www.secnews.physaphae.fr This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-03-29T07:48:40+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) PYPI interrompt les inscriptions au milieu de la montée en puissance des téléchargements de paquets malveillants ciblant les développeurs<br>PyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting Developers The maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said "new project creation and new user registration" was temporarily halted to mitigate what it said was a "malware upload campaign." The incident was resolved 10 hours later, on March 28, 2024, at]]> 2024-03-29T11:07:00+00:00 https://thehackernews.com/2024/03/pypi-halts-sign-ups-amid-surge-of.html www.secnews.physaphae.fr/article.php?IdArticle=8472406 False None None None The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Version Linux de Dinodasrat repérée dans les cyberattaques dans plusieurs pays<br>Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts. In October 2023, Slovak cybersecurity firm ESET ]]> 2024-03-28T22:32:00+00:00 https://thehackernews.com/2024/03/linux-version-of-dinodasrat-spotted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8472155 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La Finlande blâme le groupe de piratage chinois Apt31 pour la cyberattaque du Parlement<br>Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country\'s Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the ongoing criminal probe as both demanding and time-consuming, involving extensive analysis of a "]]> 2024-03-28T22:20:00+00:00 https://thehackernews.com/2024/03/finland-blames-chinese-hacking-group.html www.secnews.physaphae.fr/article.php?IdArticle=8472126 False Legislation APT 31 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Darcula Phishing Network tirant parti de RCS et d'iMessage pour échapper à la détection<br>Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is being used to great]]> 2024-03-28T20:13:00+00:00 https://thehackernews.com/2024/03/darcula-phishing-network-leveraging-rcs.html www.secnews.physaphae.fr/article.php?IdArticle=8472102 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveau webinaire: éviter les angles morts de sécurité des applications avec Opswat et F5<br>New Webinar: Avoiding Application Security Blind Spots with OPSWAT and F5 Considering the ever-changing state of cybersecurity, it\'s never too late to ask yourself, "am I doing what\'s necessary to keep my organization\'s web applications secure?" The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain]]> 2024-03-28T18:13:00+00:00 https://thehackernews.com/2024/03/new-webinar-avoiding-application.html www.secnews.physaphae.fr/article.php?IdArticle=8472037 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Dans les coulisses: l'art de la sauvegarde des identités non humaines<br>Behind the Scenes: The Art of Safeguarding Non-Human Identities In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are not just trends but the new norm. Amidst this backdrop, a critical aspect subtly weaves into the]]> 2024-03-28T16:30:00+00:00 https://thehackernews.com/2024/03/behind-scenes-art-of-safeguarding-non.html www.secnews.physaphae.fr/article.php?IdArticle=8471965 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La nouvelle attaque de Zenhammer contourne les défenses de Rowhammer sur des processeurs AMD<br>New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack]]> 2024-03-28T16:25:00+00:00 https://thehackernews.com/2024/03/new-zenhammer-attack-bypasses-rowhammer.html www.secnews.physaphae.fr/article.php?IdArticle=8471966 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Telegram propose un abonnement premium en échange de l'utilisation de votre numéro pour envoyer OTPS<br>Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends\' email addresses in exchange for free pizza. "Whereas people say they care about privacy, they are willing to relinquish private data quite easily when]]> 2024-03-28T13:37:00+00:00 https://thehackernews.com/2024/03/telegram-offers-premium-subscription-in.html www.secnews.physaphae.fr/article.php?IdArticle=8471887 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates ont frappé la défense indienne, les secteurs de l'énergie avec des logiciels malveillants se faisant passer pour l'invitation de l'Air Force<br>Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2). "The information stealer was delivered via a phishing email, masquerading as an invitation letter]]> 2024-03-27T20:54:00+00:00 https://thehackernews.com/2024/03/hackers-target-indian-defense-and.html www.secnews.physaphae.fr/article.php?IdArticle=8471481 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) CISA avertit: les pirates attaquent activement la vulnérabilité de Microsoft SharePoint<br>CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting the Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with]]> 2024-03-27T18:45:00+00:00 https://thehackernews.com/2024/03/cisa-warns-hackers-actively-attacking.html www.secnews.physaphae.fr/article.php?IdArticle=8471391 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Edge Bug aurait pu permettre aux attaquants d'installer silencieusement des extensions malveillantes<br>Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users\' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user\'s knowledge," Guardio]]> 2024-03-27T18:24:00+00:00 https://thehackernews.com/2024/03/microsoft-edge-bug-could-have-allowed.html www.secnews.physaphae.fr/article.php?IdArticle=8471360 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les solutions SASE sont courtes sans extensions de navigateur d'entreprise, révèle un nouveau rapport<br>SASE Solutions Fall Short Without Enterprise Browser Extensions, New Report Reveals As SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance. However, a new report: "Better Together: SASE and Enterprise Browser Extension for the SaaS-First Enterprise" (]]> 2024-03-27T16:26:00+00:00 https://thehackernews.com/2024/03/sase-solutions-fall-short-without.html www.secnews.physaphae.fr/article.php?IdArticle=8471300 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vulnérabilité de plate-forme Ray Ai non corrigée critique exploitée pour l'exploration de crypto-monnaie<br>Critical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency Mining Cybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability allows attackers to take over the companies\' computing power and leak sensitive data," Oligo Security researchers Avi]]> 2024-03-27T16:09:00+00:00 https://thehackernews.com/2024/03/critical-unpatched-ray-ai-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8471301 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alerte: une nouvelle attaque de phishing fournit des keylogger déguisés en avis de paiement bancaire<br>Alert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment Notice A new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a bank payment notification, urging the user to open an archive file attachment. The archive ("Bank Handlowy w Warszawie]]> 2024-03-27T13:26:00+00:00 https://thehackernews.com/2024/03/alert-new-phishing-attack-delivers.html www.secnews.physaphae.fr/article.php?IdArticle=8471226 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Deux groupes de l'APT chinois accélèrent le cyber-espionnage contre les pays de l'ANASE<br>Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries Two China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor known as Mustang Panda, which has been recently linked to cyber attacks against Myanmar as well as]]> 2024-03-27T09:50:00+00:00 