This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:40:51+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Roblox developers are the target of a persistent campaign that seeks to compromise systems through bogus npm packages, once again underscoring how threat actors continue to exploit the trust in the open-source ecosystem to deliver malware. "By mimicking the popular \'noblox.js\' library, attackers have published dozens of packages designed to steal sensitive data and compromise systems," Checkmarx]]> 2024-09-02T09:06:00+00:00 https://thehackernews.com/2024/09/malicious-npm-packages-mimicking.html www.secnews.physaphae.fr/article.php?IdArticle=8568330 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A recently patched security flaw in Google Chrome and other Chromium web browsers was exploited as a zero-day by North Korean actors in a campaign designed to deliver the FudModule rootkit. The development is indicative of the persistent efforts made by the nation-state adversary, which had made a habit of incorporating rafts of Windows zero-day exploits into its arsenal in recent months.]]> 2024-08-31T21:05:00+00:00 https://thehackernews.com/2024/08/north-korean-hackers-deploy-fudmodule.html www.secnews.physaphae.fr/article.php?IdArticle=8567555 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a novel malware campaign that leverages Google Sheets as a command-and-control (C2) mechanism. The activity, detected by Proofpoint starting August 5, 2024, impersonates tax authorities from governments in Europe, Asia, and the U.S., with the goal of targeting over 70 organizations worldwide by means of a bespoke tool called Voldemort that\'s equipped to]]> 2024-08-30T18:34:00+00:00 https://thehackernews.com/2024/08/cyberattackers-exploit-google-sheets.html www.secnews.physaphae.fr/article.php?IdArticle=8566881 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed new network infrastructure set up by Iranian threat actors to support activities linked to the recent targeting of U.S. political campaigns. Recorded Future\'s Insikt Group has linked the infrastructure to a threat it tracks as GreenCharlie, an Iran-nexus cyber threat group that overlaps with APT42, Charming Kitten, Damselfly, Mint Sandstorm (formerly]]> 2024-08-30T16:45:00+00:00 https://thehackernews.com/2024/08/iranian-hackers-set-up-new-network-to.html www.secnews.physaphae.fr/article.php?IdArticle=8566822 False Threat APT 35,APT 42 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a new campaign that potentially targets users in the Middle East through malware that disguises itself as Palo Alto Networks GlobalProtect virtual private network (VPN) tool. "The malware can execute remote PowerShell commands, download and exfiltrate files, encrypt communications, and bypass sandbox solutions, representing a significant threat to]]> 2024-08-30T15:50:00+00:00 https://thehackernews.com/2024/08/new-malware-masquerades-as-palo-alto.html www.secnews.physaphae.fr/article.php?IdArticle=8566793 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The most dangerous vulnerability you\'ve never heard of. In the world of cybersecurity, vulnerabilities are discovered so often, and at such a high rate, that it can be very difficult to keep up with. Some vulnerabilities will start ringing alarm bells within your security tooling, while others are far more nuanced, but still pose an equally dangerous threat. Today, we want to discuss one of]]> 2024-08-30T15:09:00+00:00 https://thehackernews.com/2024/08/breaking-down-ad-cs-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8566762 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors with ties to North Korea have been observed publishing a set of malicious packages to the npm registry, indicating "coordinated and relentless" efforts to target developers with malware and steal cryptocurrency assets. The latest wave, which was observed between August 12 and 27, 2024, involved packages named temp-etherscan-api, ethersscan-api, telegram-con, helmet-validate, and]]> 2024-08-30T11:55:00+00:00 https://thehackernews.com/2024/08/north-korean-hackers-target-developers.html www.secnews.physaphae.fr/article.php?IdArticle=8566681 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A comprehensive guide authored by Dean Parsons emphasizes the growing need for specialized ICS security measures in the face of rising cyber threats. With a staggering 50% increase in ransomware attacks targeting industrial control systems (ICS) in 2023, the SANS Institute is taking decisive action by announcing the release of its essential new strategy guide, "ICS Is the Business: Why Securing]]> 2024-08-30T11:49:00+00:00 https://thehackernews.com/2024/08/sans-institute-unveils-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8566682 False Ransomware,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-speaking users are the target of a "highly organized and sophisticated attack" campaign that is likely leveraging phishing emails to infect Windows systems with Cobalt Strike payloads. "The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks," Securonix researchers Den Iuzvyk and Tim Peck said in a new report. The]]> 2024-08-30T11:47:00+00:00 https://thehackernews.com/2024/08/new-cyberattack-targets-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8566683 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively exploiting a now-patched, critical security flaw impacting the Atlassian