This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-06-02T06:30:32+00:00 www.secnews.physaphae.fr BBC - BBC News - Technology 2019-11-01T06:26:44+00:00 https://www.bbc.co.uk/news/world-asia-india-50258948 www.secnews.physaphae.fr/article.php?IdArticle=1437968 False Hack None None Graham Cluley - Blog Security 2019-10-31T22:20:11+00:00 https://www.tripwire.com/state-of-security/featured/men-paid-100k-by-uber-to-hush-up-hack-plead-guilty-to-extortion-scheme/#new_tab www.secnews.physaphae.fr/article.php?IdArticle=1437506 True Hack,Guideline Uber None The State of Security - Magazine Américain Read More ]]> 2019-10-31T18:10:27+00:00 https://www.tripwire.com/state-of-security/featured/men-paid-100k-by-uber-to-hush-up-hack-plead-guilty-to-extortion-scheme/ www.secnews.physaphae.fr/article.php?IdArticle=1437202 False Hack,Guideline Uber None Security Affairs - Blog Secu 2019-10-30T08:11:32+00:00 https://securityaffairs.co/wordpress/93062/hacking/xiaomi-furrytail-pet-feeders-hack.html www.secnews.physaphae.fr/article.php?IdArticle=1434592 False Hack None None Bleeping Computer - Magazine Américain 2019-10-29T12:11:17+00:00 https://www.bleepingcomputer.com/news/security/nordvpn-plans-security-and-privacy-upgrades-after-hack/ www.secnews.physaphae.fr/article.php?IdArticle=1433349 False Hack None None InformationSecurityBuzzNews - Site de News Securite Security Researcher Gets Access To All Xiaomi Pet Feeders Around The World]]> 2019-10-29T07:57:29+00:00 https://www.informationsecuritybuzz.com/expert-comments/security-researcher-gets-access-to-all-xiaomi-pet-feeders-around-the-world/ www.secnews.physaphae.fr/article.php?IdArticle=1432537 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-10-29T00:24:28+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/QY7fLDJnJ20/cyber-attack-tokyo-olympics.html www.secnews.physaphae.fr/article.php?IdArticle=1432478 False Hack None None Security Affairs - Blog Secu 2019-10-26T15:07:54+00:00 https://securityaffairs.co/wordpress/92997/hacking/cve-2019-11043-php7-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=1428162 False Hack,Vulnerability None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-10-26T12:53:02+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/FsBHt8lHiJo/nginx-php-fpm-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=1428380 False Hack,Vulnerability None None Hacking Articles - Blog de Raj Chandel Continue reading → ]]> 2019-10-24T15:21:57+00:00 https://www.hackingarticles.in/ha-naruto-vulnhub-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=1424227 False Hack None None Security Affairs - Blog Secu 2019-10-23T11:34:02+00:00 https://securityaffairs.co/wordpress/92870/hacking/robots-vulnerable-to-hack.html www.secnews.physaphae.fr/article.php?IdArticle=1421854 False Hack None None 01net. Actualites - Securite - Magazine Francais ]]> 2019-10-22T06:22:48+00:00 https://www.01net.com/actualites/le-hack-de-nordvpn-incite-a-la-mefiance-quant-a-la-securite-des-reseaux-prives-virtuels-1792200.html www.secnews.physaphae.fr/article.php?IdArticle=1421739 False Hack None None ZD Net - Magazine Info 2019-10-21T23:52:59+00:00 https://www.zdnet.com/article/avast-no-plans-to-discontinue-ccleaner-following-second-hack-in-two-years/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1418664 False Hack CCleaner None Dark Reading - Informationweek Branch 2019-10-17T10:45:00+00:00 https://www.darkreading.com/threat-intelligence/cozy-bear-emerges-from-hibernation-to-hack-eu-ministries/d/d-id/1336111?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple www.secnews.physaphae.fr/article.php?IdArticle=1409431 False Hack APT 29 None Wired Threat Level - Security News 2019-10-17T10:00:00+00:00 https://www.wired.com/story/untold-story-2018-olympics-destroyer-cyberattack www.secnews.physaphae.fr/article.php?IdArticle=1408769 False Hack None None InformationSecurityBuzzNews - Site de News Securite Experts On “BriansClub” Hack Rescues 26m Stolen Cards]]> 2019-10-16T13:45:21+00:00 https://www.informationsecuritybuzz.com/expert-comments/experts-on-briansclub-hack-rescues-26m-stolen-cards/ www.secnews.physaphae.fr/article.php?IdArticle=1407368 True Hack None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Image Source: Pexels There are a number of smart devices becoming commonplace in homes around the world, leading us closer and closer to the reality of smart homes, or houses that depend primarily on interconnected smart tech. Heating, lighting, and common appliances like doorbells, alarms, and entertainment devices are now increasingly being designed to operate on the internet of things (IoT). However, some experts have expressed valid security concerns regarding smart technology,  believing that these systems are specifically vulnerable to cybercriminals. Some may argue that implementing smart systems isn’t worth the time it takes unless the security bugs are worked out. This points to the fact that smart home cybersecurity is often overlooked. If you’re thinking about using a variety of smart home devices in your home and have never thought about this, now may be the time. Below are some things to consider that will help you make a more informed choice regarding smart tech in your home. The risks of IoT The truth is that IoT-based devices are growing in popularity at a faster rate than their security measures can keep up with. This could have some extremely serious consequences for those who have filled everyday lives with multiple interconnected smart devices. While these things may be convenient for a home, IoT technology itself comes with a cost. As Javvad Malik suggested in his article “IoT: Usability Dream or Privacy Nightmare?”, imagine what might happen if a hacker got control of your smart thermostat. They could hold your temperature for ransom unless you paid them in bitcoin, Malik argued. This is a real concern with the growing popularity of IoT smart homes because, frankly, they’re not designed to defend themselves against cyberattacks. The risks of IoT systems have been well documented, specifically by the Open Web Application Security (OWASP) Project. Each year they cover concerns about the IoT in their “IoT project.” In their most recent update, they included the following things with the most major concerns in the implementation of IoT: Insecure network services. Lack of secure update mechanisms. Insecure data transfer and storage. Insufficient