www.secnews.physaphae.fr

www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-13T00:35:06+00:00 www.secnews.physaphae.fr Wired Threat Level - Security News À quoi s'attendre à Google I / O 2024, et comment le regarder What to Expect at Google I/O 2024, and How to Watch It The annual developer conference kicks off with a keynote address on Tuesday. Look out for updates on Android, Search, and Assistant, plus a whole lot of AI news.]]> 2024-05-10T21:53:16+00:00 https://www.wired.com/story/google-io-2024-how-to-watch-what-to-expect/ www.secnews.physaphae.fr/article.php?IdArticle=8497452 False Mobile,Conference None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les applications Android malveillantes posent comme Google, Instagram, WhatsApp, réparties via Shumshing Malicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via Smishing Malicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users\' credentials from compromised devices. "This malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices," the SonicWall Capture Labs threat research team said in a recent report. The]]> 2024-05-10T15:51:00+00:00 https://thehackernews.com/2024/05/malicious-android-apps-pose-as-google.html www.secnews.physaphae.fr/article.php?IdArticle=8497141 False Malware,Threat,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Les logiciels malveillants de la banque mobile augmentent 32% Mobile Banking Malware Surges 32% Afghanistan, Turkmenistan and Tajikistan victims experienced the highest share of banking Trojans]]> 2024-05-09T15:00:00+00:00 https://www.infosecurity-magazine.com/news/mobile-banking-malware-surges-32/ www.secnews.physaphae.fr/article.php?IdArticle=8496614 False Malware,Mobile None 3.0000000000000000 SecurityWeek - Security News Android Mise à jour des correctifs de vulnérabilité critique Android Update Patches Critical Vulnerability Android \'s May 2024 Security Update Patches 38 Vulnérabilités, y compris un bogue critique dans le composant système.

>Android\'s May 2024 security update patches 38 vulnerabilities, including a critical bug in the System component. ]]> 2024-05-08T11:26:15+00:00 https://www.securityweek.com/android-update-patches-critical-vulnerability/ www.secnews.physaphae.fr/article.php?IdArticle=8495906 False Vulnerability,Mobile None 2.0000000000000000 Wired Threat Level - Security News Google Pixel 8a: nouvelles, spécifications, fonctionnalités, prix, date de sortie Google Pixel 8A: News, Specs, Features, Price, Release Date The company\'s refined midrange Android phone packs its flagship Tensor G3 chipset. The handset was announced ahead of next week\'s Google I/O conference.]]> 2024-05-07T16:00:00+00:00 https://www.wired.com/story/google-pixel-8a/ www.secnews.physaphae.fr/article.php?IdArticle=8495307 False Mobile,Conference None 3.0000000000000000 Schneier on Security - Chercheur Cryptologue Américain Nouvelle attaque contre les VPN New Attack on VPNs attaque est faisable depuis plus de deux décennies: Les chercheurs ont conçu une attaque contre presque toutes les applications de réseaux privés virtuels qui les obligent à envoyer et à recevoir un peu ou un trafic à l'extérieur du tunnel crypté conçu pour le protéger de l'espionnage ou de la falsification. TunnelLion, comme les chercheurs ont nommé leur attaque, annule en grande partie le but et le point de vente des VPN, qui est de résumer le trafic Internet entrant et sortant dans un tunnel crypté et de masquer l'adresse IP de l'utilisateur.Les chercheurs pensent que cela affecte toutes les applications VPN lorsqu'elles sont connectées à un réseau hostile et qu'il n'y a aucun moyen d'empêcher de telles attaques, sauf lorsque le VPN de l'utilisateur s'exécute sur Linux ou Android.Ils ont également déclaré que leur technique d'attaque était peut-être possible depuis 2002 et peut-être déjà découverte et utilisée dans la nature depuis ...

This attack has been feasible for over two decades: Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloak the user’s IP address. The researchers believe it affects all VPN applications when they’re connected to a hostile network and that there are no ways to prevent such attacks except when the user’s VPN runs on Linux or Android. They also said their attack technique may have been possible since 2002 and may already have been discovered and used in the wild since then...]]> 2024-05-07T15:32:13+00:00 https://www.schneier.com/blog/archives/2024/05/new-attack-on-vpns.html www.secnews.physaphae.fr/article.php?IdArticle=8495324 False Mobile None 4.0000000000000000 IT Security Guru - Blog Sécurité Cybearon annonce la disponibilité de la défense des menaces mobiles de la cyberréasie en réponse à une augmentation des attaques sophistiquées d'appareils mobiles Cybereason Announces the Availability of Cybereason Mobile Threat Defence in Response to Increases in Sophisticated Mobile Device Attacks Cyberison annonce la disponibilité de la défense de la menace mobile cyberéaison en réponse à l'augmentation des attaques sophistiquées d'appareils mobiles est apparu pour la première fois sur gourou de la sécurité informatique .

