This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-15T13:43:51+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when an add-on has been unpublished by a developer, taken down for violating Chrome Web Store policy, or marked as malware.]]> 2023-08-18T12:21:00+00:00 https://thehackernews.com/2023/08/google-chromes-new-feature-alerts-users.html www.secnews.physaphae.fr/article.php?IdArticle=8371644 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system. "If an attacker has the ability to execute code with admin privilege and the target is to perform LSASS Shtinkering, these privileges are not enough," Ron Ben Yizhak, a security researcher at Deep Instinct, told The]]> 2023-08-17T21:45:00+00:00 https://thehackernews.com/2023/08/nofilter-attack-sneaky-privilege.html www.secnews.physaphae.fr/article.php?IdArticle=8371357 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing cyber attack campaign originating from China is targeting the Southeast Asian gambling sector to deploy Cobalt Strike beacons on compromised systems.  Cybersecurity firm SentinelOne said the tactics, techniques, and procedures point to the involvement of a threat actor tracked as Bronze Starlight (aka Emperor Dragonfly or Storm-0401), which has been linked to the use of short-lived]]> 2023-08-17T21:10:00+00:00 https://thehackernews.com/2023/08/china-linked-bronze-starlight-group.html www.secnews.physaphae.fr/article.php?IdArticle=8371316 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and main access to an Apple device even when the victim believes it is offline. The method "tricks the victim into thinking their device\'s Airplane Mode works when in reality the attacker (following successful device exploit) has planted an artificial]]> 2023-08-17T19:56:00+00:00 https://thehackernews.com/2023/08/new-apple-ios-16-exploit-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8371284 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. "The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence," Sysdig]]> 2023-08-17T19:56:00+00:00 https://thehackernews.com/2023/08/new-labrat-campaign-exploits-gitlab.html www.secnews.physaphae.fr/article.php?IdArticle=8371285 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Changes in the way we work have had significant implications for cybersecurity, not least in network monitoring. Workers no longer sit safely side-by-side on a corporate network, dev teams constantly spin up and tear down systems, exposing services to the internet. Keeping track of these users, changes and services is difficult – internet-facing attack surfaces rarely stay the same for long. But]]> 2023-08-17T16:48:00+00:00 https://thehackernews.com/2023/08/why-you-need-continuous-network.html www.secnews.physaphae.fr/article.php?IdArticle=8371217 False General Information None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of a malware called Duke, which has been attributed to APT29 (aka BlueBravo, Cloaked Ursa, Cozy Bear, Iron Hemlock,]]> 2023-08-17T15:09:00+00:00 https://thehackernews.com/2023/08/russian-hackers-use-zulip-chat-app-for.html www.secnews.physaphae.fr/article.php?IdArticle=8371161 False Malware,Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (CVSS score: 9.8), the shortcoming has been described as an improper access control bug that, if successfully exploited]]> 2023-08-17T10:40:00+00:00 https://thehackernews.com/2023/08/cisa-adds-citrix-sharefile-flaw-to-kev.html www.secnews.physaphae.fr/article.php?IdArticle=8371085 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) At a little overt halfway through 2023, credential theft is still a major thorn in the side of IT teams. The heart of the problem is the value of data to cybercriminals and the evolution of the techniques they use to get hold of it. The 2023 Verizon Data Breach Investigations Report (DBIR) revealed that 83% of breaches involved external actors, with almost all attacks being financially motivated]]> 2023-08-16T17:27:00+00:00 https://thehackernews.com/2023/08/whats-state-of-credential-theft-in-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8370673 False Data Breach None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Active flaws in the PowerShell Gallery could be weaponized by threat actors to pull off supply chain attacks against the registry\'s users. "These flaws make typosquatting attacks inevitable in this registry, while also making it extremely difficult for users to identify the true owner of a package," Aqua security researchers Mor Weinberger, Yakir Kadkoda, and Ilay Goldman said in a report shared]]> 2023-08-16T17:26:00+00:00 https://thehackernews.com/2023/08/experts-uncover-weaknesses-in.html www.secnews.physaphae.fr/article.php?IdArticle=8370674 False Threat None 5.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More and more organizations are choosing Google Workspace as their default employee toolset of choice. But despite the productivity advantages, this organizational action also incurs a new security debt. Security teams now have to find a way to adjust their security architecture to this new cloud workload. Some teams may rely on their existing network security solutions. According to a new guide]]> 2023-08-16T16:42:00+00:00 https://thehackernews.com/2023/08/guide-how-google-workspace-based.html www.secnews.physaphae.fr/article.php?IdArticle=8370675 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. "This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium\'s resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck]]> 2023-08-16T16:29:00+00:00 https://thehackernews.com/2023/08/google-introduces-first-quantum.html www.secnews.physaphae.fr/article.php?IdArticle=8370676 False Tool,General Information None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that\'s used by 30,000 organizations. The vulnerabilities, collectively tracked as CVE-2023-32560 (CVSS score: 9.8), are stack-based buffer overflows in Ivanti Avalanche WLAvanacheServer.exe v6.4.0.0. Cybersecurity company Tenable said the shortcomings are the result of buffer]]> 