This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2024-05-14T05:25:54+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As cloud applications are built, tested and updated, they wind their way through an ever-complex series of different tools and teams. Across hundreds or even thousands of technologies that make up the patchwork quilt of development and cloud environments, security processes are all too often applied in only the final phases of software development.  Placing security at the very end of the]]> 2023-07-27T16:55:00+00:00 https://thehackernews.com/2023/07/the-4-keys-to-building-cloud-security.html www.secnews.physaphae.fr/article.php?IdArticle=8362202 False Tool,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Misconfigured and poorly secured Apache Tomcat servers are being targeted as part of a new campaign designed to deliver the Mirai botnet malware and cryptocurrency miners. The findings come courtesy of Aqua, which detected more than 800 attacks against its Tomcat server honeypots over a two-year time period, with 96% of the attacks linked to the Mirai botnet. Of these attack attempts, 20% (or]]> 2023-07-27T16:16:00+00:00 https://thehackernews.com/2023/07/hackers-target-apache-tomcat-servers.html www.secnews.physaphae.fr/article.php?IdArticle=8362177 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A city court in Moscow on Wednesday convicted Group-IB co-founder and CEO Ilya Sachkov of "high treason" and jailed him for 14 years in a "strict regime colony" over accusations of passing information to foreign spies. "The court found Sachkov guilty under Article 275 of the Russian Criminal Code (high treason) sentencing him to 14 years of incarceration in a maximum-security jail, restriction]]> 2023-07-27T16:01:00+00:00 https://thehackernews.com/2023/07/group-ib-co-founder-sentenced-to-14.html www.secnews.physaphae.fr/article.php?IdArticle=8362178 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a cyber attack within four days of identifying that it has a "material" impact on their finances, marking a major shift in how computer breaches are disclosed. "Whether a company loses a factory in a fire - or millions of files in a cybersecurity]]> 2023-07-27T12:19:00+00:00 https://thehackernews.com/2023/07/new-sec-rules-require-us-companies-to.html www.secnews.physaphae.fr/article.php?IdArticle=8362120 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A deeper analysis of a recently discovered malware called Decoy Dog has revealed that it\'s a significant upgrade over the Pupy RAT, an open-source remote access trojan it\'s modeled on. "Decoy Dog has a full suite of powerful, previously unknown capabilities – including the ability to move victims to another controller, allowing them to maintain communication with compromised machines and remain]]> 2023-07-26T18:43:00+00:00 https://thehackernews.com/2023/07/decoy-dog-new-breed-of-malware-posing.html www.secnews.physaphae.fr/article.php?IdArticle=8361727 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new Uptycs\' whitepaper, Stealers are Organization Killers, a variety of new info stealers have emerged this year, preying]]> 2023-07-26T16:23:00+00:00 https://thehackernews.com/2023/07/the-alarming-rise-of-infostealers-how.html www.secnews.physaphae.fr/article.php?IdArticle=8361688 False Threat,Studies,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Tax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data. A key hallmark of the operation entails cloning official portals of the Servicio de Administración Tributaria (SAT) in Mexico and the Servicio de Impuestos Internos (SII) in Chile and redirecting potential victims to]]> 2023-07-26T16:22:00+00:00 https://thehackernews.com/2023/07/fenix-cybercrime-group-poses-as-tax.html www.secnews.physaphae.fr/article.php?IdArticle=8361689 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Following the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as crafting spear phishing emails, creating cracking tools, carding, etc.," Netenrich security researcher Rakesh Krishnan]]> 2023-07-26T15:32:00+00:00 https://thehackernews.com/2023/07/new-ai-tool-fraudgpt-emerges-tailored.html www.secnews.physaphae.fr/article.php?IdArticle=8361668 False Tool,Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system. Written in the Rust programming language, the malware is distributed in the form of bogus blockchain games and is capable of "emptying crypto wallets and stealing stored password and]]> 2023-07-26T12:38:00+00:00 https://thehackernews.com/2023/07/rust-based-realst-infostealer-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8361608 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.1), the shortcoming is expected to put approximately 500,000 and 900,000 RouterOS systems at risk of exploitation via their web and/or Winbox interfaces, respectively,]]> 2023-07-26T10:32:00+00:00 https://thehackernews.com/2023/07/critical-mikrotik-routeros.html www.secnews.physaphae.fr/article.php?IdArticle=8361572 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual IP address. Google-owned threat intelligence firm Mandiant attributed the activity to a threat actor it tracks under the name UNC4899, which likely shares overlaps with clusters already]]> 2023-07-25T20:16:00+00:00 https://thehackernews.com/2023/07/north-korean-nation-state-actors.html www.secnews.physaphae.fr/article.php?IdArticle=8361273 False Hack,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets. "They are still heavily focused on Latin American]]> 2023-07-25T17:40:00+00:00 https://thehackernews.com/2023/07/casbaneiro-banking-malware-goes-under.html www.secnews.physaphae.fr/article.php?IdArticle=8361218 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple\'s operating system.  