This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T06:34:52+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. “Nation-state advanced persistent threat (APT) actors exploited CVE-2022-47966 to gain unauthorized]]> 2023-09-08T11:06:00+00:00 https://thehackernews.com/2023/09/cisa-warning-nation-state-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8380335 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple on Thursday released emergency security updates for iOS, iPadOS, macOS, and watchOS to address two zero-day flaws that have been exploited in the wild to deliver NSO Group\'s Pegasus mercenary spyware. The issues are described as below - CVE-2023-41061 - A validation issue in Wallet that could result in arbitrary code execution when handling a maliciously crafted attachment. CVE-2023-41064]]> 2023-09-08T08:41:00+00:00 https://thehackernews.com/2023/09/apple-rushes-to-patch-zero-day-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8380290 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malvertising campaign has been observed distributing an updated version of a macOS stealer malware called Atomic Stealer (or AMOS), indicating that it\'s being actively maintained by its author. An off-the-shelf Golang malware available for $1,000 per month, Atomic Stealer first came to light in April 2023. Shortly after that, new variants with an expanded set of information-gathering]]> 2023-09-07T20:38:00+00:00 https://thehackernews.com/2023/09/mac-users-beware-malvertising-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8380149 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) By the end of 2024, the number of MSPs and MSSPs offering vCISO services is expected to grow by almost 5 fold, as can be seen in figure 1. This incredible surge reflects the growing business demand for specialized cybersecurity expertise and the lucrative opportunities for MSPs and MSSPs in vCISO services. Figure 1: Timeline for offering vCISO services The State of the Virtual CISO Survey Report]]> 2023-09-07T16:57:00+00:00 https://thehackernews.com/2023/09/the-state-of-virtual-ciso-report.html www.secnews.physaphae.fr/article.php?IdArticle=8380049 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. The update (version 2.1.1) plugs CVE-2023-39265 and CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset\'s metadata database. Outside of these]]> 2023-09-07T16:32:00+00:00 https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8380032 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Mirai botnet variant called Pandora has been observed infiltrating inexpensive Android-based TV sets and TV boxes and using them as part of a botnet to perform distributed denial-of-service (DDoS) attacks. Doctor Web said the compromises are likely to occur either during malicious firmware updates or when applications for viewing pirated video content are installed. "It is likely that this]]> 2023-09-07T15:17:00+00:00 https://thehackernews.com/2023/09/mirai-botnet-variant-pandora-hijacks.html www.secnews.physaphae.fr/article.php?IdArticle=8380012 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday revealed that a China-based threat actor known as Storm-0558 acquired the inactive consumer signing key to forging tokens to access Outlook by compromising an engineer\'s corporate account. This enabled the adversary to access a debugging environment that contained a crash dump of the consumer signing system that took place in April 2021 and steal the key. “A consumer]]> 2023-09-07T12:44:00+00:00 https://thehackernews.com/2023/09/outlook-breach-microsoft-reveals-how.html www.secnews.physaphae.fr/article.php?IdArticle=8379965 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android Framework. “There are indications that CVE-2023-35674 may be under limited, targeted exploitation,” the]]> 2023-09-06T19:32:00+00:00 https://thehackernews.com/2023/09/zero-day-alert-latest-android-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8379667 False Vulnerability,Mobile None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian threat actor tracked as APT34 has been linked to a new phishing attack that leads to the deployment of a variant of a backdoor called SideTwist. “APT34 has a high level of attack technology, can design different intrusion methods for different types of targets, and has supply chain attack capability,” NSFOCUS Security Labs said in a report published last week. APT34, also known by]]> 2023-09-06T19:20:00+00:00 https://thehackernews.com/2023/09/alert-phishing-campaigns-deliver-new.html www.secnews.physaphae.fr/article.php?IdArticle=8379668 False Threat APT 34 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The role of the CISO keeps taking center stage as a business enabler: CISOs need to navigate the complex landscape of digital threats while fostering innovation and ensuring business continuity. Three CISOs; Troy Wilkinson, CISO at IPG; Rob Geurtsen, former Deputy CISO at Nike; and Tammy Moskites, Founder of CyAlliance and former CISO at companies like Warner Brothers and Home Depot – shared]]> 2023-09-06T16:52:00+00:00 https://thehackernews.com/2023/09/three-cisos-share-how-to-run-effective.html www.secnews.physaphae.fr/article.php?IdArticle=8379607 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories (SEL). “The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution (RCE) on an engineering workstation,” Nozomi Networks said in a report published last week. The issues, tracked as CVE-2023-34392 and from CVE-2023-31168]]> 2023-09-06T15:43:00+00:00 https://thehackernews.com/2023/09/9-alarming-vulnerabilities-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8379593 False