privacy protection. Lack of device management. Lack of secure default settings. The importance and trustworthiness of testing Smart devices can be tested for cybersecurity, but these tests aren’t foolproof. A common type of test is penetration (or “pen”) testing, and is used to check how easy it is to hack into a network. In general, they’re very helpful. But for IoT, they are harder to perform successfully. This was best summed up in a rhetorical example put forth by Ryan Francis, a contributor to Network World, Penetration testing was much like taking a battering ram to the door of the fortress. Keep pounding away and maybe find a secret backdoor to enter through]]> 2019-10-16T13:00:00+00:00 https://feeds.feedblitz.com/~/607850476/0/alienvault-blogs~Are-smart-homes-really-safe-from-hackers www.secnews.physaphae.fr/article.php?IdArticle=1407098 False Hack,Guideline None None Security Affairs - Blog Secu 2019-10-16T12:53:23+00:00 https://securityaffairs.co/wordpress/92537/hacking/vending-machine-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=1407103 False Hack None None IT Security Guru - Blog Sécurité 2019-10-16T09:05:21+00:00 https://www.itsecurityguru.org/2019/10/16/hack-of-fraud-bazaar-leaks-data-of-26-million-stolen-card-details/?utm_source=rss&utm_medium=rss&utm_campaign=hack-of-fraud-bazaar-leaks-data-of-26-million-stolen-card-details www.secnews.physaphae.fr/article.php?IdArticle=1406741 False Hack None None IT Security Guru - Blog Sécurité 2019-10-16T09:05:04+00:00 https://www.itsecurityguru.org/2019/10/16/ios-iphone-users-warned-of-new-hack/?utm_source=rss&utm_medium=rss&utm_campaign=ios-iphone-users-warned-of-new-hack www.secnews.physaphae.fr/article.php?IdArticle=1406742 False Hack None None IT Security Guru - Blog Sécurité 2019-10-16T09:04:49+00:00 https://www.itsecurityguru.org/2019/10/16/26-million-stolen-cards-rescued-from-briansclub-hack/?utm_source=rss&utm_medium=rss&utm_campaign=26-million-stolen-cards-rescued-from-briansclub-hack www.secnews.physaphae.fr/article.php?IdArticle=1406743 True Hack None None TechRepublic - Security News US 2019-10-15T15:52:00+00:00 https://www.techrepublic.com/article/hollywood-hack-job-how-cybersecurity-consultant-for-hit-tv-show-mr-robot-brought-authenticity-to-actor-rami-maleks/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1405135 False Hack None None ZD Net - Magazine Info 2019-10-15T11:10:03+00:00 https://www.zdnet.com/article/argentinian-security-researcher-arrested-after-tweeting-about-government-hack/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1404614 False Hack None None Krebs on Security - Chercheur Américain 2019-10-15T11:05:09+00:00 https://krebsonsecurity.com/2019/10/briansclub-hack-rescues-26m-stolen-cards/ www.secnews.physaphae.fr/article.php?IdArticle=1404575 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-10-12T03:02:51+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/QUrf8USNpdg/simjacker-vulnerability-exploit.html www.secnews.physaphae.fr/article.php?IdArticle=1398817 False Hack,Vulnerability None None BBC - BBC News - Technology 2019-10-11T11:19:07+00:00 https://www.bbc.co.uk/news/technology-50013630 www.secnews.physaphae.fr/article.php?IdArticle=1396680 False Hack None None InformationSecurityBuzzNews - Site de News Securite Dutch Website Hack Reveals Data Of 250000 Sex Workers’ Clients]]> 2019-10-11T11:16:33+00:00 https://www.informationsecuritybuzz.com/expert-comments/dutch-website-hack-reveals-data-of-250000-sex-workers-clients/ www.secnews.physaphae.fr/article.php?IdArticle=1396689 False Hack,Vulnerability None None IT Security Guru - Blog Sécurité 2019-10-10T08:55:55+00:00 https://www.itsecurityguru.org/2019/10/10/sesame-street-online-store-targeted-by-credit-card-stealing-hack/?utm_source=rss&utm_medium=rss&utm_campaign=sesame-street-online-store-targeted-by-credit-card-stealing-hack www.secnews.physaphae.fr/article.php?IdArticle=1394279 False Hack None None IT Security Guru - Blog Sécurité 2019-10-09T09:16:14+00:00 https://www.itsecurityguru.org/2019/10/09/10000-customers-credit-card-information-stolen-in-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=1392166 False Data Breach,Hack None None Security Affairs - Blog Secu 2019-10-08T12:50:11+00:00 https://securityaffairs.co/wordpress/92256/malware/muhstik-ransomware-hack-back.html www.secnews.physaphae.fr/article.php?IdArticle=1390495 False Ransomware,Hack None None IT Security Guru - Blog Sécurité 2019-10-08T09:06:48+00:00 https://www.itsecurityguru.org/2019/10/08/yahoo-engineer-has-pleaded-guilty-to-stealing-pictures-of-women/ www.secnews.physaphae.fr/article.php?IdArticle=1390111 False Hack,Guideline Yahoo None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Description: Do you want to avoid cybercrime? Online identity theft and fraud, webcam hackers, ransomware cyber-attacks, phishing, and other scams are a threat to all of us. Keep reading to protect your data and privacy and save your files and finances from fraudsters. How to avoid cybercrime   The cyber definition relates to the field of digital technology, and today is often associated with cybercrime. You might say that it doesn’t matter to you as you’re not a big cheese in the business world. Big mistake - since all individuals save data on their computers that is potentially profitable for scammers. Unfortunately, plenty of people are reckless when dealing with cybercrime. For example, up to 73% of users reuse passwords in their online accounts. The following tips can protect you from cybercrime. Cybercrime – types of threats A definition of cybersecurity is the integrated protection of internet-connected systems – hardware, software, and data from attacks. What are the types of cyber-attacks that lie in our virtual path?  Webcam cybercrime means that scammers can hack web cameras to spy on you when using Trojan horse attacks.  