This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T21:16:59+00:00 www.secnews.physaphae.fr knowbe4 - cybersecurity services CyberheistNews Vol 13 #22  |   May 31st, 2023 [Eye on Fraud] A Closer Look at the Massive 72% Spike in Financial Phishing Attacks With attackers knowing financial fraud-based phishing attacks are best suited for the one industry where the money is, this massive spike in attacks should both surprise you and not surprise you at all. When you want tires, where do you go? Right – to the tire store. Shoes? Yup – shoe store. The most money you can scam from a single attack? That\'s right – the financial services industry, at least according to cybersecurity vendor Armorblox\'s 2023 Email Security Threat Report. According to the report, the financial services industry as a target has increased by 72% over 2022 and was the single largest target of financial fraud attacks, representing 49% of all such attacks. When breaking down the specific types of financial fraud, it doesn\'t get any better for the financial industry: 51% of invoice fraud attacks targeted the financial services industry 42% were payroll fraud attacks 63% were payment fraud To make matters worse, nearly one-quarter (22%) of financial fraud attacks successfully bypassed native email security controls, according to Armorblox. That means one in five email-based attacks made it all the way to the Inbox. The next layer in your defense should be a user that\'s properly educated using security awareness training to easily identify financial fraud and other phishing-based threats, stopping them before they do actual damage. Blog post with links:https://blog.knowbe4.com/financial-fraud-phishing [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense. Join us Wednesday, June 7, @ 2:00 PM (ET), for a live demonstration of how KnowBe4 introduces a new-school approach to security awareness training and simulated phishing. Get a look at THREE NEW FEATURES and see how easy it is to train and phish your users. ]]> 2023-05-31T13:00:00+00:00 https://blog.knowbe4.com/cyberheistnews-vol-13-22-eye-on-fraud-a-closer-look-at-the-massive-72-percent-spike-in-financial-phishing-attacks www.secnews.physaphae.fr/article.php?IdArticle=8340859 False Ransomware,Malware,Hack,Tool,Threat,Conference Uber,ChatGPT,ChatGPT,Guam 2.0000000000000000 BBC - BBC News - Technology Joseph Sullivan was convicted over covering up a security breach of 57 million user accounts in 2016.]]> 2023-05-05T15:41:29+00:00 https://www.bbc.co.uk/news/technology-65497186?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=8333803 False Hack Uber 2.0000000000000000 Bleeping Computer - Magazine Américain 2022-10-13T10:05:10+00:00 https://www.bleepingcomputer.com/news/security/what-the-uber-hack-can-teach-us-about-navigating-it-security/ www.secnews.physaphae.fr/article.php?IdArticle=7436354 False Hack,Threat Uber,Uber None Ars Technica - Risk Assessment Security Hacktivism 2022-10-06T15:11:37+00:00 https://arstechnica.com/?p=1887551 www.secnews.physaphae.fr/article.php?IdArticle=7321767 False Hack Uber None CSO - CSO Daily Dashboard a notice published by the Department of Justice (DOJ).US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”To read this article in full, please click here]]> 2022-10-06T13:16:00+00:00 https://www.csoonline.com/article/3676148/guilty-verdict-in-the-uber-breach-case-makes-personal-liability-real-for-cisos.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7323153 False Data Breach,Hack Uber,Uber None 01net. Actualites - Securite - Magazine Francais Le hack récent d'Uber a montré une fois de plus que les systèmes d'authentification à plusieurs facteurs ne sont pas toujours efficaces pour contrer les cybercriminels, qui usent de nouvelles techniques pour tenter de vous piéger. L'article Méfiance : l'authentification multifacteur ne vous protège pas totalement des pirates est à retrouver sur 01net.com.]]