This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T16:42:43+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With the record-setting growth of consumer-focused AI productivity tools like ChatGPT, artificial intelligence-formerly the realm of data science and engineering teams-has become a resource available to every employee.  From a productivity perspective, that\'s fantastic. Unfortunately for IT and security teams, it also means you may have hundreds of people in your organization using a new tool in]]> 2023-10-23T17:04:00+00:00 https://thehackernews.com/2023/10/whos-experimenting-with-ai-tools-in.html www.secnews.physaphae.fr/article.php?IdArticle=8399384 False Tool ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The open-source remote access trojan known as Quasar RAT has been observed leveraging DLL side-loading to fly under the radar and stealthily siphon data from compromised Windows hosts. "This technique capitalizes on the inherent trust these files command within the Windows environment," Uptycs researchers Tejaswini Sandapolla and Karthickkumar Kathiresan said in a report published last week,]]> 2023-10-23T13:28:00+00:00 https://thehackernews.com/2023/10/quasar-rat-leverages-dll-side-loading.html www.secnews.physaphae.fr/article.php?IdArticle=8399386 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Europol on Friday announced the takedown of the infrastructure associated with Ragnar Locker ransomware, alongside the arrest of a "key target" in France. "In an action carried out between 16 and 20 October, searches were conducted in Czechia, Spain, and Latvia," the agency said. "The main perpetrator, suspected of being a developer of the Ragnar group, has been brought in front of the examining]]> 2023-10-21T18:40:00+00:00 https://thehackernews.com/2023/10/europol-dismantles-ragnar-locker.html www.secnews.physaphae.fr/article.php?IdArticle=8398660 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta on Friday disclosed a new security incident that allowed unidentified threat actors to leverage stolen credentials to access its support case management system. "The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases," David Bradbury, Okta\'s chief security officer, said. "It should be noted that the Okta]]> 2023-10-21T14:15:00+00:00 https://thehackernews.com/2023/10/oktas-support-system-breach-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8398576 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain. "The attacker first]]> 2023-10-21T09:16:00+00:00 https://thehackernews.com/2023/10/cisco-zero-day-exploited-to-implant.html www.secnews.physaphae.fr/article.php?IdArticle=8398506 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a malvertising campaign that leverages Google Ads to direct users searching for popular software to fictitious landing pages and distribute next-stage payloads. Malwarebytes, which discovered the activity, said it\'s "unique in its way to fingerprint users and distribute time sensitive payloads." The attack singles out users searching for Notepad++ and PDF converters to]]> 2023-10-20T19:19:00+00:00 https://thehackernews.com/2023/10/malvertisers-using-google-ads-to-target.html www.secnews.physaphae.fr/article.php?IdArticle=8398265 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attacks leveraging the DarkGate commodity malware targeting entities in the U.K., the U.S., and India have been linked to Vietnamese actors associated with the use of the infamous Ducktail stealer. "The overlap of tools and campaigns is very likely due to the effects of a cybercrime marketplace," WithSecure said in a report published today. "Threat actors are able to acquire and use multiple]]> 2023-10-20T18:58:00+00:00 https://thehackernews.com/2023/10/vietnamese-hackers-target-uk-us-and.html www.secnews.physaphae.fr/article.php?IdArticle=8398266 False Malware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Due to the rapid evolution of technology, the Internet of Things (IoT) is changing the way business is conducted around the world. This advancement and the power of the IoT have been nothing short of transformational in making data-driven decisions, accelerating efficiencies, and streamlining operations to meet the demands of a competitive global marketplace. IoT At a Crossroads IoT, in its most]]> 2023-10-20T17:08:00+00:00 https://thehackernews.com/2023/10/unleashing-power-of-internet-of-things.html www.secnews.physaphae.fr/article.php?IdArticle=8398230 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information stealer named ExelaStealer has become the latest entrant to an already crowded landscape filled with various off-the-shelf malware designed to capture sensitive data from compromised Windows systems. "ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor," Fortinet FortiGuard Labs researcher James Slaughter said in a]]> 2023-10-20T14:32:00+00:00 https://thehackernews.com/2023/10/exelastealer-new-low-cost-cybercrime.html www.secnews.physaphae.fr/article.php?IdArticle=8398112 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world, evade sanctions, and fund the country\'s ballistic missile program. The Department of Justice (DoJ) said the U.S. confiscated approximately $1.5 million of the revenue that these IT workers collected from]]> 2023-10-20T10:42:00+00:00 https://thehackernews.com/2023/10/us-doj-cracks-down-on-north-korean-it_20.html www.secnews.physaphae.fr/article.php?IdArticle=8398093 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023. "The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows]]> 2023-10-19T19:17:00+00:00 https://thehackernews.com/2023/10/sophisticated-mata-framework-strikes.html www.secnews.physaphae.fr/article.php?IdArticle=8397740 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The time between a vulnerability being discovered and hackers exploiting it is narrower than ever – just 