This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T13:19:18+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.," Kaspersky said in an analysis published this week. DoubleFinger was first]]> 2023-09-29T22:13:00+00:00 https://thehackernews.com/2023/09/cybercriminals-using-new-asmcrypt.html www.secnews.physaphae.fr/article.php?IdArticle=8389581 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta. "Employees of the targeted company were contacted by a fake recruiter via LinkedIn and tricked into opening a malicious executable file presenting itself as a coding]]> 2023-09-29T17:40:00+00:00 https://thehackernews.com/2023/09/lazarus-group-impersonates-recruiter.html www.secnews.physaphae.fr/article.php?IdArticle=8389485 False Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it\'s keeping them up tonight.  Today, many rely on encryption in their daily lives to protect their fundamental digital privacy and security, whether for messaging friends and family, storing files and photos, or]]> 2023-09-29T17:18:00+00:00 https://thehackernews.com/2023/09/post-quantum-cryptography-finally-real.html www.secnews.physaphae.fr/article.php?IdArticle=8389465 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious ads served inside Microsoft Bing\'s artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations. Introduced by Microsoft in February 2023, Bing Chat is an]]> 2023-09-29T14:43:00+00:00 https://thehackernews.com/2023/09/microsofts-ai-powered-bing-chat-ads-may.html www.secnews.physaphae.fr/article.php?IdArticle=8389414 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.2, a]]> 2023-09-29T11:45:00+00:00 https://thehackernews.com/2023/09/progress-software-releases-urgent.html www.secnews.physaphae.fr/article.php?IdArticle=8389366 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts all versions of the software that have the GDOI or G-IKEv2 protocol enabled. The]]> 2023-09-29T08:32:00+00:00 https://thehackernews.com/2023/09/cisco-warns-of-vulnerability-in-ios-and.html www.secnews.physaphae.fr/article.php?IdArticle=8389325 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project\'s defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code]]> 2023-09-28T22:52:00+00:00 https://thehackernews.com/2023/09/github-repositories-hit-by-password.html www.secnews.physaphae.fr/article.php?IdArticle=8389148 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a malicious cyber actor dubbed BlackTech by the U.S. National Security Agency (NSA), Federal Bureau of]]> 2023-09-28T19:17:00+00:00 https://thehackernews.com/2023/09/chinas-blacktech-hacking-group.html www.secnews.physaphae.fr/article.php?IdArticle=8389064 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today\'s SaaS-centric world. The limitations of Browser Isolation, such as degraded browser performance and inability to tackle]]> 2023-09-28T16:43:00+00:00 https://thehackernews.com/2023/09/the-dark-side-of-browser-isolation-and.html www.secnews.physaphae.fr/article.php?IdArticle=8389027 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took place in August 2023, with the adversary deploying an improved version of its SysUpdate toolkit, the Symantec Threat Hunter Team,]]> 2023-09-28T15:43:00+00:00 https://thehackernews.com/2023/09/china-linked-budworm-targeting-middle.html www.secnews.physaphae.fr/article.php?IdArticle=8389005 False Malware,Threat APT 27 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). Exploitation of such buffer overflow flaws can]]> 2023-09-28T08:43:00+00:00 https://thehackernews.com/2023/09/update-chrome-now-google-releases-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8388898 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," adding that "the phishing attack activity captured this time is part of the attacker\'s targeted strike on]]> 2023-09-27T20:12:00+00:00 https://thehackernews.com/2023/09/red-cross-themed-phishing-attacks.html www.secnews.physaphae.fr/article.php?IdArticle=8388434 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. "This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at Austin, Carnegie Mellon University, University of]]> 2023-09-27T18:25:00+00:00 https://thehackernews.com/2023/09/researchers-uncover-new-gpu-side.html www.secnews.physaphae.fr/article.php?IdArticle=8388393 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data security is in the headlines often, and it\'s almost never for a positive reason. Major breaches, new ways to hack into an organization\'s supposedly secure data, and other threats make the news because well, it\'s scary - and expensive.  Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but they are even more costly when they occur, with the]]> 2023-09-27T16:53:00+00:00 https://thehackernews.com/2023/09/new-survey-uncovers-how-companies-are.html www.secnews.physaphae.fr/article.php?IdArticle=8388299 False Ransomware,Malware,Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware strain called ZenRAT has emerged in the wild that\'s distributed via bogus installation packages of the Bitwarden password manager. "The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report. "The malware is a modular remote access trojan (RAT) with information]]> 2023-09-27T14:08:00+00:00 https://thehackernews.com/2023/09/new-zenrat-malware-targeting-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8388261 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild. Tracked as CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the CVSS rating system. It has been described as an issue rooted in the Huffman coding algorithm - With a specially]]> 2023-09-27T10:53:00+00:00 https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html www.secnews.physaphae.fr/article.php?IdArticle=8388219 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system. The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric information to complete the step. Based on FIDO standards, Passkeys were first announced in May]]> 2023-09-26T22:34:00+00:00 https://thehackernews.com/2023/09/microsoft-is-rolling-out-support-for.html www.secnews.physaphae.fr/article.php?IdArticle=8388076 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs," Group-IB and Bridewell said in a new joint report. The actor, active since]]> 2023-09-26T21:26:00+00:00 https://thehackernews.com/2023/09/shadowsyndicate-new-cybercrime-group.html www.secnews.physaphae.fr/article.php?IdArticle=8388055 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SOC 2, ISO, HIPAA, Cyber Essentials – all the security frameworks and certifications today are an acronym soup that can make even a compliance expert\'s head spin. If you\'re embarking on your compliance journey, read on to discover the differences between standards, which is best for your business, and how vulnerability management can aid compliance. What is cybersecurity compliance?]]> 2023-09-26T17:20:00+00:00 https://thehackernews.com/2023/09/essential-guide-to-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8387980 False Vulnerability,General Information,Legislation,Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent]]> 2023-09-26T17:19:00+00:00 https://thehackernews.com/2023/09/xenomorph-banking-trojan-new-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8387981 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How To Use This Report Enhance situational awareness of techniques used by threat actors Identify potential attacks targeting your industry Gain insights to help improve and accelerate your organization\'s threat response Summary of Findings The Network Effect Threat Report offers insights based on unique data from Fastly\'s Next-Gen WAF from Q2 2023 (April 1, 2023 to June 30, 2023). This report]]> 2023-09-26T16:02:00+00:00 https://thehackernews.com/2023/09/threat-report-high-tech-industry.html www.secnews.physaphae.fr/article.php?IdArticle=8387963 False Threat,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future\'s Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese military intelligence and poses a significant threat to academic, aerospace and defense, government,]]> 2023-09-26T15:19:00+00:00 https://thehackernews.com/2023/09/chinese-hackers-tag-74-targets-south.html www.secnews.physaphae.fr/article.php?IdArticle=8387932 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6,]]> 2023-09-26T10:30:00+00:00 https://thehackernews.com/2023/09/critical-jetbrains-teamcity-flaw-could.html www.secnews.physaphae.fr/article.php?IdArticle=8387874 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface," Securonix researchers Den]]> 2023-09-25T18:35:00+00:00 https://thehackernews.com/2023/09/ukrainian-military-targeted-in-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8387609 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are unleashing waves of productivity across the business, from IT, to customer experience, to engineering. That\'s on the one hand.  On the other end of this fencing match: risk. From IP leakage and data privacy risks to the empowering of cybercriminals with AI tools, generative AI]]> 2023-09-25T17:11:00+00:00 https://thehackernews.com/2023/09/watch-webinar-ai-vs-ai-harnessing-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8387573 False Tool ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Weak password policies leave organizations vulnerable to attacks. But are the standard password complexity requirements enough to secure them? 83% of compromised passwords would satisfy the password complexity and length requirements of compliance standards. That\'s because bad actors already have access to billions of stolen credentials that can be used to compromise additional accounts by]]> 2023-09-25T16:49:00+00:00 https://thehackernews.com/2023/09/are-you-willing-to-pay-high-cost-of.html www.secnews.physaphae.fr/article.php?IdArticle=8387574 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. "The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users," Volexity security researchers Callum Roxan, Paul]]> 2023-09-25T16:04:00+00:00 https://thehackernews.com/2023/09/from-watering-hole-to-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8387555 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously on the same victims\' machines, each cluster is characterized by distinct tools, modus operandi and infrastructure," Palo Alto]]> 2023-09-25T12:15:00+00:00 https://thehackernews.com/2023/09/new-report-uncovers-three-distinct.html www.secnews.physaphae.fr/article.php?IdArticle=8387516 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph\'s architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said in a new report shared with The Hacker News. "This combination]]> 2023-09-23T16:40:00+00:00 https://thehackernews.com/2023/09/deadglyph-new-advanced-backdoor-with.html