> 2022-10-03T05:00:59+00:00 https://www.01net.com/actualites/mefiance-lauthentification-multifacteur-ne-vous-protege-pas-totalement-des-pirates.html www.secnews.physaphae.fr/article.php?IdArticle=7283226 False Hack Uber None TechRepublic - Security News US Learn how to grant access to Excel workbook ranges, get the latest updates on the Windows 11 22H2 release and learn about the Uber hack in this week's roundup of the news. ]]> 2022-09-22T13:44:39+00:00 https://www.techrepublic.com/article/tech-news-may-missed-sept-15/ www.secnews.physaphae.fr/article.php?IdArticle=7062600 False Hack Uber,Uber None CSO - CSO Daily Dashboard has drawn the attention of security professionals.To read this article in full, please click here]]> 2022-09-22T02:00:00+00:00 https://www.csoonline.com/article/3674308/dando-insurance-not-yet-a-priority-despite-criminal-trial-of-uber-s-former-ciso.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=7057330 False Hack Uber,Uber None Bleeping Computer - Magazine Américain 2022-09-19T14:26:20+00:00 https://www.bleepingcomputer.com/news/security/uber-links-breach-to-lapsus-group-blames-contractor-for-hack/ www.secnews.physaphae.fr/article.php?IdArticle=7004815 False Hack Uber,Uber None SecurityWeek - Security News 2022-09-19T10:24:11+00:00 https://www.securityweek.com/gta-6-videos-and-source-code-stolen-rockstar-games-hack www.secnews.physaphae.fr/article.php?IdArticle=7001779 False Hack Uber,Uber None Security Affairs - Blog Secu 2022-09-18T11:58:11+00:00 https://securityaffairs.co/wordpress/135876/data-breach/uber-data-breach-update.html www.secnews.physaphae.fr/article.php?IdArticle=6978688 False Hack Uber,Uber None CyberScoop - scoopnewsgroup.com special Cyber 2022-09-16T17:00:29+00:00 https://www.cyberscoop.com/uber-hack-systems-failure-dont-blame-employee/ www.secnews.physaphae.fr/article.php?IdArticle=6932978 False Hack Uber,Uber None Schneier on Security - Chercheur Cryptologue Américain big: The breach appeared to have compromised many of Uber’s internal systems, and a person claiming responsibility for the hack sent images of email, cloud storage and code repositories to cybersecurity researchers and The New York Times. “They pretty much have full access to Uber,” said Sam Curry, a security engineer at Yuga Labs who corresponded with the person who claimed to be responsible for the breach. “This is a total compromise, from what it looks like.” It looks like a pretty basic phishing attack; someone gave the hacker their login credentials. And because Uber has lousy internal security, lots of people have access to everything. So once a hacker gains a foothold, they have access to everything...]]> 2022-09-16T14:07:13+00:00 https://www.schneier.com/blog/archives/2022/09/massive-data-breach-at-uber.html www.secnews.physaphae.fr/article.php?IdArticle=6931477 False Data Breach,Hack Uber,Uber None BBC - BBC News - Technology 2022-09-16T10:10:38+00:00 https://www.bbc.co.uk/news/technology-62925047?at_medium=RSS&at_campaign=KARANGA www.secnews.physaphae.fr/article.php?IdArticle=6927818 False Hack Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 2022-09-16T08:38:00+00:00 https://thehackernews.com/2022/09/uber-says-its-investigating-potential.html www.secnews.physaphae.fr/article.php?IdArticle=6921329 False Hack Uber None GoogleSec - Firm Security Blog Cover of the medieval cookbook. Title in large letters kernel Exploits. Adorned. Featuring a small penguin. 15th century. Color. High quality picture. Private collection. Detailed.The Linux kernel is a key component for the security of the Internet. Google uses Linux in almost everything, from the computers our employees use, to the products people around the world use daily like Chromebooks, Android on phones, cars, and TVs, and workloads on Google Cloud. Because of this, we have heavily invested in Linux's security - and today, we're announcing how we're building on those investments and increasing our rewards.In 2020, we launched an open-source Kubernetes-based Capture-the-Flag (CTF) project called, kCTF. The kCTF Vulnerability Rewards Program (VRP) lets researchers connect to our Google Kubernetes Engine (GKE) instances, and if they can hack it, they get a flag, and are potentially rewarded. All of GKE and its dependenci]]> 2022-08-10T12:00:24+00:00 http://security.googleblog.com/2022/08/making-linux-kernel-exploit-cooking.html www.secnews.physaphae.fr/article.php?IdArticle=6232094 False Hack Uber None CSO - CSO Daily Dashboard both of whom were later indicted for their breach of Lynda (a company acquired by Linkedin).To read this article in full, please click here]]> 2022-05-19T02:00:00+00:00 https://www.csoonline.com/article/3660560/uber-cisos-trial-underscores-the-importance-of-truth-transparency-and-trust.