2023-08-16T16:08:00+00:00 https://thehackernews.com/2023/08/critical-security-flaws-affect-ivanti.html www.secnews.physaphae.fr/article.php?IdArticle=8370651 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Nearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as part of a large-scale attack. "An adversary appears to have exploited CVE-2023-3519 in an automated fashion, placing web shells on vulnerable NetScalers to gain persistent access," NCC Group said in an advisory released Tuesday. "The adversary can]]> 2023-08-16T09:50:00+00:00 https://thehackernews.com/2023/08/nearly-2000-citrix-netscaler-instances.html www.secnews.physaphae.fr/article.php?IdArticle=8370550 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors\' use of Cloudflare R2 to host phishing pages has witnessed a 61-fold increase over the past six months. "The majority of the phishing campaigns target Microsoft login credentials, although there are some pages targeting Adobe, Dropbox, and other cloud apps," Netskope security researcher Jan Michael said. Cloudflare R2, analogous to Amazon Web Service S3, Google Cloud Storage, and]]> 2023-08-15T23:44:00+00:00 https://thehackernews.com/2023/08/cybercriminals-abusing-cloudflare-r2.html www.secnews.physaphae.fr/article.php?IdArticle=8370359 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Four security vulnerabilities in the ScrutisWeb ATM fleet monitoring software made by Iagona could be exploited to remotely break into ATMs, upload arbitrary files, and even reboot the terminals. The shortcomings were discovered by the Synack Red Team (SRT) following a client engagement. The issues have been addressed in ScrutisWeb version 2.1.38. "Successful exploitation of these]]> 2023-08-15T22:14:00+00:00 https://thehackernews.com/2023/08/multiple-flaws-found-in-scrutisweb.html www.secnews.physaphae.fr/article.php?IdArticle=8370316 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the Monti ransomware have resurfaced after a two-month break with a new Linux version of the encryptor in its attacks targeting government and legal sectors. Monti emerged in June 2022, weeks after the Conti ransomware group shut down its operations, deliberately imitating the tactics and tools associated with the latter, including its leaked source code. Not anymore.]]> 2023-08-15T19:41:00+00:00 https://thehackernews.com/2023/08/monti-ransomware-returns-with-new-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8370268 False Ransomware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The just-released BlackBerry Global Threat Intelligence Report reveals a 40% increase in cyberattacks against government and public service organizations versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily. With limited resources and often immature cyber defense programs, these publicly funded organizations are struggling]]> 2023-08-15T17:45:00+00:00 https://thehackernews.com/2023/08/malware-unleashed-public-sector-hit-in.html www.secnews.physaphae.fr/article.php?IdArticle=8370232 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Account holders of over numerous financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru are being targeted by an Android banking malware called Gigabud RAT. "One of Gigabud RAT\'s unique features is that it doesn\'t execute any malicious actions until the user is authorized into the malicious application by a fraudster, [...] which makes it harder to detect," Group-IB]]> 2023-08-15T15:45:00+00:00 https://thehackernews.com/2023/08/gigabud-rat-android-banking-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8370202 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Is your organization constantly under threat from credential phishing? Even with comprehensive security awareness training, many employees still fall victim to credential phishing scams. The result? Cybercriminals gaining immediate and unhindered access to sensitive data, email accounts, and other applications. But what if you could outsmart these criminals and protect your organization? Join]]> 2023-08-15T13:01:00+00:00 https://thehackernews.com/2023/08/catching-catphish-join-expert-webinar.html www.secnews.physaphae.fr/article.php?IdArticle=8370106 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. "Hackers around the world infect computers opportunistically by promoting results for fake software or through YouTube]]> 2023-08-15T13:01:00+00:00 https://thehackernews.com/2023/08/over-12000-computers-compromised-by.html www.secnews.physaphae.fr/article.php?IdArticle=8370105 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice developers into downloading malevolent modules. Software supply chain security firm Phylum told The Hacker News the activity exhibits similar behaviors to that of a previous attack wave uncovered in June, which has since been linked to North Korean threat actors. As many as nine]]> 2023-08-15T12:38:00+00:00 https://thehackernews.com/2023/08/north-korean-hackers-suspected-in-new.html www.secnews.physaphae.fr/article.php?IdArticle=8370107 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms. "Once installed on the victim\'s Windows platform machines, the RAT stealthily collects sensitive data, which is then sent to the attacker\'s Telegram bot, providing them with unauthorized access to the victim\'s sensitive information," Uptycs said in a new]]> 2023-08-14T21:24:00+00:00 https://thehackernews.com/2023/08/qwixxrat-new-remote-access-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8369978 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) E-commerce sites using Adobe\'s Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw (CVE-2022-24086, CVSS score: 9.8) in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution. "The attacker seems to be]]> 2023-08-14T18:44:00+00:00 https://thehackernews.com/2023/08/ongoing-xurum-attacks-on-e-commerce.html www.secnews.physaphae.fr/article.php?IdArticle=8369926 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Why SaaS Security Is a Challenge In today\'s digital landscape, organizations are increasingly relying on