This is the RSS 2.0 feed from www.secnews.physaphae.fr. IT's a simple agragated flow of multiple articles soruces. Liste of sources, can be found on www.secnews.physaphae.fr. 2025-05-10T16:40:54+00:00 www.secnews.physaphae.fr The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack targeting an energy company in the Ukrainian city of Lviv earlier this January. Industrial cybersecurity firm Dragos has dubbed the malware FrostyGoop, describing it as the first malware strain to directly use Modbus TCP]]> 2024-07-23T16:24:00+00:00 https://thehackernews.com/2024/07/new-ics-malware-frostygoop-targeting.html www.secnews.physaphae.fr/article.php?IdArticle=8542679 False Malware,Industrial None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary first-day passwords, which can expose organizations to security risks. Traditionally, IT departments have been cornered into either sharing passwords in plain text via email or SMS, or arranging in-person meetings to verbally communicate these]]> 2024-07-23T15:43:00+00:00 https://thehackernews.com/2024/07/how-to-securely-onboard-new-employees.html www.secnews.physaphae.fr/article.php?IdArticle=8542647 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento e-commerce site\'s checkout page, allowed the malware to survive multiple cleanup attempts, the company said. The skimmer is designed to capture all the data into the credit card form on the]]> 2024-07-23T15:42:00+00:00 https://thehackernews.com/2024/07/magento-sites-targeted-with-sneaky.html www.secnews.physaphae.fr/article.php?IdArticle=8542648 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation (CPC) Network has notified the social media giant of the model adopted on Facebook and Instagram of potentially violating]]> 2024-07-23T15:07:00+00:00 https://thehackernews.com/2024/07/meta-given-deadline-to-address-eu.html www.secnews.physaphae.fr/article.php?IdArticle=8542649 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign targeting a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY. The agency attributed the attack to a threat actor it tracks under the name UAC-0063, which was previously observed targeting various government entities to gather sensitive information using]]> 2024-07-23T14:33:00+00:00 https://thehackernews.com/2024/07/ukrainian-institutions-targeted-using.html www.secnews.physaphae.fr/article.php?IdArticle=8542650 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox. "Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web]]> 2024-07-23T09:58:00+00:00 https://thehackernews.com/2024/07/google-abandons-plan-to-phase-out-third.html www.secnews.physaphae.fr/article.php?IdArticle=8542478 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations. Infoblox is tracking the proprietor]]> 2024-07-22T18:35:00+00:00 https://thehackernews.com/2024/07/experts-uncover-chinese-cybercrime.html www.secnews.physaphae.fr/article.php?IdArticle=8542088 False None None 5.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," Google]]> 2024-07-22T17:56:00+00:00 https://thehackernews.com/2024/07/pineapple-and-fluxroot-hacker-groups.html www.secnews.physaphae.fr/article.php?IdArticle=8542027 False Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization\'s security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already]]> 2024-07-22T16:55:00+00:00 https://thehackernews.com/2024/07/how-to-set-up-automated-sms-analysis.html www.secnews.physaphae.fr/article.php?IdArticle=8541996 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As a vCISO, you are responsible for your client\'s cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along with]]> 2024-07-22T16:11:00+00:00 https://thehackernews.com/2024/07/msps-mssps-how-to-increase-engagement.html www.secnews.physaphae.fr/article.php?IdArticle=8541997 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source "volunteer computing" platform maintained by the University of California with an aim to carry out "large-scale]]> 2024-07-22T12:15:00+00:00 https://thehackernews.com/2024/07/socgholish-malware-exploits-boinc.html www.secnews.physaphae.fr/article.php?IdArticle=8541882 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that\'s designed to target VMWare ESXi environments. "This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in a]]> 2024-07-22T09:26:00+00:00 https://thehackernews.com/2024/07/new-linux-variant-of-play-ransomware.html www.secnews.physaphae.fr/article.php?IdArticle=8541807 False Ransomware,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of a providing a hotfix. The attack chains involve distributing a ZIP archive file named "crowdstrike-hotfix.zip,"]]> 2024-07-20T21:31:00+00:00 https://thehackernews.com/2024/07/cybercriminals-exploit-crowdstrike.html www.secnews.physaphae.fr/article.php?IdArticle=8540987 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said. "The arrest is part of]]> 2024-07-20T09:58:00+00:00 https://thehackernews.com/2024/07/17-year-old-linked-to-scattered-spider.html www.secnews.physaphae.fr/article.php?IdArticle=8540697 False Ransomware,Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company\'s CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted. This is]]> 2024-07-19T18:08:00+00:00 https://thehackernews.com/2024/07/faulty-crowdstrike-update-crashes.html www.secnews.physaphae.fr/article.php?IdArticle=8540253 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario. Astamirov was arrested in Arizona by U.S. law]]> 2024-07-19T18:00:00+00:00 https://thehackernews.com/2024/07/two-russian-nationals-plead-guilty-in.html www.secnews.physaphae.fr/article.php?IdArticle=8540254 False Ransomware None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill\'s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.  