www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T18:23:09+00:00 www.secnews.physaphae.fr The Register - Site journalistique Anglais Grubhub serves up security incident with a side of needing to change your password Contact info and partial payment details may be compromised US food and grocery delivery platform Grubhub says a security incident at a third-party service provider is to blame after user data was compromised.…]]> 2025-02-04T15:30:08+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/04/grubhub_data_incident/ www.secnews.physaphae.fr/article.php?IdArticle=8646841 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain Crypto-stealing apps found in Apple App Store for the first time A new campaign dubbed \'SparkCat\' has been uncovered, targeting the cryptocurrency wallet recovery phrases of Android and iOS users using optical character recognition (OCR) stealers. [...]]]> 2025-02-04T15:16:19+00:00 https://www.bleepingcomputer.com/news/mobile/crypto-stealing-apps-found-in-apple-app-store-for-the-first-time/ www.secnews.physaphae.fr/article.php?IdArticle=8647050 False Mobile None 4.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé How to block a number on a landline 2025-02-04T15:09:54+00:00 https://blog.incogni.com/how-to-block-a-number-on-a-landline/ www.secnews.physaphae.fr/article.php?IdArticle=8646850 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks Taiwan has become the latest country to ban government agencies from using Chinese startup DeepSeek\'s Artificial Intelligence (AI) platform, citing security risks. "Government agencies and critical infrastructure should not use DeepSeek, because it endangers national information security," according to a statement released by Taiwan\'s Ministry of Digital Affairs, per Radio Free Asia. "DeepSeek]]> 2025-02-04T15:02:00+00:00 https://thehackernews.com/2025/02/taiwan-bans-deepseek-ai-over-national.html www.secnews.physaphae.fr/article.php?IdArticle=8646762 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Managing Software Risk in a World of Exploding Vulnerabilities Organizations and development teams need to evolve from "being prepared" to "managing the risk" of security breaches.]]> 2025-02-04T15:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/managing-software-risk-world-exploding-vulnerabilities www.secnews.physaphae.fr/article.php?IdArticle=8646838 False Vulnerability None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine DaggerFly-Linked Linux Malware Targets Network Appliances DaggerFly\'s Lunar Peek campaign is using a new malware strain, identified by FortiGuard Labs, to compromise Linux networks]]> 2025-02-04T14:30:00+00:00 https://www.infosecurity-magazine.com/news/daggerfly-linux-malware-network/ www.secnews.physaphae.fr/article.php?IdArticle=8646831 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AMD SEV-SNP Vulnerability Allows Malicious Microcode Injection with Admin Access A security vulnerability has been disclosed in AMD\'s Secure Encrypted Virtualization (SEV) that could permit an attacker to load a malicious CPU microcode under specific conditions. The flaw, tracked as CVE-2024-56161, carries a CVSS score of 7.2 out of 10.0, indicating high severity. "Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local]]> 2025-02-04T14:28:00+00:00 https://thehackernews.com/2025/02/amd-sev-snp-vulnerability-allows.html www.secnews.physaphae.fr/article.php?IdArticle=8646763 False Vulnerability None 3.0000000000000000 ProofPoint - Cyber Firms VidSpam: A New Threat Emerges as Bitcoin Scams Evolve from Images to Video 2025-02-04T14:19:22+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/vidspam-new-threat-emerges-bitcoin-scams-evolve-images-video www.secnews.physaphae.fr/article.php?IdArticle=8646760 False Spam,Tool,Threat,Mobile,Prediction None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA A sophisticated phishing campaign targeting Microsoft ADFS has been observed, affecting more than 150 organizations]]> 2025-02-04T14:00:00+00:00 https://www.infosecurity-magazine.com/news/phishing-attack-bypasses-microsoft/ www.secnews.physaphae.fr/article.php?IdArticle=8646817 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Threefold Increase in Malware Targeting Credential Stores Picus Security reports infostealer surge after revealing credentials appear in 29% of malware]]> 2025-02-04T14:00:00+00:00 https://www.infosecurity-magazine.com/news/threefold-increase-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8646818 False Malware None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Analyzing ELF/Sshdinjector.A!tr with a Human and Artificial Analyst FortiGuard Labs reverse engineers a malware\'s binaries to look into what the malware is actually doing.]]> 2025-02-04T14:00:00+00:00 https://www.fortinet.com/blog/threat-research/analyzing-elf-sshdinjector-with-a-human-and-artificial-analyst www.secnews.physaphae.fr/article.php?IdArticle=8646849 False Malware None 3.0000000000000000 RedCanary - Red Canary CopyObjection: Fending off ransomware in AWS Why automated response is a necessity to thwart ransomware attacks in Amazon Web Service cloud environments]]> 2025-02-04T13:43:05+00:00 https://redcanary.com/blog/incident-response/aws-ransomware/ www.secnews.physaphae.fr/article.php?IdArticle=8646827 False Ransomware,Cloud None 3.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Roeland Nusselder: AI will eat all our energy, unless we make it tiny | Starmus highlights Left unchecked, AI\'s energy and carbon footprint could become a significant concern. Can our AI systems be far less energy-hungry without sacrificing performance?]]> 2025-02-04T13:39:31+00:00 https://www.welivesecurity.com/en/we-live-science/roeland-nusselder-ai-will-eat-all-our-energy-unless-we-make-it-tiny-starmus-highlights/ www.secnews.physaphae.fr/article.php?IdArticle=8648703 False None None 2.0000000000000000 Global Security Mag - Site de news francais Armis : Cyberattacken zielen auf DeepSeek Kommentare / affiche

In einer Zeit, in der künstliche Intelligenz die Innovation in allen Branchen vorantreibt, hat das Auftauchen von DeepSeek die Tech-Welt im Sturm erobert - und nebenbei das globale Finanzsystem erschüttert. Indem DeepSeek den US-Aktienmarkt um fast eine Billion US-Dollar auslöschte, hat es sowohl das erstaunliche Potenzial als auch die disruptiven Folgen modernster KI-Modelle aufgezeigt. Mit seiner Open-Source-Verfügbarkeit, seiner einfachen Feinabstimmung und seinen hochmodernen Techniken, die mit bekannten Giganten wie ChatGPT und Anthropic konkurrieren, repräsentiert DeepSeek eine neue Art von hoch zugänglicher und leistungsstarker KI. - Kommentare / affiche]]> 2025-02-04T13:26:39+00:00 https://www.globalsecuritymag.fr/armis-cyberattacken-zielen-auf-deepseek.html www.secnews.physaphae.fr/article.php?IdArticle=8646819 False None ChatGPT 2.0000000000000000 TroyHunt - Blog Security 22-year-old math wiz indicted for alleged DeFI hack that stole $65M 22-year-old Andean Medjedovic of Canada could spend decades in prison if convicted.]]> 2025-02-04T13:25:11+00:00 https://arstechnica.com/information-technology/2025/02/man-indicted-for-two-alleged-defi-hacks-that-stole-65-million/ www.secnews.physaphae.fr/article.php?IdArticle=8646828 False Hack,Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain Cyber agencies share security guidance for network edge devices Five Eyes cybersecurity agencies in the UK, Australia, Canada, New Zealand, and the U.S. have issued guidance urging makers of network edge devices and appliances to improve forensic visibility to help defenders detect attacks and investigate breaches. [...]]]> 2025-02-04T13:24:20+00:00 https://www.bleepingcomputer.com/news/security/cyber-agencies-share-security-guidance-for-network-edge-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8646875 False None None 3.0000000000000000 Global Security Mag - Site de news francais Web Security im Wandel der Zeit Kommentare / affiche

