000000000000 GB Hacker - Blog de reverseur Surge de logiciels malveillants en tsunami: mélange des mineurs et des voleurs d'identification dans des attaques actives Tsunami Malware Surge: Blending Miners and Credential Stealers in Active Attacks Les chercheurs en sécurité ont récemment découvert une opération de logiciels malveillants sophistiquée appelée «tsunami-camework» qui combine le vol d'identification, l'exploitation de crypto-monnaie et les capacités potentielles de botnet. Le cadre utilise des techniques d'évasion avancées pour contourner les mesures de sécurité et maintenir un accès persistant aux systèmes infectés. L'analyse du cadre indique qu'il peut toujours être en phases de test, mais démontre déjà en ce qui concerne […]

>Security researchers have recently discovered a sophisticated malware operation called the “Tsunami-Framework” that combines credential theft, cryptocurrency mining, and potential botnet capabilities. The framework employs advanced evasion techniques to bypass security measures and maintain persistent access to infected systems. Analysis of the framework indicates it may still be in testing phases, but already demonstrates concerning […] ]]> 2025-05-02T21:10:00+00:00 https://gbhackers.com/tsunami-malware-surge-blending-miners-and-credential-stealers-in-active-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8670763 False Malware None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Vendredi Squid Blogging: Squid de pyjama Friday Squid Blogging: Pyjama Squid 2025-05-02T21:02:18+00:00 https://www.schneier.com/blog/archives/2025/05/friday-squid-blogging-pyjama-squid.html www.secnews.physaphae.fr/article.php?IdArticle=8670738 False None None 3.0000000000000000 TroyHunt - Blog Security Éditorial: Censing à l'entreprise scientifique, une subvention à la fois Editorial: Censoring the scientific enterprise, one grant at a time Recent grant terminations are a symptom of a widespread attack on science.]]> 2025-05-02T21:00:56+00:00 https://arstechnica.com/science/2025/05/editorial-censoring-the-scientific-enterprise-one-grant-at-a-time/ www.secnews.physaphae.fr/article.php?IdArticle=8670780 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Les réseaux Amazon, Crowdsstrike, Google et Palo Alto ne prétendent aucun changement pour menacer le partage d'informations sous Trump Amazon, CrowdStrike, Google and Palo Alto Networks claim no change to threat intel sharing under Trump Les principaux leaders de la sécurité de certains des plus grands fournisseurs de technologies et de cybersécurité ont déclaré que le travail collaboratif public-privé se poursuit, malgré les coupes budgétaires et les changements de personnel.

>Top security leaders at some of the largest tech and cybersecurity vendors said public-private collaborative work continues, despite budget cuts and personnel changes. ]]> 2025-05-02T20:50:09+00:00 https://cyberscoop.com/public-private-threat-intel-sharing-trump-admin/ www.secnews.physaphae.fr/article.php?IdArticle=8670737 False Threat None 3.0000000000000000 GB Hacker - Blog de reverseur L'épée à double tranchant de l'IA en cybersécurité: menaces, défenses et le rapport Dark Web Insights 2025 The Double-Edged Sword of AI in Cybersecurity: Threats, Defenses & the Dark Web Insights Report 2025 Check Point Research’s latest AI Security Report 2025 reveals a rapidly evolving cybersecurity landscape where artificial intelligence simultaneously presents unprecedented threats and defensive capabilities. The comprehensive investigation, which included dark web surveillance and insights from Check Point’s GenAI Protect platform, uncovers how AI technologies are being weaponized by threat actors while also enhancing security researchers’ […] ]]> 2025-05-02T20:50:00+00:00 https://gbhackers.com/the-double-edged-sword-of-ai-in-cybersecurity-threats-defenses-the-dark-web-insights-report-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8670739 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Les détaillants britanniques sous le choc des attaques de ransomwares probables UK Retailers Reeling From Likely Ransomware Attacks A series of cyberattacks have struck multiple major British retailers in recent weeks, and a ransomware gang has reportedly claimed responsibility.]]> 2025-05-02T20:36:07+00:00 https://www.darkreading.com/cyberattacks-data-breaches/uk-retailers-reeling-ransomware-attacks www.secnews.physaphae.fr/article.php?IdArticle=8670735 False Ransomware None 3.0000000000000000 GB Hacker - Blog de reverseur Les pirates exploitent un nouvel outil offensif Pyramid Eye avec Python pour lancer des cyberattaques Hackers Exploit New Eye Pyramid Offensive Tool With Python to Launch Cyber Attacks Les chercheurs en sécurité d'IntriNEC ont publié une analyse complète révélant des chevauchements importants de l'infrastructure entre plusieurs opérations de ransomwares et l'outil offensif open source, la pyramide pour les yeux. Leur enquête, qui a commencé par examiner une porte dérobée Python utilisée par le groupe RansomHub Ransomware, a découvert un réseau de serveurs interconnectés de commandement et de contrôle (C2), de fournisseurs d'hébergement à l'épreuve des balles et de plateaux d'outils partagés alimentés […]

>Security researchers from Intrinsec have published a comprehensive analysis revealing significant overlaps in infrastructure between multiple ransomware operations and the open-source offensive tool, Eye Pyramid. Their investigation, which began by examining a Python backdoor used by the RansomHub ransomware group, uncovered a network of interconnected command-and-control (C2) servers, bulletproof hosting providers, and shared toolsets fueling […] ]]> 2025-05-02T20:30:00+00:00 https://gbhackers.com/hackers-exploit-new-eye-pyramid-offensive-tool/ www.secnews.physaphae.fr/article.php?IdArticle=8670740 False Ransomware,Tool,Threat None 3.0000000000000000 GB Hacker - Blog de reverseur Les pirates exploitent les vulnérabilités critiques de Nodejs aux agents de Jenkins de détournement pour RCE Hackers Exploit Critical NodeJS Vulnerabilities to Hijack Jenkins Agents for RCE Les chercheurs en sécurité ont identifié des vulnérabilités critiques dans l'infrastructure Node.js CI / CD, exposant des agents de Jenkins internes à l'exécution du code distant et augmentant le risque d'attaques de la chaîne d'approvisionnement. Ces défauts provenaient des lacunes d'intégration et de communication entre plusieurs plates-formes DevOps, des applications GitHub spécifiquement, des flux de travail GitHub Actions et des pipelines Jenkins - qui gèrent collectivement les processus d'intégration continue Node.js \\ '. Exploit […]