In the current cyber threat landscape, the protection of personal and corporate identities has become vital.]]> 2024-07-19T16:30:00+00:00 https://thehackernews.com/2024/07/safeguard-personal-and-corporate.html www.secnews.physaphae.fr/article.php?IdArticle=8540195 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future\'s Insikt Group said. Targets of the ongoing campaign]]> 2024-07-19T14:59:00+00:00 https://thehackernews.com/2024/07/pro-houthi-group-targets-yemen-aid.html www.secnews.physaphae.fr/article.php?IdArticle=8540165 False Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing\'s Product Manager. Key Speakers and Their]]> 2024-07-19T14:25:00+00:00 https://thehackernews.com/2024/07/summary-of-ai-leaders-spill-their.html www.secnews.physaphae.fr/article.php?IdArticle=8540106 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group. "APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims\' networks since]]> 2024-07-19T12:54:00+00:00 https://thehackernews.com/2024/07/apt41-infiltrates-networks-in-italy.html www.secnews.physaphae.fr/article.php?IdArticle=8540107 False None APT 41 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code. Of the 11 vulnerabilities, seven are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining four weaknesses have been rated High in severity, with each of them having a CVSS]]> 2024-07-19T12:43:00+00:00 https://thehackernews.com/2024/07/solarwinds-patches-11-critical-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8540108 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets. "A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal\'s digital asset custody and]]> 2024-07-19T09:37:00+00:00 https://thehackernews.com/2024/07/wazirx-cryptocurrency-exchange-loses.html www.secnews.physaphae.fr/article.php?IdArticle=8540001 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous installer ("HotPage.exe"), according to new findings from ESET. The]]> 2024-07-18T18:56:00+00:00 https://thehackernews.com/2024/07/alert-hotpage-adware-disguised-as-ad.html www.secnews.physaphae.fr/article.php?IdArticle=8539593 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Let\'s face it: AppSec and developers often feel like they\'re on opposing teams. You\'re battling endless vulnerabilities while they just want to ship code. Sound familiar? It\'s a common challenge, but there is a solution. Ever wish they proactively cared about security? The answer lies in a proven, but often overlooked, strategy: Security Champion Programs - a way to turn developers from]]> 2024-07-18T17:15:00+00:00 https://thehackernews.com/2024/07/appsec-webinar-how-to-turn-developers.html www.secnews.physaphae.fr/article.php?IdArticle=8539556 False Vulnerability None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That\'s according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots accounted for 44.5% of the industry\'s web traffic in 2023-a significant jump from 37.4% in 2022. ]]> 2024-07-18T16:30:00+00:00 https://thehackernews.com/2024/07/automated-threats-pose-increasing-risk.html www.secnews.physaphae.fr/article.php?IdArticle=8539521 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. "The vulnerabilities we found could have allowed attackers]]> 2024-07-18T15:03:00+00:00 https://thehackernews.com/2024/07/sap-ai-core-vulnerabilities-expose.html www.secnews.physaphae.fr/article.php?IdArticle=8539491 False Vulnerability,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future\'s Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America,]]> 2024-07-18T14:40:00+00:00 https://thehackernews.com/2024/07/tag-100-new-threat-actor-uses-open.html www.secnews.physaphae.fr/article.php?IdArticle=8539492 False Tool,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta has suspended the use of generative artificial intelligence (GenAI) in Brazil after the country\'s data protection authority issued a preliminary ban objecting to its new privacy policy. The development was first reported by news agency Reuters. The company said it has decided to suspend the tools while it is in talks with Brazil\'s National Data Protection Authority (ANPD) to address the]]> 2024-07-18T11:44:00+00:00 https://thehackernews.com/2024/07/meta-halts-ai-use-in-brazil-following.html www.secnews.physaphae.fr/article.php?IdArticle=8539398 False Tool None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the password of any users, including those belonging to administrative users. The vulnerability, tracked as CVE-2024-20419, carries a CVSS score of 10.0. "This vulnerability is due to improper]]> 2024-07-18T11:31:00+00:00 https://thehackernews.com/2024/07/cisco-warns-of-critical-flaw-affecting.html www.secnews.physaphae.fr/article.php?IdArticle=8539370 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic People\'s Republic of Korea (DPRK) have delivered as part of prior cyber espionage campaigns targeting job seekers. The artifact in question is an Apple macOS disk image (DMG) file named "MiroTalk.dmg" that mimics the legitimate video call service of the same name,]]> 2024-07-17T21:57:00+00:00 https://thehackernews.com/2024/07/north-korean-hackers-update-beavertail.html www.secnews.physaphae.fr/article.php?IdArticle=8538982 