Wegen der zunehmenden Umstellung von Unternehmen auf Web-Arbeitsumgebungen, SaaS-Plattformen, Cloud-basierte Anwendungen, Remote-Arbeit und BYOD-Richtlinien konzentrieren sich Hacker verstärkt auf Browser und nutzen Schwachstellen schneller als je zuvor aus. Der Anstieg von KI-gestützten Angriffen, Ransomware-as-a-Service (RaaS) und Zero-Day-Schwachstellen, die sich auf das Web fokussieren macht deutlich, dass ein neuer Ansatz für die Browser-Sicherheit erforderlich ist. Traditionelle Endpunkt-, SaaS- oder E-Mail-Sicherheitslösungen sind nicht mehr ausreichend. Als Reaktion darauf wurden fortschrittliche Browser-Sicherheitslösungen und Browser-Isolationstechnologien unabdinglich für Unternehmen, die ihre digitalen Arbeitsplätze sichern wollen. - Kommentare / affiche]]> 2025-02-04T13:20:23+00:00 https://www.globalsecuritymag.fr/web-security-im-wandel-der-zeit.html www.secnews.physaphae.fr/article.php?IdArticle=8646820 False None None 2.0000000000000000 IT Security Guru - Blog Sécurité AI-Powered Cyber Warfare, Ransomware Evolution, and Cloud Threats Shape 2025 Cyber Landscape The cybersecurity landscape in EMEA is facing a wave of AI-driven cyber warfare, the evolution of ransomware into data extortion, and an expanding attack surface in cloud environments, according to the latest findings from Check Point Software. The company presented its insights at CPX Vienna 2025, an annual cybersecurity event bringing together industry leaders, security […] ]]> 2025-02-04T13:18:58+00:00 https://www.itsecurityguru.org/2025/02/04/ai-powered-cyber-warfare-ransomware-evolution-and-cloud-threats-shape-2025-cyber-landscape/?utm_source=rss&utm_medium=rss&utm_campaign=ai-powered-cyber-warfare-ransomware-evolution-and-cloud-threats-shape-2025-cyber-landscape www.secnews.physaphae.fr/article.php?IdArticle=8646948 False Ransomware,Cloud None 3.0000000000000000 HackRead - Chercher Cyber SpyCloud Pioneers the Shift to Holistic Identity Threat Protection Austin, TX, USA, 4th February 2025, CyberNewsWire]]> 2025-02-04T13:00:26+00:00 https://hackread.com/spycloud-pioneers-the-shift-to-holistic-identity-threat-protection/ www.secnews.physaphae.fr/article.php?IdArticle=8646802 False Threat None 3.0000000000000000 Cisco - Security Firm Blog Cybersecurity for Businesses of All Sizes: A Blueprint for Protection Developing a robust cybersecurity practice involves implementing multiple layers of security measures that are interconnected and continually monitored.]]> 2025-02-04T13:00:10+00:00 https://blogs.cisco.com/security/cybersecurity-for-businesses-of-all-sizes-a-blueprint-for-protection/ www.secnews.physaphae.fr/article.php?IdArticle=8646800 False None None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Smiths Group Discloses Security Breach Smiths Group, a multinational engineering business, has disclosed a data breach. The company, which is based in London but employees more than 15,000 people in over 50 countries, published a filing to the London Stock Exchange (LSE) on Tuesday saying that it is “currently managing a cyber security incident” involving “unauthorized access to the Company\'s [...]]]> 2025-02-04T12:52:54+00:00 https://informationsecuritybuzz.com/smiths-group-discloses-security-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8646804 False Data Breach None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Palo Alto-Siemens whitepaper flags critical OT vulnerabilities; as manufacturing sector faces alarming cybersecurity risks A recent whitepaper published by Palo Alto Networks and Siemens revealed that the exploitation of remote services is... ]]> 2025-02-04T12:51:51+00:00 https://industrialcyber.co/reports/palo-alto-siemens-whitepaper-flags-critical-ot-vulnerabilities-as-manufacturing-sector-faces-alarming-cybersecurity-risks/ www.secnews.physaphae.fr/article.php?IdArticle=8646805 False Vulnerability,Industrial None 3.0000000000000000 Zataz - Magazine Francais de secu Fuite chez EDF ? Entre bluff et baroud d\'honneur des derniers membres de Kernel ? Depuis quelques jours, le forum pirate Breached affiche des petites annonces proposant la commercialisation de données d\'EDF, de Leclerc, de Conforama. Du bluff d\'un membre de la bande à Kernel ?...]]> 2025-02-04T12:51:41+00:00 https://www.zataz.com/fuite-chez-edf-entre-bluff-et-baroud-dhonneur-des-derniers-membres-de-kernel/ www.secnews.physaphae.fr/article.php?IdArticle=8646812 False None None 3.0000000000000000 Global Security Mag - Site de news francais Die Cybersicherheitslandschaft im europäischen Handelssektor Kommentare / affiche

Die am meisten für Phishing-Attacken imitierten Markennamen kommen aus dem Technologiesektor. CPR hat zudem Fälschungen von PayPal, Facebook, Nike, Adidas und diversen Luxusmarken beobachtet. Auf der Check Point-Veranstaltung CPX in Wien stellte das Unternehmen Cyberint von Check Point die Ergebnisse seines aktuellen Reports zur Bedrohungslage in der europäischen Handelsbranche vor. Die Einzelhandelsbranche sieht sich in ihren wichtigsten Sektoren mit sich ständig weiterentwickelnden (...) - Kommentare / affiche]]> 2025-02-04T12:48:28+00:00 https://www.globalsecuritymag.fr/die-cybersicherheitslandschaft-im-europaischen-handelssektor.html www.secnews.physaphae.fr/article.php?IdArticle=8646801 False None None 2.0000000000000000 Bleeping Computer - Magazine Américain Chinese cyberspies use new SSH backdoor in network device hacks A Chinese hacking group is hijacking the SSH daemon on network appliances by injecting malware into the process for persistent access and covert operations. [...]]]> 2025-02-04T12:39:40+00:00 https://www.bleepingcomputer.com/news/security/chinese-cyberspies-use-new-ssh-backdoor-in-network-device-hacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646865 False Malware None 3.0000000000000000 HackRead - Chercher Cyber N. Korean \\'FlexibleFerret\\' Malware Hits macOS with Fake Zoom, Job Scams N. Korean \'FlexibleFerret\' malware targets macOS with fake Zoom apps, job scams, and bug report comments, deceiving users…]]> 2025-02-04T12:30:26+00:00 https://hackread.com/north-korea-flexibleferret-malware-macos-fake-zoom-job-scams/ www.secnews.physaphae.fr/article.php?IdArticle=8646803 False Malware None 3.0000000000000000 SecurityWeek - Security News Personal Information Compromised in GrubHub Data Breach Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers.