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=4704406 False Data Breach,Hack Uber,Uber None InfoSecurity Mag - InfoSecurity Magazine 2021-12-24T10:25:00+00:00 https://www.infosecurity-magazine.com/news/former-uber-cso-faces-new-charge/ www.secnews.physaphae.fr/article.php?IdArticle=3868975 False Hack Uber,Uber None IT Security Guru - Blog Sécurité 2021-02-10T16:48:33+00:00 https://www.itsecurityguru.org/2021/02/10/researcher-manages-to-hack-into-35-tech-firms/?utm_source=rss&utm_medium=rss&utm_campaign=researcher-manages-to-hack-into-35-tech-firms www.secnews.physaphae.fr/article.php?IdArticle=2325105 False Hack Uber None Bleeping Computer - Magazine Américain 2021-02-09T13:04:16+00:00 https://www.bleepingcomputer.com/news/security/researcher-hacks-microsoft-apple-more-in-novel-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2318977 False Hack Uber,Uber None Bleeping Computer - Magazine Américain 2021-02-09T13:04:16+00:00 https://www.bleepingcomputer.com/news/security/researcher-hacks-over-35-tech-firms-in-novel-supply-chain-attack/ www.secnews.physaphae.fr/article.php?IdArticle=2323268 True Hack Uber,Uber None InformationSecurityBuzzNews - Site de News Securite Former Uber Security Chief Charged With Paying Hush Money To Cover Up 2016 Hack]]> 2020-08-24T15:21:46+00:00 https://www.informationsecuritybuzz.com/expert-comments/former-uber-security-chief-charged-with-paying-hush-money-to-cover-up-2016-hack/ www.secnews.physaphae.fr/article.php?IdArticle=1879487 False Data Breach,Hack Uber None BBC - BBC News - Technology 2020-08-21T10:04:22+00:00 https://www.bbc.co.uk/news/technology-53861375 www.secnews.physaphae.fr/article.php?IdArticle=1873958 False Hack Uber None ZD Net - Magazine Info 2020-08-20T20:51:02+00:00 https://www.zdnet.com/article/former-uber-cso-charged-for-2016-hack-cover-up/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1873013 False Hack Uber None Dark Reading - Informationweek Branch 2020-08-20T16:30:00+00:00 https://www.darkreading.com/attacks-breaches/former-uber-cso-charged-in-hack-cover-up/d/d-id/1338714?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1872978 False Hack Uber None Tech Worm - Desc 2020-07-25T05:22:55+00:00 https://www.techworm.net/2020/07/carry-minati-youtube-channel-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=1824004 False Hack Uber None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2020-07-15T22:11:20+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/siWihZWg4Lo/verified-twitter-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=1807092 False Hack Uber None Graham Cluley - Blog Security 2020-03-04T12:26:32+00:00 https://www.grahamcluley.com/police-raid-tech-support-scam-centre/ www.secnews.physaphae.fr/article.php?IdArticle=1580651 False Hack Uber None Errata Security - Errata Security public report behind the U.N.'s accusations. That report failed to find evidence proving the theory, but instead simply found unknown things it couldn't explain, which it pretended was evidence.This is a common flaw in such forensics reports. When there's evidence, it's usually found and reported. When there's no evidence, investigators keep looking. Todays devices are complex, so if you keep looking, you always find anomalies you can't explain. There's only two results from such investigations: proof of bad things or anomalies that suggest bad things. There's never any proof that no bad things exist (at least, not in my experience).Bizarre and inexplicable behavior doesn't mean a hacker attack. Engineers trying to debug problems, and support technicians helping customers, find such behavior all the time. Pretty much every user of technology experiences this. Paranoid