This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T23:21:00+00:00 www.secnews.physaphae.fr RiskIQ - cyber risk firms (now microsoft) 2024-07-09T19:47:09+00:00 https://community.riskiq.com/article/e8378a00 www.secnews.physaphae.fr/article.php?IdArticle=8533748 False Malware,Tool,Vulnerability,Threat,Patching,Legislation,Industrial APT 40 3.0000000000000000 GoogleSec - Firm Security Blog 1 Pixel phones also get better every few months with Feature Drops that provide the latest product updates, tips and tricks from Google. And Pixel 7 and Pixel 7 Pro users will receive at least five years of security updates2, so your Pixel gets even more secure over time. Your protection, built into PixelYour digital life and most sensitive information lives on your phone: financial information, passwords, personal data, photos – you name it. With Google Tensor G2 and our custom Titan M2 security chip, Pixel 7 and Pixel 7 Pro have multiple layers of hardware security to help keep you and your personal information safe. We take a comprehensive, end-to-end approach to security with verifiable protections at each layer - the network, application, operating system and multiple layers on the silicon itself. If you use Pixel for your business, this approach helps protect your company data, too. Google Tensor G2 is Pixel's newest powerful processor custom built with Google AI, and makes Pixel 7 faster, more efficient and secure3. Every aspect of Tensor G2 was designed to improve Pixel's performance and efficiency for great battery life, amazing photos and videos. Tensor's built-in security core works with our Titan M2 security chip to keep your personal information, PINs and passwords safe. Titan family chips are also used to protect Google Cloud data centers and Chromebooks, so the same hardware that protects Google servers also secures your sensitive information stored on Pixel. And, in a first for Google, Titan M2 hardware has now been certified under Common Criteria PP0084: the international gold standard for hardware security components also used for identity, SIM cards, and bankcard security chips.]]> 2022-10-11T19:22:42+00:00 http://security.googleblog.com/2022/10/google-pixel-7-and-pixel-7-pro-next.html www.secnews.physaphae.fr/article.php?IdArticle=7482584 False Spam,Malware,Vulnerability,Guideline,Industrial APT 40 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2022-08-30T16:00:43+00:00 https://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/ www.secnews.physaphae.fr/article.php?IdArticle=6627513 False Industrial APT 40 None TroyHunt - Blog Security 2022-06-30T13:49:56+00:00 https://arstechnica.com/?p=1863684 www.secnews.physaphae.fr/article.php?IdArticle=5471666 False Industrial APT 40 None The Security Ledger - Blog Sécurité 2021-07-23T22:03:21+00:00 https://feeds.feedblitz.com/~/659295268/0/thesecurityledger~Episode-Biden-Unmasked-APT-But-Does-It-Matter/ www.secnews.physaphae.fr/article.php?IdArticle=3123305 False Industrial APT 40 None Kaspersky Threatpost - Kaspersky est un éditeur antivirus russe 2021-07-21T17:31:16+00:00 https://threatpost.com/indictments-attribution-chinese-hacking/168005/ www.secnews.physaphae.fr/article.php?IdArticle=3106756 False Industrial APT 40 None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence UK and Allies Accuse China for a Pervasive Pattern of Hacking, Breaching Microsoft Exchange Servers (published: July 19, 2021) On July 19th, 2021, the US, the UK, and other global allies jointly accused China in a pattern of aggressive malicious cyber activity. First, they confirmed that Chinese state-backed actors (previously identified under the group name Hafnium) were responsible for gaining access to computer networks around the world via Microsoft Exchange servers. The attacks took place in early 2021, affecting over a quarter of a million servers worldwide. Additionally, APT31 (Judgement Panda) and APT40 (Kryptonite Panda) were attributed to Chinese Ministry of State Security (MSS), The US Department of Justice (DoJ) has indicted four APT40 members, and the Cybersecurity and Infrastructure Security Agency (CISA) shared indicators of compromise of the historic APT40 activity. Analyst Comment: Network defense-in-depth and adherence to information security best practices can assist