>Food delivery firm GrubHub has disclosed a data breach impacting the personal information of drivers and customers. ]]> 2025-02-04T12:28:51+00:00 https://www.securityweek.com/personal-information-compromised-in-grubhub-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8646806 False Data Breach None 3.0000000000000000 Zataz - Magazine Francais de secu CLIPPER CHIP is back ? Vers la fin du chiffrement et un risque majeur pour la cybersécurité Le 28 janvier dernier, le Sénat français a adopté un amendement qui pourrait marquer un tournant décisif pour la cybersécurité. Ce texte impose aux éditeurs de messageries chiffrées de fournir un accès privilégié aux contenus échangés sur leurs plateformes....]]> 2025-02-04T12:10:35+00:00 https://www.zataz.com/clipper-chip-is-back-vers-la-fin-du-chiffrement-et-un-risque-majeur-pour-la-cybersecurite/ www.secnews.physaphae.fr/article.php?IdArticle=8646813 False None None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Deepfakes and the 2024 US Election analysis: We analyzed every instance of AI use in elections collected by the WIRED AI Elections Project (source for our analysis), which tracked known uses of AI for creating political content during elections taking place in 2024 worldwide. In each case, we identified what AI was used for and estimated the cost of creating similar content without AI. We find that (1) half of AI use isn’t deceptive, (2) deceptive content produced using AI is nevertheless cheap to replicate without AI, and (3) focusing on the demand for misinformation rather than the supply is a much more effective way to diagnose problems and identify interventions...

Interesting analysis: We analyzed every instance of AI use in elections collected by the WIRED AI Elections Project (source for our analysis), which tracked known uses of AI for creating political content during elections taking place in 2024 worldwide. In each case, we identified what AI was used for and estimated the cost of creating similar content without AI. We find that (1) half of AI use isn’t deceptive, (2) deceptive content produced using AI is nevertheless cheap to replicate without AI, and (3) focusing on the demand for misinformation rather than the supply is a much more effective way to diagnose problems and identify interventions...]]> 2025-02-04T12:01:36+00:00 https://www.schneier.com/blog/archives/2025/02/deepfakes-and-the-2024-us-election.html www.secnews.physaphae.fr/article.php?IdArticle=8646798 False None None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Surge in Infostealer Attacks Threatens EMEA Organizations\\' Data Security Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets]]> 2025-02-04T12:00:00+00:00 https://www.infosecurity-magazine.com/news/surge-in-infostealer-attacks-emea/ www.secnews.physaphae.fr/article.php?IdArticle=8646788 False None None 3.0000000000000000 SecurityWeek - Security News Cyber Insights 2025: The CISO Outlook There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards.

>There has never been a single job description for the CISO – the role depends upon each company, its maturity, its size and resources, and the risk tolerance of boards. ]]> 2025-02-04T12:00:00+00:00 https://www.securityweek.com/cyber-insights-2025-the-ciso-outlook/ www.secnews.physaphae.fr/article.php?IdArticle=8646790 False None None 3.0000000000000000 SecurityWeek - Security News Developers Targeted With Malware Disguised as DeepSeek Package Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI.

>Python developers looking to integrate DeepSeek into their projects were targeted with malicious packages delivered through PyPI. ]]> 2025-02-04T11:56:55+00:00 https://www.securityweek.com/developers-targeted-with-malware-disguised-as-deepseek-package/ www.secnews.physaphae.fr/article.php?IdArticle=8646791 False Malware None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals]]> 2025-02-04T11:20:00+00:00 https://www.infosecurity-magazine.com/news/texas-cyber-command-rise-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8646789 False None None 3.0000000000000000 The Register - Site journalistique Anglais Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look \\'insignificant\\' When cloud customers don\'t clean up after themselves, part 97 Abandoned AWS S3 buckets could be reused to hijack the global software supply chain in an attack that would make Russia\'s "SolarWinds adventures look amateurish and insignificant," watchTowr Labs security researchers have claimed.… ]]> 2025-02-04T11:00:06+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/04/abandoned_aws_s3/ www.secnews.physaphae.fr/article.php?IdArticle=8646777 False Cloud None 3.0000000000000000 SecurityWeek - Security News Vulnerability Patched in Android Possibly Exploited by Forensic Tools The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild.

>The February 2025 Android patches resolve 46 vulnerabilities, including a Linux kernel bug that has been exploited in the wild. ]]> 2025-02-04T11:00:00+00:00 https://www.securityweek.com/vulnerability-patched-in-android-possibly-exploited-by-forensic-tools/ www.secnews.physaphae.fr/article.php?IdArticle=8646776 False Tool,Vulnerability,Mobile None 3.0000000000000000 CyberScoop - scoopnewsgroup.com special Cyber Here\\'s all the ways an abandoned cloud instance can cause security issues Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers.