Vulnerability,Threat,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. "The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL Panel, designed to bypass MFA, as well as 16]]> 2023-09-06T14:14:00+00:00 https://thehackernews.com/2023/09/w3ll-store-how-secret-phishing.html www.secnews.physaphae.fr/article.php?IdArticle=8379554 False Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) on Tuesday said it thwarted a cyber attack against an unnamed critical energy infrastructure facility in the country. The intrusion, per the agency, started with a phishing email containing a link to a malicious ZIP archive that activates the infection chain. “Visiting the link will download a ZIP archive containing three JPG images (]]> 2023-09-06T13:32:00+00:00 https://thehackernews.com/2023/09/ukraines-cert-thwarts-apt28s.html www.secnews.physaphae.fr/article.php?IdArticle=8379534 False None APT 28 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of a malware loader known as BLISTER is being used as part of SocGholish infection chains to distribute an open-source command-and-control (C2) framework called Mythic. “New BLISTER update includes keying feature that allows for precise targeting of victim networks and lowers exposure within VM/sandbox environments,” Elastic Security Labs researchers Salim Bitam and Daniel]]> 2023-09-05T19:34:00+00:00 https://thehackernews.com/2023/09/new-blister-malware-update-fuelling.html www.secnews.physaphae.fr/article.php?IdArticle=8379180 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in a new detailed technical write-up shared with The Hacker]]> 2023-09-05T17:49:00+00:00 https://thehackernews.com/2023/09/new-python-variant-of-chaes-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8379141 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, it\'s not just about being online but how securely your organization operates online. Regardless of size or industry, every organization heavily depends on digital assets. The digital realm is where business takes place, from financial transactions to confidential data storage. While organizations have quickly adopted tools like Multi-Factor Authentication (MFA),]]> 2023-09-05T17:26:00+00:00 https://thehackernews.com/2023/09/way-too-vulnerable-join-this-webinar-to.html www.secnews.physaphae.fr/article.php?IdArticle=8379142 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) IBM\'s 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What\'s interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team\'s nightmare scenario.  The average cost of a breach rose once again]]> 2023-09-05T16:44:00+00:00 https://thehackernews.com/2023/09/key-cybersecurity-tools-that-can.html www.secnews.physaphae.fr/article.php?IdArticle=8379143 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korean threat actor known as Andariel has been observed employing an arsenal of malicious tools in its cyber assaults against corporations and organizations in the southern counterpart. “One characteristic of the attacks identified in 2023 is that there are numerous malware strains developed in the Go language,” the AhnLab Security Emergency Response Center (ASEC) said in a deep dive]]> 2023-09-05T15:45:00+00:00 https://thehackernews.com/2023/09/researchers-warn-of-cyber-weapons-used.html www.secnews.physaphae.fr/article.php?IdArticle=8379144 False Malware,Tool,Threat APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has disclosed that it disrupted two of the largest known covert influence operations in the world from China and Russia, blocking thousands of accounts and pages across its platform. “It targeted more than 50 apps, including Facebook, Instagram, X (formerly Twitter), YouTube, TikTok, Reddit, Pinterest, Medium, Blogspot, LiveJournal, VKontakte, Vimeo, and dozens of smaller platforms and]]> 2023-09-05T11:47:00+00:00 https://thehackernews.com/2023/09/meta-takes-down-thousands-of-accounts.html www.secnews.physaphae.fr/article.php?IdArticle=8379010 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance. The comprises CVE-2023-28432 (CVSS score: 7.5) and]]> 2023-09-04T19:43:00+00:00 https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html www.secnews.physaphae.fr/article.php?IdArticle=8378786 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) X, the social media site formerly known as Twitter, has updated its privacy policy to collect users\' biometric data to tackle fraud and impersonation on the platform. “Based on your consent, we may collect and use your biometric information for safety, security, and identification purposes,” the company said. The revised policy is expected to go into effect on September 29, 2023. The social]]> 2023-09-04T18:24:00+00:00 https://thehackernews.com/2023/09/x-twitter-to-collect-biometric-data.html www.secnews.physaphae.fr/article.php?IdArticle=8378769 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) There\'s been a great deal of AI hype recently, but that doesn\'t mean the robots are here to replace us. This article sets the record straight and explains how businesses should approach AI. From musing about self-driving cars to fearing AI bots that could destroy the world, there has been a great deal of AI hype in the past few years. AI has captured our imaginations, dreams, and occasionally,]]> 2023-09-04T16:59:00+00:00 https://thehackernews.com/2023/09/everything-you-wanted-to-know-about-ai.html www.secnews.physaphae.fr/article.php?IdArticle=8378723 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors associated with the Vietnamese cybercrime ecosystem are leveraging advertising-as-a-vector on social media platforms such as Meta-owned Facebook to distribute malware. “Threat actors have long used fraudulent ads as a vector to target