Confluence Data Center and Confluence Server to conduct illicit cryptocurrency mining on susceptible instances. "The attacks involve threat actors that employ methods such as the deployment of shell scripts and XMRig miners, targeting of SSH endpoints, killing competing crypto mining processes,]]> 2024-08-30T11:42:00+00:00 https://thehackernews.com/2024/08/atlassian-confluence-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8566684 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew that\'s also known as APT-C-00, Canvas Cyclone (formerly Bismuth), Cobalt Kitty, and OceanLotus. The intrusion is]]> 2024-08-29T21:45:00+00:00 https://thehackernews.com/2024/08/vietnamese-human-rights-group-targeted.html www.secnews.physaphae.fr/article.php?IdArticle=8566270 False Malware,Threat APT 32 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were available, but would still be effective against unpatched devices," Google Threat Analysis Group (TAG) researcher Clement]]> 2024-08-29T21:29:00+00:00 https://thehackernews.com/2024/08/russian-hackers-exploit-safari-and.html www.secnews.physaphae.fr/article.php?IdArticle=8566271 False Malware,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described as connected to]]> 2024-08-29T17:12:00+00:00 https://thehackernews.com/2024/08/us-agencies-warn-of-iranian-hacking.html www.secnews.physaphae.fr/article.php?IdArticle=8566125 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MFA, EDR, and email content filtering. In this article, we\'re going to look at what AitM phishing]]> 2024-08-29T16:56:00+00:00 https://thehackernews.com/2024/08/how-to-stop-aitm-phishing-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8566126 False Commercial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closed-circuit television (CCTV) cameras that allows for remote code execution (RCE)," Akamai researchers Kyle]]> 2024-08-29T16:35:00+00:00 https://thehackernews.com/2024/08/unpatched-avtech-ip-camera-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8566127 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French citizen, has been charged with being complicit in the spread of child sexual abuse material (CSAM) as well as enabling organized crime,]]> 2024-08-29T10:11:00+00:00 https://thehackernews.com/2024/08/french-authorities-charge-telegram-ceo.html www.secnews.physaphae.fr/article.php?IdArticle=8565934 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL database. "The default credentials for the setup HSQL database (HSQLDB) for FileCatalyst Workflow are]]> 2024-08-28T21:44:00+00:00 https://thehackernews.com/2024/08/fortra-issues-patch-for-high-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8565535 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecurity firms ESET and DBAPPSecurity. The attacks have been found to infect Chinese and East Asian users]]> 2024-08-28T19:18:00+00:00 https://thehackernews.com/2024/08/apt-c-60-group-exploit-wps-office-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8565465 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since its]]> 2024-08-28T15:51:00+00:00 https://thehackernews.com/2024/08/blackbyte-ransomware-exploits-vmware.html www.secnews.physaphae.fr/article.php?IdArticle=8565373 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. "By using legitimate cloud applications, attackers provide credibility to victims, helping them to trust the content it serves," Netskope Threat]]> 2024-08-28T12:19:00+00:00 https://thehackernews.com/2024/08/new-qr-code-phishing-campaign-exploits.html www.secnews.physaphae.fr/article.php?IdArticle=8565206 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, known as CVE-2024-38856, carries a CVSS score of 9.8, indicating critical severity.]]> 2024-08-28T10:35:00+00:00 https://thehackernews.com/2024/08/cisa-flags-critical-apache-ofbiz-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8565178 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August 20, 2024. Arising due to missing input validation and sanitization,]]> 2024-08-28T09:44:00+00:00 https://thehackernews.com/2024/08/critical-wpml-plugin-flaw-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8565149 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts "almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in the form of shell scripts from the attackers\' server," Kaspersky researcher Sergey Puzan said. HZ RAT was first]]> 2024-08-27T21:38:00+00:00 https://thehackernews.com/2024/08/macos-version-of-hz-rat-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8564817 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as early]]> 2024-08-27T19:30:00+00:00 https://thehackernews.com/2024/08/chinese-volt-typhoon-exploits-versa.html www.secnews.physaphae.fr/article.php?IdArticle=8564754 False Vulnerability,Threat Guam 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Want to know what\'s the latest and greatest in SecOps for 2024? Gartner\'s recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year\'s report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial]]> 2024-08-27T18:51:00+00:00 https://thehackernews.com/2024/08/ctem-in-spotlight-how-gartners-new.html www.secnews.physaphae.fr/article.php?IdArticle=8564717 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. "ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user interface," security researcher Johann Rehberger said. "This means that an attacker]]> 2024-08-27T11:39:00+00:00 