>Research released Tuesday by watchTowr shows how easy an old storage bucket can be repurposed by malicious attackers. ]]> 2025-02-04T11:00:00+00:00 https://cyberscoop.com/abandoned-cloud-aws-s3-buckets-security-risk-watchtowr/ www.secnews.physaphae.fr/article.php?IdArticle=8646784 False Cloud None 3.0000000000000000 Cyble - CyberSecurity Firm NETGEAR Urges Immediate Firmware Updates for Critical Security Flaws Overview NETGEAR has recently addressed two critical security vulnerabilities affecting its products, which, if exploited, could allow unauthenticated attackers to execute arbitrary code or remotely exploit devices. These vulnerabilities impact multiple models, including the XR series routers and WAX series access points. Given the high severity of these vulnerabilities, with Common Vulnerability Scoring System (CVSS) scores of 9.8 and 9.6, users are strongly advised to update their devices immediately to the latest firmware versions to prevent potential cyber threats. Details of the Security Vulnerabilities The vulnerabilities impact several NETGEAR devices and could allow remote attackers to take control of the affected routers and access points without requiring authentication. Such security flaws are particularly concerning as they can be leveraged for malicious activities, including data theft, network disruption, and unauthorized surveillance. Affected Devices and Firmware Updates NETGEAR has released fixes for the unauthenticated remote code execution (RCE) security vulnerability affecting the following models: XR1000: Fixed in firmware version 1.0.0.74 XR1000v2: Fixed in firmware version 1.1.0.22 XR500: Fixed in firmware version 2.3.2.134 ]]> 2025-02-04T10:58:37+00:00 https://cyble.com/blog/netgear-issues-security-severe-rce-vulnerabilities/ www.secnews.physaphae.fr/article.php?IdArticle=8646783 False Malware,Vulnerability,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Patches Critical Azure AI Face Service Vulnerability with CVSS 9.9 Score Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below - CVE-2025-21396 (CVSS score: 7.5) - Microsoft Account Elevation of Privilege Vulnerability CVE-2025-21415 (CVSS score: 9.9) - Azure AI Face Service]]> 2025-02-04T10:38:00+00:00 https://thehackernews.com/2025/02/microsoft-patches-critical-azure-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8646731 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104 Google has shipped patches to address 47 security flaws in its Android operating system, including one it said has come under active exploitation in the wild. The vulnerability in question is CVE-2024-53104 (CVSS score: 7.8), which has been described as a case of privilege escalation in a kernel component known as the USB Video Class (UVC) driver. Successful exploitation of the flaw could lead]]> 2025-02-04T10:21:00+00:00 https://thehackernews.com/2025/02/google-patches-47-android-security.html www.secnews.physaphae.fr/article.php?IdArticle=8646732 False Vulnerability,Mobile None 3.0000000000000000 Data Security Breach - Site de news Francais Blanchiment d\'argent : Près de 2 millions de comptes mules détectés en 2024 En 2024, près de 2 millions de comptes bancaires ont été identifiés comme mules financières, révélant l\'ampleur croissante du blanchiment d\'argent à l\'échelle mondiale.]]> 2025-02-04T10:17:44+00:00 https://www.datasecuritybreach.fr/blanchiment-argent-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8646785 False None None 3.0000000000000000 Bleeping Computer - Magazine Américain How hackers target your Active Directory with breached VPN passwords As the gateways to corporate networks, VPNs are an attractive target for attackers. Learn from Specops Software about how hackers use compromised VPN passwords and how you can protect your organization. [...]]]> 2025-02-04T10:01:11+00:00 https://www.bleepingcomputer.com/news/security/how-hackers-target-your-active-directory-with-breached-vpn-passwords/ www.secnews.physaphae.fr/article.php?IdArticle=8646830 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft SharePoint Connector Flaw Could\\'ve Enabled Credential Theft Across Power Platform Cybersecurity researchers have disclosed details of a now-patched vulnerability impacting the Microsoft SharePoint connector on Power Platform that, if successfully exploited, could allow threat actors to harvest a user\'s credentials and stage follow-on attacks. This could manifest in the form of post-exploitation actions that allow the attacker to send requests to the SharePoint API on behalf]]> 2025-02-04T09:59:00+00:00 https://thehackernews.com/2025/02/microsoft-sharepoint-connector-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8646724 False Vulnerability,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Casio and Others Hit by Magento Web Skimmer Campaign Jscambler claims at least 17 sites have been infected with web skimmers, including Casio\'s]]> 2025-02-04T09:45:00+00:00 https://www.infosecurity-magazine.com/news/casio-magento-web-skimmer-campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8646770 False None None 3.0000000000000000 Global Security Mag - Site de news francais Multiples vulnérabilités dans Google Android (04 février 2025) Vulnérabilités

De multiples vulnérabilités ont été découvertes dans Google Android. Certaines d\'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service. Google indique que la vulnérabilité CVE-2024-53104 est activement... - Vulnérabilités]]> 2025-02-04T09:36:29+00:00 https://www.globalsecuritymag.fr/multiples-vulnerabilites-dans-google-android-04-fevrier-2025.html www.secnews.physaphae.fr/article.php?IdArticle=8646832 False Mobile None 3.0000000000000000 The Register - Site journalistique Anglais UK govt must learn fast and let failing projects die young Tackle longstanding issues around productivity, cyber resilience and public sector culture, advises spending watchdog The UK\'s government spending watchdog has called on the current administration to make better use of technology to kickstart the misfiring economy and ensure better delivery public services amid tightened budgets.…]]> 2025-02-04T09:30:08+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/04/ukgov_must_embrace_a_fastlearning/ www.secnews.physaphae.fr/article.php?IdArticle=8646764 False None None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Claroty counters CISA, FDA claims; identifies Contec patient monitor flaws as \\'insecure design\\' not hidden backdoor Following last week\'s disclosure by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and a subsequent notification from... ]]> 2025-02-04T09:26:42+00:00 https://industrialcyber.co/medical/claroty-counters-cisa-fda-claims-identifies-contec-patient-monitor-flaws-as-insecure-design-not-hidden-backdoor/ www.secnews.physaphae.fr/article.php?IdArticle=8646773 False None None 3.0000000000000000 Data Security Breach - Site de news Francais PDF malveillants pour voler des identifiants sur les appareils mobiles Une campagne de mishing sophistiquée se faisant passer pour l\'USPS utilise des PDF malveillants pour voler des identifiants sur les appareils mobiles.]]> 2025-02-04T09:23:03+00:00 https://www.datasecuritybreach.fr/pdf-malveillants/ www.secnews.physaphae.fr/article.php?IdArticle=8646774 False None None 3.0000000000000000 Korben - Bloger francais Riffo AI - Renommez vos fichiers intelligemment sous macOS Vous connaissez cette sensation de regarder votre bureau d’ordinateur et de voir une marée de fichiers nommés n’importe comment ? LA PANIQUE !!!! Des tas de screenshot-2024-01-15.png, IMG_5847.jpg et autres Document sans titre (7).docx à perte de vue… On dirait que votre disque dur a été réorganisé par un chimpanzé sous acide ! Rassurez-vous, vous n’êtes pas seul dans cette galère numérique et j’ai une excellente nouvelle : j’ai découvert un petit assistant malin qui va mettre de l’ordre dans tout ce bazar.]]> 2025-02-04T09:00:00+00:00 https://korben.info/riffo-ai-renommage-automatique-fichiers.html www.secnews.physaphae.fr/article.php?IdArticle=8646758 False None None 3.0000000000000000 Sekoia - Cyber Firms Detection engineering at scale: one step closer (part two) In this article, we will build upon the previous discussion of our detection approach and associated challenges by detailing the regular and automated actions implemented through our CI/CD pipelines. La publication suivante Detection engineering at scale: one step closer (part two) est un article de Sekoia.io Blog.

>In this article, we will build upon the previous discussion of our detection approach and associated challenges by detailing the regular and automated actions implemented through our CI/CD pipelines. La publication suivante Detection engineering at scale: one step closer (part two) est un article de Sekoia.io Blog.]]> 2025-02-04T08:59:00+00:00 https://blog.sekoia.io/detection-engineering-at-scale-one-step-closer-part-two/ www.secnews.physaphae.fr/article.php?IdArticle=8646749 False None None 3.0000000000000000 Sygnia - CyberSecurity Firm The Anatomy of Abyss Locker Ransomware Attack Abyss Locker ransomware targets critical network devices with swift, disruptive attacks. This blog breaks down its tactics and defense strategies.