>Security researchers have identified critical vulnerabilities in the Node.js CI/CD infrastructure, exposing internal Jenkins agents to remote code execution and raising the risk of supply chain attacks. These flaws stemmed from the integration and communication gaps between multiple DevOps platforms-specifically GitHub Apps, GitHub Actions workflows, and Jenkins pipelines-that collectively manage Node.js\' continuous integration processes. Exploiting […] ]]> 2025-05-02T20:10:00+00:00 https://gbhackers.com/hackers-exploit-critical-nodejs-vulnerabilities-to-hijack-jenkins-agents-for-rce/ www.secnews.physaphae.fr/article.php?IdArticle=8670741 False Vulnerability,Threat None 3.0000000000000000 Dark Reading - Informationweek Branch Ce que les règles du NYDFS signifient pour les entreprises (à l'intérieur et à l'extérieur de NY) What NYDFS Rules Mean for Businesses (Inside & Outside of NY) Starting this month, finance companies operating in New York must implement a variety of protections against unauthorized access to IT systems.]]> 2025-05-02T19:59:23+00:00 https://www.darkreading.com/cybersecurity-operations/nydfs-rules-businesses-ny www.secnews.physaphae.fr/article.php?IdArticle=8670736 False None None 3.0000000000000000 GB Hacker - Blog de reverseur Nouvelles techniques d'attaque basées sur MCP et leur application dans la construction d'outils de sécurité avancés New MCP-Based Attack Techniques and Their Application in Building Advanced Security Tools MCP, développé par anthropic, permet aux modèles de grande langue (LLM) de s'interfacer de manière transparente avec des outils externes, permettant la création de systèmes d'IA agentiques qui peuvent effectuer de manière autonome des tâches complexes. Alors que les organisations intègrent de plus en plus MCP, de nouvelles techniques d'attaque ont émergé, soulignant l'importance des contrôles de sécurité robustes et des stratégies défensives innovantes. Manipulation de l'outil MCP et injection rapide […]

>MCP, developed by Anthropic, allows Large Language Models (LLMs) to interface seamlessly with external tools, enabling the creation of agentic AI systems that can autonomously perform complex tasks. As organizations increasingly integrate MCP, new attack techniques have emerged, highlighting the importance of robust security controls and innovative defensive strategies. MCP Tool Manipulation and Prompt Injection […] ]]> 2025-05-02T19:50:00+00:00 https://gbhackers.com/new-mcp-based-attack-techniques/ www.secnews.physaphae.fr/article.php?IdArticle=8670714 False Tool None 3.0000000000000000 GB Hacker - Blog de reverseur Cyberattack cible les détaillants britanniques emblématiques Harrods Cyberattack Targets Iconic UK Retailer Harrods Le grand magasin de luxe Harrods est devenu le dernier détaillant britannique à faire face à une cyberattaque, rejoignant Marks & Spencer (M&S) et la coopérative dans une vague d'incidents exposant des vulnérabilités dans le secteur du commerce de détail. Alors que le magasin phare et la plate-forme en ligne Harrods \\ 'sont restés opérationnels, la violation a incité un accès Internet restreint à ses emplacements physiques en tant qu'équipes de cybersécurité […]

>Luxury department store Harrods has become the latest UK retailer to face a cyberattack, joining Marks & Spencer (M&S) and the Co-op in a wave of incidents exposing vulnerabilities across the retail sector. While Harrods\' flagship store and online platform remained operational, the breach prompted restricted internet access across its physical locations as cybersecurity teams […] ]]> 2025-05-02T19:20:00+00:00 https://gbhackers.com/uk-retailer-harrods-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8670715 False Vulnerability None 3.0000000000000000 GB Hacker - Blog de reverseur Les pirates de mantes nébuleux ont déployé le Romcom Rat à l'échelle mondiale, ciblant les organisations. Nebulous Mantis hackers have Deployed the RomCom RAT globally, Targeting organizations. Nebulous Mantis, également connu sous le nom de Cuba, Storm-0978, Tropical Scorpius et UNC2596, est un groupe de cyber-espionnage russe qui déploie activement le Troie (rat) à distance ROMCOM (rat) dans les campagnes ciblées depuis la mi-2019. Le groupe se concentre principalement sur les infrastructures critiques, les agences gouvernementales, les dirigeants politiques et les organisations liées à l'OTAN. Leurs opérations sont caractérisées par le […]

>Nebulous Mantis, also known as Cuba, STORM-0978, Tropical Scorpius, and UNC2596, is a Russian-speaking cyber espionage group that has been actively deploying the RomCom remote access trojan (RAT) in targeted campaigns since mid-2019. The group primarily focuses on critical infrastructure, government agencies, political leaders, and organizations related to NATO. Their operations are characterized by the […] ]]> 2025-05-02T19:06:30+00:00 https://gbhackers.com/nebulous-mantis-hackers-have-deployed-the-romcom-rat-globally-targeting-organizations/ www.secnews.physaphae.fr/article.php?IdArticle=8670691 False None None 3.0000000000000000 GB Hacker - Blog de reverseur Pourquoi les CISO adoptent des DevSecops pour le développement de logiciels sécurisés Why CISOs Are Adopting DevSecOps for Secure Software Development Les cisos adoptant les DevSecops améliorent stratégiquement les mesures de sécurité tout en garantissant le développement de logiciels à rythme rapide, en répondant au paysage croissant des cyber-menaces. L'intégration des pratiques de sécurité tout au long du cycle de vie du développement est essentielle pour les organisations qui cherchent à réduire les vulnérabilités sans sacrifier la vitesse d'innovation. L'impératif DevseCops DevseCops s'appuie sur la Fondation DevOps en intégrant directement les pratiques de sécurité dans […]

