This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-11T04:54:38+00:00 www.secnews.physaphae.fr AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC British Airways hack: Infosec experts finger third-party scripts on payment pages | The Register As an affected customer, I accept that companies get breached. But the advice seemed pretty poor. British Airways breached | J4vv4D Boards need to get more technical - NCSC The government is calling on business leaders to take responsibility for their organisations’ cyber security, as the threat from nation state hackers and cyber criminal gangs continues to rise. Ciaran Martin, head of NCSC believes that cybersecurity is a mainstream business risk and that corporate leaders need to understand what threats are out there, and what are the most effective ways of managing the risks. They need to understand cyber risk in the same way they understand financial risk, or health and safety risk. NCSC issues new advice for business leaders as Ciaran Martin admits previous guidance was “unhelpful” | New Statesman Hunting in O365 logs Cloud is great, but sometimes making sense of the logs can be a pain. If you’re struggling with O365 logs, then this document could be really useful. Detailed properties in the Office 365 audit log | Microsoft GCHQ data collection violated human rights, Strasbourg court rules GCHQ’s methods in carrying out bulk interception of online communications violated privacy and failed to provide sufficient surveillance safeguards, the European court of human rights has ruled in a test case judgment. But the Strasbourg court found that GCHQ’s regime for sharing sensitive digital intelligence with foreign governments was not illegal. It is the first major challenge to the legality of UK intelligence agencies intercepting private communications in bulk, following Edward Snowden’s whistleblowing revelations. GCHQ data collection violated human rights, Strasbourg court r]]> 2018-09-14T13:00:00+00:00 http://feeds.feedblitz.com/~/569668796/0/alienvault-blogs~Things-I-Hearted-this-Week-th-September www.secnews.physaphae.fr/article.php?IdArticle=807799 False Data Breach,Threat,Guideline Tesla None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Google: Security Keys Neutralized Employee Phishing | Krebs on Security While we’re on the topic of phishing, attackers used phishing emails to break into a Virginia bank twice in eight months, making off with more than $2.4 million in total. Now the bank is suing its cybersecurity insurance provider for refusing to fully cover the loss. Hackers Breached Virginia Bank Twice in Eight Months, Stole $2.4M | Krebs on Security We’re probably going to see more of this kind of back and forth as companies that have taken out cyber insurance and suffered a breach fight with their insurers over liability and who will cover the cost. Somewhat related: Scam of the week, another new CEO fraud phishing wrinkle | KnowBe4 Breaking the Chain Supply chain and third party risks are getting better understood, but understanding a risk doesn’t necessarily mean it will reduce the risk. Tesla, VW, and dozens of other car manufacturers had their sensitive information exposed due to a weak security link in their supply chains. Tesla, VW data was left exposed by supply chain vendor Level One Robotics | SC Magazine SIM Swap - A Victim’s Perspective This is a really good write-up by AntiSocial engineer taking a look at how SIM swap fraud can impact victims, and why mobile phone operators need to do more to prevent this kind of fraud. “It’s an all too common story, the signal bars disappear from your mobile phone, you ring the phone number – it rings, but it’s not your phone ringing. Chaos ensues. You’re now getting password reset emails from Facebook and Google. You try to login to your bank but your password fails.  Soon enough the emails stop coming as attackers reset your account passwords. You have just become the newest victim of SIM Swap Fraud and your phone number is now at the control of an unknown person.” SIM Swap Fraud - a victim’s perspective | AntiSocial Engineer EU Fails to Regulate IoT Security In this week’s head-scratching moment of “what were they thinking?”, the European Commission has rejected consumer groups' calls for mandatory security for consumer internet-connected devices because they believe voluntar]]> 2018-07-27T13:00:00+00:00 http://feeds.feedblitz.com/~/561082430/0/alienvault-blogs~Things-I-Hearted-this-Week-th-July www.secnews.physaphae.fr/article.php?IdArticle=756750 False Data Breach,Hack Tesla None