>Abyss Locker ransomware targets critical network devices with swift, disruptive attacks. This blog breaks down its tactics and defense strategies. ]]> 2025-02-04T08:49:58+00:00 https://www.sygnia.co/blog/abyss-locker-ransomware-attack-analysis/ www.secnews.physaphae.fr/article.php?IdArticle=8646752 False Ransomware None 3.0000000000000000 The Register - Site journalistique Anglais Google patches odd Android kernel security bug amid signs of targeted exploitation Also, Netgear fixes critical router, access point vulnerabilities Google has released its February Android security updates, including a fix for a high-severity kernel-level vulnerability, which is suspected to be in use by targeted exploits.…]]> 2025-02-04T08:18:11+00:00 https://go.theregister.com/feed/www.theregister.com/2025/02/04/google_android_patch_netgear/ www.secnews.physaphae.fr/article.php?IdArticle=8646751 False Vulnerability,Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Nigeria Touts Cyber Success, Even as Cybercrime Rises in Africa Organizations continue to be at high risk from cybercrime in Africa, despite law enforcement takedowns of cybercriminal syndicates in Nigeria and other African nations.]]> 2025-02-04T08:00:09+00:00 https://www.darkreading.com/cyber-risk/nigeria-touts-cyber-success-african-cybercrime-rises www.secnews.physaphae.fr/article.php?IdArticle=8646969 False Legislation None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Check Point Ranks #1 in Threat Prevention Testing Miercom 2025 Enterprise & Hybrid Mesh Firewall Report For the third consecutive year, Check Point ranked #1 for security effectiveness in all categories of the Miercom Enterprise and Hybrid Mesh Firewall Report. This report includes two new metrics: SSE/SASE Threat Prevention and Known Exploited Vulnerabilities (KEVs). Miercom\'s independent, head-to-head stress testing establishes how well a platform can detect and block the latest generations of cyber security threats in real-world scenarios. Blocking at least 99% of cyber attacks is a key objective, because even a 90% block rate can translate to hundreds of costly attacks. Organizations subject to these attacks can face data loss, credential theft, ransomware demands, and […]

For the third consecutive year, Check Point ranked #1 for security effectiveness in all categories of the Miercom Enterprise and Hybrid Mesh Firewall Report. This report includes two new metrics: SSE/SASE Threat Prevention and Known Exploited Vulnerabilities (KEVs). Miercom\'s independent, head-to-head stress testing establishes how well a platform can detect and block the latest generations of cyber security threats in real-world scenarios. Blocking at least 99% of cyber attacks is a key objective, because even a 90% block rate can translate to hundreds of costly attacks. Organizations subject to these attacks can face data loss, credential theft, ransomware demands, and […] ]]> 2025-02-04T07:01:19+00:00 https://blog.checkpoint.com/security/check-point-ranks-1-in-threat-prevention-testing-miercom-2025-enterprise-hybrid-mesh-firewall-report/ www.secnews.physaphae.fr/article.php?IdArticle=8646740 False Ransomware,Vulnerability,Threat None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite AI-Powered Security Management for the Hyperconnected World Today\'s security approach is siloed. Each deployed security tool is designed to provide a specific type of protection across different areas like the network, endpoints, email, and cloud environments. This hybrid methodology, often requiring dozens of systems, leads to several security and operational challenges for security operations center (SOC) and network operations center (NOC) teams. Adopting a hybrid environment is unavoidable, and Gartner[1] anticipates that “By 2025, over 50% of network firewall deployments will involve more than two deployment factors from the same vendor - up from less than 10% in 2023.” [1] While the benefits of this new ecosystem are […]

>Today\'s security approach is siloed. Each deployed security tool is designed to provide a specific type of protection across different areas like the network, endpoints, email, and cloud environments. This hybrid methodology, often requiring dozens of systems, leads to several security and operational challenges for security operations center (SOC) and network operations center (NOC) teams. Adopting a hybrid environment is unavoidable, and Gartner[1] anticipates that “By 2025, over 50% of network firewall deployments will involve more than two deployment factors from the same vendor - up from less than 10% in 2023.” [1] While the benefits of this new ecosystem are […] ]]> 2025-02-04T07:01:18+00:00 https://blog.checkpoint.com/security/ai-powered-security-management-for-the-hyperconnected-world/ www.secnews.physaphae.fr/article.php?IdArticle=8646741 False Tool,Cloud None 3.0000000000000000 AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC What Is Zero Trust? 2025-02-04T07:00:00+00:00 https://levelblue.com/blogs/security-essentials/what-is-zero-trust www.secnews.physaphae.fr/article.php?IdArticle=8646734 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Medical,Cloud None 3.0000000000000000 Bleeping Computer - Magazine Américain GrubHub data breach impacts customers, drivers, and merchants Food delivery company GrubHub disclosed a data breach impacting the personal information of an undisclosed number of customers, merchants, and drivers after attackers breached its systems using a service provider account. [...]]]> 2025-02-04T04:24:46+00:00 https://www.bleepingcomputer.com/news/security/grubhub-data-breach-impacts-customers-drivers-and-merchants/ www.secnews.physaphae.fr/article.php?IdArticle=8646761 False Data Breach None 3.0000000000000000 McAfee Labs - Editeur Logiciel Buying Tickets for Beyoncé\\'s Cowboy Carter Tour? Don\\'t Let Scammers Ruin Your Experience Beyoncé has officially announced her Cowboy Carter world tour, and the excitement is through the roof! With her last tour...