www.secnews.physaphae.fr/article.php?IdArticle=8387051 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for President in the 2024 Egyptian elections," the]]> 2023-09-23T11:42:00+00:00 https://thehackernews.com/2023/09/latest-apple-zero-days-used-to-hack.html www.secnews.physaphae.fr/article.php?IdArticle=8386991 False Hack None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An active malware campaign targeting Latin America is dispensing a new variant of a banking trojan called BBTok, particularly users in Brazil and Mexico. "The BBTok banker has a dedicated functionality that replicates the interfaces of more than 40 Mexican and Brazilian banks, and tricks the victims into entering its 2FA code to their bank accounts or into entering their payment card number,"]]> 2023-09-22T20:18:00+00:00 https://thehackernews.com/2023/09/new-variant-of-banking-trojan-bbtok.html www.secnews.physaphae.fr/article.php?IdArticle=8386777 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thorough, independent tests are a vital resource for analyzing provider\'s capabilities to guard against increasingly sophisticated threats to their organization. And perhaps no assessment is more widely trusted than the annual MITRE Engenuity ATT&CK Evaluation.  This testing is critical for evaluating vendors because it\'s virtually impossible to evaluate cybersecurity vendors based on their own]]> 2023-09-22T16:20:00+00:00 https://thehackernews.com/2023/09/how-to-interpret-2023-mitre-att.html www.secnews.physaphae.fr/article.php?IdArticle=8386681 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Israeli organizations were targeted as part of two different campaigns orchestrated by the Iranian nation-state actor known as OilRig in 2021 and 2022. The campaigns, dubbed Outer Space and Juicy Mix, entailed the use of two previously documented first-stage backdoors called Solar and Mango, which were deployed to collect sensitive information from major browsers and the Windows Credential]]> 2023-09-22T14:55:00+00:00 https://thehackernews.com/2023/09/iranian-nation-state-actor-oilrig.html www.secnews.physaphae.fr/article.php?IdArticle=8386640 False None APT 34 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647 (CVSS score: 7.5) - A deserialization]]> 2023-09-22T13:30:00+00:00 https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8386624 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day bugs discovered in its software this year to 16. The list of security vulnerabilities is as follows - CVE-2023-41991 - A certificate validation issue in the Security framework that could allow a]]> 2023-09-22T07:41:00+00:00 https://thehackernews.com/2023/09/apple-rushes-to-patch-3-new-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8386550 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time (JIT) compiler for the Lua programming language known as LuaJIT as a vehicle to deploy a novel implant called LuaDream. "The activities we]]> 2023-09-22T01:25:00+00:00 https://thehackernews.com/2023/09/mysterious-sandman-threat-actor-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8386440 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. "This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that the malware\'s developers are operating at an extremely high development cadence," Cado Security researcher Matt Muir]]> 2023-09-21T18:21:00+00:00 https://thehackernews.com/2023/09/researchers-raise-red-flag-on-p2pinfect.html www.secnews.physaphae.fr/article.php?IdArticle=8386356 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace, or Microsoft 365. Security concerns center on the permission scopes that are granted to the third party apps, and the potential]]> 2023-09-21T16:08:00+00:00 https://thehackernews.com/2023/09/the-rise-of-malicious-app.html www.secnews.physaphae.fr/article.php?IdArticle=8386252 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) China\'s Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei\'s servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government authority said U.S. intelligence agencies have "done everything possible" to conduct surveillance, secret theft, and intrusions on]]> 2023-09-21T15:09:00+00:00 https://thehackernews.com/2023/09/china-accuses-us-of-decade-long-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8386222 False None None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant). "This financially motivated]]> 2023-09-21T14:41:00+00:00 https://thehackernews.com/2023/09/cyber-group-gold-melody-selling.html www.secnews.physaphae.fr/article.php?IdArticle=8386223 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software," it said in an alert last week. "Only a small subset of users, specifically]]> 2023-09-21T14:18:00+00:00 https://thehackernews.com/2023/09/ukrainian-hacker-suspected-to-be-behind.html www.secnews.physaphae.fr/article.php?IdArticle=8386204 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with VenomRAT malware. "The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly available PoC script that exploited a SQL injection vulnerability in an application called GeoServer, which is tracked as]]> 2023-09-21T10:33:00+00:00 https://thehackernews.com/2023/09/beware-fake-exploit-for-winrar.html www.secnews.physaphae.fr/article.php?IdArticle=8386156 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden service in the encrypted TOR network," the Finnish Customs (aka