www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-12T09:15:33+00:00 www.secnews.physaphae.fr AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Dangers de l'exploitation de l'exploitation des données et du hachage des données en cybersécurité Dangers of Data Logging and Data Hashing in Cybersecurity 2025-03-20T06:00:00+00:00 https://levelblue.com/blogs/security-essentials/dangers-of-data-logging-and-data-hashing-in-cybersecurity www.secnews.physaphae.fr/article.php?IdArticle=8656956 False Data Breach,Tool,Vulnerability,Threat,Technical None 2.0000000000000000 ProofPoint - Cyber Firms AI en cybersécurité pour suralimenter vos équipes AI in Cybersecurity to Supercharge Your Teams 2025-03-20T05:34:47+00:00 https://www.proofpoint.com/us/blog/information-protection/ai-in-cybersecurity-empowering-teams www.secnews.physaphae.fr/article.php?IdArticle=8657082 False Malware,Tool,Threat,Studies,Prediction None 3.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido ALERTE NOUVELLES: L'étude Spycloud montre l'exploitation de l'identité DarkNet survenant pour devenir un cyber-risque principal News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk Austin, TX, MA. 19, 2025, CyberNewswire - L'utilisateur moyen de l'entreprise a désormais 146 enregistrements volés liés à leur identité, une augmentation moyenne de 12 fois par rapport aux estimations précédentes, reflétant une augmentation des expositions à l'identité holistique. spycloud , la principale menace d'identité… (plus…) Le message alerte de nouvelles: l'étude spycloud montre d'abord l'identité notante href = "https://www.lastwatchdog.com"> Le dernier chien de garde .

>Austin, TX, Ma. 19, 2025, CyberNewswire — The average corporate user now has 146 stolen records linked to their identity, an average 12x increase from previous estimates, reflecting a surge in holistic identity exposures. SpyCloud, the leading identity threat … (more…) The post News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk first appeared on The Last Watchdog.]]> 2025-03-20T00:00:04+00:00 https://www.lastwatchdog.com/news-alert-spycloud-study-shows-darknet-identity-exploitation-arising-to-become-a-primary-cyber-risk/ www.secnews.physaphae.fr/article.php?IdArticle=8656803 False Threat,Studies None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates exploitent une faille PHP sévère pour déployer des mineurs de rat quasar et XMRI Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners Threat actors are exploiting a severe security flaw in PHP to deliver cryptocurrency miners and remote access trojans (RATs) like Quasar RAT. The vulnerability, assigned the CVE identifier CVE-2024-4577, refers to an argument injection vulnerability in PHP affecting Windows-based systems running in CGI mode that could allow remote attackers to run arbitrary code. Cybersecurity company]]> 2025-03-19T21:22:00+00:00 https://thehackernews.com/2025/03/hackers-exploit-severe-php-flaw-to.html www.secnews.physaphae.fr/article.php?IdArticle=8656732 False Vulnerability,Threat None 1.00000000000000000000 Dark Reading - Informationweek Branch Les groupes de l'État-nation abusent l'exploit de raccourci Microsoft Windows Nation-State Groups Abuse Microsoft Windows Shortcut Exploit Trend Micro uncovered a method that nation-state threat actors are using to target victims via the Windows .Ink shortcut file extension.]]> 2025-03-19T20:29:20+00:00 https://www.darkreading.com/cyber-risk/nation-state-groups-abuse-microsoft-windows-shortcut-exploit www.secnews.physaphae.fr/article.php?IdArticle=8656778 False Threat,Prediction None 2.0000000000000000 Global Security Mag - Site de news francais Trend Micro Incorporated annonce la mise à disposition en open-source de Trend Cybertron Produits]]> 2025-03-19T20:19:23+00:00 https://www.globalsecuritymag.fr/trend-micro-incorporated-annonce-la-mise-a-disposition-en-open-source-de-trend.html www.secnews.physaphae.fr/article.php?IdArticle=8656776 False Threat,Prediction None 2.0000000000000000 HackRead - Chercher Cyber 11 hackers de l'État-nation exploitent une faille Windows non corrigée depuis 2017 11 Nation-State Hackers Exploit Unpatched Windows Flaw Since 2017 Microsoft refuses to patch serious Windows shortcut vulnerability abused in global espionage campaigns!]]> 2025-03-19T20:00:30+00:00 https://hackread.com/nation-state-hackers-exploit-windows-unpatched-flaw-2017/ www.secnews.physaphae.fr/article.php?IdArticle=8656765 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Clearfake infecte 9 300 sites, utilise un faux recaptcha et des tourniquets pour répandre les voleurs d'informations ClearFake Infects 9,300 Sites, Uses Fake reCAPTCHA and Turnstile to Spread Info-Stealers The threat actors behind the ClearFake campaign are using fake reCAPTCHA or Cloudflare Turnstile verifications as lures to trick users into downloading malware such as Lumma Stealer and Vidar Stealer. ClearFake, first highlighted in July 2023, is the name given to a threat activity cluster that employs fake web browser update baits on compromised WordPress as a malware distribution vector. The]]> 2025-03-19T16:29:00+00:00 https://thehackernews.com/2025/03/clearfake-infects-9300-sites-uses-fake.html www.secnews.physaphae.fr/article.php?IdArticle=8656670 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 5 Détection et réponse des menaces d'identité incontournables pour la sécurité du super saaS 5 Identity Threat Detection & Response Must-Haves for Super SaaS Security Identity-based attacks are on the rise. Attackers are targeting identities with compromised credentials, hijacked authentication methods, and misused privileges. While many threat detection solutions focus on cloud, endpoint, and network threats, they overlook the unique risks posed by SaaS identity ecosystems. This blind spot is wreaking havoc on heavily SaaS-reliant organizations big and small]]> 2025-03-19T16:00:00+00:00 https://thehackernews.com/2025/03/5-identity-threat-detection-response.html www.secnews.physaphae.fr/article.php?IdArticle=8656657 False Threat,Cloud None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial PRODAFT detects high-severity flaws in mySCADA myPRO Manager, warns of industrial network breaches Cyber threat intelligence firm PRODAFT has identified two critical OS command injection vulnerabilities in mySCADA myPRO Manager, a... ]]> 2025-03-19T13:21:01+00:00 https://industrialcyber.co/vulnerabilities/prodaft-detects-high-severity-flaws-in-myscada-mypro-manager-warns-of-industrial-network-breaches/ www.secnews.physaphae.fr/article.php?IdArticle=8656851 False Vulnerability,Threat,Industrial None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Le phishing de Firebase est-il une menace pour votre organisation? Is Firebase Phishing a Threat to Your Organization? Les chercheurs de point de contrôle ont découvert une attaque de récolte des diplômes sophistiquée qui exploite Firebase, un service d'hébergement d'application Web populaire. Cette attaque implique la création de pages Web de phishing très convaincantes et conçues par des professionnels qui se font passer pour des services bien connus. Les attaquants utilisent également un fournisseur compromis pour envoyer des liens de phishing dans les correspondances e-mail existantes, ce qui rend l'arnaque encore plus trompeuse. Comment cela fonctionne: les attaquants tirent parti de Firebase pour héberger des pages Web de phishing qui imitent les services légitimes. En compromettant le compte de messagerie d'un fournisseur, les cybercriminels insérent ensuite les liens de phishing vers des threads de messagerie en cours. Cette tactique augmente la probabilité que le bénéficiaire faisait confiance au […]

>Check Point researchers have uncovered a sophisticated credential harvesting attack that leverages Firebase, a popular web application hosting service. This attack involves the creation of highly convincing and professionally designed phishing web pages that impersonate well-known services. The attackers also utilize a compromised vendor to send phishing links within existing email correspondences, making the scam even more deceptive. How it Works: The attackers leverage Firebase to host phishing web pages that mimic legitimate services. By compromising a vendor\'s email account, cyber criminals then insert phishing links into ongoing email threads. This tactic increases the likelihood of the recipient trusting the […] ]]> 2025-03-19T13:00:44+00:00 https://blog.checkpoint.com/securing-user-and-access/is-firebase-phishing-a-threat-to-your-organization/ www.secnews.physaphae.fr/article.php?IdArticle=8656681 False Threat None 2.0000000000000000 Cyble - CyberSecurity Firm CISA ajoute deux vulnérabilités critiques (CVE-2025-24472 et CVE-2025-30066) au catalogue connu des vulnérabilités exploitées CISA Adds Two Critical Vulnerabilities (CVE-2025-24472 and CVE-2025-30066) to the Known Exploited Vulnerabilities Catalog 2025-03-19T12:49:21+00:00 https://cyble.com/blog/cisa-alerts-users-of-cve-2025-24472/ www.secnews.physaphae.fr/article.php?IdArticle=8656685 False Tool,Vulnerability,Threat None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Le fournisseur de technologie mondial transforme la détection des menaces par e-mail avec DarkTrace Global Technology Provider Transforms Email Threat Detection with Darktrace To strengthen its distributed and complex operations, this global technology leader implemented Darktrace / EMAIL to monitor, detect, and mitigate potential email threats. Read the blog to discover their results.]]> 2025-03-19T12:35:01+00:00 https://darktrace.com/blog/global-technology-provider-transforms-email-threat-detection-with-darktrace www.secnews.physaphae.fr/article.php?IdArticle=8656682 False Threat None 3.0000000000000000 DarkTrace - DarkTrace: AI bases detection Global Technology Provider Transforms Email Threat Detection with Darktrace To strengthen its distributed and complex operations, this global technology leader implemented Darktrace / EMAIL to monitor, detect, and mitigate potential email threats. Read the blog to discover their results.]]