Beyoncé has officially announced her Cowboy Carter world tour, and the excitement is through the roof! With her last tour... ]]> 2025-02-04T03:57:14+00:00 https://www.mcafee.com/blogs/privacy-identity-protection/buying-tickets-for-beyonces-cowboy-carter-tour-dont-let-scammers-ruin-your-experience/ www.secnews.physaphae.fr/article.php?IdArticle=8646717 False None None 3.0000000000000000 The State of Security - Magazine Américain Tripwire Patch Priority Index for January 2025 Tripwire\'s January 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for the Microsoft office platform, including Word, Access, Visio, Excel, OneNote, and Outlook. These patches resolve 13 issues such as remote code execution and security feature bypass vulnerabilities. Next are patches that affect components of the core Windows operating system. These patches resolve over 120 vulnerabilities, including elevation of privilege, information disclosure, and remote code execution vulnerabilities. These vulnerabilities affect core...]]> 2025-02-04T03:53:20+00:00 https://www.tripwire.com/state-of-security/tripwire-patch-priority-index-january-2025 www.secnews.physaphae.fr/article.php?IdArticle=8646771 False Vulnerability None 3.0000000000000000 The State of Security - Magazine Américain What Is a Security Operations Center (SOC)? Data breaches continue to cost organizations millions of dollars each year, with costs rising steadily. According to IBM\'s 2024 Cost of a Data Breach Report, the average cost of a data breach has surged to $4.88 million globally, reflecting the increasing complexity and sophistication of cyberattacks. In the United States, this figure is even higher, averaging $9.8 million per breach, and the healthcare industry remains a prime target, with an average breach cost of $10 million-the highest of any sector. What Drives These Staggering Costs? Several factors contribute to these sky-high figures...]]> 2025-02-04T03:53:17+00:00 https://www.tripwire.com/state-of-security/what-is-a-security-operations-center-soc www.secnews.physaphae.fr/article.php?IdArticle=8646772 False Data Breach,Medical None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite What is Acceptable Risk? CISOs today must decide what is an acceptable risk to their organization. It\'s an impossible equation to solve as enterprise attack surfaces are rapidly expanding, necessitating the need for a modernized approach to risk assessment. The most forward-thinking CISOs use advanced tools to not only stay on top of the ever-changing landscape of connected infrastructure [...]]]> 2025-02-04T02:00:17+00:00 https://informationsecuritybuzz.com/what-is-acceptable-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8646704 False Tool None 3.0000000000000000 HackRead - Chercher Cyber Hackers Hide Malware in Fake DeepSeek PyPI Packages Malicious DeepSeek packages on PyPI spread malware, stealing sensitive data like API keys. Learn how this attack targeted developers and how to protect yourself.]]> 2025-02-04T00:00:45+00:00 https://hackread.com/hackers-hide-malware-fake-deepseek-pypi-packages/ www.secnews.physaphae.fr/article.php?IdArticle=8646690 False Malware None 3.0000000000000000 TrendLabs Security - Editeur Antivirus CVE-2025-0411: Ukrainian Organizations Targeted in Zero-Day Campaign and Homoglyph Attacks The ZDI team offers an analysis on how CVE-2025-0411, a zero-day vulnerability in 7-Zip, was actively exploited to target Ukrainian organizations in a SmokeLoader campaign involving homoglyph attacks.]]> 2025-02-04T00:00:00+00:00 https://www.trendmicro.com/en_us/research/25/a/cve-2025-0411-ukrainian-organizations-targeted.html www.secnews.physaphae.fr/article.php?IdArticle=8646748 False Vulnerability,Threat None 3.0000000000000000 Resecurity - cyber risk firms ICAO and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists 2025-02-04T00:00:00+00:00 https://www.resecurity.com/blog/article/icao-and-acao-breached-cyberespionage-groups-targeting-aviation-safety-specialists www.secnews.physaphae.fr/article.php?IdArticle=8646937 False None None 3.0000000000000000 Silicon - Site de News Francais SailPoint vise une valorisation de 11,5 milliards $ pour son introduction en bourse SailPoint cherche à lever jusqu\'à 1,05 milliard $ lors de son introduction sur le Nasdaq. Un retour à la Bourse pour le spécialiste de la gestion des identités qui avait été racheté par Thomas Bravo pour 6,9 milliards en 2022.]]> 2025-02-04T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/sailpoint-valorisation-milliards-introduction-bourse-467357.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8646862 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future As DOGE teams plug into federal networks, cybersecurity risks could be huge, experts say Little is known about how workers on Elon Musk\'s federal government technology team are accessing sensitive systems at the Office of Personnel Management, the Treasury Department and elsewhere. Experts are warning of potentially massive cybersecurity risks.]]> 2025-02-03T23:48:12+00:00 https://therecord.media/doge-opm-treasury-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8646691 False None None 3.0000000000000000 Dark Reading - Informationweek Branch DNSFilter\\'s Annual Security Report Reveals Worrisome Spike in Malicious DNS Requests 2025-02-03T23:04:37+00:00 https://www.darkreading.com/cyberattacks-data-breaches/dnsfilter-s-annual-security-report-reveals-worrisome-spike-in-malicious-dns-requests www.secnews.physaphae.fr/article.php?IdArticle=8646689 False Studies None 4.0000000000000000 Dark Reading - Informationweek Branch EMEA CISOs Plan 2025 Cloud Security Investment 2025-02-03T23:01:49+00:00 https://www.darkreading.com/cloud-security/emea-cisos-plan-2025-cloud-security-investment www.secnews.physaphae.fr/article.php?IdArticle=8646675 False Cloud None 2.0000000000000000 Dark Reading - Informationweek Branch Interactive Online Training for Cybersecurity Professionals; Earn CPE Credits 2025-02-03T22:54:51+00:00 https://www.darkreading.com/cybersecurity-operations/interactive-online-training-for-cybersecurity-professionals-earn-cpe-credits www.secnews.physaphae.fr/article.php?IdArticle=8646676 False None None 3.0000000000000000 Dark Reading - Informationweek Branch \\'Constitutional Classifiers\\' Technique Mitigates GenAI Jailbreaks Anthropic says its Constitutional Classifiers approach offers a practical way to make it harder for bad actors to try and coerce an AI model off its guardrails.]]> 2025-02-03T22:13:26+00:00 https://www.darkreading.com/application-security/constitutional-classifiers-mitigate-genai-jailbreaks www.secnews.physaphae.fr/article.php?IdArticle=8646677 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Name That Edge Toon: In the Cloud Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 gift card.]]> 2025-02-03T22:10:32+00:00 https://www.darkreading.com/cloud-security/name-that-edge-toon-in-the-cloud www.secnews.physaphae.fr/article.php?IdArticle=8646678 False Cloud None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Anthropic dares you to jailbreak its new AI model Week-long public test follows 3,000+ hours of unsuccessful bug bounty claim attempts.]]> 2025-02-03T22:09:51+00:00 https://arstechnica.com/ai/2025/02/anthropic-dares-you-to-jailbreak-its-new-ai-model/ www.secnews.physaphae.fr/article.php?IdArticle=8646686 False None None 3.0000000000000000 HackRead - Chercher Cyber Your Health Information Was Compromised. Now What? The healthcare industry has become increasingly reliant on technology to enhance patient care, from advanced image-guided surgery to…]]> 2025-02-03T21:56:28+00:00 https://hackread.com/your-health-information-compromised-now-what/ www.secnews.physaphae.fr/article.php?IdArticle=8646666 False Medical None 3.0000000000000000 Recorded Future - FLux Recorded Future \\'Yes, this is real\\': hackers targeting high-profile X accounts blur fact and fiction The social media platform X has been hit with a rash of celebrity account takeovers, often by hackers peddling fraudulent products.]]> 2025-02-03T21:53:44+00:00 https://therecord.media/hackers-x-accounts-security-crypto www.secnews.physaphae.fr/article.php?IdArticle=8646667 False None None 2.0000000000000000 Dark Reading - Informationweek Branch Microsoft Sets End Date for Defender VPN Though Windows, iOS, and macOS users won\'t need to make any changes, Android users are advised to remove their Defender VPN profiles.]]> 2025-02-03T21:50:13+00:00 https://www.darkreading.com/mobile-security/microsoft-sets-end-date-for-defender-vpn www.secnews.physaphae.fr/article.php?IdArticle=8646679 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch AI Malware Dressed Up as DeepSeek Packages Lurk in PyPi Adversaries looking to ride the DeepSeek interest wave are taking advantage of developers in a rush to deploy the new technology, by using AI-generated malware against them.]]> 2025-02-03T21:50:03+00:00 https://www.darkreading.com/application-security/ai-malware-deepseek-packages-pypi www.secnews.physaphae.fr/article.php?IdArticle=8646680 False Malware None 3.0000000000000000 knowbe4 - cybersecurity services Warning: Phishing Campaign Targets Germany with New Malware