Software-as-a-Service (SaaS) applications to drive their operations. However, this widespread adoption has also opened the doors to new security risks and vulnerabilities. The SaaS security attack surface continues to widen. It started with managing misconfigurations and now requires a]]> 2023-08-14T16:43:00+00:00 https://thehackernews.com/2023/08/identity-threat-detection-and-response.html www.secnews.physaphae.fr/article.php?IdArticle=8369891 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Germany\'s Federal Office for the Protection of the Constitution (BfV) has warned of cyber attacks targeting Iranian persons and organizations in the country since the end of 2022. "The cyber attacks were mainly directed against dissident organizations and individuals – such as lawyers, journalists, or human rights activists – inside and outside Iran," the agency said in an advisory. The]]> 2023-08-14T16:30:00+00:00 https://thehackernews.com/2023/08/charming-kitten-targets-iranian.html www.secnews.physaphae.fr/article.php?IdArticle=8369892 False None APT 35,APT 35 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that\'s capable of capturing sensitive information from compromised Microsoft Windows systems. "JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions," Zscaler ThreatLabz researchers Gaetano Pellegrino and Sudeep Singh said, adding it "abuses DLL side-loading]]> 2023-08-14T15:55:00+00:00 https://thehackernews.com/2023/08/new-financial-malware-janelarat-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8369868 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Indian President Droupadi Murmu on Friday granted assent to the Digital Personal Data Protection Bill (DPDPB) after it was unanimously passed by both houses of the parliament last week, marking a significant step towards securing people\'s information. "The Bill provides for the processing of digital personal data in a manner that recognizes both the rights of the individuals to protect their]]> 2023-08-14T10:50:00+00:00 https://thehackernews.com/2023/08/india-passes-new-digital-personal-data.html www.secnews.physaphae.fr/article.php?IdArticle=8369782 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities impacting CyberPower\'s PowerPanel Enterprise Data Center Infrastructure Management (DCIM) platform and Dataprobe\'s iBoot Power Distribution Unit (PDU) could be potentially exploited to gain unauthenticated access to these systems and inflict catastrophic damage in target environments. The nine vulnerabilities, from CVE-2023-3259 through CVE-2023-3267, carry]]> 2023-08-13T02:30:00+00:00 https://thehackernews.com/2023/08/multiple-flaws-in-cyberpower-and.html www.secnews.physaphae.fr/article.php?IdArticle=8369392 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom\'s Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in AudioCodes Ltd.\'s desk phones and Zoom\'s Zero Touch Provisioning feature can gain full remote control of the devices,"]]> 2023-08-12T17:04:00+00:00 https://thehackernews.com/2023/08/zoom-ztp-audiocodes-phones-flaws.html www.secnews.physaphae.fr/article.php?IdArticle=8369280 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) European and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seized, rendering LolekHosted.net no longer available," Europol said in a statement. "The service facilitated the]]> 2023-08-12T12:33:00+00:00 https://thehackernews.com/2023/08/lolek-bulletproof-hosting-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8369233 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. "urlparse has a parsing problem when the entire URL starts with blank characters," the CERT Coordination Center (CERT/CC) said in a Friday]]> 2023-08-12T11:33:00+00:00 https://thehackernews.com/2023/08/new-python-url-parsing-flaw-enables.html www.secnews.physaphae.fr/article.php?IdArticle=8369220 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the ISP level, within Belarus, in order to compromise its targets," ESET security researcher Matthieu]]> 2023-08-11T19:53:00+00:00 https://thehackernews.com/2023/08/researchers-uncover-decade-long-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8368956 False Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O\'Brien said in a post published Thursday. Kyber was chosen by the U.S. Department of Commerce\'s]]> 2023-08-11T17:52:00+00:00 https://thehackernews.com/2023/08/enhancing-tls-security-google-adds.html www.secnews.physaphae.fr/article.php?IdArticle=8368921 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Chinese threat actor known as APT31 (aka Bronze Vinewood, Judgement Panda, or Violet Typhoon) has been linked to a set of advanced backdoors that are capable of exfiltrating harvested sensitive information to Dropbox. The malware is part of a broader collection of more than 15 implants that have been put to use by the adversary in attacks targeting industrial organizations in Eastern Europe]]> 2023-08-11T15:42:00+00:00 https://thehackernews.com/2023/08/researchers-shed-light-on-apt31s.html www.secnews.physaphae.fr/article.php?IdArticle=8368885 False Malware,Threat,Industrial APT 31,APT 31 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor has been linked to a cyber attack on a power generation company in South Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack. "The proxy-capable backdoor was deployed alongside Cobalt Strike Beacons in a South African nation\'s critical infrastructure," Kurt Baumgartner, principal security researcher at]]> 2023-08-11T15:10:00+00:00 https://thehackernews.com/2023/08/new-systembc-malware-variant-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8368855 False Ransomware,Malware,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments. The flaws, tracked from CVE-2022-47379 through CVE-2022-47393 and dubbed CoDe16, carry a CVSS score of 8.8 with the exception of]]> 2023-08-11T10:50:00+00:00 https://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html www.secnews.physaphae.fr/article.php?IdArticle=8368799 False Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched