This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T19:12:00+00:00 www.secnews.physaphae.fr Bleeping Computer - Magazine Américain 2023-03-09T12:24:39+00:00 https://www.bleepingcomputer.com/news/security/atandt-alerts-9-million-customers-of-data-breach-after-vendor-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8316990 False Data Breach,Hack None 2.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber MuddyWater has been attacking targets around the world for years, according to the U.S. and other western governments. ]]> 2023-03-08T16:59:49+00:00 https://cyberscoop.com/israel-technion-hack-muddy-water-iran-mois/ www.secnews.physaphae.fr/article.php?IdArticle=8316718 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-03-08T16:04:00+00:00 https://thehackernews.com/2023/03/lazarus-group-exploits-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8316641 False Hack,Vulnerability,Medical APT 38 3.0000000000000000 Recorded Future - FLux Recorded Future _Two digital rights groups, Mexico's R3D and the University of Toronto's Citizen Lab, have just released an update to their “[Ejército Espía](https://ejercitoespia.r3d.mx/)” (“Spying Government”) report from late last year. In October 2022, they revealed that the Mexican army bought spyware and deployed it against at least two Mexican journalists and a human rights advocate between 2019 and 2021. While they had compelling circumstantial evidence, there was no smoking gun. The newly-released internal classified documents appear to prove it._ _Luis Fernando Garcia, a lawyer and executive director of R3D, told Click Here in an interview that a roster of freedom of information requests and internal Ministry of Defense documents – released as part of last year's massive hack-and-leak operation by the hacktivist group Guacamaya – connect officials at the highest levels of the Mexican army to the purchase of Pegasus spyware. R3D found a 2019 acceptance letter that links the military to a company with the exclusive right to sell licenses for the NSO Group's Pegasus spyware in Mexico._ _NSO Group created Pegasus in 2011 and it has been linked to everything from the capture of the drug lord El Chapo to the murder of journalist Jamal Khashoggi. Pegasus' super power is its ability to infect smartphones without a user knowing - the phone becomes a spy in their pocket, capturing their location, their communications, and information on their friends._ _Among the new revelations are documents from the Mexican Secretariat of National Defense , or SEDENA, that discuss a previously unknown military intelligence agency in charge of the nation's surveillance programs. The leaked files show the agency, referred to as CMI or the Military Intelligence Center, spied on a human rights advocate named Raymundo Ramos who has been investigating a suspected extrajudicial killing by the Army that occurred in July 2020 in a border town called Nuevo Laredo._ _The interview has been edited for space and clarity. A fuller version of the story can be heard on the [Click Here](https://podcasts.apple.com/us/podcast/click-here/id1225077306) podcast._ **CLICK HERE: For people who don't know, can you explain the mission of R3D (The Digital Rights Defense Network)?** **LUIS FERNANDO GARCIA:** The Digital Rights Defense Network is a NGO that works on issues related to human rights and technology. Since the beginning we've been working to uncover and to investigate and pushback against the surveillance apparatus in Mexico. **CH: You started your latest investigation into government surveillance in collaboration with the University of Toronto's Citizen Lab in early 2022. What did the initial investigation [[published last October](https://ejercitoespia.r3d.mx/)] reveal?** **LG:** We started checking phones of human rights defenders, journalists, trying to see if we could find forensic evidence of Pegasus in Mexico. We started to document cases of people who were infected in 2019, 2020, and 2021, which means [it was deployed] during the current government, not the previous government. A week or maybe less from our publication date, something really important happened. The army's email system was hacked and an activist group called Guacamaya was offering access to those emails to media organizations and to human rights organizations. And this gave us like the missing key that we needed to actually point the finger at the army and say we found these Pegasus cases [and connected them to the military]. **CH: Can you talk about some of the specific things you discovered in the Guacamaya documents?** **LG:** We were able to find a kind of acceptance letter from the army, directed to the secretary, which is the head of the army - the General Secretary of National Defense in Mexico. And here it talks about a contract with Comercializadora Antsua]]> 2023-03-07T14:30:00+00:00 https://therecord.media/mexican-army-spyware www.secnews.physaphae.fr/article.php?IdArticle=8316340 False Hack None 5.0000000000000000 Wired Threat Level - Security News 2023-03-04T14:00:00+00:00 https://www.wired.com/story/lastpass-engineer-breach-security-roundup/ www.secnews.physaphae.fr/article.php?IdArticle=8315583 False Hack LastPass,LastPass 3.0000000000000000 The Register - Site journalistique Anglais 2023-03-03T11:33:13+00:00 https://go.theregister.com/feed/www.theregister.com/2023/03/03/solarwinds_supplychain_security/ www.secnews.physaphae.fr/article.php?IdArticle=8315256 False Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-03-02T14:33:21+00:00 https://www.bleepingcomputer.com/news/security/hatch-bank-discloses-data-breach-after-goanywhere-mft-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8315075 False Data Breach,Hack None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-03-02T12:09:33+00:00 https://blog.knowbe4.com/eye-opener-businessweek-the-satellite-hack-everyone-is-finally-talking-about www.secnews.physaphae.fr/article.php?IdArticle=8314975 False Hack None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC cybercriminals. To keep yourself safe, it is important to know what to look out for. You should watch for the commonly attempted ways that remote real estate buyers might be targeted and understand what you should do in the event of a breach. 2. Data breaches Buying real estate remotely involves a number of different tools, like online payment gateways and other web services. All of these tools can be vulnerable to data breaches, which means that hackers could gain access to your personal information stored on their servers. To protect yourself, research a service’s security standards before providing any sensitive information or look for an alternative if the security measures are inadequate. Always make sure you are observing best practices during and after an online purchase, which include doing things like updating your passwords as appropriate and monitoring your credit cards for any suspicious activity. By following these tips, you can help ensure that your online real estate transaction is secure. 3.  Phishing scams These are attempts to obtain your personal information by pretending to be a legitimate source and they are on the rise. Be sure to only provide your information on secure websites and look for signs of legitimacy, such as “https” in the web address or a padlock icon in the URL bar. Phishing scams that target real estate buyers might include emails, text messages, and voicemails asking you to provide your credit card details or other personal information to make a purchase. Make sure to always look for signs of legitimacy before providing any sensitive information. They might also include bogus emails from lawyers or other professionals with malicious links or attachments. Be sure to only open emails from verified sources and never click on suspicious links. 4. Malware threats Malicious software can be used to steal your personal information, such as banking credentials and passwords, or to install ransomware that locks you out from accessing your own files. To protect yourself from malware, make sure to install]]> 2023-03-02T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/8-common-cybersecurity-issues-when-purchasing-real-estate-online-and-how-to-handle-them www.secnews.physaphae.fr/article.php?IdArticle=8314947 False Ransomware,Malware,Hack None 2.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #09  |   February 28th, 2023 [Eye Opener] Should You Click on Unsubscribe? By Roger A. Grimes. Some common questions we get are "Should I click on an unwanted email's 'Unsubscribe' link? Will that lead to more or less unwanted email?" The short answer is that, in general, it is OK to click on a legitimate vendor's unsubscribe link. But if you think the email is sketchy or coming from a source you would not want to validate your email address as valid and active, or are unsure, do not take the chance, skip the unsubscribe action. In many countries, legitimate vendors are bound by law to offer (free) unsubscribe functionality and abide by a user's preferences. For example, in the U.S., the 2003 CAN-SPAM Act states that businesses must offer clear instructions on how the recipient can remove themselves from the involved mailing list and that request must be honored within 10 days. Note: Many countries have laws similar to the CAN-SPAM Act, although with privacy protection ranging the privacy spectrum from very little to a lot more protection. The unsubscribe feature does not have to be a URL link, but it does have to be an "internet-based way." The most popular alternative method besides a URL link is an email address to use. In some cases, there are specific instructions you have to follow, such as put "Unsubscribe" in the subject of the email. Other times you are expected to craft your own message. Luckily, most of the time simply sending any email to the listed unsubscribe email address is enough to remove your email address from the mailing list. [CONTINUED] at the KnowBe4 blog:https://blog.knowbe4.com/should-you-click-on-unsubscribe [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us TOMORROW, Wednesday, March 1, @ 2:00 PM (ET), for a live demo of how KnowBe4 introduces a new-school approac]]> 2023-02-28T14:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-09-eye-opener-should-you-click-on-unsubscribe www.secnews.physaphae.fr/article.php?IdArticle=8314155 False Malware,Hack,Tool,Vulnerability,Threat,Guideline,Prediction APT 38,ChatGPT 3.0000000000000000 SecurityWeek - Security News 2023-02-28T11:41:25+00:00 https://www.securityweek.com/vulnerability-in-popular-real-estate-theme-exploited-to-hack-wordpress-websites/ www.secnews.physaphae.fr/article.php?IdArticle=8314134 False Hack,Vulnerability None 3.0000000000000000 The Register - Site journalistique Anglais 2023-02-22T20:30:12+00:00 