12 days. So it makes sense that organizations are starting to recognize the importance of not leaving long gaps between their scans, and the term "continuous vulnerability scanning" is becoming more popular. Hackers won\'t wait for your next scan One-off scans can be a simple \'one-and-done\']]> 2023-10-19T17:18:00+00:00 https://thehackernews.com/2023/10/vulnerability-scanning-how-often-should.html www.secnews.physaphae.fr/article.php?IdArticle=8397690 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced an update to its Play Protect with support for real-time scanning at the code level to tackle novel malicious apps prior to downloading and installing them on Android devices. "Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats," the tech giant said. Google Play Protect is a]]> 2023-10-19T17:08:00+00:00 https://thehackernews.com/2023/10/google-play-protect-introduces-real.html www.secnews.physaphae.fr/article.php?IdArticle=8397691 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iran-linked OilRig threat actor targeted an unnamed Middle East government between February and September 2023 as part of an eight-month-long campaign. The attack led to the theft of files and passwords and, in one instance, resulted in the deployment of a PowerShell backdoor called PowerExchange, the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News]]> 2023-10-19T15:45:00+00:00 https://thehackernews.com/2023/10/iran-linked-oilrig-targets-middle-east.html www.secnews.physaphae.fr/article.php?IdArticle=8397652 False Threat APT 34 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft. The attacks, which entail the exploitation of CVE-2023-42793 (CVSS score: 9.8), have been attributed to Diamond Sleet (aka Labyrinth Chollima) and Onyx Sleet (aka Andariel or Silent Chollima). It\'s worth noting that both the]]> 2023-10-19T12:41:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-north-korean-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8397598 False Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The shortcoming has been actively]]> 2023-10-19T09:32:00+00:00 https://thehackernews.com/2023/10/google-tag-detects-state-backed-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8397549 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job. "The threat actor tricks job seekers on social media into opening malicious apps for fake job interviews," Kaspersky]]> 2023-10-18T20:21:00+00:00 https://thehackernews.com/2023/10/lazarus-group-targeting-defense-experts.html www.secnews.physaphae.fr/article.php?IdArticle=8397305 False Threat APT 38,APT 38,APT 37 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions - NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50 NetScaler ADC and NetScaler Gateway 13.1 before]]> 2023-10-18T17:57:00+00:00 https://thehackernews.com/2023/10/critical-citrix-netscaler-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8397237 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don\'t just target single weaknesses; they\'re on the hunt for combinations of exposures and attack methods that can lead them to their desired objective. Despite the presence of numerous security tools, organizations often have to deal with two]]> 2023-10-18T17:12:00+00:00 https://thehackernews.com/2023/10/unraveling-real-life-attack-paths-key.html www.secnews.physaphae.fr/article.php?IdArticle=8397238 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate cloud service provider credentials following a successful compromise. "The payloads for the Qubitstrike campaign are]]> 2023-10-18T17:12:00+00:00 https://thehackernews.com/2023/10/qubitstrike-targets-jupyter-notebooks.html www.secnews.physaphae.fr/article.php?IdArticle=8397239 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, protected by hardware encryption to ensure the secure storage and transfer of data between computer systems," Kaspersky]]> 2023-10-18T14:41:00+00:00 https://thehackernews.com/2023/10/tetrisphantom-cyber-espionage-via.html www.secnews.physaphae.fr/article.php?IdArticle=8397164 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A medium-severity flaw has been discovered in Synology\'s DiskStation Manager (DSM) that could be exploited to decipher an administrator\'s password and remotely hijack the account. "Under some rare conditions, an attacker could leak enough information to restore the seed of the pseudorandom number generator (PRNG), reconstruct the admin password, and remotely take over the admin account,"]]> 2023-10-18T12:18:00+00:00 https://thehackernews.com/2023/10/new-admin-takeover-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8397128 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Taiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached its end of life as early as 2015," the company said. "The data was used for registration purposes back then. So far, no]]> 2023-10-18T09:11:00+00:00 https://thehackernews.com/2023/10/d-link-confirms-data-breach-employee.html www.secnews.physaphae.fr/article.php?IdArticle=8397062 False Data Breach,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In what\'s the latest evolution of threat actors abusing legitimate infrastructure for nefarious ends, new findings show that nation-state hacking groups have entered the fray in leveraging the social platform for targeting critical infrastructure. Discord, in recent years, has become a lucrative target, acting as a fertile ground for hosting malware using its content delivery network (CDN) as]]> 2023-10-17T20:18:00+00:00 https://thehackernews.com/2023/10/discord-playground-for-nation-state.html www.secnews.physaphae.fr/article.php?IdArticle=8396801 False Threat,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two critical security flaws discovered in the open-source CasaOS personal cloud software could be successfully exploited by attackers to achieve arbitrary code execution and take over susceptible systems. The vulnerabilities, tracked as CVE-2023-37265 and CVE-2023-37266, both carry a CVSS score of 9.8 out of a maximum of 10. Sonar security researcher Thomas Chauchefoin, who discovered the bugs,]]> 2023-10-17T20:07:00+00:00 https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8396752 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial data is much more than just a collection of numbers; it is a crucial component of any business and a prime target for cybercriminals. It\'s important to understand that financial records can be a veritable treasure trove for digital pirates. A security breach not only puts customers\' personal information in jeopardy but also enables fraudsters to drain company funds and exploit clients.]]