security flaw in Microsoft\'s .NET and Visual Studio products to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-38180 (CVSS score: 7.5), the high-severity flaw relates to a case denial-of-service (DoS) impacting .NET and Visual Studio. It]]> 2023-08-11T09:08:00+00:00 https://thehackernews.com/2023/08/cisa-adds-microsoft-net-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8368689 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors are using a legitimate Rust-based injector called Freeze[.]rs to deploy a commodity malware called XWorm in victim environments. The novel attack chain, detected by Fortinet FortiGuard Labs on July 13, 2023, is initiated via a phishing email containing a booby-trapped PDF file. It has also been used to introduce Remcos RAT by means of a crypter called SYK Crypter, which was]]> 2023-08-10T19:50:00+00:00 https://thehackernews.com/2023/08/new-attack-alert-freezers-injector.html www.secnews.physaphae.fr/article.php?IdArticle=8368429 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new information malware strain called Statc Stealer has been found infecting devices running Microsoft Windows to siphon sensitive personal and payment information. "Statc Stealer exhibits a broad range of stealing capabilities, making it a significant threat," Zscaler ThreatLabz researchers Shivam Sharma and Amandeep Kumar said in a technical report published this week. "It can steal]]> 2023-08-10T19:38:00+00:00 https://thehackernews.com/2023/08/new-statc-stealer-malware-emerges-your.html www.secnews.physaphae.fr/article.php?IdArticle=8368395 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attackers continue to target Microsoft identities to gain access to connected Microsoft applications and federated SaaS applications. Additionally, attackers continue to progress their attacks in these environments, not by exploiting vulnerabilities, but by abusing native Microsoft functionality to achieve their objective. The attacker group Nobelium, linked with the SolarWinds attacks, has been]]> 2023-08-10T16:44:00+00:00 https://thehackernews.com/2023/08/emerging-attacker-exploit-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8368339 False Cloud Solardwinds 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A widely used Chinese language input app for Windows and Android has been found vulnerable to serious security flaws that could allow a malicious interloper to decipher the text typed by users. The findings from the University of Toronto\'s Citizen Lab, which carried out an analysis of the encryption mechanism used in Tencent\'s Sogou Input Method, an app that has over 455 million monthly active]]> 2023-08-10T16:44:00+00:00 https://thehackernews.com/2023/08/encryption-flaws-in-popular-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8368340 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are increasingly using a phishing-as-a-service (PhaaS) toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft 365 user accounts, sending approximately 120,000 phishing emails to hundreds of organizations]]> 2023-08-10T15:15:00+00:00 https://thehackernews.com/2023/08/cybercriminals-increasingly-using.html www.secnews.physaphae.fr/article.php?IdArticle=8368321 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Interpol has announced the takedown of a phishing-as-a-service (PhaaS) platform called 16Shop, in addition to the arrests of three individuals in Indonesia and Japan. 16Shop specialized in the sales of phishing kits that other cybercriminals can purchase to mount phishing attacks on a large scale, ultimately facilitating the theft of credentials and payment details from users of popular services]]> 2023-08-10T11:52:00+00:00 https://thehackernews.com/2023/08/interpol-busts-phishing-as-service.html www.secnews.physaphae.fr/article.php?IdArticle=8368265 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have disclosed details of a trio of side-channel attacks that could be exploited to leak sensitive data from modern CPUs. Called Collide+Power (CVE-2023-20583), Downfall (CVE-2022-40982), and Inception (CVE-2023-20569), the novel methods follow the disclosure of another newly discovered security vulnerability affecting AMD\'s Zen 2 architecture-based processors known as]]> 2023-08-09T21:09:00+00:00 https://thehackernews.com/2023/08/collidepower-downfall-and-inception-new.html www.secnews.physaphae.fr/article.php?IdArticle=8367952 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hackers associated with China\'s Ministry of State Security (MSS) have been linked to attacks in 17 different countries in Asia, Europe, and North America from 2021 to 2023. Cybersecurity firm Recorded Future attributed the intrusion set to a nation-state group it tracks under the name RedHotel (previously Threat Activity Group-22 or TAG-222), which overlaps with a cluster of activity broadly]]> 2023-08-09T19:13:00+00:00 https://thehackernews.com/2023/08/china-linked-hackers-strike-worldwide.html www.secnews.physaphae.fr/article.php?IdArticle=8367909 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Validate security continuously across your full stack with Pen Testing as a Service. In today\'s modern security operations center (SOC), it\'s a battle between the defenders and the cybercriminals. Both are using tools and expertise – however, the cybercriminals have the element of surprise on their side, and a host of tactics, techniques, and procedures (TTPs) that have evolved. These external]]> 2023-08-09T17:06:00+00:00 https://thehackernews.com/2023/08/continuous-security-validation-with.html www.secnews.physaphae.fr/article.php?IdArticle=8367850 False Tool None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.K. Electoral Commission on Tuesday disclosed a "complex" cyber attack on its systems that went undetected for over a year, allowing the threat actors to access years worth of voter data belonging to 40 million people. "The incident was identified in October 2022 after suspicious activity was detected on our systems," the regulator said. "It became clear that