Screenshot managers do cybercrime when they make a snapshot of your PC when you click a doubtful link or download a file from a suspicious source. Cybercrime occurs when the ad clickers display ads and motivate you to click them, for example, when you are reading gadgets and electronic reviews and let end up with malware instead  DDoS attacks were developed to disrupt business/e-commerce websites to by directing tons of traffic from numerous sources, and disrupt business operations. There are plenty of other attacks in the modern web world. For example, online identity cybercrime means that a hacker gets unauthorized access to your personal data. It can happen if you provide somebody with private information when communicating with a scammer via email or by the phone. Fraudsters can even deliver you (or themselves) a credit card that you’ve never applied for. 5 tips to stay safe online Cybercrime is an everyday danger, and sometimes cyber police are unable to help. So, it’s arguably easier to prevent cybercrime than to deal with the consequences. How to achieve that? Install a current antivirus system and accept updates when getting official notifications/ Never use the same passwords on several websites. Try to complicate them with symbols and numbers. Don’t choose your name or date of birth for a password. Cyber-attacks today are not a joke, so you should strengthen your security system with a firewall to protect yourself from unwanted traffic. Pay attention to the web camera LED indicators (they’re red on external devices and blue on laptops). Be cautious with strangers. Don’t talk to them online and don’t accept offline tech help if you’re not sure it’s credible. A stranger from an unknown company can offer you computer support and then do cybercrime and spy on you remotely.  ]]> 2019-10-02T13:00:00+00:00 https://feeds.feedblitz.com/~/607373786/0/alienvault-blogs~How-to-avoid-becoming-a-victim-of-cybercrime-tips www.secnews.physaphae.fr/article.php?IdArticle=1375678 False Ransomware,Malware,Hack,Threat None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-10-02T01:30:32+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/CFPGW3ngSds/yahoo-email-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=1375145 False Hack,Guideline Yahoo None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-10-01T10:39:31+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/xia-EM3bsxc/pdf-password-encryption-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=1374017 False Hack None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ]]> 2019-10-01T04:39:49+00:00 http://feedproxy.google.com/~r/TheHackersNews/~3/EOLlx0c3BoE/Comodo-vbulletin-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=1373241 False Hack None None InformationSecurityBuzzNews - Site de News Securite 'Hundreds Of Millions' Of iPhones Vulnerable To New 'Unfixable' Hack]]> 2019-09-30T14:25:45+00:00 https://www.informationsecuritybuzz.com/expert-comments/hundreds-of-millions-of-iphones-vulnerable-to-new-unfixable-hack/ www.secnews.physaphae.fr/article.php?IdArticle=1371241 False Hack,Vulnerability None None Graham Cluley - Blog Security 2019-09-30T13:22:54+00:00 https://hotforsecurity.bitdefender.com/blog/hack-strikes-words-with-friends-and-draw-something-amid-claims-218-million-players-details-breached-21556.html#new_tab www.secnews.physaphae.fr/article.php?IdArticle=1371063 False Hack None None The State of Security - Magazine Américain Read More ]]> 2019-09-30T03:00:52+00:00 https://www.tripwire.com/state-of-security/vert/sector-2019-hack-lab-sneak-peak/ www.secnews.physaphae.fr/article.php?IdArticle=1369799 False Hack None None SecurityWeek - Security News 2019-09-27T07:31:42+00:00 http://feedproxy.google.com/~r/Securityweek/~3/NHsE4BtaR5Q/fbi-reviewed-cybersecurity-firms-evidence-2016-dnc-election-hack www.secnews.physaphae.fr/article.php?IdArticle=1365358 False Hack None None Errata Security - Errata Security these topics before.Who is CrowdStrike?They are a cybersecurity firm that, among other things, investigates hacker attacks. If you've been hacked by a nation state, then CrowdStrike is the sort of firm you'd hire to come and investigate what happened, and help prevent it from happening again.Why is CrowdStrike mentioned?Because they were the lead investigators in the DNC hack who came to the conclusion that Russia was responsible. The pro-Trump crowd believes this conclusion is false. If the conclusion is false, then it must mean CrowdStrike is part of the anti-Trump conspiracy.Trump always had a thing for CrowdStrike since their first investigation. It's intensified since the Mueller report, which solidified the ties between Trump-Russia, and Russia-DNC-Hack.Personally, I'm always suspicious of such investigations. Politics, either grand (on this scale) or small (internal company politics) seem to drive investigations, creating firm conclusions based on flimsy evidence. But CrowdStrike has made public some pretty solid information, such as BitLy accounts used both in the DNC hacks and other (known) targets of state-sponsored Russian hackers. Likewise, the Mueller report had good data on Bitcoin accounts. I'm sure if I looked at all the evidence, I'd have more doubts, but at the same time, of the politicized hacking incidents out there, this seems to have the best (public) support for the conclusion.What's the conspiracy?The basis of the conspiracy is that the DNC hack was actually an inside job. Some former intelligence officials lead by Bill Binney claim they looked at some data and found that the files were copied "locally" instead of across the Internet, and therefore, it was an insider who did it and not a remote hacker.I debunk the claim here, but the short explanation is: of course the files were copied "locally", the hacker was inside the network. In my long experience investigating hacker intrusions, and performing them myself, I know this is how it's normally done. I mention my own experience because I'm technical and know these things, in contrast with Bill Binney and those other intelligence officials who have no experience with such things. He sounds impressive that he's formerly of the NSA, but he was a mid-level manager in charge of budgets. Binney has never performed a data breach investigation, has never performed a pentest.There's other parts to the conspiracy. In the middle of all this, a DNC staffer was murdered on the street, possibley due to a mugging. Naturally this gets included as part of the conspiracy, this guy ("Seth Rich") must've been the "insider" in this attack, and mus]]> 2019-09-26T13:24:44+00:00 https://blog.erratasec.com/2019/09/crowdstrike-ukraine-explained.html www.secnews.physaphae.fr/article.php?IdArticle=1363510 False Data Breach,Hack,Guideline NotPetya None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC  Photo by BENCE BOROS on Unsplash The challenges of IoT security Welcome to the world of Internet of Things (IoT) and a glimpse