https://thehackernews.com/2024/08/microsoft-fixes-ascii-smuggling-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8564523 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine. "Inappropriate implementation in V8 in Google Chrome prior to]]> 2024-08-27T10:15:00+00:00 https://thehackernews.com/2024/08/google-warns-of-cve-2024-7965-chrome.html www.secnews.physaphae.fr/article.php?IdArticle=8564524 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE-2024-40766 (CVSS score: 9.3), has been described as an improper access control bug. "An improper access control vulnerability has been identified in the SonicWall SonicOS]]> 2024-08-26T20:03:00+00:00 https://thehackernews.com/2024/08/sonicwall-issues-critical-patch-for.html www.secnews.physaphae.fr/article.php?IdArticle=8564172 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Dutch Data Protection Authority (DPA) has fined Uber a record €290 million ($324 million) for allegedly failing to comply with European Union (E.U.) data protection standards when sending sensitive driver data to the U.S. "The Dutch DPA found that Uber transferred personal data of European taxi drivers to the United States (U.S.) and failed to appropriately safeguard the data with regard to]]> 2024-08-26T19:53:00+00:00 https://thehackernews.com/2024/08/dutch-regulators-fines-uber-290-million.html www.secnews.physaphae.fr/article.php?IdArticle=8564173 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about the security risks in the machine learning (ML) software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as inherent- and implementation-based flaws, could have severe consequences, ranging from arbitrary code execution to loading]]> 2024-08-26T16:01:00+00:00 https://thehackernews.com/2024/08/researchers-identify-over-20-supply.html www.secnews.physaphae.fr/article.php?IdArticle=8564062 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point: Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data from Disney\'s internal Slack messaging channels. The breach exposed]]> 2024-08-26T16:01:00+00:00 https://thehackernews.com/2024/08/unpacking-slack-hacks-6-ways-to-protect.html www.secnews.physaphae.fr/article.php?IdArticle=8564061 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two security vulnerabilities have been disclosed in the open-source Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai]]> 2024-08-26T13:15:00+00:00 https://thehackernews.com/2024/08/critical-flaws-in-traccar-gps-system.html www.secnews.physaphae.fr/article.php?IdArticle=8563953 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered new Android malware that can relay victims\' contactless payment data from physical credit and debit cards to an attacker-controlled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia. The malware "has]]> 2024-08-26T10:16:00+00:00 https://thehackernews.com/2024/08/new-android-malware-ngate-steals-nfc.html www.secnews.physaphae.fr/article.php?IdArticle=8563891 False Malware,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the]]> 2024-08-25T11:24:00+00:00 https://thehackernews.com/2024/08/telegram-founder-pavel-durov-arrested.html www.secnews.physaphae.fr/article.php?IdArticle=8563432 False Legislation None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon\'s Stroz Friedberg incident response services team. "This advanced threat, active since 2022, hides]]> 2024-08-25T11:07:00+00:00 https://thehackernews.com/2024/08/new-linux-malware-sedexp-hides-credit.html www.secnews.physaphae.fr/article.php?IdArticle=8563433 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. The medium-severity vulnerability, tracked as CVE-2024-39717 (CVSS score: 6.6), is case of file upload bug impacting the "Change Favicon" feature that could allow a threat actor to]]> 2024-08-24T12:33:00+00:00 https://thehackernews.com/2024/08/cisa-urges-federal-agencies-to-patch.html www.secnews.physaphae.fr/article.php?IdArticle=8562959 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian state-sponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The activity cluster, which originated from Iran, "appeared to have focused on political and diplomatic]]> 2024-08-24T12:25:00+00:00 https://thehackernews.com/2024/08/meta-exposes-iranian-hacker-group.html www.secnews.physaphae.fr/article.php?IdArticle=8562960 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. "This memory-only dropper decrypts and executes a PowerShell-based downloader," Google-owned Mandiant said. "This PowerShell-based downloader is being tracked as PEAKLIGHT." Some of]]> 2024-08-23T20:32:00+00:00 https://thehackernews.com/2024/08/new-peaklight-dropper-deployed-in.html www.secnews.physaphae.fr/article.php?IdArticle=8562594 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Let\'s be honest. The world of cybersecurity feels like a constant war zone. You\'re bombarded by threats, scrambling to keep up with patches, and drowning in an endless flood of alerts. It\'s exhausting, isn\'t it? But what if there was a better way? Imagine having every essential cybersecurity tool at your fingertips, all within a single, intuitive platform, backed by expert support 24/7. This is]]> 2024-08-23T16:56:00+00:00 https://thehackernews.com/2024/08/webinar-experience-power-of-must-have.html www.secnews.physaphae.fr/article.php?IdArticle=8562498 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Read the full article for key points from Intruder\'s VP of Product, Andy Hornegold\'s recent talk on exposure management. If you\'d like to hear Andy\'s insights first-hand, watch Intruder\'s on-demand webinar. To learn more about reducing your attack surface, reach out to their team today.  