What Are the Rising Threats to macOS? There is a common misconception among macOS fans that Apple devices are immune to hacking and malware infection. However, users have been facing more and more dangers recently. Inventive attackers are specifically]]> 2023-07-25T16:54:00+00:00 https://thehackernews.com/2023/07/macos-under-attack-examining-growing.html www.secnews.physaphae.fr/article.php?IdArticle=8361219 False Malware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what\'s believed to be an intentional backdoor that could have potentially exposed sensitive information. The issues, discovered by Midnight Blue in 2021 and held back until now, have]]> 2023-07-25T15:58:00+00:00 https://thehackernews.com/2023/07/tetraburst-5-new-vulnerabilities.html www.secnews.physaphae.fr/article.php?IdArticle=8361220 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) How do you overcome today\'s talent gap in cybersecurity? This is a crucial issue - particularly when you find executive leadership or the board asking pointed questions about your security team\'s ability to defend the organization against new and current threats. This is why many security leaders find themselves turning to managed security services like MDR (managed detection and response),]]> 2023-07-25T15:48:00+00:00 https://thehackernews.com/2023/07/how-mdr-helps-solve-cybersecurity.html www.secnews.physaphae.fr/article.php?IdArticle=8361221 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new security vulnerability has been discovered in AMD\'s Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as CVE-2023-20593 (CVSS score: 6.5) – allows data exfiltration at the rate of 30 kb per core, per second. The]]> 2023-07-25T15:33:00+00:00 https://thehackernews.com/2023/07/zenbleed-new-flaw-in-amd-zen-2.html www.secnews.physaphae.fr/article.php?IdArticle=8361222 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Atlassian has released updates to address three security flaws impacting its Confluence Server, Data Center, and Bamboo Data Center products that, if successfully exploited, could result in remote code execution on susceptible systems. The list of the flaws is below - CVE-2023-22505 (CVSS score: 8.0) - RCE (Remote Code Execution) in Confluence Data Center and Server (Fixed in versions 8.3.2 and]]> 2023-07-25T09:47:00+00:00 https://thehackernews.com/2023/07/atlassian-releases-patches-for-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8361053 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ivanti is warning users to update their Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core) to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as]]> 2023-07-25T09:21:00+00:00 https://thehackernews.com/2023/07/ivanti-releases-urgent-patch-for-epmm.html www.secnews.physaphae.fr/article.php?IdArticle=8361054 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with improved state management. "]]> 2023-07-25T09:06:00+00:00 https://thehackernews.com/2023/07/apple-rolls-out-urgent-patches-for-zero.html www.secnews.physaphae.fr/article.php?IdArticle=8361055 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and]]> 2023-07-24T18:31:00+00:00 https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html www.secnews.physaphae.fr/article.php?IdArticle=8360780 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has announced that it intends to add support for Message Layer Security (MLS) to its Messages service for Android and open source implementation of the specification. "Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform," Giles Hogben, privacy engineering]]> 2023-07-24T18:14:00+00:00 https://thehackernews.com/2023/07/google-messages-getting-cross-platform.html www.secnews.physaphae.fr/article.php?IdArticle=8360781 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven\'t changed in 2023. The U.S. Government\'s Office for Civil Rights reported 145 data breaches in the United States during the first quarter of this year. That follows 707 incidents a year ago, during which over 50 million records were]]> 2023-07-24T17:40:00+00:00 https://thehackernews.com/2023/07/how-to-protect-patients-and-their.html www.secnews.physaphae.fr/article.php?IdArticle=8360782 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH\'s forwarded ssh-agent," Saeed Abbasi, manager of vulnerability research at Qualys, said in an analysis last week.]]> 2023-07-24T14:40:00+00:00 https://thehackernews.com/2023/07/new-openssh-vulnerability-exposes-linux.html www.secnews.physaphae.fr/article.php?IdArticle=8360726 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector. "These attacks showcased advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to it," Checkmarx said in a report published last week. "The attackers]]> 2023-07-24T12:54:00+00:00 https://thehackernews.com/2023/07/banking-sector-targeted-in-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8360694 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has warned that it would rather stop offering iMessage and FaceTime services in the U.K. than bowing down to government pressure in response to new proposals that seek to expand digital surveillance powers available to state intelligence agencies. The development, first reported by BBC News, makes the iPhone maker the latest to join the chorus of voices protesting against forthcoming]]> 2023-07-22T11:06:00+00:00 https://thehackernews.com/2023/07/apple-threatens-to-pull-imessage-and.html www.secnews.physaphae.fr/article.php?IdArticle=8360015 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The recent attack against Microsoft\'s email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD or AAD) tokens to gain illicit access to Outlook Web Access (OWA) and]]> 2023-07-21T20:44:00+00:00 https://thehackernews.com/2023/07/azure-ad-token-forging-technique-in.html www.secnews.physaphae.fr/article.php?IdArticle=8359761 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. "HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, installing more malware, and]]> 2023-07-21T20:35:00+00:00 https://thehackernews.com/2023/07/hotrat-new-variant-of-asyncrat-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8359762 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts. "BundleBot is abusing the dotnet bundle (single-file), self-contained