>CISOs adopting DevSecOps strategically enhance security measures while ensuring fast-paced software development, responding to the growing landscape of cyber threats. Integrating security practices throughout the entire development lifecycle is critical for organizations seeking to reduce vulnerabilities without sacrificing innovation speed. The DevSecOps Imperative DevSecOps builds upon the DevOps foundation by embedding security practices directly into […] ]]> 2025-05-02T19:04:06+00:00 https://gbhackers.com/cisos-adopting-devsecops/ www.secnews.physaphae.fr/article.php?IdArticle=8670692 False Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future Les États-Unis inculpent l'homme yéménite dans les attaques de ransomware du royaume noir US indicts Yemeni man in Black Kingdom ransomware attacks The U.S. Attorney\'s Office for the Central District of California announced charges against Rami Khaled Ahmed for allegedly helping to develop and deploy Black Kingdom, which infected “approximately 1,500 computer systems."]]> 2025-05-02T18:46:46+00:00 https://therecord.media/us-indicts-yemeni-man-black-kingdom-ransomware www.secnews.physaphae.fr/article.php?IdArticle=8670713 False Ransomware None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Confidentialité pour l'agentique AI Privacy for Agentic AI a rejoint Inrupt, une entreprise qui commercialise le protocole ouvert de Tim Berners-Lee pour la possession de données distribués. Nous travaillons sur un portefeuille numérique qui peut utiliser AI de cette manière. (Nous l'appelions un «portefeuille actif». Maintenant, nous l'appelons un «portefeuille agentique».) J'ai parlé à propos de ]]> 2025-05-02T18:04:07+00:00 https://www.schneier.com/blog/archives/2025/05/privacy-for-agentic-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8670671 False Conference None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tiktok a critiqué 530 millions d'euros du RGPD pour avoir envoyé un UE. Données à la Chine TikTok Slammed With €530 Million GDPR Fine for Sending E.U. Data to China Ireland\'s Data Protection Commission (DPC) on Tuesday fined popular video-sharing platform TikTok €530 million ($601 million) for infringing data protection regulations in the region by transferring European users\' data to China. "TikTok infringed the GDPR regarding its transfers of EEA [European Economic Area] User Data to China and its transparency requirements," the DPC said in a statement. "]]> 2025-05-02T17:55:00+00:00 https://thehackernews.com/2025/05/tiktok-slammed-with-530-million-gdpr.html www.secnews.physaphae.fr/article.php?IdArticle=8670572 False None None 3.0000000000000000 BBC - BBC News - Technology La cyberattaque coopérative affecte les données des clients, l'entreprise admet, après que les pirates contactent la BBC Co-op cyber attack affects customer data, firm admits, after hackers contact BBC The firm previously said there was "no evidence that customer data was compromised".]]> 2025-05-02T17:41:13+00:00 https://www.bbc.com/news/articles/crkx3vy54nzo www.secnews.physaphae.fr/article.php?IdArticle=8670711 False None None 3.0000000000000000 HackRead - Chercher Cyber La police saisit la boutique de web sombre pygmalion, accédez aux données des utilisateurs à partir des commandes 7K Police Seize Dark Web Shop Pygmalion, Access User Data from 7K Orders German police seized the dark web shop Pygmalion, gaining access to customer data linked to over 7,000 drug…]]> 2025-05-02T17:38:18+00:00 https://hackread.com/police-seize-dark-web-shop-pygmalion-user-data-orders/ www.secnews.physaphae.fr/article.php?IdArticle=8670673 False Legislation None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber L'administration Trump propose de réduire 491 millions de dollars du budget de la CISA Trump administration proposes cutting $491M from CISA budget Un résumé du budget ne donne pas de détails spécifiques sur les programmes qu'il réduirait, fournissant plutôt un plan large.

>A budget summary doesn\'t give specific details on which programs it would cut, instead providing a broad outline. ]]> 2025-05-02T17:33:31+00:00 https://cyberscoop.com/trump-administration-proposed-cisa-budget-cuts/ www.secnews.physaphae.fr/article.php?IdArticle=8670669 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Les attaquants augmentent les efforts de ciblage des secrets des développeurs Attackers Ramp Up Efforts Targeting Developer Secrets Software teams need to follow security best practices to eliminate the leak of secrets, as threat actors increase their scanning for configuration and repository files.]]> 2025-05-02T16:29:28+00:00 https://www.darkreading.com/threat-intelligence/attackers-targeting-developer-secrets www.secnews.physaphae.fr/article.php?IdArticle=8670652 False Threat None 3.0000000000000000 HackRead - Chercher Cyber Le détaillant de luxe britannique Harrods frappé par la cyberattaque après M&S, coopérative UK Luxury Retailer Harrods Hit by Cyber Attack After M&S, Co-op Luxury retailer Harrods confirms a cyber attack attempt, restricting internet access but keeping its online store running. Learn…]]> 2025-05-02T16:11:02+00:00 https://hackread.com/uk-luxury-retailer-harrods-by-cyber-attack-ms-co-op/ www.secnews.physaphae.fr/article.php?IdArticle=8670651 False None None 3.0000000000000000 The Register - Site journalistique Anglais Disney Slack Attack n'était pas des manifestants russes, juste un cali mec avec des logiciels malveillants Disney Slack attack wasn\\'t Russian protesters, just a Cali dude with malware A 25-year-old California man pleaded guilty to stealing and dumping 1.1TB of data from the House of Mouse When someone stole more than a terabyte of data from Disney last year, it was believed to be the work of Russian hacktivists protesting for artist rights. We now know it was actually a 25-year-old California resident.…]]> 2025-05-02T16:03:55+00:00 https://go.theregister.com/feed/www.theregister.com/2025/05/02/disney_slack_hacker_revealed_to/ www.secnews.physaphae.fr/article.php?IdArticle=8670631 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment automatiser la réponse consultative des CVE et de la vulnérabilité avec des dents How to Automate CVE and Vulnerability Advisory Response with Tines Run by the team at workflow orchestration and AI platform Tines, the Tines library features pre-built workflows shared by security practitioners from across the community - all free to import and deploy through the platform\'s Community Edition. A recent standout is a workflow that automates monitoring for security advisories from CISA and other vendors, enriches advisories with CrowdStrike]]> 2025-05-02T16:00:00+00:00 https://thehackernews.com/2025/05/how-to-automate-cve-and-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8670533 False Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch Malgré des arrestations, Spandred Spider continue un piratage de haut niveau Despite Arrests, Scattered Spider Continues High-Profile Hacking While law enforcement has identified and arrested several alleged members, the notorious threat group continues to wreak havoc.]]> 2025-05-02T15:59:49+00:00 https://www.darkreading.com/cyberattacks-data-breaches/despite-arrests-scattered-spider-continues-hacking www.secnews.physaphae.fr/article.php?IdArticle=8670632 False Threat,Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain Co-op confirme le vol de données après l'attaque de DragonForce Ransomware Attack Co-op confirms data theft after DragonForce ransomware claims attack The Co-op cyberattack is far worse than initially reported, with the company now confirming that data was stolen for a significant number of current and past customers. [...]]]> 2025-05-02T15:52:50+00:00 https://www.bleepingcomputer.com/news/security/co-op-confirms-data-theft-after-dragonforce-ransomware-claims-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8670716 False Ransomware None 3.0000000000000000 Global Security Mag - Site de news francais Keeper Security Renews Partnership avec Atlassian Williams qui coule avant 2025 Miami Grand Prix Keeper Security Renews Partnership With Atlassian Williams Racing Ahead of 2025 Miami Grand Prix Business News