organizations in reducing the risk. Pay special attention to the patch and vulnerability management, protecting credentials, and continuing network hygiene and monitoring. When possible, enforce the principle of least privilege, use segmentation and strict access control measures for critical data. Organisations can use Anomali Match to perform real time forensic analysis for tracking such attacks. MITRE ATT&CK: [MITRE ATT&CK] Drive-by Compromise - T1189 | [MITRE ATT&CK] Exploit Public-Facing Application - T1190 | [MITRE ATT&CK] External Remote Services - T1133 | [MITRE ATT&CK] Server Software Component - T1505 | [MITRE ATT&CK] Exploitation of Remote Services - T1210 Tags: Hafnium, Judgement Panda, APT31, TEMP.Jumper, APT40, Kryptonite Panda, Zirconium, Leviathan, TEMP.Periscope, Microsoft Exchange, CVE-2021-26857, CVE-2021-26855, CVE-2021-27065, CVE-2021-26858, Government, EU, UK, North America, China NSO’s Spyware Sold to Authoritarian Regimes Used to Target Activists, Politicians and Journalists (published: July 18, 2021) Israeli surveillance company NSO Group supposedly sells spyware to vetted governments bodies to fight crime and terrorism. New research discovered NSO’s tools being used against non-criminal actors, pro-democracy activists and journalists investigating corruption, political opponents and government critics, diplomats, etc. In some cases, the timeline of this surveillance coincided with journalists' arrests and even murders. The main penetration tool used by NSO is malware Pegasus that targets both iPho]]> 2021-07-20T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-china-blamed-for-microsoft-exchange-attacks-israeli-cyber-surveillance-companies-help-oppressive-governments-and-more www.secnews.physaphae.fr/article.php?IdArticle=3100256 False Ransomware,Malware,Tool,Vulnerability,Threat,Studies,Guideline,Industrial APT 41,APT 40,APT 28,APT 31 None Security Affairs - Blog Secu 2021-07-19T20:36:16+00:00 https://securityaffairs.co/wordpress/120316/apt/doj-members-apt40.html?utm_source=rss&utm_medium=rss&utm_campaign=doj-members-apt40 www.secnews.physaphae.fr/article.php?IdArticle=3096450 False Industrial APT 40 None SecurityWeek - Security News 2021-07-19T13:44:03+00:00 http://feedproxy.google.com/~r/securityweek/~3/GQEbQ009wb0/us-allies-officially-accuse-china-microsoft-exchange-attacks www.secnews.physaphae.fr/article.php?IdArticle=3093748 False Industrial APT 40 None Bleeping Computer - Magazine Américain 2021-07-19T10:44:21+00:00 https://www.bleepingcomputer.com/news/security/us-indicts-members-of-chinese-backed-hacking-group-apt40/ www.secnews.physaphae.fr/article.php?IdArticle=3093811 False Industrial APT 40 None Wired Threat Level - Security News 2020-10-07T18:31:39+00:00 https://www.wired.com/story/amazon-wants-to-win-at-games-so-why-hasnt-it www.secnews.physaphae.fr/article.php?IdArticle=1962083 False Industrial APT 40 None Security Affairs - Blog Secu 2020-10-04T09:35:41+00:00 https://securityaffairs.co/wordpress/109069/breaking-news/security-affairs-newsletter-round-284.html?utm_source=rss&utm_medium=rss&utm_campaign=security-affairs-newsletter-round-284 www.secnews.physaphae.fr/article.php?IdArticle=1955115 False Industrial APT 40 None Security Affairs - Blog Secu 2020-09-27T09:28:15+00:00 https://securityaffairs.co/wordpress/108798/apt/gadolinium-azure-ad-abuses.html?utm_source=rss&utm_medium=rss&utm_campaign=gadolinium-azure-ad-abuses www.secnews.physaphae.fr/article.php?IdArticle=1941721 False Industrial APT 40 None ZD Net - Magazine Info 2020-09-24T21:09:50+00:00 https://www.zdnet.com/article/microsoft-removed-18-azure-ad-apps-used-by-chinese-state-sponsored-hacker-group/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1937536 False Industrial APT 40 None Security Affairs - Blog Secu 2020-02-10T08:28:13+00:00 https://securityaffairs.co/wordpress/97582/apt/malaysias-mycert-apt40-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=1533226 False Industrial APT 40 None ZD Net - Magazine Info 2020-02-07T01:25:41+00:00 https://www.zdnet.com/article/malaysia-warns-of-chinese-hacking-campaign-targeting-government-projects/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1528965 False Industrial APT 40 None Malwarebytes Labs - MalwarebytesLabs Our weekly security roundup for January 