> 2023-10-17T17:13:00+00:00 https://thehackernews.com/2023/10/webinar-locking-down-financial-and.html www.secnews.physaphae.fr/article.php?IdArticle=8396691 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently, the cybersecurity landscape has been confronted with a daunting new reality – the rise of malicious Generative AI, like FraudGPT and WormGPT. These rogue creations, lurking in the dark corners of the internet, pose a distinctive threat to the world of digital security. In this article, we will look at the nature of Generative AI fraud, analyze the messaging surrounding these creations,]]> 2023-10-17T15:47:00+00:00 https://thehackernews.com/2023/10/exploring-realm-of-malicious-generative.html www.secnews.physaphae.fr/article.php?IdArticle=8396653 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A severity flaw impacting industrial cellular routers from Milesight may have been actively exploited in real-world attacks, new findings from VulnCheck reveal. Tracked as CVE-2023-43261 (CVSS score: 7.5), the vulnerability has been described as a case of information disclosure that affects UR5X, UR32L, UR32, UR35, and UR41 routers before version 35.3.0.7 that could enable attackers to access]]> 2023-10-17T15:46:00+00:00 https://thehackernews.com/2023/10/experts-warn-of-severe-flaws-affecting.html www.secnews.physaphae.fr/article.php?IdArticle=8396654 False Vulnerability,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors "interfered" with at least 11 telecommunication service providers in the country between May and September 2023. The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers. The starting point of the attacks is a reconnaissance phase in]]> 2023-10-17T11:16:00+00:00 https://thehackernews.com/2023/10/cert-ua-reports-11-ukrainian-telecom.html www.secnews.physaphae.fr/article.php?IdArticle=8396553 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that\'s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system. It\'s worth pointing out that the shortcoming only affects enterprise networking gear that have]]> 2023-10-17T09:42:00+00:00 https://thehackernews.com/2023/10/warning-unpatched-cisco-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8396540 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pro-Russian hacking groups have exploited a recently disclosed security vulnerability in the WinRAR archiving utility as part of a phishing campaign designed to harvest credentials from compromised systems. "The attack involves the use of malicious archive files that exploit the recently discovered vulnerability affecting the WinRAR compression software versions prior to 6.23 and traced as]]> 2023-10-16T19:25:00+00:00 https://thehackernews.com/2023/10/pro-russian-hackers-exploiting-recent.html www.secnews.physaphae.fr/article.php?IdArticle=8396240 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure. Besides requesting invasive permissions to access call logs, camera, SMS messages, and external]]> 2023-10-16T17:41:00+00:00 https://thehackernews.com/2023/10/spynote-beware-of-this-android-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8396241 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS Security\'s roots are in configuration management. An astounding 35% of all security breaches begin with security settings that were misconfigured. In the past 3 years, the initial access vectors to SaaS data have widened beyond misconfiguration management. “SaaS Security on Tap” is a new video series that takes place in Eliana V\'s bar making sure that the only thing that leaks is beer (]]> 2023-10-16T17:16:00+00:00 https://thehackernews.com/2023/10/the-fast-evolution-of-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8396179 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. "After responsible investigation *we have no evidence that suggests this vulnerability is real* nor has any additional info been shared via our official reporting channels," it said in a series of messages posted in X (formerly]]> 2023-10-16T15:01:00+00:00 https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8396115 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed serving malicious code by utilizing Binance\'s Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting]]> 2023-10-16T10:29:00+00:00 https://thehackernews.com/2023/10/binances-smart-chain-exploited-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8396019 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said. "New features for Windows 11 include]]> 2023-10-14T11:59:00+00:00 https://thehackernews.com/2023/10/microsoft-to-phase-out-ntlm-in-favor-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395428 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also]]> 2023-10-13T20:01:00+00:00 https://thehackernews.com/2023/10/new-peapod-cyberattack-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8395186 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew\'s tactics and capabilities. The findings come from Kaspersky, which first shed light on the adversary last year, linking it to attacks against high-profile entities in Europe and Asia for nearly three]]> 2023-10-13T17:23:00+00:00 https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html www.secnews.physaphae.fr/article.php?IdArticle=8395127 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks have only increased in sophistication and capabilities over the past year. From new evasion and anti-analysis techniques to stealthier variants coded in new languages, ransomware groups have adapted their tactics to bypass common defense strategies effectively.  