https://thehackernews.com/2024/03/two-chinese-apt-groups-ramp-up-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8471179 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Package NuGet malveillant lié à l'espionnage industriel cible les développeurs<br>Malicious NuGet Package Linked to Industrial Espionage Targets Developers Threat hunters have identified a suspicious package in the NuGet package manager that\'s likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is SqzrFramework480, which ReversingLabs said was first published on January 24, 2024. It has been downloaded ]]> 2024-03-26T22:24:00+00:00 https://thehackernews.com/2024/03/malicious-nuget-package-linked-to.html www.secnews.physaphae.fr/article.php?IdArticle=8470884 False Tool,Threat,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les États-Unis facturent 7 ressortissants chinois dans les principales opérations de cyber-espionnage de 14 ans<br>U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng Ming (翁明), Cheng Feng (程锋), Peng Yaowen (彭耀文), Sun Xiaohui (孙小辉), Xiong Wang (熊旺), and Zhao Guangzong (]]> 2024-03-26T17:36:00+00:00 https://thehackernews.com/2024/03/us-charges-7-chinese-nationals-in-major.html www.secnews.physaphae.fr/article.php?IdArticle=8470735 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Crafting Shields: défendre les serveurs Minecraft contre les attaques DDOS<br>Crafting Shields: Defending Minecraft Servers Against DDoS Attacks Minecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game\'s reputation. Despite the prevalence of DDoS attacks on the game, the majority of incidents go unreported, leaving a gap in awareness and protection. This article explains]]> 2024-03-26T16:59:00+00:00 https://thehackernews.com/2024/03/crafting-shields-defending-minecraft.html www.secnews.physaphae.fr/article.php?IdArticle=8470736 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sanctions américaines 3 échanges de crypto-monnaie pour aider la Russie à échapper aux sanctions<br>U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions The U.S. Department of the Treasury\'s Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, Crypto Explorer DMCC (AWEX), and Obshchestvo S Ogranichennoy Otvetstvennostyu Tsentr Obrabotki Elektronnykh Platezhey (]]> 2024-03-26T14:01:00+00:00 https://thehackernews.com/2024/03/us-sanctions-3-cryptocurrency-exchanges.html www.secnews.physaphae.fr/article.php?IdArticle=8470632 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alertes CISA sur l'exploitation active des défauts dans Fortinet, Ivanti et Nice Products<br>CISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice Products The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS score: 9.3) - Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 (CVSS score: 9.8) - Ivanti]]> 2024-03-26T10:24:00+00:00 https://thehackernews.com/2024/03/cisa-alerts-on-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8470582 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers Hijack Github Comptes dans l'attaque de la chaîne d'approvisionnement affectant Top -g et autres<br>Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site. "The threat actors used multiple TTPs in this attack, including account takeover via stolen browser cookies, contributing malicious code with verified commits, setting up a custom]]> 2024-03-25T17:28:00+00:00 https://thehackernews.com/2024/03/hackers-hijack-github-accounts-in.html www.secnews.physaphae.fr/article.php?IdArticle=8470152 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Leçon clé du piratage de pulvérisation de mot de passe de Microsoft \\: sécuriser chaque compte<br>Key Lesson from Microsoft\\'s Password Spray Hack: Secure Every Account In January 2024, Microsoft discovered they\'d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant. It wasn\'t a highly technical hack that exploited a zero-day vulnerability – the hackers used a simple password spray attack to take control of]]> 2024-03-25T17:07:00+00:00 https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html www.secnews.physaphae.fr/article.php?IdArticle=8470153 False Hack,Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle vulnérabilité "GoFetch" dans les puces Apple M-Series Fuites Secret Encryption Keys<br>New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations. Dubbed GoFetch, the vulnerability relates to a microarchitectural side-channel attack that takes advantage of a feature known as data memory-dependent prefetcher (DMP) to target constant-time cryptographic implementations and capture sensitive data]]> 2024-03-25T14:32:00+00:00 https://thehackernews.com/2024/03/new-gofetch-vulnerability-in-apple-m.html www.secnews.physaphae.fr/article.php?IdArticle=8470071 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Muddywater lié à l'Iran déploie Atera pour la surveillance dans les attaques de phishing<br>Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera. The activity, which took place from March 7 through the week of March 11, targeted Israeli entities spanning global manufacturing, technology, and]]> 2024-03-25T13:07:00+00:00 https://thehackernews.com/2024/03/iran-linked-muddywater-deploys-atera.html www.secnews.physaphae.fr/article.php?IdArticle=8470039 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Kimsuky de Kimsuky, en coréen, les déplacements pour les fichiers HTML compilés dans les cyberattaques en cours<br>N. Korea-linked Kimsuky Shifts to Compiled HTML Help Files in Ongoing Cyberattacks The North Korea-linked threat actor known as Kimsuky (aka Black Banshee, Emerald Sleet, or Springtail) has been observed shifting its tactics, leveraging Compiled HTML Help (CHM) files as vectors to deliver malware for harvesting sensitive data. Kimsuky, active since at least 2012, is known to target entities located in South Korea as well as North America, Asia, and Europe. According]]> 2024-03-24T11:08:00+00:00 https://thehackernews.com/2024/03/n-korea-linked-kimsuky-shifts-to.html www.secnews.physaphae.fr/article.php?IdArticle=8469454 False Malware,Threat APT 43 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La police allemande saisit \\ 'Némesis Market \\' dans le grand raid international de Darknet<br>German Police Seize \\'Nemesis Market\\' in Major International Darknet Raid German authorities have announced the takedown of an illicit underground marketplace called Nemesis Market that peddled narcotics, stolen data, and various cybercrime services. The Federal Criminal Police Office (aka Bundeskriminalamt or BKA) said it seized the digital infrastructure associated with the darknet service located in Germany and Lithuania and confiscated €94,000 ($102,107)]]> 2024-03-24T10:54:00+00:00 https://thehackernews.com/2024/03/german-police-seize-nemesis-market-in.html www.secnews.physaphae.fr/article.php?IdArticle=8469431 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates russes utilisent \\ 'wineloader \\' malware pour cibler les partis politiques allemands<br>Russian Hackers Use \\'WINELOADER\\' Malware to Target German Political Parties The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia\'s Foreign Intelligence Service (SVR), which was responsible for breaching SolarWinds and Microsoft. The findings come from Mandiant, which said Midnight Blizzard (aka APT29, BlueBravo, or]]> 2024-03-23T11:33:00+00:00 https://thehackernews.com/2024/03/russian-hackers-use-wineloader-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8468914 False Malware APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les nouveaux attaques de phishing de Strelasnealer ont frappé plus de 100 organisations en U.et nous.