> 2025-03-19T12:35:01+00:00 https://www.darktrace.com/blog/global-technology-provider-transforms-email-threat-detection-with-darktrace www.secnews.physaphae.fr/article.php?IdArticle=8657146 False Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Flaw en clic zéro-cliquet corrigé exploité dans des attaques de logiciels spy WhatsApp patched zero-click flaw exploited in Paragon spyware attacks WhatsApp has patched a zero-click, zero-day vulnerability used to install Paragon\'s Graphite spyware following reports from security researchers at the University of Toronto\'s Citizen Lab. [...]]]> 2025-03-19T12:02:20+00:00 https://www.bleepingcomputer.com/news/security/whatsapp-patched-zero-day-flaw-used-in-paragon-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8656719 False Vulnerability,Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Gartner avertit que l'agentique AI accélérera les prises de contrôle du compte Gartner Warns Agentic AI Will Accelerate Account Takeovers Gartner has claimed that AI agents will reduce the time it takes to exploit exposed accounts]]> 2025-03-19T10:45:00+00:00 https://www.infosecurity-magazine.com/news/gartner-agentic-ai-accelerate/ www.secnews.physaphae.fr/article.php?IdArticle=8656658 False Threat None 2.0000000000000000 DarkTrace - DarkTrace: AI bases detection Survey findings: AI Cyber Threats are a Reality, the People are Acting Now Part 2/4: Darktrace releases insights on the State of AI in cybersecurity. This blog discusses AI\'s impact on the cyber threat landscape.]]> 2025-03-19T10:10:37+00:00 https://www.darktrace.com/blog/survey-findings-ai-cyber-threats-are-a-reality-the-people-are-acting-now www.secnews.physaphae.fr/article.php?IdArticle=8657149 False Threat None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Europol met en garde contre «l'alliance Shadow» entre les États et les criminels Europol Warns of “Shadow Alliance” Between States and Criminals Europol\'s annual report warns of a growing threat from aligned state and cybercrime groups, enabled by AI technologies]]> 2025-03-19T10:00:00+00:00 https://www.infosecurity-magazine.com/news/europol-warns-shadow-alliance/ www.secnews.physaphae.fr/article.php?IdArticle=8656648 False Threat None 2.0000000000000000 Cyble - CyberSecurity Firm CERT NZ partage le conseil critique pour CVE-2025-24813 Vulnérabilité dans Apache Tomcat CERT NZ Shares Critical Advisory for CVE-2025-24813 Vulnerability in Apache Tomcat 2025-03-19T08:35:18+00:00 https://cyble.com/blog/cert-nz-warns-of-cve-2025-24813-in-tomcat/ www.secnews.physaphae.fr/article.php?IdArticle=8656638 False Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms Au-delà de la formation: le point de preuve Zenguide élève la gestion des risques humains Beyond Training: Proofpoint ZenGuide Elevates Human Risk Management 2025-03-19T08:01:36+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/how-zenguide-elevates-human-risk-management www.secnews.physaphae.fr/article.php?IdArticle=8656819 False Tool,Vulnerability,Threat None 2.0000000000000000 ProofPoint - Cyber Firms CSPM vs DSPM: comprendre les différences CSPM vs. DSPM: Understanding the differences 2025-03-19T07:36:56+00:00 https://www.proofpoint.com/us/blog/dspm/cspm-vs-dspm-understanding-the-differences www.secnews.physaphae.fr/article.php?IdArticle=8656818 False Vulnerability,Threat,Cloud None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Arrêter les infostelleurs sur leurs traces Stopping Infostealers in their Tracks A new wave of malware is gaining traction in the form of infostealers, potent data-harvesting tools that have quickly become the go-to choice for threat actors due to their ability to quickly and effectively siphon sensitive information to sell on the dark web. Use of infostealers by groups specializing in ransomware surged by 266%, according [...]]]> 2025-03-19T06:52:02+00:00 https://informationsecuritybuzz.com/stopping-infostealers-in-their-tracks/ www.secnews.physaphae.fr/article.php?IdArticle=8656619 False Ransomware,Malware,Tool,Threat None 2.0000000000000000 The State of Security - Magazine Américain L'intersection de la politique publique et de la cybersécurité: construire un cadre pour 2025 et au-delà The Intersection of Public Policy and Cybersecurity: Building a Framework for 2025 and Beyond Introduction In a report published by Statista, cybercrime cost the world over $9 trillion in 2024 and is predicted to rise to nearly $14 trillion by 2028. These figures are a deep source of worry for governments and private businesses about what\'s next in the cyber threat landscape. The problem is that cyber threats are rising in both volume and scale. More so, the major threats are directed at emerging technologies, aiming to capitalize on weaknesses in emerging AI and ML systems. Cyber threats increasingly play a role in international conflicts, such as the recent reports of the “salt...]]> 2025-03-19T04:56:12+00:00 https://www.tripwire.com/state-of-security/intersection-public-policy-and-cybersecurity-building-framework-2025-and-beyond www.secnews.physaphae.fr/article.php?IdArticle=8656646 False Threat None 2.0000000000000000 ProofPoint - Cyber Firms Héros de la cybersécurité dès le premier jour: préparer de nouvelles embauches à être cyber-défenseurs Cybersecurity Heroes from Day One: Preparing New Hires to be Cyber Defenders 2025-03-19T04:18:01+00:00 https://www.proofpoint.com/us/blog/security-awareness-training/onboarding-kit-prepare-new-hires-to-be-cyber-defenders www.secnews.physaphae.fr/article.php?IdArticle=8656821 False Tool,Threat,Cloud None 3.0000000000000000 ProofPoint - Cyber Firms 260 000 raisons de changer: le leader de l'infrastructure se négocie anormal pour un point de preuve 260,000 Reasons to Switch: Infrastructure Leader Trades In Abnormal for Proofpoint 2025-03-19T02:43:37+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/missed-spam-emails-threats-abnormals-blind-spot www.secnews.physaphae.fr/article.php?IdArticle=8656820 False Ransomware,Spam,Malware,Tool,Threat,Prediction,Technical None 2.0000000000000000 Global Security Mag - Site de news francais Cloudflare, Inc. a lancé la plate-forme d'événements de menace CloudForce One Kense Cloudflare, Inc. launched the Cloudforce One threat events platform Revues de produits

Cloudflare expands threat intelligence offering with new comprehensive, real-time events platform Customers can tap into insights from Cloudflare\'s global network – one of the largest in the world – which blocked an average of 227 billion cyber threats each day during Q4 2024 - Product Reviews]]> 2025-03-18T22:01:33+00:00 https://www.globalsecuritymag.fr/cloudflare-inc-launched-the-cloudforce-one-threat-events-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8656555 False Threat None 2.0000000000000000 Global Security Mag - Site de news francais Les chercheurs de menace détectent 4x plus d'attaques compatibles avec l'identité alors que les infostateurs continuent de monter Threat Researchers Detect 4x More Identity-Enabled Attacks as Infostealers Continue to Surge Rapports spéciaux

Threat Researchers Detect 4x More Identity-Enabled Attacks as Infostealers Continue to Surge Red Canary\'s 2025 Threat Detection Report highlights top and emerging cybersecurity threats, including fakeCAPTCHA, LLMJacking, and macOS malware Adversaries have access to more tools than ever to compromise organizations, fueling a rise in attacks and straining security teams None of the nearly 93,000 threats analyzed in this report were prevented by customers\' expansive security controls, including all leading endpoint protection (EPP) and IAM platforms - Special Reports]]> 2025-03-18T21:48:41+00:00 https://www.globalsecuritymag.fr/threat-researchers-detect-4x-more-identity-enabled-attacks-as-infostealers.html www.secnews.physaphae.fr/article.php?IdArticle=8656558 False Tool,Threat None 2.0000000000000000 Recorded Future - FLux Recorded Future Les raccourcis de fenêtres empoisonnés se sont révélés être un favori du chinois, du russe et. Pirates d'État coréens Poisoned Windows shortcuts found to be a favorite of Chinese, Russian, N. Korean state hackers The Zero Day Initiative measured the prevalence of manipulated Windows shortcut files in campaigns attributed to nation-state hacking groups - finding at least 11 exploited a bug that allows malicious use of the files.]]