This article will cover just some of those new developments in Q3-2023 as well as give predictions on quarters to]]> 2023-10-13T16:37:00+00:00 https://thehackernews.com/2023/10/ransomware-attacks-doubled-year-on-year.html www.secnews.physaphae.fr/article.php?IdArticle=8395108 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A piece of malware known as DarkGate has been observed being spread via instant messaging platforms such as Skype and Microsoft Teams. In these attacks, the messaging apps are used to deliver a Visual Basic for Applications (VBA) loader script that masquerades as a PDF document, which, when opened, triggers the download and execution of an AutoIt script designed to launch the malware. "It\'s]]> 2023-10-13T16:06:00+00:00 https://thehackernews.com/2023/10/darkgate-malware-spreading-via.html www.secnews.physaphae.fr/article.php?IdArticle=8395082 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The AvosLocker ransomware gang has been linked to attacks against critical infrastructure sectors in the U.S., with some of them detected as recently as May 2023. That\'s according to a new joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) detailing the ransomware-as-a-service (RaaS) operation\'s]]> 2023-10-13T15:55:00+00:00 https://thehackernews.com/2023/10/fbi-cisa-warn-of-rising-avoslocker.html www.secnews.physaphae.fr/article.php?IdArticle=8395083 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report today. While]]> 2023-10-12T18:47:00+00:00 https://thehackernews.com/2023/10/malicious-nuget-package-targeting-net.html www.secnews.physaphae.fr/article.php?IdArticle=8394742 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed from a regular IP address to a hexadecimal value," the AhnLab Security Emergency response Center (ASEC)]]> 2023-10-12T16:57:00+00:00 https://thehackernews.com/2023/10/shellbot-uses-hex-ips-to-evade.html www.secnews.physaphae.fr/article.php?IdArticle=8394707 True Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive business data into ChatGPT, or similar applications. DLP solutions, the go-to solution for similar challenges, are]]> 2023-10-12T16:03:00+00:00 https://thehackernews.com/2023/10/how-to-guard-your-data-from-exposure-in.html www.secnews.physaphae.fr/article.php?IdArticle=8394708 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant\'s threat intelligence team is tracking the operator as Storm-1567. The attack leveraged devices that were not onboarded to Microsoft]]> 2023-10-12T15:59:00+00:00 https://thehackernews.com/2023/10/microsoft-defender-thwarts-akira.html www.secnews.physaphae.fr/article.php?IdArticle=8394709 False Ransomware,Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site. "Complete with a professional looking opening comment implying it is a caching plugin, this rogue code contains numerous functions, adds filters to prevent itself from being included in the list]]> 2023-10-12T14:46:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-malware-posing-as.html www.secnews.physaphae.fr/article.php?IdArticle=8394665 False Malware None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) High-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that\'s designed to deploy basic backdoors and loaders for delivering next-stage malware. Cybersecurity company Check Point is tracking the activity under the name Stayin\' Alive. Targets include organizations located in Vietnam, Uzbekistan, Pakistan, and Kazakhstan. "The simplistic]]> 2023-10-12T11:50:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8394628 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Patches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution. The list of vulnerabilities is as follows - CVE-2023-38545 (CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulnerability CVE-2023-38546 (CVSS score: 5.0) - Cookie injection with none file CVE-2023-38545 is the more severe of the]]> 2023-10-12T10:09:00+00:00 https://thehackernews.com/2023/10/two-high-risk-security-flaws-discovered.html www.secnews.physaphae.fr/article.php?IdArticle=8394604 False Vulnerability None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August. Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv Composer plugin (CVE-2023-3169, CVSS score: 6.1) that could be exploited by unauthenticated users to]]> 2023-10-11T18:11:00+00:00 https://thehackernews.com/2023/10/over-17000-wordpress-sites-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8394300 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the]]> 2023-10-11T17:56:00+00:00 https://thehackernews.com/2023/10/us-cybersecurity-agency-warns-of.html www.secnews.physaphae.fr/article.php?IdArticle=8394301 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Passwords are at the core of securing access to an organization\'s data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts. Instead of creating a strong and unique password for each account, they resort to easy-to-remember passwords, or use the same password]]> 2023-10-11T17:32:00+00:00 https://thehackernews.com/2023/10/take-offensive-approach-to-password.html www.secnews.physaphae.fr/article.php?IdArticle=8394302 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws, 13 are rated Critical and 90 are rated Important in severity. This is apart from 18 security vulnerabilities addressed in its Chromium-based Edge browser since the second Tuesday of September. The two]]> 2023-10-11T12:30:00+00:00 