format that results in very low or no static detection at all," Check Point said in a report]]> 2023-07-21T17:40:00+00:00 https://thehackernews.com/2023/07/sophisticated-bundlebot-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8359714 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Regardless of the country, local government is essential in most citizens\' lives. It provides many day-to-day services and handles various issues. Therefore, their effects can be far-reaching and deeply felt when security failures occur. In early 2023, Oakland, California, fell victim to a ransomware attack. Although city officials have not disclosed how the attack occurred, experts suspect a]]> 2023-07-21T17:11:00+00:00 https://thehackernews.com/2023/07/local-governments-targeted-for.html www.secnews.physaphae.fr/article.php?IdArticle=8359715 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several distributed denial-of-service (DDoS) botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker\'s IP address was identified, and it was determined that the attacks were occurring in multiple regions, including Central America, North America,]]> 2023-07-21T14:33:00+00:00 https://thehackernews.com/2023/07/ddos-botnets-hijacking-zyxel-devices-to.html www.secnews.physaphae.fr/article.php?IdArticle=8359660 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices is being abused to drop web shells on vulnerable systems. "In June 2023, threat actors exploited this vulnerability as a zero-day to drop a web shell on a critical]]> 2023-07-21T10:56:00+00:00 https://thehackernews.com/2023/07/citrix-netscaler-adc-and-gateway.html www.secnews.physaphae.fr/article.php?IdArticle=8359580 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software that, if successfully exploited, could allow threat actors to remotely commandeer vulnerable servers and deploy malware. "These new vulnerabilities range in severity from High to Critical, including unauthenticated remote code execution and unauthorized device access with superuser]]> 2023-07-20T22:26:00+00:00 https://thehackernews.com/2023/07/critical-flaws-in-ami-megarac-bmc.html www.secnews.physaphae.fr/article.php?IdArticle=8359336 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mallox ransomware activities in 2023 have witnessed a 174% increase when compared to the previous year, new findings from Palo Alto Networks Unit 42 reveal. "Mallox ransomware, like many other ransomware threat actors, follows the double extortion trend: stealing data before encrypting an organization\'s files, and then threatening to publish the stolen data on a leak site as leverage to convince]]> 2023-07-20T22:26:00+00:00 https://thehackernews.com/2023/07/mallox-ransomware-exploits-weak-ms-sql.html www.secnews.physaphae.fr/article.php?IdArticle=8359337 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state, which allows them to take over any user account, including the admin account," Sonar vulnerability]]> 2023-07-20T21:26:00+00:00 https://thehackernews.com/2023/07/apache-openmeetings-web-conferencing.html www.secnews.physaphae.fr/article.php?IdArticle=8359338 False Tool,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that\'s reminiscent of the supply chain attack targeting 3CX. The findings come from SentinelOne, which mapped out the infrastructure pertaining to the intrusion to uncover underlying patterns. It\'s worth noting]]> 2023-07-20T19:00:00+00:00 https://thehackernews.com/2023/07/north-korean-state-sponsored-hackers.html www.secnews.physaphae.fr/article.php?IdArticle=8359339 False Hack None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) If it seems like Remote Desktop Protocol (RDP) has been around forever, it\'s because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as "Remote Desktop Protocol 4.0," was released in 1996 as part of the Windows NT 4.0 Terminal Server edition and allowed users to remotely access and control Windows-based computers over a]]> 2023-07-20T16:18:00+00:00 https://thehackernews.com/2023/07/a-few-more-reasons-why-rdp-is-insecure.html www.secnews.physaphae.fr/article.php?IdArticle=8359340 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that\'s capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency Response Team of Ukraine (CERT-UA), attributed the attacks to a Russian nation-state actor known as Turla, which is]]> 2023-07-20T15:10:00+00:00 https://thehackernews.com/2023/07/turlas-new-deliverycheck-backdoor.html www.secnews.physaphae.fr/article.php?IdArticle=8359199 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said. "This]]> 2023-07-20T11:42:00+00:00 https://thehackernews.com/2023/07/new-p2pinfect-worm-targeting-redis.html www.secnews.physaphae.fr/article.php?IdArticle=8359134 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Wednesday announced that it\'s expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent espionage attack campaign aimed at its email infrastructure. The tech giant said it\'s making the change in direct response to increasing frequency and evolution of nation-state cyber]]> 2023-07-20T10:36:00+00:00 https://thehackernews.com/2023/07/microsoft-expands-cloud-logging-to.html www.secnews.physaphae.fr/article.php?IdArticle=8359121 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Adobe has released a fresh round of updates to address an incomplete fix for a recently disclosed ColdFusion flaw that has come under active exploitation in the wild. The critical shortcoming, tracked as CVE-2023-38205 (CVSS score: 7.5), has been described as an instance of improper access control that could result in a security bypass. It impacts the following versions: ColdFusion 2023 (Update]]> 2023-07-20T09:01:00+00:00 https://thehackernews.com/2023/07/adobe-rolls-out-new-patches-for.html www.secnews.physaphae.fr/article.php?IdArticle=8359083 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attack surfaces are growing faster than security teams can keep up. To stay ahead, you need to know what\'s exposed and where attackers are most likely