13-19, with a look at elastic servers, data enrichment, rootkits, regulation for deepfakes, and more. Categories: A week in security Tags: apt40Ciscocitrixdata enrichmentdeepfakeselastic serversemotetrootkittravelexweleakinfo (Read more...) ]]> 2020-01-20T16:32:45+00:00 https://blog.malwarebytes.com/a-week-in-security/2020/01/a-week-in-security-january-13-19/ www.secnews.physaphae.fr/article.php?IdArticle=1502313 False Industrial APT 40 None Security Affairs - Blog Secu 2019-03-06T07:59:00+00:00 https://securityaffairs.co/wordpress/82018/apt/apt40-naval-industry.html www.secnews.physaphae.fr/article.php?IdArticle=1055606 False Industrial APT 40 None SecurityWeek - Security News 2019-03-05T13:19:03+00:00 https://www.securityweek.com/state-sponsored-hackers-supporting-china%E2%80%99s-naval-modernization-efforts-report www.secnews.physaphae.fr/article.php?IdArticle=1055437 False Industrial APT 40 None Security Affairs - Blog Secu 2018-11-15T11:04:02+00:00 https://securityaffairs.co/wordpress/78047/apt/temp-periscope-false-flag.html www.secnews.physaphae.fr/article.php?IdArticle=898007 False Industrial APT 40 None Data Security Breach - Site de news Francais TEMP.Periscope : Des pirates Chinois, amateurs d’éléctions présidentielles ? est apparu en premier sur Data Security Breach. ]]> 2018-07-20T09:33:00+00:00 http://www.datasecuritybreach.fr/temp-periscope-des-pirates-chinois-amateurs-delections-presidentielles/ www.secnews.physaphae.fr/article.php?IdArticle=747691 False Industrial APT 40 None Security Affairs - Blog Secu 2018-07-12T08:22:03+00:00 https://securityaffairs.co/wordpress/74378/intelligence/temp-periscope-cambodia.html www.secnews.physaphae.fr/article.php?IdArticle=741376 False Industrial APT 40 None Mandiant - Blog Sécu de Mandiant Introduction FireEye has examined a range of TEMP.Periscope activity revealing extensive interest in Cambodia\'s politics, with active compromises of multiple Cambodian entities related to the country\'s electoral system. This includes compromises of Cambodian government entities charged with overseeing the elections, as well as the targeting of opposition figures. This campaign occurs in the run up to the country\'s July 29, 2018, general elections. TEMP.Periscope used the same infrastructure for a range of activity against other more traditional targets, including the defense industrial base]]> 2018-07-10T07:00:00+00:00 https://www.mandiant.com/resources/blog/chinese-espionage-group-targets-cambodia-ahead-of-elections www.secnews.physaphae.fr/article.php?IdArticle=8377736 False Industrial APT 40 4.0000000000000000 Adam Shostack - American Security Blog Continue reading "Threat Model Thursdays: Crispin Cowan"]]> 2018-07-05T17:10:01+00:00 https://adam.shostack.org/blog/2018/07/threat-model-thursdays-crispin-cowan/ www.secnews.physaphae.fr/article.php?IdArticle=731749 False Threat,Industrial APT 40 None UnderNews - Site de news "pirate" francais Un groupe de cyber-espionnage chinois (TEMP.Periscope) s'attaque à des entreprises américaines dans les secteurs de l'ingénierie et du maritime.]]> 2018-03-20T09:52:03+00:00 http://feedproxy.google.com/~r/undernews/oCmA/~3/9d23Df75lZw/un-groupe-de-cyber-espionnage-chinois-sattaque-a-des-entreprises-americaines.html www.secnews.physaphae.fr/article.php?IdArticle=531310 False Industrial APT 40 None Security Affairs - Blog Secu 2018-03-17T16:49:02+00:00 http://securityaffairs.co/wordpress/70355/hacking/temp-periscope-espionage.html www.secnews.physaphae.fr/article.php?IdArticle=522933 False Industrial APT 40 None SecurityWeek - Security News says. ]]> 2018-03-16T20:36:03+00:00 http://feedproxy.google.com/~r/Securityweek/~3/XyHzIV30FB8/china-linked-hackers-target-engineering-and-maritime-industries www.secnews.physaphae.fr/article.php?IdArticle=520362 True Industrial APT 40 None IT Security Guru - Blog Sécurité Leviathan, an espionage group active since 2014, is launching cyber attacks against the maritime and defense sectors- focusing specifically on contractors and associated University Research institutions. View Full Story  ORIGINAL SOURCE: ZDNet ]]> 2017-10-19T09:50:25+00:00 http://www.itsecurityguru.org/2017/10/19/group-launches-cyber-attacks-maritime-defense-sectors/ www.secnews.physaphae.fr/article.php?IdArticle=421084 False Industrial APT 40 None