https://thehackernews.com/2023/10/microsoft-releases-october-2023-patches.html www.secnews.physaphae.fr/article.php?IdArticle=8394211 False Patching None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a nation-state actor it tracks as Storm-0062 (aka DarkShadow or Oro0lxy). The tech giant\'s threat intelligence team said it observed in-the-wild abuse of the vulnerability since September 14, 2023. "CVE-2023-22515 is a critical privilege escalation vulnerability in]]> 2023-10-11T09:42:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-nation-state-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8394187 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure. The cumulative susceptibility to this attack is being tracked as CVE-2023-44487,]]> 2023-10-10T20:54:00+00:00 https://thehackernews.com/2023/10/http2-rapid-reset-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8393814 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday announced the ability for all users to set up passkeys by default, five months after it rolled out support for the FIDO Alliance-backed passwordless standard for Google Accounts on all platforms. "This means the next time you sign in to your account, you\'ll start seeing prompts to create and use passkeys, simplifying your future sign-ins," Google\'s Sriram Karra and Christiaan]]> 2023-10-10T18:20:00+00:00 https://thehackernews.com/2023/10/google-adopts-passkeys-as-default-sign.html www.secnews.physaphae.fr/article.php?IdArticle=8393745 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Certain online risks to children are on the rise, according to a recent report from Thorn, a technology nonprofit whose mission is to build technology to defend children from sexual abuse. Research shared in the Emerging Online Trends in Child Sexual Abuse 2023 report, indicates that minors are increasingly taking and sharing sexual images of themselves. This activity may occur consensually or]]> 2023-10-10T15:58:00+00:00 https://thehackernews.com/2023/10/new-report-child-sexual-abuse-content.html www.secnews.physaphae.fr/article.php?IdArticle=8393686 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor of unknown provenance has been linked to a number of attacks targeting organizations in the manufacturing, IT, and biomedical sectors in Taiwan. The Symantec Threat Hunter Team, part of Broadcom, attributed the attacks to an advanced persistent threat (APT) it tracks under the name Grayling. Evidence shows that the campaign began in February 2023 and]]> 2023-10-10T15:55:00+00:00 https://thehackernews.com/2023/10/researchers-uncover-grayling-apts.html www.secnews.physaphae.fr/article.php?IdArticle=8393687 False Threat,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated Magecart campaign has been observed manipulating websites\' default 404 error page to conceal malicious code in what\'s been described as the latest evolution of the attacks. The activity, per Akamai, targets Magento and WooCommerce websites, with some of the victims belonging to large organizations in the food and retail industries. "In this campaign, all the victim websites we]]> 2023-10-10T14:50:00+00:00 https://thehackernews.com/2023/10/new-magecart-campaign-alters-404-error.html www.secnews.physaphae.fr/article.php?IdArticle=8393656 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior. libcue is incorporated into]]> 2023-10-10T12:20:00+00:00 https://thehackernews.com/2023/10/libcue-library-flaw-opens-gnome-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8393512 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign. IBM X-Force, which uncovered the activity last month, said adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user]]> 2023-10-10T11:22:00+00:00 https://thehackernews.com/2023/10/citrix-devices-under-attack-netscaler.html www.secnews.physaphae.fr/article.php?IdArticle=8393513 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ad fraud botnet dubbed PEACHPIT leveraged an army of hundreds of thousands of Android and iOS devices to generate illicit profits for the threat actors behind the scheme. The botnet is part of a larger China-based operation codenamed BADBOX, which also entails selling off-brand mobile and connected TV (CTV) devices on popular online retailers and resale sites that are backdoored with an]]> 2023-10-09T21:37:00+00:00 https://thehackernews.com/2023/10/peachpit-massive-ad-fraud-botnet.html www.secnews.physaphae.fr/article.php?IdArticle=8393319 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and]]> 2023-10-09T18:06:00+00:00 https://thehackernews.com/2023/10/cybercriminals-using-evilproxy-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8393243 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving technological landscape, the integration of Artificial Intelligence (AI) and Large Language Models (LLMs) has become ubiquitous across various industries. This wave of innovation promises improved efficiency and performance, but lurking beneath the surface are complex vulnerabilities and unforeseen risks that demand immediate attention from cybersecurity professionals]]> 2023-10-09T17:25:00+00:00 https://thehackernews.com/2023/10/webinar-how-vcisos-can-navigating.html www.secnews.physaphae.fr/article.php?IdArticle=8393136 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) "Of course, here\'s an example of simple code in the Python programming language that can be associated with the keywords "MyHotKeyHandler," "Keylogger," and "macOS," this is a message from ChatGPT followed by a piece of malicious code and a brief remark not to use it for illegal purposes. Initially published by Moonlock Lab, the screenshots of ChatGPT writing code for a keylogger malware is yet]]> 2023-10-09T16:36:00+00:00 https://thehackernews.com/2023/10/i-had-dream-and-generative-ai-jailbreaks.html www.secnews.physaphae.fr/article.php?IdArticle=8393137 