into the future. The IoT is where the physical world merges with the digital world. Soon, we expect the world IoT population to outnumber the human population tenfold—perhaps as many as 80 billion connected devices by 2025. As you witness the accelerating global and economic growth of IoT you are probably wondering how you and your business will connect and take part in the multi-trillion dollar opportunities that will be created by it. It means different things to everyone—from a connected car to a smart lamppost, a wearable health monitor, or a robot on the assembly line of a factory floor. It might even be ‘connected dirt’—with swarms of small, solar-powered sensors on the fields of a farm. No matter which way you do it, there’s a daunting task ahead: the acceleration of IoT, combined with the diversity of these devices, their different capabilities, and the many places and ways they can be deployed—make security a unique challenge. What you need is a consistent way to establish and maintain security for all aspects of the IoT deployments you envision for the future of your business. This is within your reach, by adopting a holistic, multi-layered approach to protect your IoT ecosystem, your other valuable assets they connect to, as well as the physical world they reside in.   Solutions for your Internet of Things security needs Protect your IoT with a layered approach. Every IoT ecosystem has its own distinct security needs. Even for a single client, seemingly similar IoT deployments may have different underlying designs. For example, a factory built today may have a radically different design from the one built just a few years ago. This means a combination of different solutions may be needed to help provide  security for each of them. A thorough security assessment of IoT is a multi-layered process. Every layer needs care and attention. Some endpoint devices are complex, with multiple ways to access the internal functions of the device. Others are simple, years behind smart phones with regard to security. Do you know your devices’ security capabilities? Endpoints may connect with each other, to and through gateways, to other networks, on the Internet, and to the cloud. They may use connections that include wired, wireless, short-range, cellular, and satellite. What could potentially disrupt them from communicating? To make your IoT deployment successful, data from your devices must be acquired, transported, processed, and consumed. How are you providing for trust and appropriate access to your vital data and applications? Realize that some IoT ecosystems can vary wildly from a traditional IT environment. Industrial IoT deployments use operational technology which flips the script on the classic model for information security. Availability and integrity are the priority, while confidentiality isn’t typically a consideration. This requires specialized passive scanning tools to perform assessments. Slight disruption to manufacturing or utility processes turn into massive financial loss. An example of this is a factory that produces a pickup truck every minute—it cannot afford downtime. Life-sensitive devices will affect remediation and response plans. So for example, a connected healthcare device like an insulin pump—even if you think someone is accessing the data, you wouldn’t want to disable the device. What’s your formal plan for handling threats to your devices? Have you tested it ]]> 2019-09-26T13:00:00+00:00 https://feeds.feedblitz.com/~/607187270/0/alienvault-blogs~How-to-manage-Internet-of-Things-IoT-security-in www.secnews.physaphae.fr/article.php?IdArticle=1362991 False Hack None None The State of Security - Magazine Américain Read More ]]> 2019-09-26T03:00:27+00:00 https://www.tripwire.com/state-of-security/vert/join-tripwire-vert-sector-2019/ www.secnews.physaphae.fr/article.php?IdArticle=1362139 False Hack None None The Security Ledger - Blog Sécurité Read the whole entry...  _!fbztxtlnk!_ https://feeds.feedblitz.com/~/607155916/0/thesecurityledger -->» ]]> 2019-09-25T16:32:50+00:00 https://feeds.feedblitz.com/~/607155916/0/thesecurityledger~Episode-Have-We-missed-Electric-Grid-Cyber-Attacks-for-Years-Also-Breaking-Bad-Security-Habits/ www.secnews.physaphae.fr/article.php?IdArticle=1361125 False Hack LastPass None Hacking Articles - Blog de Raj Chandel Continue reading → ]]> 2019-09-24T17:05:25+00:00 https://www.hackingarticles.in/hack-the-box-challenge-baniston-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=1358804 True Hack None None CSO - CSO Daily Dashboard what you need to know about defending critical infrastructure . | Get the latest from CSO by signing up for our newsletters. ] Even so, CISA Director Christopher Krebs kicked off the summit by cautioning against the kind of fearful language and overwrought concerns currently surrounding the topic of election security. “We've got to be more straightforward, more measured, more reasonable in how we talk about things. Election security is a great example. Are there true, absolute, fundamental risks in the infrastructure? Yes, but we have to take the hysteria out of the conversation because ultimately what we do is we drive broader voter confidence down,” he said.]]> 2019-09-23T04:03:00+00:00 https://www.csoonline.com/article/3440457/cisa-s-krebs-seeks-more-measured-approach-to-election-security-heading-into-2020.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1355880 False Hack None None Security Affairs - Blog Secu 2019-09-21T14:09:15+00:00 https://securityaffairs.co/wordpress/91548/cyber-crime/talktalk-hacker-behind-etherdelta-hack.html www.secnews.physaphae.fr/article.php?IdArticle=1351875 False Hack None None Wired Threat Level - Security News 2019-09-21T12:00:00+00:00 https://www.wired.com/story/hackers-hit-click2gov-bill-paying-portals www.secnews.physaphae.fr/article.php?IdArticle=1351596 False Hack None None Hacking Articles - Blog de Raj Chandel Continue reading → ]]> 2019-09-20T15:17:31+00:00 https://www.hackingarticles.in/hack-the-box-luke-walkthrough/ www.secnews.physaphae.fr/article.php?IdArticle=1349502 False Hack None None Security Affairs - Blog Secu 2019-09-20T10:38:01+00:00 https://securityaffairs.co/wordpress/91516/hacking/celebrity-instagram-accounts-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=1348855 False Hack,Threat None None The State of Security - Magazine Américain Read More ]]> 2019-09-18T11:08:42+00:00 https://www.tripwire.com/state-of-security/security-data-protection/tflower-ransomware-targeting-businesses-via-exposed-rds/ www.secnews.physaphae.fr/article.php?IdArticle=1343143 False Ransomware,Hack,Threat None None Bleeping Computer - Magazine Américain 2019-09-17T13:18:17+00:00 https://www.bleepingcomputer.com/news/security/tflower-ransomware-the-latest-attack-targeting-businesses/ www.secnews.physaphae.fr/article.php?IdArticle=1340817 False Ransomware,Hack None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC These days it seems that every time you open your favorite news source there is another data breach related headline.  