This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-20T17:58:48+00:00 www.secnews.physaphae.fr Dark Reading - Informationweek Branch 2022-12-29T15:00:00+00:00 https://www.darkreading.com/vulnerabilities-threats/after-the-uber-breach-3-questions-all-cisos-should-ask-themselves- www.secnews.physaphae.fr/article.php?IdArticle=8296167 False None Uber,Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-12-23T23:15:08+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-47633 www.secnews.physaphae.fr/article.php?IdArticle=8294391 False Vulnerability Uber None Dark Reading - Informationweek Branch 2022-12-23T18:18:27+00:00 https://www.darkreading.com/cloud/container-verification-bug-malicious-images-free-rein-kubernetes www.secnews.physaphae.fr/article.php?IdArticle=8296178 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-12-21T20:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23551 www.secnews.physaphae.fr/article.php?IdArticle=8293495 False None Uber None Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin 2022-02-23 Update: The GKE and Anthos clusters on VMware versions have been updated. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin

---

2022-02-04 Update: The rollout start date for GKE patch versions was February 2. Note: Your clusters might not have these versions available immediately. Rollouts began on February 2 and take four or more business days to be completed across all Google Cloud zones.

---

Three security vulnerabilities, CVE-2021-4154, CVE-2021-22600, and CVE-2022-0185, have been discovered in the Linux kernel, each of which can lead to either a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all node operating systems (COS and Ubuntu) on GKE, Anthos clusters on VMware, Anthos clusters on AWS (current and previous generation), and Anthos on Azure. Pods using GKE Sandbox are not vulnerable to these vulnerabilities. See the COS release notes for more details. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin High CVE-2021-4154 CVE-2021-22600 CVE-2022-0185 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-002 www.secnews.physaphae.fr/article.php?IdArticle=8296099 False Guideline Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform A new vulnerability, CVE-2022-3176, has been discovered in the Linux kernel that can lead to local privilege escalation. This vulnerability allows an unprivileged user to achieve full container breakout to root on the node. For instructions and more details, see the following bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-3176 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-021 www.secnews.physaphae.fr/article.php?IdArticle=8296081 True Vulnerability,Guideline Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sandbox are unaffected.

---

2022-05-12 Update: The Anthos clusters on AWS and Anthos on Azure versions have been updated. For instructions and more details, see the:Anthos clusters on AWS security bulletin Anthos on bare metal security bulletin

---

Two security vulnerabilities, CVE-2022-1055 and CVE-2022-27666 have been discovered in the Linux kernel. Each can lead to a local attacker being able to perform a container breakout, privilege escalation on the host, or both. These vulnerabilities affect all GKE node operating systems (Container-Optimized OS and Ubuntu). For instructions and more details, see the following security bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-1055 CVE-2022-27666 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-014 www.secnews.physaphae.fr/article.php?IdArticle=8296088 False Guideline Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on bare metal security bulletin Medium CVE-2020-8561 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2021-021 www.secnews.physaphae.fr/article.php?IdArticle=8296103 False None Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform There is a misconfiguration with Simultaneous Multi-Threading (SMT), also known as Hyper-threading, on GKE Sandbox images. The misconfiguration leaves nodes potentially exposed to side channel attacks such as Microarchitectural Data Sampling (MDS) (for more context, see GKE Sandbox documentation). We do not recommend using the following affected versions: 1.22.4-gke.1501 1.22.6-gke.300 1.23.2-gke.300 1.23.3-gke.600 For instructions and more details, see the: GKE security bulletin. Medium ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-011 www.secnews.physaphae.fr/article.php?IdArticle=8296091 False None Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sandbox are not affected by these vulnerabilities.

---

2022-07-21 Update: additional information on Anthos clusters on VMware.

---

A new vulnerability (CVE-2022-1786) has been discovered in the Linux kernel versions 5.10 and 5.11. This vulnerability allows an unprivileged user with local access to the cluster to achieve a full container breakout to root on the node. Only clusters that run Container-Optimized OS are affected. GKE Ubuntu versions use either version 5.4 or 5.15 of the kernel and are not affected. For instructions and more details, see the: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-1786 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-017 www.secnews.physaphae.fr/article.php?IdArticle=8296085 True Vulnerability Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin Medium CVE-2022-23648 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-013 www.secnews.physaphae.fr/article.php?IdArticle=8296089 False Vulnerability Uber 3.0000000000000000 Vuln GCP - FLux Vuln GoogleCloudPlatform GKE Sandbox are unaffected.