Cybereason has announced the availability of Cybereason Mobile Threat Defence, Powered by Zimperium. With the explosive growth in mobile devices and apps comes an ever-evolving attack surface. Research shows that 60% of endpoints accessing enterprise assets are through mobile devices, so threats to the attack surface aren’t slowing down. As we see continued growth toward […] The post Cybereason Announces the Availability of Cybereason Mobile Threat Defence in Response to Increases in Sophisticated Mobile Device Attacks first appeared on IT Security Guru. ]]> 2024-05-07T15:27:13+00:00 https://www.itsecurityguru.org/2024/05/07/cybereason-announces-the-availability-of-cybereason-mobile-threat-defence-in-response-to-increases-in-sophisticated-mobile-device-attacks/?utm_source=rss&utm_medium=rss&utm_campaign=cybereason-announces-the-availability-of-cybereason-mobile-threat-defence-in-response-to-increases-in-sophisticated-mobile-device-attacks www.secnews.physaphae.fr/article.php?IdArticle=8495311 False Threat,Mobile None 4.0000000000000000 Techworm - News Utilisateurs d'Intel et ARM Mac: Coucoo Spyware peut nuire à votre PC Intel and ARM Mac Users: Cuckoo Spyware Can Harm Your PC identifié un nouveau spyware-cum-infostealer qui cible les macs Intel et ARM. Ils ont nommé les logiciels espions & # 8220; coucou & # 8221;Parce qu'il infecte le système hôte et vole ses ressources, un peu comme l'oiseau. Qu'est-ce que le déguisement des logiciels espions de Cuckoo s? Coucou se déguise en binaire mach-o, un format exécutable conçu pour les systèmes Apple. Les chercheurs de Kandji ont commencé par un fichier nommé dumpmediaspotifymusicconverter , également appelé & # 8220; upd & # 8221;téléchargé sur virus total. Il suit et enregistre les données de iCloud Keychain, Apple Notes, Browsers Web et Crypto Wallet. Même des applications comme Discord, Filezilla, Steam et Telegram sont sa cible.Les chercheurs de Kandji notent que le logiciel espion mue le son du système pour capturer des captures d'écran. Il lance également l'application pour couvrir ses pistes et agir comme si rien ne s'était passé. En recherchant le Web, ils ont constaté qu'il était hébergé sur un site Web qui offrait des applications à convertir la musique des services de streaming à mp3. Les sites Web suspects proposent des versions gratuites et payantes d'applications pour déchirer la musique des services de streaming et pour iOS et Android Recovery.Voici quelques-uns d'entre eux: Dumpmedia [.] com TUNESOLO [.] com Fonedog [.] com TUNESFUN [.] com Tunefab [.] com Tous les groupes d'applications sur ces sites ont un ID de développeur de la technologie Yian Shenzhen Co., Ltd (VRBJ4VRP).Applications d'applications sur FonEdog ont une identification différente: Fonedog Technology Limited (Cuau2GTG98). Après avoir téléchargé une application Spotify vers MP3, ils ont ouvert le fichier image de disque et ont été surpris de trouver la même & # 8220; UPD & # 8221;fichier avec l'application réelle. Le binaire malveillant n'a pas fonctionné parce que Gatekeeper l'a bloqué.Après avoir accordé une autorisation manuelle, l'application a vérifié le lieu pour déterminer le pays de l'utilisateur. . Étonnamment, CUCUS WA LE REAGNER SI LE SYSTÈME appartient à l'un des pays suivants: Arménie Bélarus Kazakhstan Russie Ukraine CUCUS veut tout savoir this Spyware est conçu pour capturer autant d'informations que possible et l'envoyer au serveur de commande et de contrôle. CUCUS peut déterminer vos informations matérielles exactes, obtenir la liste des applications installées et capturer les processus en cours d'exécution. La recherche d'outils pour extraire l'audio ou la vidéo d'un service de streaming au MP3 ou à tout autre format souhaité est courant, et les attaquants voulaient capitaliser sur cet intérêt. Évitez de télécharger des applications à partir de sites indignes de confiance vers ]]> 2024-05-07T12:53:29+00:00 https://www.techworm.net/2024/05/intel-arm-mac-users-cuckoo-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8495088 False Tool,Mobile None 3.0000000000000000 Techworm - News Téléphones Xiaomi affectés par plus de 20 vulnérabilités de sécurité Xiaomi Phones Affected By 20+ Security Vulnerabilities 2024-05-06T22:38:28+00:00 https://www.techworm.net/2024/05/xiaomi-phones-security-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8494749 False Vulnerability,Mobile,Cloud None 3.0000000000000000 Korben - Bloger francais Test de l\'Anbernic RG353M – Votre compagnon rétro-gaming de poche ! 2024-05-06T16:48:22+00:00 https://korben.info/test-de-lanbernic-rg353m-votre-compagnon-retro-gaming-de-poche.html www.secnews.physaphae.fr/article.php?IdArticle=8494732 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Appareils Android Xiaomi frappés par plusieurs défauts sur les applications et les composants système Xiaomi Android Devices Hit by Multiple Flaws Across Apps and System Components Multiple security vulnerabilities have been disclosed in various applications and system components within Xiaomi devices running Android. "The vulnerabilities in Xiaomi led to access to arbitrary activities, receivers and services with system privileges, theft of arbitrary files with system privileges, [and] disclosure of phone, settings and Xiaomi account data," mobile security firm]]> 2024-05-06T15:33:00+00:00 https://thehackernews.com/2024/05/xiaomi-android-devices-hit-by-multiple.html www.secnews.physaphae.fr/article.php?IdArticle=8494546 False Vulnerability,Mobile None 3.0000000000000000 Wired Threat Level - Security News Le problème spyware de l'iPhone d'Apple \\ s'aggrave.Ici \\ est ce que vous devez savoir Apple\\'s iPhone Spyware Problem Is Getting Worse. Here\\'s What You Should Know The iPhone maker has detected spyware attacks against people in more than 150 countries. Knowing if your device is infected can be tricky-but there are a few steps you can take to protect yourself.]]> 2024-05-06T11:30:00+00:00 https://www.wired.com/story/apple-iphone-spyware-101/ www.secnews.physaphae.fr/article.php?IdArticle=8494571 False Mobile None 4.0000000000000000 Kaspersky - Kaspersky Research blog Cyberstériques financières en 2023 Financial cyberthreats in 2023 In this report, we share our insights into the 2023 trends and statistics on financial threats, such as phishing, PC and mobile banking malware.]]> 2024-05-06T10:00:31+00:00 https://securelist.com/financial-threat-report-2023/112526/ www.secnews.physaphae.fr/article.php?IdArticle=8494518 False Malware,Mobile None 3.0000000000000000 Global Security Mag - Site de news francais ESET étend sa gamme de services managés MDR aux PME et aux Grandes Entreprises Produits]]> 2024-05-06T09:20:57+00:00 https://www.globalsecuritymag.fr/eset-etend-sa-gamme-de-services-manages-mdr-aux-pme-et-aux-grandes-entreprises.html www.secnews.physaphae.fr/article.php?IdArticle=8494523 False Threat,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais Cybereason annonce la disponibilité de Cybereason Mobile Threat Defense Produits]]> 2024-05-06T08:49:27+00:00 https://www.globalsecuritymag.fr/cybereason-annonce-la-disponibilite-de-cybereason-mobile-threat-defense.html www.secnews.physaphae.fr/article.php?IdArticle=8494497 False Threat,Mobile None 2.0000000000000000 Korben - Bloger francais Authenticator Pro – Le 2FA libre sous Android 2024-05-06T07:00:00+00:00 https://korben.info/authenticator-pro-app-open-source-securiser-comptes.html www.secnews.physaphae.fr/article.php?IdArticle=8494464 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain La Finlande met en garde contre les attaques de logiciels malveillants Android vioder les comptes bancaires Finland warns of Android malware attacks breaching bank accounts Finland\'s Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts. [...]]]> 2024-05-05T10:19:38+00:00 https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/ www.secnews.physaphae.fr/article.php?IdArticle=8494115 False Malware,Mobile None 3.0000000000000000 Techworm - News Plus d'un milliard d'appareils Android ont installé ces applications vulnérables Over A Billion Android Devices Have These Vulnerable Apps Installed a dit , & # 8220; Les implications de ce modèle de vulnérabilité incluent l'exécution de code arbitraire et le vol de jeton, selon une implémentation d'application. & # 8221; Il a ajouté: «L'exécution de code arbitraire peut fournir à un acteur de menace un contrôle total sur le comportement d'une application.Pendant ce temps, le vol de jeton peut fournir à un acteur de menace un accès aux comptes et aux données sensibles de l'utilisateur. » La découverte a affecté plusieurs applications vulnérables dans le Google Play Store, représentant plus de quatre milliards d'installations. Deux des applications trouvées vulnérables au problème comprenaient le gestionnaire de fichiers Xiaomi Inc. (com.mi. Android.globalFileExplorer), qui compte plus de 1 milliard d'installations, et WPS Office (CN.WPS.MOFFICE_ENG), qui a plus que500 millions de téléchargements. Le système d'exploitation Android applique l'isolement en attribuant à chaque application ses propres données et espace mémoire dédiées, en particulier le composant du fournisseur de contenu et sa classe \\ 'fileprovider \', qui facilite les données sécurisées et le partage de fichiers avec d'autres applications installées. Lorsqu'il est implémenté de manière incorrecte, il pourrait introduire des vulnérabilités qui pourraient permettre de contourner les restrictions de lecture / écriture dans le répertoire personnel d'une application. & # 8220; Ce modèle basé sur les fournisseurs de contenu fournit un mécanisme de partage de fichiers bien défini, permettant à une application de service de partager ses fichiers avec d'autres applications de manière sécurisée avec un contrôle à grain fin, & # 8221;Valsamaras noté. & # 8220; Cependant, nous avons fréquemment rencontré des cas où l'application consommatrice ne valide pas le contenu du fichier qu'il reçoit et, le plus préoccupant, il utilise le nom de fichier fourni par la demande de service pour mettre en cache le reçueFichier dans le répertoire de données interne de l'application consommatrice. & # 8221; L'exécution du code malveillant peut être obtenue en permettant à un acteur de menace d'avoir le contrôle total sur le comportement d'une application et de la faire communiquer avec un serveur sous leur contrôle pour accéder aux données sensibles. Dans le cadre de la politique de divulgation responsable de Microsoft \\, la société a partagé ses conclusions avec les développeurs d'applications Android qui ont été affectées par Dirty Stream.Par exemple, les équipes de sécurité de Xiaomi, Inc. et WPS ont déjà enquêté et résolu le problème. Cependant, la société estime que davantage de demandes pourraient être affectées et probablement compromises en raison de la même faiblesse de sécurité.Par conséquent, il recommande que tous les développeurs analysent ses recherches et s'assurent que leurs produits ne sont pas affectés. & # 8220; Nous prévoyons que le modèle de vulnérabilité pourrait être trouvé dans d'autres applications.Nous partageons cette recherche afin que les développeurs et les éditeurs puissent vérifier leurs applications pour des problèmes similaires, réparer ]]> 2024-05-03T22:08:47+00:00 https://www.techworm.net/2024/05/billion-android-vulnerable-apps-installed.html www.secnews.physaphae.fr/article.php?IdArticle=8493097 False Vulnerability,Threat,Mobile None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Google dit à la cour qu'il ne devrait pas avoir à distribuer des magasins d'applications tierces Google tells court it shouldn\\'t have to distribute third-party app stores Google: Epic Games wants court to "micromanage" Android app distribution.]]> 2024-05-03T18:26:21+00:00 https://arstechnica.com/?p=2021743 www.secnews.physaphae.fr/article.php?IdArticle=8493154 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Android Bug fuit les requêtes DNS même lorsque VPN Kill Switch est activé Android bug leaks DNS queries even when VPN kill switch is enabled A Mullvad VPN user has discovered that Android devices leak DNS queries when switching VPN servers even though the "Always-on VPN" feature was enabled with the "Block connections without VPN" option. [...]]]> 2024-05-03T17:02:42+00:00 https://www.bleepingcomputer.com/news/security/android-bug-leaks-dns-queries-even-when-vpn-kill-switch-is-enabled/ www.secnews.physaphae.fr/article.php?IdArticle=8493647 False Mobile None 3.0000000000000000 SecurityWeek - Security News Microsoft met en garde contre la vulnérabilité \\ 'stream stream \\' dans les applications Android populaires Microsoft Warns of \\'Dirty Stream\\' Vulnerability in Popular Android Apps Microsoft has uncovered a new type of attack called Dirty Stream that impacted Android apps with billions of installations. ]]> 2024-05-03T09:48:50+00:00 https://www.securityweek.com/microsoft-warns-of-dirty-stream-vulnerability-in-popular-android-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8492938 False Vulnerability,Mobile None 3.0000000000000000 The Register - Site journalistique Anglais Plus de 24 vulnérabilités fixées dans Xiaomi, Google Android Slavors… lentement More than 24 vulnerabilities fixed in Xiaomi, Google Android flavors … slowly Oversecure details bugs spotted and stamped since private disclosure Oversecured, a business that scans mobile apps for security issues, says it has identified more than two dozen vulnerabilities over the past few years affecting Android apps from smartphone maker Xiaomi and Google\'s Android Open Source Project (AOSP).…]]> 2024-05-02T23:34:52+00:00 https://go.theregister.com/feed/www.theregister.com/2024/05/02/google_xiaomi_flaws_oversecured/ www.secnews.physaphae.fr/article.php?IdArticle=8492668 False Vulnerability,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Milliards d'appareils Android ouverts à \\ 'stream stream \\' attaque Billions of Android Devices Open to \\'Dirty Stream\\' Attack Microsoft has uncovered a common vulnerability pattern in several apps allowing code execution; at least four of the apps have more than 500 million installations each; and one, Xiaomi\'s File Manager, has at least 1 billion installations.]]> 2024-05-02T21:59:01+00:00 https://www.darkreading.com/cloud-security/billions-android-devices-open-dirty-stream-attack www.secnews.physaphae.fr/article.php?IdArticle=8492625 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Applications Android populaires comme Xiaomi, Office WPS Vulnérable pour déposer un défaut d'écrasement Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app\'s home directory. "The implications of this vulnerability pattern include arbitrary code execution and token theft, depending on an application\'s ]]> 2024-05-02T19:52:00+00:00 https://thehackernews.com/2024/05/popular-android-apps-like-xiaomi-wps.html www.secnews.physaphae.fr/article.php?IdArticle=8492468 False Vulnerability,Mobile None 2.0000000000000000 Korben - Bloger francais Faille Android – L\'attaque Dirty Stream met en danger vos apps 2024-05-02T18:13:04+00:00 https://korben.info/faille-android-attaque-dirty-stream-met-en-danger-vos-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8492574 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Bitwarden lance la nouvelle application MFA Authenticator pour iOS, Android Bitwarden launches new MFA Authenticator app for iOS, Android Bitwarden, the creator of the popular open-source password manager, has just launched a new authenticator app called Bitwarden Authenticator, which is available for iOS and Android devices. [...]]]> 2024-05-02T16:20:51+00:00 https://www.bleepingcomputer.com/news/software/bitwarden-launches-new-mfa-authenticator-app-for-ios-android/ www.secnews.physaphae.fr/article.php?IdArticle=8492599 False Mobile None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Applications Android Flaw affectées avec 4 milliards d'installations Android Flaw Affected Apps With 4 Billion Installs Microsoft illustrated the severity of the issue via a case study involving Xiaomi\'s File Manager]]> 2024-05-02T15:30:00+00:00 https://www.infosecurity-magazine.com/news/android-flaw-apps-4-billion/ www.secnews.physaphae.fr/article.php?IdArticle=8492471 False Studies,Mobile None 2.0000000000000000 Korben - Bloger francais Android ou iOS, qui est le plus bavard ? 2024-05-02T14:02:44+00:00 https://korben.info/etude-comparative-securite-android-ios.html www.secnews.physaphae.fr/article.php?IdArticle=8492440 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Sauvegarde de votre main-d'œuvre mobile Safeguarding Your Mobile Workforce Establishing a robust BYOD security strategy is imperative for organizations aiming to leverage the benefits of a mobile-first workforce while mitigating associated risks.]]> 2024-05-02T14:00:00+00:00 https://www.darkreading.com/endpoint-security/safeguarding-your-mobile-workforce www.secnews.physaphae.fr/article.php?IdArticle=8492414 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Microsoft met en garde contre l'attaque "sale stream" impactant les applications Android Microsoft warns of "Dirty Stream" attack impacting Android apps Microsoft has highlighted a novel attack dubbed "Dirty Stream," which could allow malicious Android apps to overwrite files in another application\'s home directory, potentially leading to arbitrary code execution and secrets theft. [...]]]> 2024-05-02T12:02:45+00:00 https://www.bleepingcomputer.com/news/security/microsoft-warns-of-dirty-stream-attack-impacting-android-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8492473 False Mobile None 3.0000000000000000 Techworm - News Google augmente la prime jusqu'à 450 000 $ pour les bogues RCE dans certaines applications Android Google Increases Bounty Up To $450,000 For RCE Bugs In Some Android Apps 2024-05-01T20:17:03+00:00 https://www.techworm.net/2024/05/google-bounty-rce-bugs-android-apps.html www.secnews.physaphae.fr/article.php?IdArticle=8491889 False Malware,Vulnerability,Threat,Mobile,Cloud None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Attaque "Stream Dirty": découvrir et atténuer un modèle de vulnérabilité commun dans les applications Android “Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android apps 2024-05-01T19:46:49+00:00 https://community.riskiq.com/article/ddb0878a www.secnews.physaphae.fr/article.php?IdArticle=8492016 False Tool,Vulnerability,Threat,Studies,Mobile,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Android Malware Wpeeper utilise des sites WordPress compromis pour masquer les serveurs C2 Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion. The malware, codenamed Wpeeper, is an ELF binary that leverages the HTTPS protocol to secure its C2 communications. "Wpeeper is a typical backdoor Trojan for Android]]> 2024-05-01T19:11:00+00:00 https://thehackernews.com/2024/05/android-malware-wpeeper-uses.html www.secnews.physaphae.fr/article.php?IdArticle=8491840 False Malware,Mobile None 3.0000000000000000 The Register - Site journalistique Anglais Google tire le support RISC-V du noyau Android générique Google pulls RISC-V support from generic Android kernel Not a great omen if you were hoping to own a future RV smartphone – tho web giant says it hasn\'t totally given up Support for RISC-V was dropped from Android\'s Generic Kernel Image (GKI) thanks to a patch successfully merged today.…]]> 2024-05-01T17:47:45+00:00 https://go.theregister.com/feed/www.theregister.com/2024/05/01/riscv_support_android_pulled/ www.secnews.physaphae.fr/article.php?IdArticle=8491942 False Mobile None 2.0000000000000000 TroyHunt - Blog Security Rabbit R1 AI box revealed to just be an Android app It sounds like the company is now blocking access from "bootleg" APKs.]]> 2024-05-01T16:48:29+00:00 https://arstechnica.com/?p=2020955 www.secnews.physaphae.fr/article.php?IdArticle=8491928 False Mobile None 2.0000000000000000 SecurityWeek - Security News Google augmente les paiements de primes de bogue décuplé dans la poussée de sécurité des applications mobiles Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push Les chercheurs peuvent gagner jusqu'à 450 000 $ pour un rapport de vulnérabilité unique car Google augmente son programme de récompenses de vulnérabilité mobile.

>Researchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program. ]]> 2024-05-01T15:06:19+00:00 https://www.securityweek.com/google-boosts-bug-bounty-payouts-tenfold-in-mobile-app-security-push/ www.secnews.physaphae.fr/article.php?IdArticle=8491898 False Vulnerability,Mobile None 2.0000000000000000 ComputerWeekly - Computer Magazine Australia\\'s Qantas apologises for mobile app data breach 2024-05-01T12:03:00+00:00 https://www.computerweekly.com/news/366583075/Australias-Qantas-apologises-for-mobile-app-data-breach www.secnews.physaphae.fr/article.php?IdArticle=8491929 False Data Breach,Mobile None 2.0000000000000000 SecurityWeek - Security News Wpeeper Android Trojan utilise des sites WordPress compromis pour protéger le serveur de commandement et de contrôle Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server The new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal. ]]> 2024-05-01T11:57:52+00:00 https://www.securityweek.com/wpeeper-android-trojan-uses-compromised-wordpress-sites-to-shield-command-and-control-server/ www.secnews.physaphae.fr/article.php?IdArticle=8491811 False Mobile None 2.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Le nouveau modèle de risque mobile de NCSC \\ visait les entreprises «à haute menace» NCSC\\'s New Mobile Risk Model Aimed at “High-Threat” Firms The UK\'s National Cyber Security Centre claims its AMS model will protect firms from state-backed mobile threats]]> 2024-05-01T08:45:00+00:00 https://www.infosecurity-magazine.com/news/ncscs-mobile-risk-model-highthreat/ www.secnews.physaphae.fr/article.php?IdArticle=8491709 False Mobile None 2.0000000000000000 Korben - Bloger francais Rabbit R1 – Le super gadget IA trop hype n\'est en fait qu\'une app Android 2024-04-30T23:31:47+00:00 https://korben.info/rabbit-r1-gadget-ia-application-android.html www.secnews.physaphae.fr/article.php?IdArticle=8491526 False Mobile None 2.0000000000000000 Wired Threat Level - Security News 7 meilleures tablettes de dessin (2024): Wacom, iPad, sans écran, Android et Windows 7 Best Drawing Tablets (2024): Wacom, iPad, Screenless, Android, and Windows Whether you\'re photo-editing or illustrating, the right drawing tablet can transform your workflow. These digital art slates are WIRED-tested and approved.]]> 2024-04-30T15:30:00+00:00 https://www.wired.com/gallery/best-drawing-tablets/ www.secnews.physaphae.fr/article.php?IdArticle=8491335 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google paie maintenant jusqu'à 450 000 $ pour les bogues RCE dans certaines applications Android Google now pays up to $450,000 for RCE bugs in some Android apps Google has increased rewards for reporting remote code execution vulnerabilities within select Android apps by ten times, from $30,000 to $300,000, with the maximum reward reaching $450,000 for exceptional quality reports. [...]]]> 2024-04-30T14:33:51+00:00 https://www.bleepingcomputer.com/news/security/google-now-pays-up-to-450-000-for-rce-bugs-in-some-android-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8491419 False Vulnerability,Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Nouveau Wpeeper Android Malware se cache derrière des sites WordPress piratés New Wpeeper Android malware hides behind hacked WordPress sites A new Android backdoor malware named \'Wpeeper\' has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads. [...]]]> 2024-04-30T12:41:57+00:00 https://www.bleepingcomputer.com/news/security/new-wpeeper-android-malware-hides-behind-hacked-wordpress-sites/ www.secnews.physaphae.fr/article.php?IdArticle=8491367 False Malware,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google a empêché 2,28 millions d'applications malveillantes d'atteindre Play Store en 2023 Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad accounts from the app storefront in 2023 for attempting to distribute malware or for repeated policy violations. "In 2023,]]> 2024-04-29T22:37:00+00:00 https://thehackernews.com/2024/04/google-prevented-228-million-malicious.html www.secnews.physaphae.fr/article.php?IdArticle=8490784 False Malware,Mobile None 2.0000000000000000 The Register - Site journalistique Anglais Google a bloqué les applications de 2,3 m de Play Store l'année dernière pour avoir enfreint la loi G Google blocked 2.3M apps from Play Store last year for breaking the G law Third of a million developer accounts kiboshed, too Google says it stopped 2.28 million Android apps from being published in its official Play Store last year because they violated security rules.…]]> 2024-04-29T22:20:16+00:00 https://go.theregister.com/feed/www.theregister.com/2024/04/29/google_rejected_apps/ www.secnews.physaphae.fr/article.php?IdArticle=8490907 False Mobile None 3.0000000000000000 Techworm - News Android malware hacks bancs comptes bancs avec de fausses invites à la mise à jour chromée Android Malware Hacks Bank Accounts With Fake Chrome Update Prompts said in an analysis published on Thursday. According to ThreatFabric, Brokewell poses a significant threat to the banking industry, providing attackers with remote access to all assets available through mobile banking. The malware was discovered by the researchers while investigating a fake Google Chrome web browser “update” page, commonly used by cybercriminals to lure victims into downloading and installing malware. Looking at prior campaigns, the researchers found that Brokewell was used to target a popular “buy now, pay later” financial service and an Austrian digital authentication application. The malware is said to be in active development, with new commands added almost daily to capture every event on the device, from keystrokes and information displayed on screen to text entries and apps launched by the victim. Once downloaded, Brokewell creates an overlay screen on a targeted application to capture user credentials. It can also steal browser cookies by launching its own WebView, overriding the onPageFinished method, and dumping the session cookies after the user completes the login process. “Brokewell is equipped with “accessibility logging,” capturing every event happening on the device: touches, swipes, information displayed, text input, and applications opened. All actions are logged and sent to the command-and-control server, effectively stealing any confidential data displayed or entered on the compromised device,” the ThreatFabric researchers point out. “It\'s important to highlight that, in this case, any application is at risk of data compromise: Brokewell logs every event, posing a threat to all applications installed on the device. This piece of malware also supports a variety of “spyware” functionalities: it can collect information about the device, call history, geolocation, and record audio.” After stealing the credentials, the attackers can initiate a Device Takeover attack using remote control capabilities to perform screen streaming. It also provides the threat actor with a range of various commands that can be executed on the controlled device, such as touches, swipes, and clicks on specified elements. ThreatFabric discovered that one of the servers used as a command and control (C2) point for Brokewell was also used to host a repository called “Brokewell Cyber Labs,” created by a threat actor called “Baron Samedit.” This repository comprised the source code for the “Brokewell Android Loader,” another tool from the same developer designed to bypass restrictions Google introduced in Android 13 and later to prevent exploitation of Accessibility Service for side-loaded apps (APKs). According to ThreatFabric, Baron Samedit has been active for at least two years, providing tools to other cybercriminals to check stolen accounts from multiple services, which could still be improved to support a malware-as-a-service operation. “We anticipate further evolution of this malware family, as we’ve already observed almost daily updates to the malware. Brokewell will likely be promoted on underground channels as a rental service, attracting the interest of other cybercriminals and sparking new campaigns targeting different regions,” the researchers conclude. Hence, the only way to effectively identify and prevent potential fraud from malware families like the newly discovered Brokewell is to use a comprehensive]]> 2024-04-29T22:01:20+00:00 https://www.techworm.net/2024/04/android-malware-hack-bank-account-chrome-update.html www.secnews.physaphae.fr/article.php?IdArticle=8490777 False Malware,Tool,Threat,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch 13.4m Kaiser Insurance Membres touchés par la fuite de données aux annonceurs en ligne 13.4M Kaiser Insurance Members Affected by Data Leak to Online Advertisers Tracking code used for keeping tabs on how members navigated through the healthcare giant\'s online and mobile sites was oversharing a concerning amount of information.]]> 2024-04-29T19:46:08+00:00 https://www.darkreading.com/cyberattacks-data-breaches/13-4m-kaiser-insurance-members-affected-by-data-leak-to-online-advertisers www.secnews.physaphae.fr/article.php?IdArticle=8490831 False Mobile,Medical None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Faits saillants hebdomadaires, 29 avril 2024 Weekly OSINT Highlights, 29 April 2024 2024-04-29T16:05:58+00:00 https://community.riskiq.com/article/aa388c3b www.secnews.physaphae.fr/article.php?IdArticle=8490778 False Ransomware,Malware,Tool,Vulnerability,Threat,Mobile,Industrial None 3.0000000000000000 Fortinet - Fabricant Materiel Securite Les nouvelles capacités FortixDR offrent une couverture élargie New FortiXDR Capabilities Offer Expanded Coverage We\'re pleased to announce several enhancements to FortiXDR, including support for iOS and Android mobile devices and threat hunting for containers. Read more.]]> 2024-04-29T15:00:00+00:00 https://www.fortinet.com/blog/business-and-technology/fortixdr-capabilities-offer-expanded-coverage-from-pocket-to-cloud www.secnews.physaphae.fr/article.php?IdArticle=8490725 False Threat,Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Allumez les lumières: pourquoi la protection contre l'exécution est importante pour les applications mobiles Turn On The Lights: Why Runtime Protection Matters for Mobile Apps Il est essentiel de reconnaître que la sécurité n'est pas synonyme de connaître vos menaces.Les logiciels de grande valeur ne peuvent pas être correctement protégés en adoptant arbitrairement l'obscurcissement du code et la protection de l'exécution seule.Pour obtenir une sécurité appropriée des applications, vous devez vous assurer que vos protections agissent contre les menaces actives et pertinentes.Traditionnellement, les entreprises ont protégé des logiciels critiques de [& # 8230;]