<br>New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S. Cybersecurity researchers have detected a new wave of phishing attacks that aim to deliver an ever-evolving information stealer referred to as StrelaStealer. The campaigns impact more than 100 organizations in the E.U. and the U.S., Palo Alto Networks Unit 42 researchers said in a new report published today. "These campaigns come in the form of spam emails with attachments that eventually]]> 2024-03-22T19:38:00+00:00 https://thehackernews.com/2024/03/new-strelastealer-phishing-attacks-hit.html www.secnews.physaphae.fr/article.php?IdArticle=8468556 False Spam None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AWS Patches Critical \\ 'FlowFixation \\' Bug dans le service de flux d'air pour empêcher le détournement de session<br>AWS Patches Critical \\'FlowFixation\\' Bug in Airflow Service to Prevent Session Hijacking Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims\' sessions and achieve remote code execution on underlying instances. The vulnerability, now addressed by AWS, has been codenamed FlowFixation by Tenable.]]> 2024-03-22T19:15:00+00:00 https://thehackernews.com/2024/03/aws-patches-critical-flowfixation-bug.html www.secnews.physaphae.fr/article.php?IdArticle=8468499 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le groupe lié à la Chine viole les réseaux via ConnectWise, F5 Flaws du logiciel F5<br>China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its uncategorized moniker UNC5174 (aka Uteus or Uetus), describing it as a "former]]> 2024-03-22T16:58:00+00:00 https://thehackernews.com/2024/03/china-linked-group-breaches-networks.html www.secnews.physaphae.fr/article.php?IdArticle=8468470 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Massive Sign1 Campagne infecte plus de 39 000 sites WordPress avec des redirectes d'escroquerie<br>Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects A massive malware campaign dubbed Sign1 has compromised over 39,000 WordPress sites in the last six months, using malicious JavaScript injections to redirect users to scam sites. The most recent variant of the malware is estimated to have infected no less than 2,500 sites over the past two months alone, Sucuri said in a report published this week. The attacks entail injecting rogue]]> 2024-03-22T16:57:00+00:00 https://thehackernews.com/2024/03/massive-sign1-campaign-infects-39000.html www.secnews.physaphae.fr/article.php?IdArticle=8468471 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Implémentation de Zero Trust Controls pour la conformité<br>Implementing Zero Trust Controls for Compliance The ThreatLocker® Zero Trust Endpoint Protection Platform implements a strict deny-by-default, allow-by-exception security posture to give organizations the ability to set policy-based controls within their environment and mitigate countless cyber threats, including zero-days, unseen network footholds, and malware attacks as a direct result of user error. With the capabilities of the]]> 2024-03-22T16:45:00+00:00 https://thehackernews.com/2024/03/implementing-zero-trust-controls-for.html www.secnews.physaphae.fr/article.php?IdArticle=8468437 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Le ministère américain de la Justice poursuit Apple sur le monopole et la sécurité de la messagerie<br>U.S. Justice Department Sues Apple Over Monopoly and Messaging Security The U.S. Department of Justice (DoJ), along with 16 other state and district attorneys general, on Thursday accused Apple of illegally maintaining a monopoly over smartphones, thereby undermining, among others, security and privacy of users when messaging non-iPhone users. "Apple wraps itself in a cloak of privacy, security, and consumer preferences to justify its anticompetitive]]> 2024-03-22T11:44:00+00:00 https://thehackernews.com/2024/03/us-justice-department-sues-apple-over.html www.secnews.physaphae.fr/article.php?IdArticle=8468337 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates russes ciblent les télécommunications ukrainiennes avec des logiciels malveillants améliorés \\ 'acide \\'<br>Russian Hackers Target Ukrainian Telecoms with Upgraded \\'AcidPour\\' Malware The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russian military intelligence. "AcidPour\'s expanded capabilities would enable it to better]]> 2024-03-22T08:36:00+00:00 https://thehackernews.com/2024/03/russian-hackers-target-ukrainian.html www.secnews.physaphae.fr/article.php?IdArticle=8468270 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates de Russie utilisant TinyTurla-NG pour violer les systèmes européens de l'ONG \\<br>Russia Hackers Using TinyTurla-NG to Breach European NGO\\'s Systems The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization (NGO) in order to deploy a backdoor called TinyTurla-NG. "The attackers compromised the first system, established persistence and added exclusions to antivirus products running on these endpoints as part of their preliminary post-compromise actions," Cisco]]> 2024-03-21T21:33:00+00:00 https://thehackernews.com/2024/03/russia-hackers-using-tinyturla-ng-to.html www.secnews.physaphae.fr/article.php?IdArticle=8468001 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Plus de 800 packages NPM trouvés avec des écarts, 18 exploitables à \\ 'manifester la confusion \\'<br>Over 800 npm Packages Found with Discrepancies, 18 Exploitable to \\'Manifest Confusion\\' New research has discovered over 800 packages in the npm registry which have discrepancies from their registry entries, out of which 18 have been found to exploit a technique called manifest confusion. The findings come from cybersecurity firm JFrog, which said the issue could be exploited by threat actors to trick developers into running malicious code. "It\'s an actual threat since]]> 2024-03-21T19:56:00+00:00 https://thehackernews.com/2024/03/over-800-npm-packages-found-with.html www.secnews.physaphae.fr/article.php?IdArticle=8467951 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) AndroxGH0st malware cible les applications Laravel pour voler des informations d'identification cloud<br>AndroxGh0st Malware Targets Laravel Apps to Steal Cloud Credentials Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that\'s used to target Laravel applications and steal sensitive data. "It works by scanning and taking out important information from .env files, revealing login details linked to AWS and Twilio," Juniper Threat Labs researcher Kashinath T Pattan said. "Classified as an SMTP cracker, it exploits SMTP]]> 2024-03-21T18:18:00+00:00 https://thehackernews.com/2024/03/androxgh0st-malware-targets-laravel.html www.secnews.physaphae.fr/article.php?IdArticle=8467923 False Malware,Tool,Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Comment accélérer les évaluations des risques des fournisseurs à l'ère de SAAS<br>How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl In today\'s digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the SaaS supply chain snowball quickly. That\'s why effective vendor risk management (VRM) is a]]> 2024-03-21T17:00:00+00:00 https://thehackernews.com/2024/03/how-to-accelerate-vendor-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8467864 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub lance l'outil AutoFix alimenté par AI pour aider les développeurs à patcher des défauts de sécurité<br>GitHub Launches AI-Powered Autofix Tool to Assist Devs in Patching Security Flaws GitHub on Wednesday announced that it\'s making available a feature called code scanning autofix in public beta for all Advanced Security customers to provide targeted recommendations in an effort to avoid introducing new