Keeper Security Renews Partnership With Atlassian Williams Racing Ahead of 2025 Miami Grand Prix - Business News]]> 2025-05-02T14:47:25+00:00 https://www.globalsecuritymag.fr/keeper-security-renews-partnership-with-atlassian-williams-racing-ahead-of-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8670612 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Les attaques de ransomwares contre l'industrie alimentaire et agricole ont doublé en 2025 Ransomware attacks on food and agriculture industry have doubled in 2025 The uptick began in the fourth quarter of 2024 and continued into 2025, with the increases largely attributed to Clop\'s exploitation of a popular file sharing service.]]> 2025-05-02T14:46:06+00:00 https://therecord.media/ransomware-attacks-food-and-ag-double-2025 www.secnews.physaphae.fr/article.php?IdArticle=8670613 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) MintSloader laisse tomber Ghostweaver via Phishing, ClickFix - utilise DGA, TLS pour les attaques furtives MintsLoader Drops GhostWeaver via Phishing, ClickFix - Uses DGA, TLS for Stealth Attacks The malware loader known as MintsLoader has been used to deliver a PowerShell-based remote access trojan called GhostWeaver. "MintsLoader operates through a multi-stage infection chain involving obfuscated JavaScript and PowerShell scripts," Recorded Future\'s Insikt Group said in a report shared with The Hacker News. "The malware employs sandbox and virtual machine evasion techniques, a domain]]> 2025-05-02T14:27:00+00:00 https://thehackernews.com/2025/05/mintsloader-drops-ghostweaver-via.html www.secnews.physaphae.fr/article.php?IdArticle=8670507 False Malware None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET RESPORT RSAC 2025 - Semaine en sécurité avec Tony Anscombe RSAC 2025 wrap-up – Week in security with Tony Anscombe From the power of collaborative defense to identity security and AI, catch up on the event\'s key themes and discussions]]> 2025-05-02T14:16:05+00:00 https://www.welivesecurity.com/en/videos/rsac-2025-wrap-up-week-security-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8671195 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain L'attaque de la chaîne d'approvisionnement de Magento compromet des centaines de magasins électroniques Magento supply chain attack compromises hundreds of e-stores A supply chain attack involving 21 backdoored Magento extensions has compromised between 500 and 1,000 e-commerce stores, including one belonging to a $40 billion multinational. [...]]]> 2025-05-02T14:09:55+00:00 https://www.bleepingcomputer.com/news/security/magento-supply-chain-attack-compromises-hundreds-of-e-stores/ www.secnews.physaphae.fr/article.php?IdArticle=8670693 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Coupez CISA et tout le monde le paie Cut CISA and Everyone Pays for It Gutting CISA won\'t just lose us a partner. It will lose us momentum. And in this game, that\'s when things break.]]> 2025-05-02T14:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/cut-cisa-everyone-pays www.secnews.physaphae.fr/article.php?IdArticle=8670610 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine CISA confirme l'exploitation des vulnérabilités de Sonicwall CISA Confirms Exploitation of SonicWall Vulnerabilities The US Cybersecurity and Infrastructure Security Agency has added two flaws affecting SonicWall products to its catalog of Known Exploited Vulnerabilities]]> 2025-05-02T14:00:00+00:00 https://www.infosecurity-magazine.com/news/cisa-exploitation-sonicwall/ www.secnews.physaphae.fr/article.php?IdArticle=8670593 False Vulnerability None 3.0000000000000000 Korben - Bloger francais Microsoft ne veut plus de mots de passe 2025-05-02T13:59:01+00:00 https://korben.info/microsoft-ne-veut-plus-de-mots-de-passe.html www.secnews.physaphae.fr/article.php?IdArticle=8670568 False None None 3.0000000000000000 Zataz - Magazine Francais de secu L\'erreur humaine, talon d\'Achille de la cybersécurité 2025-05-02T13:19:23+00:00 https://www.zataz.com/lerreur-humaine-talon-dachille-de-la-cybersecurite/ www.secnews.physaphae.fr/article.php?IdArticle=8670591 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Les États-Unis veulent couper le joueur clé dans l'industrie de la cybercriminalité d'Asie du Sud-Est US wants to cut off key player in Southeast Asian cybercrime industry The Treasury Department issued the proposed rulemaking Thursday, stating that Huione Group has helped launder funds from North Korean state-backed cybercrime operations and investment scams originating in Southeast Asia.]]> 2025-05-02T13:13:52+00:00 https://therecord.media/us-fincen-cut-off-huione-group-southeast-asia-cyber-scam www.secnews.physaphae.fr/article.php?IdArticle=8670592 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine La Maison Blanche avertit la Chine des représailles de la cyber White House Warns China of Cyber Retaliation Over Infrastructure Hacks NSC\'s Alexei Bulazel said that failing to robustly respond to constant Chinese intrusions into critical infrastructure is in itself “escalatory”]]> 2025-05-02T13:00:00+00:00 https://www.infosecurity-magazine.com/news/white-house-china-cyber-retaliation/ www.secnews.physaphae.fr/article.php?IdArticle=8670571 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine Think Tank de sécurité: ce que les CISO peuvent apprendre de Signalgate Security Think Tank: What CISOs can learn from Signalgate A leak of information on American military operations caused a major political incident in March 2025. The Security Think Tank considers what can CISOs can learn from this potentially fatal error.]]> 2025-05-02T12:56:00+00:00 https://www.computerweekly.com/opinion/Security-Think-Tank-What-CISOs-can-learn-from-Signalgate www.secnews.physaphae.fr/article.php?IdArticle=8670672 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine Le cyber-crime de la vente au détail est un «réveil», explique le PDG du NCSC Retail cyber crime spree a “wake-up call”, says NCSC CEO The NCSC confirms it is providing assistance to M&S, Co-op and Harrods as concerns grow among UK retailers]]> 2025-05-02T12:45:00+00:00 https://www.computerweekly.com/news/366623390/Retail-cyber-crime-spree-a-wake-up-call-says-NCSC-CEO www.secnews.physaphae.fr/article.php?IdArticle=8670649 False None None 3.0000000000000000 SecurityWeek - Security News Dans d'autres nouvelles: la fuite de code source nullpoint, 17 500 $ pour l'iPhone Flaw, BreachForums In Other News: NullPoint Source Code Leak, $17,500 for iPhone Flaw, BreachForums Down Des histoires remarquables qui auraient pu glisser sous le radar: le code source du voleur nullpoint divulgué, le chercheur gagne 17 500 $ à Apple pour la vulnérabilité, BreachForums après l'exploitation zéro-jour par la police.