---

A security vulnerability, CVE-2022-0847, has been discovered in the Linux kernel version 5.8 and later that can potentially escalate container privileges to root. This vulnerability affects the following products: GKE node pool versions 1.22 and later that use Container-Optimized OS images (Container-Optimized OS 93 and later) Anthos clusters on VMware v1.10 for Container-Optimized OS images Anthos clusters on AWS v1.21 and Anthos clusters on AWS (previous generation) v1.19, v1.20, v1.21, which use Ubuntu Managed clusters of Anthos on Azure v1.21 which use Ubuntu For instructions and more details, see the following security bulletins: GKE security bulletin Anthos clusters on VMware security bulletin Anthos clusters on AWS security bulletin Anthos on Azure security bulletin Anthos on bare metal security bulletin High CVE-2022-0847 ]]> 2022-12-21T17:12:56+00:00 https://cloud.google.com/support/bulletins/index#gcp-2022-012 www.secnews.physaphae.fr/article.php?IdArticle=8296090 True Vulnerability Uber 3.0000000000000000 Dark Reading - Informationweek Branch 2022-12-21T15:51:51+00:00 https://www.darkreading.com/edge-articles/understanding-the-3-classes-of-kubernetes-risk www.secnews.physaphae.fr/article.php?IdArticle=8296202 False None Uber 2.0000000000000000 Dark Reading - Informationweek Branch 2022-12-21T15:51:30+00:00 https://www.darkreading.com/dr-tech/how-to-run-kubernetes-more-securely www.secnews.physaphae.fr/article.php?IdArticle=8296203 False Tool,Threat Uber 2.0000000000000000 Korben - Bloger francais Suite]]> 2022-12-21T08:00:00+00:00 https://korben.info/ia-generer-musique.html www.secnews.physaphae.fr/article.php?IdArticle=8293319 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-12-20T19:15:25+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-4515 www.secnews.physaphae.fr/article.php?IdArticle=8293180 False None Uber None GoogleSec - Firm Security Blog launched in 2019 with a mission to protect Android users from bad apps through shared intelligence and coordinated detection between alliance partners. Earlier this year, the App Defense Alliance expanded to include new initiatives outside of malware detection and is now the home for several industry-led collaborations including Malware Mitigation, MASA (Mobile App Security Assessment) & CASA (Cloud App Security Assessment). With a new dedicated landing page at appdefensealliance.dev, the ADA has an expanded mission to protect Android users by removing threats while improving app quality across the ecosystem. Let's walk through some of the latest program updates from the past year, including the addition of new ADA members. Malware MitigationTogether, with the founding ADA members - Google, ESET, Lookout, and Zimperium, the alliance has been able to reduce the risk of app-based malware and better protect Android users. These partners have access to mobile apps as they are being submitted to the Google Play Store and scan thousands of apps daily, acting as another, vital set of eyes prior to an app going live on Play. Knowledge sharing and industry collaboration are important aspects in securing the world from attacks and that's why we're continuing to invest in the program. New ADA MembersWe're excited to see the ADA expand with the additions of McAfee and Trend Micro. Both McAfee and Trend Micro are leaders in the antivirus space and we look forward to their contributions to the program. Mobile App Security Assessment (MASA)With consumers spending four to five hours per day in mobile apps, ensuring the safety of these services is more important than ever. According to Data.ai, the pandemic accelerated existing mobile habits - with app categories like finance growing 25% YoY and users spending over 100 billion hours in shopping apps. That's why the ADA introduced MASA (Mobile App Security Assessment), which allows developers to have their apps independently validated against the Mobile Application Security Verification Standard (MASVS standard) under the OWASP Mobile Application Security project. The project's mission is to “Define the industry standard for mobile application security,” and has been used by both public and private sector organizations as a form of industry best practices when it comes to mobile application security. Developers can work directly with an ADA Authorized Lab to have their apps evaluated against a set of MASVS L1 requirements. Once successful, the app's validation is listed in the recently launched App Validation Directory, which provides users a single place to view all app validations. The Directory also allows users to access more assessment details including validation date, test lab, and a report showing all test steps and requirements. The Directory will be updated over time with new features and search functionality to make it more user friendly. The Google Play Store is the first commercial app store to recognize and display a badge for any app that has completed an independent security review through ADA MASA. The badge is displayed within an app's respective ]]> 2022-12-15T20:51:24+00:00 http://security.googleblog.com/2022/12/app-defense-alliance-expansion.html www.secnews.physaphae.fr/article.php?IdArticle=8294655 False Malware,Guideline,Prediction Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-12-15T19:15:17+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23526 www.secnews.physaphae.fr/article.php?IdArticle=8291702 False Tool Uber None CVE Liste - Common Vulnerability Exposure 2022-12-15T19:15:17+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23525 www.secnews.physaphae.fr/article.php?IdArticle=8291701 False Tool Uber None CVE Liste - Common Vulnerability Exposure 2022-12-15T19:15:16+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23524 www.secnews.physaphae.fr/article.php?IdArticle=8291700 False Tool Uber None CyberArk - Software Vendor 2022-12-15T14:00:27+00:00 https://www.cyberark.com/blog/latest-uber-breach-underscores-third-party-vendor-security-challenges/ www.secnews.physaphae.fr/article.php?IdArticle=8291592 False None Uber,Uber 2.0000000000000000 Global Security Mag - Site de news francais Malwares]]> 2022-12-14T16:15:23+00:00 https://www.globalsecuritymag.fr/CyberArk-Nouvelle-cyberattaque-ciblant-Uber-une-securite-de-l-identite-a.html www.secnews.physaphae.fr/article.php?IdArticle=8291252 False None Uber,Uber 2.0000000000000000 Global Security Mag - Site de news francais Malware Update]]> 2022-12-14T10:22:28+00:00 https://www.globalsecuritymag.fr/Comment-CybelAngel-CISO-on-Uber-suffering-new-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8291152 