Victimized companies of all sizes, cities, counties, and even government agencies have all been the subject of the “headline of shame” over the past several months or years.  With all this publicity and the increasing awareness of the general public about how data breaches can impact their personal privacy and financial wellbeing, it is no surprise that there is a lot of interest in preventing hacking.  The trouble is that there is no way to prevent others from attempting to hack into any target they chose.  Since there is a practically limitless number of targets to choose from, the attacker need only be lucky or skilled enough to succeed once. In addition, the risk of successful prosecution of perpetrators remains low.  However, while you can’t prevent hacking, you can help to  reduce your attack surface to make your organization less likely to be the subject of attacks.     At this point, lets differentiate between opportunistic attacks and targeted attacks.  Opportunistic attacks are largely automated, low-complexity exploits against known vulnerable conditions and configurations.  Ever wonder why a small business with a small geographic footprint and almost no online presence gets compromised?  Chances are good they just had the right combination of issues that an automated attack bot was looking to exploit.  These kinds of events can potentially end a small to medium business as a going concern while costing the attacker practically nothing.  Targeted attacks are a different story all together.  These attacks are generally low, slow and persistent; targeting your organizations technical footprint as well as your employees, partners and supply chain.  While targeted attacks may utilize  some of the same exploitable conditions that opportunistic attacks use, they tend to be less automated in nature so as to avoid possible detection for as long as possible.  In addition, they may involve a more frequent use of previously unknown exploit vectors (“zero day’s”) to reach their goals or abuse trusted connections with third parties to gain access to your organization.  Ultimately it doesn’t matter which of these kinds of attacks results in a breach event, but it is important to think of both when aligning your people, processes and technology for maximum effect to mitigate that risk.  There have been many articles written regarding best practices for minimizing the risk of a cyber-security incident.  Rather than recount a list of commonly cited controls, I would like to approach the topic from a slightly different perspective and focus on the top six technical controls that I feel are likely to help  mitigate the most risk, provided that all the “table stakes” items are in place (i.e. you have a firewall, etc.). Patch and Update Constantly:  Ultimately the most hacker-resistant environment is the one that is best administered.  Organizations are short cutting system and network administration activities through budget / staff reductions and lack of training.  This practice often forces prioritization and choice about what tasks get done sooner, later or at all.  Over time this creates a large, persistent baseline of low to medium risk issues in the environment that can contribute to a wildfire event under the right conditions.  Lack]]> 2019-09-16T13:00:00+00:00 https://feeds.feedblitz.com/~/606835110/0/alienvault-blogs~Hacker-prevention-tips-to-reduce-your-attack-surface www.secnews.physaphae.fr/article.php?IdArticle=1336807 False Data Breach,Malware,Hack None None Bleeping Computer - Magazine Américain 2019-09-13T20:16:20+00:00 https://www.bleepingcomputer.com/news/security/north-korean-hackers-behind-wannacry-and-sony-hack-sanctioned-by-usa/ www.secnews.physaphae.fr/article.php?IdArticle=1326796 False Hack Wannacry None TrendLabs Security - Editeur Antivirus We're always eager for new research and learning opportunities, but this time, serendipitously, the opportunity found us. At the closing party of the Hack In The Box Amsterdam conference - where we presented our industrial radio research and ran a CTS contest - we were given LED wristbands to wear. They're flashing wristbands meant to enhance the experience of an event, party, or show. At the beginning, we were not interested in the security impact; we just wanted to learn. Later on, however, we discovered that the RF link was used to transport an industrial protocol: DMX512 (Digital MultipleX 512), the same protocol used to pilot large light exhibitions. ]]> 2019-09-13T12:02:18+00:00 http://feeds.trendmicro.com/~r/Anti-MalwareBlog/~3/MzmWyorokxA/ www.secnews.physaphae.fr/article.php?IdArticle=1325700 False Hack None 3.0000000000000000 AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC 2019 Bitcoin Conference in San Francisco, CA. With the various discussions on Bitcoin, Cryptocurrency, and with the chance to hang out with my favorite Crypto personalities, it was easy to lose myself in all the festivities. While taking a break, I found a seat and decided to charge my iPhone.  The station by where I was seated was a wooden cube with two standard wall sockets and two USB ports. Other users took the wall sockets, but I knew that I could charge my phone via USB. But before I did, I remembered on the trip up to San Francisco, one of my travel companions who was with a startup known as CoinCards passed out what they called a "USB data blocker” usb adaptor." So, what is a USB data blocker?     Chargers for modern cellphones, in my case an iPhone Lightning Charger, serve dual purposes. 