https://go.theregister.com/feed/www.theregister.com/2023/02/22/chatgpt_pwn2own_ai/ www.secnews.physaphae.fr/article.php?IdArticle=8312578 False Hack,Industrial ChatGPT 3.0000000000000000 SecurityWeek - Security News 2023-02-22T13:30:01+00:00 https://www.securityweek.com/r1soft-server-backup-manager-vulnerability-exploited-to-deploy-backdoor/ www.secnews.physaphae.fr/article.php?IdArticle=8312483 False Hack,Vulnerability None 3.0000000000000000 Recorded Future - FLux Recorded Future Fake air raid and missile strike warnings blared from Russian radio stations. Officials blamed the incident on a hack of satellite tech]]> 2023-02-22T13:22:19+00:00 https://therecord.media/russia-radio-hackers-fake-air-raid-missile-strike-warnings/ www.secnews.physaphae.fr/article.php?IdArticle=8312484 False Hack None 3.0000000000000000 knowbe4 - cybersecurity services CyberheistNews Vol 13 #08  |   February 21st, 2023 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach There is a lot to learn from Reddit's recent data breach, which was the result of an employee falling for a "sophisticated and highly-targeted" spear phishing attack. I spend a lot of time talking about phishing attacks and the specifics that closely surround that pivotal action taken by the user once they are duped into believing the phishing email was legitimate. However, there are additional details about the attack we can analyze to see what kind of access the attacker was able to garner from this attack. But first, here are the basics: According to Reddit, an attacker set up a website that impersonated the company's intranet gateway, then sent targeted phishing emails to Reddit employees. The site was designed to steal credentials and two-factor authentication tokens. There are only a few details from the breach, but the notification does mention that the threat actor was able to access "some internal docs, code, as well as some internal dashboards and business systems." Since the notice does imply that only a single employee fell victim, we have to make a few assumptions about this attack: The attacker had some knowledge of Reddit's internal workings – The fact that the attacker can spoof an intranet gateway shows they had some familiarity with the gateway's look and feel, and its use by Reddit employees. The targeting of victims was limited to users with specific desired access – Given the knowledge about the intranet, it's reasonable to believe that the attacker(s) targeted users with specific roles within Reddit. From the use of the term "code," I'm going to assume the target was developers or someone on the product side of Reddit. The attacker may have been an initial access broker – Despite the access gained that Reddit is making out to be not a big deal, they do also mention that no production systems were accessed. This makes me believe that this attack may have been focused on gaining a foothold within Reddit versus penetrating more sensitive systems and data. There are also a few takeaways from this attack that you can learn from: 2FA is an important security measure – Despite the fact that the threat actor collected and (I'm guessing) passed the credentials and 2FA details onto the legitimate Intranet gateway-a classic man-in-the ]]> 2023-02-21T14:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-08-heads-up-reddit-is-the-latest-victim-of-a-spear-phishing-attack-resulting-in-a-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8312171 False Data Breach,Hack,Threat,Guideline ChatGPT 2.0000000000000000 Recorded Future - FLux Recorded Future Virgin Media Television, the Irish broadcaster, said on Monday that an attempted hack was going to impact its programming in coming days. The nature of the attack has not been specified, although a spokesperson told The Record it was not a ransomware attack. In a statement the company described identifying “an unauthorized attempt to access […]]> 2023-02-21T13:16:28+00:00 https://therecord.media/virgin-media-television-ireland-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8312175 False Ransomware,Hack None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-02-20T18:09:25+00:00 https://informationsecuritybuzz.com/railyatri-users-indian-ticketing-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8311943 False Data Breach,Hack None 2.0000000000000000 SecurityWeek - Security News 2023-02-20T15:17:21+00:00 https://www.securityweek.com/coinbase-attack-linked-to-group-behind-last-years-twilio-cloudflare-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8311917 False Hack None 2.0000000000000000 BBC - BBC News - Technology 2023-02-20T13:42:17+00:00 https://www.bbc.co.uk/news/technology-64705984?