False Malware ChatGPT 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple high-severity security vulnerabilities have been disclosed in ConnectedIO\'s ER2000 edge routers and the cloud-based management platform that could be exploited by malicious actors to execute malicious code and access sensitive data. "An attacker could have leveraged these flaws to fully compromise the cloud infrastructure, remotely execute code, and leak all customer and device]]> 2023-10-09T16:19:00+00:00 https://thehackernews.com/2023/10/high-severity-flaws-in-connectedios.html www.secnews.physaphae.fr/article.php?IdArticle=8393138 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of the Curl library have released an advisory warning of two forthcoming security vulnerabilities that are expected to be addressed as part of updates released on October 11, 2023. This includes a high severity and a low-severity flaw tracked under the identifiers CVE-2023-38545 and CVE-2023-38546, respectively. Additional details about the issues and the exact version ranges]]> 2023-10-09T16:02:00+00:00 https://thehackernews.com/2023/10/security-patch-for-two-new-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8393139 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations. Microsoft, which revealed details of the activity in its fourth annual Digital Defense Report, is tracking the campaign under the name Storm-1133. "We assess this group works to further the interests of Hamas, a Sunni militant group that is]]> 2023-10-09T08:45:00+00:00 https://thehackernews.com/2023/10/gaza-linked-cyber-threat-actor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8392963 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As much as $7 billion in cryptocurrency has been illicitly laundered through cross-chain crime, with the North Korea-linked Lazarus Group linked to the theft of roughly $900 million of those proceeds between July 2022 and July of this year. "As traditional entities such as mixers continue to be subject to seizures and sanctions scrutiny, the crypto crime displacement to chain- or asset-hopping]]> 2023-10-06T20:26:00+00:00 https://thehackernews.com/2023/10/north-koreas-lazarus-group-launders-900.html www.secnews.physaphae.fr/article.php?IdArticle=8392275 False None APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed targeting semiconductor companies in East Asia with lures masquerading as Taiwan Semiconductor Manufacturing Company (TSMC) that are designed to deliver Cobalt Strike beacons. The intrusion set, per EclecticIQ, leverages a backdoor called HyperBro, which is then used as a conduit to deploy the commercial attack simulation software and post-exploitation toolkit.]]> 2023-10-06T17:19:00+00:00 https://thehackernews.com/2023/10/chinese-hackers-target-semiconductor.html www.secnews.physaphae.fr/article.php?IdArticle=8392211 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ensuring sensitive data remains confidential, protected from unauthorized access, and compliant with data privacy regulations is paramount. Data breaches result in financial and reputational damage but also lead to legal consequences. Therefore, robust data access security measures are essential to safeguard an organization\'s assets, maintain customer trust, and meet regulatory requirements.  A]]> 2023-10-06T15:51:00+00:00 https://thehackernews.com/2023/10/new-os-tool-tells-you-who-has-access-to.html www.secnews.physaphae.fr/article.php?IdArticle=8392178 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has announced an improvement to its secret scanning feature that extends validity checks to popular services such as Amazon Web Services (AWS), Microsoft, Google, and Slack. Validity checks, introduced by the Microsoft subsidiary earlier this year, alert users whether exposed tokens found by secret scanning are active, thereby allowing for effective remediation measures. It was first]]> 2023-10-06T14:23:00+00:00 https://thehackernews.com/2023/10/githubs-secret-scanning-feature-now.html www.secnews.physaphae.fr/article.php?IdArticle=8392159 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the Intelligent Platform Management Interface (IPMI) firmware for Supermicro baseboard management controllers (BMCs) that could result in privilege escalation and execution of malicious code on affected systems. The seven flaws, tracked from CVE-2023-40284 through CVE-2023-40290, vary in severity from High to Critical, according to Binarly]]> 2023-10-06T11:32:00+00:00 https://thehackernews.com/2023/10/supermicros-bmc-firmware-found.html www.secnews.physaphae.fr/article.php?IdArticle=8392121 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted Qakbot operators\' spam delivery infrastructure but rather only their]]> 2023-10-05T18:48:00+00:00 https://thehackernews.com/2023/10/qakbot-threat-actors-still-in-action.html www.secnews.physaphae.fr/article.php?IdArticle=8391856 False Ransomware,Spam,Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the presence of static user credentials for the root account that the company said is usually reserved for use during]]> 2023-10-05T17:32:00+00:00 https://thehackernews.com/2023/10/cisco-releases-urgent-patch-to-fix.html www.secnews.physaphae.fr/article.php?IdArticle=8391822 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low]]> 2023-10-05T16:18:00+00:00 https://thehackernews.com/2023/10/analysis-and-config-extraction-of.html www.secnews.physaphae.fr/article.php?IdArticle=8391803 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant written in C++ called DinodasRAT. The Slovak cybersecurity firm said it could link the intrusion to a known threat actor or group,]]> 2023-10-05T16:09:00+00:00 https://thehackernews.com/2023/10/guyana-governmental-entity-hit-by.html www.secnews.physaphae.fr/article.php?IdArticle=8391804 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims\' funds and