1. The charge your phone and 2. They allow for the transfer of data. Why is this important to understand? So, take the charging cube from the conference. Consider that a hacker placed the cube with a device, say a Raspberry Pi and the USB ports that were visible from the outside where the USB ports for the PI or USB hub connected to the Pi. Once my phone was plugged in, it could potentially expose me to whatever malware was on the Raspberry Pi. A USB data blocker  stops the data flow aspect of the charging cable and allows only the charging element. Cybersecurity is no longer a corporate issue; we have all become our own cybersecurity firm and responsible for protecting our data. Anti-virus and firewalls can only protect us so much; we have to do our due diligence when it comes to our safety online. Consider the computer housed behind a firewall. There can be some expectation of safety inside of the firewall, especially one that is monitored and updated. But that firewall will not make a difference if someone brings in an infected USB device and then plugs that device into one of the company's computers. I know this from experience. A client was confident that their firewall would protect them from cyber threats to the point where they refused to purchase anti-virus for their computers. One day, an employee brought in a USB flash drive that they had used at home and plugged it into their work computer. Turns out a file on their home computer was infected with malware and they brought it into the office. It put data on the server so that others could access it and the malware was able to spread, including to the server. But how does this fit into our discussion on USB data blockers?  If you take the phone aspect out of it, smart devices are computers. Smart devices access the internet, upload, and download and generally utilize USB to charge or sync data. While iPhones are less likely to be the victim of malware than Android or Windows phones. We would be foolish to assume that a potential hacker could not use the lightning charger to send malicious software to the iPhone. Apple has recently offered a bounty to anyone who can hack the iPhone OS; which means this topic has made the rounds at Apple as well. Cyber awareness, training, and education are more critical now than ever. We can no longer assume because we have a particular type of device that we are automatically safe from harm. Safe is not the world we live in anymore.  ]]> 2019-09-11T13:00:00+00:00 https://feeds.feedblitz.com/~/606676308/0/alienvault-blogs~Practicing-safe-charging www.secnews.physaphae.fr/article.php?IdArticle=1319607 False Malware,Hack None None ZD Net - Magazine Info 2019-09-10T08:54:03+00:00 https://www.zdnet.com/article/student-pleads-guilty-to-irs-hack-attempt-for-trump-tax-returns/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1317219 False Hack None None CSO - CSO Daily Dashboard 2019-09-10T05:53:00+00:00 https://www.csoonline.com/article/3437777/how-a-small-business-should-respond-to-a-hack.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1317534 False Hack,Threat None None BBC - BBC News - Technology 2019-09-09T23:09:04+00:00 https://www.bbc.co.uk/news/technology-49606027 www.secnews.physaphae.fr/article.php?IdArticle=1316519 False Hack None None SecurityWeek - Security News 2019-09-09T13:29:02+00:00 https://www.securityweek.com/man-pleads-guilty-trying-access-trumps-tax-returns www.secnews.physaphae.fr/article.php?IdArticle=1315611 False Hack,Guideline None None Tech Worm - Desc 2019-09-09T11:18:05+00:00 https://www.techworm.net/2019/09/apple-google-ios-security-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=1315133 False Hack,Threat None None Security Affairs - Blog Secu 2019-09-07T21:52:04+00:00 https://securityaffairs.co/wordpress/90931/hacking/apple-criticized-google-iphone-report.html www.secnews.physaphae.fr/article.php?IdArticle=1312628 False Hack,Threat,Guideline None None SecurityWeek - Security News research report suggesting iPhones may have been targeted by a long-running hacking operation, calling it inaccurate and misleading. ]]> 2019-09-07T17:02:04+00:00 https://www.securityweek.com/apple-security-report-iphone-hack-created-false-impression www.secnews.physaphae.fr/article.php?IdArticle=1312432 False Hack,Guideline None None Security Affairs - Blog Secu 2019-09-05T09:59:03+00:00 https://securityaffairs.co/wordpress/90838/hacking/twitter-temporarily-tweet-via-sms.html www.secnews.physaphae.fr/article.php?IdArticle=1307200 False Hack None None SecurityWeek - Security News 2019-09-05T07:24:01+00:00 https://www.securityweek.com/twitter-temporarily-disables-tweeting-sms-after-ceo-hack www.secnews.physaphae.fr/article.php?IdArticle=1307003 False Hack None None SecurityWeek - Security News embarrassing compromise when attackers took control of his account on the platform by hijacking his phone number. ]]> 2019-09-04T12:36:04+00:00 https://www.securityweek.com/twitter-ceo-hack-highlights-dangers-sim-swap-fraud www.secnews.physaphae.fr/article.php?IdArticle=1306813 False Hack None None Security Affairs - Blog Secu 2019-09-04T09:14:01+00:00 https://securityaffairs.co/wordpress/90801/hacking/zyxel-products-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=1304748 False Hack None None Security Affairs - Blog Secu 2019-09-03T21:42:02+00:00 https://securityaffairs.co/wordpress/90758/hacking/usbanywhere-supermicro-bmc-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=1303969 False Hack,Vulnerability None None InformationSecurityBuzzNews - Site de News Securite Jack Dorsey Twitter Hack – How Can SIM Swap Be Stopped?]]> 2019-09-03T13:04:03+00:00 https://www.informationsecuritybuzz.com/expert-comments/jack-dorsey-twitter-hack-how-can-sim-swap-be-stopped/ www.secnews.physaphae.fr/article.php?IdArticle=1303251 False Hack None None Tech Worm - Desc 2019-09-03T04:38:01+00:00 https://www.techworm.net/2019/09/websites-hacking-iphones-google.html www.secnews.physaphae.fr/article.php?IdArticle=1302088 False Malware,Hack None None Security Affairs - Blog Secu 2019-08-31T14:48:03+00:00 https://securityaffairs.co/wordpress/90616/cyber-crime/fin6-target-ecommerce-sites.html www.secnews.physaphae.fr/article.php?IdArticle=1297547 False Hack None None Security Affairs - Blog Secu 2019-08-31T08:43:00+00:00 https://securityaffairs.co/wordpress/90598/hacking/jack-dorsey-account-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=1297081 True Hack,Tool None None InformationSecurityBuzzNews - Site de News Securite Google Finds ‘Indiscriminate iPhone Attack Lasting Years’]]> 2019-08-30T16:41:00+00:00 