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Attacks on your network are often meticulously planned operations launched by sophisticated threats. Sometimes your technical fortifications provide a formidable challenge, and the attack requires assistance from the inside to succeed. For example, in 2022, the FBI issued a warning1 that SIM swap attacks are growing: gain control of the phone and earn a gateway to email, bank accounts, stocks,]]> 2024-07-17T16:39:00+00:00 https://thehackernews.com/2024/07/navigating-insider-risks-are-your.html www.secnews.physaphae.fr/article.php?IdArticle=8538806 False Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely advertise a tool known to be used by ransomware groups like Black Basta. "AvNeutralizer (aka AuKill), a highly specialized tool developed by FIN7 to tamper with security solutions, has been marketed in the criminal underground and used by multiple]]> 2024-07-17T16:03:00+00:00 https://thehackernews.com/2024/07/fin7-group-advertises-security.html www.secnews.physaphae.fr/article.php?IdArticle=8538807 False Ransomware,Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-linked threat actor called APT17 has been observed targeting Italian companies and government entities using a variant of a known malware referred to as 9002 RAT. The two targeted attacks took place on June 24 and July 2, 2024, Italian cybersecurity company TG Soft said in an analysis published last week. "The first campaign on June 24, 2024 used an Office document, while the second]]> 2024-07-17T14:17:00+00:00 https://thehackernews.com/2024/07/china-linked-apt17-targets-italian.html www.secnews.physaphae.fr/article.php?IdArticle=8538711 False Malware,Threat APT 17 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The infamous cybercrime group known as Scattered Spider has incorporated ransomware strains such as RansomHub and Qilin into its arsenal, Microsoft has revealed. Scattered Spider is the designation given to a threat actor that\'s known for its sophisticated social engineering schemes to breach targets and establish persistence for follow-on exploitation and data theft. It also has a history of]]> 2024-07-17T11:20:00+00:00 https://thehackernews.com/2024/07/scattered-spider-adopts-ransomhub-and.html www.secnews.physaphae.fr/article.php?IdArticle=8538650 False Ransomware,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 (CVSS score: 9.8), the vulnerability impacts all versions of the software before 1.3.0. It has been described as a remote command execution flaw in the Gremlin graph traversal language API. "Users are]]> 2024-07-17T10:55:00+00:00 https://thehackernews.com/2024/07/critical-apache-hugegraph-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8538623 False Vulnerability,Threat None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Details have emerged about a "massive ad fraud operation" that leverages hundreds of apps on the Google Play Store to perform a host of nefarious activities. The campaign has been codenamed Konfety – the Russian word for Candy – owing to its abuse of a mobile advertising software development kit (SDK) associated with a Russia-based ad network called CaramelAds. "Konfety represents a new form of]]> 2024-07-16T18:30:00+00:00 https://thehackernews.com/2024/07/konfety-ad-fraud-uses-250-google-play.html www.secnews.physaphae.fr/article.php?IdArticle=8538194 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity-based threats on SaaS applications are a growing concern among security professionals, although few have the capabilities to detect and respond to them.  According to the US Cybersecurity and Infrastructure Security Agency (CISA), 90% of all cyberattacks begin with phishing, an identity-based threat. Throw in attacks that use stolen credentials, over-provisioned accounts, and]]> 2024-07-16T16:30:00+00:00 https://thehackernews.com/2024/07/threat-prevention-detection-in-saas.html www.secnews.physaphae.fr/article.php?IdArticle=8538131 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have identified two malicious packages on the npm package registry that concealed backdoor code to execute malicious commands sent from a remote server. The packages in question – img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy – have been downloaded 190 and 48 times each. As of writing, they have been taken down by the npm security team. "They]]> 2024-07-16T15:39:00+00:00 https://thehackernews.com/2024/07/malicious-npm-packages-found-using.html www.secnews.physaphae.fr/article.php?IdArticle=8538102 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management (RMM) software for maintaining persistent access. That\'s according to independent findings from cybersecurity firms Check Point and Sekoia, which have]]> 2024-07-16T14:43:00+00:00 https://thehackernews.com/2024/07/iranian-hackers-deploy-new-bugsleep.html www.secnews.physaphae.fr/article.php?IdArticle=8538103 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An advanced persistent threat (APT) group called Void Banshee has been observed exploiting a recently disclosed security flaw in the Microsoft MHTML browser engine as a zero-day to deliver an information stealer called Atlantida. Cybersecurity firm Trend Micro, which observed the activity in mid-May 2024, the vulnerability – tracked as CVE-2024-38112 – was used as part of a multi-stage attack]]> 2024-07-16T14:30:00+00:00 https://thehackernews.com/2024/07/void-banshee-apt-exploits-microsoft.html