security issues. "Powered by GitHub Copilot and CodeQL, code scanning autofix covers more than 90% of alert types in JavaScript, Typescript, Java, and]]> 2024-03-21T16:00:00+00:00 https://thehackernews.com/2024/03/github-launches-ai-powered-autofix-tool.html www.secnews.physaphae.fr/article.php?IdArticle=8467865 False Tool,Patching None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Donner un sens aux attaques technologiques opérationnelles: le passé, le présent et l'avenir<br>Making Sense of Operational Technology Attacks: The Past, Present, and Future When you read reports about cyber-attacks affecting operational technology (OT), it\'s easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the]]> 2024-03-21T14:53:00+00:00 https://thehackernews.com/2024/03/making-sense-of-operational-technology.html www.secnews.physaphae.fr/article.php?IdArticle=8467812 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les sanctions américaines des Russes derrière \\ 'doppelganger \\' Campagne de cyber-influence<br>U.S. Sanctions Russians Behind \\'Doppelganger\\' Cyber Influence Campaign The U.S. Treasury Department\'s Office of Foreign Assets Control (OFAC) on Wednesday announced sanctions against two 46-year-old Russian nationals and the respective companies they own for engaging in cyber influence operations. Ilya Andreevich Gambashidze (Gambashidze), the founder of the Moscow-based company Social Design Agency (SDA), and Nikolai Aleksandrovich Tupikin (Tupikin), the CEO and]]> 2024-03-21T13:37:00+00:00 https://thehackernews.com/2024/03/us-sanctions-russians-behind.html www.secnews.physaphae.fr/article.php?IdArticle=8467782 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti libère une solution urgente pour la vulnérabilité critique de la sentinelle critique<br>Ivanti Releases Urgent Fix for Critical Sentry RCE Vulnerability Ivanti has disclosed details of a critical remote code execution flaw impacting Standalone Sentry, urging customers to apply the fixes immediately to stay protected against potential cyber threats. Tracked as CVE-2023-41724, the vulnerability carries a CVSS score of 9.6. "An unauthenticated threat actor can execute arbitrary commands on the underlying operating system of the appliance]]> 2024-03-21T09:25:00+00:00 https://thehackernews.com/2024/03/ivanti-releases-urgent-fix-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8467691 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian publie des correctifs pour plus de 2 douzaines de défauts, y compris le bogue de bambou critique<br>Atlassian Releases Fixes for Over 2 Dozen Flaws, Including Critical Bamboo Bug Atlassian has released patches for more than two dozen security flaws, including a critical bug impacting Bamboo Data Center and Server that could be exploited without requiring user interaction. Tracked as CVE-2024-1597, the vulnerability carries a CVSS score of 10.0, indicating maximum severity. Described as an SQL injection flaw, it\'s rooted in a dependency called org.postgresql:]]> 2024-03-21T09:04:00+00:00 https://thehackernews.com/2024/03/atlassian-releases-fixes-for-over-2.html www.secnews.physaphae.fr/article.php?IdArticle=8467667 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Une nouvelle \\ 'Loop Dos \\' Attack a un impact sur des centaines de milliers de systèmes<br>New \\'Loop DoS\\' Attack Impacts Hundreds of Thousands of Systems A novel denial-of-service (DoS) attack vector has been found to target application-layer protocols based on User Datagram Protocol (UDP), putting hundreds of thousands of hosts likely at risk. Called Loop DoS attacks, the approach pairs "servers of these protocols in such a way that they communicate with each other indefinitely," researchers from the CISPA Helmholtz-Center for]]> 2024-03-20T20:21:00+00:00 https://thehackernews.com/2024/03/new-loop-dos-attack-impacts-hundreds-of.html www.secnews.physaphae.fr/article.php?IdArticle=8467396 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sécurité générative de l'IA - Sécurisez votre entreprise dans un monde alimenté par LLMS<br>Generative AI Security - Secure Your Business in a World Powered by LLMs Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of Large Language Models (LLMs) and Generative AI. The potential of Generative AI is immense, yet it brings significant challenges, especially in security integration. Despite their powerful capabilities,]]> 2024-03-20T16:57:00+00:00 https://thehackernews.com/2024/03/generative-ai-security-secure-your.html www.secnews.physaphae.fr/article.php?IdArticle=8467286 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) TeamCity Flaw entraîne une augmentation des ransomwares, de la cryptomiminage et des attaques de rats<br>TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based remote access trojan called Spark RAT. The attacks entail the exploitation of CVE-2024-27198 (CVSS score: 9.8) that enables an adversary to bypass authentication measures and gain administrative]]> 2024-03-20T16:56:00+00:00 https://thehackernews.com/2024/03/teamcity-flaw-leads-to-surge-in.html www.secnews.physaphae.fr/article.php?IdArticle=8467287 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelles surfaces de variantes de logiciels malveillants BunnyLoader avec des fonctionnalités d'attaque modulaire<br>New BunnyLoader Malware Variant Surfaces with Modular Attack Features Cybersecurity researchers have discovered an updated variant of a stealer and malware loader called BunnyLoader that modularizes its various functions as well as allow it to evade detection. "BunnyLoader is dynamically developing malware with the capability to steal information, credentials and cryptocurrency, as well as deliver additional malware to its victims," Palo Alto Networks]]> 2024-03-20T15:13:00+00:00 https://thehackernews.com/2024/03/new-bunnyloader-malware-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8467251 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) L'Ukraine arrête le trio pour détourner plus de 100 millions de comptes de courriels et d'instagram<br>Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts The Cyber Police of Ukraine has arrested three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up to 15 years in prison. The accounts, authorities said, were]]> 2024-03-20T12:18:00+00:00 https://thehackernews.com/2024/03/ukraine-arrests-trio-for-hijacking-over.html www.secnews.physaphae.fr/article.php?IdArticle=8467171 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S.EPA Formes le groupe de travail pour protéger les systèmes d'eau des cyberattaques<br>U.S. EPA Forms Task Force to Protect Water Systems from Cyberattacks The U.S. Environmental Protection Agency (EPA) said it\'s forming a new "Water Sector Cybersecurity Task Force" to devise methods to counter the threats faced by the water sector in the country. "In addition to considering the prevalent vulnerabilities of water systems to cyberattacks and the challenges experienced by some systems in adopting best practices, this Task Force in its deliberations]]> 2024-03-20T11:18:00+00:00 https://thehackernews.com/2024/03/us-epa-forms-task-force-to-protect.html www.secnews.physaphae.fr/article.php?IdArticle=8467147 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les API stimulent la majorité du trafic Internet et les cybercriminels en profitent<br>APIs Drive the Majority of Internet Traffic and Cybercriminals are Taking Advantage Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in 2024 Report from Imperva, a Thales company, found that the majority of internet traffic (71%) in 2023 was API calls. What\'s more, a typical enterprise site saw an average of 1.5 billion API]]> 2024-03-19T21:50:00+00:00 https://thehackernews.com/2024/03/apis-drive-majority-of-internet-traffic.html www.secnews.physaphae.fr/article.php?IdArticle=8466798 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) De Deepfakes aux logiciels malveillants: le rôle croissant d'Ai \\ dans les cyberattaques<br>From Deepfakes to Malware: AI\\'s Expanding Role in Cyber Attacks Large language models (LLMs) powering artificial intelligence (AI) tools today could be exploited to develop self-augmenting malware capable of bypassing YARA rules. "Generative AI can be used to evade string-based YARA rules by augmenting the source code of small malware variants, effectively lowering detection rates," Recorded Future said in a new report shared with The Hacker News.]]