to strike. With cloud migration dramatically increasing the number of internal and external targets, prioritizing threats and managing your attack surface from an attacker\'s perspective has never been more important. Let\'s look at why it\'s growing]]> 2023-07-19T17:28:00+00:00 https://thehackernews.com/2023/07/how-to-manage-your-attack-surface.html www.secnews.physaphae.fr/article.php?IdArticle=8358788 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats. "The threat landscape in 5G is dynamic; due to this, advanced monitoring, auditing, and other analytical capabilities are required to meet certain levels of network slicing service level requirements over]]> 2023-07-19T17:20:00+00:00 https://thehackernews.com/2023/07/cisa-and-nsa-issue-new-guidance-to.html www.secnews.physaphae.fr/article.php?IdArticle=8358810 False Threat,Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an established threat actor like APT 41 including mobile in its arsenal of malware shows how mobile endpoints are high-value]]> 2023-07-19T15:50:00+00:00 https://thehackernews.com/2023/07/chinese-apt41-hackers-target-mobile.html www.secnews.physaphae.fr/article.php?IdArticle=8358765 False Malware,Threat APT 41,APT 41 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) On April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market, one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can read the FBI\'s warrant here for details specific to this case. In light of these events, I\'d like to discuss how OSINT]]> 2023-07-19T15:34:00+00:00 https://thehackernews.com/2023/07/exploring-dark-side-osint-tools-and.html www.secnews.physaphae.fr/article.php?IdArticle=8358766 False Tool None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a privilege escalation vulnerability in Google Cloud that could enable malicious actors tamper with application images and infect users, leading to supply chain attacks. The issue, dubbed Bad.Build, is rooted in the Google Cloud Build service, according to cloud security firm Orca, which discovered and reported the issue. "By abusing the flaw and enabling]]> 2023-07-19T15:04:00+00:00 https://thehackernews.com/2023/07/badbuild-flaw-in-google-cloud-build.html www.secnews.physaphae.fr/article.php?IdArticle=8358731 False Vulnerability,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "threatening the privacy and security of individuals and organizations worldwide." This includes the companies\' corporate holdings in Hungary (Cytrox Holdings Crt), North Macedonia (Cytrox AD), Greece]]> 2023-07-19T11:21:00+00:00 https://thehackernews.com/2023/07/us-government-blacklists-cytrox-and.html www.secnews.physaphae.fr/article.php?IdArticle=8358678 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Citrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway that it said is being actively exploited in the wild. Tracked as CVE-2023-3519 (CVSS score: 9.8), the issue relates to a case of code injection that could result in unauthenticated remote code execution. It impacts the following versions - NetScaler ADC and NetScaler Gateway 13.1]]> 2023-07-19T08:51:00+00:00 https://thehackernews.com/2023/07/zero-day-attacks-exploited-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8358619 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unidentified threat actor compromised an application used by multiple entities in Pakistan to deliver ShadowPad, a successor to the PlugX backdoor that\'s commonly associated with Chinese hacking crews. Targets included a Pakistan government entity, a public sector bank, and a telecommunications provider, according to Trend Micro. The infections took place between mid-February 2022 and]]> 2023-07-18T18:28:00+00:00 https://thehackernews.com/2023/07/pakistani-entities-targeted-in.html www.secnews.physaphae.fr/article.php?IdArticle=8358303 False Malware,Threat,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Data associated with a subset of registered customers of VirusTotal, including their names and email addresses, have leaked on the internet. The security incident, which comprises a database of 5,600 names in a 313KB file, was first disclosed by Der Spiegel and Der Standard yesterday. Launched in 2004, VirusTotal is a popular service that analyzes suspicious files and URLs to detect types of]]> 2023-07-18T17:04:00+00:00 https://thehackernews.com/2023/07/virustotal-data-leak-exposes-some.html www.secnews.physaphae.fr/article.php?IdArticle=8358215 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Discover stories about threat actors\' latest tactics, techniques, and procedures from Cybersixgill\'s threat experts each month. Each story brings you details on emerging underground threats, the threat actors involved, and how you can take action to mitigate risks. Learn about the top vulnerabilities and review the latest ransomware and malware trends from the deep and dark web. Stolen ChatGPT]]> 2023-07-18T16:24:00+00:00 https://thehackernews.com/2023/07/go-beyond-headlines-for-deeper-dives.html www.secnews.physaphae.fr/article.php?IdArticle=8358216 False Ransomware,Malware,Vulnerability,Threat ChatGPT,ChatGPT 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-crime group to diversify its focus and maximize profits from infected entities. The intrusion attempt took place in]]> 2023-07-18T15:49:00+00:00 https://thehackernews.com/2023/07/fin8-group-using-modified-sardonic.html www.secnews.physaphae.fr/article.php?IdArticle=8358195 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum as well as having child pornography images. The development, first reported by DataBreaches.net last week, comes nearly four months after Fitzpatrick (aka pompompurin) was formally charged in the U.S. with conspiracy to commit access device]]> 2023-07-18T11:53:00+00:00 https://thehackernews.com/2023/07/owner-of-breachforums-pleads-guilty-to.html www.secnews.physaphae.fr/article.php?IdArticle=8358124 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenticated attackers to impersonate arbitrary users and perform