]]> 2025-02-03T21:25:21+00:00 https://blog.knowbe4.com/warning-phishing-campaign-targets-germany-with-new-malware www.secnews.physaphae.fr/article.php?IdArticle=8646662 False Malware None 2.0000000000000000 Dark Reading - Informationweek Branch Ransomware Groups Weathered Raids, Profited in 2024 Cybercriminals posted nearly 6,000 breaches to data-leak sites last year - and despite significant takedowns, they continued to thrive in a record-breaking year for ransomware.]]> 2025-02-03T21:20:47+00:00 https://www.darkreading.com/endpoint-security/ransomware-weathered-raids-profited-2024 www.secnews.physaphae.fr/article.php?IdArticle=8646664 False Ransomware None 3.0000000000000000 Recorded Future - FLux Recorded Future Woman nabbed by Thai police on alleged link to $182 million romance scam Thailand\'s Central Investigation Bureau said it apprehended a 52-year-old woman accused of laundering $182.8 million in romance scam funds at the behest of her Nigerian boyfriend.]]> 2025-02-03T21:11:55+00:00 https://therecord.media/arrest-thai-police-woman-romance-scam www.secnews.physaphae.fr/article.php?IdArticle=8646668 False Legislation None 3.0000000000000000 Recorded Future - FLux Recorded Future Australia sanctions \\'Terrorgram\\' white supremacist online group Australia has imposed sanctions on the white supremacist online network Terrorgram, following similar actions by the U.S. and the U.K.]]> 2025-02-03T20:28:32+00:00 https://therecord.media/australia-sanctions-terrorgram-online-hate-group www.secnews.physaphae.fr/article.php?IdArticle=8646655 False None None 3.0000000000000000 Dark Reading - Informationweek Branch Why Cybersecurity Needs Probability - Not Predictions While probabilities may be based on subjective information, when used in an objective framework, they demonstrate an effective way to improve the value of hard decisions.]]> 2025-02-03T20:17:16+00:00 https://www.darkreading.com/cyberattacks-data-breaches/why-cybersecurity-needs-probability-not-predictions www.secnews.physaphae.fr/article.php?IdArticle=8647084 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Canadian charged in two crypto platform thefts totaling $65 million Andean Medjedovic, a 22-year-old Canadian, was responsible for stealing tens of millions of dollars\' worth of cryptocurrency from two platforms in 2021 and 2023, according to U.S. prosecutors.]]> 2025-02-03T20:05:49+00:00 https://therecord.media/indictment-canadian-two-cryptocurrency-platform-hacks www.secnews.physaphae.fr/article.php?IdArticle=8646656 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023 As many as 768 vulnerabilities with designated CVE identifiers were reported as exploited in the wild in 2024, up from 639 CVEs in 2023, registering a 20% increase year-over-year. Describing 2024 as "another banner year for threat actors targeting the exploitation of vulnerabilities," VulnCheck said 23.6% of known exploited vulnerabilities (KEV) were known to be weaponized either on or before]]> 2025-02-03T19:27:00+00:00 https://thehackernews.com/2025/02/768-cves-exploited-in-2024-reflecting.html www.secnews.physaphae.fr/article.php?IdArticle=8646538 False Vulnerability,Threat None 3.0000000000000000 HackRead - Chercher Cyber Online gaming safety for kids: learn how to protect your children Children love online gaming, and it’s no surprise they do it, considering it offers them fun and interactive…]]> 2025-02-03T19:17:09+00:00 https://hackread.com/online-gaming-safety-for-kids-how-to-protect-children/ www.secnews.physaphae.fr/article.php?IdArticle=8646647 False None None 3.0000000000000000 ComputerWeekly - Computer Magazine Nationwide Building Society to train people to think like cyber criminals 2025-02-03T19:00:00+00:00 https://www.computerweekly.com/news/366618647/Nationwide-Building-Society-to-train-people-to-think-like-cyber-criminals www.secnews.physaphae.fr/article.php?IdArticle=8646688 False None None 3.0000000000000000 Global Security Mag - Site de news francais 6 mars de 8 heures 30 à 10 heures Paris Matinale du CyberCercle : Projet de Loi "Résilience des infrastructures critiques et renforcement de la cybersécurité" avec Olivier CADIC Événements

6 mars de 8 heures 30 à 10 heures Paris Matinale du CyberCercle : Projet de Loi "Résilience des infrastructures critiques et renforcement de la cybersécurité" avec Olivier CADIC - Événements]]> 2025-02-03T18:59:38+00:00 https://www.globalsecuritymag.fr/6-mars-de-8-heures-30-a-10-heures-paris-matinale-du-cybercercle-projet-de-loi.html www.secnews.physaphae.fr/article.php?IdArticle=8646646 False Legislation None 2.0000000000000000 Global Security Mag - Site de news francais 24 février 18 h 00 - 20 h 00 par Zoom "Lundi de la cybersécurité" : Intelligence de la guerre. Renseignement, cyberdéfense, influence Les guerres d\'Ukraine, cybersécurité, renseignements, intelligence économique Événements

Dans le cadre des "Lundi de la cybersécurité" organisé par le Cercle d\'Intelligence économique avec l\'Université Paris Cité et l\'ARCSI, Venez assister à l\'événement autour du thème : Intelligence de la guerre. Renseignement, cyberdéfense, influence Les guerres d\'Ukraine, cybersécurité, renseignements, intelligence économique. Lundi 24 février 2025, 18 h 00 - 20 h 00 par visioconférence Zoom. - Événements]]> 2025-02-03T18:44:30+00:00 https://www.globalsecuritymag.fr/24-fevrier-18-h-00-20-h-00-par-zoom-lundi-de-la-cybersecurite-intelligence-de.html www.secnews.physaphae.fr/article.php?IdArticle=8646638 False None None 2.0000000000000000 Recorded Future - FLux Recorded Future Mississippi electric utility warns 20,000 residents of data breach The Yazoo Valley Electric Power Association initially warned customers in August of software problems. Last week, the utility disclosed that "unauthorized access" had led to a breach of sensitive customer information.]]> 2025-02-03T18:38:35+00:00 https://therecord.media/mississippii-electric-utility-residents-breach www.secnews.physaphae.fr/article.php?IdArticle=8646639 False Data Breach None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) PyPI Introduces Archival Status to Alert Users About Unmaintained Python Packages The maintainers of the Python Package Index (PyPI) registry have announced a new feature that allows package developers to archive a project as part of efforts to improve supply chain security. "Maintainers can now archive a project to let users know that the project is not expected to receive any more updates," Facundo Tuesca, senior engineer at Trail of Bits, said. In doing so, the idea is to]]> 2025-02-03T18:00:00+00:00 https://thehackernews.com/2025/02/pypi-introduces-archival-status-to.html www.secnews.physaphae.fr/article.php?IdArticle=8646539 False None None 3.0000000000000000 Recorded Future - FLux Recorded Future Kazakhstan to audit foreign ministry after suspected Russia-linked cyberattack Kazakh officials said they have been aware since 2023 of a cyberattack targeting the foreign ministry.]]> 2025-02-03T17:55:59+00:00 https://therecord.media/kazakhstan-foreign-ministry-cyberattack-russia www.secnews.physaphae.fr/article.php?IdArticle=8646619 False None None 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GCP-2025-007 AMD-SB-3019. High CVE-2024-56161