> 2024-03-19T19:25:00+00:00 https://thehackernews.com/2024/03/from-deepfakes-to-malware-ais-expanding.html www.secnews.physaphae.fr/article.php?IdArticle=8466698 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Artisanat et communication de votre stratégie de cybersécurité pour l'adhésion au conseil d'administration<br>Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In In an era where digital transformation drives business across sectors, cybersecurity has transcended its traditional operational role to become a cornerstone of corporate strategy and risk management. This evolution demands a shift in how cybersecurity leaders-particularly Chief Information Security Officers (CISOs)-articulate the value and urgency of cybersecurity investments to their boards.&]]> 2024-03-19T16:07:00+00:00 https://thehackernews.com/2024/03/crafting-and-communicating-your.html www.secnews.physaphae.fr/article.php?IdArticle=8466608 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Des pirates exploitant des sites de publication de documents populaires pour les attaques de phishing<br>Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks Threat actors are leveraging digital document publishing (DDP) sites hosted on platforms like FlipSnack, Issuu, Marq, Publuu, RelayTo, and Simplebooklet for carrying out phishing, credential harvesting, and session token theft, once again underscoring how threat actors are repurposing legitimate services for malicious ends. "Hosting phishing lures on DDP sites increases the likelihood]]> 2024-03-19T16:02:00+00:00 https://thehackernews.com/2024/03/hackers-exploiting-popular-document.html www.secnews.physaphae.fr/article.php?IdArticle=8466609 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Suspecté de l'attribution des données russes \\ 'acidepour \\' malware ciblant les appareils Linux x86<br>Suspected Russian Data-Wiping \\'AcidPour\\' Malware Targeting Linux x86 Devices A new variant of a data wiping malware called AcidRain has been detected in the wild that\'s specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne\'s Juan Andres Guerrero-Saade said in a series of posts on X. "The new variant [...] is an ELF binary compiled for x86 (not MIPS) and while it refers to similar devices/]]> 2024-03-19T15:29:00+00:00 https://thehackernews.com/2024/03/suspected-russian-data-wiping-acidpour.html www.secnews.physaphae.fr/article.php?IdArticle=8466610 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Une nouvelle attaque de phishing utilise une astuce Microsoft Office intelligente pour déployer NetSupport Rat<br>New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu. "The PhantomBlu operation introduces a nuanced exploitation method, diverging from NetSupport RAT\'s typical delivery mechanism by leveraging OLE (Object]]> 2024-03-19T10:58:00+00:00 https://thehackernews.com/2024/03/new-phishing-attack-uses-clever.html www.secnews.physaphae.fr/article.php?IdArticle=8466507 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) L'administrateur du marché de la racine électronique condamné à 42 mois pour avoir vendu 350 000 informations d'identification volées<br>E-Root Marketplace Admin Sentenced to 42 Months for Selling 350K Stolen Credentials A 31-year-old Moldovan national has been sentenced to 42 months in prison in the U.S. for operating an illicit marketplace called E-Root Marketplace that offered for sale hundreds of thousands of compromised credentials, the Department of Justice (DoJ) announced. Sandu Boris Diaconu was charged with conspiracy to commit access device and computer fraud and possession of 15 or more unauthorized]]> 2024-03-19T10:17:00+00:00 https://thehackernews.com/2024/03/e-root-marketplace-admin-sentenced-to.html www.secnews.physaphae.fr/article.php?IdArticle=8466483 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New Deep # Gosu Malware Campaign cible les utilisateurs de Windows avec des tactiques avancées<br>New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it\'s likely associated with the North Korean state-sponsored group tracked as Kimsuky. "The malware payloads used in the DEEP#GOSU represent a]]> 2024-03-18T23:26:00+00:00 https://thehackernews.com/2024/03/new-deepgosu-malware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8466221 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortra Patches Critical RCE Vulnérabilité dans l'outil de transfert FileCatalyst<br>Fortra Patches Critical RCE Vulnerability in FileCatalyst Transfer Tool Fortra has released details of a now-patched critical security flaw impacting its FileCatalyst file transfer solution that could allow unauthenticated attackers to gain remote code execution on susceptible servers. Tracked as CVE-2024-25153, the shortcoming carries a CVSS score of 9.8 out of a maximum of 10. "A directory traversal within the \'ftpservlet\' of the FileCatalyst Workflow]]> 2024-03-18T18:28:00+00:00 https://thehackernews.com/2024/03/fortra-patches-critical-rce.html www.secnews.physaphae.fr/article.php?IdArticle=8466065 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Des pirates utilisant du contrebandier HTML sournois pour livrer des logiciels malveillants via de faux sites Google<br>Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft. "It uses an unorthodox HTML smuggling technique where the malicious payload is embedded in a separate JSON file hosted on an external website," Netskope Threat Labs]]> 2024-03-18T18:05:00+00:00 https://thehackernews.com/2024/03/hackers-using-sneaky-html-smuggling-to.html www.secnews.physaphae.fr/article.php?IdArticle=8466033 False Malware,Threat,Commercial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les administrateurs WordPress ont demandé à supprimer les plugins minioranges en raison d'une faille critique<br>WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw 2024-03-18T15:16:00+00:00 https://thehackernews.com/2024/03/wordpress-admins-urged-to-remove.html www.secnews.physaphae.fr/article.php?IdArticle=8465941 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Groupe de pirates APT28 ciblant l'Europe, les Amériques, l'Asie dans un schéma de phishing généralisé<br>APT28 Hacker Group Targeting Europe, Americas, Asia in Widespread Phishing Scheme The Russia-linked threat actor known as APT28 has been linked to multiple ongoing phishing campaigns that employ lure documents imitating government and non-governmental organizations (NGOs) in Europe, the South Caucasus, Central Asia, and North and South America. "The uncovered lures include a mixture of internal and publicly available documents, as well as possible actor-generated]]> 2024-03-18T11:29:00+00:00 https://thehackernews.com/2024/03/apt28-hacker-group-targeting-europe.html www.secnews.physaphae.fr/article.php?IdArticle=8465853 False Threat APT 28 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates utilisant un logiciel fissuré sur GitHub