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=8311884 False Hack None 2.0000000000000000 SecurityWeek - Security News GoDaddy recently discovered a hacker attack where a sophisticated threat group infected websites and servers with malware. ]]> 2023-02-20T10:09:07+00:00 https://www.securityweek.com/godaddy-says-recent-hack-part-of-multi-year-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8311849 False Hack,Threat None 1.00000000000000000000 Contagio - Site d infos ransomware 2023-02-18Ember Bear (aka UAC-0056,Saint Bear, UNC2589, Lorec53, TA471, Nodaria, Nascent Ursa, LorecBear, Bleeding Bear, and DEV-0586) is an Advanced Persistent Threat (APT) group believed to be based in Russia. Their primary targets have been diplomatic and government entities in Europe, particularly Ukraine, and the United States. They have also targeted various industries, including defense, energy, and technology.Download the full collectionEmail me if you need the password (see in my profile) (209 MB. 218 samples listed in the hash tables below).The malware arsenal collected here includes:Elephant framework (GrimPlant (Backdoor) and GraphSteel (Stealer).)Graphiron BackdoorOutSteel (LorecDocStealer)BabaDedaCobalt Strike (Beacon)SaintBot DownloaderWhisperGate WiperAPT Group DescriptionAPT Group aliases:UAC-0056 (UA CERT)Ember Bear (Crowdstrike)Saint Bear (F-Secure)UNC2589 (Fireeye, IBM)Lorec53 (NSFOCUS)TA471 (Proofpoint)Nodaria (Symantec)Nascent Ursa (Palo Alto)LorecBearBleeding Bear (Elastic)DEV-0586 (MIcrosoft)The group is a suspected Russian state-sponsored cyber espionage group that has been active since at least March 2021.The group primarily targets Ukraine and Georgia, but has also targeted Western European and North American foreign ministries, pharmaceutical companies, and financial sector organizations.The group is known for using various malicious implants such as GrimPlant, GraphSteel, and CobaltStrike Beacon, as well as spear phishing attacks with macro-embedded Excel documents.In January 2022, the group performed a destructive wiper attack on multiple Ukrainian government computers and websites, known as WhisperGate.The Lorec53 group is a new type of APT group fi]]> 2023-02-18T03:02:00+00:00 https://contagiodump.blogspot.com/2023/02/malware-arsenal-used-by-ember-bear-aka.html www.secnews.physaphae.fr/article.php?IdArticle=8311492 False Ransomware,Malware,Hack,Tool,Vulnerability,Threat,Medical None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-02-17T12:19:21+00:00 https://www.bleepingcomputer.com/news/security/norwegian-police-recover-58m-crypto-from-massive-axie-infinity-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8311304 False Hack APT 38 2.0000000000000000 The Register - Site journalistique Anglais 2023-02-17T05:15:06+00:00 https://go.theregister.com/feed/www.theregister.com/2023/02/17/norwegian_authorities_found_59_million/ www.secnews.physaphae.fr/article.php?IdArticle=8311157 False Hack,Medical APT 38 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-02-16T16:40:07+00:00 https://informationsecuritybuzz.com/scandinavian-airlines-hacker-anonymous-sudan/ www.secnews.physaphae.fr/article.php?IdArticle=8310876 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-02-16T12:41:16+00:00 https://www.bleepingcomputer.com/news/security/atlassian-says-recent-data-leak-stems-from-third-party-vendor-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8310913 False Hack None 3.0000000000000000 The State of Security - Magazine Américain 2023-02-16T08:08:13+00:00 https://www.tripwire.com/state-of-security/cybercriminal-convicted-90-million-sec-earning-reports-hack www.secnews.physaphae.fr/article.php?IdArticle=8310845 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-02-15T13:11:25+00:00 https://www.bleepingcomputer.com/news/security/hyundai-kia-patch-bug-allowing-car-thefts-with-a-usb-cable/ www.secnews.physaphae.fr/article.php?IdArticle=8310584 False Hack None 4.0000000000000000 The Register - Site journalistique Anglais 2023-02-15T07:29:10+00:00 https://go.theregister.com/feed/www.theregister.com/2023/02/15/hyundai_kia_software_upgrades/ www.secnews.physaphae.fr/article.php?IdArticle=8310409 False Hack,Guideline None 2.0000000000000000 Recorded Future - FLux Recorded Future Cryptocurrency exchanges Binance and Huobi froze accounts that contained $1.4 million worth of assets stolen from blockchain company Harmony last June. The platforms were notified about the funds by blockchain research company Elliptic, which managed to trace it through sanctioned cryptocurrency mixer Tornado Cash.  U.S. authorities said Tornado Cash was frequently used by hackers connected […]]> 2023-02-14T20:11:49+00:00 https://therecord.media/binance-huobi-freeze-some-cryptocurrency-stolen-in-100-million-harmony-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8310191 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-02-13T14:18:37+00:00 https://www.bleepingcomputer.com/news/security/apple-fixes-new-webkit-zero-day-exploited-to-hack-iphones-macs/ www.secnews.physaphae.fr/article.php?IdArticle=8309751 False Hack,Vulnerability None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-02-13T10:06:02+00:00 https://informationsecuritybuzz.com/namecheap-hack-email-metamask-dhl/ www.secnews.physaphae.fr/article.php?IdArticle=8309389 False Hack None 2.0000000000000000 Darknet - The Darkside - Site de news Américain 2023-02-12T14:34:42+00:00 https://www.darknet.org.uk/2023/02/pwnagotchi-maximize-crackable-wpa-key-material-for-bettercap/ www.secnews.physaphae.fr/article.php?IdArticle=8309205 False Hack None 3.0000000000000000 Dark Reading - Informationweek Branch 2023-02-10T21:36:00+00:00 https://www.darkreading.com/risk/reddit-hack-shows-limits-mfa-strengths-security-training www.secnews.physaphae.fr/article.php?IdArticle=8309382 False Hack None 3.0000000000000000 TechRepublic - Security News US The How to Hack from Beginner to Ethical Hacking Certification will teach you how to protect your systems and earn the trust of top clients. ]]> 2023-02-10T18:36:31+00:00 https://www.techrepublic.com/article/how-to-hack-beginner-ethical-hacking-certification-bundle/ www.secnews.physaphae.fr/article.php?IdArticle=8309409 False Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-02-10T12:37:34+00:00 https://informationsecuritybuzz.com/canadian-bookstore-indigo-website-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8308865 False Hack None 3.0000000000000000 SecurityWeek - Security News 2023-02-10T11:37:22+00:00 https://www.securityweek.com/documents-code-business-systems-accessed-in-reddit-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8308850 False Hack None 3.0000000000000000 SecurityWeek - Security News Australian authorities sentence Sydney man for using leaked data stolen from wireless carrier Optus to conduct SMS scams. ]]> 2023-02-08T15:00:27+00:00 https://www.securityweek.com/australian-man-sentenced-for-scam-related-to-optus-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8308316 False Hack None 3.0000000000000000 SecurityWeek - Security News The Siemens Automation License Manager is affected by two serious vulnerabilities that could be chained to hack industrial control systems (ICS). ]]> 2023-02-08T13:18:38+00:00 https://www.securityweek.com/siemens-license-manager-vulnerabilities-allow-ics-hacking/ www.secnews.physaphae.fr/article.php?IdArticle=8308262 False Hack,Industrial None 2.0000000000000000 The Register - Site journalistique Anglais 2023-02-08T06:30:14+00:00 https://go.theregister.com/feed/www.theregister.com/2023/02/08/vastaamo_hack_arrest_finland/ www.secnews.physaphae.fr/article.php?IdArticle=8308158 False Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-02-06T17:39:00+00:00 https://thehackernews.com/2023/02/microsoft-iranian-nation-state-group.html www.secnews.physaphae.fr/article.php?IdArticle=8307525 False Hack None 2.0000000000000000 Global Security Mag - Site de news francais Événements]]> 2023-02-06T17:27:00+00:00 https://www.globalsecuritymag.fr/12-au-13-mai-Hack-Day-Edition-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8307592 False Hack None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC a biometrics researcher helped investigators hack into a murder victim’s phone with only a photo of the man’s fingerprint. While security systems are getting more advanced all the time, current technology also allows cybercriminals to run wild with a single piece of biometric data, accessing everything from laptop logins to bank accounts. By its very nature, biometric authentication requires third parties to store biometric data. What happens if the information is exposed? In addition to potential hacking, breaching people’s personal data might reveal something they’d rather keep private. Vein patterns could reveal that a person has a vascular disorder, raising their insurance premiums. Fingerprints could expose a chromosomal disease. True, people give this same information to their doctors, and a medical data breach could have the same repercussions. But handing off biometric data to a commercial company — which isn’t bound by HIPAA or sworn to do no harm — is a much grayer area. Another issue that occasionally plagues biometric authentication is injuries and natural bodily changes. A single paper cut can derail a fingerprint scanner, and an aging eye throws iris scanners for a loop. People will have to update their photos every few years to remind the system what they look like. Some facial recognition programs can even predict how long a person will live. Insurance companies have expressed interest in getting hold of this data, since the way a person ages says a lot about their health. If stolen biometric data fed into an algorithm predicts a person won’t make it past 50, will their employer pass them up for a promotion? In the event of an accident, your family won’t easily be able to access your accounts if you use biometric authentication, since it’s not as simple as writing down a list of passwords. Maybe that’s a good thing — but maybe not. Another ethical dilemma with biometric data use is identifying people without their consent. Most people are used to being on camera at the grocery store, but if that same camera snaps a photo without permission and stores it for later retrieval, they probably won’t be too happy. Some people point out that you have no right to privacy in a public space, and that’s true — to an extent. But where do you draw the line between publicity and paparazzi? Is it OK to snap a stranger’s photo while you’re talking to them, or is that considered rude and intrusive? The benefits of biometric data Of course, no one would be handing off a photo of their face if the]]> 2023-02-06T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-ethics-of-biometric-data-use-in-security www.secnews.physaphae.fr/article.php?IdArticle=8307491 False Data Breach,Hack,Prediction,Medical None 2.0000000000000000 The Register - Site journalistique Anglais 2023-02-05T12:00:11+00:00 https://go.theregister.com/feed/www.theregister.com/2023/02/05/supply_chain_security_efforts/ www.secnews.physaphae.fr/article.php?IdArticle=8307316 False Hack,Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-02-02T10:02:17+00:00 https://informationsecuritybuzz.com/city-of-london-traders-hit-russia-linked-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8306502 False Ransomware,Hack None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2023-02-01T17:00:00+00:00 https://www.infosecurity-magazine.com/news/google-fi-confirms-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8306293 False Hack None 