https://www.informationsecuritybuzz.com/expert-comments/google-finds-indiscriminate-iphone-attack-lasting-years/ www.secnews.physaphae.fr/article.php?IdArticle=1295836 False Hack None None SecurityWeek - Security News 2019-08-30T14:56:00+00:00 https://www.securityweek.com/ios-vulnerabilities-allowed-attackers-remotely-hack-iphones-years www.secnews.physaphae.fr/article.php?IdArticle=1297513 False Hack None None Security Affairs - Blog Secu 2019-08-30T11:59:02+00:00 https://securityaffairs.co/wordpress/90560/hacking/iphone-hacking-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=1295271 False Hack,Threat None None Security Affairs - Blog Secu 2019-08-29T21:09:05+00:00 https://securityaffairs.co/wordpress/90540/cyber-crime/capital-one-hacker-indictment.html www.secnews.physaphae.fr/article.php?IdArticle=1294212 False Hack None None SecurityWeek - Security News 2019-08-29T07:11:05+00:00 https://www.securityweek.com/bug-hunters-invited-hack-facebook-devices-pwn2own-tokyo-2019 www.secnews.physaphae.fr/article.php?IdArticle=1297519 False Hack None None BBC - BBC News - Technology 2019-08-27T16:27:03+00:00 https://www.bbc.co.uk/news/technology-49488614 www.secnews.physaphae.fr/article.php?IdArticle=1288607 False Hack None None Security Affairs - Blog Secu 2019-08-27T06:17:01+00:00 https://securityaffairs.co/wordpress/90413/hacking/instagram-account-takeover-issue.html www.secnews.physaphae.fr/article.php?IdArticle=1287609 False Hack,Vulnerability None None Security Affairs - Blog Secu 2019-08-26T16:49:05+00:00 https://securityaffairs.co/wordpress/90391/cyber-crime/binance-leaked-kyc-data.html www.secnews.physaphae.fr/article.php?IdArticle=1286671 True Hack None None SecurityWeek - Security News 2019-08-26T15:22:04+00:00 https://www.securityweek.com/hacker-finds-instagram-account-takeover-flaw-worth-10000 www.secnews.physaphae.fr/article.php?IdArticle=1287227 False Hack,Vulnerability None None CSO - CSO Daily Dashboard 2019-08-26T10:38:00+00:00 https://www.csoonline.com/article/3433244/capital-one-hack-shows-difficulty-of-defending-against-irrational-cybercriminals.html#tk.rss_all www.secnews.physaphae.fr/article.php?IdArticle=1286745 False Hack,Vulnerability,Guideline None None Tech Worm - Desc 2019-08-24T05:07:04+00:00 https://www.techworm.net/2019/08/microsoft-is-offering-up-to-30000-to-hack-chromium-based-edge-browser.html www.secnews.physaphae.fr/article.php?IdArticle=1282504 False Hack None None SecurityWeek - Security News hacking Capital One and at least 30 other organizations is a flight risk, a threat and should be kept locked up until her trial, U.S. prosecutors said in court documents filed ahead of a Friday detention hearing in Seattle. ]]> 2019-08-23T17:36:00+00:00 https://www.securityweek.com/us-wants-woman-accused-capital-one-hack-stay-locked www.secnews.physaphae.fr/article.php?IdArticle=1282001 False Hack,Threat None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Image Source: Pixabay Cyberbullying and cybersecurity incidents and breaches are two common problems in the modern, internet-driven world. The fact that they are both related to the internet is not the only connection they have, however. The two are actually intimately connected issues on multiple levels. It may seem like an odd notion. After all, cyberbullying typically involves using technology to harass a person (often overtly), while cybersecurity involves preventing hackers and identity thieves from accessing information and then simply getting away without being caught. While the two have similarities in that they both involve malicious actors online, the motives are quite different. However, the points of connection between these two topics are worth exploring. Defining cyberbullying and cybersecurity When comparing terms like these, it can be helpful to lay out a definition for each in order to make sure everyone is on the same page. Cyberbullying is, simply put, bullying a person through technological outlets, such as social media or texting. Cybersecurity is the protection of sensitive data (and therefore people) using specific measures. Cyberbullying The modern world now knows that bullying can go beyond simple physical abuse; it can take place digitally as well. Cyberbullying can involve intimidating, deceiving, harassing, humiliating, and even directly impersonating a person. Since it takes place online, it also isn’t restricted to places like school or social gatherings. Due to the ubiquitous nature of the internet, cyberbullying can follow victims throughout every aspect of their lives. It also typically involves the common issue of cyberstalking. While it may be cute or entertaining to learn about a new friend or potential partner by following their goings-ons on Facebook, the issue of cyberstalking in a cyberbullying context is serious and is one of the key things that connect it to cybersecurity. From various levels of emotional abuse to stalking and even physical violence in extreme cases — such as that of Shana Grice in 2016, cyberbullying has a well-documented track record as a malicious and dangerous practice. Cybersecurity While cybersecurity is a broad topic, it’s worth taking the time to highlight some of the more specific areas of the practice that directly relate to the issue of cyberbullying. Identity theft is the poster child of cybercrime, and it’s a threat that’s used in cyberbullying often. In addition to defrauding an individual by accessing or opening new lines of credit in their name, cybercriminals may impersonate an individual for other motives. For instance, if a cyberbully is stalking someone else, they may hack into their user account on a game, an email address, or social media account in order to impersonate them. This allows them to get information from their victim’s friends and family or harass them. Another way a cyberbully can be a cybersecurity threat is by using malware to hack ]]> 2019-08-21T13:00:00+00:00 https://feeds.feedblitz.com/~/605873952/0/alienvault-blogs~Cyberbullying-and-cybersecurity-how-are-they-connected www.secnews.physaphae.fr/article.php?IdArticle=1276265 False Data Breach,Malware,Hack,Threat None None Wired Threat Level - Security News 2019-08-20T16:00:00+00:00 https://www.wired.com/story/ransomware-strike-local-texas-government-agencies www.secnews.physaphae.fr/article.php?IdArticle=1274129 False Ransomware,Hack None None InformationSecurityBuzzNews - Site de News Securite The Most Common Hack Is Also The Most Successful. Here’s How To Fight It.]]