some actions as the impersonated user, including an]]> 2023-07-18T11:26:00+00:00 https://thehackernews.com/2023/07/cybercriminals-exploiting-woocommerce.html www.secnews.physaphae.fr/article.php?IdArticle=8358125 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary "gained unauthorized access to our systems to target a small and specific set of our customers," Bob Phan, chief information security officer (CISO) at JumpCloud, said in a post-mortem report. "The]]> 2023-07-18T08:56:00+00:00 https://thehackernews.com/2023/07/jumpcloud-blames-sophisticated-nation.html www.secnews.physaphae.fr/article.php?IdArticle=8358060 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are taking advantage of Android\'s WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. "The attack began with victims receiving SMS messages suggesting the need to update a mobile banking application," researchers from CSIRT KNF said in an analysis released last week. "The]]> 2023-07-17T18:56:00+00:00 https://thehackernews.com/2023/07/hackers-exploit-webapk-to-deceive.html www.secnews.physaphae.fr/article.php?IdArticle=8357771 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack surface management (ASM) vendor, review these six questions before getting started to understand the key features to]]> 2023-07-17T16:26:00+00:00 https://thehackernews.com/2023/07/these-6-questions-will-help-you-choose.html www.secnews.physaphae.fr/article.php?IdArticle=8357706 False Guideline None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023,  That\'s according to new findings from Mandiant, which detailed two such campaigns – SOGU and SNOWYDRIVE – targeting both public and private sector entities across the world. SOGU is the "most prevalent USB-based cyber espionage attack using USB flash]]> 2023-07-17T16:25:00+00:00 https://thehackernews.com/2023/07/malicious-usb-drives-targetinging.html www.secnews.physaphae.fr/article.php?IdArticle=8357707 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher Cara Lin said. "It primarily targets Windows systems and aims to gather sensitive information from]]> 2023-07-17T14:34:00+00:00 https://thehackernews.com/2023/07/cybercriminals-exploit-microsoft-word.html www.secnews.physaphae.fr/article.php?IdArticle=8357669 False Malware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. "As a vector of primary compromise, for the most part, emails and messages in messengers (Telegram, WhatsApp, Signal) are used, in most cases, using previously compromised accounts," the Computer Emergency Response Team of Ukraine (CERT-UA) said in]]> 2023-07-17T10:47:00+00:00 https://thehackernews.com/2023/07/cert-ua-uncovers-gamaredons-rapid-data.html www.secnews.physaphae.fr/article.php?IdArticle=8357589 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) With generative artificial intelligence (AI) becoming all the rage these days, it\'s perhaps not surprising that the technology has been repurposed by malicious actors to their own advantage, enabling avenues for accelerated cybercrime. According to findings from SlashNext, a new generative AI cybercrime tool called WormGPT has been advertised on underground forums as a way for adversaries to]]> 2023-07-15T16:00:00+00:00 https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html www.secnews.physaphae.fr/article.php?IdArticle=8356940 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Friday said a validation error in its source code allowed for Azure Active Directory (Azure AD) tokens to be forged by a malicious actor known as Storm-0558 using a Microsoft account (MSA) consumer signing key to breach two dozen organizations. "Storm-0558 acquired an inactive MSA consumer signing key and used it to forge authentication tokens for Azure AD enterprise and MSA]]> 2023-07-15T12:11:00+00:00 https://thehackernews.com/2023/07/microsoft-bug-allowed-hackers-to-breach.html www.secnews.physaphae.fr/article.php?IdArticle=8356893 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system (DCS) and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion DCS platform allow for "unauthorized remote code execution, which means an attacker would have]]> 2023-07-14T20:11:00+00:00 https://thehackernews.com/2023/07/critical-security-flaws-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8356565 False Vulnerability,Industrial None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As security practices continue to evolve, one primary concern persists in the minds of security professionals-the risk of employees unintentionally or deliberately exposing vital information. Insider threats, whether originating from deliberate actions or accidental incidents, pose a significant challenge to safeguarding sensitive data. To effectively address insider risks, organizations must]]> 2023-07-14T16:38:00+00:00 https://thehackernews.com/2023/07/defend-against-insider-threats-join.html www.secnews.physaphae.fr/article.php?IdArticle=8356506 False Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) All-In-One Security (AIOS), a WordPress plugin installed on over one million sites, has issued a security update after a bug introduced in version 5.1.9 of the software caused users\' passwords being added to the database in plaintext format. "A malicious site administrator (i.e. a user already logged into the site as an admin) could then have read them," UpdraftPlus, the maintainers of AIOS,]]> 2023-07-14T16:37:00+00:00 https://thehackernews.com/2023/07/aios-wordpress-plugin-faces-backlash.html www.secnews.physaphae.fr/article.php?IdArticle=8356507 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that\'s focused on Azure and Google Cloud Platform (GCP) services, marking the adversary\'s expansion in targeting beyond Amazon Web Services (AWS). The findings come from SentinelOne and Permiso, which said the "campaigns share similarity with tools attributed to the notorious TeamTNT cryptojacking crew,"]]> 2023-07-14T15:42:00+00:00 https://thehackernews.com/2023/07/teamtnts-cloud-credential-stealing.html