> 2025-03-18T20:12:34+00:00 https://therecord.media/windows-lnk-files-nation-state-hacking-campaigns www.secnews.physaphae.fr/article.php?IdArticle=8656541 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Flaw Windows Zero-Day non corrigé exploité par 11 groupes de menaces parrainées par l'État depuis 2017 Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017 An unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017. The zero-day vulnerability, tracked by Trend Micro\'s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad actors to execute hidden]]> 2025-03-18T19:39:00+00:00 https://thehackernews.com/2025/03/unpatched-windows-zero-day-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8656478 False Vulnerability,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La nouvelle vulnérabilité Critical AMI BMC permet une prise de contrôle et des briques de serveur distant New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking A critical security vulnerability has been disclosed in AMI\'s MegaRAC Baseboard Management Controller (BMC) software that could allow an attacker to bypass authentication and carry out post-exploitation actions. The vulnerability, tracked as CVE-2024-54085, carries a CVSS v4 score of 10.0, indicating maximum severity. "A local or remote attacker can exploit the vulnerability by accessing the]]> 2025-03-18T19:01:00+00:00 https://thehackernews.com/2025/03/new-critical-ami-bmc-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8656480 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mirrorface liée à la Chine déploie Anel et Asyncrat dans une nouvelle opération de cyber-espionnage China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation Threat hunters have shed more light on a previously disclosed malware campaign undertaken by the China-aligned MirrorFace threat actor that targeted a diplomatic organization in the European Union with a backdoor known as ANEL. The attack, detected by ESET in late August 2024, singled out a Central European diplomatic institute with lures related to Word Expo, which is scheduled to kick off in]]> 2025-03-18T15:54:00+00:00 https://thehackernews.com/2025/03/china-linked-mirrorface-deploys-anel.html www.secnews.physaphae.fr/article.php?IdArticle=8656437 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Badbox 2.0 Botnet infecte 1 million d'appareils Android pour la fraude publicitaire et les abus de proxy BADBOX 2.0 Botnet Infects 1 Million Android Devices for Ad Fraud and Proxy Abuse At least four different threat actors have been identified as involved in an updated version of a massive ad fraud and residential proxy scheme called BADBOX, painting a picture of an interconnected cybercrime ecosystem. This includes SalesTracker Group, MoYu Group, Lemon Group, and LongTV, according to new findings from the HUMAN Satori Threat Intelligence and Research team, published in]]> 2025-03-18T15:31:00+00:00 https://thehackernews.com/2025/03/badbox-20-botnet-infects-1-million.html www.secnews.physaphae.fr/article.php?IdArticle=8656438 False Threat,Mobile Satori 3.0000000000000000 Dark Reading - Informationweek Branch Le bug de chat de chatpt exploité activement met en danger les organisations Actively Exploited ChatGPT Bug Puts Organizations at Risk A server-side request forgery vulnerability in OpenAI\'s chatbot infrastructure can allow attackers to direct users to malicious URLs, leading to a range of threat activity.]]> 2025-03-18T15:28:52+00:00 https://www.darkreading.com/cyberattacks-data-breaches/actively-exploited-chatgpt-bug-organizations-risk www.secnews.physaphae.fr/article.php?IdArticle=8656493 False Vulnerability,Threat ChatGPT 3.0000000000000000 The Register - Site journalistique Anglais Microsoft n'est pas de réparer l'exploit de raccourci de 8 ans abusé de l'espionnage Microsoft isn\\'t fixing 8-year-old shortcut exploit abused for spying \'Only\' a local access bug but important part of N Korea, Russia, and China attack picture An exploitation avenue found by Trend Micro has been used in an eight-year-long spying campaign, but there\'s no sign of a fix from Microsoft, which apparently considers this a low priority.…]]> 2025-03-18T15:13:08+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/18/microsoft_trend_flaw/ www.secnews.physaphae.fr/article.php?IdArticle=8656492 False Threat,Prediction None 3.0000000000000000 RedCanary - Red Canary Les attaques d'identité et les infostateurs dominent le rapport de détection de menace 2025 Identity attacks and infostealers dominate the 2025 Threat Detection Report Our annual analysis brings you a year\'s worth of security operations and intelligence insights, with actionable guidance on every page.]]> 2025-03-18T14:59:14+00:00 https://redcanary.com/blog/threat-detection/2025-threat-detection-report/ www.secnews.physaphae.fr/article.php?IdArticle=8656474 False Threat None 3.0000000000000000 Cyble - CyberSecurity Firm Rapport de vulnérabilité informatique: Cyble Insive Correses pour Apple, PHP Flaws IT Vulnerability Report: Cyble Urges Fixes for Apple, PHP Flaws 2025-03-18T13:33:57+00:00 https://cyble.com/blog/it-vulnerability-report-for-apple-php-flaws/ www.secnews.physaphae.fr/article.php?IdArticle=8656464 False Vulnerability,Threat,Patching None 2.0000000000000000 HackRead - Chercher Cyber Faux installateurs de l'IA profonde, sites Web et applications diffusant des logiciels malveillants Fake DeepSeek AI Installers, Websites, and Apps Spreading Malware Cybercriminals exploit AI hype with SEO poisoning, tricking users into downloading malware disguised as DeepSeek software, warns McAfee Labs in a new report.]]> 2025-03-18T13:16:45+00:00 https://hackread.com/fake-deepseek-ai-installers-websites-apps-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8656459 False Malware,Threat None 3.0000000000000000 Bleeping Computer - Magazine Américain Nouveau-jour Zero-Day exploité par 11 groupes de piratage d'État depuis 2017 New Windows zero-day exploited by 11 state hacking groups since 2017 At least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. [...]]]> 2025-03-18T13:11:24+00:00 https://www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/ www.secnews.physaphae.fr/article.php?IdArticle=8656512 False Vulnerability,Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Aperçu du rapport critique des cyber-menaces de Reliaquest pour l'hospitalité et les loisirs Insight Into Reliaquest\\'s Critical Cyber Threats to Hospitality and Recreation Report The latest threat landscape report from ReliaQuest has unearthed some concerning findings regarding the critical threats faced by the hospitality and recreation sector. These include identifying a 43% increase in ransomware attacks, the discovery that 44% of phishing emails contained credential harvesters, and a staggering 433% increase in external remote services abuse. The reporting period [...]]]> 2025-03-18T05:36:32+00:00 https://informationsecuritybuzz.com/insight-reliaquest-criti-cyber-threats/ www.secnews.physaphae.fr/article.php?IdArticle=8656388 False Ransomware,Threat None 2.0000000000000000 TrendLabs Security - Editeur Antivirus ZDI-CAN-25373: Exploit de raccourci Windows abusé comme zéro-jour dans des campagnes APT réparties ZDI-CAN-25373: Windows Shortcut Exploit Abused as Zero-Day in Widespread APT Campaigns Trend Zero Day Initiative™ (ZDI) uncovered both state-sponsored and cybercriminal groups extensively exploiting ZDI-CAN-25373, a Windows .lnk file vulnerability that enables hidden command execution.]]> 2025-03-18T00:00:00+00:00 https://www.trendmicro.com/en_us/research/25/c/windows-shortcut-zero-day-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=8656475 False Vulnerability,Threat,Prediction None 2.0000000000000000 Silicon - Site de News Francais { Tribune Expert } - Arrêtons de parler de " gestion des risques " en cybersécurité : parlons plutôt de " danger " 2025-03-18T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/cybersecurite-parlons-danger-gestion-risques-469050.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8656427 False Threat None 2.0000000000000000 Dark Reading - Informationweek Branch Clickfix Attack compromet plus de 100 sites de concessionnaires automobiles ClickFix Attack Compromises 100+ Car Dealership Sites The ClickFix attack tactic seems to be gaining traction among threat actors.]]> 2025-03-17T21:49:37+00:00 https://www.darkreading.com/cyberattacks-data-breaches/compromised-car-dealership-websites-clickfix-breach www.secnews.physaphae.fr/article.php?IdArticle=8656326 False Threat None 3.0000000000000000 HackRead - Chercher Cyber Les pirates exploitent Chatgpt avec CVE-2024-27564, plus de 10 000 attaques en une semaine Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week In its latest research report, cybersecurity firm Veriti has spotted active exploitation of a vulnerability within OpenAI’s ChatGPT…]]> 2025-03-17T21:26:03+00:00 https://hackread.com/hackers-exploit-chatgpt-cve-2024-27564-10000-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8656335 False Vulnerability,Threat ChatGPT 3.0000000000000000 Dark Reading - Informationweek Branch Le Danemark met en garde contre l'augmentation du cyber-espionnage contre le secteur des télécommunications Denmark Warns of Increased Cyber Espionage Against Telecom Sector A new threat assessment from the Danish Civil Protection Authority (SAMSIK) warned of cyberattacks targeting the telecommunications sector after citing a wave of incidents hitting European organizations the past few years.]]> 2025-03-17T21:14:26+00:00 https://www.darkreading.com/threat-intelligence/denmark-warns-increased-cyber-espionage-telecom-sector www.secnews.physaphae.fr/article.php?IdArticle=8656329 False Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future GitHub restaure le code après des modifications malveillantes de l'outil TJ-Actionn GitHub restores code following malicious changes to tj-actions tool GitHub was forced to take action this weekend to help users after a threat actor compromised a popular open source package used by more than 23,000 organizations.]]> 2025-03-17T20:36:44+00:00 https://therecord.media/github-restores-code-malicious-tj-actions-changes www.secnews.physaphae.fr/article.php?IdArticle=8656315 False Tool,Threat None 3.0000000000000000 The Last Watchdog - Blog Sécurité de Byron V Acohido ALERTE NOUVELLE: La recherche de Link11 \\ montre que les attaques DDOS sont plus ciblées - et doublées - d'une année sur l'autre News alert: Link11\\'s research shows DDoS attacks are more targeted - and doubled - year-over-year Francfort, Allemagne, 17 mars 2025, CyberNewswire - Les cyberattaques ne sont plus une menace abstraite - elles dominent la planification des risques pour les entreprises du monde entier. le dernier link11 Le rapport de cyber européen montre une tendance alarmante: le nombre d'attaques DDOS a plus que… (plus…) Le message News Alert: Link11 \'s Research Shows DDOS est plus ciblé - A et doublé - an-an-an-année href = "https://www.lastwatchdog.com"> Le dernier chien de garde .