backdoor infected devices. "The malware targets more than 50 Vietnamese banking, e-wallet and crypto wallet applications," Group-IB said. "There are indications that this threat might be poised to extend its reach across the wider APAC region and to]]> 2023-10-05T15:26:00+00:00 https://thehackernews.com/2023/10/golddigger-android-trojan-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8391805 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities newly added are below - CVE-2023-42793 (CVSS score: 9.8) - JetBrains TeamCity Authentication Bypass Vulnerability]]> 2023-10-05T15:00:00+00:00 https://thehackernews.com/2023/10/cisa-warns-of-active-exploitation-of.html www.secnews.physaphae.fr/article.php?IdArticle=8391786 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said it addressed the problem with improved checks. "Apple is aware of a report that this issue may have]]> 2023-10-05T09:12:00+00:00 https://thehackernews.com/2023/10/apple-rolls-out-security-patches-for.html www.secnews.physaphae.fr/article.php?IdArticle=8391718 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as CVE-2023-22515, is remotely exploitable and allows external attackers to create unauthorized Confluence administrator accounts and access Confluence servers. It does not impact Confluence versions prior to]]> 2023-10-05T08:58:00+00:00 https://thehackernews.com/2023/10/atlassian-confluence-hit-by-newly.html www.secnews.physaphae.fr/article.php?IdArticle=8391719 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings have identified connections between an Android spyware called DragonEgg and another sophisticated modular iOS surveillanceware tool named LightSpy. DragonEgg, alongside WyrmSpy (aka AndroidControl), was first disclosed by Lookout in July 2023 as a strain of malware capable of gathering sensitive data from Android devices. It was attributed to the Chinese nation-state group APT41. On]]> 2023-10-04T20:39:00+00:00 https://thehackernews.com/2023/10/researchers-link-dragonegg-android.html www.secnews.physaphae.fr/article.php?IdArticle=8391492 False Malware,Tool APT 41,APT 41 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today, mid-sized companies and their CISOs are struggling to handle the growing threat of SaaS security with limited manpower and tight budgets. Now, this may be changing. By focusing on the critical SaaS security needs of these companies, a new approach has emerged that can be launched for $1,500 a year. If the name Wing Security (Wing) rings a bell, it is probably because earlier this year,]]> 2023-10-04T17:24:00+00:00 https://thehackernews.com/2023/10/wing-disrupts-market-by-introducing.html www.secnews.physaphae.fr/article.php?IdArticle=8391408 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new deceptive package hidden within the npm package registry has been uncovered deploying an open-source rootkit called r77, marking the first time a rogue package has delivered rootkit functionality. The package in question is node-hide-console-windows, which mimics the legitimate npm package node-hide-console-window in what\'s an instance of a typosquatting campaign. It was downloaded 704]]> 2023-10-04T16:46:00+00:00 https://thehackernews.com/2023/10/rogue-npm-package-deploys-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8391409 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. "The attackers initially exploited a SQL injection vulnerability in an application within the target\'s environment," security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen said in a Tuesday report. "This allowed the]]> 2023-10-04T15:48:00+00:00 https://thehackernews.com/2023/10/microsoft-warns-of-cyber-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8391371 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Linux security vulnerability dubbed Looney Tunables has been discovered in the GNU C library\'s ld.so dynamic loader that, if successfully exploited, could lead to a local privilege escalation and allow a threat actor to gain root privileges. Tracked as CVE-2023-4911 (CVSS score: 7.8), the issue is a buffer overflow that resides in the dynamic loader\'s processing of the GLIBC_TUNABLES]]> 2023-10-04T12:51:00+00:00 https://thehackernews.com/2023/10/looney-tunables-new-linux-flaw-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8391312 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other zero-days have come under active exploitation. Of the 17 flaws, three are rated Critical, 13 are rated High, and one is rated Medium in severity. "There are indications from Google Threat Analysis Group and Google Project Zero that CVE-2023-33106, CVE-2023-33107,]]> 2023-10-03T22:07:00+00:00 https://thehackernews.com/2023/10/qualcomm-releases-patch-for-3-new-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8391073 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed multiple critical security flaws in the TorchServe tool for serving and scaling PyTorch models that could be chained to achieve remote code execution on affected systems. Israel-based runtime application security company Oligo, which made the discovery, has coined the vulnerabilities ShellTorch. "These vulnerabilities [...] can lead to a full chain Remote]]> 2023-10-03T21:54:00+00:00 https://thehackernews.com/2023/10/warning-pytorch-models-vulnerable-to.html www.secnews.physaphae.fr/article.php?IdArticle=8391074 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nearly three dozen counterfeit packages have been discovered in the npm package repository that are designed to exfiltrate sensitive data from developer systems, according to findings from Fortinet FortiGuard Labs. One set of packages – named @expue/webpack, @expue/core, @expue/vue3-renderer, @fixedwidthtable/fixedwidthtable, and @virtualsearchtable/virtualsearchtable – harbored an obfuscated]]> 2023-10-03T20:29:00+00:00 