hostile actors had first]]> 2023-08-09T15:52:00+00:00 https://thehackernews.com/2023/08/uk-electoral-commission-breach-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8367831 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Exposed Kubernetes (K8s) clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller subset tied to bigger companies, spanning financial, aerospace, automotive, industrial, and security sectors]]> 2023-08-09T14:35:00+00:00 https://thehackernews.com/2023/08/malicious-campaigns-exploit-weak.html www.secnews.physaphae.fr/article.php?IdArticle=8367789 False None Uber 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has introduced a new security feature in Android 14 that allows IT administrators to disable support for 2G cellular networks in their managed device fleet. The search giant said it\'s introducing a second user setting to turn off support, at the model level, for null-ciphered cellular connections. "The Android Security Model assumes that all networks are hostile to keep users safe from]]> 2023-08-09T12:19:00+00:00 https://thehackernews.com/2023/08/new-android-14-security-feature-it.html www.secnews.physaphae.fr/article.php?IdArticle=8367758 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has patched a total of 74 flaws in its software as part of the company\'s Patch Tuesday updates for August 2023, down from the voluminous 132 vulnerabilities the company fixed last month. This comprises six Critical and 67 Important security vulnerabilities. Also released by the tech giant are two defense-in-depth updates for Microsoft Office (ADV230003) and the Memory Integrity System]]> 2023-08-09T09:56:00+00:00 https://thehackernews.com/2023/08/microsoft-releases-patches-for-74-new.html www.secnews.physaphae.fr/article.php?IdArticle=8367708 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tactical similarities have been unearthed between the double extortion ransomware group known as Rhysida and Vice Society, including in their targeting of education and healthcare sectors. "As Vice Society was observed deploying a variety of commodity ransomware payloads, this link does not suggest that Rhysida is exclusively used by Vice Society, but shows with at least medium confidence that]]> 2023-08-09T09:50:00+00:00 https://thehackernews.com/2023/08/new-report-exposes-vice-societys.html www.secnews.physaphae.fr/article.php?IdArticle=8367832 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware\'s infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lotus Labs revealed that 25% of its C2 servers are only active for a single day. "QakBot has a history of taking an]]> 2023-08-08T19:45:00+00:00 https://thehackernews.com/2023/08/qakbot-malware-operators-expand-c2.html www.secnews.physaphae.fr/article.php?IdArticle=8367307 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. "Cloudflared is functionally very similar to ngrok," Nic Finn, a senior threat intelligence analyst at GuidePoint Security, said. "However, Cloudflared differs from ngrok in that it provides a lot more usability for free,]]> 2023-08-08T17:52:00+00:00 https://thehackernews.com/2023/08/hackers-abusing-cloudflare-tunnels-for.html www.secnews.physaphae.fr/article.php?IdArticle=8367210 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Introduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things tend to do, times, they are a\'changin\' – and a few years back, Microsoft introduced Azure Active Directory, the]]> 2023-08-08T15:18:00+00:00 https://thehackernews.com/2023/08/understanding-active-directory-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8367146 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023. Cisco Talos, in a new write-up, attributed the operation with moderate confidence to an adversary of likely Vietnamese origin. "The threat actor uses an uncommon technique to deliver the ransom note," security]]> 2023-08-08T14:23:00+00:00 https://thehackernews.com/2023/08/new-yashma-ransomware-variant-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8367147 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities.  "LOLBAS is an attack method that uses binaries and scripts that are already part of the system for malicious purposes," Pentera security researcher Nir Chako said. "This makes it hard for security teams]]> 2023-08-08T12:53:00+00:00 https://thehackernews.com/2023/08/lolbas-in-wild-11-living-off-land.html www.secnews.physaphae.fr/article.php?IdArticle=8367116 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cyber criminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information. Bot mitigation company Kasada said the activity is designed to "exploit trusted criminal networks," describing it as an instance of advanced threat actors "]]> 2023-08-07T21:27:00+00:00 https://thehackernews.com/2023/08/new-malware-campaign-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8366834 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two different North Korean nation-state actors have been linked to a cyber intrusion against the major Russian missile engineering company NPO Mashinostroyeniya. Cybersecurity firm SentinelOne said it identified "two instances of North Korea related compromise of sensitive internal IT infrastructure," including a case of an email server compromise and the deployment of a Windows backdoor dubbed]]> 2023-08-07T19:26:00+00:00 https://thehackernews.com/2023/08/north-korean-hackers-targets-russian.html www.secnews.physaphae.fr/article.php?IdArticle=8366798 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s interconnected world, evolving security solutions to meet growing demand is more critical than ever. Collaboration across multiple solutions for intelligence gathering and information sharing is indispensable. The idea of multiple-source intelligence gathering stems from the concept that threats are rarely isolated. Hence, their detection and prevention require a comprehensive]]> 2023-08-07T16:00:00+00:00 https://thehackernews.com/2023/08/enhancing-security-operations-using.html www.secnews.physaphae.fr/article.php?IdArticle=8366728 