>It\'s essential to recognize that security is not synonymous with knowing your threats. High-value software cannot be adequately protected by arbitrarily embracing code obfuscation and runtime protection alone. To achieve proper application security, you must ensure your protections act against active and relevant threats. Traditionally, businesses have safeguarded critical software from […] ]]> 2024-04-29T13:00:00+00:00 https://www.zimperium.com/blog/turn-on-the-lights-why-runtime-protection-matters-for-mobile-apps/ www.secnews.physaphae.fr/article.php?IdArticle=8490644 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Google a rejeté 2,28 millions d'applications Android risquées de Play Store en 2023 Google rejected 2.28 million risky Android apps from Play store in 2023 Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user\'s security. [...]]]> 2024-04-29T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-rejected-228-million-risky-android-apps-from-play-store-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8490755 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Google a rejeté 2,28 millions d'applications risquées de Play Store en 2023 Google rejected 2.28 million risky apps from Play Store in 2023 Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user\'s security. [...]]]> 2024-04-29T12:00:00+00:00 https://www.bleepingcomputer.com/news/security/google-rejected-228-million-risky-apps-from-play-store-in-2023/ www.secnews.physaphae.fr/article.php?IdArticle=8490728 False Mobile None 1.00000000000000000000 GoogleSec - Firm Security Blog Comment nous avons combattu de mauvaises applications et de mauvais acteurs en 2023 How we fought bad apps and bad actors in 2023 1 in part thanks to our investment in new and improved security features, policy updates, and advanced machine learning and app review processes. We have also strengthened our developer onboarding and review processes, requiring more identity information when developers first establish their Play accounts. Together with investments in our review tooling and processes, we identified bad actors and fraud rings more effectively and banned 333K bad accounts from Play for violations like confirmed malware and repeated severe policy violations. Additionally, almost 200K app submissions were rejected or remediated to ensure proper use of sensitive permissions such as background location or SMS access. To help safeguard user privacy at scale, we partnered with SDK providers to limit sensitive data access and sharing, enhancing the privacy posture for over 31 SDKs impacting 790K+ apps. We also significantly expanded the Google Play SDK Index, which now covers the SDKs used in almost 6 million apps across the Android ecosystem. This valuable resource helps developers make better SDK choices, boosts app quality and minimizes integration risks. Protecting the Android Ecosystem Building on our success with the App Defense Alliance (ADA), we partnered with Microsoft and Meta as steering committee members in the newly restructured ADA under the Joint Development Foundation, part of the Linux Foundation family. The Alliance will support industry-wide adoption of app security best practices and guidelines, as well as countermeasures against emerging security risks. Additionally, we announced new Play Store transparency labeling to highlight VPN apps that have completed an independent security review through App Defense Alliance\'s Mobile App Security Assessment (MASA). When a user searches for VPN apps, they will now see a banner at the top of Google Play that educates them about the “Independent security review” badge in the Data safety section. This helps users see at-a-glance that a developer has prioritized security and privacy best practices and is committed to user safety. ]]> 2024-04-29T11:59:47+00:00 http://security.googleblog.com/2024/04/how-we-fought-bad-apps-and-bad-actors-in-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8493536 False Malware,Tool,Threat,Mobile None 3.0000000000000000 HackRead - Chercher Cyber Les fausses mises à jour chromées masquer les logiciels malveillants Android Bkekewell ciblant votre banque Fake Chrome Updates Hide Android Brokewell Malware Targeting Your Bank Par deeba ahmed Nouvelle alerte de logiciels malveillants Android!Brokewell vole les données, prend en charge les appareils & # 038;cible votre banque.Apprenez comment fonctionne ce malware sournois & # 038;Ce que vous pouvez faire pour vous protéger.Arrêtez Brokewell avant de vous arrêter! Ceci est un article de HackRead.com Lire le post original: Les fausses mises à jour Chrome cachent des logiciels malveillants Android Brokewell ciblant votre banque