victims with scams, malvertising, and more,” WithSecure researcher Mohammad Kazem Hassan Nejad said. “And with businesses now leveraging the reach]]> 2023-09-04T14:10:00+00:00 https://thehackernews.com/2023/09/vietnamese-cybercriminals-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8378691 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack in July 2023. "A file created with MalDoc in PDF can be opened in Word even though it has magic numbers and file structure of PDF,"]]> 2023-09-04T11:10:00+00:00 https://thehackernews.com/2023/09/beware-of-maldoc-in-pdf-new-polyglot.html www.secnews.physaphae.fr/article.php?IdArticle=8378545 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking text scam sent via iMessage to collect personally identifying information (PII) and payment credentials from victims, in the]]> 2023-09-04T11:00:00+00:00 https://thehackernews.com/2023/09/chinese-speaking-cybercriminals-launch.html www.secnews.physaphae.fr/article.php?IdArticle=8378724 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10 for severity and has been described as a case of authentication bypass due to a lack of unique cryptographic key generation. “A]]> 2023-09-03T10:12:00+00:00 https://thehackernews.com/2023/09/poc-exploit-released-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8378263 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions. “In recent weeks, multiple US-based Okta customers have reported a consistent pattern of social engineering attacks against IT service desk personnel, in which the caller\'s strategy was to convince service desk personnel to reset all]]> 2023-09-02T09:42:00+00:00 https://thehackernews.com/2023/09/okta-warns-of-social-engineering.html www.secnews.physaphae.fr/article.php?IdArticle=8377865 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and infrastructure is employed. “Some of these tools include enumeration software, RAT payloads, exploitation and credential stealing software]]> 2023-09-01T21:11:00+00:00 https://thehackernews.com/2023/09/threat-actors-targeting-microsoft-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8377866 False Ransomware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military. The malicious software, dubbed Infamous Chisel and attributed to a Russian state-sponsored actor called Sandworm, has capabilities to “enable unauthorized access to compromised]]> 2023-09-01T15:35:00+00:00 https://thehackernews.com/2023/09/russian-state-backed-infamous-chisel.html www.secnews.physaphae.fr/article.php?IdArticle=8377867 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and received a malicious LNK file from an address impersonating a member of the organization, non-profit entity Interlabs said in a new report. The LNK file, upon]]> 2023-09-01T14:41:00+00:00 https://thehackernews.com/2023/09/new-superbear-trojan-emerges-in.html www.secnews.physaphae.fr/article.php?IdArticle=8377868 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cyber threats continue to evolve, adversaries are deploying a range of tools to breach security defenses and compromise sensitive data. Surprisingly, one of the most potent weapons in their arsenal is not malicious code but simply stolen or weak usernames and passwords. This article explores the seriousness of compromised credentials, the challenges they present to security solutions, and the]]> 2023-09-01T14:40:00+00:00 https://thehackernews.com/2023/09/its-zero-day-its-malware-no-its.html www.secnews.physaphae.fr/article.php?IdArticle=8377869 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Classiscam scam-as-a-service program has reaped the criminal actors $64.5 million in illicit earnings since its emergence in 2019. "Classiscam campaigns initially started out on classified sites, on which scammers placed fake advertisements and used social engineering techniques to convince users to pay for goods by transferring money to bank cards," Group-IB said in a new report. "Since]]> 2023-09-01T12:52:00+00:00 https://thehackernews.com/2023/09/classiscam-scam-as-service-raked-645.html www.secnews.physaphae.fr/article.php?IdArticle=8377870 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An open-source .NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants. “Information-stealing malware like SapphireStealer can be used to obtain sensitive information, including corporate credentials, which are often resold to other threat actors who leverage the access for additional]]> 2023-08-31T19:45:00+00:00 https://thehackernews.com/2023/08/sapphirestealer-malware-gateway-to.html www.secnews.physaphae.fr/article.php?IdArticle=8377227 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Three additional malicious Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors. The findings come from ReversingLabs, which detected the packages tablediter, request-plus, and requestspro. First disclosed at]]> 2023-08-31T18:16:00+00:00 https://thehackernews.com/2023/08/north-korean-hackers-deploy-new.html www.secnews.physaphae.fr/article.php?IdArticle=8377201 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of several interesting cyber attack statistics.]]