www.secnews.physaphae.fr/article.php?IdArticle=8356508 False Tool,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new malware strain has been found covertly targeting small office/home office (SOHO) routers for more than two years, infiltrating over 70,000 devices and creating a botnet with 40,000 nodes spanning 20 countries. Lumen Black Lotus Labs has dubbed the malware AVrecon, making it the third such strain to focus on SOHO routers after ZuoRAT and HiatusRAT over the past year. "This makes AVrecon one]]> 2023-07-14T13:10:00+00:00 https://thehackernews.com/2023/07/new-soho-router-botnet-avrecon-spreads.html www.secnews.physaphae.fr/article.php?IdArticle=8356423 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. "A security vulnerability in Zimbra Collaboration Suite Version 8.8.15 that could potentially impact the confidentiality and integrity of your data has surfaced," the company said in an advisory. It also said that the issue has been addressed and that it\'s expected to]]> 2023-07-14T12:35:00+00:00 https://thehackernews.com/2023/07/zimbra-warns-of-critical-zero-day-flaw.html www.secnews.physaphae.fr/article.php?IdArticle=8356424 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023, leverages phishing lures and decoy documents to deploy a downloader malware called PicassoLoader, which]]> 2023-07-13T21:37:00+00:00 https://thehackernews.com/2023/07/picassoloader-malware-used-in-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8356090 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications," Aqua security researchers Ofek Itach and Assaf Morag said in a]]> 2023-07-13T21:25:00+00:00 https://thehackernews.com/2023/07/teamtnts-silentbob-botnet-infecting-196.html www.secnews.physaphae.fr/article.php?IdArticle=8356091 False Cloud Uber 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method. "In this instance, the PoC is a wolf in sheep\'s clothing, harboring malicious intent under the guise of a harmless learning tool," Uptycs researchers Nischay Hegde and Siddartha Malladi said.]]> 2023-07-13T18:26:00+00:00 https://thehackernews.com/2023/07/blog-post.html www.secnews.physaphae.fr/article.php?IdArticle=8355966 False Malware,Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models that could be exploited to achieve remote code execution and denial-of-service (DoS). "The results and impact of exploiting these vulnerabilities vary depending on the ControlLogix system configuration, but]]> 2023-07-13T14:30:00+00:00 https://thehackernews.com/2023/07/rockwell-automation-controllogix-bugs.html www.secnews.physaphae.fr/article.php?IdArticle=8355892 False Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft\'s discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation]]> 2023-07-13T11:44:00+00:00 https://thehackernews.com/2023/07/us-government-agencies-emails.html www.secnews.physaphae.fr/article.php?IdArticle=8355815 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. Of the 15 shortcomings (tracked from CVE-2023-34123 through CVE-2023-34137), four]]> 2023-07-13T10:46:00+00:00 https://thehackernews.com/2023/07/new-vulnerabilities-disclosed-in.html www.secnews.physaphae.fr/article.php?IdArticle=8355729 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than they did a year ago, according to findings from Chainalysis. "Ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June," the blockchain analytics firm said in a midyear crypto crime report]]> 2023-07-12T18:39:00+00:00 https://thehackernews.com/2023/07/ransomware-extortion-skyrockets-in-2023.html www.secnews.physaphae.fr/article.php?IdArticle=8355302 False Ransomware None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory]]> 2023-07-12T16:34:00+00:00 https://thehackernews.com/2023/07/the-risks-and-preventions-of-ai-in.html www.secnews.physaphae.fr/article.php?IdArticle=8355233 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Tuesday revealed that it repelled a cyber attack staged by a Chinese nation-state actor targeting two dozen organizations, some of which include government agencies, in a cyber espionage campaign designed to acquire confidential data. The attacks, which commenced on May 15, 2023, entailed access to email accounts affecting approximately 25 entities and a small number of related]]> 2023-07-12T16:15:00+00:00 https://thehackernews.com/2023/07/microsoft-thwarts-chinese-cyber-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8355234 False General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that\'s engineered to communicate with an actor-controlled attack infrastructure. Trend Micro has attributed the activity cluster to the same actor that was previously identified as behind the FiveSys rootkit, which came to light in October 2021. "This malicious actor originates from China and their main victims are the]]> 2023-07-12T15:56:00+00:00 https://thehackernews.com/2023/07/chinese-hackers-deploy-microsoft-signed.html www.secnews.physaphae.fr/article.php?IdArticle=8355207 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A new fileless attack dubbed PyLoose has been observed striking cloud workloads with the goal of delivering a cryptocurrency miner, new findings from Wiz reveal. "The attack consists of Python code that loads an XMRig Miner directly into memory using memfd, a known Linux fileless technique," security researchers Avigayil Mechtinger, Oren Ofer, and Itamar Gilad said. "This is the first publicly]]> 2023-07-12T13:09:00+00:00 https://thehackernews.com/2023/07/python-based-pyloose-fileless-attack.html www.secnews.physaphae.fr/article.php?IdArticle=8355055 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft on Tuesday released updates to address a total of 130 new security flaws spanning its software, including six zero-day flaws that it said have been actively exploited in the wild. Of the 130 vulnerabilities, nine are rated Critical and 121 are rated Important in severity. This is in addition to eight flaws the tech giant patched in its Chromium-based Edge browser towards the end of]]> 2023-07-12T11:04:00+00:00 