>Frankfurt, Germany, Mar. 17, 2025, CyberNewswire — Cyberattacks are no longer an abstract threat – they dominate risk planning for companies worldwide. The latest Link11 European Cyber Report shows an alarming trend: the number of DDoS attacks has more than … (more…) The post News alert: Link11\'s research shows DDoS attacks are more targeted - and doubled - year-over-year first appeared on The Last Watchdog.]]> 2025-03-17T19:59:44+00:00 https://www.lastwatchdog.com/news-alert-link11s-research-shows-ddos-attacks-are-more-targeted-and-doubled-year-over-year/ www.secnews.physaphae.fr/article.php?IdArticle=8656306 False Threat,Prediction None 3.0000000000000000 Dark Reading - Informationweek Branch Vulnérabilité Apache Tomcat RCE sous le feu avec un exploit en 2 étapes Apache Tomcat RCE Vulnerability Under Fire With 2-Step Exploit The researchers who discovered the initial assault warned that the simple, staged attack is just the beginning for advanced exploit sequences that will test cyber defenses in new and more difficult ways.]]> 2025-03-17T18:52:23+00:00 https://www.darkreading.com/vulnerabilities-threats/apache-tomcat-rce-vulnerability-exploit www.secnews.physaphae.fr/article.php?IdArticle=8656299 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Une défaut de caméra Edimax non corrigé exploite pour les attaques de botnet Mirai depuis l'année dernière Unpatched Edimax Camera Flaw Exploited for Mirai Botnet Attacks Since Last Year An unpatched security flaw impacting the Edimax IC-7100 network camera is being exploited by threat actors to deliver Mirat botnet malware variants since at least May 2024. The vulnerability in question is CVE-2025-1316 (CVSS v4 score: 9.3), a critical operating system command injection flaw that an attacker could exploit to achieve remote code execution on susceptible devices by means of a]]> 2025-03-17T18:42:00+00:00 https://thehackernews.com/2025/03/unpatched-edimax-camera-flaw-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8656239 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les cybercriminels exploitent CSS pour échapper aux filtres de spam et suivre les utilisateurs de courriels \\ 'actions Cybercriminals Exploit CSS to Evade Spam Filters and Track Email Users\\' Actions Malicious actors are exploiting Cascading Style Sheets (CSS), which are used to style and format the layout of web pages, to bypass spam filters and track users\' actions. That\'s according to new findings from Cisco Talos, which said such malicious activities can compromise a victim\'s security and privacy. "The features available in CSS allow attackers and spammers to track users\' actions and]]> 2025-03-17T17:22:00+00:00 https://thehackernews.com/2025/03/cybercriminals-exploit-css-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8656240 False Spam,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ⚡ Recaps hebdomadaire thn: hacks de routeurs, attaques PYPI, nouveau décrypteur de ransomware, et plus ⚡ THN Weekly Recap: Router Hacks, PyPI Attacks, New Ransomware Decryptor, and More From sophisticated nation-state campaigns to stealthy malware lurking in unexpected places, this week\'s cybersecurity landscape is a reminder that attackers are always evolving. Advanced threat groups are exploiting outdated hardware, abusing legitimate tools for financial fraud, and finding new ways to bypass security defenses. Meanwhile, supply chain threats are on the rise, with open-source]]> 2025-03-17T16:55:00+00:00 https://thehackernews.com/2025/03/thn-weekly-recap-router-hacks-pypi.html www.secnews.physaphae.fr/article.php?IdArticle=8656205 False Ransomware,Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SANS Institute met en garde contre les nouvelles attaques de ransomwares natifs du nuage SANS Institute Warns of Novel Cloud-Native Ransomware Attacks The latest Palo Alto Networks Unit 42 Cloud Threat Report found that sensitive data is found in 66% of cloud storage buckets. This data is vulnerable to ransomware attacks. The SANS Institute recently reported that these attacks can be performed by abusing the cloud provider\'s storage security controls and default settings. “In just the past few months, I have witnessed two different methods for]]> 2025-03-17T16:30:00+00:00 https://thehackernews.com/2025/03/sans-institute-warns-of-novel-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8656206 False Ransomware,Threat,Cloud None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les chercheurs confirment Blacklock comme le changement de marque Eldorado Researchers Confirm BlackLock as Eldorado Rebrand DarkAtlas researchers have uncovered a direct link between BlackLock and the Eldorado ransomware group, confirming a rebranded identity of the notorious threat actor]]> 2025-03-17T16:30:00+00:00 https://www.infosecurity-magazine.com/news/researchers-confirm-blacklock/ www.secnews.physaphae.fr/article.php?IdArticle=8656275 False Ransomware,Threat None 2.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Améliorations des attaques de force brute Improvements in Brute Force Attacks GPU Cryptanalysis de force brutale de GPRS, GSM, RFID et TETRA: Cryptanalysis de Kasumi, Speck, et TETRA: Résumé: Les longueurs de clés de la cryptographie symétrique sont déterminées en ce qui concerne les attaques de force brute avec la technologie actuelle. Bien que de nos jours, au moins des clés de 128 bits soient recommandées, il existe de nombreuses normes et applications du monde réel qui utilisent des clés plus courtes. Afin d'estimer la menace réelle imposée en utilisant ces clés courtes, les estimations précises des attaques sont cruciales. Dans ce travail, nous fournissons des implémentations optimisées de plusieurs algorithmes largement utilisés sur les GPU, conduisant à des informations intéressantes sur le coût des attaques de force brute sur plusieurs applications réelles ...

New paper: “GPU Assisted Brute Force Cryptanalysis of GPRS, GSM, RFID, and TETRA: Brute Force Cryptanalysis of KASUMI, SPECK, and TEA3.” Abstract: Key lengths in symmetric cryptography are determined with respect to the brute force attacks with current technology. While nowadays at least 128-bit keys are recommended, there are many standards and real-world applications that use shorter keys. In order to estimate the actual threat imposed by using those short keys, precise estimates for attacks are crucial. In this work we provide optimized implementations of several widely used algorithms on GPUs, leading to interesting insights on the cost of brute force attacks on several real-word applications...]]> 2025-03-17T15:09:57+00:00 https://www.schneier.com/blog/archives/2025/03/improvements-in-brute-force-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8656262 False Threat None 3.0000000000000000 Checkpoint Research - Fabricant Materiel Securite 17 mars - Rapport de renseignement sur les menaces 17th March – Threat Intelligence Report Pour les dernières découvertes en cyber Les meilleures attaques et violations de la recherche sur le point de contrôle élaborent sur le groupe hacktiviste pro-palestinien «Dark Storm» qui a revendiqué l'attaque DDOS à grande échelle contre X (anciennement Twitter). L'attaque a perturbé l'accès à la plate-forme, provoquant des pannes pour les utilisateurs […]

>For the latest discoveries in cyber research for the week of 17th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Check Point Research elaborates about the pro-Palestinian hacktivist group “Dark Storm” which claimed the large-scale DDoS attack against X (formerly Twitter). The attack disrupted access to the platform, causing outages for users […] ]]> 2025-03-17T14:38:43+00:00 https://research.checkpoint.com/2025/17th-march-threat-intelligence-report/ www.secnews.physaphae.fr/article.php?IdArticle=8656258 False Threat None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Vérifier le point nommé Gold Winner pour la sécurité du cloud en 2025 Globee Cybersecurity Awards Check Point Named Gold Winner for Cloud Security in 2025 Globee Cybersecurity Awards Check Point est honoré d'être présenté en tant que gagnant de l'or pour la sécurité du cloud lors des Globee Cybersecurity Awards 2025. La plate-forme CloudGuard de Check Point \\ s'est distinguée pour son approche préventive de la sécurité du cloud, en se concentrant sur l'arrêt des cyberattaques avant d'infiltrer les environnements cloud en premier lieu. La suite de bout en bout de CloudGuard \\ de Solutions de sécurité cloud avancées, y compris le pare-feu d'application Web (WAF), la sécurité automatisée du réseau, la détection et la réponse du cloud (CDR) et la sécurité du code, permet aux organisations de promulguer une approche unique et alimentée par AI qui priorise la gestion des risques et la prévention des menaces, la réduction des profils de risque globaux pour les organisations à l'échelle mondiale. Les Globee® Awards pour la cybersécurité mettent en lumière le […]