Attack surface management vs exposure management Attack surface management (ASM) is the ongoing]]> 2024-08-23T16:25:00+00:00 https://thehackernews.com/2024/08/focus-on-what-matters-most-exposure.html www.secnews.physaphae.fr/article.php?IdArticle=8562499 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind a recently observed Qilin ransomware attack have stolen credentials stored in Google Chrome browsers on a small set of compromised endpoints. The use of credential harvesting in connection with a ransomware infection marks an unusual twist, and one that could have cascading consequences, cybersecurity firm Sophos said in a Thursday report. The attack, detected in July]]> 2024-08-23T15:54:00+00:00 https://thehackernews.com/2024/08/new-qilin-ransomware-attack-uses-vpn.html www.secnews.physaphae.fr/article.php?IdArticle=8562474 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new information stealer that\'s designed to target Apple macOS hosts and harvest a wide range of information, underscoring how threat actors are increasingly setting their sights on the operating system. Dubbed Cthulhu Stealer, the malware has been available under a malware-as-a-service (MaaS) model for $500 a month from late 2023. It\'s capable of]]> 2024-08-23T10:31:00+00:00 https://thehackernews.com/2024/08/new-macos-malware-cthulhu-stealer.html www.secnews.physaphae.fr/article.php?IdArticle=8562357 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 33-year-old Latvian national living in Moscow, Russia, has been charged in the U.S. for allegedly stealing data, extorting victims, and laundering ransom payments since August 2021. Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion. He was arrested in Georgia in December 2023 and has since been extradited to]]> 2024-08-23T10:08:00+00:00 https://thehackernews.com/2024/08/latvian-hacker-extradited-to-us-for.html www.secnews.physaphae.fr/article.php?IdArticle=8562358 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a hardware backdoor within a particular model of MIFARE Classic contactless cards that could allow authentication with an unknown key and open hotel rooms and office doors. The attacks have been demonstrated against FM11RF08S, a new variant of MIFARE Classic that was released by Shanghai Fudan Microelectronics in 2020. "The FM11RF08S backdoor enables any]]> 2024-08-22T22:16:00+00:00 https://thehackernews.com/2024/08/hardware-backdoor-discovered-in-rfid.html www.secnews.physaphae.fr/article.php?IdArticle=8562095 False None None 5.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances. "The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing [a] remote unauthenticated user to access internal functionality and modify data," the company]]> 2024-08-22T22:05:00+00:00 https://thehackernews.com/2024/08/hardcoded-credential-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8562096 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a China-nexus threat group\'s exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection. The activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control]]> 2024-08-22T21:43:00+00:00 https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html www.secnews.physaphae.fr/article.php?IdArticle=8562040 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 15,000 applications using Amazon Web Services\' (AWS) Application Load Balancer (ALB) for authentication are potentially susceptible to a configuration-based issue that could expose them to sidestep access controls and compromise applications. That\'s according to findings from Israeli cybersecurity company Miggo, which dubbed the problem ALBeast. "This vulnerability allows attackers to]]> 2024-08-22T20:33:00+00:00 https://thehackernews.com/2024/08/new-albeast-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8562010 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) What is Continuous Attack Surface Penetration Testing or CASPT? Continuous Penetration Testing or Continuous Attack Surface Penetration Testing (CASPT) is an advanced security practice that involves the continuous, automated, and ongoing penetration testing services of an organization\'s digital assets to identify and mitigate security vulnerabilities. CASPT is designed for enterprises with an]]> 2024-08-22T15:33:00+00:00 https://thehackernews.com/2024/08/the-facts-about-continuous-penetration.html www.secnews.physaphae.fr/article.php?IdArticle=8561912 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. "Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap]]> 2024-08-22T10:49:00+00:00 https://thehackernews.com/2024/08/google-fixes-high-severity-chrome-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8561792 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges. "The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and]]> 2024-08-22T10:32:00+00:00 https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html www.secnews.physaphae.fr/article.php?IdArticle=8561793 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges. The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5. "On GitHub Enterprise Server instances that use SAML single sign-on (SSO)]]> 2024-08-22T10:18:00+00:00 https://thehackernews.com/2024/08/github-patches-critical-security-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8561794 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that\'s designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances. "Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report. "]]> 2024-08-22T10:01:00+00:00 https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html www.secnews.physaphae.fr/article.php?IdArticle=8561771 False Malware,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft\'s Copilot Studio that could be exploited to access sensitive information. Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack. "An authenticated attacker can bypass Server-Side Request]]> 2024-08-21T21:45:00+00:00 https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html www.secnews.physaphae.fr/article.php?IdArticle=8561511 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign. Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky. MoonPeak, under active development]]> 2024-08-21T21:07:00+00:00 https://thehackernews.com/2024/08/north-korean-hackers-deploy-new.html www.secnews.physaphae.fr/article.php?IdArticle=8561512 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services. Unfortunately – as is so often the case – our]]> 2024-08-21T16:41:00+00:00 https://thehackernews.com/2024/08/its-time-to-untangle-saas-ball-of-yarn.html www.secnews.physaphae.fr/article.php?IdArticle=8561383 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In what\'s a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses. Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from]]> 2024-08-21T16:40:00+00:00 https://thehackernews.com/2024/08/styx-stealer-creators-opsec-fail-leaks.html www.secnews.physaphae.fr/article.php?IdArticle=8561384 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we\'ve seen that originated in North Korea (DPRK) - specifically the threat actor known as BlueNoroff - such as KANDYKORN and RustBucket," Kandji security]]> 2024-08-21T16:30:00+00:00 https://thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html www.secnews.physaphae.fr/article.php?IdArticle=8561385 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope of the attacks are presently unknown. The attack chains commence with phishing messages with photos of alleged prisoners of war (]]> 2024-08-21T10:58:00+00:00 https://thehackernews.com/2024/08/cert-ua-warns-of-new-vermin-linked.html www.secnews.physaphae.fr/article.php?IdArticle=8561256 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks. The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164,]]> 2024-08-21T10:05:00+00:00 https://thehackernews.com/2024/08/givewp-wordpress-plugin-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8561213 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging API activity, providing a comprehensive]]> 2024-08-21T01:43:00+00:00 https://thehackernews.com/2024/08/detecting-aws-account-compromise-key.html www.secnews.physaphae.fr/article.php?IdArticle=8561000 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to steal their banking account credentials. The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity company ESET. "The phishing]]> 2024-08-21T01:29:00+00:00 https://thehackernews.com/2024/08/czech-mobile-users-targeted-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8561001 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control (C&C) server via DNS traffic," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News. The origins of the backdoor are]]> 2024-08-20T15:55:00+00:00 https://thehackernews.com/2024/08/hackers-exploit-php-vulnerability-to.html www.secnews.physaphae.fr/article.php?IdArticle=8560764 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and]]> 2024-08-20T15:36:00+00:00 https://thehackernews.com/2024/08/anatomy-of-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8560765 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster. "An attacker with command execution in a Pod running within an affected Azure Kubernetes Services cluster could download the configuration used to]]> 2024-08-20T15:06:00+00:00 https://thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html www.secnews.physaphae.fr/article.php?IdArticle=8560766 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho. Enterprise security company Proofpoint is tracking the activity under the name TA453, which overlaps with activity tracked by the broader cybersecurity]]> 2024-08-20T14:37:00+00:00 https://thehackernews.com/2024/08/iranian-cyber-group-ta453-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8560767 False Malware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin American nations. Targets of these attacks span several sectors, including governmental institutions, financial companies, energy and oil and gas companies. "Blind Eagle has demonstrated adaptability in]]> 2024-08-20T11:44:00+00:00 https://thehackernews.com/2024/08/blind-eagle-hackers-exploit-spear.html www.secnews.physaphae.fr/article.php?IdArticle=8560645 False Threat APT-C-36 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information. "A potential issue in NetSuite\'s SuiteCommerce platform could allow attackers to access sensitive data due to misconfigured access controls on custom record types (CRTs)," AppOmni\'s Aaron Costello]]> 2024-08-20T10:57:00+00:00 https://thehackernews.com/2024/08/thousands-of-oracle-netsuite-sites-at.html www.secnews.physaphae.fr/article.php?IdArticle=8560646 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks. The vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution. "Jenkins Command Line Interface (CLI) contains a]]> 2024-08-20T10:23:00+00:00 https://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html www.secnews.physaphae.fr/article.php?IdArticle=8560647 False Ransomware,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new type of malware called UULoader is being used by threat actors to deliver next-stage payloads like Gh0st RAT and Mimikatz. The Cyberint Research Team, which discovered the malware, said it\'s distributed in the form of malicious installers for legitimate applications targeting Korean and Chinese speakers. There is evidence pointing to UULoader being the work of a Chinese speaker due to the]]> 2024-08-19T18:36:00+00:00 https://thehackernews.com/2024/08/new-uuloader-malware-distributes-gh0st.html www.secnews.physaphae.fr/article.php?IdArticle=8560278 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat. "These attacks are opportunistic in nature, targeting users seeking popular business software," the Mandiant Managed Defense team said in a technical report. "The infection utilizes a trojanized MSIX installer, which executes a PowerShell script to]]> 2024-08-19T18:07:00+00:00 https://thehackernews.com/2024/08/cybercriminals-exploit-popular-software.html www.secnews.physaphae.fr/article.php?IdArticle=8560279 False Malware,Threat,Technical None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services. "Attackers can use Xeon to send messages through multiple software-as-a-service (SaaS) providers using valid credentials for the service providers," SentinelOne security researcher Alex Delamotte said in a report shared with The Hacker News.]]> 2024-08-19T15:32:00+00:00 https://thehackernews.com/2024/08/xeon-sender-tool-exploits-cloud-apis.html www.secnews.physaphae.fr/article.php?IdArticle=8560228 False Spam,Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock. "An attacker who successfully exploited this]]> 2024-08-19T12:35:00+00:00 https://thehackernews.com/2024/08/microsoft-patches-zero-day-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8560131 False Vulnerability,Threat APT 38 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7. The two clusters of potential FIN7 activity "indicate communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd (Russia) and SmartApe (Estonia), respectively," Team Cymru said in a report published this week as part of a joint investigation with]]> 2024-08-19T11:13:00+00:00 https://thehackernews.com/2024/08/researchers-uncover-new-infrastructure.html www.secnews.physaphae.fr/article.php?IdArticle=8560110 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) OpenAI on Friday said it banned a set of accounts linked to what it said was an Iranian covert influence operation that leveraged ChatGPT to generate content that, among other things, focused on the upcoming U.S. presidential election. "This week we identified and took down a cluster of ChatGPT accounts that were generating content for a covert Iranian influence operation identified as]]> 2024-08-17T12:08:00+00:00 https://thehackernews.com/2024/08/openai-blocks-iranian-influence.html www.secnews.physaphae.fr/article.php?IdArticle=8559127 False None ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course of this campaign, including the following: Exposing environment variables, using long-lived credentials, and absence]]> 2024-08-16T22:00:00+00:00 https://thehackernews.com/2024/08/attackers-exploit-public-env-files-to.html www.secnews.physaphae.fr/article.php?IdArticle=8558809 False Threat,Cloud,Technical None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp. Georgy Kavzharadze, 27, of Moscow, Russia, pleaded guilty to one count of conspiracy to commit bank fraud and wire fraud earlier this February. In addition to]]> 2024-08-16T19:55:00+00:00 https://thehackernews.com/2024/08/russian-hacker-jailed-3-years-for.html www.secnews.physaphae.fr/article.php?IdArticle=8558756 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is said to encompass several sub-campaigns, leveraging the reputation of the platforms to trick users into downloading the]]> 2024-08-16T18:38:00+00:00 https://thehackernews.com/2024/08/russian-hackers-using-fake-brand-sites.html www.secnews.physaphae.fr/article.php?IdArticle=8558729 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Chinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiGuard Labs researchers Eduardo Altares and Joie Salvio said. "Another noteworthy characteristic of this malware is its]]> 2024-08-16T17:10:00+00:00 https://thehackernews.com/2024/08/multi-stage-valleyrat-targets-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8558674 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited. Conducting thorough due diligence on SaaS apps is essential to identify and mitigate these risks, ensuring the protection of your]]> 2024-08-16T16:57:00+00:00 https://thehackernews.com/2024/08/the-hidden-security-gaps-in-your-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8558675 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered new stealer malware that\'s designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it\'s offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architectures.  "Banshee Stealer targets a wide range of browsers, cryptocurrency wallets, and around 100 browser]]> 2024-08-16T13:58:00+00:00 https://thehackernews.com/2024/08/new-banshee-stealer-targets-100-browser.html www.secnews.physaphae.fr/article.php?IdArticle=8558622 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A large percentage of Google\'s own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called "Showcase.apk" that comes with excessive system privileges, including the ability to remotely execute code and install arbitrary]]> 2024-08-16T12:40:00+00:00 https://thehackernews.com/2024/08/google-pixel-devices-shipped-with.html www.secnews.physaphae.fr/article.php?IdArticle=8558553 False Malware,Mobile None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug. "SolarWinds Web Help Desk was found to be susceptible to a Java deserialization remote code execution vulnerability]]> 2024-08-15T18:49:00+00:00 https://thehackernews.com/2024/08/solarwinds-releases-patch-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8558187 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian and Belarusian non-profit organizations, Russian independent media, and international non-governmental organizations active in Eastern Europe have become the target of two separate spear-phishing campaigns orchestrated by threat actors whose interests align with that of the Russian government. While one of the campaigns – dubbed River of Phish – has been attributed to COLDRIVER, an]]> 2024-08-15T17:13:00+00:00 https://thehackernews.com/2024/08/russian-linked-hackers-target-eastern.html www.secnews.physaphae.fr/article.php?IdArticle=8558142 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Emergence of Identity Threat Detection and Response Identity Threat Detection and Response (ITDR) has emerged as a critical component to effectively detect and respond to identity-based attacks. Threat actors have shown their ability to compromise the identity infrastructure and move laterally into IaaS, Saas, PaaS and CI/CD environments. Identity Threat Detection and Response solutions help]]> 2024-08-15T16:30:00+00:00 https://thehackernews.com/2024/08/identity-threat-detection-and-response.html www.secnews.physaphae.fr/article.php?IdArticle=8558114 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A cybercrime group with links to the RansomHub ransomware has been observed using a new tool designed to terminate endpoint detection and response (EDR) software on compromised hosts, joining the likes of other similar programs like AuKill (aka AvNeutralizer) and Terminator. The EDR-killing utility has been dubbed EDRKillShifter by cybersecurity company Sophos, which discovered the tool in]]> 2024-08-15T16:15:00+00:00 https://thehackernews.com/2024/08/ransomhub-group-deploys-new-edr-killing.html www.secnews.physaphae.fr/article.php?IdArticle=8558115 False Ransomware,Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A newly discovered attack vector in GitHub Actions artifacts dubbed ArtiPACKED could be exploited to take over repositories and gain access to organizations\' cloud environments. "A combination of misconfigurations and security flaws can make artifacts leak tokens, both of third party cloud services and GitHub tokens, making them available for anyone with read access to the repository to consume,]]> 2024-08-15T12:17:00+00:00 https://thehackernews.com/2024/08/github-vulnerability-artipacked-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8558004 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously unknown threat actor has been attributed to a spate of attacks targeting Azerbaijan and Israel with an aim to steal sensitive data. The attack campaign, detected by NSFOCUS on July 1, 2024, leveraged spear-phishing emails to single out Azerbaijani and Israeli diplomats. The activity is being tracked under the moniker Actor240524. "Actor240524 possesses the ability to steal secrets]]> 2024-08-15T12:15:00+00:00 https://thehackernews.com/2024/08/new-cyber-threat-targets-azerbaijan-and.html www.secnews.physaphae.fr/article.php?IdArticle=8558005 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new variant of the Gafgyt botnet that\'s targeting machines with weak SSH passwords to ultimately mine cryptocurrency on compromised instances using their GPU computational power. This indicates that the "IoT botnet is targeting more robust servers running on cloud native environments," Aqua Security researcher Assaf Morag said in a Wednesday analysis.]]> 2024-08-15T10:42:00+00:00 https://thehackernews.com/2024/08/new-gafgyt-botnet-variant-targets-weak.html www.secnews.physaphae.fr/article.php?IdArticle=8557984 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to "multiple intrusion attempts" with the goal of conducting credential theft and deploying a malware dropper called SystemBC. "The initial lure being utilized by the threat actors remains the same: an email bomb followed by an attempt to call impacted users and offer a fake solution,"]]> 2024-08-14T22:43:00+00:00 https://thehackernews.com/2024/08/black-basta-linked-attackers-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8557723 False Ransomware,Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coalition of law enforcement agencies coordinated by the U.K. National Crime Agency (NCA) has led to the arrest and extradition of a Belarussian and Ukrainian dual-national believed to be associated with Russian-speaking cybercrime groups. Maksim Silnikau (aka Maksym Silnikov), 38, went by the online monikers J.P. Morgan, xxx, and lansky. He was extradited to the U.S. from Poland on August 9,]]> 2024-08-14T17:32:00+00:00 https://thehackernews.com/2024/08/belarusian-ukrainian-hacker-extradited.html