> 2023-08-31T17:10:00+00:00 https://thehackernews.com/2023/08/numbers-dont-lie-exposing-harsh-truths.html www.secnews.physaphae.fr/article.php?IdArticle=8377174 False Threat,Studies None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industries based in the Philippines, Taiwan, Malaysia, South Africa, Germany, and the U.S. "The threat actors behind Earth Estries are working with high-level resources and functioning with sophisticated skills and experience in cyber espionage and illicit]]> 2023-08-31T14:52:00+00:00 https://thehackernews.com/2023/08/earth-estries-espionage-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8377104 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month. Microsoft\'s container architecture (and by extension,]]> 2023-08-30T22:34:00+00:00 https://thehackernews.com/2023/08/hackers-can-exploit-windows-container.html www.secnews.physaphae.fr/article.php?IdArticle=8376838 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can capture user input and screen content, and can also remotely control victim devices through various techniques, enabling]]> 2023-08-30T20:42:00+00:00 https://thehackernews.com/2023/08/mmrat-android-trojan-executes-remote.html www.secnews.physaphae.fr/article.php?IdArticle=8376776 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF. "Most likely active since July 2020 and since July 2022, respectively, the campaigns]]> 2023-08-30T19:13:00+00:00 https://thehackernews.com/2023/08/china-linked-badbazaar-android-spyware.html www.secnews.physaphae.fr/article.php?IdArticle=8376758 False None APT 15,APT 15 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer need advanced coding skills to execute fraud and other damaging attacks against online businesses and customers, thanks to bots-as-a-service, residential proxies, CAPTCHA farms, and other easily accessible tools.  Now, the latest technology damaging]]> 2023-08-30T17:18:00+00:00 https://thehackernews.com/2023/08/how-to-prevent-chatgpt-from-stealing.html www.secnews.physaphae.fr/article.php?IdArticle=8376696 False Threat ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories. "The threat actor behind this campaign has been linked to malicious activity dating back to 2021," software supply chain security firm Checkmarx said in a report shared]]> 2023-08-30T16:57:00+00:00 https://thehackernews.com/2023/08/malicious-npm-packages-aim-to-target.html www.secnews.physaphae.fr/article.php?IdArticle=8376697 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports. The Shadowserver Foundation said that it\'s "seeing exploitation attempts from multiple IPs for Juniper J-Web CVE-2023-36844 (& friends) targeting /webauth_operation.php endpoint," the same day a proof-of-concept (PoC)]]> 2023-08-30T16:45:00+00:00 https://thehackernews.com/2023/08/alert-juniper-firewalls-openfire-and.html www.secnews.physaphae.fr/article.php?IdArticle=8376678 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) VMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited to bypass authentication and gain remote code execution. The most severe of the flaws is CVE-2023-34039 (CVSS score: 9.8), which relates to a case of authentication bypass arising as a result of a lack of unique cryptographic key generation. "A]]> 2023-08-30T12:27:00+00:00 https://thehackernews.com/2023/08/critical-vulnerability-alert-vmware.html www.secnews.physaphae.fr/article.php?IdArticle=8376609 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that\'s estimated to have compromised over 700,000 computers globally and facilitated financial fraud as well as ransomware. To that end, the U.S. Justice Department (DoJ) said the malware is "being deleted from victim computers, preventing it from doing any more harm," adding]]> 2023-08-30T09:35:00+00:00 https://thehackernews.com/2023/08/fbi-dismantles-qakbot-malware-frees.html www.secnews.physaphae.fr/article.php?IdArticle=8376566 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign. Mandiant, which is tracking the activity under the name UNC4841, described the threat actor as "highly responsive to]]> 2023-08-29T20:24:00+00:00 https://thehackernews.com/2023/08/chinese-hacking-group-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8376270 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom Security said in a report published last week. The latest findings build on recent findings from security]]> 2023-08-29T20:08:00+00:00 https://thehackernews.com/2023/08/darkgate-malware-activity-spikes-as.html www.secnews.physaphae.fr/article.php?IdArticle=8376271 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ask any security professional and they\'ll tell you that remediating risks from various siloed security scanning tools requires a tedious and labor-intensive series of steps focused on deduplication, prioritization, and routing of issues to an appropriate “fixer” somewhere in the organization. This burden on already resource-strapped security teams is an efficiency killer.  A new study,]]> 2023-08-29T17:01:00+00:00 https://thehackernews.com/2023/08/survey-provides-takeaways-for-security.html www.secnews.physaphae.fr/article.php?IdArticle=8376188 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what\'s suspected to be a ransomware attack. Cybersecurity company Sophos is tracking the activity cluster under the moniker STAC4663. Attack chains involve the exploitation of CVE-2023-3519, a critical code injection vulnerability impacting NetScaler ADC and Gateway servers that could]]> 2023-08-29T14:47:00+00:00 https://thehackernews.com/2023/08/citrix-netscaler-alert-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8376137 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities. "This development in the PhaaS ecosystem enables]]> 2023-08-29T11:26:00+00:00 https://thehackernews.com/2023/08/phishing-as-service-gets-smarter.html www.secnews.physaphae.fr/article.php?IdArticle=8376052 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL. "An attacker could leverage this abandoned URL to redirect authorization codes to themselves, exchanging the ill-gotten authorization codes for access tokens," Secureworks Counter Threat Unit (]]> 2023-08-28T21:35:00+00:00 https://thehackernews.com/2023/08/experts-uncover-how-cybercriminals.html www.secnews.physaphae.fr/article.php?IdArticle=8375782 