www.secnews.physaphae.fr/article.php?IdArticle=8538070 False Vulnerability,Threat,Prediction None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Russian security vendor Kaspersky has said it\'s exiting the U.S. market nearly a month after the Commerce Department announced a ban on the sale of its software in the country citing a national security risk. News of the closure was first reported by journalist Kim Zetter. The company is expected to wind down its U.S. operations on July 20, 2024, the same day the ban comes into effect. It\'s also]]> 2024-07-16T09:46:00+00:00 https://thehackernews.com/2024/07/kaspersky-exits-us-market-following.html www.secnews.physaphae.fr/article.php?IdArticle=8537944 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer GeoTools to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. GeoServer is an open-source software server written in Java that allows users to share and edit geospatial data. It is the reference implementation of the Open]]> 2024-07-16T09:31:00+00:00 https://thehackernews.com/2024/07/cisa-warns-of-actively-exploited-rce.html www.secnews.physaphae.fr/article.php?IdArticle=8537945 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the GitHub Personal Access Token, said the secret was leaked in a public Docker container hosted on Docker Hub. "This]]> 2024-07-15T21:48:00+00:00 https://thehackernews.com/2024/07/github-token-leak-exposes-pythons-core.html www.secnews.physaphae.fr/article.php?IdArticle=8537645 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Imagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn\'t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that\'s basically the state of things today. Welcome to the infostealer garden of low-hanging fruit. Over the last few years, the problem has grown bigger and bigger, and only now are we]]> 2024-07-15T16:22:00+00:00 https://thehackernews.com/2024/07/10000-victims-day-infostealer-garden-of.html www.secnews.physaphae.fr/article.php?IdArticle=8537473 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a 10x surge, adding it includes "mass scanning, exploiting multiple vulnerabilities, and placing backdoors using multiple [open-source software]]]> 2024-07-15T15:54:00+00:00 https://thehackernews.com/2024/07/crystalray-hackers-infect-over-1500.html www.secnews.physaphae.fr/article.php?IdArticle=8537474 False Tool,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Retail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) on July 9, 2024. "Customers who have activated their digital]]> 2024-07-15T12:49:00+00:00 https://thehackernews.com/2024/07/singapore-banks-to-phase-out-otps-for.html www.secnews.physaphae.fr/article.php?IdArticle=8537411 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. "Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection," Cybereason researchers Kotaro Ogino and Koshi Oyama said in an analysis. "The passphrase needs to be provided during]]> 2024-07-15T10:40:00+00:00 https://thehackernews.com/2024/07/new-hardbit-ransomware-40-uses.html www.secnews.physaphae.fr/article.php?IdArticle=8537331 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) American telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T\'s wireless network. "Threat actors unlawfully accessed an AT&T workspace on a third-party cloud platform and, between April 14 and April 25, 2024, exfiltrated]]> 2024-07-13T11:21:00+00:00 https://thehackernews.com/2024/07/at-confirms-data-breach-affecting.html www.secnews.physaphae.fr/article.php?IdArticle=8536176 False Data Breach,Threat,Mobile,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers running public-facing Samba file shares hosting Visual Basic Script (VBS) and JavaScript files. Targets included North]]> 2024-07-12T20:21:00+00:00 https://thehackernews.com/2024/07/darkgate-malware-exploits-samba-file.html www.secnews.physaphae.fr/article.php?IdArticle=8535780 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Two Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a "complex" law enforcement operation codenamed BURGAZADA. This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husband, a 62-year-old self-employed laborer. Media reports have identified them as Kira Korolev and Igor Korolev,]]> 2024-07-12T17:54:00+00:00 https://thehackernews.com/2024/07/australian-defence-force-private-and.html www.secnews.physaphae.fr/article.php?IdArticle=8535689 False Legislation None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users\' inboxes. The vulnerability, tracked as CVE-2024-39929, has a CVSS score of 9.1 out of 10.0. It has been addressed in version 4.98. "Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass]]> 2024-07-12T16:21:00+00:00 https://thehackernews.com/2024/07/critical-exim-mail-server-vulnerability.html www.secnews.physaphae.fr/article.php?IdArticle=8535649 False Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) In today\'s digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility-and vulnerability. Most people don\'t realize their credentials have been compromised until the damage is done. Imagine waking up to drained bank accounts, stolen identities, or a company\'s]]> 2024-07-12T16:00:00+00:00 https://thehackernews.com/2024/07/ever-wonder-how-hackers-really-steal.html www.secnews.physaphae.fr/article.php?IdArticle=8535620 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. "The social media bot farm used elements of AI to create fictitious social media profiles - often purporting to belong to