Tulli) said in a brief announcement on Tuesday. "The site has been used in anonymous criminal activities such as narcotics trade." The agency]]> 2023-09-20T18:21:00+00:00 https://thehackernews.com/2023/09/finnish-authorities-dismantle-notorious.html www.secnews.physaphae.fr/article.php?IdArticle=8385842 False Legislation None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following responsible disclosure on August 4, 2023, They have been patched as of September 11, 2023, with]]> 2023-09-20T18:08:00+00:00 https://thehackernews.com/2023/09/critical-security-flaws-exposed-in.html www.secnews.physaphae.fr/article.php?IdArticle=8385812 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Well, you shouldn\'t. It may already be hiding vulnerabilities. It\'s the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web components, JS frameworks, and open-source tools to deliver all the different functionalities that keep their customers happy, but this chain of dependencies is also what makes them so vulnerable. Many of]]> 2023-09-20T16:04:00+00:00 https://thehackernews.com/2023/09/do-you-really-trust-your-web.html www.secnews.physaphae.fr/article.php?IdArticle=8385759 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages so far: @am-fe/hooks, @am-fe/provider, @am-fe/request, @am-fe/utils, @am-fe/watermark, @am-fe/watermark-core,]]> 2023-09-20T15:43:00+00:00 https://thehackernews.com/2023/09/fresh-wave-of-malicious-npm-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8385760 False None Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. "Campaigns include Chinese-language lures and malware typically associated with Chinese cybercrime activity," enterprise security firm Proofpoint said in a report shared with The]]> 2023-09-20T15:26:00+00:00 https://thehackernews.com/2023/09/sophisticated-phishing-campaign_20.html www.secnews.physaphae.fr/article.php?IdArticle=8385761 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Encrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading the Extended Triple Diffie-Hellman (X3DH) specification to Post-Quantum Extended Diffie-Hellman (PQXDH). "With this upgrade, we are adding a layer of protection against the threat of a quantum computer being built in the future that is powerful enough to break current]]> 2023-09-20T14:59:00+00:00 https://thehackernews.com/2023/09/signal-messenger-introduces-pqxdh.html www.secnews.physaphae.fr/article.php?IdArticle=8385730 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user. The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4. "It was possible for an attacker to run pipelines as an arbitrary user via scheduled]]> 2023-09-20T12:48:00+00:00 https://thehackernews.com/2023/09/gitlab-releases-urgent-security-patches.html www.secnews.physaphae.fr/article.php?IdArticle=8385714 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), it relates to a third-party antivirus uninstaller module that\'s bundled along with the software. The complete list of impacted]]> 2023-09-20T10:58:00+00:00 https://thehackernews.com/2023/09/trend-micro-releases-urgent-fix-for.html www.secnews.physaphae.fr/article.php?IdArticle=8385635 False Vulnerability,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Telecommunication service providers in the Middle East are the target of a new intrusion set dubbed ShroudedSnooper that employs a stealthy backdoor called HTTPSnoop. "HTTPSnoop is a simple, yet effective, backdoor that consists of novel techniques to interface with Windows HTTP kernel drivers and devices to listen to incoming requests for specific HTTP(S) URLs and execute that content on the]]> 2023-09-19T18:05:00+00:00 https://thehackernews.com/2023/09/shroudedsnoopers-httpsnoop-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8385299 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Targets located in Azerbaijan have been singled out as part of a new campaign that\'s designed to deploy Rust-based malware on compromised systems. Cybersecurity firm Deep Instinct is tracking the operation under the name Operation Rusty Flag. It has not been associated with any known threat actor or group. "The operation has at least two different initial access vectors," security researchers]]> 2023-09-19T17:35:00+00:00 https://thehackernews.com/2023/09/operation-rusty-flag-azerbaijan.html www.secnews.physaphae.fr/article.php?IdArticle=8385300 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe.  Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its functionality and solidified its staying power.  The analyst team at ANY.RUN came across the newest]]> 2023-09-19T17:02:00+00:00 https://thehackernews.com/2023/09/inside-code-of-new-xworm-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8385301 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary\'s attacks against public and private sector entities across Asia, Australia, Europe, North America. Active since 2021, the group has relied on]]> 2023-09-19T16:40:00+00:00 https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8385302 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the adoption of generative AI tools, like ChatGPT, continues to surge, so does the risk of data exposure. According to Gartner\'s "Emerging Tech: Top 4 Security Risks of GenAI" report, privacy and data security is one of the four major emerging risks within generative AI. A new webinar featuring a