False Data Breach Uber,Uber 1.00000000000000000000 Zataz - Magazine Francais de secu 2022-12-14T09:57:20+00:00 https://www.zataz.com/lapsus-is-back-nouvelles-fuites-de-donnees-pour-uber/ www.secnews.physaphae.fr/article.php?IdArticle=8291138 False None Uber,Uber 2.0000000000000000 The Register - Site journalistique Anglais 2022-12-13T22:46:56+00:00 https://go.theregister.com/feed/www.theregister.com/2022/12/13/uber_data_breach_teqtivity/ www.secnews.physaphae.fr/article.php?IdArticle=8291006 False None Uber,Uber 2.0000000000000000 InformationSecurityBuzzNews - Site de News Securite 2022-12-13T20:32:46+00:00 https://informationsecuritybuzz.com/tequivity-cloud-server-compromise-leads-to-uber-breached-experts-reacted/ www.secnews.physaphae.fr/article.php?IdArticle=8290920 False Data Breach Uber,Uber 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine 2022-12-13T16:00:00+00:00 https://www.infosecurity-magazine.com/news/uber-hit-by-new-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=8290729 False Data Breach Uber,Uber 2.0000000000000000 Global Security Mag - Site de news francais Malware Update]]> 2022-12-13T14:59:10+00:00 https://www.globalsecuritymag.fr/Comment-from-cyber-expert-on-Uber-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8290711 False Data Breach Uber,Uber 1.00000000000000000000 Global Security Mag - Site de news francais Malware Update]]> 2022-12-13T14:17:48+00:00 https://www.globalsecuritymag.fr/Expert-commentary-UberLeaks-data-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8290716 False Data Breach Uber 1.00000000000000000000 SecurityWeek - Security News 2022-12-13T10:35:25+00:00 https://www.securityweek.com/uber-data-leaked-following-breach-third-party-vendor www.secnews.physaphae.fr/article.php?IdArticle=8290685 False None Uber,Uber 3.0000000000000000 ComputerWeekly - Computer Magazine 2022-12-13T07:20:00+00:00 https://www.computerweekly.com/news/252528297/More-Uber-data-exposed-in-possible-supply-chain-attack www.secnews.physaphae.fr/article.php?IdArticle=8290706 False None Uber,Uber 2.0000000000000000 Bleeping Computer - Magazine Américain 2022-12-12T13:30:18+00:00 https://www.bleepingcomputer.com/news/security/uber-suffers-new-data-breach-after-attack-on-vendor-info-leaked-online/ www.secnews.physaphae.fr/article.php?IdArticle=8290444 False Data Breach,Threat Uber,Uber 1.00000000000000000000 Silicon - Site de News Francais 2022-12-12T10:43:03+00:00 https://www.silicon.fr/kubernetes-1-26-changement-registre-orchestrateur-454830.html www.secnews.physaphae.fr/article.php?IdArticle=8290241 False None Uber 2.0000000000000000 CSO - CSO Daily Dashboard a security chief sentenced to prison for concealing a data breach.These events and many more have changed the business landscape and forced CISOs to steer a course through uncertain waters. "With the shifts in the cybersecurity landscape, 2022 has been a milestone year we will look back on when studying the history of when and why cybersecurity and digital trust were fused together," says Kory Daniels, CISO at Trustwave.To read this article in full, please click here]]> 2022-12-12T02:00:00+00:00 https://www.csoonline.com/article/3682748/14-lessons-cisos-learned-in-2022.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=8290226 False None Uber 2.0000000000000000 Silicon - Site de News Francais 2022-12-09T16:25:37+00:00 https://www.silicon.fr/hpe-greenlake-kubernetes-aws-454798.html www.secnews.physaphae.fr/article.php?IdArticle=8289594 False None Uber 2.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-12-07T23:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23471 www.secnews.physaphae.fr/article.php?IdArticle=8288923 False None Uber None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC that are offering paid vacations before new hires even begin the job. This is a great environment for workers, and is something pushing employer standards higher and higher. This includes the onboarding process, in which employees are brought into the fold and then provided with all of the setup they need to get a running start in the business. As companies seek to move through the onboarding process quickly, cyber risks are presented - as with any expedited business process. Sensitive data exchange As part of the onboarding process, employees will need to exchange sensitive personal data. Indeed, having a well-structured “day 1” plan in which pay schedules, security codes, personal information and HR data is exchanged is absolutely crucial to maintaining good employee service and ensuring engagement. Dealing with these requests in a quick fashion achieves that, but it’s also important to note that this is where security risks can occur. Indeed, US News highlights the fact that 2022 has been a bumper year for data breaches; Microsoft, Uber, Ronin and News Corp have all experienced huge attacks. In order to ensure that sensitive data can be exchanged safely, a holistic review of corporate and third-party security systems is essential. Secure portals, to allow the transfer of data into the business from the employee onboarding, will protect both parties. Protecting corporate data With employees in the corporate system, it’s important that they have immediate access to local resources and knowledge to start their development and to support their work as they get going. It’s important that these knowledge bases have significant and accurate resources, but they also need to be protected. Corporate cyber espionage is a serious risk; according to Security Magazine, hundreds of millions of dollars of damage was inflicted in 2020-21 through corporate information theft. Accordingly, operating a stringent data management policy and ensuring files are maintained securely is key. Generating social connections A key benefit that companies can offer employees is networking. Being a conduit for new industry connections and all the benefits that comes from that is a key part of onboarding - but, as with other aspects, it brings risks. Bringing a new employee into the fold and then putting them in touch with established networks brings its own risks and, furthermore, without the familiarity that existing employees have with corporate networks, there is a definite risk of exposing those networks to additional risk and cyber threats. As with all corporate cybersecurity solutions, the key to securing social networking and promoting assurance comes in the form of systems checks. That’s staying up to date with high quality security technology, keeping check of what valuable data and assets are being shared, and ensuring that employees are aware of their security responsibilities.]]