>Noteworthy stories that might have slipped under the radar: NullPoint Stealer source code leaked, researcher earns $17,500 from Apple for vulnerability, BreachForums down after zero-day exploitation by police. ]]> 2025-05-02T12:19:16+00:00 https://www.securityweek.com/in-other-news-nullpoint-source-code-leak-17500-for-iphone-flaw-breachforums-down/ www.secnews.physaphae.fr/article.php?IdArticle=8670569 False Vulnerability,Threat,Legislation,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft définit la valeur par défaut de PassKeys pour les nouveaux comptes; 15 milliards d'utilisateurs obtiennent une prise en charge sans mot de passe Microsoft Sets Passkeys Default for New Accounts; 15 Billion Users Gain Passwordless Support A year after Microsoft announced passkeys support for consumer accounts, the tech giant has announced a big change that pushes individuals signing up for new accounts to use the phishing-resistant authentication method by default. "Brand new Microsoft accounts will now be \'passwordless by default,\'" Microsoft\'s Joy Chik and Vasu Jakkal said. "New users will have several passwordless options for]]> 2025-05-02T12:10:00+00:00 https://thehackernews.com/2025/05/microsoft-sets-passkeys-default-for-new.html www.secnews.physaphae.fr/article.php?IdArticle=8670461 False None None 4.0000000000000000 Recorded Future - FLux Recorded Future Harrods devient le dernier détaillant à annoncer la tentative de cyberattaque Harrods becomes latest retailer to announce attempted cyberattack London retailer Harrods said it had “recently experienced attempts to gain unauthorised access to some of our systems” but its security team "immediately took proactive steps to keep systems safe.”]]> 2025-05-02T11:18:11+00:00 https://therecord.media/harrods-cyberattack-uk-retailer www.secnews.physaphae.fr/article.php?IdArticle=8670551 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Conseils du NCSC sur la «cryptographie avancée» NCSC Guidance on “Advanced Cryptography” Livre blanc sur «Cryptographie avancée», qu'elle définit comme «Techniques cryptographiques pour le traitement des données encryptées, offrant une fonctionnalité améliorée sur et ci-dessus qui a été offerte par la cryptographie traditionnelle». Il comprend des choses comme le chiffrement homomorphe, le chiffrement basé sur des attributs, les preuves de connaissances zéro et le calcul multipartite sécurisé. C'est plein de bons conseils. J'apprécie particulièrement cet avertissement: Lorsque vous décidez d'utiliser la cryptographie avancée, commencez par une articulation claire du problème et l'utilisez pour guider le développement d'une solution appropriée. Autrement dit, vous ne devez pas commencer par une technique de cryptographie avancée, puis essayer d'adapter les fonctionnalités qu'il fournit au problème. ...

The UK’s National Cyber Security Centre just released its white paper on “Advanced Cryptography,” which it defines as “cryptographic techniques for processing encrypted data, providing enhanced functionality over and above that provided by traditional cryptography.” It includes things like homomorphic encryption, attribute-based encryption, zero-knowledge proofs, and secure multiparty computation. It’s full of good advice. I especially appreciate this warning: When deciding whether to use Advanced Cryptography, start with a clear articulation of the problem, and use that to guide the development of an appropriate solution. That is, you should not start with an Advanced Cryptography technique, and then attempt to fit the functionality it provides to the problem. ...]]> 2025-05-02T11:03:11+00:00 https://www.schneier.com/blog/archives/2025/05/ncsc-guidance-on-advanced-cryptography.html www.secnews.physaphae.fr/article.php?IdArticle=8670529 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial WEF met en garde contre les cyber-menaces croissantes des infrastructures énergétiques après une panne de courant ibérique WEF warns of growing cyber threats to energy infrastructure following Iberian blackout The World Economic Forum (WEF) determined that the widespread blackout across Spain and Portugal this week intensified concerns... ]]> 2025-05-02T10:57:01+00:00 https://industrialcyber.co/utilities-energy-power-water-waste/wef-warns-of-growing-cyber-threats-to-energy-infrastructure-following-iberian-blackout/ www.secnews.physaphae.fr/article.php?IdArticle=8670532 False None None 3.0000000000000000 IT Security Guru - Blog Sécurité MIWIC25: Marine Ruhamanya, Cyberscure Senior Manager MIWIC25: Marine Ruhamanya, Cybersecurity Senior Manager Organised by Eskenzi PR in media partnership with the IT Security Guru, the Most Inspiring Women in Cyber Awards aim to shed light on the remarkable women in our industry. The following is a feature on one of 2024\'s Top 20 women selected by an esteemed panel of judges. Presented in a Q&A format, the nominee\'s answers are […] ]]> 2025-05-02T10:49:28+00:00 https://www.itsecurityguru.org/2025/05/02/miwic25-marine-ruhamanya-cybersecurity-senior-manager/?utm_source=rss&utm_medium=rss&utm_campaign=miwic25-marine-ruhamanya-cybersecurity-senior-manager www.secnews.physaphae.fr/article.php?IdArticle=8670528 False None None 3.0000000000000000 The Register - Site journalistique Anglais Les agents du gouvernement britannique interviennent alors que Harrods devient le troisième méga détaillant sous cyberattaque British govt agents step in as Harrods becomes third mega retailer under cyberattack 2025-05-02T10:37:25+00:00 https://go.theregister.com/feed/www.theregister.com/2025/05/02/ncsc_steps_in_as_harrods/ www.secnews.physaphae.fr/article.php?IdArticle=8670530 False None None 3.0000000000000000 HackRead - Chercher Cyber Plus de 200 faux sites de vente au détail utilisés dans la nouvelle vague d'archives d'abonnement 200+ Fake Retail Sites Used in New Wave of Subscription Scams Bitdefender uncovers a massive surge in sophisticated subscription scams disguised as online shops and evolving mystery boxes. Learn…]]> 2025-05-02T10:01:57+00:00 https://hackread.com/fake-retail-sites-used-new-wave-subscription-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8670505 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Le régulateur de confidentialité des données irlandaises amende Tiktok 598 millions de dollars Irish data privacy regulator fines TikTok $598 million The Irish Data Protection Commission (DPC) fined Chinese-owned TikTok €530 million ($598 million) for violating GDPR rules about data transfers outside of Europe.]]> 2025-05-02T10:00:35+00:00 https://therecord.media/tiktok-fined-gdpr-data-chinese-servers www.secnews.physaphae.fr/article.php?IdArticle=8670508 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain UK NCSC: Les cyberattaques impactant les détaillants britanniques sont un réveil UK NCSC: Cyberattacks impacting UK retailers are a wake-up call The United Kingdom\'s National Cyber Security Centre warned that ongoing cyberattacks impacting multiple UK retail chains should be taken as a "wake-up call." [...]]]> 2025-05-02T09:57:31+00:00 https://www.bleepingcomputer.com/news/security/uk-ncsc-cyberattacks-impacting-uk-retailers-are-a-wake-up-call/ www.secnews.physaphae.fr/article.php?IdArticle=8670590 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le tiers des utilisateurs en ligne frappés par des hacks de compte en raison de mots de passe faibles Third of Online Users Hit by Account Hacks Due to Weak Passwords FIDO Alliance found an uptick in awareness and takeup of passkeys as an alternative method to passwords]]> 2025-05-02T09:45:00+00:00 https://www.infosecurity-magazine.com/news/third-online-users-hacks-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=8670510 False None None 3.0000000000000000 Zataz - Magazine Francais de secu Infostealer : le voleur invisible dans votre ordinateur 2025-05-02T09:31:53+00:00 https://www.zataz.com/infostealer-le-voleur-invisible-dans-votre-ordinateur/ www.secnews.physaphae.fr/article.php?IdArticle=8670509 False None None 3.0000000000000000 GB Hacker - Blog de reverseur Les services néerlandais perturbés par les attaques DDOS de Hacktivistes affiliés à la Russie Dutch Services Disrupted by DDoS Attacks From Russian-Affiliated Hacktivists Plusieurs organisations néerlandaises ont connu des perturbations de services importantes cette semaine en raison d'une série d'attaques coordonnées sur le déni de service (DDOS). Ces attaques, qui ont également ciblé d'autres organisations européennes, seraient le travail d'un groupe hacktiviste pro-russe NONAME057 (16), selon des déclarations officielles et des enquêtes en cours par le National Cyber Security Center (NCSC). […]