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language\'s crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf," Phylum said in a report published last week. The names of the packages, now taken down, are as follows:]]> 2023-08-28T21:10:00+00:00 https://thehackernews.com/2023/08/developers-beware-malicious-rust.html www.secnews.physaphae.fr/article.php?IdArticle=8375762 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities. This is why regular testing and ongoing monitoring are necessary to fully protect web applications, identifying weaknesses so they can be]]> 2023-08-28T16:57:00+00:00 https://thehackernews.com/2023/08/cyberattacks-targeting-e-commerce.html www.secnews.physaphae.fr/article.php?IdArticle=8375669 False Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An updated version of a botnet malware called KmsdBot is now targeting Internet of Things (IoT) devices, simultaneously branching out its capabilities and the attack surface. "The binary now includes support for Telnet scanning and support for more CPU architectures," Akamai security researcher Larry W. Cashdollar said in an analysis published this month. The latest iteration,]]> 2023-08-28T11:13:00+00:00 https://thehackernews.com/2023/08/kmsdbot-malware-gets-upgrade-now.html www.secnews.physaphae.fr/article.php?IdArticle=8375509 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The leak of the LockBit 3.0 ransomware builder last year has led to threat actors abusing the tool to spawn new variants. Russian cybersecurity company Kaspersky said it detected a ransomware intrusion that deployed a version of LockBit but with a markedly different ransom demand procedure. "The attacker behind this incident decided to use a different ransom note with a headline related to a]]> 2023-08-26T15:56:00+00:00 https://thehackernews.com/2023/08/lockbit-30-ransomware-builder-leak.html www.secnews.physaphae.fr/article.php?IdArticle=8374839 False Ransomware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Risk and financial advisory solutions provider Kroll on Friday disclosed that one of its employees fell victim to a "highly sophisticated" SIM swapping attack. The incident, which took place on August 19, 2023, targeted the employee\'s T-Mobile account, the company said. "Specifically, T-Mobile, without any authority from or contact with Kroll or its employee, transferred that employee\'s phone]]> 2023-08-26T09:54:00+00:00 https://thehackernews.com/2023/08/kroll-suffers-data-breach-employee.html www.secnews.physaphae.fr/article.php?IdArticle=8374770 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two U.K. teenagers have been convicted by a jury in London for being part of the notorious LAPSUS$ transnational gang and for orchestrating a series of brazen, high-profile hacks against major tech firms and demanding a ransom in exchange for not leaking the stolen information. This includes Arion Kurtaj (aka White, Breachbase, WhiteDoxbin, and TeaPotUberHacker), an 18-year-old from Oxford, and]]> 2023-08-25T19:22:00+00:00 https://thehackernews.com/2023/08/two-lapsus-hackers-convicted-in-london.html www.secnews.physaphae.fr/article.php?IdArticle=8374539 False None Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital landscape, your business data is more than just numbers-it\'s a powerhouse. Imagine leveraging this data not only for profit but also for enhanced AI and Machine Learning (ML) threat detection. For companies like Comcast, this isn\'t a dream. It\'s reality. Your business comprehends its risks, vulnerabilities, and the unique environment in which it operates. No generic,]]> 2023-08-25T17:19:00+00:00 https://thehackernews.com/2023/08/learn-how-your-business-data-can.html www.secnews.physaphae.fr/article.php?IdArticle=8374508 False Threat,General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Every company has some level of tech debt. Unless you\'re a brand new start-up, you most likely have a patchwork of solutions that have been implemented throughout the years, often under various leadership teams with different priorities and goals. As those technologies age, they can leave your organization vulnerable to cyber threats. While replacing legacy technologies can be costly, those]]> 2023-08-25T16:17:00+00:00 https://thehackernews.com/2023/08/navigating-legacy-infrastructure-cisos.html www.secnews.physaphae.fr/article.php?IdArticle=8374471 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A nation-state activity group originating from China has been linked to cyber attacks on dozens of organizations in Taiwan as part of a suspected espionage campaign. The Microsoft Threat Intelligence team is tracking the activity under the name Flax Typhoon, which is also known as Ethereal Panda. "Flax Typhoon gains and maintains long-term access to Taiwanese organizations\' networks with minimal]]> 2023-08-25T16:11:00+00:00 https://thehackernews.com/2023/08/china-linked-flax-typhoon-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8374472 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fixes as "ineffective" and that it "continues to observe active intrusions and considers all affected Barracuda ESG]]> 2023-08-25T13:57:00+00:00 https://thehackernews.com/2023/08/urgent-fbi-warning-barracuda-email.html www.secnews.physaphae.fr/article.php?IdArticle=8374408 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure and healthcare entities in Europe and the U.S., cybersecurity company Cisco Talos said in a two-part analysis]]> 2023-08-24T20:46:00+00:00 https://thehackernews.com/2023/08/lazarus-group-exploits-critical-zoho.html www.secnews.physaphae.fr/article.php?IdArticle=8374129 False Malware,Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye, a portmanteau of Telegram and kopye (meaning "spear" in Russian), the toolkit functions as an automated means to create a phishing web page from a premade template and send the URL to potential victims, codenamed Mammoths by the criminals. "This toolkit is]]> 2023-08-24T18:03:00+00:00 https://thehackernews.com/2023/08/new-telegram-bot-telekopye-powering.html www.secnews.physaphae.fr/article.php?IdArticle=8374067 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise of remote work, people can now work from virtually anywhere: a cafe close to home, a hotel in a different city, or even while waiting for a plane at the airport. Next, let\'s explore the risks of connecting to public Wi-Fi, both for you personally and for businesses.]]