>Check Point is honored to be featured as a Gold Winner for Cloud Security in the 2025 Globee Cybersecurity Awards. Check Point\'s CloudGuard platform distinguished itself for its preventive approach to cloud security, focusing on stopping cyber attacks before they infiltrate cloud environments in the first place. CloudGuard\'s end-to-end suite of advanced cloud security solutions, including web application firewall (WAF), automated network security, cloud detection and response (CDR), and code security, enables organizations to enact a unique, AI-powered approach that prioritizes risk management and threat prevention, reducing overall risk profiles for organizations globally. The Globee® Awards for Cybersecurity spotlight the […] ]]> 2025-03-17T13:00:25+00:00 https://blog.checkpoint.com/security/check-point-named-gold-winner-for-cloud-security-in-2025-globee-cybersecurity-awards/ www.secnews.physaphae.fr/article.php?IdArticle=8656219 False Threat,Cloud None 2.0000000000000000 Cyble - CyberSecurity Firm Faux PDG, vraie fraude: les autorités de Singapour mettent en garde contre les escroqueries en affaires Deepfake Fake CEOs, Real Fraud: Singapore Authorities Warn of Deepfake Business Scams Overview The Singapore Police Force (SPF), the Monetary Authority of Singapore (MAS), and the Cyber Security Agency of Singapore (CSA) have jointly issued a public advisory warning about a new series of scams involving digital manipulation. These scams leverage Artificial Intelligence (AI) to create synthetic media, commonly known as deepfakes. This allows scammers to impersonate high-ranking executives and deceive employees into transferring funds from corporate accounts. The Evolution of Digital Manipulation Scams In this emerging scam variant, fraudsters exploit AI-driven technology to manipulate video and audio, convincingly mimicking the facial features, voice, and gestures of senior executives. The technique involves scammers contacting victims via unwanted WhatsApp messages, claiming to be executives from the victims\' own companies. Victims are then invited to a live Zoom video call, during which they encounter fake visuals of their high-ranking executives, sometimes accompanied by individuals impersonating MAS officials or potential investors. Step-by-Step Breakdown of the Scam Initial Contact: Victims receive WhatsApp messages from scammers impersonating company executives. ]]> 2025-03-17T12:18:28+00:00 https://cyble.com/blog/fake-ceos-real-singapore-warns-of-deepfake-fraud/ www.secnews.physaphae.fr/article.php?IdArticle=8656222 False Tool,Threat,Legislation None 3.0000000000000000 Bleeping Computer - Magazine Américain Attaque de la chaîne d'approvisionnement contre l'action GitHub populaire expose les secrets CI / CD Supply chain attack on popular GitHub Action exposes CI/CD secrets A supply chain attack on the widely used \'tj-actions/changed-files\' GitHub Action, used by 23,000 repositories, potentially allowed threat actors to steal CI/CD secrets from GitHub Actions build logs. [...]]]> 2025-03-17T11:24:46+00:00 https://www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/ www.secnews.physaphae.fr/article.php?IdArticle=8656264 False Threat None 2.0000000000000000 Cyble - CyberSecurity Firm MEDUSA Ransomware atteint les niveaux record, le FBI et la CISA fournissent des informations de sécurité clés Medusa Ransomware Hits Record Levels, FBI and CISA Provide Key Security Insights Le FBI et l'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) ont publié un avis bien à la fois sur le groupe Ransomware Medusa la semaine dernière, car Cyble a détecté une accélération dans les activités du groupe au cours des derniers mois. medusa Ransomware Attacks ont été un événement presque quotidien jusqu'à présent, fonctionnant près de 45% plus élevé que les niveaux d'attaque du groupe \\ 2024, selon Cyble Threat Intelligence Données. Le cisa-fbi consultatif Examine le groupe Ransomware-as-a-Service (RAAS) du groupe, des techniques, des techniques et des procédures (TTPS). (IOCS), mitre att & ck Techniques, et plus, basé sur des enquêtes récentes du FBI. Les attaques de ransomwares Medusa ont augmenté en février Cyble a enregistré 60 victimes de ransomwares de méduse au cours des 72 premiers jours de 2025, à un rythme de plus de 300 attaques cette année. Ce serait considérablement à partir des 211 attaques de ransomwares MEDUSA enregistrées par Cyble en 2024. Le volume d'attaque a culminé en février, avec 33 victimes revendiquées par le groupe au cours du mois de 28 jours. Février était un mois record pour les attaques de ransomware en général, comme enregistré par les données Cyble. Cyble a e]]> 2025-03-17T11:01:48+00:00 https://cyble.com/blog/medusa-ransomware-surges-as-fbi-share-insight/ www.secnews.physaphae.fr/article.php?IdArticle=8656193 False Ransomware,Tool,Vulnerability,Threat,Patching,Mobile,Medical None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite S'attaquer à la menace du cyber-risque pendant l'adoption de l'IA Tackling the threat of cyber risk during AI adoption Ever since AI\'s meteoric rise to prominence following the release of ChatGPT in November 2022, the technology has been at the centre of international debate. For every application in healthcare, education, and workplace efficiency, reports of abuse by cybercriminals for phishing campaigns, automating attacks, and ransomware have made mainstream news. Regardless of whether individuals and [...]]]> 2025-03-17T06:49:07+00:00 https://informationsecuritybuzz.com/threat-of-cyber-risk-during-ai-adoptio/ www.secnews.physaphae.fr/article.php?IdArticle=8656157 False Ransomware,Threat,Medical ChatGPT 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Asyncrat augmente dans le classement des logiciels malveillants mondiaux AsyncRAT Surges in Global Malware Rankings The latest Global Threat Index from Check Point Software Technologies has revealed a sharp rise in AsyncRAT attacks, pushing this stealthy remote access Trojan (RAT) into the top four most prevalent malware strains worldwide. This is a concerning trend: malicious actors are increasingly eyeing and exploiting trusted platforms to slip through security nets and gain [...]]]> 2025-03-17T05:10:37+00:00 https://informationsecuritybuzz.com/asyncrat-surges-global-malware-ranks/ www.secnews.physaphae.fr/article.php?IdArticle=8656149 False Malware,Threat,Prediction None 3.0000000000000000 The State of Security - Magazine Américain Le rôle de la localisation dans l'atténuation des menaces de cybersécurité The Role of Localization in Cybersecurity Threat Mitigation If your website is targeting multiple states or countries, by default, you face a double-pronged challenge: adapting to regional regulatory demands while defending against sophisticated cyber threats. Tackling this requires localization. But what does the term actually entail? Localization isn\'t just about tailoring products, services, and infrastructure to meet local market requirements; it has emerged as a critical tool for compliance and cybersecurity threat mitigation. Strategic localization can address supply chain vulnerabilities, enhance regional threat intelligence, and foster...]]> 2025-03-17T05:05:07+00:00 https://www.tripwire.com/state-of-security/role-localization-cybersecurity-threat-mitigation www.secnews.physaphae.fr/article.php?IdArticle=8656176 False Tool,Vulnerability,Threat None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Bitm up! Session Volant en quelques secondes en utilisant la technique du navigateur dans le milieu BitM Up! Session Stealing in Seconds Using the Browser-in-the-Middle Technique Executive Summary The Rise of Browser in the Middle (BitM): BitM attacks offer a streamlined approach, allowing attackers to quickly compromise sessions across various web applications. MFA Remains Crucial, But Not Invulnerable: Multi-factor authentication (MFA) is a vital security measure, yet sophisticated social engineering tactics now effectively bypass it by targeting session tokens. Strong Defenses Are Imperative: To counter these threats, organizations must implement robust defenses, including hardware-based MFA, client certificates, and FIDO2. Social Engineering and Multi-Factor Authentication Social engineering campaigns pose a significant threat to organizations and businesses as they capitalize on human vulnerabilities by exploiting cognitive biases and weaknesses in security awareness. During a social engineering campaign, a red team operator typically targets a victim\'s username and password. A common mitigation used to address these threats are security measures like multi-factor authentication (MFA). MFA is a security measure that requires users to provide two or more methods of authentication when logging in to an account or accessing a protected resource. This makes it more difficult for unauthorized users to gain access to sensitive information even if they have obtained one of the factors, such as a password. Red team operators have long targeted various methods of obtaining user session tokens with a high degree of success. Once a user has completed MFA and is successfully authenticated, the application typically stores a session token in the user\'s browser to maintain their authenticated state. Stealing this session token is the equivalent of stealing the authenticated session, meaning an adversary would no longer need to perform the MFA challenge. This makes session tokens a valuable target for adversaries and red team operators alike. Techniques for Targeting Tokens Red team operators can target these session tokens using a variety of tools and techniques. The most common tool is Evilginx2, a transparent proxy where a red team operator\'s server acts as an intermediary between the victim and the targeted service. Any HTTP requests made by the victim are captured by the phishing server and then forwarded directly to the intended website. However, before returning the responses to the victim, the server subtly modifies them by replacing any references to the legitimate domain with the phishing domain. This manipulation allows operators to not only capture the victim\'s login credentials from POST requests but also to extract session cookies (tokens) from the server\'s response headers after the victim has completed authentication and MFA prompts. During a red team engagement, a consultant working within a constrained time]]> 2025-03-17T05:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/session-stealing-browser-in-the-middle/ www.secnews.physaphae.fr/article.php?IdArticle=8656230 False Tool,Vulnerability,Threat None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Renforcement de la réponse des incidents OT / ICS pour répondre à la complexité croissante des cybermenaces, offrir la continuité des activités Strengthening OT/ICS incident response to address growing complexity of cyber threats, deliver business continuity Evolving cyber threat landscapes have led to OT/ICS incident response priorities being under significant pressure. By stressing the... ]]> 2025-03-16T12:10:24+00:00 https://industrialcyber.co/features/strengthening-ot-ics-incident-response-to-address-growing-complexity-of-cyber-threats-deliver-business-continuity/ www.secnews.physaphae.fr/article.php?IdArticle=8656047 False Threat,Industrial None 2.0000000000000000 Dark Reading - Informationweek Branch L'acteur de menace imite Booking.com dans le programme de phishing Threat Actor Impersonates Booking.com in Phishing Scheme Microsoft detailed a sophisticated campaign that relies on a social engineering technique, "ClickFix," in which a phisher uses security verification like captcha to give the target a false sense of safety.]]