https://thehackernews.com/2023/10/over-3-dozen-data-stealing-malicious.html www.secnews.physaphae.fr/article.php?IdArticle=8391037 False Threat,General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) APIs, also known as application programming interfaces, serve as the backbone of modern software applications, enabling seamless communication and data exchange between different systems and platforms. They provide developers with an interface to interact with external services, allowing them to integrate various functionalities into their own applications. However, this increased reliance on]]> 2023-10-03T17:22:00+00:00 https://thehackernews.com/2023/10/api-security-trends-2023-have.html www.secnews.physaphae.fr/article.php?IdArticle=8390932 False Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security Configuration Assessment (SCA) is critical to an organization\'s cybersecurity strategy. SCA aims to discover vulnerabilities and misconfigurations that malicious actors exploit to gain unauthorized access to systems and data. Regular security configuration assessments are essential in maintaining a secure and compliant environment, as this minimizes the risk of cyber attacks. The]]> 2023-10-03T17:18:00+00:00 https://thehackernews.com/2023/10/protecting-your-it-infrastructure-with.html www.secnews.physaphae.fr/article.php?IdArticle=8390933 False Vulnerability,Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Firewall and distributed denial-of-service (DDoS) attack prevention mechanisms in Cloudflare can be circumvented by exploiting gaps in cross-tenant security controls, defeating the very purpose of these safeguards, it has emerged. "Attackers can utilize their own Cloudflare accounts to abuse the per-design trust-relationship between Cloudflare and the customers\' websites, rendering the]]> 2023-10-03T14:59:00+00:00 https://thehackernews.com/2023/10/researcher-reveal-new-technique-to.html www.secnews.physaphae.fr/article.php?IdArticle=8390869 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Arm has released security patches to contain a security flaw in the Mali GPU Kernel Driver that has come under active exploitation in the wild. Tracked as CVE-2023-4211, the shortcoming impacts the following driver versions - Midgard GPU Kernel Driver: All versions from r12p0 - r32p0 Bifrost GPU Kernel Driver: All versions from r0p0 - r42p0 Valhall GPU Kernel Driver: All versions from r19p0 -]]> 2023-10-03T10:28:00+00:00 https://thehackernews.com/2023/10/arm-issues-patch-for-mali-gpu-kernel.html www.secnews.physaphae.fr/article.php?IdArticle=8390786 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR-3 targets Fortune 2000 companies across various sectors, including but not limited to Software, Retail, Hospitality,]]> 2023-10-02T16:51:00+00:00 https://thehackernews.com/2023/10/lucr-3-scattered-spider-getting-saas-y.html www.secnews.physaphae.fr/article.php?IdArticle=8390455 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduction In today\'s interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of information and functionalities. However, as the use of APIs continues to rise, they have become an increasingly attractive]]> 2023-10-02T16:51:00+00:00 https://thehackernews.com/2023/10/apis-unveiling-silent-killer-of-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8390454 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with web skimmers for more than a year. The BlackBerry Research and Intelligence Team is tracking the activity under the name Silent Skimmer, attributing it to an actor who is knowledgeable in the Chinese language. Prominent victims include online businesses and]]> 2023-10-02T16:50:00+00:00 https://thehackernews.com/2023/10/silent-skimmer-year-long-web-skimming.html www.secnews.physaphae.fr/article.php?IdArticle=8390456 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that could have adverse impacts when importing a specially crafted project in versions 3.7.3 and below. "Although OpenRefine]]> 2023-10-02T13:32:00+00:00 https://thehackernews.com/2023/10/openrefines-zip-slip-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8390402 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that\'s being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing browser credentials and system information, and much more," Zscaler ThreatLabz researchers Niraj Shivtarkar and]]> 2023-10-02T11:01:00+00:00 https://thehackernews.com/2023/10/bunnyloader-new-malware-as-service.html www.secnews.physaphae.fr/article.php?IdArticle=8390353 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis\'s main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user into enabling the Accessibility permissions in order to take full control of the device," Kaspersky said in an]]> 2023-10-02T10:32:00+00:00 https://thehackernews.com/2023/10/zanubis-android-banking-trojan-poses-as.html www.secnews.physaphae.fr/article.php?IdArticle=8390327 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023. "During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal," the FBI said in an alert. "Variants]]> 2023-09-30T15:19:00+00:00 https://thehackernews.com/2023/09/fbi-warns-of-rising-trend-of-dual.html www.secnews.physaphae.fr/article.php?IdArticle=8389842 False Ransomware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Sophisticated cyber actors backed by Iran known as OilRig have been linked to a spear-phishing campaign that infects victims with a new strain of malware called Menorah. "The malware was designed for cyberespionage, capable of identifying the machine, reading and uploading files from the machine, and downloading another file or malware," Trend Micro researchers Mohamed Fahmy and Mahmoud Zohdy]]> 2023-09-30T14:51:00+00:00 https://thehackernews.com/2023/09/iranian-apt-group-oilrig-using-new.html www.secnews.physaphae.fr/article.php?IdArticle=8389819 False Malware,Prediction APT 34 3.0000000000000000