2.0000000000000000 knowbe4 - cybersecurity services ]]> 2023-02-01T14:24:06+00:00 https://blog.knowbe4.com/ai-chatgpt-cybersecurity-a-match-or-a-hack-waiting-to-happen www.secnews.physaphae.fr/article.php?IdArticle=8306238 False Hack ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-02-01T11:00:00+00:00 https://thehackernews.com/2023/02/hackers-abused-microsofts-verified.html www.secnews.physaphae.fr/article.php?IdArticle=8306075 False Hack None 2.0000000000000000 Global Security Mag - Site de news francais Points de Vue]]> 2023-02-01T09:13:44+00:00 https://www.globalsecuritymag.fr/Kevin-Bocek-Venafi-commente-la-revocation-des-certificats-de-signature-de-code.html www.secnews.physaphae.fr/article.php?IdArticle=8306146 False Hack None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-01-30T15:00:00+00:00 https://thehackernews.com/2023/01/realtek-vulnerability-under-attack-134.html www.secnews.physaphae.fr/article.php?IdArticle=8305474 False Hack,Vulnerability None 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-30T13:27:03+00:00 https://www.bleepingcomputer.com/news/security/github-revokes-code-signing-certificates-stolen-in-repo-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8305600 False Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-30T12:34:09+00:00 https://informationsecuritybuzz.com/jd-sports-data-breach-following-cyberattack/ www.secnews.physaphae.fr/article.php?IdArticle=8305523 False Data Breach,Hack None 2.0000000000000000 Recorded Future - FLux Recorded Future Researchers are split on whether someone could hack into the New York Times' massively popular game Wordle and change the daily word users are forced to figure out. In a blog post last month, Noname Security's David Thomason said the the entire list of daily Wordles for the next few months could be discovered by […]]> 2023-01-28T11:28:51+00:00 https://therecord.media/could-hackers-change-the-daily-wordle-researchers-are-torn/ www.secnews.physaphae.fr/article.php?IdArticle=8305132 False Hack None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-27T18:42:03+00:00 https://informationsecuritybuzz.com/bitwarden-password-vaults-subject-google-ads-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8304888 True Hack None 3.0000000000000000 Dark Reading - Informationweek Branch 2023-01-27T15:49:00+00:00 https://www.darkreading.com/attacks-breaches/noob-hackers-become-persistent-threats www.secnews.physaphae.fr/article.php?IdArticle=8304851 False Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-26T16:40:34+00:00 https://www.bleepingcomputer.com/news/security/bitwarden-password-vaults-targeted-in-google-ads-phishing-attack/ www.secnews.physaphae.fr/article.php?IdArticle=8304373 False Hack None 3.0000000000000000 01net. Actualites - Securite - Magazine Francais Le FBI vient de confirmer l'identité des pirates derrière le hack de la blockchain Harmony. En coopérant avec des plates-formes comme Binance, les autorités sont remontées jusqu'à un groupe de pirates passé maître dans le vol de cryptomonnaies…]]> 2023-01-26T09:30:21+00:00 https://www.01net.com/actualites/crypto-fbi-demasque-coupable-plus-grands-hacks-2022.html www.secnews.physaphae.fr/article.php?IdArticle=8304150 False Hack None 2.0000000000000000 Dark Reading - Informationweek Branch 2023-01-25T21:43:00+00:00 https://www.darkreading.com/application-security/zacks-investment-research-hack-exposes-820k-customers-data www.secnews.physaphae.fr/article.php?IdArticle=8304056 False Hack None 1.00000000000000000000 Bleeping Computer - Magazine Américain 2023-01-25T14:34:52+00:00 https://www.bleepingcomputer.com/news/security/hackers-auction-alleged-source-code-for-league-of-legends/ www.secnews.physaphae.fr/article.php?IdArticle=8304037 False Hack,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Hotel giant Hilton denied that it has been hacked after cybercriminals claimed to have breached the company's systems and stolen data related to 3.7 million customers. On Monday, hackers said they stole a database from 2017 consisting of information from customers enrolled in the Hilton Hotel Honors program. The information in the database includes names, […]]> 2023-01-25T13:54:59+00:00 https://therecord.media/hilton-denies-hack-after-data-from-3-7-million-honors-customer-offered-for-sale/ www.secnews.physaphae.fr/article.php?IdArticle=8303960 False Hack None 4.0000000000000000 SecurityWeek - Security News Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That's why it's so critical to break the password dependency cycle. But how can this be done? ]]> 2023-01-25T12:00:00+00:00 https://www.securityweek.com/password-dependency-how-to-break-the-cycle/ www.secnews.physaphae.fr/article.php?IdArticle=8303950 False Hack None 1.00000000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2023-01-25T10:00:00+00:00 https://www.infosecurity-magazine.com/news/new-cheats-emerge-riot-games-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8303910 False Ransomware,Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2023-01-24T17:28:00+00:00 https://thehackernews.com/2023/01/fbi-says-north-korean-hackers-behind.html www.secnews.physaphae.fr/article.php?IdArticle=8303677 False Hack,Threat,Medical APT 38 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2023-01-24T17:00:00+00:00 https://www.infosecurity-magazine.com/news/fbi-lazarus-group-behind-harmony/ www.secnews.physaphae.fr/article.php?IdArticle=8303745 