individuals in the]]> 2024-07-12T14:00:00+00:00 https://thehackernews.com/2024/07/us-seizes-domains-used-by-ai-powered.html www.secnews.physaphae.fr/article.php?IdArticle=8535563 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 (CVSS score: 9.3), the vulnerability has been described as a case of missing authentication in its Expedition migration tool that could lead to an admin account takeover. "Missing authentication]]> 2024-07-11T20:49:00+00:00 https://thehackernews.com/2024/07/palo-alto-networks-patches-critical.html www.secnews.physaphae.fr/article.php?IdArticle=8535088 False Tool,Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Threat actors have been observed publishing a new wave of malicious packages to the NuGet package manager as part of an ongoing campaign that began in August 2023, while also adding a new layer of stealth to evade detection. The fresh packages, about 60 in number and spanning 290 versions, demonstrate a refined approach from the previous set that came to light in October 2023, software supply]]> 2024-07-11T20:36:00+00:00 https://thehackernews.com/2024/07/60-new-malicious-packages-uncovered-in.html www.secnews.physaphae.fr/article.php?IdArticle=8535089 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The China-linked advanced persistent threat (APT) group codenamed APT41 is suspected to be using an "advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector – which is also referred to as DUSTPAN – has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in]]> 2024-07-11T18:01:00+00:00 https://thehackernews.com/2024/07/chinese-apt41-upgrades-malware-arsenal.html www.secnews.physaphae.fr/article.php?IdArticle=8534993 False Malware,Threat APT 41 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Today, all organizations are exposed to the threat of cyber breaches, irrespective of their scale. Historically, larger companies were frequent targets due to their substantial resources, sensitive data, and regulatory responsibilities, whereas smaller entities often underestimated their attractiveness to hackers. However, this assumption is precarious, as cybercriminals frequently exploit]]> 2024-07-11T16:30:00+00:00 https://thehackernews.com/2024/07/streamlined-security-solutions-pam-for.html www.secnews.physaphae.fr/article.php?IdArticle=8534956 False Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan (RAT) called Poco RAT since at least February 2024. The attacks primarily single out mining, manufacturing, hospitality, and utilities sectors, according to cybersecurity company Cofense. "The majority of the custom code in the malware appears to be focused on anti-analysis,]]> 2024-07-11T15:42:00+00:00 https://thehackernews.com/2024/07/new-poco-rat-targets-spanish-speaking.html www.secnews.physaphae.fr/article.php?IdArticle=8534926 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. It]]> 2024-07-11T10:49:00+00:00 https://thehackernews.com/2024/07/php-vulnerability-exploited-to-spread.html www.secnews.physaphae.fr/article.php?IdArticle=8534774 False Malware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CE/EE affecting versions 15.8 prior to 16.11.6, 17.0 prior to]]> 2024-07-11T09:21:00+00:00 https://thehackernews.com/2024/07/gitlab-patches-critical-flaw-allowing.html www.secnews.physaphae.fr/article.php?IdArticle=8534717 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities. Initial access to the target]]> 2024-07-10T18:36:00+00:00 https://thehackernews.com/2024/07/new-ransomware-group-exploiting-veeam.html www.secnews.physaphae.fr/article.php?IdArticle=8534322 False Ransomware,Vulnerability,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:  53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 2024 were zero-days. More mass compromise events arose from zero-day vulnerabilities than from n-day vulnerabilities.]]> 2024-07-10T17:00:00+00:00 https://thehackernews.com/2024/07/smash-and-grab-extortion.html www.secnews.physaphae.fr/article.php?IdArticle=8534217 False Vulnerability,Threat,Studies None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity. The fixes are in addition to 33 vulnerabilities that have been addressed in the Chromium-based Edge browser]]> 2024-07-10T16:35:00+00:00 https://thehackernews.com/2024/07/microsofts-july-update-patches-143.html www.secnews.physaphae.fr/article.php?IdArticle=8534218 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) It\'s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine art, found in APT and top cybercrime groups only, to a commodity skill used in almost every ransomware attack. The]]> 2024-07-10T16:30:00+00:00 https://thehackernews.com/2024/07/true-protection-or-false-promise.html www.secnews.physaphae.fr/article.php?IdArticle=8534219 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Google on Wednesday announced that it\'s making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP - now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords. Based on]]> 2024-07-10T15:36:00+00:00 https://thehackernews.com/2024/07/google-adds-passkeys-to-advanced.html www.secnews.physaphae.fr/article.php?IdArticle=8534183 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that\'s widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News.]]