multi-time Fortune 100 CISO and the CEO of LayerX, a browser extension solution, delves into this]]> 2023-09-19T15:59:00+00:00 https://thehackernews.com/2023/09/live-webinar-overcoming-generative-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8385252 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw. VulnCheck, which discovered a new exploit for CVE-2023-36845, said it could be exploited by an "unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system." CVE-2023-36845 refers to a]]> 2023-09-19T15:00:00+00:00 https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html www.secnews.physaphae.fr/article.php?IdArticle=8385232 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT mobile remote access trojan (RAT), demonstrating the continued evolution of the activity. "CapraRAT is a highly invasive tool that gives the attacker control over much of the data on the Android devices that it infects," SentinelOne security]]> 2023-09-19T12:26:00+00:00 https://thehackernews.com/2023/09/transparent-tribe-uses-fake-youtube.html www.secnews.physaphae.fr/article.php?IdArticle=8385200 False Malware,Tool,Threat APT 36 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company\'s AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source training data, Wiz said. It also included a disk backup of two former employees\' workstations containing secrets]]> 2023-09-19T09:35:00+00:00 https://thehackernews.com/2023/09/microsoft-ai-researchers-accidentally.html www.secnews.physaphae.fr/article.php?IdArticle=8385154 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A novel cloud-native cryptojacking operation has set its eyes on uncommon Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to illicitly mine cryptocurrency. The malicious cyber activity has been codenamed AMBERSQUID by cloud and container security firm Sysdig. "The AMBERSQUID operation was able to exploit cloud services without triggering the AWS]]> 2023-09-18T18:00:00+00:00 https://thehackernews.com/2023/09/new-ambersquid-cryptojacking-operation.html www.secnews.physaphae.fr/article.php?IdArticle=8384864 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) When you roll out a security product, you assume it will fulfill its purpose. Unfortunately, however, this often turns out not to be the case. A new report, produced by Osterman Research and commissioned by Silverfort, reveals that MFA (Multi-Factor Authentication) and PAM (Privileged Access Management) solutions are almost never deployed comprehensively enough to provide resilience to identity]]> 2023-09-18T17:51:00+00:00 https://thehackernews.com/2023/09/think-your-mfa-and-pam-solutions.html www.secnews.physaphae.fr/article.php?IdArticle=8384865 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new analysis of the Android banking trojan known as Hook has revealed that it\'s based on its predecessor called ERMAC. "The ERMAC source code was used as a base for Hook," NCC Group security researchers Joshua Kamp and Alberto Segura said in a technical analysis published last week. "All commands (30 in total) that the malware operator can send to a device infected with ERMAC malware, also]]> 2023-09-18T17:41:00+00:00 https://thehackernews.com/2023/09/hook-new-android-banking-trojan-that.html www.secnews.physaphae.fr/article.php?IdArticle=8384866 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Software development company Retool has disclosed that the accounts of 27 of its cloud customers were compromised following a targeted and SMS-based social engineering attack. The San Francisco-based firm blamed a Google Account cloud synchronization feature recently introduced in April 2023 for making the breach worse, calling it a "dark pattern." "The fact that Google Authenticator syncs to]]> 2023-09-18T12:30:00+00:00 https://thehackernews.com/2023/09/retool-falls-victim-to-sms-based.html www.secnews.physaphae.fr/article.php?IdArticle=8384764 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actor known as UNC3944 is pivoting to ransomware deployment as part of an expansion to its monetization strategies, Mandiant has revealed. "UNC3944 has demonstrated a stronger focus on stealing large amounts of sensitive data for extortion purposes and they appear to understand Western business practices, possibly due to the geographical composition of the group,]]> 2023-09-18T08:46:00+00:00 https://thehackernews.com/2023/09/financially-motivated-unc3944-threat.html www.secnews.physaphae.fr/article.php?IdArticle=8384683 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-affiliated Lazarus Group has stolen nearly $240 million in cryptocurrency since June 2023, marking a significant escalation of its hacks. According to multiple reports from Certik, Elliptic, and ZachXBT, the infamous hacking group is said to be suspected behind the theft of $31 million in digital assets from the CoinEx exchange on September 12, 2023. The crypto heist aimed at]]> 2023-09-17T12:02:00+00:00 https://thehackernews.com/2023/09/north-koreas-lazarus-group-suspected-in.html www.secnews.physaphae.fr/article.php?IdArticle=8384403 False None APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Irish Data Protection Commission (DPC) slapped TikTok with a €345 million (about $368 million) fine for violating the European Union\'s General Data Protection Regulation (GDPR) in relation to its handling of children\'s data. The