False Hack APT 38 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-24T11:40:14+00:00 https://informationsecuritybuzz.com/how-to-safeguard-your-business-from-cybersecurity-stress-and-prevent-it-burnout/ www.secnews.physaphae.fr/article.php?IdArticle=8303668 False Data Breach,Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-24T09:49:59+00:00 https://www.bleepingcomputer.com/news/security/fbi-north-korean-hackers-stole-100-million-in-harmony-crypto-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8303700 False Hack,Medical APT 38 2.0000000000000000 Recorded Future - FLux Recorded Future A Republican congressman on the House Committee on Homeland Security is seeking answers about last week’s hack of regional airline CommuteAir, which led to the exposure of a copy of the federal no-fly list from 2019.  Alarm has grown since the researcher behind the hack, a Swiss national who goes by maia arson crimew, published […]]> 2023-01-24T02:19:28+00:00 https://therecord.media/congressman-coming-for-answers-after-no-fly-list-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8303591 False Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-23T10:02:40+00:00 https://informationsecuritybuzz.com/fanduel-cautions-users-data-breach-vendor-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8303353 False Data Breach,Hack None 1.00000000000000000000 Bleeping Computer - Magazine Américain 2023-01-22T13:56:45+00:00 https://www.bleepingcomputer.com/news/security/fanduels-warns-of-data-breach-after-customer-info-stolen-in-vendor-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8303299 True Data Breach,Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-22T13:56:45+00:00 https://www.bleepingcomputer.com/news/security/fanduel-discloses-data-breach-caused-by-recent-mailchimp-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8303262 False Data Breach,Hack None 2.0000000000000000 Recorded Future - FLux Recorded Future Samsung is investigating a potential cyberattack and data breach on an internal employee platform and several systems in South Korea.  On Tuesday, a group of hackers going by the name “Genesis Day” claimed it attacked Samsung's offices in South Korea because of the country's recent opening of a mission to the North Atlantic Treaty Organization […]]> 2023-01-20T18:28:54+00:00 https://therecord.media/samsung-investigating-claims-of-hack-on-south-korea-systems-internal-employee-platform/ www.secnews.physaphae.fr/article.php?IdArticle=8302892 False Data Breach,Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-20T15:06:08+00:00 https://informationsecuritybuzz.com/37-milliontmobile-api-data-customers-stolen-in-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8302850 False Hack None 1.00000000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2023-01-19T16:00:00+00:00 https://www.infosecurity-magazine.com/news/mailchimp-hit-another-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8302578 False Data Breach,Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-19T12:55:02+00:00 https://www.bleepingcomputer.com/news/security/roaming-mantis-android-malware-adds-dns-changer-to-hack-wifi-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8302609 False Malware,Hack None 2.0000000000000000 The Register - Site journalistique Anglais 2023-01-19T02:30:14+00:00 https://go.theregister.com/feed/www.theregister.com/2023/01/19/ftx_crypto_theft/ www.secnews.physaphae.fr/article.php?IdArticle=8302431 False Hack None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-18T16:10:16+00:00 https://informationsecuritybuzz.com/1000-ships-affected-by-ransomware-attack-on-dnv-software/ www.secnews.physaphae.fr/article.php?IdArticle=8302292 False Ransomware,Hack None 2.0000000000000000 Global Security Mag - Site de news francais Product Reviews]]> 2023-01-18T13:19:15+00:00 https://www.globalsecuritymag.fr/CREST-and-Hack-The-Box-launch-CREST-certification-aligned-penetration-testing.html www.secnews.physaphae.fr/article.php?IdArticle=8302256 False Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2023-01-17T05:31:58+00:00 https://informationsecuritybuzz.com/datadog-changes-rpm-signing-key-exposed-circleci-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8301718 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-16T14:08:19+00:00 https://www.bleepingcomputer.com/news/security/datadog-rotates-rpm-signing-key-exposed-in-circleci-hack/ www.secnews.physaphae.fr/article.php?IdArticle=8301645 False Hack None 2.0000000000000000 SecurityWeek - Security News 2023-01-16T13:18:41+00:00 https://www.securityweek.com/hack-pentagon-30-bug-bounty-program-focus-facility-control-systems www.secnews.physaphae.fr/article.php?IdArticle=8301501 False Hack None 3.0000000000000000 Bleeping Computer - Magazine Américain 2023-01-14T17:28:34+00:00 https://www.bleepingcomputer.com/news/security/circlecis-hack-caused-by-malware-stealing-engineers-2fa-backed-session/ www.secnews.physaphae.fr/article.php?IdArticle=8301181 False Malware,Hack None 4.0000000000000000 SecurityWeek - Security News 2023-01-13T11:21:01+00:00 https://www.securityweek.com/fortinet-says-recently-patched-vulnerability-exploited-hack-governments www.secnews.physaphae.fr/article.php?IdArticle=8300853 False Hack,Vulnerability None 3.0000000000000000 Dark Reading - Informationweek Branch 2023-01-12T14:42:00+00:00 https://www.darkreading.com/operations/hack-the-box-secures-55-million-in-series-b-funding-led-by-carlyle