>By Deeba Ahmed New Android malware alert! Brokewell steals data, takes over devices & targets your bank. Learn how this sneaky malware works & what you can do to protect yourself. Stop Brokewell before it stops you! This is a post from HackRead.com Read the original post: Fake Chrome Updates Hide Android Brokewell Malware Targeting Your Bank]]> 2024-04-29T10:25:22+00:00 https://www.hackread.com/fake-chrome-updates-android-brokewell-malware/ www.secnews.physaphae.fr/article.php?IdArticle=8490594 False Malware,Mobile None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Android TV a accès à l'ensemble de votre compte mais Google change cela Android TV has access to your entire account-but Google is changing that Should sideloading Chrome on an old smart TV really compromise your entire account?]]> 2024-04-26T19:35:47+00:00 https://arstechnica.com/?p=2020252 www.secnews.physaphae.fr/article.php?IdArticle=8489240 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveau \\ 'Brokewell \\' Android Malware Spread à travers de fausses mises à jour du navigateur New \\'Brokewell\\' Android Malware Spread Through Fake Browser Updates Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis published Thursday. The malware is said to be in active development,]]> 2024-04-26T16:12:00+00:00 https://thehackernews.com/2024/04/new-brokewell-android-malware-spread.html www.secnews.physaphae.fr/article.php?IdArticle=8489006 False Malware,Mobile None 2.0000000000000000 SecurityWeek - Security News Trojan Android \\ 'Brokewell \\' puissant permet aux attaquants de prendre des appareils Powerful \\'Brokewell\\' Android Trojan Allows Attackers to Takeover Devices A new Android trojan named Brokewell can steal user\'s sensitive information and allows attackers to take over devices. ]]> 2024-04-26T14:08:40+00:00 https://www.securityweek.com/powerful-brokewell-android-trojan-allows-attackers-to-takeover-devices/ www.secnews.physaphae.fr/article.php?IdArticle=8489108 False Mobile None 3.0000000000000000 Dark Reading - Informationweek Branch Les applications de clavier chinois ouvrent les personnes 1B à l'écoute Chinese Keyboard Apps Open 1B People to Eavesdropping Eight out of nine apps that people use to input Chinese characters into mobile devices have weakness that allow a passive eavesdropper to collect keystroke data.]]> 2024-04-25T21:59:15+00:00 https://www.darkreading.com/endpoint-security/most-chinese-keyboard-apps-vulnerable-to-eavesdropping www.secnews.physaphae.fr/article.php?IdArticle=8488735 False Mobile None 2.0000000000000000 RiskIQ - cyber risk firms (now microsoft) Les nouveaux logiciels malveillants Brokewell prennent le contrôle des appareils Android New Brokewell Malware Takes Over Android Devices ## Snapshot ThreatFabric analysts have discovered a new mobile malware family called "Brokewell" that poses a significant threat to the banking industry. The malware is equipped with both data-stealing and remote-control capabilities, allowing attackers to gain remote access to all assets available through mobile banking. ## Description Brokewell uses overlay attacks to capture user credentials and can steal cookies by launching its own WebView. The malware also supports a variety of "spyware" functionalities, including collecting information about the device, call history, geolocation, and recording audio. After stealing the credentials, the actors can initiate a Device Takeover attack using remote control capabilities, giving them full control over the infected device. The malware is in active development, with new commands added almost daily. ThreatFabric analysts discovered a fake browser update page designed to install an Android application that was used to distribute the malware. The malware is believed to be promoted on underground channels as a rental service, attracting the interest of other cybercriminals and sparking new campaigns targeting different regions. ## References [https://www.threatfabric.com/blogs/brokewell-do-not-go-broke-by-new-banking-malware](https://www.threatfabric.com/blogs/brokewell-do-not-go-broke-by-new-banking-malware) [https://www.bleepingcomputer.com/news/security/new-brokewell-malware-takes-over-android-devices-steals-data/](https://www.bleepingcomputer.com/news/security/new-brokewell-malware-takes-over-android-devices-steals-data/)]]> 2024-04-25T18:53:33+00:00 https://community.riskiq.com/article/99a5deee www.secnews.physaphae.fr/article.php?IdArticle=8488684 False Malware,Threat,Mobile None 2.0000000000000000 Dark Reading - Informationweek Branch Bodfather Banking Trojan engendre des échantillons de 1,2k dans 57 pays Godfather Banking Trojan Spawns 1.2K Samples Across 57 Countries Mobile malware-as-a-service operators are upping their game by automatically churning out hundreds of unique samples on a whim.]]> 2024-04-25T18:01:42+00:00 https://www.darkreading.com/endpoint-security/godfather-banking-trojan-spawns-1k-samples-57-countries www.secnews.physaphae.fr/article.php?IdArticle=8488669 False Mobile None 2.0000000000000000 Korben - Bloger francais OpenELM – Apple sort ses modèles IA légers et open-source 2024-04-25T08:19:38+00:00 https://korben.info/openelm-apple-modeles-ia-open-source-appareils.html www.secnews.physaphae.fr/article.php?IdArticle=8488428 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Les nouveaux logiciels malveillants Brokewell prennent le contrôle des appareils Android, vole des données New Brokewell malware takes over Android devices, steals data Security researchers have discovered a new Android banking trojan they named Brokewell that can capture every event on the device, from touches and information displayed to text input and the applications the user launches. [...]]]> 2024-04-25T06:00:00+00:00 https://www.bleepingcomputer.com/news/security/new-brokewell-malware-takes-over-android-devices-steals-data/ www.secnews.physaphae.fr/article.php?IdArticle=8488547 False Malware,Mobile None 2.0000000000000000 Global Security Mag - Site de news francais ADM21 et Vecow lancent ECS-4700, Box PC compact robuste de qualité marine Produits]]> 2024-04-24T13:29:58+00:00 https://www.globalsecuritymag.fr/adm21-et-vecow-lancent-ecs-4700-box-pc-compact-robuste-de-qualite-marine.html www.secnews.physaphae.fr/article.php?IdArticle=8488014 False Mobile,Industrial None 2.0000000000000000 Silicon - Site de News Francais Apple : l\'UE serait prête à approuver son plan pour ouvrir l\'accès NFC 2024-04-24T11:06:01+00:00 https://www.silicon.fr/apple-lue-serait-prete-a-approuver-son-plan-pour-ouvrir-lacces-nfc-478069.html www.secnews.physaphae.fr/article.php?IdArticle=8487947 False Mobile None 3.0000000000000000 HackRead - Chercher Cyber Applications de clavier populaires divulguent les données des utilisateurs: milliards potentiellement exposés Popular Keyboard Apps Leak User Data: Billion Potentially Exposed Par waqas Les applications de clavier populaires divulguent les données utilisateur!Citizen Lab rapporte que 8 Android Imes sur 9 exposent des touches.Changez le vôtre & # 038;protéger les mots de passe! Ceci est un article de HackRead.com Lire le post original: Les applications de clavier populaires divulguent les données des utilisateurs: milliards potentiellement exposés