> 2022-12-06T11:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/employee-onboarding-needs-to-be-engaging-but-how-can-security-be-preserved www.secnews.physaphae.fr/article.php?IdArticle=8288170 False None Uber 3.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-12-02T19:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-46167 www.secnews.physaphae.fr/article.php?IdArticle=8286868 False None Uber None CVE Liste - Common Vulnerability Exposure 2022-11-27T03:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-45933 www.secnews.physaphae.fr/article.php?IdArticle=8252078 False None Uber None Global Security Mag - Site de news francais Interviews]]> 2022-11-22T09:37:54+00:00 https://www.globalsecuritymag.fr/Jens-Sabitzer-Venafi-Viele-Securityteams-sind-nicht-in-der-Lage-auf-Augenhohe.html www.secnews.physaphae.fr/article.php?IdArticle=8158506 False None Uber 3.0000000000000000 Global Security Mag - Site de news francais Interviews]]> 2022-11-22T09:36:29+00:00 https://www.globalsecuritymag.fr/Georg-Gann-Yubico-Ich-muss-heutzutage-phishingresistent-sein.html www.secnews.physaphae.fr/article.php?IdArticle=8158507 False Threat Uber 4.0000000000000000 CVE Liste - Common Vulnerability Exposure 2022-11-19T01:15:13+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-41939 www.secnews.physaphae.fr/article.php?IdArticle=8105062 False None Uber None CyberScoop - scoopnewsgroup.com special Cyber White House official Anne Neuberger met with NATO officials in Rome to help craft plans to more rapidly respond to cyberthreats. ]]> 2022-11-10T18:03:26+00:00 https://www.cyberscoop.com/white-house-cyber-official-nato-cyber-defense/ www.secnews.physaphae.fr/article.php?IdArticle=7930558 False None Uber None Global Security Mag - Site de news francais Points de Vue]]> 2022-11-09T15:25:20+00:00 https://www.globalsecuritymag.fr/Authentification-multifacteur-hacktivisme-et-cyber-attribution-les-predictions.html www.secnews.physaphae.fr/article.php?IdArticle=7907118 False None Uber None Security Intelligence - Site de news Américain In recent years, many high-profile companies have suffered destructive cybersecurity breaches. These public-facing assaults cost organizations millions of dollars in minutes, from stock prices to media partnerships. Fast Company, Rockstar, Uber, Apple and more have all been victims of these costly and embarrassing attacks. The total average cost of a data breach has increased by […] ]]> 2022-11-08T14:00:00+00:00 https://securityintelligence.com/articles/mitigating-public-facing-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=7890187 False Data Breach Uber None Schneier on Security - Chercheur Cryptologue Américain was convicted of crimes related to covering up a cyberattack against Uber. It’s a complicated case, and I’m not convinced that he deserved a guilty ruling or that it’s a good thing for the industry. I may still write something, but until then, this essay on the topic is worth reading.]]> 2022-11-07T12:17:15+00:00 https://www.schneier.com/blog/archives/2022/11/the-conviction-of-ubers-chief-security-officer.html www.secnews.physaphae.fr/article.php?IdArticle=7880626 False None Uber None Global Security Mag - Site de news francais Sicherheitslücken]]> 2022-11-06T15:53:32+00:00 http://www.globalsecuritymag.fr/OpenSSL-Schwachstellen-Patch-verfugbar-aber-nicht-mehr-kritisch.html www.secnews.physaphae.fr/article.php?IdArticle=7902921 False None Uber None Global Security Mag - Site de news francais Produits]]> 2022-11-02T07:48:17+00:00 http://www.globalsecuritymag.fr/Pure-Storage-etend-son-modele-as-a,20221102,131781.html www.secnews.physaphae.fr/article.php?IdArticle=7778721 False None Uber None InfoSecurity Mag - InfoSecurity Magazine 2022-10-27T17:00:00+00:00 https://www.infosecurity-magazine.com/news/cryptojacking-target-docker-and/ www.secnews.physaphae.fr/article.php?IdArticle=7705146 False Threat Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-10-27T13:25:00+00:00 https://thehackernews.com/2022/10/new-cryptojacking-campaign-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=7699560 False None Uber None Global Security Mag - Site de news francais Produits]]> 2022-10-27T08:22:07+00:00 http://www.globalsecuritymag.fr/Red-Hat-annonce-une-solution,20221027,131602.html www.secnews.physaphae.fr/article.php?IdArticle=7699730 False None Uber None Global Security Mag - Site de news francais Produits]]> 2022-10-25T07:30:58+00:00 http://www.globalsecuritymag.fr/Commvault-simplifie-et-automatise,20221025,131497.html www.secnews.physaphae.fr/article.php?IdArticle=7670657 False None Uber None Wired Threat Level - Security News 2022-10-22T13:00:00+00:00 https://www.wired.com/story/android-users-can-like-iphone-messages-now/ www.secnews.physaphae.fr/article.php?IdArticle=7627947 False None Uber,Uber None CVE Liste - Common Vulnerability Exposure 2022-10-22T00:15:09+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39272 www.secnews.physaphae.fr/article.php?IdArticle=7622020 False None Uber None GoogleSec - Firm Security Blog rise in software supply chain attacks, a Log4j vulnerability of catastrophic severity and breadth, and even an Executive Order on Cybersecurity. It is against this background that Google is seeking contributors to a new open source project called GUAC (pronounced like the dip). GUAC, or Graph for Understanding Artifact Composition, is in the early stages yet is poised to change how the industry understands software supply chains. GUAC addresses a need created by the burgeoning efforts across the ecosystem to generate software build, security, and dependency metadata. True to Google's mission to organize and make the world's information universally accessible and useful, GUAC is meant to democratize the availability of this security information by making it freely accessible and useful for every organization, not just those with enterprise-scale security and IT funding. Thanks to community collaboration in groups such as OpenSSF, SLSA, SPDX, CycloneDX, and others, organizations increasingly have ready access to: Software Bills of Materials (SBOMs) (with SPDX-SBOM-Generator, Syft, kubernetes bom tool) signed attestations about how software was built (e.g. SLSA with SLSA3 Github Actions Builder, Google Cloud Build) vulnerability databases that aggregate information across ecosystems and make vulnerabilities more discoverable and actionable (e.g. OSV.dev, Global