> 2019-08-19T15:30:03+00:00 https://www.informationsecuritybuzz.com/articles/the-most-common-hack-is-also-the-most-successful-heres-how-to-fight-it/ www.secnews.physaphae.fr/article.php?IdArticle=1271688 True Data Breach,Hack None None AlienVault Blog - AlienVault est un acteur de defense majeur dans les IOC Diana Initiative.) First some cute kid pics! R00tz started back in 2011; originally called Defcon Kids.  It is an event designed specifically for kids to introduce them to “White Hat” security.  It includes hands on events, talks, and contests that are specifically geared for a younger crowd, including lock picking, soldering stations, capture the flag contests, technical talks and more.  One of the keys to the success of the event is that all these activities are specifically designed for and targeted for a young audience and include an Honor Code.  Some of the key aspects of the Honor Code include the following values: Only do good Always do your best Constantly improve Innovate Think long-term Be positive Visualize it Inspire others Go big & have fun! In general, the kids are encouraged to explore, to innovate and to learn.  The “rules” that govern R00TZ participation include: Only hack things you own Don’t hack anything you rely on Respect the rights of others Know the law, the possible risk, and the consequences for breaking it Find a safe playground AT&T participation: past and present AT&T has participated in the r00tz event for the last few years.  We’ve grown from being only a financial sponsor into actively participating. Patrick McCanna & Marc Kolaks were the key individuals to get ATT involved.  Patrick provided the contacts, and Marc arranged for the sponsorship. They saw a fantastic opportunity for AT&T to make a positive impact in the otherwise nefarious realm of hacking. One of the major contributions that AT&T provides to the r00tz event is the “Junk Yard”  This event provides piles of old electronic equipment ranging from cell phones to routers to typewriters. The kids are provided with hand tools, and eye protection (this year some AT&T Cybersecurity sunglasses were provided), and are allowed / encouraged to dis-assemble all this equipment simply to “see what’s inside”. In addition to the Junk Yard we’ve created various hands on activities ranging from penetration testing demonstrations to a customized version of the Hacker Games and Link buster in order to teach security “best practices” in a fun environment. Along with the “games” we also hosted MIT’s SCRATCH programming environment to allow the kids to experience computer programming on a fun an easy to understand platform. Another addition to this year’s event included providing information to parents on AT&T’s ASPIRE program and information on STEM (Science, Technology, Engineering & Math) opportunities for th]]> 2019-08-19T13:00:00+00:00 https://feeds.feedblitz.com/~/605787800/0/alienvault-blogs~What-is-rtz-Asylum www.secnews.physaphae.fr/article.php?IdArticle=1271289 False Hack None None Tech Worm - Desc 2019-08-18T20:51:03+00:00 https://www.techworm.net/2019/08/kaspersky-antivirus-unique-id-tracking.html www.secnews.physaphae.fr/article.php?IdArticle=1270155 False Hack None None SecurityWeek - Security News 2019-08-16T19:12:01+00:00 https://www.securityweek.com/iowa-grocery-chain-investigating-possible-hack-payment-processing-systems www.secnews.physaphae.fr/article.php?IdArticle=1268853 False Hack None None Graham Cluley - Blog Security 2019-08-16T09:48:05+00:00 https://www.grahamcluley.com/european-central-bank-confirms-website-hack-and-data-breach/ www.secnews.physaphae.fr/article.php?IdArticle=1265996 False Data Breach,Malware,Hack None None Graham Cluley - Blog Security 2019-08-15T15:07:03+00:00 https://www.grahamcluley.com/null-vanity-plate-hack-to-dodge-parking-tickets-backfires-to-the-tune-of-12000/ www.secnews.physaphae.fr/article.php?IdArticle=1264598 False Hack None None Security Affairs - Blog Secu 2019-08-12T14:24:00+00:00 https://securityaffairs.co/wordpress/89779/data-breach/stockx-archive-sale.html www.secnews.physaphae.fr/article.php?IdArticle=1258539 False Hack,Threat None None SecurityWeek - Security News Researchers at cybersecurity firm Check Point have demonstrated that malicious actors could hack a DSLR camera and infect it with a piece of ransomware. ]]> 2019-08-12T13:21:00+00:00 https://www.securityweek.com/researchers-demonstrate-ransomware-attack-dslr-camera www.secnews.physaphae.fr/article.php?IdArticle=1258603 False Ransomware,Hack None None Bleeping Computer - Magazine Américain 2019-08-11T21:37:05+00:00 https://www.bleepingcomputer.com/news/security/database-from-stockx-hack-sold-online-check-if-youre-included/ www.secnews.physaphae.fr/article.php?IdArticle=1257526 False Data Breach,Hack None None ZD Net - Magazine Info 2019-08-10T21:27:00+00:00 https://www.zdnet.com/article/clever-attack-uses-sqlite-databases-to-hack-other-apps-malware-servers/#ftag=RSSbaffb68 www.secnews.physaphae.fr/article.php?IdArticle=1255736 False Malware,Hack None None Wired Threat Level - Security News 2019-08-09T12:00:00+00:00 https://www.wired.com/story/ipcc-report-carbon-capture www.secnews.physaphae.fr/article.php?IdArticle=1252534 False Hack None None Tech Worm - Desc 2019-08-08T17:26:00+00:00 https://www.techworm.net/2019/08/kde-linux-desktop-vulnerable.html www.secnews.physaphae.fr/article.php?IdArticle=1251154 False Hack,Vulnerability None None TechRepublic - Security News US 2019-08-07T14:14:03+00:00 https://www.techrepublic.com/article/how-the-air-force-used-a-bug-bounty-program-to-hack-its-own-cloud-server/#ftag=RSS56d97e7 www.secnews.physaphae.fr/article.php?IdArticle=1248584 False Hack None None Security Intelligence - Site de news Américain Reading Time: 6 minutes IBM X-Force Red investigated how cybercriminals might seek to exploit package deliveries to hack into corporate or personal home networks right from the office mailroom or from someone's front door. ]]> 2019-08-07T04:05:02+00:00 https://securityintelligence.com/posts/package-delivery-cybercriminals-at-your-doorstep/ www.secnews.physaphae.fr/article.php?IdArticle=1247645 False Hack None None Security Affairs - Blog Secu 2019-08-06T08:11:02+00:00 https://securityaffairs.co/wordpress/89484/hacking/android-qualpwn-bugs.html www.secnews.physaphae.fr/article.php?IdArticle=1245880 False Hack None None