>By Waqas Popular keyboard apps leak user data! Citizen Lab reports 8 out of 9 Android IMEs expose keystrokes. Change yours & protect passwords! This is a post from HackRead.com Read the original post: Popular Keyboard Apps Leak User Data: Billion Potentially Exposed]]> 2024-04-24T11:03:04+00:00 https://www.hackread.com/keyboard-apps-leak-user-data-billion-exposed/ www.secnews.physaphae.fr/article.php?IdArticle=8487922 False Mobile None 2.0000000000000000 GoogleSec - Firm Security Blog Découvrir des menaces potentielles à votre application Web en tirant parti des rapports de sécurité Uncovering potential threats to your web application by leveraging security reports The Reporting API is an emerging web standard that provides a generic reporting mechanism for issues occurring on the browsers visiting your production website. The reports you receive detail issues such as security violations or soon-to-be-deprecated APIs, from users\' browsers from all over the world. Collecting reports is often as simple as specifying an endpoint URL in the HTTP header; the browser will automatically start forwarding reports covering the issues you are interested in to those endpoints. However, processing and analyzing these reports is not that simple. For example, you may receive a massive number of reports on your endpoint, and it is possible that not all of them will be helpful in identifying the underlying problem. In such circumstances, distilling and fixing issues can be quite a challenge. In this blog post, we\'ll share how the Google security team uses the Reporting API to detect potential issues and identify the actual problems causing them. We\'ll also introduce an open source solution, so you can easily replicate Google\'s approach to processing reports and acting on them. How does the Reporting API work? Some errors only occur in production, on users\' browsers to which you have no access. You won\'t see these errors locally or during development because there could be unexpected conditions real users, real networks, and real devices are in. With the Reporting API, you directly leverage the browser to monitor these errors: the browser catches these errors for you, generates an error report, and sends this report to an endpoint you\'ve specified.

How reports are generated and sent. Errors you can monitor with the Reporting API include: Security violations: Content-Security-Policy (CSP), Cross-Origin-Opener-Policy (COOP), Cross-Origin-Embedder-Policy (COEP) Deprecated and soon-to-be-deprecated API calls Browser interventions Permissions policy And more For a full list of error types you can monitor, see use cases and report types. The Reporting API is activated and configured using HTTP response headers: you need to declare the endpoint(s) you want the browser to send reports to, and which error types you want to monitor. The browser then sends reports to your endpoint in POST requests whose payload is a list of reports. Example setup:#]]> 2024-04-23T13:15:47+00:00 http://security.googleblog.com/2024/04/uncovering-potential-threats-to-your.html www.secnews.physaphae.fr/article.php?IdArticle=8493538 False Malware,Tool,Vulnerability,Mobile,Cloud None 3.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Meta fait ses débuts Horizon OS, avec Asus, Lenovo et Microsoft à bord Meta debuts Horizon OS, with Asus, Lenovo, and Microsoft on board Rivalry with Apple now mirrors the Android/iOS competition more than ever.]]> 2024-04-22T21:19:56+00:00 https://arstechnica.com/?p=2019154 www.secnews.physaphae.fr/article.php?IdArticle=8487058 False Mobile None 2.0000000000000000 Checkpoint - Fabricant Materiel Securite Prendre des mesures vers la réalisation de Fedramp Taking Steps Toward Achieving FedRAMP Les secteurs fédéral, étatique, gouvernemental local et éducation continuent d'être les plus ciblés par les cyberattaques aux États-Unis.Selon les organismes de recherche, d'éducation et de recherche sur les points de contrôle, connaissent 1 248 par semaine, en moyenne & # 8212;la plupart de toute industrie.Le gouvernement et les organisations militaires connaissent 1 034 par semaine, quatrième parmi toutes les industries.De plus, les organisations gouvernementales et militaires ont connu des attaques plus élevées que la moyenne de types de logiciels malveillants notables, notamment l'infostaler, le mobile, le ransomware et le botnet.Dans le secteur de l'éducation, les recherches sur les points de contrôle ont révélé des volumes d'attaque supérieurs à la moyenne d'infostaler, de ransomwares et de malwares de botnet.Pour aider à lutter contre ces menaces, vérifiez [& # 8230;]

>The federal, state, local government and education sectors continue to be the most targeted by cyberattacks in the United States. According to Check Point Research, education and research organizations experience 1,248 per week, on average — the most of any industry. The government and military organizations experience 1,034 per week, fourth among all industries. Further, government and military organizations have seen higher than average attacks of notable malware types, including Infostealer, mobile, ransomware and botnet. In the education sector, Check Point research found higher than average attack volumes of Infostealer, ransomware and botnet malwares. To help combat these threats, Check […] ]]> 2024-04-22T13:00:33+00:00 https://blog.checkpoint.com/security/taking-steps-toward-achieving-fedramp/ www.secnews.physaphae.fr/article.php?IdArticle=8486829 False Ransomware,Malware,Mobile None 2.0000000000000000 TroyHunt - Blog Security Google fusionne les divisions Android, Chrome et matériel Google merges the Android, Chrome, and hardware divisions Google says the new “Platform and Devices” team will let it move faster.]]> 2024-04-18T20:12:55+00:00 https://arstechnica.com/?p=2018279 www.secnews.physaphae.fr/article.php?IdArticle=8484927 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveau Android Trojan \\ 'Soumnibot \\' Évite la détection avec des astuces intelligentes New Android Trojan \\'SoumniBot\\' Evades Detection with Clever Tricks A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest," Kaspersky researcher Dmitry Kalinin said in a technical analysis.]]> 2024-04-18T16:01:00+00:00 https://thehackernews.com/2024/04/new-android-trojan-soumnibot-evades.html www.secnews.physaphae.fr/article.php?IdArticle=8484686 False Malware,Mobile,Technical None 2.0000000000000000 Wired Threat Level - Security News Rien d'oreille et rien d'oreille (a) revue: troisième fois, toujours charmant Nothing Ear and Nothing Ear (a) Review: Third Time, Still Charming The third generation of Nothing\'s clear-plastic AirPod clones is here, and they\'re some of the best wireless earbuds for Android.]]> 2024-04-18T10:45:00+00:00 https://www.wired.com/review/nothing-ear-nothing-ear-a/ www.secnews.physaphae.fr/article.php?IdArticle=8484659 False Mobile None 3.0000000000000000 Bleeping Computer - Magazine Américain Soumnibot Malware exploite les bogues Android pour échapper à la détection SoumniBot malware exploits Android bugs to evade detection A new Android banking malware named \'SoumniBot\' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. [...]]]> 2024-04-17T17:38:28+00:00 https://www.bleepingcomputer.com/news/security/soumnibot-malware-exploits-android-bugs-to-evade-detection/ www.secnews.physaphae.fr/article.php?IdArticle=8484367 False Malware,Mobile None 2.0000000000000000 Korben - Bloger francais Atlas – Le robot humanoïde de Boston Dynamics passe en version sans fil 2024-04-17T15:35:50+00:00 https://korben.info/atlas-robot-humanoide-electrique-boston-dynamics.html www.secnews.physaphae.fr/article.php?IdArticle=8484269 False Mobile None 2.0000000000000000 IT Security Guru - Blog Sécurité Keeper Security propose un générateur de phrase de passe intégrée pour renforcer la sécurité Keeper Security Offers Built-In Passphrase Generator to Strengthen Security Offre un générateur de phrase de passe intégrée pour renforcer la sécurité C'est apparu pour la première fois sur gourou de la sécurité informatique .