> 2025-03-14T20:07:52+00:00 https://www.darkreading.com/threat-intelligence/threat-actor-booking-com-clickfix-phishing-scheme www.secnews.physaphae.fr/article.php?IdArticle=8655809 False Threat None 3.0000000000000000 Dark Reading - Informationweek Branch L'acteur de menace lié à Lockbit Ransomware cible les utilisateurs de Fortinet Threat Actor Tied to LockBit Ransomware Targets Fortinet Users The Mora_001 group uses similar post-exploitation patterns and ransomware customization originated by LockBit.]]> 2025-03-14T17:25:44+00:00 https://www.darkreading.com/cyberattacks-data-breaches/actor-tied-lockbit-ransomware-targets-fortinet-users www.secnews.physaphae.fr/article.php?IdArticle=8655782 False Ransomware,Threat None 3.0000000000000000 Recorded Future - FLux Recorded Future Le secteur des télécommunications de l'Europe sous une menace accrue des cyber-espions, avertit le Danemark Europe\\'s telecoms sector under increased threat from cyber spies, warns Denmark State-sponsored cyber espionage is a bigger threat than ever to Europe\'s telecommunications networks, according to a new assessment from Denmark\'s government.]]> 2025-03-14T12:04:33+00:00 https://therecord.media/europe-increased-cyber-espionage-telecoms-denmark-report www.secnews.physaphae.fr/article.php?IdArticle=8655725 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Obscure # Bat Malware utilise de fausses pages CAPTCHA pour déployer RootKit R77 et échapper à la détection OBSCURE#BAT Malware Uses Fake CAPTCHA Pages to Deploy Rootkit r77 and Evade Detection A new malware campaign has been observed leveraging social engineering tactics to deliver an open-source rootkit called r77. The activity, condemned OBSCURE#BAT by Securonix, enables threat actors to establish persistence and evade detection on compromised systems. It\'s currently not known who is behind the campaign. The rootkit "has the ability to cloak or mask any file, registry key or task]]> 2025-03-14T11:07:00+00:00 https://thehackernews.com/2025/03/obscurebat-malware-uses-fake-captcha.html www.secnews.physaphae.fr/article.php?IdArticle=8655674 False Malware,Threat None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les fraudeurs ont usuré les ransomwares de clope pour extorquer les entreprises Fraudsters Impersonate Clop Ransomware to Extort Businesses Barracuda observed threat actors impersonating the Clop ransomware group via email to extort payments, claiming to have exfiltrated sensitive data]]> 2025-03-14T11:00:00+00:00 https://www.infosecurity-magazine.com/news/fraudsters-clop-ransomware-extort/ www.secnews.physaphae.fr/article.php?IdArticle=8655716 False Ransomware,Threat None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET Quand il rencontre OT: Cybersecurity for the Physical World When IT meets OT: Cybersecurity for the physical world While relatively rare, real-world incidents impacting operational technology highlight that organizations in critical infrastructure can\'t afford to dismiss the OT threat]]> 2025-03-14T10:00:00+00:00 https://www.welivesecurity.com/en/critical-infrastructure/when-it-meets-ot-cybersecurity-physical-world/ www.secnews.physaphae.fr/article.php?IdArticle=8661306 False Threat,Industrial None 3.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Microsoft découvre la nouvelle variante de logiciels malveillants XCSset macOS ciblant les projets Microsoft Uncovers New XCSSET macOS Malware Variant Targeting Xcode Projects Microsoft Threat Intelligence has discovered a new variant of XCSSET, a sophisticated modular macOS malware that targets Xcode projects. The malware was found in the wild during routine threat hunting and is the first known XCSSET variant to surface since 2022. This new version of XCSSET features stronger obfuscation methods, updated techniques to maintain persistence [...]]]> 2025-03-14T06:11:18+00:00 https://informationsecuritybuzz.com/microsoft-uncover-xcsset-macos-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8655681 False Malware,Threat None 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite Volt Typhoon trouvé à l'intérieur du Massachusetts Electric Utility pendant près d'un an Volt Typhoon Found Inside Massachusetts Electric Utility for Nearly a Year Industrial cybersecurity firm Dragos has revealed that a small electric and water utility in Massachusetts was breached by a sophisticated Chinese Advanced Persistent Threat (APT) group for over 300 days. The attack targeted Littleton Electric Light and Water Departments (LELWD), which serves the towns of Littleton and Boxborough. According to a Dragos case study, the [...]]]> 2025-03-14T05:30:55+00:00 https://informationsecuritybuzz.com/volt-typhoon-fo-massachusetts-electric/ www.secnews.physaphae.fr/article.php?IdArticle=8655672 False Threat,Studies,Industrial Guam 4.0000000000000000 Silicon - Site de News Francais Joaquin Fuentes, Field CISO de GitLab : " La maîtrise du "prompt engineering" devient essentielle pour tester les garde-fous des systèmes d\'IA " 2025-03-14T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/joaquin-fuentes-ciso-maitrise-prompt-engineering-essentielle-468967.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8655762 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Scarcruft de la Corée du Nord déploie des logiciels malveillants kospys, espionnant les utilisateurs d'Android via de fausses applications utilitaires North Korea\\'s ScarCruft Deploys KoSpy Malware, Spying on Android Users via Fake Utility Apps The North Korea-linked threat actor known as ScarCruft is said to have been behind a never-before-seen Android surveillance tool named KoSpy targeting Korean and English-speaking users. Lookout, which shared details of the malware campaign, said the earliest versions date back to March 2022. The most recent samples were flagged in March 2024. It\'s not clear how successful these efforts were. "]]> 2025-03-13T19:53:00+00:00 https://thehackernews.com/2025/03/north-koreas-scarcruft-deploys-kospy.html www.secnews.physaphae.fr/article.php?IdArticle=8655561 False Malware,Tool,Threat,Mobile APT 37 2.0000000000000000 Recorded Future - FLux Recorded Future Le législateur européen dit que l'UE s'est engagée à poursuivre les transferts de données pour nous European lawmaker says EU is committed to continuing data transfers to US Experts have speculated that under the Trump administration an agreement which safeguards the flow of commercial data between Europe and the U.S. could be under threat.]]> 2025-03-13T19:20:05+00:00 https://therecord.media/lawmaker-data-transfer-us-mcgrath www.secnews.physaphae.fr/article.php?IdArticle=8655608 False Threat,Commercial None 3.0000000000000000 Netskope - etskope est une société de logiciels américaine fournissant une plate-forme de sécurité informatique Déverrouiller l'expédition de journaux sans couture via l'intégration avec Microsoft Sentinel Unlock Seamless Log Shipping via Integration with Microsoft Sentinel Dans le paysage de sécurité d'aujourd'hui, la visibilité et les informations en temps réel sur les données de votre organisation sont essentielles pour la chasse aux menaces et la gestion des incidents efficaces. Pour répondre à ces besoins, NetSkope a développé une intégration native avec Microsoft Sentinel en utilisant les organisations de plate-forme de connecteur sans code pour diffuser facilement toutes les alertes CASB, les incidents DLP et les journaux de menaces dans SIEM de Cloud-Native de Microsoft \\. […]

>In today\'s security landscape, visibility and real-time insights into your organization\'s data are critical for effective threat hunting and incident management. To meet these needs, Netskope has developed a native integration with Microsoft Sentinel using the Codeless Connector Platform-allowing organizations to easily stream all CASB alerts, DLP incidents, and threat logs into Microsoft\'s cloud-native SIEM. […] ]]> 2025-03-13T15:59:19+00:00 https://www.netskope.com/blog/unlock-seamless-log-shipping-via-integration-with-microsoft-sentinel www.secnews.physaphae.fr/article.php?IdArticle=8655568 False Threat None 3.0000000000000000 The Register - Site journalistique Anglais Que \\ 'en colère \\' e-mail de booking.com? C'est une arnaque, pas une revue 1 étoile That \\'angry guest\\' email from Booking.com? It\\'s a scam, not a 1-star review 2025-03-13T15:02:01+00:00 https://go.theregister.com/feed/www.theregister.com/2025/03/13/bookingdotcom_phishing_campaign/ www.secnews.physaphae.fr/article.php?IdArticle=8655559 False Malware,Threat None 1.00000000000000000000 Zimperium - cyber risk firms for mobile Enhancing Mobile Security: Zimperium and CrowdStrike Expand Strategic Partnership Zimperium et Crowdstrike ont élargi leur partenariat, intégrant la défense des menaces mobiles de Zimperium (MTD) avec Crowdstrike Falcon® Next-Gen Siem.

>Zimperium and CrowdStrike have expanded their partnership, integrating Zimperium\'s Mobile Threat Defense (MTD) with CrowdStrike Falcon® Next-Gen SIEM. ]]> 2025-03-13T14:00:00+00:00 https://www.zimperium.com/blog/enhancing-mobile-security-zimperium-and-crowdstrike-expand-strategic-partnership/ www.secnews.physaphae.fr/article.php?IdArticle=8655537 False Threat,Mobile None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Mandiant découvre les déambulations personnalisées sur les routeurs Juniper Junos OS, liés au groupe d'espionnage chinois UNC3886 Mandiant uncovers custom backdoors on Juniper Junos OS routers, linked to Chinese espionage group UNC3886 Researchers from Mandiant identified that threat actors have been deploying custom backdoors on Juniper Networks\' Junos OS routers... ]]> 2025-03-13T12:58:00+00:00 https://industrialcyber.co/critical-infrastructure/mandiant-uncovers-custom-backdoors-on-juniper-junos-os-routers-linked-to-chinese-espionage-group-unc3886mandiant-uncovers-custom-backdoors-on-juniper-junos-os-routers-linked-to-chinese-espionage-grou/ www.secnews.physaphae.fr/article.php?IdArticle=8655527 False Threat None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial Les États-Unis expose la menace des ransomwares de Medusa, car plus de 300 organisations ciblées dans le secteur des infrastructures critiques US exposes Medusa ransomware threat, as over 300 organizations targeted across critical infrastructure sector U.S. Les agences ont publié un conseil en cybersécurité collaboratif détaillant les tactiques, les techniques et les procédures (TTPS), les indicateurs du compromis ...