www.secnews.physaphae.fr/article.php?IdArticle=8557592 False Ransomware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Simply relying on traditional password security measures is no longer sufficient. When it comes to protecting your organization from credential-based attacks, it is essential to lock down the basics first. Securing your Active Directory should be a priority – it is like making sure a house has a locked front door before investing in a high-end alarm system. Once the fundamentals are covered,]]> 2024-08-14T17:00:00+00:00 https://thehackernews.com/2024/08/how-to-augment-your-password-security.html www.secnews.physaphae.fr/article.php?IdArticle=8557593 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Monitoring evolving DDoS trends is essential for anticipating threats and adapting defensive strategies. The comprehensive Gcore Radar Report for the first half of 2024 provides detailed insights into DDoS attack data, showcasing changes in attack patterns and the broader landscape of cyber threats. Here, we share a selection of findings from the full report. Key Takeaways The number of DDoS]]> 2024-08-14T12:17:00+00:00 https://thehackernews.com/2024/08/ddos-attacks-surge-46-in-first-half-of.html www.secnews.physaphae.fr/article.php?IdArticle=8557449 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Tuesday shipped fixes to address a total of 90 security flaws, including 10 zero-days, of which six have come under active exploitation in the wild. Of the 90 bugs, seven are rated Critical, 79 are rated Important, and one is rated Moderate in severity. This is also in addition to 36 vulnerabilities that the tech giant resolved in its Edge browser since last month. The Patch Tuesday]]> 2024-08-14T11:18:00+00:00 https://thehackernews.com/2024/08/microsoft-issues-patches-for-90-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8557425 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti has rolled out security updates for a critical flaw in Virtual Traffic Manager (vTM) that could be exploited to achieve an authentication bypass and create rogue administrative users. The vulnerability, tracked as CVE-2024-7593, has a CVSS score of 9.8 out of a maximum of 10.0. "Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2]]> 2024-08-14T10:48:00+00:00 https://thehackernews.com/2024/08/critical-flaw-in-ivanti-virtual-traffic.html www.secnews.physaphae.fr/article.php?IdArticle=8557426 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-backed threat actor known as Earth Baku has diversified its targeting footprint beyond the Indo-Pacific region to include Europe, the Middle East, and Africa starting in late 2022. Newly targeted countries as part of the activity include Italy, Germany, the U.A.E., and Qatar, with suspected attacks also detected in Georgia and Romania. Governments, media and communications, telecoms,]]> 2024-08-14T10:31:00+00:00 https://thehackernews.com/2024/08/china-backed-earth-baku-expands-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8557427 False Threat APT 41 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head\'s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as]]> 2024-08-13T19:32:00+00:00 https://thehackernews.com/2024/08/ghostwrite-new-t-head-cpu-bugs-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8557017 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered two security flaws in Microsoft\'s Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data. The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared]]> 2024-08-13T18:30:00+00:00 https://thehackernews.com/2024/08/researchers-uncover-vulnerabilities-in_0471960302.html www.secnews.physaphae.fr/article.php?IdArticle=8557018 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Traditionally, the focus has been on defending against digital threats such as malware, ransomware, and phishing attacks by detecting them and responding. However, as cyber threats become more sophisticated. There is a growing recognition of the importance of measures that stop new attacks before they are recognized. With high-value assets, it\'s not good enough to have the protection, it\'s]]> 2024-08-13T16:26:00+00:00 https://thehackernews.com/2024/08/why-hardsec-matters-from-protecting.html www.secnews.physaphae.fr/article.php?IdArticle=8556951 False Ransomware,Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) on Monday announced the disruption of online infrastructure associated with a nascent ransomware group called Dispossessor (aka Radar). The effort saw the dismantling of three U.S. servers, three United Kingdom servers, 18 German servers, eight U.S.-based criminal domains, and one German-based criminal domain. Dispossessor is said to be led by]]> 2024-08-13T14:34:00+00:00 https://thehackernews.com/2024/08/fbi-shuts-down-dispossessor-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8556889 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign that masquerades as the Security Service of Ukraine to distribute malware capable of remote desktop access. The agency is tracking the activity under the name UAC-0198. More than 100 computers are estimated to have been infected since July 2024, including those related to government bodies in the]]> 2024-08-13T10:42:00+00:00 https://thehackernews.com/2024/08/ukraine-warns-of-new-phishing-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8556784 False Malware None 3.0000000000000000