Today Keeper Security have announced the addition of a passphrase generator to Keeper Web Vault, with support on mobile and for the browser extension coming soon. The release also includes an update to the existing password generator which provides users with new options to meet specific password requirements. In addition to being able to include […] The post Keeper Security Offers Built-In Passphrase Generator to Strengthen Security first appeared on IT Security Guru. ]]> 2024-04-17T14:58:18+00:00 https://www.itsecurityguru.org/2024/04/17/keeper-security-offers-built-in-passphrase-generator-to-strengthen-security/?utm_source=rss&utm_medium=rss&utm_campaign=keeper-security-offers-built-in-passphrase-generator-to-strengthen-security www.secnews.physaphae.fr/article.php?IdArticle=8484179 False Mobile None 2.0000000000000000 Kaspersky - Kaspersky Research blog Soumnibot: les techniques uniques du New Android Banker \\ SoumniBot: the new Android banker\\'s unique techniques We review the new mobile Trojan banker SoumniBot, which exploits bugs in the Android manifest parser to dodge analysis and detection.]]> 2024-04-17T10:00:28+00:00 https://securelist.com/soumnibot-android-banker-obfuscates-app-manifest/112334/ www.secnews.physaphae.fr/article.php?IdArticle=8484029 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais ESET Research découvre de fausses applications de messagerie disponibles sur le Web et Google Play Malwares

ESET Research découvre de fausses applications de messagerie disponibles sur le Web et Google Play • eXotic Visit est une campagne d\'espionnage qui cible l\'Asie du Sud. • Sur Android, les logiciels malveillants imitent des applications de messagerie. • Ces fausses applications sont disponibles sur des sites Web et Google Play. • Les applications contiennent du code d\'Android XploitSPY RAT (open source). • Les auteurs ont adapté leur code en y ajoutant de l\'obfuscation. • ESET Research ne peut attribuer en l\'état cette campagne à un groupe spécifique. - Malwares]]> 2024-04-17T09:34:09+00:00 https://www.globalsecuritymag.fr/eset-research-decouvre-de-fausses-applications-de-messagerie-disponibles-sur-le.html www.secnews.physaphae.fr/article.php?IdArticle=8484022 False Mobile None 2.0000000000000000 Incogni - Blog Sécu de la société incogni, spécialisé en protection de la vie privé Comment bloquer «pas d'identifiant de l'appelant» sur un iPhone How to block “No Caller ID” on an iPhone 2024-04-17T08:45:30+00:00 https://blog.incogni.com/block-no-caller-id-on-iphone/ www.secnews.physaphae.fr/article.php?IdArticle=8483986 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Ivanti met en garde contre les défauts critiques dans sa solution Avalanche MDM Ivanti warns of critical flaws in its Avalanche MDM solution Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. [...]]]> 2024-04-16T15:52:14+00:00 https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-flaws-in-its-avalanche-mdm-solution/ www.secnews.physaphae.fr/article.php?IdArticle=8483648 False Vulnerability,Mobile None 2.0000000000000000 Zimperium - cyber risk firms for mobile Sécuriser la mobilité: naviguer dans le cycle de vie de l'appareil mobile NIST Enterprise Mobile Device Securing Mobility: Navigating the NIST Enterprise Mobile Device Lifecycle Les appareils mobiles sont la pierre angulaire des opérations d'entreprise, permettant la flexibilité, la productivité et la connectivité comme jamais auparavant.À une époque où l'agilité et l'accessibilité sont primordiales, les employés et les fonctionnaires comptent fortement sur leurs appareils mobiles pour accéder aux informations critiques, quel que soit le lieu.Cependant, assurer la sécurité de ces appareils est nécessaire [& # 8230;]

>Mobile devices are the cornerstone of enterprise operations, enabling flexibility, productivity, and connectivity like never before. In an era where agility and accessibility are paramount, employees and officials rely heavily on their mobile devices to access critical information, regardless of location. However, ensuring the security of these devices is necessary […] ]]> 2024-04-16T15:42:43+00:00 https://www.zimperium.com/blog/securing_mobility_navigating_the_nist_enterprise_mobile_device_lifecycle/ www.secnews.physaphae.fr/article.php?IdArticle=8483558 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais La sécurité en amont reçoit des investissements des investissements Cisco Upstream Security Receives Investment from Cisco Investments nouvelles commerciales

Upstream Security Receives Investment from Cisco Investments as the Demand for IoT Cybersecurity Soars Connected vehicles and mobile IoT devices introduce additional layers of cyber risks, posing threats to operational availability and sensitive data security - Business News]]> 2024-04-16T07:54:36+00:00 https://www.globalsecuritymag.fr/upstream-security-receives-investment-from-cisco-investments.html www.secnews.physaphae.fr/article.php?IdArticle=8483284 False Mobile None 2.0000000000000000 Global Security Mag - Site de news francais HID, Smart Spaces et Cohesion annoncent une nouvelle fonctionnalité d\'identifiants mobiles dans Google Wallet Produits]]> 2024-04-16T07:42:31+00:00 https://www.globalsecuritymag.fr/hid-smart-spaces-et-cohesion-annoncent-une-nouvelle-fonctionnalite-d.html www.secnews.physaphae.fr/article.php?IdArticle=8483286 False Mobile None 2.0000000000000000 Korben - Bloger francais Bloqueurs de pubs sur mobile – YouTube contre-attaque 2024-04-15T21:32:39+00:00 https://korben.info/youtube-contre-attaque-bloqueurs-pubs-mobile.html www.secnews.physaphae.fr/article.php?IdArticle=8483020 False Mobile None 2.0000000000000000 TroyHunt - Blog Security Le Pixel 9 se préparait au support SATEllite SOS The Pixel 9 reportedly gears up for satellite SOS support No one wants to build an Android satellite phone, so Google is going to do it.]]> 2024-04-15T18:25:53+00:00 https://arstechnica.com/?p=2017214 www.secnews.physaphae.fr/article.php?IdArticle=8482959 False Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les logiciels espions iOS liés à listes chinoises ciblent les utilisateurs d'iPhone sud-asiatique Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy. "The latest iteration of LightSpy, dubbed \'F_Warehouse,\' boasts a modular framework with extensive spying features," the BlackBerry Threat Research and Intelligence Team said in a report published last]]> 2024-04-15T14:34:00+00:00 https://thehackernews.com/2024/04/chinese-linked-lightspy-ios-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8482613 False Threat,Mobile None 2.0000000000000000 Wired Threat Level - Security News Roku Breach frappe 567 000 utilisateurs Roku Breach Hits 567,000 Users Plus: Apple warns iPhone users about spyware attacks, CISA issues an emergency directive about a Microsoft breach, and a ransomware hacker tangles with an unimpressed HR manager named Beth.]]> 2024-04-13T10:30:00+00:00 https://www.wired.com/story/roku-breach-hits-567000-users/ www.secnews.physaphae.fr/article.php?IdArticle=8481339 False Ransomware,Mobile None 2.0000000000000000 HackRead - Chercher Cyber Utilisateurs d'iPhone dans 92 pays ciblés par des attaques de logiciels spymétriques mercenaires iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks Par deeba ahmed Apple a émis des alertes de sécurité iPhone sur 92 pays, déclarant que leurs appareils ont été ciblés par une attaque de logiciels spymétrique mercenaire, exprimant une grande confiance dans l'avertissement. Ceci est un article de HackRead.com Lire le post original: utilisateurs d'iPhoneDans 92 pays ciblés par des attaques de logiciels espions mercenaires