False None None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy. "When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium," researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad]]> 2023-08-07T15:44:00+00:00 https://thehackernews.com/2023/08/new-deep-learning-attack-deciphers.html www.secnews.physaphae.fr/article.php?IdArticle=8366729 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Vulnerable Redis services have been targeted by a "new, improved, dangerous" variant of a malware called SkidMap that\'s engineered to target a wide range of Linux distributions. "The malicious nature of this malware is to adapt to the system on which it is executed," Trustwave security researcher Radoslaw Zdonczyk said in an analysis published last week. Some of the Linux distribution SkidMap]]> 2023-08-07T15:22:00+00:00 https://thehackernews.com/2023/08/new-skidmap-redis-malware-variant.html www.secnews.physaphae.fr/article.php?IdArticle=8366730 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Federal Bureau of Investigation (FBI) is warning about cyber crooks masquerading as legitimate non-fungible token (NFT) developers to steal cryptocurrency and other digital assets from unsuspecting users. In these fraudulent schemes, criminals either obtain direct access to NFT developer social media accounts or create look-alike accounts to promote "exclusive" new NFT releases, often]]> 2023-08-07T12:35:00+00:00 https://thehackernews.com/2023/08/fbi-alert-crypto-scammers-are.html www.secnews.physaphae.fr/article.php?IdArticle=8366678 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Managed Detection and Response (MDR) has emerged as a crucial solution for organizations looking to bolster their security measures. MDR allows businesses to outsource the management of Endpoint Detection and Response (EDR) products deployed across their network domain. With real-time threat-hunting capabilities, MDR services detect and mitigate malicious activities on individual endpoints while]]> 2023-08-05T13:33:00+00:00 https://thehackernews.com/2023/08/mdr-empowering-organizations-with.html www.secnews.physaphae.fr/article.php?IdArticle=8366010 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of systems," the AhnLab Security Emergency Response Center (ASEC) said in a report published this week. "Port]]> 2023-08-05T13:22:00+00:00 https://thehackernews.com/2023/08/reptile-rootkit-advanced-linux-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8366011 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday disclosed that it has addressed a critical security flaw impacting Power Platform, but not before it came under criticism for its failure to swiftly act on it. "The vulnerability could lead to unauthorized access to Custom Code functions used for Power Platform custom connectors," the tech giant said. "The potential impact could be unintended information disclosure if secrets]]> 2023-08-05T13:08:00+00:00 https://thehackernews.com/2023/08/microsoft-addresses-critical-power.html www.secnews.physaphae.fr/article.php?IdArticle=8365996 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new high-severity security flaw in PaperCut print management software for Windows that could result in remote code execution under specific circumstances. Tracked as CVE-2023-39143 (CVSS score: 8.4), the flaw impacts PaperCut NG/MF prior to version 22.1.3. It has been described as a combination of a path traversal and file upload vulnerability. "]]> 2023-08-05T09:43:00+00:00 https://thehackernews.com/2023/08/researchers-uncover-new-high-severity.html www.secnews.physaphae.fr/article.php?IdArticle=8365954 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and his wife, Heather Morgan, 33, were arrested in February 2022, following the seizure of roughly 95,000 of the stolen]]> 2023-08-04T17:43:00+00:00 https://thehackernews.com/2023/08/nyc-couple-pleads-guilty-to-money.html www.secnews.physaphae.fr/article.php?IdArticle=8365677 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Privileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potential. These challenges deprive organizations of the resilience they seek, making it essential to address them]]> 2023-08-04T16:36:00+00:00 https://thehackernews.com/2023/08/webinar-making-pam-great-again-solving.html www.secnews.physaphae.fr/article.php?IdArticle=8365661 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demonstrated increasing functionality and refinement," hours after which they were removed and re-uploaded under different]]> 2023-08-04T16:03:00+00:00 https://thehackernews.com/2023/08/malicious-npm-packages-found.html www.secnews.physaphae.fr/article.php?IdArticle=8365642 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulnerabilities and targeted unpatched, internet-facing systems," cybersecurity and intelligence agencies from the Five]]> 2023-08-04T12:32:00+00:00 https://thehackernews.com/2023/08/major-cybersecurity-agencies.html www.secnews.physaphae.fr/article.php?IdArticle=8365600 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are leveraging a technique called versioning to evade Google Play Store\'s malware detections and target Android users. "Campaigns using versioning commonly target users\' credentials, data, and finances," Google Cybersecurity Action Team (GCAT) said in its August 2023 Threat Horizons Report shared with The Hacker News. While versioning is not a new phenomenon, it\'s sneaky and hard]]> 2023-08-03T21:48:00+00:00 https://thehackernews.com/2023/08/malicious-apps-use-sneaky-versioning.html www.secnews.physaphae.fr/article.php?IdArticle=8365329 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new version of malware called Rilide that targets Chromium-based web browsers to steal sensitive data and steal cryptocurrency. "It exhibits a higher level of sophistication through modular design, code obfuscation, adoption to the Chrome Extension Manifest V3, and additional features such as the ability to exfiltrate stolen data to a Telegram channel]]> 2023-08-03T20:03:00+00:00 