>Multiple Dutch organizations have experienced significant service disruptions this week due to a series of coordinated Distributed Denial-of-Service (DDoS) attacks. These attacks, which have also targeted other European organizations, are believed to be the work of a pro-Russian hacktivist group NoName057(16), according to official statements and ongoing investigations by the National Cyber Security Centre (NCSC). […] ]]> 2025-05-02T09:16:18+00:00 https://gbhackers.com/dutch-services-disrupted-by-ddos-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8670511 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine HARRODS Le dernier détaillant britannique à être victime de cyber-attaque ces derniers jours Harrods Latest UK Retailer to Fall Victim to Cyber-Attack in Recent Days UK retailers including Harrods, M&S, and the Co-op are under a surge of cyber-attacks that may be linked by a common supplier or shared technological vulnerability]]> 2025-05-02T09:05:00+00:00 https://www.infosecurity-magazine.com/news/harrods-uk-retailer-fall-victim-to/ www.secnews.physaphae.fr/article.php?IdArticle=8670485 False Vulnerability None 2.0000000000000000 GB Hacker - Blog de reverseur Sept packages malveillants exploitent Gmail SMTP pour exécuter des commandes nuisibles Seven Malicious Packages Exploit Gmail SMTP to Run Harmful Commands Un important incident de sécurité de la chaîne d'approvisionnement a secoué la communauté open-source Python alors que les chercheurs de l'équipe de recherche sur les menaces de Socket ont révélé sept packages malveillants interconnectés publiés sur le Python Package Index (PYPI). Ces forfaits CODE-CODES-PRO, COFFIN-CODES-NET2, COFFIN-CODES-NET, COFFIN-CODES-2022, COFFIN2022, GRAVE-GRAVE et CFC-BSB-WERE ont ingénieusement conçu pour exploiter les attaquants de Gmail \\, établir des tunnels de commandement Covert et exécuter […]

>A major supply chain security incident has rocked the Python open-source community as researchers at Socket’s Threat Research Team uncovered seven interconnected malicious packages published on the Python Package Index (PyPI). These packages Coffin-Codes-Pro, Coffin-Codes-NET2, Coffin-Codes-NET, Coffin-Codes-2022, Coffin2022, Coffin-Grave, and cfc-bsb-were ingeniously designed to exploit Gmail\'s SMTP service, establishing covert command-and-control tunnels and enabling attackers to execute […] ]]> 2025-05-02T08:54:43+00:00 https://gbhackers.com/seven-malicious-packages-exploit-gmail-smtp/ www.secnews.physaphae.fr/article.php?IdArticle=8670488 False Threat None 3.0000000000000000 Global Security Mag - Site de news francais IBM et la Scuderia Ferrari HP lancent une application mobile repensée pour amplifier l\'expérience des fans de Formule 1 dans le monde entier Marchés]]> 2025-05-02T08:42:17+00:00 https://www.globalsecuritymag.fr/ibm-et-la-scuderia-ferrari-hp-lancent-une-application-mobile-repensee-pour.html www.secnews.physaphae.fr/article.php?IdArticle=8670486 False Mobile None 3.0000000000000000 Zataz - Magazine Francais de secu BreachForums sous tension : entre menace invisible et riposte discrète 2025-05-02T08:36:49+00:00 https://www.zataz.com/breachforums-sous-tension-entre-menace-invisible-et-riposte-discrete/ www.secnews.physaphae.fr/article.php?IdArticle=8670481 False None None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Le groupe lié à Darkwatchman HIVE0117 cible le secteur des infrastructures critiques russes en large campagne de cyber-campagne DarkWatchman-linked group Hive0117 targets Russian critical infrastructure sector in broad cyber campaign F6 Threat Intelligence has disclosed that it tracked the activities of the Hive0117 group, which conducted a large-scale... ]]> 2025-05-02T08:33:10+00:00 https://industrialcyber.co/ransomware/darkwatchman-linked-group-hive0117-targets-russian-critical-infrastructure-sector-in-broad-cyber-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8670482 False Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Beyondtrust lance une évaluation des risques de sécurité de l'identité gratuite pour exposer les vulnérabilités cachées BeyondTrust launches free Identity Security Risk Assessment to expose hidden vulnerabilities Le fournisseur de cybersécurité Beyondtrust a lancé cette semaine la nouvelle évaluation des risques de sécurité de l'identité, un service gratuit conçu pour éclairer ...