Published: 2025-02-03Description Description Severity Notes Google has discovered a vulnerability in AMD Zen-based CPUs that affects Confidential VM instances with AMD SEV-SNP enabled. This vulnerability allows attackers with root access in a physical machine to compromise the confidentiality and integrity of the Confidential VM instance. Google has applied fixes to the affected assets, including {{dynamic_data.site_values.cloud_name}}, to ensure customers are protected. At this time, no evidence of exploitation has been found or reported to Google. What should I do? No customer action is required. Customers who want to verify the fix can check the Trusted Computing Base (TCB) version in the attestation report from their Confidential VM instance with AMD SEV-SNP. The minimum versions that mitigate this vulnerability are as follows: SNP TCB SVN: 0x18 0d24 tcb_version { psp_bootloader_version: 4 snp_firmware_version: 24 (0x18) microcode_version: 219 } For more information, see AMD security bulletin AMD-SB-3019. High CVE-2024-56161 ]]> 2025-02-03T17:37:43+00:00 https://cloud.google.com/support/bulletins/index#gcp-2025-007 www.secnews.physaphae.fr/article.php?IdArticle=8646626 False Vulnerability,Cloud None None Nextron - Blog Secu Cyber Security 2025: Practical Trends Beyond the Hype 2025-02-03T17:33:28+00:00 https://www.nextron-systems.com/2025/02/03/cyber-security-2025-real-threats-beyond-the-headlines/ www.secnews.physaphae.fr/article.php?IdArticle=8646618 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) [27 February] This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky tricks online, simple steps are making a big difference. Let\'s take a]]> 2025-02-03T17:29:00+00:00 https://thehackernews.com/2025/02/thn-weekly-recap-top-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8646479 False Tool,Legislation None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine CISA Warns of Backdoor Vulnerability in Contec Patient Monitors CISA has identified a backdoor in Contec CMS8000 devices that could allow unauthorized access to patient data and disrupt monitoring functions]]> 2025-02-03T17:15:00+00:00 https://www.infosecurity-magazine.com/news/cisa-warns-backdoor-contec-patient/ www.secnews.physaphae.fr/article.php?IdArticle=8646620 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions Brazilian Windows users are the target of a campaign that delivers a banking malware known as Coyote. "Once deployed, the Coyote Banking Trojan can carry out various malicious activities, including keylogging, capturing screenshots, and displaying phishing overlays to steal sensitive credentials," Fortinet FortiGuard Labs researcher Cara Lin said in an analysis published last week. The]]> 2025-02-03T17:09:00+00:00 https://thehackernews.com/2025/02/coyote-malware-expands-reach-now.html www.secnews.physaphae.fr/article.php?IdArticle=8646480 False Malware None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection CNAPP Alone Isn\\'t Enough: Focusing on CDR for Real-Time Cross Domain Protection This blog dives into the strengths and limitations of CNAPP, explaining how a CDR solution can enhance cloud security to identify and mitigate cross-domain threats.]]> 2025-02-03T16:42:20+00:00 https://darktrace.com/blog/cnapp-alone-isnt-enough-darktrace-clouds-focus-on-cdr-for-real-time-cross-domain-protection www.secnews.physaphae.fr/article.php?IdArticle=8646595 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What Is Attack Surface Management? Attack surfaces are growing faster than security teams can keep up – to stay ahead, you need to know what\'s exposed and where attackers are most likely to strike. With cloud adoption dramatically increasing the ease of exposing new systems and services to the internet, prioritizing threats and managing your attack surface from an attacker\'s perspective has never been more important. In this]]> 2025-02-03T16:30:00+00:00 https://thehackernews.com/2025/02/what-is-attack-surface-management.html www.secnews.physaphae.fr/article.php?IdArticle=8646481 False Cloud None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine High-profile X Accounts Targeted in Phishing Campaign Hackers hijack high-profile X accounts with phishing scams to steal credentials and promote fraudulent cryptocurrency schemes]]> 2025-02-03T16:30:00+00:00 https://www.infosecurity-magazine.com/news/x-accounts-targeted-phishing/ www.secnews.physaphae.fr/article.php?IdArticle=8646598 False None None 3.0000000000000000 HackRead - Chercher Cyber Cisco Finds DeepSeek R1 Highly Vulnerable to Harmful Prompts DeepSeek R1, a cost-efficient AI model, achieves impressive reasoning but fails all safety tests in a new study…]]> 2025-02-03T16:28:01+00:00 https://hackread.com/cisco-finds-deepseek-r1-vulnerable-harmful-prompts/ www.secnews.physaphae.fr/article.php?IdArticle=8646597 False None None 3.0000000000000000 Korben - Bloger francais Je serai au Sommet pour l\'Action sur l\'IA à Paris - On se voit là bas ? Sommet pour l’Action sur l’IA qui se tiendra à Paris le 10 février 2025. Au programme, plus de 80 pays et une centaine d’acteurs majeurs de la tech qui se réuniront pour discuter de l’avenir de l’intelligence artificielle. Ce sommet, organisé à l’initiative du gouvernement français, ne devrait pas être une énième conférence soporifique sur les promesses de l’IA car l’objectif est clairement de déclencher un réveil européen dans ce domaine stratégique.

Salut les amis ! La semaine prochaine, je serais au Sommet pour l’Action sur l’IA qui se tiendra à Paris le 10 février 2025. Au programme, plus de 80 pays et une centaine d’acteurs majeurs de la tech qui se réuniront pour discuter de l’avenir de l’intelligence artificielle. Ce sommet, organisé à l’initiative du gouvernement français, ne devrait pas être une énième conférence soporifique sur les promesses de l’IA car l’objectif est clairement de déclencher un réveil européen dans ce domaine stratégique.]]> 2025-02-03T16:25:15+00:00 https://korben.info/sommet-action-ia-aventure-tech-demain.html www.secnews.physaphae.fr/article.php?IdArticle=8646604 False None None 2.0000000000000000 Data Security Breach - Site de news Francais La France lance l\'INSESIA dédiée à la sécurité de l\'IA Continue reading La France lance l’INSESIA dédiée à la sécurité de l\'IA

Le Gouvernement lance l\'Institut national pour l\'évaluation et la sécurité de l\'intelligence artificielle (INESIA). Un engagement national pour une IA sécurisée et maîtrisée. L\'intelligence artificielle (IA) transforme profondément notre société et nos économies. Pour accompagner cette évolution tout en garantissant la sécurité nationale, le gouvernement annonce la création de l\'Institut national pour l\'évaluation et la sécurité … Continue reading La France lance l’INSESIA dédiée à la sécurité de l\'IA]]> 2025-02-03T16:12:15+00:00 https://www.datasecuritybreach.fr/institut-national-pour-levaluation-et-la-securite-de-lintelligence-artificielle/ www.secnews.physaphae.fr/article.php?IdArticle=8646616 False None None 3.0000000000000000