https://thehackernews.com/2023/08/new-version-of-rilide-data-theft.html www.secnews.physaphae.fr/article.php?IdArticle=8365287 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated remote code execution. The flaw, patched by Citrix last month, carries a CVSS score of 9.8. The]]> 2023-08-03T19:50:00+00:00 https://thehackernews.com/2023/08/hundreds-of-citrix-netscaler-adc-and.html www.secnews.physaphae.fr/article.php?IdArticle=8365288 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The frequency and complexity of cyber threats are constantly evolving. At the same time, organizations are now collecting sensitive data that, if compromised, could result in severe financial and reputational damage. According to Cybersecurity Ventures, the cost of cybercrime is predicted to hit $8 trillion in 2023 and will grow to $10.5 trillion by 2025. There is also increasing public and]]> 2023-08-03T18:17:00+00:00 https://thehackernews.com/2023/08/a-penetration-testing-buyers-guide-for.html www.secnews.physaphae.fr/article.php?IdArticle=8365232 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft is warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding." "Information on athletic performance, competitive advantage, and personal information is a lucrative target," the company said in a Cyber Signals report shared with The Hacker News. "Sports teams, major league and global]]> 2023-08-03T15:31:00+00:00 https://thehackernews.com/2023/08/microsoft-flags-growing-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8365179 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A hacktivist group known as Mysterious Team Bangladesh has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel," Singapore-headquartered cybersecurity firm Group-IB said in a report shared with The Hacker News. "The group is]]> 2023-08-03T14:50:00+00:00 https://thehackernews.com/2023/08/mysterious-team-bangladesh-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8365180 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday disclosed that it identified a set of highly targeted social engineering attacks mounted by a Russian nation-state threat actor using credential theft phishing lures sent as Microsoft Teams chats. The tech giant attributed the attacks to a group it tracks as Midnight Blizzard (previously Nobelium). It\'s also called APT29, BlueBravo, Cozy Bear, Iron Hemlock, and The Dukes.]]> 2023-08-03T12:08:00+00:00 https://thehackernews.com/2023/08/microsoft-exposes-russian-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8365093 False Threat APT 29 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a bypass for a recently fixed actively exploited vulnerability in some versions of Ivanti Endpoint Manager Mobile (EPMM), prompting Ivanti to urge users to update to the latest version of the software. Tracked as CVE-2023-35082 (CVSS score: 10.0) and discovered by Rapid7, the issue "allows unauthenticated attackers to access the API in older unsupported]]> 2023-08-03T09:36:00+00:00 https://thehackernews.com/2023/08/researchers-discover-bypass-for.html www.secnews.physaphae.fr/article.php?IdArticle=8365033 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the new infrastructure to a threat actor it tracks under the name BlueCharlie, a hacking crew that\'s broadly known by the names Blue Callisto, Callisto (or Calisto),]]> 2023-08-02T19:42:00+00:00 https://thehackernews.com/2023/08/russian-cyber-adversary-bluecharlie.html www.secnews.physaphae.fr/article.php?IdArticle=8364787 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have no patch or remediation, registering a significant increase from 13% the previous year. According to data compiled by SynSaber, a total of 670 ICS product flaws were reported via the U.S. Cybersecurity and Infrastructure Security Agency (CISA) in the first half of]]> 2023-08-02T18:25:00+00:00 https://thehackernews.com/2023/08/industrial-control-systems.html www.secnews.physaphae.fr/article.php?IdArticle=8364754 False Vulnerability,Industrial None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce\'s email services, allowing threat actors to craft targeted phishing messages using the company\'s domain and infrastructure. "Those phishing campaigns cleverly evade conventional detection methods by chaining the Salesforce vulnerability and legacy quirks in Facebook\'s Web Games platform,"]]> 2023-08-02T18:25:00+00:00 https://thehackernews.com/2023/08/phishers-exploit-salesforces-email.html www.secnews.physaphae.fr/article.php?IdArticle=8364755 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless industries. One of the most notable platforms that has been host to many malicious actors and nefarious activities has been Telegram. Thanks to its accessibility, popularity, and user anonymity, Telegram has attracted a large number of threat actors driven by]]> 2023-08-02T17:22:00+00:00 https://thehackernews.com/2023/08/top-industries-significantly-impacted.html www.secnews.physaphae.fr/article.php?IdArticle=8364717 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments "The SSM agent, a legitimate tool used by admins to manage their instances, can be re-purposed by an attacker who has achieved high privilege access on an endpoint with]]> 2023-08-02T17:20:00+00:00 https://thehackernews.com/2023/08/researchers-uncover-aws-ssm-agent.html www.secnews.physaphae.fr/article.php?IdArticle=8364718 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Services offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews. "Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran – in possible violation of U.S. sanctions – under the direction of someone  going by the name Hassan Nozari," Halcyon said in a]]> 2023-08-02T13:01:00+00:00 https://thehackernews.com/2023/08/iranian-company-cloudzy-accused-of.html www.secnews.physaphae.fr/article.php?IdArticle=8364642 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint advisory released by the Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian]]> 2023-08-02T09:11:00+00:00 https://thehackernews.com/2023/08/norwegian-entities-targeted-in-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8364582 