>Cybersecurity vendor BeyondTrust launched this week the new Identity Security Risk Assessment, a free service designed to illuminate... ]]> 2025-05-02T08:28:28+00:00 https://industrialcyber.co/news/beyondtrust-launches-free-identity-security-risk-assessment-to-expose-hidden-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8670483 False Vulnerability None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial SSH et CINIA Signe l'accord de référencement pour fournir des solutions complètes de cybersécurité SSH and Cinia sign reseller agreement to deliver comprehensive cybersecurity solutions SSH Communications Security (SSH) et CINIA ont signé un accord de revendeur qui permettra aux deux parties de livrer ...

>SSH Communications Security (SSH) and Cinia have signed a reseller agreement that will enable both parties to deliver... ]]> 2025-05-02T08:28:12+00:00 https://industrialcyber.co/news/ssh-and-cinia-sign-reseller-agreement-to-deliver-comprehensive-cybersecurity-solutions/ www.secnews.physaphae.fr/article.php?IdArticle=8670484 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Les patients laissés dans les mois sombres après les cybercriminels qui ont fui les données du laboratoire Patients left in the dark months after cybercriminals leak testing lab data It\'s been almost a year since the Qilin cybercrime group breached sensitive data from U.K. pathology services company Synnovis, and its patient information page is still short on details about what was exposed and how many people were affected.]]> 2025-05-02T08:00:00+00:00 https://therecord.media/synnovis-health-data-breach-investigation-onging www.secnews.physaphae.fr/article.php?IdArticle=8670462 False None None 3.0000000000000000 GB Hacker - Blog de reverseur La CISA émet de nouveaux avis ICS à la lutte contre les vulnérabilités et les exploits critiques CISA Issues New ICS Advisories Addressing Critical Vulnerabilities and Exploits L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a publié deux nouveaux avis révélant des vulnérabilités critiques trouvées dans les systèmes de contrôle industriel largement utilisés (CI). Sorti le 1er mai 2025, les avis mettent en lumière les risques de sécurité sévères affectant les appareils PI de la révolution de Kunbus GmbH \\ et le spectateur Microdicom DiCom, avec certaines vulnérabilités marquant la note la plus élevée possible pour le risque […]

>The Cybersecurity and Infrastructure Security Agency (CISA) has issued two new advisories revealing critical vulnerabilities found in widely used Industrial Control Systems (ICS). Released on May 1, 2025, the advisories spotlight severe security risks affecting KUNBUS GmbH\'s Revolution Pi devices and the MicroDicom DICOM Viewer, with some vulnerabilities scoring the highest possible rating for risk […] ]]> 2025-05-02T07:11:44+00:00 https://gbhackers.com/cisa-issues-new-ics-advisories/ www.secnews.physaphae.fr/article.php?IdArticle=8670464 False Vulnerability,Industrial None 3.0000000000000000 GB Hacker - Blog de reverseur Vulnérabilité nvidia Tensorrt-llm Laissez les pirates à exécuter un code malveillant NVIDIA TensorRT-LLM Vulnerability Let Hackers Run Malicious Code NVIDIA a émis un avis de sécurité urgent après avoir découvert une vulnérabilité importante (CVE-2025-23254) dans son cadre populaire Tensorrt-llm, exhortant tous les utilisateurs à mettre à jour la dernière version (0.18.2) à protéger leurs systèmes contre des attaques potentielles. Présentation de la vulnérabilité La vulnérabilité, identifiée comme CVE-2025-23254, affecte toutes les versions du cadre Nvidia Tensorrt-llm avant 0,18.2 à travers […]

>NVIDIA has issued an urgent security advisory after discovering a significant vulnerability (CVE-2025-23254) in its popular TensorRT-LLM framework, urging all users to update to the latest version (0.18.2) to safeguard their systems against potential attacks. Overview of the Vulnerability The vulnerability, identified as CVE-2025-23254, affects all versions of the NVIDIA TensorRT-LLM framework before 0.18.2 across […] ]]> 2025-05-02T06:57:22+00:00 https://gbhackers.com/nvidia-tensorrt-llm-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8670443 False Vulnerability None 3.0000000000000000 GB Hacker - Blog de reverseur CISA Problèmes de CISA alerte sur la vulnérabilité d'échappement du serveur HTTP du serveur HTTP exploité activement CISA Issues Alert on Actively Exploited Apache HTTP Server Escape Vulnerability L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a émis une alerte urgente concernant une vulnérabilité nouvellement découverte et activement exploitée dans le serveur HTTP Apache largement utilisé. La faille, cataloguée sous forme de CVE-2024-38475, affecte le module MOD_REWRITE du serveur et présente des risques importants pour les organisations du monde entier. Les détails de la vulnérabilité CVE-2024-38475 sont classés comme une «évasion incorrecte […]

>The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a newly discovered and actively exploited vulnerability in the widely used Apache HTTP Server. The flaw, catalogued as CVE-2024-38475, affects the server\'s mod_rewrite module and poses significant risks to organizations worldwide. Details of the Vulnerability CVE-2024-38475 is classified as an “improper escaping […] ]]> 2025-05-02T05:33:47+00:00 https://gbhackers.com/cisa-issues-alert-on-apache-http-server-escape-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8670422 False Vulnerability None 2.0000000000000000 GB Hacker - Blog de reverseur Disney Hacker admet la culpabilité après avoir volé 1,1 To de données internes Disney Hacker Admits Guilt After Stealing 1.1TB of Internal Data Un homme de 25 ans de Santa Clarita, en Californie, a accepté de plaider coupable de piratage de l'ordinateur personnel d'un employé de Walt Disney Company et d'avoir volé une énorme quantité de données internes sensibles l'année dernière. Ryan Mitchell Kramer fait face à des charges liées à l'accès non autorisé et aux menaces pour endommager un ordinateur protégé, marquant un […] significatif […]