> 2024-07-10T12:50:00+00:00 https://thehackernews.com/2024/07/crypto-analysts-expose-huione.html www.secnews.physaphae.fr/article.php?IdArticle=8534114 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a PowerShell environment within AutoIt for operations," Trellix security researchers Mathanraj Thangaraju and Sijo Jacob]]> 2024-07-10T11:05:00+00:00 https://thehackernews.com/2024/07/vipersoftx-malware-disguises-as-ebooks.html www.secnews.physaphae.fr/article.php?IdArticle=8534052 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of code execution in the privsep child process due to a race condition in signal handling. It only impacts versions 8.7p1]]> 2024-07-10T08:56:00+00:00 https://thehackernews.com/2024/07/new-openssh-vulnerability-discovered.html www.secnews.physaphae.fr/article.php?IdArticle=8533993 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allows certain Access-Request messages to have no integrity or authentication checks," InkBridge]]> 2024-07-09T18:09:00+00:00 https://thehackernews.com/2024/07/radius-protocol-vulnerability-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8533506 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have found that it\'s possible for attackers to weaponize improperly configured Jenkins Script Console instances to further criminal activities such as cryptocurrency mining. "Misconfigurations such as improperly set up authentication mechanisms expose the \'/script\' endpoint to attackers," Trend Micro\'s Shubham Singh and Sunil Bharti said in a technical write-up]]> 2024-07-09T17:20:00+00:00 https://thehackernews.com/2024/07/hackers-exploiting-jenkins-script.html www.secnews.physaphae.fr/article.php?IdArticle=8533441 False Prediction,Technical None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Clear Web vs. Deep Web vs. Dark Web Threat intelligence professionals divide the internet into three main components: Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites. Deep Web - Websites and forums that are unindexed by search engines. For example, webmail, online banking, corporate intranets, walled gardens, etc. Some]]> 2024-07-09T16:30:00+00:00 https://thehackernews.com/2024/07/humint-diving-deep-into-dark-web.html www.secnews.physaphae.fr/article.php?IdArticle=8533409 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Military personnel from Middle East countries are the target of an ongoing surveillanceware operation that delivers an Android data-gathering tool called GuardZoo. The campaign, believed to have commenced as early as October 2019, has been attributed to a Houthi-aligned threat actor based on the application lures, command-and-control (C2) server logs, targeting footprint, and the attack]]> 2024-07-09T15:35:00+00:00 https://thehackernews.com/2024/07/guardzoo-malware-targets-over-450.html www.secnews.physaphae.fr/article.php?IdArticle=8533410 False Malware,Tool,Threat,Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. have released a joint advisory about a China-linked cyber espionage group called APT40, warning about its ability to co-opt exploits for newly disclosed security flaws within hours or days of public release. "APT 40 has previously targeted organizations in various countries, including]]> 2024-07-09T11:26:00+00:00 https://thehackernews.com/2024/07/cybersecurity-agencies-warn-of-china.html www.secnews.physaphae.fr/article.php?IdArticle=8533291 False Threat APT 40 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unknown threat actors have been found propagating trojanized versions of jQuery on npm, GitHub, and jsDelivr in what appears to be an instance of a "complex and persistent" supply chain attack. "This attack stands out due to the high variability across packages," Phylum said in an analysis published last week. "The attacker has cleverly hidden the malware in the seldom-used \'end\' function of]]> 2024-07-09T10:18:00+00:00 https://thehackernews.com/2024/07/trojanized-jquery-packages-found-on-npm.html www.secnews.physaphae.fr/article.php?IdArticle=8533241 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A previously undocumented advanced persistent threat (APT) group dubbed CloudSorcerer has been observed targeting Russian government entities by leveraging cloud services for command-and-control (C2) and data exfiltration. Cybersecurity firm Kaspersky, which discovered the activity in May 2024, the tradecraft adopted by the threat actor bears similarities with that of CloudWizard, but pointed]]> 2024-07-08T21:12:00+00:00 https://thehackernews.com/2024/07/new-apt-group-cloudsorcerer-targets.html www.secnews.physaphae.fr/article.php?IdArticle=8532915 False Threat,Cloud None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An analysis of information-stealing malware logs published on the dark web has led to the discovery of thousands of consumers of child sexual abuse material (CSAM), indicating how such information could be used to combat serious crimes. "Approximately 3,300 unique users were found with accounts on known CSAM sources," Recorded Future said in a proof-of-concept (PoC) report published last week. "]]> 2024-07-08T20:38:00+00:00 https://thehackernews.com/2024/07/dark-web-malware-logs-expose-3300-users.html www.secnews.physaphae.fr/article.php?IdArticle=8532887 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An emerging ransomware-as-a-service (RaaS) operation called Eldorado comes with locker variants to encrypt files on Windows and Linux systems. Eldorado first appeared on March 16, 2024, when an advertisement for the affiliate program was posted on the ransomware forum RAMP, Singapore-headquartered Group-IB said. The cybersecurity firm, which infiltrated the ransomware group, noted that its]]> 2024-07-08T18:45:00+00:00 https://thehackernews.com/2024/07/new-ransomware-as-service-eldorado.html www.secnews.physaphae.fr/article.php?IdArticle=8532852 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Events like the recent massive CDK ransomware attack – which shuttered car dealerships across the U.S. in late June 2024 – barely raise public eyebrows anymore.  