> 2023-08-24T17:03:00+00:00 https://thehackernews.com/2023/08/the-hidden-dangers-of-public-wi-fi.html www.secnews.physaphae.fr/article.php?IdArticle=8374038 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. "The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems\' positions by scanning nearby Wi-Fi access points as a data point for Google\'s geolocation API," Secureworks Counter Threat Unit (CTU) said in a statement]]> 2023-08-24T16:54:00+00:00 https://thehackernews.com/2023/08/new-whiffy-recon-malware-triangulates.html www.secnews.physaphae.fr/article.php?IdArticle=8374039 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings from Group-IB reveal. The vulnerability, cataloged as CVE-2023-38831, allows threat actors to spoof file extensions, thereby making it possible to launch malicious scripts contained within an archive that masquerades as seemingly innocuous image or text files.]]> 2023-08-24T16:42:00+00:00 https://thehackernews.com/2023/08/winrar-security-flaw-exploited-in-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8374040 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Thousands of Openfire XMPP servers are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit, according to a new report from VulnCheck. Tracked as CVE-2023-32315 (CVSS score: 7.5), the vulnerability relates to a path traversal vulnerability in Openfire\'s administrative console that could permit an unauthenticated attacker to access otherwise restricted]]> 2023-08-24T13:51:00+00:00 https://thehackernews.com/2023/08/thousands-of-unpatched-openfire-xmpp.html www.secnews.physaphae.fr/article.php?IdArticle=8373974 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Justice Department (DoJ) on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds. Both the individuals, Roman Storm and Roman Semenov, have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and]]> 2023-08-24T13:08:00+00:00 https://thehackernews.com/2023/08/tornado-cash-founders-charged-in.html www.secnews.physaphae.fr/article.php?IdArticle=8373956 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet. An investigation undertaken by the FBI found]]> 2023-08-23T18:13:00+00:00 https://thehackernews.com/2023/08/north-korean-affiliates-suspected-in.html www.secnews.physaphae.fr/article.php?IdArticle=8373643 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has once again reaffirmed its plans to roll out support for end-to-end encryption (E2EE) by default for one-to-one friends and family chats on Messenger by the end of the year. As part of that effort, the social media giant said it\'s upgrading "millions more people\'s chats" effective August 22, 2023, exactly seven months after it started gradually expanding the feature to more users in]]> 2023-08-23T17:33:00+00:00 https://thehackernews.com/2023/08/meta-set-to-enable-default-end-to-end.html www.secnews.physaphae.fr/article.php?IdArticle=8373644 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device\'s camera, location, and microphone," Cybersecurity firm Cyfirma said in a report published last week. CypherRAT and CraxsRAT are said to be offered to other cybercriminals as]]> 2023-08-23T17:14:00+00:00 https://thehackernews.com/2023/08/syrian-threat-actor-evlf-unmasked-as.html www.secnews.physaphae.fr/article.php?IdArticle=8373615 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security\'s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credential harvesting malware while continuing to develop infrastructure for an upcoming (spoiler: now launched) campaign]]> 2023-08-23T17:14:00+00:00 https://thehackernews.com/2023/08/agile-approach-to-mass-cloud-credential.html www.secnews.physaphae.fr/article.php?IdArticle=8373614 False Malware,Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware across victim organizations globally. "It probably finds its way into victim organizations by its operators compromising vulnerable web servers or via brute forcing RDP credentials," ESET security researcher Jakub Souček said in a detailed technical write-up]]> 2023-08-23T15:04:00+00:00 https://thehackernews.com/2023/08/spacecolon-toolset-fuels-global-surge.html www.secnews.physaphae.fr/article.php?IdArticle=8373574 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called Luna Token Grabber on systems belonging to Roblox developers. The ongoing campaign, first detected on August 1 by ReversingLabs, employs modules that masquerade as the legitimate package noblox.js, an API]]> 2023-08-23T12:03:00+00:00 https://thehackernews.com/2023/08/over-dozen-malicious-npm-packages.html www.secnews.physaphae.fr/article.php?IdArticle=8373543 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new State of SaaS Security Posture Management Report from SaaS cybersecurity provider AppOmni indicates that Cybersecurity, IT, and business leaders alike recognize SaaS cybersecurity as an increasingly important part of the cyber threat landscape. And at first glance, respondents appear generally