pour répandre le voleur d'informations Risepro<br>Hackers Using Cracked Software on GitHub to Spread RisePro Info Stealer Cybersecurity researchers have found a number of GitHub repositories offering cracked software that are used to deliver an information stealer called RisePro. The campaign, codenamed gitgub, includes 17 repositories associated with 11 different accounts, according to G DATA. The repositories in question have since been taken down by the Microsoft-owned subsidiary. "The repositories look]]> 2024-03-16T18:01:00+00:00 https://thehackernews.com/2024/03/hackers-using-cracked-software-on.html www.secnews.physaphae.fr/article.php?IdArticle=8464901 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ghostrace & # 8211;La nouvelle vulnérabilité des fuites de données affecte les processeurs modernes<br>GhostRace – New Data Leak Vulnerability Affects Modern CPUs A group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The approach combines speculative execution and race conditions. "All the common synchronization primitives implemented]]> 2024-03-15T23:16:00+00:00 https://thehackernews.com/2024/03/ghostrace-new-data-leak-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8464467 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les plugins tiers Chatgpt pourraient conduire à des prises de contrôle des comptes<br>Third-Party ChatGPT Plugins Could Lead to Account Takeovers Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could allow attackers to install malicious plugins without users\' consent]]> 2024-03-15T17:04:00+00:00 https://thehackernews.com/2024/03/third-party-chatgpt-plugins-could-lead.html www.secnews.physaphae.fr/article.php?IdArticle=8464322 False Threat ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google introduit une protection URL en temps réel améliorée pour les utilisateurs de Chrome<br>Google Introduces Enhanced Real-Time URL Protection for Chrome Users Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google\'s server-side list of known bad sites in real-time,” Google\'s Jonathan Li and Jasika Bawa said. “If we]]> 2024-03-15T13:20:00+00:00 https://thehackernews.com/2024/03/google-introduces-enhanced-real-time.html www.secnews.physaphae.fr/article.php?IdArticle=8464251 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Publicités malveillantes ciblant les utilisateurs chinois avec un faux bloc-notes ++ et des installateurs VNote<br>Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike. “The malicious site found in the notepad++ search is distributed through an advertisement block,” Kaspersky]]> 2024-03-15T11:48:00+00:00 https://thehackernews.com/2024/03/malicious-ads-targeting-chinese-users.html www.secnews.physaphae.fr/article.php?IdArticle=8464205 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Lockbit Ransomware Hacker a été condamné à 860 000 $ après un plaidoyer de culpabilité au Canada<br>LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ) with "conspiring with others to intentionally damage protected computers and to transmit]]> 2024-03-14T19:17:00+00:00 https://thehackernews.com/2024/03/lockbit-ransomware-hacker-ordered-to.html www.secnews.physaphae.fr/article.php?IdArticle=8463834 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les chercheurs détaillent la vulnérabilité de Kubernetes qui permet la prise de contrôle du nœud Windows<br>Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher Tomer Peled said. “To exploit]]> 2024-03-14T17:29:00+00:00 https://thehackernews.com/2024/03/researchers-detail-kubernetes.html www.secnews.physaphae.fr/article.php?IdArticle=8463772 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) 3 choses que les cisos réalisent avec Cato<br>3 Things CISOs Achieve with Cato Being a CISO is a balancing act: ensuring organizations are secure without compromising users\' productivity. This requires taking multiple elements into consideration, like cost, complexity, performance and user experience. CISOs around the globe use Cato SSE 360, as part of the Cato SASE Cloud platform to balance these factors without compromise. This article details how CISOs are]]> 2024-03-14T15:54:00+00:00 https://thehackernews.com/2024/03/3-things-cisos-achieve-with-cato.html www.secnews.physaphae.fr/article.php?IdArticle=8463709 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Redcurl Cybercrime Group abuse de l'outil PCA Windows pour l'espionnage d'entreprise<br>RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis]]> 2024-03-14T15:53:00+00:00 https://thehackernews.com/2024/03/redcurl-cybercrime-group-abuses-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8463710 False Tool,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ANDE Loader Maleware cible le secteur de la fabrication en Amérique du Nord<br>Ande Loader Malware Targets Manufacturing Sector in North America The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT. The attacks, which take the form of phishing emails, targeted Spanish-speaking users in the manufacturing industry based in North America, eSentire said. Blind Eagle (aka APT-C-36) is a financially motivated threat actor&]]> 2024-03-14T12:47:00+00:00 https://thehackernews.com/2024/03/ande-loader-malware-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8463656 False Malware,Threat APT-C-36 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Darkgate Malware exploite récemment corrigé Microsoft Flaw en attaque zéro-jour<br>DarkGate Malware Exploits Recently Patched Microsoft Flaw in Zero-Day Attack A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass]]> 2024-03-14T10:27:00+00:00 https://thehackernews.com/2024/03/darkgate-malware-exploits-recently.html www.secnews.physaphae.fr/article.php?IdArticle=8463587 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortinet met en garde contre la vulnérabilité SQLI sévère dans le logiciel Forticlientems<br>Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. "An improper neutralization of special elements used in an SQL Command (\'SQL Injection\') vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted]]> 2024-03-14T09:51:00+00:00 https://thehackernews.com/2024/03/fortinet-warns-of-severe-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8463588 True Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Démystifier un mythe commun de cybersécurité<br>Demystifying a Common Cybersecurity Myth One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own-this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today\'s ever-evolving file upload security landscape, and a big part of that is understanding where the]]> 2024-03-13T21:09:00+00:00 https://thehackernews.com/2024/03/demystifying-common-cybersecurity-myth.html www.secnews.physaphae.fr/article.php?IdArticle=8463289 False Malware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pixpirate Android Banking Trojan utilisant une nouvelle tactique d'évasion pour cibler les utilisateurs brésiliens<br>PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app\'s icon from the home screen of the victim\'s device, IBM said in a technical report published today. “Thanks to this new technique, during PixPirate reconnaissance]]> 2024-03-13T19:25:00+00:00 https://thehackernews.com/2024/03/pixpirate-android-banking-trojan-using.html www.secnews.physaphae.fr/article.php?IdArticle=8463199 False Threat,Mobile,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Rejoignez notre webinaire sur la protection des identités humaines et non humaines dans les plateformes SaaS<br>Join Our Webinar on Protecting Human and Non-Human Identities in SaaS Platforms Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector. The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any