Security Database (GSD)). These data are useful on their own, but it's difficult to combine and synthesize the information for a more comprehensive view. The documents are scattered across different databases and producers, are attached to different ecosystem entities, and cannot be easily aggregated to answer higher-level questions about an organization's software assets. To help address this issue we've teamed up with Kusari, Purdue University, and Citi to create GUAC, a free tool to bring together many different sources of software security metadata. We're excited to share the project's proof of concept, which lets you query a small dataset of software metadata including SLSA provenance, SBOMs, and OpenSSF Scorecards. What is GUAC Graph for Understanding Artifact Composition (GUAC) aggregates software security metadata into a high fidelity graph database-normalizing entity identities and mapping standard relationships between them. Querying this graph can drive higher-level organizational outcomes such as audit, policy, risk management, and even developer assistance. Conceptually, GUAC occupies the “aggregation and synthesis” layer of the software supply chain transparency logical model: ]]> 2022-10-20T13:01:02+00:00 http://security.googleblog.com/2022/10/announcing-guac-great-pairing-with-slsa.html www.secnews.physaphae.fr/article.php?IdArticle=7739960 False Tool,Vulnerability Uber None CISCO Talos - Cisco Research blog By Abhishek Singh.BEC is a multi-stage attack. Adversaries first identify targets, then they establish rapport with the victim before exploiting them for whatever their end goal is. In the case of BEC, a threat actor can impersonate any employee in the organization to trick targets.  A policy that checks for authorized email addresses of the sender can prevent BEC attacks. However, scaling the approach for every employee in a large organization is a challenge.  Building an executive profile based on email analysis using a machine learning model and scanning emails against that profile will detect BEC. Data collection for building and training machine learning algorithms can take time, though, opening a window of opportunity for threat actors to exploit.  Detection of exploitation techniques such as lookalike domains and any differences in the email addresses in the "From" and "Reply-to" fields can also detect BEC messages. However, the final verdict cannot account for the threat actor's intent.  The intent-based approach detects BEC and then classifies it into the type of scam. It catches BEC messages, irrespective of whether a threat actor is impersonating a C-level executive or any employee in an organization. Classification based on the type of scam can help identify which segment of an organization was targeted and which employees were being impersonated by the threat actor. The additional information will further assist in better designing preventive features to stop BEC. Business email compromise (BEC) is one of the most financially damaging online crimes. As per the internet crime 221 report, the total loss in 2021 due to BEC is around 2.4 billion dollars. Since 2013, BEC has resulted in a 43 billion dollars loss. The report defines BEC as a scam targeting businesses (not individuals) working with foreign suppliers and companies regularly performing wire transfer payments. Fraudsters carry out these sophisticated scams to conduct the unauthorized transfer of funds. This introduces the challenge of how to detect and block these campaigns as they continue to compromise organizations successfully. There are a variety of approaches to identifying BEC email messages, such as using policy to allow emails from authorized email addresses, detecting exploitation techniques used by threat actors, building profiles by analysis of emails, and validating against the profile to detect BEC. These approaches have a variety of limitations or shortcomings. Cisco Talos is taking a different approach and using an intent-based model to identify and block BEC messages. Before we get too deep into the intent-based model, take a deeper look at the commonly used approaches to block BEC from the simplistic through machine learning (ML) approaches. Policy-based detection The first place to start is with policy-based detection as it is one of the most common and simplistic approaches to blocking BEC campaigns. Let's start by looking at an example of a BEC email. ]]> 2022-10-18T08:41:18+00:00 http://blog.talosintelligence.com/2022/10/the-benefits-of-taking-intent-based.html www.secnews.physaphae.fr/article.php?IdArticle=7540074 False Threat,Medical,Cloud APT 38,APT 19,APT 29,APT 10,APT 37,Uber,APT 15,Yahoo None Silicon - Site de News Francais 2022-10-14T15:43:11+00:00 https://www.silicon.fr/aks-lite-microsoft-kubernetes-peripherie-450168.html www.secnews.physaphae.fr/article.php?IdArticle=7458723 False None Uber None CVE Liste - Common Vulnerability Exposure 2022-10-13T23:15:11+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-39278 www.secnews.physaphae.fr/article.php?IdArticle=7445043 False None Uber None Bleeping Computer - Magazine Américain 2022-10-13T10:05:10+00:00 https://www.bleepingcomputer.com/news/security/what-the-uber-hack-can-teach-us-about-navigating-it-security/ www.secnews.physaphae.fr/article.php?IdArticle=7436354 False Hack,Threat Uber,Uber None AlienVault Lab Blog - AlienVault est un acteur de defense majeur dans les IOC Sixth Annual Bank Survey found that more than 70% of fintech companies named information security as their top issue. According to VMware's Modern Bank Heists study, since the COVID-19 epidemic, there have been 238% more cyberattacks on companies in the financial sector. Artificial intelligence (AI) and self-learning malware are making cyberattacks more sophisticated. While ransomware assaults are the most profitable for cybercriminals, phishing attacks prey on unsuspecting and defenseless consumers. Thus, it should come as no surprise that 39% of financial industry executives think that the overall network security threat to BFSI sector companies has increased significantly. Financial and banking firms in the US must put cybersecurity first above all else given the volume of sensitive data that the BFSI sector must manage. Leading analytics company GlobalData predicts that rising demand for cybersecurity would cause worldwide security revenues in the retail banking industry to climb from $7.9 billion in 2019 to $9.8 billion in 2024. What are the biggest concerns facing the financial sector in the United