>U.S. agencies have released a collaborative cybersecurity advisory detailing the tactics, techniques, and procedures (TTPs), indicators of compromise... ]]> 2025-03-13T08:55:44+00:00 https://industrialcyber.co/cisa/us-exposes-medusa-ransomware-threat-as-over-300-organizations-targeted-across-critical-infrastructure-sector/ www.secnews.physaphae.fr/article.php?IdArticle=8655473 False Ransomware,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Attention, une cyberattaque est en cours en ce moment même Malwares]]> 2025-03-13T08:01:19+00:00 https://www.globalsecuritymag.fr/attention-une-cyberattaque-est-en-cours-en-ce-moment-meme.html www.secnews.physaphae.fr/article.php?IdArticle=8655464 False Threat None 2.0000000000000000 The State of Security - Magazine Américain MEDUSA Ransomware: les organisations du FBI et de la CISA exhortent à agir maintenant pour atténuer la menace Medusa Ransomware: FBI and CISA Urge Organizations to Act Now to Mitigate Threat The Medusa ransomware gang continues to present a major threat to the critical infrastructure sector, according to a newly-released joint advisory from the FBI, Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing and Analysis Center (MS-ISAC). As of February 2025, the Medusa ransomware operation, which we have previously detailed on the Tripwire State of Security blog, had hit over 300 organisations from a variety of critical infrastructure sectors with affected industries including education, health, legal, insurance, technology, and manufacturing...]]> 2025-03-13T07:55:15+00:00 https://www.tripwire.com/state-of-security/medusa-ransomware-fbi-and-cisa-urge-organizations-act-now-mitigate-threat www.secnews.physaphae.fr/article.php?IdArticle=8655529 False Ransomware,Threat None 2.0000000000000000 Techworm - News Apple patchs webkit zéro jour en attaques sophistiquées Apple Patches WebKit Zero-Day In Sophisticated Attacks ios 18.3, iPados 18.3.2 href = "https://support.apple.com/en-us/122284" data-wpel-kink = "external" rel = "nofollow novener noreferrer"> visionos 2.3.2 , macOS Sequoia 15.3.2 , et safari 18.3.1 . Tous les utilisateurs d'Apple sont fortement recommandés pour mettre à jour leurs appareils iPhones, iPads, Mac et Vision Pro à la dernière version du système d'exploitation pour se protéger de toute attaque potentielle.

Apple on Tuesday rolled out an emergency security update to patch a critical WebKit vulnerability that has been actively exploited in “extremely sophisticated” cyberattacks. The zero-day vulnerability, CVE-2025-24201, is an out-of-bounds write issue that affects WebKit, the engine that powers Apple\'s web browser Safari and many other apps and web browsers on macOS, iOS, Linux, and Windows. This flaw allows attackers to maliciously use crafted web content to break out of the Web Content sandbox. “This is a supplementary fix for an attack that was blocked in iOS 17.2. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2,” the Cupertino giant wrote in security advisories issued on Tuesday. Apple has not yet credited any specific researcher with discovering this security vulnerability. It has also not provided any technical details on the zero-day vulnerability or the nature of the attacks. Below is the complete list of models affected by the zero-day vulnerability, which are: iPhone XS and later iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th]]> 2025-03-12T23:06:28+00:00 https://www.techworm.net/2025/03/apple-patch-webkit-zero-day-sophisticated-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8655345 False Vulnerability,Threat,Technical None 2.0000000000000000 Dark Reading - Informationweek Branch Apple laisse tomber un autre bogue webkit zéro-jour Apple Drops Another WebKit Zero-Day Bug A threat actor leveraged the vulnerability in an "extremely sophisticated" attack on targeted iOS users, the company says.]]> 2025-03-12T20:48:51+00:00 https://www.darkreading.com/mobile-security/apple-drops-another-webkit-zero-day-bug www.secnews.physaphae.fr/article.php?IdArticle=8655377 False Vulnerability,Threat None 2.0000000000000000 Global Security Mag - Site de news francais Entre protection contre les menaces et intégration de l\'IA, les entreprises françaises multiplient leurs investissements dans les applications de sécurité Investigations]]> 2025-03-12T18:13:16+00:00 https://www.globalsecuritymag.fr/entre-protection-contre-les-menaces-et-integration-de-l-ia-les-entreprises.html www.secnews.physaphae.fr/article.php?IdArticle=8655358 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Plus de 400 IPs exploitant plusieurs vulnérabilités SSRF dans la cyberattaque coordonnée Over 400 IPs Exploiting Multiple SSRF Vulnerabilities in Coordinated Cyber Attack Threat intelligence firm GreyNoise is warning of a "coordinated surge" in the exploitation of Server-Side Request Forgery (SSRF) vulnerabilities spanning multiple platforms. "At least 400 IPs have been seen actively exploiting multiple SSRF CVEs simultaneously, with notable overlap between attack attempts," the company said, adding it observed the activity on March 9, 2025. The countries which]]> 2025-03-12T17:26:00+00:00 https://thehackernews.com/2025/03/over-400-ips-exploiting-multiple-ssrf.html www.secnews.physaphae.fr/article.php?IdArticle=8655284 False Vulnerability,Threat None 3.0000000000000000 Cyble - CyberSecurity Firm CISA ajoute cinq nouvelles vulnérabilités à son catalogue de vulnérabilités exploitées connues CISA Adds Five New Vulnerabilities to Its Known Exploited Vulnerabilities Catalog aperçu L'Agence de sécurité de la cybersécurité et de l'infrastructure (CISA) a récemment mis à jour son catalogue connu sur les vulnérabilités exploitées (KEV) en ajoutant cinq vulnérabilités exploitées par les cybercriminels. Ces nouvelles entrées mettent en évidence les défauts critiques dans les systèmes logiciels largement utilisés, y compris ceux qui ont un impact sur le Veracore Advantive et Ivanti Endpoint Manager (EPM). L'identification de ces vulnérabilités met l'accent Cybersecurity Les risques pour les stratégies fédérales et privées, ainsi que la nécessité de l'urg des organisations. Dans le cadre de ses efforts en cours pour protéger les infrastructures critiques, CISA a mis en évidence le ]]> 2025-03-12T15:03:52+00:00 https://cyble.com/blog/cisa-adds-5-flaws-to-kev-catalog/ www.secnews.physaphae.fr/article.php?IdArticle=8655309 False Tool,Vulnerability,Threat,Patching None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les identités de la machine sont plus nombreuses que les humains augmentant le risque de sept fois Machine Identities Outnumber Humans Increasing Risk Seven-Fold Surging machine identities, faster threat detection and fewer vulnerabilities are shaping cloud security according to a new report]]> 2025-03-12T14:30:00+00:00 https://www.infosecurity-magazine.com/news/machine-identities-outnumber/ www.secnews.physaphae.fr/article.php?IdArticle=8655310 False Vulnerability,Threat,Cloud None 3.0000000000000000 Mandiant - Blog Sécu de Mandiant Ghost in the Router: China-Nexus Espionage Actor UNC3886 cible les routeurs de genévriers Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers Introduction In mid 2024, Mandiant discovered threat actors deployed custom backdoors on Juniper Networks\' Junos OS routers. Mandiant attributed these backdoors to the China-nexus espionage group, UNC3886. Mandiant uncovered several TINYSHELL-based backdoors operating on Juniper Networks\' Junos OS routers. The backdoors had varying custom capabilities, including active and passive backdoor functions, as well as an embedded script that disables logging mechanisms on the target device. Mandiant worked with Juniper Networks to investigate this activity and observed that the affected Juniper MX routers were running end-of-life hardware and software. Mandiant recommends that organizations upgrade their Juniper devices to the latest images released by Juniper Networks, which includes mitigations and updated signatures for the Juniper Malware Removal Tool (JMRT). Organizations should run the JMRT Quick Scan and Integrity Check after the upgrade. Mandiant has reported on similar custom malware ecosystems in 2022 and 2023 that UNC3886 deployed on virtualization technologies and network edge devices. This blog post showcases a development in UNC3886\'s tactics, techniques and procedures (TTPs), and their focus on malware and capabilities that enable them to operate on network and edge devices, which typically lack security monitoring and detection solutions, such as endpoint detection and response (EDR) agents. Mandiant previously reported on UNC3886\'s emphasis on techniques to gather and use legitimate credentials to move laterally within a network, undetected. These objectives remained consistent but were pursued with the introduction of a new tool in 2024. Observations in this blog post strengthen our assessment that the actor\'s focus is on maintaining long-term access to victim networks. UNC3886 continues to show a deep understanding of the underlying technology of the appliances being targeted. At the time of writing, Mandiant has not identified any technical overlaps between activities detailed in this blog post and those publicly reported by other parties as Volt Typhoon or Salt Typhoon. Attribution UNC3886 is a highly adept China-nexu]]> 2025-03-12T14:00:00+00:00 https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers/ www.secnews.physaphae.fr/article.php?IdArticle=8655317 False Malware,Tool,Vulnerability,Threat,Patching,Prediction,Cloud,Technical Guam 2.0000000000000000 Bleeping Computer - Magazine Américain Le nouveau logiciel spyware Android nord-coréen se glisse sur Google Play New North Korean Android spyware slips onto Google Play A new Android spyware named \'KoSpy\' is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. [...]]]