>A 25-year-old man from Santa Clarita, California, has agreed to plead guilty to hacking into the personal computer of a Walt Disney Company employee and stealing a massive amount of sensitive internal data last year. Ryan Mitchell Kramer faces charges related to unauthorized computer access and threats to damage a protected computer, marking a significant […] ]]> 2025-05-02T05:17:11+00:00 https://gbhackers.com/disney-hacker-admits-guilt/ www.secnews.physaphae.fr/article.php?IdArticle=8670423 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Microsoft rend tous les nouveaux comptes sans mot de passe par défaut Microsoft makes all new accounts passwordless by default Microsoft has announced that all new Microsoft accounts will be "passwordless by default" to secure them against password attacks such as phishing, brute force, and credential stuffing. [...]]]> 2025-05-02T03:21:24+00:00 https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-all-new-accounts-passwordless-by-default/ www.secnews.physaphae.fr/article.php?IdArticle=8670460 False None None 4.0000000000000000 Darknet - The Darkside - Site de news Américain Shell3r - puissant obfuscateur shellcode pour la sécurité offensive Shell3r – Powerful Shellcode Obfuscator for Offensive Security Shell3r is a modular shellcode obfuscator that bypasses basic and mid-level static detection techniques.]]> 2025-05-02T01:00:00+00:00 https://www.darknet.org.uk/2025/05/shell3r-powerful-shellcode-obfuscator-for-offensive-security/ www.secnews.physaphae.fr/article.php?IdArticle=8670996 False None None 3.0000000000000000 Krebs on Security - Chercheur Américain Clé API XAI DEV DEAKS pour Private SpaceX, Tesla LLMS xAI Dev Leaks API Key for Private SpaceX, Tesla LLMs A employee at Elon Musk\'s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk\'s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned.]]> 2025-05-02T00:52:00+00:00 https://krebsonsecurity.com/2025/05/xai-dev-leaks-api-key-for-private-spacex-tesla-llms/ www.secnews.physaphae.fr/article.php?IdArticle=8670336 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future OFFICIEL DE NSC: l'administration Trump changera le script \\ 'sur le côté offensif NSC official: Trump administration will \\'change the script\\' on offensive side Alexei Bulazel, the senior director for cyber on the National Security Council, said it was important to be able "to respond in kind" if the U.S. is targeted with cyberattacks.]]> 2025-05-02T00:15:25+00:00 https://therecord.media/trump-administration-change-the-script-on-offensive-hacking www.secnews.physaphae.fr/article.php?IdArticle=8670338 False None None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Ukrainien s'est extradé pour nous pour avoir présumé l'attaque des ransomwares du Néfilim Spree Ukrainian extradited to US for alleged Nefilim ransomware attack spree Les responsables fédéraux de l'application des lois accusent Artem Stryzhak, qui a été arrêté en Espagne l'année dernière, d'attaquer et d'extorquer plusieurs entreprises entre 2018 et 2021.

>Federal law enforcement officials accuse Artem Stryzhak, who was arrested in Spain last year, of attacking and extorting multiple companies between 2018 and 2021. ]]> 2025-05-02T00:01:15+00:00 https://cyberscoop.com/nefilim-ransomware-artem-stryzhak-extradited/ www.secnews.physaphae.fr/article.php?IdArticle=8670318 False Ransomware,Legislation None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Le Cyber Cyber Lead de la Sécurité National veut \\ 'normaliser \\' Opérations offensives National Security Council cyber lead wants to \\'normalize\\' offensive operations Alexei Bulazel a déclaré à un public lors de la conférence RSAC en 2025 qu'il pensait que «il y avait beaucoup de choses que nous pourrions faire pour augmenter les coûts sur ces acteurs».

>Alexei Bulazel told an audience at the 2025 RSAC conference that he thinks “there\'s a lot we could do to increase costs on these actors.” ]]> 2025-05-01T23:59:51+00:00 https://cyberscoop.com/alexei-bulazel-white-house-national-security-councial-destigmatize-offensive-cyber-rsac-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8670319 False Conference None 3.0000000000000000 Dark Reading - Informationweek Branch Sans Top 5: Cyber est sorti du SOC SANS Top 5: Cyber Has Busted Out of the SOC This year\'s top cyber challenges include cloud authorization sprawl, ICS cyberattacks and ransomware, a lack of cloud logging, and regulatory constraints keeping defenders from fully utilizing AI\'s capabilities.]]> 2025-05-01T23:28:19+00:00 https://www.darkreading.com/cloud-security/sans-top5-cyber-broken-out-soc www.secnews.physaphae.fr/article.php?IdArticle=8670317 False Ransomware,Industrial,Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Les entreprises doivent se méfier de ces 5 menaces Enterprises Need to Beware of These 5 Threats A panelist of SANS Institute leaders detailed current threats and provided actionable steps for enterprises to consider.]]> 2025-05-01T23:14:03+00:00 https://www.darkreading.com/cyberattacks-data-breaches/enterprises-need-beware-five-threats www.secnews.physaphae.fr/article.php?IdArticle=8670339 False None None 2.0000000000000000 HackRead - Chercher Cyber Les logiciels malveillants NPM ciblent les portefeuilles cryptographiques, MongoDB; Le code pointe vers la Turquie npm Malware Targets Crypto Wallets, MongoDB; Code Points to Turkey Sonatype discovered ‘crypto-encrypt-ts’, a malicious npm package impersonating the popular CryptoJS library to steal crypto and personal data.…]]> 2025-05-01T22:00:30+00:00 https://hackread.com/npm-malware-crypto-wallets-mongodb-turkey-code/ www.secnews.physaphae.fr/article.php?IdArticle=8670280 False Malware None 3.0000000000000000 Recorded Future - FLux Recorded Future Les entrepreneurs de la défense versent 8,4 millions de dollars sur les frais de non-respect des normes fédérales de cyber Defense contractors to pay $8.4 million over charges of failing to meet federal cyber standards The settlement falls under the False Claims Act, a Civil War-era law that allows for civil damages against government contractors who violate the terms of their agreement.]]> 2025-05-01T21:59:41+00:00 https://therecord.media/defense-contractors-settle-with-dod-false-claims-act www.secnews.physaphae.fr/article.php?IdArticle=8670296 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Plus de 100 000 touchés par la violation de données de décembre à Ascension Health More than 100,000 impacted by December data breach at Ascension Health Ascension Health revealed another security incident this week, warning more than 100,000 people in multiple states that their information was likely accessed by hackers late last year.]]> 2025-05-01T21:54:22+00:00 https://therecord.media/ascension-health-data-breach-impacts-over-100000 www.secnews.physaphae.fr/article.php?IdArticle=8670297 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le faux plugin de sécurité sur WordPress permet l'accès à l'administrateur distant pour les attaquants Fake Security Plugin on WordPress Enables Remote Admin Access for Attackers Cybersecurity researchers have shed light on a new campaign targeting WordPress sites that disguises the malware as a security plugin. The plugin, which goes by the name "WP-antymalwary-bot.php," comes with a variety of features to maintain access, hide itself from the admin dashboard, and execute remote code. "Pinging functionality that can report back to a command-and-control (C&C) server]]> 2025-05-01T21:17:00+00:00 https://thehackernews.com/2025/05/fake-security-plugin-on-wordpress.html www.secnews.physaphae.fr/article.php?IdArticle=8670150 False Malware None 3.0000000000000000