States for 2022? Reimbursing cyber scams As banks are under pressure to compensate their scammed consumers, rising cybercrime rates translate to rising costs for the industry. More than half (58%) of those who conduct their banking online encounter scams via email or SMS at least once per week, and 23% report having fallen victim to a cyberattack. Banks currently reimburse authorized push payment (APP) fraud at an average rate of 46%. Although many banking institutions are refusing reimbursements for online fraud, this is due to change soon, or else the situation will backfire. For example, measures supported by the UK government will require banks to reimburse everyone. This is only one illustration of the fact that if banks are to secure their consumers and their business line in 2022, they must prioritize cybersecurity more highly. To exchange efficient strategies, banks will need to collaborate with governments and industry organizations. The public must continue to get education on preventative measures, but ultimately it is the banks' responsibility to establish security models that will give them and their clients the greatest level of safety. Maintain compliance with strict privacy regulations The use of social engineering and account takeover fraud will increase over the next years. Financial institutions must not only conduct comprehensive data checks beyond document verification at account opening to fight this but also keep track of customer identities throughout the customer lifecycle.   Banks must decide how to manage sensitive personal data like biometrics as ]]> 2022-10-13T10:00:00+00:00 https://cybersecurity.att.com/blogs/security-essentials/the-biggest-concerns-within-the-us-financial-sector-in-2022 www.secnews.physaphae.fr/article.php?IdArticle=7431394 False Ransomware,Malware,Vulnerability,Threat,Guideline Uber None CSO - CSO Daily Dashboard verdict in the Sullivan case. One reaction, often from CISOs already stressed by being outside the room where it happens, is to decide that being a CISO isn't worth the risk – it already wasn't worth the stress. If the title is really Chief Scapegoat Officer, it's one thing to lose your job, but your freedom? That's across the line. The second reaction seems to be nonchalant. What's the big deal, after all? It's just one person, and there was some shady stuff going on over at Uber.To read this article in full, please click here]]> 2022-10-13T02:00:00+00:00 https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7431120 False None Uber,Uber None Global Security Mag - Site de news francais Points de Vue]]> 2022-10-12T09:10:41+00:00 http://www.globalsecuritymag.fr/On-vous-cyber-attaque-Rejouissez,20221012,131047.html www.secnews.physaphae.fr/article.php?IdArticle=7409439 False None Uber,Uber None CVE Liste - Common Vulnerability Exposure 2022-10-11T19:15:12+00:00 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-37968 www.secnews.physaphae.fr/article.php?IdArticle=7397787 False None Uber 5.0000000000000000 McAfee Labs - Editeur Logiciel “I'll just Uber home.”  Who hails a taxi anymore? These days, city streets are full of double-parked sedans with their... ]]> 2022-10-11T15:47:09+00:00 https://www.mcafee.com/blogs/privacy-identity-protection/57-million-users-compromised-in-uber-leak-protect-your-digital-privacy-and-identity/ www.secnews.physaphae.fr/article.php?IdArticle=7401003 False None Uber,Uber None CISCO Talos - Cisco Research blog By Jon Munshaw and Vanja Svajcer.Microsoft released its monthly security update Tuesday, disclosing 83 vulnerabilities across the company's hardware and software line, including seven critical issues in Windows' point-to-point tunneling protocol. October's security update features 11 critical vulnerabilities, with the remainder being “important.”  One of the most notable vulnerabilities Microsoft fixed this month is CVE-2022-41038, a remote code execution issue in Microsoft SharePoint. There are several other SharePoint vulnerabilities included in this month's Patch Tuesday, though this seems the most severe, as Microsoft continues it to be “more likely” to be exploited.  An attacker must be authenticated to the target site with the correct permissions to use manage lists in SharePoint to exploit this vulnerability, and eventually gain the ability to execute remote code on the SharePoint server.  CVE-2022-37968, an elevation of privilege vulnerability in Azure Arc Connect, has the highest severity score out of all the vulnerabilities Microsoft fixed this month - a maximum 10 out of 10. Successful exploitation of this vulnerability, which affects the cluster connect feature of Azure Arc-enabled Kubernetes clusters, could allow an unauthenticated user to elevate their privileges as cluster admins and potentially gain control over the Kubernetes cluster. CVE-2022-37976 and CVE-2022-37979 are also critical elevation of privilege vulnerabilities in Windows Active Directory and Hyper-V, respectively.  The Windows' point-to-point tunneling protocol, which is a network protocol used to create VPN tunnels between public networks, contains eight vulnerabilities that Microsoft disclosed Tuesday, seven of which are rated “critical” severity: CVE-2022-22035CVE-2022-24504 CVE-2022-30198 CVE-2022-33634 CVE-2022-38000 CVE-2022-38047 CVE-2022-41081 CVE-2022-38000 is the most serious among the group wit]]> 2022-10-11T14:11:23+00:00 http://blog.talosintelligence.com/2022/10/microsoft-patch-tuesday-for-october.html www.secnews.physaphae.fr/article.php?IdArticle=7396114 False Vulnerability Uber None Global Security Mag - Site de news francais Produits]]> 2022-10-11T13:59:11+00:00 http://www.globalsecuritymag.fr/Venafi-presente-un-Plan-de,20221011,131013.html www.secnews.physaphae.fr/article.php?IdArticle=7392552 False None Uber None Wired Threat Level - Security News 2022-10-07T19:20:30+00:00 https://www.wired.com/story/uber-joe-sullivan-conviction/ www.secnews.physaphae.fr/article.php?IdArticle=7338078 False Data Breach Uber,Uber None SecurityWeek - Security News 2022-10-07T11:16:52+00:00 https://www.securityweek.com/industry-reactions-conviction-former-uber-cso-joe-sullivan-feedback-friday www.secnews.physaphae.fr/article.php?IdArticle=7333333 False Data Breach Uber,Uber None TechRepublic - Security News US 2022-10-06T21:39:45+00:00 https://www.techrepublic.com/article/uber-cso-guilty-obstruction-attempted-data-breach-cover-up/ www.secnews.physaphae.fr/article.php?IdArticle=7323989 False Data Breach Uber,Uber None Ars Technica - Risk Assessment Security Hacktivism 2022-10-06T15:11:37+00:00 https://arstechnica.com/?p=1887551 www.secnews.physaphae.fr/article.php?IdArticle=7321767 False Hack Uber None InfoSecurity Mag - InfoSecurity Magazine 2022-10-06T15:00:00+00:00 https://www.infosecurity-magazine.com/news/ubers-former-security-chief/ www.secnews.physaphae.fr/article.php?IdArticle=7320164 True Data Breach Uber None CSO - CSO Daily Dashboard a notice published by the Department of Justice (DOJ).US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”To read this article in full, please click here]]> 2022-10-06T13:16:00+00:00 https://www.csoonline.com/article/3676148/guilty-verdict-in-the-uber-breach-case-makes-personal-liability-real-for-cisos.