>By Deeba Ahmed Apple has issued iPhone security alerts to 92 countries, stating that their devices have been targeted by a mercenary spyware attack, expressing high confidence in the warning. This is a post from HackRead.com Read the original post: iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks]]> 2024-04-12T21:47:54+00:00 https://www.hackread.com/iphone-users-mercenary-spyware-attacks/ www.secnews.physaphae.fr/article.php?IdArticle=8480995 False Mobile None 2.0000000000000000 Techworm - News VPN par Google One Service pour arrêter plus tard cette année VPN By Google One Service To Shut Down Later This Year 9to5Google rapporte que la société envoie désormais un e-mail à Google One utilisateurs pour les informer de sa fermeture. «En mettant l'accent sur la fourniture des fonctionnalités et des avantages les plus demandés, nous cessons la livraison gratuite pour sélectionner des commandes imprimées de Google Photos (au Canada, au Royaume-Uni, aux États-Unis et à l'UE) à partir du 15 mai etVPN par Google One plus tard cette année », lit l'e-mail envoyé aux utilisateurs. Bien que l'e-mail ne mentionne pas la raison spécifique de la fermeture ou la date de clôture exacte du service VPN Google One, un porte-parole de l'entreprise a déclaré à 9to5Google que la société abandonnait la fonctionnalité VPN en raison de l'équipe & # 8220;Les gens trouvés n'étaient tout simplement pas utilisés. & # 8221; Le porte-parole a également ajouté que la dépréciation permettra à l'équipe de «recentrer» et de «prendre en charge des fonctionnalités plus demandées avec Google One». Cependant, les propriétaires des smartphones de Pixel 7 de Google et au-dessus pourront toujours utiliser la fonction VPN intégrée gratuite par Google One après qu'il n'est pas disponible via l'application Paramètres sur les périphériques Pixel. De plus, la fonction VPN disponible avec Google Fi Wireless Service sera également disponible. Outre ce qui précède, Google a également annoncé la disponibilité de Magic Editor, un outil de retouche photo basé sur l'IA dans Google Photos, à tous les utilisateurs de Pixel, qui était initialement limité aux utilisateurs de Pixel 8 et Pixel 8 Pro.

Google has announced that it is shutting down its free add-on service, VPN by Google One, in the coming months after it was launched less than four years ago. For those unaware, in October 2020, Google rolled out a free virtual private network (VPN) service called “VPN by Google One” in select countries to all customers with 2TB or higher subscription plans on Google One, its subscription-based cloud storage service. Further, the free VPN service was advertised as an “extra layer of online protection for your Android phone” and that allows for “peace of mind that your data is safe.” However, 9to5Google reports that the company is now emailing Google One users to notify them of its shutdown. “With a focus on providing the most in-demand features and benefits, we\'re discontinuing free shipping for select print orders from Google Photos (in Canada, the UK, US, and EU) starting on May 15 and VPN by Google One later this year,” reads the email sent to the users. Although the email doesn\'t mention the specific reason for the shutdown or the exact closing date for the Google One VPN service, a company spokesperson told 9to5Google that the company is discontinuing the VPN feature because the team “found people simply weren\'t using it.” The spokesperson also adde]]> 2024-04-12T21:24:21+00:00 https://www.techworm.net/2024/04/vpn-google-one-shut-down-year.html www.secnews.physaphae.fr/article.php?IdArticle=8480831 False Tool,Mobile,Cloud None 2.0000000000000000 Ars Technica - Risk Assessment Security Hacktivism Google se moque des réformes proposées par Epic \\ pour mettre fin au marché des applications Android Monopole Google mocks Epic\\'s proposed reforms to end Android app market monopoly Google should be barred from “treating Epic differently,” Epic Games says.]]> 2024-04-12T18:43:24+00:00 https://arstechnica.com/?p=2016966 www.secnews.physaphae.fr/article.php?IdArticle=8480931 False Mobile None 2.0000000000000000 TechRepublic - Security News US Apple alerte les utilisateurs d'iPhone dans 92 pays à des attaques de logiciels spymétriques mercenaires Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks Apple recommends that iPhone users install software updates, use strong passwords and 2FA, and don\'t open links or attachments from suspicious emails to keep their device safe from spyware.]]> 2024-04-12T16:54:38+00:00 https://www.techrepublic.com/article/apple-threat-notifications-mercenary-spyware/ www.secnews.physaphae.fr/article.php?IdArticle=8480847 False Mobile None 2.0000000000000000 We Live Security - Editeur Logiciel Antivirus ESET La visite exotique comprend des logiciels malveillants XploitSpy & # 8211;Semaine en sécurité avec Tony Anscombe eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe Almost 400 people in India and Pakistan have fallen victim to an ongoing Android espionage campaign called eXotic Visit]]> 2024-04-12T14:05:06+00:00 https://www.welivesecurity.com/en/videos/exotic-visit-exploitspy-malware-week-security-tony-anscombe/ www.secnews.physaphae.fr/article.php?IdArticle=8485908 False Malware,Mobile None 2.0000000000000000 ComputerWeekly - Computer Magazine L'alerte de sécurité d'Apple iPhone renouvelle les préoccupations spyware Apple iPhone security alert renews spyware concerns 2024-04-12T13:29:00+00:00 https://www.computerweekly.com/news/366580752/Apple-iPhone-security-alert-renews-spyware-concerns www.secnews.physaphae.fr/article.php?IdArticle=8480874 False Mobile None 2.0000000000000000 Recorded Future - FLux Recorded Future Les militants des droits de l'homme du Sahara occidental sont ciblés par des logiciels malveillants mobiles Human rights activists in Western Sahara are being targeted by mobile malware 2024-04-12T13:18:43+00:00 https://therecord.media/android-mobile-spyware-western-sahara www.secnews.physaphae.fr/article.php?IdArticle=8480750 False Malware,Mobile None 3.0000000000000000 InfoSecurity Mag - InfoSecurity Magazine Nouvelle campagne d'espionnage Android repéré en Inde et au Pakistan New Android Espionage Campaign Spotted in India and Pakistan A new cyber espionage campaign, called \'eXotic Visit,\' targeted Android users in South Asia via seemingly legitimate messaging apps]]> 2024-04-11T14:45:00+00:00 https://www.infosecurity-magazine.com/news/android-espionage-campaign-india/ www.secnews.physaphae.fr/article.php?IdArticle=8480062 False Mobile None 2.0000000000000000 Silicon - Site de News Francais iPhone : Apple accélère la fabrication en Inde 2024-04-11T11:57:29+00:00 https://www.silicon.fr/iphone-apple-accelere-la-fabrication-en-inde-477690.html www.secnews.physaphae.fr/article.php?IdArticle=8479963 False Mobile None 2.0000000000000000 Bleeping Computer - Magazine Américain Apple: Mercenary Spyware Attacks cibler les utilisateurs d'iPhone dans 92 pays Apple: Mercenary spyware attacks target iPhone users in 92 countries Apple has been notifying iPhone users in 92 countries about a "mercenary spyware attack" attempting to remotely compromise their device. [...]]]> 2024-04-11T10:16:44+00:00 https://www.bleepingcomputer.com/news/security/apple-mercenary-spyware-attacks-target-iphone-users-in-92-countries/ www.secnews.physaphae.fr/article.php?IdArticle=8480058 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) \\ 'Visite exotique \\' Campagne spyware cible les utilisateurs d'Android en Inde et au Pakistan \\'eXotic Visit\\' Spyware Campaign Targets Android Users in India and Pakistan An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor or group. It\'s tracking the group behind the operation under the]]> 2024-04-10T19:54:00+00:00 https://thehackernews.com/2024/04/exotic-visit-spyware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8479379 False Malware,Threat,Mobile None 3.0000000000000000 Korben - Bloger francais Relief Maps – L\'app d\'itinéraires indispensable pour vos aventures outdoor 2024-04-10T13:49:39+00:00 https://korben.info/relief-maps-app-indispensable-aventures-outdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8479373 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Des pirates ciblant les militants des droits de l'homme au Maroc et au Sahara occidental Hackers Targeting Human Rights Activists in Morocco and Western Sahara Human rights activists in Morocco and the Western Sahara region are the targets of a new threat actor that leverages phishing attacks to trick victims into installing bogus Android apps and serve credential harvesting pages for Windows users. Cisco Talos is tracking the activity cluster under the name Starry Addax, describing it as primarily singling out activists associated with]]> 2024-04-09T19:15:00+00:00 https://thehackernews.com/2024/04/hackers-targeting-human-rights.html www.secnews.physaphae.fr/article.php?IdArticle=8478746 False Threat,Mobile None 3.0000000000000000 Korben - Bloger francais Android Studio intègre l\'IA Gemini Pro 2024-04-09T04:20:55+00:00 https://korben.info/android-studio-integre-gemini-pro-developpement-android-optimise.html www.secnews.physaphae.fr/article.php?IdArticle=8478474 False Mobile None 2.0000000000000000 ProofPoint - Cyber Firms Évolution du paysage des menaces: une plongée profonde dans les attaques multicanaux ciblant les détaillants Evolving Threat Landscape: A Deep Dive into Multichannel Attacks Targeting Retailers 2024-04-08T16:24:08+00:00 https://www.proofpoint.com/us/blog/email-and-cloud-threats/evolving-threat-landscape-deep-dive-multichannel-attacks-targeting www.secnews.physaphae.fr/article.php?IdArticle=8478123 False Tool,Threat,Mobile,Cloud None 2.0000000000000000