identity in a SaaS app can create an opening for cybercriminals to]]> 2024-03-13T16:03:00+00:00 https://thehackernews.com/2024/03/join-our-webinar-on-protecting-human.html www.secnews.physaphae.fr/article.php?IdArticle=8463115 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les chercheurs mettent en évidence la sensibilité aux Gémeaux de Google \\ aux menaces LLM<br>Researchers Highlight Google\\'s Gemini AI Susceptibility to LLM Threats Google\'s Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well as companies using the LLM API. The first vulnerability involves]]> 2024-03-13T15:44:00+00:00 https://thehackernews.com/2024/03/researchers-highlight-googles-gemini-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8463116 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Alerte: cybercriminels déploiement de vcurms et de chevaux de Troie de strat via AWS et Github<br>Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” Fortinet FortiGuard Labs researcher Yurren Wan said. An unusual aspect of the]]> 2024-03-13T15:13:00+00:00 https://thehackernews.com/2024/03/alert-cybercriminals-deploying-vcurms.html www.secnews.physaphae.fr/article.php?IdArticle=8463117 False Malware,Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les mises à jour de la mars de Microsoft \\ sont des vulnérabilités de réparation 61, y compris des défauts hyper-v critiques<br>Microsoft\\'s March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the flaws are listed as]]> 2024-03-13T11:08:00+00:00 https://thehackernews.com/2024/03/microsofts-march-updates-fix-61.html www.secnews.physaphae.fr/article.php?IdArticle=8462999 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attention: ces packages PYPI Python peuvent vider vos portefeuilles crypto<br>Watch Out: These PyPI Python Packages Can Drain Your Crypto Wallets Threat hunters have discovered a set of seven packages on the Python Package Index (PyPI) repository that are designed to steal BIP39 mnemonic phrases used for recovering private keys of a cryptocurrency wallet. The software supply chain attack campaign has been codenamed BIPClip by ReversingLabs. The packages were collectively downloaded 7,451 times prior to them being removed from]]> 2024-03-12T17:43:00+00:00 https://thehackernews.com/2024/03/watch-out-these-pypi-python-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8462621 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) CTEM 101 - Va teloir de gestion de la vulnérabilité avec une gestion continue de l'exposition aux menaces<br>CTEM 101 - Go Beyond Vulnerability Management with Continuous Threat Exposure Management In a world of ever-expanding jargon, adding another FLA (Four-Letter Acronym) to your glossary might seem like the last thing you\'d want to do. But if you are looking for ways to continuously reduce risk across your environment while making significant and consistent improvements to security posture, in our opinion, you probably want to consider establishing a Continuous Threat Exposure]]> 2024-03-12T16:37:00+00:00 https://thehackernews.com/2024/03/ctem-101-go-beyond-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8462597 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La campagne malveillante exploite le plugin WordPress du constructeur popup pour infecter plus de 3 900 sites<br>Malware Campaign Exploits Popup Builder WordPress Plugin to Infect 3,900+ Sites A new malware campaign is leveraging a high-severity security flaw in the Popup Builder plugin for WordPress to inject malicious JavaScript code. According to Sucuri, the campaign has infected more than 3,900 sites over the past three weeks. "These attacks are orchestrated from domains less than a month old, with registrations dating back to February 12th, 2024," security researcher]]> 2024-03-12T14:45:00+00:00 https://thehackernews.com/2024/03/malware-campaign-exploits-popup-builder.html www.secnews.physaphae.fr/article.php?IdArticle=8462546 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Citoyen sud-coréen détenu en Russie pour des accusations de cyber-espionnage<br>South Korean Citizen Detained in Russia on Cyber Espionage Charges Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation. The development was first reported by Russian news agency TASS. “During the investigation of an espionage case, a South Korean citizen Baek Won-soon was identified and detained in Vladivostok, and put into custody under a court]]> 2024-03-12T12:02:00+00:00 https://thehackernews.com/2024/03/south-korean-citizen-detained-in-russia.html www.secnews.physaphae.fr/article.php?IdArticle=8462509 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Embrasser le cloud: révolutionner la gestion de l'accès privilégié avec une seule identité Pam Essentials<br>Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity PAM Essentials As cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can\'t be overstated. With organizations increasingly migrating to cloud environments, the PAM Solution Market is experiencing a transformative shift toward cloud-based offerings. One Identity PAM Essentials stands]]> 2024-03-11T20:17:00+00:00 https://thehackernews.com/2024/03/embracing-cloud-revolutionizing.html www.secnews.physaphae.fr/article.php?IdArticle=8462169 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouvelle banque Trojan Chavecloak cible les utilisateurs brésiliens via des tactiques de phishing<br>New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that\'s propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said. The attack chain involves the use of]]> 2024-03-11T20:17:00+00:00 https://thehackernews.com/2024/03/new-banking-trojan-chavecloak-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8462170 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Prévention des fuites de données à l'ère du cloud computing: une nouvelle approche<br>Data Leakage Prevention in the Age of Cloud Computing: A New Approach As the shift of IT infrastructure to cloud-based solutions celebrates its 10-year anniversary, it becomes clear that traditional on-premises approaches to data security are becoming obsolete. Rather than protecting the endpoint, DLP solutions need to refocus their efforts to where corporate data resides - in the browser. A new guide by LayerX titled "On-Prem is Dead. Have You Adjusted Your Web]]> 2024-03-11T17:03:00+00:00 https://thehackernews.com/2024/03/data-leakage-prevention-in-age-of-cloud.html www.secnews.physaphae.fr/article.php?IdArticle=8462119 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Bianlian Threat Actors exploitant JetBrains Flaws TeamCity dans les attaques de ransomwares<br>BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitation of a TeamCity server which resulted in the deployment of a PowerShell implementation of]]> 2024-03-11T15:23:00+00:00 https://thehackernews.com/2024/03/bianlian-threat-actors-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8462076 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exploit de preuve de concept publié pour le logiciel de progression Vulnérabilité OpenEdge<br>Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It]]> 2024-03-11T11:58:00+00:00 https://thehackernews.com/2024/03/proof-of-concept-exploit-released-for.html www.secnews.physaphae.fr/article.php?IdArticle=8461989 False Vulnerability,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Groupe de pirates Gobblin Magnet Tirant des exploits d'un jour pour déployer un rat nerbian<br>Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts. “Threat actor group Magnet Goblin\'s hallmark is its ability to swiftly leverage newly disclosed