False Vulnerability,Threat None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that\'s equipped to fully take over Facebook business accounts as well as siphon cryptocurrency. Palo Alto Network Unit 42 said it detected the previously undocumented strain as part of a campaign that commenced in December 2022. NodeStealer was first exposed by Meta in May 2023, describing it as a stealer]]> 2023-08-01T21:03:00+00:00 https://thehackernews.com/2023/08/new-nodestealer-targeting-facebook.html www.secnews.physaphae.fr/article.php?IdArticle=8364328 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Various European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities are executed with a combination of remote access trojan (RAT) capabilities and vishing attack," Italian cybersecurity]]> 2023-08-01T16:41:00+00:00 https://thehackernews.com/2023/08/european-bank-customers-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8364250 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it\'s been duplicated or moved to. So, what is DSPM? Here\'s a quick example: Let\'s say you\'ve built an excellent security posture for your cloud data. For the sake of this example, your data is in production, it\'s protected behind a]]> 2023-08-01T15:45:00+00:00 https://thehackernews.com/2023/08/what-is-data-security-posture.html www.secnews.physaphae.fr/article.php?IdArticle=8364235 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals\' main goals are still espionage and theft of confidential information, but the group has expanded its interests and the geography of its attacks," Positive]]> 2023-08-01T15:27:00+00:00 https://thehackernews.com/2023/08/researchers-expose-space-pirate-cyber.html www.secnews.physaphae.fr/article.php?IdArticle=8364236 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. Cybersecurity company Kaspersky attributed the intrusions with medium to high confidence to a hacking crew called APT31, which is also tracked under the monikers Bronze Vinewood,]]> 2023-08-01T14:31:00+00:00 https://thehackernews.com/2023/08/chinas-apt31-suspected-in-attacks-on.html www.secnews.physaphae.fr/article.php?IdArticle=8364217 False Industrial APT 31 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Organizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). "It is a sophisticated downloader with the objective of installing a second malware payload," Proofpoint said in a technical report. "The malware uses multiple mechanisms to evade]]> 2023-08-01T09:50:00+00:00 https://thehackernews.com/2023/08/cybercriminals-renting-wikiloader-to.html www.secnews.physaphae.fr/article.php?IdArticle=8364133 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. "The malware compromises exposed instances of the Redis data store by exploiting the replication feature," Cado Security researchers Nate Bill and Matt Muir said in a report shared with The Hacker News. "A common attack]]> 2023-07-31T19:08:00+00:00 https://thehackernews.com/2023/07/new-p2pinfect-worm-targets-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8363877 False Malware None 1.00000000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also known by the names Operation Hangover and Zinc Emerson, is suspected to be a threat group that]]> 2023-07-31T18:00:00+00:00 https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html www.secnews.physaphae.fr/article.php?IdArticle=8363854 False Threat APT 38,APT 38 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated enterprises was expected to grow by a whopping 1900% in just one year, from only 1% in 2021 to 20% in 2022! Offering vCISO services can be especially attractive for MSPs and MSSPs. By addressing their customers\' needs for proactive cyber resilience,]]> 2023-07-31T17:20:00+00:00 https://thehackernews.com/2023/07/webinar-riding-vciso-wave-how-to.html www.secnews.physaphae.fr/article.php?IdArticle=8363855 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) More details have emerged about a botnet called AVRecon, which has been observed making use of compromised small office/home office (SOHO) routers as part of a multi-year campaign active since at least May 2021. AVRecon was first disclosed by Lumen Black Lotus Labs earlier this month as malware capable of executing additional commands and stealing victim\'s bandwidth for what appears to be an]]> 2023-07-31T14:55:00+00:00 https://thehackernews.com/2023/07/avrecon-botnet-leveraging-compromised.html www.secnews.physaphae.fr/article.php?IdArticle=8363800 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware called Fruity with the goal of installing remote trojans tools like Remcos RAT. "Among the software in question are various instruments for fine-tuning CPUs, graphic cards, and BIOS; PC hardware-monitoring tools; and some other apps," cybersecurity]]> 2023-07-31T14:08:00+00:00 https://thehackernews.com/2023/07/fruity-trojan-uses-deceptive-software.html www.secnews.physaphae.fr/article.php?IdArticle=8363801 False Malware,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data. The flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below, Patchstack said in a report last week. Ninja Forms is installed on over 800,000 sites. A brief description]]> 2023-07-31T12:12:00+00:00 https://thehackernews.com/2023/07/multiple-flaws-found-in-ninja-forms.html www.secnews.physaphae.fr/article.php?IdArticle=8363783 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act as a clipper to substitute wallet addresses when a]]> 2023-07-29T13:40:00+00:00 https://thehackernews.com/2023/07/new-android-malware-cherryblos.html www.secnews.physaphae.fr/article.php?IdArticle=8363134 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop "The Definitive Browser Security RFP Template." This resource helps streamline the process of evaluating and procuring browser security platforms]]> 2023-07-29T11:04:00+00:00 https://thehackernews.com/2023/07/rfp-template-for-browser-security.html www.secnews.physaphae.fr/article.php?IdArticle=8363102 False None None 2.0000000000000000