optimistic about their SaaS cybersecurity. Over 600 IT, cybersecurity, and business leaders at]]> 2023-08-22T16:50:00+00:00 https://thehackernews.com/2023/08/cisos-tout-saas-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8373073 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker Carderbee. The attacks, per the cybersecurity firm, leverage a trojanized version of a legitimate software called]]> 2023-08-22T15:42:00+00:00 https://thehackernews.com/2023/08/carderbee-attacks-hong-kong.html www.secnews.physaphae.fr/article.php?IdArticle=8373055 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called "OfficeNote." "The new version of XLoader is bundled inside a standard Apple disk image with the name OfficeNote.dmg," SentinelOne security researchers Dinesh Devadoss and Phil Stokes said in a Monday analysis. "The application]]> 2023-08-22T12:35:00+00:00 https://thehackernews.com/2023/08/new-variant-of-xloader-macos-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8373010 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue has been described as a case of authentication bypass impacting versions 9.18 and prior due to what it called an]]> 2023-08-22T10:15:00+00:00 https://thehackernews.com/2023/08/ivanti-warns-of-critical-zero-day-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8372975 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 (CVSS score: 9.8), relates to a deserialization flaw present in Adobe ColdFusion 2018 (Update 15 and earlier) and ColdFusion 2021 (]]> 2023-08-22T09:06:00+00:00 https://thehackernews.com/2023/08/critical-adobe-coldfusion-flaw-added-to.html www.secnews.physaphae.fr/article.php?IdArticle=8372964 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477 (CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes. "The issue results from the lack of proper validation of user-supplied]]> 2023-08-21T19:14:00+00:00 https://thehackernews.com/2023/08/new-winrar-vulnerability-could-allow.html www.secnews.physaphae.fr/article.php?IdArticle=8372770 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) From a user\'s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you\'re seeking. Unfortunately, few users understand the implications of the permissions they allow when they create a new OAuth grant, making it easy for malicious actors to manipulate employees into giving]]> 2023-08-21T16:42:00+00:00 https://thehackernews.com/2023/08/how-to-investigate-oauth-grant-for.html www.secnews.physaphae.fr/article.php?IdArticle=8372733 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service operates more than 400,000 proxy exit nodes, although it\'s not immediately clear how many of them were co-opted by malware installed on]]> 2023-08-21T15:39:00+00:00 https://thehackernews.com/2023/08/this-malware-turned-thousands-of-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=8372694 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system. Besides recompiling malware samples for different architectures, the artifacts are said to have been hosted on new virtual private servers (VPSs), Lumen Black Lotus Labs said in a report]]> 2023-08-21T11:07:00+00:00 https://thehackernews.com/2023/08/hiatusrat-malware-resurfaces-taiwan.html www.secnews.physaphae.fr/article.php?IdArticle=8372598 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have detailed an updated version of an advanced fingerprinting and redirection toolkit called WoofLocker that\'s engineered to conduct tech support scams. The sophisticated traffic redirection scheme was first documented by Malwarebytes in January 2020, leveraging JavaScript embedded in compromised websites to perform anti-bot and web traffic filtering checks to serve]]> 2023-08-19T16:52:00+00:00 https://thehackernews.com/2023/08/wooflocker-toolkit-hides-malicious.html www.secnews.physaphae.fr/article.php?IdArticle=8372157 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Networking hardware company Juniper Networks has released an "out-of-cycle" security update to address multiple flaws in the J-Web component of Junos OS that could be combined to achieve remote code execution on susceptible installations. The four vulnerabilities have a cumulative CVSS rating of 9.8, making them Critical in severity. They affect all versions of Junos OS on SRX and EX Series. "By]]> 2023-08-19T13:08:00+00:00 https://thehackernews.com/2023/08/new-juniper-junos-os-flaws-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8372106 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. That\'s according to findings from Zimperium, which found 3,300 artifacts leveraging such compression algorithms in the wild. 71 of the identified samples can be loaded on the operating system without any problems. There is no evidence that the apps were available on the]]> 2023-08-19T11:58:00+00:00 https://thehackernews.com/2023/08/thousands-of-android-malware-apps-using.html www.secnews.physaphae.fr/article.php?IdArticle=8372107 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced Friday. The exercise, conducted in partnership with AFRIPOL, enabled investigators to identify 20,674 cyber networks that were linked to financial losses of more than $40 million. "The four-month Africa Cyber Surge II operation was launched in April 2023]]> 2023-08-18T18:10:00+00:00 https://thehackernews.com/2023/08/14-suspected-cybercriminals-arrested.html www.secnews.physaphae.fr/article.php?IdArticle=8371754 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats) are putting its practical effectiveness to the test. Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehensive insight into one\'s own network.  