https://thehackernews.com/2023/07/microsoft-releases-patches-for-130.html www.secnews.physaphae.fr/article.php?IdArticle=8354973 False General Information None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Microsoft Windows policy loophole has been observed being exploited primarily by native Chinese-speaking threat actors to forge signatures on kernel-mode drivers. "Actors are leveraging multiple open-source tools that alter the signing date of kernel mode drivers to load malicious and unverified drivers signed with expired certificates," Cisco Talos said in an exhaustive two-part report shared]]> 2023-07-11T22:29:00+00:00 https://thehackernews.com/2023/07/hackers-exploit-windows-policy-loophole.html www.secnews.physaphae.fr/article.php?IdArticle=8354561 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Discover all the ways MITRE ATT&CK can help you defend your organization. Build your security strategy and policies by making the most of this important framework. What is the MITRE ATT&CK Framework? MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a widely adopted framework and knowledge base that outlines and categorizes the tactics, techniques, and procedures (TTPs)]]> 2023-07-11T16:45:00+00:00 https://thehackernews.com/2023/07/how-to-apply-mitre-att-to-your.html www.secnews.physaphae.fr/article.php?IdArticle=8354410 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud environments continue to be at the receiving end of an ongoing advanced attack campaign dubbed SCARLETEEL, with the threat actors now setting their sights on Amazon Web Services (AWS) Fargate. "Cloud environments are still their primary target, but the tools and techniques used have adapted to bypass new security measures, along with a more resilient and stealthy command and control]]> 2023-07-11T15:28:00+00:00 https://thehackernews.com/2023/07/scarleteel-cryptojacking-campaign.html www.secnews.physaphae.fr/article.php?IdArticle=8354411 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A developing piece of ransomware called Big Head is being distributed as part of a malvertising campaign that takes the form of bogus Microsoft Windows updates and Word installers. Big Head was first documented by Fortinet FortiGuard Labs last month, when it discovered multiple variants of the ransomware that are designed to encrypt files on victims\' machines in exchange for a cryptocurrency]]> 2023-07-11T14:15:00+00:00 https://thehackernews.com/2023/07/beware-of-big-head-ransomware-spreading.html www.secnews.physaphae.fr/article.php?IdArticle=8354412 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple has released Rapid Security Response updates for iOS, iPadOS, macOS, and Safari web browser to address a zero-day flaw that it said has been actively exploited in the wild. The WebKit bug, cataloged as CVE-2023-37450, could allow threat actors to achieve arbitrary code execution when processing specially crafted web content. The iPhone maker said it addressed the issue with improved checks]]> 2023-07-11T09:38:00+00:00 https://thehackernews.com/2023/07/apple-issues-urgent-patch-for-zero-day.html www.secnews.physaphae.fr/article.php?IdArticle=8354338 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mozilla has announced that some add-ons may be blocked from running on certain sites as part of a new feature called Quarantined Domains. "We have introduced a new back-end feature to only allow some extensions monitored by Mozilla to run on specific websites for various reasons, including security concerns," the company said in its Release Notes for Firefox 115.0 released last week. The company]]> 2023-07-10T18:27:00+00:00 https://thehackernews.com/2023/07/new-mozilla-feature-blocks-risky-add.html www.secnews.physaphae.fr/article.php?IdArticle=8354002 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Businesses operating in the Latin American (LATAM) region are the target of a new Windows-based banking trojan called TOITOIN since May 2023. "This sophisticated campaign employs a trojan that follows a multi-staged infection chain, utilizing specially crafted modules throughout each stage," Zscaler researchers Niraj Shivtarkar and Preet Kamal said in a report published last week. "These modules]]> 2023-07-10T17:52:00+00:00 https://thehackernews.com/2023/07/new-toitoin-banking-trojan-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8353988 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Brick-and-mortar retailers and e-commerce sellers may be locked in a fierce battle for market share, but one area both can agree on is the need to secure their SaaS stack. From communications tools to order management and fulfillment systems, much of today\'s critical retail software lives in SaaS apps in the cloud. Securing those applications is crucial to ongoing operations, chain management,]]> 2023-07-10T17:05:00+00:00 https://thehackernews.com/2023/07/global-retailers-must-keep-eye-on-their.html www.secnews.physaphae.fr/article.php?IdArticle=8353989 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The threat actors behind the RomCom RAT have been suspected of phishing attacks targeting the upcoming NATO Summit in Vilnius as well as an identified organization supporting Ukraine abroad. The findings come from the BlackBerry Threat Research and Intelligence team, which found two malicious documents submitted from a Hungarian IP address on July 4, 2023. RomCom, also tracked under the names]]> 2023-07-10T12:12:00+00:00 https://thehackernews.com/2023/07/romcom-rat-targeting-nato-and-ukraine.html www.secnews.physaphae.fr/article.php?IdArticle=8353990 False Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Malicious actors exploited an unknown flaw in Revolut\'s payment systems to steal more than $20 million of the company\'s funds in early 2022. The development was reported by the Financial Times, citing multiple unnamed sources with knowledge of the incident. The breach has not been disclosed publicly. The fault stemmed from discrepancies between Revolut\'s