Yet businesses, and the people that lead them, are justifiably jittery. Every CISO knows that cybersecurity is an increasingly hot topic for executives and board members alike. And when the inevitable CISO/Board briefing rolls]]> 2024-07-08T16:30:00+00:00 https://thehackernews.com/2024/07/5-key-questions-cisos-must-ask.html www.secnews.physaphae.fr/article.php?IdArticle=8532762 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Financial institutions in Latin America are being threatened by a banking trojan called Mekotio (aka Melcoz). That\'s according to findings from Trend Micro, which said it recently observed a surge in cyber attacks distributing the Windows malware. Mekotio, known to be actively put to use since 2015, is known to target Latin American countries like Brazil, Chile, Mexico, Spain, Peru, and Portugal]]> 2024-07-08T15:23:00+00:00 https://thehackernews.com/2024/07/experts-warn-of-mekotio-banking-trojan.html www.secnews.physaphae.fr/article.php?IdArticle=8532731 False Malware,Prediction None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Four unpatched security flaws, including three critical ones, have been disclosed in the Gogs open-source, self-hosted Git service that could enable an authenticated attacker to breach susceptible instances, steal or wipe source code, and even plant backdoors. The vulnerabilities, according to SonarSource researchers Thomas Chauchefoin and Paul Gerste, are listed below - CVE-2024-39930 (CVSS]]> 2024-07-08T12:25:00+00:00 https://thehackernews.com/2024/07/critical-vulnerabilities-disclosed-in.html www.secnews.physaphae.fr/article.php?IdArticle=8532676 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia\'s state communications watchdog Roskomnadzor, Russian news media reported. This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It\'s worth noting that NordVPN previously shut]]> 2024-07-08T11:58:00+00:00 https://thehackernews.com/2024/07/apple-removes-vpn-apps-from-russian-app.html www.secnews.physaphae.fr/article.php?IdArticle=8532625 False Mobile None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Identity theft isn\'t just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials. The stakes are high: ransomware attacks, lateral movement, and devastating data breaches. Don\'t be caught off guard. Join us for a groundbreaking webinar that will change the way you approach cybersecurity.]]> 2024-07-05T18:00:00+00:00 https://thehackernews.com/2024/07/webinar-alert-learn-how-itdr-solutions.html www.secnews.physaphae.fr/article.php?IdArticle=8531136 False Ransomware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) French cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps reported by Akamai as targeting a large European bank in June 2020. The 840 Mpps DDoS attack is said to have been a combination of a TCP]]> 2024-07-05T17:50:00+00:00 https://thehackernews.com/2024/07/ovhcloud-hit-with-record-840-million.html www.secnews.physaphae.fr/article.php?IdArticle=8531137 False Cloud None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The attack surface isn\'t what it once was and it\'s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you\'ve clicked on this article, there\'s a good chance you\'re looking for solutions to manage this risk. In 2022, a new framework was coined by Gartner]]> 2024-07-05T16:30:00+00:00 https://thehackernews.com/2024/07/blueprint-for-success-implementing-ctem.html www.secnews.physaphae.fr/article.php?IdArticle=8531108 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurity firm Cybereason said in an analysis published last week. "While some of the particulars of GootLoader payloads have]]> 2024-07-05T14:10:00+00:00 https://thehackernews.com/2024/07/gootloader-malware-delivers-new.html www.secnews.physaphae.fr/article.php?IdArticle=8531053 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This includes references to "https://cdn.polyfill[.]io" or "https://cdn.polyfill[.]com" in their HTTP responses, the attack]]> 2024-07-05T09:48:00+00:00 https://thehackernews.com/2024/07/polyfillio-attack-impacts-over-380000.html www.secnews.physaphae.fr/article.php?IdArticle=8530935 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have uncovered a new botnet called Zergeca that\'s capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers ("ootheca[.]pw" and "ootheca[.]top"). "Functionally, Zergeca is not just a typical DDoS botnet; besides supporting six]]> 2024-07-05T09:22:00+00:00 https://thehackernews.com/2024/07/new-golang-based-zergeca-botnet-capable.html www.secnews.physaphae.fr/article.php?IdArticle=8530936 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Microsoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus involves two custom classes that can be abused to upload and load a malicious DLL into the device," security researcher]]> 2024-07-04T14:40:00+00:00 https://thehackernews.com/2024/07/microsoft-uncovers-critical-flaws-in.html www.secnews.physaphae.fr/article.php?IdArticle=8530493 False Vulnerability None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Brazil\'s data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users\' personal data to train the company\'s artificial intelligence (AI) algorithms. The ANPD said it found "evidence of processing of personal data based on inadequate legal hypothesis, lack of transparency, limitation of the rights of data subjects, and risks to]]> 2024-07-04T12:28:00+00:00 https://thehackernews.com/2024/07/brazil-halts-metas-ai-data-processing.html www.secnews.physaphae.fr/article.php?IdArticle=8530383 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike.  