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7323153 False Data Breach,Hack Uber,Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-10-06T12:27:00+00:00 https://thehackernews.com/2022/10/former-uber-security-chief-found-guilty.html www.secnews.physaphae.fr/article.php?IdArticle=7318327 False Data Breach Uber,Uber None The Register - Site journalistique Anglais 2022-10-06T00:33:21+00:00 https://go.theregister.com/feed/www.theregister.com/2022/10/06/uber_cso_sullivan_guilty/ www.secnews.physaphae.fr/article.php?IdArticle=7312599 False None Uber,Uber None SecurityWeek - Security News A San Francisco jury on Wednesday found former Uber security chief Joe Sullivan guilty of covering up a 2016 data breach and concealing information on a felony from law enforcement. ]]> 2022-10-05T21:49:24+00:00 https://www.securityweek.com/former-uber-ciso-joe-sullivan-found-guilty www.secnews.physaphae.fr/article.php?IdArticle=7321493 False Data Breach Uber,Uber None Global Security Mag - Site de news francais Business]]> 2022-10-05T12:31:28+00:00 http://www.globalsecuritymag.fr/NEC-et-Red-Hat-etendent-leur,20221005,130808.html www.secnews.physaphae.fr/article.php?IdArticle=7306564 False None Uber None MitnickSecurity - Former Hacker Services No matter how robust network security is, even the biggest companies fall victim to cyber attacks. These malicious attacks can be costly - to the tune of 4.3 million on average - but they also disrupt operations and hurt a company's reputation. ]]> 2022-10-03T17:00:00+00:00 https://www.mitnicksecurity.com/blog/uber-data-breach www.secnews.physaphae.fr/article.php?IdArticle=7289144 False Data Breach Uber 3.0000000000000000 01net. Actualites - Securite - Magazine Francais Le hack récent d'Uber a montré une fois de plus que les systèmes d'authentification à plusieurs facteurs ne sont pas toujours efficaces pour contrer les cybercriminels, qui usent de nouvelles techniques pour tenter de vous piéger. L'article Méfiance : l'authentification multifacteur ne vous protège pas totalement des pirates est à retrouver sur 01net.com.]]> 2022-10-03T05:00:59+00:00 https://www.01net.com/actualites/mefiance-lauthentification-multifacteur-ne-vous-protege-pas-totalement-des-pirates.html www.secnews.physaphae.fr/article.php?IdArticle=7283226 False Hack Uber None Silicon - Site de News Francais 2022-09-30T09:56:02+00:00 https://www.silicon.fr/avis-expert/quels-enseignements-tirer-de-la-compromission-duber www.secnews.physaphae.fr/article.php?IdArticle=7221045 False None Uber None Global Security Mag - Site de news francais Points de Vue]]> 2022-09-29T08:07:37+00:00 http://www.globalsecuritymag.fr/Architecture-sans-serveur-Quoi-ou,20220929,130493.html www.secnews.physaphae.fr/article.php?IdArticle=7196570 False None Uber None 01net. Actualites - Securite - Magazine Francais Le pirate d'Uber et de Rockstar a-t-il été déjà arrêté ? La police de Londres indique en tout cas qu'un jeune hacker a été appréhendé ce week-end. Son profil concorde avec celui d'un adolescent déjà impliqué dans les précédents hacks menés par le groupe Lapsus$. L'article Leaks de GTA VI, piratage d’Uber : un jeune hacker de 17 ans un peu trop vantard arrêté est à retrouver sur 01net.com.]]> 2022-09-26T17:01:02+00:00 https://www.01net.com/actualites/leaks-de-gta-vi-piratage-duber-un-jeune-hacker-de-17-ans-arrete.html www.secnews.physaphae.fr/article.php?IdArticle=7152277 False None Uber None Dark Reading - Informationweek Branch 2022-09-26T14:00:00+00:00 https://www.darkreading.com/dr-tech/how-quantum-physics-leads-to-decrypting-common-algorithms www.secnews.physaphae.fr/article.php?IdArticle=7150025 False None Uber None Security Affairs - Blog Secu The City of London Police this week announced the arrest of a 17-year-old teenager on suspicion of hacking. Is he the Uber hacker? The City of London Police on Friday announced to have arrested a 17-year-old teenager on suspicion of hacking, however, experts believe the arrest could be linked to the recent security breaches suffered […] ]]> 2022-09-24T13:58:18+00:00 https://securityaffairs.co/wordpress/136146/cyber-crime/uber-rockstar-games-hacker-arrest.html www.secnews.physaphae.fr/article.php?IdArticle=7107676 False None Uber,Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-09-24T12:07:00+00:00 https://thehackernews.com/2022/09/london-police-arrested-17-year-old.html www.secnews.physaphae.fr/article.php?IdArticle=7101209 False None Uber,Uber None Dark Reading - Informationweek Branch 2022-09-23T20:19:01+00:00 https://www.darkreading.com/cloud/app-developers-increasingly-targeted-slack-devops-tools www.secnews.physaphae.fr/article.php?IdArticle=7089284 False None Uber None Graham Cluley - Blog Security 2022-09-23T16:23:12+00:00 https://grahamcluley.com/oxford-teen-arrested-in-uk-on-suspicion-of-hacking/ www.secnews.physaphae.fr/article.php?IdArticle=7085385 False None Uber,Uber None CyberScoop - scoopnewsgroup.com special Cyber The arrest comes just more than a week after the Uber and Rockstar Games hacks, which Uber blamed on a group linked to British teens. ]]> 2022-09-23T15:51:25+00:00 https://www.cyberscoop.com/british-teen-arrested-in-hacking-case/ www.secnews.physaphae.fr/article.php?IdArticle=7084475 False None Uber,Uber None TechRepublic - Security News US Learn how to grant access to Excel workbook ranges, get the latest updates on the Windows 11 22H2 release and learn about the Uber hack in this week's roundup of the news. ]]> 2022-09-22T13:44:39+00:00 https://www.techrepublic.com/article/tech-news-may-missed-sept-15/ www.secnews.physaphae.fr/article.php?IdArticle=7062600 False Hack Uber,Uber None CSO - CSO Daily Dashboard To read this article in full, please click here]]> 2022-09-22T02:00:00+00:00 https://www.csoonline.com/article/3674156/multi-factor-authentication-fatigue-attacks-are-on-the-rise-how-to-defend-against-them.