> 2025-03-12T13:35:10+00:00 https://www.bleepingcomputer.com/news/security/new-north-korean-android-spyware-slips-onto-google-play/ www.secnews.physaphae.fr/article.php?IdArticle=8655346 False Threat,Mobile None 2.0000000000000000 IndustrialCyber - cyber risk firms for industrial ForeScout élargit les recherches sur les pirates de renard Silver, révèle que des grappes de logiciels malveillants ciblant les soins de santé via DICOM, HL7 exploite Forescout widens research on Silver Fox hackers, reveals malware clusters targeting healthcare through DICOM, HL7 exploits Following last month\'s research on a new campaign by the Chinese threat actor Silver Fox, which exploited Philips... ]]> 2025-03-12T13:07:40+00:00 https://industrialcyber.co/medical/forescout-widens-research-on-silver-fox-hackers-reveals-malware-clusters-targeting-healthcare-through-dicom-hl7-exploits/ www.secnews.physaphae.fr/article.php?IdArticle=8655279 False Malware,Threat,Medical None 3.0000000000000000 Checkpoint - Fabricant Materiel Securite Le rôle de WAF dans les services financiers et financiers The Role of WAF in Fintech & Financial Services Le secteur financier sert de squelette de l'économie mondiale, ce qui en fait l'une des industries les plus ciblées pour les cyberattaques. À mesure que la banque en ligne, les transactions mobiles et les innovations fintech se développent, les cyber-menaces continuent d'évoluer. Les cyber-criminels exploitent continuellement les vulnérabilités dans les applications financières, rendant les solides mesures de sécurité essentielles pour protéger les données sensibles des clients, les transactions et les opérations commerciales. Pour atténuer ces risques, les pare-feu efficaces d'application Web (WAF) sont devenus un mécanisme de sécurité crucial pour les services financiers. Dans le récent radar Gigaom pour les applications et le rapport de sécurité des API, Gigaom souligne le rôle essentiel des mesures de sécurité intégrées dans le paysage numérique d'aujourd'hui. Le […]

The financial sector serves as the backbone of the global economy, making it one of the most targeted industries for cyber attacks. As online banking, mobile transactions, and fintech innovations expand, cyber threats continue to evolve. Cyber criminals continuously exploit vulnerabilities in financial applications, making strong security measures essential for protecting sensitive customer data, transactions, and business operations. To mitigate these risks, efficient web application firewalls (WAFs) have become a crucial security mechanism for financial services. In recent GigaOm Radar for Application and API Security report, GigaOm emphasizes the critical role of integrated security measures in today’s digital landscape. The […] ]]> 2025-03-12T13:00:05+00:00 https://blog.checkpoint.com/securing-the-cloud/the-role-of-waf-in-fintech-financial-services/ www.secnews.physaphae.fr/article.php?IdArticle=8655294 False Vulnerability,Threat,Mobile None 3.0000000000000000 Cisco - Security Firm Blog Le ciel quantique tombe! Comprendre la menace quantique pour la sécurité du réseau The Quantum Sky Is Falling! Understanding the Quantum Threat to Network Security Demystify the potential threat that quantum computing poses to encryption and the security of the network.]]> 2025-03-12T12:00:00+00:00 https://blogs.cisco.com/security/understanding-the-quantum-threat-to-network-security/ www.secnews.physaphae.fr/article.php?IdArticle=8655264 False Threat None 2.0000000000000000 HackRead - Chercher Cyber La menace croissante des attaques d'API: comment sécuriser vos API en 2025 The Rising Threat of API Attacks: How to Secure Your APIs in 2025 API attacks are constantly on the rise, with a recent alarming study showing that 59% of organizations give…]]> 2025-03-12T11:29:24+00:00 https://hackread.com/rising-threat-of-api-attacks-how-to-secure-apis-2025/ www.secnews.physaphae.fr/article.php?IdArticle=8655269 False Threat,Studies None 3.0000000000000000 Cyble - CyberSecurity Firm Le NCSC rapporte une augmentation des incidents de cybersécurité ayant des pertes financières au quatrième trimestre 2024 NCSC Reports Surge in Cyber Security Incidents with Financial Losses in Q4 2024 aperçu Le National Cyber Security Center (NCSC) a publié son Rapport des Cyber Security Insights Pour le quatrième trimestre de 2024, révélant les tendances de la récentration dans les tendances cybère dans le cyber-sécurité dans le nouveau zèle. Le rapport du NCSC, couvrant la période du 1er octobre au 31 décembre 2024, met en évidence une augmentation notable des pertes financières, les Néo-Zélandais perdant un total de 6,8 millions de dollars contre la cybercriminalité. Cela représente une augmentation de 24% par rapport au trimestre précédent, où les pertes s'élevaient à 5,5 millions de dollars L'une des conclusions les plus intéressantes du rapport est l'augmentation des incidents impliquant des pertes financières substantielles. Il y a eu 17 rapports d'incidents ayant des pertes dépassant 100 000 $, représentant 4,7 millions de dollars du total de 6,8 millions de dollars signalés au NCSC. Selon Tom Roberts, le plomb de la menace de la NCSC \\ et i NCIDENT RESPONSE , c'est le plus grand nombre d'incidents de loss élevés enregistrés dans un seul trimestre. Roberts a déclaré: "Ces incidents sont assez variés de cyberattaques Sur les ordinateurs et les comptes des escroqueries cyber-envelows." Il a également souligné une tendance émergente: bon nombre de ces incidents à forte défaite ont commencé par un appel téléphonique d'un individu imitant une organisation bien connue. Ces appels ont finalement conduit au compromis des ordin]]> 2025-03-12T10:58:48+00:00 https://cyble.com/blog/ncsc-reports-6-8m-losses-in-q4-2024/ www.secnews.physaphae.fr/article.php?IdArticle=8655252 False Malware,Tool,Threat,Prediction None 3.0000000000000000 HackRead - Chercher Cyber Mars 2025 Patch mardi: Microsoft corrige 57 vulnérabilités, 7 zéro jours March 2025 Patch Tuesday: Microsoft Fixes 57 Vulnerabilities, 7 Zero-Days Microsoft\'s March 2025 Patch Tuesday fixes six actively exploited zero-day vulnerabilities, including critical RCE and privilege escalation flaws. Learn how these vulnerabilities impact Windows systems and why immediate patching is essential.]]> 2025-03-12T10:56:12+00:00 https://hackread.com/march-2025-patch-tuesday-microsoft-fixes-vulnerabilities-zero-days/ www.secnews.physaphae.fr/article.php?IdArticle=8655253 False Vulnerability,Threat,Patching None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple libère le correctif pour la vulnérabilité Webkit zéro-jour exploitée dans des attaques ciblées Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks Apple on Tuesday released a security update to address a zero-day flaw that it said has been exploited in "extremely sophisticated" attacks. The vulnerability has been assigned the CVE identifier CVE-2025-24201 and is rooted in the WebKit web browser engine component. It has been described as an out-of-bounds write issue that could allow an attacker to craft malicious web content such that it]]> 2025-03-12T09:32:00+00:00 https://thehackernews.com/2025/03/apple-releases-patch-for-webkit-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8655191 False Vulnerability,Threat None 3.0000000000000000 IndustrialCyber - cyber risk firms for industrial Everfox s'associe à GDIT pour améliorer la détection des menaces d'initié grâce à des solutions d'analyse linguistique Everfox partners with GDIT to enhance insider threat detection through linguistic analysis solutions Everfox, un fournisseur mondial de technologies de menace d'initiés, a annoncé sa collaboration avec la division des renseignements et de la sécurité intérieure ...

>Everfox, a global provider of insider threat technology, announced its collaboration with the Intelligence and Homeland Security Division... ]]> 2025-03-12T09:12:41+00:00 https://industrialcyber.co/news/everfox-partners-with-gdit-to-enhance-insider-threat-detection-through-linguistic-analysis-solutions/ www.secnews.physaphae.fr/article.php?IdArticle=8655244 False Threat None 3.0000000000000000 WatchGuard - Fabricant Matériel et Logiciels WatchGuard lance FireCloud Internet Access, le 1er produit de la nouvelle gamme de SASE hybrides WatchGuard 2025-03-12T00:00:00+00:00 https://www.watchguard.com/fr/wgrd-news/press-releases/watchguard-lance-firecloud-internet-access-le-1er-produit-de-la-nouvelle www.secnews.physaphae.fr/article.php?IdArticle=8655277 False Threat,Cloud None 3.0000000000000000 Silicon - Site de News Francais Comment l\'ANSSI veut piloter la politique cyber de l\'Etat 2025-03-12T00:00:00+00:00 https://www.silicon.fr/Thematique/cybersecurite-1371/Breves/anssi-politique-etat-468736.htm#utm_source=IndexThematique&utm_medium=Rss&utm_campaign= www.secnews.physaphae.fr/article.php?IdArticle=8655286 False Threat None 3.0000000000000000