investigation, initiated in September 2021, examined how the popular short-form video platform processed personal data relating to child users (those between the]]> 2023-09-16T18:30:00+00:00 https://thehackernews.com/2023/09/tiktok-faces-massive-345-million-fine.html www.secnews.physaphae.fr/article.php?IdArticle=8384130 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The volume of cybersecurity vulnerabilities is rising, with close to 30% more vulnerabilities found in 2022 vs. 2018. Costs are also rising, with a data breach in 2023 costing $4.45M on average vs. $3.62M in 2017. In Q2 2023, a total of 1386 victims were claimed by ransomware attacks compared with just 831 in Q1 2023. The MOVEit attack has claimed over 600 victims so far and that number is still]]> 2023-09-15T16:43:00+00:00 https://thehackernews.com/2023/09/the-interdependence-between-automated.html www.secnews.physaphae.fr/article.php?IdArticle=8383674 False Ransomware,Data Breach,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company\'s location-privacy practices misled consumers and violated consumer protection laws. "Our investigation revealed that Google was telling its users one thing – that it would no longer track their location once they opted out – but doing the opposite and continuing to]]> 2023-09-15T16:40:00+00:00 https://thehackernews.com/2023/09/google-agrees-to-93-million-settlement.html www.secnews.physaphae.fr/article.php?IdArticle=8383675 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing campaign is targeting Facebook Business accounts with bogus messages to harvest victims\' credentials using a variant of the Python-based NodeStealer and potentially take over their accounts for follow-on malicious activities.  "The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology]]> 2023-09-15T15:50:00+00:00 https://thehackernews.com/2023/09/nodestealer-malware-now-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8383661 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Internet of Things (IoT) is transforming efficiency in various sectors like healthcare and logistics but has also introduced new security risks, particularly IoT-driven DDoS attacks. This article explores how these attacks work, why they\'re uniquely problematic, and how to mitigate them. What Is IoT? IoT (Internet of Things) refers to online, interconnected devices that collect and exchange]]> 2023-09-15T15:34:00+00:00 https://thehackernews.com/2023/09/ddos-20-iot-sparks-new-ddos-alert.html www.secnews.physaphae.fr/article.php?IdArticle=8383662 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind RedLine and Vidar information stealers have been observed pivoting to ransomware through phishing campaigns that spread initial payloads signed with Extended Validation (EV) code signing certificates. "This suggests that the threat actors are streamlining operations by making their techniques multipurpose," Trend Micro researchers said in a new analysis published this]]> 2023-09-15T14:19:00+00:00 https://thehackernews.com/2023/09/cybercriminals-combine-phishing-and-ev.html www.secnews.physaphae.fr/article.php?IdArticle=8383639 False Ransomware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal. The tech giant, which is tracking the activity under the name Peach Sandstorm (formerly Holmium), said the adversary pursued organizations in the satellite, defense, and pharmaceutical sectors to likely facilitate]]> 2023-09-15T09:44:00+00:00 https://thehackernews.com/2023/09/iranian-nation-state-actors-employ.html www.secnews.physaphae.fr/article.php?IdArticle=8383564 False Threat APT 33 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems. "Using environment variable poisoning, attackers could chain these vulnerabilities to elevate privileges and run code in the targeted program\'s context or perform other malicious]]> 2023-09-14T19:37:00+00:00 https://thehackernews.com/2023/09/microsoft-uncovers-flaws-in-ncurses.html www.secnews.physaphae.fr/article.php?IdArticle=8382693 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system. The campaign, which took place between 2020 and 2022, is no longer active. "]]> 2023-09-14T18:48:00+00:00 https://thehackernews.com/2023/09/free-download-manager-site-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8382668 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Employee offboarding is no one\'s favorite task, yet it is a critical IT process that needs to be executed diligently and efficiently. That\'s easier said than done, especially considering that IT organizations have less visibility and control over employees\' IT use than ever. Today, employees can easily adopt new cloud and SaaS applications whenever and wherever they want, and the old IT]]> 2023-09-14T17:06:00+00:00 https://thehackernews.com/2023/09/avoid-these-5-it-offboarding-pitfalls.html www.secnews.physaphae.fr/article.php?IdArticle=8382651 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in N-Able\'s Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges. Tracked as CVE-2023-27470 (CVSS score: 8.8), the issue relates to a Time-of-Check to Time-of-Use (TOCTOU) race condition vulnerability, which, when successfully exploited, could be leveraged to delete arbitrary files on a Windows]]> 2023-09-14T15:22:00+00:00 https://thehackernews.com/2023/09/n-ables-take-control-agent.html www.secnews.physaphae.fr/article.php?IdArticle=8382618 