U.S. and European systems, causing funds]]> 2023-07-10T10:50:00+00:00 https://thehackernews.com/2023/07/hackers-steal-20-million-by-exploiting.html www.secnews.physaphae.fr/article.php?IdArticle=8353991 False Hack,Threat None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two file management apps on the Google Play Store have been discovered to be spyware, putting the privacy and security of up to 1.5 million Android users at risk. These apps engage in deceptive behaviour and secretly send sensitive user data to malicious servers in China. Pradeo, a leading mobile security company, has uncovered this alarming infiltration. The report shows that both spyware apps,]]> 2023-07-08T13:15:00+00:00 https://thehackernews.com/2023/07/two-spyware-apps-on-google-play-with-15.html www.secnews.physaphae.fr/article.php?IdArticle=8353597 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Researchers have issued a warning about an emerging and advanced form of voice phishing (vishing) known as "Letscall." This technique is currently targeting individuals in South Korea. The criminals behind "Letscall" employ a multi-step attack to deceive victims into downloading malicious apps from a counterfeit Google Play Store website. Once the malicious software is installed, it redirects]]> 2023-07-07T23:42:00+00:00 https://thehackernews.com/2023/07/vishing-goes-high-tech-new-letscall.html www.secnews.physaphae.fr/article.php?IdArticle=8353445 False Malware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Progress Software has announced the discovery and patching of a critical SQL injection vulnerability in MOVEit Transfer, popular software used for secure file transfer. In addition, Progress Software has patched two other high-severity vulnerabilities. The identified SQL injection vulnerability, tagged as CVE-2023-36934, could potentially allow unauthenticated attackers to gain unauthorized]]> 2023-07-07T19:31:00+00:00 https://thehackernews.com/2023/07/another-critical-unauthenticated-sqli.html www.secnews.physaphae.fr/article.php?IdArticle=8353388 False Vulnerability,Patching None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called "instances," and it has over 14 million users across more than 20,000 instances. The most critical vulnerability, CVE-2023-36460,]]> 2023-07-07T18:25:00+00:00 https://thehackernews.com/2023/07/mastodon-social-network-patches.html www.secnews.physaphae.fr/article.php?IdArticle=8353367 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) CISOs, security leaders, and SOC teams often struggle with limited visibility into all connections made to their company-owned assets and networks. They are hindered by a lack of open-source intelligence and powerful technology required for proactive, continuous, and effective discovery and protection of their systems, data, and assets. As advanced threat actors constantly search for easily]]> 2023-07-07T16:07:00+00:00 https://thehackernews.com/2023/07/close-security-gaps-with-continuous.html www.secnews.physaphae.fr/article.php?IdArticle=8353343 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft\'s Incident Response team investigated the BlackByte 2.0 ransomware attacks and exposed these cyber strikes\' terrifying velocity and damaging nature. The findings indicate that hackers can complete the entire attack process, from gaining initial access]]> 2023-07-07T15:50:00+00:00 https://thehackernews.com/2023/07/blackbyte-20-ransomware-infiltrate.html www.secnews.physaphae.fr/article.php?IdArticle=8353328 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak flaw affecting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips. This particular]]> 2023-07-07T12:54:00+00:00 https://thehackernews.com/2023/07/google-releases-android-patch-update.html www.secnews.physaphae.fr/article.php?IdArticle=8353303 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) JumpCloud, a provider of cloud-based identity and access management solutions, has swiftly reacted to an ongoing cybersecurity incident that impacted some of its clients. As part of its damage control efforts, JumpCloud has reset the application programming interface (API) keys of all customers affected by this event, aiming to protect their valuable data. The company has informed the concerned]]> 2023-07-07T11:47:00+00:00 https://thehackernews.com/2023/07/jumpcloud-resets-api-keys-amid-ongoing.html www.secnews.physaphae.fr/article.php?IdArticle=8353304 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity agencies have warned about the emergence of new variants of the TrueBot malware. This enhanced threat is now targeting companies in the U.S. and Canada with the intention of extracting confidential data from infiltrated systems. These sophisticated attacks exploit a critical vulnerability (CVE-2022-31199) in the widely used Netwrix Auditor server and its associated agents. This]]> 2023-07-07T10:42:00+00:00 https://thehackernews.com/2023/07/cybersecurity-agencies-sound-alarm-on.html www.secnews.physaphae.fr/article.php?IdArticle=8353305 False Malware,Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating systems with malware. "TA453 eventually used a variety of cloud hosting providers to deliver a novel infection chain that deploys the newly identified PowerShell backdoor GorjolEcho," Proofpoint said in a new report. "When given the opportunity, TA453]]> 2023-07-06T23:36:00+00:00 https://thehackernews.com/2023/07/iranian-hackers-sophisticated-malware.html www.secnews.physaphae.fr/article.php?IdArticle=8353098 False Malware,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity trends. This report offers you an understanding of the evolving threat landscape and highlights the measures required to protect against attacks effectively. It serves as an insight for businesses and individuals seeking to stay informed about the]]> 2023-07-06T16:52:00+00:00 https://thehackernews.com/2023/07/surviving-800-gbps-storm-gain-insights.html www.secnews.physaphae.fr/article.php?IdArticle=8352871 False Threat None 2.0000000000000000