www.secnews.physaphae.fr/article.php?IdArticle=8300557 True Hack None 2.0000000000000000 SecurityWeek - Security News 2023-01-12T11:16:48+00:00 https://www.securityweek.com/recently-disclosed-vulnerability-exploited-hack-hundreds-sugarcrm-servers www.secnews.physaphae.fr/article.php?IdArticle=8300531 False Hack,Vulnerability None 2.0000000000000000 Global Security Mag - Site de news francais Business News]]> 2023-01-11T13:45:01+00:00 https://www.globalsecuritymag.fr/EfficientIP-Launches-Free-Tool-to-Detect-Enterprises-Risk-of-Data-Exfiltration.html www.secnews.physaphae.fr/article.php?IdArticle=8300008 False Hack,Tool None 2.0000000000000000 Global Security Mag - Site de news francais Business News]]> 2023-01-11T13:36:09+00:00 https://www.globalsecuritymag.fr/Hack-The-Box-announces-a-Series-B-investment-round-of-55-million-led-by-Carlyle.html www.secnews.physaphae.fr/article.php?IdArticle=8300010 False Hack None 1.00000000000000000000 Dark Reading - Informationweek Branch 2023-01-10T14:00:00+00:00 https://www.darkreading.com/iot/black-hat-flashback-deadly-consequences-weak-medical-device-security www.secnews.physaphae.fr/article.php?IdArticle=8299524 False Hack,Medical None 1.00000000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Learning meets fun at the 2022 SANS Holiday Hack Challenge – strap yourself in for a crackerjack ride at the North Pole as I foil Grinchum's foul plan and recover the five golden rings ]]> 2023-01-09T14:00:41+00:00 https://www.welivesecurity.com/2023/01/09/cracked-it-highlights-kringlecon-5-golden-rings/ www.secnews.physaphae.fr/article.php?IdArticle=8299378 False Hack None 2.0000000000000000 CSO - CSO Daily Dashboard BBC reported, with Vice Society hackers using generic search terms to steal documents. “One folder marked 'passports' contains passport scans for pupils and parents on school trips going back to 2011, whereas another marked 'contract' contains contractual offers made to staff alongside teaching documents on muscle contractions. Another folder marked 'confidential' contains documents on the headmaster's pay and student bursary fund recipients,” the BBC wrote. The hack at Pates is estimated to have taken place on September 28 before data was published on the dark web. The UK Information Commissioner's Office (ICO) and Gloucestershire Police confirmed they were investigating the alleged breaches in 2022.To read this article in full, please click here]]> 2023-01-06T06:51:00+00:00 https://www.csoonline.com/article/3684851/14-uk-schools-suffer-cyberattack-highly-confidential-documents-leaked.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8298546 False Ransomware,Hack None 2.0000000000000000 BBC - BBC News - Technology 2023-01-05T17:14:37+00:00 https://www.bbc.co.uk/news/technology-64153381?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=8298242 False Hack None 2.0000000000000000 SC Magazine - Magazine 2023-01-05T11:35:01+00:00 https://www.scmagazine.com/podcast-segment/roblox-prison-3ds-rce-puckungfu-google-home-wiretaps-lastpass-hack-psw-768 www.secnews.physaphae.fr/article.php?IdArticle=8298234 False Hack LastPass 1.00000000000000000000 SC Magazine - Magazine 2023-01-03T19:39:05+00:00 https://www.scmagazine.com/analysis/ransomware/scripps-health-avalon-healthcare-reach-settlements-after-data-breaches www.secnews.physaphae.fr/article.php?IdArticle=8297624 False Hack None 2.0000000000000000 Hacking Articles - Blog de Raj Chandel 2022-12-31T16:15:04+00:00 https://www.hackingarticles.in/antique-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=8296747 True Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2022-12-30T10:33:59+00:00 https://informationsecuritybuzz.com/3commas-confirms-report-massive-key-leaked/ www.secnews.physaphae.fr/article.php?IdArticle=8295980 False Hack None 3.0000000000000000 Hacking Articles - Blog de Raj Chandel 2022-12-28T17:38:35+00:00 https://www.hackingarticles.in/nunchucks-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=8295590 True Hack None 2.0000000000000000 Hacking Articles - Blog de Raj Chandel 2022-12-26T09:59:57+00:00 https://www.hackingarticles.in/late-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=8295053 True Hack None 1.00000000000000000000 Hacking Articles - Blog de Raj Chandel 2022-12-24T15:17:54+00:00 https://www.hackingarticles.in/backdoor-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=8294512 True Hack None 2.0000000000000000 The Register - Site journalistique Anglais 2022-12-23T00:27:51+00:00 https://go.theregister.com/feed/www.theregister.com/2022/12/23/okta_code_copy_hack/ www.secnews.physaphae.fr/article.php?IdArticle=8294049 False Hack None 2.0000000000000000 Bleeping Computer - Magazine Américain 2022-12-21T13:29:02+00:00 https://www.bleepingcomputer.com/news/security/russians-hacked-jfk-airport-s-taxi-dispatch-system-for-profit/ www.secnews.physaphae.fr/article.php?IdArticle=8293436 False Hack None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2022-12-21T11:41:48+00:00 https://informationsecuritybuzz.com/malicious-pypi-package-posing-sentinelone-sdk-hack-trend/ www.secnews.physaphae.fr/article.php?IdArticle=8293358 False Hack,Studies,Prediction None 1.00000000000000000000 Hacking Articles - Blog de Raj Chandel 2022-12-19T16:36:47+00:00 https://www.hackingarticles.in/paper-hackthebox-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=8292983 False Hack None 2.0000000000000000