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group\'s Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around February 10, 2023. Timchenko is the executive editor and owner of Meduza, an independent news publication]]> 2023-09-14T14:21:00+00:00 https://thehackernews.com/2023/09/russian-journalists-iphone-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8382573 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes. Fixes for the vulnerabilities were released on August]]> 2023-09-13T19:35:00+00:00 https://thehackernews.com/2023/09/alert-new-kubernetes-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8382342 False Vulnerability Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics service that could be weaponized by a threat actor to carry out malicious activities. "The identified vulnerabilities consisted of six stored XSS and two reflected XSS vulnerabilities, each of which could be exploited to perform unauthorized actions,]]> 2023-09-13T19:01:00+00:00 https://thehackernews.com/2023/09/researchers-detail-8-vulnerabilities-in.html www.secnews.physaphae.fr/article.php?IdArticle=8382318 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster innovation. But with great power comes great responsibility. As organizations integrate more SaaS applications into their workflows, they inadvertently open the door to a new era of security threats. The stakes? Your invaluable data and the trust]]> 2023-09-13T17:16:00+00:00 https://thehackernews.com/2023/09/webinar-identity-threat-detection.html www.secnews.physaphae.fr/article.php?IdArticle=8382301 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deploy LockBit (aka Bitwise Spider or Syrphid) in the target network. "3AM is written in Rust and appears to be a completely new malware family," the Symantec Threat Hunter Team, part of Broadcom, said in]]> 2023-09-13T15:26:00+00:00 https://thehackernews.com/2023/09/rust-written-3am-ransomware-sneak-peek.html www.secnews.physaphae.fr/article.php?IdArticle=8382266 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole.  From]]> 2023-09-13T15:26:00+00:00 https://thehackernews.com/2023/09/how-cyberattacks-are-transforming.html www.secnews.physaphae.fr/article.php?IdArticle=8382265 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as lures to infiltrate corporate networks. The tech giant\'s Threat Intelligence team is tracking the cluster under the name Storm-0324, which is also known by the monikers TA543 and Sagrid. "Beginning in July 2023, Storm-0324 was observed distributing payloads using an]]> 2023-09-13T14:47:00+00:00 https://thehackernews.com/2023/09/microsoft-warns-of-new-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8382203 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released software fixes to remediate 59 bugs spanning its product portfolio, including two zero-day flaws that have been actively exploited by malicious cyber actors. Of the 59 vulnerabilities, five are rated Critical, 55 are rated Important, and one is rated Moderate in severity. The update is in addition to 35 flaws patched in the Chromium-based Edge browser since last month\'s]]> 2023-09-13T10:48:00+00:00 https://thehackernews.com/2023/09/microsoft-releases-patch-for-two-new.html www.secnews.physaphae.fr/article.php?IdArticle=8382145 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Adobe\'s Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the CVSS scoring system and impacts both Windows and macOS versions of Acrobat DC, Acrobat Reader DC,]]> 2023-09-13T08:27:00+00:00 https://thehackernews.com/2023/09/update-adobe-acrobat-and-reader-to.html www.secnews.physaphae.fr/article.php?IdArticle=8382110 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming, assigned the identifier CVE-2023-4863, is a heap buffer overflow flaw in the WebP image format that could result in arbitrary code execution when]]> 2023-09-13T07:20:00+00:00 https://thehackernews.com/2023/09/mozilla-rushes-to-patch-webp-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8382100 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub\'s repository creation and username renaming operations," Checkmarx security researcher Elad Rapoport said in a technical report shared with The Hacker News. "Successful exploitation of]]> 2023-09-12T17:02:00+00:00 https://thehackernews.com/2023/09/critical-github-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8381772 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google Workplace, and Microsoft 365 are integral to daily operations. This widespread adoption has transformed them into potential breeding grounds for cyber threats. Each SaaS application presents unique security challenges, and the landscape constantly evolves]]> 2023-09-12T16:12:00+00:00 https://thehackernews.com/2023/09/7-steps-to-kickstart-your-saas-security.html www.secnews.physaphae.fr/article.php?IdArticle=8381753 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple computers on the organization\'s network," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with]]> 2023-09-12T15:48:00+00:00 https://thehackernews.com/2023/09/chinese-redfly-group-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8381754 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and OriginBotnet, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document as an attachment, presenting a deliberately blurred image and a counterfeit