The crackdown targeted older, unlicensed versions of the Cobalt Strike red teaming framework between June 24 and 28, according to Europol. Of the 690 IP addresses that were flagged to]]> 2024-07-04T09:29:00+00:00 https://thehackernews.com/2024/07/global-police-operation-shuts-down-600.html www.secnews.physaphae.fr/article.php?IdArticle=8530333 False Legislation None 4.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users\' cell phone numbers. The company said it took steps to secure the endpoint to no longer accept unauthenticated requests. The development comes days after an online persona named ShinyHunters]]> 2024-07-04T09:07:00+00:00 https://thehackernews.com/2024/07/twilios-authy-app-breach-exposes.html www.secnews.physaphae.fr/article.php?IdArticle=8530308 False Threat,Cloud None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Recently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but are also finding that the exponential growth of digital data in recent years has overwhelmed many traditional OSINT]]> 2024-07-03T16:30:00+00:00 https://thehackernews.com/2024/07/the-emerging-role-of-ai-in-open-source.html www.secnews.physaphae.fr/article.php?IdArticle=8529889 False None None 2.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Unknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor user activities, capture sensitive information, and establish persistence on compromised systems," Fortinet FortiGuard]]> 2024-07-03T15:23:00+00:00 https://thehackernews.com/2024/07/microsoft-mshtml-flaw-exploited-to.html www.secnews.physaphae.fr/article.php?IdArticle=8529806 False Tool,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as IcedID, Lumma, RedLine, SmokeLoader, SectopRAT, and Ursnif," the company said in a Tuesday analysis. Drive-by attacks]]> 2024-07-03T12:35:00+00:00 https://thehackernews.com/2024/07/fakebat-loader-malware-spreads-widely.html www.secnews.physaphae.fr/article.php?IdArticle=8529750 False Malware None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Cybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, "leverage target-specific infrastructure and custom WordPress websites as a payload delivery mechanism, but affect a variety of entities across unrelated verticals, and rely on]]> 2024-07-03T09:26:00+00:00 https://thehackernews.com/2024/07/israeli-entities-targeted-by.html www.secnews.physaphae.fr/article.php?IdArticle=8529673 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) An unnamed South Korean enterprise resource planning (ERP) vendor\'s product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the]]> 2024-07-03T09:03:00+00:00 https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html www.secnews.physaphae.fr/article.php?IdArticle=8529674 False Malware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) The cybersecurity threat landscape has witnessed a dramatic and alarming rise in the average ransomware payment, an increase exceeding 500%. Sophos, a global leader in cybersecurity, revealed in its annual "State of Ransomware 2024" report that the average ransom payment has increased 500% in the last year with organizations that paid a ransom reporting an average payment of $2 million, up from]]> 2024-07-02T16:30:00+00:00 https://thehackernews.com/2024/07/how-mfa-failures-are-fueling-500-surge.html www.secnews.physaphae.fr/article.php?IdArticle=8529434 False Ransomware,Threat None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that could be exploited to leak sensitive information from the processors. The attack, codenamed Indirector by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen, leverages shortcomings identified in Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB]]> 2024-07-02T15:58:00+00:00 https://thehackernews.com/2024/07/new-intel-cpu-vulnerability-indirector.html www.secnews.physaphae.fr/article.php?IdArticle=8529435 False Vulnerability None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) Meta\'s decision to offer an ad-free subscription in the European Union (E.U.) has faced a new setback after regulators accused the social media behemoth of breaching the bloc\'s competition rules by forcing users to choose between seeing ads or paying to avoid them. The European Commission said the company\'s "pay or consent" advertising model is in contravention of the Digital Markets Act (DMA).]]> 2024-07-02T10:40:00+00:00 https://thehackernews.com/2024/07/metas-pay-or-consent-approach-faces-eu.html www.secnews.physaphae.fr/article.php?IdArticle=8529383 False None None 3.0000000000000000 The Hacker News - The Hacker News est un blog de news de hack (surprenant non?) A China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware. The vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected]]> 2024-07-02T10:18:00+00:00 https://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html www.secnews.physaphae.fr/article.php?IdArticle=8529384 False Malware,Vulnerability,Threat None 3.0000000000000000