vulnerabilities, particularly targeting]]> 2024-03-11T11:29:00+00:00 https://thehackernews.com/2024/03/magnet-goblin-hacker-group-leveraging-1.html www.secnews.physaphae.fr/article.php?IdArticle=8461990 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft confirme que les pirates russes ont volé le code source, certains secrets des clients<br>Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard (aka APT29 or Cozy Bear) managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that Midnight Blizzard is using information initially exfiltrated from our]]> 2024-03-09T09:31:00+00:00 https://thehackernews.com/2024/03/microsoft-confirms-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8461117 False Hack,Threat APT 29 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta détaille l'interopérabilité WhatsApp et Messenger pour se conformer aux réglementations DMA de l'UE \\<br>Meta Details WhatsApp and Messenger Interoperability to Comply with EU\\'s DMA Regulations Meta has offered details on how it intends to implement interoperability in WhatsApp and Messenger with third-party messaging services as the Digital Markets Act (DMA) went into effect in the European Union. “This allows users of third-party providers who choose to enable interoperability (interop) to send and receive messages with opted-in users of either Messenger or WhatsApp – both designated]]> 2024-03-08T18:44:00+00:00 https://thehackernews.com/2024/03/meta-details-whatsapp-and-messenger.html www.secnews.physaphae.fr/article.php?IdArticle=8460826 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Secrets Sensei: Conquérir des défis de gestion des secrets<br>Secrets Sensei: Conquering Secrets Management Challenges In the realm of cybersecurity, the stakes are sky-high, and at its core lies secrets management - the foundational pillar upon which your security infrastructure rests. We\'re all familiar with the routine: safeguarding those API keys, connection strings, and certificates is non-negotiable. However, let\'s dispense with the pleasantries; this isn\'t a simple \'set it and forget it\' scenario. It\'s]]> 2024-03-08T15:19:00+00:00 https://thehackernews.com/2024/03/secrets-sensei-conquering-secrets.html www.secnews.physaphae.fr/article.php?IdArticle=8460756 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco émet un patch pour un bogue de détournement de VPN de haute sévérité dans le client sécurisé<br>Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 (CVSS score: 8.2), as allowing an unauthenticated, remote attacker to conduct a carriage return line feed (CRLF]]> 2024-03-08T13:39:00+00:00 https://thehackernews.com/2024/03/cisco-issues-patch-for-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8460718 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) L'émulateur Qemu exploité comme outil de tunneling pour violer le réseau<br>QEMU Emulator Exploited as Tunneling Tool to Breach Company Network Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been used by adversaries to their advantage, the development marks the first QEMU that has been]]> 2024-03-08T13:18:00+00:00 https://thehackernews.com/2024/03/cybercriminals-utilize-qemu-emulator-as.html www.secnews.physaphae.fr/article.php?IdArticle=8460719 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) La CISA prévient la vulnérabilité d'équipe de Jetbrains activement exploitée<br>CISA Warns of Actively Exploited JetBrains TeamCity Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting JetBrains TeamCity On-Premises software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tracked as CVE-2024-27198 (CVSS score: 9.8), refers to an authentication bypass bug that allows for a complete]]> 2024-03-08T11:43:00+00:00 https://thehackernews.com/2024/03/cisa-warns-of-actively-exploited.html www.secnews.physaphae.fr/article.php?IdArticle=8460680 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sites WordPress piratés abusant des visiteurs \\ 'Browsers pour les attaques par force brute distribuée<br>Hacked WordPress Sites Abusing Visitors\\' Browsers for Distributed Brute-Force Attacks Threat actors are conducting brute-force attacks against WordPress sites by leveraging malicious JavaScript injections, new findings from Sucuri reveal. The attacks, which take the form of distributed brute-force attacks, “target WordPress websites from the browsers of completely innocent and unsuspecting site visitors,” security researcher Denis Sinegubko said. The activity is part of a&]]> 2024-03-07T19:15:00+00:00 https://thehackernews.com/2024/03/hacked-wordpress-sites-abusing-visitors.html www.secnews.physaphae.fr/article.php?IdArticle=8460354 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Les pirates d'État chinois ciblent les Tibétains avec une chaîne d'approvisionnement, les attaques d'arrosage<br>Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks The China-linked threat actor known as Evasive Panda orchestrated both watering hole and supply chain attacks targeting Tibetan users at least since September 2023. The end of the attacks is to deliver malicious downloaders for Windows and macOS that deploy a known backdoor called MgBot and a previously undocumented Windows implant known as Nightdoor. The findings come from ESET, which]]> 2024-03-07T18:52:00+00:00 https://thehackernews.com/2024/03/chinese-state-hackers-target-tibetans.html www.secnews.physaphae.fr/article.php?IdArticle=8460355 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identité humaine vs non humaine en SaaS<br>Human vs. Non-Human Identity in SaaS In today\'s rapidly evolving SaaS environment, the focus is on human users. This is one of the most compromised areas in SaaS security management and requires strict governance of user roles and permissions, monitoring of privileged users, their level of activity (dormant, active, hyperactive), their type (internal/ external), whether they are joiners, movers, or leavers, and more.  Not]]> 2024-03-07T16:41:00+00:00 https://thehackernews.com/2024/03/human-vs-non-human-identity-in-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8460285 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ex-GOOGLE ingénieur arrêté pour avoir volé des secrets de technologie de l'IA pour la Chine<br>Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China The U.S. Department of Justice (DoJ) announced the indictment of a 38-year-old Chinese national and a California resident of allegedly stealing proprietary information from Google while covertly working for two China-based tech companies. Linwei Ding (aka Leon Ding), a former Google engineer who was arrested on March 6, 2024, "transferred sensitive Google trade secrets and other confidential]]> 2024-03-07T15:49:00+00:00 https://thehackernews.com/2024/03/ex-google-engineer-arrested-for.html www.secnews.physaphae.fr/article.php?IdArticle=8460261 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nouveau voleur d'informations de serpent basé sur Python se répandant via les messages Facebook<br>New Python-Based Snake Info Stealer Spreading Through Facebook Messages Facebook messages are being used by threat actors to a Python-based information stealer dubbed Snake that\'s designed to capture credentials and other sensitive data. “The credentials harvested from unsuspecting users are transmitted to different platforms such as Discord, GitHub, and Telegram,” Cybereason researcher Kotaro Ogino said in a technical report. Details about the campaign&]]> 2024-03-07T13:09:00+00:00 https://thehackernews.com/2024/03/new-python-based-snake-info-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8460221 False Threat,Technical None 3.0000000000000000