reCAPTCHA to lure the recipient into]]> 2023-09-12T15:31:00+00:00 https://thehackernews.com/2023/09/sophisticated-phishing-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8381755 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS businesses by posing as fake clients in order to socially engineer victims into launching malicious payloads," SentinelOne]]> 2023-09-12T11:43:00+00:00 https://thehackernews.com/2023/09/beware-metastealer-malware-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8381683 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash. Apple Security Engineering and Architecture (SEAR]]> 2023-09-12T10:45:00+00:00 https://thehackernews.com/2023/09/google-rushes-to-patch-critical-chrome.html www.secnews.physaphae.fr/article.php?IdArticle=8381649 False Vulnerability None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets\' accounts. "Originating yet again from a Vietnamese-based group, this campaign uses a tiny compressed file attachment that packs a powerful Python-based stealer dropped in a multi-stage]]> 2023-09-11T19:52:00+00:00 https://thehackernews.com/2023/09/vietnamese-hackers-deploy-python-based.html www.secnews.physaphae.fr/article.php?IdArticle=8381390 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor known as Charming Kiten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the U.A.E. using a previously undocumented backdoor named Sponsor. Slovak cybersecurity firm is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, and healthcare]]> 2023-09-11T18:54:00+00:00 https://thehackernews.com/2023/09/charming-kitens-new-backdoor-sponsor.html www.secnews.physaphae.fr/article.php?IdArticle=8381375 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With the growing reliance on web applications and digital platforms, the use of application programming interfaces (APIs) has become increasingly popular. If you aren\'t familiar with the term, APIs allow applications to communicate with each other and they play a vital role in modern software development. However, the rise of API use has also led to an increase in the number of API breaches.]]> 2023-09-11T16:41:00+00:00 https://thehackernews.com/2023/09/how-to-prevent-api-breaches-guide-to.html www.secnews.physaphae.fr/article.php?IdArticle=8381241 False Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has officially begun its rollout of Privacy Sandbox in the Chrome web browser to a majority of its users, nearly four months after it announced the plans. "We believe it is vital to both improve privacy and preserve access to information, whether it\'s news, a how-to-guide, or a fun video," Anthony Chavez, vice president of Privacy Sandbox initiatives at Google, said. "Without viable]]> 2023-09-11T16:30:00+00:00 https://thehackernews.com/2023/09/google-chrome-rolls-out-support-for.html www.secnews.physaphae.fr/article.php?IdArticle=8381242 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new cyber attack campaign is leveraging the PowerShell script associated with a legitimate red teaming tool to plunder NTLMv2 hashes from compromised Windows systems primarily located in Australia, Poland, and Belgium. The activity has been codenamed Steal-It by Zscaler ThreatLabz. "In this campaign, the threat actors steal and exfiltrate NTLMv2 hashes using customized versions of Nishang\'s]]> 2023-09-11T13:24:00+00:00 https://thehackernews.com/2023/09/cybercriminals-using-powershell-to.html www.secnews.physaphae.fr/article.php?IdArticle=8381180 False Tool,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. "Even though HijackLoader does not contain advanced features, it is capable of using a variety of modules for code injection and execution since it uses a modular architecture, a feature that most loaders do not have," Zscaler]]> 2023-09-11T11:53:00+00:00 https://thehackernews.com/2023/09/new-hijackloader-modular-malware-loader.html www.secnews.physaphae.fr/article.php?IdArticle=8381150 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spyware masquerading as modified versions of Telegram have been spotted in the Google Play Store that\'s designed to harvest sensitive information from compromised Android devices. According to Kaspersky security researcher Igor Golovin, the apps come with nefarious features to capture and exfiltrate names, user IDs, contacts, phone numbers, and chat messages to an actor-controlled server. The]]> 2023-09-09T13:44:00+00:00 https://thehackernews.com/2023/09/millions-infected-by-spyware-hidden-in.html www.secnews.physaphae.fr/article.php?IdArticle=8380677 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. "The attacker uses Advanced Installer to package other legitimate software installers, such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro, with malicious scripts and uses]]> 2023-09-09T11:55:00+00:00 https://thehackernews.com/2023/09/cybercriminals-weaponizing-legitimate.html www.secnews.physaphae.fr/article.php?IdArticle=8380666 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. “Russia has long been a safe haven for cybercriminals, including the TrickBot group,” the U.S. Treasury Department said, adding it has “ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including]]> 2023-09-08T22:34:00+00:00 https://thehackernews.com/2023/09/uk-and-us-sanction-11-russia-based.html www.secnews.physaphae.fr/article.php?IdArticle=8380488 False None None 2.0000000000000000