Just recently, an attack believed to be perpetrated by the Chinese hacker group]]> 2023-08-18T17:19:00+00:00 https://thehackernews.com/2023/08/the-vulnerability-of-zero-trust-lessons.html www.secnews.physaphae.fr/article.php?IdArticle=8371755 False Hack,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new "mass-spreading" social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect their login credentials for use in follow-on operations. The activity, active since April 2023 and still ongoing, targets a wide range of small and medium businesses and governmental entities, most of which are located in Poland, Ecuador, Mexico, Italy, and Russia]]> 2023-08-18T17:18:00+00:00 https://thehackernews.com/2023/08/new-wave-of-attack-campaign-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8371756 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service execution modules that could be used for broad deployment of the BlackCat ransomware in target environments," the company\'s]]> 2023-08-18T16:27:00+00:00 https://thehackernews.com/2023/08/new-blackcat-ransomware-variant-adopts.html www.secnews.physaphae.fr/article.php?IdArticle=8371721 False Ransomware,Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when an add-on has been unpublished by a developer, taken down for violating Chrome Web Store policy, or marked as malware.]]> 2023-08-18T12:21:00+00:00 https://thehackernews.com/2023/08/google-chromes-new-feature-alerts-users.html www.secnews.physaphae.fr/article.php?IdArticle=8371644 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system. "If an attacker has the ability to execute code with admin privilege and the target is to perform LSASS Shtinkering, these privileges are not enough," Ron Ben Yizhak, a security researcher at Deep Instinct, told The]]> 2023-08-17T21:45:00+00:00 https://thehackernews.com/2023/08/nofilter-attack-sneaky-privilege.html www.secnews.physaphae.fr/article.php?IdArticle=8371357 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing cyber attack campaign originating from China is targeting the Southeast Asian gambling sector to deploy Cobalt Strike beacons on compromised systems.  Cybersecurity firm SentinelOne said the tactics, techniques, and procedures point to the involvement of a threat actor tracked as Bronze Starlight (aka Emperor Dragonfly or Storm-0401), which has been linked to the use of short-lived]]> 2023-08-17T21:10:00+00:00 https://thehackernews.com/2023/08/china-linked-bronze-starlight-group.html www.secnews.physaphae.fr/article.php?IdArticle=8371316 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. "The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence," Sysdig]]> 2023-08-17T19:56:00+00:00 https://thehackernews.com/2023/08/new-labrat-campaign-exploits-gitlab.html www.secnews.physaphae.fr/article.php?IdArticle=8371285 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and main access to an Apple device even when the victim believes it is offline. The method "tricks the victim into thinking their device\'s Airplane Mode works when in reality the attacker (following successful device exploit) has planted an artificial]]> 2023-08-17T19:56:00+00:00 https://thehackernews.com/2023/08/new-apple-ios-16-exploit-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8371284 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Changes in the way we work have had significant implications for cybersecurity, not least in network monitoring. Workers no longer sit safely side-by-side on a corporate network, dev teams constantly spin up and tear down systems, exposing services to the internet. Keeping track of these users, changes and services is difficult – internet-facing attack surfaces rarely stay the same for long. But]]> 2023-08-17T16:48:00+00:00 https://thehackernews.com/2023/08/why-you-need-continuous-network.html www.secnews.physaphae.fr/article.php?IdArticle=8371217 False General Information None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29 (aka BlueBravo, Cloaked Ursa, Cozy Bear, Iron Hemlock,]]> 2023-08-17T15:09:00+00:00 https://thehackernews.com/2023/08/russian-hackers-use-zulip-chat-app-for.html www.secnews.physaphae.fr/article.php?IdArticle=8371161 False Malware,Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited]]> 2023-08-17T10:40:00+00:00 https://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html www.secnews.physaphae.fr/article.php?IdArticle=8371085 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The 2023 Verizon Data Breach Investigations Report (DBIR) revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated]]> 2023-08-16T17:27:00+00:00 https://thehackernews.com/2023/08/whats-state-of-credential-theft-in-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8370673 False Data Breach None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the registry\'s users. "These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package," Aqua security researchers Mor Weinberger, Yakir Kadkoda, and Ilay Goldman said in a report shared]]> 2023-08-16T17:26:00+00:00 https://thehackernews.com/2023/08/experts-uncover-weaknesses-in.html www.secnews.physaphae.fr/article.php?IdArticle=8370674 False Threat None 5.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More and more organizations are choosing Google Workspace as their default employee toolset of choice. But despite the productivity advantages, this organizational action also incurs a new security debt. Security teams now have to find a way to adjust their security architecture to this new cloud workload. Some teams may rely on their existing network security solutions. According to a new guide]]> 2023-08-16T16:42:00+00:00 https://thehackernews.com/2023/08/guide-how-google-workspace-based.html www.secnews.physaphae.fr/article.php?IdArticle=8370675 False Cloud None 2.0000000000000000