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7057331 False None Uber,Uber None CSO - CSO Daily Dashboard has drawn the attention of security professionals.To read this article in full, please click here]]> 2022-09-22T02:00:00+00:00 https://www.csoonline.com/article/3674308/dando-insurance-not-yet-a-priority-despite-criminal-trial-of-uber-s-former-ciso.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7057330 False Hack Uber,Uber None TechRepublic - Security News US In last week's security breach against Uber, the attackers downloaded internal messages from Slack as well as information from a tool used to manage invoices. ]]> 2022-09-20T20:17:02+00:00 https://www.techrepublic.com/article/uber-exposes-lapsus-breach/ www.secnews.physaphae.fr/article.php?IdArticle=7022467 False Tool Uber None CyberArk - Software Vendor 2022-09-20T20:06:38+00:00 https://www.cyberark.com/blog/unpacking-the-uber-breach/ www.secnews.physaphae.fr/article.php?IdArticle=7023330 False None Uber,Uber None Dark Reading - Informationweek Branch 2022-09-20T18:20:52+00:00 https://www.darkreading.com/dr-tech/cast-ai-introduces-cloud-security-insights-for-kubernetes www.secnews.physaphae.fr/article.php?IdArticle=7020205 False None Uber None InfoSecurity Mag - InfoSecurity Magazine 2022-09-20T15:30:00+00:00 https://www.infosecurity-magazine.com/news/gta-publisher-rockstar-games-hacked/ www.secnews.physaphae.fr/article.php?IdArticle=7017658 False Threat Uber None Anomali - Firm Blog Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber News and Threat Intelligence Hacker Pwns Uber Via Compromised VPN Account (published: September 16, 2022) On September 15, 2022, ride-sharing giant Uber started an incident response after discovering a data breach. According to Group-IB researchers, download file name artifacts point to the attacker getting access to fresh keylogger logs affecting two Uber employees from Indonesia and Brazil that have been infected with Racoon and Vidar stealers. The attacker allegedly used a compromised VPN account credentials and performed multifactor authentication fatigue attack by requesting the MFA push notification many times and then making a social-engineering call to the affected employee. Once inside, the attacker allegedly found valid credentials for privilege escalation: a PowerShell script containing hardcoded credentials for a Thycotic privileged access management admin account. On September 18, 2022, Rockstar Games’ Grand Theft Auto 6 suffered a confirmed data leak, likely caused by the same attacker. Analyst Comment: Network defenders can consider setting up alerts for signs of an MFA fatigue attack such as a large number of MFA requests in a relatively short period of time. Review your source code for embedded credentials, especially those with administrative privileges. MITRE ATT&CK: [MITRE ATT&CK] Valid Accounts - T1078 | [MITRE ATT&CK] Credentials from Password Stores - T1555 Tags: MFA fatigue, Social engineering, Data breach, Uber, GTA 6, GTA VI, detection:Racoon, detection:Vidar, malware-type:Keylogger, malware-type:Stealer Self-Spreading Stealer Attacks Gamers via YouTube (published: September 15, 2022) Kaspersky researchers discovered a new campaign spreading the RedLine commodity stealer. This campaign utilizes a malicious bundle: a single self-extracting archive. The bundle delivers RedLine and additional malware, which enables spreading the malicious archive by publishing promotional videos on victim’s Youtube channel. These videos target gamers with promises of “cheats” and “cracks.” Analyst Comment: Kids and other online gamers should be reminded to avoid illegal software. It might be better to use different machines for your gaming and banking activities. MITRE ATT&CK: [MITRE ATT&CK] User Execution - T1204 | [MITRE ATT&CK] Credentials from Password Stores - T1555 | [MITRE ATT&CK] Resource Hijacking - T1496 Tags: detection:RedLine, malware-type:Stealer, Bundle, Self-spreading, Telegraph, Youtub]]> 2022-09-20T15:00:00+00:00 https://www.anomali.com/blog/anomali-cyber-watch-uber-and-gta-6-were-breached-redline-bundle-file-advertises-itself-on-youtube-supply-chain-attack-via-ecommerce-fishpig-extensions-and-more www.secnews.physaphae.fr/article.php?IdArticle=7016803 False Ransomware,Malware,Tool,Vulnerability,Threat,Guideline Uber,Uber,APT 15,APT 41 None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-09-20T14:51:00+00:00 https://thehackernews.com/2022/09/uber-blames-lapsus-hacking-group-for.html www.secnews.physaphae.fr/article.php?IdArticle=7013008 False Threat Uber,Uber None knowbe4 - cybersecurity services ]]> 2022-09-20T13:30:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-12-38-heads-up-new-uber-security-breach-looks-bad-caused-by-social-engineering www.secnews.physaphae.fr/article.php?IdArticle=7015860 True None Uber,Uber None Security Affairs - Blog Secu Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking group. Uber revealed additional details about the recent security breach, the company believes that the threat actor behind the intrusion is affiliated with the LAPSUS$ hacking group. Over the last months, the Lapsus$ gang compromised […] ]]> 2022-09-20T13:17:36+00:00 https://securityaffairs.co/wordpress/135980/cyber-crime/uber-hacked-by-lapsus-group.html www.secnews.physaphae.fr/article.php?IdArticle=7015707 False Threat Uber,Uber None InfoSecurity Mag - InfoSecurity Magazine 2022-09-20T08:40:00+00:00 https://www.infosecurity-magazine.com/news/uber-blames-lapsus-for-breach/ www.secnews.physaphae.fr/article.php?IdArticle=7011585 False Threat Uber,Uber None CSO - CSO Daily Dashboard network data breach that occurred on Thursday, September 15.Attacker gained elevated permissions to tools including G-Suite and Slack In a security update published on Monday, September 19, Uber wrote, “An Uber EXT contractor had their account compromised by an attacker. It is likely that the attacker purchased the contractor's Uber corporate password on the dark web, after the contractor's personal device had been infected with malware, exposing those credentials. The attacker then repeatedly tried to log in to the contractor's Uber account.” Each time, the contractor received a two-factor login approval request, which initially blocked access, it added.To read this article in full, please click here]]> 2022-09-20T04:03:00+00:00 https://www.csoonline.com/article/3674209/uber-links-cyberattack-to-lapsus-says-sensitive-user-data-remains-protected.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7013851 False Threat Uber,Uber None