users often think there's a conspiracy against them when electronics behave strangely, but "behaving strangely" is perfectly normal.When you start with the theory that hackers are involved, then you have an explanation for the all that's unexplainable. It's all consistent with the theory, thus proving it. This is called "confirmation bias". It's the same thing that props up conspiracy theories like UFOs: space aliens can do anything, thus, anything unexplainable is proof of space aliens. Alternate explanations, like skunkworks testing a new jet, never seem as plausible.The investigators were hired to confirm bias. Their job wasn't to do an unbiased investigation of the phone, but instead, to find evidence confirming the suspicion that the Saudis hacked Bezos.Remember the story started in February of 2019 when the National Inquirer tried to extort Jeff Bezos with sexts between him and his paramour Lauren Sanchez. Bezos immediately accused the Saudis of being involved. Even after it was revealed that the sexts came from Michael Sanchez, the paramour's brother, Bezos's team double-downed on their accusations the Saudi's hacked Bezos's phone.The FTI report tells a story beginning with Saudi Crown Prince sending Bezos a message using WhatsApp containing a video. The story goes:The downloader that delivered the 4.22MB video was encrypted, delaying or preventing further study of the code delivered along with the video. It should be noted that the encrypted WhatsApp file sent from MBS' account was slightly larger than the video itself.This story is invalid. Such messages use end-to-end encryption, which means that while nobody in between can decrypt them (not even WhatsApp), anybody with possession of the ends can. That's how the technology is supposed to work. If Bezos loses/breaks his phone and needs to restore a backup onto a new phone, the backup needs to have the keys used to decrypt the WhatsApp messages.Thus, the forensics image taken by the investigators had the necessary keys to decrypt the video -- the investigators simply didn't know about them. In a previous blogpost I explain these magical WhatsApp keys and where to find them so that anybody, even you at home, can forensics their own iPhone, retrieve these keys, and decrypt their own videos.]]> 2020-01-28T16:53:00+00:00 https://blog.erratasec.com/2020/01/theres-no-evidence-saudis-hacked-jeff.html www.secnews.physaphae.fr/article.php?IdArticle=1515208 False Hack Uber None Graham Cluley - Blog Security 2019-10-31T22:20:11+00:00 https://www.tripwire.com/state-of-security/featured/men-paid-100k-by-uber-to-hush-up-hack-plead-guilty-to-extortion-scheme/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=1437506 True Hack,Guideline Uber None The State of Security - Magazine Américain Read More ]]> 2019-10-31T18:10:27+00:00 https://www.tripwire.com/state-of-security/featured/men-paid-100k-by-uber-to-hush-up-hack-plead-guilty-to-extortion-scheme/ www.secnews.physaphae.fr/article.php?IdArticle=1437202 False Hack,Guideline Uber None CSO - CSO Daily Dashboard 2018-12-27T03:00:00+00:00 https://www.csoonline.com/article/3329860/hacking/the-most-interesting-and-important-hacks-of-2018.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=966793 False Hack,Tool Uber None SecurityWeek - Security News 2018-11-05T02:20:03+00:00 https://www.securityweek.com/kemp-cites-voter-database-hacking-attempt-gives-no-evidence www.secnews.physaphae.fr/article.php?IdArticle=880912 False Hack Uber None CSO - CSO Daily Dashboard Image by Getty/UberIn 2016 ride-hailing app Uber had 600,000 driver and 57 million user accounts were breached. Instead of reporting the incident the company paid the perpetrator $100,000 to keep the hack under wraps. Those actions, however, cost the company dearly. The company was fined $148 million -- the biggest data-breach payout in history – for violation of state data breach notification laws.]]> 2018-10-30T03:00:00+00:00 https://www.csoonline.com/article/3316569/data-breach/biggest-data-breach-penalties-for-2018.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=870239 False Data Breach,Hack Uber None